Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 6f3bdcf8c96ad38245e927ac1afe28b98621a4e5 / . / wpa_supplicant / scan.c
blob: 4fb9befcc534e6cd2ad32b9da09fbb806fbdb3ec [file] [log] [blame]
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1/*
2 * WPA Supplicant - Scanning
3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15#include "utils/includes.h"
16
17#include "utils/common.h"
18#include "utils/eloop.h"
19#include "common/ieee802_11_defs.h"
20#include "config.h"
21#include "wpa_supplicant_i.h"
22#include "driver_i.h"
23#include "mlme.h"
24#include "wps_supplicant.h"
25#include "p2p_supplicant.h"
26#include "p2p/p2p.h"
27#include "notify.h"
28#include "bss.h"
29#include "scan.h"
30
31
32static void wpa_supplicant_gen_assoc_event(struct wpa_supplicant *wpa_s)
33{
34 struct wpa_ssid *ssid;
35 union wpa_event_data data;
36
37 ssid = wpa_supplicant_get_ssid(wpa_s);
38 if (ssid == NULL)
39 return;
40
41 if (wpa_s->current_ssid == NULL) {
42 wpa_s->current_ssid = ssid;
43 if (wpa_s->current_ssid != NULL)
44 wpas_notify_network_changed(wpa_s);
45 }
46 wpa_supplicant_initiate_eapol(wpa_s);
47 wpa_dbg(wpa_s, MSG_DEBUG, "Already associated with a configured "
48 "network - generating associated event");
49 os_memset(&data, 0, sizeof(data));
50 wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data);
51}
52
53
54#ifdef CONFIG_WPS
55static int wpas_wps_in_use(struct wpa_config *conf,
56 enum wps_request_type *req_type)
57{
58 struct wpa_ssid *ssid;
59 int wps = 0;
60
61 for (ssid = conf->ssid; ssid; ssid = ssid->next) {
62 if (!(ssid->key_mgmt & WPA_KEY_MGMT_WPS))
63 continue;
64
65 wps = 1;
66 *req_type = wpas_wps_get_req_type(ssid);
67 if (!ssid->eap.phase1)
68 continue;
69
70 if (os_strstr(ssid->eap.phase1, "pbc=1"))
71 return 2;
72 }
73
74 return wps;
75}
76#endif /* CONFIG_WPS */
77
78
79int wpa_supplicant_enabled_networks(struct wpa_config *conf)
80{
81 struct wpa_ssid *ssid = conf->ssid;
82 int count = 0;
83 while (ssid) {
84 if (!ssid->disabled)
85 count++;
86 ssid = ssid->next;
87 }
88 return count;
89}
90
91
92static void wpa_supplicant_assoc_try(struct wpa_supplicant *wpa_s,
93 struct wpa_ssid *ssid)
94{
95 while (ssid) {
96 if (!ssid->disabled)
97 break;
98 ssid = ssid->next;
99 }
100
101 /* ap_scan=2 mode - try to associate with each SSID. */
102 if (ssid == NULL) {
103 wpa_dbg(wpa_s, MSG_DEBUG, "wpa_supplicant_assoc_try: Reached "
104 "end of scan list - go back to beginning");
105 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
106 wpa_supplicant_req_scan(wpa_s, 0, 0);
107 return;
108 }
109 if (ssid->next) {
110 /* Continue from the next SSID on the next attempt. */
111 wpa_s->prev_scan_ssid = ssid;
112 } else {
113 /* Start from the beginning of the SSID list. */
114 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
115 }
116 wpa_supplicant_associate(wpa_s, NULL, ssid);
117}
118
119
120static int int_array_len(const int *a)
121{
122 int i;
123 for (i = 0; a && a[i]; i++)
124 ;
125 return i;
126}
127
128
129static void int_array_concat(int **res, const int *a)
130{
131 int reslen, alen, i;
132 int *n;
133
134 reslen = int_array_len(*res);
135 alen = int_array_len(a);
136
137 n = os_realloc(*res, (reslen + alen + 1) * sizeof(int));
138 if (n == NULL) {
