1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 as 8 * published by the Free Software Foundation. 9 * 10 * Alternatively, this software may be distributed under the terms of BSD 11 * license. 12 * 13 * See README and COPYING for more details. 14 */ 15 16 #include "utils/includes.h" 17 18 #include "utils/common.h" 19 #include "common/ieee802_11_defs.h" 20 #include "ap/hostapd.h" 21 #include "ap/ap_config.h" 22 #ifdef NEED_AP_MLME 23 #include "ap/ieee802_11.h" 24 #endif /* NEED_AP_MLME */ 25 #include "ap/ieee802_1x.h" 26 #include "ap/wps_hostapd.h" 27 #include "ap/ctrl_iface_ap.h" 28 #include "eap_common/eap_defs.h" 29 #include "eap_server/eap_methods.h" 30 #include "eap_common/eap_wsc_common.h" 31 #include "wps/wps.h" 32 #include "config_ssid.h" 33 #include "config.h" 34 #include "wpa_supplicant_i.h" 35 #include "driver_i.h" 36 #include "ap.h" 37 38 39 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 40 struct wpa_ssid *ssid, 41 struct hostapd_config *conf) 42 { 43 struct hostapd_bss_config *bss = &conf->bss[0]; 44 int pairwise; 45 46 conf->driver = wpa_s->driver; 47 48 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 49 50 if (ssid->frequency == 0) { 51 /* default channel 11 */ 52 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 53 conf->channel = 11; 54 } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) { 55 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 56 conf->channel = (ssid->frequency - 2407) / 5; 57 } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) || 58 (ssid->frequency >= 5745 && ssid->frequency <= 5825)) { 59 conf->hw_mode = HOSTAPD_MODE_IEEE80211A; 60 conf->channel = (ssid->frequency - 5000) / 5; 61 } else { 62 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 63 ssid->frequency); 64 return -1; 65 } 66 67 /* TODO: enable HT if driver supports it; 68 * drop to 11b if driver does not support 11g */ 69 70 if (ssid->ssid_len == 0) { 71 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 72 return -1; 73 } 74 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 75 bss->ssid.ssid[ssid->ssid_len] = '\0'; 76 bss->ssid.ssid_len = ssid->ssid_len; 77 bss->ssid.ssid_set = 1; 78 79 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 80 bss->wpa = ssid->proto; 81 bss->wpa_key_mgmt = ssid->key_mgmt; 82 bss->wpa_pairwise = ssid->pairwise_cipher; 83 if (ssid->passphrase) { 84 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 85 } else if (ssid->psk_set) { 86 os_free(bss->ssid.wpa_psk); 87 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 88 if (bss->ssid.wpa_psk == NULL) 89 return -1; 90 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 91 bss->ssid.wpa_psk->group = 1; 92 } 93 94 /* Select group cipher based on the enabled pairwise cipher suites */ 95 pairwise = 0; 96 if (bss->wpa & 1) 97 pairwise |= bss->wpa_pairwise; 98 if (bss->wpa & 2) { 99 if (bss->rsn_pairwise == 0) 100 bss->rsn_pairwise = bss->wpa_pairwise; 101 pairwise |= bss->rsn_pairwise; 102 } 103 if (pairwise & WPA_CIPHER_TKIP) 104 bss->wpa_group = WPA_CIPHER_TKIP; 105 else 106 bss->wpa_group = WPA_CIPHER_CCMP; 107 108 if (bss->wpa && bss->ieee802_1x) 109 bss->ssid.security_policy = SECURITY_WPA; 110 else if (bss->wpa) 111 bss->ssid.security_policy = SECURITY_WPA_PSK; 112 else if (bss->ieee802_1x) { 113 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 114 bss->ssid.wep.default_len = bss->default_wep_key_len; 115 } else if (bss->ssid.wep.keys_set) 116 bss->ssid.security_policy = SECURITY_STATIC_WEP; 117 else 118 bss->ssid.security_policy = SECURITY_PLAINTEXT; 119 120 #ifdef CONFIG_WPS 121 /* 122 * Enable WPS by default, but require user interaction to actually use 123 * it. Only the internal Registrar is supported. 124 */ 125 bss->eap_server = 1; 126 bss->wps_state = 2; 127 bss->ap_setup_locked = 1; 128 if (wpa_s->conf->config_methods) 129 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 130 if (wpa_s->conf->device_type) 131 bss->device_type = os_strdup(wpa_s->conf->device_type); 132 #endif /* CONFIG_WPS */ 133 134 return 0; 135 } 136 137 138 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 139 { 140 } 141 142 143 static int ap_probe_req_rx(void *ctx, const u8 *addr, const u8 *ie, 144 size_t ie_len) 145 { 146 return 0; 147 } 148 149 150 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 151 const u8 *uuid_e) 152 { 153 } 154 155 156 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 