Lines Matching +full:pin +full:- +full:count
2 * Wi-Fi Protected Setup - Registrar
3 * Copyright (c) 2008-2016, Jouni Malinen <j@w1.fi>
45 dl_list_del(&token->list); in wps_remove_nfc_pw_token()
55 if (pw_id == 0 || pw_id == token->pw_id) in wps_free_nfc_pw_tokens()
66 if (pw_id == token->pw_id) in wps_get_nfc_pw_token()
83 u8 *pin; member
93 static void wps_free_pin(struct wps_uuid_pin *pin) in wps_free_pin() argument
95 bin_clear_free(pin->pin, pin->pin_len); in wps_free_pin()
96 os_free(pin); in wps_free_pin()
100 static void wps_remove_pin(struct wps_uuid_pin *pin) in wps_remove_pin() argument
102 dl_list_del(&pin->list); in wps_remove_pin()
103 wps_free_pin(pin); in wps_remove_pin()
109 struct wps_uuid_pin *pin, *prev; in wps_free_pins() local
110 dl_list_for_each_safe(pin, prev, pins, struct wps_uuid_pin, list) in wps_free_pins()
111 wps_remove_pin(pin); in wps_free_pins()
129 pbc = pbc->next; in wps_free_pbc_sessions()
194 * multi_ap_backhaul_ssid - SSID to supply to a Multi-AP backhaul
198 * Credentials when the enrollee advertises it is a Multi-AP backhaul
204 * multi_ap_backhaul_ssid_len - Length of multi_ap_backhaul_ssid in
210 * multi_ap_backhaul_network_key - The Network Key (PSK) for the
211 * Multi-AP backhaul enrollee.
214 * 32-octet PSK (64 hex characters).
219 * multi_ap_backhaul_network_key_len - Length of
231 struct wps_uuid_pin *pin);
241 if (ether_addr_equal(reg->authorized_macs[i], addr)) { in wps_registrar_add_authorized_mac()
246 for (i = WPS_MAX_AUTHORIZED_MACS - 1; i > 0; i--) in wps_registrar_add_authorized_mac()
247 os_memcpy(reg->authorized_macs[i], reg->authorized_macs[i - 1], in wps_registrar_add_authorized_mac()
249 os_memcpy(reg->authorized_macs[0], addr, ETH_ALEN); in wps_registrar_add_authorized_mac()
251 (u8 *) reg->authorized_macs, sizeof(reg->authorized_macs)); in wps_registrar_add_authorized_mac()
262 if (ether_addr_equal(reg->authorized_macs[i], addr)) in wps_registrar_remove_authorized_mac()
271 os_memcpy(reg->authorized_macs[i], reg->authorized_macs[i + 1], in wps_registrar_remove_authorized_mac()
273 os_memset(reg->authorized_macs[WPS_MAX_AUTHORIZED_MACS - 1], 0, in wps_registrar_remove_authorized_mac()
276 (u8 *) reg->authorized_macs, sizeof(reg->authorized_macs)); in wps_registrar_remove_authorized_mac()
286 dev = dev->next; in wps_free_devices()
287 wps_device_data_free(&prev->dev); in wps_free_devices()
298 for (dev = reg->devices; dev; dev = dev->next) { in wps_device_get()
299 if (ether_addr_equal(dev->dev.mac_addr, addr)) in wps_device_get()
309 os_memcpy(dst->mac_addr, src->mac_addr, ETH_ALEN); in wps_device_clone_data()
310 os_memcpy(dst->pri_dev_type, src->pri_dev_type, WPS_DEV_TYPE_LEN); in wps_device_clone_data()
313 os_free(dst->n); \ in wps_device_clone_data()
314 dst->n = src->n ? os_strdup(src->n) : NULL in wps_device_clone_data()
330 d = wps_device_get(reg, dev->mac_addr); in wps_device_store()
334 return -1; in wps_device_store()
335 d->next = reg->devices; in wps_device_store()
336 reg->devices = d; in wps_device_store()
339 wps_device_clone_data(&d->dev, dev); in wps_device_store()
340 os_memcpy(d->uuid, uuid, WPS_UUID_LEN); in wps_device_store()
354 pbc = reg->pbc_sessions; in wps_registrar_add_pbc_session()
356 if (ether_addr_equal(pbc->addr, addr) && in wps_registrar_add_pbc_session()
357 os_memcmp(pbc->uuid_e, uuid_e, WPS_UUID_LEN) == 0) { in wps_registrar_add_pbc_session()
359 prev->next = pbc->next; in wps_registrar_add_pbc_session()
361 reg->pbc_sessions = pbc->next; in wps_registrar_add_pbc_session()
365 pbc = pbc->next; in wps_registrar_add_pbc_session()
372 os_memcpy(pbc->addr, addr, ETH_ALEN); in wps_registrar_add_pbc_session()
374 os_memcpy(pbc->uuid_e, uuid_e, WPS_UUID_LEN); in wps_registrar_add_pbc_session()
377 pbc->next = reg->pbc_sessions; in wps_registrar_add_pbc_session()
378 reg->pbc_sessions = pbc; in wps_registrar_add_pbc_session()
379 pbc->timestamp = now; in wps_registrar_add_pbc_session()
383 pbc = pbc->next; in wps_registrar_add_pbc_session()
386 if (os_reltime_expired(&now, &pbc->timestamp, in wps_registrar_add_pbc_session()
388 prev->next = NULL; in wps_registrar_add_pbc_session()
393 pbc = pbc->next; in wps_registrar_add_pbc_session()
404 pbc = reg->pbc_sessions; in wps_registrar_remove_pbc_session()
406 if (os_memcmp(pbc->uuid_e, uuid_e, WPS_UUID_LEN) == 0 || in wps_registrar_remove_pbc_session()
407 (p2p_dev_addr && !is_zero_ether_addr(reg->p2p_dev_addr) && in wps_registrar_remove_pbc_session()
408 ether_addr_equal(reg->p2p_dev_addr, p2p_dev_addr))) { in wps_registrar_remove_pbc_session()
410 prev->next = pbc->next; in wps_registrar_remove_pbc_session()
412 reg->pbc_sessions = pbc->next; in wps_registrar_remove_pbc_session()
414 pbc = pbc->next; in wps_registrar_remove_pbc_session()
416 "addr=" MACSTR, MAC2STR(tmp->addr)); in wps_registrar_remove_pbc_session()
417 wpa_hexdump(MSG_DEBUG, "WPS: Removed UUID-E", in wps_registrar_remove_pbc_session()
418 tmp->uuid_e, WPS_UUID_LEN); in wps_registrar_remove_pbc_session()
423 pbc = pbc->next; in wps_registrar_remove_pbc_session()
431 int count = 0; in wps_registrar_pbc_overlap() local
444 count++; in wps_registrar_pbc_overlap()
447 for (pbc = reg->pbc_sessions; pbc; pbc = pbc->next) { in wps_registrar_pbc_overlap()
449 MAC2STR(pbc->addr)); in wps_registrar_pbc_overlap()
450 wpa_hexdump(MSG_DEBUG, "WPS: UUID-E", in wps_registrar_pbc_overlap()
451 pbc->uuid_e, WPS_UUID_LEN); in wps_registrar_pbc_overlap()
452 if (os_reltime_expired(&now, &pbc->timestamp, in wps_registrar_pbc_overlap()
458 os_memcmp(pbc->uuid_e, first->uuid_e, WPS_UUID_LEN) == 0) { in wps_registrar_pbc_overlap()
463 os_memcmp(uuid_e, pbc->uuid_e, WPS_UUID_LEN)) { in wps_registrar_pbc_overlap()
465 count++; in wps_registrar_pbc_overlap()
471 wpa_printf(MSG_DEBUG, "WPS: %u active PBC session(s) found", count); in wps_registrar_pbc_overlap()
473 return count > 1 ? 1 : 0; in wps_registrar_pbc_overlap()
479 wpa_printf(MSG_DEBUG, "WPS: * Wi-Fi Protected Setup State (%d)", in wps_build_wps_state()
480 wps->wps_state); in wps_build_wps_state()
483 wpabuf_put_u8(msg, wps->wps_state); in wps_build_wps_state()
492 p = wps->upnp_msgs; in wps_registrar_free_pending_m2()
494 if (p->type == WPS_M2 || p->type == WPS_M2D) { in wps_registrar_free_pending_m2()
496 wps->upnp_msgs = p->next; in wps_registrar_free_pending_m2()
498 prev->next = p->next; in wps_registrar_free_pending_m2()
501 p = p->next; in wps_registrar_free_pending_m2()
502 wpabuf_free(p2->msg); in wps_registrar_free_pending_m2()
507 p = p->next; in wps_registrar_free_pending_m2()
516 if (wps->ap_setup_locked && wps->ap_setup_locked != 2) { in wps_build_ap_setup_locked()
529 if (!reg->sel_reg_union) in wps_build_selected_registrar()
542 u16 id = reg->pbc ? DEV_PW_PUSHBUTTON : DEV_PW_DEFAULT; in wps_build_sel_reg_dev_password_id()
543 if (!reg->sel_reg_union) in wps_build_sel_reg_dev_password_id()
545 if (reg->sel_reg_dev_password_id_override >= 0) in wps_build_sel_reg_dev_password_id()
546 id = reg->sel_reg_dev_password_id_override; in wps_build_sel_reg_dev_password_id()
558 u16 id = reg->pbc ? DEV_PW_PUSHBUTTON : DEV_PW_DEFAULT; in wps_build_sel_pbc_reg_uuid_e()
559 if (!reg->sel_reg_union) in wps_build_sel_pbc_reg_uuid_e()
561 if (reg->sel_reg_dev_password_id_override >= 0) in wps_build_sel_pbc_reg_uuid_e()
562 id = reg->sel_reg_dev_password_id_override; in wps_build_sel_pbc_reg_uuid_e()
563 if (id != DEV_PW_PUSHBUTTON || !reg->dualband) in wps_build_sel_pbc_reg_uuid_e()
565 return wps_build_uuid_e(msg, reg->wps->uuid); in wps_build_sel_pbc_reg_uuid_e()
596 if (!reg->sel_reg_union) in wps_build_sel_reg_config_methods()
598 methods = reg->wps->config_methods; in wps_build_sel_reg_config_methods()
602 if (reg->pbc) in wps_build_sel_reg_config_methods()
603 wps_set_pushbutton(&methods, reg->wps->config_methods); in wps_build_sel_reg_config_methods()
604 if (reg->sel_reg_config_methods_override >= 0) in wps_build_sel_reg_config_methods()
605 methods = reg->sel_reg_config_methods_override; in wps_build_sel_reg_config_methods()
623 methods = reg->wps->config_methods & ~WPS_CONFIG_PUSHBUTTON; in wps_build_probe_config_methods()
637 return wps_build_config_methods(msg, reg->wps->config_methods); in wps_build_config_methods_r()
641 const u8 * wps_authorized_macs(struct wps_registrar *reg, size_t *count) in wps_authorized_macs() argument
643 *count = 0; in wps_authorized_macs()
645 while (*count < WPS_MAX_AUTHORIZED_MACS) { in wps_authorized_macs()
646 if (is_zero_ether_addr(reg->authorized_macs_union[*count])) in wps_authorized_macs()
648 (*count)++; in wps_authorized_macs()
651 return (const u8 *) reg->authorized_macs_union; in wps_authorized_macs()
656 * wps_registrar_init - Initialize WPS Registrar data
675 dl_list_init(®->pins); in wps_registrar_init()
676 dl_list_init(®->nfc_pw_tokens); in wps_registrar_init()
677 reg->wps = wps; in wps_registrar_init()
678 reg->new_psk_cb = cfg->new_psk_cb; in wps_registrar_init()
679 reg->set_ie_cb = cfg->set_ie_cb; in wps_registrar_init()
680 reg->pin_needed_cb = cfg->pin_needed_cb; in wps_registrar_init()
681 reg->reg_success_cb = cfg->reg_success_cb; in wps_registrar_init()
682 reg->set_sel_reg_cb = cfg->set_sel_reg_cb; in wps_registrar_init()
683 reg->enrollee_seen_cb = cfg->enrollee_seen_cb; in wps_registrar_init()
684 reg->lookup_pskfile_cb = cfg->lookup_pskfile_cb; in wps_registrar_init()
685 reg->cb_ctx = cfg->cb_ctx; in wps_registrar_init()
