1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/uuid.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/wpa_ctrl.h" 17 #include "eapol_supp/eapol_supp_sm.h" 18 #include "crypto/dh_group5.h" 19 #include "ap/hostapd.h" 20 #include "ap/ap_config.h" 21 #include "ap/ap_drv_ops.h" 22 #ifdef NEED_AP_MLME 23 #include "ap/ieee802_11.h" 24 #endif /* NEED_AP_MLME */ 25 #include "ap/beacon.h" 26 #include "ap/ieee802_1x.h" 27 #include "ap/wps_hostapd.h" 28 #include "ap/ctrl_iface_ap.h" 29 #include "ap/dfs.h" 30 #include "wps/wps.h" 31 #include "common/ieee802_11_defs.h" 32 #include "config_ssid.h" 33 #include "config.h" 34 #include "wpa_supplicant_i.h" 35 #include "driver_i.h" 36 #include "p2p_supplicant.h" 37 #include "ap.h" 38 #include "ap/sta_info.h" 39 #include "notify.h" 40 41 42 #ifdef CONFIG_WPS 43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 44 #endif /* CONFIG_WPS */ 45 46 47 #ifdef CONFIG_IEEE80211N 48 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, 49 struct wpa_ssid *ssid, 50 struct hostapd_config *conf, 51 struct hostapd_hw_modes *mode) 52 { 53 #ifdef CONFIG_P2P 54 u8 center_chan = 0; 55 u8 channel = conf->channel; 56 #endif /* CONFIG_P2P */ 57 58 if (!conf->secondary_channel) 59 goto no_vht; 60 61 /* Use the maximum oper channel width if it's given. */ 62 if (ssid->max_oper_chwidth) 63 conf->vht_oper_chwidth = ssid->max_oper_chwidth; 64 65 ieee80211_freq_to_chan(ssid->vht_center_freq2, 66 &conf->vht_oper_centr_freq_seg1_idx); 67 68 if (!ssid->p2p_group) { 69 if (!ssid->vht_center_freq1 || 70 conf->vht_oper_chwidth == VHT_CHANWIDTH_USE_HT) 71 goto no_vht; 72 ieee80211_freq_to_chan(ssid->vht_center_freq1, 73 &conf->vht_oper_centr_freq_seg0_idx); 74 wpa_printf(MSG_DEBUG, "VHT seg0 index %d for AP", 75 conf->vht_oper_centr_freq_seg0_idx); 76 return; 77 } 78 79 #ifdef CONFIG_P2P 80 switch (conf->vht_oper_chwidth) { 81 case VHT_CHANWIDTH_80MHZ: 82 case VHT_CHANWIDTH_80P80MHZ: 83 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); 84 wpa_printf(MSG_DEBUG, 85 "VHT center channel %u for 80 or 80+80 MHz bandwidth", 86 center_chan); 87 break; 88 case VHT_CHANWIDTH_160MHZ: 89 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 90 wpa_printf(MSG_DEBUG, 91 "VHT center channel %u for 160 MHz bandwidth", 92 center_chan); 93 break; 94 default: 95 /* 96 * conf->vht_oper_chwidth might not be set for non-P2P GO cases, 97 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is 98 * not supported. 99 */ 100 conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ; 101 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 102 if (center_chan) { 103 wpa_printf(MSG_DEBUG, 104 "VHT center channel %u for auto-selected 160 MHz bandwidth", 105 center_chan); 106 } else { 107 conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ; 108 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, 109 channel); 110 wpa_printf(MSG_DEBUG, 111 "VHT center channel %u for auto-selected 80 MHz bandwidth", 112 center_chan); 113 } 114 break; 115 } 116 if (!center_chan) 117 goto no_vht; 118 119 conf->vht_oper_centr_freq_seg0_idx = center_chan; 120 wpa_printf(MSG_DEBUG, "VHT seg0 index %d for P2P GO", 121 conf->vht_oper_centr_freq_seg0_idx); 122 return; 123 #endif /* CONFIG_P2P */ 124 125 no_vht: 126 wpa_printf(MSG_DEBUG, 127 "No VHT higher bandwidth support for the selected channel %d", 128 conf->channel); 129 conf->vht_oper_centr_freq_seg0_idx = 130 conf->channel + conf->secondary_channel * 2; 131 conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT; 132 } 133 #endif /* CONFIG_IEEE80211N */ 134 135 136 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, 137 struct wpa_ssid *ssid, 138 struct hostapd_config *conf) 139 { 140 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 141 &conf->channel); 142 143 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 144 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 145 ssid->frequency); 146 return -1; 147 } 148 149 /* TODO: enable HT40 if driver supports it; 150 * drop to 11b if driver does not support 11g */ 151 152 #ifdef CONFIG_IEEE80211N 153 /* 154 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 155 * and a mask of allowed capabilities within conf->ht_capab. 156 * Using default config settings for: conf->ht_op_mode_fixed, 157 * conf->secondary_channel, conf->require_ht 158 */ 159 if (wpa_s->hw.modes) { 160 struct hostapd_hw_modes *mode = NULL; 161 int i, no_ht = 0; 162 163 wpa_printf(MSG_DEBUG, 164 "Determining HT/VHT options based on driver capabilities (freq=%u chan=%u)", 165 ssid->frequency, conf->channel); 166 167 for (i = 0; i < wpa_s->hw.num_modes; i++) { 168 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 169 mode = &wpa_s->hw.modes[i]; 170 break; 171 } 172 } 173 174 #ifdef CONFIG_HT_OVERRIDES 175 if (ssid->disable_ht) 176 ssid->ht = 0; 177 #endif /* CONFIG_HT_OVERRIDES */ 178 179 if (!ssid->ht) { 180 wpa_printf(MSG_DEBUG, 181 "HT not enabled in network profile"); 182 conf->ieee80211n = 0; 183 conf->ht_capab = 0; 184 no_ht = 1; 185 } 186 187 if (!no_ht && mode && mode->ht_capab) { 188 wpa_printf(MSG_DEBUG, 189 "Enable HT support (p2p_group=%d 11a=%d ht40_hw_capab=%d ssid->ht40=%d)", 190 ssid->p2p_group, 191 conf->hw_mode == HOSTAPD_MODE_IEEE80211A, 192 !!(mode->ht_capab & 193 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET), 194 ssid->ht40); 195 conf->ieee80211n = 1; 196 #ifdef CONFIG_P2P 197 if (ssid->p2p_group && 198 conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 199 (mode->ht_capab & 200 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 201 ssid->ht40) { 202 conf->secondary_channel = 203 wpas_p2p_get_ht40_mode(wpa_s, mode, 204 conf->channel); 205 wpa_printf(MSG_DEBUG, 206 "HT secondary channel offset %d for P2P group", 207 conf->secondary_channel); 208 } 209 #endif /* CONFIG_P2P */ 210 211 if (!ssid->p2p_group && 212 (mode->ht_capab & 213 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { 214 conf->secondary_channel = ssid->ht40; 215 wpa_printf(MSG_DEBUG, 216 "HT secondary channel offset %d for AP", 217 conf->secondary_channel); 218 } 219 220 if (conf->secondary_channel) 221 conf->ht_capab |= 222 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 223 224 /* 225 * white-list capabilities that won't cause issues 226 * to connecting stations, while leaving the current 227 * capabilities intact (currently disabled SMPS). 