1 /* 2 * wpa_supplicant - DPP 3 * Copyright (c) 2017, Qualcomm Atheros, Inc. 4 * Copyright (c) 2018-2020, The Linux Foundation 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/ip_addr.h" 15 #include "utils/base64.h" 16 #include "common/dpp.h" 17 #include "common/gas.h" 18 #include "common/gas_server.h" 19 #include "rsn_supp/wpa.h" 20 #include "rsn_supp/pmksa_cache.h" 21 #include "wpa_supplicant_i.h" 22 #include "config.h" 23 #include "driver_i.h" 24 #include "offchannel.h" 25 #include "gas_query.h" 26 #include "bss.h" 27 #include "scan.h" 28 #include "notify.h" 29 #include "dpp_supplicant.h" 30 31 32 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s, 33 unsigned int freq); 34 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx); 35 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx); 36 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator); 37 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s, 38 unsigned int freq, const u8 *dst, 39 const u8 *src, const u8 *bssid, 40 const u8 *data, size_t data_len, 41 enum offchannel_send_action_result result); 42 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx); 43 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s); 44 static void 45 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s, 46 unsigned int freq, const u8 *dst, 47 const u8 *src, const u8 *bssid, 48 const u8 *data, size_t data_len, 49 enum offchannel_send_action_result result); 50 #ifdef CONFIG_DPP2 51 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx, 52 void *timeout_ctx); 53 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s); 54 static int wpas_dpp_process_conf_obj(void *ctx, 55 struct dpp_authentication *auth); 56 #endif /* CONFIG_DPP2 */ 57 58 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 59 60 /* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only 61 * a single transaction in progress at any point in time. */ 62 static const u8 TRANSACTION_ID = 1; 63 64 65 /** 66 * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code 67 * @wpa_s: Pointer to wpa_supplicant data 68 * @cmd: DPP URI read from a QR Code 69 * Returns: Identifier of the stored info or -1 on failure 70 */ 71 int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd) 72 { 73 struct dpp_bootstrap_info *bi; 74 struct dpp_authentication *auth = wpa_s->dpp_auth; 75 76 bi = dpp_add_qr_code(wpa_s->dpp, cmd); 77 if (!bi) 78 return -1; 79 80 if (auth && auth->response_pending && 81 dpp_notify_new_qr_code(auth, bi) == 1) { 82 wpa_printf(MSG_DEBUG, 83 "DPP: Sending out pending authentication response"); 84 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 85 " freq=%u type=%d", 86 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 87 DPP_PA_AUTHENTICATION_RESP); 88 offchannel_send_action(wpa_s, auth->curr_freq, 89 auth->peer_mac_addr, wpa_s->own_addr, 90 broadcast, 91 wpabuf_head(auth->resp_msg), 92 wpabuf_len(auth->resp_msg), 93 500, wpas_dpp_tx_status, 0); 94 } 95 96 #ifdef CONFIG_DPP2 97 dpp_controller_new_qr_code(wpa_s->dpp, bi); 98 #endif /* CONFIG_DPP2 */ 99 100 return bi->id; 101 } 102 103 104 /** 105 * wpas_dpp_nfc_uri - Parse and add DPP bootstrapping info from NFC Tag (URI) 106 * @wpa_s: Pointer to wpa_supplicant data 107 * @cmd: DPP URI read from a NFC Tag (URI NDEF message) 108 * Returns: Identifier of the stored info or -1 on failure 109 */ 110 int wpas_dpp_nfc_uri(struct wpa_supplicant *wpa_s, const char *cmd) 111 { 112 struct dpp_bootstrap_info *bi; 113 114 bi = dpp_add_nfc_uri(wpa_s->dpp, cmd); 115 if (!bi) 116 return -1; 117 118 return bi->id; 119 } 120 121 122 int wpas_dpp_nfc_handover_req(struct wpa_supplicant *wpa_s, const char *cmd) 123 { 124 const char *pos; 125 struct dpp_bootstrap_info *peer_bi, *own_bi; 126 127 pos = os_strstr(cmd, " own="); 128 if (!pos) 129 return -1; 130 pos += 5; 131 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 132 if (!own_bi) 133 return -1; 134 own_bi->nfc_negotiated = 1; 135 136 pos = os_strstr(cmd, " uri="); 137 if (!pos) 138 return -1; 139 pos += 5; 140 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos); 141 if (!peer_bi) { 142 wpa_printf(MSG_INFO, 143 "DPP: Failed to parse URI from NFC Handover Request"); 144 return -1; 145 } 146 147 if (dpp_nfc_update_bi(own_bi, peer_bi) < 0) 148 return -1; 149 150 return peer_bi->id; 151 } 152 153 154 int wpas_dpp_nfc_handover_sel(struct wpa_supplicant *wpa_s, const char *cmd) 155 { 156 const char *pos; 157 struct dpp_bootstrap_info *peer_bi, *own_bi; 158 159 pos = os_strstr(cmd, " own="); 160 if (!pos) 161 return -1; 162 pos += 5; 163 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 164 if (!own_bi) 165 return -1; 166 own_bi->nfc_negotiated = 1; 167 168 pos = os_strstr(cmd, " uri="); 169 if (!pos) 170 return -1; 171 pos += 5; 172 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos); 173 if (!peer_bi) { 174 wpa_printf(MSG_INFO, 175 "DPP: Failed to parse URI from NFC Handover Select"); 176 return -1; 177 } 178 179 if (peer_bi->curve != own_bi->curve) { 180 wpa_printf(MSG_INFO, 181 "DPP: Peer (NFC Handover Selector) used different curve"); 182 return -1; 183 } 184 185 return peer_bi->id; 186 } 187 188 189 static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx) 190 { 191 struct wpa_supplicant *wpa_s = eloop_ctx; 192 struct dpp_authentication *auth = wpa_s->dpp_auth; 193 194 if (!auth || !auth->resp_msg) 195 return; 196 197 wpa_printf(MSG_DEBUG, 198 "DPP: Retry Authentication Response after timeout"); 199 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 200 " freq=%u type=%d", 201 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 202 DPP_PA_AUTHENTICATION_RESP); 203 offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr, 204 wpa_s->own_addr, broadcast, 205 wpabuf_head(auth->resp_msg), 206 wpabuf_len(auth->resp_msg), 207 500, wpas_dpp_tx_status, 0); 208 } 209 210 211 static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s) 212 { 213 struct dpp_authentication *auth = wpa_s->dpp_auth; 214 unsigned int wait_time, max_tries; 215 216 if (!auth || !auth->resp_msg) 217 return; 218 219 if (wpa_s->dpp_resp_max_tries) 220 max_tries = wpa_s->dpp_resp_max_tries; 221 else 222 max_tries = 5; 223 auth->auth_resp_tries++; 224 if (auth->auth_resp_tries >= max_tries) { 225 wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange"); 226 offchannel_send_action_done(wpa_s); 227 dpp_auth_deinit(wpa_s->dpp_auth); 228 wpa_s->dpp_auth = NULL; 229 return; 230 } 231 232 if (wpa_s->dpp_resp_retry_time) 233 wait_time = wpa_s->dpp_resp_retry_time; 234 else 235 wait_time = 1000; 236 wpa_printf(MSG_DEBUG, 237 "DPP: Schedule retransmission of Authentication Response frame in %u ms", 238 wait_time); 239 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 240 eloop_register_timeout(wait_time / 1000, 241 (wait_time % 1000) * 1000, 242 wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 243 } 244 245 246 static void wpas_dpp_try_to_connect(struct wpa_supplicant *wpa_s) 247 { 248 wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network"); 249 wpa_s->suitable_network = 0; 250 wpa_s->no_suitable_network = 0; 251 wpa_s->disconnected = 0; 252 wpa_s->reassociate = 1; 253 wpa_s->scan_runs = 0; 254 wpa_s->normal_scans = 0; 255 wpa_supplicant_cancel_sched_scan(wpa_s); 256 wpa_supplicant_req_scan(wpa_s, 0, 0); 257 } 258 259 260 #ifdef CONFIG_DPP2 261 262 static void wpas_dpp_stop_listen_for_tx(struct wpa_supplicant *wpa_s, 263 unsigned int freq, 264 unsigned int wait_time) 265 { 266 struct os_reltime now, res; 267 unsigned int remaining; 268 269 if (!wpa_s->dpp_listen_freq) 270 return; 271 272 os_get_reltime(&now); 273 if (os_reltime_before(&now, &wpa_s->dpp_listen_end)) { 274 os_reltime_sub(&wpa_s->dpp_listen_end, &now, &res); 275 remaining = res.sec * 1000 + res.usec / 1000; 276 } else { 277 remaining = 0; 278 } 279 if (wpa_s->dpp_listen_freq == freq && remaining > wait_time) 280 return; 281 282 wpa_printf(MSG_DEBUG, 283 "DPP: Stop listen on %u MHz ending in %u ms to allow immediate TX on %u MHz for %u ms", 284 wpa_s->dpp_listen_freq, remaining, freq, wait_time); 285 wpas_dpp_listen_stop(wpa_s); 286 287 /* TODO: Restart listen in some cases after TX? */ 288 } 289 290 291 static void wpas_dpp_conn_status_result_timeout(void *eloop_ctx, 292 void *timeout_ctx) 293 { 294 struct wpa_supplicant *wpa_s = eloop_ctx; 295 struct dpp_authentication *auth = wpa_s->dpp_auth; 296 enum dpp_status_error result; 297 298 if (!auth || !auth->conn_status_requested) 299 return; 300 301 wpa_printf(MSG_DEBUG, 302 "DPP: Connection timeout - report Connection Status Result"); 303 if (wpa_s->suitable_network) 304 result = DPP_STATUS_AUTH_FAILURE; 305 else if (wpa_s->no_suitable_network) 306 result = DPP_STATUS_NO_AP; 307 else 308 result = 255; /* What to report here for unexpected state? */ 309 if (wpa_s->wpa_state == WPA_SCANNING) 310 wpas_abort_ongoing_scan(wpa_s); 311 wpas_dpp_send_conn_status_result(wpa_s, result); 312 } 313 314 315 static char * wpas_dpp_scan_channel_list(struct wpa_supplicant *wpa_s) 316 { 317 char *str, *end, *pos; 318 size_t len; 319 unsigned int i; 320 u8 last_op_class = 0; 321 int res; 322 323 if (!wpa_s->last_scan_freqs || !wpa_s->num_last_scan_freqs) 324 return NULL; 325 326 len = wpa_s->num_last_scan_freqs * 8; 327 str = os_zalloc(len); 328 if (!str) 329 return NULL; 330 end = str + len; 331 pos = str; 332 333 for (i = 0; i < wpa_s->num_last_scan_freqs; i++) { 334 enum hostapd_hw_mode mode; 335 u8 op_class, channel; 336 337 mode = ieee80211_freq_to_channel_ext(wpa_s->last_scan_freqs[i], 338 0, 0, &op_class, &channel); 339 if (mode == NUM_HOSTAPD_MODES) 340 continue; 341 if (op_class == last_op_class) 342 res = os_snprintf(pos, end - pos, ",%d", channel); 343 else 344 res = os_snprintf(pos, end - pos, "%s%d/%d", 345 pos == str ? "" : ",", 346 op_class, channel); 347 if (os_snprintf_error(end - pos, res)) { 348 *pos = '\0'; 349 break; 350 } 351 pos += res; 352 last_op_class = op_class; 353 } 354 355 if (pos == str) { 356 os_free(str); 357 str = NULL; 358 } 359 return str; 360 } 361 362 363 void wpas_dpp_send_conn_status_result(struct wpa_supplicant *wpa_s, 364 enum dpp_status_error result) 365 { 366 struct wpabuf *msg; 367 const char *channel_list = NULL; 368 char *channel_list_buf = NULL; 369 struct wpa_ssid *ssid = wpa_s->current_ssid; 370 struct dpp_authentication *auth = wpa_s->dpp_auth; 371 372 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL); 373 374 if (!auth || !auth->conn_status_requested) 375 return; 376 auth->conn_status_requested = 0; 377 wpa_printf(MSG_DEBUG, "DPP: Report connection status result %d", 378 result); 379 380 if (result == DPP_STATUS_NO_AP) { 381 channel_list_buf = wpas_dpp_scan_channel_list(wpa_s); 382 channel_list = channel_list_buf; 383 } 384 385 msg = dpp_build_conn_status_result(auth, result, 386 ssid ? ssid->ssid : 387 wpa_s->dpp_last_ssid, 388 ssid ? ssid->ssid_len : 389 wpa_s->dpp_last_ssid_len, 390 channel_list); 391 os_free(channel_list_buf); 392 if (!msg) { 393 dpp_auth_deinit(wpa_s->dpp_auth); 394 wpa_s->dpp_auth = NULL; 395 return; 396 } 397 398 wpa_msg(wpa_s, MSG_INFO, 399 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 400 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 401 DPP_PA_CONNECTION_STATUS_RESULT); 402 offchannel_send_action(wpa_s, auth->curr_freq, 403 auth->peer_mac_addr, wpa_s->own_addr, broadcast, 404 wpabuf_head(msg), wpabuf_len(msg), 405 500, wpas_dpp_tx_status, 0); 406 wpabuf_free(msg); 407 408 /* This exchange will be terminated in the TX status handler */ 409 auth->remove_on_tx_status = 1; 410 411 return; 412 } 413 414 415 void wpas_dpp_connected(struct wpa_supplicant *wpa_s) 416 { 417 struct dpp_authentication *auth = wpa_s->dpp_auth; 418 419 if (auth && auth->conn_status_requested) 420 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_OK); 421 } 422 423 #endif /* CONFIG_DPP2 */ 424 425 426 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s, 427 unsigned int freq, const u8 *dst, 428 const u8 *src, const u8 *bssid, 429 const u8 *data, size_t data_len, 430 enum offchannel_send_action_result result) 431 { 432 const char *res_txt; 433 struct dpp_authentication *auth = wpa_s->dpp_auth; 434 435 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 436 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 437 "FAILED"); 438 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR 439 " result=%s", freq, MAC2STR(dst), res_txt); 440 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 441 " freq=%u result=%s", MAC2STR(dst), freq, res_txt); 442 443 if (!wpa_s->dpp_auth) { 444 wpa_printf(MSG_DEBUG, 445 "DPP: Ignore TX status since there is no ongoing authentication exchange"); 446 return; 447 } 448 449 #ifdef CONFIG_DPP2 450 if (auth->connect_on_tx_status) { 451 auth->connect_on_tx_status = 0; 452 wpa_printf(MSG_DEBUG, 453 "DPP: Try to connect after completed configuration result"); 454 wpas_dpp_try_to_connect(wpa_s); 455 if (auth->conn_status_requested) { 456 wpa_printf(MSG_DEBUG, 457 "DPP: Start 15 second timeout for reporting connection status result"); 458 eloop_cancel_timeout( 459 wpas_dpp_conn_status_result_timeout, 460 wpa_s, NULL); 461 eloop_register_timeout( 462 15, 0, wpas_dpp_conn_status_result_timeout, 463 wpa_s, NULL); 464 } else { 465 dpp_auth_deinit(wpa_s->dpp_auth); 466 wpa_s->dpp_auth = NULL; 467 } 468 return; 469 } 470 #endif /* CONFIG_DPP2 */ 471 472 if (wpa_s->dpp_auth->remove_on_tx_status) { 473 wpa_printf(MSG_DEBUG, 474 "DPP: Terminate authentication exchange due to a request to do so on TX status"); 475 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 476 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 477 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, 478 NULL); 479 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, 480 NULL); 481 #ifdef CONFIG_DPP2 482 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, 483 wpa_s, NULL); 484 #endif /* CONFIG_DPP2 */ 485 offchannel_send_action_done(wpa_s); 486 dpp_auth_deinit(wpa_s->dpp_auth); 487 wpa_s->dpp_auth = NULL; 488 return; 489 } 490 491 if (wpa_s->dpp_auth_ok_on_ack) 492 wpas_dpp_auth_success(wpa_s, 1); 493 494 if (!is_broadcast_ether_addr(dst) && 495 result != OFFCHANNEL_SEND_ACTION_SUCCESS) { 496 wpa_printf(MSG_DEBUG, 497 "DPP: Unicast DPP Action frame was not ACKed"); 498 if (auth->waiting_auth_resp) { 499 /* In case of DPP Authentication Request frame, move to 500 * the next channel immediately. */ 501 offchannel_send_action_done(wpa_s); 502 wpas_dpp_auth_init_next(wpa_s); 503 return; 504 } 505 if (auth->waiting_auth_conf) { 506 wpas_dpp_auth_resp_retry(wpa_s); 507 return; 508 } 509 } 510 511 if (auth->waiting_auth_conf && 512 auth->auth_resp_status == DPP_STATUS_OK) { 513 /* Make sure we do not get stuck waiting for Auth Confirm 514 * indefinitely after successfully transmitted Auth Response to 515 * allow new authentication exchanges to be started. */ 516 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, 517 NULL); 518 eloop_register_timeout(1, 0, wpas_dpp_auth_conf_wait_timeout, 519 wpa_s, NULL); 520 } 521 522 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp && 523 result == OFFCHANNEL_SEND_ACTION_SUCCESS) { 524 /* Allow timeout handling to stop iteration if no response is 525 * received from a peer that has ACKed a request. */ 526 auth->auth_req_ack = 1; 527 } 528 529 if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 && 530 wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) { 531 wpa_printf(MSG_DEBUG, 532 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response", 533 wpa_s->dpp_auth->curr_freq, 534 wpa_s->dpp_auth->neg_freq); 535 offchannel_send_action_done(wpa_s); 536 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_auth->neg_freq); 537 } 538 539 if (wpa_s->dpp_auth_ok_on_ack) 540 wpa_s->dpp_auth_ok_on_ack = 0; 541 } 542 543 544 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx) 545 { 546 struct wpa_supplicant *wpa_s = eloop_ctx; 547 struct dpp_authentication *auth = wpa_s->dpp_auth; 548 unsigned int freq; 549 struct os_reltime now, diff; 550 unsigned int wait_time, diff_ms; 551 552 if (!auth || !auth->waiting_auth_resp) 553 return; 554 555 wait_time = wpa_s->dpp_resp_wait_time ? 