00001
00016 #include <stdlib.h>
00017 #include <stdio.h>
00018 #include <stdarg.h>
00019 #include <unistd.h>
00020 #include <string.h>
00021 #include <time.h>
00022 #include <signal.h>
00023 #ifndef CONFIG_NATIVE_WINDOWS
00024 #include <netinet/in.h>
00025 #endif
00026
00027 #include "common.h"
00028 #include "eapol_sm.h"
00029 #include "eap.h"
00030 #include "wpa.h"
00031 #include "eloop.h"
00032 #include "wpa_supplicant.h"
00033 #include "config.h"
00034 #include "l2_packet.h"
00035 #include "wpa_supplicant_i.h"
00036 #include "ctrl_iface.h"
00037 #include "pcsc_funcs.h"
00038 #include "version.h"
00039 #include "preauth.h"
00040 #include "wpa_ctrl.h"
00041
00042 const char *wpa_supplicant_version =
00043 "wpa_supplicant v" VERSION_STR "\n"
00044 "Copyright (c) 2003-2005, Jouni Malinen <[email protected]> and contributors";
00045
00046 const char *wpa_supplicant_license =
00047 "This program is free software. You can distribute it and/or modify it\n"
00048 "under the terms of the GNU General Public License version 2.\n"
00049 "\n"
00050 "Alternatively, this software may be distributed under the terms of the\n"
00051 "BSD license. See README and COPYING for more details.\n"
00052 #ifdef EAP_TLS_FUNCS
00053 "\nThis product includes software developed by the OpenSSL Project\n"
00054 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
00055 #endif
00056 ;
00057
00058 #ifndef CONFIG_NO_STDOUT_DEBUG
00059 const char *wpa_supplicant_full_license =
00060 "This program is free software; you can redistribute it and/or modify\n"
00061 "it under the terms of the GNU General Public License version 2 as\n"
00062 "published by the Free Software Foundation.\n"
00063 "\n"
00064 "This program is distributed in the hope that it will be useful,\n"
00065 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
00066 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
00067 "GNU General Public License for more details.\n"
00068 "\n"
00069 "You should have received a copy of the GNU General Public License\n"
00070 "along with this program; if not, write to the Free Software\n"
00071 "Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\n"
00072 "\n"
00073 "Alternatively, this software may be distributed under the terms of the\n"
00074 "BSD license.\n"
00075 "\n"
00076 "Redistribution and use in source and binary forms, with or without\n"
00077 "modification, are permitted provided that the following conditions are\n"
00078 "met:\n"
00079 "\n"
00080 "1. Redistributions of source code must retain the above copyright\n"
00081 " notice, this list of conditions and the following disclaimer.\n"
00082 "\n"
00083 "2. Redistributions in binary form must reproduce the above copyright\n"
00084 " notice, this list of conditions and the following disclaimer in the\n"
00085 " documentation and/or other materials provided with the distribution.\n"
00086 "\n"
00087 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
00088 " names of its contributors may be used to endorse or promote products\n"
00089 " derived from this software without specific prior written permission.\n"
00090 "\n"
00091 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
00092 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
00093 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
00094 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"
00095 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
00096 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
00097 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
00098 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
00099 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
00100 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
00101 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
00102 "\n";
00103 #endif
00104
00105 extern struct wpa_driver_ops *wpa_supplicant_drivers[];
00106
00107 extern int wpa_debug_level;
00108 extern int wpa_debug_show_keys;
00109 extern int wpa_debug_timestamp;
00110
00111 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx);
00112
00113 void wpa_msg(struct wpa_supplicant *wpa_s, int level, char *fmt, ...)
00114 {
00115 va_list ap;
00116 char *buf;
00117 const int buflen = 2048;
00118 int len;
00119
00120 buf = malloc(buflen);
00121 if (buf == NULL) {
00122 printf("Failed to allocate message buffer for:\n");
00123 va_start(ap, fmt);
00124 vprintf(fmt, ap);
00125 printf("\n");
00126 va_end(ap);
00127 return;
00128 }
00129 va_start(ap, fmt);
00130 len = vsnprintf(buf, buflen, fmt, ap);
00131 va_end(ap);
00132 wpa_printf(level, "%s", buf);
00133 wpa_supplicant_ctrl_iface_send(wpa_s, level, buf, len);
00134 free(buf);
00135 }
00136
00137
00138 static u8 * wpa_alloc_eapol(const struct wpa_supplicant *wpa_s, u8 type,
00139 const void *data, u16 data_len,
00140 size_t *msg_len, void **data_pos)
00141 {
00142 struct ieee802_1x_hdr *hdr;
00143
00144 *msg_len = sizeof(*hdr) + data_len;
00145 hdr = malloc(*msg_len);
00146 if (hdr == NULL)
00147 return NULL;
00148
00149 hdr->version = wpa_s->conf->eapol_version;
00150 hdr->type = type;
00151 hdr->length = htons(data_len);
00152
00153 if (data)
00154 memcpy(hdr + 1, data, data_len);
00155 else
00156 memset(hdr + 1, 0, data_len);
00157
00158 if (data_pos)
00159 *data_pos = hdr + 1;
00160
00161 return (u8 *) hdr;
00162 }
00163
00164
00174 int wpa_ether_send(struct wpa_supplicant *wpa_s, const u8 *dest, u16 proto,
00175 const u8 *buf, size_t len)
00176 {
00177 if (wpa_s->l2) {
00178 return l2_packet_send(wpa_s->l2, dest, proto, buf, len);
00179 }
00180
00181 return wpa_drv_send_eapol(wpa_s, dest, proto, buf, len);
00182 }
00183
00184
00185 #ifdef IEEE8021X_EAPOL
00186
00197 static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
00198 size_t len)
00199 {
00200 struct wpa_supplicant *wpa_s = ctx;
00201 u8 *msg, *dst, bssid[ETH_ALEN];
00202 size_t msglen;
00203 int res;
00204
00205
00206
00207
00208 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
00209 wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
00210
00211
00212
00213 wpa_printf(MSG_DEBUG, "WPA: drop TX EAPOL in non-IEEE 802.1X "
00214 "mode (type=%d len=%lu)", type,
00215 (unsigned long) len);
00216 return -1;
00217 }
00218
00219 if (pmksa_cache_get_current(wpa_s->wpa) &&
00220 type == IEEE802_1X_TYPE_EAPOL_START) {
00221
00222
00223 wpa_printf(MSG_DEBUG, "RSN: PMKSA caching - do not send "
00224 "EAPOL-Start");
00225 return -1;
00226 }
00227
00228 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0) {
00229 wpa_printf(MSG_DEBUG, "BSSID not set when trying to send an "
00230 "EAPOL frame");
00231 if (wpa_drv_get_bssid(wpa_s, bssid) == 0 &&
00232 memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
00233 dst = bssid;
00234 wpa_printf(MSG_DEBUG, "Using current BSSID " MACSTR
00235 " from the driver as the EAPOL destination",
00236 MAC2STR(dst));
00237 } else {
00238 dst = wpa_s->last_eapol_src;
00239 wpa_printf(MSG_DEBUG, "Using the source address of the"
00240 " last received EAPOL frame " MACSTR " as "
00241 "the EAPOL destination",
00242 MAC2STR(dst));
00243 }
00244 } else {
00245
00246
00247 dst = wpa_s->bssid;
00248 }
00249
00250 msg = wpa_alloc_eapol(wpa_s, type, buf, len, &msglen, NULL);
00251 if (msg == NULL)
00252 return -1;
00253
00254 wpa_hexdump(MSG_MSGDUMP, "TX EAPOL", msg, msglen);
00255 res = wpa_ether_send(wpa_s, dst, ETH_P_EAPOL, msg, msglen);
00256 free(msg);
00257 return res;
00258 }
00259
00260
00272 static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
00273 const u8 *key, size_t keylen)
00274 {
00275 struct wpa_supplicant *wpa_s = ctx;
00276 return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
00277 unicast ? wpa_s->bssid :
