static struct wpa_bss *
wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s,
struct wpa_scan_results *scan_res,
struct wpa_ssid *group,
struct wpa_ssid **selected_ssid)
{
size_t i;
wpa_printf(MSG_DEBUG, "Selecting BSS from priority group %d",
group->priority);
for (i = 0; i < scan_res->num; i++) {
struct wpa_scan_res *bss = scan_res->res[i];
const u8 *ie, *ssid;
u8 ssid_len;
*selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group);
if (!*selected_ssid)
continue;
ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
ssid = ie ? ie + 2 : (u8 *) "";
ssid_len = ie ? ie[1] : 0;
wpa_printf(MSG_DEBUG, " selected BSS " MACSTR " ssid='%s'",
MAC2STR(bss->bssid), wpa_ssid_txt(ssid, ssid_len));
return wpa_bss_get(wpa_s, bss->bssid, ssid, ssid_len);
}
return NULL;
}
static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid,
const struct wps_credential *cred)
{
struct wpa_driver_capa capa;
struct wpa_bss *bss;
const u8 *ie;
struct wpa_ie_data adv;
int wpa2 = 0, ccmp = 0;
/*
* Many existing WPS APs do not know how to negotiate WPA2 or CCMP in
* case they are configured for mixed mode operation (WPA+WPA2 and
* TKIP+CCMP). Try to use scan results to figure out whether the AP
* actually supports stronger security and select that if the client
* has support for it, too.
*/
if (wpa_drv_get_capa(wpa_s, &capa))
return; /* Unknown what driver supports */
bss = wpa_bss_get(wpa_s, cred->mac_addr, ssid->ssid, ssid->ssid_len);
if (bss == NULL) {
wpa_printf(MSG_DEBUG, "WPS: The AP was not found from BSS "
"table - use credential as-is");
return;
}
wpa_printf(MSG_DEBUG, "WPS: AP found from BSS table");
ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0) {
wpa2 = 1;
if (adv.pairwise_cipher & WPA_CIPHER_CCMP)
ccmp = 1;
} else {
ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0 &&
adv.pairwise_cipher & WPA_CIPHER_CCMP)
ccmp = 1;
}
if (ie == NULL && (ssid->proto & WPA_PROTO_WPA) &&
(ssid->pairwise_cipher & WPA_CIPHER_TKIP)) {
/*
* TODO: This could be the initial AP configuration and the
* Beacon contents could change shortly. Should request a new
* scan and delay addition of the network until the updated
* scan results are available.
*/
wpa_printf(MSG_DEBUG, "WPS: The AP did not yet advertise WPA "
"support - use credential as-is");
return;
}
if (ccmp && !(ssid->pairwise_cipher & WPA_CIPHER_CCMP) &&
(ssid->pairwise_cipher & WPA_CIPHER_TKIP) &&
(capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) {
wpa_printf(MSG_DEBUG, "WPS: Add CCMP into the credential "
"based on scan results");
if (wpa_s->conf->ap_scan == 1)
ssid->pairwise_cipher |= WPA_CIPHER_CCMP;
else
ssid->pairwise_cipher = WPA_CIPHER_CCMP;
}
if (wpa2 && !(ssid->proto & WPA_PROTO_RSN) &&
(ssid->proto & WPA_PROTO_WPA) &&
(capa.enc & WPA_DRIVER_CAPA_ENC_CCMP)) {
wpa_printf(MSG_DEBUG, "WPS: Add WPA2 into the credential "
"based on scan results");
if (wpa_s->conf->ap_scan == 1)
ssid->proto |= WPA_PROTO_RSN;
else
ssid->proto = WPA_PROTO_RSN;
}
}
static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
union wpa_event_data *data)
{
u8 bssid[ETH_ALEN];
int ft_completed;
int bssid_changed;
struct wpa_driver_capa capa;
#ifdef CONFIG_AP
if (wpa_s->ap_iface) {
hostapd_notif_assoc(wpa_s->ap_iface->bss[0],
data->assoc_info.addr,
data->assoc_info.req_ies,
data->assoc_info.req_ies_len);
return;
}
#endif /* CONFIG_AP */
ft_completed = wpa_ft_is_completed(wpa_s->wpa);
if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0)
return;
wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED);
if (wpa_drv_get_bssid(wpa_s, bssid) >= 0 &&
os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) {
wpa_msg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID="
MACSTR, MAC2STR(bssid));
bssid_changed = os_memcmp(wpa_s->bssid, bssid, ETH_ALEN);
