1 /* 2 * hostapd / DPP integration 3 * Copyright (c) 2017, Qualcomm Atheros, Inc. 4 * Copyright (c) 2018-2020, The Linux Foundation 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "common/dpp.h" 15 #include "common/gas.h" 16 #include "common/wpa_ctrl.h" 17 #include "hostapd.h" 18 #include "ap_drv_ops.h" 19 #include "gas_query_ap.h" 20 #include "gas_serv.h" 21 #include "wpa_auth.h" 22 #include "dpp_hostapd.h" 23 24 25 static void hostapd_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx); 26 static void hostapd_dpp_auth_conf_wait_timeout(void *eloop_ctx, 27 void *timeout_ctx); 28 static void hostapd_dpp_auth_success(struct hostapd_data *hapd, int initiator); 29 static void hostapd_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx); 30 static int hostapd_dpp_auth_init_next(struct hostapd_data *hapd); 31 #ifdef CONFIG_DPP2 32 static void hostapd_dpp_reconfig_reply_wait_timeout(void *eloop_ctx, 33 void *timeout_ctx); 34 static void hostapd_dpp_handle_config_obj(struct hostapd_data *hapd, 35 struct dpp_authentication *auth, 36 struct dpp_config_obj *conf); 37 #endif /* CONFIG_DPP2 */ 38 39 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 40 41 42 /** 43 * hostapd_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code 44 * @hapd: Pointer to hostapd_data 45 * @cmd: DPP URI read from a QR Code 46 * Returns: Identifier of the stored info or -1 on failure 47 */ 48 int hostapd_dpp_qr_code(struct hostapd_data *hapd, const char *cmd) 49 { 50 struct dpp_bootstrap_info *bi; 51 struct dpp_authentication *auth = hapd->dpp_auth; 52 53 bi = dpp_add_qr_code(hapd->iface->interfaces->dpp, cmd); 54 if (!bi) 55 return -1; 56 57 if (auth && auth->response_pending && 58 dpp_notify_new_qr_code(auth, bi) == 1) { 59 wpa_printf(MSG_DEBUG, 60 "DPP: Sending out pending authentication response"); 61 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 62 " freq=%u type=%d", 63 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 64 DPP_PA_AUTHENTICATION_RESP); 65 hostapd_drv_send_action(hapd, auth->curr_freq, 0, 66 auth->peer_mac_addr, 67 wpabuf_head(hapd->dpp_auth->resp_msg), 68 wpabuf_len(hapd->dpp_auth->resp_msg)); 69 } 70 71 #ifdef CONFIG_DPP2 72 dpp_controller_new_qr_code(hapd->iface->interfaces->dpp, bi); 73 #endif /* CONFIG_DPP2 */ 74 75 return bi->id; 76 } 77 78 79 /** 80 * hostapd_dpp_nfc_uri - Parse and add DPP bootstrapping info from NFC Tag (URI) 81 * @hapd: Pointer to hostapd_data 82 * @cmd: DPP URI read from a NFC Tag (URI NDEF message) 83 * Returns: Identifier of the stored info or -1 on failure 84 */ 85 int hostapd_dpp_nfc_uri(struct hostapd_data *hapd, const char *cmd) 86 { 87 struct dpp_bootstrap_info *bi; 88 89 bi = dpp_add_nfc_uri(hapd->iface->interfaces->dpp, cmd); 90 if (!bi) 91 return -1; 92 93 return bi->id; 94 } 95 96 97 int hostapd_dpp_nfc_handover_req(struct hostapd_data *hapd, const char *cmd) 98 { 99 const char *pos; 100 struct dpp_bootstrap_info *peer_bi, *own_bi; 101 102 pos = os_strstr(cmd, " own="); 103 if (!pos) 104 return -1; 105 pos += 5; 106 own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos)); 107 if (!own_bi) 108 return -1; 109 110 pos = os_strstr(cmd, " uri="); 111 if (!pos) 112 return -1; 113 pos += 5; 114 peer_bi = dpp_add_nfc_uri(hapd->iface->interfaces->dpp, pos); 115 if (!peer_bi) { 116 wpa_printf(MSG_INFO, 117 "DPP: Failed to parse URI from NFC Handover Request"); 118 return -1; 119 } 120 121 if (dpp_nfc_update_bi(own_bi, peer_bi) < 0) 122 return -1; 123 124 return peer_bi->id; 125 } 126 127 128 int hostapd_dpp_nfc_handover_sel(struct hostapd_data *hapd, const char *cmd) 129 { 130 const char *pos; 131 struct dpp_bootstrap_info *peer_bi, *own_bi; 132 133 pos = os_strstr(cmd, " own="); 134 if (!pos) 135 return -1; 136 pos += 5; 137 own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos)); 138 if (!own_bi) 139 return -1; 140 141 pos = os_strstr(cmd, " uri="); 142 if (!pos) 143 return -1; 144 pos += 5; 145 peer_bi = dpp_add_nfc_uri(hapd->iface->interfaces->dpp, pos); 146 if (!peer_bi) { 147 wpa_printf(MSG_INFO, 148 "DPP: Failed to parse URI from NFC Handover Select"); 149 return -1; 150 } 151 152 if (peer_bi->curve != own_bi->curve) { 153 wpa_printf(MSG_INFO, 154 "DPP: Peer (NFC Handover Selector) used different curve"); 155 return -1; 156 } 157 158 return peer_bi->id; 159 } 160 161 162 static void hostapd_dpp_auth_resp_retry_timeout(void *eloop_ctx, 163 void *timeout_ctx) 164 { 165 struct hostapd_data *hapd = eloop_ctx; 166 struct dpp_authentication *auth = hapd->dpp_auth; 167 168 if (!auth || !auth->resp_msg) 169 return; 170 171 wpa_printf(MSG_DEBUG, 172 "DPP: Retry Authentication Response after timeout"); 173 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 174 " freq=%u type=%d", 175 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 176 DPP_PA_AUTHENTICATION_RESP); 177 hostapd_drv_send_action(hapd, auth->curr_freq, 500, auth->peer_mac_addr, 178 wpabuf_head(auth->resp_msg), 179 wpabuf_len(auth->resp_msg)); 180 } 181 182 183 static void hostapd_dpp_auth_resp_retry(struct hostapd_data *hapd) 184 { 185 struct dpp_authentication *auth = hapd->dpp_auth; 186 unsigned int wait_time, max_tries; 187 188 if (!auth || !auth->resp_msg) 189 return; 190 191 if (hapd->dpp_resp_max_tries) 192 max_tries = hapd->dpp_resp_max_tries; 193 else 194 max_tries = 5; 195 auth->auth_resp_tries++; 196 if (auth->auth_resp_tries >= max_tries) { 197 wpa_printf(MSG_INFO, 198 "DPP: No confirm received from initiator - stopping exchange"); 199 hostapd_drv_send_action_cancel_wait(hapd); 200 dpp_auth_deinit(hapd->dpp_auth); 201 hapd->dpp_auth = NULL; 202 return; 203 } 204 205 if (hapd->dpp_resp_retry_time) 206 wait_time = hapd->dpp_resp_retry_time; 207 else 208 wait_time = 1000; 209 wpa_printf(MSG_DEBUG, 210 "DPP: Schedule retransmission of Authentication Response frame in %u ms", 211 wait_time); 212 eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); 213 eloop_register_timeout(wait_time / 1000, 214 (wait_time % 1000) * 1000, 215 hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); 216 } 217 218 219 void hostapd_dpp_tx_status(struct hostapd_data *hapd, const u8 *dst, 220 const u8 *data, size_t data_len, int ok) 221 { 222 struct dpp_authentication *auth = hapd->dpp_auth; 223 224 wpa_printf(MSG_DEBUG, "DPP: TX status: dst=" MACSTR " ok=%d", 225 MAC2STR(dst), ok); 226 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 227 " result=%s", MAC2STR(dst), ok ? "SUCCESS" : "FAILED"); 228 229 if (!hapd->dpp_auth) { 230 wpa_printf(MSG_DEBUG, 231 "DPP: Ignore TX status since there is no ongoing authentication exchange"); 232 return; 233 } 234 235 #ifdef CONFIG_DPP2 236 if (auth->connect_on_tx_status) { 237 wpa_printf(MSG_DEBUG, 238 "DPP: Complete exchange on configuration result"); 239 dpp_auth_deinit(hapd->dpp_auth); 240 hapd->dpp_auth = NULL; 241 return; 242 } 243 #endif /* CONFIG_DPP2 */ 244 245 if (hapd->dpp_auth->remove_on_tx_status) { 246 wpa_printf(MSG_DEBUG, 247 "DPP: Terminate authentication exchange due to an earlier error"); 248 eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); 249 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, 250 hapd, NULL); 251 eloop_cancel_timeout(hostapd_dpp_auth_conf_wait_timeout, 252 hapd, NULL); 253 eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, 254 NULL); 255 #ifdef CONFIG_DPP2 256 eloop_cancel_timeout(hostapd_dpp_reconfig_reply_wait_timeout, 257 hapd, NULL); 258 #endif /* CONFIG_DPP2 */ 259 hostapd_drv_send_action_cancel_wait(hapd); 260 dpp_auth_deinit(hapd->dpp_auth); 261 hapd->dpp_auth = NULL; 262 return; 263 } 264 265 if (hapd->dpp_auth_ok_on_ack) 266 hostapd_dpp_auth_success(hapd, 1); 267 268 if (!is_broadcast_ether_addr(dst) && !ok) { 269 wpa_printf(MSG_DEBUG, 270 "DPP: Unicast DPP Action frame was not ACKed"); 271 if (auth->waiting_auth_resp) { 272 /* In case of DPP Authentication Request frame, move to 273 * the next channel immediately. */ 274 hostapd_drv_send_action_cancel_wait(hapd); 275 hostapd_dpp_auth_init_next(hapd); 276 return; 277 } 278 if (auth->waiting_auth_conf) { 279 hostapd_dpp_auth_resp_retry(hapd); 280 return; 281 } 282 } 283 284 if (auth->waiting_auth_conf && 285 auth->auth_resp_status == DPP_STATUS_OK) { 286 /* Make sure we do not get stuck waiting for Auth Confirm 287 * indefinitely after successfully transmitted Auth Response to 288 * allow new authentication exchanges to be started. */ 289 eloop_cancel_timeout(hostapd_dpp_auth_conf_wait_timeout, hapd, 290 NULL); 291 eloop_register_timeout(1, 0, hostapd_dpp_auth_conf_wait_timeout, 292 hapd, NULL); 293 } 294 295 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp && ok) { 296 /* Allow timeout handling to stop iteration if no response is 297 * received from a peer that has ACKed a request. */ 298 auth->auth_req_ack = 1; 299 } 300 301 if (!hapd->dpp_auth_ok_on_ack && hapd->dpp_auth->neg_freq > 0 && 302 hapd->dpp_auth->curr_freq != hapd->dpp_auth->neg_freq) { 303 wpa_printf(MSG_DEBUG, 304 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response", 305 hapd->dpp_auth->curr_freq, 306 hapd->dpp_auth->neg_freq); 307 hostapd_drv_send_action_cancel_wait(hapd); 308 309 if (hapd->dpp_auth->neg_freq != 310 (unsigned int) hapd->iface->freq && hapd->iface->freq > 0) { 311 /* TODO: Listen operation on non-operating channel */ 312 wpa_printf(MSG_INFO, 313 "DPP: Listen operation on non-operating channel (%d MHz) is not yet supported (operating channel: %d MHz)", 314 hapd->dpp_auth->neg_freq, hapd->iface->freq); 315 } 316 } 317 318 if (hapd->dpp_auth_ok_on_ack) 319 hapd->dpp_auth_ok_on_ack = 0; 320 } 321 322 323 static void hostapd_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx) 324 { 325 struct hostapd_data *hapd = eloop_ctx; 326 struct dpp_authentication *auth = hapd->dpp_auth; 327 unsigned int freq; 328 struct os_reltime now, diff; 329 unsigned int wait_time, diff_ms; 330 331 if (!auth || !auth->waiting_auth_resp) 332 return; 333 334 wait_time = hapd->dpp_resp_wait_time ? 