00278 (u8 *) "\xff\xff\xff\xff\xff\xff",
00279 keyidx, unicast, (u8 *) "", 0, key, keylen);
00280 }
00281 #endif
00282
00283
00284 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
00285 static void wpa_supplicant_set_config_blob(void *ctx,
00286 struct wpa_config_blob *blob)
00287 {
00288 struct wpa_supplicant *wpa_s = ctx;
00289 wpa_config_set_blob(wpa_s->conf, blob);
00290 }
00291
00292
00293 static const struct wpa_config_blob *
00294 wpa_supplicant_get_config_blob(void *ctx, const char *name)
00295 {
00296 struct wpa_supplicant *wpa_s = ctx;
00297 return wpa_config_get_blob(wpa_s->conf, name);
00298 }
00299 #endif
00300
00301
00302
00303 static int wpa_set_wep_key(void *ctx, int set_tx, int keyidx, const u8 *key,
00304 size_t keylen)
00305 {
00306 struct wpa_supplicant *wpa_s = ctx;
00307 return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
00308 (u8 *) "\xff\xff\xff\xff\xff\xff",
00309 keyidx, set_tx, (u8 *) "", 0, key, keylen);
00310 }
00311
00312
00313 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
00314 struct wpa_ssid *ssid)
00315 {
00316 u8 key[32];
00317 size_t keylen;
00318 wpa_alg alg;
00319 u8 seq[6] = { 0 };
00320
00321
00322
00323
00324 if (ssid->mode != IEEE80211_MODE_IBSS) {
00325 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
00326 "for WPA-None", ssid->mode);
00327 return -1;
00328 }
00329
00330 if (!ssid->psk_set) {
00331 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
00332 return -1;
00333 }
00334
00335 switch (wpa_s->group_cipher) {
00336 case WPA_CIPHER_CCMP:
00337 memcpy(key, ssid->psk, 16);
00338 keylen = 16;
00339 alg = WPA_ALG_CCMP;
00340 break;
00341 case WPA_CIPHER_TKIP:
00342
00343 memcpy(key, ssid->psk, 16 + 8);
00344 memcpy(key + 16 + 8, ssid->psk + 16, 8);
00345 keylen = 32;
00346 alg = WPA_ALG_TKIP;
00347 break;
00348 default:
00349 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
00350 "WPA-None", wpa_s->group_cipher);
00351 return -1;
00352 }
00353
00354
00355
00356
00357 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
00358 0, 1, seq, 6, key, keylen);
00359 }
00360
00361
00362 #ifdef IEEE8021X_EAPOL
00363 static void wpa_supplicant_notify_eapol_done(void *ctx)
00364 {
00365 struct wpa_supplicant *wpa_s = ctx;
00366 wpa_msg(wpa_s, MSG_DEBUG, "WPA: EAPOL processing complete");
00367 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X) {
00368 wpa_supplicant_set_state(wpa_s, WPA_4WAY_HANDSHAKE);
00369 } else {
00370 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00371 wpa_supplicant_cancel_auth_timeout(wpa_s);
00372 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
00373 }
00374 }
00375 #endif
00376
00377
00378 struct wpa_blacklist * wpa_blacklist_get(struct wpa_supplicant *wpa_s,
00379 const u8 *bssid)
00380 {
00381 struct wpa_blacklist *e;
00382
00383 e = wpa_s->blacklist;
00384 while (e) {
00385 if (memcmp(e->bssid, bssid, ETH_ALEN) == 0)
00386 return e;
00387 e = e->next;
00388 }
00389
00390 return NULL;
00391 }
00392
00393
00394 int wpa_blacklist_add(struct wpa_supplicant *wpa_s, const u8 *bssid)
00395 {
00396 struct wpa_blacklist *e;
00397
00398 e = wpa_blacklist_get(wpa_s, bssid);
00399 if (e) {
00400 e->count++;
00401 wpa_printf(MSG_DEBUG, "BSSID " MACSTR " blacklist count "
00402 "incremented to %d",
00403 MAC2STR(bssid), e->count);
00404 return 0;
00405 }
00406
00407 e = malloc(sizeof(*e));
00408 if (e == NULL)
00409 return -1;
00410 memset(e, 0, sizeof(*e));
00411 memcpy(e->bssid, bssid, ETH_ALEN);
00412 e->count = 1;
00413 e->next = wpa_s->blacklist;
00414 wpa_s->blacklist = e;
00415 wpa_printf(MSG_DEBUG, "Added BSSID " MACSTR " into blacklist",
00416 MAC2STR(bssid));
00417
00418 return 0;
00419 }
00420
00421
00422 int wpa_blacklist_del(struct wpa_supplicant *wpa_s, const u8 *bssid)
00423 {
00424 struct wpa_blacklist *e, *prev = NULL;
00425
00426 e = wpa_s->blacklist;
00427 while (e) {
00428 if (memcmp(e->bssid, bssid, ETH_ALEN) == 0) {
00429 if (prev == NULL) {
00430 wpa_s->blacklist = e->next;
00431 } else {
00432 prev->next = e->next;
00433 }
00434 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
00435 "blacklist", MAC2STR(bssid));
00436 free(e);
00437 return 0;
00438 }
00439 prev = e;
00440 e = e->next;
00441 }
00442 return -1;
00443 }
00444
00445
00446 void wpa_blacklist_clear(struct wpa_supplicant *wpa_s)
00447 {
00448 struct wpa_blacklist *e, *prev;
00449
00450 e = wpa_s->blacklist;
00451 wpa_s->blacklist = NULL;
00452 while (e) {
00453 prev = e;
00454 e = e->next;
00455 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
00456 "blacklist (clear)", MAC2STR(prev->bssid));
00457 free(prev);
00458 }
00459 }
00460
00461
00462 const char * wpa_ssid_txt(u8 *ssid, size_t ssid_len)
00463 {
00464 static char ssid_txt[MAX_SSID_LEN + 1];
00465 char *pos;
00466
00467 if (ssid_len > MAX_SSID_LEN)
00468 ssid_len = MAX_SSID_LEN;
00469 memcpy(ssid_txt, ssid, ssid_len);
00470 ssid_txt[ssid_len] = '\0';
00471 for (pos = ssid_txt; *pos != '\0'; pos++) {
00472 if ((u8) *pos < 32 || (u8) *pos >= 127)
00473 *pos = '_';
00474 }
00475 return ssid_txt;
00476 }
00477
00478
00479 void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
00480 {
00481 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan request: %d sec %d usec",
00482 sec, usec);
00483 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00484 eloop_register_timeout(sec, usec, wpa_supplicant_scan, wpa_s, NULL);
00485 }
00486
00487
00488 void wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s)
00489 {
00490 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling scan request");
00491 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00492 }
00493
00494
00495 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
00496 {
00497 struct wpa_supplicant *wpa_s = eloop_ctx;
00498 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
00499 MAC2STR(wpa_s->bssid));
00500 wpa_blacklist_add(wpa_s, wpa_s->bssid);
00501 wpa_sm_notify_disassoc(wpa_s->wpa);
00502 wpa_supplicant_disassociate(wpa_s, REASON_DEAUTH_LEAVING);
00503 wpa_s->reassociate = 1;
00504 wpa_supplicant_req_scan(wpa_s, 0, 0);
00505 }
00506
00507
00508 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
00509 int sec, int usec)
00510 {
00511 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
00512 wpa_s->driver && strcmp(wpa_s->driver->name, "wired") == 0)
00513 return;
00514
00515 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
00516 "%d usec", sec, usec);
00517 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
00518 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
00519 }
00520
00521
00522 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
00523 {
00524 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
00525 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
00526 wpa_blacklist_del(wpa_s, wpa_s->bssid);
00527 }
00528
00529
00530 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
00531 {
00532 struct eapol_config eapol_conf;
00533 struct wpa_ssid *ssid = wpa_s->current_ssid;
00534
00535 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK) {
00536 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
00537 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
00538 }
00539 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
00540 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
00541 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
00542 else
00543 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
00544
00545 memset(&eapol_conf, 0, sizeof(eapol_conf));
00546 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
00547 eapol_conf.accept_802_1x_keys = 1;
00548 eapol_conf.required_keys = 0;
00549 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
