首先要感谢anly_jun@baidu贴吧的几篇博文,从开始,一共有七篇关于Android Wifi模块分析,其中有大量博主自己使用UML工具画的调用讲解,对于理解Android Wifi工作机制还是有很用的。其中最重要的是下面这几幅图。
按照一般的linux中连接wifi的步骤,这时候就可以直接调用一个程序来连接某个ssid的无线网络,然后调用dhcpd来分配ip了,我之前在eeepc上连接wifi就非常简单,调用iwconfig [ssid],再调用dhcpd就可以了。但很遗憾,Android上并没有iwconfig这样方便的工具。
这下线索似乎就断了,天无绝人之路,既然在Android的Java code中都可以添加一个无线网络并且连接,那我们就去Android的Java源代码中找一找。在Android中,程序员是使用WifiManager这个类来进行Wifi操作的,其中关于添加一个网络的代码如下:
* Add a new network description to the set of configured networks.
* The {@code networkId} field of the supplied configuration object
* is ignored.
* The new network will be marked DISABLED by default. To enable it,
* called {@link #enableNetwork}.
* @param config the set of variables that describe the configuration,
* contained in a {@link WifiConfiguration} object.
* @return the ID of the newly created network description. This is used in
* other operations to specified the network to be acted upon.
* Returns {@code -1} on failure.
public int addNetwork(WifiConfiguration config) {
if (config == null) {
return -1;
config.networkId = -1;
return addOrUpdateNetwork(config);
* Internal method for doing the RPC that creates a new network description
* or updates an existing one.
* @param config The possibly sparse object containing the variables that
* are to set or updated in the network description.
* @return the ID of the network on success, {@code -1} on failure.
private int addOrUpdateNetwork(WifiConfiguration config) {
try {
return mService.addOrUpdateNetwork(config);
} catch (RemoteException e) {
return -1;
* see {@link}
* @return the supplicant-assigned identifier for the new or updated
* network if the operation succeeds, or {@code -1} if it fails
public int addOrUpdateNetwork(WifiConfiguration config) {
* If the supplied networkId is -1, we create a new empty
* network configuration. Otherwise, the networkId should
* refer to an existing configuration.
int netId = config.networkId;
boolean newNetwork = netId == -1;
boolean doReconfig = false;
// networkId of -1 means we want to create a new network
synchronized (mWifiStateTracker) {
if (newNetwork) {
netId = mWifiStateTracker.addNetwork();
if (netId < 0) {
if (DBG) {
Slog.d(TAG, "Failed to add a network!");
return -1;
doReconfig = true;
mNeedReconfig = mNeedReconfig || doReconfig;
setVariables: {
* Note that if a networkId for a non-existent network
* was supplied, then the first setNetworkVariable()
* will fail, so we don't bother to make a separate check
* for the validity of the ID up front.
if (config.SSID != null &&
config.SSID)) {
if (DBG) {
Slog.d(TAG, "failed to set SSID: "+config.SSID);
break setVariables;
if (config.BSSID != null &&
config.BSSID)) {
if (DBG) {
Slog.d(TAG, "failed to set BSSID: "+config.BSSID);
break setVariables;
* Add a network
* @return network id of the new network
public synchronized int addNetwork() {
if (mWifiState.get() != WIFI_STATE_ENABLED) {
return -1;
return WifiNative.addNetworkCommand();
* Set network setting by name
* @param netId network id of the network
* @param name network variable key
* @param value network variable value
* @return {@code true} if the operation succeeds, {@code false} otherwise
public synchronized boolean setNetworkVariable(int netId, String name, String value) {
