2 * Driver interaction with generic Linux Wireless Extensions
3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements a driver interface for the Linux Wireless Extensions.
15 * When used with WE-18 or newer, this interface can be used as-is with number
16 * of drivers. In addition to this, some of the common functions in this file
17 * can be used by other driver interface implementations that use generic WE
18 * ioctls, but require private ioctls for some of the functionality.
22 #include <sys/ioctl.h>
24 #include <net/if_arp.h>
26 #include "wireless_copy.h"
29 #include "common/ieee802_11_defs.h"
30 #include "common/wpa_common.h"
31 #include "priv_netlink.h"
33 #include "linux_ioctl.h"
35 #include "driver_wext.h"
38 static int wpa_driver_wext_flush_pmkid(void *priv);
39 static int wpa_driver_wext_get_range(void *priv);
40 static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv);
41 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv);
42 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg);
45 int wpa_driver_wext_set_auth_param(struct wpa_driver_wext_data *drv,
51 os_memset(&iwr, 0, sizeof(iwr));
52 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
53 iwr.u.param.flags = idx & IW_AUTH_INDEX;
54 iwr.u.param.value = value;
56 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
57 if (errno != EOPNOTSUPP) {
58 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
59 "value 0x%x) failed: %s)",
60 idx, value, strerror(errno));
62 ret = errno == EOPNOTSUPP ? -2 : -1;
70 * wpa_driver_wext_get_bssid - Get BSSID, SIOCGIWAP
71 * @priv: Pointer to private wext data from wpa_driver_wext_init()
72 * @bssid: Buffer for BSSID
73 * Returns: 0 on success, -1 on failure
75 int wpa_driver_wext_get_bssid(void *priv, u8 *bssid)
77 struct wpa_driver_wext_data *drv = priv;
81 os_memset(&iwr, 0, sizeof(iwr));
82 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
84 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
85 perror("ioctl[SIOCGIWAP]");
88 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
95 * wpa_driver_wext_set_bssid - Set BSSID, SIOCSIWAP
96 * @priv: Pointer to private wext data from wpa_driver_wext_init()
98 * Returns: 0 on success, -1 on failure
100 int wpa_driver_wext_set_bssid(void *priv, const u8 *bssid)
102 struct wpa_driver_wext_data *drv = priv;
106 os_memset(&iwr, 0, sizeof(iwr));
107 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
108 iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
110 os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
112 os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
114 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
115 perror("ioctl[SIOCSIWAP]");
124 * wpa_driver_wext_get_ssid - Get SSID, SIOCGIWESSID
125 * @priv: Pointer to private wext data from wpa_driver_wext_init()
126 * @ssid: Buffer for the SSID; must be at least 32 bytes long
127 * Returns: SSID length on success, -1 on failure
129 int wpa_driver_wext_get_ssid(void *priv, u8 *ssid)
131 struct wpa_driver_wext_data *drv = priv;
135 os_memset(&iwr, 0, sizeof(iwr));
136 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
137 iwr.u.essid.pointer = (caddr_t) ssid;
138 iwr.u.essid.length = 32;
140 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
141 perror("ioctl[SIOCGIWESSID]");
144 ret = iwr.u.essid.length;
147 /* Some drivers include nul termination in the SSID, so let's
148 * remove it here before further processing. WE-21 changes this
149 * to explicitly require the length _not_ to include nul
151 if (ret > 0 && ssid[ret - 1] == '\0' &&
152 drv->we_version_compiled < 21)
161 * wpa_driver_wext_set_ssid - Set SSID, SIOCSIWESSID
162 * @priv: Pointer to private wext data from wpa_driver_wext_init()
164 * @ssid_len: Length of SSID (0..32)
165 * Returns: 0 on success, -1 on failure
167 int wpa_driver_wext_set_ssid(void *priv, const u8 *ssid, size_t ssid_len)
169 struct wpa_driver_wext_data *drv = priv;
177 os_memset(&iwr, 0, sizeof(iwr));
178 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
179 /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
180 iwr.u.essid.flags = (ssid_len != 0);
181 os_memset(buf, 0, sizeof(buf));
182 os_memcpy(buf, ssid, ssid_len);
183 iwr.u.essid.pointer = (caddr_t) buf;
184 if (drv->we_version_compiled < 21) {
185 /* For historic reasons, set SSID length to include one extra
186 * character, C string nul termination, even though SSID is
187 * really an octet string that should not be presented as a C
188 * string. Some Linux drivers decrement the length by one and
189 * can thus end up missing the last octet of the SSID if the
190 * length is not incremented here. WE-21 changes this to
191 * explicitly require the length _not_ to include nul
196 iwr.u.essid.length = ssid_len;
198 if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
199 perror("ioctl[SIOCSIWESSID]");
208 * wpa_driver_wext_set_freq - Set frequency/channel, SIOCSIWFREQ
209 * @priv: Pointer to private wext data from wpa_driver_wext_init()
210 * @freq: Frequency in MHz
211 * Returns: 0 on success, -1 on failure
213 int wpa_driver_wext_set_freq(void *priv, int freq)
215 struct wpa_driver_wext_data *drv = priv;
219 os_memset(&iwr, 0, sizeof(iwr));
220 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
221 iwr.u.freq.m = freq * 100000;
224 if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
225 perror("ioctl[SIOCSIWFREQ]");
234 wpa_driver_wext_event_wireless_custom(void *ctx, char *custom)
236 union wpa_event_data data;
238 wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
241 os_memset(&data, 0, sizeof(data));
243 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
244 data.michael_mic_failure.unicast =
245 os_strstr(custom, " unicast ") != NULL;
246 /* TODO: parse parameters(?) */
247 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
248 } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
251 u8 *req_ies = NULL, *resp_ies = NULL;
255 bytes = strspn(spos, "0123456789abcdefABCDEF");
256 if (!bytes || (bytes & 1))
260 req_ies = os_malloc(bytes);
261 if (req_ies == NULL ||
262 hexstr2bin(spos, req_ies, bytes) < 0)
264 data.assoc_info.req_ies = req_ies;
265 data.assoc_info.req_ies_len = bytes;
269 data.assoc_info.resp_ies = NULL;
270 data.assoc_info.resp_ies_len = 0;
272 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
275 bytes = strspn(spos, "0123456789abcdefABCDEF");
276 if (!bytes || (bytes & 1))
280 resp_ies = os_malloc(bytes);
281 if (resp_ies == NULL ||
282 hexstr2bin(spos, resp_ies, bytes) < 0)
284 data.assoc_info.resp_ies = resp_ies;
285 data.assoc_info.resp_ies_len = bytes;
288 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
293 #ifdef CONFIG_PEERKEY
294 } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
295 if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
296 wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
297 "STKSTART.request '%s'", custom + 17);
300 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
301 #endif /* CONFIG_PEERKEY */
306 static int wpa_driver_wext_event_wireless_michaelmicfailure(
307 void *ctx, const char *ev, size_t len)
309 const struct iw_michaelmicfailure *mic;
310 union wpa_event_data data;
312 if (len < sizeof(*mic))
315 mic = (const struct iw_michaelmicfailure *) ev;
317 wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