556 wpa_s->dpp_resp_wait_time : 2000; 557 os_get_reltime(&now); 558 os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff); 559 diff_ms = diff.sec * 1000 + diff.usec / 1000; 560 wpa_printf(MSG_DEBUG, 561 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u", 562 wait_time, diff_ms); 563 564 if (auth->auth_req_ack && diff_ms >= wait_time) { 565 /* Peer ACK'ed Authentication Request frame, but did not reply 566 * with Authentication Response frame within two seconds. */ 567 wpa_printf(MSG_INFO, 568 "DPP: No response received from responder - stopping initiation attempt"); 569 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); 570 offchannel_send_action_done(wpa_s); 571 wpas_dpp_listen_stop(wpa_s); 572 dpp_auth_deinit(auth); 573 wpa_s->dpp_auth = NULL; 574 return; 575 } 576 577 if (diff_ms >= wait_time) { 578 /* Authentication Request frame was not ACK'ed and no reply 579 * was receiving within two seconds. */ 580 wpa_printf(MSG_DEBUG, 581 "DPP: Continue Initiator channel iteration"); 582 offchannel_send_action_done(wpa_s); 583 wpas_dpp_listen_stop(wpa_s); 584 wpas_dpp_auth_init_next(wpa_s); 585 return; 586 } 587 588 /* Driver did not support 2000 ms long wait_time with TX command, so 589 * schedule listen operation to continue waiting for the response. 590 * 591 * DPP listen operations continue until stopped, so simply schedule a 592 * new call to this function at the point when the two second reply 593 * wait has expired. */ 594 wait_time -= diff_ms; 595 596 freq = auth->curr_freq; 597 if (auth->neg_freq > 0) 598 freq = auth->neg_freq; 599 wpa_printf(MSG_DEBUG, 600 "DPP: Continue reply wait on channel %u MHz for %u ms", 601 freq, wait_time); 602 wpa_s->dpp_in_response_listen = 1; 603 wpas_dpp_listen_start(wpa_s, freq); 604 605 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 606 wpas_dpp_reply_wait_timeout, wpa_s, NULL); 607 } 608 609 610 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx) 611 { 612 struct wpa_supplicant *wpa_s = eloop_ctx; 613 struct dpp_authentication *auth = wpa_s->dpp_auth; 614 615 if (!auth || !auth->waiting_auth_conf) 616 return; 617 618 wpa_printf(MSG_DEBUG, 619 "DPP: Terminate authentication exchange due to Auth Confirm timeout"); 620 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL "No Auth Confirm received"); 621 offchannel_send_action_done(wpa_s); 622 dpp_auth_deinit(auth); 623 wpa_s->dpp_auth = NULL; 624 } 625 626 627 static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s, 628 struct dpp_authentication *auth) 629 { 630 #ifdef CONFIG_TESTING_OPTIONS 631 if (wpa_s->dpp_config_obj_override) 632 auth->config_obj_override = 633 os_strdup(wpa_s->dpp_config_obj_override); 634 if (wpa_s->dpp_discovery_override) 635 auth->discovery_override = 636 os_strdup(wpa_s->dpp_discovery_override); 637 if (wpa_s->dpp_groups_override) 638 auth->groups_override = 639 os_strdup(wpa_s->dpp_groups_override); 640 auth->ignore_netaccesskey_mismatch = 641 wpa_s->dpp_ignore_netaccesskey_mismatch; 642 #endif /* CONFIG_TESTING_OPTIONS */ 643 } 644 645 646 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx) 647 { 648 struct wpa_supplicant *wpa_s = eloop_ctx; 649 650 if (!wpa_s->dpp_auth) 651 return; 652 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout"); 653 wpas_dpp_auth_init_next(wpa_s); 654 } 655 656 657 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s) 658 { 659 struct dpp_authentication *auth = wpa_s->dpp_auth; 660 const u8 *dst; 661 unsigned int wait_time, max_wait_time, freq, max_tries, used; 662 struct os_reltime now, diff; 663 664 wpa_s->dpp_in_response_listen = 0; 665 if (!auth) 666 return -1; 667 668 if (auth->freq_idx == 0) 669 os_get_reltime(&wpa_s->dpp_init_iter_start); 670 671 if (auth->freq_idx >= auth->num_freq) { 672 auth->num_freq_iters++; 673 if (wpa_s->dpp_init_max_tries) 674 max_tries = wpa_s->dpp_init_max_tries; 675 else 676 max_tries = 5; 677 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) { 678 wpa_printf(MSG_INFO, 679 "DPP: No response received from responder - stopping initiation attempt"); 680 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); 681 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, 682 wpa_s, NULL); 683 offchannel_send_action_done(wpa_s); 684 dpp_auth_deinit(wpa_s->dpp_auth); 685 wpa_s->dpp_auth = NULL; 686 return -1; 687 } 688 auth->freq_idx = 0; 689 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 690 if (wpa_s->dpp_init_retry_time) 691 wait_time = wpa_s->dpp_init_retry_time; 692 else 693 wait_time = 10000; 694 os_get_reltime(&now); 695 os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff); 696 used = diff.sec * 1000 + diff.usec / 1000; 697 if (used > wait_time) 698 wait_time = 0; 699 else 700 wait_time -= used; 701 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms", 702 wait_time); 703 eloop_register_timeout(wait_time / 1000, 704 (wait_time % 1000) * 1000, 705 wpas_dpp_init_timeout, wpa_s, 706 NULL); 707 return 0; 708 } 709 freq = auth->freq[auth->freq_idx++]; 710 auth->curr_freq = freq; 711 712 if (!is_zero_ether_addr(auth->peer_mac_addr)) 713 dst = auth->peer_mac_addr; 714 else if (is_zero_ether_addr(auth->peer_bi->mac_addr)) 715 dst = broadcast; 716 else 717 dst = auth->peer_bi->mac_addr; 718 wpa_s->dpp_auth_ok_on_ack = 0; 719 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 720 wait_time = wpa_s->max_remain_on_chan; 721 max_wait_time = wpa_s->dpp_resp_wait_time ? 722 wpa_s->dpp_resp_wait_time : 2000; 723 if (wait_time > max_wait_time) 724 wait_time = max_wait_time; 725 wait_time += 10; /* give the driver some extra time to complete */ 726 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 727 wpas_dpp_reply_wait_timeout, 728 wpa_s, NULL); 729 wait_time -= 10; 730 if (auth->neg_freq > 0 && freq != auth->neg_freq) { 731 wpa_printf(MSG_DEBUG, 732 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response", 733 freq, auth->neg_freq); 734 } 735 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 736 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ); 737 auth->auth_req_ack = 0; 738 os_get_reltime(&wpa_s->dpp_last_init); 739 return offchannel_send_action(wpa_s, freq, dst, 740 wpa_s->own_addr, broadcast, 741 wpabuf_head(auth->req_msg), 742 wpabuf_len(auth->req_msg), 743 wait_time, wpas_dpp_tx_status, 0); 744 } 745 746 747 int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd) 748 { 749 const char *pos; 750 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; 751 struct dpp_authentication *auth; 752 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; 753 unsigned int neg_freq = 0; 754 int tcp = 0; 755 #ifdef CONFIG_DPP2 756 int tcp_port = DPP_TCP_PORT; 757 struct hostapd_ip_addr ipaddr; 758 char *addr; 759 #endif /* CONFIG_DPP2 */ 760 761 wpa_s->dpp_gas_client = 0; 762 763 pos = os_strstr(cmd, " peer="); 764 if (!pos) 765 return -1; 766 pos += 6; 767 peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 768 if (!peer_bi) { 769 wpa_printf(MSG_INFO, 770 "DPP: Could not find bootstrapping info for the identified peer"); 771 return -1; 772 } 773 774 #ifdef CONFIG_DPP2 775 pos = os_strstr(cmd, " tcp_port="); 776 if (pos) { 777 pos += 10; 778 tcp_port = atoi(pos); 779 } 780 781 addr = get_param(cmd, " tcp_addr="); 782 if (addr) { 783 int res; 784 785 res = hostapd_parse_ip_addr(addr, &ipaddr); 786 os_free(addr); 787 if (res) 788 return -1; 789 tcp = 1; 790 } 791 #endif /* CONFIG_DPP2 */ 792 793 pos = os_strstr(cmd, " own="); 794 if (pos) { 795 pos += 5; 796 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 797 if (!own_bi) { 798 wpa_printf(MSG_INFO, 799 "DPP: Could not find bootstrapping info for the identified local entry"); 800 return -1; 801 } 802 803 if (peer_bi->curve != own_bi->curve) { 804 wpa_printf(MSG_INFO, 805 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)", 806 peer_bi->curve->name, own_bi->curve->name); 807 return -1; 808 } 809 } 810 811 pos = os_strstr(cmd, " role="); 812 if (pos) { 813 pos += 6; 814 if (os_strncmp(pos, "configurator", 12) == 0) 815 allowed_roles = DPP_CAPAB_CONFIGURATOR; 816 else if (os_strncmp(pos, "enrollee", 8) == 0) 817 allowed_roles = DPP_CAPAB_ENROLLEE; 818 else if (os_strncmp(pos, "either", 6) == 0) 819 allowed_roles = DPP_CAPAB_CONFIGURATOR | 820 DPP_CAPAB_ENROLLEE; 821 else 822 goto fail; 823 } 824 825 pos = os_strstr(cmd, " netrole="); 826 if (pos) { 827 pos += 9; 828 if (os_strncmp(pos, "ap", 2) == 0) 829 wpa_s->dpp_netrole = DPP_NETROLE_AP; 830 else if (os_strncmp(pos, "configurator", 12) == 0) 831 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR; 832 else 833 wpa_s->dpp_netrole = DPP_NETROLE_STA; 834 } else { 835 wpa_s->dpp_netrole = DPP_NETROLE_STA; 836 } 837 838 pos = os_strstr(cmd, " neg_freq="); 839 if (pos) 840 neg_freq = atoi(pos + 10); 841 842 if (!tcp && wpa_s->dpp_auth) { 843 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 844 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 845 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, 846 NULL); 847 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, 848 NULL); 849 #ifdef CONFIG_DPP2 850 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, 851 wpa_s, NULL); 852 #endif /* CONFIG_DPP2 */ 853 offchannel_send_action_done(wpa_s); 854 dpp_auth_deinit(wpa_s->dpp_auth); 855 wpa_s->dpp_auth = NULL; 856 } 857 858 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles, 859 neg_freq, wpa_s->hw.modes, wpa_s->hw.num_modes); 860 if (!auth) 861 goto fail; 862 wpas_dpp_set_testing_options(wpa_s, auth); 863 if (dpp_set_configurator(auth, cmd) < 0) { 864 dpp_auth_deinit(auth); 865 goto fail; 866 } 867 868 auth->neg_freq = neg_freq; 869 870 if (!is_zero_ether_addr(peer_bi->mac_addr)) 871 os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN); 872 873 #ifdef CONFIG_DPP2 874 if (tcp) 875 return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port, 876 wpa_s->conf->dpp_name, DPP_NETROLE_STA, 877 wpa_s, wpa_s, wpas_dpp_process_conf_obj); 878 #endif /* CONFIG_DPP2 */ 879 880 wpa_s->dpp_auth = auth; 881 return wpas_dpp_auth_init_next(wpa_s); 882 fail: 883 return -1; 884 } 885 886 887 struct wpas_dpp_listen_work { 888 unsigned int freq; 889 unsigned int duration; 890 struct wpabuf *probe_resp_ie; 891 }; 892 893 894 static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork) 895 { 896 if (!lwork) 897 return; 898 os_free(lwork); 899 } 900 901 902 static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s) 903 { 904 struct wpas_dpp_listen_work *lwork; 905 906 if (!wpa_s->dpp_listen_work) 907 return; 908 909 lwork = wpa_s->dpp_listen_work->ctx; 910 wpas_dpp_listen_work_free(lwork); 911 radio_work_done(wpa_s->dpp_listen_work); 912 wpa_s->dpp_listen_work = NULL; 913 } 914 915 916 static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit) 917 { 918 struct wpa_supplicant *wpa_s = work->wpa_s; 919 struct wpas_dpp_listen_work *lwork = work->ctx; 920 921 if (deinit) { 922 if (work->started) { 923 wpa_s->dpp_listen_work = NULL; 924 wpas_dpp_listen_stop(wpa_s); 925 } 926 wpas_dpp_listen_work_free(lwork); 927 return; 928 } 929 930 wpa_s->dpp_listen_work = work; 931 932 wpa_s->dpp_pending_listen_freq = lwork->freq; 933 934 if (wpa_drv_remain_on_channel(wpa_s, lwork->freq, 935 wpa_s->max_remain_on_chan) < 0) { 936 wpa_printf(MSG_DEBUG, 937 "DPP: Failed to request the driver to remain on channel (%u MHz) for listen", 938 lwork->freq); 939 wpa_s->dpp_listen_freq = 0; 940 wpas_dpp_listen_work_done(wpa_s); 941 wpa_s->dpp_pending_listen_freq = 0; 942 return; 943 } 944 wpa_s->off_channel_freq = 0; 945 wpa_s->roc_waiting_drv_freq = lwork->freq; 946 wpa_drv_dpp_listen(wpa_s, true); 947 } 948 949 950 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s, 951 unsigned int freq) 952 { 953 struct wpas_dpp_listen_work *lwork; 954 955 if (wpa_s->dpp_listen_work) { 956 wpa_printf(MSG_DEBUG, 957 "DPP: Reject start_listen since dpp_listen_work already exists"); 958 return -1; 959 } 960 961 if (wpa_s->dpp_listen_freq) 962 wpas_dpp_listen_stop(wpa_s); 963 wpa_s->dpp_listen_freq = freq; 964 965 lwork = os_zalloc(sizeof(*lwork)); 966 if (!lwork) 967 return -1; 968 lwork->freq = freq; 969 970 if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb, 971 lwork) < 0) { 972 wpas_dpp_listen_work_free(lwork); 973 return -1; 974 } 975 976 return 0; 977 } 978 979 980 int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd) 981 { 982 int freq; 983 984 freq = atoi(cmd); 985 if (freq <= 0) 986 return -1; 987 988 if (os_strstr(cmd, " role=configurator")) 989 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR; 990 else if (os_strstr(cmd, " role=enrollee")) 991 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; 992 else 993 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | 994 DPP_CAPAB_ENROLLEE; 995 wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; 996 if (os_strstr(cmd, " netrole=ap")) 997 wpa_s->dpp_netrole = DPP_NETROLE_AP; 998 else if (os_strstr(cmd, " netrole=configurator")) 999 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR; 1000 else 1001 wpa_s->dpp_netrole = DPP_NETROLE_STA; 1002 if (wpa_s->dpp_listen_freq == (unsigned int) freq) { 1003 wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz", 1004 freq); 1005 return 0; 1006 } 1007 1008 return wpas_dpp_listen_start(wpa_s, freq); 1009 } 1010 1011 1012 void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s) 1013 { 1014 wpa_s->dpp_in_response_listen = 0; 1015 if (!wpa_s->dpp_listen_freq) 1016 return; 1017 1018 wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz", 1019 wpa_s->dpp_listen_freq); 1020 wpa_drv_cancel_remain_on_channel(wpa_s); 1021 wpa_drv_dpp_listen(wpa_s, false); 1022 wpa_s->dpp_listen_freq = 0; 1023 wpas_dpp_listen_work_done(wpa_s); 1024 radio_remove_works(wpa_s, "dpp-listen", 0); 1025 } 1026 1027 1028 void wpas_dpp_remain_on_channel_cb(struct wpa_supplicant *wpa_s, 1029 unsigned int freq, unsigned int duration) 1030 { 1031 if (wpa_s->dpp_listen_freq != freq) 1032 return; 1033 1034 wpa_printf(MSG_DEBUG, 1035 "DPP: Remain-on-channel started for listen on %u MHz for %u ms", 1036 freq, duration); 1037 os_get_reltime(&wpa_s->dpp_listen_end); 1038 wpa_s->dpp_listen_end.usec += duration * 1000; 1039 while (wpa_s->dpp_listen_end.usec >= 1000000) { 1040 wpa_s->dpp_listen_end.sec++; 1041 wpa_s->dpp_listen_end.usec -= 1000000; 1042 } 1043 } 1044 1045 1046 