if (mWifiState.get() != WIFI_STATE_ENABLED) {
return false;
return WifiNative.setNetworkVariableCommand(netId, name, value);
public native static boolean setNetworkVariableCommand(int netId, String name, String value);
size_t reply_len = replybuflen - 1;
if (::wifi_command(cmd, replybuf, &reply_len) != 0)
return -1;
else {
// Strip off trailing newline
if (reply_len > 0 && replybuf[reply_len-1] == '\n')
replybuf[reply_len-1] = '\0';
replybuf[reply_len] = '\0';
return 0;
static jint doIntCommand(const char *cmd)
char reply[256];
if (doCommand(cmd, reply, sizeof(reply)) != 0) {
return (jint)-1;
} else {
return (jint)atoi(reply);
static jboolean doBooleanCommand(const char *cmd, const char *expect)
char reply[256];
if (doCommand(cmd, reply, sizeof(reply)) != 0) {
return (jboolean)JNI_FALSE;
} else {
return (jboolean)(strcmp(reply, expect) == 0);
static jint android_net_wifi_addNetworkCommand(JNIEnv* env, jobject clazz)
return doIntCommand("ADD_NETWORK");
static jboolean android_net_wifi_setNetworkVariableCommand(JNIEnv* env,
jobject clazz,
jint netId,
jstring name,
jstring value)
char cmdstr[256];
jboolean isCopy;
const char *nameStr = env->GetStringUTFChars(name, &isCopy);
const char *valueStr = env->GetStringUTFChars(value, &isCopy);
if (nameStr == NULL || valueStr == NULL)
return JNI_FALSE;
int cmdTooLong = snprintf(cmdstr, sizeof(cmdstr), "SET_NETWORK %d %s %s",
netId, nameStr, valueStr) >= (int)sizeof(cmdstr);
env->ReleaseStringUTFChars(name, nameStr);
env->ReleaseStringUTFChars(value, valueStr);
return (jboolean)!cmdTooLong && doBooleanCommand(cmdstr, "OK");
// ----------------------------------------------------------------------------
* JNI registration.
static JNINativeMethod gWifiMethods[] = {
/* name, signature, funcPtr */
{ "loadDriver", "()Z", (void *)android_net_wifi_loadDriver },
{ "unloadDriver", "()Z", (void *)android_net_wifi_unloadDriver },
{ "startSupplicant", "()Z", (void *)android_net_wifi_startSupplicant },
{ "stopSupplicant", "()Z", (void *)android_net_wifi_stopSupplicant },
{ "connectToSupplicant", "()Z", (void *)android_net_wifi_connectToSupplicant },
{ "closeSupplicantConnection", "()V", (void *)android_net_wifi_closeSupplicantConnection },
{ "listNetworksCommand", "()Ljava/lang/String;",
(void*) android_net_wifi_listNetworksCommand },
{ "addNetworkCommand", "()I", (void*) android_net_wifi_addNetworkCommand },
{ "setNetworkVariableCommand", "(ILjava/lang/String;Ljava/lang/String;)Z",
(void*) android_net_wifi_setNetworkVariableCommand },
{ "getNetworkVariableCommand", "(ILjava/lang/String;)Ljava/lang/String;",
(void*) android_net_wifi_getNetworkVariableCommand },
// Add a network config to supplicant mode
int networkId = doIntCommand("ADD_NETWORK"); // Add a new network id
if(networkId < 0) {
LOGE("Failed to add a network configuration. %s",strerror(errno));
return -1;
LOGE("Add a network %d",networkId);
// set the ssid of the destination wifi adhoc
char cmdstr[256];
snprintf(cmdstr, sizeof(cmdstr), "SET_NETWORK %d %s %s",networkId, SSID_NAME, SSID);
if(!doBooleanCommand(cmdstr,"OK")) {
LOGE("Failed to set network %d configuration ssid. %s", networkId, strerror(errno));
return -1;
public MonitorThread() {
public void run() {
if (connectToSupplicant()) {