228 */ 229 conf->ht_capab |= mode->ht_capab & 230 (HT_CAP_INFO_GREEN_FIELD | 231 HT_CAP_INFO_SHORT_GI20MHZ | 232 HT_CAP_INFO_SHORT_GI40MHZ | 233 HT_CAP_INFO_RX_STBC_MASK | 234 HT_CAP_INFO_TX_STBC | 235 HT_CAP_INFO_MAX_AMSDU_SIZE); 236 237 if (mode->vht_capab && ssid->vht) { 238 conf->ieee80211ac = 1; 239 conf->vht_capab |= mode->vht_capab; 240 wpas_conf_ap_vht(wpa_s, ssid, conf, mode); 241 } 242 } 243 } 244 245 if (conf->secondary_channel) { 246 struct wpa_supplicant *iface; 247 248 for (iface = wpa_s->global->ifaces; iface; iface = iface->next) 249 { 250 if (iface == wpa_s || 251 iface->wpa_state < WPA_AUTHENTICATING || 252 (int) iface->assoc_freq != ssid->frequency) 253 continue; 254 255 /* 256 * Do not allow 40 MHz co-ex PRI/SEC switch to force us 257 * to change our PRI channel since we have an existing, 258 * concurrent connection on that channel and doing 259 * multi-channel concurrency is likely to cause more 260 * harm than using different PRI/SEC selection in 261 * environment with multiple BSSes on these two channels 262 * with mixed 20 MHz or PRI channel selection. 263 */ 264 conf->no_pri_sec_switch = 1; 265 } 266 } 267 #endif /* CONFIG_IEEE80211N */ 268 269 return 0; 270 } 271 272 273 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 274 struct wpa_ssid *ssid, 275 struct hostapd_config *conf) 276 { 277 struct hostapd_bss_config *bss = conf->bss[0]; 278 279 conf->driver = wpa_s->driver; 280 281 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 282 283 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf)) 284 return -1; 285 286 if (ssid->pbss > 1) { 287 wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode", 288 ssid->pbss); 289 return -1; 290 } 291 bss->pbss = ssid->pbss; 292 293 #ifdef CONFIG_ACS 294 if (ssid->acs) { 295 /* Setting channel to 0 in order to enable ACS */ 296 conf->channel = 0; 297 wpa_printf(MSG_DEBUG, "Use automatic channel selection"); 298 } 299 #endif /* CONFIG_ACS */ 300 301 if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes, 302 wpa_s->hw.num_modes) && wpa_s->conf->country[0]) { 303 conf->ieee80211h = 1; 304 conf->ieee80211d = 1; 305 conf->country[0] = wpa_s->conf->country[0]; 306 conf->country[1] = wpa_s->conf->country[1]; 307 conf->country[2] = ' '; 308 } 309 310 #ifdef CONFIG_P2P 311 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 312 (ssid->mode == WPAS_MODE_P2P_GO || 313 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 314 /* Remove 802.11b rates from supported and basic rate sets */ 315 int *list = os_malloc(4 * sizeof(int)); 316 if (list) { 317 list[0] = 60; 318 list[1] = 120; 319 list[2] = 240; 320 list[3] = -1; 321 } 322 conf->basic_rates = list; 323 324 list = os_malloc(9 * sizeof(int)); 325 if (list) { 326 list[0] = 60; 327 list[1] = 90; 328 list[2] = 120; 329 list[3] = 180; 330 list[4] = 240; 331 list[5] = 360; 332 list[6] = 480; 333 list[7] = 540; 334 list[8] = -1; 335 } 336 conf->supported_rates = list; 337 } 338 339 #ifdef CONFIG_IEEE80211AX 340 if (ssid->mode == WPAS_MODE_P2P_GO || 341 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 342 conf->ieee80211ax = ssid->he; 343 #endif /* CONFIG_IEEE80211AX */ 344 345 bss->isolate = !wpa_s->conf->p2p_intra_bss; 346 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 347 348 if (ssid->p2p_group) { 349 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4); 350 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask, 351 4); 352 os_memcpy(bss->ip_addr_start, 353 wpa_s->p2pdev->conf->ip_addr_start, 4); 354 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end, 355 4); 356 } 357 #endif /* CONFIG_P2P */ 358 359 if (ssid->ssid_len == 0) { 360 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 361 return -1; 362 } 363 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 364 bss->ssid.ssid_len = ssid->ssid_len; 365 bss->ssid.ssid_set = 1; 366 367 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 368 369 if (ssid->auth_alg) 370 bss->auth_algs = ssid->auth_alg; 371 372 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 373 bss->wpa = ssid->proto; 374 if (ssid->key_mgmt == DEFAULT_KEY_MGMT) 375 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK; 376 else 377 bss->wpa_key_mgmt = ssid->key_mgmt; 378 bss->wpa_pairwise = ssid->pairwise_cipher; 379 if (ssid->psk_set) { 380 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk)); 381 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 382 if (bss->ssid.wpa_psk == NULL) 383 return -1; 384 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 385 bss->ssid.wpa_psk->group = 1; 386 bss->ssid.wpa_psk_set = 1; 387 } else if (ssid->passphrase) { 388 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 389 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 390 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 391 struct hostapd_wep_keys *wep = &bss->ssid.wep; 392 int i; 393 for (i = 0; i < NUM_WEP_KEYS; i++) { 394 if (ssid->wep_key_len[i] == 0) 395 continue; 396 wep->key[i] = os_memdup(ssid->wep_key[i], 397 ssid->wep_key_len[i]); 398 if (wep->key[i] == NULL) 399 return -1; 400 wep->len[i] = ssid->wep_key_len[i]; 401 } 402 wep->idx = ssid->wep_tx_keyidx; 403 wep->keys_set = 1; 404 } 405 406 if (wpa_s->conf->go_interworking) { 407 wpa_printf(MSG_DEBUG, 408 "P2P: Enable Interworking with access_network_type: %d", 409 wpa_s->conf->go_access_network_type); 410 bss->interworking = wpa_s->conf->go_interworking; 411 bss->access_network_type = wpa_s->conf->go_access_network_type; 412 bss->internet = wpa_s->conf->go_internet; 413 if (wpa_s->conf->go_venue_group) { 414 wpa_printf(MSG_DEBUG, 415 "P2P: Venue group: %d Venue type: %d", 416 