Line data Source code
1 : /*
2 : * WPA Supplicant - Basic AP mode support routines
3 : * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 : * Copyright (c) 2009, Atheros Communications
5 : *
6 : * This software may be distributed under the terms of the BSD license.
7 : * See README for more details.
8 : */
9 :
10 : #include "utils/includes.h"
11 :
12 : #include "utils/common.h"
13 : #include "utils/eloop.h"
14 : #include "utils/uuid.h"
15 : #include "common/ieee802_11_defs.h"
16 : #include "common/wpa_ctrl.h"
17 : #include "eapol_supp/eapol_supp_sm.h"
18 : #include "crypto/dh_group5.h"
19 : #include "ap/hostapd.h"
20 : #include "ap/ap_config.h"
21 : #include "ap/ap_drv_ops.h"
22 : #ifdef NEED_AP_MLME
23 : #include "ap/ieee802_11.h"
24 : #endif /* NEED_AP_MLME */
25 : #include "ap/beacon.h"
26 : #include "ap/ieee802_1x.h"
27 : #include "ap/wps_hostapd.h"
28 : #include "ap/ctrl_iface_ap.h"
29 : #include "ap/dfs.h"
30 : #include "wps/wps.h"
31 : #include "common/ieee802_11_defs.h"
32 : #include "config_ssid.h"
33 : #include "config.h"
34 : #include "wpa_supplicant_i.h"
35 : #include "driver_i.h"
36 : #include "p2p_supplicant.h"
37 : #include "ap.h"
38 : #include "ap/sta_info.h"
39 : #include "notify.h"
40 :
41 :
42 : #ifdef CONFIG_WPS
43 : static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
44 : #endif /* CONFIG_WPS */
45 :
46 :
47 : #ifdef CONFIG_IEEE80211N
48 11 : static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
49 : struct hostapd_config *conf,
50 : struct hostapd_hw_modes *mode)
51 : {
52 : #ifdef CONFIG_P2P
53 11 : u8 center_chan = 0;
54 11 : u8 channel = conf->channel;
55 :
56 11 : if (!conf->secondary_channel)
57 2 : goto no_vht;
58 :
59 9 : switch (conf->vht_oper_chwidth) {
60 : case VHT_CHANWIDTH_80MHZ:
61 : case VHT_CHANWIDTH_80P80MHZ:
62 8 : center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel);
63 8 : break;
64 : case VHT_CHANWIDTH_160MHZ:
65 0 : center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel);
66 0 : break;
67 : default:
68 : /*
69 : * conf->vht_oper_chwidth might not be set for non-P2P GO cases,
70 : * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is
71 : * not supported.
72 : */
73 1 : conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ;
74 1 : center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel);
75 1 : if (!center_chan) {
76 1 : conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ;
77 1 : center_chan = wpas_p2p_get_vht80_center(wpa_s, mode,
78 : channel);
79 : }
80 1 : break;
81 : }
82 9 : if (!center_chan)
83 0 : goto no_vht;
84 :
85 9 : conf->vht_oper_centr_freq_seg0_idx = center_chan;
86 20 : return;
87 :
88 : no_vht:
89 2 : conf->vht_oper_centr_freq_seg0_idx =
90 2 : channel + conf->secondary_channel * 2;
91 : #else /* CONFIG_P2P */
92 : conf->vht_oper_centr_freq_seg0_idx =
93 : conf->channel + conf->secondary_channel * 2;
94 : #endif /* CONFIG_P2P */
95 2 : conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT;
96 : }
97 : #endif /* CONFIG_IEEE80211N */
98 :
99 :
100 616 : int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s,
101 : struct wpa_ssid *ssid,
102 : struct hostapd_config *conf)
103 : {
104 616 : conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
105 : &conf->channel);
106 :
107 616 : if (conf->hw_mode == NUM_HOSTAPD_MODES) {
108 0 : wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
109 : ssid->frequency);
110 0 : return -1;
111 : }
112 :
113 : /* TODO: enable HT40 if driver supports it;
114 : * drop to 11b if driver does not support 11g */
115 :
116 : #ifdef CONFIG_IEEE80211N
117 : /*
118 : * Enable HT20 if the driver supports it, by setting conf->ieee80211n
119 : * and a mask of allowed capabilities within conf->ht_capab.
120 : * Using default config settings for: conf->ht_op_mode_fixed,
121 : * conf->secondary_channel, conf->require_ht
122 : */
123 616 : if (wpa_s->hw.modes) {
124 616 : struct hostapd_hw_modes *mode = NULL;
125 616 : int i, no_ht = 0;
126 641 : for (i = 0; i < wpa_s->hw.num_modes; i++) {
127 641 : if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
128 616 : mode = &wpa_s->hw.modes[i];
129 616 : break;
130 : }
131 : }
132 :
133 : #ifdef CONFIG_HT_OVERRIDES
134 616 : if (ssid->disable_ht) {
135 1 : conf->ieee80211n = 0;
136 1 : conf->ht_capab = 0;
137 1 : no_ht = 1;
138 : }
139 : #endif /* CONFIG_HT_OVERRIDES */
140 :
141 616 : if (!no_ht && mode && mode->ht_capab) {
142 615 : conf->ieee80211n = 1;
143 : #ifdef CONFIG_P2P
144 640 : if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
145 25 : (mode->ht_capab &
146 25 : HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
147 25 : ssid->ht40)
148 12 : conf->secondary_channel =
149 12 : wpas_p2p_get_ht40_mode(wpa_s, mode,
150 12 : conf->channel);
151 615 : if (conf->secondary_channel)
152 10 : conf->ht_capab |=
153 : HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
154 : #endif /* CONFIG_P2P */
155 :
156 : /*
157 : * white-list capabilities that won't cause issues
158 : * to connecting stations, while leaving the current
159 : * capabilities intact (currently disabled SMPS).