00550 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
00551 }
00552 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
00553 eapol_conf.required_keys |=
00554 EAPOL_REQUIRE_KEY_BROADCAST;
00555 }
00556
00557 if (wpa_s->conf && wpa_s->driver &&
00558 strcmp(wpa_s->driver->name, "wired") == 0) {
00559 eapol_conf.required_keys = 0;
00560 }
00561 }
00562 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
00563 eapol_conf.workaround = ssid->eap_workaround;
00564 eapol_conf.eap_disabled = wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X &&
00565 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA;
00566 eapol_sm_notify_config(wpa_s->eapol, ssid, &eapol_conf);
00567 }
00568
00569
00570 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
00571 struct wpa_ssid *ssid)
00572 {
00573 int i;
00574
00575 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
00576 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
00577 else
00578 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
00579 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
00580 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
00581 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
00582 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
00583 wpa_s->group_cipher = WPA_CIPHER_NONE;
00584
00585 for (i = 0; i < NUM_WEP_KEYS; i++) {
00586 if (ssid->wep_key_len[i] > 5) {
00587 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
00588 wpa_s->group_cipher = WPA_CIPHER_WEP104;
00589 break;
00590 } else if (ssid->wep_key_len[i] > 0) {
00591 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
00592 wpa_s->group_cipher = WPA_CIPHER_WEP40;
00593 break;
00594 }
00595 }
00596
00597 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
00598 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
00599 wpa_s->pairwise_cipher);
00600 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
00601
00602 pmksa_cache_clear_current(wpa_s->wpa);
00603 }
00604
00605
00606 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
00607 {
00608 scard_deinit(wpa_s->scard);
00609 wpa_s->scard = NULL;
00610 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
00611 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
00612 l2_packet_deinit(wpa_s->l2);
00613 wpa_s->l2 = NULL;
00614
00615 wpa_supplicant_ctrl_iface_deinit(wpa_s);
00616 if (wpa_s->conf != NULL) {
00617 wpa_config_free(wpa_s->conf);
00618 wpa_s->conf = NULL;
00619 }
00620
00621 free(wpa_s->confname);
00622 wpa_s->confname = NULL;
00623
00624 wpa_sm_set_eapol(wpa_s->wpa, NULL);
00625 eapol_sm_deinit(wpa_s->eapol);
00626 wpa_s->eapol = NULL;
00627
00628 rsn_preauth_deinit(wpa_s->wpa);
00629
00630 pmksa_candidate_free(wpa_s->wpa);
00631 pmksa_cache_free(wpa_s->wpa);
00632 wpa_sm_deinit(wpa_s->wpa);
00633 wpa_s->wpa = NULL;
00634 wpa_blacklist_clear(wpa_s);
00635
00636 free(wpa_s->scan_results);
00637 wpa_s->scan_results = NULL;
00638 wpa_s->num_scan_results = 0;
00639
00640 wpa_supplicant_cancel_scan(wpa_s);
00641 }
00642
00643
00644 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
00645 {
00646 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
00647
00648 if (wpa_s->keys_cleared) {
00649
00650
00651
00652
00653
00654
00655
00656 wpa_printf(MSG_DEBUG, "No keys have been configured - "
00657 "skip key clearing");
00658 return;
00659 }
00660
00661 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
00662 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
00663 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
00664 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
00665 if (addr) {
00666 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
00667 0);
00668 }
00669 wpa_s->keys_cleared = 1;
00670 }
00671
00672
00673 const char * wpa_supplicant_state_txt(int state)
00674 {
00675 switch (state) {
00676 case WPA_DISCONNECTED:
00677 return "DISCONNECTED";
00678 case WPA_INACTIVE:
00679 return "INACTIVE";
00680 case WPA_SCANNING:
00681 return "SCANNING";
00682 case WPA_ASSOCIATING:
00683 return "ASSOCIATING";
00684 case WPA_ASSOCIATED:
00685 return "ASSOCIATED";
00686 case WPA_4WAY_HANDSHAKE:
00687 return "4WAY_HANDSHAKE";
00688 case WPA_GROUP_HANDSHAKE:
00689 return "GROUP_HANDSHAKE";
00690 case WPA_COMPLETED:
00691 return "COMPLETED";
00692 default:
00693 return "UNKNOWN";
00694 }
00695 }
00696
00697
00698 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
00699 {
00700 wpa_printf(MSG_DEBUG, "State: %s -> %s",
00701 wpa_supplicant_state_txt(wpa_s->wpa_state),
00702 wpa_supplicant_state_txt(state));
00703 if (state == WPA_COMPLETED && wpa_s->new_connection) {
00704 wpa_s->new_connection = 0;
00705 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
00706 MACSTR " completed %s",
00707 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
00708 "(reauth)" : "(auth)");
00709 wpa_s->reassociated_connection = 1;
00710 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
00711 state == WPA_ASSOCIATED) {
00712 wpa_s->new_connection = 1;
00713 }
00714 wpa_s->wpa_state = state;
00715 }
00716
00717
00718 wpa_states wpa_supplicant_get_state(struct wpa_supplicant *wpa_s)
00719 {
00720 return wpa_s->wpa_state;
00721 }
00722
00723
00724 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
00725 void *signal_ctx)
00726 {
00727 struct wpa_global *global = eloop_ctx;
00728 struct wpa_supplicant *wpa_s;
00729 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
00730 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
00731 "received", sig);
00732 }
00733 eloop_terminate();
00734 }
00735
00736
00737 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
00738 {
00739 struct wpa_config *conf;
00740 int reconf_ctrl;
00741 if (wpa_s->confname == NULL)
00742 return -1;
00743 conf = wpa_config_read(wpa_s->confname);
00744 if (conf == NULL) {
00745 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
00746 "file '%s' - exiting", wpa_s->confname);
00747 return -1;
00748 }
00749
00750 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
00751 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
00752 strcmp(conf->ctrl_interface, wpa_s->conf->ctrl_interface)
00753 != 0);
00754
00755 if (reconf_ctrl)
00756 wpa_supplicant_ctrl_iface_deinit(wpa_s);
00757
00758 wpa_s->current_ssid = NULL;
00759
00760
00761
00762
00763 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
00764 wpa_sm_set_config(wpa_s->wpa, NULL);
00765 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
00766 pmksa_cache_notify_reconfig(wpa_s->wpa);
00767 rsn_preauth_deinit(wpa_s->wpa);
00768 wpa_config_free(wpa_s->conf);
00769 wpa_s->conf = conf;
00770 if (reconf_ctrl)
00771 wpa_supplicant_ctrl_iface_init(wpa_s);
00772 wpa_s->reassociate = 1;
00773 wpa_supplicant_req_scan(wpa_s, 0, 0);
00774 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
00775 return 0;
00776 }
00777
00778
00779 #ifndef CONFIG_NATIVE_WINDOWS
00780 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
00781 void *signal_ctx)
00782 {
00783 struct wpa_global *global = eloop_ctx;
00784 struct wpa_supplicant *wpa_s;
00785 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
00786 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
00787 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
00788 eloop_terminate();
00789 }
00790 }
00791 }
00792 #endif
00793
00794
00795 static void wpa_supplicant_gen_assoc_event(struct wpa_supplicant *wpa_s)
00796 {
00797 struct wpa_ssid *ssid;
00798 union wpa_event_data data;
00799
00800 ssid = wpa_supplicant_get_ssid(wpa_s);
00801 if (ssid == NULL)
00802 return;
00803
00804 if (wpa_s->current_ssid == NULL)
00805 wpa_s->current_ssid = ssid;
00806 wpa_supplicant_initiate_eapol(wpa_s);
00807 wpa_printf(MSG_DEBUG, "Already associated with a configured network - "