wpa_s->conf->go_venue_group, 417 wpa_s->conf->go_venue_type); 418 bss->venue_group = wpa_s->conf->go_venue_group; 419 bss->venue_type = wpa_s->conf->go_venue_type; 420 bss->venue_info_set = 1; 421 } 422 } 423 424 if (ssid->ap_max_inactivity) 425 bss->ap_max_inactivity = ssid->ap_max_inactivity; 426 427 if (ssid->dtim_period) 428 bss->dtim_period = ssid->dtim_period; 429 else if (wpa_s->conf->dtim_period) 430 bss->dtim_period = wpa_s->conf->dtim_period; 431 432 if (ssid->beacon_int) 433 conf->beacon_int = ssid->beacon_int; 434 else if (wpa_s->conf->beacon_int) 435 conf->beacon_int = wpa_s->conf->beacon_int; 436 437 #ifdef CONFIG_P2P 438 if (ssid->mode == WPAS_MODE_P2P_GO || 439 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 440 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) { 441 wpa_printf(MSG_INFO, 442 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it", 443 wpa_s->conf->p2p_go_ctwindow, 444 conf->beacon_int); 445 conf->p2p_go_ctwindow = 0; 446 } else { 447 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow; 448 } 449 } 450 #endif /* CONFIG_P2P */ 451 452 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 453 bss->rsn_pairwise = bss->wpa_pairwise; 454 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 455 bss->rsn_pairwise); 456 457 if (bss->wpa && bss->ieee802_1x) 458 bss->ssid.security_policy = SECURITY_WPA; 459 else if (bss->wpa) 460 bss->ssid.security_policy = SECURITY_WPA_PSK; 461 else if (bss->ieee802_1x) { 462 int cipher = WPA_CIPHER_NONE; 463 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 464 bss->ssid.wep.default_len = bss->default_wep_key_len; 465 if (bss->default_wep_key_len) 466 cipher = bss->default_wep_key_len >= 13 ? 467 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 468 bss->wpa_group = cipher; 469 bss->wpa_pairwise = cipher; 470 bss->rsn_pairwise = cipher; 471 } else if (bss->ssid.wep.keys_set) { 472 int cipher = WPA_CIPHER_WEP40; 473 if (bss->ssid.wep.len[0] >= 13) 474 cipher = WPA_CIPHER_WEP104; 475 bss->ssid.security_policy = SECURITY_STATIC_WEP; 476 bss->wpa_group = cipher; 477 bss->wpa_pairwise = cipher; 478 bss->rsn_pairwise = cipher; 479 } else { 480 bss->ssid.security_policy = SECURITY_PLAINTEXT; 481 bss->wpa_group = WPA_CIPHER_NONE; 482 bss->wpa_pairwise = WPA_CIPHER_NONE; 483 bss->rsn_pairwise = WPA_CIPHER_NONE; 484 } 485 486 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 487 (bss->wpa_group == WPA_CIPHER_CCMP || 488 bss->wpa_group == WPA_CIPHER_GCMP || 489 bss->wpa_group == WPA_CIPHER_CCMP_256 || 490 bss->wpa_group == WPA_CIPHER_GCMP_256)) { 491 /* 492 * Strong ciphers do not need frequent rekeying, so increase 493 * the default GTK rekeying period to 24 hours. 494 */ 495 bss->wpa_group_rekey = 86400; 496 } 497 498 #ifdef CONFIG_IEEE80211W 499 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) 500 bss->ieee80211w = ssid->ieee80211w; 501 #endif /* CONFIG_IEEE80211W */ 502 503 #ifdef CONFIG_OCV 504 bss->ocv = ssid->ocv; 505 #endif /* CONFIG_OCV */ 506 507 #ifdef CONFIG_WPS 508 /* 509 * Enable WPS by default for open and WPA/WPA2-Personal network, but 510 * require user interaction to actually use it. Only the internal 511 * Registrar is supported. 512 */ 513 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 514 bss->ssid.security_policy != SECURITY_PLAINTEXT) 515 goto no_wps; 516 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 517 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || 518 !(bss->wpa & 2))) 519 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 520 * configuration */ 521 if (ssid->wps_disabled) 522 goto no_wps; 523 bss->eap_server = 1; 524 525 if (!ssid->ignore_broadcast_ssid) 526 bss->wps_state = 2; 527 528 bss->ap_setup_locked = 2; 529 if (wpa_s->conf->config_methods) 530 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 531 os_memcpy(bss->device_type, wpa_s->conf->device_type, 532 WPS_DEV_TYPE_LEN); 533 if (wpa_s->conf->device_name) { 534 bss->device_name = os_strdup(wpa_s->conf->device_name); 535 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 536 } 537 if (wpa_s->conf->manufacturer) 538 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 539 if (wpa_s->conf->model_name) 540 bss->model_name = os_strdup(wpa_s->conf->model_name); 541 if (wpa_s->conf->model_number) 542 bss->model_number = os_strdup(wpa_s->conf->model_number); 543 if (wpa_s->conf->serial_number) 544 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 545 if (is_nil_uuid(wpa_s->conf->uuid)) 546 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 547 else 548 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 549 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 550 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 551 if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE) 552 bss->fragment_size = ssid->eap.fragment_size; 553 no_wps: 554 #endif /* CONFIG_WPS */ 555 556 if (wpa_s->max_stations && 557 wpa_s->max_stations < wpa_s->conf->max_num_sta) 558 bss->max_num_sta = wpa_s->max_stations; 559 else 560 bss->max_num_sta = wpa_s->conf->max_num_sta; 561 562 if (!bss->isolate) 563 bss->isolate = wpa_s->conf->ap_isolate; 564 565 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 566 567 if (wpa_s->conf->ap_vendor_elements) { 568 bss->vendor_elements = 569 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 570 } 571 572 bss->ftm_responder = wpa_s->conf->ftm_responder; 573 bss->ftm_initiator = wpa_s->conf->ftm_initiator; 574 575 return 0; 576 } 577 578 579 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 580 { 581 #ifdef CONFIG_P2P 582 struct wpa_supplicant *wpa_s = ctx; 583 const struct ieee80211_mgmt *mgmt; 584 585 mgmt = (const struct ieee80211_mgmt *) buf; 586 if (len < IEEE80211_HDRLEN + 1) 587 return; 588 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC) 589 return; 590 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 591 mgmt->u.action.category, 592 buf + IEEE80211_HDRLEN + 1, 593 len - IEEE80211_HDRLEN - 1, freq); 594 #endif /* CONFIG_P2P */ 595 } 596 597 598 static void ap_wps_event_cb(void *ctx, enum wps_event event, 599 union wps_event_data *data) 600 { 601 #ifdef CONFIG_P2P 602 struct wpa_supplicant *wpa_s = ctx; 603 604 if (event == WPS_EV_FAIL) { 605 struct wps_event_fail *fail = &data->fail; 606 607 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s && 608 wpa_s == wpa_s->global->p2p_group_formation) { 609 /* 610 * src/ap/wps_hostapd.c has already sent this on the 611 * main interface, so only send on the parent interface 612 * here if needed. 