1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/uuid.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/wpa_ctrl.h" 17 #include "eapol_supp/eapol_supp_sm.h" 18 #include "crypto/dh_group5.h" 19 #include "ap/hostapd.h" 20 #include "ap/ap_config.h" 21 #include "ap/ap_drv_ops.h" 22 #ifdef NEED_AP_MLME 23 #include "ap/ieee802_11.h" 24 #endif /* NEED_AP_MLME */ 25 #include "ap/beacon.h" 26 #include "ap/ieee802_1x.h" 27 #include "ap/wps_hostapd.h" 28 #include "ap/ctrl_iface_ap.h" 29 #include "ap/dfs.h" 30 #include "wps/wps.h" 31 #include "common/ieee802_11_defs.h" 32 #include "config_ssid.h" 33 #include "config.h" 34 #include "wpa_supplicant_i.h" 35 #include "driver_i.h" 36 #include "p2p_supplicant.h" 37 #include "ap.h" 38 #include "ap/sta_info.h" 39 #include "notify.h" 40 41 42 #ifdef CONFIG_WPS 43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 44 #endif /* CONFIG_WPS */ 45 46 47 #ifdef CONFIG_P2P 48 static bool is_chanwidth160_supported(struct hostapd_hw_modes *mode, 49 struct hostapd_config *conf) 50 { 51 #ifdef CONFIG_IEEE80211AX 52 if (conf->ieee80211ax) { 53 struct he_capabilities *he_cap; 54 55 he_cap = &mode->he_capab[IEEE80211_MODE_AP]; 56 if (he_cap->phy_cap[HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & 57 (HE_PHYCAP_CHANNEL_WIDTH_SET_80PLUS80MHZ_IN_5G | 58 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G)) 59 return true; 60 } 61 #endif /* CONFIG_IEEE80211AX */ 62 if (mode->vht_capab & (VHT_CAP_SUPP_CHAN_WIDTH_160MHZ | 63 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ)) 64 return true; 65 return false; 66 } 67 #endif /* CONFIG_P2P */ 68 69 70 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, 71 struct wpa_ssid *ssid, 72 struct hostapd_config *conf, 73 struct hostapd_hw_modes *mode) 74 { 75 #ifdef CONFIG_P2P 76 u8 center_chan = 0; 77 u8 channel = conf->channel; 78 #endif /* CONFIG_P2P */ 79 u8 freq_seg_idx; 80 81 if (!conf->secondary_channel) 82 goto no_vht; 83 84 /* Use the maximum oper channel width if it's given. */ 85 if (ssid->max_oper_chwidth) 86 hostapd_set_oper_chwidth(conf, ssid->max_oper_chwidth); 87 if (hostapd_get_oper_chwidth(conf)) 88 ieee80211_freq_to_channel_ext(ssid->frequency, 0, 89 hostapd_get_oper_chwidth(conf), 90 &conf->op_class, 91 &conf->channel); 92 93 if (hostapd_get_oper_chwidth(conf) == CONF_OPER_CHWIDTH_80P80MHZ) { 94 ieee80211_freq_to_chan(ssid->vht_center_freq2, 95 &freq_seg_idx); 96 hostapd_set_oper_centr_freq_seg1_idx(conf, freq_seg_idx); 97 } 98 99 if (!ssid->p2p_group) { 100 if (!ssid->vht_center_freq1) 101 goto no_vht; 102 ieee80211_freq_to_chan(ssid->vht_center_freq1, 103 &freq_seg_idx); 104 hostapd_set_oper_centr_freq_seg0_idx(conf, freq_seg_idx); 105 106 wpa_printf(MSG_DEBUG, 107 "VHT seg0 index %d and seg1 index %d for AP", 108 hostapd_get_oper_centr_freq_seg0_idx(conf), 109 hostapd_get_oper_centr_freq_seg1_idx(conf)); 110 return; 111 } 112 113 #ifdef CONFIG_P2P 114 switch (hostapd_get_oper_chwidth(conf)) { 115 case CONF_OPER_CHWIDTH_80MHZ: 116 case CONF_OPER_CHWIDTH_80P80MHZ: 117 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel, 118 conf->op_class); 119 wpa_printf(MSG_DEBUG, 120 "VHT center channel %u for 80 or 80+80 MHz bandwidth", 121 center_chan); 122 break; 123 case CONF_OPER_CHWIDTH_160MHZ: 124 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel, 125 conf->op_class); 126 wpa_printf(MSG_DEBUG, 127 "VHT center channel %u for 160 MHz bandwidth", 128 center_chan); 129 break; 130 default: 131 /* 132 * conf->vht_oper_chwidth might not be set for non-P2P GO cases, 133 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is 134 * not supported. 135 */ 136 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_160MHZ); 137 ieee80211_freq_to_channel_ext(ssid->frequency, 0, 138 conf->vht_oper_chwidth, 139 &conf->op_class, 140 &conf->channel); 141 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel, 142 conf->op_class); 143 if (center_chan && is_chanwidth160_supported(mode, conf)) { 144 wpa_printf(MSG_DEBUG, 145 "VHT center channel %u for auto-selected 160 MHz bandwidth", 146 center_chan); 147 } else { 148 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_80MHZ); 149 ieee80211_freq_to_channel_ext(ssid->frequency, 0, 150 conf->vht_oper_chwidth, 151 &conf->op_class, 152 &conf->channel); 153 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, 154 channel, 155 conf->op_class); 156 wpa_printf(MSG_DEBUG, 157 "VHT center channel %u for auto-selected 80 MHz bandwidth", 158 center_chan); 159 } 160 break; 161 } 162 if (!center_chan) 163 goto no_vht; 164 165 hostapd_set_oper_centr_freq_seg0_idx(conf, center_chan); 166 wpa_printf(MSG_DEBUG, "VHT seg0 index %d for P2P GO", 167 hostapd_get_oper_centr_freq_seg0_idx(conf)); 168 return; 169 #endif /* CONFIG_P2P */ 170 171 no_vht: 172 wpa_printf(MSG_DEBUG, 173 "No VHT higher bandwidth support for the selected channel %d", 174 conf->channel); 175 hostapd_set_oper_centr_freq_seg0_idx( 176 conf, conf->channel + conf->secondary_channel * 2); 177 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_USE_HT); 178 ieee80211_freq_to_channel_ext(ssid->frequency, 0, 179 conf->vht_oper_chwidth, 180 &conf->op_class, &conf->channel); 181 } 182 183 184 static struct hostapd_hw_modes * 185 wpa_supplicant_find_hw_mode(struct wpa_supplicant *wpa_s, 186 enum hostapd_hw_mode hw_mode) 187 { 188 struct hostapd_hw_modes *mode = NULL; 189 int i; 190 191 for (i = 0; i < wpa_s->hw.num_modes; i++) { 192 if (wpa_s->hw.modes[i].mode == hw_mode) { 193 mode = &wpa_s->hw.modes[i]; 194 break; 195 } 196 } 197 198 return mode; 199 } 200 201 202 #ifdef CONFIG_P2P 203 204 static int get_max_oper_chwidth_6ghz(int chwidth) 205 { 206 switch (chwidth) { 207 case CONF_OPER_CHWIDTH_USE_HT: 208 return 20; 209 case CONF_OPER_CHWIDTH_40MHZ_6GHZ: 210 return 40; 211 case CONF_OPER_CHWIDTH_80MHZ: 212 return 80; 213 case CONF_OPER_CHWIDTH_80P80MHZ: 214 case CONF_OPER_CHWIDTH_160MHZ: 215 return 160; 216 default: 217 return 0; 218 } 219 } 220 221 222 static void wpas_conf_ap_he_6ghz(struct wpa_supplicant *wpa_s, 223 struct hostapd_hw_modes *mode, 224 struct wpa_ssid *ssid, 225 struct hostapd_config *conf) 226 { 227 bool is_chanwidth_40_80, is_chanwidth_160; 228 int he_chanwidth; 229 230 he_chanwidth = 231 mode->he_capab[wpas_mode_to_ieee80211_mode( 232 ssid->mode)].phy_cap[HE_PHYCAP_CHANNEL_WIDTH_SET_IDX]; 233 is_chanwidth_40_80 = he_chanwidth & 234 HE_PHYCAP_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G; 235 is_chanwidth_160 = he_chanwidth & 236 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G; 237 238 wpa_printf(MSG_DEBUG, 239 "Enable HE support (p2p_group=%d he_chwidth_cap=%d)", 240 ssid->p2p_group, he_chanwidth); 241 242 if (mode->he_capab[wpas_mode_to_ieee80211_mode( 243 ssid->mode)].he_supported && 244 ssid->he) 245 conf->ieee80211ax = 1; 246 247 if (is_chanwidth_40_80 && ssid->p2p_group && 248 get_max_oper_chwidth_6ghz(ssid->max_oper_chwidth) >= 40) { 249 conf->secondary_channel = 250 wpas_p2p_get_sec_channel_offset_40mhz( 251 wpa_s, mode, conf->channel); 252 wpa_printf(MSG_DEBUG, 253 "Secondary channel offset %d for P2P group", 254 conf->secondary_channel); 255 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_40MHZ_6GHZ) 256 ssid->max_oper_chwidth = CONF_OPER_CHWIDTH_USE_HT; 257 } 258 259 if ((is_chanwidth_40_80 || is_chanwidth_160) && ssid->p2p_group && 260 get_max_oper_chwidth_6ghz(ssid->max_oper_chwidth) >= 80) 261 wpas_conf_ap_vht(wpa_s, ssid, conf, mode); 262 } 263 264 #endif /* CONFIG_P2P */ 265 266 267 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, 268 struct wpa_ssid *ssid, 269 struct hostapd_config *conf) 270 { 271 conf->hw_mode = ieee80211_freq_to_channel_ext(ssid->frequency, 0, 272 CONF_OPER_CHWIDTH_USE_HT, 273 &conf->op_class, 274 &conf->channel); 275 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 276 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 277 ssid->frequency); 278 return -1; 279 } 280 281 /* 282 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 283 * and a mask of allowed capabilities within conf->ht_capab. 