318 "flags=0x%x src_addr=" MACSTR, mic->flags,
319 MAC2STR(mic->src_addr.sa_data));
321 os_memset(&data, 0, sizeof(data));
322 data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
323 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
329 static int wpa_driver_wext_event_wireless_pmkidcand(
330 struct wpa_driver_wext_data *drv, const char *ev, size_t len)
332 const struct iw_pmkid_cand *cand;
333 union wpa_event_data data;
336 if (len < sizeof(*cand))
339 cand = (const struct iw_pmkid_cand *) ev;
340 addr = (const u8 *) cand->bssid.sa_data;
342 wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
343 "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
344 cand->index, MAC2STR(addr));
346 os_memset(&data, 0, sizeof(data));
347 os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
348 data.pmkid_candidate.index = cand->index;
349 data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
350 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
356 static int wpa_driver_wext_event_wireless_assocreqie(
357 struct wpa_driver_wext_data *drv, const char *ev, int len)
362 wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
364 os_free(drv->assoc_req_ies);
365 drv->assoc_req_ies = os_malloc(len);
366 if (drv->assoc_req_ies == NULL) {
367 drv->assoc_req_ies_len = 0;
370 os_memcpy(drv->assoc_req_ies, ev, len);
371 drv->assoc_req_ies_len = len;
377 static int wpa_driver_wext_event_wireless_assocrespie(
378 struct wpa_driver_wext_data *drv, const char *ev, int len)
383 wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
385 os_free(drv->assoc_resp_ies);
386 drv->assoc_resp_ies = os_malloc(len);
387 if (drv->assoc_resp_ies == NULL) {
388 drv->assoc_resp_ies_len = 0;
391 os_memcpy(drv->assoc_resp_ies, ev, len);
392 drv->assoc_resp_ies_len = len;
398 static void wpa_driver_wext_event_assoc_ies(struct wpa_driver_wext_data *drv)
400 union wpa_event_data data;
402 if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
405 os_memset(&data, 0, sizeof(data));
406 if (drv->assoc_req_ies) {
407 data.assoc_info.req_ies = drv->assoc_req_ies;
408 data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
410 if (drv->assoc_resp_ies) {
411 data.assoc_info.resp_ies = drv->assoc_resp_ies;
412 data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
415 wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
417 os_free(drv->assoc_req_ies);
418 drv->assoc_req_ies = NULL;
419 os_free(drv->assoc_resp_ies);
420 drv->assoc_resp_ies = NULL;
424 static void wpa_driver_wext_event_wireless(struct wpa_driver_wext_data *drv,
427 struct iw_event iwe_buf, *iwe = &iwe_buf;
428 char *pos, *end, *custom, *buf;
433 while (pos + IW_EV_LCP_LEN <= end) {
434 /* Event data may be unaligned, so make a local, aligned copy
435 * before processing. */
436 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
437 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
439 if (iwe->len <= IW_EV_LCP_LEN)
442 custom = pos + IW_EV_POINT_LEN;
443 if (drv->we_version_compiled > 18 &&
444 (iwe->cmd == IWEVMICHAELMICFAILURE ||
445 iwe->cmd == IWEVCUSTOM ||
446 iwe->cmd == IWEVASSOCREQIE ||
447 iwe->cmd == IWEVASSOCRESPIE ||
448 iwe->cmd == IWEVPMKIDCAND)) {
449 /* WE-19 removed the pointer from struct iw_point */
450 char *dpos = (char *) &iwe_buf.u.data.length;
451 int dlen = dpos - (char *) &iwe_buf;
452 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
453 sizeof(struct iw_event) - dlen);
455 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
456 custom += IW_EV_POINT_OFF;
461 wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
463 MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
464 if (is_zero_ether_addr(
465 (const u8 *) iwe->u.ap_addr.sa_data) ||
466 os_memcmp(iwe->u.ap_addr.sa_data,
467 "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
469 os_free(drv->assoc_req_ies);
470 drv->assoc_req_ies = NULL;
471 os_free(drv->assoc_resp_ies);
472 drv->assoc_resp_ies = NULL;
473 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC,
477 wpa_driver_wext_event_assoc_ies(drv);
478 wpa_supplicant_event(drv->ctx, EVENT_ASSOC,
482 case IWEVMICHAELMICFAILURE:
483 if (custom + iwe->u.data.length > end) {
484 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
485 "IWEVMICHAELMICFAILURE length");
488 wpa_driver_wext_event_wireless_michaelmicfailure(
489 drv->ctx, custom, iwe->u.data.length);
492 if (custom + iwe->u.data.length > end) {
493 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
494 "IWEVCUSTOM length");
497 buf = os_malloc(iwe->u.data.length + 1);
500 os_memcpy(buf, custom, iwe->u.data.length);
501 buf[iwe->u.data.length] = '\0';
502 wpa_driver_wext_event_wireless_custom(drv->ctx, buf);
506 drv->scan_complete_events = 1;
507 eloop_cancel_timeout(wpa_driver_wext_scan_timeout,
509 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS,
513 if (custom + iwe->u.data.length > end) {
514 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
515 "IWEVASSOCREQIE length");
518 wpa_driver_wext_event_wireless_assocreqie(
519 drv, custom, iwe->u.data.length);
521 case IWEVASSOCRESPIE:
522 if (custom + iwe->u.data.length > end) {
523 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
524 "IWEVASSOCRESPIE length");
527 wpa_driver_wext_event_wireless_assocrespie(
528 drv, custom, iwe->u.data.length);
531 if (custom + iwe->u.data.length > end) {
532 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
533 "IWEVPMKIDCAND length");
536 wpa_driver_wext_event_wireless_pmkidcand(
537 drv, custom, iwe->u.data.length);
546 static void wpa_driver_wext_event_link(struct wpa_driver_wext_data *drv,
547 char *buf, size_t len, int del)
549 union wpa_event_data event;
551 os_memset(&event, 0, sizeof(event));
552 if (len > sizeof(event.interface_status.ifname))
553 len = sizeof(event.interface_status.ifname) - 1;
554 os_memcpy(event.interface_status.ifname, buf, len);
555 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
556 EVENT_INTERFACE_ADDED;
558 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
560 event.interface_status.ifname,
561 del ? "removed" : "added");
563 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
570 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
574 static int wpa_driver_wext_own_ifname(struct wpa_driver_wext_data *drv,
577 int attrlen, rta_len;
581 attr = (struct rtattr *) buf;
583 rta_len = RTA_ALIGN(sizeof(struct rtattr));
584 while (RTA_OK(attr, attrlen)) {
585 if (attr->rta_type == IFLA_IFNAME) {
586 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
592 attr = RTA_NEXT(attr, attrlen);
599 static int wpa_driver_wext_own_ifindex(struct wpa_driver_wext_data *drv,
600 int ifindex, u8 *buf, size_t len)
602 if (drv->ifindex == ifindex || drv->ifindex2 == ifindex)
605 if (drv->if_removed && wpa_driver_wext_own_ifname(drv, buf, len)) {
606 drv->ifindex = if_nametoindex(drv->ifname);
607 wpa_printf(MSG_DEBUG, "WEXT: Update ifindex for a removed "
609 wpa_driver_wext_finish_drv_init(drv);
617 static void wpa_driver_wext_event_rtm_newlink(void *ctx, struct ifinfomsg *ifi,
620 struct wpa_driver_wext_data *drv = ctx;
621 int attrlen, rta_len;
624 if (!wpa_driver_wext_own_ifindex(drv, ifi->ifi_index, buf, len)) {
625 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
630 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
632 drv->operstate, ifi->ifi_flags,