160 : */
161 615 : conf->ht_capab |= mode->ht_capab &
162 : (HT_CAP_INFO_GREEN_FIELD |
163 : HT_CAP_INFO_SHORT_GI20MHZ |
164 : HT_CAP_INFO_SHORT_GI40MHZ |
165 : HT_CAP_INFO_RX_STBC_MASK |
166 : HT_CAP_INFO_TX_STBC |
167 : HT_CAP_INFO_MAX_AMSDU_SIZE);
168 :
169 615 : if (mode->vht_capab && ssid->vht) {
170 11 : conf->ieee80211ac = 1;
171 11 : wpas_conf_ap_vht(wpa_s, conf, mode);
172 : }
173 : }
174 : }
175 :
176 616 : if (conf->secondary_channel) {
177 : struct wpa_supplicant *iface;
178 :
179 21 : for (iface = wpa_s->global->ifaces; iface; iface = iface->next)
180 : {
181 12 : if (iface == wpa_s ||
182 2 : iface->wpa_state < WPA_AUTHENTICATING ||
183 1 : (int) iface->assoc_freq != ssid->frequency)
184 10 : continue;
185 :
186 : /*
187 : * Do not allow 40 MHz co-ex PRI/SEC switch to force us
188 : * to change our PRI channel since we have an existing,
189 : * concurrent connection on that channel and doing
190 : * multi-channel concurrency is likely to cause more
191 : * harm than using different PRI/SEC selection in
192 : * environment with multiple BSSes on these two channels
193 : * with mixed 20 MHz or PRI channel selection.
194 : */
195 1 : conf->no_pri_sec_switch = 1;
196 : }
197 : }
198 : #endif /* CONFIG_IEEE80211N */
199 :
200 616 : return 0;
201 : }
202 :
203 :
204 442 : static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
205 : struct wpa_ssid *ssid,
206 : struct hostapd_config *conf)
207 : {
208 442 : struct hostapd_bss_config *bss = conf->bss[0];
209 :
210 442 : conf->driver = wpa_s->driver;
211 :
212 442 : os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
213 :
214 442 : if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf))
215 0 : return -1;
216 :
217 442 : if (ssid->pbss > 1) {
218 1 : wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode",
219 : ssid->pbss);
220 1 : return -1;
221 : }
222 441 : bss->pbss = ssid->pbss;
223 :
224 : #ifdef CONFIG_ACS
225 441 : if (ssid->acs) {
226 : /* Setting channel to 0 in order to enable ACS */
227 1 : conf->channel = 0;
228 1 : wpa_printf(MSG_DEBUG, "Use automatic channel selection");
229 : }
230 : #endif /* CONFIG_ACS */
231 :
232 441 : if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) {
233 1 : conf->ieee80211h = 1;
234 1 : conf->ieee80211d = 1;
235 1 : conf->country[0] = wpa_s->conf->country[0];
236 1 : conf->country[1] = wpa_s->conf->country[1];
237 : }
238 :
239 : #ifdef CONFIG_P2P
240 863 : if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
241 596 : (ssid->mode == WPAS_MODE_P2P_GO ||
242 174 : ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
243 : /* Remove 802.11b rates from supported and basic rate sets */
244 386 : int *list = os_malloc(4 * sizeof(int));
245 386 : if (list) {
246 386 : list[0] = 60;
247 386 : list[1] = 120;
248 386 : list[2] = 240;
249 386 : list[3] = -1;
250 : }
251 386 : conf->basic_rates = list;
252 :
253 386 : list = os_malloc(9 * sizeof(int));
254 386 : if (list) {
255 386 : list[0] = 60;
256 386 : list[1] = 90;
257 386 : list[2] = 120;
258 386 : list[3] = 180;
259 386 : list[4] = 240;
260 386 : list[5] = 360;
261 386 : list[6] = 480;
262 386 : list[7] = 540;
263 386 : list[8] = -1;
264 : }
265 386 : conf->supported_rates = list;
266 : }
267 :
268 441 : bss->isolate = !wpa_s->conf->p2p_intra_bss;
269 441 : bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
270 :
271 441 : if (ssid->p2p_group) {
272 403 : os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4);
273 403 : os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask,
274 : 4);
275 403 : os_memcpy(bss->ip_addr_start,
276 : wpa_s->p2pdev->conf->ip_addr_start, 4);
277 403 : os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end,
278 : 4);
279 : }
280 : #endif /* CONFIG_P2P */
281 :
282 441 : if (ssid->ssid_len == 0) {
283 0 : wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
284 0 : return -1;
285 : }
286 441 : os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
287 441 : bss->ssid.ssid_len = ssid->ssid_len;
288 441 : bss->ssid.ssid_set = 1;
289 :
290 441 : bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
291 :
292 441 : if (ssid->auth_alg)
293 403 : bss->auth_algs = ssid->auth_alg;
294 :
295 441 : if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
296 419 : bss->wpa = ssid->proto;
297 441 : if (ssid->key_mgmt == DEFAULT_KEY_MGMT)
298 9 : bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
299 : else
300 432 : bss->wpa_key_mgmt = ssid->key_mgmt;
301 441 : bss->wpa_pairwise = ssid->pairwise_cipher;
302 441 : if (ssid->psk_set) {
303 419 : bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk));
304 419 : bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
305 419 : if (bss->ssid.wpa_psk == NULL)
306 2 : return -1;
307 417 : os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
308 417 : bss->ssid.wpa_psk->group = 1;
309 417 : bss->ssid.wpa_psk_set = 1;
310 22 : } else if (ssid->passphrase) {
311 0 : bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
312 42 : } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
313 40 : ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
314 2 : struct hostapd_wep_keys *wep = &bss->ssid.wep;
315 : int i;
316 6 : for (i = 0; i < NUM_WEP_KEYS; i++) {
317 5 : if (ssid->wep_key_len[i] == 0)
318 3 : continue;
319 2 : wep->key[i] = os_malloc(ssid->wep_key_len[i]);
320 2 : if (wep->key[i] == NULL)
321 1 : return -1;
322 1 : os_memcpy(wep->key[i], ssid->wep_key[i],
323 : ssid->wep_key_len[i]);
324 1 : wep->len[i] = ssid->wep_key_len[i];
325 : }
326 1 : wep->idx = ssid->wep_tx_keyidx;
327 1 : wep->keys_set = 1;
328 : }
329 :
330 438 : if (ssid->ap_max_inactivity)
331 403 : bss->ap_max_inactivity = ssid->ap_max_inactivity;
332 :
333 438 : if (ssid->dtim_period)
334 1 : bss->dtim_period = ssid->dtim_period;
335 437 : else if (wpa_s->conf->dtim_period)
336 1 : bss->dtim_period = wpa_s->conf->dtim_period;
337 :
338 438 : if (ssid->beacon_int)
339 1 : conf->beacon_int = ssid->beacon_int;
340 437 : else if (wpa_s->conf->beacon_int)
341 0 : conf->beacon_int = wpa_s->conf->beacon_int;
342 :
343 : #ifdef CONFIG_P2P
344 618 : if (ssid->mode == WPAS_MODE_P2P_GO ||
345 180 : ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
346 403 : if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) {
347 0 : wpa_printf(MSG_INFO,
348 : "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it",
349 0 : wpa_s->conf->p2p_go_ctwindow,
350 0 : conf->beacon_int);
351 0 : conf->p2p_go_ctwindow = 0;
352 : } else {
353 403 : conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow;
354 : }
355 : }
356 : #endif /* CONFIG_P2P */
357 :
358 438 : if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
359 417 : bss->rsn_pairwise = bss->wpa_pairwise;
360 438 : bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
361 : bss->rsn_pairwise);
362 :
363 438 : if (bss->wpa && bss->ieee802_1x)
364 0 : bss->ssid.security_policy = SECURITY_WPA;
365 438 : else if (bss->wpa)
366 417 : bss->ssid.security_policy = SECURITY_WPA_PSK;
367 21 : else if (bss->ieee802_1x) {
368 0 : int cipher = WPA_CIPHER_NONE;
369 0 : bss->ssid.security_policy = SECURITY_IEEE_802_1X;
370 0 : bss->ssid.wep.default_len = bss->default_wep_key_len;
371 0 : if (bss->default_wep_key_len)
372 0 : cipher = bss->default_wep_key_len >= 13 ?
