Line data Source code
1 : /*
2 : * Driver interaction with generic Linux Wireless Extensions
3 : * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
4 : *
5 : * This software may be distributed under the terms of the BSD license.
6 : * See README for more details.
7 : *
8 : * This file implements a driver interface for the Linux Wireless Extensions.
9 : * When used with WE-18 or newer, this interface can be used as-is with number
10 : * of drivers. In addition to this, some of the common functions in this file
11 : * can be used by other driver interface implementations that use generic WE
12 : * ioctls, but require private ioctls for some of the functionality.
13 : */
14 :
15 : #include "includes.h"
16 : #include <sys/ioctl.h>
17 : #include <sys/types.h>
18 : #include <sys/stat.h>
19 : #include <fcntl.h>
20 : #include <net/if_arp.h>
21 :
22 : #include "linux_wext.h"
23 : #include "common.h"
24 : #include "eloop.h"
25 : #include "common/ieee802_11_defs.h"
26 : #include "common/wpa_common.h"
27 : #include "priv_netlink.h"
28 : #include "netlink.h"
29 : #include "linux_ioctl.h"
30 : #include "rfkill.h"
31 : #include "driver.h"
32 : #include "driver_wext.h"
33 :
34 : static int wpa_driver_wext_flush_pmkid(void *priv);
35 : static int wpa_driver_wext_get_range(void *priv);
36 : static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv);
37 : static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv);
38 : static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg);
39 :
40 :
41 176 : int wpa_driver_wext_set_auth_param(struct wpa_driver_wext_data *drv,
42 : int idx, u32 value)
43 : {
44 : struct iwreq iwr;
45 176 : int ret = 0;
46 :
47 176 : os_memset(&iwr, 0, sizeof(iwr));
48 176 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
49 176 : iwr.u.param.flags = idx & IW_AUTH_INDEX;
50 176 : iwr.u.param.value = value;
51 :
52 176 : if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
53 21 : if (errno != EOPNOTSUPP) {
54 0 : wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
55 : "value 0x%x) failed: %s)",
56 0 : idx, value, strerror(errno));
57 : }
58 21 : ret = errno == EOPNOTSUPP ? -2 : -1;
59 : }
60 :
61 176 : return ret;
62 : }
63 :
64 :
65 : /**
66 : * wpa_driver_wext_get_bssid - Get BSSID, SIOCGIWAP
67 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
68 : * @bssid: Buffer for BSSID
69 : * Returns: 0 on success, -1 on failure
70 : */
71 27 : int wpa_driver_wext_get_bssid(void *priv, u8 *bssid)
72 : {
73 27 : struct wpa_driver_wext_data *drv = priv;
74 : struct iwreq iwr;
75 27 : int ret = 0;
76 :
77 27 : os_memset(&iwr, 0, sizeof(iwr));
78 27 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
79 :
80 27 : if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
81 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCGIWAP]: %s", strerror(errno));
82 0 : ret = -1;
83 : }
84 27 : os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
85 :
86 27 : return ret;
87 : }
88 :
89 :
90 : /**
91 : * wpa_driver_wext_set_bssid - Set BSSID, SIOCSIWAP
92 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
93 : * @bssid: BSSID
94 : * Returns: 0 on success, -1 on failure
95 : */
96 45 : int wpa_driver_wext_set_bssid(void *priv, const u8 *bssid)
97 : {
98 45 : struct wpa_driver_wext_data *drv = priv;
99 : struct iwreq iwr;
100 45 : int ret = 0;
101 :
102 45 : os_memset(&iwr, 0, sizeof(iwr));
103 45 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
104 45 : iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
105 45 : if (bssid)
106 45 : os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
107 : else
108 0 : os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
109 :
110 45 : if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
111 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWAP]: %s", strerror(errno));
112 0 : ret = -1;
113 : }
114 :
115 45 : return ret;
116 : }
117 :
118 :
119 : /**
120 : * wpa_driver_wext_get_ssid - Get SSID, SIOCGIWESSID
121 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
122 : * @ssid: Buffer for the SSID; must be at least 32 bytes long
123 : * Returns: SSID length on success, -1 on failure
124 : */
125 10 : int wpa_driver_wext_get_ssid(void *priv, u8 *ssid)
126 : {
127 10 : struct wpa_driver_wext_data *drv = priv;
128 : struct iwreq iwr;
129 10 : int ret = 0;
130 :
131 10 : os_memset(&iwr, 0, sizeof(iwr));
132 10 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
133 10 : iwr.u.essid.pointer = (caddr_t) ssid;
134 10 : iwr.u.essid.length = 32;
135 :
136 10 : if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
137 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCGIWESSID]: %s",
138 0 : strerror(errno));
139 0 : ret = -1;
140 : } else {
141 10 : ret = iwr.u.essid.length;
142 10 : if (ret > 32)
143 0 : ret = 32;
144 : /* Some drivers include nul termination in the SSID, so let's
145 : * remove it here before further processing. WE-21 changes this
146 : * to explicitly require the length _not_ to include nul
147 : * termination. */
148 10 : if (ret > 0 && ssid[ret - 1] == '\0' &&
149 0 : drv->we_version_compiled < 21)
150 0 : ret--;
151 : }
152 :
153 10 : return ret;
154 : }
155 :
156 :
157 : /**
158 : * wpa_driver_wext_set_ssid - Set SSID, SIOCSIWESSID
159 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
160 : * @ssid: SSID
161 : * @ssid_len: Length of SSID (0..32)
162 : * Returns: 0 on success, -1 on failure
163 : */
164 60 : int wpa_driver_wext_set_ssid(void *priv, const u8 *ssid, size_t ssid_len)
165 : {
166 60 : struct wpa_driver_wext_data *drv = priv;
167 : struct iwreq iwr;
168 60 : int ret = 0;
169 : char buf[33];
170 :
171 60 : if (ssid_len > 32)
172 0 : return -1;
173 :
174 60 : os_memset(&iwr, 0, sizeof(iwr));
175 60 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
176 : /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
177 60 : iwr.u.essid.flags = (ssid_len != 0);
178 60 : os_memset(buf, 0, sizeof(buf));
179 60 : os_memcpy(buf, ssid, ssid_len);
180 60 : iwr.u.essid.pointer = (caddr_t) buf;
181 60 : if (drv->we_version_compiled < 21) {
182 : /* For historic reasons, set SSID length to include one extra
183 : * character, C string nul termination, even though SSID is
184 : * really an octet string that should not be presented as a C
185 : * string. Some Linux drivers decrement the length by one and
186 : * can thus end up missing the last octet of the SSID if the
187 : * length is not incremented here. WE-21 changes this to
188 : * explicitly require the length _not_ to include nul
189 : * termination. */
190 0 : if (ssid_len)
191 0 : ssid_len++;
192 : }
193 60 : iwr.u.essid.length = ssid_len;
194 :
195 60 : if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
196 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWESSID]: %s",
197 0 : strerror(errno));
198 0 : ret = -1;
199 : }
200 :
201 60 : return ret;
202 : }
203 :
204 :
205 : /**
206 : * wpa_driver_wext_set_freq - Set frequency/channel, SIOCSIWFREQ
207 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
208 : * @freq: Frequency in MHz
209 : * Returns: 0 on success, -1 on failure
210 : */
211 15 : int wpa_driver_wext_set_freq(void *priv, int freq)
212 : {
213 15 : struct wpa_driver_wext_data *drv = priv;
214 : struct iwreq iwr;
215 15 : int ret = 0;
216 :
217 15 : os_memset(&iwr, 0, sizeof(iwr));
218 15 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
219 15 : iwr.u.freq.m = freq * 100000;
220 15 : iwr.u.freq.e = 1;
221 :
222 15 : if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
223 15 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWFREQ]: %s",
224 15 : strerror(errno));
225 15 : ret = -1;
226 : }
227 :
228 15 : return ret;
229 : }
230 :
231 :
232 : static void
233 2 : wpa_driver_wext_event_wireless_custom(void *ctx, char *custom)
234 : {
235 : union wpa_event_data data;
236 :
237 2 : wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
238 : custom);
239 :
240 2 : os_memset(&data, 0, sizeof(data));
241 : /* Host AP driver */
242 2 : if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
243 2 : data.michael_mic_failure.unicast =
244 2 : os_strstr(custom, " unicast ") != NULL;
245 : /* TODO: parse parameters(?) */
246 2 : wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
247 0 : } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
248 : char *spos;
249 : int bytes;
250 0 : u8 *req_ies = NULL, *resp_ies = NULL;
251 :
252 0 : spos = custom + 17;
253 :
254 0 : bytes = strspn(spos, "0123456789abcdefABCDEF");
255 0 : if (!bytes || (bytes & 1))
256 0 : return;
257 0 : bytes /= 2;
258 :
259 0 : req_ies = os_malloc(bytes);
260 0 : if (req_ies == NULL ||
261 0 : hexstr2bin(spos, req_ies, bytes) < 0)
262 : goto done;
263 0 : data.assoc_info.req_ies = req_ies;
264 0 : data.assoc_info.req_ies_len = bytes;
265 :
266 0 : spos += bytes * 2;
267 :
268 0 : data.assoc_info.resp_ies = NULL;
269 0 : data.assoc_info.resp_ies_len = 0;
270 :
271 0 : if (os_strncmp(spos, " RespIEs=", 9) == 0) {
272 0 : spos += 9;
273 :
274 0 : bytes = strspn(spos, "0123456789abcdefABCDEF");
275 0 : if (!bytes || (bytes & 1))
276 : goto done;
277 0 : bytes /= 2;
278 :
279 0 : resp_ies = os_malloc(bytes);
280 0 : if (resp_ies == NULL ||
281 0 : hexstr2bin(spos, resp_ies, bytes) < 0)
282 : goto done;
283 0 : data.assoc_info.resp_ies = resp_ies;
284 0 : data.assoc_info.resp_ies_len = bytes;
285 : }
286 :
287 0 : wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
288 :
289 : done:
290 0 : os_free(resp_ies);
291 0 : os_free(req_ies);
292 : #ifdef CONFIG_PEERKEY
293 0 : } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
294 0 : if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
295 0 : wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
296 : "STKSTART.request '%s'", custom + 17);
297 0 : return;
298 : }
299 0 : wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
300 : #endif /* CONFIG_PEERKEY */
301 : }
302 : }
303 :
304 :
305 0 : static int wpa_driver_wext_event_wireless_michaelmicfailure(
306 : void *ctx, const char *ev, size_t len)
307 : {
308 : const struct iw_michaelmicfailure *mic;
309 : union wpa_event_data data;
310 :
311 0 : if (len < sizeof(*mic))
312 0 : return -1;
313 :
314 0 : mic = (const struct iw_michaelmicfailure *) ev;
315 :
316 0 : wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
317 : "flags=0x%x src_addr=" MACSTR, mic->flags,
318 0 : MAC2STR(mic->src_addr.sa_data));
319 :
320 0 : os_memset(&data, 0, sizeof(data));
321 0 : data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
322 0 : wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
323 :
324 0 : return 0;
325 : }
326 :
327 :
328 0 : static int wpa_driver_wext_event_wireless_pmkidcand(
329 : struct wpa_driver_wext_data *drv, const char *ev, size_t len)
330 : {
331 : const struct iw_pmkid_cand *cand;
332 : union wpa_event_data data;
333 : const u8 *addr;
334 :
335 0 : if (len < sizeof(*cand))
336 0 : return -1;
337 :
338 0 : cand = (const struct iw_pmkid_cand *) ev;
339 0 : addr = (const u8 *) cand->bssid.sa_data;
340 :
341 0 : wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
342 : "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
343 0 : cand->index, MAC2STR(addr));
344 :
345 0 : os_memset(&data, 0, sizeof(data));
346 0 : os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
347 0 : data.pmkid_candidate.index = cand->index;
348 0 : data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
349 0 : wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
350 :
351 0 : return 0;
352 : }
353 :
354 :
355 0 : static int wpa_driver_wext_event_wireless_assocreqie(
356 : struct wpa_driver_wext_data *drv, const char *ev, int len)
357 : {
358 0 : if (len < 0)
359 0 : return -1;
360 :
361 0 : wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
362 : len);
363 0 : os_free(drv->assoc_req_ies);
364 0 : drv->assoc_req_ies = os_malloc(len);
365 0 : if (drv->assoc_req_ies == NULL) {
366 0 : drv->assoc_req_ies_len = 0;
367 0 : return -1;
368 : }