633 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
634 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
635 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
636 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
638 * Some drivers send the association event before the operup event--in
639 * this case, lifting operstate in wpa_driver_wext_set_operstate()
640 * fails. This will hit us when wpa_supplicant does not need to do
641 * IEEE 802.1X authentication
643 if (drv->operstate == 1 &&
644 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
645 !(ifi->ifi_flags & IFF_RUNNING))
646 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
650 attr = (struct rtattr *) buf;
652 rta_len = RTA_ALIGN(sizeof(struct rtattr));
653 while (RTA_OK(attr, attrlen)) {
654 if (attr->rta_type == IFLA_WIRELESS) {
655 wpa_driver_wext_event_wireless(
656 drv, ((char *) attr) + rta_len,
657 attr->rta_len - rta_len);
658 } else if (attr->rta_type == IFLA_IFNAME) {
659 wpa_driver_wext_event_link(drv,
660 ((char *) attr) + rta_len,
661 attr->rta_len - rta_len, 0);
663 attr = RTA_NEXT(attr, attrlen);
668 static void wpa_driver_wext_event_rtm_dellink(void *ctx, struct ifinfomsg *ifi,
671 struct wpa_driver_wext_data *drv = ctx;
672 int attrlen, rta_len;
676 attr = (struct rtattr *) buf;
678 rta_len = RTA_ALIGN(sizeof(struct rtattr));
679 while (RTA_OK(attr, attrlen)) {
680 if (attr->rta_type == IFLA_IFNAME) {
681 wpa_driver_wext_event_link(drv,
682 ((char *) attr) + rta_len,
683 attr->rta_len - rta_len, 1);
685 attr = RTA_NEXT(attr, attrlen);
691 * wpa_driver_wext_init - Initialize WE driver interface
692 * @ctx: context to be used when calling wpa_supplicant functions,
693 * e.g., wpa_supplicant_event()
694 * @ifname: interface name, e.g., wlan0
695 * Returns: Pointer to private data, %NULL on failure
697 void * wpa_driver_wext_init(void *ctx, const char *ifname)
699 struct wpa_driver_wext_data *drv;
700 struct netlink_config *cfg;
704 drv = os_zalloc(sizeof(*drv));
708 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
710 os_snprintf(path, sizeof(path), "/sys/class/net/%s/phy80211", ifname);
711 if (stat(path, &buf) == 0) {
712 wpa_printf(MSG_DEBUG, "WEXT: cfg80211-based driver detected");
716 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
717 if (drv->ioctl_sock < 0) {
718 perror("socket(PF_INET,SOCK_DGRAM)");
722 cfg = os_zalloc(sizeof(*cfg));
726 cfg->newlink_cb = wpa_driver_wext_event_rtm_newlink;
727 cfg->dellink_cb = wpa_driver_wext_event_rtm_dellink;
728 drv->netlink = netlink_init(cfg);
729 if (drv->netlink == NULL) {
736 if (wpa_driver_wext_finish_drv_init(drv) < 0)
739 wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 1);
744 netlink_deinit(drv->netlink);
746 close(drv->ioctl_sock);
753 static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv)
755 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1) < 0)
759 * Make sure that the driver does not have any obsolete PMKID entries.
761 wpa_driver_wext_flush_pmkid(drv);
763 if (wpa_driver_wext_set_mode(drv, 0) < 0) {
764 wpa_printf(MSG_DEBUG, "Could not configure driver to use "
766 /* Try to use it anyway */
769 wpa_driver_wext_get_range(drv);
772 * Unlock the driver's BSSID and force to a random SSID to clear any
773 * previous association the driver might have when the supplicant
778 * August, 5th 2011. TIZEN
779 * broadcom driver returns scan abort due to disconnect after driver initialization
780 * Therefore, disconnect operation is blocked when initialization
782 //wpa_driver_wext_disconnect(drv);
784 drv->ifindex = if_nametoindex(drv->ifname);
786 if (os_strncmp(drv->ifname, "wlan", 4) == 0) {
788 * Host AP driver may use both wlan# and wifi# interface in
789 * wireless events. Since some of the versions included WE-18
790 * support, let's add the alternative ifindex also from
791 * driver_wext.c for the time being. This may be removed at
792 * some point once it is believed that old versions of the
793 * driver are not in use anymore.
795 char ifname2[IFNAMSIZ + 1];
796 os_strlcpy(ifname2, drv->ifname, sizeof(ifname2));
797 os_memcpy(ifname2, "wifi", 4);
798 wpa_driver_wext_alternative_ifindex(drv, ifname2);
801 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
809 * wpa_driver_wext_deinit - Deinitialize WE driver interface
810 * @priv: Pointer to private wext data from wpa_driver_wext_init()
812 * Shut down driver interface and processing of driver events. Free
813 * private data buffer if one was allocated in wpa_driver_wext_init().
815 void wpa_driver_wext_deinit(void *priv)
817 struct wpa_driver_wext_data *drv = priv;
819 wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 0);
821 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
824 * Clear possibly configured driver parameters in order to make it
825 * easier to use the driver after wpa_supplicant has been terminated.
827 wpa_driver_wext_disconnect(drv);
829 netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
830 netlink_deinit(drv->netlink);
832 if (drv->mlme_sock >= 0)
833 eloop_unregister_read_sock(drv->mlme_sock);
835 (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0);
837 close(drv->ioctl_sock);
838 if (drv->mlme_sock >= 0)
839 close(drv->mlme_sock);
840 os_free(drv->assoc_req_ies);
841 os_free(drv->assoc_resp_ies);
847 * wpa_driver_wext_scan_timeout - Scan timeout to report scan completion
849 * @timeout_ctx: ctx argument given to wpa_driver_wext_init()
851 * This function can be used as registered timeout when starting a scan to
852 * generate a scan completed event if the driver does not report this.
854 void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx)
856 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
857 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
862 * wpa_driver_wext_scan - Request the driver to initiate scan
863 * @priv: Pointer to private wext data from wpa_driver_wext_init()
864 * @param: Scan parameters (specific SSID to scan for (ProbeReq), etc.)
865 * Returns: 0 on success, -1 on failure
867 int wpa_driver_wext_scan(void *priv, struct wpa_driver_scan_params *params)
869 struct wpa_driver_wext_data *drv = priv;
871 int ret = 0, timeout;
872 struct iw_scan_req req;
873 const u8 *ssid = params->ssids[0].ssid;
874 size_t ssid_len = params->ssids[0].ssid_len;
876 if (ssid_len > IW_ESSID_MAX_SIZE) {
877 wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)",
878 __FUNCTION__, (unsigned long) ssid_len);
882 os_memset(&iwr, 0, sizeof(iwr));
883 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
885 if (ssid && ssid_len) {
886 os_memset(&req, 0, sizeof(req));
887 req.essid_len = ssid_len;
888 req.bssid.sa_family = ARPHRD_ETHER;
889 os_memset(req.bssid.sa_data, 0xff, ETH_ALEN);
890 os_memcpy(req.essid, ssid, ssid_len);
891 iwr.u.data.pointer = (caddr_t) &req;
892 iwr.u.data.length = sizeof(req);
893 iwr.u.data.flags = IW_SCAN_THIS_ESSID;
896 if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) {
897 perror("ioctl[SIOCSIWSCAN]");
901 /* Not all drivers generate "scan completed" wireless event, so try to
902 * read results after a timeout. */
904 if (drv->scan_complete_events) {
906 * The driver seems to deliver SIOCGIWSCAN events to notify
907 * when scan is complete, so use longer timeout to avoid race
908 * conditions with scanning and following association request.