373 : WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
374 0 : bss->wpa_group = cipher;
375 0 : bss->wpa_pairwise = cipher;
376 0 : bss->rsn_pairwise = cipher;
377 21 : } else if (bss->ssid.wep.keys_set) {
378 1 : int cipher = WPA_CIPHER_WEP40;
379 1 : if (bss->ssid.wep.len[0] >= 13)
380 0 : cipher = WPA_CIPHER_WEP104;
381 1 : bss->ssid.security_policy = SECURITY_STATIC_WEP;
382 1 : bss->wpa_group = cipher;
383 1 : bss->wpa_pairwise = cipher;
384 1 : bss->rsn_pairwise = cipher;
385 : } else {
386 20 : bss->ssid.security_policy = SECURITY_PLAINTEXT;
387 20 : bss->wpa_group = WPA_CIPHER_NONE;
388 20 : bss->wpa_pairwise = WPA_CIPHER_NONE;
389 20 : bss->rsn_pairwise = WPA_CIPHER_NONE;
390 : }
391 :
392 855 : if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
393 425 : (bss->wpa_group == WPA_CIPHER_CCMP ||
394 16 : bss->wpa_group == WPA_CIPHER_GCMP ||
395 16 : bss->wpa_group == WPA_CIPHER_CCMP_256 ||
396 8 : bss->wpa_group == WPA_CIPHER_GCMP_256)) {
397 : /*
398 : * Strong ciphers do not need frequent rekeying, so increase
399 : * the default GTK rekeying period to 24 hours.
400 : */
401 409 : bss->wpa_group_rekey = 86400;
402 : }
403 :
404 : #ifdef CONFIG_IEEE80211W
405 438 : if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
406 5 : bss->ieee80211w = ssid->ieee80211w;
407 : #endif /* CONFIG_IEEE80211W */
408 :
409 : #ifdef CONFIG_WPS
410 : /*
411 : * Enable WPS by default for open and WPA/WPA2-Personal network, but
412 : * require user interaction to actually use it. Only the internal
413 : * Registrar is supported.
414 : */
415 459 : if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
416 21 : bss->ssid.security_policy != SECURITY_PLAINTEXT)
417 1 : goto no_wps;
418 854 : if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
419 834 : (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ||
420 417 : !(bss->wpa & 2)))
421 : goto no_wps; /* WPS2 does not allow WPA/TKIP-only
422 : * configuration */
423 437 : if (ssid->wps_disabled)
424 2 : goto no_wps;
425 435 : bss->eap_server = 1;
426 :
427 435 : if (!ssid->ignore_broadcast_ssid)
428 435 : bss->wps_state = 2;
429 :
430 435 : bss->ap_setup_locked = 2;
431 435 : if (wpa_s->conf->config_methods)
432 10 : bss->config_methods = os_strdup(wpa_s->conf->config_methods);
433 435 : os_memcpy(bss->device_type, wpa_s->conf->device_type,
434 : WPS_DEV_TYPE_LEN);
435 435 : if (wpa_s->conf->device_name) {
436 381 : bss->device_name = os_strdup(wpa_s->conf->device_name);
437 381 : bss->friendly_name = os_strdup(wpa_s->conf->device_name);
438 : }
439 435 : if (wpa_s->conf->manufacturer)
440 8 : bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
441 435 : if (wpa_s->conf->model_name)
442 16 : bss->model_name = os_strdup(wpa_s->conf->model_name);
443 435 : if (wpa_s->conf->model_number)
444 8 : bss->model_number = os_strdup(wpa_s->conf->model_number);
445 435 : if (wpa_s->conf->serial_number)
446 8 : bss->serial_number = os_strdup(wpa_s->conf->serial_number);
447 435 : if (is_nil_uuid(wpa_s->conf->uuid))
448 433 : os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
449 : else
450 2 : os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
451 435 : os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
452 435 : bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
453 435 : if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE)
454 1 : bss->fragment_size = ssid->eap.fragment_size;
455 : no_wps:
456 : #endif /* CONFIG_WPS */
457 :
458 438 : if (wpa_s->max_stations &&
459 0 : wpa_s->max_stations < wpa_s->conf->max_num_sta)
460 0 : bss->max_num_sta = wpa_s->max_stations;
461 : else
462 438 : bss->max_num_sta = wpa_s->conf->max_num_sta;
463 :
464 438 : bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
465 :
466 438 : if (wpa_s->conf->ap_vendor_elements) {
467 8 : bss->vendor_elements =
468 8 : wpabuf_dup(wpa_s->conf->ap_vendor_elements);
469 : }
470 :
471 438 : bss->ftm_responder = wpa_s->conf->ftm_responder;
472 438 : bss->ftm_initiator = wpa_s->conf->ftm_initiator;
473 :
474 438 : return 0;
475 : }
476 :
477 :
478 84 : static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
479 : {
480 : #ifdef CONFIG_P2P
481 84 : struct wpa_supplicant *wpa_s = ctx;
482 : const struct ieee80211_mgmt *mgmt;
483 :
484 84 : mgmt = (const struct ieee80211_mgmt *) buf;
485 84 : if (len < IEEE80211_HDRLEN + 1)
486 0 : return;
487 84 : if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
488 0 : return;
489 168 : wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
490 84 : mgmt->u.action.category,
491 : buf + IEEE80211_HDRLEN + 1,
492 : len - IEEE80211_HDRLEN - 1, freq);
493 : #endif /* CONFIG_P2P */
494 : }
495 :
496 :
497 322 : static void ap_wps_event_cb(void *ctx, enum wps_event event,
498 : union wps_event_data *data)
499 : {
500 : #ifdef CONFIG_P2P
501 322 : struct wpa_supplicant *wpa_s = ctx;
502 :
503 322 : if (event == WPS_EV_FAIL) {
504 11 : struct wps_event_fail *fail = &data->fail;
505 :
506 11 : if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s &&
507 0 : wpa_s == wpa_s->global->p2p_group_formation) {
508 : /*
509 : * src/ap/wps_hostapd.c has already sent this on the
510 : * main interface, so only send on the parent interface
511 : * here if needed.