// Send a message indicating that it is now possible to send commands
// to the supplicant
} else {
//noinspection InfiniteLoopStatement
for (;;) {
String eventStr = WifiNative.waitForEvent();
// Skip logging the common but mostly uninteresting scan-results event
if (Config.LOGD && eventStr.indexOf(scanResultsEvent) == -1) {
Log.v(TAG, "Event [" + eventStr + "]");
if (!eventStr.startsWith(eventPrefix)) {
if (eventStr.startsWith(wpaEventPrefix) &&
0 < eventStr.indexOf(passwordKeyMayBeIncorrectEvent)) {
String eventName = eventStr.substring(eventPrefixLen);
int nameEnd = eventName.indexOf(' ');
if (nameEnd != -1)
eventName = eventName.substring(0, nameEnd);
if (eventName.length() == 0) {
if (Config.LOGD) Log.i(TAG, "Received wpa_supplicant event with empty event name");
于是我用无线路由器建立了一个最简单的无线网络,ssid=TSever,没有密码,按照上面步骤进行联网。结果在ADD_NETWORK的步骤就出错了,无法获得网络id,这是怎么一回事呢?看到dhcp时的代码要对特定的NetworkInterface做操作,突然想起来之前在代码中似乎看到有对Interface做使能操作的代码——WifiService在调用mWifiStateTracker.enableNetwork之前,还调用了String ifname =mWifiStateTracker.getInterfaceName();NetworkUtils.enableInterface(ifname);这两句。于是在init阶段,加上了下面这段。
char ifname[256];
property_get("wifi.interface", ifname ,"eth0");
ret = ifc_enable(ifname);
if(ret < 0) {
LOGE("Failed to enable wifi interface %s. %s", ifname ,strerror(errno));
return -1;
但是运行起来还是出同样的错误,不过这次busybox ifconfig之后可以发现eth0的端口了,至少没有做无用功。倒回去看在WifiMonitor的MonitorThread中有connectToSupplicant()的调用,本以为此调用不是非常关键,然后去hardware/libhardware_legacy/wifi/wifi.c文件里面看到全局有一个staticstruct wpa_ctrl*ctrl_conn;并且在wifi_command中需要用到这个ctrl_conn,那么如果这个ctrl_conn是NULL的话,所有的wifi_command命令自然都无法完成了,于是又加上了
ret = wifi_connect_to_supplicant();if(ret < 0) {
LOGE("Failed to connect supplicant daemon. %s",strerror(errno));
return -1;
I/wpa_supplicant( 618): CTRL-EVENT-SCAN-RESULTS Ready
I/wpa_supplicant( 618): Trying to associate with 00:24:b2:c1:16:b6 (SSID='TServer' freq=2462 MHz)
I/wpa_supplicant( 618): CTRL-EVENT-STATE-CHANGE id=-1 state=3
E/ ( 612): Finished init stage.
E/ ( 612): Add a network 2
E/ ( 612): Finished config stage.
I/wpa_supplicant( 618): CTRL-EVENT-STATE-CHANGE id=1 state=0
E/ ( 612): receive buf:
E/ ( 612): CTRL-EVENT-STATE-CHANGE id=1 state=0
I/wpa_supplicant( 618): CTRL-EVENT-STATE-CHANGE id=-1 state=2
E/ ( 612): receive buf:
E/ ( 612): CTRL-EVENT-STATE-CHANGE id=-1 state=2
I/wpa_supplicant( 618): CTRL-EVENT-SCAN-RESULTS Ready
E/ ( 612): receive buf:
I/wpa_supplicant( 618): CTRL-EVENT-STATE-CHANGE id=-1 state=4
E/ ( 612): receive buf:
E/ ( 612): CTRL-EVENT-STATE-CHANGE id=-1 state=4
I/wpa_supplicant( 618): Associated with 00:24:b2:c1:16:b6
E/ ( 612): receive buf:
E/ ( 612): Associated with 00:24:b2:c1:16:b6
I/wpa_supplicant( 618): CTRL-EVENT-SCAN-RESULTS Ready
E/ ( 612): receive buf:
D/NetworkLocationProvider( 127): onCellLocationChanged [4517,30785]
I/wpa_supplicant( 618): Authentication with 00:24:b2:c1:16:b6 timed out.
E/ ( 612): receive buf:
E/ ( 612): Authentication with 00:24:b2:c1:16:b6 timed out.
# 明文连接方式(不使用WPA和IEEE802.1X) network={ ssid="plaintext-test" key_mgmt=NONE }
bash-4.1# wificonnect
I/wpa_supplicant( 871): CTRL-EVENT-SCAN-RESULTS Ready
I/wpa_supplicant( 871): Trying to associate with 00:24:b2:c1:16:b6 (SSID='TServer' freq=2462 MHz)
I/wpa_supplicant( 871): CTRL-EVENT-STATE-CHANGE id=-1 state=3
E/ ( 865): Finished init stage.