912 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
913 "seconds", ret, timeout);
914 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
915 eloop_register_timeout(timeout, 0, wpa_driver_wext_scan_timeout, drv,
922 static u8 * wpa_driver_wext_giwscan(struct wpa_driver_wext_data *drv,
929 res_buf_len = IW_SCAN_MAX_DATA;
931 res_buf = os_malloc(res_buf_len);
934 os_memset(&iwr, 0, sizeof(iwr));
935 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
936 iwr.u.data.pointer = res_buf;
937 iwr.u.data.length = res_buf_len;
939 if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
942 if (errno == E2BIG && res_buf_len < 65535) {
946 if (res_buf_len > 65535)
947 res_buf_len = 65535; /* 16-bit length field */
948 wpa_printf(MSG_DEBUG, "Scan results did not fit - "
949 "trying larger buffer (%lu bytes)",
950 (unsigned long) res_buf_len);
952 perror("ioctl[SIOCGIWSCAN]");
958 if (iwr.u.data.length > res_buf_len) {
962 *len = iwr.u.data.length;
969 * Data structure for collecting WEXT scan results. This is needed to allow
970 * the various methods of reporting IEs to be combined into a single IE buffer.
972 struct wext_scan_data {
973 struct wpa_scan_res res;
982 static void wext_get_scan_mode(struct iw_event *iwe,
983 struct wext_scan_data *res)
985 if (iwe->u.mode == IW_MODE_ADHOC)
986 res->res.caps |= IEEE80211_CAP_IBSS;
987 else if (iwe->u.mode == IW_MODE_MASTER || iwe->u.mode == IW_MODE_INFRA)
988 res->res.caps |= IEEE80211_CAP_ESS;
992 static void wext_get_scan_ssid(struct iw_event *iwe,
993 struct wext_scan_data *res, char *custom,
996 int ssid_len = iwe->u.essid.length;
997 if (custom + ssid_len > end)
999 if (iwe->u.essid.flags &&
1001 ssid_len <= IW_ESSID_MAX_SIZE) {
1002 os_memcpy(res->ssid, custom, ssid_len);
1003 res->ssid_len = ssid_len;
1008 static void wext_get_scan_freq(struct iw_event *iwe,
1009 struct wext_scan_data *res)
1011 int divi = 1000000, i;
1013 if (iwe->u.freq.e == 0) {
1015 * Some drivers do not report frequency, but a channel.
1016 * Try to map this to frequency by assuming they are using
1017 * IEEE 802.11b/g. But don't overwrite a previously parsed
1018 * frequency if the driver sends both frequency and channel,
1019 * since the driver may be sending an A-band channel that we
1020 * don't handle here.
1026 if (iwe->u.freq.m >= 1 && iwe->u.freq.m <= 13) {
1027 res->res.freq = 2407 + 5 * iwe->u.freq.m;
1029 } else if (iwe->u.freq.m == 14) {
1030 res->res.freq = 2484;
1035 if (iwe->u.freq.e > 6) {
1036 wpa_printf(MSG_DEBUG, "Invalid freq in scan results (BSSID="
1037 MACSTR " m=%d e=%d)",
1038 MAC2STR(res->res.bssid), iwe->u.freq.m,
1043 for (i = 0; i < iwe->u.freq.e; i++)
1045 res->res.freq = iwe->u.freq.m / divi;
1049 static void wext_get_scan_qual(struct iw_event *iwe,
1050 struct wext_scan_data *res)
1052 res->res.qual = iwe->u.qual.qual;
1053 res->res.noise = iwe->u.qual.noise;
1054 res->res.level = iwe->u.qual.level;
1055 if (iwe->u.qual.updated & IW_QUAL_QUAL_INVALID)
1056 res->res.flags |= WPA_SCAN_QUAL_INVALID;
1057 if (iwe->u.qual.updated & IW_QUAL_LEVEL_INVALID)
1058 res->res.flags |= WPA_SCAN_LEVEL_INVALID;
1059 if (iwe->u.qual.updated & IW_QUAL_NOISE_INVALID)
1060 res->res.flags |= WPA_SCAN_NOISE_INVALID;
1061 if (iwe->u.qual.updated & IW_QUAL_DBM)
1062 res->res.flags |= WPA_SCAN_LEVEL_DBM;
1066 static void wext_get_scan_encode(struct iw_event *iwe,
1067 struct wext_scan_data *res)
1069 if (!(iwe->u.data.flags & IW_ENCODE_DISABLED))
1070 res->res.caps |= IEEE80211_CAP_PRIVACY;
1074 static void wext_get_scan_rate(struct iw_event *iwe,
1075 struct wext_scan_data *res, char *pos,
1079 char *custom = pos + IW_EV_LCP_LEN;
1084 if (custom + clen > end)
1087 while (((ssize_t) clen) >= (ssize_t) sizeof(struct iw_param)) {
1088 /* Note: may be misaligned, make a local, aligned copy */
1089 os_memcpy(&p, custom, sizeof(struct iw_param));
1090 if (p.value > maxrate)
1092 clen -= sizeof(struct iw_param);
1093 custom += sizeof(struct iw_param);
1096 /* Convert the maxrate from WE-style (b/s units) to
1097 * 802.11 rates (500000 b/s units).