os_memcpy(wpa_s->bssid, bssid, ETH_ALEN);
os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
if (bssid_changed)
wpas_notify_bssid_changed(wpa_s);
if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) {
wpa_clear_keys(wpa_s, bssid);
}
if (wpa_supplicant_select_config(wpa_s) < 0) {
wpa_supplicant_disassociate(
wpa_s, WLAN_REASON_DEAUTH_LEAVING);
return;
}
if (wpa_s->current_ssid) {
struct wpa_bss *bss = NULL;
struct wpa_ssid *ssid = wpa_s->current_ssid;
if (ssid->ssid_len > 0)
bss = wpa_bss_get(wpa_s, bssid,
ssid->ssid, ssid->ssid_len);
if (!bss)
bss = wpa_bss_get_bssid(wpa_s, bssid);
if (bss)
wpa_s->current_bss = bss;
}
}
#ifdef CONFIG_SME
os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN);
wpa_s->sme.prev_bssid_set = 1;
#endif /* CONFIG_SME */
wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid));
if (wpa_s->current_ssid) {
/* When using scanning (ap_scan=1), SIM PC/SC interface can be
* initialized before association, but for other modes,
* initialize PC/SC here, if the current configuration needs
* smartcard or SIM/USIM. */
wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid);
}
wpa_sm_notify_assoc(wpa_s->wpa, bssid);
if (wpa_s->l2)
l2_packet_notify_auth_start(wpa_s->l2);
/*
* Set portEnabled first to FALSE in order to get EAP state machine out
* of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE
* state machine may transit to AUTHENTICATING state based on obsolete
* eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to
* AUTHENTICATED without ever giving chance to EAP state machine to
* reset the state.
*/
if (!ft_completed) {
eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
}
if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed)
eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
/* 802.1X::portControl = Auto */
eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE);
wpa_s->eapol_received = 0;
if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE ||
(wpa_s->current_ssid &&
wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) {
wpa_supplicant_cancel_auth_timeout(wpa_s);
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
} else if (!ft_completed) {
/* Timeout for receiving the first EAPOL packet */
wpa_supplicant_req_auth_timeout(wpa_s, 10, 0);
}
wpa_supplicant_cancel_scan(wpa_s);
if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
/*
* We are done; the driver will take care of RSN 4-way
* handshake.
*/
wpa_supplicant_cancel_auth_timeout(wpa_s);
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
}
if (wpa_s->pending_eapol_rx) {
struct os_time now, age;
os_get_time(&now);
os_time_sub(&now, &wpa_s->pending_eapol_rx_time, &age);
if (age.sec == 0 && age.usec < 100000 &&
os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) ==
0) {
wpa_printf(MSG_DEBUG, "Process pending EAPOL frame "
"that was received just before association "
"notification");
wpa_supplicant_rx_eapol(
wpa_s, wpa_s->pending_eapol_rx_src,
wpabuf_head(wpa_s->pending_eapol_rx),
wpabuf_len(wpa_s->pending_eapol_rx));
}
wpabuf_free(wpa_s->pending_eapol_rx);
wpa_s->pending_eapol_rx = NULL;
}
if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
wpa_s->current_ssid && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE) {
/* Set static WEP keys again */
wpa_set_wep_keys(wpa_s, wpa_s->current_ssid);
}
}
/**
* wpa_bss_update_scan_res - Update a BSS table entry based on a scan result
* @wpa_s: Pointer to wpa_supplicant data
* @res: Scan result
* @fetch_time: Time when the result was fetched from the driver
*
* This function updates a BSS table entry (or adds one) based on a scan result.
* This is called separately for each scan result between the calls to
* wpa_bss_update_start() and wpa_bss_update_end().