284 * Using default config settings for: conf->ht_op_mode_fixed, 285 * conf->secondary_channel, conf->require_ht 286 */ 287 if (wpa_s->hw.modes) { 288 struct hostapd_hw_modes *mode = NULL; 289 int no_ht = 0; 290 291 wpa_printf(MSG_DEBUG, 292 "Determining HT/VHT options based on driver capabilities (freq=%u chan=%u)", 293 ssid->frequency, conf->channel); 294 295 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, 296 conf->hw_mode, is_6ghz_freq(ssid->frequency)); 297 298 /* May drop to IEEE 802.11b if the driver does not support IEEE 299 * 802.11g */ 300 if (!mode && conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { 301 conf->hw_mode = HOSTAPD_MODE_IEEE80211B; 302 wpa_printf(MSG_INFO, 303 "Try downgrade to IEEE 802.11b as 802.11g is not supported by the current hardware"); 304 mode = wpa_supplicant_find_hw_mode(wpa_s, 305 conf->hw_mode); 306 } 307 308 if (!mode) { 309 wpa_printf(MSG_ERROR, 310 "No match between requested and supported hw modes found"); 311 return -1; 312 } 313 314 #ifdef CONFIG_HT_OVERRIDES 315 if (ssid->disable_ht) 316 ssid->ht = 0; 317 if (ssid->disable_ht40) 318 ssid->ht40 = 0; 319 #endif /* CONFIG_HT_OVERRIDES */ 320 321 #ifdef CONFIG_VHT_OVERRIDES 322 if (ssid->disable_vht) 323 ssid->vht = 0; 324 #endif /* CONFIG_VHT_OVERRIDES */ 325 326 #ifdef CONFIG_HE_OVERRIDES 327 if (ssid->disable_he) 328 ssid->he = 0; 329 #endif /* CONFIG_HE_OVERRIDES */ 330 331 if (!ssid->ht) { 332 wpa_printf(MSG_DEBUG, 333 "HT not enabled in network profile"); 334 conf->ieee80211n = 0; 335 conf->ht_capab = 0; 336 no_ht = 1; 337 } 338 339 if (mode && is_6ghz_freq(ssid->frequency) && 340 conf->hw_mode == HOSTAPD_MODE_IEEE80211A) { 341 if (mode->eht_capab[wpas_mode_to_ieee80211_mode( 342 ssid->mode)].eht_supported && 343 ssid->eht) 344 conf->ieee80211be = 1; 345 346 if (mode->he_capab[wpas_mode_to_ieee80211_mode( 347 ssid->mode)].he_supported && 348 ssid->he) 349 conf->ieee80211ax = 1; 350 351 #ifdef CONFIG_P2P 352 wpas_conf_ap_he_6ghz(wpa_s, mode, ssid, conf); 353 #endif /* CONFIG_P2P */ 354 } else if (!no_ht && mode && mode->ht_capab) { 355 wpa_printf(MSG_DEBUG, 356 "Enable HT support (p2p_group=%d 11a=%d ht40_hw_capab=%d ssid->ht40=%d)", 357 ssid->p2p_group, 358 conf->hw_mode == HOSTAPD_MODE_IEEE80211A, 359 !!(mode->ht_capab & 360 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET), 361 ssid->ht40); 362 conf->ieee80211n = 1; 363 364 if (ssid->ht40 && 365 (mode->ht_capab & 366 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) 367 conf->secondary_channel = ssid->ht40; 368 else 369 conf->secondary_channel = 0; 370 371 #ifdef CONFIG_P2P 372 if (ssid->p2p_group && 373 conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 374 (mode->ht_capab & 375 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 376 ssid->ht40) { 377 conf->secondary_channel = 378 wpas_p2p_get_sec_channel_offset_40mhz( 379 wpa_s, mode, conf->channel); 380 wpa_printf(MSG_DEBUG, 381 "HT secondary channel offset %d for P2P group", 382 conf->secondary_channel); 383 } else if (ssid->p2p_group && conf->secondary_channel && 384 conf->hw_mode != HOSTAPD_MODE_IEEE80211A) { 385 /* This ended up trying to configure invalid 386 * 2.4 GHz channels (e.g., HT40+ on channel 11) 387 * in some cases, so clear the secondary channel 388 * configuration now to avoid such cases that 389 * would lead to group formation failures. */ 390 wpa_printf(MSG_DEBUG, 391 "Disable HT secondary channel for P2P group on 2.4 GHz"); 392 conf->secondary_channel = 0; 393 } 394 #endif /* CONFIG_P2P */ 395 396 if (!ssid->p2p_group && 397 (mode->ht_capab & 398 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { 399 conf->secondary_channel = ssid->ht40; 400 wpa_printf(MSG_DEBUG, 401 "HT secondary channel offset %d for AP", 402 conf->secondary_channel); 403 } 404 405 if (conf->secondary_channel) 406 conf->ht_capab |= 407 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 408 409 /* 410 * include capabilities that won't cause issues 411 * to connecting stations, while leaving the current 412 * capabilities intact (currently disabled SMPS). 413 */ 414 conf->ht_capab |= mode->ht_capab & 415 (HT_CAP_INFO_GREEN_FIELD | 416 HT_CAP_INFO_SHORT_GI20MHZ | 417 HT_CAP_INFO_SHORT_GI40MHZ | 418 HT_CAP_INFO_RX_STBC_MASK | 419 HT_CAP_INFO_TX_STBC | 420 HT_CAP_INFO_MAX_AMSDU_SIZE); 421 422 /* check this before VHT, because setting oper chan 423 * width and friends is the same call for HE and VHT 424 * and checks if conf->ieee8021ax == 1 */ 425 if (mode->eht_capab[wpas_mode_to_ieee80211_mode( 426 ssid->mode)].eht_supported && 427 ssid->eht) 428 conf->ieee80211be = 1; 429 430 if (mode->he_capab[wpas_mode_to_ieee80211_mode( 431 ssid->mode)].he_supported && 432 ssid->he) 433 conf->ieee80211ax = 1; 434 435 if (mode->vht_capab && ssid->vht) { 436 conf->ieee80211ac = 1; 437 conf->vht_capab |= mode->vht_capab; 438 wpas_conf_ap_vht(wpa_s, ssid, conf, mode); 439 } 440 } 441 } 442 443 #ifdef CONFIG_P2P 444 if (ssid->p2p_group && wpa_s->p2p_go_no_pri_sec_switch) { 445 conf->no_pri_sec_switch = 1; 446 return 0; 447 } 448 #endif /* CONFIG_P2P */ 449 450 if (conf->secondary_channel) { 451 struct wpa_supplicant *iface; 452 453 for (iface = wpa_s->global->ifaces; iface; iface = iface->next) 454 { 455 if (iface == wpa_s || 456 iface->wpa_state < WPA_AUTHENTICATING || 457 (int) iface->assoc_freq != ssid->frequency) 458 continue; 459 460 /* 461 * Do not allow 40 MHz co-ex PRI/SEC switch to force us 462 * to change our PRI channel since we have an existing, 463 * concurrent connection on that channel and doing 464 * multi-channel concurrency is likely to cause more 465 * harm than using different PRI/SEC selection in 466 * environment with multiple BSSes on these two channels 467 * with mixed 20 MHz or PRI channel selection. 468 */ 469 conf->no_pri_sec_switch = 1; 470 } 471 } 472 473 return 0; 474 } 475 476 477 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 478 struct wpa_ssid *ssid, 479 struct hostapd_config *conf) 480 { 481 struct hostapd_bss_config *bss = conf->bss[0]; 482 483 conf->driver = wpa_s->driver; 484 485 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 486 487 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf)) 488 return -1; 489 490 if (ssid->pbss > 1) { 491 wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode", 492 ssid->pbss); 493 return -1; 494 } 495 bss->pbss = ssid->pbss; 496 497 #ifdef CONFIG_ACS 498 if (ssid->acs) { 499 /* Setting channel to 0 in order to enable ACS */ 500 conf->channel = 0; 501 wpa_printf(MSG_DEBUG, "Use automatic channel selection"); 502 } 503 #endif /* CONFIG_ACS */ 504 505 if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes, 506 wpa_s->hw.num_modes) && wpa_s->conf->country[0]) { 507 conf->ieee80211h = 1; 508 conf->ieee80211d = 1; 509 conf->country[0] = wpa_s->conf->country[0]; 510 conf->country[1] = wpa_s->conf->country[1]; 511 conf->country[2] = ' '; 512 } 513 514 #ifdef CONFIG_P2P 515 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 516 (ssid->mode == WPAS_MODE_P2P_GO || 517 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 518 /* Remove 802.11b rates from supported and basic rate sets */ 519 int *list = os_malloc(4 * sizeof(int)); 520 if (list) { 521 list[0] = 60; 522 list[1] = 120; 523 list[2] = 240; 524 list[3] = -1; 525 } 526 conf->basic_rates = list; 527 528 list = os_malloc(9 * sizeof(int)); 529 if (list) { 530 list[0] = 60; 531 list[1] = 90; 532 list[2] = 120; 533 list[3] = 180; 534 list[4] = 240; 535 list[5] = 360; 536 list[6] = 480; 537 list[7] = 540; 538 list[8] = -1; 539 } 540 conf->supported_rates = list; 