512 : */
513 0 : wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL
514 : "msg=%d config_error=%d",
515 0 : fail->msg, fail->config_error);
516 : }
517 11 : wpas_p2p_wps_failed(wpa_s, fail);
518 : }
519 : #endif /* CONFIG_P2P */
520 322 : }
521 :
522 :
523 627 : static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
524 : int authorized, const u8 *p2p_dev_addr)
525 : {
526 627 : wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
527 627 : }
528 :
529 :
530 : #ifdef CONFIG_P2P
531 8 : static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
532 : const u8 *psk, size_t psk_len)
533 : {
534 :
535 8 : struct wpa_supplicant *wpa_s = ctx;
536 8 : if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
537 8 : return;
538 8 : wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
539 : }
540 : #endif /* CONFIG_P2P */
541 :
542 :
543 5 : static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
544 : {
545 : #ifdef CONFIG_P2P
546 5 : struct wpa_supplicant *wpa_s = ctx;
547 : const struct ieee80211_mgmt *mgmt;
548 :
549 5 : mgmt = (const struct ieee80211_mgmt *) buf;
550 5 : if (len < IEEE80211_HDRLEN + 1)
551 0 : return -1;
552 10 : wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
553 5 : mgmt->u.action.category,
554 : buf + IEEE80211_HDRLEN + 1,
555 : len - IEEE80211_HDRLEN - 1, freq);
556 : #endif /* CONFIG_P2P */
557 5 : return 0;
558 : }
559 :
560 :
561 567 : static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
562 : const u8 *bssid, const u8 *ie, size_t ie_len,
563 : int ssi_signal)
564 : {
565 567 : struct wpa_supplicant *wpa_s = ctx;
566 567 : unsigned int freq = 0;
567 :
568 567 : if (wpa_s->ap_iface)
569 567 : freq = wpa_s->ap_iface->freq;
570 :
571 567 : return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
572 : freq, ssi_signal);
573 : }
574 :
575 :
576 240 : static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
577 : const u8 *uuid_e)
578 : {
579 240 : struct wpa_supplicant *wpa_s = ctx;
580 240 : wpas_p2p_wps_success(wpa_s, mac_addr, 1);
581 240 : }
582 :
583 :
584 438 : static void wpas_ap_configured_cb(void *ctx)
585 : {
586 438 : struct wpa_supplicant *wpa_s = ctx;
587 :
588 : #ifdef CONFIG_ACS
589 438 : if (wpa_s->current_ssid && wpa_s->current_ssid->acs)
590 1 : wpa_s->assoc_freq = wpa_s->ap_iface->freq;
591 : #endif /* CONFIG_ACS */
592 :
593 438 : wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
594 :
595 438 : if (wpa_s->ap_configured_cb)
596 398 : wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
597 : wpa_s->ap_configured_cb_data);
598 438 : }
599 :
600 :
601 445 : int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
602 : struct wpa_ssid *ssid)
603 : {
604 : struct wpa_driver_associate_params params;
605 : struct hostapd_iface *hapd_iface;
606 : struct hostapd_config *conf;
607 : size_t i;
608 :
609 445 : if (ssid->ssid == NULL || ssid->ssid_len == 0) {
610 2 : wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
611 2 : return -1;
612 : }
613 :
614 443 : wpa_supplicant_ap_deinit(wpa_s);
615 :
616 886 : wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
617 443 : wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
618 :
619 443 : os_memset(¶ms, 0, sizeof(params));
620 443 : params.ssid = ssid->ssid;
621 443 : params.ssid_len = ssid->ssid_len;
622 443 : switch (ssid->mode) {
623 : case WPAS_MODE_AP:
624 : case WPAS_MODE_P2P_GO:
625 : case WPAS_MODE_P2P_GROUP_FORMATION:
626 443 : params.mode = IEEE80211_MODE_AP;
627 443 : break;
628 : default:
629 0 : return -1;
630 : }
631 443 : if (ssid->frequency == 0)
632 2 : ssid->frequency = 2462; /* default channel 11 */
633 443 : params.freq.freq = ssid->frequency;
634 :
635 443 : params.wpa_proto = ssid->proto;
636 443 : if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
637 414 : wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
638 : else
639 29 : wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
640 443 : params.key_mgmt_suite = wpa_s->key_mgmt;
641 :
642 443 : wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
643 : 1);
644 443 : if (wpa_s->pairwise_cipher < 0) {
645 0 : wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
646 : "cipher.");
647 0 : return -1;
648 : }
649 443 : params.pairwise_suite = wpa_s->pairwise_cipher;
650 443 : params.group_suite = params.pairwise_suite;
651 :
652 : #ifdef CONFIG_P2P
653 628 : if (ssid->mode == WPAS_MODE_P2P_GO ||
654 185 : ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
655 403 : params.p2p = 1;
656 : #endif /* CONFIG_P2P */
657 :
658 443 : if (wpa_s->p2pdev->set_ap_uapsd)
659 0 : params.uapsd = wpa_s->p2pdev->ap_uapsd;
660 443 : else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
661 403 : params.uapsd = 1; /* mandatory for P2P GO */
662 : else
663 40 : params.uapsd = -1;
664 :
665 443 : if (ieee80211_is_dfs(params.freq.freq))
666 1 : params.freq.freq = 0; /* set channel after CAC */
667 :
668 443 : if (params.p2p)
669 403 : wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO);
670 : else
671 40 : wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS);
672 :
673 443 : if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
674 1 : wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
675 1 : return -1;
676 : }
677 :
678 442 : wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface();
679 442 : if (hapd_iface == NULL)