686 reg->skip_cred_build = cfg->skip_cred_build; in wps_registrar_init()
687 if (cfg->extra_cred) { in wps_registrar_init()
688 reg->extra_cred = wpabuf_alloc_copy(cfg->extra_cred, in wps_registrar_init()
689 cfg->extra_cred_len); in wps_registrar_init()
690 if (reg->extra_cred == NULL) { in wps_registrar_init()
695 reg->disable_auto_conf = cfg->disable_auto_conf; in wps_registrar_init()
696 reg->sel_reg_dev_password_id_override = -1; in wps_registrar_init()
697 reg->sel_reg_config_methods_override = -1; in wps_registrar_init()
698 reg->dualband = cfg->dualband; in wps_registrar_init()
699 reg->force_per_enrollee_psk = cfg->force_per_enrollee_psk; in wps_registrar_init()
701 if (cfg->multi_ap_backhaul_ssid) { in wps_registrar_init()
702 os_memcpy(reg->multi_ap_backhaul_ssid, in wps_registrar_init()
703 cfg->multi_ap_backhaul_ssid, in wps_registrar_init()
704 cfg->multi_ap_backhaul_ssid_len); in wps_registrar_init()
705 reg->multi_ap_backhaul_ssid_len = in wps_registrar_init()
706 cfg->multi_ap_backhaul_ssid_len; in wps_registrar_init()
708 if (cfg->multi_ap_backhaul_network_key) { in wps_registrar_init()
709 reg->multi_ap_backhaul_network_key = in wps_registrar_init()
710 os_memdup(cfg->multi_ap_backhaul_network_key, in wps_registrar_init()
711 cfg->multi_ap_backhaul_network_key_len); in wps_registrar_init()
712 if (reg->multi_ap_backhaul_network_key) in wps_registrar_init()
713 reg->multi_ap_backhaul_network_key_len = in wps_registrar_init()
714 cfg->multi_ap_backhaul_network_key_len; in wps_registrar_init()
730 wps_free_pins(®->pins); in wps_registrar_flush()
731 wps_free_nfc_pw_tokens(®->nfc_pw_tokens, 0); in wps_registrar_flush()
732 wps_free_pbc_sessions(reg->pbc_sessions); in wps_registrar_flush()
733 reg->pbc_sessions = NULL; in wps_registrar_flush()
734 wps_free_devices(reg->devices); in wps_registrar_flush()
735 reg->devices = NULL; in wps_registrar_flush()
737 reg->pbc_ignore_start.sec = 0; in wps_registrar_flush()
743 * wps_registrar_deinit - Deinitialize WPS Registrar data
753 wpabuf_clear_free(reg->extra_cred); in wps_registrar_deinit()
754 bin_clear_free(reg->multi_ap_backhaul_network_key, in wps_registrar_deinit()
755 reg->multi_ap_backhaul_network_key_len); in wps_registrar_deinit()
762 struct wps_uuid_pin *pin; in wps_registrar_invalidate_unused() local
764 dl_list_for_each(pin, ®->pins, struct wps_uuid_pin, list) { in wps_registrar_invalidate_unused()
765 if (pin->wildcard_uuid == 1 && !(pin->flags & PIN_LOCKED)) { in wps_registrar_invalidate_unused()
767 "configured wildcard PIN"); in wps_registrar_invalidate_unused()
768 wps_registrar_remove_pin(reg, pin); in wps_registrar_invalidate_unused()
776 * wps_registrar_add_pin - Configure a new PIN for Registrar
779 * @uuid: UUID-E or %NULL for wildcard (any UUID)
780 * @pin: PIN (Device Password)
781 * @pin_len: Length of pin in octets
782 * @timeout: Time (in seconds) when the PIN will be invalidated; 0 = no timeout
783 * Returns: 0 on success, -1 on failure
786 const u8 *uuid, const u8 *pin, size_t pin_len, in wps_registrar_add_pin() argument
793 return -1; in wps_registrar_add_pin()
795 os_memcpy(p->enrollee_addr, addr, ETH_ALEN); in wps_registrar_add_pin()
797 p->wildcard_uuid = 1; in wps_registrar_add_pin()
799 os_memcpy(p->uuid, uuid, WPS_UUID_LEN); in wps_registrar_add_pin()
800 p->pin = os_memdup(pin, pin_len); in wps_registrar_add_pin()
801 if (p->pin == NULL) { in wps_registrar_add_pin()
803 return -1; in wps_registrar_add_pin()
805 p->pin_len = pin_len; in wps_registrar_add_pin()
808 p->flags |= PIN_EXPIRES; in wps_registrar_add_pin()
809 os_get_reltime(&p->expiration); in wps_registrar_add_pin()
810 p->expiration.sec += timeout; in wps_registrar_add_pin()
813 if (p->wildcard_uuid) in wps_registrar_add_pin()
816 dl_list_add(®->pins, &p->list); in wps_registrar_add_pin()
818 wpa_printf(MSG_DEBUG, "WPS: A new PIN configured (timeout=%d)", in wps_registrar_add_pin()
821 wpa_hexdump_ascii_key(MSG_DEBUG, "WPS: PIN", pin, pin_len); in wps_registrar_add_pin()
822 reg->selected_registrar = 1; in wps_registrar_add_pin()
823 reg->pbc = 0; in wps_registrar_add_pin()
840 struct wps_uuid_pin *pin) in wps_registrar_remove_pin() argument
845 if (is_zero_ether_addr(pin->enrollee_addr)) in wps_registrar_remove_pin()
848 addr = pin->enrollee_addr; in wps_registrar_remove_pin()
850 wps_remove_pin(pin); in wps_registrar_remove_pin()
857 struct wps_uuid_pin *pin, *prev; in wps_registrar_expire_pins() local
861 dl_list_for_each_safe(pin, prev, ®->pins, struct wps_uuid_pin, list) in wps_registrar_expire_pins()
863 if ((pin->flags & PIN_EXPIRES) && in wps_registrar_expire_pins()
864 os_reltime_before(&pin->expiration, &now)) { in wps_registrar_expire_pins()
865 wpa_hexdump(MSG_DEBUG, "WPS: Expired PIN for UUID", in wps_registrar_expire_pins()
866 pin->uuid, WPS_UUID_LEN); in wps_registrar_expire_pins()
867 wps_registrar_remove_pin(reg, pin); in wps_registrar_expire_pins()
874 * wps_registrar_invalidate_wildcard_pin - Invalidate a wildcard PIN
876 * @dev_pw: PIN to search for or %NULL to match any
878 * Returns: 0 on success, -1 if not wildcard PIN is enabled
884 struct wps_uuid_pin *pin, *prev; in wps_registrar_invalidate_wildcard_pin() local
886 dl_list_for_each_safe(pin, prev, ®->pins, struct wps_uuid_pin, list) in wps_registrar_invalidate_wildcard_pin()
888 if (dev_pw && pin->pin && in wps_registrar_invalidate_wildcard_pin()
889 (dev_pw_len != pin->pin_len || in wps_registrar_invalidate_wildcard_pin()
890 os_memcmp_const(dev_pw, pin->pin, dev_pw_len) != 0)) in wps_registrar_invalidate_wildcard_pin()
891 continue; /* different PIN */ in wps_registrar_invalidate_wildcard_pin()
892 if (pin->wildcard_uuid) { in wps_registrar_invalidate_wildcard_pin()
893 wpa_hexdump(MSG_DEBUG, "WPS: Invalidated PIN for UUID", in wps_registrar_invalidate_wildcard_pin()
894 pin->uuid, WPS_UUID_LEN); in wps_registrar_invalidate_wildcard_pin()
895 wps_registrar_remove_pin(reg, pin); in wps_registrar_invalidate_wildcard_pin()
900 return -1; in wps_registrar_invalidate_wildcard_pin()
905 * wps_registrar_invalidate_pin - Invalidate a PIN for a specific UUID-E
907 * @uuid: UUID-E
908 * Returns: 0 on success, -1 on failure (e.g., PIN not found)
912 struct wps_uuid_pin *pin, *prev; in wps_registrar_invalidate_pin() local
914 dl_list_for_each_safe(pin, prev, ®->pins, struct wps_uuid_pin, list) in wps_registrar_invalidate_pin()
916 if (os_memcmp(pin->uuid, uuid, WPS_UUID_LEN) == 0) { in wps_registrar_invalidate_pin()
917 wpa_hexdump(MSG_DEBUG, "WPS: Invalidated PIN for UUID", in wps_registrar_invalidate_pin()
918 pin->uuid, WPS_UUID_LEN); in wps_registrar_invalidate_pin()
919 wps_registrar_remove_pin(reg, pin); in wps_registrar_invalidate_pin()
924 return -1; in wps_registrar_invalidate_pin()
931 struct wps_uuid_pin *pin, *found = NULL; in wps_registrar_get_pin() local
936 dl_list_for_each(pin, ®->pins, struct wps_uuid_pin, list) { in wps_registrar_get_pin()
937 if (!pin->wildcard_uuid && in wps_registrar_get_pin()
938 os_memcmp(pin->uuid, uuid, WPS_UUID_LEN) == 0) { in wps_registrar_get_pin()
939 found = pin; in wps_registrar_get_pin()
945 /* Check for wildcard UUIDs since none of the UUID-specific in wps_registrar_get_pin()
947 dl_list_for_each(pin, ®->pins, struct wps_uuid_pin, list) { in wps_registrar_get_pin()
948 if (pin->wildcard_uuid == 1 || in wps_registrar_get_pin()
949 pin->wildcard_uuid == 2) { in wps_registrar_get_pin()
951 "PIN. Assigned it for this UUID-E"); in wps_registrar_get_pin()
953 os_memcpy(pin->uuid, uuid, WPS_UUID_LEN); in wps_registrar_get_pin()
954 found = pin; in wps_registrar_get_pin()
964 * Lock the PIN to avoid attacks based on concurrent re-use of the PIN in wps_registrar_get_pin()
965 * that could otherwise avoid PIN invalidations. in wps_registrar_get_pin()
967 if (found->flags & PIN_LOCKED) { in wps_registrar_get_pin()
968 wpa_printf(MSG_DEBUG, "WPS: Selected PIN locked - do not " in wps_registrar_get_pin()
969 "allow concurrent re-use"); in wps_registrar_get_pin()
972 *pin_len = found->pin_len; in wps_registrar_get_pin()
973 found->flags |= PIN_LOCKED; in wps_registrar_get_pin()
975 found->wildcard_uuid++; in wps_registrar_get_pin()
976 return found->pin; in wps_registrar_get_pin()
981 * wps_registrar_unlock_pin - Unlock a PIN for a specific UUID-E
983 * @uuid: UUID-E
984 * Returns: 0 on success, -1 on failure
987 * PIN to allow it to be used again. If the specified PIN was configured using
992 struct wps_uuid_pin *pin; in wps_registrar_unlock_pin() local
994 dl_list_for_each(pin, ®->pins, struct wps_uuid_pin, list) { in wps_registrar_unlock_pin()
995 if (os_memcmp(pin->uuid, uuid, WPS_UUID_LEN) == 0) { in wps_registrar_unlock_pin()
996 if (pin->wildcard_uuid == 3) { in wps_registrar_unlock_pin()
998 "wildcard PIN"); in wps_registrar_unlock_pin()
1001 pin->flags &= ~PIN_LOCKED; in wps_registrar_unlock_pin()
1006 return -1; in wps_registrar_unlock_pin()
1012 reg->selected_registrar = 0; in wps_registrar_stop_pbc()
1013 reg->pbc = 0; in wps_registrar_stop_pbc()
1014 os_memset(reg->p2p_dev_addr, 0, ETH_ALEN); in wps_registrar_stop_pbc()
1025 wpa_printf(MSG_DEBUG, "WPS: PBC timed out - disable PBC mode"); in wps_registrar_pbc_timeout()
1026 wps_pbc_timeout_event(reg->wps); in wps_registrar_pbc_timeout()
1032 * wps_registrar_button_pushed - Notify Registrar that AP button was pushed
1036 * Returns: 0 on success, -1 on failure, -2 on session overlap
1042 * PBC mode is not activated and -2 is returned to indicate session overlap.