1099 res->maxrate = maxrate / 500000;
1103 static void wext_get_scan_iwevgenie(struct iw_event *iwe,
1104 struct wext_scan_data *res, char *custom,
1107 char *genie, *gpos, *gend;
1110 if (iwe->u.data.length == 0)
1113 gpos = genie = custom;
1114 gend = genie + iwe->u.data.length;
1116 wpa_printf(MSG_INFO, "IWEVGENIE overflow");
1120 tmp = os_realloc(res->ie, res->ie_len + gend - gpos);
1123 os_memcpy(tmp + res->ie_len, gpos, gend - gpos);
1125 res->ie_len += gend - gpos;
1129 static void wext_get_scan_custom(struct iw_event *iwe,
1130 struct wext_scan_data *res, char *custom,
1136 clen = iwe->u.data.length;
1137 if (custom + clen > end)
1140 if (clen > 7 && os_strncmp(custom, "wpa_ie=", 7) == 0) {
1144 bytes = custom + clen - spos;
1145 if (bytes & 1 || bytes == 0)
1148 tmp = os_realloc(res->ie, res->ie_len + bytes);
1152 if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1154 res->ie_len += bytes;
1155 } else if (clen > 7 && os_strncmp(custom, "rsn_ie=", 7) == 0) {
1159 bytes = custom + clen - spos;
1160 if (bytes & 1 || bytes == 0)
1163 tmp = os_realloc(res->ie, res->ie_len + bytes);
1167 if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1169 res->ie_len += bytes;
1170 } else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) {
1175 bytes = custom + clen - spos;
1177 wpa_printf(MSG_INFO, "Invalid TSF length (%d)", bytes);
1181 if (hexstr2bin(spos, bin, bytes) < 0) {
1182 wpa_printf(MSG_DEBUG, "WEXT: Invalid TSF value");
1185 res->res.tsf += WPA_GET_BE64(bin);
1190 static int wext_19_iw_point(struct wpa_driver_wext_data *drv, u16 cmd)
1192 return drv->we_version_compiled > 18 &&
1193 (cmd == SIOCGIWESSID || cmd == SIOCGIWENCODE ||
1194 cmd == IWEVGENIE || cmd == IWEVCUSTOM);
1198 static void wpa_driver_wext_add_scan_entry(struct wpa_scan_results *res,
1199 struct wext_scan_data *data)
1201 struct wpa_scan_res **tmp;
1202 struct wpa_scan_res *r;
1204 u8 *pos, *end, *ssid_ie = NULL, *rate_ie = NULL;
1206 /* Figure out whether we need to fake any IEs */
1208 end = pos + data->ie_len;
1209 while (pos && pos + 1 < end) {
1210 if (pos + 2 + pos[1] > end)
1212 if (pos[0] == WLAN_EID_SSID)
1214 else if (pos[0] == WLAN_EID_SUPP_RATES)
1216 else if (pos[0] == WLAN_EID_EXT_SUPP_RATES)
1222 if (ssid_ie == NULL)
1223 extra_len += 2 + data->ssid_len;
1224 if (rate_ie == NULL && data->maxrate)
1227 r = os_zalloc(sizeof(*r) + extra_len + data->ie_len);
1230 os_memcpy(r, &data->res, sizeof(*r));
1231 r->ie_len = extra_len + data->ie_len;
1232 pos = (u8 *) (r + 1);
1233 if (ssid_ie == NULL) {
1235 * Generate a fake SSID IE since the driver did not report
1238 *pos++ = WLAN_EID_SSID;
1239 *pos++ = data->ssid_len;
1240 os_memcpy(pos, data->ssid, data->ssid_len);
1241 pos += data->ssid_len;
1243 if (rate_ie == NULL && data->maxrate) {
1245 * Generate a fake Supported Rates IE since the driver did not
1246 * report a full IE list.
1248 *pos++ = WLAN_EID_SUPP_RATES;
1250 *pos++ = data->maxrate;
1253 os_memcpy(pos, data->ie, data->ie_len);
1255 tmp = os_realloc(res->res,
1256 (res->num + 1) * sizeof(struct wpa_scan_res *));
1261 tmp[res->num++] = r;
1267 * wpa_driver_wext_get_scan_results - Fetch the latest scan results
1268 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1269 * Returns: Scan results on success, -1 on failure
1271 struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv)
1273 struct wpa_driver_wext_data *drv = priv;
1274 size_t ap_num = 0, len;
1277 struct iw_event iwe_buf, *iwe = &iwe_buf;
1278 char *pos, *end, *custom;
1279 struct wpa_scan_results *res;
1280 struct wext_scan_data data;
1282 res_buf = wpa_driver_wext_giwscan(drv, &len);
1283 if (res_buf == NULL)
1289 res = os_zalloc(sizeof(*res));
1295 pos = (char *) res_buf;
1296 end = (char *) res_buf + len;
1297 os_memset(&data, 0, sizeof(data));
1299 while (pos + IW_EV_LCP_LEN <= end) {
1300 /* Event data may be unaligned, so make a local, aligned copy
1301 * before processing. */
1302 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
1303 if (iwe->len <= IW_EV_LCP_LEN)
1306 custom = pos + IW_EV_POINT_LEN;
1307 if (wext_19_iw_point(drv, iwe->cmd)) {
1308 /* WE-19 removed the pointer from struct iw_point */
1309 char *dpos = (char *) &iwe_buf.u.data.length;
1310 int dlen = dpos - (char *) &iwe_buf;
1311 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
1312 sizeof(struct iw_event) - dlen);
1314 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
1315 custom += IW_EV_POINT_OFF;
1321 wpa_driver_wext_add_scan_entry(res, &data);
1324 os_memset(&data, 0, sizeof(data));
1325 os_memcpy(data.res.bssid,
1326 iwe->u.ap_addr.sa_data, ETH_ALEN);
1329 wext_get_scan_mode(iwe, &data);
1332 wext_get_scan_ssid(iwe, &data, custom, end);
1335 wext_get_scan_freq(iwe, &data);
1338 wext_get_scan_qual(iwe, &data);
1341 wext_get_scan_encode(iwe, &data);
1344 wext_get_scan_rate(iwe, &data, pos, end);
1347 wext_get_scan_iwevgenie(iwe, &data, custom, end);
1350 wext_get_scan_custom(iwe, &data, custom, end);
1359 wpa_driver_wext_add_scan_entry(res, &data);
1362 wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)",
1363 (unsigned long) len, (unsigned long) res->num);
1369 static int wpa_driver_wext_get_range(void *priv)
1371 struct wpa_driver_wext_data *drv = priv;
1372 struct iw_range *range;
1378 * Use larger buffer than struct iw_range in order to allow the
1379 * structure to grow in the future.