680 0 : return -1;
681 442 : hapd_iface->owner = wpa_s;
682 442 : hapd_iface->drv_flags = wpa_s->drv_flags;
683 442 : hapd_iface->smps_modes = wpa_s->drv_smps_modes;
684 442 : hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
685 442 : hapd_iface->extended_capa = wpa_s->extended_capa;
686 442 : hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
687 442 : hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
688 :
689 442 : wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
690 442 : if (conf == NULL) {
691 0 : wpa_supplicant_ap_deinit(wpa_s);
692 0 : return -1;
693 : }
694 :
695 : /* Use the maximum oper channel width if it's given. */
696 442 : if (ssid->max_oper_chwidth)
697 5 : conf->vht_oper_chwidth = ssid->max_oper_chwidth;
698 :
699 442 : ieee80211_freq_to_chan(ssid->vht_center_freq2,
700 : &conf->vht_oper_centr_freq_seg1_idx);
701 :
702 442 : os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
703 : wpa_s->conf->wmm_ac_params,
704 : sizeof(wpa_s->conf->wmm_ac_params));
705 :
706 442 : if (params.uapsd > 0) {
707 403 : conf->bss[0]->wmm_enabled = 1;
708 403 : conf->bss[0]->wmm_uapsd = 1;
709 : }
710 :
711 442 : if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
712 4 : wpa_printf(MSG_ERROR, "Failed to create AP configuration");
713 4 : wpa_supplicant_ap_deinit(wpa_s);
714 4 : return -1;
715 : }
716 :
717 : #ifdef CONFIG_P2P
718 438 : if (ssid->mode == WPAS_MODE_P2P_GO)
719 258 : conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
720 180 : else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
721 145 : conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
722 : P2P_GROUP_FORMATION;
723 : #endif /* CONFIG_P2P */
724 :
725 438 : hapd_iface->num_bss = conf->num_bss;
726 438 : hapd_iface->bss = os_calloc(conf->num_bss,
727 : sizeof(struct hostapd_data *));
728 438 : if (hapd_iface->bss == NULL) {
729 0 : wpa_supplicant_ap_deinit(wpa_s);
730 0 : return -1;
731 : }
732 :
733 876 : for (i = 0; i < conf->num_bss; i++) {
734 876 : hapd_iface->bss[i] =
735 438 : hostapd_alloc_bss_data(hapd_iface, conf,
736 438 : conf->bss[i]);
737 438 : if (hapd_iface->bss[i] == NULL) {
738 0 : wpa_supplicant_ap_deinit(wpa_s);
739 0 : return -1;
740 : }
741 :
742 438 : hapd_iface->bss[i]->msg_ctx = wpa_s;
743 438 : hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev;
744 438 : hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
745 438 : hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
746 438 : hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
747 438 : hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
748 438 : hostapd_register_probereq_cb(hapd_iface->bss[i],
749 : ap_probe_req_rx, wpa_s);
750 438 : hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
751 438 : hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
752 438 : hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
753 438 : hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
754 438 : hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
755 438 : hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
756 : #ifdef CONFIG_P2P
757 438 : hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
758 438 : hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
759 438 : hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
760 438 : hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
761 : ssid);
762 : #endif /* CONFIG_P2P */
763 438 : hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
764 438 : hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
765 : #ifdef CONFIG_TESTING_OPTIONS
766 876 : hapd_iface->bss[i]->ext_eapol_frame_io =
767 438 : wpa_s->ext_eapol_frame_io;
768 : #endif /* CONFIG_TESTING_OPTIONS */
769 : }
770 :
771 438 : os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
772 438 : hapd_iface->bss[0]->driver = wpa_s->driver;
773 438 : hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
774 :
775 438 : wpa_s->current_ssid = ssid;
776 438 : eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
777 438 : os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
778 438 : wpa_s->assoc_freq = ssid->frequency;
779 :
780 438 : if (hostapd_setup_interface(wpa_s->ap_iface)) {
781 0 : wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
782 0 : wpa_supplicant_ap_deinit(wpa_s);
783 0 : return -1;
784 : }
785 :
786 438 : return 0;
787 : }
788 :
789 :
790 12143 : void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
791 : {
792 : #ifdef CONFIG_WPS
793 12143 : eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
794 : #endif /* CONFIG_WPS */
795 :
796 12143 : if (wpa_s->ap_iface == NULL)
797 23844 : return;
798 :
799 442 : wpa_s->current_ssid = NULL;
800 442 : eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
801 442 : wpa_s->assoc_freq = 0;
802 442 : wpas_p2p_ap_deinit(wpa_s);
803 884 : wpa_s->ap_iface->driver_ap_teardown =
804 442 : !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
805 :
806 442 : hostapd_interface_deinit(wpa_s->ap_iface);
807 442 : hostapd_interface_free(wpa_s->ap_iface);
808 442 : wpa_s->ap_iface = NULL;
809 442 : wpa_drv_deinit_ap(wpa_s);
810 2652 : wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR
811 : " reason=%d locally_generated=1",
812 2652 : MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING);
813 : }
814 :
815 :