613 */ 614 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL 615 "msg=%d config_error=%d", 616 fail->msg, fail->config_error); 617 } 618 wpas_p2p_wps_failed(wpa_s, fail); 619 } 620 #endif /* CONFIG_P2P */ 621 } 622 623 624 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 625 int authorized, const u8 *p2p_dev_addr) 626 { 627 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 628 } 629 630 631 #ifdef CONFIG_P2P 632 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 633 const u8 *psk, size_t psk_len) 634 { 635 636 struct wpa_supplicant *wpa_s = ctx; 637 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 638 return; 639 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 640 } 641 #endif /* CONFIG_P2P */ 642 643 644 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 645 { 646 #ifdef CONFIG_P2P 647 struct wpa_supplicant *wpa_s = ctx; 648 const struct ieee80211_mgmt *mgmt; 649 650 mgmt = (const struct ieee80211_mgmt *) buf; 651 if (len < IEEE80211_HDRLEN + 1) 652 return -1; 653 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 654 mgmt->u.action.category, 655 buf + IEEE80211_HDRLEN + 1, 656 len - IEEE80211_HDRLEN - 1, freq); 657 #endif /* CONFIG_P2P */ 658 return 0; 659 } 660 661 662 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 663 const u8 *bssid, const u8 *ie, size_t ie_len, 664 int ssi_signal) 665 { 666 struct wpa_supplicant *wpa_s = ctx; 667 unsigned int freq = 0; 668 669 if (wpa_s->ap_iface) 670 freq = wpa_s->ap_iface->freq; 671 672 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 673 freq, ssi_signal); 674 } 675 676 677 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 678 const u8 *uuid_e) 679 { 680 struct wpa_supplicant *wpa_s = ctx; 681 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 682 } 683 684 685 static void wpas_ap_configured_cb(void *ctx) 686 { 687 struct wpa_supplicant *wpa_s = ctx; 688 689 wpa_printf(MSG_DEBUG, "AP interface setup completed - state %s", 690 hostapd_state_text(wpa_s->ap_iface->state)); 691 if (wpa_s->ap_iface->state == HAPD_IFACE_DISABLED) { 692 wpa_supplicant_ap_deinit(wpa_s); 693 return; 694 } 695 696 #ifdef CONFIG_ACS 697 if (wpa_s->current_ssid && wpa_s->current_ssid->acs) { 698 wpa_s->assoc_freq = wpa_s->ap_iface->freq; 699 wpa_s->current_ssid->frequency = wpa_s->ap_iface->freq; 700 } 701 #endif /* CONFIG_ACS */ 702 703 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 704 705 if (wpa_s->ap_configured_cb) 706 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 707 wpa_s->ap_configured_cb_data); 708 } 709 710 711 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 712 struct wpa_ssid *ssid) 713 { 714 struct wpa_driver_associate_params params; 715 struct hostapd_iface *hapd_iface; 716 struct hostapd_config *conf; 717 size_t i; 718 719 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 720 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 721 return -1; 722 } 723 724 wpa_supplicant_ap_deinit(wpa_s); 725 726 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 727 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 728 729 os_memset(¶ms, 0, sizeof(params)); 730 params.ssid = ssid->ssid; 731 params.ssid_len = ssid->ssid_len; 732 switch (ssid->mode) { 733 case WPAS_MODE_AP: 734 case WPAS_MODE_P2P_GO: 735 case WPAS_MODE_P2P_GROUP_FORMATION: 736 params.mode = IEEE80211_MODE_AP; 737 break; 738 default: 739 return -1; 740 } 741 if (ssid->frequency == 0) 742 ssid->frequency = 2462; /* default channel 11 */ 743 params.freq.freq = ssid->frequency; 744 745 params.wpa_proto = ssid->proto; 746 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 747 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 748 else 749 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 750 params.key_mgmt_suite = wpa_s->key_mgmt; 751 752 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 753 1); 754 if (wpa_s->pairwise_cipher < 0) { 755 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 756 "cipher."); 757 return -1; 758 } 759 params.pairwise_suite = wpa_s->pairwise_cipher; 760 params.group_suite = params.pairwise_suite; 761 762 #ifdef CONFIG_P2P 763 if (ssid->mode == WPAS_MODE_P2P_GO || 764 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 765 params.p2p = 1; 766 #endif /* CONFIG_P2P */ 767 768 if (wpa_s->p2pdev->set_ap_uapsd) 769 params.uapsd = wpa_s->p2pdev->ap_uapsd; 770 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD)) 771 params.uapsd = 1; /* mandatory for P2P GO */ 772 else 773 params.uapsd = -1; 774 775 if (ieee80211_is_dfs(params.freq.freq, wpa_s->hw.modes, 776 wpa_s->hw.num_modes)) 777 params.freq.freq = 0; /* set channel after CAC */ 778 779 if (params.p2p) 780 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO); 781 else 782 wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS); 783 784 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 785 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 786 return -1; 787 } 788 789 wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface(); 790 if (hapd_iface == NULL) 791 return -1; 792 hapd_iface->owner = wpa_s; 793 hapd_iface->drv_flags = wpa_s->drv_flags; 794 hapd_iface->smps_modes = wpa_s->drv_smps_modes; 795 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 796 hapd_iface->extended_capa = wpa_s->extended_capa; 797 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 798 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 799 800 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 801 if (conf == NULL) { 802 wpa_supplicant_ap_deinit(wpa_s); 803 return -1; 804 } 805 806 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 807 wpa_s->conf->wmm_ac_params, 808 sizeof(wpa_s->conf->wmm_ac_params)); 809 810 if (params.uapsd > 0) { 811 conf->bss[0]->wmm_enabled = 1; 812 conf->bss[0]->wmm_uapsd = 1; 813 } 814 815 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 816 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 817 wpa_supplicant_ap_deinit(wpa_s); 818 return -1; 819 } 820 821 #ifdef CONFIG_P2P 822 if (ssid->mode == WPAS_MODE_P2P_GO) 823 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 824 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 825 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 826 P2P_GROUP_FORMATION; 827 #endif /* CONFIG_P2P */ 828 829 hapd_iface->num_bss = conf->num_bss; 830 hapd_iface->bss = os_calloc(conf->num_bss, 831 sizeof(struct hostapd_data *)); 832 if (hapd_iface->bss == NULL) { 833 wpa_supplicant_ap_deinit(wpa_s); 834 return -1; 835 } 836 837 for (i = 0; i < conf->num_bss; i++) { 838 hapd_iface->bss[i] = 839 hostapd_alloc_bss_data(hapd_iface, conf, 840 conf->bss[i]); 841 if (hapd_iface->bss[i] == NULL) { 842 wpa_supplicant_ap_deinit(wpa_s); 843 return -1; 844 } 845 846 hapd_iface->bss[i]->msg_ctx = wpa_s; 847 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev; 848 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 849 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 850 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 851 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 852 hostapd_register_probereq_cb(hapd_iface->bss[i], 853 ap_probe_req_rx, wpa_s); 854 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 855 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 856 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 857 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 858 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 859 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 860 #ifdef CONFIG_P2P 861 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 862 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 863 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 864 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 865 ssid); 866 #endif /* CONFIG_P2P */ 867 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 868 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 869 #ifdef CONFIG_TESTING_OPTIONS 870 hapd_iface->bss[i]->ext_eapol_frame_io = 871 wpa_s->ext_eapol_frame_io; 872 #endif /* CONFIG_TESTING_OPTIONS */ 873 } 874 875 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 876 hapd_iface->bss[0]->driver = wpa_s->driver; 877 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 878 879 wpa_s->current_ssid = ssid; 880 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 881 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 882 wpa_s->assoc_freq = ssid->frequency; 883 884 #if defined(CONFIG_P2P) && defined(CONFIG_ACS) 885 if (wpa_s->p2p_go_do_acs) { 886 wpa_s->ap_iface->conf->channel = 0; 887 wpa_s->ap_iface->conf->hw_mode = wpa_s->p2p_go_acs_band; 888 ssid->acs = 1; 889 } 890 #endif /* CONFIG_P2P && CONFIG_ACS */ 891 892 if (hostapd_setup_interface(wpa_s->ap_iface)) { 893 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 894 wpa_supplicant_ap_deinit(wpa_s); 895 return -1; 896 } 897 898 return 0; 899 } 900 901 902 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 903 { 904 #ifdef CONFIG_WPS 905 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 906 #endif /* CONFIG_WPS */ 907 908 if (wpa_s->ap_iface == NULL) 909 return; 910 911 wpa_s->current_ssid = NULL; 912 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 913 wpa_s->assoc_freq = 0; 914 wpas_p2p_ap_deinit(wpa_s); 915 wpa_s->ap_iface->driver_ap_teardown = 916 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 917 918 hostapd_interface_deinit(wpa_s->ap_iface); 919 hostapd_interface_free(wpa_s->ap_iface); 920 wpa_s->ap_iface = NULL; 921 wpa_drv_deinit_ap(wpa_s); 922 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 923 " reason=%d locally_generated=1", 924 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING); 925 } 926 927 928 void ap_tx_status(void *ctx, const u8 *addr, 929 const u8 *buf, size_t len, int ack) 930 { 931 #ifdef NEED_AP_MLME 932 struct wpa_supplicant *wpa_s = ctx; 933 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 934 #endif /* NEED_AP_MLME */ 935 } 936 937 938 void ap_eapol_tx_status(void *ctx, const u8 *dst, 939 const u8 *data, size_t len, int ack) 940 { 941 #ifdef NEED_AP_MLME 942 struct wpa_supplicant *wpa_s = ctx; 943 if (!wpa_s->ap_iface) 944 return; 945 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 946 #endif /* NEED_AP_MLME */ 947 } 948 949 950 void ap_client_poll_ok(void *ctx, const u8 *addr) 951 { 952 #ifdef NEED_AP_MLME 953 struct wpa_supplicant *wpa_s = ctx; 954 if (wpa_s->ap_iface) 955 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 956 #endif /* NEED_AP_MLME */ 957 } 958 959 960 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 961 { 962 #ifdef NEED_AP_MLME 963 struct wpa_supplicant *wpa_s = ctx; 964 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 965 #endif /* NEED_AP_MLME */ 966 } 967 968 969 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 970 { 971 #ifdef NEED_AP_MLME 972 struct wpa_supplicant *wpa_s = ctx; 973 struct hostapd_frame_info fi; 974 os_memset(&fi, 0, sizeof(fi)); 975 fi.datarate = rx_mgmt->datarate; 976 fi.ssi_signal = rx_mgmt->ssi_signal; 977 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 978 rx_mgmt->frame_len, &fi); 979 #endif /* NEED_AP_MLME */ 980 } 981 982 983 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 984 { 985 #ifdef NEED_AP_MLME 986 struct wpa_supplicant *wpa_s = ctx; 987 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 988 #endif /* NEED_AP_MLME */ 989 } 990 991 992 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 993 const u8 *src_addr, const u8 *buf, size_t len) 