541 } 542 543 #ifdef CONFIG_IEEE80211AX 544 if (ssid->mode == WPAS_MODE_P2P_GO || 545 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 546 conf->ieee80211ax = ssid->he; 547 #endif /* CONFIG_IEEE80211AX */ 548 549 bss->isolate = !wpa_s->conf->p2p_intra_bss; 550 bss->extended_key_id = wpa_s->conf->extended_key_id; 551 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 552 bss->wpa_deny_ptk0_rekey = ssid->wpa_deny_ptk0_rekey; 553 554 if (ssid->p2p_group) { 555 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4); 556 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask, 557 4); 558 os_memcpy(bss->ip_addr_start, 559 wpa_s->p2pdev->conf->ip_addr_start, 4); 560 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end, 561 4); 562 } 563 #endif /* CONFIG_P2P */ 564 565 if (ssid->ssid_len == 0) { 566 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 567 return -1; 568 } 569 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 570 bss->ssid.ssid_len = ssid->ssid_len; 571 bss->ssid.ssid_set = 1; 572 573 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 574 575 if (ssid->auth_alg) 576 bss->auth_algs = ssid->auth_alg; 577 578 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 579 bss->wpa = ssid->proto; 580 if (ssid->key_mgmt == DEFAULT_KEY_MGMT) 581 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK; 582 else 583 bss->wpa_key_mgmt = ssid->key_mgmt; 584 bss->wpa_pairwise = ssid->pairwise_cipher; 585 if (wpa_key_mgmt_sae(bss->wpa_key_mgmt) && ssid->passphrase) { 586 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 587 } else if (ssid->psk_set) { 588 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk)); 589 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 590 if (bss->ssid.wpa_psk == NULL) 591 return -1; 592 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 593 bss->ssid.wpa_psk->group = 1; 594 bss->ssid.wpa_psk_set = 1; 595 } else if (ssid->passphrase) { 596 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 597 #ifdef CONFIG_WEP 598 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 599 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 600 struct hostapd_wep_keys *wep = &bss->ssid.wep; 601 int i; 602 for (i = 0; i < NUM_WEP_KEYS; i++) { 603 if (ssid->wep_key_len[i] == 0) 604 continue; 605 wep->key[i] = os_memdup(ssid->wep_key[i], 606 ssid->wep_key_len[i]); 607 if (wep->key[i] == NULL) 608 return -1; 609 wep->len[i] = ssid->wep_key_len[i]; 610 } 611 wep->idx = ssid->wep_tx_keyidx; 612 wep->keys_set = 1; 613 #endif /* CONFIG_WEP */ 614 } 615 #ifdef CONFIG_SAE 616 if (ssid->sae_password) { 617 struct sae_password_entry *pw; 618 619 pw = os_zalloc(sizeof(*pw)); 620 if (!pw) 621 return -1; 622 os_memset(pw->peer_addr, 0xff, ETH_ALEN); 623 pw->password = os_strdup(ssid->sae_password); 624 if (!pw->password) { 625 os_free(pw); 626 return -1; 627 } 628 if (ssid->sae_password_id) { 629 pw->identifier = os_strdup(ssid->sae_password_id); 630 if (!pw->identifier) { 631 str_clear_free(pw->password); 632 os_free(pw); 633 return -1; 634 } 635 } 636 637 pw->next = bss->sae_passwords; 638 bss->sae_passwords = pw; 639 } 640 641 if (ssid->sae_pwe != DEFAULT_SAE_PWE) 642 bss->sae_pwe = ssid->sae_pwe; 643 else 644 bss->sae_pwe = wpa_s->conf->sae_pwe; 645 #endif /* CONFIG_SAE */ 646 647 if (wpa_s->conf->go_interworking) { 648 wpa_printf(MSG_DEBUG, 649 "P2P: Enable Interworking with access_network_type: %d", 650 wpa_s->conf->go_access_network_type); 651 bss->interworking = wpa_s->conf->go_interworking; 652 bss->access_network_type = wpa_s->conf->go_access_network_type; 653 bss->internet = wpa_s->conf->go_internet; 654 if (wpa_s->conf->go_venue_group) { 655 wpa_printf(MSG_DEBUG, 656 "P2P: Venue group: %d Venue type: %d", 657 wpa_s->conf->go_venue_group, 658 wpa_s->conf->go_venue_type); 659 bss->venue_group = wpa_s->conf->go_venue_group; 660 bss->venue_type = wpa_s->conf->go_venue_type; 661 bss->venue_info_set = 1; 662 } 663 } 664 665 if (ssid->ap_max_inactivity) 666 bss->ap_max_inactivity = ssid->ap_max_inactivity; 667 668 if (ssid->dtim_period) 669 bss->dtim_period = ssid->dtim_period; 670 else if (wpa_s->conf->dtim_period) 671 bss->dtim_period = wpa_s->conf->dtim_period; 672 673 if (ssid->beacon_int) 674 conf->beacon_int = ssid->beacon_int; 675 else if (wpa_s->conf->beacon_int) 676 conf->beacon_int = wpa_s->conf->beacon_int; 677 678 #ifdef CONFIG_P2P 679 if (ssid->mode == WPAS_MODE_P2P_GO || 680 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 681 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) { 682 wpa_printf(MSG_INFO, 683 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it", 684 wpa_s->conf->p2p_go_ctwindow, 685 conf->beacon_int); 686 conf->p2p_go_ctwindow = 0; 687 } else { 688 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow; 689 } 690 } 691 #endif /* CONFIG_P2P */ 692 693 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 694 bss->rsn_pairwise = bss->wpa_pairwise; 695 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 696 bss->rsn_pairwise); 697 698 if (bss->wpa && bss->ieee802_1x) { 699 bss->ssid.security_policy = SECURITY_WPA; 700 } else if (bss->wpa) { 701 bss->ssid.security_policy = SECURITY_WPA_PSK; 702 #ifdef CONFIG_WEP 703 } else if (bss->ieee802_1x) { 704 int cipher = WPA_CIPHER_NONE; 705 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 706 bss->ssid.wep.default_len = bss->default_wep_key_len; 707 if (bss->default_wep_key_len) 708 cipher = bss->default_wep_key_len >= 13 ? 709 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 710 bss->wpa_group = cipher; 711 bss->wpa_pairwise = cipher; 712 bss->rsn_pairwise = cipher; 713 } else if (bss->ssid.wep.keys_set) { 714 int cipher = WPA_CIPHER_WEP40; 715 if (bss->ssid.wep.len[0] >= 13) 716 cipher = WPA_CIPHER_WEP104; 717 bss->ssid.security_policy = SECURITY_STATIC_WEP; 718 bss->wpa_group = cipher; 719 bss->wpa_pairwise = cipher; 720 bss->rsn_pairwise = cipher; 721 #endif /* CONFIG_WEP */ 722 } else { 723 bss->ssid.security_policy = SECURITY_PLAINTEXT; 724 bss->wpa_group = WPA_CIPHER_NONE; 725 bss->wpa_pairwise = WPA_CIPHER_NONE; 726 bss->rsn_pairwise = WPA_CIPHER_NONE; 727 } 728 729 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 730 (bss->wpa_group == WPA_CIPHER_CCMP || 731 bss->wpa_group == WPA_CIPHER_GCMP || 732 bss->wpa_group == WPA_CIPHER_CCMP_256 || 733 bss->wpa_group == WPA_CIPHER_GCMP_256)) { 734 /* 735 * Strong ciphers do not need frequent rekeying, so increase 736 * the default GTK rekeying period to 24 hours. 737 */ 738 bss->wpa_group_rekey = 86400; 739 } 740 741 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) { 742 bss->ieee80211w = ssid->ieee80211w; 743 } else if (wpa_s->conf->pmf != MGMT_FRAME_PROTECTION_DEFAULT) { 744 if (ssid->mode == WPAS_MODE_AP) 745 bss->ieee80211w = wpa_s->conf->pmf; 746 } 747 748 #ifdef CONFIG_OCV 749 bss->ocv = ssid->ocv; 750 #endif /* CONFIG_OCV */ 751 752 #ifdef CONFIG_WPS 753 /* 754 * Enable WPS by default for open and WPA/WPA2-Personal network, but 755 * require user interaction to actually use it. Only the internal 756 * Registrar is supported. 757 */ 758 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 759 bss->ssid.security_policy != SECURITY_PLAINTEXT) 760 goto no_wps; 761 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 762 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || 763 !