*/
void wpa_bss_update_scan_res(struct wpa_supplicant *wpa_s,
struct wpa_scan_res *res,
struct os_reltime *fetch_time)
{
const u8 *ssid, *p2p, *mesh;
struct wpa_bss *bss;
if (wpa_s->conf->ignore_old_scan_res) {
struct os_reltime update;
calculate_update_time(fetch_time, res->age, &update);
if (os_reltime_before(&update, &wpa_s->scan_trigger_time)) {
struct os_reltime age;
os_reltime_sub(&wpa_s->scan_trigger_time, &update,
&age);
wpa_dbg(wpa_s, MSG_DEBUG, "BSS: Ignore driver BSS "
"table entry that is %u.%06u seconds older "
"than our scan trigger",
(unsigned int) age.sec,
(unsigned int) age.usec);
return;
}
}
ssid = wpa_scan_get_ie(res, WLAN_EID_SSID);
if (ssid == NULL) {
wpa_dbg(wpa_s, MSG_DEBUG, "BSS: No SSID IE included for "
MACSTR, MAC2STR(res->bssid));
return;
}
if (ssid[1] > SSID_MAX_LEN) {
wpa_dbg(wpa_s, MSG_DEBUG, "BSS: Too long SSID IE included for "
MACSTR, MAC2STR(res->bssid));
return;
}
p2p = wpa_scan_get_vendor_ie(res, P2P_IE_VENDOR_TYPE);
#ifdef CONFIG_P2P
if (p2p == NULL &&
wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) {
/*
* If it's a P2P specific interface, then don't update
* the scan result without a P2P IE.
*/
wpa_printf(MSG_DEBUG, "BSS: No P2P IE - skipping BSS " MACSTR
" update for P2P interface", MAC2STR(res->bssid));
return;
}
#endif /* CONFIG_P2P */
if (p2p && ssid[1] == P2P_WILDCARD_SSID_LEN &&
os_memcmp(ssid + 2, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) == 0)
return; /* Skip P2P listen discovery results here */
/* TODO: add option for ignoring BSSes we are not interested in
* (to save memory) */
mesh = wpa_scan_get_ie(res, WLAN_EID_MESH_ID);
if (mesh && mesh[1] <= SSID_MAX_LEN)
ssid = mesh;
bss = wpa_bss_get(wpa_s, res->bssid, ssid + 2, ssid[1]);
if (bss == NULL)
bss = wpa_bss_add(wpa_s, ssid + 2, ssid[1], res, fetch_time);
else {
bss = wpa_bss_update(wpa_s, bss, res, fetch_time);
if (wpa_s->last_scan_res) {
unsigned int i;
for (i = 0; i < wpa_s->last_scan_res_used; i++) {
if (bss == wpa_s->last_scan_res[i]) {
/* Already in the list */
return;
}
}
}
}
if (bss == NULL)
return;
if (wpa_s->last_scan_res_used >= wpa_s->last_scan_res_size) {
struct wpa_bss **n;
unsigned int siz;
if (wpa_s->last_scan_res_size == 0)
siz = 32;
else
siz = wpa_s->last_scan_res_size * 2;
n = os_realloc_array(wpa_s->last_scan_res, siz,
sizeof(struct wpa_bss *));
if (n == NULL)
return;
wpa_s->last_scan_res = n;
wpa_s->last_scan_res_size = siz;
}
if (wpa_s->last_scan_res)
wpa_s->last_scan_res[wpa_s->last_scan_res_used++] = bss;
}
static struct wpa_bss *
wpa_supplicant_select_bss_non_wpa(struct wpa_supplicant *wpa_s,
struct wpa_scan_results *scan_res,
struct wpa_ssid *group,
struct wpa_ssid **selected_ssid)
{
struct wpa_ssid *ssid;
struct wpa_scan_res *bss;
size_t i;
struct wpa_blacklist *e;
const u8 *ie;
wpa_printf(MSG_DEBUG, "Try to find non-WPA AP");
for (i = 0; i < scan_res->num; i++) {
const u8 *ssid_;
u8 wpa_ie_len, rsn_ie_len, ssid_len;
bss = scan_res->res[i];
ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
ssid_ = ie ? ie + 2 : (u8 *) "";
ssid_len = ie ? ie[1] : 0;
ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
wpa_ie_len = ie ? ie[1] : 0;
ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
rsn_ie_len = ie ? ie[1] : 0;
wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
"wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
(int) i, MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len),
wpa_ie_len, rsn_ie_len, bss->caps);