994 { 995 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 996 } 997 998 999 #ifdef CONFIG_WPS 1000 1001 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 1002 const u8 *p2p_dev_addr) 1003 { 1004 if (!wpa_s->ap_iface) 1005 return -1; 1006 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 1007 p2p_dev_addr); 1008 } 1009 1010 1011 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 1012 { 1013 struct wps_registrar *reg; 1014 int reg_sel = 0, wps_sta = 0; 1015 1016 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 1017 return -1; 1018 1019 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 1020 reg_sel = wps_registrar_wps_cancel(reg); 1021 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 1022 ap_sta_wps_cancel, NULL); 1023 1024 if (!reg_sel && !wps_sta) { 1025 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 1026 "time"); 1027 return -1; 1028 } 1029 1030 /* 1031 * There are 2 cases to return wps cancel as success: 1032 * 1. When wps cancel was initiated but no connection has been 1033 * established with client yet. 1034 * 2. Client is in the middle of exchanging WPS messages. 1035 */ 1036 1037 return 0; 1038 } 1039 1040 1041 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 1042 const char *pin, char *buf, size_t buflen, 1043 int timeout) 1044 { 1045 int ret, ret_len = 0; 1046 1047 if (!wpa_s->ap_iface) 1048 return -1; 1049 1050 if (pin == NULL) { 1051 unsigned int rpin; 1052 1053 if (wps_generate_pin(&rpin) < 0) 1054 return -1; 1055 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 1056 if (os_snprintf_error(buflen, ret_len)) 1057 return -1; 1058 pin = buf; 1059 } else if (buf) { 1060 ret_len = os_snprintf(buf, buflen, "%s", pin); 1061 if (os_snprintf_error(buflen, ret_len)) 1062 return -1; 1063 } 1064 1065 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 1066 timeout); 1067 if (ret) 1068 return -1; 1069 return ret_len; 1070 } 1071 1072 1073 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 1074 { 1075 struct wpa_supplicant *wpa_s = eloop_data; 1076 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 1077 wpas_wps_ap_pin_disable(wpa_s); 1078 } 1079 1080 1081 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 1082 { 1083 struct hostapd_data *hapd; 1084 1085 if (wpa_s->ap_iface == NULL) 1086 return; 1087 hapd = wpa_s->ap_iface->bss[0]; 1088 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 1089 hapd->ap_pin_failures = 0; 1090 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1091 if (timeout > 0) 1092 eloop_register_timeout(timeout, 0, 1093 wpas_wps_ap_pin_timeout, wpa_s, NULL); 1094 } 1095 1096 1097 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 1098 { 1099 struct hostapd_data *hapd; 1100 1101 if (wpa_s->ap_iface == NULL) 1102 return; 1103 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 1104 hapd = wpa_s->ap_iface->bss[0]; 1105 os_free(hapd->conf->ap_pin); 1106 hapd->conf->ap_pin = NULL; 1107 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1108 } 1109 1110 1111 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 1112 { 1113 struct hostapd_data *hapd; 1114 unsigned int pin; 1115 char pin_txt[9]; 1116 1117 if (wpa_s->ap_iface == NULL) 1118 return NULL; 1119 hapd = wpa_s->ap_iface->bss[0]; 1120 if (wps_generate_pin(&pin) < 0) 1121 return NULL; 1122 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 1123 os_free(hapd->conf->ap_pin); 1124 hapd->conf->ap_pin = os_strdup(pin_txt); 1125 if (hapd->conf->ap_pin == NULL) 1126 return NULL; 1127 wpas_wps_ap_pin_enable(wpa_s, timeout); 1128 1129 return hapd->conf->ap_pin; 1130 } 1131 1132 1133 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 1134 { 1135 struct hostapd_data *hapd; 1136 if (wpa_s->ap_iface == NULL) 1137 return NULL; 1138 hapd = wpa_s->ap_iface->bss[0]; 1139 return hapd->conf->ap_pin; 1140 } 1141 1142 1143 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 1144 int timeout) 1145 { 1146 struct hostapd_data *hapd; 1147 char pin_txt[9]; 1148 int ret; 1149 1150 if (wpa_s->ap_iface == NULL) 1151 return -1; 1152 hapd = wpa_s->ap_iface->bss[0]; 1153 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 1154 if (os_snprintf_error(sizeof(pin_txt), ret)) 1155 return -1; 1156 os_free(hapd->conf->ap_pin); 1157 hapd->conf->ap_pin = os_strdup(pin_txt); 1158 if (hapd->conf->ap_pin == NULL) 1159 return -1; 1160 wpas_wps_ap_pin_enable(wpa_s, timeout); 1161 1162 return 0; 1163 } 1164 1165 1166 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 1167 { 1168 struct hostapd_data *hapd; 1169 1170 if (wpa_s->ap_iface == NULL) 1171 return; 1172 hapd = wpa_s->ap_iface->bss[0]; 1173 1174 /* 1175 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 1176 * PIN if this happens multiple times to slow down brute force attacks. 1177 */ 1178 hapd->ap_pin_failures++; 1179 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 1180 hapd->ap_pin_failures); 1181 if (hapd->ap_pin_failures < 3) 1182 return; 1183 1184 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 1185 hapd->ap_pin_failures = 0; 1186 os_free(hapd->conf->ap_pin); 1187 hapd->conf->ap_pin = NULL; 1188 } 1189 1190 1191 #ifdef CONFIG_WPS_NFC 1192 1193 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 1194 int ndef) 1195 { 1196 struct hostapd_data *hapd; 1197 1198 if (wpa_s->ap_iface == NULL) 1199 return NULL; 1200 hapd = wpa_s->ap_iface->bss[0]; 1201 return hostapd_wps_nfc_config_token(hapd, ndef); 1202 } 1203 1204 1205 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 1206 int ndef) 1207 { 1208 struct hostapd_data *hapd; 1209 1210 if (wpa_s->ap_iface == NULL) 1211 return NULL; 1212 hapd = wpa_s->ap_iface->bss[0]; 1213 return hostapd_wps_nfc_hs_cr(hapd, ndef); 1214 } 1215 1216 1217 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s, 1218 const struct wpabuf *req, 1219 const struct wpabuf *sel) 1220 { 1221 struct hostapd_data *hapd; 1222 1223 if (wpa_s->ap_iface == NULL) 1224 return -1; 1225 hapd = wpa_s->ap_iface->bss[0]; 1226 return hostapd_wps_nfc_report_handover(hapd, req, sel); 