1381 buflen = sizeof(struct iw_range) + 500;
1382 range = os_zalloc(buflen);
1386 os_memset(&iwr, 0, sizeof(iwr));
1387 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1388 iwr.u.data.pointer = (caddr_t) range;
1389 iwr.u.data.length = buflen;
1391 minlen = ((char *) &range->enc_capa) - (char *) range +
1392 sizeof(range->enc_capa);
1394 if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1395 perror("ioctl[SIOCGIWRANGE]");
1398 } else if (iwr.u.data.length >= minlen &&
1399 range->we_version_compiled >= 18) {
1400 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1401 "WE(source)=%d enc_capa=0x%x",
1402 range->we_version_compiled,
1403 range->we_version_source,
1405 drv->has_capability = 1;
1406 drv->we_version_compiled = range->we_version_compiled;
1407 if (range->enc_capa & IW_ENC_CAPA_WPA) {
1408 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1409 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1411 if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1412 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1413 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1415 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1416 WPA_DRIVER_CAPA_ENC_WEP104;
1417 if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1418 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1419 if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1420 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1421 if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
1422 drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
1423 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1424 WPA_DRIVER_AUTH_SHARED |
1425 WPA_DRIVER_AUTH_LEAP;
1426 drv->capa.max_scan_ssids = 1;
1428 wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x "
1430 drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
1432 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1433 "assuming WPA is not supported");
1441 static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv,
1444 struct iw_encode_ext *ext;
1448 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1450 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1456 os_memset(&iwr, 0, sizeof(iwr));
1457 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1459 ext = os_zalloc(sizeof(*ext) + PMK_LEN);
1463 iwr.u.encoding.pointer = (caddr_t) ext;
1464 iwr.u.encoding.length = sizeof(*ext) + PMK_LEN;
1465 ext->key_len = PMK_LEN;
1466 os_memcpy(&ext->key, psk, ext->key_len);
1467 ext->alg = IW_ENCODE_ALG_PMK;
1469 ret = ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr);
1472 perror("ioctl[SIOCSIWENCODEEXT] PMK");
1473 wpa_printf(MSG_DEBUG, "ioctl [SIOCSIWENCODEEXT] error is [%s]",strerror(errno));
1481 static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg,
1482 const u8 *addr, int key_idx,
1483 int set_tx, const u8 *seq,
1485 const u8 *key, size_t key_len)
1487 struct wpa_driver_wext_data *drv = priv;
1490 struct iw_encode_ext *ext;
1492 if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) {
1493 wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu",
1494 __FUNCTION__, (unsigned long) seq_len);
1498 ext = os_zalloc(sizeof(*ext) + key_len);
1501 os_memset(&iwr, 0, sizeof(iwr));
1502 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1503 iwr.u.encoding.flags = key_idx + 1;
1504 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1505 if (alg == WPA_ALG_NONE)
1506 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1507 iwr.u.encoding.pointer = (caddr_t) ext;
1508 iwr.u.encoding.length = sizeof(*ext) + key_len;
1511 os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) == 0)
1512 ext->ext_flags |= IW_ENCODE_EXT_GROUP_KEY;
1514 ext->ext_flags |= IW_ENCODE_EXT_SET_TX_KEY;
1516 ext->addr.sa_family = ARPHRD_ETHER;
1518 os_memcpy(ext->addr.sa_data, addr, ETH_ALEN);
1520 os_memset(ext->addr.sa_data, 0xff, ETH_ALEN);
1521 if (key && key_len) {
1522 os_memcpy(ext + 1, key, key_len);
1523 ext->key_len = key_len;
1527 ext->alg = IW_ENCODE_ALG_NONE;
1530 ext->alg = IW_ENCODE_ALG_WEP;
1533 ext->alg = IW_ENCODE_ALG_TKIP;
1536 ext->alg = IW_ENCODE_ALG_CCMP;
1539 ext->alg = IW_ENCODE_ALG_PMK;
1541 #ifdef CONFIG_IEEE80211W
1543 ext->alg = IW_ENCODE_ALG_AES_CMAC;
1545 #endif /* CONFIG_IEEE80211W */
1547 wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
1553 if (seq && seq_len) {
1554 ext->ext_flags |= IW_ENCODE_EXT_RX_SEQ_VALID;
1555 os_memcpy(ext->rx_seq, seq, seq_len);
1558 if (ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr) < 0) {
1559 ret = errno == EOPNOTSUPP ? -2 : -1;
1560 if (errno == ENODEV) {
1562 * ndiswrapper seems to be returning incorrect error
1567 perror("ioctl[SIOCSIWENCODEEXT]");
1576 * wpa_driver_wext_set_key - Configure encryption key
1577 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1578 * @priv: Private driver interface data
1579 * @alg: Encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
1580 * %WPA_ALG_TKIP, %WPA_ALG_CCMP); %WPA_ALG_NONE clears the key.
1581 * @addr: Address of the peer STA or ff:ff:ff:ff:ff:ff for
1582 * broadcast/default keys
1583 * @key_idx: key index (0..3), usually 0 for unicast keys
1584 * @set_tx: Configure this key as the default Tx key (only used when
1585 * driver does not support separate unicast/individual key
1586 * @seq: Sequence number/packet number, seq_len octets, the next
1587 * packet number to be used for in replay protection; configured
1588 * for Rx keys (in most cases, this is only used with broadcast
1589 * keys and set to zero for unicast keys)
1590 * @seq_len: Length of the seq, depends on the algorithm:
1591 * TKIP: 6 octets, CCMP: 6 octets
1592 * @key: Key buffer; TKIP: 16-byte temporal key, 8-byte Tx Mic key,
1594 * @key_len: Length of the key buffer in octets (WEP: 5 or 13,
1595 * TKIP: 32, CCMP: 16)
1596 * Returns: 0 on success, -1 on failure
1598 * This function uses SIOCSIWENCODEEXT by default, but tries to use
1599 * SIOCSIWENCODE if the extended ioctl fails when configuring a WEP key.
1601 int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg,
1602 const u8 *addr, int key_idx,
1603 int set_tx, const u8 *seq, size_t seq_len,
1604 const u8 *key, size_t key_len)
1606 struct wpa_driver_wext_data *drv = priv;
1610 wpa_printf(MSG_DEBUG, "%s: alg=%d key_idx=%d set_tx=%d seq_len=%lu "
1612 __FUNCTION__, alg, key_idx, set_tx,
1613 (unsigned long) seq_len, (unsigned long) key_len);
1615 ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx,
1616 seq, seq_len, key, key_len);
1621 (alg == WPA_ALG_NONE || alg == WPA_ALG_WEP)) {
1622 wpa_printf(MSG_DEBUG, "Driver did not support "
1623 "SIOCSIWENCODEEXT, trying SIOCSIWENCODE");
1626 wpa_printf(MSG_DEBUG, "Driver did not support "
1627 "SIOCSIWENCODEEXT");
1631 os_memset(&iwr, 0, sizeof(iwr));
1632 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1633 iwr.u.encoding.flags = key_idx + 1;
1634 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1635 if (alg == WPA_ALG_NONE)
1636 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1637 iwr.u.encoding.pointer = (caddr_t) key;
1638 iwr.u.encoding.length = key_len;
1640 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1641 perror("ioctl[SIOCSIWENCODE]");
1645 if (set_tx && alg != WPA_ALG_NONE) {
1646 os_memset(&iwr, 0, sizeof(iwr));
1647 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1648 iwr.u.encoding.flags = key_idx + 1;
1649 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1650 iwr.u.encoding.pointer = (caddr_t) NULL;
1651 iwr.u.encoding.length = 0;
1652 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1653 perror("ioctl[SIOCSIWENCODE] (set_tx)");
1662 static int wpa_driver_wext_set_countermeasures(void *priv,
1665 struct wpa_driver_wext_data *drv = priv;
1666 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1667 return wpa_driver_wext_set_auth_param(drv,
1668 IW_AUTH_TKIP_COUNTERMEASURES,
1673 static int wpa_driver_wext_set_drop_unencrypted(void *priv,
1676 struct wpa_driver_wext_data *drv = priv;
1677 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1678 drv->use_crypt = enabled;
1679 return wpa_driver_wext_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
1684 static int wpa_driver_wext_mlme(struct wpa_driver_wext_data *drv,
1685 const u8 *addr, int cmd, int reason_code)
1688 struct iw_mlme mlme;
1691 os_memset(&iwr, 0, sizeof(iwr));
1692 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1693 os_memset(&mlme, 0, sizeof(mlme));
1695 mlme.reason_code = reason_code;
1696 mlme.addr.sa_family = ARPHRD_ETHER;
1697 os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1698 iwr.u.data.pointer = (caddr_t) &mlme;
1699 iwr.u.data.length = sizeof(mlme);
1701 if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1702 perror("ioctl[SIOCSIWMLME]");
1710 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv)
1713 const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 };
1718 * Only force-disconnect when the card is in infrastructure mode,
1719 * otherwise the driver might interpret the cleared BSSID and random
1720 * SSID as an attempt to create a new ad-hoc network.