139 os_free(*res);
140 *res = NULL;
141 return;
142 }
143 for (i = 0; i <= alen; i++)
144 n[reslen + i] = a[i];
145 *res = n;
146}
147
148
149static int freq_cmp(const void *a, const void *b)
150{
151 int _a = *(int *) a;
152 int _b = *(int *) b;
153
154 if (_a == 0)
155 return 1;
156 if (_b == 0)
157 return -1;
158 return _a - _b;
159}
160
161
162static void int_array_sort_unique(int *a)
163{
164 int alen;
165 int i, j;
166
167 if (a == NULL)
168 return;
169
170 alen = int_array_len(a);
171 qsort(a, alen, sizeof(int), freq_cmp);
172
173 i = 0;
174 j = 1;
175 while (a[i] && a[j]) {
176 if (a[i] == a[j]) {
177 j++;
178 continue;
179 }
180 a[++i] = a[j++];
181 }
182 if (a[i])
183 i++;
184 a[i] = 0;
185}
186
187
188int wpa_supplicant_trigger_scan(struct wpa_supplicant *wpa_s,
189 struct wpa_driver_scan_params *params)
190{
191 int ret;
192
193 wpa_supplicant_notify_scanning(wpa_s, 1);
194
195 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
196 ret = ieee80211_sta_req_scan(wpa_s, params);
197 else
198 ret = wpa_drv_scan(wpa_s, params);
199
200 if (ret) {
201 wpa_supplicant_notify_scanning(wpa_s, 0);
202 wpas_notify_scan_done(wpa_s, 0);
203 } else
204 wpa_s->scan_runs++;
205
206 return ret;
207}
208
209
210static struct wpa_driver_scan_filter *
211wpa_supplicant_build_filter_ssids(struct wpa_config *conf, size_t *num_ssids)
212{
213 struct wpa_driver_scan_filter *ssids;
214 struct wpa_ssid *ssid;
215 size_t count;
216
217 *num_ssids = 0;
218 if (!conf->filter_ssids)
219 return NULL;
220
221 for (count = 0, ssid = conf->ssid; ssid; ssid = ssid->next) {
222 if (ssid->ssid && ssid->ssid_len)
223 count++;
224 }
225 if (count == 0)
226 return NULL;
227 ssids = os_zalloc(count * sizeof(struct wpa_driver_scan_filter));
228 if (ssids == NULL)
229 return NULL;
230
231 for (ssid = conf->ssid; ssid; ssid = ssid->next) {
232 if (!ssid->ssid || !ssid->ssid_len)
233 continue;
234 os_memcpy(ssids[*num_ssids].ssid, ssid->ssid, ssid->ssid_len);
235 ssids[*num_ssids].ssid_len = ssid->ssid_len;
236 (*num_ssids)++;
237 }
238
239 return ssids;
240}
241
242
243static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
244{
245 struct wpa_supplicant *wpa_s = eloop_ctx;
246 struct wpa_ssid *ssid;
247 int scan_req = 0, ret;
248 struct wpabuf *wps_ie = NULL;
249#ifdef CONFIG_WPS
250 int wps = 0;
251 enum wps_request_type req_type = WPS_REQ_ENROLLEE_INFO;
252#endif /* CONFIG_WPS */
253 struct wpa_driver_scan_params params;
254 size_t max_ssids;
255 enum wpa_states prev_state;
256
257 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
258 wpa_dbg(wpa_s, MSG_DEBUG, "Skip scan - interface disabled");
259 return;
260 }
261
262 if (wpa_s->disconnected && !wpa_s->scan_req) {
263 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
264 return;
265 }
266
267 if (!wpa_supplicant_enabled_networks(wpa_s->conf) &&
268 !wpa_s->scan_req) {
269 wpa_dbg(wpa_s, MSG_DEBUG, "No enabled networks - do not scan");
270 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
271 return;
272 }
273
274 if (wpa_s->conf->ap_scan != 0 &&
275 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) {
276 wpa_dbg(wpa_s, MSG_DEBUG, "Using wired authentication - "
277 "overriding ap_scan configuration");
278 wpa_s->conf->ap_scan = 0;