335 hapd->dpp_resp_wait_time : 2000; 336 os_get_reltime(&now); 337 os_reltime_sub(&now, &hapd->dpp_last_init, &diff); 338 diff_ms = diff.sec * 1000 + diff.usec / 1000; 339 wpa_printf(MSG_DEBUG, 340 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u", 341 wait_time, diff_ms); 342 343 if (auth->auth_req_ack && diff_ms >= wait_time) { 344 /* Peer ACK'ed Authentication Request frame, but did not reply 345 * with Authentication Response frame within two seconds. */ 346 wpa_printf(MSG_INFO, 347 "DPP: No response received from responder - stopping initiation attempt"); 348 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); 349 hostapd_drv_send_action_cancel_wait(hapd); 350 hostapd_dpp_listen_stop(hapd); 351 dpp_auth_deinit(auth); 352 hapd->dpp_auth = NULL; 353 return; 354 } 355 356 if (diff_ms >= wait_time) { 357 /* Authentication Request frame was not ACK'ed and no reply 358 * was receiving within two seconds. */ 359 wpa_printf(MSG_DEBUG, 360 "DPP: Continue Initiator channel iteration"); 361 hostapd_drv_send_action_cancel_wait(hapd); 362 hostapd_dpp_listen_stop(hapd); 363 hostapd_dpp_auth_init_next(hapd); 364 return; 365 } 366 367 /* Driver did not support 2000 ms long wait_time with TX command, so 368 * schedule listen operation to continue waiting for the response. 369 * 370 * DPP listen operations continue until stopped, so simply schedule a 371 * new call to this function at the point when the two second reply 372 * wait has expired. */ 373 wait_time -= diff_ms; 374 375 freq = auth->curr_freq; 376 if (auth->neg_freq > 0) 377 freq = auth->neg_freq; 378 wpa_printf(MSG_DEBUG, 379 "DPP: Continue reply wait on channel %u MHz for %u ms", 380 freq, wait_time); 381 hapd->dpp_in_response_listen = 1; 382 383 if (freq != (unsigned int) hapd->iface->freq && hapd->iface->freq > 0) { 384 /* TODO: Listen operation on non-operating channel */ 385 wpa_printf(MSG_INFO, 386 "DPP: Listen operation on non-operating channel (%d MHz) is not yet supported (operating channel: %d MHz)", 387 freq, hapd->iface->freq); 388 } 389 390 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 391 hostapd_dpp_reply_wait_timeout, hapd, NULL); 392 } 393 394 395 static void hostapd_dpp_auth_conf_wait_timeout(void *eloop_ctx, 396 void *timeout_ctx) 397 { 398 struct hostapd_data *hapd = eloop_ctx; 399 struct dpp_authentication *auth = hapd->dpp_auth; 400 401 if (!auth || !auth->waiting_auth_conf) 402 return; 403 404 wpa_printf(MSG_DEBUG, 405 "DPP: Terminate authentication exchange due to Auth Confirm timeout"); 406 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 407 "No Auth Confirm received"); 408 hostapd_drv_send_action_cancel_wait(hapd); 409 dpp_auth_deinit(auth); 410 hapd->dpp_auth = NULL; 411 } 412 413 414 static void hostapd_dpp_set_testing_options(struct hostapd_data *hapd, 415 struct dpp_authentication *auth) 416 { 417 #ifdef CONFIG_TESTING_OPTIONS 418 if (hapd->dpp_config_obj_override) 419 auth->config_obj_override = 420 os_strdup(hapd->dpp_config_obj_override); 421 if (hapd->dpp_discovery_override) 422 auth->discovery_override = 423 os_strdup(hapd->dpp_discovery_override); 424 if (hapd->dpp_groups_override) 425 auth->groups_override = os_strdup(hapd->dpp_groups_override); 426 auth->ignore_netaccesskey_mismatch = 427 hapd->dpp_ignore_netaccesskey_mismatch; 428 #endif /* CONFIG_TESTING_OPTIONS */ 429 } 430 431 432 static void hostapd_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx) 433 { 434 struct hostapd_data *hapd = eloop_ctx; 435 436 if (!hapd->dpp_auth) 437 return; 438 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout"); 439 hostapd_dpp_auth_init_next(hapd); 440 } 441 442 443 static int hostapd_dpp_auth_init_next(struct hostapd_data *hapd) 444 { 445 struct dpp_authentication *auth = hapd->dpp_auth; 446 const u8 *dst; 447 unsigned int wait_time, max_wait_time, freq, max_tries, used; 448 struct os_reltime now, diff; 449 450 if (!auth) 451 return -1; 452 453 if (auth->freq_idx == 0) 454 os_get_reltime(&hapd->dpp_init_iter_start); 455 456 if (auth->freq_idx >= auth->num_freq) { 457 auth->num_freq_iters++; 458 if (hapd->dpp_init_max_tries) 459 max_tries = hapd->dpp_init_max_tries; 460 else 461 max_tries = 5; 462 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) { 463 wpa_printf(MSG_INFO, 464 "DPP: No response received from responder - stopping initiation attempt"); 465 wpa_msg(hapd->msg_ctx, MSG_INFO, 466 DPP_EVENT_AUTH_INIT_FAILED); 467 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, 468 hapd, NULL); 469 hostapd_drv_send_action_cancel_wait(hapd); 470 dpp_auth_deinit(hapd->dpp_auth); 471 hapd->dpp_auth = NULL; 472 return -1; 473 } 474 auth->freq_idx = 0; 475 eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); 476 if (hapd->dpp_init_retry_time) 477 wait_time = hapd->dpp_init_retry_time; 478 else 479 wait_time = 10000; 480 os_get_reltime(&now); 481 os_reltime_sub(&now, &hapd->dpp_init_iter_start, &diff); 482 used = diff.sec * 1000 + diff.usec / 1000; 483 if (used > wait_time) 484 wait_time = 0; 485 else 486 wait_time -= used; 487 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms", 488 wait_time); 489 eloop_register_timeout(wait_time / 1000, 490 (wait_time % 1000) * 1000, 491 hostapd_dpp_init_timeout, hapd, 492 NULL); 493 return 0; 494 } 495 freq = auth->freq[auth->freq_idx++]; 496 auth->curr_freq = freq; 497 498 if (!is_zero_ether_addr(auth->peer_mac_addr)) 499 dst = auth->peer_mac_addr; 500 else if (is_zero_ether_addr(auth->peer_bi->mac_addr)) 501 dst = broadcast; 502 else 503 dst = auth->peer_bi->mac_addr; 504 hapd->dpp_auth_ok_on_ack = 0; 505 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); 506 wait_time = 2000; /* TODO: hapd->max_remain_on_chan; */ 507 max_wait_time = hapd->dpp_resp_wait_time ? 508 hapd->dpp_resp_wait_time : 2000; 509 if (wait_time > max_wait_time) 510 wait_time = max_wait_time; 511 wait_time += 10; /* give the driver some extra time to complete */ 512 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 513 hostapd_dpp_reply_wait_timeout, hapd, NULL); 514 wait_time -= 10; 515 if (auth->neg_freq > 0 && freq != auth->neg_freq) { 516 wpa_printf(MSG_DEBUG, 517 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response", 518 freq, auth->neg_freq); 519 } 520 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 521 " freq=%u type=%d", 522 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ); 523 auth->auth_req_ack = 0; 524 os_get_reltime(&hapd->dpp_last_init); 525 return hostapd_drv_send_action(hapd, freq, wait_time, 526 dst, 527 wpabuf_head(hapd->dpp_auth->req_msg), 528 wpabuf_len(hapd->dpp_auth->req_msg)); 529 } 530 531 532 #ifdef CONFIG_DPP2 533 static int hostapd_dpp_process_conf_obj(void *ctx, 534 struct dpp_authentication *auth) 535 { 536 struct hostapd_data *hapd = ctx; 537 unsigned int i; 538 539 for (i = 0; i < auth->num_conf_obj; i++) 540 hostapd_dpp_handle_config_obj(hapd, auth, 541 &auth->conf_obj[i]); 542 543 return 0; 544 } 545 #endif /* CONFIG_DPP2 */ 546 547 548 int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) 549 { 550 const char *pos; 551 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; 552 struct dpp_authentication *auth; 553 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; 554 unsigned int neg_freq = 0; 555 int tcp = 0; 556 #ifdef CONFIG_DPP2 557 int tcp_port = DPP_TCP_PORT; 558 struct hostapd_ip_addr ipaddr; 559 char *addr; 560 #endif /* CONFIG_DPP2 */ 561 562 pos = os_strstr(cmd, " peer="); 563 if (!pos) 564 return -1; 565 pos += 6; 566 peer_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos)); 567 if (!peer_bi) { 568 wpa_printf(MSG_INFO, 569 "DPP: Could not find bootstrapping info for the identified peer"); 570 return -1; 571 } 572 573 #ifdef CONFIG_DPP2 574 pos = os_strstr(cmd, " tcp_port="); 575 if (pos) { 576 pos += 10; 577 tcp_port = atoi(pos); 578 } 579 580 addr = get_param(cmd, " tcp_addr="); 581 if (addr) { 582 int res; 583 584 res = hostapd_parse_ip_addr(addr, &ipaddr); 585 os_free(addr); 586 if (res) 587 return -1; 588 tcp = 1; 589 } 590 #endif /* CONFIG_DPP2 */ 591 592 pos = os_strstr(cmd, " own="); 593 if (pos) { 594 pos += 5; 595 own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, 596 atoi(pos)); 597 if (!own_bi) { 598 wpa_printf(MSG_INFO, 599 "DPP: Could not find bootstrapping info for the identified local entry"); 600 return -1; 601 } 602 603 if (peer_bi->curve != own_bi->curve) { 604 wpa_printf(MSG_INFO, 605 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)", 606 peer_bi->curve->name, own_bi->curve->name); 607 return -1; 608 } 609 } 610 611 pos = os_strstr(cmd, " role="); 612 if (pos) { 613 pos += 6; 614 if (os_strncmp(pos, "configurator", 12) == 0) 615 allowed_roles = DPP_CAPAB_CONFIGURATOR; 616 else if (os_strncmp(pos, "enrollee", 8) == 0) 617 allowed_roles = DPP_CAPAB_ENROLLEE; 618 else if (os_strncmp(pos, "either", 6) == 0) 619 allowed_roles = DPP_CAPAB_CONFIGURATOR | 620 DPP_CAPAB_ENROLLEE; 621 else 622 goto fail; 623 } 624 625 pos = os_strstr(cmd, " neg_freq="); 626 if (pos) 627 neg_freq = atoi(pos + 10); 628 629 if (!tcp && hapd->dpp_auth) { 630 eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); 631 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, 632 hapd, NULL); 633 eloop_cancel_timeout(hostapd_dpp_auth_conf_wait_timeout, 634 hapd, NULL); 635 eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, 636 NULL); 637 #ifdef CONFIG_DPP2 638 eloop_cancel_timeout(hostapd_dpp_reconfig_reply_wait_timeout, 639 hapd, NULL); 640 #endif /* CONFIG_DPP2 */ 641 hostapd_drv_send_action_cancel_wait(hapd); 642 dpp_auth_deinit(hapd->dpp_auth); 643 } 644 645 auth = dpp_auth_init(hapd->iface->interfaces->dpp, hapd->msg_ctx, 646 peer_bi, own_bi, allowed_roles, neg_freq, 647 hapd->iface->hw_features, 648 hapd->iface->num_hw_features); 649 if (!auth) 650 goto fail; 651 hostapd_dpp_set_testing_options(hapd, auth); 652 if (dpp_set_configurator(auth, cmd) < 0) { 653 dpp_auth_deinit(auth); 654 goto fail; 655 } 656 657 auth->neg_freq = neg_freq; 658 659 if (!is_zero_ether_addr(peer_bi->mac_addr)) 660 os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN); 661 662 #ifdef CONFIG_DPP2 663 if (tcp) 664 return dpp_tcp_init(hapd->iface->interfaces->dpp, auth, 665 &ipaddr, tcp_port, hapd->conf->dpp_name, 666 DPP_NETROLE_AP, hapd->msg_ctx, hapd, 667 hostapd_dpp_process_conf_obj); 668 #endif /* CONFIG_DPP2 */ 669 670 hapd->dpp_auth = auth; 671 return hostapd_dpp_auth_init_next(hapd); 672 fail: 673 return -1; 674 } 675 676 677 int hostapd_dpp_listen(struct hostapd_data *hapd, const char *cmd) 678 { 679 int freq; 680 681 freq = atoi(cmd); 682 if (freq <= 0) 683 return -1; 684 685 if (os_strstr(cmd, " role=configurator")) 686 hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR; 687 else if (os_strstr(cmd, " role=enrollee")) 688 hapd->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; 689 else 690 hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | 691 DPP_CAPAB_ENROLLEE; 692 hapd->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; 693 694 if (freq != hapd->iface->freq && hapd->iface->freq > 0) { 695 /* TODO: Listen operation on non-operating channel */ 696 wpa_printf(MSG_INFO, 697 "DPP: Listen operation on non-operating channel (%d MHz) is not yet supported (operating channel: %d MHz)", 698 freq, hapd->iface->freq); 699 return -1; 700 } 701 702 hostapd_drv_dpp_listen(hapd, true); 703 return 0; 704 } 705 706 707 void hostapd_dpp_listen_stop(struct hostapd_data *hapd) 708 { 709 hostapd_drv_dpp_listen(hapd, false); 710 /* TODO: Stop listen operation on non-operating channel */ 711 } 712 713 714 static void hostapd_dpp_rx_auth_req(struct hostapd_data *hapd, const u8 *src, 715 const u8 *hdr, const u8 *buf, size_t len, 716 unsigned int freq) 717 { 718 const u8 *r_bootstrap, *i_bootstrap; 719 u16 r_bootstrap_len, i_bootstrap_len; 720 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL; 721 722 if (!hapd->iface->interfaces->dpp) 723 return; 724 725 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR, 726 MAC2STR(src)); 727 728 #ifdef CONFIG_DPP2 729 hostapd_dpp_chirp_stop(hapd); 730 #endif /* CONFIG_DPP2 */ 731 732 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, 733 &r_bootstrap_len); 734 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { 735 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 736 "Missing or invalid required Responder Bootstrapping Key Hash attribute"); 737 return; 738 } 739 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", 740 r_bootstrap, r_bootstrap_len); 741 742 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH, 743 &i_bootstrap_len); 744 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) { 745 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 746 "Missing or invalid required Initiator Bootstrapping Key Hash attribute"); 747 return; 748 } 749 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash", 750 i_bootstrap, i_bootstrap_len); 751 752 /* Try to find own and peer bootstrapping key matches based on the 753 * received hash values */ 754 dpp_bootstrap_find_pair(hapd->iface->interfaces->dpp, i_bootstrap, 755 r_bootstrap, &own_bi, &peer_bi); 756 #ifdef CONFIG_DPP2 757 if (!own_bi) { 758 if (dpp_relay_rx_action(hapd->iface->interfaces->dpp, 759 src, hdr, buf, len, freq, i_bootstrap, 760 r_bootstrap, hapd) == 0) 761 return; 762 } 763 #endif /* CONFIG_DPP2 */ 764 if (!own_bi) { 765 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 766 "No matching own bootstrapping key found - ignore message"); 767 return; 768 } 769 770 if (hapd->dpp_auth) { 771 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 772 "Already in DPP authentication exchange - ignore new one"); 773 return; 774 } 775 776 hapd->dpp_auth_ok_on_ack = 0; 777 hapd->dpp_auth = dpp_auth_req_rx(hapd->iface->interfaces->dpp, 778 hapd->msg_ctx, hapd->dpp_allowed_roles, 779 hapd->dpp_qr_mutual, 780 peer_bi, own_bi, freq, hdr, buf, len); 781 if (!hapd->dpp_auth) { 782 wpa_printf(MSG_DEBUG, "DPP: No response generated"); 783 return; 784 } 785 hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); 786 if (dpp_set_configurator(hapd->dpp_auth, 787 hapd->dpp_configurator_params) < 0) { 788 dpp_auth_deinit(hapd->dpp_auth); 789 hapd->dpp_auth = NULL; 790 return; 791 } 792 os_memcpy(hapd->dpp_auth->peer_mac_addr, src, ETH_ALEN); 793 794 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 795 " freq=%u type=%d", 796 MAC2STR(src), hapd->dpp_auth->curr_freq, 797 DPP_PA_AUTHENTICATION_RESP); 798 hostapd_drv_send_action(hapd, hapd->dpp_auth->curr_freq, 0, 799 src, wpabuf_head(hapd->dpp_auth->resp_msg), 800 wpabuf_len(hapd->dpp_auth->resp_msg)); 801 } 802 803 804 static void hostapd_dpp_handle_config_obj(struct hostapd_data *hapd, 805 struct dpp_authentication *auth, 806 struct dpp_config_obj *conf) 807 { 808 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_RECEIVED); 809 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s", 810 dpp_akm_str(conf->akm)); 811 if (conf->ssid_len) 812 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s", 813 wpa_ssid_txt(conf->ssid, conf->ssid_len)); 814 if (conf->connector) { 815 /* TODO: Save the Connector and consider using a command 816 * to fetch the value instead of sending an event with 817 * it. The Connector could end up being larger than what 818 * most clients are ready to receive as an event 819 * message. */ 820 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONNECTOR "%s", 821 conf->connector); 822 } 823 if (conf->passphrase[0]) { 824 char hex[64 * 2 + 1]; 825 826 wpa_snprintf_hex(hex, sizeof(hex), 827 (const u8 *) conf->passphrase, 828 os_strlen(conf->passphrase)); 829 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s", 830 hex); 831 } else if (conf->psk_set) { 832 char hex[PMK_LEN * 2 + 1]; 833 834 wpa_snprintf_hex(hex, sizeof(hex), conf->psk, PMK_LEN); 835 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s", 836 hex); 837 } 838 if (conf->c_sign_key) { 839 char *hex; 840 size_t hexlen; 841 842 hexlen = 2 * wpabuf_len(conf->c_sign_key) + 1; 843 hex = os_malloc(hexlen); 844 if (hex) { 845 wpa_snprintf_hex(hex, hexlen, 846 wpabuf_head(conf->c_sign_key), 847 wpabuf_len(conf->c_sign_key)); 848 wpa_msg(hapd->msg_ctx, MSG_INFO, 849 DPP_EVENT_C_SIGN_KEY "%s", hex); 850 os_free(hex); 851 } 852 } 853 if (auth->net_access_key) { 854 char *hex; 855 size_t hexlen; 856 857 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1; 858 hex = os_malloc(hexlen); 859 if (hex) { 860 wpa_snprintf_hex(hex, hexlen, 861 wpabuf_head(auth->net_access_key), 862 wpabuf_len(auth->net_access_key)); 863 if (auth->net_access_key_expiry) 864 wpa_msg(hapd->msg_ctx, MSG_INFO, 865 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex, 866 (unsigned long) 867 auth->net_access_key_expiry); 868 else 869 wpa_msg(hapd->msg_ctx, MSG_INFO, 870 DPP_EVENT_NET_ACCESS_KEY "%s", hex); 871 os_free(hex); 872 } 873 } 874 } 875 876 877 static int hostapd_dpp_handle_key_pkg(struct hostapd_data *hapd, 878 struct dpp_asymmetric_key *key) 879 { 880 #ifdef CONFIG_DPP2 881 int res; 882 883 if (!key) 884 return 0; 885 886 wpa_printf(MSG_DEBUG, "DPP: Received Configurator backup"); 887 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_RECEIVED); 888 889 while (key) { 890 res = dpp_configurator_from_backup( 891 hapd->iface->interfaces->dpp, key); 892 if (res < 0) 893 return -1; 894 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFIGURATOR_ID "%d", 895 res); 896 key = key->next; 897 } 898 #endif /* CONFIG_DPP2 */ 899 900 return 0; 901 } 902 903 904 static void hostapd_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token, 905 enum gas_query_ap_result result, 906 const struct wpabuf *adv_proto, 907 const struct wpabuf *resp, u16 status_code) 908 { 909 struct hostapd_data *hapd = ctx; 910 const u8 *pos; 911 struct dpp_authentication *auth = hapd->dpp_auth; 912 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED; 913 914 if (!auth || !auth->auth_success) { 915 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); 916 return; 917 } 918 if (result != GAS_QUERY_AP_SUCCESS || 919 !resp || status_code != WLAN_STATUS_SUCCESS) { 920 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed"); 921 goto fail; 922 } 923 924 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto", 925 adv_proto); 926 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)", 927 resp); 928 929 if (wpabuf_len(adv_proto) != 10 || 930 !(pos = wpabuf_head(adv_proto)) || 931 pos[0] != WLAN_EID_ADV_PROTO || 932 pos[1] != 8 || 933 pos[3] != WLAN_EID_VENDOR_SPECIFIC || 934 pos[4] != 5 || 935 WPA_GET_BE24(&pos[5]) != OUI_WFA || 936 pos[8] != 0x1a || 937 pos[9] != 1) { 938 wpa_printf(MSG_DEBUG, 939 "DPP: Not a DPP Advertisement Protocol ID"); 940 goto fail; 941 } 942 943 if (dpp_conf_resp_rx(auth, resp) < 0) { 944 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed"); 945 goto fail; 946 } 947 948 hostapd_dpp_handle_config_obj(hapd, auth, &auth->conf_obj[0]); 949 if (hostapd_dpp_handle_key_pkg(hapd, auth->conf_key_pkg) < 0) 950 goto fail; 951 952 status = DPP_STATUS_OK; 953 #ifdef CONFIG_TESTING_OPTIONS 954 if (dpp_test == DPP_TEST_REJECT_CONFIG) { 955 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object"); 956 status = DPP_STATUS_CONFIG_REJECTED; 957 } 958 #endif /* CONFIG_TESTING_OPTIONS */ 959 fail: 960 if (status != DPP_STATUS_OK) 961 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); 962 #ifdef CONFIG_DPP2 963 if (auth->peer_version >= 2 && 964 auth->conf_resp_status == DPP_STATUS_OK) { 965 struct wpabuf *msg; 966 967 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result"); 968 msg = dpp_build_conf_result(auth, status); 969 if (!msg) 970 goto fail2; 971 972 wpa_msg(hapd->msg_ctx, MSG_INFO, 973 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 974 MAC2STR(addr), auth->curr_freq, 975 DPP_PA_CONFIGURATION_RESULT); 976 hostapd_drv_send_action(hapd, auth->curr_freq, 0, 977 addr, wpabuf_head(msg), 978 wpabuf_len(msg)); 979 wpabuf_free(msg); 980 981 /* This exchange will be terminated in the TX status handler */ 982 auth->connect_on_tx_status = 1; 983 return; 984 } 985 fail2: 986 #endif /* CONFIG_DPP2 */ 987 dpp_auth_deinit(hapd->dpp_auth); 988 hapd->dpp_auth = NULL; 989 } 990 991 992 static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd) 993 { 994 struct dpp_authentication *auth = hapd->dpp_auth; 995 struct wpabuf *buf; 996 int res; 997 998 buf = dpp_build_conf_req_helper(auth, hapd->conf->dpp_name, 999 DPP_NETROLE_AP, 1000 hapd->conf->dpp_mud_url, NULL); 1001 