1050 wpa_printf(MSG_DEBUG, "WPS: PBC overlap - do not start PBC " in wps_registrar_button_pushed()
1052 wps_pbc_overlap_event(reg->wps); in wps_registrar_button_pushed()
1053 return -2; in wps_registrar_button_pushed()
1055 wpa_printf(MSG_DEBUG, "WPS: Button pushed - PBC mode started"); in wps_registrar_button_pushed()
1056 reg->force_pbc_overlap = 0; in wps_registrar_button_pushed()
1057 reg->selected_registrar = 1; in wps_registrar_button_pushed()
1058 reg->pbc = 1; in wps_registrar_button_pushed()
1060 os_memcpy(reg->p2p_dev_addr, p2p_dev_addr, ETH_ALEN); in wps_registrar_button_pushed()
1062 os_memset(reg->p2p_dev_addr, 0, ETH_ALEN); in wps_registrar_button_pushed()
1067 wps_pbc_active_event(reg->wps); in wps_registrar_button_pushed()
1078 wpa_printf(MSG_DEBUG, "WPS: PBC completed - stopping PBC mode"); in wps_registrar_pbc_completed()
1081 wps_pbc_disable_event(reg->wps); in wps_registrar_pbc_completed()
1087 wpa_printf(MSG_DEBUG, "WPS: PIN completed using internal Registrar"); in wps_registrar_pin_completed()
1089 reg->selected_registrar = 0; in wps_registrar_pin_completed()
1097 if (registrar->pbc) { in wps_registrar_complete()
1102 os_get_reltime(®istrar->pbc_ignore_start); in wps_registrar_complete()
1104 os_memcpy(registrar->pbc_ignore_uuid, uuid_e, WPS_UUID_LEN); in wps_registrar_complete()
1112 wpa_hexdump_key(MSG_DEBUG, "WPS: Invalidated wildcard PIN", in wps_registrar_complete()
1120 if (reg->pbc) { in wps_registrar_wps_cancel()
1121 wpa_printf(MSG_DEBUG, "WPS: PBC is set - cancelling it"); in wps_registrar_wps_cancel()
1125 } else if (reg->selected_registrar) { in wps_registrar_wps_cancel()
1126 /* PIN Method */ in wps_registrar_wps_cancel()
1127 wpa_printf(MSG_DEBUG, "WPS: PIN is set - cancelling it"); in wps_registrar_wps_cancel()
1137 * wps_registrar_probe_req_rx - Notify Registrar of Probe Request
1172 if (reg->enrollee_seen_cb && attr.uuid_e && in wps_registrar_probe_req_rx()
1182 reg->enrollee_seen_cb(reg->cb_ctx, addr, attr.uuid_e, in wps_registrar_probe_req_rx()
1197 "UUID-E included"); in wps_registrar_probe_req_rx()
1200 wpa_hexdump(MSG_DEBUG, "WPS: UUID-E from Probe Request", attr.uuid_e, in wps_registrar_probe_req_rx()
1204 if (reg->pbc_ignore_start.sec && in wps_registrar_probe_req_rx()
1205 os_memcmp(attr.uuid_e, reg->pbc_ignore_uuid, WPS_UUID_LEN) == 0) { in wps_registrar_probe_req_rx()
1208 os_reltime_sub(&now, ®->pbc_ignore_start, &dur); in wps_registrar_probe_req_rx()
1215 reg->pbc_ignore_start.sec = 0; in wps_registrar_probe_req_rx()
1223 reg->force_pbc_overlap = 1; in wps_registrar_probe_req_rx()
1224 wps_pbc_overlap_event(reg->wps); in wps_registrar_probe_req_rx()
1232 if (reg->new_psk_cb == NULL) in wps_cb_new_psk()
1235 return reg->new_psk_cb(reg->cb_ctx, mac_addr, p2p_dev_addr, psk, in wps_cb_new_psk()
1243 if (reg->pin_needed_cb == NULL) in wps_cb_pin_needed()
1246 reg->pin_needed_cb(reg->cb_ctx, uuid_e, dev); in wps_cb_pin_needed()
1254 if (reg->reg_success_cb == NULL) in wps_cb_reg_success()
1257 reg->reg_success_cb(reg->cb_ctx, mac_addr, uuid_e, dev_pw, dev_pw_len); in wps_cb_reg_success()
1264 return reg->set_ie_cb(reg->cb_ctx, beacon_ie, probe_resp_ie); in wps_cb_set_ie()
1271 if (reg->set_sel_reg_cb == NULL) in wps_cb_set_sel_reg()
1274 if (reg->selected_registrar) { in wps_cb_set_sel_reg()
1275 methods = reg->wps->config_methods & ~WPS_CONFIG_PUSHBUTTON; in wps_cb_set_sel_reg()
1278 if (reg->pbc) in wps_cb_set_sel_reg()
1279 wps_set_pushbutton(&methods, reg->wps->config_methods); in wps_cb_set_sel_reg()
1284 reg->selected_registrar, reg->wps->config_methods, in wps_cb_set_sel_reg()
1285 reg->pbc, methods); in wps_cb_set_sel_reg()
1287 reg->set_sel_reg_cb(reg->cb_ctx, reg->selected_registrar, in wps_cb_set_sel_reg()
1288 reg->pbc ? DEV_PW_PUSHBUTTON : DEV_PW_DEFAULT, in wps_cb_set_sel_reg()
1296 if (!reg->lookup_pskfile_cb) in wps_cp_lookup_pskfile()
1298 return reg->lookup_pskfile_cb(reg->cb_ctx, mac_addr, psk); in wps_cp_lookup_pskfile()
1307 size_t count; in wps_set_ie() local
1311 if (reg->set_ie_cb == NULL) in wps_set_ie()
1315 if (reg->wps->dev.vendor_ext[i]) { in wps_set_ie()
1317 vendor_len += wpabuf_len(reg->wps->dev.vendor_ext[i]); in wps_set_ie()
1326 auth_macs = wps_authorized_macs(reg, &count); in wps_set_ie()
1331 wps_build_wps_state(reg->wps, beacon) || in wps_set_ie()
1332 wps_build_ap_setup_locked(reg->wps, beacon) || in wps_set_ie()
1337 (reg->dualband && wps_build_rf_bands(®->wps->dev, beacon, 0)) || in wps_set_ie()
1338 wps_build_wfa_ext(beacon, 0, auth_macs, count, 0) || in wps_set_ie()
1339 wps_build_vendor_ext(®->wps->dev, beacon) || in wps_set_ie()
1340 wps_build_application_ext(®->wps->dev, beacon)) in wps_set_ie()
1344 if (wps_build_dev_name(®->wps->dev, beacon) || in wps_set_ie()
1345 wps_build_primary_dev_type(®->wps->dev, beacon)) in wps_set_ie()
1352 wps_build_wps_state(reg->wps, probe) || in wps_set_ie()
1353 wps_build_ap_setup_locked(reg->wps, probe) || in wps_set_ie()
1357 wps_build_resp_type(probe, reg->wps->ap ? WPS_RESP_AP : in wps_set_ie()
1359 wps_build_uuid_e(probe, reg->wps->uuid) || in wps_set_ie()
1360 wps_build_device_attrs(®->wps->dev, probe) || in wps_set_ie()
1362 (reg->dualband && wps_build_rf_bands(®->wps->dev, probe, 0)) || in wps_set_ie()
1363 wps_build_wfa_ext(probe, 0, auth_macs, count, 0) || in wps_set_ie()
1364 wps_build_vendor_ext(®->wps->dev, probe) || in wps_set_ie()
1365 wps_build_application_ext(®->wps->dev, probe)) in wps_set_ie()
1378 return -1; in wps_set_ie()
1384 const u8 *pin; in wps_get_dev_password() local
1387 bin_clear_free(wps->dev_password, wps->dev_password_len); in wps_get_dev_password()
1388 wps->dev_password = NULL; in wps_get_dev_password()
1390 if (wps->pbc) { in wps_get_dev_password()
1391 wpa_printf(MSG_DEBUG, "WPS: Use default PIN for PBC"); in wps_get_dev_password()
1392 pin = (const u8 *) "00000000"; in wps_get_dev_password()
1395 } else if (wps->nfc_pw_token) { in wps_get_dev_password()
1396 if (wps->nfc_pw_token->pw_id == DEV_PW_NFC_CONNECTION_HANDOVER) in wps_get_dev_password()
1405 pin = wps->nfc_pw_token->dev_pw; in wps_get_dev_password()
1406 pin_len = wps->nfc_pw_token->dev_pw_len; in wps_get_dev_password()
1407 } else if (wps->dev_pw_id >= 0x10 && in wps_get_dev_password()
1408 wps->wps->ap_nfc_dev_pw_id == wps->dev_pw_id && in wps_get_dev_password()
1409 wps->wps->ap_nfc_dev_pw) { in wps_get_dev_password()
1411 pin = wpabuf_head(wps->wps->ap_nfc_dev_pw); in wps_get_dev_password()
1412 pin_len = wpabuf_len(wps->wps->ap_nfc_dev_pw); in wps_get_dev_password()
1415 pin = wps_registrar_get_pin(wps->wps->registrar, wps->uuid_e, in wps_get_dev_password()
1417 if (pin && wps->dev_pw_id >= 0x10) { in wps_get_dev_password()
1419 "Password ID, but PIN found"); in wps_get_dev_password()
1421 * See whether Enrollee is willing to use PIN instead. in wps_get_dev_password()
1423 wps->dev_pw_id = DEV_PW_DEFAULT; in wps_get_dev_password()
1426 if (pin == NULL) { in wps_get_dev_password()
1429 wps->wps, wps->wps->registrar); in wps_get_dev_password()
1430 wps_cb_pin_needed(wps->wps->registrar, wps->uuid_e, in wps_get_dev_password()
1431 &wps->peer_dev); in wps_get_dev_password()
1432 return -1; in wps_get_dev_password()
1435 wps->dev_password = os_memdup(pin, pin_len); in wps_get_dev_password()
1436 if (wps->dev_password == NULL) in wps_get_dev_password()
1437 return -1; in wps_get_dev_password()
1438 wps->dev_password_len = pin_len; in wps_get_dev_password()
1446 wpa_printf(MSG_DEBUG, "WPS: * UUID-R"); in wps_build_uuid_r()
1449 wpabuf_put_data(msg, wps->uuid_r, WPS_UUID_LEN); in wps_build_uuid_r()
1460 if (random_get_bytes(wps->snonce, 2 * WPS_SECRET_NONCE_LEN) < 0) in wps_build_r_hash()
1461 return -1; in wps_build_r_hash()
1462 wpa_hexdump(MSG_DEBUG, "WPS: R-S1", wps->snonce, WPS_SECRET_NONCE_LEN); in wps_build_r_hash()
1463 wpa_hexdump(MSG_DEBUG, "WPS: R-S2", in wps_build_r_hash()
1464 wps->snonce + WPS_SECRET_NONCE_LEN, WPS_SECRET_NONCE_LEN); in wps_build_r_hash()
1466 if (wps->dh_pubkey_e == NULL || wps->dh_pubkey_r == NULL) { in wps_build_r_hash()
1468 "R-Hash derivation"); in wps_build_r_hash()
1469 return -1; in wps_build_r_hash()
1472 wpa_printf(MSG_DEBUG, "WPS: * R-Hash1"); in wps_build_r_hash()
1476 /* R-Hash1 = HMAC_AuthKey(R-S1 || PSK1 || PK_E || PK_R) */ in wps_build_r_hash()
1477 addr[0] = wps->snonce; in wps_build_r_hash()
1479 addr[1] = wps->psk1; in wps_build_r_hash()
1481 addr[2] = wpabuf_head(wps->dh_pubkey_e); in wps_build_r_hash()
1482 len[2] = wpabuf_len(wps->dh_pubkey_e); in wps_build_r_hash()
1483 addr[3] = wpabuf_head(wps->dh_pubkey_r); in wps_build_r_hash()