369 0 : os_memcpy(drv->assoc_req_ies, ev, len);
370 0 : drv->assoc_req_ies_len = len;
371 :
372 0 : return 0;
373 : }
374 :
375 :
376 15 : static int wpa_driver_wext_event_wireless_assocrespie(
377 : struct wpa_driver_wext_data *drv, const char *ev, int len)
378 : {
379 15 : if (len < 0)
380 0 : return -1;
381 :
382 15 : wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
383 : len);
384 15 : os_free(drv->assoc_resp_ies);
385 15 : drv->assoc_resp_ies = os_malloc(len);
386 15 : if (drv->assoc_resp_ies == NULL) {
387 0 : drv->assoc_resp_ies_len = 0;
388 0 : return -1;
389 : }
390 15 : os_memcpy(drv->assoc_resp_ies, ev, len);
391 15 : drv->assoc_resp_ies_len = len;
392 :
393 15 : return 0;
394 : }
395 :
396 :
397 15 : static void wpa_driver_wext_event_assoc_ies(struct wpa_driver_wext_data *drv)
398 : {
399 : union wpa_event_data data;
400 :
401 15 : if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
402 15 : return;
403 :
404 15 : os_memset(&data, 0, sizeof(data));
405 15 : if (drv->assoc_req_ies) {
406 0 : data.assoc_info.req_ies = drv->assoc_req_ies;
407 0 : data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
408 : }
409 15 : if (drv->assoc_resp_ies) {
410 15 : data.assoc_info.resp_ies = drv->assoc_resp_ies;
411 15 : data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
412 : }
413 :
414 15 : wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
415 :
416 15 : os_free(drv->assoc_req_ies);
417 15 : drv->assoc_req_ies = NULL;
418 15 : os_free(drv->assoc_resp_ies);
419 15 : drv->assoc_resp_ies = NULL;
420 : }
421 :
422 :
423 126 : static void wpa_driver_wext_event_wireless(struct wpa_driver_wext_data *drv,
424 : char *data, int len)
425 : {
426 126 : struct iw_event iwe_buf, *iwe = &iwe_buf;
427 : char *pos, *end, *custom, *buf;
428 :
429 126 : pos = data;
430 126 : end = data + len;
431 :
432 378 : while (pos + IW_EV_LCP_LEN <= end) {
433 : /* Event data may be unaligned, so make a local, aligned copy
434 : * before processing. */
435 126 : os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
436 252 : wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
437 252 : iwe->cmd, iwe->len);
438 126 : if (iwe->len <= IW_EV_LCP_LEN)
439 0 : return;
440 :
441 126 : custom = pos + IW_EV_POINT_LEN;
442 252 : if (drv->we_version_compiled > 18 &&
443 252 : (iwe->cmd == IWEVMICHAELMICFAILURE ||
444 250 : iwe->cmd == IWEVCUSTOM ||
445 248 : iwe->cmd == IWEVASSOCREQIE ||
446 233 : iwe->cmd == IWEVASSOCRESPIE ||
447 126 : iwe->cmd == IWEVPMKIDCAND)) {
448 : /* WE-19 removed the pointer from struct iw_point */
449 17 : char *dpos = (char *) &iwe_buf.u.data.length;
450 17 : int dlen = dpos - (char *) &iwe_buf;
451 17 : os_memcpy(dpos, pos + IW_EV_LCP_LEN,
452 : sizeof(struct iw_event) - dlen);
453 : } else {
454 109 : os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
455 109 : custom += IW_EV_POINT_OFF;
456 : }
457 :
458 126 : switch (iwe->cmd) {
459 : case SIOCGIWAP:
460 144 : wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
461 : MACSTR,
462 144 : MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
463 24 : if (is_zero_ether_addr(
464 39 : (const u8 *) iwe->u.ap_addr.sa_data) ||
465 15 : os_memcmp(iwe->u.ap_addr.sa_data,
466 : "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
467 : 0) {
468 9 : os_free(drv->assoc_req_ies);
469 9 : drv->assoc_req_ies = NULL;
470 9 : os_free(drv->assoc_resp_ies);
471 9 : drv->assoc_resp_ies = NULL;
472 9 : wpa_supplicant_event(drv->ctx, EVENT_DISASSOC,
473 : NULL);
474 :
475 : } else {
476 15 : wpa_driver_wext_event_assoc_ies(drv);
477 15 : wpa_supplicant_event(drv->ctx, EVENT_ASSOC,
478 : NULL);
479 : }
480 24 : break;
481 : case IWEVMICHAELMICFAILURE:
482 0 : if (custom + iwe->u.data.length > end) {
483 0 : wpa_printf(MSG_DEBUG, "WEXT: Invalid "
484 : "IWEVMICHAELMICFAILURE length");
485 0 : return;
486 : }
487 0 : wpa_driver_wext_event_wireless_michaelmicfailure(
488 0 : drv->ctx, custom, iwe->u.data.length);
489 0 : break;
490 : case IWEVCUSTOM:
491 2 : if (custom + iwe->u.data.length > end) {
492 0 : wpa_printf(MSG_DEBUG, "WEXT: Invalid "
493 : "IWEVCUSTOM length");
494 0 : return;
495 : }
496 2 : buf = dup_binstr(custom, iwe->u.data.length);
497 2 : if (buf == NULL)
498 0 : return;
499 2 : wpa_driver_wext_event_wireless_custom(drv->ctx, buf);
500 2 : os_free(buf);
501 2 : break;
502 : case SIOCGIWSCAN:
503 16 : drv->scan_complete_events = 1;
504 16 : eloop_cancel_timeout(wpa_driver_wext_scan_timeout,
505 : drv, drv->ctx);
506 16 : wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS,
507 : NULL);
508 16 : break;
509 : case IWEVASSOCREQIE:
510 0 : if (custom + iwe->u.data.length > end) {
511 0 : wpa_printf(MSG_DEBUG, "WEXT: Invalid "
512 : "IWEVASSOCREQIE length");
513 0 : return;
514 : }
515 0 : wpa_driver_wext_event_wireless_assocreqie(
516 0 : drv, custom, iwe->u.data.length);
517 0 : break;
518 : case IWEVASSOCRESPIE:
519 15 : if (custom + iwe->u.data.length > end) {
520 0 : wpa_printf(MSG_DEBUG, "WEXT: Invalid "
521 : "IWEVASSOCRESPIE length");
522 0 : return;
523 : }
524 15 : wpa_driver_wext_event_wireless_assocrespie(
525 15 : drv, custom, iwe->u.data.length);
526 15 : break;
527 : case IWEVPMKIDCAND:
528 0 : if (custom + iwe->u.data.length > end) {
529 0 : wpa_printf(MSG_DEBUG, "WEXT: Invalid "
530 : "IWEVPMKIDCAND length");
531 0 : return;
532 : }
533 0 : wpa_driver_wext_event_wireless_pmkidcand(
534 0 : drv, custom, iwe->u.data.length);
535 0 : break;
536 : }
537 :
538 126 : pos += iwe->len;
539 : }
540 : }
541 :
542 :
543 192 : static void wpa_driver_wext_event_link(struct wpa_driver_wext_data *drv,
544 : char *buf, size_t len, int del)
545 : {
546 : union wpa_event_data event;
547 :
548 192 : os_memset(&event, 0, sizeof(event));
549 192 : if (len > sizeof(event.interface_status.ifname))
550 0 : len = sizeof(event.interface_status.ifname) - 1;
551 192 : os_memcpy(event.interface_status.ifname, buf, len);
552 192 : event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
553 : EVENT_INTERFACE_ADDED;
554 :
555 192 : wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
556 : del ? "DEL" : "NEW",
557 : event.interface_status.ifname,
558 : del ? "removed" : "added");
559 :
560 192 : if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
561 192 : if (del) {
562 0 : if (drv->if_removed) {
563 0 : wpa_printf(MSG_DEBUG, "WEXT: if_removed "
564 : "already set - ignore event");
565 0 : return;
566 : }
567 0 : drv->if_removed = 1;
568 : } else {
569 192 : if (if_nametoindex(drv->ifname) == 0) {
570 0 : wpa_printf(MSG_DEBUG, "WEXT: Interface %s "
571 : "does not exist - ignore "
572 : "RTM_NEWLINK",
573 0 : drv->ifname);
574 0 : return;
575 : }
576 192 : if (!drv->if_removed) {
577 192 : wpa_printf(MSG_DEBUG, "WEXT: if_removed "
578 : "already cleared - ignore event");
579 192 : return;
580 : }
581 0 : drv->if_removed = 0;
582 : }
583 : }
584 :
585 0 : wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
586 : }
587 :
588 :
589 0 : static int wpa_driver_wext_own_ifname(struct wpa_driver_wext_data *drv,
590 : u8 *buf, size_t len)
591 : {
592 : int attrlen, rta_len;
593 : struct rtattr *attr;
594 :
595 0 : attrlen = len;
596 0 : attr = (struct rtattr *) buf;
597 :
598 0 : rta_len = RTA_ALIGN(sizeof(struct rtattr));
599 0 : while (RTA_OK(attr, attrlen)) {
600 0 : if (attr->rta_type == IFLA_IFNAME) {
601 0 : if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
602 : == 0)
603 0 : return 1;
604 : else
605 0 : break;
606 : }
607 0 : attr = RTA_NEXT(attr, attrlen);
608 : }
609 :
610 0 : return 0;
611 : }
612 :
613 :
614 218 : static int wpa_driver_wext_own_ifindex(struct wpa_driver_wext_data *drv,
615 : int ifindex, u8 *buf, size_t len)
616 : {
617 218 : if (drv->ifindex == ifindex || drv->ifindex2 == ifindex)
618 192 : return 1;
619 :
620 26 : if (drv->if_removed && wpa_driver_wext_own_ifname(drv, buf, len)) {
621 0 : drv->ifindex = if_nametoindex(drv->ifname);
622 0 : wpa_printf(MSG_DEBUG, "WEXT: Update ifindex for a removed "
623 : "interface");
624 0 : wpa_driver_wext_finish_drv_init(drv);
625 0 : return 1;
626 : }
627 :
628 26 : return 0;
629 : }
630 :
631 :
632 218 : static void wpa_driver_wext_event_rtm_newlink(void *ctx, struct ifinfomsg *ifi,
633 : u8 *buf, size_t len)
634 : {
635 218 : struct wpa_driver_wext_data *drv = ctx;
636 : int attrlen, rta_len;
637 : struct rtattr *attr;
638 : char namebuf[IFNAMSIZ];
639 :
640 218 : if (!wpa_driver_wext_own_ifindex(drv, ifi->ifi_index, buf, len)) {
641 26 : wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
642 : ifi->ifi_index);
643 244 : return;
644 : }
645 :
646 768 : wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
647 : "(%s%s%s%s)",
648 : drv->operstate, ifi->ifi_flags,
649 192 : (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
650 192 : (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
651 192 : (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
652 192 : (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
653 :
654 192 : if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
655 1 : wpa_printf(MSG_DEBUG, "WEXT: Interface down");
656 1 : drv->if_disabled = 1;
657 1 : wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL);
658 : }
659 :
660 192 : if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
661 4 : if (if_indextoname(ifi->ifi_index, namebuf) &&
662 2 : linux_iface_up(drv->ioctl_sock, drv->ifname) == 0) {
663 1 : wpa_printf(MSG_DEBUG, "WEXT: Ignore interface up "
664 : "event since interface %s is down",
665 : namebuf);
666 1 : } else if (if_nametoindex(drv->ifname) == 0) {
667 0 : wpa_printf(MSG_DEBUG, "WEXT: Ignore interface up "
668 : "event since interface %s does not exist",
669 0 : drv->ifname);
670 1 : } else if (drv->if_removed) {
671 0 : wpa_printf(MSG_DEBUG, "WEXT: Ignore interface up "
672 : "event since interface %s is marked "
673 0 : "removed", drv->ifname);
674 : } else {
675 1 : wpa_printf(MSG_DEBUG, "WEXT: Interface up");
676 1 : drv->if_disabled = 0;
677 1 : wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
678 : NULL);
679 : }
680 : }
681 :
682 : /*
683 : * Some drivers send the association event before the operup event--in
684 : * this case, lifting operstate in wpa_driver_wext_set_operstate()
685 : * fails. This will hit us when wpa_supplicant does not need to do
686 : * IEEE 802.1X authentication
687 : */
688 214 : if (drv->operstate == 1 &&
689 41 : (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
690 19 : !(ifi->ifi_flags & IFF_RUNNING))
691 0 : netlink_send_oper_ifla(drv->netlink, drv->ifindex,
692 : -1, IF_OPER_UP);
693 :
694 192 : attrlen = len;
695 192 : attr = (struct rtattr *) buf;
696 :
697 192 : rta_len = RTA_ALIGN(sizeof(struct rtattr));
698 1824 : while (RTA_OK(attr, attrlen)) {
699 1440 : if (attr->rta_type == IFLA_WIRELESS) {
700 126 : wpa_driver_wext_event_wireless(
701 : drv, ((char *) attr) + rta_len,
702 126 : attr->rta_len - rta_len);
703 1314 : } else if (attr->rta_type == IFLA_IFNAME) {
704 192 : wpa_driver_wext_event_link(drv,
705 : ((char *) attr) + rta_len,
706 192 : attr->rta_len - rta_len, 0);
707 : }
708 1440 : attr = RTA_NEXT(attr, attrlen);
709 : }
710 : }
711 :
712 :
713 0 : static void wpa_driver_wext_event_rtm_dellink(void *ctx, struct ifinfomsg *ifi,
714 : u8 *buf, size_t len)
715 : {
716 0 : struct wpa_driver_wext_data *drv = ctx;
717 : int attrlen, rta_len;
718 : struct rtattr *attr;
719 :
720 0 : attrlen = len;
721 0 : attr = (struct rtattr *) buf;
722 :
723 0 : rta_len = RTA_ALIGN(sizeof(struct rtattr));
724 0 : while (RTA_OK(attr, attrlen)) {
725 0 : if (attr->rta_type == IFLA_IFNAME) {
726 0 : wpa_driver_wext_event_link(drv,
727 : ((char *) attr) + rta_len,
728 0 : attr->rta_len - rta_len, 1);
729 : }
730 0 : attr = RTA_NEXT(attr, attrlen);
731 : }
732 0 : }
733 :
734 :
735 1 : static void wpa_driver_wext_rfkill_blocked(void *ctx)
736 : {
737 1 : wpa_printf(MSG_DEBUG, "WEXT: RFKILL blocked");
738 : /*
739 : * This may be for any interface; use ifdown event to disable
740 : * interface.