if (!buf) { 1002 wpa_printf(MSG_DEBUG, 1003 "DPP: No configuration request data available"); 1004 return; 1005 } 1006 1007 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)", 1008 MAC2STR(auth->peer_mac_addr), auth->curr_freq); 1009 1010 res = gas_query_ap_req(hapd->gas, auth->peer_mac_addr, auth->curr_freq, 1011 buf, hostapd_dpp_gas_resp_cb, hapd); 1012 if (res < 0) { 1013 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 1014 "GAS: Failed to send Query Request"); 1015 wpabuf_free(buf); 1016 } else { 1017 wpa_printf(MSG_DEBUG, 1018 "DPP: GAS query started with dialog token %u", res); 1019 } 1020 } 1021 1022 1023 static void hostapd_dpp_auth_success(struct hostapd_data *hapd, int initiator) 1024 { 1025 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded"); 1026 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", 1027 initiator); 1028 #ifdef CONFIG_TESTING_OPTIONS 1029 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) { 1030 wpa_printf(MSG_INFO, 1031 "DPP: TESTING - stop at Authentication Confirm"); 1032 if (hapd->dpp_auth->configurator) { 1033 /* Prevent GAS response */ 1034 hapd->dpp_auth->auth_success = 0; 1035 } 1036 return; 1037 } 1038 #endif /* CONFIG_TESTING_OPTIONS */ 1039 1040 if (!hapd->dpp_auth->configurator) 1041 hostapd_dpp_start_gas_client(hapd); 1042 } 1043 1044 1045 static void hostapd_dpp_rx_auth_resp(struct hostapd_data *hapd, const u8 *src, 1046 const u8 *hdr, const u8 *buf, size_t len, 1047 unsigned int freq) 1048 { 1049 struct dpp_authentication *auth = hapd->dpp_auth; 1050 struct wpabuf *msg; 1051 1052 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR, 1053 MAC2STR(src)); 1054 1055 if (!auth) { 1056 wpa_printf(MSG_DEBUG, 1057 "DPP: No DPP Authentication in progress - drop"); 1058 return; 1059 } 1060 1061 if (!is_zero_ether_addr(auth->peer_mac_addr) && 1062 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1063 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1064 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1065 return; 1066 } 1067 1068 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); 1069 1070 if (auth->curr_freq != freq && auth->neg_freq == freq) { 1071 wpa_printf(MSG_DEBUG, 1072 "DPP: Responder accepted request for different negotiation channel"); 1073 auth->curr_freq = freq; 1074 } 1075 1076 eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); 1077 msg = dpp_auth_resp_rx(auth, hdr, buf, len); 1078 if (!msg) { 1079 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) { 1080 wpa_printf(MSG_DEBUG, "DPP: Wait for full response"); 1081 return; 1082 } 1083 wpa_printf(MSG_DEBUG, "DPP: No confirm generated"); 1084 return; 1085 } 1086 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 1087 1088 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1089 " freq=%u type=%d", MAC2STR(src), auth->curr_freq, 1090 DPP_PA_AUTHENTICATION_CONF); 1091 hostapd_drv_send_action(hapd, auth->curr_freq, 0, src, 1092 wpabuf_head(msg), wpabuf_len(msg)); 1093 wpabuf_free(msg); 1094 hapd->dpp_auth_ok_on_ack = 1; 1095 } 1096 1097 1098 static void hostapd_dpp_rx_auth_conf(struct hostapd_data *hapd, const u8 *src, 1099 const u8 *hdr, const u8 *buf, size_t len) 1100 { 1101 struct dpp_authentication *auth = hapd->dpp_auth; 1102 1103 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR, 1104 MAC2STR(src)); 1105 1106 if (!auth) { 1107 wpa_printf(MSG_DEBUG, 1108 "DPP: No DPP Authentication in progress - drop"); 1109 return; 1110 } 1111 1112 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1113 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1114 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1115 return; 1116 } 1117 1118 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) { 1119 wpa_printf(MSG_DEBUG, "DPP: Authentication failed"); 1120 return; 1121 } 1122 1123 hostapd_dpp_auth_success(hapd, 0); 1124 } 1125 1126 1127 #ifdef CONFIG_DPP2 1128 1129 static void hostapd_dpp_config_result_wait_timeout(void *eloop_ctx, 1130 void *timeout_ctx) 1131 { 1132 struct hostapd_data *hapd = eloop_ctx; 1133 struct dpp_authentication *auth = hapd->dpp_auth; 1134 1135 if (!auth || !auth->waiting_conf_result) 1136 return; 1137 1138 wpa_printf(MSG_DEBUG, 1139 "DPP: Timeout while waiting for Configuration Result"); 1140 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); 1141 dpp_auth_deinit(auth); 1142 hapd->dpp_auth = NULL; 1143 } 1144 1145 1146 static void hostapd_dpp_conn_status_result_wait_timeout(void *eloop_ctx, 1147 void *timeout_ctx) 1148 { 1149 struct hostapd_data *hapd = eloop_ctx; 1150 struct dpp_authentication *auth = hapd->dpp_auth; 1151 1152 if (!auth || !auth->waiting_conf_result) 1153 return; 1154 1155 wpa_printf(MSG_DEBUG, 1156 "DPP: Timeout while waiting for Connection Status Result"); 1157 wpa_msg(hapd->msg_ctx, MSG_INFO, 1158 DPP_EVENT_CONN_STATUS_RESULT "timeout"); 1159 dpp_auth_deinit(auth); 1160 hapd->dpp_auth = NULL; 1161 } 1162 1163 1164 static void hostapd_dpp_rx_conf_result(struct hostapd_data *hapd, const u8 *src, 1165 const u8 *hdr, const u8 *buf, size_t len) 1166 { 1167 struct dpp_authentication *auth = hapd->dpp_auth; 1168 enum dpp_status_error status; 1169 1170 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR, 1171 MAC2STR(src)); 1172 1173 if (!auth || !auth->waiting_conf_result) { 1174 wpa_printf(MSG_DEBUG, 1175 "DPP: No DPP Configuration waiting for result - drop"); 1176 return; 1177 } 1178 1179 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1180 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1181 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1182 return; 1183 } 1184 1185 status = dpp_conf_result_rx(auth, hdr, buf, len); 1186 1187 if (status == DPP_STATUS_OK && auth->send_conn_status) { 1188 wpa_msg(hapd->msg_ctx, MSG_INFO, 1189 DPP_EVENT_CONF_SENT "wait_conn_status=1"); 1190 wpa_printf(MSG_DEBUG, "DPP: Wait for Connection Status Result"); 1191 eloop_cancel_timeout(hostapd_dpp_config_result_wait_timeout, 1192 hapd, NULL); 1193 auth->waiting_conn_status_result = 1; 1194 eloop_cancel_timeout( 1195 hostapd_dpp_conn_status_result_wait_timeout, 1196 hapd, NULL); 1197 eloop_register_timeout( 1198 16, 0, hostapd_dpp_conn_status_result_wait_timeout, 1199 hapd, NULL); 1200 return; 1201 } 1202 hostapd_drv_send_action_cancel_wait(hapd); 1203 hostapd_dpp_listen_stop(hapd); 1204 if (status == DPP_STATUS_OK) 1205 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_SENT); 1206 else 1207 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); 1208 dpp_auth_deinit(auth); 1209 hapd->dpp_auth = NULL; 1210 eloop_cancel_timeout(hostapd_dpp_config_result_wait_timeout, hapd, 1211 NULL); 1212 } 1213 1214 1215 static void hostapd_dpp_rx_conn_status_result(struct hostapd_data *hapd, 1216 const u8 *src, const u8 *hdr, 1217 const u8 *buf, size_t len) 1218 { 1219 struct dpp_authentication *auth = hapd->dpp_auth; 1220 enum dpp_status_error status; 1221 u8 ssid[SSID_MAX_LEN]; 1222 size_t ssid_len = 0; 1223 char *channel_list = NULL; 1224 1225 wpa_printf(MSG_DEBUG, "DPP: Connection Status Result"); 1226 1227 if (!auth || !auth->waiting_conn_status_result) { 1228 wpa_printf(MSG_DEBUG, 1229 "DPP: No DPP Configuration waiting for connection status result - drop"); 1230 return; 1231 } 1232 1233 status = dpp_conn_status_result_rx(auth, hdr, buf, len, 1234 ssid, &ssid_len, &channel_list); 1235 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT 1236 "result=%d ssid=%s channel_list=%s", 1237 status, wpa_ssid_txt(ssid, ssid_len), 1238 channel_list ? channel_list : "N/A"); 1239 os_free(channel_list); 1240 hostapd_drv_send_action_cancel_wait(hapd); 1241 hostapd_dpp_listen_stop(hapd); 1242 dpp_auth_deinit(auth); 1243 hapd->dpp_auth = NULL; 1244 eloop_cancel_timeout(hostapd_dpp_conn_status_result_wait_timeout, 1245 hapd, NULL); 1246 } 1247 1248 1249 static void 1250 hostapd_dpp_rx_presence_announcement(struct hostapd_data *hapd, const u8 *src, 1251 const u8 *hdr, const u8 *buf, size_t len, 1252 unsigned int freq) 1253 { 1254 const u8 *r_bootstrap; 1255 u16 r_bootstrap_len; 1256 struct dpp_bootstrap_info *peer_bi; 1257 struct dpp_authentication *auth; 1258 1259 wpa_printf(MSG_DEBUG, "DPP: Presence Announcement from " MACSTR, 1260 MAC2STR(src)); 1261 1262 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, 1263 &r_bootstrap_len); 1264 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { 1265 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 1266 "Missing or invalid required Responder Bootstrapping Key Hash attribute"); 1267 return; 1268 } 1269 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", 1270 r_bootstrap, r_bootstrap_len); 1271 peer_bi = dpp_bootstrap_find_chirp(hapd->iface->interfaces->dpp, 1272 r_bootstrap); 1273 dpp_notify_chirp_received(hapd->msg_ctx, 1274 peer_bi ? (int) peer_bi->id : -1, 1275 src, freq, r_bootstrap); 1276 if (!peer_bi) { 1277 if (dpp_relay_rx_action(hapd->iface->interfaces->dpp, 1278 src, hdr, buf, len, freq, NULL, 1279 r_bootstrap, hapd) == 0) 1280 return; 1281 wpa_printf(MSG_DEBUG, 1282 "DPP: No matching bootstrapping information found"); 1283 return; 1284 } 1285 1286 if (hapd->dpp_auth) { 1287 wpa_printf(MSG_DEBUG, 1288 "DPP: Ignore Presence Announcement during ongoing Authentication"); 1289 return; 1290 } 1291 1292 auth = dpp_auth_init(hapd->iface->interfaces->dpp, hapd->msg_ctx, 1293 peer_bi, NULL, DPP_CAPAB_CONFIGURATOR, freq, NULL, 1294 0); 1295 if (!auth) 1296 return; 1297 hostapd_dpp_set_testing_options(hapd, auth); 1298 if (dpp_set_configurator(auth, 1299 hapd->dpp_configurator_params) < 0) { 1300 dpp_auth_deinit(auth); 1301 return; 1302 } 1303 1304 auth->neg_freq = freq; 1305 1306 /* The source address of the Presence Announcement frame overrides any 1307 * MAC address information from the bootstrapping information. */ 1308 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 1309 1310 hapd->dpp_auth = auth; 1311 if (hostapd_dpp_auth_init_next(hapd) < 0) { 1312 dpp_auth_deinit(hapd->dpp_auth); 1313 hapd->dpp_auth = NULL; 1314 } 1315 } 1316 1317 1318 static void hostapd_dpp_reconfig_reply_wait_timeout(void *eloop_ctx, 1319 void *timeout_ctx) 1320 { 1321 struct hostapd_data *hapd = eloop_ctx; 