1484 len[3] = wpabuf_len(wps->dh_pubkey_r); in wps_build_r_hash()
1485 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash); in wps_build_r_hash()
1486 wpa_hexdump(MSG_DEBUG, "WPS: R-Hash1", hash, SHA256_MAC_LEN); in wps_build_r_hash()
1488 wpa_printf(MSG_DEBUG, "WPS: * R-Hash2"); in wps_build_r_hash()
1492 /* R-Hash2 = HMAC_AuthKey(R-S2 || PSK2 || PK_E || PK_R) */ in wps_build_r_hash()
1493 addr[0] = wps->snonce + WPS_SECRET_NONCE_LEN; in wps_build_r_hash()
1494 addr[1] = wps->psk2; in wps_build_r_hash()
1495 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash); in wps_build_r_hash()
1496 wpa_hexdump(MSG_DEBUG, "WPS: R-Hash2", hash, SHA256_MAC_LEN); in wps_build_r_hash()
1504 wpa_printf(MSG_DEBUG, "WPS: * R-SNonce1"); in wps_build_r_snonce1()
1507 wpabuf_put_data(msg, wps->snonce, WPS_SECRET_NONCE_LEN); in wps_build_r_snonce1()
1514 wpa_printf(MSG_DEBUG, "WPS: * R-SNonce2"); in wps_build_r_snonce2()
1517 wpabuf_put_data(msg, wps->snonce + WPS_SECRET_NONCE_LEN, in wps_build_r_snonce2()
1539 cred->ssid, cred->ssid_len); in wps_build_cred_ssid()
1541 wpabuf_put_be16(msg, cred->ssid_len); in wps_build_cred_ssid()
1542 wpabuf_put_data(msg, cred->ssid, cred->ssid_len); in wps_build_cred_ssid()
1551 cred->auth_type); in wps_build_cred_auth_type()
1554 wpabuf_put_be16(msg, cred->auth_type); in wps_build_cred_auth_type()
1563 cred->encr_type); in wps_build_cred_encr_type()
1566 wpabuf_put_be16(msg, cred->encr_type); in wps_build_cred_encr_type()
1575 (int) cred->key_len); in wps_build_cred_network_key()
1577 cred->key, cred->key_len); in wps_build_cred_network_key()
1579 wpabuf_put_be16(msg, cred->key_len); in wps_build_cred_network_key()
1580 wpabuf_put_data(msg, cred->key, cred->key_len); in wps_build_cred_network_key()
1593 wps_build_mac_addr(msg, cred->mac_addr)) in wps_build_credential()
1594 return -1; in wps_build_credential()
1605 return -1; in wps_build_credential_wrap()
1608 return -1; in wps_build_credential_wrap()
1621 struct wps_registrar *reg = wps->wps->registrar; in wps_build_cred()
1625 if (wps->wps->registrar->skip_cred_build) in wps_build_cred()
1629 if (wps->use_cred) { in wps_build_cred()
1630 os_memcpy(&wps->cred, wps->use_cred, sizeof(wps->cred)); in wps_build_cred()
1633 os_memset(&wps->cred, 0, sizeof(wps->cred)); in wps_build_cred()
1635 if (wps->peer_dev.multi_ap_ext == MULTI_AP_BACKHAUL_STA && in wps_build_cred()
1636 reg->multi_ap_backhaul_ssid_len) { in wps_build_cred()
1638 os_memcpy(wps->cred.ssid, reg->multi_ap_backhaul_ssid, in wps_build_cred()
1639 reg->multi_ap_backhaul_ssid_len); in wps_build_cred()
1640 wps->cred.ssid_len = reg->multi_ap_backhaul_ssid_len; in wps_build_cred()
1642 wps->cred.auth_type = WPS_AUTH_WPA2PSK; in wps_build_cred()
1643 wps->cred.encr_type = WPS_ENCR_AES; in wps_build_cred()
1647 os_memcpy(wps->cred.mac_addr, wps->mac_addr_e, ETH_ALEN); in wps_build_cred()
1648 if (reg->multi_ap_backhaul_network_key) { in wps_build_cred()
1649 os_memcpy(wps->cred.key, in wps_build_cred()
1650 reg->multi_ap_backhaul_network_key, in wps_build_cred()
1651 reg->multi_ap_backhaul_network_key_len); in wps_build_cred()
1652 wps->cred.key_len = in wps_build_cred()
1653 reg->multi_ap_backhaul_network_key_len; in wps_build_cred()
1658 os_memcpy(wps->cred.ssid, wps->wps->ssid, wps->wps->ssid_len); in wps_build_cred()
1659 wps->cred.ssid_len = wps->wps->ssid_len; in wps_build_cred()
1663 "WPS: Own auth types 0x%x - masked Enrollee auth types 0x%x", in wps_build_cred()
1664 wps->wps->auth_types, wps->auth_type); in wps_build_cred()
1665 if (wps->auth_type & WPS_AUTH_WPA2PSK) in wps_build_cred()
1666 wps->auth_type = WPS_AUTH_WPA2PSK; in wps_build_cred()
1668 else if (wps->auth_type & WPS_AUTH_WPAPSK) in wps_build_cred()
1669 wps->auth_type = WPS_AUTH_WPAPSK; in wps_build_cred()
1671 else if (wps->auth_type & WPS_AUTH_OPEN) in wps_build_cred()
1672 wps->auth_type = WPS_AUTH_OPEN; in wps_build_cred()
1675 wps->auth_type); in wps_build_cred()
1676 return -1; in wps_build_cred()
1678 wps->cred.auth_type = wps->auth_type; in wps_build_cred()
1681 "WPS: Own encr types 0x%x (rsn: 0x%x, wpa: 0x%x) - masked Enrollee encr types 0x%x", in wps_build_cred()
1682 wps->wps->encr_types, wps->wps->encr_types_rsn, in wps_build_cred()
1683 wps->wps->encr_types_wpa, wps->encr_type); in wps_build_cred()
1684 if (wps->wps->ap && wps->auth_type == WPS_AUTH_WPA2PSK) in wps_build_cred()
1685 wps->encr_type &= wps->wps->encr_types_rsn; in wps_build_cred()
1686 else if (wps->wps->ap && wps->auth_type == WPS_AUTH_WPAPSK) in wps_build_cred()
1687 wps->encr_type &= wps->wps->encr_types_wpa; in wps_build_cred()
1688 if (wps->auth_type == WPS_AUTH_WPA2PSK || in wps_build_cred()
1689 wps->auth_type == WPS_AUTH_WPAPSK) { in wps_build_cred()
1690 if (wps->encr_type & WPS_ENCR_AES) in wps_build_cred()
1691 wps->encr_type = WPS_ENCR_AES; in wps_build_cred()
1693 else if (wps->encr_type & WPS_ENCR_TKIP) in wps_build_cred()
1694 wps->encr_type = WPS_ENCR_TKIP; in wps_build_cred()
1699 return -1; in wps_build_cred()
1702 if (wps->encr_type & WPS_ENCR_NONE) in wps_build_cred()
1703 wps->encr_type = WPS_ENCR_NONE; in wps_build_cred()
1705 else if (wps->encr_type & WPS_ENCR_WEP) in wps_build_cred()
1706 wps->encr_type = WPS_ENCR_WEP; in wps_build_cred()
1710 "type for non-WPA/WPA2 mode"); in wps_build_cred()
1711 return -1; in wps_build_cred()
1714 wps->cred.encr_type = wps->encr_type; in wps_build_cred()
1718 os_memcpy(wps->cred.mac_addr, wps->mac_addr_e, ETH_ALEN); in wps_build_cred()
1720 if (wps->wps->wps_state == WPS_STATE_NOT_CONFIGURED && wps->wps->ap && in wps_build_cred()
1721 !wps->wps->registrar->disable_auto_conf) { in wps_build_cred()
1728 return -1; in wps_build_cred()
1730 os_free(wps->new_psk); in wps_build_cred()
1731 wps->new_psk = (u8 *) base64_encode(r, sizeof(r), in wps_build_cred()
1732 &wps->new_psk_len); in wps_build_cred()
1733 if (wps->new_psk == NULL) in wps_build_cred()
1734 return -1; in wps_build_cred()
1735 wps->new_psk_len--; /* remove newline */ in wps_build_cred()
1736 while (wps->new_psk_len && in wps_build_cred()
1737 wps->new_psk[wps->new_psk_len - 1] == '=') in wps_build_cred()
1738 wps->new_psk_len--; in wps_build_cred()
1740 wps->new_psk, wps->new_psk_len); in wps_build_cred()
1741 os_memcpy(wps->cred.key, wps->new_psk, wps->new_psk_len); in wps_build_cred()
1742 wps->cred.key_len = wps->new_psk_len; in wps_build_cred()
1743 } else if (wps_cp_lookup_pskfile(reg, wps->mac_addr_e, &pskfile_psk)) { in wps_build_cred()
1747 os_memcpy(wps->cred.key, hex, PMK_LEN * 2); in wps_build_cred()
1748 wps->cred.key_len = PMK_LEN * 2; in wps_build_cred()
1749 } else if (!wps->wps->registrar->force_per_enrollee_psk && in wps_build_cred()
1750 wps->use_psk_key && wps->wps->psk_set) { in wps_build_cred()
1752 wpa_snprintf_hex(hex, sizeof(hex), wps->wps->psk, PMK_LEN); in wps_build_cred()
1753 os_memcpy(wps->cred.key, hex, PMK_LEN * 2); in wps_build_cred()
1754 wps->cred.key_len = PMK_LEN * 2; in wps_build_cred()
1755 } else if ((!wps->wps->registrar->force_per_enrollee_psk || in wps_build_cred()
1756 wps->wps->use_passphrase) && wps->wps->network_key) { in wps_build_cred()
1759 os_memcpy(wps->cred.key, wps->wps->network_key, in wps_build_cred()
1760 wps->wps->network_key_len); in wps_build_cred()
1761 wps->cred.key_len = wps->wps->network_key_len; in wps_build_cred()
1762 } else if (wps->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK)) { in wps_build_cred()
1763 /* Generate a random per-device PSK */ in wps_build_cred()
1764 os_free(wps->new_psk); in wps_build_cred()
1765 wps->new_psk_len = PMK_LEN; in wps_build_cred()
1766 wps->new_psk = os_malloc(wps->new_psk_len); in wps_build_cred()
1767 if (wps->new_psk == NULL) in wps_build_cred()
1768 return -1; in wps_build_cred()
1770 random_get_bytes(wps->new_psk, wps->new_psk_len) < 0) { in wps_build_cred()
1773 os_free(wps->new_psk); in wps_build_cred()
1774 wps->new_psk = NULL; in wps_build_cred()
1775 return -1; in wps_build_cred()
1777 wpa_hexdump_key(MSG_DEBUG, "WPS: Generated per-device PSK", in wps_build_cred()
1778 wps->new_psk, wps->new_psk_len); in wps_build_cred()
1779 wpa_snprintf_hex(hex, sizeof(hex), wps->new_psk, in wps_build_cred()
1780 wps->new_psk_len); in wps_build_cred()
1781 os_memcpy(wps->cred.key, hex, wps->new_psk_len * 2); in wps_build_cred()
1782 wps->cred.key_len = wps->new_psk_len * 2; in wps_build_cred()
1801 os_memcpy(stub.mac_addr, wps->mac_addr_e, ETH_ALEN); in wps_build_cred()
1815 return -1; in wps_build_cred()
1817 if (wps_build_credential(cred, &wps->cred)) { in wps_build_cred()
1819 return -1; in wps_build_cred()
1828 if (wps->wps->registrar->extra_cred) { in wps_build_cred()