1722 os_memset(&iwr, 0, sizeof(iwr));
1723 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1724 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
1725 perror("ioctl[SIOCGIWMODE]");
1726 iwr.u.mode = IW_MODE_INFRA;
1729 if (iwr.u.mode == IW_MODE_INFRA) {
1730 if (drv->cfg80211) {
1732 * cfg80211 supports SIOCSIWMLME commands, so there is
1733 * no need for the random SSID hack, but clear the
1736 if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0 ||
1737 wpa_driver_wext_set_ssid(drv, (u8 *) "", 0) < 0) {
1738 wpa_printf(MSG_DEBUG, "WEXT: Failed to clear "
1744 * Clear the BSSID selection and set a random SSID to make sure
1745 * the driver will not be trying to associate with something
1746 * even if it does not understand SIOCSIWMLME commands (or
1747 * tries to associate automatically after deauth/disassoc).
1751 * Oct, 21st. 2011. TIZEN
1752 * broadcom driver returns scan abort due to disconnect
1753 * Therefore, disconnect operation is blocked by using set_ssid
1756 for (i = 0; i < 32; i++)
1757 ssid[i] = rand() & 0xFF;
1760 if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0 ||
1761 wpa_driver_wext_set_ssid(drv, ssid, 32) < 0) {
1762 wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus "
1763 "BSSID/SSID to disconnect");
1766 if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0) {
1767 wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus "
1768 "BSSID/SSID to disconnect");
1774 static int wpa_driver_wext_deauthenticate(void *priv, const u8 *addr,
1777 struct wpa_driver_wext_data *drv = priv;
1779 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1780 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DEAUTH, reason_code);
1781 wpa_driver_wext_disconnect(drv);
1786 static int wpa_driver_wext_disassociate(void *priv, const u8 *addr,
1789 struct wpa_driver_wext_data *drv = priv;
1791 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1792 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DISASSOC, reason_code);
1793 wpa_driver_wext_disconnect(drv);
1798 static int wpa_driver_wext_set_gen_ie(void *priv, const u8 *ie,
1801 struct wpa_driver_wext_data *drv = priv;
1805 os_memset(&iwr, 0, sizeof(iwr));
1806 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1807 iwr.u.data.pointer = (caddr_t) ie;
1808 iwr.u.data.length = ie_len;
1810 if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
1811 perror("ioctl[SIOCSIWGENIE]");
1819 int wpa_driver_wext_cipher2wext(int cipher)
1823 return IW_AUTH_CIPHER_NONE;
1825 return IW_AUTH_CIPHER_WEP40;
1827 return IW_AUTH_CIPHER_TKIP;
1829 return IW_AUTH_CIPHER_CCMP;
1831 return IW_AUTH_CIPHER_WEP104;
1838 int wpa_driver_wext_keymgmt2wext(int keymgmt)
1841 case KEY_MGMT_802_1X:
1842 case KEY_MGMT_802_1X_NO_WPA:
1843 return IW_AUTH_KEY_MGMT_802_1X;
1845 return IW_AUTH_KEY_MGMT_PSK;
1853 wpa_driver_wext_auth_alg_fallback(struct wpa_driver_wext_data *drv,
1854 struct wpa_driver_associate_params *params)
1859 wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
1860 "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
1862 os_memset(&iwr, 0, sizeof(iwr));
1863 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1864 /* Just changing mode, not actual keys */
1865 iwr.u.encoding.flags = 0;
1866 iwr.u.encoding.pointer = (caddr_t) NULL;
1867 iwr.u.encoding.length = 0;
1870 * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
1871 * different things. Here they are used to indicate Open System vs.
1872 * Shared Key authentication algorithm. However, some drivers may use
1873 * them to select between open/restricted WEP encrypted (open = allow
1874 * both unencrypted and encrypted frames; restricted = only allow
1875 * encrypted frames).
1878 if (!drv->use_crypt) {
1879 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1881 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
1882 iwr.u.encoding.flags |= IW_ENCODE_OPEN;
1883 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
1884 iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
1887 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1888 perror("ioctl[SIOCSIWENCODE]");
1896 int wpa_driver_wext_associate(void *priv,
1897 struct wpa_driver_associate_params *params)
1899 struct wpa_driver_wext_data *drv = priv;
1901 int allow_unencrypted_eapol;
1904 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1906 if (drv->cfg80211) {
1908 * Stop cfg80211 from trying to associate before we are done
1909 * with all parameters.
1911 wpa_driver_wext_set_ssid(drv, (u8 *) "", 0);
1914 if (wpa_driver_wext_set_drop_unencrypted(drv, params->drop_unencrypted)
1917 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_drop_unencrypted fail");
1920 if (wpa_driver_wext_set_auth_alg(drv, params->auth_alg) < 0)
1922 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_alg fail");
1925 if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
1927 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_mode fail");
1932 * If the driver did not support SIOCSIWAUTH, fallback to
1933 * SIOCSIWENCODE here.
1935 if (drv->auth_alg_fallback &&
1936 wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
1938 wpa_printf(MSG_DEBUG, "wpa_driver_wext_auth_alg_fallback fail");
1942 if (!params->bssid &&
1943 wpa_driver_wext_set_bssid(drv, NULL) < 0)
1945 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_bssid fail");
1949 /* TODO: should consider getting wpa version and cipher/key_mgmt suites
1950 * from configuration, not from here, where only the selected suite is
1952 if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
1955 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_gen_ie fail");
1958 if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
1959 value = IW_AUTH_WPA_VERSION_DISABLED;
1960 else if (params->wpa_ie[0] == WLAN_EID_RSN)
1961 value = IW_AUTH_WPA_VERSION_WPA2;
1963 value = IW_AUTH_WPA_VERSION_WPA;
1964 if (wpa_driver_wext_set_auth_param(drv,
1965 IW_AUTH_WPA_VERSION, value) < 0)
1967 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
1970 value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
1971 if (wpa_driver_wext_set_auth_param(drv,
1972 IW_AUTH_CIPHER_PAIRWISE, value) < 0)
1974 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
1977 value = wpa_driver_wext_cipher2wext(params->group_suite);
1978 if (wpa_driver_wext_set_auth_param(drv,
1979 IW_AUTH_CIPHER_GROUP, value) < 0)
1981 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
1984 value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
1985 if (wpa_driver_wext_set_auth_param(drv,
1986 IW_AUTH_KEY_MGMT, value) < 0)
1988 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
1991 value = params->key_mgmt_suite != KEY_MGMT_NONE ||
1992 params->pairwise_suite != CIPHER_NONE ||
1993 params->group_suite != CIPHER_NONE ||
1995 if (wpa_driver_wext_set_auth_param(drv,
1996 IW_AUTH_PRIVACY_INVOKED, value) < 0)
1998 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
2002 /* Allow unencrypted EAPOL messages even if pairwise keys are set when