e = wpa_blacklist_get(wpa_s, bss->bssid);
if (e && e->count > 1) {
wpa_printf(MSG_DEBUG, " skip - blacklisted");
continue;
}
if (ssid_len == 0) {
wpa_printf(MSG_DEBUG, " skip - SSID not known");
continue;
}
for (ssid = group; ssid; ssid = ssid->pnext) {
int check_ssid = ssid->ssid_len != 0;
if (ssid->disabled) {
wpa_printf(MSG_DEBUG, " skip - disabled");
continue;
}
#ifdef CONFIG_WPS
if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
/* Only allow wildcard SSID match if an AP
* advertises active WPS operation that matches
* with our mode. */
check_ssid = 1;
if (ssid->ssid_len == 0 &&
wpas_wps_ssid_wildcard_ok(wpa_s, ssid,
bss))
check_ssid = 0;
}
#endif /* CONFIG_WPS */
if (check_ssid &&
(ssid_len != ssid->ssid_len ||
os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) {
wpa_printf(MSG_DEBUG, " skip - "
"SSID mismatch");
continue;
}
if (ssid->bssid_set &&
os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0)
{
wpa_printf(MSG_DEBUG, " skip - "
"BSSID mismatch");
continue;
}
if (!(ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
!(ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
!(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA))
{
wpa_printf(MSG_DEBUG, " skip - "
"non-WPA network not allowed");
continue;
}
if ((ssid->key_mgmt &
(WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK |
WPA_KEY_MGMT_IEEE8021X_SHA256 |
WPA_KEY_MGMT_PSK_SHA256)) &&
(wpa_ie_len != 0 || rsn_ie_len != 0)) {
wpa_printf(MSG_DEBUG, " skip - "
"WPA network");
continue;
}
if (!wpa_supplicant_match_privacy(bss, ssid)) {
wpa_printf(MSG_DEBUG, " skip - "
"privacy mismatch");
continue;
}
if (bss->caps & IEEE80211_CAP_IBSS) {
wpa_printf(MSG_DEBUG, " skip - "
"IBSS (adhoc) network");
continue;
}
if (!freq_allowed(ssid->freq_list, bss->freq)) {
wpa_printf(MSG_DEBUG, " skip - "
"frequency not allowed");
continue;
}
wpa_printf(MSG_DEBUG, " selected non-WPA AP "
MACSTR " ssid='%s'",
MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len));
*selected_ssid = ssid;
return wpa_bss_get(wpa_s, bss->bssid, ssid_, ssid_len);
}
}
return NULL;
}
static struct wpa_bss *
wpa_supplicant_select_bss_wpa(struct wpa_supplicant *wpa_s,
struct wpa_scan_results *scan_res,
struct wpa_ssid *group,
struct wpa_ssid **selected_ssid)
{
struct wpa_ssid *ssid;
struct wpa_scan_res *bss;
size_t i;
struct wpa_blacklist *e;
const u8 *ie;
wpa_printf(MSG_DEBUG, "Try to find WPA-enabled AP");
for (i = 0; i < scan_res->num; i++) {
const u8 *ssid_;
u8 wpa_ie_len, rsn_ie_len, ssid_len;
bss = scan_res->res[i];
ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
ssid_ = ie ? ie + 2 : (u8 *) "";
ssid_len = ie ? ie[1] : 0;
ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
wpa_ie_len = ie ? ie[1] : 0;
ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
rsn_ie_len = ie ? ie[1] : 0;
wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
"wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
(int) i, MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len),
wpa_ie_len, rsn_ie_len, bss->caps);
e = wpa_blacklist_get(wpa_s, bss->bssid);
if (e) {
int limit = 1;
if (wpa_supplicant_enabled_networks(wpa_s->conf) == 1) {
/*
* When only a single network is enabled, we can
* trigger blacklisting on the first failure. This
* should not be done with multiple enabled networks to
* avoid getting forced to move into a worse ESS on
* single error if there are no other BSSes of the
* current ESS.