1322 struct dpp_authentication *auth = hapd->dpp_auth; 1323 1324 if (!auth) 1325 return; 1326 1327 wpa_printf(MSG_DEBUG, "DPP: Reconfig Reply wait timeout"); 1328 hostapd_dpp_listen_stop(hapd); 1329 dpp_auth_deinit(auth); 1330 hapd->dpp_auth = NULL; 1331 } 1332 1333 1334 static void 1335 hostapd_dpp_rx_reconfig_announcement(struct hostapd_data *hapd, const u8 *src, 1336 const u8 *hdr, const u8 *buf, size_t len, 1337 unsigned int freq) 1338 { 1339 const u8 *csign_hash, *fcgroup, *a_nonce, *e_id; 1340 u16 csign_hash_len, fcgroup_len, a_nonce_len, e_id_len; 1341 struct dpp_configurator *conf; 1342 struct dpp_authentication *auth; 1343 unsigned int wait_time, max_wait_time; 1344 u16 group; 1345 1346 if (hapd->dpp_auth) { 1347 wpa_printf(MSG_DEBUG, 1348 "DPP: Ignore Reconfig Announcement during ongoing Authentication"); 1349 return; 1350 } 1351 1352 wpa_printf(MSG_DEBUG, "DPP: Reconfig Announcement from " MACSTR, 1353 MAC2STR(src)); 1354 1355 csign_hash = dpp_get_attr(buf, len, DPP_ATTR_C_SIGN_KEY_HASH, 1356 &csign_hash_len); 1357 if (!csign_hash || csign_hash_len != SHA256_MAC_LEN) { 1358 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 1359 "Missing or invalid required Configurator C-sign key Hash attribute"); 1360 return; 1361 } 1362 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator C-sign key Hash (kid)", 1363 csign_hash, csign_hash_len); 1364 conf = dpp_configurator_find_kid(hapd->iface->interfaces->dpp, 1365 csign_hash); 1366 if (!conf) { 1367 if (dpp_relay_rx_action(hapd->iface->interfaces->dpp, 1368 src, hdr, buf, len, freq, NULL, 1369 NULL, hapd) == 0) 1370 return; 1371 wpa_printf(MSG_DEBUG, 1372 "DPP: No matching Configurator information found"); 1373 return; 1374 } 1375 1376 fcgroup = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP, 1377 &fcgroup_len); 1378 if (!fcgroup || fcgroup_len != 2) { 1379 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_FAIL 1380 "Missing or invalid required Finite Cyclic Group attribute"); 1381 return; 1382 } 1383 group = WPA_GET_LE16(fcgroup); 1384 wpa_printf(MSG_DEBUG, "DPP: Enrollee finite cyclic group: %u", group); 1385 1386 a_nonce = dpp_get_attr(buf, len, DPP_ATTR_A_NONCE, &a_nonce_len); 1387 e_id = dpp_get_attr(buf, len, DPP_ATTR_E_PRIME_ID, &e_id_len); 1388 1389 auth = dpp_reconfig_init(hapd->iface->interfaces->dpp, hapd->msg_ctx, 1390 conf, freq, group, a_nonce, a_nonce_len, 1391 e_id, e_id_len); 1392 if (!auth) 1393 return; 1394 hostapd_dpp_set_testing_options(hapd, auth); 1395 if (dpp_set_configurator(auth, hapd->dpp_configurator_params) < 0) { 1396 dpp_auth_deinit(auth); 1397 return; 1398 } 1399 1400 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 1401 hapd->dpp_auth = auth; 1402 1403 hapd->dpp_in_response_listen = 0; 1404 hapd->dpp_auth_ok_on_ack = 0; 1405 wait_time = 2000; /* TODO: hapd->max_remain_on_chan; */ 1406 max_wait_time = hapd->dpp_resp_wait_time ? 1407 hapd->dpp_resp_wait_time : 2000; 1408 if (wait_time > max_wait_time) 1409 wait_time = max_wait_time; 1410 wait_time += 10; /* give the driver some extra time to complete */ 1411 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 1412 hostapd_dpp_reconfig_reply_wait_timeout, 1413 hapd, NULL); 1414 wait_time -= 10; 1415 1416 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1417 " freq=%u type=%d", 1418 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_REQ); 1419 if (hostapd_drv_send_action(hapd, freq, wait_time, src, 1420 wpabuf_head(auth->reconfig_req_msg), 1421 wpabuf_len(auth->reconfig_req_msg)) < 0) { 1422 dpp_auth_deinit(hapd->dpp_auth); 1423 hapd->dpp_auth = NULL; 1424 } 1425 } 1426 1427 1428 static void 1429 hostapd_dpp_rx_reconfig_auth_resp(struct hostapd_data *hapd, const u8 *src, 1430 const u8 *hdr, const u8 *buf, size_t len, 1431 unsigned int freq) 1432 { 1433 struct dpp_authentication *auth = hapd->dpp_auth; 1434 struct wpabuf *conf; 1435 1436 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Response from " 1437 MACSTR, MAC2STR(src)); 1438 1439 if (!auth || !auth->reconfig || !auth->configurator) { 1440 wpa_printf(MSG_DEBUG, 1441 "DPP: No DPP Reconfig Authentication in progress - drop"); 1442 return; 1443 } 1444 1445 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1446 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1447 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1448 return; 1449 } 1450 1451 conf = dpp_reconfig_auth_resp_rx(auth, hdr, buf, len); 1452 if (!conf) 1453 return; 1454 1455 eloop_cancel_timeout(hostapd_dpp_reconfig_reply_wait_timeout, 1456 hapd, NULL); 1457 1458 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1459 " freq=%u type=%d", 1460 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_CONF); 1461 if (hostapd_drv_send_action(hapd, freq, 500, src, 1462 wpabuf_head(conf), wpabuf_len(conf)) < 0) { 1463 wpabuf_free(conf); 1464 dpp_auth_deinit(hapd->dpp_auth); 1465 hapd->dpp_auth = NULL; 1466 return; 1467 } 1468 wpabuf_free(conf); 1469 } 1470 1471 #endif /* CONFIG_DPP2 */ 1472 1473 1474 static void hostapd_dpp_send_peer_disc_resp(struct hostapd_data *hapd, 1475 const u8 *src, unsigned int freq, 1476 u8 trans_id, 1477 enum dpp_status_error status) 1478 { 1479 struct wpabuf *msg; 1480 size_t len; 1481 1482 len = 5 + 5 + 4 + os_strlen(hapd->conf->dpp_connector); 1483 #ifdef CONFIG_DPP2 1484 len += 5; 1485 #endif /* CONFIG_DPP2 */ 1486 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_RESP, len); 1487 if (!msg) 1488 return; 1489 1490 #ifdef CONFIG_TESTING_OPTIONS 1491 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_RESP) { 1492 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID"); 1493 goto skip_trans_id; 1494 } 1495 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_RESP) { 1496 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID"); 1497 trans_id ^= 0x01; 1498 } 1499 #endif /* CONFIG_TESTING_OPTIONS */ 1500 1501 /* Transaction ID */ 1502 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); 1503 wpabuf_put_le16(msg, 1); 1504 wpabuf_put_u8(msg, trans_id); 1505 1506 #ifdef CONFIG_TESTING_OPTIONS 1507 skip_trans_id: 1508 if (dpp_test == DPP_TEST_NO_STATUS_PEER_DISC_RESP) { 1509 wpa_printf(MSG_INFO, "DPP: TESTING - no Status"); 1510 goto skip_status; 1511 } 1512 if (dpp_test == DPP_TEST_INVALID_STATUS_PEER_DISC_RESP) { 1513 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Status"); 1514 status = 254; 1515 } 1516 #endif /* CONFIG_TESTING_OPTIONS */ 1517 1518 /* DPP Status */ 1519 wpabuf_put_le16(msg, DPP_ATTR_STATUS); 1520 wpabuf_put_le16(msg, 1); 1521 wpabuf_put_u8(msg, status); 1522 1523 #ifdef CONFIG_TESTING_OPTIONS 1524 skip_status: 1525 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP) { 1526 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector"); 1527 goto skip_connector; 1528 } 1529 if (status == DPP_STATUS_OK && 1530 dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_RESP) { 1531 char *connector; 1532 1533 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector"); 1534 connector = dpp_corrupt_connector_signature( 1535 hapd->conf->dpp_connector); 1536 if (!connector) { 1537 wpabuf_free(msg); 1538 return; 1539 } 1540 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); 1541 wpabuf_put_le16(msg, os_strlen(connector)); 1542 wpabuf_put_str(msg, connector); 1543 os_free(connector); 1544 goto skip_connector; 1545 } 1546 #endif /* CONFIG_TESTING_OPTIONS */ 1547 1548 /* DPP Connector */ 1549 if (status == DPP_STATUS_OK) { 1550 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); 1551 wpabuf_put_le16(msg, os_strlen(hapd->conf->dpp_connector)); 1552 wpabuf_put_str(msg, hapd->conf->dpp_connector); 1553 } 1554 1555 #ifdef CONFIG_TESTING_OPTIONS 1556 skip_connector: 1557 #endif /* CONFIG_TESTING_OPTIONS */ 1558 1559 #ifdef CONFIG_DPP2 1560 if (DPP_VERSION > 1) { 1561 /* Protocol Version */ 1562 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION); 1563 wpabuf_put_le16(msg, 1); 1564 wpabuf_put_u8(msg, DPP_VERSION); 1565 } 1566 #endif /* CONFIG_DPP2 */ 1567 1568 wpa_printf(MSG_DEBUG, "DPP: Send Peer Discovery Response to " MACSTR 1569 " status=%d", MAC2STR(src), status); 1570 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1571 " freq=%u type=%d status=%d", MAC2STR(src), freq, 1572 DPP_PA_PEER_DISCOVERY_RESP, status); 1573 hostapd_drv_send_action(hapd, freq, 0, src, 1574 wpabuf_head(msg), wpabuf_len(msg)); 1575 wpabuf_free(msg); 1576 } 1577 1578 1579 static void hostapd_dpp_rx_peer_disc_req(struct hostapd_data *hapd, 1580 const u8 *src, 1581 const u8 *buf, size_t len, 1582 unsigned int freq) 1583 { 1584 const u8 *connector, *trans_id; 1585 u16 connector_len, trans_id_len; 1586 struct os_time now; 1587 struct dpp_introduction intro; 1588 os_time_t expire; 1589 int expiration; 1590 enum dpp_status_error res; 1591 1592 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Request from " MACSTR, 1593 MAC2STR(src)); 1594 if (!hapd->wpa_auth || 1595 !(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) || 1596 !