741 : */
742 1 : }
743 :
744 :
745 1 : static void wpa_driver_wext_rfkill_unblocked(void *ctx)
746 : {
747 1 : struct wpa_driver_wext_data *drv = ctx;
748 1 : wpa_printf(MSG_DEBUG, "WEXT: RFKILL unblocked");
749 1 : if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1)) {
750 0 : wpa_printf(MSG_DEBUG, "WEXT: Could not set interface UP "
751 : "after rfkill unblock");
752 0 : return;
753 : }
754 : /* rtnetlink ifup handler will report interface as enabled */
755 : }
756 :
757 :
758 10 : static void wext_get_phy_name(struct wpa_driver_wext_data *drv)
759 : {
760 : /* Find phy (radio) to which this interface belongs */
761 : char buf[90], *pos;
762 : int f, rv;
763 :
764 10 : drv->phyname[0] = '\0';
765 10 : snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
766 10 : drv->ifname);
767 10 : f = open(buf, O_RDONLY);
768 10 : if (f < 0) {
769 0 : wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
770 0 : buf, strerror(errno));
771 0 : return;
772 : }
773 :
774 10 : rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
775 10 : close(f);
776 10 : if (rv < 0) {
777 0 : wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
778 0 : buf, strerror(errno));
779 0 : return;
780 : }
781 :
782 10 : drv->phyname[rv] = '\0';
783 10 : pos = os_strchr(drv->phyname, '\n');
784 10 : if (pos)
785 10 : *pos = '\0';
786 10 : wpa_printf(MSG_DEBUG, "wext: interface %s phy: %s",
787 10 : drv->ifname, drv->phyname);
788 : }
789 :
790 :
791 : /**
792 : * wpa_driver_wext_init - Initialize WE driver interface
793 : * @ctx: context to be used when calling wpa_supplicant functions,
794 : * e.g., wpa_supplicant_event()
795 : * @ifname: interface name, e.g., wlan0
796 : * Returns: Pointer to private data, %NULL on failure
797 : */
798 10 : void * wpa_driver_wext_init(void *ctx, const char *ifname)
799 : {
800 : struct wpa_driver_wext_data *drv;
801 : struct netlink_config *cfg;
802 : struct rfkill_config *rcfg;
803 : char path[128];
804 : struct stat buf;
805 :
806 10 : drv = os_zalloc(sizeof(*drv));
807 10 : if (drv == NULL)
808 0 : return NULL;
809 10 : drv->ctx = ctx;
810 10 : os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
811 :
812 10 : os_snprintf(path, sizeof(path), "/sys/class/net/%s/phy80211", ifname);
813 10 : if (stat(path, &buf) == 0) {
814 10 : wpa_printf(MSG_DEBUG, "WEXT: cfg80211-based driver detected");
815 10 : drv->cfg80211 = 1;
816 10 : wext_get_phy_name(drv);
817 : }
818 :
819 10 : drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
820 10 : if (drv->ioctl_sock < 0) {
821 0 : wpa_printf(MSG_ERROR, "socket(PF_INET,SOCK_DGRAM): %s",
822 0 : strerror(errno));
823 0 : goto err1;
824 : }
825 :
826 10 : cfg = os_zalloc(sizeof(*cfg));
827 10 : if (cfg == NULL)
828 0 : goto err1;
829 10 : cfg->ctx = drv;
830 10 : cfg->newlink_cb = wpa_driver_wext_event_rtm_newlink;
831 10 : cfg->dellink_cb = wpa_driver_wext_event_rtm_dellink;
832 10 : drv->netlink = netlink_init(cfg);
833 10 : if (drv->netlink == NULL) {
834 0 : os_free(cfg);
835 0 : goto err2;
836 : }
837 :
838 10 : rcfg = os_zalloc(sizeof(*rcfg));
839 10 : if (rcfg == NULL)
840 0 : goto err3;
841 10 : rcfg->ctx = drv;
842 10 : os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
843 10 : rcfg->blocked_cb = wpa_driver_wext_rfkill_blocked;
844 10 : rcfg->unblocked_cb = wpa_driver_wext_rfkill_unblocked;
845 10 : drv->rfkill = rfkill_init(rcfg);
846 10 : if (drv->rfkill == NULL) {
847 0 : wpa_printf(MSG_DEBUG, "WEXT: RFKILL status not available");
848 0 : os_free(rcfg);
849 : }
850 :
851 10 : drv->mlme_sock = -1;
852 :
853 10 : if (wpa_driver_wext_finish_drv_init(drv) < 0)
854 0 : goto err3;
855 :
856 10 : wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 1);
857 :
858 10 : return drv;
859 :
860 : err3:
861 0 : rfkill_deinit(drv->rfkill);
862 0 : netlink_deinit(drv->netlink);
863 : err2:
864 0 : close(drv->ioctl_sock);
865 : err1:
866 0 : os_free(drv);
867 0 : return NULL;
868 : }
869 :
870 :
871 0 : static void wpa_driver_wext_send_rfkill(void *eloop_ctx, void *timeout_ctx)
872 : {
873 0 : wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
874 0 : }
875 :
876 :
877 10 : static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv)
878 : {
879 10 : int send_rfkill_event = 0;
880 :
881 10 : if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1) < 0) {
882 0 : if (rfkill_is_blocked(drv->rfkill)) {
883 0 : wpa_printf(MSG_DEBUG, "WEXT: Could not yet enable "
884 : "interface '%s' due to rfkill",
885 0 : drv->ifname);
886 0 : drv->if_disabled = 1;
887 0 : send_rfkill_event = 1;
888 : } else {
889 0 : wpa_printf(MSG_ERROR, "WEXT: Could not set "
890 0 : "interface '%s' UP", drv->ifname);
891 0 : return -1;
892 : }
893 : }
894 :
895 : /*
896 : * Make sure that the driver does not have any obsolete PMKID entries.
897 : */
898 10 : wpa_driver_wext_flush_pmkid(drv);
899 :
900 10 : if (wpa_driver_wext_set_mode(drv, 0) < 0) {
901 0 : wpa_printf(MSG_DEBUG, "Could not configure driver to use "
902 : "managed mode");
903 : /* Try to use it anyway */
904 : }
905 :
906 10 : wpa_driver_wext_get_range(drv);
907 :
908 : /*
909 : * Unlock the driver's BSSID and force to a random SSID to clear any
910 : * previous association the driver might have when the supplicant
911 : * starts up.
912 : */
913 10 : wpa_driver_wext_disconnect(drv);
914 :
915 10 : drv->ifindex = if_nametoindex(drv->ifname);
916 :
917 10 : if (os_strncmp(drv->ifname, "wlan", 4) == 0) {
918 : /*
919 : * Host AP driver may use both wlan# and wifi# interface in
920 : * wireless events. Since some of the versions included WE-18
921 : * support, let's add the alternative ifindex also from
922 : * driver_wext.c for the time being. This may be removed at
923 : * some point once it is believed that old versions of the
924 : * driver are not in use anymore.
925 : */
926 : char ifname2[IFNAMSIZ + 1];
927 10 : os_strlcpy(ifname2, drv->ifname, sizeof(ifname2));
928 10 : os_memcpy(ifname2, "wifi", 4);
929 10 : wpa_driver_wext_alternative_ifindex(drv, ifname2);
930 : }
931 :
932 10 : netlink_send_oper_ifla(drv->netlink, drv->ifindex,
933 : 1, IF_OPER_DORMANT);
934 :
935 10 : if (send_rfkill_event) {
936 0 : eloop_register_timeout(0, 0, wpa_driver_wext_send_rfkill,
937 : drv, drv->ctx);
938 : }
939 :
940 10 : return 0;
941 : }
942 :
943 :
944 : /**
945 : * wpa_driver_wext_deinit - Deinitialize WE driver interface
946 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
947 : *
948 : * Shut down driver interface and processing of driver events. Free
949 : * private data buffer if one was allocated in wpa_driver_wext_init().
950 : */
951 10 : void wpa_driver_wext_deinit(void *priv)
952 : {
953 10 : struct wpa_driver_wext_data *drv = priv;
954 :
955 10 : wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 0);
956 :
957 10 : eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
958 :
959 : /*
960 : * Clear possibly configured driver parameters in order to make it
961 : * easier to use the driver after wpa_supplicant has been terminated.