1829 wpa_printf(MSG_DEBUG, "WPS: * Credential (pre-configured)"); in wps_build_cred()
1830 wpabuf_put_buf(msg, wps->wps->registrar->extra_cred); in wps_build_cred()
1841 if (wps_build_credential(msg, &wps->cred)) in wps_build_ap_settings()
1842 return -1; in wps_build_ap_settings()
1882 if (random_get_bytes(wps->nonce_r, WPS_NONCE_LEN) < 0) in wps_build_m2()
1885 wps->nonce_r, WPS_NONCE_LEN); in wps_build_m2()
1886 wpa_hexdump(MSG_DEBUG, "WPS: UUID-R", wps->uuid_r, WPS_UUID_LEN); in wps_build_m2()
1903 wps_build_config_methods_r(wps->wps->registrar, msg) || in wps_build_m2()
1904 wps_build_device_attrs(&wps->wps->dev, msg) || in wps_build_m2()
1905 wps_build_rf_bands(&wps->wps->dev, msg, in wps_build_m2()
1906 wps->wps->rf_band_cb(wps->wps->cb_ctx)) || in wps_build_m2()
1909 wps_build_dev_password_id(msg, wps->dev_pw_id) || in wps_build_m2()
1910 wps_build_os_version(&wps->wps->dev, msg) || in wps_build_m2()
1917 if (wps->nfc_pw_token && wps->nfc_pw_token->pk_hash_provided_oob && in wps_build_m2()
1918 wps->nfc_pw_token->pw_id == DEV_PW_NFC_CONNECTION_HANDOVER) { in wps_build_m2()
1944 wps->int_reg = 1; in wps_build_m2()
1945 wps->state = config_in_m2 ? RECV_DONE : RECV_M3; in wps_build_m2()
1953 u16 err = wps->config_error; in wps_build_m2d()
1960 if (wps->wps->ap && wps->wps->ap_setup_locked && in wps_build_m2d()
1972 wps_build_config_methods_r(wps->wps->registrar, msg) || in wps_build_m2d()
1973 wps_build_device_attrs(&wps->wps->dev, msg) || in wps_build_m2d()
1974 wps_build_rf_bands(&wps->wps->dev, msg, in wps_build_m2d()
1975 wps->wps->rf_band_cb(wps->wps->cb_ctx)) || in wps_build_m2d()
1978 wps_build_os_version(&wps->wps->dev, msg) || in wps_build_m2d()
1984 wps->state = RECV_M2D_ACK; in wps_build_m2d()
1995 if (wps_derive_psk(wps, wps->dev_password, wps->dev_password_len) < 0) in wps_build_m4()
2023 wps->state = RECV_M5; in wps_build_m4()
2058 wps->wps_pin_revealed = 1; in wps_build_m6()
2059 wps->state = RECV_M7; in wps_build_m6()
2083 ((wps->wps->ap || wps->er) && wps_build_cred(wps, plain)) || in wps_build_m8()
2084 (!wps->wps->ap && !wps->er && wps_build_ap_settings(wps, plain)) || in wps_build_m8()
2095 wps->state = RECV_DONE; in wps_build_m8()
2106 if (!wps->int_reg && wps->wps->wps_upnp) { in wps_registrar_get_msg()
2108 if (wps->ext_reg > 1) in wps_registrar_get_msg()
2109 wps_registrar_free_pending_m2(wps->wps); in wps_registrar_get_msg()
2110 p = wps->wps->upnp_msgs; in wps_registrar_get_msg()
2112 while (p && p->next) { in wps_registrar_get_msg()
2114 p = p->next; in wps_registrar_get_msg()
2120 prev->next = NULL; in wps_registrar_get_msg()
2122 wps->wps->upnp_msgs = NULL; in wps_registrar_get_msg()
2123 msg = p->msg; in wps_registrar_get_msg()
2124 switch (p->type) { in wps_registrar_get_msg()
2136 if (wps->ext_reg == 0) in wps_registrar_get_msg()
2137 wps->ext_reg = 1; in wps_registrar_get_msg()
2141 if (wps->ext_reg) { in wps_registrar_get_msg()
2148 switch (wps->state) { in wps_registrar_get_msg()
2182 "a message", wps->state); in wps_registrar_get_msg()
2190 wpabuf_free(wps->last_msg); in wps_registrar_get_msg()
2191 wps->last_msg = wpabuf_dup(msg); in wps_registrar_get_msg()
2202 return -1; in wps_process_enrollee_nonce()
2205 os_memcpy(wps->nonce_e, e_nonce, WPS_NONCE_LEN); in wps_process_enrollee_nonce()
2207 wps->nonce_e, WPS_NONCE_LEN); in wps_process_enrollee_nonce()
2217 return -1; in wps_process_registrar_nonce()
2220 if (os_memcmp(wps->nonce_r, r_nonce, WPS_NONCE_LEN) != 0) { in wps_process_registrar_nonce()
2222 return -1; in wps_process_registrar_nonce()
2232 wpa_printf(MSG_DEBUG, "WPS: No UUID-E received"); in wps_process_uuid_e()
2233 return -1; in wps_process_uuid_e()
2236 os_memcpy(wps->uuid_e, uuid_e, WPS_UUID_LEN); in wps_process_uuid_e()
2237 wpa_hexdump(MSG_DEBUG, "WPS: UUID-E", wps->uuid_e, WPS_UUID_LEN); in wps_process_uuid_e()
2247 return -1; in wps_process_dev_password_id()
2250 wps->dev_pw_id = WPA_GET_BE16(pw_id); in wps_process_dev_password_id()
2251 wpa_printf(MSG_DEBUG, "WPS: Device Password ID %d", wps->dev_pw_id); in wps_process_dev_password_id()
2260 wpa_printf(MSG_DEBUG, "WPS: No E-Hash1 received"); in wps_process_e_hash1()
2261 return -1; in wps_process_e_hash1()
2264 os_memcpy(wps->peer_hash1, e_hash1, WPS_HASH_LEN); in wps_process_e_hash1()
2265 wpa_hexdump(MSG_DEBUG, "WPS: E-Hash1", wps->peer_hash1, WPS_HASH_LEN); in wps_process_e_hash1()
2274 wpa_printf(MSG_DEBUG, "WPS: No E-Hash2 received"); in wps_process_e_hash2()
2275 return -1; in wps_process_e_hash2()
2278 os_memcpy(wps->peer_hash2, e_hash2, WPS_HASH_LEN); in wps_process_e_hash2()
2279 wpa_hexdump(MSG_DEBUG, "WPS: E-Hash2", wps->peer_hash2, WPS_HASH_LEN); in wps_process_e_hash2()
2292 wpa_printf(MSG_DEBUG, "WPS: No E-SNonce1 received"); in wps_process_e_snonce1()
2293 return -1; in wps_process_e_snonce1()
2296 wpa_hexdump_key(MSG_DEBUG, "WPS: E-SNonce1", e_snonce1, in wps_process_e_snonce1()
2299 /* E-Hash1 = HMAC_AuthKey(E-S1 || PSK1 || PK_E || PK_R) */ in wps_process_e_snonce1()
2302 addr[1] = wps->psk1; in wps_process_e_snonce1()
2304 addr[2] = wpabuf_head(wps->dh_pubkey_e); in wps_process_e_snonce1()
2305 len[2] = wpabuf_len(wps->dh_pubkey_e); in wps_process_e_snonce1()
2306 addr[3] = wpabuf_head(wps->dh_pubkey_r); in wps_process_e_snonce1()
2307 len[3] = wpabuf_len(wps->dh_pubkey_r); in wps_process_e_snonce1()
2308 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash); in wps_process_e_snonce1()
2310 if (os_memcmp_const(wps->peer_hash1, hash, WPS_HASH_LEN) != 0) { in wps_process_e_snonce1()
2311 wpa_printf(MSG_DEBUG, "WPS: E-Hash1 derived from E-S1 does " in wps_process_e_snonce1()
2312 "not match with the pre-committed value"); in wps_process_e_snonce1()
2313 wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE; in wps_process_e_snonce1()
2314 wps_pwd_auth_fail_event(wps->wps, 0, 1, wps->mac_addr_e); in wps_process_e_snonce1()
2315 return -1; in wps_process_e_snonce1()
2332 wpa_printf(MSG_DEBUG, "WPS: No E-SNonce2 received"); in wps_process_e_snonce2()
2333 return -1; in wps_process_e_snonce2()
2336 wpa_hexdump_key(MSG_DEBUG, "WPS: E-SNonce2", e_snonce2, in wps_process_e_snonce2()
2339 /* E-Hash2 = HMAC_AuthKey(E-S2 || PSK2 || PK_E || PK_R) */ in wps_process_e_snonce2()
2342 addr[1] = wps->psk2; in wps_process_e_snonce2()
2344 addr[2] = wpabuf_head(wps->dh_pubkey_e); in wps_process_e_snonce2()
2345 len[2] = wpabuf_len(wps->dh_pubkey_e); in wps_process_e_snonce2()
2346 addr[3] = wpabuf_head(wps->dh_pubkey_r); in wps_process_e_snonce2()
2347 len[3] = wpabuf_len(wps->dh_pubkey_r); in wps_process_e_snonce2()
2348 hmac_sha256_vector(wps->authkey, WPS_AUTHKEY_LEN, 4, addr, len, hash); in wps_process_e_snonce2()
2350 if (os_memcmp_const(wps->peer_hash2, hash, WPS_HASH_LEN) != 0) { in wps_process_e_snonce2()
2351 wpa_printf(MSG_DEBUG, "WPS: E-Hash2 derived from E-S2 does " in wps_process_e_snonce2()
2352 "not match with the pre-committed value"); in wps_process_e_snonce2()
2353 wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e); in wps_process_e_snonce2()
2354 wps->config_error = WPS_CFG_DEV_PASSWORD_AUTH_FAILURE; in wps_process_e_snonce2()
2355 wps_pwd_auth_fail_event(wps->wps, 0, 2, wps->mac_addr_e); in wps_process_e_snonce2()
2356 return -1; in wps_process_e_snonce2()
2361 wps->wps_pin_revealed = 0; in wps_process_e_snonce2()
2362 wps_registrar_unlock_pin(wps->wps->registrar, wps->uuid_e); in wps_process_e_snonce2()
2365 * In case wildcard PIN is used and WPS handshake succeeds in the first in wps_process_e_snonce2()
2366 * attempt, wps_registrar_unlock_pin() would not free the PIN, so make in wps_process_e_snonce2()
2367 * sure the PIN gets invalidated here. in wps_process_e_snonce2()
2369 wps_registrar_invalidate_pin(wps->wps->registrar, wps->uuid_e); in wps_process_e_snonce2()
2379 return -1; in wps_process_mac_addr()
2384 os_memcpy(wps->mac_addr_e, mac_addr, ETH_ALEN); in wps_process_mac_addr()
2385 os_memcpy(wps->peer_dev.mac_addr, mac_addr, ETH_ALEN); in wps_process_mac_addr()
2396 return -1; in wps_process_pubkey()
2399 wpabuf_free(wps->dh_pubkey_e); in wps_process_pubkey()
2400 wps->dh_pubkey_e = wpabuf_alloc_copy(pk, pk_len); in wps_process_pubkey()
2401 if (wps->dh_pubkey_e == NULL) in wps_process_pubkey()
2402 return -1; in wps_process_pubkey()
2415 return -1; in wps_process_auth_type_flags()
2435 "WPS: Workaround - assume Enrollee supports WPA2PSK based on claimed WPA2 support"); in wps_process_auth_type_flags()
2439 wps->auth_type = wps->wps->auth_types & auth_types; in wps_process_auth_type_flags()
2440 if (wps->auth_type == 0) { in wps_process_auth_type_flags()