(hapd->conf->wpa & WPA_PROTO_RSN)) { 1597 wpa_printf(MSG_DEBUG, "DPP: DPP AKM not in use"); 1598 return; 1599 } 1600 1601 if (!hapd->conf->dpp_connector || !hapd->conf->dpp_netaccesskey || 1602 !hapd->conf->dpp_csign) { 1603 wpa_printf(MSG_DEBUG, "DPP: No own Connector/keys set"); 1604 return; 1605 } 1606 1607 os_get_time(&now); 1608 1609 if (hapd->conf->dpp_netaccesskey_expiry && 1610 (os_time_t) hapd->conf->dpp_netaccesskey_expiry < now.sec) { 1611 wpa_printf(MSG_INFO, "DPP: Own netAccessKey expired"); 1612 return; 1613 } 1614 1615 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID, 1616 &trans_id_len); 1617 if (!trans_id || trans_id_len != 1) { 1618 wpa_printf(MSG_DEBUG, 1619 "DPP: Peer did not include Transaction ID"); 1620 return; 1621 } 1622 1623 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len); 1624 if (!connector) { 1625 wpa_printf(MSG_DEBUG, 1626 "DPP: Peer did not include its Connector"); 1627 return; 1628 } 1629 1630 res = dpp_peer_intro(&intro, hapd->conf->dpp_connector, 1631 wpabuf_head(hapd->conf->dpp_netaccesskey), 1632 wpabuf_len(hapd->conf->dpp_netaccesskey), 1633 wpabuf_head(hapd->conf->dpp_csign), 1634 wpabuf_len(hapd->conf->dpp_csign), 1635 connector, connector_len, &expire); 1636 if (res == 255) { 1637 wpa_printf(MSG_INFO, 1638 "DPP: Network Introduction protocol resulted in internal failure (peer " 1639 MACSTR ")", MAC2STR(src)); 1640 return; 1641 } 1642 if (res != DPP_STATUS_OK) { 1643 wpa_printf(MSG_INFO, 1644 "DPP: Network Introduction protocol resulted in failure (peer " 1645 MACSTR " status %d)", MAC2STR(src), res); 1646 hostapd_dpp_send_peer_disc_resp(hapd, src, freq, trans_id[0], 1647 res); 1648 return; 1649 } 1650 1651 if (!expire || (os_time_t) hapd->conf->dpp_netaccesskey_expiry < expire) 1652 expire = hapd->conf->dpp_netaccesskey_expiry; 1653 if (expire) 1654 expiration = expire - now.sec; 1655 else 1656 expiration = 0; 1657 1658 if (wpa_auth_pmksa_add2(hapd->wpa_auth, src, intro.pmk, intro.pmk_len, 1659 intro.pmkid, expiration, 1660 WPA_KEY_MGMT_DPP) < 0) { 1661 wpa_printf(MSG_ERROR, "DPP: Failed to add PMKSA cache entry"); 1662 return; 1663 } 1664 1665 hostapd_dpp_send_peer_disc_resp(hapd, src, freq, trans_id[0], 1666 DPP_STATUS_OK); 1667 } 1668 1669 1670 static void 1671 hostapd_dpp_rx_pkex_exchange_req(struct hostapd_data *hapd, const u8 *src, 1672 const u8 *buf, size_t len, 1673 unsigned int freq) 1674 { 1675 struct wpabuf *msg; 1676 1677 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR, 1678 MAC2STR(src)); 1679 1680 /* TODO: Support multiple PKEX codes by iterating over all the enabled 1681 * values here */ 1682 1683 if (!hapd->dpp_pkex_code || !hapd->dpp_pkex_bi) { 1684 wpa_printf(MSG_DEBUG, 1685 "DPP: No PKEX code configured - ignore request"); 1686 return; 1687 } 1688 1689 if (hapd->dpp_pkex) { 1690 /* TODO: Support parallel operations */ 1691 wpa_printf(MSG_DEBUG, 1692 "DPP: Already in PKEX session - ignore new request"); 1693 return; 1694 } 1695 1696 hapd->dpp_pkex = dpp_pkex_rx_exchange_req(hapd->msg_ctx, 1697 hapd->dpp_pkex_bi, 1698 hapd->own_addr, src, 1699 hapd->dpp_pkex_identifier, 1700 hapd->dpp_pkex_code, 1701 buf, len); 1702 if (!hapd->dpp_pkex) { 1703 wpa_printf(MSG_DEBUG, 1704 "DPP: Failed to process the request - ignore it"); 1705 return; 1706 } 1707 1708 msg = hapd->dpp_pkex->exchange_resp; 1709 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1710 " freq=%u type=%d", MAC2STR(src), freq, 1711 DPP_PA_PKEX_EXCHANGE_RESP); 1712 hostapd_drv_send_action(hapd, freq, 0, src, 1713 wpabuf_head(msg), wpabuf_len(msg)); 1714 if (hapd->dpp_pkex->failed) { 1715 wpa_printf(MSG_DEBUG, 1716 "DPP: Terminate PKEX exchange due to an earlier error"); 1717 if (hapd->dpp_pkex->t > hapd->dpp_pkex->own_bi->pkex_t) 1718 hapd->dpp_pkex->own_bi->pkex_t = hapd->dpp_pkex->t; 1719 dpp_pkex_free(hapd->dpp_pkex); 1720 hapd->dpp_pkex = NULL; 1721 } 1722 } 1723 1724 1725 static void 1726 hostapd_dpp_rx_pkex_exchange_resp(struct hostapd_data *hapd, const u8 *src, 1727 const u8 *buf, size_t len, unsigned int freq) 1728 { 1729 struct wpabuf *msg; 1730 1731 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR, 1732 MAC2STR(src)); 1733 1734 /* TODO: Support multiple PKEX codes by iterating over all the enabled 1735 * values here */ 1736 1737 if (!hapd->dpp_pkex || !hapd->dpp_pkex->initiator || 1738 hapd->dpp_pkex->exchange_done) { 1739 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 1740 return; 1741 } 1742 1743 msg = dpp_pkex_rx_exchange_resp(hapd->dpp_pkex, src, buf, len); 1744 if (!msg) { 1745 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); 1746 return; 1747 } 1748 1749 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR, 1750 MAC2STR(src)); 1751 1752 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1753 " freq=%u type=%d", MAC2STR(src), freq, 1754 DPP_PA_PKEX_COMMIT_REVEAL_REQ); 1755 hostapd_drv_send_action(hapd, freq, 0, src, 1756 wpabuf_head(msg), wpabuf_len(msg)); 1757 wpabuf_free(msg); 1758 } 1759 1760 1761 static void 1762 hostapd_dpp_rx_pkex_commit_reveal_req(struct hostapd_data *hapd, const u8 *src, 1763 const u8 *hdr, const u8 *buf, size_t len, 1764 unsigned int freq) 1765 { 1766 struct wpabuf *msg; 1767 struct dpp_pkex *pkex = hapd->dpp_pkex; 1768 struct dpp_bootstrap_info *bi; 1769 1770 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR, 1771 MAC2STR(src)); 1772 1773 if (!pkex || pkex->initiator || !pkex->exchange_done) { 1774 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 1775 return; 1776 } 1777 1778 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len); 1779 if (!msg) { 1780 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request"); 1781 if (hapd->dpp_pkex->failed) { 1782 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange"); 1783 if (hapd->dpp_pkex->t > hapd->dpp_pkex->own_bi->pkex_t) 1784 hapd->dpp_pkex->own_bi->pkex_t = 1785 hapd->dpp_pkex->t; 1786 dpp_pkex_free(hapd->dpp_pkex); 1787 hapd->dpp_pkex = NULL; 1788 } 1789 return; 1790 } 1791 1792 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to " 1793 MACSTR, MAC2STR(src)); 1794 1795 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 1796 " freq=%u type=%d", MAC2STR(src), freq, 1797 DPP_PA_PKEX_COMMIT_REVEAL_RESP); 1798 hostapd_drv_send_action(hapd, freq, 0, src, 1799 wpabuf_head(msg), wpabuf_len(msg)); 1800 wpabuf_free(msg); 1801 1802 bi = dpp_pkex_finish(hapd->iface->interfaces->dpp, pkex, src, freq); 1803 if (!bi) 1804 return; 1805 hapd->dpp_pkex = NULL; 1806 } 1807 1808 1809 static void 1810 hostapd_dpp_rx_pkex_commit_reveal_resp(struct hostapd_data *hapd, const u8 *src, 1811 const u8 *hdr, const u8 *buf, size_t len, 1812 unsigned int freq) 1813 { 1814 int res; 1815 struct dpp_bootstrap_info *bi; 1816 struct dpp_pkex *pkex = hapd->dpp_pkex; 1817 char cmd[500]; 1818 1819 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR, 1820 MAC2STR(src)); 1821 1822 if (!pkex || !pkex->initiator || !pkex->exchange_done) { 1823 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 1824 return; 1825 } 1826 1827 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len); 1828 if (res < 0) { 1829 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); 1830 return; 1831 } 1832 1833 bi = dpp_pkex_finish(hapd->iface->interfaces->dpp, pkex, src, freq); 1834 if (!bi) 1835 return; 1836 hapd->dpp_pkex = NULL; 1837 1838 os_snprintf(cmd, sizeof(cmd), " peer=%u %s", 1839 bi->id, 1840 hapd->dpp_pkex_auth_cmd ? hapd->dpp_pkex_auth_cmd : ""); 1841 wpa_printf(MSG_DEBUG, 1842 "DPP: Start authentication after PKEX with parameters: %s", 1843 cmd); 1844 if (hostapd_dpp_auth_init(hapd, cmd) < 0) { 1845 wpa_printf(MSG_DEBUG, 1846 "DPP: Authentication initialization failed"); 1847 return; 1848 } 1849 } 1850 1851 1852 void hostapd_dpp_rx_action(struct hostapd_data *hapd, const u8 *src, 1853 const u8 *buf, size_t len, unsigned int freq) 1854 { 1855 u8 crypto_suite; 1856 enum dpp_public_action_frame_type type; 1857 const u8 *hdr; 1858 unsigned int pkex_t; 1859 1860 if (len < DPP_HDR_LEN) 1861 return; 1862 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE) 1863 return; 1864 hdr = buf; 1865 buf += 4; 1866 len -= 4; 1867 crypto_suite = *buf++; 1868 type = *buf++; 1869 len -= 2; 1870 1871 wpa_printf(MSG_DEBUG, 1872 "DPP: Received DPP Public Action frame crypto suite %u type %d from " 1873 MACSTR " freq=%u", 1874 crypto_suite, type, MAC2STR(src), freq); 1875 if (crypto_suite != 1) { 1876 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u", 1877 crypto_suite); 1878 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 1879 " freq=%u type=%d ignore=unsupported-crypto-suite", 1880 MAC2STR(src), freq, type); 1881 return; 1882 } 1883 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len); 1884 if (dpp_check_attrs(buf, len) < 0) { 1885 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 1886 " freq=%u type=%d ignore=invalid-attributes", 1887 MAC2STR(src), freq, type); 1888 return; 1889 } 1890 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 1891 " freq=%u type=%d", MAC2STR(src), freq, type); 1892 1893 #ifdef CONFIG_DPP2 1894 if (dpp_relay_rx_action(hapd->iface->interfaces->dpp, 1895 src, hdr, buf, len, freq, NULL, NULL, 1896 hapd) == 0) 1897 return; 1898 #endif /* CONFIG_DPP2 */ 1899 1900 switch (type) { 1901 case DPP_PA_AUTHENTICATION_REQ: 1902 hostapd_dpp_rx_auth_req(hapd, src, hdr, buf, len, freq); 1903 break; 1904 case DPP_PA_AUTHENTICATION_RESP: 1905 hostapd_dpp_rx_auth_resp(hapd, src, hdr, buf, len, freq); 1906 break; 1907 case DPP_PA_AUTHENTICATION_CONF: 1908 hostapd_dpp_rx_auth_conf(hapd, src, hdr, buf, len); 1909 break; 1910 case DPP_PA_PEER_DISCOVERY_REQ: 1911 hostapd_dpp_rx_peer_disc_req(hapd, src, buf, len, freq); 1912 break; 1913 case DPP_PA_PKEX_EXCHANGE_REQ: 1914 hostapd_dpp_rx_pkex_exchange_req(hapd, src, buf, len, freq); 1915 break; 1916 case DPP_PA_PKEX_EXCHANGE_RESP: 1917 hostapd_dpp_rx_pkex_exchange_resp(hapd, src, buf, len, freq); 1918 break; 1919 case DPP_PA_PKEX_COMMIT_REVEAL_REQ: 1920 hostapd_dpp_rx_pkex_commit_reveal_req(hapd, src, hdr, buf, len, 1921 freq); 1922 break; 1923 case DPP_PA_PKEX_COMMIT_REVEAL_RESP: 1924 hostapd_dpp_rx_pkex_commit_reveal_resp(hapd, src, hdr, buf, len, 1925 freq); 1926 break; 1927 #ifdef CONFIG_DPP2 1928 case DPP_PA_CONFIGURATION_RESULT: 1929 hostapd_dpp_rx_conf_result(hapd, src, hdr, buf, len); 1930 break; 1931 case DPP_PA_CONNECTION_STATUS_RESULT: 1932 hostapd_dpp_rx_conn_status_result(hapd, src, hdr, buf, len); 1933 break; 1934 case DPP_PA_PRESENCE_ANNOUNCEMENT: 1935 hostapd_dpp_rx_presence_announcement(hapd, src, hdr, buf, len, 1936 freq); 1937 break; 1938 case DPP_PA_RECONFIG_ANNOUNCEMENT: 1939 hostapd_dpp_rx_reconfig_announcement(hapd, src, hdr, buf, len, 1940 freq); 1941 break; 1942 case DPP_PA_RECONFIG_AUTH_RESP: 1943 hostapd_dpp_rx_reconfig_auth_resp(hapd, src, hdr, buf, len, 1944 freq); 1945 break; 1946 #endif /* CONFIG_DPP2 */ 1947 default: 1948 wpa_printf(MSG_DEBUG, 1949 "DPP: Ignored unsupported frame subtype %d", type); 1950 break; 1951 } 1952 1953 if (hapd->dpp_pkex) 1954 pkex_t = hapd->dpp_pkex->t; 1955 else if (hapd->dpp_pkex_bi) 1956 pkex_t = hapd->dpp_pkex_bi->pkex_t; 1957 else 1958 pkex_t = 0; 1959 if (pkex_t >= PKEX_COUNTER_T_LIMIT) { 1960 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0"); 1961 hostapd_dpp_pkex_remove(hapd, "*"); 1962 } 1963 } 1964 