962 : */
963 10 : wpa_driver_wext_disconnect(drv);
964 :
965 10 : netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
966 10 : netlink_deinit(drv->netlink);
967 10 : rfkill_deinit(drv->rfkill);
968 :
969 10 : if (drv->mlme_sock >= 0)
970 0 : eloop_unregister_read_sock(drv->mlme_sock);
971 :
972 10 : (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0);
973 :
974 10 : close(drv->ioctl_sock);
975 10 : if (drv->mlme_sock >= 0)
976 0 : close(drv->mlme_sock);
977 10 : os_free(drv->assoc_req_ies);
978 10 : os_free(drv->assoc_resp_ies);
979 10 : os_free(drv);
980 10 : }
981 :
982 :
983 : /**
984 : * wpa_driver_wext_scan_timeout - Scan timeout to report scan completion
985 : * @eloop_ctx: Unused
986 : * @timeout_ctx: ctx argument given to wpa_driver_wext_init()
987 : *
988 : * This function can be used as registered timeout when starting a scan to
989 : * generate a scan completed event if the driver does not report this.
990 : */
991 0 : void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx)
992 : {
993 0 : wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
994 0 : wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
995 0 : }
996 :
997 :
998 : /**
999 : * wpa_driver_wext_scan - Request the driver to initiate scan
1000 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
1001 : * @param: Scan parameters (specific SSID to scan for (ProbeReq), etc.)
1002 : * Returns: 0 on success, -1 on failure
1003 : */
1004 18 : int wpa_driver_wext_scan(void *priv, struct wpa_driver_scan_params *params)
1005 : {
1006 18 : struct wpa_driver_wext_data *drv = priv;
1007 : struct iwreq iwr;
1008 18 : int ret = 0, timeout;
1009 : struct iw_scan_req req;
1010 18 : const u8 *ssid = params->ssids[0].ssid;
1011 18 : size_t ssid_len = params->ssids[0].ssid_len;
1012 :
1013 18 : if (ssid_len > IW_ESSID_MAX_SIZE) {
1014 0 : wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)",
1015 : __FUNCTION__, (unsigned long) ssid_len);
1016 0 : return -1;
1017 : }
1018 :
1019 18 : os_memset(&iwr, 0, sizeof(iwr));
1020 18 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1021 :
1022 18 : if (ssid && ssid_len) {
1023 2 : os_memset(&req, 0, sizeof(req));
1024 2 : req.essid_len = ssid_len;
1025 2 : req.bssid.sa_family = ARPHRD_ETHER;
1026 2 : os_memset(req.bssid.sa_data, 0xff, ETH_ALEN);
1027 2 : os_memcpy(req.essid, ssid, ssid_len);
1028 2 : iwr.u.data.pointer = (caddr_t) &req;
1029 2 : iwr.u.data.length = sizeof(req);
1030 2 : iwr.u.data.flags = IW_SCAN_THIS_ESSID;
1031 : }
1032 :
1033 18 : if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) {
1034 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWSCAN]: %s",
1035 0 : strerror(errno));
1036 0 : ret = -1;
1037 : }
1038 :
1039 : /* Not all drivers generate "scan completed" wireless event, so try to
1040 : * read results after a timeout. */
1041 18 : timeout = 10;
1042 18 : if (drv->scan_complete_events) {
1043 : /*
1044 : * The driver seems to deliver SIOCGIWSCAN events to notify
1045 : * when scan is complete, so use longer timeout to avoid race
1046 : * conditions with scanning and following association request.
1047 : */
1048 8 : timeout = 30;
1049 : }
1050 18 : wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1051 : "seconds", ret, timeout);
1052 18 : eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
1053 18 : eloop_register_timeout(timeout, 0, wpa_driver_wext_scan_timeout, drv,
1054 : drv->ctx);
1055 :
1056 18 : return ret;
1057 : }
1058 :
1059 :
1060 16 : static u8 * wpa_driver_wext_giwscan(struct wpa_driver_wext_data *drv,
1061 : size_t *len)
1062 : {
1063 : struct iwreq iwr;
1064 : u8 *res_buf;
1065 : size_t res_buf_len;
1066 :
1067 16 : res_buf_len = IW_SCAN_MAX_DATA;
1068 : for (;;) {
1069 16 : res_buf = os_malloc(res_buf_len);
1070 16 : if (res_buf == NULL)
1071 0 : return NULL;
1072 16 : os_memset(&iwr, 0, sizeof(iwr));
1073 16 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1074 16 : iwr.u.data.pointer = res_buf;
1075 16 : iwr.u.data.length = res_buf_len;
1076 :
1077 16 : if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
1078 16 : break;
1079 :
1080 0 : if (errno == E2BIG && res_buf_len < 65535) {
1081 0 : os_free(res_buf);
1082 0 : res_buf = NULL;
1083 0 : res_buf_len *= 2;
1084 0 : if (res_buf_len > 65535)
1085 0 : res_buf_len = 65535; /* 16-bit length field */
1086 0 : wpa_printf(MSG_DEBUG, "Scan results did not fit - "
1087 : "trying larger buffer (%lu bytes)",
1088 : (unsigned long) res_buf_len);
1089 : } else {
1090 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCGIWSCAN]: %s",
1091 0 : strerror(errno));
1092 0 : os_free(res_buf);
1093 0 : return NULL;
1094 : }
1095 0 : }
1096 :
1097 16 : if (iwr.u.data.length > res_buf_len) {
1098 0 : os_free(res_buf);
1099 0 : return NULL;
1100 : }
1101 16 : *len = iwr.u.data.length;
1102 :
1103 16 : return res_buf;
1104 : }
1105 :
1106 :
1107 : /*
1108 : * Data structure for collecting WEXT scan results. This is needed to allow
1109 : * the various methods of reporting IEs to be combined into a single IE buffer.
1110 : */
1111 : struct wext_scan_data {
1112 : struct wpa_scan_res res;
1113 : u8 *ie;
1114 : size_t ie_len;
1115 : u8 ssid[32];
1116 : size_t ssid_len;
1117 : int maxrate;
1118 : };
1119 :
1120 :
1121 28 : static void wext_get_scan_mode(struct iw_event *iwe,
1122 : struct wext_scan_data *res)
1123 : {
1124 28 : if (iwe->u.mode == IW_MODE_ADHOC)
1125 0 : res->res.caps |= IEEE80211_CAP_IBSS;
1126 28 : else if (iwe->u.mode == IW_MODE_MASTER || iwe->u.mode == IW_MODE_INFRA)
1127 28 : res->res.caps |= IEEE80211_CAP_ESS;
1128 28 : }
1129 :
1130 :
1131 28 : static void wext_get_scan_ssid(struct iw_event *iwe,
1132 : struct wext_scan_data *res, char *custom,
1133 : char *end)
1134 : {
1135 28 : int ssid_len = iwe->u.essid.length;
1136 28 : if (custom + ssid_len > end)
1137 28 : return;
1138 28 : if (iwe->u.essid.flags &&
1139 24 : ssid_len > 0 &&
1140 : ssid_len <= IW_ESSID_MAX_SIZE) {
1141 24 : os_memcpy(res->ssid, custom, ssid_len);
1142 24 : res->ssid_len = ssid_len;
1143 : }
1144 : }
1145 :
1146 :
1147 56 : static void wext_get_scan_freq(struct iw_event *iwe,
1148 : struct wext_scan_data *res)
1149 : {
1150 56 : int divi = 1000000, i;
1151 :
1152 56 : if (iwe->u.freq.e == 0) {
1153 : /*
1154 : * Some drivers do not report frequency, but a channel.
1155 : * Try to map this to frequency by assuming they are using
1156 : * IEEE 802.11b/g. But don't overwrite a previously parsed
1157 : * frequency if the driver sends both frequency and channel,
1158 : * since the driver may be sending an A-band channel that we
1159 : * don't handle here.
1160 : */
1161 :
1162 28 : if (res->res.freq)
1163 0 : return;
1164 :
1165 28 : if (iwe->u.freq.m >= 1 && iwe->u.freq.m <= 13) {
1166 28 : res->res.freq = 2407 + 5 * iwe->u.freq.m;
1167 28 : return;
1168 0 : } else if (iwe->u.freq.m == 14) {
1169 0 : res->res.freq = 2484;
1170 0 : return;
1171 : }
1172 : }
1173 :
1174 28 : if (iwe->u.freq.e > 6) {
1175 0 : wpa_printf(MSG_DEBUG, "Invalid freq in scan results (BSSID="
1176 : MACSTR " m=%d e=%d)",
1177 0 : MAC2STR(res->res.bssid), iwe->u.freq.m,
1178 0 : iwe->u.freq.e);
1179 0 : return;
1180 : }
1181 :
1182 196 : for (i = 0; i < iwe->u.freq.e; i++)
1183 168 : divi /= 10;
1184 28 : res->res.freq = iwe->u.freq.m / divi;
1185 : }
1186 :
1187 :
1188 28 : static void wext_get_scan_qual(struct wpa_driver_wext_data *drv,
1189 : struct iw_event *iwe,
1190 : struct wext_scan_data *res)
1191 : {
1192 28 : res->res.qual = iwe->u.qual.qual;
1193 28 : res->res.noise = iwe->u.qual.noise;
1194 28 : res->res.level = iwe->u.qual.level;
1195 28 : if (iwe->u.qual.updated & IW_QUAL_QUAL_INVALID)
1196 0 : res->res.flags |= WPA_SCAN_QUAL_INVALID;
1197 28 : if (iwe->u.qual.updated & IW_QUAL_LEVEL_INVALID)
1198 0 : res->res.flags |= WPA_SCAN_LEVEL_INVALID;
1199 28 : if (iwe->u.qual.updated & IW_QUAL_NOISE_INVALID)
1200 28 : res->res.flags |= WPA_SCAN_NOISE_INVALID;
1201 28 : if (iwe->u.qual.updated & IW_QUAL_DBM)
1202 28 : res->res.flags |= WPA_SCAN_LEVEL_DBM;
1203 28 : if ((iwe->u.qual.updated & IW_QUAL_DBM) ||
1204 0 : ((iwe->u.qual.level != 0) &&
1205 0 : (iwe->u.qual.level > drv->max_level))) {
1206 28 : if (iwe->u.qual.level >= 64)
1207 28 : res->res.level -= 0x100;
1208 28 : if (iwe->u.qual.noise >= 64)
1209 0 : res->res.noise -= 0x100;
1210 : }
1211 28 : }
1212 :
1213 :
1214 28 : static void wext_get_scan_encode(struct iw_event *iwe,
1215 : struct wext_scan_data *res)
1216 : {
1217 28 : if (!(iwe->u.data.flags & IW_ENCODE_DISABLED))
1218 17 : res->res.caps |= IEEE80211_CAP_PRIVACY;
1219 28 : }
1220 :
1221 :
1222 56 : static void wext_get_scan_rate(struct iw_event *iwe,
1223 : struct wext_scan_data *res, char *pos,
1224 : char *end)
1225 : {
1226 : int maxrate;
1227 56 : char *custom = pos + IW_EV_LCP_LEN;
1228 : struct iw_param p;
1229 : size_t clen;
1230 :
1231 56 : clen = iwe->len;
1232 56 : if (custom + clen > end)
1233 56 : return;
1234 56 : maxrate = 0;
1235 504 : while (((ssize_t) clen) >= (ssize_t) sizeof(struct iw_param)) {
1236 : /* Note: may be misaligned, make a local, aligned copy */
1237 392 : os_memcpy(&p, custom, sizeof(struct iw_param));
1238 392 : if (p.value > maxrate)
1239 280 : maxrate = p.value;
1240 392 : clen -= sizeof(struct iw_param);
1241 392 : custom += sizeof(struct iw_param);
1242 : }
1243 :
1244 : /* Convert the maxrate from WE-style (b/s units) to
1245 : * 802.11 rates (500000 b/s units).