1227 } 1228 1229 #endif /* CONFIG_WPS_NFC */ 1230 1231 #endif /* CONFIG_WPS */ 1232 1233 1234 #ifdef CONFIG_CTRL_IFACE 1235 1236 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 1237 char *buf, size_t buflen) 1238 { 1239 struct hostapd_data *hapd; 1240 1241 if (wpa_s->ap_iface) 1242 hapd = wpa_s->ap_iface->bss[0]; 1243 else if (wpa_s->ifmsh) 1244 hapd = wpa_s->ifmsh->bss[0]; 1245 else 1246 return -1; 1247 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen); 1248 } 1249 1250 1251 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 1252 char *buf, size_t buflen) 1253 { 1254 struct hostapd_data *hapd; 1255 1256 if (wpa_s->ap_iface) 1257 hapd = wpa_s->ap_iface->bss[0]; 1258 else if (wpa_s->ifmsh) 1259 hapd = wpa_s->ifmsh->bss[0]; 1260 else 1261 return -1; 1262 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen); 1263 } 1264 1265 1266 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 1267 char *buf, size_t buflen) 1268 { 1269 struct hostapd_data *hapd; 1270 1271 if (wpa_s->ap_iface) 1272 hapd = wpa_s->ap_iface->bss[0]; 1273 else if (wpa_s->ifmsh) 1274 hapd = wpa_s->ifmsh->bss[0]; 1275 else 1276 return -1; 1277 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen); 1278 } 1279 1280 1281 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 1282 const char *txtaddr) 1283 { 1284 if (wpa_s->ap_iface == NULL) 1285 return -1; 1286 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 1287 txtaddr); 1288 } 1289 1290 1291 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 1292 const char *txtaddr) 1293 { 1294 if (wpa_s->ap_iface == NULL) 1295 return -1; 1296 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 1297 txtaddr); 1298 } 1299 1300 1301 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 1302 size_t buflen, int verbose) 1303 { 1304 char *pos = buf, *end = buf + buflen; 1305 int ret; 1306 struct hostapd_bss_config *conf; 1307 1308 if (wpa_s->ap_iface == NULL) 1309 return -1; 1310 1311 conf = wpa_s->ap_iface->bss[0]->conf; 1312 if (conf->wpa == 0) 1313 return 0; 1314 1315 ret = os_snprintf(pos, end - pos, 1316 "pairwise_cipher=%s\n" 1317 "group_cipher=%s\n" 1318 "key_mgmt=%s\n", 1319 wpa_cipher_txt(conf->rsn_pairwise), 1320 wpa_cipher_txt(conf->wpa_group), 1321 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 1322 conf->wpa)); 1323 if (os_snprintf_error(end - pos, ret)) 1324 return pos - buf; 1325 pos += ret; 1326 return pos - buf; 1327 } 1328 1329 #endif /* CONFIG_CTRL_IFACE */ 1330 1331 1332 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1333 { 1334 struct hostapd_iface *iface = wpa_s->ap_iface; 1335 struct wpa_ssid *ssid = wpa_s->current_ssid; 1336 struct hostapd_data *hapd; 1337 1338 if (ssid == NULL || wpa_s->ap_iface == NULL || 1339 ssid->mode == WPAS_MODE_INFRA || 1340 ssid->mode == WPAS_MODE_IBSS) 1341 return -1; 1342 1343 #ifdef CONFIG_P2P 1344 if (ssid->mode == WPAS_MODE_P2P_GO) 1345 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1346 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1347 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1348 P2P_GROUP_FORMATION; 1349 #endif /* CONFIG_P2P */ 1350 1351 hapd = iface->bss[0]; 1352 if (hapd->drv_priv == NULL) 1353 return -1; 1354 ieee802_11_set_beacons(iface); 1355 hostapd_set_ap_wps_ie(hapd); 1356 1357 return 0; 1358 } 1359 1360 1361 int ap_switch_channel(struct wpa_supplicant *wpa_s, 1362 struct csa_settings *settings) 1363 { 1364 #ifdef NEED_AP_MLME 1365 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1366 return -1; 1367 1368 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings); 1369 #else /* NEED_AP_MLME */ 1370 return -1; 1371 #endif /* NEED_AP_MLME */ 1372 } 1373 1374 1375 #ifdef CONFIG_CTRL_IFACE 1376 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos) 1377 { 1378 struct csa_settings settings; 1379 int ret = hostapd_parse_csa_settings(pos, &settings); 1380 1381 if (ret) 1382 return ret; 1383 1384 return ap_switch_channel(wpa_s, &settings); 1385 } 1386 #endif /* CONFIG_CTRL_IFACE */ 1387 1388 1389 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1390 int offset, int width, int cf1, int cf2) 1391 { 1392 struct hostapd_iface *iface = wpa_s->ap_iface; 1393 1394 if (!iface) 1395 iface = wpa_s->ifmsh; 1396 if (!iface) 1397 return; 1398 wpa_s->assoc_freq = freq; 1399 if (wpa_s->current_ssid) 1400 wpa_s->current_ssid->frequency = freq; 1401 hostapd_event_ch_switch(iface->bss[0], freq, ht, 1402 offset, width, cf1, cf2); 1403 } 1404 1405 1406 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1407 const u8 *addr) 1408 { 1409 struct hostapd_data *hapd; 1410 struct hostapd_bss_config *conf; 1411 1412 if (!wpa_s->ap_iface) 1413 return -1; 1414 1415 if (addr) 1416 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1417 MAC2STR(addr)); 1418 else 1419 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1420 1421 hapd = wpa_s->ap_iface->bss[0]; 1422 conf = hapd->conf; 1423 1424 os_free(conf->accept_mac); 1425 conf->accept_mac = NULL; 1426 conf->num_accept_mac = 0; 1427 os_free(conf->deny_mac); 1428 conf->deny_mac = NULL; 1429 conf->num_deny_mac = 0; 1430 1431 if (addr == NULL) { 1432 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1433 return 0; 1434 } 1435 1436 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1437 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1438 if (conf->accept_mac == NULL) 1439 return -1; 1440 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1441 conf->num_accept_mac = 1; 1442 1443 return 0; 1444 } 1445 1446 1447 #ifdef CONFIG_WPS_NFC 1448 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id, 1449 const struct wpabuf *pw, const u8 *pubkey_hash) 1450 { 1451 struct hostapd_data *hapd; 1452 struct wps_context *wps; 1453 1454 if (!wpa_s->ap_iface) 1455 return -1; 1456 hapd = wpa_s->ap_iface->bss[0]; 1457 wps = hapd->wps; 1458 1459 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL || 1460 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) { 1461 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known"); 