00808 "generating associated event");
00809 memset(&data, 0, sizeof(data));
00810 wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data);
00811 }
00812
00813
00814 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
00815 {
00816 struct wpa_supplicant *wpa_s = eloop_ctx;
00817 struct wpa_ssid *ssid;
00818 int enabled, scan_req = 0;
00819
00820 if (wpa_s->disconnected)
00821 return;
00822
00823 enabled = 0;
00824 ssid = wpa_s->conf->ssid;
00825 while (ssid) {
00826 if (!ssid->disabled) {
00827 enabled++;
00828 break;
00829 }
00830 ssid = ssid->next;
00831 }
00832 if (!enabled && !wpa_s->scan_req) {
00833 wpa_printf(MSG_DEBUG, "No enabled networks - do not scan");
00834 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
00835 return;
00836 }
00837 scan_req = wpa_s->scan_req;
00838 wpa_s->scan_req = 0;
00839
00840 if (wpa_s->conf->ap_scan == 0) {
00841 wpa_supplicant_gen_assoc_event(wpa_s);
00842 return;
00843 }
00844
00845 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
00846 wpa_s->wpa_state == WPA_INACTIVE)
00847 wpa_supplicant_set_state(wpa_s, WPA_SCANNING);
00848
00849 ssid = wpa_s->conf->ssid;
00850 if (wpa_s->prev_scan_ssid != BROADCAST_SSID_SCAN) {
00851 while (ssid) {
00852 if (ssid == wpa_s->prev_scan_ssid) {
00853 ssid = ssid->next;
00854 break;
00855 }
00856 ssid = ssid->next;
00857 }
00858 }
00859 while (ssid) {
00860 if (!ssid->disabled &&
00861 (ssid->scan_ssid || wpa_s->conf->ap_scan == 2))
00862 break;
00863 ssid = ssid->next;
00864 }
00865
00866 if (scan_req != 2 && wpa_s->conf->ap_scan == 2) {
00867
00868
00869
00870
00871 if (ssid == NULL)
00872 return;
00873 if (ssid->next) {
00874
00875 wpa_s->prev_scan_ssid = ssid;
00876 } else {
00877
00878 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
00879 }
00880 wpa_supplicant_associate(wpa_s, NULL, ssid);
00881 return;
00882 }
00883
00884 wpa_printf(MSG_DEBUG, "Starting AP scan (%s SSID)",
00885 ssid ? "specific": "broadcast");
00886 if (ssid) {
00887 wpa_hexdump_ascii(MSG_DEBUG, "Scan SSID",
00888 ssid->ssid, ssid->ssid_len);
00889 wpa_s->prev_scan_ssid = ssid;
00890 } else
00891 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
00892
00893 if (wpa_drv_scan(wpa_s, ssid ? ssid->ssid : NULL,
00894 ssid ? ssid->ssid_len : 0)) {
00895 wpa_printf(MSG_WARNING, "Failed to initiate AP scan.");
00896 wpa_supplicant_req_scan(wpa_s, 10, 0);
00897 }
00898 }
00899
00900
00901 static wpa_cipher cipher_suite2driver(int cipher)
00902 {
00903 switch (cipher) {
00904 case WPA_CIPHER_NONE:
00905 return CIPHER_NONE;
00906 case WPA_CIPHER_WEP40:
00907 return CIPHER_WEP40;
00908 case WPA_CIPHER_WEP104:
00909 return CIPHER_WEP104;
00910 case WPA_CIPHER_CCMP:
00911 return CIPHER_CCMP;
00912 case WPA_CIPHER_TKIP:
00913 default:
00914 return CIPHER_TKIP;
00915 }
00916 }
00917
00918
00919 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
00920 {
00921 switch (key_mgmt) {
00922 case WPA_KEY_MGMT_NONE:
00923 return KEY_MGMT_NONE;
00924 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
00925 return KEY_MGMT_802_1X_NO_WPA;
00926 case WPA_KEY_MGMT_IEEE8021X:
00927 return KEY_MGMT_802_1X;
00928 case WPA_KEY_MGMT_WPA_NONE:
00929 return KEY_MGMT_WPA_NONE;
00930 case WPA_KEY_MGMT_PSK:
00931 default:
00932 return KEY_MGMT_PSK;
00933 }
00934 }
00935
00936
00937 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
00938 struct wpa_ssid *ssid,
00939 struct wpa_ie_data *ie)
00940 {
00941 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
00942 if (ret) {
00943 if (ret == -2) {
00944 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
00945 "from association info");
00946 }
00947 return -1;
00948 }
00949
00950 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
00951 "suites");
00952 if (!(ie->group_cipher & ssid->group_cipher)) {
00953 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
00954 "cipher 0x%x (mask 0x%x) - reject",
00955 ie->group_cipher, ssid->group_cipher);
00956 return -1;
00957 }
00958 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
00959 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
00960 "cipher 0x%x (mask 0x%x) - reject",
00961 ie->pairwise_cipher, ssid->pairwise_cipher);
00962 return -1;
00963 }
00964 if (!(ie->key_mgmt & ssid->key_mgmt)) {
00965 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
00966 "management 0x%x (mask 0x%x) - reject",
00967 ie->key_mgmt, ssid->key_mgmt);
00968 return -1;
00969 }
00970
00971 return 0;
00972 }
00973
00974
00975 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
00976 struct wpa_scan_result *bss,
00977 struct wpa_ssid *ssid,
00978 u8 *wpa_ie, size_t *wpa_ie_len)
00979 {
00980 struct wpa_ie_data ie;
00981 int sel, proto;
00982
00983 if (bss && bss->rsn_ie_len && (ssid->proto & WPA_PROTO_RSN) &&
00984 wpa_parse_wpa_ie(bss->rsn_ie, bss->rsn_ie_len, &ie) == 0 &&
00985 (ie.group_cipher & ssid->group_cipher) &&
00986 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
00987 (ie.key_mgmt & ssid->key_mgmt)) {
00988 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
00989 proto = WPA_PROTO_RSN;
00990 } else if (bss && bss->wpa_ie_len && (ssid->proto & WPA_PROTO_WPA) &&
00991 wpa_parse_wpa_ie(bss->wpa_ie, bss->wpa_ie_len, &ie) == 0 &&
00992 (ie.group_cipher & ssid->group_cipher) &&
00993 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
00994 (ie.key_mgmt & ssid->key_mgmt)) {
00995 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
00996 proto = WPA_PROTO_WPA;
00997 } else if (bss) {
00998 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
00999 return -1;
01000 } else {
01001 if (ssid->proto & WPA_PROTO_RSN)
01002 proto = WPA_PROTO_RSN;
01003 else
01004 proto = WPA_PROTO_WPA;
01005 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
01006 memset(&ie, 0, sizeof(ie));
01007 ie.group_cipher = ssid->group_cipher;
01008 ie.pairwise_cipher = ssid->pairwise_cipher;
01009 ie.key_mgmt = ssid->key_mgmt;
01010 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
01011 "on configuration");
01012 }
01013 }
01014
01015 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
01016 "pairwise %d key_mgmt %d",
01017 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt);
01018
01019 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
01020
01021 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss ? bss->wpa_ie : NULL,
01022 bss ? bss->wpa_ie_len : 0) ||
01023 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss ? bss->rsn_ie : NULL,
01024 bss ? bss->rsn_ie_len : 0))
01025 return -1;
01026
01027 sel = ie.group_cipher & ssid->group_cipher;
01028 if (sel & WPA_CIPHER_CCMP) {
01029 wpa_s->group_cipher = WPA_CIPHER_CCMP;
01030 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
01031 } else if (sel & WPA_CIPHER_TKIP) {
01032 wpa_s->group_cipher = WPA_CIPHER_TKIP;
01033 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
01034 } else if (sel & WPA_CIPHER_WEP104) {
01035 wpa_s->group_cipher = WPA_CIPHER_WEP104;
01036 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
01037 } else if (sel & WPA_CIPHER_WEP40) {
01038 wpa_s->group_cipher = WPA_CIPHER_WEP40;
01039 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
01040 } else {
01041 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
01042 return -1;
01043 }
01044
01045 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
01046 if (sel & WPA_CIPHER_CCMP) {
01047 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
01048 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
01049 } else if (sel & WPA_CIPHER_TKIP) {
01050 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
01051 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
01052 } else if (sel & WPA_CIPHER_NONE) {
01053 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