1246 : */
1247 56 : res->maxrate = maxrate / 500000;
1248 : }
1249 :
1250 :
1251 28 : static void wext_get_scan_iwevgenie(struct iw_event *iwe,
1252 : struct wext_scan_data *res, char *custom,
1253 : char *end)
1254 : {
1255 : char *genie, *gpos, *gend;
1256 : u8 *tmp;
1257 :
1258 28 : if (iwe->u.data.length == 0)
1259 0 : return;
1260 :
1261 28 : gpos = genie = custom;
1262 28 : gend = genie + iwe->u.data.length;
1263 28 : if (gend > end) {
1264 0 : wpa_printf(MSG_INFO, "IWEVGENIE overflow");
1265 0 : return;
1266 : }
1267 :
1268 28 : tmp = os_realloc(res->ie, res->ie_len + gend - gpos);
1269 28 : if (tmp == NULL)
1270 0 : return;
1271 28 : os_memcpy(tmp + res->ie_len, gpos, gend - gpos);
1272 28 : res->ie = tmp;
1273 28 : res->ie_len += gend - gpos;
1274 : }
1275 :
1276 :
1277 56 : static void wext_get_scan_custom(struct iw_event *iwe,
1278 : struct wext_scan_data *res, char *custom,
1279 : char *end)
1280 : {
1281 : size_t clen;
1282 : u8 *tmp;
1283 :
1284 56 : clen = iwe->u.data.length;
1285 56 : if (custom + clen > end)
1286 0 : return;
1287 :
1288 56 : if (clen > 7 && os_strncmp(custom, "wpa_ie=", 7) == 0) {
1289 : char *spos;
1290 : int bytes;
1291 0 : spos = custom + 7;
1292 0 : bytes = custom + clen - spos;
1293 0 : if (bytes & 1 || bytes == 0)
1294 0 : return;
1295 0 : bytes /= 2;
1296 0 : tmp = os_realloc(res->ie, res->ie_len + bytes);
1297 0 : if (tmp == NULL)
1298 0 : return;
1299 0 : res->ie = tmp;
1300 0 : if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1301 0 : return;
1302 0 : res->ie_len += bytes;
1303 56 : } else if (clen > 7 && os_strncmp(custom, "rsn_ie=", 7) == 0) {
1304 : char *spos;
1305 : int bytes;
1306 0 : spos = custom + 7;
1307 0 : bytes = custom + clen - spos;
1308 0 : if (bytes & 1 || bytes == 0)
1309 0 : return;
1310 0 : bytes /= 2;
1311 0 : tmp = os_realloc(res->ie, res->ie_len + bytes);
1312 0 : if (tmp == NULL)
1313 0 : return;
1314 0 : res->ie = tmp;
1315 0 : if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1316 0 : return;
1317 0 : res->ie_len += bytes;
1318 56 : } else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) {
1319 : char *spos;
1320 : int bytes;
1321 : u8 bin[8];
1322 28 : spos = custom + 4;
1323 28 : bytes = custom + clen - spos;
1324 28 : if (bytes != 16) {
1325 0 : wpa_printf(MSG_INFO, "Invalid TSF length (%d)", bytes);
1326 0 : return;
1327 : }
1328 28 : bytes /= 2;
1329 28 : if (hexstr2bin(spos, bin, bytes) < 0) {
1330 0 : wpa_printf(MSG_DEBUG, "WEXT: Invalid TSF value");
1331 0 : return;
1332 : }
1333 28 : res->res.tsf += WPA_GET_BE64(bin);
1334 : }
1335 : }
1336 :
1337 :
1338 336 : static int wext_19_iw_point(struct wpa_driver_wext_data *drv, u16 cmd)
1339 : {
1340 476 : return drv->we_version_compiled > 18 &&
1341 308 : (cmd == SIOCGIWESSID || cmd == SIOCGIWENCODE ||
1342 252 : cmd == IWEVGENIE || cmd == IWEVCUSTOM);
1343 : }
1344 :
1345 :
1346 28 : static void wpa_driver_wext_add_scan_entry(struct wpa_scan_results *res,
1347 : struct wext_scan_data *data)
1348 : {
1349 : struct wpa_scan_res **tmp;
1350 : struct wpa_scan_res *r;
1351 : size_t extra_len;
1352 28 : u8 *pos, *end, *ssid_ie = NULL, *rate_ie = NULL;
1353 :
1354 : /* Figure out whether we need to fake any IEs */
1355 28 : pos = data->ie;
1356 28 : end = pos + data->ie_len;
1357 316 : while (pos && pos + 1 < end) {
1358 260 : if (pos + 2 + pos[1] > end)
1359 0 : break;
1360 260 : if (pos[0] == WLAN_EID_SSID)
1361 28 : ssid_ie = pos;
1362 232 : else if (pos[0] == WLAN_EID_SUPP_RATES)
1363 28 : rate_ie = pos;
1364 204 : else if (pos[0] == WLAN_EID_EXT_SUPP_RATES)
1365 28 : rate_ie = pos;
1366 260 : pos += 2 + pos[1];
1367 : }
1368 :
1369 28 : extra_len = 0;
1370 28 : if (ssid_ie == NULL)
1371 0 : extra_len += 2 + data->ssid_len;
1372 28 : if (rate_ie == NULL && data->maxrate)
1373 0 : extra_len += 3;
1374 :
1375 28 : r = os_zalloc(sizeof(*r) + extra_len + data->ie_len);
1376 28 : if (r == NULL)
1377 0 : return;
1378 28 : os_memcpy(r, &data->res, sizeof(*r));
1379 28 : r->ie_len = extra_len + data->ie_len;
1380 28 : pos = (u8 *) (r + 1);
1381 28 : if (ssid_ie == NULL) {
1382 : /*
1383 : * Generate a fake SSID IE since the driver did not report
1384 : * a full IE list.
1385 : */
1386 0 : *pos++ = WLAN_EID_SSID;
1387 0 : *pos++ = data->ssid_len;
1388 0 : os_memcpy(pos, data->ssid, data->ssid_len);
1389 0 : pos += data->ssid_len;
1390 : }
1391 28 : if (rate_ie == NULL && data->maxrate) {
1392 : /*
1393 : * Generate a fake Supported Rates IE since the driver did not
1394 : * report a full IE list.
1395 : */
1396 0 : *pos++ = WLAN_EID_SUPP_RATES;
1397 0 : *pos++ = 1;
1398 0 : *pos++ = data->maxrate;
1399 : }
1400 28 : if (data->ie)
1401 28 : os_memcpy(pos, data->ie, data->ie_len);
1402 :
1403 28 : tmp = os_realloc_array(res->res, res->num + 1,
1404 : sizeof(struct wpa_scan_res *));
1405 28 : if (tmp == NULL) {
1406 0 : os_free(r);
1407 0 : return;
1408 : }
1409 28 : tmp[res->num++] = r;
1410 28 : res->res = tmp;
1411 : }
1412 :
1413 :
1414 : /**
1415 : * wpa_driver_wext_get_scan_results - Fetch the latest scan results
1416 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
1417 : * Returns: Scan results on success, -1 on failure
1418 : */
1419 16 : struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv)
1420 : {
1421 16 : struct wpa_driver_wext_data *drv = priv;
1422 : size_t len;
1423 : int first;
1424 : u8 *res_buf;
1425 16 : struct iw_event iwe_buf, *iwe = &iwe_buf;
1426 : char *pos, *end, *custom;
1427 : struct wpa_scan_results *res;
1428 : struct wext_scan_data data;
1429 :
1430 16 : res_buf = wpa_driver_wext_giwscan(drv, &len);
1431 16 : if (res_buf == NULL)
1432 0 : return NULL;
1433 :
1434 16 : first = 1;
1435 :
1436 16 : res = os_zalloc(sizeof(*res));
1437 16 : if (res == NULL) {
1438 0 : os_free(res_buf);
1439 0 : return NULL;
1440 : }
1441 :
1442 16 : pos = (char *) res_buf;
1443 16 : end = (char *) res_buf + len;
1444 16 : os_memset(&data, 0, sizeof(data));
1445 :
1446 368 : while (pos + IW_EV_LCP_LEN <= end) {
1447 : /* Event data may be unaligned, so make a local, aligned copy
1448 : * before processing. */
1449 336 : os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
1450 336 : if (iwe->len <= IW_EV_LCP_LEN)
1451 0 : break;
1452 :
1453 336 : custom = pos + IW_EV_POINT_LEN;
1454 336 : if (wext_19_iw_point(drv, iwe->cmd)) {
1455 : /* WE-19 removed the pointer from struct iw_point */
1456 140 : char *dpos = (char *) &iwe_buf.u.data.length;
1457 140 : int dlen = dpos - (char *) &iwe_buf;
1458 140 : os_memcpy(dpos, pos + IW_EV_LCP_LEN,
1459 : sizeof(struct iw_event) - dlen);
1460 : } else {
1461 196 : os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
1462 196 : custom += IW_EV_POINT_OFF;
1463 : }
1464 :
1465 336 : switch (iwe->cmd) {
1466 : case SIOCGIWAP:
1467 28 : if (!first)
1468 12 : wpa_driver_wext_add_scan_entry(res, &data);
1469 28 : first = 0;
1470 28 : os_free(data.ie);
1471 28 : os_memset(&data, 0, sizeof(data));
1472 28 : os_memcpy(data.res.bssid,
1473 : iwe->u.ap_addr.sa_data, ETH_ALEN);
1474 28 : break;
1475 : case SIOCGIWMODE:
1476 28 : wext_get_scan_mode(iwe, &data);
1477 28 : break;
1478 : case SIOCGIWESSID:
1479 28 : wext_get_scan_ssid(iwe, &data, custom, end);
1480 28 : break;
1481 : case SIOCGIWFREQ:
1482 56 : wext_get_scan_freq(iwe, &data);
1483 56 : break;
1484 : case IWEVQUAL:
1485 28 : wext_get_scan_qual(drv, iwe, &data);
1486 28 : break;
1487 : case SIOCGIWENCODE:
1488 28 : wext_get_scan_encode(iwe, &data);
1489 28 : break;
1490 : case SIOCGIWRATE:
1491 56 : wext_get_scan_rate(iwe, &data, pos, end);
1492 56 : break;
1493 : case IWEVGENIE:
1494 28 : wext_get_scan_iwevgenie(iwe, &data, custom, end);
1495 28 : break;
1496 : case IWEVCUSTOM:
1497 56 : wext_get_scan_custom(iwe, &data, custom, end);
1498 56 : break;
1499 : }
1500 :
1501 336 : pos += iwe->len;
1502 : }
1503 16 : os_free(res_buf);
1504 16 : res_buf = NULL;
1505 16 : if (!first)
1506 16 : wpa_driver_wext_add_scan_entry(res, &data);
1507 16 : os_free(data.ie);
1508 :
1509 16 : wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)",
1510 : (unsigned long) len, (unsigned long) res->num);
1511 :
1512 16 : return res;
1513 : }
1514 :
1515 :
1516 10 : static int wpa_driver_wext_get_range(void *priv)
1517 : {
1518 10 : struct wpa_driver_wext_data *drv = priv;
1519 : struct iw_range *range;
1520 : struct iwreq iwr;
1521 : int minlen;
1522 : size_t buflen;
1523 :
1524 : /*
1525 : * Use larger buffer than struct iw_range in order to allow the
1526 : * structure to grow in the future.