void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s, 1047 unsigned int freq) 1048 { 1049 wpas_dpp_listen_work_done(wpa_s); 1050 1051 if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) { 1052 unsigned int new_freq; 1053 1054 /* Continue listen with a new remain-on-channel */ 1055 if (wpa_s->dpp_auth->neg_freq > 0) 1056 new_freq = wpa_s->dpp_auth->neg_freq; 1057 else 1058 new_freq = wpa_s->dpp_auth->curr_freq; 1059 wpa_printf(MSG_DEBUG, 1060 "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session", 1061 new_freq); 1062 wpas_dpp_listen_start(wpa_s, new_freq); 1063 return; 1064 } 1065 1066 if (wpa_s->dpp_listen_freq) { 1067 /* Continue listen with a new remain-on-channel */ 1068 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq); 1069 } 1070 } 1071 1072 1073 static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src, 1074 const u8 *hdr, const u8 *buf, size_t len, 1075 unsigned int freq) 1076 { 1077 const u8 *r_bootstrap, *i_bootstrap; 1078 u16 r_bootstrap_len, i_bootstrap_len; 1079 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL; 1080 1081 if (!wpa_s->dpp) 1082 return; 1083 1084 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR, 1085 MAC2STR(src)); 1086 1087 #ifdef CONFIG_DPP2 1088 wpas_dpp_chirp_stop(wpa_s); 1089 #endif /* CONFIG_DPP2 */ 1090 1091 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, 1092 &r_bootstrap_len); 1093 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { 1094 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 1095 "Missing or invalid required Responder Bootstrapping Key Hash attribute"); 1096 return; 1097 } 1098 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", 1099 r_bootstrap, r_bootstrap_len); 1100 1101 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH, 1102 &i_bootstrap_len); 1103 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) { 1104 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 1105 "Missing or invalid required Initiator Bootstrapping Key Hash attribute"); 1106 return; 1107 } 1108 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash", 1109 i_bootstrap, i_bootstrap_len); 1110 1111 /* Try to find own and peer bootstrapping key matches based on the 1112 * received hash values */ 1113 dpp_bootstrap_find_pair(wpa_s->dpp, i_bootstrap, r_bootstrap, 1114 &own_bi, &peer_bi); 1115 if (!own_bi) { 1116 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 1117 "No matching own bootstrapping key found - ignore message"); 1118 return; 1119 } 1120 1121 if (wpa_s->dpp_auth) { 1122 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 1123 "Already in DPP authentication exchange - ignore new one"); 1124 return; 1125 } 1126 1127 wpa_s->dpp_gas_client = 0; 1128 wpa_s->dpp_auth_ok_on_ack = 0; 1129 wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s->dpp, wpa_s, 1130 wpa_s->dpp_allowed_roles, 1131 wpa_s->dpp_qr_mutual, 1132 peer_bi, own_bi, freq, hdr, buf, len); 1133 if (!wpa_s->dpp_auth) { 1134 wpa_printf(MSG_DEBUG, "DPP: No response generated"); 1135 return; 1136 } 1137 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth); 1138 if (dpp_set_configurator(wpa_s->dpp_auth, 1139 wpa_s->dpp_configurator_params) < 0) { 1140 dpp_auth_deinit(wpa_s->dpp_auth); 1141 wpa_s->dpp_auth = NULL; 1142 return; 1143 } 1144 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN); 1145 1146 if (wpa_s->dpp_listen_freq && 1147 wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) { 1148 wpa_printf(MSG_DEBUG, 1149 "DPP: Stop listen on %u MHz to allow response on the request %u MHz", 1150 wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq); 1151 wpas_dpp_listen_stop(wpa_s); 1152 } 1153 1154 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1155 MAC2STR(src), wpa_s->dpp_auth->curr_freq, 1156 DPP_PA_AUTHENTICATION_RESP); 1157 offchannel_send_action(wpa_s, wpa_s->dpp_auth->curr_freq, 1158 src, wpa_s->own_addr, broadcast, 1159 wpabuf_head(wpa_s->dpp_auth->resp_msg), 1160 wpabuf_len(wpa_s->dpp_auth->resp_msg), 1161 500, wpas_dpp_tx_status, 0); 1162 } 1163 1164 1165 static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s) 1166 { 1167 /* TODO: stop wait and start ROC */ 1168 } 1169 1170 1171 static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s, 1172 struct dpp_authentication *auth, 1173 struct dpp_config_obj *conf) 1174 { 1175 struct wpa_ssid *ssid; 1176 1177 #ifdef CONFIG_DPP2 1178 if (conf->akm == DPP_AKM_SAE) { 1179 #ifdef CONFIG_SAE 1180 struct wpa_driver_capa capa; 1181 int res; 1182 1183 res = wpa_drv_get_capa(wpa_s, &capa); 1184 if (res == 0 && 1185 !(capa.key_mgmt_iftype[WPA_IF_STATION] & 1186 WPA_DRIVER_CAPA_KEY_MGMT_SAE) && 1187 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) { 1188 wpa_printf(MSG_DEBUG, 1189 "DPP: SAE not supported by the driver"); 1190 return NULL; 1191 } 1192 #else /* CONFIG_SAE */ 1193 wpa_printf(MSG_DEBUG, "DPP: SAE not supported in the build"); 1194 return NULL; 1195 #endif /* CONFIG_SAE */ 1196 } 1197 #endif /* CONFIG_DPP2 */ 1198 1199 ssid = wpa_config_add_network(wpa_s->conf); 1200 if (!ssid) 1201 return NULL; 1202 wpas_notify_network_added(wpa_s, ssid); 1203 wpa_config_set_network_defaults(ssid); 1204 ssid->disabled = 1; 1205 1206 ssid->ssid = os_malloc(conf->ssid_len); 1207 if (!ssid->ssid) 1208 goto fail; 1209 os_memcpy(ssid->ssid, conf->ssid, conf->ssid_len); 1210 ssid->ssid_len = conf->ssid_len; 1211 1212 if (conf->connector) { 1213 if (dpp_akm_dpp(conf->akm)) { 1214 ssid->key_mgmt = WPA_KEY_MGMT_DPP; 1215 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED; 1216 } 1217 ssid->dpp_connector = os_strdup(conf->connector); 1218 if (!ssid->dpp_connector) 1219 goto fail; 1220 } 1221 1222 if (conf->c_sign_key) { 1223 ssid->dpp_csign = os_malloc(wpabuf_len(conf->c_sign_key)); 1224 if (!ssid->dpp_csign) 1225 goto fail; 1226 os_memcpy(ssid->dpp_csign, wpabuf_head(conf->c_sign_key), 1227 wpabuf_len(conf->c_sign_key)); 1228 ssid->dpp_csign_len = wpabuf_len(conf->c_sign_key); 1229 } 1230 1231 if (conf->pp_key) { 1232 ssid->dpp_pp_key = os_malloc(wpabuf_len(conf->pp_key)); 1233 if (!ssid->dpp_pp_key) 1234 goto fail; 1235 os_memcpy(ssid->dpp_pp_key, wpabuf_head(conf->pp_key), 1236 wpabuf_len(conf->pp_key)); 1237 ssid->dpp_pp_key_len = wpabuf_len(conf->pp_key); 1238 } 1239 1240 if (auth->net_access_key) { 1241 ssid->dpp_netaccesskey = 1242 os_malloc(wpabuf_len(auth->net_access_key)); 1243 if (!ssid->dpp_netaccesskey) 1244 goto fail; 1245 os_memcpy(ssid->dpp_netaccesskey, 1246 wpabuf_head(auth->net_access_key), 1247 wpabuf_len(auth->net_access_key)); 1248 ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key); 1249 ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry; 1250 } 1251 1252 if (!conf->connector || dpp_akm_psk(conf->akm) || 1253 dpp_akm_sae(conf->akm)) { 1254 if (!conf->connector || !dpp_akm_dpp(conf->akm)) 1255 ssid->key_mgmt = 0; 1256 if (dpp_akm_psk(conf->akm)) 1257 ssid->key_mgmt |= WPA_KEY_MGMT_PSK | 1258 WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK; 1259 if (dpp_akm_sae(conf->akm)) 1260 ssid->key_mgmt |= WPA_KEY_MGMT_SAE | 1261 WPA_KEY_MGMT_FT_SAE; 1262 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; 1263 if (conf->passphrase[0]) { 1264 if (wpa_config_set_quoted(ssid, "psk", 1265 conf->passphrase) < 0) 1266 goto fail; 1267 wpa_config_update_psk(ssid); 1268 ssid->export_keys = 1; 1269 } else { 1270 ssid->psk_set = conf->psk_set; 1271 os_memcpy(ssid->psk, conf->psk, PMK_LEN); 1272 } 1273 } 1274 1275 #if defined(CONFIG_DPP2) && defined(IEEE8021X_EAPOL) 1276 if (conf->akm == DPP_AKM_DOT1X) { 1277 int i; 1278 char name[100], blobname[128]; 1279 struct wpa_config_blob *blob; 1280 1281 ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X | 1282 WPA_KEY_MGMT_IEEE8021X_SHA256 | 1283 WPA_KEY_MGMT_IEEE8021X_SHA256; 1284 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; 1285 1286 if (conf->cacert) { 1287 /* caCert is DER-encoded X.509v3 certificate for the 1288 * server certificate if that is different from the 1289 * trust root included in certBag. */ 1290 /* TODO: ssid->eap.cert.ca_cert */ 1291 } 1292 1293 if (conf->certs) { 1294 for (i = 0; ; i++) { 1295 os_snprintf(name, sizeof(name), "dpp-certs-%d", 1296 i); 1297 if (!wpa_config_get_blob(wpa_s->conf, name)) 1298 break; 1299 } 1300 1301 blob = os_zalloc(sizeof(*blob)); 1302 if (!blob) 1303 goto fail; 1304 blob->len = wpabuf_len(conf->certs); 1305 blob->name = os_strdup(name); 1306 blob->data = os_malloc(blob->len); 1307 if (!blob->name || !blob->data) { 1308 wpa_config_free_blob(blob); 1309 goto fail; 1310 } 1311 os_memcpy(blob->data, wpabuf_head(conf->certs), 1312 blob->len); 1313 os_snprintf(blobname, sizeof(blobname), "blob://%s", 1314 name); 1315 wpa_config_set_blob(wpa_s->conf, blob); 1316 wpa_printf(MSG_DEBUG, "DPP: Added certificate blob %s", 1317 name); 1318 ssid->eap.cert.client_cert = os_strdup(blobname); 1319 if (!ssid->eap.cert.client_cert) 1320 goto fail; 1321 1322 /* TODO: ssid->eap.identity from own certificate */ 1323 if (wpa_config_set(ssid, "identity", "\"dpp-ent\"", 1324 0) < 0) 1325 goto fail; 1326 } 1327 1328 if (auth->priv_key) { 1329 for (i = 0; ; i++) { 1330 os_snprintf(name, sizeof(name), "dpp-key-%d", 1331 i); 1332 if (!wpa_config_get_blob(wpa_s->conf, name)) 1333 break; 1334 } 1335 1336 blob = os_zalloc(sizeof(*blob)); 1337 if (!blob) 1338 goto fail; 1339 blob->len = wpabuf_len(auth->priv_key); 1340 blob->name = os_strdup(name); 1341 blob->data = os_malloc(blob->len); 1342 if (!blob->name || !blob->data) { 1343 wpa_config_free_blob(blob); 1344 goto fail; 1345 } 1346 os_memcpy(blob->data, wpabuf_head(auth->priv_key), 1347 blob->len); 1348 os_snprintf(blobname, sizeof(blobname), "blob://%s", 1349 name); 1350 wpa_config_set_blob(wpa_s->conf, blob); 1351 wpa_printf(MSG_DEBUG, "DPP: Added private key blob %s", 1352 name); 1353 ssid->eap.cert.private_key = os_strdup(blobname); 1354 if (!ssid->eap.cert.private_key) 1355 goto fail; 1356 } 1357 1358 if (conf->server_name) { 1359 ssid->eap.cert.domain_suffix_match = 1360 os_strdup(conf->server_name); 1361 if (!ssid->eap.cert.domain_suffix_match) 1362 goto fail; 1363 } 1364 1365 /* TODO: Use entCreds::eapMethods */ 1366 if (wpa_config_set(ssid, "eap", "TLS", 0) < 0) 1367 goto fail; 1368 } 1369 #endif /* CONFIG_DPP2 && IEEE8021X_EAPOL */ 1370 1371 os_memcpy(wpa_s->dpp_last_ssid, conf->ssid, conf->ssid_len); 1372 wpa_s->dpp_last_ssid_len = conf->ssid_len; 1373 1374 return ssid; 1375 fail: 1376 wpas_notify_network_removed(wpa_s, ssid); 1377 wpa_config_remove_network(wpa_s->conf, ssid->id); 1378 return NULL; 1379 } 1380 1381 1382 static int wpas_dpp_process_config(struct wpa_supplicant *wpa_s, 1383 struct dpp_authentication *auth, 1384 struct dpp_config_obj *conf) 1385 { 1386 struct wpa_ssid *ssid; 1387 1388 if (wpa_s->conf->dpp_config_processing < 1) 1389 return 0; 1390 1391 ssid = wpas_dpp_add_network(wpa_s, auth, conf); 1392 if (!ssid) 1393 return -1; 1394 1395 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id); 1396 if (wpa_s->conf->dpp_config_processing == 2) 1397 ssid->disabled = 0; 1398 1399 #ifndef CONFIG_NO_CONFIG_WRITE 1400 if (wpa_s->conf->update_config && 1401 wpa_config_write(wpa_s->confname, wpa_s->conf)) 1402 wpa_printf(MSG_DEBUG, "DPP: Failed to update configuration"); 1403 #endif /* CONFIG_NO_CONFIG_WRITE */ 1404 1405 return 0; 1406 } 1407 1408 1409 static void wpas_dpp_post_process_config(struct wpa_supplicant *wpa_s, 1410 struct dpp_authentication *auth) 1411 { 1412 #ifdef CONFIG_DPP2 1413 if (auth->reconfig && wpa_s->dpp_reconfig_ssid && 1414 wpa_config_get_network(wpa_s->conf, wpa_s->dpp_reconfig_ssid_id) == 1415 wpa_s->dpp_reconfig_ssid) { 1416 wpa_printf(MSG_DEBUG, 1417 "DPP: Remove reconfigured network profile"); 1418 wpas_notify_network_removed(wpa_s, wpa_s->dpp_reconfig_ssid); 1419 wpa_config_remove_network(wpa_s->conf, 1420 wpa_s->dpp_reconfig_ssid_id); 1421 wpa_s->dpp_reconfig_ssid = NULL; 1422 wpa_s->dpp_reconfig_ssid_id = -1; 1423 } 1424 #endif /* CONFIG_DPP2 */ 1425 1426 if (wpa_s->conf->dpp_config_processing < 2) 1427 return; 1428 1429 #ifdef CONFIG_DPP2 1430 if (auth->peer_version >= 2) { 1431 wpa_printf(MSG_DEBUG, 1432 "DPP: Postpone connection attempt to wait for completion of DPP Configuration Result"); 1433 auth->connect_on_tx_status = 1; 1434 return; 1435 } 1436 #endif /* CONFIG_DPP2 */ 1437 1438 wpas_dpp_try_to_connect(wpa_s); 1439 } 1440 1441 1442 static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s, 1443 struct dpp_authentication *auth, 1444 struct dpp_config_obj *conf) 1445 { 1446 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED); 1447 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s", 1448 dpp_akm_str(conf->akm)); 1449 if (conf->ssid_len) 1450 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s", 1451 wpa_ssid_txt(conf->ssid, conf->ssid_len)); 1452 if (conf->ssid_charset) 1453 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID_CHARSET "%d", 1454 conf->ssid_charset); 1455 if (conf->connector) { 1456 /* TODO: Save the Connector and consider using a command 1457 * to fetch the value instead of sending an event with 1458 * it. The Connector could end up being larger than what 1459 * most clients are ready to receive as an event 1460 * message. */ 1461 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s", 1462 conf->connector); 1463 } 1464 if (conf->passphrase[0]) { 1465 char hex[64 * 2 + 1]; 1466 1467 wpa_snprintf_hex(hex, sizeof(hex), 1468 (const u8 *) conf->passphrase, 1469 os_strlen(conf->passphrase)); 1470 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s", 1471 hex); 1472 } else if (conf->psk_set) { 1473 char hex[PMK_LEN * 2 + 1]; 1474 1475 wpa_snprintf_hex(hex, sizeof(hex), conf->psk, PMK_LEN); 1476 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s", 1477 hex); 1478 } 1479 if (conf->c_sign_key) { 1480 char *hex; 1481 size_t hexlen; 1482 1483 hexlen = 2 * wpabuf_len(conf->c_sign_key) + 1; 1484 hex = os_malloc(hexlen); 1485 if (hex) { 1486 wpa_snprintf_hex(hex, hexlen, 1487 wpabuf_head(conf->c_sign_key), 1488 wpabuf_len(conf->c_sign_key)); 1489 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s", 1490 hex); 1491 os_free(hex); 1492 } 1493 } 1494 if (conf->pp_key) { 1495 char *hex; 1496 size_t hexlen; 1497 1498 hexlen = 2 * wpabuf_len(conf->pp_key) + 1; 1499 hex = os_malloc(hexlen); 1500 if (hex) { 1501 wpa_snprintf_hex(hex, hexlen, 1502 wpabuf_head(conf->pp_key), 1503 wpabuf_len(conf->pp_key)); 1504 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PP_KEY "%s", hex); 1505 os_free(hex); 1506 } 1507 } 1508 if (auth->net_access_key) { 1509 char *hex; 1510 size_t hexlen; 1511 1512 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1; 1513 hex = os_malloc(hexlen); 1514 if (hex) { 1515 wpa_snprintf_hex(hex, hexlen, 1516 wpabuf_head(auth->net_access_key), 1517 wpabuf_len(auth->net_access_key)); 1518 if (auth->net_access_key_expiry) 1519 wpa_msg(wpa_s, MSG_INFO, 1520 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex, 1521 (long unsigned) 1522 auth->net_access_key_expiry); 1523 else 1524 wpa_msg(wpa_s, MSG_INFO, 1525 DPP_EVENT_NET_ACCESS_KEY "%s", hex); 1526 os_free(hex); 1527 } 1528 } 1529 1530 #ifdef CONFIG_DPP2 1531 if (conf->certbag) { 1532 char *b64; 1533 1534 b64 = base64_encode_no_lf(wpabuf_head(conf->certbag), 1535 wpabuf_len(conf->certbag), NULL); 1536 if (b64) 1537 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CERTBAG "%s", b64); 1538 os_free(b64); 1539 } 1540 1541 if (conf->cacert) { 1542 char *b64; 1543 1544 b64 = base64_encode_no_lf(wpabuf_head(conf->cacert), 1545 wpabuf_len(conf->cacert), NULL); 1546 if (b64) 1547 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CACERT "%s", b64); 1548 os_free(b64); 1549 } 1550 1551 if (conf->server_name) 1552 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_SERVER_NAME "%s", 1553 conf->server_name); 1554 #endif /* CONFIG_DPP2 */ 1555 1556 return wpas_dpp_process_config(wpa_s, auth, conf); 1557 } 1558 1559 1560 static int wpas_dpp_handle_key_pkg(struct wpa_supplicant *wpa_s, 1561 struct dpp_asymmetric_key *key) 1562 { 1563 #ifdef CONFIG_DPP2 1564 int res; 1565 1566 if (!key) 1567 return 0; 1568 1569 wpa_printf(MSG_DEBUG, "DPP: Received Configurator backup"); 1570 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED); 1571 wpa_s->dpp_conf_backup_received = true; 1572 1573 while (key) { 1574 res = dpp_configurator_from_backup(wpa_s->dpp, key); 1575 if (res < 0) 1576 return -1; 1577 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFIGURATOR_ID "%d", 1578 res); 1579 key = key->next; 1580 } 1581 #endif /* CONFIG_DPP2 */ 1582 1583 return 0; 1584 } 1585 1586 1587 #ifdef CONFIG_DPP2 1588 static void wpas_dpp_build_csr(void *eloop_ctx, void *timeout_ctx) 1589 { 1590 struct wpa_supplicant *wpa_s = eloop_ctx; 1591 struct dpp_authentication *auth = wpa_s->dpp_auth; 1592 1593 if (!auth || !auth->csrattrs) 1594 return; 1595 1596 wpa_printf(MSG_DEBUG, "DPP: Build CSR"); 1597 wpabuf_free(auth->csr); 1598 /* TODO: Additional information needed for CSR based on csrAttrs */ 1599 auth->csr = dpp_build_csr(auth, wpa_s->conf->dpp_name ? 