816 14 : void ap_tx_status(void *ctx, const u8 *addr,
817 : const u8 *buf, size_t len, int ack)
818 : {
819 : #ifdef NEED_AP_MLME
820 14 : struct wpa_supplicant *wpa_s = ctx;
821 14 : hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
822 : #endif /* NEED_AP_MLME */
823 14 : }
824 :
825 :
826 2332 : void ap_eapol_tx_status(void *ctx, const u8 *dst,
827 : const u8 *data, size_t len, int ack)
828 : {
829 : #ifdef NEED_AP_MLME
830 2332 : struct wpa_supplicant *wpa_s = ctx;
831 2332 : if (!wpa_s->ap_iface)
832 2333 : return;
833 2331 : hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
834 : #endif /* NEED_AP_MLME */
835 : }
836 :
837 :
838 0 : void ap_client_poll_ok(void *ctx, const u8 *addr)
839 : {
840 : #ifdef NEED_AP_MLME
841 0 : struct wpa_supplicant *wpa_s = ctx;
842 0 : if (wpa_s->ap_iface)
843 0 : hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
844 : #endif /* NEED_AP_MLME */
845 0 : }
846 :
847 :
848 0 : void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
849 : {
850 : #ifdef NEED_AP_MLME
851 0 : struct wpa_supplicant *wpa_s = ctx;
852 0 : ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
853 : #endif /* NEED_AP_MLME */
854 0 : }
855 :
856 :
857 2966 : void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
858 : {
859 : #ifdef NEED_AP_MLME
860 2966 : struct wpa_supplicant *wpa_s = ctx;
861 : struct hostapd_frame_info fi;
862 2966 : os_memset(&fi, 0, sizeof(fi));
863 2966 : fi.datarate = rx_mgmt->datarate;
864 2966 : fi.ssi_signal = rx_mgmt->ssi_signal;
865 2966 : ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
866 : rx_mgmt->frame_len, &fi);
867 : #endif /* NEED_AP_MLME */
868 2966 : }
869 :
870 :
871 1804 : void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
872 : {
873 : #ifdef NEED_AP_MLME
874 1804 : struct wpa_supplicant *wpa_s = ctx;
875 1804 : ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
876 : #endif /* NEED_AP_MLME */
877 1804 : }
878 :
879 :
880 2100 : void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
881 : const u8 *src_addr, const u8 *buf, size_t len)
882 : {
883 2100 : ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
884 2100 : }
885 :
886 :
887 : #ifdef CONFIG_WPS
888 :
889 33 : int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
890 : const u8 *p2p_dev_addr)
891 : {
892 33 : if (!wpa_s->ap_iface)
893 0 : return -1;
894 33 : return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
895 : p2p_dev_addr);
896 : }
897 :
898 :
899 16 : int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
900 : {
901 : struct wps_registrar *reg;
902 16 : int reg_sel = 0, wps_sta = 0;
903 :
904 16 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
905 3 : return -1;
906 :
907 13 : reg = wpa_s->ap_iface->bss[0]->wps->registrar;
908 13 : reg_sel = wps_registrar_wps_cancel(reg);
909 13 : wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
910 : ap_sta_wps_cancel, NULL);
911 :
912 13 : if (!reg_sel && !wps_sta) {
913 11 : wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
914 : "time");
915 11 : return -1;
916 : }
917 :
918 : /*
919 : * There are 2 cases to return wps cancel as success:
920 : * 1. When wps cancel was initiated but no connection has been
921 : * established with client yet.
922 : * 2. Client is in the middle of exchanging WPS messages.
923 : */
924 :
925 2 : return 0;
926 : }
927 :
928 :
929 204 : int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
930 : const char *pin, char *buf, size_t buflen,
931 : int timeout)
932 : {
933 204 : int ret, ret_len = 0;
934 :
935 204 : if (!wpa_s->ap_iface)
936 0 : return -1;
937 :
938 204 : if (pin == NULL) {
939 : unsigned int rpin;
940 :
941 0 : if (wps_generate_pin(&rpin) < 0)
942 0 : return -1;
943 0 : ret_len = os_snprintf(buf, buflen, "%08d", rpin);
944 0 : if (os_snprintf_error(buflen, ret_len))
945 0 : return -1;
946 0 : pin = buf;
947 204 : } else if (buf) {
948 77 : ret_len = os_snprintf(buf, buflen, "%s", pin);
949 77 : if (os_snprintf_error(buflen, ret_len))
950 0 : return -1;
951 : }
952 :
953 204 : ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
954 : timeout);
955 204 : if (ret)
956 0 : return -1;
957 204 : return ret_len;
958 : }
959 :
960 :
961 2 : static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
962 : {
963 2 : struct wpa_supplicant *wpa_s = eloop_data;
964 2 : wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
965 2 : wpas_wps_ap_pin_disable(wpa_s);
966 2 : }
967 :
968 :
969 4 : static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
970 : {
971 : struct hostapd_data *hapd;
972 :
973 4 : if (wpa_s->ap_iface == NULL)
974 4 : return;
975 4 : hapd = wpa_s->ap_iface->bss[0];
976 4 : wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
977 4 : hapd->ap_pin_failures = 0;
978 4 : eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
979 4 : if (timeout > 0)
980 4 : eloop_register_timeout(timeout, 0,
981 : wpas_wps_ap_pin_timeout, wpa_s, NULL);
982 : }
983 :
984 :
985 3 : void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
986 : {
987 : struct hostapd_data *hapd;
988 :
989 3 : if (wpa_s->ap_iface == NULL)
990 3 : return;
991 3 : wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
992 3 : hapd = wpa_s->ap_iface->bss[0];
993 3 : os_free(hapd->conf->ap_pin);
994 3 : hapd->conf->ap_pin = NULL;
995 3 : eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