1527 : */
1528 10 : buflen = sizeof(struct iw_range) + 500;
1529 10 : range = os_zalloc(buflen);
1530 10 : if (range == NULL)
1531 0 : return -1;
1532 :
1533 10 : os_memset(&iwr, 0, sizeof(iwr));
1534 10 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1535 10 : iwr.u.data.pointer = (caddr_t) range;
1536 10 : iwr.u.data.length = buflen;
1537 :
1538 10 : minlen = ((char *) &range->enc_capa) - (char *) range +
1539 : sizeof(range->enc_capa);
1540 :
1541 10 : if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1542 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCGIWRANGE]: %s",
1543 0 : strerror(errno));
1544 0 : os_free(range);
1545 0 : return -1;
1546 20 : } else if (iwr.u.data.length >= minlen &&
1547 10 : range->we_version_compiled >= 18) {
1548 30 : wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1549 : "WE(source)=%d enc_capa=0x%x",
1550 10 : range->we_version_compiled,
1551 10 : range->we_version_source,
1552 : range->enc_capa);
1553 10 : drv->has_capability = 1;
1554 10 : drv->we_version_compiled = range->we_version_compiled;
1555 10 : if (range->enc_capa & IW_ENC_CAPA_WPA) {
1556 10 : drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1557 : WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1558 : }
1559 10 : if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1560 10 : drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1561 : WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1562 : }
1563 10 : drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1564 : WPA_DRIVER_CAPA_ENC_WEP104;
1565 10 : drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP128;
1566 10 : if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1567 10 : drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1568 10 : if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1569 10 : drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1570 10 : if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
1571 0 : drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
1572 10 : drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1573 : WPA_DRIVER_AUTH_SHARED |
1574 : WPA_DRIVER_AUTH_LEAP;
1575 10 : drv->capa.max_scan_ssids = 1;
1576 :
1577 10 : wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x "
1578 : "flags 0x%llx",
1579 : drv->capa.key_mgmt, drv->capa.enc,
1580 10 : (unsigned long long) drv->capa.flags);
1581 : } else {
1582 0 : wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1583 : "assuming WPA is not supported");
1584 : }
1585 :
1586 10 : drv->max_level = range->max_qual.level;
1587 :
1588 10 : os_free(range);
1589 10 : return 0;
1590 : }
1591 :
1592 :
1593 15 : static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv,
1594 : const u8 *psk)
1595 : {
1596 : struct iw_encode_ext *ext;
1597 : struct iwreq iwr;
1598 : int ret;
1599 :
1600 15 : wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1601 :
1602 15 : if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1603 15 : return 0;
1604 :
1605 0 : if (!psk)
1606 0 : return 0;
1607 :
1608 0 : os_memset(&iwr, 0, sizeof(iwr));
1609 0 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1610 :
1611 0 : ext = os_zalloc(sizeof(*ext) + PMK_LEN);
1612 0 : if (ext == NULL)
1613 0 : return -1;
1614 :
1615 0 : iwr.u.encoding.pointer = (caddr_t) ext;
1616 0 : iwr.u.encoding.length = sizeof(*ext) + PMK_LEN;
1617 0 : ext->key_len = PMK_LEN;
1618 0 : os_memcpy(&ext->key, psk, ext->key_len);
1619 0 : ext->alg = IW_ENCODE_ALG_PMK;
1620 :
1621 0 : ret = ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr);
1622 0 : if (ret < 0)
1623 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWENCODEEXT] PMK: %s",
1624 0 : strerror(errno));
1625 0 : os_free(ext);
1626 :
1627 0 : return ret;
1628 : }
1629 :
1630 :
1631 107 : static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg,
1632 : const u8 *addr, int key_idx,
1633 : int set_tx, const u8 *seq,
1634 : size_t seq_len,
1635 : const u8 *key, size_t key_len)
1636 : {
1637 107 : struct wpa_driver_wext_data *drv = priv;
1638 : struct iwreq iwr;
1639 107 : int ret = 0;
1640 : struct iw_encode_ext *ext;
1641 :
1642 107 : if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) {
1643 0 : wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu",
1644 : __FUNCTION__, (unsigned long) seq_len);
1645 0 : return -1;
1646 : }
1647 :
1648 107 : ext = os_zalloc(sizeof(*ext) + key_len);
1649 107 : if (ext == NULL)
1650 0 : return -1;
1651 107 : os_memset(&iwr, 0, sizeof(iwr));
1652 107 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1653 107 : iwr.u.encoding.flags = key_idx + 1;
1654 107 : iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1655 107 : if (alg == WPA_ALG_NONE)
1656 86 : iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1657 107 : iwr.u.encoding.pointer = (caddr_t) ext;
1658 107 : iwr.u.encoding.length = sizeof(*ext) + key_len;
1659 :
1660 107 : if (addr == NULL || is_broadcast_ether_addr(addr))
1661 92 : ext->ext_flags |= IW_ENCODE_EXT_GROUP_KEY;
1662 107 : if (set_tx)
1663 12 : ext->ext_flags |= IW_ENCODE_EXT_SET_TX_KEY;
1664 :
1665 107 : ext->addr.sa_family = ARPHRD_ETHER;
1666 107 : if (addr)
1667 24 : os_memcpy(ext->addr.sa_data, addr, ETH_ALEN);
1668 : else
1669 83 : os_memset(ext->addr.sa_data, 0xff, ETH_ALEN);
1670 107 : if (key && key_len) {
1671 21 : os_memcpy(ext + 1, key, key_len);
1672 21 : ext->key_len = key_len;
1673 : }
1674 107 : switch (alg) {
1675 : case WPA_ALG_NONE:
1676 86 : ext->alg = IW_ENCODE_ALG_NONE;
1677 86 : break;
1678 : case WPA_ALG_WEP:
1679 4 : ext->alg = IW_ENCODE_ALG_WEP;
1680 4 : break;
1681 : case WPA_ALG_TKIP:
1682 4 : ext->alg = IW_ENCODE_ALG_TKIP;
1683 4 : break;
1684 : case WPA_ALG_CCMP:
1685 12 : ext->alg = IW_ENCODE_ALG_CCMP;
1686 12 : break;
1687 : case WPA_ALG_PMK:
1688 0 : ext->alg = IW_ENCODE_ALG_PMK;
1689 0 : break;
1690 : #ifdef CONFIG_IEEE80211W
1691 : case WPA_ALG_IGTK:
1692 1 : ext->alg = IW_ENCODE_ALG_AES_CMAC;
1693 1 : break;
1694 : #endif /* CONFIG_IEEE80211W */
1695 : default:
1696 0 : wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
1697 : __FUNCTION__, alg);
1698 0 : os_free(ext);
1699 0 : return -1;
1700 : }
1701 :
1702 107 : if (seq && seq_len) {
1703 17 : ext->ext_flags |= IW_ENCODE_EXT_RX_SEQ_VALID;
1704 17 : os_memcpy(ext->rx_seq, seq, seq_len);
1705 : }
1706 :
1707 107 : if (ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr) < 0) {
1708 21 : ret = errno == EOPNOTSUPP ? -2 : -1;
1709 21 : if (errno == ENODEV) {
1710 : /*
1711 : * ndiswrapper seems to be returning incorrect error
1712 : * code.. */
1713 0 : ret = -2;
1714 : }
1715 :
1716 21 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWENCODEEXT]: %s",
1717 21 : strerror(errno));
1718 : }
1719 :
1720 107 : os_free(ext);
1721 107 : return ret;
1722 : }
1723 :
1724 :
1725 : /**
1726 : * wpa_driver_wext_set_key - Configure encryption key
1727 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
1728 : * @priv: Private driver interface data
1729 : * @alg: Encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
1730 : * %WPA_ALG_TKIP, %WPA_ALG_CCMP); %WPA_ALG_NONE clears the key.
1731 : * @addr: Address of the peer STA or ff:ff:ff:ff:ff:ff for
1732 : * broadcast/default keys
1733 : * @key_idx: key index (0..3), usually 0 for unicast keys
1734 : * @set_tx: Configure this key as the default Tx key (only used when
1735 : * driver does not support separate unicast/individual key
1736 : * @seq: Sequence number/packet number, seq_len octets, the next
1737 : * packet number to be used for in replay protection; configured
1738 : * for Rx keys (in most cases, this is only used with broadcast
1739 : * keys and set to zero for unicast keys)
1740 : * @seq_len: Length of the seq, depends on the algorithm:
1741 : * TKIP: 6 octets, CCMP: 6 octets
1742 : * @key: Key buffer; TKIP: 16-byte temporal key, 8-byte Tx Mic key,
1743 : * 8-byte Rx Mic Key
1744 : * @key_len: Length of the key buffer in octets (WEP: 5 or 13,
1745 : * TKIP: 32, CCMP: 16)
1746 : * Returns: 0 on success, -1 on failure
1747 : *
1748 : * This function uses SIOCSIWENCODEEXT by default, but tries to use
1749 : * SIOCSIWENCODE if the extended ioctl fails when configuring a WEP key.
1750 : */
1751 107 : int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg,
1752 : const u8 *addr, int key_idx,
1753 : int set_tx, const u8 *seq, size_t seq_len,
1754 : const u8 *key, size_t key_len)
1755 : {
1756 107 : struct wpa_driver_wext_data *drv = priv;
1757 : struct iwreq iwr;
1758 107 : int ret = 0;
1759 :
1760 107 : wpa_printf(MSG_DEBUG, "%s: alg=%d key_idx=%d set_tx=%d seq_len=%lu "
1761 : "key_len=%lu",
1762 : __FUNCTION__, alg, key_idx, set_tx,
1763 : (unsigned long) seq_len, (unsigned long) key_len);
1764 :
1765 107 : ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx,
1766 : seq, seq_len, key, key_len);
1767 107 : if (ret == 0)
1768 86 : return 0;
1769 :
1770 21 : if (ret == -2 &&
1771 0 : (alg == WPA_ALG_NONE || alg == WPA_ALG_WEP)) {
1772 0 : wpa_printf(MSG_DEBUG, "Driver did not support "
1773 : "SIOCSIWENCODEEXT, trying SIOCSIWENCODE");
1774 0 : ret = 0;
1775 : } else {
1776 21 : wpa_printf(MSG_DEBUG, "Driver did not support "
1777 : "SIOCSIWENCODEEXT");
1778 21 : return ret;
1779 : }
1780 :
1781 0 : os_memset(&iwr, 0, sizeof(iwr));
1782 0 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1783 0 : iwr.u.encoding.flags = key_idx + 1;
1784 0 : iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1785 0 : if (alg == WPA_ALG_NONE)
1786 0 : iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1787 0 : iwr.u.encoding.pointer = (caddr_t) key;
1788 0 : iwr.u.encoding.length = key_len;
1789 :
1790 0 : if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1791 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWENCODE]: %s",
1792 0 : strerror(errno));
1793 0 : ret = -1;
1794 : }
1795 :
1796 0 : if (set_tx && alg != WPA_ALG_NONE) {
1797 0 : os_memset(&iwr, 0, sizeof(iwr));
1798 0 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1799 0 : iwr.u.encoding.flags = key_idx + 1;
1800 0 : iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1801 0 : iwr.u.encoding.pointer = (caddr_t) NULL;
1802 0 : iwr.u.encoding.length = 0;
1803 0 : if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1804 0 : wpa_printf(MSG_ERROR,
1805 : "ioctl[SIOCSIWENCODE] (set_tx): %s",
1806 0 : strerror(errno));
1807 0 : ret = -1;
1808 : }
1809 : }
1810 :
1811 0 : return ret;
1812 : }
1813 :
1814 :
1815 21 : static int wpa_driver_wext_set_countermeasures(void *priv,
1816 : int enabled)
1817 : {
1818 21 : struct wpa_driver_wext_data *drv = priv;
1819 21 : wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1820 21 : return wpa_driver_wext_set_auth_param(drv,
1821 : IW_AUTH_TKIP_COUNTERMEASURES,
1822 : enabled);
1823 : }
1824 :
1825 :
1826 15 : static int wpa_driver_wext_set_drop_unencrypted(void *priv,
1827 : int enabled)
1828 : {
1829 15 : struct wpa_driver_wext_data *drv = priv;
1830 15 : wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1831 15 : drv->use_crypt = enabled;
1832 15 : return wpa_driver_wext_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
1833 : enabled);
1834 : }
1835 :
1836 :
1837 10 : static int wpa_driver_wext_mlme(struct wpa_driver_wext_data *drv,
1838 : const u8 *addr, int cmd, int reason_code)
1839 : {
1840 : struct iwreq iwr;
1841 : struct iw_mlme mlme;
1842 10 : int ret = 0;
1843 :
1844 10 : os_memset(&iwr, 0, sizeof(iwr));
1845 10 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1846 10 : os_memset(&mlme, 0, sizeof(mlme));
1847 10 : mlme.cmd = cmd;
1848 10 : mlme.reason_code = reason_code;
1849 10 : mlme.addr.sa_family = ARPHRD_ETHER;
1850 10 : os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1851 10 : iwr.u.data.pointer = (caddr_t) &mlme;
1852 10 : iwr.u.data.length = sizeof(mlme);
1853 :
1854 10 : if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1855 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWMLME]: %s",
1856 0 : strerror(errno));
1857 0 : ret = -1;
1858 : }
1859 :
1860 10 : return ret;
1861 : }
1862 :
1863 :
1864 30 : static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv)
1865 : {
1866 : struct iwreq iwr;
1867 30 : const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 };
1868 : u8 ssid[32];
1869 : int i;
1870 :
1871 : /*
1872 : * Only force-disconnect when the card is in infrastructure mode,
1873 : * otherwise the driver might interpret the cleared BSSID and random
1874 : * SSID as an attempt to create a new ad-hoc network.