01054 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
01055 } else {
01056 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
01057 "cipher.");
01058 return -1;
01059 }
01060
01061 sel = ie.key_mgmt & ssid->key_mgmt;
01062 if (sel & WPA_KEY_MGMT_IEEE8021X) {
01063 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
01064 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
01065 } else if (sel & WPA_KEY_MGMT_PSK) {
01066 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
01067 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
01068 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
01069 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
01070 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
01071 } else {
01072 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
01073 "key management type.");
01074 return -1;
01075 }
01076
01077 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
01078 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
01079 wpa_s->pairwise_cipher);
01080 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
01081
01082 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
01083 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
01084 return -1;
01085 }
01086
01087 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
01088 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
01089 else
01090 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
01091
01092 return 0;
01093 }
01094
01095
01096 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
01097 struct wpa_scan_result *bss,
01098 struct wpa_ssid *ssid)
01099 {
01100 u8 wpa_ie[80];
01101 size_t wpa_ie_len;
01102 int use_crypt;
01103 int algs = AUTH_ALG_OPEN_SYSTEM;
01104 int cipher_pairwise, cipher_group;
01105 struct wpa_driver_associate_params params;
01106 int wep_keys_set = 0;
01107 struct wpa_driver_capa capa;
01108
01109 wpa_s->reassociate = 0;
01110 if (bss) {
01111 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
01112 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
01113 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
01114 memset(wpa_s->bssid, 0, ETH_ALEN);
01115 } else {
01116 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
01117 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
01118 }
01119 wpa_supplicant_cancel_scan(wpa_s);
01120
01121
01122
01123 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
01124
01125 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01126 if (ssid->leap) {
01127 if (ssid->non_leap == 0)
01128 algs = AUTH_ALG_LEAP;
01129 else
01130 algs |= AUTH_ALG_LEAP;
01131 }
01132 }
01133 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
01134 if (ssid->auth_alg) {
01135 algs = 0;
01136 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
01137 algs |= AUTH_ALG_OPEN_SYSTEM;
01138 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
01139 algs |= AUTH_ALG_SHARED_KEY;
01140 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
01141 algs |= AUTH_ALG_LEAP;
01142 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
01143 algs);
01144 }
01145 wpa_drv_set_auth_alg(wpa_s, algs);
01146
01147 if (bss && (bss->wpa_ie_len || bss->rsn_ie_len) &&
01148 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK))) {
01149 int try_opportunistic;
01150 try_opportunistic = ssid->proactive_key_caching &&
01151 (ssid->proto & WPA_PROTO_RSN);
01152 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
01153 wpa_s->current_ssid,
01154 try_opportunistic) == 0)
01155 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
01156 wpa_ie_len = sizeof(wpa_ie);
01157 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
01158 wpa_ie, &wpa_ie_len)) {
01159 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
01160 "management and encryption suites");
01161 return;
01162 }
01163 } else if (ssid->key_mgmt &
01164 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
01165 WPA_KEY_MGMT_WPA_NONE)) {
01166 wpa_ie_len = sizeof(wpa_ie);
01167 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
01168 wpa_ie, &wpa_ie_len)) {
01169 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
01170 "management and encryption suites (no scan "
01171 "results)");
01172 return;
01173 }
01174 } else {
01175 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
01176 wpa_ie_len = 0;
01177 }
01178
01179 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
01180 use_crypt = 1;
01181 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
01182 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
01183 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
01184 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01185 int i;
01186 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
01187 use_crypt = 0;
01188 for (i = 0; i < NUM_WEP_KEYS; i++) {
01189 if (ssid->wep_key_len[i]) {
01190 use_crypt = 1;
01191 wep_keys_set = 1;
01192 wpa_set_wep_key(wpa_s,
01193 i == ssid->wep_tx_keyidx,
01194 i, ssid->wep_key[i],
01195 ssid->wep_key_len[i]);
01196 }
01197 }
01198 }
01199
01200 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01201 if ((ssid->eapol_flags &
01202 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
01203 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
01204 !wep_keys_set) {
01205 use_crypt = 0;
01206 } else {
01207
01208
01209
01210 cipher_pairwise = cipher_group = CIPHER_WEP104;
01211 }
01212 }
01213
01214 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
01215
01216 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
01217 }
01218
01219 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
01220 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
01221 memset(¶ms, 0, sizeof(params));
01222 if (bss) {
01223 params.bssid = bss->bssid;
01224 params.ssid = bss->ssid;
01225 params.ssid_len = bss->ssid_len;
01226 params.freq = bss->freq;
01227 } else {
01228 params.ssid = ssid->ssid;
01229 params.ssid_len = ssid->ssid_len;
01230 }
01231 params.wpa_ie = wpa_ie;
01232 params.wpa_ie_len = wpa_ie_len;
01233 params.pairwise_suite = cipher_pairwise;
01234 params.group_suite = cipher_group;
01235 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
01236 params.auth_alg = algs;
01237 params.mode = ssid->mode;
01238 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
01239 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
01240 "failed");
01241
01242
01243 }
01244
01245 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
01246
01247
01248 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
01249
01250
01251 wpa_supplicant_cancel_auth_timeout(wpa_s);
01252 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
01253 } else {
01254
01255 wpa_supplicant_req_auth_timeout(wpa_s, wpa_s->conf->ap_scan ==
01256 1 ? 10 : 60, 0);
01257 }
01258
01259 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
01260 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
01261
01262 int i;
01263 for (i = 0; i < NUM_WEP_KEYS; i++) {
01264 if (ssid->wep_key_len[i]) {
01265 wpa_set_wep_key(wpa_s,
01266 i == ssid->wep_tx_keyidx,
01267 i, ssid->wep_key[i],
01268 ssid->wep_key_len[i]);
01269 }
01270 }
01271 }
01272
01273 wpa_s->current_ssid = ssid;
01274 wpa_sm_set_config(wpa_s->wpa, wpa_s->current_ssid);
01275 wpa_supplicant_initiate_eapol(wpa_s);
01276 }
01277
01278
01279 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
01280 int reason_code)
01281 {
01282 u8 *addr = NULL;
01283 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
01284 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
01285 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
01286 addr = wpa_s->bssid;
01287 }
01288 wpa_clear_keys(wpa_s, addr);
01289 wpa_s->current_ssid = NULL;
01290 wpa_sm_set_config(wpa_s->wpa, NULL);