279 wpas_notify_ap_scan_changed(wpa_s);
280 }
281
282 if (wpa_s->conf->ap_scan == 0) {
283 wpa_supplicant_gen_assoc_event(wpa_s);
284 return;
285 }
286
287 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) ||
288 wpa_s->conf->ap_scan == 2)
289 max_ssids = 1;
290 else {
291 max_ssids = wpa_s->max_scan_ssids;
292 if (max_ssids > WPAS_MAX_SCAN_SSIDS)
293 max_ssids = WPAS_MAX_SCAN_SSIDS;
294 }
295
296#ifdef CONFIG_WPS
297 wps = wpas_wps_in_use(wpa_s->conf, &req_type);
298#endif /* CONFIG_WPS */
299
300 scan_req = wpa_s->scan_req;
301 wpa_s->scan_req = 0;
302
303 os_memset(&params, 0, sizeof(params));
304
305 prev_state = wpa_s->wpa_state;
306 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
307 wpa_s->wpa_state == WPA_INACTIVE)
308 wpa_supplicant_set_state(wpa_s, WPA_SCANNING);
309
310 /* Find the starting point from which to continue scanning */
311 ssid = wpa_s->conf->ssid;
312 if (wpa_s->prev_scan_ssid != WILDCARD_SSID_SCAN) {
313 while (ssid) {
314 if (ssid == wpa_s->prev_scan_ssid) {
315 ssid = ssid->next;
316 break;
317 }
318 ssid = ssid->next;
319 }
320 }
321
322 if (scan_req != 2 && (wpa_s->conf->ap_scan == 2 ||
323 wpa_s->connect_without_scan)) {
324 wpa_s->connect_without_scan = 0;
325 wpa_supplicant_assoc_try(wpa_s, ssid);
326 return;
327 } else if (wpa_s->conf->ap_scan == 2) {
328 /*
329 * User-initiated scan request in ap_scan == 2; scan with
330 * wildcard SSID.
331 */
332 ssid = NULL;
333 } else {
334 struct wpa_ssid *start = ssid, *tssid;
335 int freqs_set = 0;
336 if (ssid == NULL && max_ssids > 1)
337 ssid = wpa_s->conf->ssid;
338 while (ssid) {
339 if (!ssid->disabled && ssid->scan_ssid) {
340 wpa_hexdump_ascii(MSG_DEBUG, "Scan SSID",
341 ssid->ssid, ssid->ssid_len);
342 params.ssids[params.num_ssids].ssid =
343 ssid->ssid;
344 params.ssids[params.num_ssids].ssid_len =
345 ssid->ssid_len;
346 params.num_ssids++;
347 if (params.num_ssids + 1 >= max_ssids)
348 break;
349 }
350 ssid = ssid->next;
351 if (ssid == start)
352 break;
353 if (ssid == NULL && max_ssids > 1 &&
354 start != wpa_s->conf->ssid)
355 ssid = wpa_s->conf->ssid;
356 }
357
358 for (tssid = wpa_s->conf->ssid; tssid; tssid = tssid->next) {
359 if (tssid->disabled)
360 continue;
361 if ((params.freqs || !freqs_set) && tssid->scan_freq) {
362 int_array_concat(&params.freqs,
363 tssid->scan_freq);
364 } else {
365 os_free(params.freqs);
366 params.freqs = NULL;
367 }
368 freqs_set = 1;
369 }
370 int_array_sort_unique(params.freqs);
371 }
372
373 if (ssid) {
374 wpa_s->prev_scan_ssid = ssid;
375 if (max_ssids > 1) {
376 wpa_dbg(wpa_s, MSG_DEBUG, "Include wildcard SSID in "
377 "the scan request");
378 params.num_ssids++;
379 }
380 wpa_dbg(wpa_s, MSG_DEBUG, "Starting AP scan for specific "
381 "SSID(s)");
382 } else {
383 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
384 params.num_ssids++;
385 wpa_dbg(wpa_s, MSG_DEBUG, "Starting AP scan for wildcard "
386 "SSID");
387 }
388
389#ifdef CONFIG_P2P
390 wpa_s->wps->dev.p2p = 1;
391 if (!wps) {
392 wps = 1;
393 req_type = WPS_REQ_ENROLLEE_INFO;
394 }
395
396 if (params.freqs == NULL && wpa_s->p2p_in_provisioning &&
397 wpa_s->go_params) {
398 /* Optimize provisioning state scan based on GO information */
399 if (wpa_s->p2p_in_provisioning < 5 &&