1600 wpa_s->conf->dpp_name : "Test"); 1601 if (!auth->csr) { 1602 dpp_auth_deinit(wpa_s->dpp_auth); 1603 wpa_s->dpp_auth = NULL; 1604 return; 1605 } 1606 1607 wpas_dpp_start_gas_client(wpa_s); 1608 } 1609 #endif /* CONFIG_DPP2 */ 1610 1611 1612 static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token, 1613 enum gas_query_result result, 1614 const struct wpabuf *adv_proto, 1615 const struct wpabuf *resp, u16 status_code) 1616 { 1617 struct wpa_supplicant *wpa_s = ctx; 1618 const u8 *pos; 1619 struct dpp_authentication *auth = wpa_s->dpp_auth; 1620 int res; 1621 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED; 1622 unsigned int i; 1623 1624 wpa_s->dpp_gas_dialog_token = -1; 1625 1626 if (!auth || (!auth->auth_success && !auth->reconfig_success) || 1627 os_memcmp(addr, auth->peer_mac_addr, ETH_ALEN) != 0) { 1628 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); 1629 return; 1630 } 1631 if (result != GAS_QUERY_SUCCESS || 1632 !resp || status_code != WLAN_STATUS_SUCCESS) { 1633 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed"); 1634 goto fail; 1635 } 1636 1637 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto", 1638 adv_proto); 1639 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)", 1640 resp); 1641 1642 if (wpabuf_len(adv_proto) != 10 || 1643 !(pos = wpabuf_head(adv_proto)) || 1644 pos[0] != WLAN_EID_ADV_PROTO || 1645 pos[1] != 8 || 1646 pos[3] != WLAN_EID_VENDOR_SPECIFIC || 1647 pos[4] != 5 || 1648 WPA_GET_BE24(&pos[5]) != OUI_WFA || 1649 pos[8] != 0x1a || 1650 pos[9] != 1) { 1651 wpa_printf(MSG_DEBUG, 1652 "DPP: Not a DPP Advertisement Protocol ID"); 1653 goto fail; 1654 } 1655 1656 res = dpp_conf_resp_rx(auth, resp); 1657 #ifdef CONFIG_DPP2 1658 if (res == -2) { 1659 wpa_printf(MSG_DEBUG, "DPP: CSR needed"); 1660 eloop_register_timeout(0, 0, wpas_dpp_build_csr, wpa_s, NULL); 1661 return; 1662 } 1663 #endif /* CONFIG_DPP2 */ 1664 if (res < 0) { 1665 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed"); 1666 goto fail; 1667 } 1668 1669 wpa_s->dpp_conf_backup_received = false; 1670 for (i = 0; i < auth->num_conf_obj; i++) { 1671 res = wpas_dpp_handle_config_obj(wpa_s, auth, 1672 &auth->conf_obj[i]); 1673 if (res < 0) 1674 goto fail; 1675 } 1676 if (auth->num_conf_obj) 1677 wpas_dpp_post_process_config(wpa_s, auth); 1678 if (wpas_dpp_handle_key_pkg(wpa_s, auth->conf_key_pkg) < 0) 1679 goto fail; 1680 1681 status = DPP_STATUS_OK; 1682 #ifdef CONFIG_TESTING_OPTIONS 1683 if (dpp_test == DPP_TEST_REJECT_CONFIG) { 1684 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object"); 1685 status = DPP_STATUS_CONFIG_REJECTED; 1686 } 1687 #endif /* CONFIG_TESTING_OPTIONS */ 1688 fail: 1689 if (status != DPP_STATUS_OK) 1690 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1691 #ifdef CONFIG_DPP2 1692 if (auth->peer_version >= 2 && 1693 auth->conf_resp_status == DPP_STATUS_OK) { 1694 struct wpabuf *msg; 1695 1696 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result"); 1697 msg = dpp_build_conf_result(auth, status); 1698 if (!msg) 1699 goto fail2; 1700 1701 wpa_msg(wpa_s, MSG_INFO, 1702 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1703 MAC2STR(addr), auth->curr_freq, 1704 DPP_PA_CONFIGURATION_RESULT); 1705 offchannel_send_action(wpa_s, auth->curr_freq, 1706 addr, wpa_s->own_addr, broadcast, 1707 wpabuf_head(msg), 1708 wpabuf_len(msg), 1709 500, wpas_dpp_tx_status, 0); 1710 wpabuf_free(msg); 1711 1712 /* This exchange will be terminated in the TX status handler */ 1713 if (wpa_s->conf->dpp_config_processing < 2 || 1714 wpa_s->dpp_conf_backup_received) 1715 auth->remove_on_tx_status = 1; 1716 return; 1717 } 1718 fail2: 1719 #endif /* CONFIG_DPP2 */ 1720 dpp_auth_deinit(wpa_s->dpp_auth); 1721 wpa_s->dpp_auth = NULL; 1722 } 1723 1724 1725 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s) 1726 { 1727 struct dpp_authentication *auth = wpa_s->dpp_auth; 1728 struct wpabuf *buf; 1729 int res; 1730 int *supp_op_classes; 1731 1732 wpa_s->dpp_gas_client = 1; 1733 offchannel_send_action_done(wpa_s); 1734 wpas_dpp_listen_stop(wpa_s); 1735 1736 supp_op_classes = wpas_supp_op_classes(wpa_s); 1737 buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name, 1738 wpa_s->dpp_netrole, 1739 wpa_s->conf->dpp_mud_url, 1740 supp_op_classes); 1741 os_free(supp_op_classes); 1742 if (!buf) { 1743 wpa_printf(MSG_DEBUG, 1744 "DPP: No configuration request data available"); 1745 return; 1746 } 1747 1748 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)", 1749 MAC2STR(auth->peer_mac_addr), auth->curr_freq); 1750 1751 res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq, 1752 1, 1, buf, wpas_dpp_gas_resp_cb, wpa_s); 1753 if (res < 0) { 1754 wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request"); 1755 wpabuf_free(buf); 1756 } else { 1757 wpa_printf(MSG_DEBUG, 1758 "DPP: GAS query started with dialog token %u", res); 1759 wpa_s->dpp_gas_dialog_token = res; 1760 } 1761 } 1762 1763 1764 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator) 1765 { 1766 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded"); 1767 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator); 1768 #ifdef CONFIG_TESTING_OPTIONS 1769 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) { 1770 wpa_printf(MSG_INFO, 1771 "DPP: TESTING - stop at Authentication Confirm"); 1772 if (wpa_s->dpp_auth->configurator) { 1773 /* Prevent GAS response */ 1774 wpa_s->dpp_auth->auth_success = 0; 1775 } 1776 return; 1777 } 1778 #endif /* CONFIG_TESTING_OPTIONS */ 1779 1780 if (wpa_s->dpp_auth->configurator) 1781 wpas_dpp_start_gas_server(wpa_s); 1782 else 1783 wpas_dpp_start_gas_client(wpa_s); 1784 } 1785 1786 1787 static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src, 1788 const u8 *hdr, const u8 *buf, size_t len, 1789 unsigned int freq) 1790 { 1791 struct dpp_authentication *auth = wpa_s->dpp_auth; 1792 struct wpabuf *msg; 1793 1794 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR 1795 " (freq %u MHz)", MAC2STR(src), freq); 1796 1797 if (!auth) { 1798 wpa_printf(MSG_DEBUG, 1799 "DPP: No DPP Authentication in progress - drop"); 1800 return; 1801 } 1802 1803 if (!is_zero_ether_addr(auth->peer_mac_addr) && 1804 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1805 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1806 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1807 return; 1808 } 1809 1810 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 1811 1812 if (auth->curr_freq != freq && auth->neg_freq == freq) { 1813 wpa_printf(MSG_DEBUG, 1814 "DPP: Responder accepted request for different negotiation channel"); 1815 auth->curr_freq = freq; 1816 } 1817 1818 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 1819 msg = dpp_auth_resp_rx(auth, hdr, buf, len); 1820 if (!msg) { 1821 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) { 1822 wpa_printf(MSG_DEBUG, 1823 "DPP: Start wait for full response"); 1824 offchannel_send_action_done(wpa_s); 1825 wpas_dpp_listen_start(wpa_s, auth->curr_freq); 1826 return; 1827 } 1828 wpa_printf(MSG_DEBUG, "DPP: No confirm generated"); 1829 return; 1830 } 1831 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 1832 1833 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1834 MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF); 1835 offchannel_send_action(wpa_s, auth->curr_freq, 1836 src, wpa_s->own_addr, broadcast, 1837 wpabuf_head(msg), wpabuf_len(msg), 1838 500, wpas_dpp_tx_status, 0); 1839 wpabuf_free(msg); 1840 wpa_s->dpp_auth_ok_on_ack = 1; 1841 } 1842 1843 1844 static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src, 1845 const u8 *hdr, const u8 *buf, size_t len) 1846 { 1847 struct dpp_authentication *auth = wpa_s->dpp_auth; 1848 1849 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR, 1850 MAC2STR(src)); 1851 1852 if (!auth) { 1853 wpa_printf(MSG_DEBUG, 1854 "DPP: No DPP Authentication in progress - drop"); 1855 return; 1856 } 1857 1858 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1859 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1860 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1861 return; 1862 } 1863 1864 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL); 1865 1866 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) { 1867 wpa_printf(MSG_DEBUG, "DPP: Authentication failed"); 1868 return; 1869 } 1870 1871 wpas_dpp_auth_success(wpa_s, 0); 1872 } 1873 1874 1875 #ifdef CONFIG_DPP2 1876 1877 static void wpas_dpp_config_result_wait_timeout(void *eloop_ctx, 1878 void *timeout_ctx) 1879 { 1880 struct wpa_supplicant *wpa_s = eloop_ctx; 1881 struct dpp_authentication *auth = wpa_s->dpp_auth; 1882 1883 if (!auth || !auth->waiting_conf_result) 1884 return; 1885 1886 wpa_printf(MSG_DEBUG, 1887 "DPP: Timeout while waiting for Configuration Result"); 1888 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1889 dpp_auth_deinit(auth); 1890 wpa_s->dpp_auth = NULL; 1891 } 1892 1893 1894 static void wpas_dpp_conn_status_result_wait_timeout(void *eloop_ctx, 1895 void *timeout_ctx) 1896 { 1897 struct wpa_supplicant *wpa_s = eloop_ctx; 1898 struct dpp_authentication *auth = wpa_s->dpp_auth; 1899 1900 if (!auth || !auth->waiting_conn_status_result) 1901 return; 1902 1903 wpa_printf(MSG_DEBUG, 1904 "DPP: Timeout while waiting for Connection Status Result"); 1905 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT "timeout"); 1906 wpas_dpp_listen_stop(wpa_s); 1907 dpp_auth_deinit(auth); 1908 wpa_s->dpp_auth = NULL; 1909 } 1910 1911 1912 static void wpas_dpp_rx_conf_result(struct wpa_supplicant *wpa_s, const u8 *src, 1913 const u8 *hdr, const u8 *buf, size_t len) 1914 { 1915 struct dpp_authentication *auth = wpa_s->dpp_auth; 1916 enum dpp_status_error status; 1917 1918 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR, 1919 MAC2STR(src)); 1920 1921 if (!auth || !auth->waiting_conf_result) { 1922 if (auth && 1923 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) == 0 && 1924 gas_server_response_sent(wpa_s->gas_server, 1925 auth->gas_server_ctx)) { 1926 /* This could happen if the TX status event gets delayed 1927 * long enough for the Enrollee to have time to send 1928 * the next frame before the TX status gets processed 1929 * locally. */ 1930 wpa_printf(MSG_DEBUG, 1931 "DPP: GAS response was sent but TX status not yet received - assume it was ACKed since the Enrollee sent the next frame in the sequence"); 1932 auth->waiting_conf_result = 1; 1933 } else { 1934 wpa_printf(MSG_DEBUG, 1935 "DPP: No DPP Configuration waiting for result - drop"); 1936 return; 1937 } 1938 } 1939 1940 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1941 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1942 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1943 return; 1944 } 1945 1946 status = dpp_conf_result_rx(auth, hdr, buf, len); 1947 1948 if (status == DPP_STATUS_OK && auth->send_conn_status) { 1949 wpa_msg(wpa_s, MSG_INFO, 1950 DPP_EVENT_CONF_SENT "wait_conn_status=1"); 1951 wpa_printf(MSG_DEBUG, "DPP: Wait for Connection Status Result"); 1952 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, 1953 wpa_s, NULL); 1954 auth->waiting_conn_status_result = 1; 1955 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout, 1956 wpa_s, NULL); 1957 eloop_register_timeout(16, 0, 1958 wpas_dpp_conn_status_result_wait_timeout, 1959 wpa_s, NULL); 1960 offchannel_send_action_done(wpa_s); 1961 wpas_dpp_listen_start(wpa_s, auth->neg_freq ? auth->neg_freq : 1962 auth->curr_freq); 1963 return; 1964 } 1965 offchannel_send_action_done(wpa_s); 1966 wpas_dpp_listen_stop(wpa_s); 1967 if (status == DPP_STATUS_OK) 1968 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT); 1969 else 1970 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1971 dpp_auth_deinit(auth); 1972 wpa_s->dpp_auth = NULL; 1973 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL); 1974 } 1975 1976 1977 static void wpas_dpp_rx_conn_status_result(struct wpa_supplicant *wpa_s, 1978 const u8 *src, const u8 *hdr, 1979 const u8 *buf, size_t len) 1980 { 1981 struct dpp_authentication *auth = wpa_s->dpp_auth; 1982 enum dpp_status_error status; 1983 u8 ssid[SSID_MAX_LEN]; 1984 size_t ssid_len = 0; 1985 char *channel_list = NULL; 1986 1987 wpa_printf(MSG_DEBUG, "DPP: Connection Status Result"); 1988 1989 if (!auth || !auth->waiting_conn_status_result) { 1990 wpa_printf(MSG_DEBUG, 1991 "DPP: No DPP Configuration waiting for connection status result - drop"); 1992 return; 1993 } 1994 1995 status = dpp_conn_status_result_rx(auth, hdr, buf, len, 1996 ssid, &ssid_len, &channel_list); 1997 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT 1998 "result=%d ssid=%s channel_list=%s", 1999 status, wpa_ssid_txt(ssid, ssid_len), 2000 channel_list ? channel_list : "N/A"); 2001 os_free(channel_list); 2002 offchannel_send_action_done(wpa_s); 2003 wpas_dpp_listen_stop(wpa_s); 2004 dpp_auth_deinit(auth); 2005 wpa_s->dpp_auth = NULL; 2006 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout, 2007 wpa_s, NULL); 2008 } 2009 2010 2011 static int wpas_dpp_process_conf_obj(void *ctx, 2012 struct dpp_authentication *auth) 2013 { 2014 struct wpa_supplicant *wpa_s = ctx; 2015 unsigned int i; 2016 int res = -1; 2017 2018 for (i = 0; i < auth->num_conf_obj; i++) { 2019 res = wpas_dpp_handle_config_obj(wpa_s, auth, 2020 &auth->conf_obj[i]); 2021 if (res) 2022 break; 2023 } 2024 if (!res) 2025 wpas_dpp_post_process_config(wpa_s, auth); 2026 2027 return res; 2028 } 2029 2030 2031 static void