2443 wps->wps->auth_types, auth_types); in wps_process_auth_type_flags()
2452 wpa_printf(MSG_DEBUG, "WPS: Workaround - assume Enrollee " in wps_process_auth_type_flags()
2455 wps->auth_type = wps->wps->auth_types; in wps_process_auth_type_flags()
2457 return -1; in wps_process_auth_type_flags()
2472 return -1; in wps_process_encr_type_flags()
2479 wps->encr_type = wps->wps->encr_types & encr_types; in wps_process_encr_type_flags()
2480 if (wps->encr_type == 0) { in wps_process_encr_type_flags()
2483 wps->wps->encr_types, encr_types); in wps_process_encr_type_flags()
2492 wpa_printf(MSG_DEBUG, "WPS: Workaround - assume Enrollee " in wps_process_encr_type_flags()
2495 wps->encr_type = wps->wps->encr_types; in wps_process_encr_type_flags()
2497 return -1; in wps_process_encr_type_flags()
2510 return -1; in wps_process_conn_type_flags()
2526 return -1; in wps_process_config_methods()
2543 if (!(m & WPS_CONFIG_DISPLAY) && !wps->use_psk_key) { in wps_process_config_methods()
2551 wps->use_psk_key = 1; in wps_process_config_methods()
2561 wpa_printf(MSG_DEBUG, "WPS: No Wi-Fi Protected Setup State " in wps_process_wps_state()
2563 return -1; in wps_process_wps_state()
2566 wpa_printf(MSG_DEBUG, "WPS: Enrollee Wi-Fi Protected Setup State %d", in wps_process_wps_state()
2579 return -1; in wps_process_assoc_state()
2595 return -1; in wps_process_config_error()
2608 struct wps_registrar *reg = wps->wps->registrar; in wps_registrar_p2p_dev_addr_match()
2610 if (is_zero_ether_addr(reg->p2p_dev_addr)) in wps_registrar_p2p_dev_addr_match()
2613 if (!ether_addr_equal(reg->p2p_dev_addr, wps->p2p_dev_addr)) { in wps_registrar_p2p_dev_addr_match()
2616 MACSTR " - indicate PBC session overlap", in wps_registrar_p2p_dev_addr_match()
2617 MAC2STR(reg->p2p_dev_addr), in wps_registrar_p2p_dev_addr_match()
2618 MAC2STR(wps->p2p_dev_addr)); in wps_registrar_p2p_dev_addr_match()
2629 struct wps_registrar *reg = wps->wps->registrar; in wps_registrar_skip_overlap()
2631 if (is_zero_ether_addr(reg->p2p_dev_addr)) in wps_registrar_skip_overlap()
2634 if (ether_addr_equal(reg->p2p_dev_addr, wps->p2p_dev_addr)) { in wps_registrar_skip_overlap()
2649 if (wps->state != RECV_M1) { in wps_process_m1()
2651 "receiving M1", wps->state); in wps_process_m1()
2655 if (wps_process_uuid_e(wps, attr->uuid_e) || in wps_process_m1()
2656 wps_process_mac_addr(wps, attr->mac_addr) || in wps_process_m1()
2657 wps_process_enrollee_nonce(wps, attr->enrollee_nonce) || in wps_process_m1()
2658 wps_process_pubkey(wps, attr->public_key, attr->public_key_len) || in wps_process_m1()
2659 wps_process_auth_type_flags(wps, attr->auth_type_flags) || in wps_process_m1()
2660 wps_process_encr_type_flags(wps, attr->encr_type_flags) || in wps_process_m1()
2661 wps_process_conn_type_flags(wps, attr->conn_type_flags) || in wps_process_m1()
2662 wps_process_config_methods(wps, attr->config_methods) || in wps_process_m1()
2663 wps_process_wps_state(wps, attr->wps_state) || in wps_process_m1()
2664 wps_process_device_attrs(&wps->peer_dev, attr) || in wps_process_m1()
2665 wps_process_rf_bands(&wps->peer_dev, attr->rf_bands) || in wps_process_m1()
2666 wps_process_assoc_state(wps, attr->assoc_state) || in wps_process_m1()
2667 wps_process_dev_password_id(wps, attr->dev_password_id) || in wps_process_m1()
2668 wps_process_config_error(wps, attr->config_error) || in wps_process_m1()
2669 wps_process_os_version(&wps->peer_dev, attr->os_version)) in wps_process_m1()
2672 if (wps->dev_pw_id < 0x10 && in wps_process_m1()
2673 wps->dev_pw_id != DEV_PW_DEFAULT && in wps_process_m1()
2674 wps->dev_pw_id != DEV_PW_P2PS_DEFAULT && in wps_process_m1()
2675 wps->dev_pw_id != DEV_PW_USER_SPECIFIED && in wps_process_m1()
2676 wps->dev_pw_id != DEV_PW_MACHINE_SPECIFIED && in wps_process_m1()
2677 wps->dev_pw_id != DEV_PW_REGISTRAR_SPECIFIED && in wps_process_m1()
2679 wps->dev_pw_id != DEV_PW_NFC_CONNECTION_HANDOVER && in wps_process_m1()
2681 (wps->dev_pw_id != DEV_PW_PUSHBUTTON || in wps_process_m1()
2682 !wps->wps->registrar->pbc)) { in wps_process_m1()
2684 wps->dev_pw_id); in wps_process_m1()
2685 wps->state = SEND_M2D; in wps_process_m1()
2690 if (wps->dev_pw_id >= 0x10 || in wps_process_m1()
2691 wps->dev_pw_id == DEV_PW_NFC_CONNECTION_HANDOVER) { in wps_process_m1()
2697 wps->dev_pw_id, wps->wps, wps->wps->registrar); in wps_process_m1()
2699 &wps->wps->registrar->nfc_pw_tokens, wps->dev_pw_id); in wps_process_m1()
2700 if (token && token->peer_pk_hash_known) { in wps_process_m1()
2705 dl_list_del(&token->list); in wps_process_m1()
2706 wps->nfc_pw_token = token; in wps_process_m1()
2708 addr[0] = attr->public_key; in wps_process_m1()
2709 len = attr->public_key_len; in wps_process_m1()
2712 wps->nfc_pw_token->pubkey_hash, in wps_process_m1()
2716 wps->state = SEND_M2D; in wps_process_m1()
2717 wps->config_error = in wps_process_m1()
2724 wps->nfc_pw_token = token; in wps_process_m1()
2725 } else if (wps->dev_pw_id >= 0x10 && in wps_process_m1()
2726 wps->wps->ap_nfc_dev_pw_id == wps->dev_pw_id && in wps_process_m1()
2727 wps->wps->ap_nfc_dev_pw) { in wps_process_m1()
2733 if (wps->dev_pw_id == DEV_PW_PUSHBUTTON) { in wps_process_m1()
2734 if ((wps->wps->registrar->force_pbc_overlap || in wps_process_m1()
2735 wps_registrar_pbc_overlap(wps->wps->registrar, in wps_process_m1()
2736 wps->mac_addr_e, wps->uuid_e) || in wps_process_m1()
2739 wpa_printf(MSG_DEBUG, "WPS: PBC overlap - deny PBC " in wps_process_m1()
2741 wps->state = SEND_M2D; in wps_process_m1()
2742 wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; in wps_process_m1()
2743 wps_pbc_overlap_event(wps->wps); in wps_process_m1()
2744 wps_fail_event(wps->wps, WPS_M1, in wps_process_m1()
2746 WPS_EI_NO_ERROR, wps->mac_addr_e); in wps_process_m1()
2747 wps->wps->registrar->force_pbc_overlap = 1; in wps_process_m1()
2750 wps_registrar_add_pbc_session(wps->wps->registrar, in wps_process_m1()
2751 wps->mac_addr_e, wps->uuid_e); in wps_process_m1()
2752 wps->pbc = 1; in wps_process_m1()
2761 if (!wps->use_psk_key && in wps_process_m1()
2762 wps->peer_dev.manufacturer && in wps_process_m1()
2763 os_strncmp(wps->peer_dev.manufacturer, "Apple ", 6) == 0 && in wps_process_m1()
2764 wps->peer_dev.model_name && in wps_process_m1()
2765 os_strcmp(wps->peer_dev.model_name, "AirPort") == 0) { in wps_process_m1()
2766 wpa_printf(MSG_DEBUG, "WPS: Workaround - Force Network Key in " in wps_process_m1()
2768 wps->use_psk_key = 1; in wps_process_m1()
2771 wps_process_vendor_ext_m1(&wps->peer_dev, attr->multi_ap_ext); in wps_process_m1()
2773 wps->state = SEND_M2; in wps_process_m1()
2784 if (wps->state != RECV_M3) { in wps_process_m3()
2786 "receiving M3", wps->state); in wps_process_m3()
2787 wps->state = SEND_WSC_NACK; in wps_process_m3()
2791 if (wps->pbc && wps->wps->registrar->force_pbc_overlap && in wps_process_m3()
2795 wps->state = SEND_WSC_NACK; in wps_process_m3()
2796 wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; in wps_process_m3()
2800 if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || in wps_process_m3()
2801 wps_process_authenticator(wps, attr->authenticator, msg) || in wps_process_m3()
2802 wps_process_e_hash1(wps, attr->e_hash1) || in wps_process_m3()
2803 wps_process_e_hash2(wps, attr->e_hash2)) { in wps_process_m3()
2804 wps->state = SEND_WSC_NACK; in wps_process_m3()
2808 wps->state = SEND_M4; in wps_process_m3()
2822 if (wps->state != RECV_M5) { in wps_process_m5()
2824 "receiving M5", wps->state); in wps_process_m5()
2825 wps->state = SEND_WSC_NACK; in wps_process_m5()
2829 if (wps->pbc && wps->wps->registrar->force_pbc_overlap && in wps_process_m5()
2833 wps->state = SEND_WSC_NACK; in wps_process_m5()
2834 wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; in wps_process_m5()
2838 if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || in wps_process_m5()
2839 wps_process_authenticator(wps, attr->authenticator, msg)) { in wps_process_m5()
2840 wps->state = SEND_WSC_NACK; in wps_process_m5()
2844 decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings, in wps_process_m5()
2845 attr->encr_settings_len); in wps_process_m5()
2849 wps->state = SEND_WSC_NACK; in wps_process_m5()
2853 if (wps_validate_m5_encr(decrypted, attr->version2 != NULL) < 0) { in wps_process_m5()
2855 wps->state = SEND_WSC_NACK; in wps_process_m5()
2865 wps->state = SEND_WSC_NACK; in wps_process_m5()
2870 wps->state = SEND_M6; in wps_process_m5()
2882 if (wps->cred.auth_type & WPS_AUTH_WPA2PSK) in wps_sta_cred_cb()
2883 wps->cred.auth_type = WPS_AUTH_WPA2PSK; in wps_sta_cred_cb()
2884 else if (wps->cred.auth_type & WPS_AUTH_WPAPSK) in wps_sta_cred_cb()