400 wpa_s->go_params->freq > 0) {
401 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Scan only GO "
402 "preferred frequency %d MHz",
403 wpa_s->go_params->freq);
404 params.freqs = os_zalloc(2 * sizeof(int));
405 if (params.freqs)
406 params.freqs[0] = wpa_s->go_params->freq;
407 } else if (wpa_s->p2p_in_provisioning < 8 &&
408 wpa_s->go_params->freq_list[0]) {
409 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Scan only common "
410 "channels");
411 int_array_concat(&params.freqs,
412 wpa_s->go_params->freq_list);
413 if (params.freqs)
414 int_array_sort_unique(params.freqs);
415 }
416 wpa_s->p2p_in_provisioning++;
417 }
418#endif /* CONFIG_P2P */
419
420#ifdef CONFIG_WPS
421 if (params.freqs == NULL && wpa_s->after_wps && wpa_s->wps_freq) {
422 /*
423 * Optimize post-provisioning scan based on channel used
424 * during provisioning.
425 */
426 wpa_dbg(wpa_s, MSG_DEBUG, "WPS: Scan only frequency %u MHz "
427 "that was used during provisioning", wpa_s->wps_freq);
428 params.freqs = os_zalloc(2 * sizeof(int));
429 if (params.freqs)
430 params.freqs[0] = wpa_s->wps_freq;
431 wpa_s->after_wps--;
432 }
433
434 if (wps) {
435 wps_ie = wps_build_probe_req_ie(wps == 2, &wpa_s->wps->dev,
436 wpa_s->wps->uuid, req_type,
437 0, NULL);
438 if (wps_ie) {
439 params.extra_ies = wpabuf_head(wps_ie);
440 params.extra_ies_len = wpabuf_len(wps_ie);
441 }
442 }
443#endif /* CONFIG_WPS */
444
445#ifdef CONFIG_P2P
446 if (wps_ie) {
447 if (wpabuf_resize(&wps_ie, 100) == 0) {
448 wpas_p2p_scan_ie(wpa_s, wps_ie);
449 params.extra_ies = wpabuf_head(wps_ie);
450 params.extra_ies_len = wpabuf_len(wps_ie);
451 }
452 }
453#endif /* CONFIG_P2P */
454
455 if (params.freqs == NULL && wpa_s->next_scan_freqs) {
456 wpa_dbg(wpa_s, MSG_DEBUG, "Optimize scan based on previously "
457 "generated frequency list");
458 params.freqs = wpa_s->next_scan_freqs;
459 } else
460 os_free(wpa_s->next_scan_freqs);
461 wpa_s->next_scan_freqs = NULL;
462
463 params.filter_ssids = wpa_supplicant_build_filter_ssids(
464 wpa_s->conf, &params.num_filter_ssids);
465
466 ret = wpa_supplicant_trigger_scan(wpa_s, &params);
467
468 wpabuf_free(wps_ie);
469 os_free(params.freqs);
470 os_free(params.filter_ssids);
471
472 if (ret) {
473 wpa_msg(wpa_s, MSG_WARNING, "Failed to initiate AP scan");
474 if (prev_state != wpa_s->wpa_state)
475 wpa_supplicant_set_state(wpa_s, prev_state);
476 wpa_supplicant_req_scan(wpa_s, 1, 0);
477 }
478}
479
480
481/**
482 * wpa_supplicant_req_scan - Schedule a scan for neighboring access points
483 * @wpa_s: Pointer to wpa_supplicant data
484 * @sec: Number of seconds after which to scan
485 * @usec: Number of microseconds after which to scan
486 *
487 * This function is used to schedule a scan for neighboring access points after
488 * the specified time.
489 */
490void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
491{
492 /* If there's at least one network that should be specifically scanned
493 * then don't cancel the scan and reschedule. Some drivers do
494 * background scanning which generates frequent scan results, and that
495 * causes the specific SSID scan to get continually pushed back and
496 * never happen, which causes hidden APs to never get probe-scanned.