wpas_dpp_remove_bi(void *ctx, struct dpp_bootstrap_info *bi) 2032 { 2033 struct wpa_supplicant *wpa_s = ctx; 2034 2035 if (bi == wpa_s->dpp_chirp_bi) 2036 wpas_dpp_chirp_stop(wpa_s); 2037 } 2038 2039 2040 static void 2041 wpas_dpp_rx_presence_announcement(struct wpa_supplicant *wpa_s, const u8 *src, 2042 const u8 *hdr, const u8 *buf, size_t len, 2043 unsigned int freq) 2044 { 2045 const u8 *r_bootstrap; 2046 u16 r_bootstrap_len; 2047 struct dpp_bootstrap_info *peer_bi; 2048 struct dpp_authentication *auth; 2049 2050 if (!wpa_s->dpp) 2051 return; 2052 2053 if (wpa_s->dpp_auth) { 2054 wpa_printf(MSG_DEBUG, 2055 "DPP: Ignore Presence Announcement during ongoing Authentication"); 2056 return; 2057 } 2058 2059 wpa_printf(MSG_DEBUG, "DPP: Presence Announcement from " MACSTR, 2060 MAC2STR(src)); 2061 2062 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, 2063 &r_bootstrap_len); 2064 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { 2065 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 2066 "Missing or invalid required Responder Bootstrapping Key Hash attribute"); 2067 return; 2068 } 2069 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", 2070 r_bootstrap, r_bootstrap_len); 2071 peer_bi = dpp_bootstrap_find_chirp(wpa_s->dpp, r_bootstrap); 2072 dpp_notify_chirp_received(wpa_s, peer_bi ? (int) peer_bi->id : -1, src, 2073 freq, r_bootstrap); 2074 if (!peer_bi) { 2075 wpa_printf(MSG_DEBUG, 2076 "DPP: No matching bootstrapping information found"); 2077 return; 2078 } 2079 2080 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, NULL, 2081 DPP_CAPAB_CONFIGURATOR, freq, NULL, 0); 2082 if (!auth) 2083 return; 2084 wpas_dpp_set_testing_options(wpa_s, auth); 2085 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) { 2086 dpp_auth_deinit(auth); 2087 return; 2088 } 2089 2090 auth->neg_freq = freq; 2091 2092 /* The source address of the Presence Announcement frame overrides any 2093 * MAC address information from the bootstrapping information. */ 2094 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 2095 2096 wpa_s->dpp_auth = auth; 2097 if (wpas_dpp_auth_init_next(wpa_s) < 0) { 2098 dpp_auth_deinit(wpa_s->dpp_auth); 2099 wpa_s->dpp_auth = NULL; 2100 } 2101 } 2102 2103 2104 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx, 2105 void *timeout_ctx) 2106 { 2107 struct wpa_supplicant *wpa_s = eloop_ctx; 2108 struct dpp_authentication *auth = wpa_s->dpp_auth; 2109 2110 if (!auth) 2111 return; 2112 2113 wpa_printf(MSG_DEBUG, "DPP: Reconfig Reply wait timeout"); 2114 offchannel_send_action_done(wpa_s); 2115 wpas_dpp_listen_stop(wpa_s); 2116 dpp_auth_deinit(auth); 2117 wpa_s->dpp_auth = NULL; 2118 } 2119 2120 2121 static void 2122 wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant *wpa_s, const u8 *src, 2123 const u8 *hdr, const u8 *buf, size_t len, 2124 unsigned int freq) 2125 { 2126 const u8 *csign_hash, *fcgroup, *a_nonce, *e_id; 2127 u16 csign_hash_len, fcgroup_len, a_nonce_len, e_id_len; 2128 struct dpp_configurator *conf; 2129 struct dpp_authentication *auth; 2130 unsigned int wait_time, max_wait_time; 2131 u16 group; 2132 2133 if (!wpa_s->dpp) 2134 return; 2135 2136 if (wpa_s->dpp_auth) { 2137 wpa_printf(MSG_DEBUG, 2138 "DPP: Ignore Reconfig Announcement during ongoing Authentication"); 2139 return; 2140 } 2141 2142 wpa_printf(MSG_DEBUG, "DPP: Reconfig Announcement from " MACSTR, 2143 MAC2STR(src)); 2144 2145 csign_hash = dpp_get_attr(buf, len, DPP_ATTR_C_SIGN_KEY_HASH, 2146 &csign_hash_len); 2147 if (!csign_hash || csign_hash_len != SHA256_MAC_LEN) { 2148 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 2149 "Missing or invalid required Configurator C-sign key Hash attribute"); 2150 return; 2151 } 2152 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator C-sign key Hash (kid)", 2153 csign_hash, csign_hash_len); 2154 conf = dpp_configurator_find_kid(wpa_s->dpp, csign_hash); 2155 if (!conf) { 2156 wpa_printf(MSG_DEBUG, 2157 "DPP: No matching Configurator information found"); 2158 return; 2159 } 2160 2161 fcgroup = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP, 2162 &fcgroup_len); 2163 if (!fcgroup || fcgroup_len != 2) { 2164 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 2165 "Missing or invalid required Finite Cyclic Group attribute"); 2166 return; 2167 } 2168 group = WPA_GET_LE16(fcgroup); 2169 wpa_printf(MSG_DEBUG, "DPP: Enrollee finite cyclic group: %u", group); 2170 2171 a_nonce = dpp_get_attr(buf, len, DPP_ATTR_A_NONCE, &a_nonce_len); 2172 e_id = dpp_get_attr(buf, len, DPP_ATTR_E_PRIME_ID, &e_id_len); 2173 2174 auth = dpp_reconfig_init(wpa_s->dpp, wpa_s, conf, freq, group, 2175 a_nonce, a_nonce_len, e_id, e_id_len); 2176 if (!auth) 2177 return; 2178 wpas_dpp_set_testing_options(wpa_s, auth); 2179 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) { 2180 dpp_auth_deinit(auth); 2181 return; 2182 } 2183 2184 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 2185 wpa_s->dpp_auth = auth; 2186 2187 wpa_s->dpp_in_response_listen = 0; 2188 wpa_s->dpp_auth_ok_on_ack = 0; 2189 wait_time = wpa_s->max_remain_on_chan; 2190 max_wait_time = wpa_s->dpp_resp_wait_time ? 2191 wpa_s->dpp_resp_wait_time : 2000; 2192 if (wait_time > max_wait_time) 2193 wait_time = max_wait_time; 2194 wait_time += 10; /* give the driver some extra time to complete */ 2195 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 2196 wpas_dpp_reconfig_reply_wait_timeout, 2197 wpa_s, NULL); 2198 wait_time -= 10; 2199 2200 wpas_dpp_stop_listen_for_tx(wpa_s, freq, wait_time); 2201 2202 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2203 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_REQ); 2204 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast, 2205 wpabuf_head(auth->reconfig_req_msg), 2206 wpabuf_len(auth->reconfig_req_msg), 2207 wait_time, wpas_dpp_tx_status, 0) < 0) { 2208 dpp_auth_deinit(wpa_s->dpp_auth); 2209 wpa_s->dpp_auth = NULL; 2210 } 2211 } 2212 2213 2214 static void 2215 wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant *wpa_s, const u8 *src, 2216 const u8 *hdr, const u8 *buf, size_t len, 2217 unsigned int freq) 2218 { 2219 struct wpa_ssid *ssid; 2220 struct dpp_authentication *auth; 2221 2222 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Request from " 2223 MACSTR, MAC2STR(src)); 2224 2225 if (!wpa_s->dpp) 2226 return; 2227 if (wpa_s->dpp_auth) { 2228 wpa_printf(MSG_DEBUG, 2229 "DPP: Not ready for reconfiguration - pending authentication exchange in progress"); 2230 return; 2231 } 2232 if (!wpa_s->dpp_reconfig_ssid) { 2233 wpa_printf(MSG_DEBUG, 2234 "DPP: Not ready for reconfiguration - not requested"); 2235 return; 2236 } 2237 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 2238 if (ssid == wpa_s->dpp_reconfig_ssid && 2239 ssid->id == wpa_s->dpp_reconfig_ssid_id) 2240 break; 2241 } 2242 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey || 2243 !ssid->dpp_csign) { 2244 wpa_printf(MSG_DEBUG, 2245 "DPP: Not ready for reconfiguration - no matching network profile with Connector found"); 2246 return; 2247 } 2248 2249 auth = dpp_reconfig_auth_req_rx(wpa_s->dpp, wpa_s, ssid->dpp_connector, 2250 ssid->dpp_netaccesskey, 2251 ssid->dpp_netaccesskey_len, 2252 ssid->dpp_csign, ssid->dpp_csign_len, 2253 freq, hdr, buf, len); 2254 if (!auth) 2255 return; 2256 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 2257 wpa_s->dpp_auth = auth; 2258 2259 wpas_dpp_chirp_stop(wpa_s); 2260 2261 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2262 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_RESP); 2263 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast, 2264 wpabuf_head(auth->reconfig_resp_msg), 2265 wpabuf_len(auth->reconfig_resp_msg), 2266 500, wpas_dpp_tx_status, 0) < 0) { 2267 dpp_auth_deinit(wpa_s->dpp_auth); 2268 wpa_s->dpp_auth = NULL; 2269 } 2270 } 2271 2272 2273 static void 2274 wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src, 2275 const u8 *hdr, const u8 *buf, size_t len, 2276 unsigned int freq) 2277 { 2278 struct dpp_authentication *auth = wpa_s->dpp_auth; 2279 struct wpabuf *conf; 2280 2281 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Response from " 2282 MACSTR, MAC2STR(src)); 2283 2284 if (!auth || !auth->reconfig || !auth->configurator) { 2285 wpa_printf(MSG_DEBUG, 2286 "DPP: No DPP Reconfig Authentication in progress - drop"); 2287 return; 2288 } 2289 2290 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 2291 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 2292 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 2293 return; 2294 } 2295 2296 conf = dpp_reconfig_auth_resp_rx(auth, hdr, buf, len); 2297 if (!conf) 2298 return; 2299 2300 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, wpa_s, NULL); 2301 2302 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2303 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_CONF); 2304 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast, 2305 wpabuf_head(conf), wpabuf_len(conf), 2306 500, wpas_dpp_tx_status, 0) < 0) { 2307 wpabuf_free(conf); 2308 dpp_auth_deinit(wpa_s->dpp_auth); 2309 wpa_s->dpp_auth = NULL; 2310 return; 2311 } 2312 wpabuf_free(conf); 2313 2314 wpas_dpp_start_gas_server(wpa_s); 2315 } 2316 2317 2318 static void 2319 wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src, 2320 const u8 *hdr, const u8 *buf, size_t len, 2321 unsigned int freq) 2322 { 2323 struct dpp_authentication *auth = wpa_s->dpp_auth; 2324 2325 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Confirm from " 2326 MACSTR, MAC2STR(src)); 2327 2328 if (!auth || !auth->reconfig || auth->configurator) { 2329 wpa_printf(MSG_DEBUG, 2330 "DPP: No DPP Reconfig Authentication in progress - drop"); 2331 return; 2332 } 2333 2334 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 2335 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 2336 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 2337 return; 2338 } 2339 2340 if (dpp_reconfig_auth_conf_rx(auth, hdr, buf, len) < 0) 2341 return; 2342 2343 wpas_dpp_start_gas_client(wpa_s); 2344 } 2345 2346 #endif /* CONFIG_DPP2 */ 2347 2348 2349 static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s, 2350 const u8 *src, 2351 const u8 *buf, size_t len) 2352 { 2353 struct wpa_ssid *ssid; 2354 const u8 *connector, *trans_id, *status; 2355 u16 connector_len, trans_id_len, status_len; 2356 #ifdef CONFIG_DPP2 2357 const u8 *version; 2358 u16 version_len; 2359 #endif /* CONFIG_DPP2 */ 2360 u8 peer_version = 1; 2361 struct dpp_introduction intro; 2362 struct rsn_pmksa_cache_entry *entry; 2363 struct os_time now; 2364 struct os_reltime rnow; 2365 os_time_t expiry; 2366 unsigned int seconds; 2367 enum dpp_status_error res; 2368 2369 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR, 2370 MAC2STR(src)); 2371 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) || 2372 os_memcmp(src, wpa_s->dpp_intro_bssid, ETH_ALEN) != 0) { 2373 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from " 2374 MACSTR " - drop", MAC2STR(src)); 2375 return; 2376 } 2377 offchannel_send_action_done(wpa_s); 2378 2379 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 2380 if (ssid == wpa_s->dpp_intro_network) 2381 break; 2382 } 2383 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey || 2384 !ssid->dpp_csign) { 2385 wpa_printf(MSG_DEBUG, 2386 "DPP: Profile not found for network introduction"); 2387 return; 2388 } 2389 2390 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID, 2391 &trans_id_len); 2392 if (!trans_id || trans_id_len != 1) { 2393 wpa_printf(MSG_DEBUG, 2394 "DPP: Peer did not include Transaction ID"); 2395 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2396 " fail=missing_transaction_id", MAC2STR(src)); 2397 goto fail; 2398 } 2399 if (trans_id[0] != TRANSACTION_ID) { 2400 wpa_printf(MSG_DEBUG, 2401 "DPP: Ignore frame with unexpected Transaction ID %u", 2402 trans_id[0]); 2403 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2404 " fail=transaction_id_mismatch", MAC2STR(src)); 2405 goto fail; 2406 } 2407 2408 status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len); 2409 if (!status || status_len != 1) { 2410 wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status"); 2411 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2412 " fail=missing_status", MAC2STR(src)); 2413 goto fail; 2414 } 2415 if (status[0] != DPP_STATUS_OK) { 2416 wpa_printf(MSG_DEBUG, 2417 "DPP: Peer rejected network introduction: Status %u", 2418 status[0]); 2419 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2420 " status=%u", MAC2STR(src), status[0]); 2421 #ifdef CONFIG_DPP2 2422 wpas_dpp_send_conn_status_result(wpa_s, status[0]); 2423 #endif /* CONFIG_DPP2 */ 2424 goto fail; 2425 } 2426 2427 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len); 2428 if (!connector) { 2429 wpa_printf(MSG_DEBUG, 2430 "DPP: Peer did not include its Connector"); 2431 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2432 " fail=missing_connector", MAC2STR(src)); 2433 goto fail; 2434 } 2435 2436 res = dpp_peer_intro(&intro, ssid->dpp_connector, 2437 ssid->dpp_netaccesskey, 2438 ssid->dpp_netaccesskey_len, 2439 ssid->dpp_csign, 2440 ssid->dpp_csign_len, 2441 connector, connector_len, &expiry); 2442 if (res != DPP_STATUS_OK) { 2443 wpa_printf(MSG_INFO, 2444 "DPP: Network Introduction protocol resulted in failure"); 2445 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2446 " fail=peer_connector_validation_failed", MAC2STR(src)); 2447 #ifdef CONFIG_DPP2 2448 wpas_dpp_send_conn_status_result(wpa_s, res); 2449 #endif /* CONFIG_DPP2 */ 2450 goto fail; 2451 } 2452 2453 entry = os_zalloc(sizeof(*entry)); 2454 if (!entry) 2455 goto fail; 2456 os_memcpy(entry->aa, src, ETH_ALEN); 2457 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN); 2458 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len); 2459 entry->pmk_len = intro.pmk_len; 2460 entry->akmp = WPA_KEY_MGMT_DPP; 2461 #ifdef CONFIG_DPP2 2462 version = dpp_get_attr(buf, len, DPP_ATTR_PROTOCOL_VERSION, 2463 &version_len); 2464 if (version && version_len >= 1) 2465 peer_version = version[0]; 2466 #ifdef CONFIG_DPP3 2467 if (intro.peer_version && intro.peer_version >= 2 && 2468 peer_version != intro.peer_version) { 2469 wpa_printf(MSG_INFO, 2470 "DPP: Protocol version mismatch (Connector: %d Attribute: %d", 2471 intro.peer_version, peer_version); 2472 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_NO_MATCH); 2473 goto fail; 2474 } 2475 #endif /* CONFIG_DPP3 */ 2476 entry->dpp_pfs = peer_version >= 2; 2477 #endif /* CONFIG_DPP2 */ 2478 if (expiry) { 2479 os_get_time(&now); 2480 seconds = expiry - now.sec; 2481 } else { 2482 seconds = 86400 * 7; 2483 } 2484 os_get_reltime(&rnow); 2485 entry->expiration = rnow.sec + seconds; 2486 entry->reauth_time = rnow.sec + seconds; 2487 entry->network_ctx = ssid; 2488 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry); 2489 2490 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 2491 " status=%u version=%u", MAC2STR(src), status[0], peer_version); 2492 2493 wpa_printf(MSG_DEBUG, 2494 "DPP: Try connection again after successful network introduction"); 2495 if (wpa_supplicant_fast_associate(wpa_s) != 1) { 2496 wpa_supplicant_cancel_sched_scan(wpa_s); 2497 wpa_supplicant_req_scan(wpa_s, 0, 0); 2498 } 2499 fail: 2500 