2885 wps->cred.auth_type = WPS_AUTH_WPAPSK; in wps_sta_cred_cb()
2886 if (wps->cred.encr_type & WPS_ENCR_AES) in wps_sta_cred_cb()
2887 wps->cred.encr_type = WPS_ENCR_AES; in wps_sta_cred_cb()
2888 else if (wps->cred.encr_type & WPS_ENCR_TKIP) in wps_sta_cred_cb()
2889 wps->cred.encr_type = WPS_ENCR_TKIP; in wps_sta_cred_cb()
2892 if (wps->wps->cred_cb) in wps_sta_cred_cb()
2893 wps->wps->cred_cb(wps->wps->cb_ctx, &wps->cred); in wps_sta_cred_cb()
2900 os_memcpy(dst->ssid, src->ssid, sizeof(dst->ssid)); in wps_cred_update()
2901 dst->ssid_len = src->ssid_len; in wps_cred_update()
2902 dst->auth_type = src->auth_type; in wps_cred_update()
2903 dst->encr_type = src->encr_type; in wps_cred_update()
2904 dst->key_idx = src->key_idx; in wps_cred_update()
2905 os_memcpy(dst->key, src->key, sizeof(dst->key)); in wps_cred_update()
2906 dst->key_len = src->key_len; in wps_cred_update()
2915 if (wps->wps->ap || wps->er) in wps_process_ap_settings_r()
2919 if (wps_process_ap_settings(attr, &wps->cred) < 0) in wps_process_ap_settings_r()
2920 return -1; in wps_process_ap_settings_r()
2924 if (wps->new_ap_settings) { in wps_process_ap_settings_r()
2927 wps_cred_update(&wps->cred, wps->new_ap_settings); in wps_process_ap_settings_r()
2931 * Use the AP PIN only to receive the current AP settings, not in wps_process_ap_settings_r()
2939 wps_registrar_pin_completed(wps->wps->registrar); in wps_process_ap_settings_r()
2943 return -1; in wps_process_ap_settings_r()
2944 wps->cred.cred_attr = wpabuf_head(msg); in wps_process_ap_settings_r()
2945 wps->cred.cred_attr_len = wpabuf_len(msg); in wps_process_ap_settings_r()
2947 if (wps->ap_settings_cb) { in wps_process_ap_settings_r()
2948 wps->ap_settings_cb(wps->ap_settings_cb_ctx, in wps_process_ap_settings_r()
2949 &wps->cred); in wps_process_ap_settings_r()
2955 wps->cred.cred_attr = NULL; in wps_process_ap_settings_r()
2956 wps->cred.cred_attr_len = 0; in wps_process_ap_settings_r()
2973 if (wps->state != RECV_M7) { in wps_process_m7()
2975 "receiving M7", wps->state); in wps_process_m7()
2976 wps->state = SEND_WSC_NACK; in wps_process_m7()
2980 if (wps->pbc && wps->wps->registrar->force_pbc_overlap && in wps_process_m7()
2984 wps->state = SEND_WSC_NACK; in wps_process_m7()
2985 wps->config_error = WPS_CFG_MULTIPLE_PBC_DETECTED; in wps_process_m7()
2989 if (wps_process_registrar_nonce(wps, attr->registrar_nonce) || in wps_process_m7()
2990 wps_process_authenticator(wps, attr->authenticator, msg)) { in wps_process_m7()
2991 wps->state = SEND_WSC_NACK; in wps_process_m7()
2995 decrypted = wps_decrypt_encr_settings(wps, attr->encr_settings, in wps_process_m7()
2996 attr->encr_settings_len); in wps_process_m7()
3000 wps->state = SEND_WSC_NACK; in wps_process_m7()
3004 if (wps_validate_m7_encr(decrypted, wps->wps->ap || wps->er, in wps_process_m7()
3005 attr->version2 != NULL) < 0) { in wps_process_m7()
3007 wps->state = SEND_WSC_NACK; in wps_process_m7()
3018 wps->state = SEND_WSC_NACK; in wps_process_m7()
3024 wps->state = SEND_M8; in wps_process_m7()
3042 wps->state = SEND_WSC_NACK; in wps_process_wsc_msg()
3048 os_memcmp(wps->nonce_r, attr.registrar_nonce, in wps_process_wsc_msg()
3059 if (wps->wps->wps_upnp && attr.mac_addr) { in wps_process_wsc_msg()
3061 wps_free_pending_msgs(wps->wps->upnp_msgs); in wps_process_wsc_msg()
3062 wps->wps->upnp_msgs = NULL; in wps_process_wsc_msg()
3065 wps->wps->wps_upnp, attr.mac_addr, in wps_process_wsc_msg()
3075 if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK) in wps_process_wsc_msg()
3076 wps_fail_event(wps->wps, WPS_M3, wps->config_error, in wps_process_wsc_msg()
3077 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_msg()
3083 if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK) in wps_process_wsc_msg()
3084 wps_fail_event(wps->wps, WPS_M5, wps->config_error, in wps_process_wsc_msg()
3085 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_msg()
3091 if (ret == WPS_FAILURE || wps->state == SEND_WSC_NACK) in wps_process_wsc_msg()
3092 wps_fail_event(wps->wps, WPS_M7, wps->config_error, in wps_process_wsc_msg()
3093 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_msg()
3104 wpabuf_free(wps->last_msg); in wps_process_wsc_msg()
3105 wps->last_msg = wpabuf_dup(msg); in wps_process_wsc_msg()
3134 if (wps->wps->wps_upnp && wps->ext_reg && wps->state == RECV_M2D_ACK && in wps_process_wsc_ack()
3135 upnp_wps_subscribers(wps->wps->wps_upnp)) { in wps_process_wsc_ack()
3136 if (wps->wps->upnp_msgs) in wps_process_wsc_ack()
3145 os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0) in wps_process_wsc_ack()
3152 os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) { in wps_process_wsc_ack()
3157 if (wps->state == RECV_M2D_ACK) { in wps_process_wsc_ack()
3159 if (wps->wps->wps_upnp && in wps_process_wsc_ack()
3160 upnp_wps_subscribers(wps->wps->wps_upnp)) { in wps_process_wsc_ack()
3161 if (wps->wps->upnp_msgs) in wps_process_wsc_ack()
3163 if (wps->ext_reg == 0) in wps_process_wsc_ack()
3164 wps->ext_reg = 1; in wps_process_wsc_ack()
3171 wpa_printf(MSG_DEBUG, "WPS: No more registrars available - " in wps_process_wsc_ack()
3188 old_state = wps->state; in wps_process_wsc_nack()
3189 wps->state = SEND_WSC_NACK; in wps_process_wsc_nack()
3206 if (wps->wps->wps_upnp && wps->ext_reg) { in wps_process_wsc_nack()
3214 os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0) in wps_process_wsc_nack()
3221 os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) { in wps_process_wsc_nack()
3238 wps_fail_event(wps->wps, WPS_M2, config_error, in wps_process_wsc_nack()
3239 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_nack()
3242 wps_fail_event(wps->wps, WPS_M4, config_error, in wps_process_wsc_nack()
3243 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_nack()
3246 wps_fail_event(wps->wps, WPS_M6, config_error, in wps_process_wsc_nack()
3247 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_nack()
3250 wps_fail_event(wps->wps, WPS_M8, config_error, in wps_process_wsc_nack()
3251 wps->error_indication, wps->mac_addr_e); in wps_process_wsc_nack()
3268 if (wps->state != RECV_DONE && in wps_process_wsc_done()
3269 (!wps->wps->wps_upnp || !wps->ext_reg)) { in wps_process_wsc_done()
3271 "receiving WSC_Done", wps->state); in wps_process_wsc_done()
3290 if (wps->wps->wps_upnp && wps->ext_reg) { in wps_process_wsc_done()
3293 wps_device_store(wps->wps->registrar, &wps->peer_dev, in wps_process_wsc_done()
3294 wps->uuid_e); in wps_process_wsc_done()
3300 os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0) in wps_process_wsc_done()
3307 os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) { in wps_process_wsc_done()
3313 wps_device_store(wps->wps->registrar, &wps->peer_dev, in wps_process_wsc_done()
3314 wps->uuid_e); in wps_process_wsc_done()
3316 if (wps->wps->wps_state == WPS_STATE_NOT_CONFIGURED && wps->new_psk && in wps_process_wsc_done()
3317 wps->wps->ap && !wps->wps->registrar->disable_auto_conf) { in wps_process_wsc_done()
3324 os_memcpy(cred.ssid, wps->wps->ssid, wps->wps->ssid_len); in wps_process_wsc_done()
3325 cred.ssid_len = wps->wps->ssid_len; in wps_process_wsc_done()
3326 if (wps->wps->rf_band_cb(wps->wps->cb_ctx) == WPS_RF_60GHZ) { in wps_process_wsc_done()
3333 os_memcpy(cred.key, wps->new_psk, wps->new_psk_len); in wps_process_wsc_done()
3334 cred.key_len = wps->new_psk_len; in wps_process_wsc_done()
3336 wps->wps->wps_state = WPS_STATE_CONFIGURED; in wps_process_wsc_done()
3339 wps->new_psk, wps->new_psk_len); in wps_process_wsc_done()
3340 if (wps->wps->cred_cb) in wps_process_wsc_done()
3341 wps->wps->cred_cb(wps->wps->cb_ctx, &cred); in wps_process_wsc_done()
3343 os_free(wps->new_psk); in wps_process_wsc_done()
3344 wps->new_psk = NULL; in wps_process_wsc_done()
3347 if (!wps->wps->ap && !wps->er) in wps_process_wsc_done()
3350 if (wps->new_psk) { in wps_process_wsc_done()
3351 if (wps_cb_new_psk(wps->wps->registrar, wps->mac_addr_e, in wps_process_wsc_done()
3352 wps->p2p_dev_addr, wps->new_psk, in wps_process_wsc_done()
3353 wps->new_psk_len)) { in wps_process_wsc_done()
3357 os_free(wps->new_psk); in wps_process_wsc_done()
3358 wps->new_psk = NULL; in wps_process_wsc_done()
3361 wps_cb_reg_success(wps->wps->registrar, wps->mac_addr_e, wps->uuid_e, in wps_process_wsc_done()
3362 wps->dev_password, wps->dev_password_len); in wps_process_wsc_done()
3364 if (wps->pbc) { in wps_process_wsc_done()
3365 wps_registrar_remove_pbc_session(wps->wps->registrar, in wps_process_wsc_done()
3366 wps->uuid_e, in wps_process_wsc_done()
3367 wps->p2p_dev_addr); in wps_process_wsc_done()
3368 wps_registrar_pbc_completed(wps->wps->registrar); in wps_process_wsc_done()