1965 1966 struct wpabuf * 1967 hostapd_dpp_gas_req_handler(struct hostapd_data *hapd, const u8 *sa, 1968 const u8 *query, size_t query_len, 1969 const u8 *data, size_t data_len) 1970 { 1971 struct dpp_authentication *auth = hapd->dpp_auth; 1972 struct wpabuf *resp; 1973 1974 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR, MAC2STR(sa)); 1975 if (!auth || (!auth->auth_success && !auth->reconfig_success) || 1976 os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) { 1977 #ifdef CONFIG_DPP2 1978 if (dpp_relay_rx_gas_req(hapd->iface->interfaces->dpp, sa, data, 1979 data_len) == 0) { 1980 /* Response will be forwarded once received over TCP */ 1981 return NULL; 1982 } 1983 #endif /* CONFIG_DPP2 */ 1984 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); 1985 return NULL; 1986 } 1987 1988 if (hapd->dpp_auth_ok_on_ack && auth->configurator) { 1989 wpa_printf(MSG_DEBUG, 1990 "DPP: Have not received ACK for Auth Confirm yet - assume it was received based on this GAS request"); 1991 /* hostapd_dpp_auth_success() would normally have been called 1992 * from TX status handler, but since there was no such handler 1993 * call yet, simply send out the event message and proceed with 1994 * exchange. */ 1995 wpa_msg(hapd->msg_ctx, MSG_INFO, 1996 DPP_EVENT_AUTH_SUCCESS "init=1"); 1997 hapd->dpp_auth_ok_on_ack = 0; 1998 } 1999 2000 wpa_hexdump(MSG_DEBUG, 2001 "DPP: Received Configuration Request (GAS Query Request)", 2002 query, query_len); 2003 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR, 2004 MAC2STR(sa)); 2005 resp = dpp_conf_req_rx(auth, query, query_len); 2006 if (!resp) 2007 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); 2008 return resp; 2009 } 2010 2011 2012 void hostapd_dpp_gas_status_handler(struct hostapd_data *hapd, int ok) 2013 { 2014 struct dpp_authentication *auth = hapd->dpp_auth; 2015 2016 if (!auth) 2017 return; 2018 2019 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)", 2020 ok); 2021 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); 2022 eloop_cancel_timeout(hostapd_dpp_auth_conf_wait_timeout, hapd, NULL); 2023 eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); 2024 #ifdef CONFIG_DPP2 2025 eloop_cancel_timeout(hostapd_dpp_reconfig_reply_wait_timeout, 2026 hapd, NULL); 2027 if (ok && auth->peer_version >= 2 && 2028 auth->conf_resp_status == DPP_STATUS_OK) { 2029 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result"); 2030 auth->waiting_conf_result = 1; 2031 eloop_cancel_timeout(hostapd_dpp_config_result_wait_timeout, 2032 hapd, NULL); 2033 eloop_register_timeout(2, 0, 2034 hostapd_dpp_config_result_wait_timeout, 2035 hapd, NULL); 2036 return; 2037 } 2038 #endif /* CONFIG_DPP2 */ 2039 hostapd_drv_send_action_cancel_wait(hapd); 2040 2041 if (ok) 2042 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_SENT); 2043 else 2044 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); 2045 dpp_auth_deinit(hapd->dpp_auth); 2046 hapd->dpp_auth = NULL; 2047 } 2048 2049 2050 int hostapd_dpp_configurator_sign(struct hostapd_data *hapd, const char *cmd) 2051 { 2052 struct dpp_authentication *auth; 2053 int ret = -1; 2054 char *curve = NULL; 2055 2056 auth = dpp_alloc_auth(hapd->iface->interfaces->dpp, hapd->msg_ctx); 2057 if (!auth) 2058 return -1; 2059 2060 curve = get_param(cmd, " curve="); 2061 hostapd_dpp_set_testing_options(hapd, auth); 2062 if (dpp_set_configurator(auth, cmd) == 0 && 2063 dpp_configurator_own_config(auth, curve, 1) == 0) { 2064 hostapd_dpp_handle_config_obj(hapd, auth, &auth->conf_obj[0]); 2065 ret = 0; 2066 } 2067 2068 dpp_auth_deinit(auth); 2069 os_free(curve); 2070 2071 return ret; 2072 } 2073 2074 2075 int hostapd_dpp_pkex_add(struct hostapd_data *hapd, const char *cmd) 2076 { 2077 struct dpp_bootstrap_info *own_bi; 2078 const char *pos, *end; 2079 2080 pos = os_strstr(cmd, " own="); 2081 if (!pos) 2082 return -1; 2083 pos += 5; 2084 own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos)); 2085 if (!own_bi) { 2086 wpa_printf(MSG_DEBUG, 2087 "DPP: Identified bootstrap info not found"); 2088 return -1; 2089 } 2090 if (own_bi->type != DPP_BOOTSTRAP_PKEX) { 2091 wpa_printf(MSG_DEBUG, 2092 "DPP: Identified bootstrap info not for PKEX"); 2093 return -1; 2094 } 2095 hapd->dpp_pkex_bi = own_bi; 2096 own_bi->pkex_t = 0; /* clear pending errors on new code */ 2097 2098 os_free(hapd->dpp_pkex_identifier); 2099 hapd->dpp_pkex_identifier = NULL; 2100 pos = os_strstr(cmd, " identifier="); 2101 if (pos) { 2102 pos += 12; 2103 end = os_strchr(pos, ' '); 2104 if (!end) 2105 return -1; 2106 hapd->dpp_pkex_identifier = os_malloc(end - pos + 1); 2107 if (!hapd->dpp_pkex_identifier) 2108 return -1; 2109 os_memcpy(hapd->dpp_pkex_identifier, pos, end - pos); 2110 hapd->dpp_pkex_identifier[end - pos] = '\0'; 2111 } 2112 2113 pos = os_strstr(cmd, " code="); 2114 if (!pos) 2115 return -1; 2116 os_free(hapd->dpp_pkex_code); 2117 hapd->dpp_pkex_code = os_strdup(pos + 6); 2118 if (!hapd->dpp_pkex_code) 2119 return -1; 2120 2121 if (os_strstr(cmd, " init=1")) { 2122 struct wpabuf *msg; 2123 2124 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEX"); 2125 dpp_pkex_free(hapd->dpp_pkex); 2126 hapd->dpp_pkex = dpp_pkex_init(hapd->msg_ctx, own_bi, 2127 hapd->own_addr, 2128 hapd->dpp_pkex_identifier, 2129 hapd->dpp_pkex_code); 2130 if (!hapd->dpp_pkex) 2131 return -1; 2132 2133 msg = hapd->dpp_pkex->exchange_req; 2134 /* TODO: Which channel to use? */ 2135 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 2136 " freq=%u type=%d", MAC2STR(broadcast), 2437, 2137 DPP_PA_PKEX_EXCHANGE_REQ); 2138 hostapd_drv_send_action(hapd, 2437, 0, broadcast, 2139 wpabuf_head(msg), wpabuf_len(msg)); 2140 } 2141 2142 /* TODO: Support multiple PKEX info entries */ 2143 2144 os_free(hapd->dpp_pkex_auth_cmd); 2145 hapd->dpp_pkex_auth_cmd = os_strdup(cmd); 2146 2147 return 1; 2148 } 2149 2150 2151 int hostapd_dpp_pkex_remove(struct hostapd_data *hapd, const char *id) 2152 { 2153 unsigned int id_val; 2154 2155 if (os_strcmp(id, "*") == 0) { 2156 id_val = 0; 2157 } else { 2158 id_val = atoi(id); 2159 if (id_val == 0) 2160 return -1; 2161 } 2162 2163 if ((id_val != 0 && id_val != 1) || !hapd->dpp_pkex_code) 2164 return -1; 2165 2166 /* TODO: Support multiple PKEX entries */ 2167 os_free(hapd->dpp_pkex_code); 2168 hapd->dpp_pkex_code = NULL; 2169 os_free(hapd->dpp_pkex_identifier); 2170 hapd->dpp_pkex_identifier = NULL; 2171 os_free(hapd->dpp_pkex_auth_cmd); 2172 hapd->dpp_pkex_auth_cmd = NULL; 2173 hapd->dpp_pkex_bi = NULL; 2174 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */ 2175 dpp_pkex_free(hapd->dpp_pkex); 2176 hapd->dpp_pkex = NULL; 2177 return 0; 2178 } 2179 2180 2181 void hostapd_dpp_stop(struct hostapd_data *hapd) 2182 { 2183 dpp_auth_deinit(hapd->dpp_auth); 2184 hapd->dpp_auth = NULL; 2185 dpp_pkex_free(hapd->dpp_pkex); 2186 hapd->dpp_pkex = NULL; 2187 } 2188 2189 2190 #ifdef CONFIG_DPP2 2191 2192 static void hostapd_dpp_relay_tx(void *ctx, const u8 *addr, unsigned int freq, 2193 const u8 *msg, size_t len) 2194 { 2195 struct hostapd_data *hapd = ctx; 2196 u8 *buf; 2197 2198 wpa_printf(MSG_DEBUG, "DPP: Send action frame dst=" MACSTR " freq=%u", 2199 MAC2STR(addr), freq); 2200 buf = os_malloc(2 + len); 2201 if (!buf) 2202 return; 2203 buf[0] = WLAN_ACTION_PUBLIC; 2204 buf[1] = WLAN_PA_VENDOR_SPECIFIC; 2205 os_memcpy(buf + 2, msg, len); 2206 hostapd_drv_send_action(hapd, freq, 0, addr, buf, 2 + len); 2207 os_free(buf); 2208 } 2209 2210 2211 static void hostapd_dpp_relay_gas_resp_tx(void *ctx, const u8 *addr, 2212 u8 dialog_token, int prot, 2213 struct wpabuf *buf) 2214 { 2215 struct hostapd_data *hapd = ctx; 2216 2217 gas_serv_req_dpp_processing(hapd, addr, dialog_token, prot, buf); 2218 } 2219 2220 #endif /* CONFIG_DPP2 */ 2221 2222 2223 static int hostapd_dpp_add_controllers(struct hostapd_data *hapd) 2224 { 2225 #ifdef CONFIG_DPP2 2226 struct dpp_controller_conf *ctrl; 2227 struct dpp_relay_config config; 2228 2229 os_memset(&config, 0, sizeof(config)); 2230 config.cb_ctx = hapd; 2231 config.tx = hostapd_dpp_relay_tx; 2232 config.gas_resp_tx = hostapd_dpp_relay_gas_resp_tx; 2233 for (ctrl = hapd->conf->dpp_controller; ctrl; ctrl = ctrl->next) { 2234 config.ipaddr = &ctrl->ipaddr; 2235 config.pkhash = ctrl->pkhash; 2236 if (dpp_relay_add_controller(hapd->iface->interfaces->dpp, 2237 &config) < 0) 2238 return -1; 2239 } 2240 #endif /* CONFIG_DPP2 */ 2241 2242 return 0; 2243 } 2244 2245 2246 int hostapd_dpp_init(struct hostapd_data *hapd) 2247 { 2248 hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE; 2249 hapd->dpp_init_done = 1; 2250 return hostapd_dpp_add_controllers(hapd); 2251 } 2252 2253 2254 void hostapd_dpp_deinit(struct hostapd_data *hapd) 2255 { 2256 #ifdef CONFIG_TESTING_OPTIONS 2257 os_free(hapd->dpp_config_obj_override); 2258 hapd->dpp_config_obj_override = NULL; 2259 os_free(hapd->dpp_discovery_override); 2260 hapd->dpp_discovery_override = NULL; 2261 os_free(hapd->dpp_groups_override); 2262 hapd->dpp_groups_override = NULL; 2263 hapd->dpp_ignore_netaccesskey_mismatch = 0; 2264 #endif /* CONFIG_TESTING_OPTIONS */ 2265 if (!hapd->dpp_init_done) 2266 return; 2267 eloop_cancel_timeout(hostapd_dpp_reply_wait_timeout, hapd, NULL); 2268 eloop_cancel_timeout(hostapd_dpp_auth_conf_wait_timeout, hapd, NULL); 2269 eloop_cancel_timeout(hostapd_dpp_init_timeout, hapd, NULL); 2270 eloop_cancel_timeout(hostapd_dpp_auth_resp_retry_timeout, hapd, NULL); 2271 #ifdef CONFIG_DPP2 2272 eloop_cancel_timeout(hostapd_dpp_reconfig_reply_wait_timeout, 2273 hapd, NULL); 2274 eloop_cancel_timeout(hostapd_dpp_config_result_wait_timeout, hapd, 2275 NULL); 2276 eloop_cancel_timeout(hostapd_dpp_conn_status_result_wait_timeout, hapd, 2277 NULL); 2278 hostapd_dpp_chirp_stop(hapd); 2279 #endif /* CONFIG_DPP2 */ 2280 dpp_auth_deinit(hapd->dpp_auth); 2281 hapd->dpp_auth = NULL; 2282 hostapd_dpp_pkex_remove(hapd, "*"); 2283 hapd->dpp_pkex = NULL; 2284 os_free(hapd->dpp_configurator_params); 2285 hapd->dpp_configurator_params = NULL; 2286 } 2287 2288 2289 #ifdef CONFIG_DPP2 2290 2291 int hostapd_dpp_controller_start(struct hostapd_data *hapd, const char *cmd) 2292 { 2293 struct