*/
limit = 0;
}
if (e->count > limit) {
wpa_printf(MSG_DEBUG, " skip - blacklisted "
"(count=%d limit=%d)", e->count, limit);
continue;
}
}
if (ssid_len == 0) {
wpa_printf(MSG_DEBUG, " skip - SSID not known");
continue;
}
if (wpa_ie_len == 0 && rsn_ie_len == 0) {
wpa_printf(MSG_DEBUG, " skip - no WPA/RSN IE");
continue;
}
for (ssid = group; ssid; ssid = ssid->pnext) {
int check_ssid = 1;
if (ssid->disabled) {
wpa_printf(MSG_DEBUG, " skip - disabled");
continue;
}
#ifdef CONFIG_WPS
if (ssid->ssid_len == 0 &&
wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss))
check_ssid = 0;
#endif /* CONFIG_WPS */
if (check_ssid &&
(ssid_len != ssid->ssid_len ||
os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) {
wpa_printf(MSG_DEBUG, " skip - "
"SSID mismatch");
continue;
}
if (ssid->bssid_set &&
os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0)
{
wpa_printf(MSG_DEBUG, " skip - "
"BSSID mismatch");
continue;
}
if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss))
continue;
if (!freq_allowed(ssid->freq_list, bss->freq)) {
wpa_printf(MSG_DEBUG, " skip - "
"frequency not allowed");
continue;
}
wpa_printf(MSG_DEBUG, " selected WPA AP "
MACSTR " ssid='%s'",
MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len));
*selected_ssid = ssid;
return wpa_bss_get(wpa_s, bss->bssid, ssid_, ssid_len);
}
}
return NULL;
}
static struct wpa_bss *
wpa_supplicant_select_bss_wpa(struct wpa_supplicant *wpa_s,
struct wpa_scan_results *scan_res,
struct wpa_ssid *group,
struct wpa_ssid **selected_ssid)
{
struct wpa_ssid *ssid;
struct wpa_scan_res *bss;
size_t i;
struct wpa_blacklist *e;
const u8 *ie;
wpa_printf(MSG_DEBUG, "Try to find WPA-enabled AP");
for (i = 0; i < scan_res->num; i++) {
const u8 *ssid_;
u8 wpa_ie_len, rsn_ie_len, ssid_len;
bss = scan_res->res[i];
ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
ssid_ = ie ? ie + 2 : (u8 *) "";
ssid_len = ie ? ie[1] : 0;
ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
wpa_ie_len = ie ? ie[1] : 0;
ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
rsn_ie_len = ie ? ie[1] : 0;
wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
"wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
(int) i, MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len),
wpa_ie_len, rsn_ie_len, bss->caps);
e = wpa_blacklist_get(wpa_s, bss->bssid);
if (e && e->count > 1) {
wpa_printf(MSG_DEBUG, " skip - blacklisted");
continue;
}
if (ssid_len == 0) {
wpa_printf(MSG_DEBUG, " skip - SSID not known");
continue;
}
if (wpa_ie_len == 0 && rsn_ie_len == 0) {
wpa_printf(MSG_DEBUG, " skip - no WPA/RSN IE");
continue;
}
for (ssid = group; ssid; ssid = ssid->pnext) {
int check_ssid = 1;
if (ssid->disabled) {
wpa_printf(MSG_DEBUG, " skip - disabled");
continue;
}
#ifdef CONFIG_WPS
if (ssid->ssid_len == 0 &&
wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss))
check_ssid = 0;
#endif /* CONFIG_WPS */
if (check_ssid &&
(ssid_len != ssid->ssid_len ||
os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) {
wpa_printf(MSG_DEBUG, " skip - "
"SSID mismatch");
continue;
}
if (ssid->bssid_set &&
os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0)
{
wpa_printf(MSG_DEBUG, " skip - "
"BSSID mismatch");
continue;
}
if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss))
continue;
if (!freq_allowed(ssid->freq_list, bss->freq)) {
wpa_printf(MSG_DEBUG, " skip - "
"frequency not allowed");
continue;
}
wpa_printf(MSG_DEBUG, " selected WPA AP "
MACSTR " ssid='%s'",
MAC2STR(bss->bssid),
wpa_ssid_txt(ssid_, ssid_len));
*selected_ssid = ssid;
return wpa_bss_get(wpa_s, bss->bssid, ssid_, ssid_len);
}
}
return NULL;
}