1875 : */
1876 30 : os_memset(&iwr, 0, sizeof(iwr));
1877 30 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1878 30 : if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
1879 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCGIWMODE]: %s",
1880 0 : strerror(errno));
1881 0 : iwr.u.mode = IW_MODE_INFRA;
1882 : }
1883 :
1884 30 : if (iwr.u.mode == IW_MODE_INFRA) {
1885 : /* Clear the BSSID selection */
1886 30 : if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0) {
1887 0 : wpa_printf(MSG_DEBUG, "WEXT: Failed to clear BSSID "
1888 : "selection on disconnect");
1889 : }
1890 :
1891 30 : if (drv->cfg80211) {
1892 : /*
1893 : * cfg80211 supports SIOCSIWMLME commands, so there is
1894 : * no need for the random SSID hack, but clear the
1895 : * SSID.
1896 : */
1897 30 : if (wpa_driver_wext_set_ssid(drv, (u8 *) "", 0) < 0) {
1898 0 : wpa_printf(MSG_DEBUG, "WEXT: Failed to clear "
1899 : "SSID on disconnect");
1900 : }
1901 60 : return;
1902 : }
1903 :
1904 : /*
1905 : * Set a random SSID to make sure the driver will not be trying
1906 : * to associate with something even if it does not understand
1907 : * SIOCSIWMLME commands (or tries to associate automatically
1908 : * after deauth/disassoc).
1909 : */
1910 0 : for (i = 0; i < 32; i++)
1911 0 : ssid[i] = rand() & 0xFF;
1912 0 : if (wpa_driver_wext_set_ssid(drv, ssid, 32) < 0) {
1913 0 : wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus "
1914 : "SSID to disconnect");
1915 : }
1916 : }
1917 : }
1918 :
1919 :
1920 10 : static int wpa_driver_wext_deauthenticate(void *priv, const u8 *addr,
1921 : int reason_code)
1922 : {
1923 10 : struct wpa_driver_wext_data *drv = priv;
1924 : int ret;
1925 10 : wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1926 10 : ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DEAUTH, reason_code);
1927 10 : wpa_driver_wext_disconnect(drv);
1928 10 : return ret;
1929 : }
1930 :
1931 :
1932 15 : static int wpa_driver_wext_set_gen_ie(void *priv, const u8 *ie,
1933 : size_t ie_len)
1934 : {
1935 15 : struct wpa_driver_wext_data *drv = priv;
1936 : struct iwreq iwr;
1937 15 : int ret = 0;
1938 :
1939 15 : os_memset(&iwr, 0, sizeof(iwr));
1940 15 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1941 15 : iwr.u.data.pointer = (caddr_t) ie;
1942 15 : iwr.u.data.length = ie_len;
1943 :
1944 15 : if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
1945 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWGENIE]: %s",
1946 0 : strerror(errno));
1947 0 : ret = -1;
1948 : }
1949 :
1950 15 : return ret;
1951 : }
1952 :
1953 :
1954 30 : int wpa_driver_wext_cipher2wext(int cipher)
1955 : {
1956 30 : switch (cipher) {
1957 : case WPA_CIPHER_NONE:
1958 8 : return IW_AUTH_CIPHER_NONE;
1959 : case WPA_CIPHER_WEP40:
1960 4 : return IW_AUTH_CIPHER_WEP40;
1961 : case WPA_CIPHER_TKIP:
1962 2 : return IW_AUTH_CIPHER_TKIP;
1963 : case WPA_CIPHER_CCMP:
1964 12 : return IW_AUTH_CIPHER_CCMP;
1965 : case WPA_CIPHER_WEP104:
1966 4 : return IW_AUTH_CIPHER_WEP104;
1967 : default:
1968 0 : return 0;
1969 : }
1970 : }
1971 :
1972 :
1973 15 : int wpa_driver_wext_keymgmt2wext(int keymgmt)
1974 : {
1975 15 : switch (keymgmt) {
1976 : case WPA_KEY_MGMT_IEEE8021X:
1977 : case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
1978 4 : return IW_AUTH_KEY_MGMT_802_1X;
1979 : case WPA_KEY_MGMT_PSK:
1980 2 : return IW_AUTH_KEY_MGMT_PSK;
1981 : default:
1982 9 : return 0;
1983 : }
1984 : }
1985 :
1986 :
1987 : static int
1988 0 : wpa_driver_wext_auth_alg_fallback(struct wpa_driver_wext_data *drv,
1989 : struct wpa_driver_associate_params *params)
1990 : {
1991 : struct iwreq iwr;
1992 0 : int ret = 0;
1993 :
1994 0 : wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
1995 : "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
1996 :
1997 0 : os_memset(&iwr, 0, sizeof(iwr));
1998 0 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1999 : /* Just changing mode, not actual keys */
2000 0 : iwr.u.encoding.flags = 0;
2001 0 : iwr.u.encoding.pointer = (caddr_t) NULL;
2002 0 : iwr.u.encoding.length = 0;
2003 :
2004 : /*
2005 : * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
2006 : * different things. Here they are used to indicate Open System vs.
2007 : * Shared Key authentication algorithm. However, some drivers may use
2008 : * them to select between open/restricted WEP encrypted (open = allow
2009 : * both unencrypted and encrypted frames; restricted = only allow
2010 : * encrypted frames).
2011 : */
2012 :
2013 0 : if (!drv->use_crypt) {
2014 0 : iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
2015 : } else {
2016 0 : if (params->auth_alg & WPA_AUTH_ALG_OPEN)
2017 0 : iwr.u.encoding.flags |= IW_ENCODE_OPEN;
2018 0 : if (params->auth_alg & WPA_AUTH_ALG_SHARED)
2019 0 : iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
2020 : }
2021 :
2022 0 : if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
2023 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWENCODE]: %s",
2024 0 : strerror(errno));
2025 0 : ret = -1;
2026 : }
2027 :
2028 0 : return ret;
2029 : }
2030 :
2031 :
2032 15 : int wpa_driver_wext_associate(void *priv,
2033 : struct wpa_driver_associate_params *params)
2034 : {
2035 15 : struct wpa_driver_wext_data *drv = priv;
2036 15 : int ret = 0;
2037 : int allow_unencrypted_eapol;
2038 : int value;
2039 :
2040 15 : wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
2041 :
2042 15 : if (drv->cfg80211) {
2043 : /*
2044 : * Stop cfg80211 from trying to associate before we are done
2045 : * with all parameters.
2046 : */
2047 15 : if (wpa_driver_wext_set_ssid(drv, (u8 *) "", 0) < 0) {
2048 0 : wpa_printf(MSG_DEBUG,
2049 : "WEXT: Failed to clear SSID to stop pending cfg80211 association attempts (if any)");
2050 : /* continue anyway */
2051 : }
2052 : }
2053 :
2054 15 : if (wpa_driver_wext_set_drop_unencrypted(drv, params->drop_unencrypted)
2055 : < 0)
2056 0 : ret = -1;
2057 15 : if (wpa_driver_wext_set_auth_alg(drv, params->auth_alg) < 0)
2058 0 : ret = -1;
2059 15 : if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
2060 0 : ret = -1;
2061 :
2062 : /*
2063 : * If the driver did not support SIOCSIWAUTH, fallback to
2064 : * SIOCSIWENCODE here.