497 */
498 if (eloop_is_timeout_registered(wpa_supplicant_scan, wpa_s, NULL) &&
499 wpa_s->conf->ap_scan == 1) {
500 struct wpa_ssid *ssid = wpa_s->conf->ssid;
501
502 while (ssid) {
503 if (!ssid->disabled && ssid->scan_ssid)
504 break;
505 ssid = ssid->next;
506 }
507 if (ssid) {
508 wpa_dbg(wpa_s, MSG_DEBUG, "Not rescheduling scan to "
509 "ensure that specific SSID scans occur");
510 return;
511 }
512 }
513
514 wpa_dbg(wpa_s, MSG_DEBUG, "Setting scan request: %d sec %d usec",
515 sec, usec);
516 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
517 eloop_register_timeout(sec, usec, wpa_supplicant_scan, wpa_s, NULL);
518}
519
520
521/**
522 * wpa_supplicant_cancel_scan - Cancel a scheduled scan request
523 * @wpa_s: Pointer to wpa_supplicant data
524 *
525 * This function is used to cancel a scan request scheduled with
526 * wpa_supplicant_req_scan().
527 */
528void wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s)
529{
530 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling scan request");
531 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
532}
533
534
535void wpa_supplicant_notify_scanning(struct wpa_supplicant *wpa_s,
536 int scanning)
537{
538 if (wpa_s->scanning != scanning) {
539 wpa_s->scanning = scanning;
540 wpas_notify_scanning(wpa_s);
541 }
542}
543
544
545static int wpa_scan_get_max_rate(const struct wpa_scan_res *res)
546{
547 int rate = 0;
548 const u8 *ie;
549 int i;
550
551 ie = wpa_scan_get_ie(res, WLAN_EID_SUPP_RATES);
552 for (i = 0; ie && i < ie[1]; i++) {
553 if ((ie[i + 2] & 0x7f) > rate)
554 rate = ie[i + 2] & 0x7f;
555 }
556
557 ie = wpa_scan_get_ie(res, WLAN_EID_EXT_SUPP_RATES);
558 for (i = 0; ie && i < ie[1]; i++) {
559 if ((ie[i + 2] & 0x7f) > rate)
560 rate = ie[i + 2] & 0x7f;
561 }
562
563 return rate;
564}
565
566
567const u8 * wpa_scan_get_ie(const struct wpa_scan_res *res, u8 ie)
568{
569 const u8 *end, *pos;
570
571 pos = (const u8 *) (res + 1);
572 end = pos + res->ie_len;
573
574 while (pos + 1 < end) {
575 if (pos + 2 + pos[1] > end)
576 break;
577 if (pos[0] == ie)
578 return pos;
579 pos += 2 + pos[1];
580 }
581
582 return NULL;
583}
584
585
586const u8 * wpa_scan_get_vendor_ie(const struct wpa_scan_res *res,
587 u32 vendor_type)
588{
589 const u8 *end, *pos;
590
591 pos = (const u8 *) (res + 1);
592 end = pos + res->ie_len;
593
594 while (pos + 1 < end) {
595 if (pos + 2 + pos[1] > end)
596 break;
597 if (pos[0] == WLAN_EID_VENDOR_SPECIFIC && pos[1] >= 4 &&
598 vendor_type == WPA_GET_BE32(&pos[2]))
599 return pos;
600 pos += 2 + pos[1];
601 }
602
603 return NULL;
604}
605
606
607struct wpabuf * wpa_scan_get_vendor_ie_multi(const struct wpa_scan_res *res,
608 u32 vendor_type)
609{
610 struct wpabuf *buf;
611 const u8 *end, *pos;
612
613 buf = wpabuf_alloc(res->ie_len);
614 if (buf == NULL)
615 return NULL;
616
617 pos = (const u8 *) (res + 1);
618 end = pos + res->ie_len;
619
620 while (pos + 1 < end) {
621 if (pos + 2 + pos[1] > end)
622 break;
623 if (pos[0] == WLAN_EID_VENDOR_SPECIFIC && pos[1] >= 4 &&
624 vendor_type == WPA_GET_BE32(&pos[2]))
625 wpabuf_put_data(buf, pos + 2 + 4, pos[1] - 4);
626 pos += 2 + pos[1];
627 }
628