01291 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
01292 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01293 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01294 }
01295
01296
01297 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
01298 int reason_code)
01299 {
01300 u8 *addr = NULL;
01301 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
01302 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
01303 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
01304 addr = wpa_s->bssid;
01305 }
01306 wpa_clear_keys(wpa_s, addr);
01307 wpa_s->current_ssid = NULL;
01308 wpa_sm_set_config(wpa_s->wpa, NULL);
01309 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
01310 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01311 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01312 }
01313
01314
01315 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
01316 {
01317 #define SCAN_AP_LIMIT 128
01318 struct wpa_scan_result *results, *tmp;
01319 int num;
01320
01321 results = malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
01322 if (results == NULL) {
01323 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
01324 "results");
01325 return -1;
01326 }
01327
01328 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
01329 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
01330 if (num < 0) {
01331 wpa_printf(MSG_DEBUG, "Failed to get scan results");
01332 free(results);
01333 return -1;
01334 }
01335 if (num > SCAN_AP_LIMIT) {
01336 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
01337 num, SCAN_AP_LIMIT);
01338 num = SCAN_AP_LIMIT;
01339 }
01340
01341
01342 tmp = realloc(results, num * sizeof(struct wpa_scan_result));
01343 if (tmp || num == 0) {
01344 results = tmp;
01345 }
01346
01347 free(wpa_s->scan_results);
01348 wpa_s->scan_results = results;
01349 wpa_s->num_scan_results = num;
01350
01351 return 0;
01352 }
01353
01354
01355 #ifndef CONFIG_NO_WPA
01356 static int wpa_get_beacon_ie(struct wpa_supplicant *wpa_s)
01357 {
01358 int i, ret = 0;
01359 struct wpa_scan_result *results, *curr = NULL;
01360
01361 results = wpa_s->scan_results;
01362 if (results == NULL) {
01363 return -1;
01364 }
01365
01366 for (i = 0; i < wpa_s->num_scan_results; i++) {
01367 if (memcmp(results[i].bssid, wpa_s->bssid, ETH_ALEN) == 0) {
01368 curr = &results[i];
01369 break;
01370 }
01371 }
01372
01373 if (curr) {
01374 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, curr->wpa_ie,
01375 curr->wpa_ie_len) ||
01376 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, curr->rsn_ie,
01377 curr->rsn_ie_len))
01378 ret = -1;
01379 } else {
01380 ret = -1;
01381 }
01382
01383 return ret;
01384 }
01385
01386
01387 static int wpa_supplicant_get_beacon_ie(void *ctx)
01388 {
01389 struct wpa_supplicant *wpa_s = ctx;
01390 if (wpa_get_beacon_ie(wpa_s) == 0) {
01391 return 0;
01392 }
01393
01394
01395
01396 if (wpa_supplicant_get_scan_results(wpa_s) < 0) {
01397 return -1;
01398 }
01399
01400 return wpa_get_beacon_ie(wpa_s);
01401 }
01402 #endif
01403
01404
01412 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
01413 {
01414 struct wpa_ssid *entry;
01415 u8 ssid[MAX_SSID_LEN];
01416 int ssid_len;
01417 u8 bssid[ETH_ALEN];
01418
01419 ssid_len = wpa_drv_get_ssid(wpa_s, ssid);
01420 if (ssid_len < 0) {
01421 wpa_printf(MSG_WARNING, "Could not read SSID from driver.");
01422 return NULL;
01423 }
01424
01425 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
01426 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
01427 return NULL;
01428 }
01429
01430 entry = wpa_s->conf->ssid;
01431 while (entry) {
01432 if (!entry->disabled &&
01433 ssid_len == entry->ssid_len &&
01434 memcmp(ssid, entry->ssid, ssid_len) == 0 &&
01435 (!entry->bssid_set ||
01436 memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
01437 return entry;
01438 entry = entry->next;
01439 }
01440
01441 return NULL;
01442 }
01443
01444
01445 #ifndef CONFIG_NO_WPA
01446 static u8 * _wpa_alloc_eapol(void *wpa_s, u8 type,
01447 const void *data, u16 data_len,
01448 size_t *msg_len, void **data_pos)
01449 {
01450 return wpa_alloc_eapol(wpa_s, type, data, data_len, msg_len, data_pos);
01451 }
01452
01453
01454 static int _wpa_ether_send(void *wpa_s, const u8 *dest, u16 proto,
01455 const u8 *buf, size_t len)
01456 {
01457 return wpa_ether_send(wpa_s, dest, proto, buf, len);
01458 }
01459
01460
01461 static void _wpa_supplicant_req_scan(void *wpa_s, int sec, int usec)
01462 {
01463 wpa_supplicant_req_scan(wpa_s, sec, usec);
01464 }
01465
01466
01467 static void _wpa_supplicant_cancel_auth_timeout(void *wpa_s)
01468 {
01469 wpa_supplicant_cancel_auth_timeout(wpa_s);
01470 }
01471
01472
01473 static void _wpa_supplicant_set_state(void *wpa_s, wpa_states state)
01474 {
01475 wpa_supplicant_set_state(wpa_s, state);
01476 }
01477
01478
01479 static wpa_states _wpa_supplicant_get_state(void *wpa_s)
01480 {
01481 return wpa_supplicant_get_state(wpa_s);
01482 }
01483
01484
01485 static void _wpa_supplicant_disassociate(void *wpa_s, int reason_code)
01486 {
01487 wpa_supplicant_disassociate(wpa_s, reason_code);
01488 }
01489
01490
01491 static void _wpa_supplicant_deauthenticate(void *wpa_s, int reason_code)
01492 {
01493 wpa_supplicant_deauthenticate(wpa_s, reason_code);
01494 }
01495
01496
01497 static struct wpa_ssid * _wpa_supplicant_get_ssid(void *wpa_s)
01498 {
01499 return wpa_supplicant_get_ssid(wpa_s);
01500 }
01501
01502
01503 static int wpa_supplicant_get_bssid(void *wpa_s, u8 *bssid)
01504 {
01505 return wpa_drv_get_bssid(wpa_s, bssid);
01506 }
01507
01508
01509 static int wpa_supplicant_set_key(void *wpa_s, wpa_alg alg,
01510 const u8 *addr, int key_idx, int set_tx,
01511 const u8 *seq, size_t seq_len,
01512 const u8 *key, size_t key_len)
01513 {
01514 return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len,
01515 key, key_len);
01516 }
01517
01518
01519 static int wpa_supplicant_add_pmkid(void *wpa_s,
01520 const u8 *bssid, const u8 *pmkid)
01521 {
01522 return wpa_drv_add_pmkid(wpa_s, bssid, pmkid);
01523 }
01524
01525
01526 static int wpa_supplicant_remove_pmkid(void *wpa_s,
01527 const u8 *bssid, const u8 *pmkid)
01528 {
01529 return wpa_drv_remove_pmkid(wpa_s, bssid, pmkid);
01530 }
01531 #endif
01532
01533
01534 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
01535 const char *name)
01536 {
01537 int i;
01538
01539 if (wpa_s == NULL)
01540 return -1;
01541
01542 if (wpa_supplicant_drivers[0] == NULL) {
01543 wpa_printf(MSG_ERROR, "No driver interfaces build into "
01544 "wpa_supplicant.");
01545 return -1;
01546 }
01547
01548 if (name == NULL) {
01549
01550 wpa_s->driver = wpa_supplicant_drivers[0];
01551 return 0;
01552 }
01553
01554 for (i = 0; wpa_supplicant_drivers[i]; i++) {
01555 if (strcmp(name, wpa_supplicant_drivers[i]->name) == 0) {
01556 wpa_s->driver = wpa_supplicant_drivers[i];
01557 return 0;
01558 }
01559 }
01560
01561 printf("Unsupported driver '%s'.\n", name);
01562 return -1;
01563 }
01564
01565
01566 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
01567 const u8 *buf, size_t len)
01568 {
01569 struct wpa_supplicant *wpa_s = ctx;
01570
01571 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
01572 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
01573
01574 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
01575 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
01576 "no key management is configured");
01577 return;
01578 }
01579
01580 if (wpa_s->eapol_received == 0) {
01581
01582 wpa_supplicant_req_auth_timeout(
01583 wpa_s,
01584 (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
01585 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) ?