(bss->wpa & 2))) 764 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 765 * configuration */ 766 if (ssid->wps_disabled) 767 goto no_wps; 768 bss->eap_server = 1; 769 770 if (!ssid->ignore_broadcast_ssid) 771 bss->wps_state = 2; 772 773 bss->ap_setup_locked = 2; 774 if (wpa_s->conf->config_methods) 775 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 776 os_memcpy(bss->device_type, wpa_s->conf->device_type, 777 WPS_DEV_TYPE_LEN); 778 if (wpa_s->conf->device_name) { 779 bss->device_name = os_strdup(wpa_s->conf->device_name); 780 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 781 } 782 if (wpa_s->conf->manufacturer) 783 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 784 if (wpa_s->conf->model_name) 785 bss->model_name = os_strdup(wpa_s->conf->model_name); 786 if (wpa_s->conf->model_number) 787 bss->model_number = os_strdup(wpa_s->conf->model_number); 788 if (wpa_s->conf->serial_number) 789 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 790 if (is_nil_uuid(wpa_s->conf->uuid)) 791 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 792 else 793 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 794 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 795 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 796 if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE) 797 bss->fragment_size = ssid->eap.fragment_size; 798 no_wps: 799 #endif /* CONFIG_WPS */ 800 801 if (wpa_s->max_stations && 802 wpa_s->max_stations < wpa_s->conf->max_num_sta) 803 bss->max_num_sta = wpa_s->max_stations; 804 else 805 bss->max_num_sta = wpa_s->conf->max_num_sta; 806 807 if (!bss->isolate) 808 bss->isolate = wpa_s->conf->ap_isolate; 809 810 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 811 812 if (wpa_s->conf->ap_vendor_elements) { 813 bss->vendor_elements = 814 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 815 } 816 if (wpa_s->conf->ap_assocresp_elements) { 817 bss->assocresp_elements = 818 wpabuf_dup(wpa_s->conf->ap_assocresp_elements); 819 } 820 821 bss->ftm_responder = wpa_s->conf->ftm_responder; 822 bss->ftm_initiator = wpa_s->conf->ftm_initiator; 823 824 bss->transition_disable = ssid->transition_disable; 825 826 return 0; 827 } 828 829 830 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 831 { 832 #ifdef CONFIG_P2P 833 struct wpa_supplicant *wpa_s = ctx; 834 const struct ieee80211_mgmt *mgmt; 835 836 mgmt = (const struct ieee80211_mgmt *) buf; 837 if (len < IEEE80211_HDRLEN + 1) 838 return; 839 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC) 840 return; 841 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 842 mgmt->u.action.category, 843 buf + IEEE80211_HDRLEN + 1, 844 len - IEEE80211_HDRLEN - 1, freq); 845 #endif /* CONFIG_P2P */ 846 } 847 848 849 static void ap_wps_event_cb(void *ctx, enum wps_event event, 850 union wps_event_data *data) 851 { 852 #ifdef CONFIG_P2P 853 struct wpa_supplicant *wpa_s = ctx; 854 855 if (event == WPS_EV_FAIL) { 856 struct wps_event_fail *fail = &data->fail; 857 858 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s && 859 wpa_s == wpa_s->global->p2p_group_formation) { 860 /* 861 * src/ap/wps_hostapd.c has already sent this on the 862 * main interface, so only send on the parent interface 863 * here if needed. 864 */ 865 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL 866 "msg=%d config_error=%d", 867 fail->msg, fail->config_error); 868 } 869 wpas_p2p_wps_failed(wpa_s, fail); 870 } 871 #endif /* CONFIG_P2P */ 872 } 873 874 875 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 876 int authorized, const u8 *p2p_dev_addr, 877 const u8 *ip) 878 { 879 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr, ip); 880 } 881 882 883 #ifdef CONFIG_P2P 884 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 885 const u8 *psk, size_t psk_len) 886 { 887 888 struct wpa_supplicant *wpa_s = ctx; 889 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 890 return; 891 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 892 } 893 #endif /* CONFIG_P2P */ 894 895 896 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 897 { 898 #ifdef CONFIG_P2P 899 struct wpa_supplicant *wpa_s = ctx; 900 const struct ieee80211_mgmt *mgmt; 901 902 mgmt = (const struct ieee80211_mgmt *) buf; 903 if (len < IEEE80211_HDRLEN + 1) 904 return -1; 905 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 906 mgmt->u.action.category, 907 buf + IEEE80211_HDRLEN + 1, 908 len - IEEE80211_HDRLEN - 1, freq); 909 #endif /* CONFIG_P2P */ 910 return 0; 911 } 912 913 914 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 915 const u8 *bssid, const u8 *ie, size_t ie_len, 916 int ssi_signal) 917 { 918 struct wpa_supplicant *wpa_s = ctx; 919 unsigned int freq = 0; 920 921 if (wpa_s->ap_iface) 922 freq = wpa_s->ap_iface->freq; 923 924 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 925 freq, ssi_signal); 926 } 927 928 929 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 930 const u8 *uuid_e) 931 { 932 struct wpa_supplicant *wpa_s = ctx; 933 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 934 } 935 936 937 static void wpas_ap_configured_cb(void *ctx) 938 { 939 struct wpa_supplicant *wpa_s = ctx; 940 941 wpa_printf(MSG_DEBUG, "AP interface setup completed - state %s", 942 hostapd_state_text(wpa_s->ap_iface->state)); 943 if (wpa_s->ap_iface->state == HAPD_IFACE_DISABLED) { 944 wpa_supplicant_ap_deinit(wpa_s); 945 return; 946 } 947 948 if (wpa_s->current_ssid) { 949 int acs = 0; 950 951 #ifdef CONFIG_ACS 952 acs = wpa_s->current_ssid->acs; 953 #endif /* CONFIG_ACS */ 954 if (acs || (wpa_s->assoc_freq && wpa_s->ap_iface->freq && 955 (int) wpa_s->assoc_freq != wpa_s->ap_iface->freq)) { 956 wpa_s->assoc_freq = wpa_s->ap_iface->freq; 957 wpa_s->current_ssid->frequency = wpa_s->ap_iface->freq; 958 } 959 } 960 961 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 962 963 if (wpa_s->ap_configured_cb) 964 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 965 wpa_s->ap_configured_cb_data); 966 } 967 968 969 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 970 struct wpa_ssid *ssid) 971 { 972 struct wpa_driver_associate_params params; 973 struct hostapd_iface *hapd_iface; 974 struct hostapd_config *conf; 975 size_t i; 976 977 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 978 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 979 return -1; 980 } 981 982 wpa_supplicant_ap_deinit(wpa_s); 983 984 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 985 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 986 987 os_memset(¶ms, 0, sizeof(params)); 988 params.ssid = ssid->ssid; 989 params.ssid_len = ssid->ssid_len; 990 switch (ssid->mode) { 991 case WPAS_MODE_AP: 992 case WPAS_MODE_P2P_GO: 993 case WPAS_MODE_P2P_GROUP_FORMATION: 994 params.mode = IEEE80211_MODE_AP; 995 break; 996 default: 997 return -1; 998 } 999 if (ssid->frequency == 0) 1000 ssid->frequency = 2462; /* default channel 11 */ 1001 params.freq.freq = ssid->frequency; 1002 1003 if ((ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO) && 1004 ssid->enable_edmg) { 1005 u8 primary_channel; 1006 1007 if (ieee80211_freq_to_chan(ssid->frequency, &primary_channel) == 1008 NUM_HOSTAPD_MODES) { 1009 wpa_printf(MSG_WARNING, 1010 "EDMG: Failed to get the primary channel"); 1011 return -1; 1012 } 1013 1014 hostapd_encode_edmg_chan(ssid->enable_edmg, ssid->edmg_channel, 1015 primary_channel, ¶ms.freq.edmg); 1016 } 1017 1018 params.wpa_proto = ssid->proto; 1019 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 1020 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 1021 else if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) 1022 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; 1023 else 1024 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 1025 params.key_mgmt_suite = wpa_s->key_mgmt; 1026 1027 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 1028 1); 1029 if (wpa_s->pairwise_cipher < 0) { 1030 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 1031 "cipher."); 1032 return -1; 1033 } 1034 params.pairwise_suite = wpa_s->pairwise_cipher; 1035 params.group_suite = params.pairwise_suite; 1036 1037 #ifdef CONFIG_P2P 1038 if (ssid->mode == WPAS_MODE_P2P_GO || 1039 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1040 params.p2p = 1; 1041 #endif /* CONFIG_P2P */ 1042 1043 if (wpa_s->p2pdev->set_ap_uapsd) 1044 params.uapsd = wpa_s->p2pdev->ap_uapsd; 1045 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD)) 1046 params.uapsd = 1; /* mandatory for P2P GO */ 1047 else 1048 params.uapsd = -1; 1049 1050 if (ieee80211_is_dfs(params.freq.freq, wpa_s->hw.modes, 1051 wpa_s->hw.num_modes)) 1052 params.freq.freq = 0; /* set channel after CAC */ 1053 1054 if (params.p2p) 1055 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO); 1056 else 1057 wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS); 1058 1059 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 1060 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 1061 return -1; 1062 } 1063 1064 wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface(); 1065 if (hapd_iface == NULL) 1066 return -1; 1067 hapd_iface->owner = wpa_s; 1068 hapd_iface->drv_flags = wpa_s->drv_flags; 1069 hapd_iface->drv_flags2 = wpa_s->drv_flags2; 1070 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 1071 hapd_iface->extended_capa = wpa_s->extended_capa; 1072 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 1073 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 1074 hapd_iface->drv_max_acl_mac_addrs = wpa_s->drv_max_acl_mac_addrs; 1075 1076 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 1077 if (conf == NULL) { 1078 wpa_supplicant_ap_deinit(wpa_s); 1079 return -1; 1080 } 1081 1082 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 1083 wpa_s->conf->wmm_ac_params, 1084 sizeof(wpa_s->conf->wmm_ac_params)); 1085 1086 os_memcpy(wpa_s->ap_iface->conf->tx_queue, wpa_s->conf->tx_queue, 1087 sizeof(wpa_s->conf->tx_queue)); 1088 1089 if (params.uapsd > 0) { 1090 conf->bss[0]->wmm_enabled = 1; 1091 conf->bss[0]->wmm_uapsd = 1; 1092 } 1093 1094 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 1095 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 1096 wpa_supplicant_ap_deinit(wpa_s); 1097 return -1; 1098 } 1099 1100 #ifdef CONFIG_P2P 1101 if (ssid->mode == WPAS_MODE_P2P_GO) 1102 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1103 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1104 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1105 P2P_GROUP_FORMATION; 1106 #endif /* CONFIG_P2P */ 1107 1108 hapd_iface->num_bss = conf->num_bss; 1109 hapd_iface->bss = os_calloc(conf->num_bss, 1110 sizeof(struct hostapd_data *)); 1111 if (hapd_iface->bss == NULL) { 1112 wpa_supplicant_ap_deinit(wpa_s); 1113 return -1; 1114 } 1115 1116 for (i = 0; i < conf->num_bss; i++) { 1117 hapd_iface->bss[i] = 1118 hostapd_alloc_bss_data(hapd_iface, conf, 1119 conf->bss[i]); 1120 if (hapd_iface->bss[i] == NULL) { 1121 wpa_supplicant_ap_deinit(wpa_s); 1122 return -1; 1123 } 1124 1125 hapd_iface->bss[i]->msg_ctx = wpa_s; 1126 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev; 1127 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 1128 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 1129 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 1130 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 1131 hostapd_register_probereq_cb(hapd_iface->bss[i], 1132 ap_probe_req_rx, wpa_s); 1133 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 1134 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 1135 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 1136 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 1137 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 1138 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 1139 #ifdef CONFIG_P2P 1140 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 1141 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 1142 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 1143 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 1144 ssid); 1145 #endif /* CONFIG_P2P */ 1146 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 1147 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 1148 #ifdef CONFIG_TESTING_OPTIONS 1149 hapd_iface->bss[i]->ext_eapol_frame_io = 1150 wpa_s->ext_eapol_frame_io; 1151 #endif /* CONFIG_TESTING_OPTIONS */ 1152 1153 #ifdef CONFIG_WNM_AP 1154 if (ssid->mode == WPAS_MODE_AP) 1155 hapd_iface->bss[i]->conf->bss_transition = 1; 1156 #endif /* CONFIG_WNM_AP */ 1157 } 1158 1159 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 1160 hapd_iface->bss[0]->driver = wpa_s->driver; 1161 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 1162 1163 wpa_s->current_ssid = ssid; 1164 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1165 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 1166 wpa_s->assoc_freq = ssid->frequency; 1167 wpa_s->ap_iface->conf->enable_edmg = ssid->enable_edmg; 1168 wpa_s->ap_iface->conf->edmg_channel = ssid->edmg_channel; 1169 1170 #if defined(CONFIG_P2P) && defined(CONFIG_ACS) 1171 if (wpa_s->p2p_go_do_acs) { 1172 wpa_s->ap_iface->conf->channel = 0; 1173 wpa_s->ap_iface->conf->hw_mode = wpa_s->p2p_go_acs_band; 1174 ssid->acs = 1; 1175 } 1176 #endif /* CONFIG_P2P && CONFIG_ACS */ 1177 1178 if (hostapd_setup_interface(wpa_s->ap_iface)) { 1179 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 1180 wpa_supplicant_ap_deinit(wpa_s); 1181 return -1; 1182 } 1183 1184 return 0; 1185 } 1186 1187 1188 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 1189 { 1190 #ifdef CONFIG_WPS 1191 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1192 #endif /* CONFIG_WPS */ 1193 1194 if (wpa_s->ap_iface == NULL) 1195 return; 1196 1197 wpa_s->current_ssid = NULL; 1198 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1199 wpa_s->assoc_freq = 0; 1200 wpas_p2p_ap_deinit(wpa_s); 1201 wpa_s->ap_iface->driver_ap_teardown = 1202 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 1203 1204 hostapd_interface_deinit(wpa_s->ap_iface); 1205 hostapd_interface_free(wpa_s->ap_iface); 1206 wpa_s->ap_iface = NULL; 1207 wpa_drv_deinit_ap(wpa_s); 1208 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 1209 " reason=%d locally_generated=1", 1210 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING); 1211 } 1212 1213 1214 void ap_tx_status(void *ctx, const u8 *addr, 1215 const u8 *buf, size_t len, int ack) 1216 { 1217 #ifdef NEED_AP_MLME 1218 struct wpa_supplicant *wpa_s = ctx; 1219 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 1220 #endif /* NEED_AP_MLME */ 1221 } 1222 1223 1224 void ap_eapol_tx_status(void *ctx, const u8 *dst, 1225 const u8 *data, size_t len, int ack) 1226 { 1227 #ifdef NEED_AP_MLME 1228 struct wpa_supplicant *wpa_s = ctx; 1229 if (!wpa_s->ap_iface) 1230 return; 1231 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 1232 #endif /* NEED_AP_MLME */ 1233 } 1234 1235 1236 void ap_client_poll_ok(void *ctx, const u8 *addr) 1237 { 1238 #ifdef NEED_AP_MLME 1239 struct wpa_supplicant *wpa_s = ctx; 1240 if (wpa_s->ap_iface) 1241 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 1242 #endif /* NEED_AP_MLME */ 1243 } 1244 1245 1246 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 1247 { 1248 #ifdef NEED_AP_MLME 1249 struct wpa_supplicant *wpa_s = ctx; 1250 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 1251 #endif /* NEED_AP_MLME */ 1252 } 1253 1254 1255 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 1256 { 1257 #ifdef NEED_AP_MLME 1258 struct wpa_supplicant *wpa_s = ctx; 1259 struct hostapd_frame_info fi; 1260 os_memset(&fi, 0, sizeof(fi)); 1261 fi.freq = rx_mgmt->freq; 1262 fi.datarate = rx_mgmt->datarate; 1263 fi.ssi_signal = rx_mgmt->ssi_signal; 1264 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 1265 rx_mgmt->frame_len, &fi); 1266 #endif /* NEED_AP_MLME */ 1267 } 1268 1269 1270 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 1271 { 1272 #ifdef NEED_AP_MLME 1273 struct wpa_supplicant *wpa_s = ctx; 1274 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 1275 #endif /* NEED_AP_MLME */ 1276 } 1277 1278 1279 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 1280 const u8 *src_addr, const u8 *buf, size_t len, 1281 enum frame_encryption encrypted) 1282 { 1283 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len, 1284 encrypted); 1285 } 1286 1287 1288 #ifdef CONFIG_WPS 1289 1290 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 1291 const u8 *p2p_dev_addr) 1292 { 1293 if (!wpa_s->ap_iface) 1294 return -1; 1295 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 1296 p2p_dev_addr); 1297 } 1298 1299 1300 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 1301 { 1302 struct wps_registrar *reg; 1303 int reg_sel = 0, wps_sta = 0; 1304 1305 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 1306 return -1; 1307 1308 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 1309 reg_sel = wps_registrar_wps_cancel(reg); 1310 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 1311 ap_sta_wps_cancel, NULL); 1312 1313 if (!reg_sel && !wps_sta) { 1314 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 1315 "time"); 1316 return -1; 1317 } 1318 1319 /* 1320 * There are 2 cases to return wps cancel as success: 1321 * 1. When wps cancel was initiated but no connection has been 1322 * established with client yet. 1323 * 2. Client is in the middle of exchanging WPS messages. 1324 */ 1325 1326 return 0; 1327 } 1328 1329 1330 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 1331 const char *pin, char *buf, size_t buflen, 1332 int timeout) 1333 { 1334 int ret, ret_len = 0; 1335 1336 if (!wpa_s->ap_iface) 1337 return -1; 1338 1339 if (pin == NULL) { 1340 unsigned int rpin; 1341 1342 if (wps_generate_pin(&rpin) < 0) 1343 return -1; 1344 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 1345 if (os_snprintf_error(buflen, ret_len)) 1346 return -1; 1347 pin = buf; 1348 } else if (buf) { 1349 ret_len = os_snprintf(buf, buflen, "%s", pin); 1350 if (os_snprintf_error(buflen, ret_len)) 1351 return -1; 1352 } 1353 1354 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 1355 timeout); 1356 if (ret) 1357 return -1; 1358 return ret_len; 1359 } 1360 1361 1362 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 1363 { 1364 struct wpa_supplicant *wpa_s = eloop_data; 1365 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 1366 wpas_wps_ap_pin_disable(wpa_s); 1367 } 1368 1369 1370 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 1371 { 1372 struct hostapd_data *hapd; 1373 1374 if (wpa_s->ap_iface == NULL) 1375 return; 1376 hapd = wpa_s->ap_iface->bss[0]; 1377 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 1378 hapd->ap_pin_failures = 0; 1379 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1380 if (timeout > 0) 1381 eloop_register_timeout(timeout, 0, 1382 wpas_wps_ap_pin_timeout, wpa_s, NULL); 1383 } 1384 1385 1386 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 1387 { 1388 struct hostapd_data *hapd; 1389 1390 if (wpa_s->ap_iface == NULL) 1391 return; 1392 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 1393 hapd = wpa_s->ap_iface->bss[0]; 1394 os_free(hapd->conf->ap_pin); 1395 hapd->conf->ap_pin = NULL; 1396 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1397 } 1398 1399 1400 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 1401 { 1402 struct hostapd_data *hapd; 1403 unsigned int pin; 1404 char pin_txt[9]; 1405 1406 if (wpa_s->ap_iface == NULL) 1407 return NULL; 1408 hapd = wpa_s->ap_iface->bss[0]; 1409 if (wps_generate_pin(&pin) < 0) 1410 return NULL; 1411 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 1412 os_free(hapd->conf->ap_pin); 1413 hapd->conf->ap_pin = os_strdup(pin_txt); 1414 if (hapd->conf->ap_pin == NULL) 1415 return NULL; 1416 wpas_wps_ap_pin_enable(wpa_s, timeout); 1417 1418 return hapd->conf->ap_pin; 1419 } 1420 1421 1422 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 1423 { 1424 struct hostapd_data *hapd; 1425 if (wpa_s->ap_iface == NULL) 1426 return NULL; 1427 hapd = wpa_s->ap_iface->bss[0]; 1428 return hapd->conf->ap_pin; 1429 } 1430 1431 1432 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 1433 int timeout) 1434 { 1435 struct hostapd_data *hapd; 1436 char pin_txt[9]; 1437 int ret; 1438 1439 if (wpa_s->ap_iface == NULL) 1440 return -1; 1441 hapd = wpa_s->ap_iface->bss[0]; 1442 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 1443 if (os_snprintf_error(sizeof(pin_txt), ret)) 1444 return -1; 1445 os_free(hapd->conf->ap_pin); 1446 hapd->conf->ap_pin = os_strdup(pin_txt); 1447 if (hapd->conf->ap_pin == NULL) 1448 return -1; 1449 wpas_wps_ap_pin_enable(wpa_s, timeout); 1450 1451 return 0; 1452 } 1453 1454 1455 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 1456 { 1457 struct hostapd_data *hapd; 1458 1459 if (wpa_s->ap_iface == NULL) 1460 return; 1461 hapd = wpa_s->ap_iface->bss[0]; 1462 1463 /* 1464 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 1465 * PIN if this happens multiple times to slow down brute force attacks. 1466 */ 1467 hapd->ap_pin_failures++; 1468 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 1469 hapd->ap_pin_failures); 1470 if (hapd->ap_pin_failures < 3) 1471 return; 1472 1473 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 1474 hapd->ap_pin_failures = 0; 1475 os_free(hapd->conf->ap_pin); 1476 hapd->conf->ap_pin = NULL; 1477 } 1478 1479 1480 #ifdef CONFIG_WPS_NFC 1481 1482 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 1483 int ndef) 1484 { 1485 struct hostapd_data *hapd; 1486 1487 if (wpa_s->ap_iface == NULL) 1488 return NULL; 1489 hapd = wpa_s->ap_iface->bss[0]; 1490 return hostapd_wps_nfc_config_token(hapd, ndef); 1491 } 1492 1493 1494 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 1495 int ndef) 1496 { 1497 struct hostapd_data *hapd; 1498 1499 if (wpa_s->ap_iface == NULL) 1500 return NULL; 1501 hapd = wpa_s->ap_iface->bss[0]; 1502 return hostapd_wps_nfc_hs_cr(hapd, ndef); 1503 } 1504 1505 1506 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s, 1507 const struct wpabuf *req, 1508 const struct wpabuf *sel) 1509 { 1510 struct hostapd_data *hapd; 1511 1512 if (wpa_s->ap_iface == NULL) 1513 return -1; 1514 hapd = wpa_s->ap_iface->bss[0]; 1515 return hostapd_wps_nfc_report_handover(hapd, req, sel); 1516 } 1517 1518 #endif /* CONFIG_WPS_NFC */ 1519 1520 #endif /* CONFIG_WPS */ 1521 1522 1523 #ifdef CONFIG_CTRL_IFACE 1524 1525 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 1526 char *buf, size_t buflen) 1527 { 1528 struct hostapd_data *hapd; 1529 1530 if (wpa_s->ap_iface) 1531 hapd = wpa_s->ap_iface->bss[0]; 1532 else if (wpa_s->ifmsh) 1533 hapd = wpa_s->ifmsh->bss[0]; 1534 else 1535 return -1; 1536 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen); 1537 } 1538 1539 1540 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 1541 char *buf, size_t buflen) 1542 { 1543 struct hostapd_data *hapd; 1544 1545 if (wpa_s->ap_iface) 1546 hapd = wpa_s->ap_iface->bss[0]; 1547 else if (wpa_s->ifmsh) 1548 hapd = wpa_s->ifmsh->bss[0]; 1549 else 1550 return -1; 1551 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen); 1552 } 1553 1554 1555 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 1556 char *buf, size_t buflen) 1557 { 1558 struct hostapd_data *hapd; 1559 1560 if (wpa_s->ap_iface) 1561 hapd = wpa_s->ap_iface->bss[0]; 1562 else if (wpa_s->ifmsh) 1563 hapd = wpa_s->ifmsh->bss[0]; 1564 else 1565 return -1; 1566 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen); 1567 } 1568 1569 1570 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 1571 const char *txtaddr) 1572 { 1573 if (wpa_s->ap_iface == NULL) 1574 return -1; 1575 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 1576 txtaddr); 1577 } 1578 1579 1580 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 1581 const char *txtaddr) 1582 { 1583 if (wpa_s->ap_iface == NULL) 1584 return -1; 1585 