E/ ( 865): Add a network 2
E/ ( 865): Finished config stage.
I/wpa_supplicant( 871): CTRL-EVENT-STATE-CHANGE id=1 state=0
E/ ( 865): receive buf:
E/ ( 865): CTRL-EVENT-STATE-CHANGE id=1 state=0
I/wpa_supplicant( 871): CTRL-EVENT-STATE-CHANGE id=-1 state=2
E/ ( 865): receive buf:
E/ ( 865): CTRL-EVENT-STATE-CHANGE id=-1 state=2
I/wpa_supplicant( 871): CTRL-EVENT-SCAN-RESULTS Ready
E/ ( 865): receive buf:
I/wpa_supplicant( 871): Trying to associate with 00:24:b2:c1:16:b6 (SSID='TServer' freq=2462 MHz)
E/ ( 865): receive buf:
E/ ( 865): Trying to associate with 00:24:b2:c1:16:b6 (SSID='TServer' freq=2462 MHz)
I/wpa_supplicant( 871): CTRL-EVENT-STATE-CHANGE id=-1 state=3
E/ ( 865): receive buf:
E/ ( 865): CTRL-EVENT-STATE-CHANGE id=-1 state=3
I/wpa_supplicant( 871): CTRL-EVENT-STATE-CHANGE id=2 state=4
E/ ( 865): receive buf:
E/ ( 865): CTRL-EVENT-STATE-CHANGE id=2 state=4
I/wpa_supplicant( 871): Associated with 00:24:b2:c1:16:b6
I/wpa_supplicant( 871): CTRL-EVENT-STATE-CHANGE id=2 state=7
I/wpa_supplicant( 871): CTRL-EVENT-CONNECTED - Connection to 00:24:b2:c1:16:b6 completed (auth) [id=2 id_str=]
E/ ( 865): receive buf:
E/ ( 865): Associated with 00:24:b2:c1:16:b6
E/ ( 865): receive buf:
E/ ( 865): CTRL-EVENT-STATE-CHANGE id=2 state=7
E/ ( 865): receive buf:
E/ ( 865): CTRL-EVENT-CONNECTED - Connection to 00:24:b2:c1:16:b6 completed (auth) [id=2 id_str=]
E/ ( 865): Finished dhcp stage.
/* ** ** Copyright 2006, The Android Open Source Project ** ** Licensed under the Apache License, Version 2.0 (the "License"); ** you may not use this file except in compliance with the License. ** You may obtain a copy of the License at ** ** ** ** Unless required by applicable law or agreed to in writing, software ** distributed under the License is distributed on an "AS IS" BASIS, ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ** See the License for the specific language governing permissions and ** limitations under the License. */ #include #include #include #include #include "string.h" #include "hardware_legacy/wifi.h" #include "cutils/log.h" #include "cutils/properties.h" #include #include #include static int doCommand(const char *cmd, char *replybuf, int replybuflen) { size_t reply_len = replybuflen - 1; if (wifi_command(cmd, replybuf, &reply_len) != 0) return -1; else { // Strip off trailing newline if (reply_len > 0 && replybuf[reply_len-1] == '\n') replybuf[reply_len-1] = '\0'; else replybuf[reply_len] = '\0'; return 0; } } static int doIntCommand(const char *cmd) { char reply[256]; if (doCommand(cmd, reply, sizeof(reply)) != 0) { return -1; } else { return atoi(reply); } } static int doBooleanCommand(const char *cmd, const char *expect) { char reply[256]; if (doCommand(cmd, reply, sizeof(reply)) != 0) { return 0; } else { return (strcmp(reply, expect) == 0); } } // Send a command to the supplicant, and return the reply as a String static char* doStringCommand(const char *cmd) { char reply[4096]; if (doCommand(cmd, reply, sizeof(reply)) != 0) { return NULL; } else { return reply; } } int init_stage() { // load the wifi driver: insmod .ko int ret = wifi_load_driver(); if(ret < 