01586 70 : 10, 0);
01587 }
01588 wpa_s->eapol_received++;
01589
01590 if (wpa_s->countermeasures) {
01591 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
01592 "packet");
01593 return;
01594 }
01595
01596
01597
01598
01599
01600
01601
01602 memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
01603 if (wpa_s->key_mgmt != WPA_KEY_MGMT_PSK &&
01604 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
01605 return;
01606 wpa_drv_poll(wpa_s);
01607 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
01608 }
01609
01610
01611 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s,
01612 int wait_for_interface)
01613 {
01614 static int interface_count = 0;
01615
01616 for (;;) {
01617 if (wpa_s->driver->send_eapol) {
01618 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
01619 if (addr)
01620 memcpy(wpa_s->own_addr, addr, ETH_ALEN);
01621 break;
01622 }
01623 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
01624 wpa_drv_get_mac_addr(wpa_s),
01625 ETH_P_EAPOL,
01626 wpa_supplicant_rx_eapol, wpa_s, 0);
01627 if (wpa_s->l2)
01628 break;
01629 else if (!wait_for_interface)
01630 return -1;
01631 printf("Waiting for interface..\n");
01632 sleep(5);
01633 }
01634
01635 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
01636 fprintf(stderr, "Failed to get own L2 address\n");
01637 return -1;
01638 }
01639
01640 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
01641 MAC2STR(wpa_s->own_addr));
01642
01643
01644
01645
01646 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
01647 struct wpa_driver_capa capa;
01648 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
01649 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
01650 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
01651 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
01652
01653 } else {
01654 fprintf(stderr, "Failed to enable WPA in the "
01655 "driver.\n");
01656 return -1;
01657 }
01658 }
01659
01660 wpa_clear_keys(wpa_s, NULL);
01661
01662
01663
01664 wpa_drv_set_countermeasures(wpa_s, 0);
01665
01666 wpa_drv_set_drop_unencrypted(wpa_s, 1);
01667
01668 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
01669 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
01670 interface_count++;
01671
01672 return 0;
01673 }
01674
01675
01676 static int wpa_supplicant_daemon(const char *pid_file)
01677 {
01678 wpa_printf(MSG_DEBUG, "Daemonize..");
01679 if (daemon(0, 0)) {
01680 perror("daemon");
01681 return -1;
01682 }
01683
01684 if (pid_file) {
01685 FILE *f = fopen(pid_file, "w");
01686 if (f) {
01687 fprintf(f, "%u\n", getpid());
01688 fclose(f);
01689 }
01690 }
01691
01692 return 0;
01693 }
01694
01695
01696 static struct wpa_supplicant * wpa_supplicant_alloc(void)
01697 {
01698 struct wpa_supplicant *wpa_s;
01699
01700 wpa_s = malloc(sizeof(*wpa_s));
01701 if (wpa_s == NULL)
01702 return NULL;
01703 memset(wpa_s, 0, sizeof(*wpa_s));
01704 wpa_s->ctrl_sock = -1;
01705 wpa_s->scan_req = 1;
01706
01707 return wpa_s;
01708 }
01709
01710
01711 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
01712 struct wpa_interface *iface)
01713 {
01714 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
01715 "'%s' ctrl_interface '%s'", iface->ifname,
01716 iface->confname ? iface->confname : "N/A",
01717 iface->driver ? iface->driver : "default",
01718 iface->ctrl_interface ? iface->ctrl_interface : "N/A");
01719
01720 if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) {
01721 return -1;
01722 }
01723
01724 if (iface->confname) {
01725 wpa_s->confname = rel2abs_path(iface->confname);
01726 if (wpa_s->confname == NULL) {
01727 wpa_printf(MSG_ERROR, "Failed to get absolute path "
01728 "for configuration file '%s'.",
01729 iface->confname);
01730 return -1;
01731 }
01732 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
01733 iface->confname, wpa_s->confname);
01734 wpa_s->conf = wpa_config_read(wpa_s->confname);
01735 if (wpa_s->conf == NULL) {
01736 printf("Failed to read configuration file '%s'.\n",
01737 wpa_s->confname);
01738 return -1;
01739 }
01740
01741
01742
01743
01744
01745 if (iface->ctrl_interface) {
01746 free(wpa_s->conf->ctrl_interface);
01747 wpa_s->conf->ctrl_interface =
01748 strdup(iface->ctrl_interface);
01749 }
01750
01751 if (iface->driver_param) {
01752 free(wpa_s->conf->driver_param);
01753 wpa_s->conf->driver_param =
01754 strdup(iface->driver_param);
01755 }
01756 } else
01757 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
01758 iface->driver_param);
01759
01760 if (wpa_s->conf == NULL) {
01761 printf("\nNo configuration found.\n");
01762 return -1;
01763 }
01764
01765 if (iface->ifname == NULL) {
01766 printf("\nInterface name is required.\n");
01767 return -1;
01768 }
01769 if (strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
01770 printf("Too long interface name '%s'.\n", iface->ifname);
01771 return -1;
01772 }
01773 strncpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
01774
01775 return 0;
01776 }
01777
01778
01779 static int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
01780 {
01781 #ifdef IEEE8021X_EAPOL
01782 struct eapol_ctx *ctx;
01783 ctx = malloc(sizeof(*ctx));
01784 if (ctx == NULL) {
01785 printf("Failed to allocate EAPOL context.\n");
01786 return -1;
01787 }
01788
01789 memset(ctx, 0, sizeof(*ctx));
01790 ctx->ctx = wpa_s;
01791 ctx->msg_ctx = wpa_s;
01792 ctx->eapol_send_ctx = wpa_s;
01793 ctx->preauth = 0;
01794 ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
01795 ctx->eapol_send = wpa_supplicant_eapol_send;
01796 ctx->set_wep_key = wpa_eapol_set_wep_key;
01797 ctx->set_config_blob = wpa_supplicant_set_config_blob;
01798 ctx->get_config_blob = wpa_supplicant_get_config_blob;
01799 ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
01800 ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
01801 ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
01802 wpa_s->eapol = eapol_sm_init(ctx);
01803 if (wpa_s->eapol == NULL) {
01804 free(ctx);
01805 printf("Failed to initialize EAPOL state machines.\n");
01806 return -1;
01807 }
01808 #endif
01809
01810 return 0;
01811 }
01812
01813
01814 static int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s)
01815 {
01816 #ifndef CONFIG_NO_WPA
01817 struct wpa_sm_ctx *ctx;
01818 ctx = malloc(sizeof(*ctx));
01819 if (ctx == NULL) {
01820 printf("Failed to allocate WPA context.\n");
01821 return -1;
01822 }
01823
01824 memset(ctx, 0, sizeof(*ctx));
01825 ctx->ctx = wpa_s;
01826 ctx->set_state = _wpa_supplicant_set_state;
01827 ctx->get_state = _wpa_supplicant_get_state;
01828 ctx->req_scan = _wpa_supplicant_req_scan;
01829 ctx->deauthenticate = _wpa_supplicant_deauthenticate;
01830 ctx->disassociate = _wpa_supplicant_disassociate;
01831 ctx->set_key = wpa_supplicant_set_key;
01832 ctx->scan = wpa_supplicant_scan;
01833 ctx->get_ssid = _wpa_supplicant_get_ssid;
01834 ctx->get_bssid = wpa_supplicant_get_bssid;
01835 ctx->ether_send = _wpa_ether_send;
01836 ctx->get_beacon_ie = wpa_supplicant_get_beacon_ie;
01837 ctx->alloc_eapol = _wpa_alloc_eapol;
01838 ctx->cancel_auth_timeout = _wpa_supplicant_cancel_auth_timeout;
01839 ctx->add_pmkid = wpa_supplicant_add_pmkid;
01840 ctx->remove_pmkid = wpa_supplicant_remove_pmkid;
01841 ctx->set_config_blob = wpa_supplicant_set_config_blob;
01842 ctx->get_config_blob = wpa_supplicant_get_config_blob;
01843
01844 wpa_s->wpa = wpa_sm_init(ctx);
01845 if (wpa_s->wpa == NULL) {
01846 fprintf(stderr, "Failed to initialize WPA state machine\n");
01847 return -1;
01848 }
01849 #endif
01850
01851 return 0;
01852 }
01853
01854
01855 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s,
01856 int wait_for_interface)
01857 {
01858 const char *ifname;
01859