os_memset(&intro, 0, sizeof(intro)); 2501 } 2502 2503 2504 static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq) 2505 { 2506 int i, j; 2507 2508 if (!wpa_s->hw.modes) 2509 return -1; 2510 2511 for (i = 0; i < wpa_s->hw.num_modes; i++) { 2512 struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i]; 2513 2514 for (j = 0; j < mode->num_channels; j++) { 2515 struct hostapd_channel_data *chan = &mode->channels[j]; 2516 2517 if (chan->freq != (int) freq) 2518 continue; 2519 2520 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 2521 HOSTAPD_CHAN_NO_IR | 2522 HOSTAPD_CHAN_RADAR)) 2523 continue; 2524 2525 return 1; 2526 } 2527 } 2528 2529 wpa_printf(MSG_DEBUG, 2530 "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list", 2531 freq); 2532 2533 return 0; 2534 } 2535 2536 2537 static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s, 2538 struct dpp_pkex *pkex) 2539 { 2540 if (pkex->freq == 2437) 2541 pkex->freq = 5745; 2542 else if (pkex->freq == 5745) 2543 pkex->freq = 5220; 2544 else if (pkex->freq == 5220) 2545 pkex->freq = 60480; 2546 else 2547 return -1; /* no more channels to try */ 2548 2549 if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) { 2550 wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz", 2551 pkex->freq); 2552 return 0; 2553 } 2554 2555 /* Could not use this channel - try the next one */ 2556 return wpas_dpp_pkex_next_channel(wpa_s, pkex); 2557 } 2558 2559 2560 static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx) 2561 { 2562 struct wpa_supplicant *wpa_s = eloop_ctx; 2563 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 2564 2565 if (!pkex || !pkex->exchange_req) 2566 return; 2567 if (pkex->exch_req_tries >= 5) { 2568 if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) { 2569 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 2570 "No response from PKEX peer"); 2571 dpp_pkex_free(pkex); 2572 wpa_s->dpp_pkex = NULL; 2573 return; 2574 } 2575 pkex->exch_req_tries = 0; 2576 } 2577 2578 pkex->exch_req_tries++; 2579 wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)", 2580 pkex->exch_req_tries); 2581 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2582 MAC2STR(broadcast), pkex->freq, 2583 pkex->v2 ? DPP_PA_PKEX_EXCHANGE_REQ : 2584 DPP_PA_PKEX_V1_EXCHANGE_REQ); 2585 offchannel_send_action(wpa_s, pkex->freq, broadcast, 2586 wpa_s->own_addr, broadcast, 2587 wpabuf_head(pkex->exchange_req), 2588 wpabuf_len(pkex->exchange_req), 2589 pkex->exch_req_wait_time, 2590 wpas_dpp_tx_pkex_status, 0); 2591 } 2592 2593 2594 static void 2595 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s, 2596 unsigned int freq, const u8 *dst, 2597 const u8 *src, const u8 *bssid, 2598 const u8 *data, size_t data_len, 2599 enum offchannel_send_action_result result) 2600 { 2601 const char *res_txt; 2602 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 2603 2604 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 2605 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 2606 "FAILED"); 2607 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR 2608 " result=%s (PKEX)", 2609 freq, MAC2STR(dst), res_txt); 2610 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 2611 " freq=%u result=%s", MAC2STR(dst), freq, res_txt); 2612 2613 if (!pkex) { 2614 wpa_printf(MSG_DEBUG, 2615 "DPP: Ignore TX status since there is no ongoing PKEX exchange"); 2616 return; 2617 } 2618 2619 if (pkex->failed) { 2620 wpa_printf(MSG_DEBUG, 2621 "DPP: Terminate PKEX exchange due to an earlier error"); 2622 if (pkex->t > pkex->own_bi->pkex_t) 2623 pkex->own_bi->pkex_t = pkex->t; 2624 dpp_pkex_free(pkex); 2625 wpa_s->dpp_pkex = NULL; 2626 return; 2627 } 2628 2629 if (pkex->exch_req_wait_time && pkex->exchange_req) { 2630 /* Wait for PKEX Exchange Response frame and retry request if 2631 * no response is seen. */ 2632 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); 2633 eloop_register_timeout(pkex->exch_req_wait_time / 1000, 2634 (pkex->exch_req_wait_time % 1000) * 1000, 2635 wpas_dpp_pkex_retry_timeout, wpa_s, 2636 NULL); 2637 } 2638 } 2639 2640 2641 static void 2642 wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src, 2643 const u8 *buf, size_t len, unsigned int freq, 2644 bool v2) 2645 { 2646 struct wpabuf *msg; 2647 unsigned int wait_time; 2648 2649 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR, 2650 MAC2STR(src)); 2651 2652 /* TODO: Support multiple PKEX codes by iterating over all the enabled 2653 * values here */ 2654 2655 if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) { 2656 wpa_printf(MSG_DEBUG, 2657 "DPP: No PKEX code configured - ignore request"); 2658 return; 2659 } 2660 2661 if (wpa_s->dpp_pkex) { 2662 /* TODO: Support parallel operations */ 2663 wpa_printf(MSG_DEBUG, 2664 "DPP: Already in PKEX session - ignore new request"); 2665 return; 2666 } 2667 2668 wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi, 2669 wpa_s->own_addr, src, 2670 wpa_s->dpp_pkex_identifier, 2671 wpa_s->dpp_pkex_code, 2672 buf, len, v2); 2673 if (!wpa_s->dpp_pkex) { 2674 wpa_printf(MSG_DEBUG, 2675 "DPP: Failed to process the request - ignore it"); 2676 return; 2677 } 2678 2679 msg = wpa_s->dpp_pkex->exchange_resp; 2680 wait_time = wpa_s->max_remain_on_chan; 2681 if (wait_time > 2000) 2682 wait_time = 2000; 2683 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2684 MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP); 2685 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, 2686 broadcast, 2687 wpabuf_head(msg), wpabuf_len(msg), 2688 wait_time, wpas_dpp_tx_pkex_status, 0); 2689 } 2690 2691 2692 static void 2693 wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src, 2694 const u8 *buf, size_t len, unsigned int freq) 2695 { 2696 struct wpabuf *msg; 2697 unsigned int wait_time; 2698 2699 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR, 2700 MAC2STR(src)); 2701 2702 /* TODO: Support multiple PKEX codes by iterating over all the enabled 2703 * values here */ 2704 2705 if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator || 2706 wpa_s->dpp_pkex->exchange_done) { 2707 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 2708 return; 2709 } 2710 2711 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); 2712 wpa_s->dpp_pkex->exch_req_wait_time = 0; 2713 2714 msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len); 2715 if (!msg) { 2716 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); 2717 return; 2718 } 2719 2720 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR, 2721 MAC2STR(src)); 2722 2723 wait_time = wpa_s->max_remain_on_chan; 2724 if (wait_time > 2000) 2725 wait_time = 2000; 2726 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2727 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ); 2728 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, 2729 broadcast, 2730 wpabuf_head(msg), wpabuf_len(msg), 2731 wait_time, wpas_dpp_tx_pkex_status, 0); 2732 wpabuf_free(msg); 2733 } 2734 2735 2736 static struct dpp_bootstrap_info * 2737 wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer, 2738 unsigned int freq) 2739 { 2740 struct dpp_bootstrap_info *bi; 2741 2742 bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq); 2743 if (!bi) 2744 return NULL; 2745 wpa_s->dpp_pkex = NULL; 2746 return bi; 2747 } 2748 2749 2750 static void 2751 wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src, 2752 const u8 *hdr, const u8 *buf, size_t len, 2753 unsigned int freq) 2754 { 2755 struct wpabuf *msg; 2756 unsigned int wait_time; 2757 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 2758 2759 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR, 2760 MAC2STR(src)); 2761 2762 if (!pkex || pkex->initiator || !pkex->exchange_done) { 2763 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 2764 return; 2765 } 2766 2767 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len); 2768 if (!msg) { 2769 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request"); 2770 if (pkex->failed) { 2771 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange"); 2772 if (pkex->t > pkex->own_bi->pkex_t) 2773 pkex->own_bi->pkex_t = pkex->t; 2774 dpp_pkex_free(wpa_s->dpp_pkex); 2775 wpa_s->dpp_pkex = NULL; 2776 } 2777 return; 2778 } 2779 2780 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to " 2781 MACSTR, MAC2STR(src)); 2782 2783 wait_time = wpa_s->max_remain_on_chan; 2784 if (wait_time > 2000) 2785 wait_time = 2000; 2786 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2787 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP); 2788 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, 2789 broadcast, 2790 wpabuf_head(msg), wpabuf_len(msg), 2791 wait_time, wpas_dpp_tx_pkex_status, 0); 2792 wpabuf_free(msg); 2793 2794 wpas_dpp_pkex_finish(wpa_s, src, freq); 2795 } 2796 2797 2798 static void 2799 wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src, 2800 const u8 *hdr, const u8 *buf, size_t len, 2801 unsigned int freq) 2802 { 2803 int res; 2804 struct dpp_bootstrap_info *bi; 2805 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 2806 char cmd[500]; 2807 2808 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR, 2809 MAC2STR(src)); 2810 2811 if (!pkex || !pkex->initiator || !pkex->exchange_done) { 2812 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 2813 return; 2814 } 2815 2816 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len); 2817 if (res < 0) { 2818 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); 2819 return; 2820 } 2821 2822 bi = wpas_dpp_pkex_finish(wpa_s, src, freq); 2823 if (!bi) 2824 return; 2825 2826 os_snprintf(cmd, sizeof(cmd), " peer=%u %s", 2827 bi->id, 2828 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : ""); 2829 wpa_printf(MSG_DEBUG, 2830 "DPP: Start authentication after PKEX with parameters: %s", 2831 cmd); 2832 if (wpas_dpp_auth_init(wpa_s, cmd) < 0) { 2833 wpa_printf(MSG_DEBUG, 2834 "DPP: Authentication initialization failed"); 2835 offchannel_send_action_done(wpa_s); 2836 return; 2837 } 2838 } 2839 2840 2841 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src, 2842 const u8 *buf, size_t len, unsigned int freq) 2843 { 2844 u8 crypto_suite; 2845 enum dpp_public_action_frame_type type; 2846 const u8 *hdr; 2847 unsigned int pkex_t; 2848 2849 if (len < DPP_HDR_LEN) 2850 return; 2851 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE) 2852 return; 2853 hdr = buf; 2854 buf += 4; 2855 len -= 4; 2856 crypto_suite = *buf++; 2857 type = *buf++; 2858 len -= 2; 2859 2860 wpa_printf(MSG_DEBUG, 2861 "DPP: Received DPP Public Action frame crypto suite %u type %d from " 2862 MACSTR " freq=%u", 2863 crypto_suite, type, MAC2STR(src), freq); 2864 if (crypto_suite != 1) { 2865 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u", 2866 crypto_suite); 2867 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 2868 " freq=%u type=%d ignore=unsupported-crypto-suite", 2869 MAC2STR(src), freq, type); 2870 return; 2871 } 2872 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len); 2873 if (dpp_check_attrs(buf, len) < 0) { 2874 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 2875 " freq=%u type=%d ignore=invalid-attributes", 2876 MAC2STR(src), freq, type); 2877 return; 2878 } 2879 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d", 2880 MAC2STR(src), freq, type); 2881 2882 switch (type) { 2883 case DPP_PA_AUTHENTICATION_REQ: 2884 wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq); 2885 break; 2886 case DPP_PA_AUTHENTICATION_RESP: 2887 wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq); 2888 break; 2889 case DPP_PA_AUTHENTICATION_CONF: 2890 wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len); 2891 break; 2892 case DPP_PA_PEER_DISCOVERY_RESP: 2893 wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len); 2894 break; 2895 #ifdef CONFIG_DPP3 2896 case DPP_PA_PKEX_EXCHANGE_REQ: 2897 /* This is for PKEXv2, but for now, process only with 2898 * CONFIG_DPP3 to avoid issues with a capability that has not 2899 * been tested with other implementations. */ 2900 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq, true); 2901 break; 2902 #endif /* CONFIG_DPP3 */ 2903 case DPP_PA_PKEX_V1_EXCHANGE_REQ: 2904 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq, 2905 false); 2906 break; 2907 case DPP_PA_PKEX_EXCHANGE_RESP: 2908 wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq); 2909 break; 2910 case DPP_PA_PKEX_COMMIT_REVEAL_REQ: 2911 wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len, 2912 freq); 2913 break; 2914 case DPP_PA_PKEX_COMMIT_REVEAL_RESP: 2915 wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len, 2916 freq); 2917 break; 2918 #ifdef CONFIG_DPP2 2919 case DPP_PA_CONFIGURATION_RESULT: 2920 wpas_dpp_rx_conf_result(wpa_s, src, hdr, buf, len); 2921 break; 2922 case DPP_PA_CONNECTION_STATUS_RESULT: 2923 wpas_dpp_rx_conn_status_result(wpa_s, src, hdr, buf, len); 2924 break; 2925 case DPP_PA_PRESENCE_ANNOUNCEMENT: 2926 wpas_dpp_rx_presence_announcement(wpa_s, src, hdr, buf, len, 2927 freq); 2928 break; 2929 case DPP_PA_RECONFIG_ANNOUNCEMENT: 2930 wpas_dpp_rx_reconfig_announcement(wpa_s, src, hdr, buf, len, 2931 freq); 2932 break; 2933 case DPP_PA_RECONFIG_AUTH_REQ: 2934 wpas_dpp_rx_reconfig_auth_req(wpa_s, src, hdr, buf, len, freq); 2935 break; 2936 case DPP_PA_RECONFIG_AUTH_RESP: 2937 wpas_dpp_rx_reconfig_auth_resp(wpa_s, src, hdr, buf, len, freq); 2938 break; 2939 case DPP_PA_RECONFIG_AUTH_CONF: 2940 wpas_dpp_rx_reconfig_auth_conf(wpa_s, src, hdr, buf, len, freq); 2941 break; 2942 #endif /* CONFIG_DPP2 */ 2943 default: 2944 wpa_printf(MSG_DEBUG, 2945 "DPP: Ignored unsupported frame subtype %d", type); 2946 break; 2947 } 2948 2949 if (wpa_s->dpp_pkex) 2950 pkex_t = wpa_s->dpp_pkex->t; 2951 else if (wpa_s->dpp_pkex_bi) 2952 pkex_t = wpa_s->dpp_pkex_bi->pkex_t; 2953 else 2954 pkex_t = 0; 2955 if (pkex_t >= PKEX_COUNTER_T_LIMIT) { 2956 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0"); 2957 wpas_dpp_pkex_remove(wpa_s, "*"); 2958 } 2959 } 2960 2961 2962 static struct wpabuf * 2963 wpas_dpp_gas_req_handler(void *ctx, void *resp_ctx, const u8 *sa, 2964 const u8 *query, size_t query_len, u16 *comeback_delay) 2965 { 2966 struct wpa_supplicant *wpa_s = ctx; 2967 struct dpp_authentication *auth = wpa_s->dpp_auth; 2968 struct wpabuf *resp; 2969 2970 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR, 2971 MAC2STR(sa)); 2972 if (!auth || (!auth->auth_success && !auth->reconfig_success) || 2973 os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) { 2974 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); 2975 return NULL; 2976 } 2977 2978 if (wpa_s->dpp_auth_ok_on_ack && auth->configurator) { 2979 wpa_printf(MSG_DEBUG, 2980 "DPP: Have not received ACK for Auth Confirm yet - assume it was received based on this GAS request"); 2981 /* wpas_dpp_auth_success() would normally have been called from 2982 * TX status handler, but since there was no such handler call 2983 * yet, simply send out the event message and proceed with 2984 * exchange. */ 2985 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=1"); 2986 wpa_s->dpp_auth_ok_on_ack = 0; 2987 } 2988 2989 wpa_hexdump(MSG_DEBUG, 2990 "DPP: Received Configuration Request (GAS Query Request)", 2991 query, query_len); 2992 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR, 