629 if (wpabuf_len(buf) == 0) {
630 wpabuf_free(buf);
631 buf = NULL;
632 }
633
634 return buf;
635}
636
637
638struct wpabuf * wpa_scan_get_vendor_ie_multi_beacon(
639 const struct wpa_scan_res *res, u32 vendor_type)
640{
641 struct wpabuf *buf;
642 const u8 *end, *pos;
643
644 if (res->beacon_ie_len == 0)
645 return NULL;
646 buf = wpabuf_alloc(res->beacon_ie_len);
647 if (buf == NULL)
648 return NULL;
649
650 pos = (const u8 *) (res + 1);
651 pos += res->ie_len;
652 end = pos + res->beacon_ie_len;
653
654 while (pos + 1 < end) {
655 if (pos + 2 + pos[1] > end)
656 break;
657 if (pos[0] == WLAN_EID_VENDOR_SPECIFIC && pos[1] >= 4 &&
658 vendor_type == WPA_GET_BE32(&pos[2]))
659 wpabuf_put_data(buf, pos + 2 + 4, pos[1] - 4);
660 pos += 2 + pos[1];
661 }
662
663 if (wpabuf_len(buf) == 0) {
664 wpabuf_free(buf);
665 buf = NULL;
666 }
667
668 return buf;
669}
670
671
672/* Compare function for sorting scan results. Return >0 if @b is considered
673 * better. */
674static int wpa_scan_result_compar(const void *a, const void *b)
675{
676 struct wpa_scan_res **_wa = (void *) a;
677 struct wpa_scan_res **_wb = (void *) b;
678 struct wpa_scan_res *wa = *_wa;
679 struct wpa_scan_res *wb = *_wb;
680 int wpa_a, wpa_b, maxrate_a, maxrate_b;
681
682 /* WPA/WPA2 support preferred */
683 wpa_a = wpa_scan_get_vendor_ie(wa, WPA_IE_VENDOR_TYPE) != NULL ||
684 wpa_scan_get_ie(wa, WLAN_EID_RSN) != NULL;
685 wpa_b = wpa_scan_get_vendor_ie(wb, WPA_IE_VENDOR_TYPE) != NULL ||
686 wpa_scan_get_ie(wb, WLAN_EID_RSN) != NULL;
687
688 if (wpa_b && !wpa_a)
689 return 1;
690 if (!wpa_b && wpa_a)
691 return -1;
692
693 /* privacy support preferred */
694 if ((wa->caps & IEEE80211_CAP_PRIVACY) == 0 &&
695 (wb->caps & IEEE80211_CAP_PRIVACY))
696 return 1;
697 if ((wa->caps & IEEE80211_CAP_PRIVACY) &&
698 (wb->caps & IEEE80211_CAP_PRIVACY) == 0)
699 return -1;
700
701 /* best/max rate preferred if signal level close enough XXX */
702 if ((wa->level && wb->level && abs(wb->level - wa->level) < 5) ||
703 (wa->qual && wb->qual && abs(wb->qual - wa->qual) < 10)) {
704 maxrate_a = wpa_scan_get_max_rate(wa);
705 maxrate_b = wpa_scan_get_max_rate(wb);
706 if (maxrate_a != maxrate_b)
707 return maxrate_b - maxrate_a;
708 }
709
710 /* use freq for channel preference */
711
712 /* all things being equal, use signal level; if signal levels are
713 * identical, use quality values since some drivers may only report
714 * that value and leave the signal level zero */
715 if (wb->level == wa->level)
716 return wb->qual - wa->qual;
717 return wb->level - wa->level;
718}
719
720
721#ifdef CONFIG_WPS
722/* Compare function for sorting scan results when searching a WPS AP for
723 * provisioning. Return >0 if @b is considered better. */
724static int wpa_scan_result_wps_compar(const void *a, const void *b)
725{
726 struct wpa_scan_res **_wa = (void *) a;
727 struct wpa_scan_res **_wb = (void *) b;
728 struct wpa_scan_res *wa = *_wa;
729 struct wpa_scan_res *wb = *_wb;
730 int uses_wps_a, uses_wps_b;
731 struct wpabuf *wps_a, *wps_b;
732 int res;
733
734 /* Optimization - check WPS IE existence before allocated memory and
735 * doing full reassembly. */