dpp_controller_config config; 2294 const char *pos; 2295 2296 os_memset(&config, 0, sizeof(config)); 2297 config.allowed_roles = DPP_CAPAB_ENROLLEE | DPP_CAPAB_CONFIGURATOR; 2298 config.netrole = DPP_NETROLE_AP; 2299 config.msg_ctx = hapd->msg_ctx; 2300 config.cb_ctx = hapd; 2301 config.process_conf_obj = hostapd_dpp_process_conf_obj; 2302 if (cmd) { 2303 pos = os_strstr(cmd, " tcp_port="); 2304 if (pos) { 2305 pos += 10; 2306 config.tcp_port = atoi(pos); 2307 } 2308 2309 pos = os_strstr(cmd, " role="); 2310 if (pos) { 2311 pos += 6; 2312 if (os_strncmp(pos, "configurator", 12) == 0) 2313 config.allowed_roles = DPP_CAPAB_CONFIGURATOR; 2314 else if (os_strncmp(pos, "enrollee", 8) == 0) 2315 config.allowed_roles = DPP_CAPAB_ENROLLEE; 2316 else if (os_strncmp(pos, "either", 6) == 0) 2317 config.allowed_roles = DPP_CAPAB_CONFIGURATOR | 2318 DPP_CAPAB_ENROLLEE; 2319 else 2320 return -1; 2321 } 2322 2323 config.qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; 2324 } 2325 config.configurator_params = hapd->dpp_configurator_params; 2326 return dpp_controller_start(hapd->iface->interfaces->dpp, &config); 2327 } 2328 2329 2330 static void hostapd_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx); 2331 2332 static void hostapd_dpp_chirp_timeout(void *eloop_ctx, void *timeout_ctx) 2333 { 2334 struct hostapd_data *hapd = eloop_ctx; 2335 2336 wpa_printf(MSG_DEBUG, "DPP: No chirp response received"); 2337 hostapd_drv_send_action_cancel_wait(hapd); 2338 hostapd_dpp_chirp_next(hapd, NULL); 2339 } 2340 2341 2342 static void hostapd_dpp_chirp_start(struct hostapd_data *hapd) 2343 { 2344 struct wpabuf *msg; 2345 int type; 2346 2347 msg = hapd->dpp_presence_announcement; 2348 type = DPP_PA_PRESENCE_ANNOUNCEMENT; 2349 wpa_printf(MSG_DEBUG, "DPP: Chirp on %d MHz", hapd->dpp_chirp_freq); 2350 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 2351 " freq=%u type=%d", 2352 MAC2STR(broadcast), hapd->dpp_chirp_freq, type); 2353 if (hostapd_drv_send_action( 2354 hapd, hapd->dpp_chirp_freq, 2000, broadcast, 2355 wpabuf_head(msg), wpabuf_len(msg)) < 0 || 2356 eloop_register_timeout(2, 0, hostapd_dpp_chirp_timeout, 2357 hapd, NULL) < 0) 2358 hostapd_dpp_chirp_stop(hapd); 2359 } 2360 2361 2362 static struct hostapd_hw_modes * 2363 dpp_get_mode(struct hostapd_data *hapd, 2364 enum hostapd_hw_mode mode) 2365 { 2366 struct hostapd_hw_modes *modes = hapd->iface->hw_features; 2367 u16 num_modes = hapd->iface->num_hw_features; 2368 u16 i; 2369 2370 for (i = 0; i < num_modes; i++) { 2371 if (modes[i].mode != mode || 2372 !modes[i].num_channels || !modes[i].channels) 2373 continue; 2374 return &modes[i]; 2375 } 2376 2377 return NULL; 2378 } 2379 2380 2381 static void 2382 hostapd_dpp_chirp_scan_res_handler(struct hostapd_iface *iface) 2383 { 2384 struct hostapd_data *hapd = iface->bss[0]; 2385 struct wpa_scan_results *scan_res; 2386 struct dpp_bootstrap_info *bi = hapd->dpp_chirp_bi; 2387 unsigned int i; 2388 struct hostapd_hw_modes *mode; 2389 int c; 2390 2391 if (!bi) 2392 return; 2393 2394 hapd->dpp_chirp_scan_done = 1; 2395 2396 scan_res = hostapd_driver_get_scan_results(hapd); 2397 2398 os_free(hapd->dpp_chirp_freqs); 2399 hapd->dpp_chirp_freqs = NULL; 2400 2401 /* Channels from own bootstrapping info */ 2402 if (bi) { 2403 for (i = 0; i < bi->num_freq; i++) 2404 int_array_add_unique(&hapd->dpp_chirp_freqs, 2405 bi->freq[i]); 2406 } 2407 2408 /* Preferred chirping channels */ 2409 int_array_add_unique(&hapd->dpp_chirp_freqs, 2437); 2410 2411 mode = dpp_get_mode(hapd, HOSTAPD_MODE_IEEE80211A); 2412 if (mode) { 2413 int chan44 = 0, chan149 = 0; 2414 2415 for (c = 0; c < mode->num_channels; c++) { 2416 struct hostapd_channel_data *chan = &mode->channels[c]; 2417 2418 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 2419 HOSTAPD_CHAN_RADAR)) 2420 continue; 2421 if (chan->freq == 5220) 2422 chan44 = 1; 2423 if (chan->freq == 5745) 2424 chan149 = 1; 2425 } 2426 if (chan149) 2427 int_array_add_unique(&hapd->dpp_chirp_freqs, 5745); 2428 else if (chan44) 2429 int_array_add_unique(&hapd->dpp_chirp_freqs, 5220); 2430 } 2431 2432 mode = dpp_get_mode(hapd, HOSTAPD_MODE_IEEE80211AD); 2433 if (mode) { 2434 for (c = 0; c < mode->num_channels; c++) { 2435 struct hostapd_channel_data *chan = &mode->channels[c]; 2436 2437 if ((chan->flag & (HOSTAPD_CHAN_DISABLED | 2438 HOSTAPD_CHAN_RADAR)) || 2439 chan->freq != 60480) 2440 continue; 2441 int_array_add_unique(&hapd->dpp_chirp_freqs, 60480); 2442 break; 2443 } 2444 } 2445 2446 /* Add channels from scan results for APs that advertise Configurator 2447 * Connectivity element */ 2448 for (i = 0; scan_res && i < scan_res->num; i++) { 2449 struct wpa_scan_res *bss = scan_res->res[i]; 2450 size_t ie_len = bss->ie_len; 2451 2452 if (!ie_len) 2453 ie_len = bss->beacon_ie_len; 2454 if (get_vendor_ie((const u8 *) (bss + 1), ie_len, 2455 DPP_CC_IE_VENDOR_TYPE)) 2456 int_array_add_unique(&hapd->dpp_chirp_freqs, 2457 bss->freq); 2458 } 2459 2460 if (!hapd->dpp_chirp_freqs || 2461 eloop_register_timeout(0, 0, hostapd_dpp_chirp_next, 2462 hapd, NULL) < 0) 2463 hostapd_dpp_chirp_stop(hapd); 2464 2465 wpa_scan_results_free(scan_res); 2466 } 2467 2468 2469 static void hostapd_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx) 2470 { 2471 struct hostapd_data *hapd = eloop_ctx; 2472 int i; 2473 2474 if (hapd->dpp_chirp_listen) 2475 hostapd_dpp_listen_stop(hapd); 2476 2477 if (hapd->dpp_chirp_freq == 0) { 2478 if (hapd->dpp_chirp_round % 4 == 0 && 2479 !hapd->dpp_chirp_scan_done) { 2480 struct wpa_driver_scan_params params; 2481 int ret; 2482 2483 wpa_printf(MSG_DEBUG, 2484 "DPP: Update channel list for chirping"); 2485 os_memset(¶ms, 0, sizeof(params)); 2486 ret = hostapd_driver_scan(hapd, ¶ms); 2487 if (ret < 0) { 2488 wpa_printf(MSG_DEBUG, 2489 "DPP: Failed to request a scan ret=%d (%s)", 2490 ret, strerror(-ret)); 2491 hostapd_dpp_chirp_scan_res_handler(hapd->iface); 2492 } else { 2493 hapd->iface->scan_cb = 2494 hostapd_dpp_chirp_scan_res_handler; 2495 } 2496 return; 2497 } 2498 hapd->dpp_chirp_freq = hapd->dpp_chirp_freqs[0]; 2499 hapd->dpp_chirp_round++; 2500 wpa_printf(MSG_DEBUG, "DPP: Start chirping round %d", 2501 hapd->dpp_chirp_round); 2502 } else { 2503 for (i = 0; hapd->dpp_chirp_freqs[i]; i++) 2504 if (hapd->dpp_chirp_freqs[i] == hapd->dpp_chirp_freq) 2505 break; 2506 if (!hapd->dpp_chirp_freqs[i]) { 2507 wpa_printf(MSG_DEBUG, 2508 "DPP: Previous chirp freq %d not found", 2509 hapd->dpp_chirp_freq); 2510 return; 2511 } 2512 i++; 2513 if (hapd->dpp_chirp_freqs[i]) { 2514 hapd->dpp_chirp_freq = hapd->dpp_chirp_freqs[i]; 2515 } else { 2516 hapd->dpp_chirp_iter--; 2517 if (hapd->dpp_chirp_iter <= 0) { 2518 wpa_printf(MSG_DEBUG, 2519 "DPP: Chirping iterations completed"); 2520 hostapd_dpp_chirp_stop(hapd); 2521 return; 2522 } 2523 hapd->dpp_chirp_freq = 0; 2524 hapd->dpp_chirp_scan_done = 0; 2525 if (eloop_register_timeout(30, 0, 2526 hostapd_dpp_chirp_next, 2527 hapd, NULL) < 0) { 2528 hostapd_dpp_chirp_stop(hapd); 2529 return; 2530 } 2531 if (hapd->dpp_chirp_listen) { 2532 wpa_printf(MSG_DEBUG, 2533 "DPP: Listen on %d MHz during chirp 30 second wait", 2534 hapd->dpp_chirp_listen); 2535 /* TODO: start listen on the channel */ 2536 } else { 2537 wpa_printf(MSG_DEBUG, 2538 "DPP: Wait 30 seconds before starting the next chirping round"); 2539 } 2540 return; 2541 } 2542 } 2543 2544 hostapd_dpp_chirp_start(hapd); 2545 } 2546 2547 2548 int hostapd_dpp_chirp(struct hostapd_data *hapd, const char *cmd) 2549 { 2550 const char *pos; 2551 int iter = 1, listen_freq = 0; 2552 struct dpp_bootstrap_info *bi; 2553 2554 pos = os_strstr(cmd, " own="); 2555 if (!pos) 2556 return -1; 2557 pos += 5; 2558 bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos)); 2559 if (!bi) { 2560 wpa_printf(MSG_DEBUG, 2561 "DPP: Identified bootstrap info not found"); 2562 return -1; 2563 } 2564 2565 pos = os_strstr(cmd, " iter="); 2566 if (pos) { 2567 iter = atoi(pos + 6); 2568 if (iter <= 0) 2569 return -1; 2570 } 2571 2572 pos = os_strstr(cmd, " listen="); 2573 if (pos) { 2574 listen_freq = atoi(pos + 8); 2575 if (listen_freq <= 0) 2576 return -1; 2577 } 2578 2579 hostapd_dpp_chirp_stop(hapd); 2580 hapd->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; 2581 hapd->dpp_qr_mutual = 0; 2582 hapd->dpp_chirp_bi = bi; 2583 hapd->dpp_presence_announcement = dpp_build_presence_announcement(bi); 2584 if (!hapd->dpp_presence_announcement) 2585 return -1; 2586 hapd->dpp_chirp_iter = iter; 2587 hapd->dpp_chirp_round = 0; 2588 hapd->dpp_chirp_scan_done = 0; 2589 hapd->dpp_chirp_listen = listen_freq; 2590 2591 return eloop_register_timeout(0, 0, hostapd_dpp_chirp_next, hapd, NULL); 2592 } 2593 2594 2595 void hostapd_dpp_chirp_stop(struct hostapd_data *hapd) 2596 { 2597 if (hapd->dpp_presence_announcement) { 2598 hostapd_drv_send_action_cancel_wait(hapd); 2599 wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CHIRP_STOPPED); 2600 } 2601 hapd->dpp_chirp_bi = NULL; 2602 wpabuf_free(hapd->dpp_presence_announcement); 2603 hapd->dpp_presence_announcement = NULL; 2604 if (hapd->dpp_chirp_listen) 2605 hostapd_dpp_listen_stop(hapd); 2606 hapd->dpp_chirp_listen = 0; 2607 hapd->dpp_chirp_freq = 0; 2608 os_free(hapd->dpp_chirp_freqs); 2609 hapd->dpp_chirp_freqs = NULL; 2610 eloop_cancel_timeout(hostapd_dpp_chirp_next, hapd, NULL); 2611 eloop_cancel_timeout(hostapd_dpp_chirp_timeout, hapd, NULL); 2612 if (hapd->iface->scan_cb == hostapd_dpp_chirp_scan_res_handler) { 2613 /* TODO: abort ongoing scan */ 2614 hapd->iface->scan_cb = NULL; 2615 } 2616 } 2617 2618 2619 static int handle_dpp_remove_bi(struct hostapd_iface *iface, void *ctx) 2620 { 2621 struct dpp_bootstrap_info *bi = ctx; 2622 size_t i; 2623 2624 for (i = 0; i < iface->num_bss; i++) { 2625 struct hostapd_data *hapd = iface->bss[i]; 2626 2627 if (bi == hapd->dpp_chirp_bi) 2628 hostapd_dpp_chirp_stop(hapd); 2629 } 2630 2631 return 0; 2632 } 2633 2634 2635 void hostapd_dpp_remove_bi(void *ctx, struct dpp_bootstrap_info *bi) 2636 { 2637 struct hapd_interfaces *interfaces = ctx; 2638 2639 hostapd_for_each_interface(interfaces, handle_dpp_remove_bi, bi); 2640 } 2641 2642 #endif /* CONFIG_DPP2 */ 2643