2065 : */
2066 15 : if (drv->auth_alg_fallback &&
2067 0 : wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
2068 0 : ret = -1;
2069 :
2070 15 : if (!params->bssid &&
2071 0 : wpa_driver_wext_set_bssid(drv, NULL) < 0)
2072 0 : ret = -1;
2073 :
2074 : /* TODO: should consider getting wpa version and cipher/key_mgmt suites
2075 : * from configuration, not from here, where only the selected suite is
2076 : * available */
2077 15 : if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
2078 : < 0)
2079 0 : ret = -1;
2080 15 : if (params->wpa_proto & WPA_PROTO_RSN)
2081 6 : value = IW_AUTH_WPA_VERSION_WPA2;
2082 9 : else if (params->wpa_proto & WPA_PROTO_WPA)
2083 1 : value = IW_AUTH_WPA_VERSION_WPA;
2084 : else
2085 8 : value = IW_AUTH_WPA_VERSION_DISABLED;
2086 15 : if (wpa_driver_wext_set_auth_param(drv,
2087 : IW_AUTH_WPA_VERSION, value) < 0)
2088 0 : ret = -1;
2089 15 : value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
2090 15 : if (wpa_driver_wext_set_auth_param(drv,
2091 : IW_AUTH_CIPHER_PAIRWISE, value) < 0)
2092 0 : ret = -1;
2093 15 : value = wpa_driver_wext_cipher2wext(params->group_suite);
2094 15 : if (wpa_driver_wext_set_auth_param(drv,
2095 : IW_AUTH_CIPHER_GROUP, value) < 0)
2096 0 : ret = -1;
2097 15 : value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
2098 15 : if (wpa_driver_wext_set_auth_param(drv,
2099 : IW_AUTH_KEY_MGMT, value) < 0)
2100 0 : ret = -1;
2101 38 : value = params->key_mgmt_suite != WPA_KEY_MGMT_NONE ||
2102 12 : params->pairwise_suite != WPA_CIPHER_NONE ||
2103 23 : params->group_suite != WPA_CIPHER_NONE ||
2104 4 : (params->wpa_proto & (WPA_PROTO_RSN | WPA_PROTO_WPA));
2105 15 : if (wpa_driver_wext_set_auth_param(drv,
2106 : IW_AUTH_PRIVACY_INVOKED, value) < 0)
2107 0 : ret = -1;
2108 :
2109 : /* Allow unencrypted EAPOL messages even if pairwise keys are set when
2110 : * not using WPA. IEEE 802.1X specifies that these frames are not
2111 : * encrypted, but WPA encrypts them when pairwise keys are in use. */
2112 26 : if (params->key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2113 11 : params->key_mgmt_suite == WPA_KEY_MGMT_PSK)
2114 6 : allow_unencrypted_eapol = 0;
2115 : else
2116 9 : allow_unencrypted_eapol = 1;
2117 :
2118 15 : if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
2119 0 : ret = -1;
2120 15 : if (wpa_driver_wext_set_auth_param(drv,
2121 : IW_AUTH_RX_UNENCRYPTED_EAPOL,
2122 : allow_unencrypted_eapol) < 0)
2123 0 : ret = -1;
2124 : #ifdef CONFIG_IEEE80211W
2125 15 : switch (params->mgmt_frame_protection) {
2126 : case NO_MGMT_FRAME_PROTECTION:
2127 14 : value = IW_AUTH_MFP_DISABLED;
2128 14 : break;
2129 : case MGMT_FRAME_PROTECTION_OPTIONAL:
2130 0 : value = IW_AUTH_MFP_OPTIONAL;
2131 0 : break;
2132 : case MGMT_FRAME_PROTECTION_REQUIRED:
2133 1 : value = IW_AUTH_MFP_REQUIRED;
2134 1 : break;
2135 : };
2136 15 : if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
2137 0 : ret = -1;
2138 : #endif /* CONFIG_IEEE80211W */
2139 30 : if (params->freq.freq &&
2140 15 : wpa_driver_wext_set_freq(drv, params->freq.freq) < 0)
2141 15 : ret = -1;
2142 15 : if (!drv->cfg80211 &&
2143 0 : wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2144 0 : ret = -1;
2145 30 : if (params->bssid &&
2146 15 : wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
2147 0 : ret = -1;
2148 30 : if (drv->cfg80211 &&
2149 15 : wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2150 0 : ret = -1;
2151 :
2152 15 : return ret;
2153 : }
2154 :
2155 :
2156 15 : static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg)
2157 : {
2158 15 : struct wpa_driver_wext_data *drv = priv;
2159 15 : int algs = 0, res;
2160 :
2161 15 : if (auth_alg & WPA_AUTH_ALG_OPEN)
2162 14 : algs |= IW_AUTH_ALG_OPEN_SYSTEM;
2163 15 : if (auth_alg & WPA_AUTH_ALG_SHARED)
2164 2 : algs |= IW_AUTH_ALG_SHARED_KEY;
2165 15 : if (auth_alg & WPA_AUTH_ALG_LEAP)
2166 0 : algs |= IW_AUTH_ALG_LEAP;
2167 15 : if (algs == 0) {
2168 : /* at least one algorithm should be set */
2169 0 : algs = IW_AUTH_ALG_OPEN_SYSTEM;
2170 : }
2171 :
2172 15 : res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2173 : algs);
2174 15 : drv->auth_alg_fallback = res == -2;
2175 15 : return res;
2176 : }
2177 :
2178 :
2179 : /**
2180 : * wpa_driver_wext_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2181 : * @priv: Pointer to private wext data from wpa_driver_wext_init()
2182 : * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2183 : * Returns: 0 on success, -1 on failure
2184 : */
2185 25 : int wpa_driver_wext_set_mode(void *priv, int mode)
2186 : {
2187 25 : struct wpa_driver_wext_data *drv = priv;
2188 : struct iwreq iwr;
2189 25 : int ret = -1;
2190 25 : unsigned int new_mode = mode ? IW_MODE_ADHOC : IW_MODE_INFRA;
2191 :
2192 25 : os_memset(&iwr, 0, sizeof(iwr));
2193 25 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2194 25 : iwr.u.mode = new_mode;
2195 25 : if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) == 0) {
2196 25 : ret = 0;
2197 25 : goto done;
2198 : }
2199 :
2200 0 : if (errno != EBUSY) {
2201 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWMODE]: %s",
2202 0 : strerror(errno));
2203 0 : goto done;
2204 : }
2205 :
2206 : /* mac80211 doesn't allow mode changes while the device is up, so if
2207 : * the device isn't in the mode we're about to change to, take device
2208 : * down, try to set the mode again, and bring it back up.
2209 : */
2210 0 : if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
2211 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCGIWMODE]: %s",
2212 0 : strerror(errno));
2213 0 : goto done;
2214 : }
2215 :
2216 0 : if (iwr.u.mode == new_mode) {
2217 0 : ret = 0;
2218 0 : goto done;
2219 : }
2220 :
2221 0 : if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0) == 0) {
2222 : /* Try to set the mode again while the interface is down */
2223 0 : iwr.u.mode = new_mode;
2224 0 : if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) < 0)
2225 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWMODE]: %s",
2226 0 : strerror(errno));
2227 : else
2228 0 : ret = 0;
2229 :
2230 0 : (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1);
2231 : }
2232 :
2233 : done:
2234 25 : return ret;
2235 : }
2236 :
2237 :
2238 26 : static int wpa_driver_wext_pmksa(struct wpa_driver_wext_data *drv,
2239 : u32 cmd, const u8 *bssid, const u8 *pmkid)
2240 : {
2241 : struct iwreq iwr;
2242 : struct iw_pmksa pmksa;
2243 26 : int ret = 0;
2244 :
2245 26 : os_memset(&iwr, 0, sizeof(iwr));
2246 26 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2247 26 : os_memset(&pmksa, 0, sizeof(pmksa));
2248 26 : pmksa.cmd = cmd;
2249 26 : pmksa.bssid.sa_family = ARPHRD_ETHER;
2250 26 : if (bssid)
2251 6 : os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2252 26 : if (pmkid)
2253 6 : os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2254 26 : iwr.u.data.pointer = (caddr_t) &pmksa;
2255 26 : iwr.u.data.length = sizeof(pmksa);
2256 :
2257 26 : if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2258 26 : if (errno != EOPNOTSUPP)
2259 0 : wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPMKSA]: %s",
2260 0 : strerror(errno));
2261 26 : ret = -1;
2262 : }
2263 :
2264 26 : return ret;
2265 : }
2266 :
2267 :
2268 3 : static int wpa_driver_wext_add_pmkid(void *priv, const u8 *bssid,
2269 : const u8 *pmkid)
2270 : {
2271 3 : struct wpa_driver_wext_data *drv = priv;
2272 3 : return wpa_driver_wext_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2273 : }
2274 :
2275 :
2276 3 : static int wpa_driver_wext_remove_pmkid(void *priv, const u8 *bssid,
2277 : const u8 *pmkid)
2278 : {
2279 3 : struct wpa_driver_wext_data *drv = priv;
2280 3 : return wpa_driver_wext_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2281 : }
2282 :
2283 :
2284 20 : static int wpa_driver_wext_flush_pmkid(void *priv)
2285 : {
2286 20 : struct wpa_driver_wext_data *drv = priv;
2287 20 : return wpa_driver_wext_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2288 : }
2289 :
2290 :
2291 10 : int wpa_driver_wext_get_capa(void *priv, struct wpa_driver_capa *capa)
2292 : {
2293 10 : struct wpa_driver_wext_data *drv = priv;
2294 10 : if (!drv->has_capability)
2295 0 : return -1;
2296 10 : os_memcpy(capa, &drv->capa, sizeof(*capa));
2297 10 : return 0;
2298 : }
2299 :
2300 :
2301 10 : int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
2302 : const char *ifname)
2303 : {
2304 10 : if (ifname == NULL) {
2305 0 : drv->ifindex2 = -1;
2306 0 : return 0;
2307 : }
2308 :
2309 10 : drv->ifindex2 = if_nametoindex(ifname);
2310 10 : if (drv->ifindex2 <= 0)
2311 10 : return -1;
2312 :
2313 0 : wpa_printf(MSG_DEBUG, "Added alternative ifindex %d (%s) for "
2314 : "wireless events", drv->ifindex2, ifname);
2315 :
2316 0 : return 0;
2317 : }
2318 :
2319 :
2320 89 : int wpa_driver_wext_set_operstate(void *priv, int state)
2321 : {
2322 89 : struct wpa_driver_wext_data *drv = priv;
2323 :
2324 89 : wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2325 : __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2326 89 : drv->operstate = state;
2327 89 : return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
2328 : state ? IF_OPER_UP : IF_OPER_DORMANT);
2329 : }
2330 :
2331 :
2332 0 : int wpa_driver_wext_get_version(struct wpa_driver_wext_data *drv)
2333 : {
2334 0 : return drv->we_version_compiled;
2335 : }
2336 :
2337 :
2338 10 : static const char * wext_get_radio_name(void *priv)
2339 : {
2340 10 : struct wpa_driver_wext_data *drv = priv;
2341 10 : return drv->phyname;
2342 : }
2343 :
2344 :
2345 1 : static int wpa_driver_wext_signal_poll(void *priv, struct wpa_signal_info *si)
2346 : {
2347 1 : struct wpa_driver_wext_data *drv = priv;
2348 : struct iw_statistics stats;
2349 : struct iwreq iwr;
2350 :
2351 1 : os_memset(si, 0, sizeof(*si));
2352 1 : si->current_signal = -9999;
2353 1 : si->current_noise = 9999;
2354 1 : si->chanwidth = CHAN_WIDTH_UNKNOWN;
2355 :
2356 1 : os_memset(&iwr, 0, sizeof(iwr));
2357 1 : os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2358 1 : iwr.u.data.pointer = (caddr_t) &stats;
2359 1 : iwr.u.data.length = sizeof(stats);
2360 1 : iwr.u.data.flags = 1;
2361 :
2362 1 : if (ioctl(drv->ioctl_sock, SIOCGIWSTATS, &iwr) < 0) {
2363 0 : wpa_printf(MSG_ERROR, "WEXT: SIOCGIWSTATS: %s",
2364 0 : strerror(errno));
2365 0 : return -1;
2366 : }
2367 :
2368 2 : si->current_signal = stats.qual.level -
2369 1 : ((stats.qual.updated & IW_QUAL_DBM) ? 0x100 : 0);
2370 2 : si->current_noise = stats.qual.noise -
2371 1 : ((stats.qual.updated & IW_QUAL_DBM) ? 0x100 : 0);
2372 1 : return 0;
2373 : }
2374 :
2375 :
2376 8 : static int wpa_driver_wext_status(void *priv, char *buf, size_t buflen)
2377 : {
2378 8 : struct wpa_driver_wext_data *drv = priv;
2379 : int res;
2380 : char *pos, *end;
2381 : unsigned char addr[ETH_ALEN];
2382 :
2383 8 : pos = buf;
2384 8 : end = buf + buflen;
2385 :
2386 8 : if (linux_get_ifhwaddr(drv->ioctl_sock, drv->ifname, addr))
2387 0 : return -1;
2388 :
2389 56 : res = os_snprintf(pos, end - pos,
2390 : "ifindex=%d\n"
2391 : "ifname=%s\n"
2392 : "addr=" MACSTR "\n",
2393 : drv->ifindex,
2394 8 : drv->ifname,
2395 48 : MAC2STR(addr));
2396 8 : if (os_snprintf_error(end - pos, res))
2397 0 : return pos - buf;
2398 8 : pos += res;
2399 :
2400 8 : return pos - buf;
2401 : }
2402 :
2403 : const struct wpa_driver_ops wpa_driver_wext_ops = {
2404 : .name = "wext",
2405 : .desc = "Linux wireless extensions (generic)",
2406 : .get_bssid = wpa_driver_wext_get_bssid,
2407 : .get_ssid = wpa_driver_wext_get_ssid,
2408 : .set_key = wpa_driver_wext_set_key,
2409 : .set_countermeasures = wpa_driver_wext_set_countermeasures,
2410 : .scan2 = wpa_driver_wext_scan,
2411 : .get_scan_results2 = wpa_driver_wext_get_scan_results,
2412 : .deauthenticate = wpa_driver_wext_deauthenticate,
2413 : .associate = wpa_driver_wext_associate,
2414 : .init = wpa_driver_wext_init,
2415 : .deinit = wpa_driver_wext_deinit,
2416 : .add_pmkid = wpa_driver_wext_add_pmkid,
2417 : .remove_pmkid = wpa_driver_wext_remove_pmkid,
2418 : .flush_pmkid = wpa_driver_wext_flush_pmkid,
2419 : .get_capa = wpa_driver_wext_get_capa,
2420 : .set_operstate = wpa_driver_wext_set_operstate,
2421 : .get_radio_name = wext_get_radio_name,
2422 : .signal_poll = wpa_driver_wext_signal_poll,
2423 : .status = wpa_driver_wext_status,
2424 : };
|