996 : }
997 :
998 :
999 2 : const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
1000 : {
1001 : struct hostapd_data *hapd;
1002 : unsigned int pin;
1003 : char pin_txt[9];
1004 :
1005 2 : if (wpa_s->ap_iface == NULL)
1006 0 : return NULL;
1007 2 : hapd = wpa_s->ap_iface->bss[0];
1008 2 : if (wps_generate_pin(&pin) < 0)
1009 0 : return NULL;
1010 2 : os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
1011 2 : os_free(hapd->conf->ap_pin);
1012 2 : hapd->conf->ap_pin = os_strdup(pin_txt);
1013 2 : if (hapd->conf->ap_pin == NULL)
1014 0 : return NULL;
1015 2 : wpas_wps_ap_pin_enable(wpa_s, timeout);
1016 :
1017 2 : return hapd->conf->ap_pin;
1018 : }
1019 :
1020 :
1021 8 : const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
1022 : {
1023 : struct hostapd_data *hapd;
1024 8 : if (wpa_s->ap_iface == NULL)
1025 0 : return NULL;
1026 8 : hapd = wpa_s->ap_iface->bss[0];
1027 8 : return hapd->conf->ap_pin;
1028 : }
1029 :
1030 :
1031 2 : int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
1032 : int timeout)
1033 : {
1034 : struct hostapd_data *hapd;
1035 : char pin_txt[9];
1036 : int ret;
1037 :
1038 2 : if (wpa_s->ap_iface == NULL)
1039 0 : return -1;
1040 2 : hapd = wpa_s->ap_iface->bss[0];
1041 2 : ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
1042 2 : if (os_snprintf_error(sizeof(pin_txt), ret))
1043 0 : return -1;
1044 2 : os_free(hapd->conf->ap_pin);
1045 2 : hapd->conf->ap_pin = os_strdup(pin_txt);
1046 2 : if (hapd->conf->ap_pin == NULL)
1047 0 : return -1;
1048 2 : wpas_wps_ap_pin_enable(wpa_s, timeout);
1049 :
1050 2 : return 0;
1051 : }
1052 :
1053 :
1054 0 : void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
1055 : {
1056 : struct hostapd_data *hapd;
1057 :
1058 0 : if (wpa_s->ap_iface == NULL)
1059 0 : return;
1060 0 : hapd = wpa_s->ap_iface->bss[0];
1061 :
1062 : /*
1063 : * Registrar failed to prove its knowledge of the AP PIN. Disable AP
1064 : * PIN if this happens multiple times to slow down brute force attacks.
1065 : */
1066 0 : hapd->ap_pin_failures++;
1067 0 : wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
1068 : hapd->ap_pin_failures);
1069 0 : if (hapd->ap_pin_failures < 3)
1070 0 : return;
1071 :
1072 0 : wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
1073 0 : hapd->ap_pin_failures = 0;
1074 0 : os_free(hapd->conf->ap_pin);
1075 0 : hapd->conf->ap_pin = NULL;
1076 : }
1077 :
1078 :
1079 : #ifdef CONFIG_WPS_NFC
1080 :
1081 1 : struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
1082 : int ndef)
1083 : {
1084 : struct hostapd_data *hapd;
1085 :
1086 1 : if (wpa_s->ap_iface == NULL)
1087 0 : return NULL;
1088 1 : hapd = wpa_s->ap_iface->bss[0];
1089 1 : return hostapd_wps_nfc_config_token(hapd, ndef);
1090 : }
1091 :
1092 :
1093 4 : struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
1094 : int ndef)
1095 : {
1096 : struct hostapd_data *hapd;
1097 :
1098 4 : if (wpa_s->ap_iface == NULL)
1099 3 : return NULL;
1100 1 : hapd = wpa_s->ap_iface->bss[0];
1101 1 : return hostapd_wps_nfc_hs_cr(hapd, ndef);
1102 : }
1103 :
1104 :
1105 4 : int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
1106 : const struct wpabuf *req,
1107 : const struct wpabuf *sel)
1108 : {
1109 : struct hostapd_data *hapd;
1110 :
1111 4 : if (wpa_s->ap_iface == NULL)
1112 3 : return -1;
1113 1 : hapd = wpa_s->ap_iface->bss[0];
1114 1 : return hostapd_wps_nfc_report_handover(hapd, req, sel);
1115 : }
1116 :
1117 : #endif /* CONFIG_WPS_NFC */
1118 :
1119 : #endif /* CONFIG_WPS */
1120 :
1121 :
1122 : #ifdef CONFIG_CTRL_IFACE
1123 :
1124 2 : int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
1125 : char *buf, size_t buflen)
1126 : {
1127 : struct hostapd_data *hapd;
1128 :
1129 2 : if (wpa_s->ap_iface)
1130 2 : hapd = wpa_s->ap_iface->bss[0];
1131 0 : else if (wpa_s->ifmsh)
1132 0 : hapd = wpa_s->ifmsh->bss[0];
1133 : else
1134 0 : return -1;
1135 2 : return hostapd_ctrl_iface_sta_first(hapd, buf, buflen);
1136 : }
1137 :
1138 :
1139 1 : int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
1140 : char *buf, size_t buflen)
1141 : {
1142 : struct hostapd_data *hapd;
1143 :
1144 1 : if (wpa_s->ap_iface)
1145 1 : hapd = wpa_s->ap_iface->bss[0];
1146 0 : else if (wpa_s->ifmsh)
1147 0 : hapd = wpa_s->ifmsh->bss[0];
1148 : else
1149 0 : return -1;
1150 1 : return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen);
1151 : }
1152 :
1153 :
1154 2 : int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
1155 : char *buf, size_t buflen)
1156 : {
1157 : struct hostapd_data *hapd;
1158 :
1159 2 : if (wpa_s->ap_iface)
1160 2 : hapd = wpa_s->ap_iface->bss[0];
1161 0 : else if (wpa_s->ifmsh)
1162 0 : hapd = wpa_s->ifmsh->bss[0];
1163 : else
1164 0 : return -1;
1165 2 : return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen);
1166 : }
1167 :
1168 :
1169 23 : int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
1170 : const char *txtaddr)
1171 : {
1172 23 : if (wpa_s->ap_iface == NULL)
1173 1 : return -1;
1174 22 : return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
1175 : txtaddr);
1176 : }
1177 :
1178 :
1179 25 : int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
1180 : const char *txtaddr)
1181 : {
1182 25 : if (wpa_s->ap_iface == NULL)
1183 1 : return -1;
1184 24 : return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
1185 : txtaddr);