157 struct wpa_ssid *ssid) 158 { 159 struct wpa_driver_associate_params params; 160 struct hostapd_iface *hapd_iface; 161 struct hostapd_config *conf; 162 size_t i; 163 164 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 165 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 166 return -1; 167 } 168 169 wpa_supplicant_ap_deinit(wpa_s); 170 171 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 172 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 173 174 os_memset(¶ms, 0, sizeof(params)); 175 params.ssid = ssid->ssid; 176 params.ssid_len = ssid->ssid_len; 177 switch (ssid->mode) { 178 case WPAS_MODE_INFRA: 179 params.mode = IEEE80211_MODE_INFRA; 180 break; 181 case WPAS_MODE_IBSS: 182 params.mode = IEEE80211_MODE_IBSS; 183 break; 184 case WPAS_MODE_AP: 185 params.mode = IEEE80211_MODE_AP; 186 break; 187 } 188 params.freq = ssid->frequency; 189 190 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 191 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 192 else 193 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 194 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 195 196 if (ssid->pairwise_cipher & WPA_CIPHER_CCMP) 197 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 198 else if (ssid->pairwise_cipher & WPA_CIPHER_TKIP) 199 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 200 else if (ssid->pairwise_cipher & WPA_CIPHER_NONE) 201 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 202 else { 203 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 204 "cipher."); 205 return -1; 206 } 207 params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher); 208 params.group_suite = params.pairwise_suite; 209 210 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 211 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 212 return -1; 213 } 214 215 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 216 if (hapd_iface == NULL) 217 return -1; 218 hapd_iface->owner = wpa_s; 219 220 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 221 if (conf == NULL) { 222 wpa_supplicant_ap_deinit(wpa_s); 223 return -1; 224 } 225 226 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 227 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 228 wpa_supplicant_ap_deinit(wpa_s); 229 return -1; 230 } 231 232 hapd_iface->num_bss = conf->num_bss; 233 hapd_iface->bss = os_zalloc(conf->num_bss * 234 sizeof(struct hostapd_data *)); 235 if (hapd_iface->bss == NULL) { 236 wpa_supplicant_ap_deinit(wpa_s); 237 return -1; 238 } 239 240 for (i = 0; i < conf->num_bss; i++) { 241 hapd_iface->bss[i] = 242 hostapd_alloc_bss_data(hapd_iface, conf, 243 &conf->bss[i]); 244 if (hapd_iface->bss[i] == NULL) { 245 wpa_supplicant_ap_deinit(wpa_s); 246 return -1; 247 } 248 249 hapd_iface->bss[i]->msg_ctx = wpa_s; 250 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 251 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 252 hostapd_register_probereq_cb(hapd_iface->bss[i], 253 ap_probe_req_rx, wpa_s); 254 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 255 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 256 } 257 258 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 259 hapd_iface->bss[0]->driver = wpa_s->driver; 260 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 261 262 if (hostapd_setup_interface(wpa_s->ap_iface)) { 263 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 264 wpa_supplicant_ap_deinit(wpa_s); 265 return -1; 266 } 267 268 wpa_s->current_ssid = ssid; 269 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 270 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 271 272 if (wpa_s->ap_configured_cb) 273 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 274 wpa_s->ap_configured_cb_data); 275 276 return 0; 277 } 278 279 280 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 281 { 282 if (wpa_s->ap_iface == NULL) 283 return; 284 285 wpa_s->current_ssid = NULL; 286 hostapd_interface_deinit(wpa_s->ap_iface); 287 hostapd_interface_free(wpa_s->ap_iface); 288 wpa_s->ap_iface = NULL; 289 wpa_drv_deinit_ap(wpa_s); 290 } 291 292 293 void ap_tx_status(void *ctx, const u8 *addr, 294 const u8 *buf, size_t len, int ack) 295 { 296 #ifdef NEED_AP_MLME 297 struct wpa_supplicant *wpa_s = ctx; 298 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 299 #endif /* NEED_AP_MLME */ 300 } 301 302 303 void ap_rx_from_unknown_sta(void *ctx, const u8 *frame, size_t len) 304 { 305 #ifdef NEED_AP_MLME 306 struct wpa_supplicant *wpa_s = ctx; 307 const struct ieee80211_hdr *hdr = 308 (const struct ieee80211_hdr *) frame; 309 u16 fc = le_to_host16(hdr->frame_control); 310 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], hdr->addr2, 311 (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) == 312 (WLAN_FC_TODS | WLAN_FC_FROMDS)); 313 #endif /* NEED_AP_MLME */ 314 } 315 316 317 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 318 { 319 #ifdef NEED_AP_MLME 320 struct wpa_supplicant *wpa_s = ctx; 321 struct hostapd_frame_info fi; 322 os_memset(&fi, 0, sizeof(fi)); 323 fi.datarate = rx_mgmt->datarate; 324 fi.ssi_signal = rx_mgmt->ssi_signal; 325 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 326 rx_mgmt->frame_len, &fi); 327 #endif /* NEED_AP_MLME */ 328 } 329 330 331 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 332 { 333 #ifdef NEED_AP_MLME 334 struct wpa_supplicant *wpa_s = ctx; 335 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 336 #endif /* NEED_AP_MLME */ 337 } 338 339 340 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 341 const u8 *src_addr, const u8 *buf, size_t len) 342 { 343 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 344 } 345 346 347 #ifdef CONFIG_WPS 348 349 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid) 350 { 351 if (!wpa_s->ap_iface) 352 return -1; 353 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0]); 354 } 355 356 357 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 358 const char *pin, char *buf, size_t buflen) 359 { 360 int ret, ret_len = 0; 361 362 if (!wpa_s->ap_iface) 363 return -1; 364 365 if (pin == NULL) { 366 unsigned int rpin = wps_generate_pin(); 367 ret_len = os_snprintf(buf, buflen, "%d", rpin); 368 pin = buf; 369 } 370 371 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], "any", pin, 0); 372 if (ret) 373 return -1; 374 return ret_len; 375 } 376 377 #endif /* CONFIG_WPS */ 378 379 380 #ifdef CONFIG_CTRL_IFACE 381 382 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 383 char *buf, size_t buflen) 384 { 385 if (wpa_s->ap_iface == NULL) 386 return -1; 387 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 388 buf, buflen); 389 } 390 391 392 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 393 char *buf, size_t buflen) 394 { 395 if (wpa_s->ap_iface == NULL) 396 return -1; 397 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 398 buf, buflen); 399 } 400 401 402 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 403 char *buf, size_t buflen) 404 { 405 if (wpa_s->ap_iface == NULL) 406 return -1; 407 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 408 buf, buflen); 409 } 410 411 412 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 413 size_t buflen, int verbose) 414 { 415 char *pos = buf, *end = buf + buflen; 416 int ret; 417 struct hostapd_bss_config *conf; 418 419 if (wpa_s->ap_iface == NULL) 420 return -1; 421 422 conf = wpa_s->ap_iface->bss[0]->conf; 423 if (conf->wpa == 0) 424 return 0; 425 426 ret = os_snprintf(pos, end - pos, 427 "pairwise_cipher=%s\n" 428 "group_cipher=%s\n" 429 "key_mgmt=%s\n", 430 wpa_cipher_txt(conf->rsn_pairwise), 431 wpa_cipher_txt(conf->wpa_group), 432 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 433 conf->wpa)); 434 if (ret < 0 || ret >= end - pos) 435 return pos - buf; 436 pos += ret; 437 return pos - buf; 438 } 439 440 #endif /* CONFIG_CTRL_IFACE */ 441 442 443 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 444 const u8 *addr) 445 { 446 struct hostapd_data *hapd; 447 struct hostapd_bss_config *conf; 448 449 if (!wpa_s->ap_iface) 450 return -1; 451 452 if (addr) 453 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 454 MAC2STR(addr)); 455 else 456 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 457 458 hapd = wpa_s->ap_iface->bss[0]; 459 conf = hapd->conf; 460 461 os_free(conf->accept_mac); 462 conf->accept_mac = NULL; 463 conf->num_accept_mac = 0; 464 os_free(conf->deny_mac); 465 conf->deny_mac = NULL; 466 conf->num_deny_mac = 0; 467 468 if (addr == NULL) { 469 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 470 return 0; 471 } 472 473 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 474 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 475 if (conf->accept_mac == NULL) 476 return -1; 477 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 478 conf->num_accept_mac = 1; 479 480 return 0; 481 } 482