736 uses_wps_a = wpa_scan_get_vendor_ie(wa, WPS_IE_VENDOR_TYPE) != NULL;
737 uses_wps_b = wpa_scan_get_vendor_ie(wb, WPS_IE_VENDOR_TYPE) != NULL;
738 if (uses_wps_a && !uses_wps_b)
739 return -1;
740 if (!uses_wps_a && uses_wps_b)
741 return 1;
742
743 if (uses_wps_a && uses_wps_b) {
744 wps_a = wpa_scan_get_vendor_ie_multi(wa, WPS_IE_VENDOR_TYPE);
745 wps_b = wpa_scan_get_vendor_ie_multi(wb, WPS_IE_VENDOR_TYPE);
746 res = wps_ap_priority_compar(wps_a, wps_b);
747 wpabuf_free(wps_a);
748 wpabuf_free(wps_b);
749 if (res)
750 return res;
751 }
752
753 /*
754 * Do not use current AP security policy as a sorting criteria during
755 * WPS provisioning step since the AP may get reconfigured at the
756 * completion of provisioning.
757 */
758
759 /* all things being equal, use signal level; if signal levels are
760 * identical, use quality values since some drivers may only report
761 * that value and leave the signal level zero */
762 if (wb->level == wa->level)
763 return wb->qual - wa->qual;
764 return wb->level - wa->level;
765}
766#endif /* CONFIG_WPS */
767
768
769/**
770 * wpa_supplicant_get_scan_results - Get scan results
771 * @wpa_s: Pointer to wpa_supplicant data
772 * @info: Information about what was scanned or %NULL if not available
773 * @new_scan: Whether a new scan was performed
774 * Returns: Scan results, %NULL on failure
775 *
776 * This function request the current scan results from the driver and updates
777 * the local BSS list wpa_s->bss. The caller is responsible for freeing the
778 * results with wpa_scan_results_free().
779 */
780struct wpa_scan_results *
781wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s,
782 struct scan_info *info, int new_scan)
783{
784 struct wpa_scan_results *scan_res;
785 size_t i;
786 int (*compar)(const void *, const void *) = wpa_scan_result_compar;
787
788 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
789 scan_res = ieee80211_sta_get_scan_results(wpa_s);
790 else
791 scan_res = wpa_drv_get_scan_results2(wpa_s);
792 if (scan_res == NULL) {
793 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to get scan results");
794 return NULL;
795 }
796
797#ifdef CONFIG_WPS
798 if (wpas_wps_in_progress(wpa_s)) {
799 wpa_dbg(wpa_s, MSG_DEBUG, "WPS: Order scan results with WPS "
800 "provisioning rules");
801 compar = wpa_scan_result_wps_compar;
802 }
803#endif /* CONFIG_WPS */
804
805 qsort(scan_res->res, scan_res->num, sizeof(struct wpa_scan_res *),
806 compar);
807
808 wpa_bss_update_start(wpa_s);
809 for (i = 0; i < scan_res->num; i++)
810 wpa_bss_update_scan_res(wpa_s, scan_res->res[i]);
811 wpa_bss_update_end(wpa_s, info, new_scan);
812
813 return scan_res;
814}
815
816
817int wpa_supplicant_update_scan_results(struct wpa_supplicant *wpa_s)
818{
819 struct wpa_scan_results *scan_res;
820 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
821 if (scan_res == NULL)
822 return -1;
823 wpa_scan_results_free(scan_res);
824
825 return 0;
826}
827
828
829void wpa_scan_results_free(struct wpa_scan_results *res)
830{
831 size_t i;
832
833 if (res == NULL)
834 return;
835
836 for (i = 0; i < res->num; i++)
837 os_free(res->res[i]);
838 os_free(res->res);
839 os_free(res);
840}