01860 wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'",
01861 wpa_s->ifname);
01862
01863 if (wpa_supplicant_init_eapol(wpa_s) < 0)
01864 return -1;
01865
01866
01867 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01868 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01869
01870
01871
01872
01873
01874 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
01875 if (wpa_s->drv_priv == NULL) {
01876 fprintf(stderr, "Failed to initialize driver interface\n");
01877 return -1;
01878 }
01879 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
01880 fprintf(stderr, "Driver interface rejected driver_param "
01881 "'%s'\n", wpa_s->conf->driver_param);
01882 return -1;
01883 }
01884
01885 ifname = wpa_drv_get_ifname(wpa_s);
01886 if (ifname && strcmp(ifname, wpa_s->ifname) != 0) {
01887 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
01888 "name with '%s'", ifname);
01889 strncpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
01890 }
01891
01892 if (wpa_supplicant_init_wpa(wpa_s) < 0)
01893 return -1;
01894
01895 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname);
01896 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
01897 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
01898
01899 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
01900 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
01901 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
01902 fprintf(stderr, "Invalid WPA parameter value for "
01903 "dot11RSNAConfigPMKLifetime\n");
01904 return -1;
01905 }
01906
01907 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
01908 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
01909 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
01910 fprintf(stderr, "Invalid WPA parameter value for "
01911 "dot11RSNAConfigPMKReauthThreshold\n");
01912 return -1;
01913 }
01914
01915 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
01916 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
01917 wpa_s->conf->dot11RSNAConfigSATimeout)) {
01918 fprintf(stderr, "Invalid WPA parameter value for "
01919 "dot11RSNAConfigSATimeout\n");
01920 return -1;
01921 }
01922
01923 if (wpa_supplicant_driver_init(wpa_s, wait_for_interface) < 0) {
01924 return -1;
01925 }
01926 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
01927
01928 if (wpa_supplicant_ctrl_iface_init(wpa_s)) {
01929 printf("Failed to initialize control interface '%s'.\n"
01930 "You may have another wpa_supplicant process already "
01931 "running or the file was\n"
01932 "left by an unclean termination of wpa_supplicant in "
01933 "which case you will need\n"
01934 "to manually remove this file before starting "
01935 "wpa_supplicant again.\n",
01936 wpa_s->conf->ctrl_interface);
01937 return -1;
01938 }
01939
01940 return 0;
01941 }
01942
01943
01944 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
01945 {
01946 if (wpa_s->drv_priv) {
01947 wpa_supplicant_deauthenticate(wpa_s, REASON_DEAUTH_LEAVING);
01948
01949
01950
01951
01952 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
01953 fprintf(stderr, "Failed to disable WPA in the "
01954 "driver.\n");
01955 }
01956
01957 wpa_drv_set_drop_unencrypted(wpa_s, 0);
01958 wpa_drv_set_countermeasures(wpa_s, 0);
01959 wpa_clear_keys(wpa_s, NULL);
01960
01961 wpa_drv_deinit(wpa_s);
01962 }
01963 wpa_supplicant_cleanup(wpa_s);
01964 }
01965
01966
01980 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
01981 struct wpa_interface *iface)
01982 {
01983 struct wpa_supplicant *wpa_s;
01984
01985 if (global == NULL || iface == NULL)
01986 return NULL;
01987
01988 wpa_s = wpa_supplicant_alloc();
01989 if (wpa_s == NULL)
01990 return NULL;
01991
01992 if (wpa_supplicant_init_iface(wpa_s, iface) ||
01993 wpa_supplicant_init_iface2(wpa_s,
01994 global->params.wait_for_interface)) {
01995 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
01996 iface->ifname);
01997 wpa_supplicant_deinit_iface(wpa_s);
01998 free(wpa_s);
01999 return NULL;
02000 }
02001
02002 wpa_s->global = global;
02003 wpa_s->next = global->ifaces;
02004 global->ifaces = wpa_s;
02005
02006 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
02007
02008 return wpa_s;
02009 }
02010
02011
02024 int wpa_supplicant_remove_iface(struct wpa_global *global,
02025 struct wpa_supplicant *wpa_s)
02026 {
02027 struct wpa_supplicant *prev;
02028
02029
02030 prev = global->ifaces;
02031 if (prev == wpa_s) {
02032 global->ifaces = wpa_s->next;
02033 } else {
02034 while (prev && prev->next != wpa_s)
02035 prev = prev->next;
02036 if (prev == NULL)
02037 return -1;
02038 prev->next = wpa_s->next;
02039 }
02040
02041 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
02042
02043 wpa_supplicant_deinit_iface(wpa_s);
02044 free(wpa_s);
02045
02046 return 0;
02047 }
02048
02049
02057 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
02058 const char *ifname)
02059 {
02060 struct wpa_supplicant *wpa_s;
02061
02062 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
02063 if (strcmp(wpa_s->ifname, ifname) == 0)
02064 return wpa_s;
02065 }
02066 return NULL;
02067 }
02068
02069
02080 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
02081 {
02082 struct wpa_global *global;
02083
02084 if (params == NULL)
02085 return NULL;
02086 global = malloc(sizeof(*global));
02087 if (global == NULL)
02088 return NULL;
02089 memset(global, 0, sizeof(*global));
02090 global->params.daemonize = params->daemonize;
02091 global->params.wait_for_interface = params->wait_for_interface;
02092 global->params.wait_for_monitor = params->wait_for_monitor;
02093 if (params->pid_file)
02094 global->params.pid_file = strdup(params->pid_file);
02095 if (params->ctrl_interface)
02096 global->params.ctrl_interface = strdup(params->ctrl_interface);
02097 wpa_debug_level = global->params.wpa_debug_level =
02098 params->wpa_debug_level;
02099 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
02100 params->wpa_debug_show_keys;
02101 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
02102 params->wpa_debug_timestamp;
02103
02104 eloop_init(global);
02105
02106 if (wpa_supplicant_global_ctrl_iface_init(global)) {
02107 eloop_destroy();
02108 return NULL;
02109 }
02110
02111 if (global->params.wait_for_interface && global->params.daemonize &&
02112 wpa_supplicant_daemon(global->params.pid_file)) {
02113 eloop_destroy();
02114 return NULL;
02115 }
02116
02117 return global;
02118 }
02119
02120
02131 int wpa_supplicant_run(struct wpa_global *global)
02132 {
02133 struct wpa_supplicant *wpa_s;
02134
02135 if (!global->params.wait_for_interface && global->params.daemonize &&
02136 wpa_supplicant_daemon(global->params.pid_file))
02137 return -1;
02138
02139 if (global->params.wait_for_monitor) {
02140 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
02141 wpa_supplicant_ctrl_iface_wait(wpa_s);
02142 }
02143
02144 eloop_register_signal(SIGINT, wpa_supplicant_terminate, NULL);
02145 eloop_register_signal(SIGTERM, wpa_supplicant_terminate, NULL);
02146 #ifndef CONFIG_NATIVE_WINDOWS
02147 eloop_register_signal(SIGHUP, wpa_supplicant_reconfig, NULL);
02148 #endif
02149
02150 eloop_run();
02151
02152 return 0;
02153 }
02154
02155
02164 void wpa_supplicant_deinit(struct wpa_global *global)
02165 {
02166 if (global == NULL)
02167 return;
02168
02169 while (global->ifaces)
02170 wpa_supplicant_remove_iface(global, global->ifaces);
02171
02172 wpa_supplicant_global_ctrl_iface_deinit(global);
02173
02174 eloop_destroy();
02175
02176 if (global->params.pid_file) {
02177 unlink(global->params.pid_file);
02178 free(global->params.pid_file);
02179 }
02180 free(global->params.ctrl_interface);
02181
02182 free(global);
02183 }
02184