2993 MAC2STR(sa)); 2994 resp = dpp_conf_req_rx(auth, query, query_len); 2995 2996 #ifdef CONFIG_DPP2 2997 if (!resp && auth->waiting_cert) { 2998 wpa_printf(MSG_DEBUG, "DPP: Certificate not yet ready"); 2999 auth->cert_resp_ctx = resp_ctx; 3000 *comeback_delay = 500; 3001 return NULL; 3002 } 3003 #endif /* CONFIG_DPP2 */ 3004 3005 if (!resp) 3006 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 3007 auth->conf_resp = resp; 3008 auth->gas_server_ctx = resp_ctx; 3009 return resp; 3010 } 3011 3012 3013 static void 3014 wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok) 3015 { 3016 struct wpa_supplicant *wpa_s = ctx; 3017 struct dpp_authentication *auth = wpa_s->dpp_auth; 3018 3019 if (!auth) { 3020 wpabuf_free(resp); 3021 return; 3022 } 3023 if (auth->conf_resp != resp) { 3024 wpa_printf(MSG_DEBUG, 3025 "DPP: Ignore GAS status report (ok=%d) for unknown response", 3026 ok); 3027 wpabuf_free(resp); 3028 return; 3029 } 3030 3031 #ifdef CONFIG_DPP2 3032 if (auth->waiting_csr && ok) { 3033 wpa_printf(MSG_DEBUG, "DPP: Waiting for CSR"); 3034 wpabuf_free(resp); 3035 return; 3036 } 3037 #endif /* CONFIG_DPP2 */ 3038 3039 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)", 3040 ok); 3041 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 3042 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL); 3043 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 3044 #ifdef CONFIG_DPP2 3045 if (ok && auth->peer_version >= 2 && 3046 auth->conf_resp_status == DPP_STATUS_OK && 3047 !auth->waiting_conf_result) { 3048 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result"); 3049 auth->waiting_conf_result = 1; 3050 auth->conf_resp = NULL; 3051 wpabuf_free(resp); 3052 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, 3053 wpa_s, NULL); 3054 eloop_register_timeout(2, 0, 3055 wpas_dpp_config_result_wait_timeout, 3056 wpa_s, NULL); 3057 return; 3058 } 3059 #endif /* CONFIG_DPP2 */ 3060 offchannel_send_action_done(wpa_s); 3061 wpas_dpp_listen_stop(wpa_s); 3062 if (ok) 3063 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT); 3064 else 3065 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 3066 dpp_auth_deinit(wpa_s->dpp_auth); 3067 wpa_s->dpp_auth = NULL; 3068 wpabuf_free(resp); 3069 } 3070 3071 3072 int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd) 3073 { 3074 struct dpp_authentication *auth; 3075 int ret = -1; 3076 char *curve = NULL; 3077 3078 auth = dpp_alloc_auth(wpa_s->dpp, wpa_s); 3079 if (!auth) 3080 return -1; 3081 3082 curve = get_param(cmd, " curve="); 3083 wpas_dpp_set_testing_options(wpa_s, auth); 3084 if (dpp_set_configurator(auth, cmd) == 0 && 3085 dpp_configurator_own_config(auth, curve, 0) == 0) 3086 ret = wpas_dpp_handle_config_obj(wpa_s, auth, 3087 &auth->conf_obj[0]); 3088 if (!ret) 3089 wpas_dpp_post_process_config(wpa_s, auth); 3090 3091 dpp_auth_deinit(auth); 3092 os_free(curve); 3093 3094 return ret; 3095 } 3096 3097 3098 static void 3099 wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s, 3100 unsigned int freq, const u8 *dst, 3101 const u8 *src, const u8 *bssid, 3102 const u8 *data, size_t data_len, 3103 enum offchannel_send_action_result result) 3104 { 3105 const char *res_txt; 3106 3107 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 3108 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 3109 "FAILED"); 3110 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR 3111 " result=%s (DPP Peer Discovery Request)", 3112 freq, MAC2STR(dst), res_txt); 3113 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 3114 " freq=%u result=%s", MAC2STR(dst), freq, res_txt); 3115 /* TODO: Time out wait for response more quickly in error cases? */ 3116 } 3117 3118 3119 int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 3120 struct wpa_bss *bss) 3121 { 3122 struct os_time now; 3123 struct wpabuf *msg; 3124 unsigned int wait_time; 3125 const u8 *rsn; 3126 struct wpa_ie_data ied; 3127 size_t len; 3128 3129 if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss) 3130 return 0; /* Not using DPP AKM - continue */ 3131 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 3132 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 && 3133 !(ied.key_mgmt & WPA_KEY_MGMT_DPP)) 3134 return 0; /* AP does not support DPP AKM - continue */ 3135 if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid)) 3136 return 0; /* PMKSA exists for DPP AKM - continue */ 3137 3138 if (!ssid->dpp_connector || !ssid->dpp_netaccesskey || 3139 !ssid->dpp_csign) { 3140 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR 3141 "missing %s", 3142 !ssid->dpp_connector ? "Connector" : 3143 (!ssid->dpp_netaccesskey ? "netAccessKey" : 3144 "C-sign-key")); 3145 return -1; 3146 } 3147 3148 os_get_time(&now); 3149 3150 if (ssid->dpp_netaccesskey_expiry && 3151 (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) { 3152 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR 3153 "netAccessKey expired"); 3154 return -1; 3155 } 3156 3157 wpa_printf(MSG_DEBUG, 3158 "DPP: Starting network introduction protocol to derive PMKSA for " 3159 MACSTR, MAC2STR(bss->bssid)); 3160 3161 len = 5 + 4 + os_strlen(ssid->dpp_connector); 3162 #ifdef CONFIG_DPP2 3163 len += 5; 3164 #endif /* CONFIG_DPP2 */ 3165 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, len); 3166 if (!msg) 3167 return -1; 3168 3169 #ifdef CONFIG_TESTING_OPTIONS 3170 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) { 3171 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID"); 3172 goto skip_trans_id; 3173 } 3174 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) { 3175 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID"); 3176 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); 3177 wpabuf_put_le16(msg, 0); 3178 goto skip_trans_id; 3179 } 3180 #endif /* CONFIG_TESTING_OPTIONS */ 3181 3182 /* Transaction ID */ 3183 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); 3184 wpabuf_put_le16(msg, 1); 3185 wpabuf_put_u8(msg, TRANSACTION_ID); 3186 3187 #ifdef CONFIG_TESTING_OPTIONS 3188 skip_trans_id: 3189 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) { 3190 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector"); 3191 goto skip_connector; 3192 } 3193 if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) { 3194 char *connector; 3195 3196 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector"); 3197 connector = dpp_corrupt_connector_signature( 3198 ssid->dpp_connector); 3199 if (!connector) { 3200 wpabuf_free(msg); 3201 return -1; 3202 } 3203 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); 3204 wpabuf_put_le16(msg, os_strlen(connector)); 3205 wpabuf_put_str(msg, connector); 3206 os_free(connector); 3207 goto skip_connector; 3208 } 3209 #endif /* CONFIG_TESTING_OPTIONS */ 3210 3211 /* DPP Connector */ 3212 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); 3213 wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector)); 3214 wpabuf_put_str(msg, ssid->dpp_connector); 3215 3216 #ifdef CONFIG_TESTING_OPTIONS 3217 skip_connector: 3218 if (dpp_test == DPP_TEST_NO_PROTOCOL_VERSION_PEER_DISC_REQ) { 3219 wpa_printf(MSG_INFO, "DPP: TESTING - no Protocol Version"); 3220 goto skip_proto_ver; 3221 } 3222 #endif /* CONFIG_TESTING_OPTIONS */ 3223 3224 #ifdef CONFIG_DPP2 3225 if (DPP_VERSION > 1) { 3226 u8 ver = DPP_VERSION; 3227 #ifdef CONFIG_DPP3 3228 int conn_ver; 3229 3230 conn_ver = dpp_get_connector_version(ssid->dpp_connector); 3231 if (conn_ver > 0 && ver != conn_ver) { 3232 wpa_printf(MSG_DEBUG, 3233 "DPP: Use Connector version %d instead of current protocol version %d", 3234 conn_ver, ver); 3235 ver = conn_ver; 3236 } 3237 #endif /* CONFIG_DPP3 */ 3238 3239 /* Protocol Version */ 3240 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION); 3241 wpabuf_put_le16(msg, 1); 3242 wpabuf_put_u8(msg, ver); 3243 } 3244 #endif /* CONFIG_DPP2 */ 3245 3246 #ifdef CONFIG_TESTING_OPTIONS 3247 skip_proto_ver: 3248 #endif /* CONFIG_TESTING_OPTIONS */ 3249 3250 /* TODO: Timeout on AP response */ 3251 wait_time = wpa_s->max_remain_on_chan; 3252 if (wait_time > 2000) 3253 wait_time = 2000; 3254 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 3255 MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ); 3256 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr, 3257 broadcast, 3258 wpabuf_head(msg), wpabuf_len(msg), 3259 wait_time, wpas_dpp_tx_introduction_status, 0); 3260 wpabuf_free(msg); 3261 3262 /* Request this connection attempt to terminate - new one will be 3263 * started when network introduction protocol completes */ 3264 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN); 3265 wpa_s->dpp_intro_network = ssid; 3266 return 1; 3267 } 3268 3269 3270 int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd) 3271 { 3272 struct dpp_bootstrap_info *own_bi; 3273 const char *pos, *end; 3274 unsigned int wait_time; 3275 3276 pos = os_strstr(cmd, " own="); 3277 if (!pos) 3278 return -1; 3279 pos += 5; 3280 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 3281 if (!own_bi) { 3282 wpa_printf(MSG_DEBUG, 3283 "DPP: Identified bootstrap info not found"); 3284 return -1; 3285 } 3286 if (own_bi->type != DPP_BOOTSTRAP_PKEX) { 3287 wpa_printf(MSG_DEBUG, 3288 "DPP: Identified bootstrap info not for PKEX"); 3289 return -1; 3290 } 3291 wpa_s->dpp_pkex_bi = own_bi; 3292 own_bi->pkex_t = 0; /* clear pending errors on new code */ 3293 3294 os_free(wpa_s->dpp_pkex_identifier); 3295 wpa_s->dpp_pkex_identifier = NULL; 3296 pos = os_strstr(cmd, " identifier="); 3297 if (pos) { 3298 pos += 12; 3299 end = os_strchr(pos, ' '); 3300 if (!end) 3301 return -1; 3302 wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1); 3303 if (!wpa_s->dpp_pkex_identifier) 3304 return -1; 3305 os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos); 3306 wpa_s->dpp_pkex_identifier[end - pos] = '\0'; 3307 } 3308 3309 pos = os_strstr(cmd, " code="); 3310 if (!pos) 3311 return -1; 3312 os_free(wpa_s->dpp_pkex_code); 3313 wpa_s->dpp_pkex_code = os_strdup(pos + 6); 3314 if (!wpa_s->dpp_pkex_code) 3315 return -1; 3316 3317 if (os_strstr(cmd, " init=1") || os_strstr(cmd, " init=2")) { 3318 struct dpp_pkex *pkex; 3319 struct wpabuf *msg; 3320 bool v2 = os_strstr(cmd, " init=2") != NULL; 3321 3322 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEX"); 3323 dpp_pkex_free(wpa_s->dpp_pkex); 3324 wpa_s->dpp_pkex = dpp_pkex_init(wpa_s, own_bi, wpa_s->own_addr, 3325 wpa_s->dpp_pkex_identifier, 3326 wpa_s->dpp_pkex_code, v2); 3327 pkex = wpa_s->dpp_pkex; 3328 if (!pkex) 3329 return -1; 3330 3331 msg = pkex->exchange_req; 3332 wait_time = wpa_s->max_remain_on_chan; 3333 if (wait_time > 2000) 3334 wait_time = 2000; 3335 pkex->freq = 2437; 3336 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 3337 " freq=%u type=%d", 3338 MAC2STR(broadcast), pkex->freq, 3339 v2 ? DPP_PA_PKEX_EXCHANGE_REQ : 3340 DPP_PA_PKEX_V1_EXCHANGE_REQ); 3341 offchannel_send_action(wpa_s, pkex->freq, broadcast, 3342 wpa_s->own_addr, broadcast, 3343 wpabuf_head(msg), wpabuf_len(msg), 3344 wait_time, wpas_dpp_tx_pkex_status, 0); 3345 if (wait_time == 0) 3346 wait_time = 2000; 3347 pkex->exch_req_wait_time = wait_time; 3348 pkex->exch_req_tries = 1; 3349 } 3350 3351 /* TODO: Support multiple PKEX info entries */ 3352 3353 os_free(wpa_s->dpp_pkex_auth_cmd); 3354 wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd); 3355 3356 return 1; 3357 } 3358 3359 3360 int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id) 3361 { 3362 unsigned int id_val; 3363 3364 if (os_strcmp(id, "*") == 0) { 3365 id_val = 0; 3366 } else { 3367 id_val = atoi(id); 3368 if (id_val == 0) 3369 return -1; 3370 } 3371 3372 if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code) 3373 return -1; 3374 3375 /* TODO: Support multiple PKEX entries */ 3376 os_free(wpa_s->dpp_pkex_code); 3377 wpa_s->dpp_pkex_code = NULL; 3378 os_free(wpa_s->dpp_pkex_identifier); 3379 wpa_s->dpp_pkex_identifier = NULL; 3380 os_free(wpa_s->dpp_pkex_auth_cmd); 3381 wpa_s->dpp_pkex_auth_cmd = NULL; 3382 wpa_s->dpp_pkex_bi = NULL; 3383 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */ 3384 dpp_pkex_free(wpa_s->dpp_pkex); 3385 wpa_s->dpp_pkex = NULL; 3386 return 0; 3387 } 3388 3389 3390 void wpas_dpp_stop(struct wpa_supplicant *wpa_s) 3391 { 3392 if (wpa_s->dpp_auth || wpa_s->dpp_pkex) 3393 offchannel_send_action_done(wpa_s); 3394 dpp_auth_deinit(wpa_s->dpp_auth); 3395 wpa_s->dpp_auth = NULL; 3396 dpp_pkex_free(wpa_s->dpp_pkex); 3397 wpa_s->dpp_pkex = NULL; 3398 if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0) 3399 gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token); 3400 } 3401 3402 3403 int wpas_dpp_init(struct wpa_supplicant *wpa_s) 3404 { 3405 struct dpp_global_config config; 3406 u8 adv_proto_id[7]; 3407 3408 adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC; 3409 adv_proto_id[1] = 5; 3410 WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA); 3411 adv_proto_id[5] = DPP_OUI_TYPE; 3412 adv_proto_id[6] = 0x01; 3413 3414 if (gas_server_register(wpa_s->gas_server, adv_proto_id, 3415 sizeof(adv_proto_id), wpas_dpp_gas_req_handler, 3416 wpas_dpp_gas_status_handler, wpa_s) < 0) 3417 return -1; 3418 3419 os_memset(&config, 0, sizeof(config)); 3420 config.cb_ctx = wpa_s; 3421 #ifdef CONFIG_DPP2 3422 config.remove_bi = wpas_dpp_remove_bi; 3423 #endif /* CONFIG_DPP2 */ 3424 wpa_s->dpp = dpp_global_init(&config); 3425 return wpa_s->dpp ? 