1462 return -1; 1463 } 1464 1465 dh5_free(wps->dh_ctx); 1466 wpabuf_free(wps->dh_pubkey); 1467 wpabuf_free(wps->dh_privkey); 1468 wps->dh_privkey = wpabuf_dup( 1469 wpa_s->p2pdev->conf->wps_nfc_dh_privkey); 1470 wps->dh_pubkey = wpabuf_dup( 1471 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey); 1472 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) { 1473 wps->dh_ctx = NULL; 1474 wpabuf_free(wps->dh_pubkey); 1475 wps->dh_pubkey = NULL; 1476 wpabuf_free(wps->dh_privkey); 1477 wps->dh_privkey = NULL; 1478 return -1; 1479 } 1480 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey); 1481 if (wps->dh_ctx == NULL) 1482 return -1; 1483 1484 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash, 1485 pw_id, 1486 pw ? wpabuf_head(pw) : NULL, 1487 pw ? wpabuf_len(pw) : 0, 1); 1488 } 1489 #endif /* CONFIG_WPS_NFC */ 1490 1491 1492 #ifdef CONFIG_CTRL_IFACE 1493 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s) 1494 { 1495 struct hostapd_data *hapd; 1496 1497 if (!wpa_s->ap_iface) 1498 return -1; 1499 hapd = wpa_s->ap_iface->bss[0]; 1500 return hostapd_ctrl_iface_stop_ap(hapd); 1501 } 1502 1503 1504 int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, 1505 size_t len) 1506 { 1507 size_t reply_len = 0, i; 1508 char ap_delimiter[] = "---- AP ----\n"; 1509 char mesh_delimiter[] = "---- mesh ----\n"; 1510 size_t dlen; 1511 1512 if (wpa_s->ap_iface) { 1513 dlen = os_strlen(ap_delimiter); 1514 if (dlen > len - reply_len) 1515 return reply_len; 1516 os_memcpy(&buf[reply_len], ap_delimiter, dlen); 1517 reply_len += dlen; 1518 1519 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { 1520 reply_len += hostapd_ctrl_iface_pmksa_list( 1521 wpa_s->ap_iface->bss[i], 1522 &buf[reply_len], len - reply_len); 1523 } 1524 } 1525 1526 if (wpa_s->ifmsh) { 1527 dlen = os_strlen(mesh_delimiter); 1528 if (dlen > len - reply_len) 1529 return reply_len; 1530 os_memcpy(&buf[reply_len], mesh_delimiter, dlen); 1531 reply_len += dlen; 1532 1533 reply_len += hostapd_ctrl_iface_pmksa_list( 1534 wpa_s->ifmsh->bss[0], &buf[reply_len], 1535 len - reply_len); 1536 } 1537 1538 return reply_len; 1539 } 1540 1541 1542 void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 1543 { 1544 size_t i; 1545 1546 if (wpa_s->ap_iface) { 1547 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) 1548 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]); 1549 } 1550 1551 if (wpa_s->ifmsh) 1552 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); 1553 } 1554 1555 1556 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 1557 #ifdef CONFIG_MESH 1558 1559 int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr, 1560 char *buf, size_t len) 1561 { 1562 return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr, 1563 &buf[0], len); 1564 } 1565 1566 1567 int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd) 1568 { 1569 struct external_pmksa_cache *entry; 1570 void *pmksa_cache; 1571 1572 pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr, 1573 cmd); 1574 if (!pmksa_cache) 1575 return -1; 1576 1577 entry = os_zalloc(sizeof(struct external_pmksa_cache)); 1578 if (!entry) 1579 return -1; 1580 1581 entry->pmksa_cache = pmksa_cache; 1582 1583 dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list); 1584 1585 return 0; 1586 } 1587 1588 #endif /* CONFIG_MESH */ 1589 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 1590 1591 #endif /* CONFIG_CTRL_IFACE */ 1592 1593 1594 #ifdef NEED_AP_MLME 1595 void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, 1596 struct dfs_event *radar) 1597 { 1598 struct hostapd_iface *iface = wpa_s->ap_iface; 1599 1600 if (!iface) 1601 iface = wpa_s->ifmsh; 1602 if (!iface || !iface->bss[0]) 1603 return; 1604 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 1605 hostapd_dfs_radar_detected(iface, radar->freq, 1606 radar->ht_enabled, radar->chan_offset, 1607 radar->chan_width, 1608 radar->cf1, radar->cf2); 1609 } 1610 1611 1612 void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s, 1613 struct dfs_event *radar) 1614 { 1615 struct hostapd_iface *iface = wpa_s->ap_iface; 1616 1617 if (!iface) 1618 iface = wpa_s->ifmsh; 1619 if (!iface || !iface->bss[0]) 1620 return; 1621 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq); 1622 hostapd_dfs_start_cac(iface, radar->freq, 1623 radar->ht_enabled, radar->chan_offset, 1624 radar->chan_width, radar->cf1, radar->cf2); 1625 } 1626 1627 1628 void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, 1629 struct dfs_event *radar) 1630 { 1631 struct hostapd_iface *iface = wpa_s->ap_iface; 1632 1633 if (!iface) 1634 iface = wpa_s->ifmsh; 1635 if (!iface || !iface->bss[0]) 1636 return; 1637 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 1638 hostapd_dfs_complete_cac(iface, 1, radar->freq, 1639 radar->ht_enabled, radar->chan_offset, 1640 radar->chan_width, radar->cf1, radar->cf2); 1641 } 1642 1643 1644 void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, 1645 struct dfs_event *radar) 1646 { 1647 struct hostapd_iface *iface = wpa_s->ap_iface; 1648 1649 if (!iface) 1650 iface = wpa_s->ifmsh; 1651 if (!iface || !iface->bss[0]) 1652 return; 1653 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 1654 hostapd_dfs_complete_cac(iface, 0, radar->freq, 1655 radar->ht_enabled, radar->chan_offset, 1656 radar->chan_width, radar->cf1, radar->cf2); 1657 } 1658 1659 1660 void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, 1661 struct dfs_event *radar) 1662 { 1663 struct hostapd_iface *iface = wpa_s->ap_iface; 1664 1665 if (!iface) 1666 iface = wpa_s->ifmsh; 1667 if (!iface || !iface->bss[0]) 1668 return; 1669 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 1670 hostapd_dfs_nop_finished(iface, radar->freq, 1671 radar->ht_enabled, radar->chan_offset, 1672 radar->chan_width, radar->cf1, radar->cf2); 1673 } 1674 #endif /* NEED_AP_MLME */ 1675 1676 1677 void ap_periodic(struct wpa_supplicant *wpa_s) 1678 { 1679 if (wpa_s->ap_iface) 1680 hostapd_periodic_iface(wpa_s->ap_iface); 1681 } 1682