0) { LOGE("Failed to load Wi-Fi driver. %s",strerror(errno)); return -1; } // start wpa_supplicant ret = wifi_start_supplicant(); if(ret < 0) { LOGE("Failed to start supplicant daemon. %s",strerror(errno)); return -1; } ret = wifi_connect_to_supplicant(); if(ret < 0) { LOGE("Failed to connect supplicant daemon. %s",strerror(errno)); return -1; } char ifname[256]; property_get("wifi.interface", ifname ,"eth0"); ret = ifc_enable(ifname); if(ret < 0) { LOGE("Failed to enable wifi interface %s. %s", ifname ,strerror(errno)); return -1; } return 0; } int scan_stage(){ // XXX we don't need to really scan the wifi return 0; } #define SSID_NAME "ssid" #define KEY_MGMT "key_mgmt" #define SSID "\"xxxxx\"" #define PASS "NONE" int config_stage(){ // Add a network config to supplicant mode int networkId = doIntCommand("ADD_NETWORK"); // Add a new network id if(networkId < 0) { LOGE("Failed to add a network configuration. %s",strerror(errno)); return -1; } LOGE("Add a network %d",networkId); // set the ssid of the destination wifi adhoc char cmdstr[256]; snprintf(cmdstr, sizeof(cmdstr), "SET_NETWORK %d %s %s",networkId, SSID_NAME, SSID); if(!doBooleanCommand(cmdstr,"OK")) { LOGE("Failed to set network %d configuration ssid. %s", networkId, strerror(errno)); return -1; }snprintf(cmdstr, sizeof(cmdstr), "SET_NETWORK %d %s %s", networkId, KEY_MGMT ,PASS);
if(!doBooleanCommand(cmdstr,"OK")) {
LOGE("Failed to set network %d configuration key_mgmr. %s", networkId, strerror(errno));
return -1;
return networkId;
int connect_stage(int networkId) {
char cmdstr[256];
// enable the network
snprintf(cmdstr, sizeof(cmdstr), "SELECT_NETWORK %d",networkId);
if(!doBooleanCommand(cmdstr,"OK")) {
LOGE("Failed to select network %d. %s", networkId, strerror(errno));
return -1;
// wait for connect
char buf[256];
while(1) {
int nread = wifi_wait_for_event(buf, sizeof(buf));
if(nread > 0) {
LOGE("receive buf:\n %s\n",buf);
if(strstr(buf,CONNECTED) > 0) {
// XXX danger of not going out of the loop!!!
return 0;
int dhcp_stage(){
int result;
in_addr_t ipaddr, gateway, mask, dns1, dns2, server;
uint32_t lease;
char ifname[256];
char mDns1Name[256];
char mDns2Name[256];
property_get("wifi.interface", ifname ,"eth0");
snprintf(mDns1Name, sizeof(mDns1Name), "net.%s.dns1",ifname);
snprintf(mDns2Name, sizeof(mDns2Name), "net.%s.dns2",ifname);
result = dhcp_do_request(ifname, &ipaddr, &gateway, &mask, &dns1, &dns2, &server, &lease);
if(result != 0) {
LOGE("Failed to dhcp on interface %s. %s", ifname, strerror(errno));
return -1;
struct in_addr dns_struct1, dns_struct2;
dns_struct1.s_addr = dns1;
dns_struct2.s_addr = dns2;
return 0;
int main(int argc, char *argv[])
int ret = init_stage();
if(ret < 0) {
LOGE("Failed init stage. %s",strerror(errno));
LOGE("Finished init stage.");
ret = config_stage();
if(ret < 0) {
LOGE("Failed config stage. %s",strerror(errno));
LOGE("Finished config stage.");
ret = connect_stage(ret);
if(ret < 0) {
LOGE("Failed connect stage. %s",strerror(errno));
LOGV("Finished connect stage.");
ret = dhcp_stage();
if(ret < 0) {
LOGE("Failed dhcp stage. %s",strerror(errno));
LOGE("Finished dhcp stage.");
return 0;