0 : -1; 3426 } 3427 3428 3429 void wpas_dpp_deinit(struct wpa_supplicant *wpa_s) 3430 { 3431 #ifdef CONFIG_TESTING_OPTIONS 3432 os_free(wpa_s->dpp_config_obj_override); 3433 wpa_s->dpp_config_obj_override = NULL; 3434 os_free(wpa_s->dpp_discovery_override); 3435 wpa_s->dpp_discovery_override = NULL; 3436 os_free(wpa_s->dpp_groups_override); 3437 wpa_s->dpp_groups_override = NULL; 3438 wpa_s->dpp_ignore_netaccesskey_mismatch = 0; 3439 #endif /* CONFIG_TESTING_OPTIONS */ 3440 if (!wpa_s->dpp) 3441 return; 3442 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); 3443 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 3444 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL); 3445 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 3446 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 3447 #ifdef CONFIG_DPP2 3448 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL); 3449 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout, 3450 wpa_s, NULL); 3451 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL); 3452 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, 3453 wpa_s, NULL); 3454 eloop_cancel_timeout(wpas_dpp_build_csr, wpa_s, NULL); 3455 dpp_pfs_free(wpa_s->dpp_pfs); 3456 wpa_s->dpp_pfs = NULL; 3457 wpas_dpp_chirp_stop(wpa_s); 3458 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id); 3459 wpa_s->dpp_reconfig_id = NULL; 3460 #endif /* CONFIG_DPP2 */ 3461 offchannel_send_action_done(wpa_s); 3462 wpas_dpp_listen_stop(wpa_s); 3463 wpas_dpp_stop(wpa_s); 3464 wpas_dpp_pkex_remove(wpa_s, "*"); 3465 os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN); 3466 os_free(wpa_s->dpp_configurator_params); 3467 wpa_s->dpp_configurator_params = NULL; 3468 dpp_global_clear(wpa_s->dpp); 3469 } 3470 3471 3472 #ifdef CONFIG_DPP2 3473 3474 int wpas_dpp_controller_start(struct wpa_supplicant *wpa_s, const char *cmd) 3475 { 3476 struct dpp_controller_config config; 3477 const char *pos; 3478 3479 os_memset(&config, 0, sizeof(config)); 3480 config.allowed_roles = DPP_CAPAB_ENROLLEE | DPP_CAPAB_CONFIGURATOR; 3481 config.netrole = DPP_NETROLE_STA; 3482 config.msg_ctx = wpa_s; 3483 config.cb_ctx = wpa_s; 3484 config.process_conf_obj = wpas_dpp_process_conf_obj; 3485 if (cmd) { 3486 pos = os_strstr(cmd, " tcp_port="); 3487 if (pos) { 3488 pos += 10; 3489 config.tcp_port = atoi(pos); 3490 } 3491 3492 pos = os_strstr(cmd, " role="); 3493 if (pos) { 3494 pos += 6; 3495 if (os_strncmp(pos, "configurator", 12) == 0) 3496 config.allowed_roles = DPP_CAPAB_CONFIGURATOR; 3497 else if (os_strncmp(pos, "enrollee", 8) == 0) 3498 config.allowed_roles = DPP_CAPAB_ENROLLEE; 3499 else if (os_strncmp(pos, "either", 6) == 0) 3500 config.allowed_roles = DPP_CAPAB_CONFIGURATOR | 3501 DPP_CAPAB_ENROLLEE; 3502 else 3503 return -1; 3504 } 3505 3506 config.qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; 3507 } 3508 config.configurator_params = wpa_s->dpp_configurator_params; 3509 return dpp_controller_start(wpa_s->dpp, &config); 3510 } 3511 3512 3513 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx); 3514 3515 static void wpas_dpp_chirp_timeout(void *eloop_ctx, void *timeout_ctx) 3516 { 3517 struct wpa_supplicant *wpa_s = eloop_ctx; 3518 3519 wpa_printf(MSG_DEBUG, "DPP: No chirp response received"); 3520 offchannel_send_action_done(wpa_s); 3521 wpas_dpp_chirp_next(wpa_s, NULL); 3522 } 3523 3524 3525 static void wpas_dpp_chirp_tx_status(struct wpa_supplicant *wpa_s, 3526 unsigned int freq, const u8 *dst, 3527 const u8 *src, const u8 *bssid, 3528 const u8 *data, size_t data_len, 3529 enum offchannel_send_action_result result) 3530 { 3531 if (result == OFFCHANNEL_SEND_ACTION_FAILED) { 3532 wpa_printf(MSG_DEBUG, "DPP: Failed to send chirp on %d MHz", 3533 wpa_s->dpp_chirp_freq); 3534 if (eloop_register_timeout(0, 0, wpas_dpp_chirp_next, 3535 wpa_s, NULL) < 0) 3536 wpas_dpp_chirp_stop(wpa_s); 3537 return; 3538 } 3539 3540 wpa_printf(MSG_DEBUG, "DPP: Chirp send completed - wait for response"); 3541 if (eloop_register_timeout(2, 0, wpas_dpp_chirp_timeout, 3542 wpa_s, NULL) < 0) 3543 wpas_dpp_chirp_stop(wpa_s); 3544 } 3545 3546 3547 static void wpas_dpp_chirp_start(struct wpa_supplicant *wpa_s) 3548 { 3549 struct wpabuf *msg, *announce = NULL; 3550 int type; 3551 3552 msg = wpa_s->dpp_presence_announcement; 3553 type = DPP_PA_PRESENCE_ANNOUNCEMENT; 3554 if (!msg) { 3555 struct wpa_ssid *ssid = wpa_s->dpp_reconfig_ssid; 3556 3557 if (ssid && wpa_s->dpp_reconfig_id && 3558 wpa_config_get_network(wpa_s->conf, 3559 wpa_s->dpp_reconfig_ssid_id) == 3560 ssid) { 3561 announce = dpp_build_reconfig_announcement( 3562 ssid->dpp_csign, 3563 ssid->dpp_csign_len, 3564 ssid->dpp_netaccesskey, 3565 ssid->dpp_netaccesskey_len, 3566 wpa_s->dpp_reconfig_id); 3567 msg = announce; 3568 } 3569 if (!msg) 3570 return; 3571 type = DPP_PA_RECONFIG_ANNOUNCEMENT; 3572 } 3573 wpa_printf(MSG_DEBUG, "DPP: Chirp on %d MHz", wpa_s->dpp_chirp_freq); 3574 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 3575 MAC2STR(broadcast), wpa_s->dpp_chirp_freq, type); 3576 if (offchannel_send_action( 3577 wpa_s, wpa_s->dpp_chirp_freq, broadcast, 3578 wpa_s->own_addr, broadcast, 3579 wpabuf_head(msg), wpabuf_len(msg), 3580 2000, wpas_dpp_chirp_tx_status, 0) < 0) 3581 wpas_dpp_chirp_stop(wpa_s); 3582 3583 wpabuf_free(announce); 3584 } 3585 3586 3587 static void wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant *wpa_s, 3588 struct wpa_scan_results *scan_res) 3589 { 3590 struct dpp_bootstrap_info *bi = wpa_s->dpp_chirp_bi; 3591 unsigned int i; 3592 struct hostapd_hw_modes *mode; 3593 int c; 3594 struct wpa_bss *bss; 3595 bool chan6 = wpa_s->hw.modes == NULL; 3596 3597 if (!bi && !wpa_s->dpp_reconfig_ssid) 3598 return; 3599 3600 wpa_s->dpp_chirp_scan_done = 1; 3601 3602 os_free(wpa_s->dpp_chirp_freqs); 3603 wpa_s->dpp_chirp_freqs = NULL; 3604 3605 /* Channels from own bootstrapping info */ 3606 if (bi) { 3607 for (i = 0; i < bi->num_freq; i++) 3608 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 3609 bi->freq[i]); 3610 } 3611 3612 /* Preferred chirping channels */ 3613 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, 3614 HOSTAPD_MODE_IEEE80211G, false); 3615 if (mode) { 3616 for (c = 0; c < mode->num_channels; c++) { 3617 struct hostapd_channel_data *chan = &mode->channels[c]; 3618 3619 if ((chan->flag & HOSTAPD_CHAN_DISABLED) || 3620 chan->freq != 2437) 3621 continue; 3622 chan6 = true; 3623 break; 3624 } 3625 } 3626 if (chan6) 3627 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 2437); 3628 3629 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, 3630 HOSTAPD_MODE_IEEE80211A, false); 3631 if (mode) { 3632 int chan44 = 0, chan149 = 0; 3633 3634 for (c = 0; c < mode->num_channels; c++) { 3635 struct hostapd_channel_data *chan = &mode->channels[c]; 3636 3637 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 3638 HOSTAPD_CHAN_RADAR)) 3639 continue; 3640 if (chan->freq == 5220) 3641 chan44 = 1; 3642 if (chan->freq == 5745) 3643 chan149 = 1; 3644 } 3645 if (chan149) 3646 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5745); 3647 else if (chan44) 3648 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5220); 3649 } 3650 3651 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, 3652 HOSTAPD_MODE_IEEE80211AD, false); 3653 if (mode) { 3654 for (c = 0; c < mode->num_channels; c++) { 3655 struct hostapd_channel_data *chan = &mode->channels[c]; 3656 3657 if ((chan->flag & (HOSTAPD_CHAN_DISABLED | 3658 HOSTAPD_CHAN_RADAR)) || 3659 chan->freq != 60480) 3660 continue; 3661 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 60480); 3662 break; 3663 } 3664 } 3665 3666 /* Add channels from scan results for APs that advertise Configurator 3667 * Connectivity element */ 3668 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 3669 if (wpa_bss_get_vendor_ie(bss, DPP_CC_IE_VENDOR_TYPE)) 3670 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 3671 bss->freq); 3672 } 3673 3674 if (!wpa_s->dpp_chirp_freqs || 3675 eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL) < 0) 3676 wpas_dpp_chirp_stop(wpa_s); 3677 } 3678 3679 3680 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx) 3681 { 3682 struct wpa_supplicant *wpa_s = eloop_ctx; 3683 int i; 3684 3685 if (wpa_s->dpp_chirp_listen) 3686 wpas_dpp_listen_stop(wpa_s); 3687 3688 if (wpa_s->dpp_chirp_freq == 0) { 3689 if (wpa_s->dpp_chirp_round % 4 == 0 && 3690 !wpa_s->dpp_chirp_scan_done) { 3691 if (wpas_scan_scheduled(wpa_s)) { 3692 wpa_printf(MSG_DEBUG, 3693 "DPP: Deferring chirp scan because another scan is planned already"); 3694 if (eloop_register_timeout(1, 0, 3695 wpas_dpp_chirp_next, 3696 wpa_s, NULL) < 0) { 3697 wpas_dpp_chirp_stop(wpa_s); 3698 return; 3699 } 3700 return; 3701 } 3702 wpa_printf(MSG_DEBUG, 3703 "DPP: Update channel list for chirping"); 3704 wpa_s->scan_req = MANUAL_SCAN_REQ; 3705 wpa_s->scan_res_handler = 3706 wpas_dpp_chirp_scan_res_handler; 3707 wpa_supplicant_req_scan(wpa_s, 0, 0); 3708 return; 3709 } 3710 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[0]; 3711 wpa_s->dpp_chirp_round++; 3712 wpa_printf(MSG_DEBUG, "DPP: Start chirping round %d", 3713 wpa_s->dpp_chirp_round); 3714 } else { 3715 for (i = 0; wpa_s->dpp_chirp_freqs[i]; i++) 3716 if (wpa_s->dpp_chirp_freqs[i] == wpa_s->dpp_chirp_freq) 3717 break; 3718 if (!wpa_s->dpp_chirp_freqs[i]) { 3719 wpa_printf(MSG_DEBUG, 3720 "DPP: Previous chirp freq %d not found", 3721 wpa_s->dpp_chirp_freq); 3722 return; 3723 } 3724 i++; 3725 if (wpa_s->dpp_chirp_freqs[i]) { 3726 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[i]; 3727 } else { 3728 wpa_s->dpp_chirp_iter--; 3729 if (wpa_s->dpp_chirp_iter <= 0) { 3730 wpa_printf(MSG_DEBUG, 3731 "DPP: Chirping iterations completed"); 3732 wpas_dpp_chirp_stop(wpa_s); 3733 return; 3734 } 3735 wpa_s->dpp_chirp_freq = 0; 3736 wpa_s->dpp_chirp_scan_done = 0; 3737 if (eloop_register_timeout(30, 0, wpas_dpp_chirp_next, 3738 wpa_s, NULL) < 0) { 3739 wpas_dpp_chirp_stop(wpa_s); 3740 return; 3741 } 3742 if (wpa_s->dpp_chirp_listen) { 3743 wpa_printf(MSG_DEBUG, 3744 "DPP: Listen on %d MHz during chirp 30 second wait", 3745 wpa_s->dpp_chirp_listen); 3746 wpas_dpp_listen_start(wpa_s, 3747 wpa_s->dpp_chirp_listen); 3748 } else { 3749 wpa_printf(MSG_DEBUG, 3750 "DPP: Wait 30 seconds before starting the next chirping round"); 3751 } 3752 return; 3753 } 3754 } 3755 3756 wpas_dpp_chirp_start(wpa_s); 3757 } 3758 3759 3760 int wpas_dpp_chirp(struct wpa_supplicant *wpa_s, const char *cmd) 3761 { 3762 const char *pos; 3763 int iter = 1, listen_freq = 0; 3764 struct dpp_bootstrap_info *bi; 3765 3766 pos = os_strstr(cmd, " own="); 3767 if (!pos) 3768 return -1; 3769 pos += 5; 3770 bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 3771 if (!bi) { 3772 wpa_printf(MSG_DEBUG, 3773 "DPP: Identified bootstrap info not found"); 3774 return -1; 3775 } 3776 3777 pos = os_strstr(cmd, " iter="); 3778 if (pos) { 3779 iter = atoi(pos + 6); 3780 if (iter <= 0) 3781 return -1; 3782 } 3783 3784 pos = os_strstr(cmd, " listen="); 3785 if (pos) { 3786 listen_freq = atoi(pos + 8); 3787 if (listen_freq <= 0) 3788 return -1; 3789 } 3790 3791 wpas_dpp_chirp_stop(wpa_s); 3792 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; 3793 wpa_s->dpp_qr_mutual = 0; 3794 wpa_s->dpp_chirp_bi = bi; 3795 wpa_s->dpp_presence_announcement = dpp_build_presence_announcement(bi); 3796 if (!wpa_s->dpp_presence_announcement) 3797 return -1; 3798 wpa_s->dpp_chirp_iter = iter; 3799 wpa_s->dpp_chirp_round = 0; 3800 wpa_s->dpp_chirp_scan_done = 0; 3801 wpa_s->dpp_chirp_listen = listen_freq; 3802 3803 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL); 3804 } 3805 3806 3807 void wpas_dpp_chirp_stop(struct wpa_supplicant *wpa_s) 3808 { 3809 if (wpa_s->dpp_presence_announcement || 3810 wpa_s->dpp_reconfig_ssid) { 3811 offchannel_send_action_done(wpa_s); 3812 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CHIRP_STOPPED); 3813 } 3814 wpa_s->dpp_chirp_bi = NULL; 3815 wpabuf_free(wpa_s->dpp_presence_announcement); 3816 wpa_s->dpp_presence_announcement = NULL; 3817 if (wpa_s->dpp_chirp_listen) 3818 wpas_dpp_listen_stop(wpa_s); 3819 wpa_s->dpp_chirp_listen = 0; 3820 wpa_s->dpp_chirp_freq = 0; 3821 os_free(wpa_s->dpp_chirp_freqs); 3822 wpa_s->dpp_chirp_freqs = NULL; 3823 eloop_cancel_timeout(wpas_dpp_chirp_next, wpa_s, NULL); 3824 eloop_cancel_timeout(wpas_dpp_chirp_timeout, wpa_s, NULL); 3825 if (wpa_s->scan_res_handler == wpas_dpp_chirp_scan_res_handler) { 3826 wpas_abort_ongoing_scan(wpa_s); 3827 wpa_s->scan_res_handler = NULL; 3828 } 3829 } 3830 3831 3832 int wpas_dpp_reconfig(struct wpa_supplicant *wpa_s, const char *cmd) 3833 { 3834 struct wpa_ssid *ssid; 3835 int iter = 1; 3836 const char *pos; 3837 3838 ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd)); 3839 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey || 3840 !ssid->dpp_csign) { 3841 wpa_printf(MSG_DEBUG, 3842 "DPP: Not a valid network profile for reconfiguration"); 3843 return -1; 3844 } 3845 3846 pos = os_strstr(cmd, " iter="); 3847 if (pos) { 3848 iter = atoi(pos + 6); 3849 if (iter <= 0) 3850 return -1; 3851 } 3852 3853 if (wpa_s->dpp_auth) { 3854 wpa_printf(MSG_DEBUG, 3855 "DPP: Not ready to start reconfiguration - pending authentication exchange in progress"); 3856 return -1; 3857 } 3858 3859 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id); 3860 wpa_s->dpp_reconfig_id = dpp_gen_reconfig_id(ssid->dpp_csign, 3861 ssid->dpp_csign_len, 3862 ssid->dpp_pp_key, 3863 ssid->dpp_pp_key_len); 3864 if (!wpa_s->dpp_reconfig_id) { 3865 wpa_printf(MSG_DEBUG, 3866 "DPP: Failed to generate E-id for reconfiguration"); 3867 return -1; 3868 } 3869 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) { 3870 wpa_printf(MSG_DEBUG, "DPP: Disconnect for reconfiguration"); 3871 wpa_s->own_disconnect_req = 1; 3872 wpa_supplicant_deauthenticate( 3873 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 3874 } 3875 wpas_dpp_chirp_stop(wpa_s); 3876 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; 3877 wpa_s->dpp_qr_mutual = 0; 3878 wpa_s->dpp_reconfig_ssid = ssid; 3879 wpa_s->dpp_reconfig_ssid_id = ssid->id; 3880 wpa_s->dpp_chirp_iter = iter; 3881 wpa_s->dpp_chirp_round = 0; 3882 wpa_s->dpp_chirp_scan_done = 0; 3883 wpa_s->dpp_chirp_listen = 0; 3884 3885 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL); 3886 } 3887 3888 3889 static int wpas_dpp_build_conf_resp(struct wpa_supplicant *wpa_s, 3890 struct dpp_authentication *auth, bool tcp) 3891 { 3892 struct wpabuf *resp; 3893 3894 resp = dpp_build_conf_resp(auth, auth->e_nonce, auth->curve->nonce_len, 3895 auth->e_netrole, true); 3896 if (!resp) 3897 return -1; 3898 3899 if (tcp) { 3900 auth->conf_resp_tcp = resp; 3901 return 0; 3902 } 3903 3904 if (gas_server_set_resp(wpa_s->gas_server, auth->cert_resp_ctx, 3905 resp) < 0) { 3906 wpa_printf(MSG_DEBUG, 3907 "DPP: Could not find pending GAS response"); 3908 wpabuf_free(resp); 3909 return -1; 3910 } 3911 auth->conf_resp = resp; 3912 return 0; 3913 } 3914 3915 3916 int wpas_dpp_ca_set(struct wpa_supplicant *wpa_s, const char *cmd) 3917 { 3918 int peer = -1; 3919 const char *pos, *value; 3920 struct dpp_authentication *auth = wpa_s->dpp_auth; 3921 u8 *bin; 3922 size_t bin_len; 3923 struct wpabuf *buf; 3924 bool tcp = false; 3925 3926 pos = os_strstr(cmd, " peer="); 3927 if (pos) { 3928 peer = atoi(pos + 6); 3929 if (!auth || !auth->waiting_cert || 3930 (auth->peer_bi && 3931 (unsigned int) peer != auth->peer_bi->id)) { 3932 auth = dpp_controller_get_auth(wpa_s->dpp, peer); 3933 tcp = true; 3934 } 3935 } 3936 3937 if (!auth || !auth->waiting_cert) { 3938 wpa_printf(MSG_DEBUG, 3939 "DPP: No authentication exchange waiting for certificate information"); 3940 return -1; 3941 } 3942 3943 if (peer >= 0 && 3944 (!auth->peer_bi || 3945 (unsigned int) peer != auth->peer_bi->id) && 3946 (!auth->tmp_peer_bi || 3947 (unsigned int) peer != auth->tmp_peer_bi->id)) { 3948 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch"); 3949 return -1; 3950 } 3951 3952 pos = os_strstr(cmd, " value="); 3953 if (!pos) 3954 return -1; 3955 value = pos + 7; 3956 3957 pos = os_strstr(cmd, " name="); 3958 if (!pos) 3959 return -1; 3960 pos += 6; 3961 3962 if (os_strncmp(pos, "status ", 7) == 0) { 3963 auth->force_conf_resp_status = atoi(value); 3964 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp); 3965 } 3966 3967 if (os_strncmp(pos, "trustedEapServerName ", 21) == 0) { 3968 os_free(auth->trusted_eap_server_name); 3969 auth->trusted_eap_server_name = os_strdup(value); 3970 return auth->trusted_eap_server_name ? 0 : -1; 3971 } 3972 3973 bin = base64_decode(value, os_strlen(value), &bin_len); 3974 if (!bin) 3975 return -1; 3976 buf = wpabuf_alloc_copy(bin, bin_len); 3977 os_free(bin); 3978 3979 if (os_strncmp(pos, "caCert ", 7) == 0) { 3980 wpabuf_free(auth->cacert); 3981 auth->cacert = buf; 3982 return 0; 3983 } 3984 3985 if (os_strncmp(pos, "certBag ", 8) == 0) { 3986 wpabuf_free(auth->certbag); 3987 auth->certbag = buf; 3988 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp); 3989 } 3990 3991 wpabuf_free(buf); 3992 return -1; 3993 } 3994 3995 #endif /* CONFIG_DPP2 */ 3996