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 1586 txtaddr); 1587 } 1588 1589 1590 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 1591 size_t buflen, int verbose) 1592 { 1593 char *pos = buf, *end = buf + buflen; 1594 int ret; 1595 struct hostapd_bss_config *conf; 1596 1597 if (wpa_s->ap_iface == NULL) 1598 return -1; 1599 1600 conf = wpa_s->ap_iface->bss[0]->conf; 1601 if (conf->wpa == 0) 1602 return 0; 1603 1604 ret = os_snprintf(pos, end - pos, 1605 "pairwise_cipher=%s\n" 1606 "group_cipher=%s\n" 1607 "key_mgmt=%s\n", 1608 wpa_cipher_txt(conf->rsn_pairwise), 1609 wpa_cipher_txt(conf->wpa_group), 1610 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 1611 conf->wpa)); 1612 if (os_snprintf_error(end - pos, ret)) 1613 return pos - buf; 1614 pos += ret; 1615 return pos - buf; 1616 } 1617 1618 1619 #ifdef CONFIG_WNM_AP 1620 1621 int ap_ctrl_iface_disassoc_imminent(struct wpa_supplicant *wpa_s, 1622 const char *buf) 1623 { 1624 struct hostapd_data *hapd; 1625 1626 if (wpa_s->ap_iface) 1627 hapd = wpa_s->ap_iface->bss[0]; 1628 else 1629 return -1; 1630 return hostapd_ctrl_iface_disassoc_imminent(hapd, buf); 1631 } 1632 1633 1634 int ap_ctrl_iface_ess_disassoc(struct wpa_supplicant *wpa_s, const char *buf) 1635 { 1636 struct hostapd_data *hapd; 1637 1638 if (wpa_s->ap_iface) 1639 hapd = wpa_s->ap_iface->bss[0]; 1640 else 1641 return -1; 1642 return hostapd_ctrl_iface_ess_disassoc(hapd, buf); 1643 } 1644 1645 1646 int ap_ctrl_iface_bss_tm_req(struct wpa_supplicant *wpa_s, const char *buf) 1647 { 1648 struct hostapd_data *hapd; 1649 1650 if (wpa_s->ap_iface) 1651 hapd = wpa_s->ap_iface->bss[0]; 1652 else 1653 return -1; 1654 return hostapd_ctrl_iface_bss_tm_req(hapd, buf); 1655 } 1656 1657 #endif /* CONFIG_WNM_AP */ 1658 1659 1660 int ap_ctrl_iface_acl_add_mac(struct wpa_supplicant *wpa_s, 1661 enum macaddr_acl acl_type, 1662 const char *buf) 1663 { 1664 struct hostapd_data *hapd; 1665 1666 if (wpa_s->ap_iface) 1667 hapd = wpa_s->ap_iface->bss[0]; 1668 else 1669 return -1; 1670 1671 hapd->conf->macaddr_acl = acl_type; 1672 1673 if (acl_type == ACCEPT_UNLESS_DENIED) 1674 return hostapd_ctrl_iface_acl_add_mac(&hapd->conf->deny_mac, 1675 &hapd->conf->num_deny_mac, 1676 buf); 1677 if (acl_type == DENY_UNLESS_ACCEPTED) 1678 return hostapd_ctrl_iface_acl_add_mac( 1679 &hapd->conf->accept_mac, 1680 &hapd->conf->num_accept_mac, buf); 1681 1682 return -1; 1683 } 1684 1685 1686 int ap_ctrl_iface_acl_del_mac(struct wpa_supplicant *wpa_s, 1687 enum macaddr_acl acl_type, 1688 const char *buf) 1689 { 1690 struct hostapd_data *hapd; 1691 1692 if (wpa_s->ap_iface) 1693 hapd = wpa_s->ap_iface->bss[0]; 1694 else 1695 return -1; 1696 1697 hapd->conf->macaddr_acl = acl_type; 1698 1699 if (acl_type == ACCEPT_UNLESS_DENIED) 1700 return hostapd_ctrl_iface_acl_del_mac(&hapd->conf->deny_mac, 1701 &hapd->conf->num_deny_mac, 1702 buf); 1703 if (acl_type == DENY_UNLESS_ACCEPTED) 1704 return hostapd_ctrl_iface_acl_del_mac( 1705 &hapd->conf->accept_mac, &hapd->conf->num_accept_mac, 1706 buf); 1707 1708 return -1; 1709 } 1710 1711 1712 int ap_ctrl_iface_acl_show_mac(struct wpa_supplicant *wpa_s, 1713 enum macaddr_acl acl_type, char *buf, 1714 size_t buflen) 1715 { 1716 struct hostapd_data *hapd; 1717 1718 if (wpa_s->ap_iface) 1719 hapd = wpa_s->ap_iface->bss[0]; 1720 else 1721 return -1; 1722 1723 if (acl_type == ACCEPT_UNLESS_DENIED) 1724 return hostapd_ctrl_iface_acl_show_mac(hapd->conf->deny_mac, 1725 hapd->conf->num_deny_mac, 1726 buf, buflen); 1727 if (acl_type == DENY_UNLESS_ACCEPTED) 1728 return hostapd_ctrl_iface_acl_show_mac( 1729 hapd->conf->accept_mac, hapd->conf->num_accept_mac, 1730 buf, buflen); 1731 1732 return -1; 1733 } 1734 1735 1736 void ap_ctrl_iface_acl_clear_list(struct wpa_supplicant *wpa_s, 1737 enum macaddr_acl acl_type) 1738 { 1739 struct hostapd_data *hapd; 1740 1741 if (wpa_s->ap_iface) 1742 hapd = wpa_s->ap_iface->bss[0]; 1743 else 1744 return; 1745 1746 hapd->conf->macaddr_acl = acl_type; 1747 1748 if (acl_type == ACCEPT_UNLESS_DENIED) 1749 hostapd_ctrl_iface_acl_clear_list(&hapd->conf->deny_mac, 1750 &hapd->conf->num_deny_mac); 1751 else if (acl_type == DENY_UNLESS_ACCEPTED) 1752 hostapd_ctrl_iface_acl_clear_list(&hapd->conf->accept_mac, 1753 &hapd->conf->num_accept_mac); 1754 } 1755 1756 1757 int ap_ctrl_iface_disassoc_deny_mac(struct wpa_supplicant *wpa_s) 1758 { 1759 struct hostapd_data *hapd; 1760 1761 if (wpa_s->ap_iface) 1762 hapd = wpa_s->ap_iface->bss[0]; 1763 else 1764 return -1; 1765 1766 return hostapd_disassoc_deny_mac(hapd); 1767 } 1768 1769 1770 int ap_ctrl_iface_disassoc_accept_mac(struct wpa_supplicant *wpa_s) 1771 { 1772 struct hostapd_data *hapd; 1773 1774 if (wpa_s->ap_iface) 1775 hapd = wpa_s->ap_iface->bss[0]; 1776 else 1777 return -1; 1778 1779 return hostapd_disassoc_accept_mac(hapd); 1780 } 1781 1782 1783 int ap_ctrl_iface_set_acl(struct wpa_supplicant *wpa_s) 1784 { 1785 struct hostapd_data *hapd; 1786 1787 if (wpa_s->ap_iface) 1788 hapd = wpa_s->ap_iface->bss[0]; 1789 else 1790 return -1; 1791 1792 return hostapd_set_acl(hapd); 1793 } 1794 1795 #endif /* CONFIG_CTRL_IFACE */ 1796 1797 1798 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1799 { 1800 struct hostapd_iface *iface = wpa_s->ap_iface; 1801 struct wpa_ssid *ssid = wpa_s->current_ssid; 1802 struct hostapd_data *hapd; 1803 1804 if (ssid == NULL || wpa_s->ap_iface == NULL || 1805 ssid->mode == WPAS_MODE_INFRA || 1806 ssid->mode == WPAS_MODE_IBSS) 1807 return -1; 1808 1809 #ifdef CONFIG_P2P 1810 if (ssid->mode == WPAS_MODE_P2P_GO) 1811 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1812 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1813 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1814 P2P_GROUP_FORMATION; 1815 #endif /* CONFIG_P2P */ 1816 1817 hapd = iface->bss[0]; 1818 if (hapd->drv_priv == NULL) 1819 return -1; 1820 ieee802_11_set_beacons(iface); 1821 hostapd_set_ap_wps_ie(hapd); 1822 1823 return 0; 1824 } 1825 1826 1827 int ap_switch_channel(struct wpa_supplicant *wpa_s, 1828 struct csa_settings *settings) 1829 { 1830 #ifdef NEED_AP_MLME 1831 struct hostapd_iface *iface = NULL; 1832 1833 if (wpa_s->ap_iface) 1834 iface = wpa_s->ap_iface; 1835 else if (wpa_s->ifmsh) 1836 iface = wpa_s->ifmsh; 1837 1838 if (!iface || !iface->bss[0]) 1839 return -1; 1840 1841 return hostapd_switch_channel(iface->bss[0], settings); 1842 #else /* NEED_AP_MLME */ 1843 return -1; 1844 #endif /* NEED_AP_MLME */ 1845 } 1846 1847 1848 #ifdef CONFIG_CTRL_IFACE 1849 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos) 1850 { 1851 struct csa_settings settings; 1852 int ret = hostapd_parse_csa_settings(pos, &settings); 1853 1854 if (ret) 1855 return ret; 1856 1857 settings.link_id = -1; 1858 1859 return ap_switch_channel(wpa_s, &settings); 1860 } 1861 #endif /* CONFIG_CTRL_IFACE */ 1862 1863 1864 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1865 int offset, int width, int cf1, int cf2, 1866 u16 punct_bitmap, int finished) 1867 { 1868 struct hostapd_iface *iface = wpa_s->ap_iface; 1869 1870 if (!iface) 1871 iface = wpa_s->ifmsh; 1872 if (!iface) 1873 return; 1874 wpa_s->assoc_freq = freq; 1875 if (wpa_s->current_ssid) 1876 wpa_s->current_ssid->frequency = freq; 1877 hostapd_event_ch_switch(iface->bss[0], freq, ht, 1878 offset, width, cf1, cf2, punct_bitmap, 1879 finished); 1880 } 1881 1882 1883 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1884 const u8 *addr) 1885 { 1886 struct hostapd_data *hapd; 1887 struct hostapd_bss_config *conf; 1888 1889 if (!wpa_s->ap_iface) 1890 return -1; 1891 1892 if (addr) 1893 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1894 MAC2STR(addr)); 1895 else 1896 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1897 1898 hapd = wpa_s->ap_iface->bss[0]; 1899 conf = hapd->conf; 1900 1901 os_free(conf->accept_mac); 