3370 os_get_reltime(&wps->wps->registrar->pbc_ignore_start); in wps_process_wsc_done()
3372 os_memcpy(wps->wps->registrar->pbc_ignore_uuid, wps->uuid_e, in wps_process_wsc_done()
3375 wps_registrar_pin_completed(wps->wps->registrar); in wps_process_wsc_done()
3380 wps_success_event(wps->wps, wps->mac_addr_e); in wps_process_wsc_done()
3397 if (wps->wps->wps_upnp && op_code == WSC_MSG && wps->ext_reg == 1) { in wps_registrar_process_msg()
3401 wps->ext_reg = 2; /* past M2/M2D phase */ in wps_registrar_process_msg()
3403 if (wps->ext_reg > 1) in wps_registrar_process_msg()
3404 wps_registrar_free_pending_m2(wps->wps); in wps_registrar_process_msg()
3405 if (wps->wps->wps_upnp && wps->ext_reg && in wps_registrar_process_msg()
3406 wps->wps->upnp_msgs == NULL && in wps_registrar_process_msg()
3412 type = -1; in wps_registrar_process_msg()
3417 upnp_wps_device_send_wlan_event(wps->wps->wps_upnp, in wps_registrar_process_msg()
3418 wps->mac_addr_e, in wps_registrar_process_msg()
3423 } else if (wps->wps->wps_upnp && wps->ext_reg && op_code == WSC_MSG) { in wps_registrar_process_msg()
3424 wpa_printf(MSG_DEBUG, "WPS: Skip internal processing - using " in wps_registrar_process_msg()
3446 wps->state = SEND_WSC_NACK; in wps_registrar_process_msg()
3447 wps_fail_event(wps->wps, WPS_WSC_DONE, in wps_registrar_process_msg()
3448 wps->config_error, in wps_registrar_process_msg()
3449 wps->error_indication, wps->mac_addr_e); in wps_registrar_process_msg()
3470 wpa_printf(MSG_DEBUG, "WPS: Selected Registrar timeout - " in wps_registrar_set_selected_timeout()
3472 reg->selected_registrar = 0; in wps_registrar_set_selected_timeout()
3473 reg->pbc = 0; in wps_registrar_set_selected_timeout()
3486 s->dev_password_id, s->config_methods); in wps_registrar_sel_reg_add()
3487 reg->sel_reg_union = 1; in wps_registrar_sel_reg_add()
3488 if (reg->sel_reg_dev_password_id_override != DEV_PW_PUSHBUTTON) in wps_registrar_sel_reg_add()
3489 reg->sel_reg_dev_password_id_override = s->dev_password_id; in wps_registrar_sel_reg_add()
3490 if (reg->sel_reg_config_methods_override == -1) in wps_registrar_sel_reg_add()
3491 reg->sel_reg_config_methods_override = 0; in wps_registrar_sel_reg_add()
3492 reg->sel_reg_config_methods_override |= s->config_methods; in wps_registrar_sel_reg_add()
3494 if (is_zero_ether_addr(reg->authorized_macs_union[i])) in wps_registrar_sel_reg_add()
3498 if (is_zero_ether_addr(s->authorized_macs[j])) in wps_registrar_sel_reg_add()
3501 MACSTR, MAC2STR(s->authorized_macs[j])); in wps_registrar_sel_reg_add()
3502 os_memcpy(reg->authorized_macs_union[i], in wps_registrar_sel_reg_add()
3503 s->authorized_macs[j], ETH_ALEN); in wps_registrar_sel_reg_add()
3507 (u8 *) reg->authorized_macs_union, in wps_registrar_sel_reg_add()
3508 sizeof(reg->authorized_macs_union)); in wps_registrar_sel_reg_add()
3518 if (reg->wps->wps_upnp == NULL) in wps_registrar_sel_reg_union()
3521 dl_list_for_each(s, ®->wps->wps_upnp->subscriptions, in wps_registrar_sel_reg_union()
3524 sa = dl_list_first(&s->addr_list, struct subscr_addr, list); in wps_registrar_sel_reg_union()
3527 inet_ntoa(sa->saddr.sin_addr), in wps_registrar_sel_reg_union()
3528 ntohs(sa->saddr.sin_port)); in wps_registrar_sel_reg_union()
3530 if (s->selected_registrar) in wps_registrar_sel_reg_union()
3541 * wps_registrar_selected_registrar_changed - SetSelectedRegistrar change
3552 reg->sel_reg_union = reg->selected_registrar; in wps_registrar_selected_registrar_changed()
3553 reg->sel_reg_dev_password_id_override = -1; in wps_registrar_selected_registrar_changed()
3554 reg->sel_reg_config_methods_override = -1; in wps_registrar_selected_registrar_changed()
3555 os_memcpy(reg->authorized_macs_union, reg->authorized_macs, in wps_registrar_selected_registrar_changed()
3558 (u8 *) reg->authorized_macs_union, in wps_registrar_selected_registrar_changed()
3559 sizeof(reg->authorized_macs_union)); in wps_registrar_selected_registrar_changed()
3560 if (reg->selected_registrar) { in wps_registrar_selected_registrar_changed()
3563 methods = reg->wps->config_methods & ~WPS_CONFIG_PUSHBUTTON; in wps_registrar_selected_registrar_changed()
3566 if (reg->pbc) { in wps_registrar_selected_registrar_changed()
3567 reg->sel_reg_dev_password_id_override = in wps_registrar_selected_registrar_changed()
3569 wps_set_pushbutton(&methods, reg->wps->config_methods); in wps_registrar_selected_registrar_changed()
3571 reg->sel_reg_dev_password_id_override = dev_pw_id; in wps_registrar_selected_registrar_changed()
3573 "(pbc=%d)", reg->pbc); in wps_registrar_selected_registrar_changed()
3574 reg->sel_reg_config_methods_override = methods; in wps_registrar_selected_registrar_changed()
3596 if (uuid_bin2str(d->uuid, uuid, sizeof(uuid))) in wps_registrar_get_info()
3599 ret = os_snprintf(buf + len, buflen - len, in wps_registrar_get_info()
3608 wps_dev_type_bin2str(d->dev.pri_dev_type, devtype, in wps_registrar_get_info()
3610 d->dev.device_name ? d->dev.device_name : "", in wps_registrar_get_info()
3611 d->dev.manufacturer ? d->dev.manufacturer : "", in wps_registrar_get_info()
3612 d->dev.model_name ? d->dev.model_name : "", in wps_registrar_get_info()
3613 d->dev.model_number ? d->dev.model_number : "", in wps_registrar_get_info()
3614 d->dev.serial_number ? d->dev.serial_number : ""); in wps_registrar_get_info()
3615 if (os_snprintf_error(buflen - len, ret)) in wps_registrar_get_info()
3626 wpa_printf(MSG_DEBUG, "WPS: encr_type=0x%x", cred->encr_type); in wps_registrar_config_ap()
3627 if (!(cred->encr_type & (WPS_ENCR_NONE | WPS_ENCR_TKIP | in wps_registrar_config_ap()
3629 if (cred->encr_type & WPS_ENCR_WEP) { in wps_registrar_config_ap()
3632 return -1; in wps_registrar_config_ap()
3636 "invalid encr_type 0x%x", cred->encr_type); in wps_registrar_config_ap()
3637 return -1; in wps_registrar_config_ap()
3640 if ((cred->encr_type & (WPS_ENCR_TKIP | WPS_ENCR_AES)) == in wps_registrar_config_ap()
3642 wpa_printf(MSG_DEBUG, "WPS: Upgrade encr_type TKIP -> " in wps_registrar_config_ap()
3644 cred->encr_type |= WPS_ENCR_AES; in wps_registrar_config_ap()
3647 if ((cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK)) == in wps_registrar_config_ap()
3649 wpa_printf(MSG_DEBUG, "WPS: Upgrade auth_type WPAPSK -> " in wps_registrar_config_ap()
3651 cred->auth_type |= WPS_AUTH_WPA2PSK; in wps_registrar_config_ap()
3654 if (reg->wps->cred_cb) in wps_registrar_config_ap()
3655 return reg->wps->cred_cb(reg->wps->cb_ctx, cred); in wps_registrar_config_ap()
3657 return -1; in wps_registrar_config_ap()
3668 os_memcpy(reg->multi_ap_backhaul_ssid, in wps_registrar_update_multi_ap()
3670 reg->multi_ap_backhaul_ssid_len = multi_ap_backhaul_ssid_len; in wps_registrar_update_multi_ap()
3673 os_free(reg->multi_ap_backhaul_network_key); in wps_registrar_update_multi_ap()
3674 reg->multi_ap_backhaul_network_key = NULL; in wps_registrar_update_multi_ap()
3675 reg->multi_ap_backhaul_network_key_len = 0; in wps_registrar_update_multi_ap()
3677 reg->multi_ap_backhaul_network_key = in wps_registrar_update_multi_ap()
3680 if (!reg->multi_ap_backhaul_network_key) in wps_registrar_update_multi_ap()
3681 return -1; in wps_registrar_update_multi_ap()
3682 reg->multi_ap_backhaul_network_key_len = in wps_registrar_update_multi_ap()
3700 return -1; in wps_registrar_add_nfc_pw_token()
3705 "addition - missing public key hash"); in wps_registrar_add_nfc_pw_token()
3706 return -1; in wps_registrar_add_nfc_pw_token()
3709 wps_free_nfc_pw_tokens(®->nfc_pw_tokens, pw_id); in wps_registrar_add_nfc_pw_token()
3713 return -1; in wps_registrar_add_nfc_pw_token()
3715 token->peer_pk_hash_known = pubkey_hash != NULL; in wps_registrar_add_nfc_pw_token()
3717 os_memcpy(token->pubkey_hash, pubkey_hash, in wps_registrar_add_nfc_pw_token()
3719 token->pw_id = pw_id; in wps_registrar_add_nfc_pw_token()
3720 token->pk_hash_provided_oob = pk_hash_provided_oob; in wps_registrar_add_nfc_pw_token()
3722 wpa_snprintf_hex_uppercase((char *) token->dev_pw, in wps_registrar_add_nfc_pw_token()
3723 sizeof(token->dev_pw), in wps_registrar_add_nfc_pw_token()
3725 token->dev_pw_len = dev_pw_len * 2; in wps_registrar_add_nfc_pw_token()
3728 dl_list_add(®->nfc_pw_tokens, &token->list); in wps_registrar_add_nfc_pw_token()
3730 reg->selected_registrar = 1; in wps_registrar_add_nfc_pw_token()
3731 reg->pbc = 0; in wps_registrar_add_nfc_pw_token()
3758 return -1; in wps_registrar_add_nfc_password_token()
3764 dev_pw_len = oob_dev_pw + oob_dev_pw_len - dev_pw; in wps_registrar_add_nfc_password_token()
3790 if (token->peer_pk_hash_known) in wps_registrar_remove_nfc_pw_token()