2003 * not using WPA. IEEE 802.1X specifies that these frames are not
2004 * encrypted, but WPA encrypts them when pairwise keys are in use. */
2005 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
2006 params->key_mgmt_suite == KEY_MGMT_PSK)
2007 allow_unencrypted_eapol = 0;
2009 allow_unencrypted_eapol = 1;
2011 if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
2013 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_psk fail");
2016 if (wpa_driver_wext_set_auth_param(drv,
2017 IW_AUTH_RX_UNENCRYPTED_EAPOL,
2018 allow_unencrypted_eapol) < 0)
2020 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
2023 #ifdef CONFIG_IEEE80211W
2024 switch (params->mgmt_frame_protection) {
2025 case NO_MGMT_FRAME_PROTECTION:
2026 value = IW_AUTH_MFP_DISABLED;
2028 case MGMT_FRAME_PROTECTION_OPTIONAL:
2029 value = IW_AUTH_MFP_OPTIONAL;
2031 case MGMT_FRAME_PROTECTION_REQUIRED:
2032 value = IW_AUTH_MFP_REQUIRED;
2035 if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
2037 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_auth_param fail");
2040 #endif /* CONFIG_IEEE80211W */
2041 if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
2043 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_freq fail");
2046 if (!drv->cfg80211 &&
2047 wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2049 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_ssid fail");
2052 if (params->bssid &&
2053 wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
2055 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_bssid fail");
2058 if (drv->cfg80211 &&
2059 wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2061 wpa_printf(MSG_DEBUG, "wpa_driver_wext_set_ssid fail");
2069 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg)
2071 struct wpa_driver_wext_data *drv = priv;
2074 if (auth_alg & WPA_AUTH_ALG_OPEN)
2075 algs |= IW_AUTH_ALG_OPEN_SYSTEM;
2076 if (auth_alg & WPA_AUTH_ALG_SHARED)
2077 algs |= IW_AUTH_ALG_SHARED_KEY;
2078 if (auth_alg & WPA_AUTH_ALG_LEAP)
2079 algs |= IW_AUTH_ALG_LEAP;
2081 /* at least one algorithm should be set */
2082 algs = IW_AUTH_ALG_OPEN_SYSTEM;
2085 res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2087 drv->auth_alg_fallback = res == -2;
2093 * wpa_driver_wext_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2094 * @priv: Pointer to private wext data from wpa_driver_wext_init()
2095 * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2096 * Returns: 0 on success, -1 on failure
2098 int wpa_driver_wext_set_mode(void *priv, int mode)
2100 struct wpa_driver_wext_data *drv = priv;
2103 unsigned int new_mode = mode ? IW_MODE_ADHOC : IW_MODE_INFRA;
2105 os_memset(&iwr, 0, sizeof(iwr));
2106 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2107 iwr.u.mode = new_mode;
2109 wpa_printf(MSG_DEBUG, "[%s][%d] WiFi mode is [%s]",__FUNCTION__,__LINE__, (new_mode==IW_MODE_ADHOC)?"ADHOC":"INFRA");
2111 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) == 0) {
2116 if (errno != EBUSY) {
2117 perror("ioctl[SIOCSIWMODE]");
2118 wpa_printf(MSG_DEBUG, "[%s][%d] error is [%d][%s]",__FUNCTION__,__LINE__,errno, strerror(errno));
2122 /* mac80211 doesn't allow mode changes while the device is up, so if
2123 * the device isn't in the mode we're about to change to, take device
2124 * down, try to set the mode again, and bring it back up.
2126 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
2127 perror("ioctl[SIOCGIWMODE]");
2128 wpa_printf(MSG_DEBUG, "[%s][%d]",__FUNCTION__,__LINE__);
2132 if (iwr.u.mode == new_mode) {
2134 wpa_printf(MSG_DEBUG, "[%s][%d]",__FUNCTION__,__LINE__);
2138 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0) == 0) {
2139 /* Try to set the mode again while the interface is down */
2140 iwr.u.mode = new_mode;
2141 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) < 0)
2143 wpa_printf(MSG_DEBUG, "[%s][%d]",__FUNCTION__,__LINE__);
2144 perror("ioctl[SIOCSIWMODE]");
2149 (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1);
2157 static int wpa_driver_wext_pmksa(struct wpa_driver_wext_data *drv,
2158 u32 cmd, const u8 *bssid, const u8 *pmkid)
2161 struct iw_pmksa pmksa;
2164 os_memset(&iwr, 0, sizeof(iwr));
2165 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2166 os_memset(&pmksa, 0, sizeof(pmksa));
2168 pmksa.bssid.sa_family = ARPHRD_ETHER;
2170 os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2172 os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2173 iwr.u.data.pointer = (caddr_t) &pmksa;
2174 iwr.u.data.length = sizeof(pmksa);
2176 if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2177 if (errno != EOPNOTSUPP)
2178 perror("ioctl[SIOCSIWPMKSA]");
2186 static int wpa_driver_wext_add_pmkid(void *priv, const u8 *bssid,
2189 struct wpa_driver_wext_data *drv = priv;
2190 return wpa_driver_wext_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2194 static int wpa_driver_wext_remove_pmkid(void *priv, const u8 *bssid,
2197 struct wpa_driver_wext_data *drv = priv;
2198 return wpa_driver_wext_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2202 static int wpa_driver_wext_flush_pmkid(void *priv)
2204 struct wpa_driver_wext_data *drv = priv;
2205 return wpa_driver_wext_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2209 int wpa_driver_wext_get_capa(void *priv, struct wpa_driver_capa *capa)
2211 struct wpa_driver_wext_data *drv = priv;
2212 if (!drv->has_capability)
2214 os_memcpy(capa, &drv->capa, sizeof(*capa));
2219 int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
2222 if (ifname == NULL) {
2227 drv->ifindex2 = if_nametoindex(ifname);
2228 if (drv->ifindex2 <= 0)
2231 wpa_printf(MSG_DEBUG, "Added alternative ifindex %d (%s) for "
2232 "wireless events", drv->ifindex2, ifname);
2238 int wpa_driver_wext_set_operstate(void *priv, int state)
2240 struct wpa_driver_wext_data *drv = priv;
2242 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2243 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2244 drv->operstate = state;
2245 return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
2246 state ? IF_OPER_UP : IF_OPER_DORMANT);
2250 int wpa_driver_wext_get_version(struct wpa_driver_wext_data *drv)
2252 return drv->we_version_compiled;
2256 const struct wpa_driver_ops wpa_driver_wext_ops = {
2258 .desc = "Linux wireless extensions (generic)",
2259 .get_bssid = wpa_driver_wext_get_bssid,
2260 .get_ssid = wpa_driver_wext_get_ssid,
2261 .set_key = wpa_driver_wext_set_key,
2262 .set_countermeasures = wpa_driver_wext_set_countermeasures,
2263 .scan2 = wpa_driver_wext_scan,
2264 .get_scan_results2 = wpa_driver_wext_get_scan_results,
2265 .deauthenticate = wpa_driver_wext_deauthenticate,
2266 .disassociate = wpa_driver_wext_disassociate,
2267 .associate = wpa_driver_wext_associate,
2268 .init = wpa_driver_wext_init,
2269 .deinit = wpa_driver_wext_deinit,
2270 .add_pmkid = wpa_driver_wext_add_pmkid,
2271 .remove_pmkid = wpa_driver_wext_remove_pmkid,
2272 .flush_pmkid = wpa_driver_wext_flush_pmkid,
2273 .get_capa = wpa_driver_wext_get_capa,
2274 .set_operstate = wpa_driver_wext_set_operstate,