1902 conf->accept_mac = NULL; 1903 conf->num_accept_mac = 0; 1904 os_free(conf->deny_mac); 1905 conf->deny_mac = NULL; 1906 conf->num_deny_mac = 0; 1907 1908 if (addr == NULL) { 1909 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1910 return 0; 1911 } 1912 1913 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1914 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1915 if (conf->accept_mac == NULL) 1916 return -1; 1917 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1918 conf->num_accept_mac = 1; 1919 1920 return 0; 1921 } 1922 1923 1924 #ifdef CONFIG_WPS_NFC 1925 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id, 1926 const struct wpabuf *pw, const u8 *pubkey_hash) 1927 { 1928 struct hostapd_data *hapd; 1929 struct wps_context *wps; 1930 1931 if (!wpa_s->ap_iface) 1932 return -1; 1933 hapd = wpa_s->ap_iface->bss[0]; 1934 wps = hapd->wps; 1935 1936 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL || 1937 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) { 1938 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known"); 1939 return -1; 1940 } 1941 1942 dh5_free(wps->dh_ctx); 1943 wpabuf_free(wps->dh_pubkey); 1944 wpabuf_free(wps->dh_privkey); 1945 wps->dh_privkey = wpabuf_dup( 1946 wpa_s->p2pdev->conf->wps_nfc_dh_privkey); 1947 wps->dh_pubkey = wpabuf_dup( 1948 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey); 1949 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) { 1950 wps->dh_ctx = NULL; 1951 wpabuf_free(wps->dh_pubkey); 1952 wps->dh_pubkey = NULL; 1953 wpabuf_free(wps->dh_privkey); 1954 wps->dh_privkey = NULL; 1955 return -1; 1956 } 1957 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey); 1958 if (wps->dh_ctx == NULL) 1959 return -1; 1960 1961 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash, 1962 pw_id, 1963 pw ? wpabuf_head(pw) : NULL, 1964 pw ? wpabuf_len(pw) : 0, 1); 1965 } 1966 #endif /* CONFIG_WPS_NFC */ 1967 1968 1969 #ifdef CONFIG_CTRL_IFACE 1970 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s) 1971 { 1972 struct hostapd_data *hapd; 1973 1974 if (!wpa_s->ap_iface) 1975 return -1; 1976 hapd = wpa_s->ap_iface->bss[0]; 1977 return hostapd_ctrl_iface_stop_ap(hapd); 1978 } 1979 1980 1981 int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, 1982 size_t len) 1983 { 1984 size_t reply_len = 0, i; 1985 char ap_delimiter[] = "---- AP ----\n"; 1986 char mesh_delimiter[] = "---- mesh ----\n"; 1987 size_t dlen; 1988 1989 if (wpa_s->ap_iface) { 1990 dlen = os_strlen(ap_delimiter); 1991 if (dlen > len - reply_len) 1992 return reply_len; 1993 os_memcpy(&buf[reply_len], ap_delimiter, dlen); 1994 reply_len += dlen; 1995 1996 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { 1997 reply_len += hostapd_ctrl_iface_pmksa_list( 1998 wpa_s->ap_iface->bss[i], 1999 &buf[reply_len], len - reply_len); 2000 } 2001 } 2002 2003 if (wpa_s->ifmsh) { 2004 dlen = os_strlen(mesh_delimiter); 2005 if (dlen > len - reply_len) 2006 return reply_len; 2007 os_memcpy(&buf[reply_len], mesh_delimiter, dlen); 2008 reply_len += dlen; 2009 2010 reply_len += hostapd_ctrl_iface_pmksa_list( 2011 wpa_s->ifmsh->bss[0], &buf[reply_len], 2012 len - reply_len); 2013 } 2014 2015 return reply_len; 2016 } 2017 2018 2019 void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 2020 { 2021 size_t i; 2022 2023 if (wpa_s->ap_iface) { 2024 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) 2025 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]); 2026 } 2027 2028 if (wpa_s->ifmsh) 2029 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); 2030 } 2031 2032 2033 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 2034 #ifdef CONFIG_MESH 2035 2036 int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr, 2037 char *buf, size_t len) 2038 { 2039 return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr, 2040 &buf[0], len); 2041 } 2042 2043 2044 int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd) 2045 { 2046 struct external_pmksa_cache *entry; 2047 void *pmksa_cache; 2048 2049 pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr, 2050 cmd); 2051 if (!pmksa_cache) 2052 return -1; 2053 2054 entry = os_zalloc(sizeof(struct external_pmksa_cache)); 2055 if (!entry) 2056 return -1; 2057 2058 entry->pmksa_cache = pmksa_cache; 2059 2060 dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list); 2061 2062 return 0; 2063 } 2064 2065 #endif /* CONFIG_MESH */ 2066 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 2067 2068 2069 int wpas_ap_update_beacon(struct wpa_supplicant *wpa_s) 2070 { 2071 struct hostapd_data *hapd; 2072 2073 if (!wpa_s->ap_iface) 2074 return -1; 2075 hapd = wpa_s->ap_iface->bss[0]; 2076 2077 wpabuf_free(hapd->conf->assocresp_elements); 2078 hapd->conf->assocresp_elements = NULL; 2079 if (wpa_s->conf->ap_assocresp_elements) { 2080 hapd->conf->assocresp_elements = 2081 wpabuf_dup(wpa_s->conf->ap_assocresp_elements); 2082 } 2083 2084 wpabuf_free(hapd->conf->vendor_elements); 2085 hapd->conf->vendor_elements = NULL; 2086 if (wpa_s->conf->ap_vendor_elements) { 2087 hapd->conf->vendor_elements = 2088 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 2089 } 2090 2091 return ieee802_11_set_beacon(hapd); 2092 } 2093 2094 #endif /* CONFIG_CTRL_IFACE */ 2095 2096 2097 #ifdef NEED_AP_MLME 2098 void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, 2099 struct dfs_event *radar) 2100 { 2101 struct hostapd_iface *iface = wpa_s->ap_iface; 2102 2103 if (!iface) 2104 iface = wpa_s->ifmsh; 2105 if (!iface || !iface->bss[0]) 2106 return; 2107 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 2108 hostapd_dfs_radar_detected(iface, radar->freq, 2109 radar->ht_enabled, radar->chan_offset, 2110 radar->chan_width, 2111 radar->cf1, radar->cf2); 2112 } 2113 2114 2115 void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s, 2116 struct dfs_event *radar) 2117 { 2118 struct hostapd_iface *iface = wpa_s->ap_iface; 2119 2120 if (!iface) 2121 iface = wpa_s->ifmsh; 2122 if (!iface || !iface->bss[0]) 2123 return; 2124 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq); 2125 hostapd_dfs_start_cac(iface, radar->freq, 2126 radar->ht_enabled, radar->chan_offset, 2127 radar->chan_width, radar->cf1, radar->cf2); 2128 } 2129 2130 2131 void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, 2132 struct dfs_event *radar) 2133 { 2134 struct hostapd_iface *iface = wpa_s->ap_iface; 2135 2136 if (!iface) 2137 iface = wpa_s->ifmsh; 2138 if (!iface || !iface->bss[0]) 2139 return; 2140 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 2141 hostapd_dfs_complete_cac(iface, 1, radar->freq, 2142 radar->ht_enabled, radar->chan_offset, 2143 radar->chan_width, radar->cf1, radar->cf2); 2144 } 2145 2146 2147 void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, 2148 struct dfs_event *radar) 2149 { 2150 struct hostapd_iface *iface = wpa_s->ap_iface; 2151 2152 if (!iface) 2153 iface = wpa_s->ifmsh; 2154 if (!iface || !iface->bss[0]) 2155 return; 2156 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 2157 hostapd_dfs_complete_cac(iface, 0, radar->freq, 2158 radar->ht_enabled, radar->chan_offset, 2159 radar->chan_width, radar->cf1, radar->cf2); 2160 } 2161 2162 2163 void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, 2164 struct dfs_event *radar) 2165 { 2166 struct hostapd_iface *iface = wpa_s->ap_iface; 2167 2168 if (!iface) 2169 iface = wpa_s->ifmsh; 2170 if (!iface || !iface->bss[0]) 2171 return; 2172 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 2173 hostapd_dfs_nop_finished(iface, radar->freq, 2174 radar->ht_enabled, radar->chan_offset, 2175 radar->chan_width, radar->cf1, radar->cf2); 2176 } 2177 #endif /* NEED_AP_MLME */ 2178 2179 2180 void ap_periodic(struct wpa_supplicant *wpa_s) 2181 { 2182 if (wpa_s->ap_iface) 2183 hostapd_periodic_iface(wpa_s->ap_iface); 2184 } 2185