1186 : }
1187 :
1188 :
1189 310 : int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
1190 : size_t buflen, int verbose)
1191 : {
1192 310 : char *pos = buf, *end = buf + buflen;
1193 : int ret;
1194 : struct hostapd_bss_config *conf;
1195 :
1196 310 : if (wpa_s->ap_iface == NULL)
1197 0 : return -1;
1198 :
1199 310 : conf = wpa_s->ap_iface->bss[0]->conf;
1200 310 : if (conf->wpa == 0)
1201 6 : return 0;
1202 :
1203 304 : ret = os_snprintf(pos, end - pos,
1204 : "pairwise_cipher=%s\n"
1205 : "group_cipher=%s\n"
1206 : "key_mgmt=%s\n",
1207 : wpa_cipher_txt(conf->rsn_pairwise),
1208 : wpa_cipher_txt(conf->wpa_group),
1209 : wpa_key_mgmt_txt(conf->wpa_key_mgmt,
1210 : conf->wpa));
1211 304 : if (os_snprintf_error(end - pos, ret))
1212 0 : return pos - buf;
1213 304 : pos += ret;
1214 304 : return pos - buf;
1215 : }
1216 :
1217 : #endif /* CONFIG_CTRL_IFACE */
1218 :
1219 :
1220 1659 : int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
1221 : {
1222 1659 : struct hostapd_iface *iface = wpa_s->ap_iface;
1223 1659 : struct wpa_ssid *ssid = wpa_s->current_ssid;
1224 : struct hostapd_data *hapd;
1225 :
1226 2657 : if (ssid == NULL || wpa_s->ap_iface == NULL ||
1227 1996 : ssid->mode == WPAS_MODE_INFRA ||
1228 998 : ssid->mode == WPAS_MODE_IBSS)
1229 661 : return -1;
1230 :
1231 : #ifdef CONFIG_P2P
1232 998 : if (ssid->mode == WPAS_MODE_P2P_GO)
1233 849 : iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1234 149 : else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1235 149 : iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1236 : P2P_GROUP_FORMATION;
1237 : #endif /* CONFIG_P2P */
1238 :
1239 998 : hapd = iface->bss[0];
1240 998 : if (hapd->drv_priv == NULL)
1241 0 : return -1;
1242 998 : ieee802_11_set_beacons(iface);
1243 998 : hostapd_set_ap_wps_ie(hapd);
1244 :
1245 998 : return 0;
1246 : }
1247 :
1248 :
1249 6 : int ap_switch_channel(struct wpa_supplicant *wpa_s,
1250 : struct csa_settings *settings)
1251 : {
1252 : #ifdef NEED_AP_MLME
1253 6 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1254 1 : return -1;
1255 :
1256 5 : return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings);
1257 : #else /* NEED_AP_MLME */
1258 : return -1;
1259 : #endif /* NEED_AP_MLME */
1260 : }
1261 :
1262 :
1263 : #ifdef CONFIG_CTRL_IFACE
1264 2 : int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
1265 : {
1266 : struct csa_settings settings;
1267 2 : int ret = hostapd_parse_csa_settings(pos, &settings);
1268 :
1269 2 : if (ret)
1270 0 : return ret;
1271 :
1272 2 : return ap_switch_channel(wpa_s, &settings);
1273 : }
1274 : #endif /* CONFIG_CTRL_IFACE */
1275 :
1276 :
1277 2 : void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
1278 : int offset, int width, int cf1, int cf2)
1279 : {
1280 2 : if (!wpa_s->ap_iface)
1281 2 : return;
1282 :
1283 2 : wpa_s->assoc_freq = freq;
1284 2 : if (wpa_s->current_ssid)
1285 2 : wpa_s->current_ssid->frequency = freq;
1286 2 : hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht,
1287 : offset, width, cf1, cf2);
1288 : }
1289 :
1290 :
1291 284 : int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
1292 : const u8 *addr)
1293 : {
1294 : struct hostapd_data *hapd;
1295 : struct hostapd_bss_config *conf;
1296 :
1297 284 : if (!wpa_s->ap_iface)
1298 0 : return -1;
1299 :
1300 284 : if (addr)
1301 870 : wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
1302 870 : MAC2STR(addr));
1303 : else
1304 139 : wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
1305 :
1306 284 : hapd = wpa_s->ap_iface->bss[0];
1307 284 : conf = hapd->conf;
1308 :
1309 284 : os_free(conf->accept_mac);
1310 284 : conf->accept_mac = NULL;
1311 284 : conf->num_accept_mac = 0;
1312 284 : os_free(conf->deny_mac);
1313 284 : conf->deny_mac = NULL;
1314 284 : conf->num_deny_mac = 0;
1315 :
1316 284 : if (addr == NULL) {
1317 139 : conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
1318 139 : return 0;
1319 : }
1320 :
1321 145 : conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
1322 145 : conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
1323 145 : if (conf->accept_mac == NULL)
1324 0 : return -1;
1325 145 : os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
1326 145 : conf->num_accept_mac = 1;
1327 :
1328 145 : return 0;
1329 : }
1330 :
1331 :
1332 : #ifdef CONFIG_WPS_NFC
1333 15 : int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
1334 : const struct wpabuf *pw, const u8 *pubkey_hash)
1335 : {
1336 : struct hostapd_data *hapd;
1337 : struct wps_context *wps;
1338 :
1339 15 : if (!wpa_s->ap_iface)
1340 0 : return -1;
1341 15 : hapd = wpa_s->ap_iface->bss[0];
1342 15 : wps = hapd->wps;
1343 :
1344 30 : if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL ||
1345 15 : wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) {
1346 0 : wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
1347 0 : return -1;
1348 : }
1349 :
1350 15 : dh5_free(wps->dh_ctx);
1351 15 : wpabuf_free(wps->dh_pubkey);
1352 15 : wpabuf_free(wps->dh_privkey);
1353 15 : wps->dh_privkey = wpabuf_dup(
1354 15 : wpa_s->p2pdev->conf->wps_nfc_dh_privkey);
1355 15 : wps->dh_pubkey = wpabuf_dup(
1356 15 : wpa_s->p2pdev->conf->wps_nfc_dh_pubkey);
1357 15 : if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
1358 0 : wps->dh_ctx = NULL;
1359 0 : wpabuf_free(wps->dh_pubkey);
1360 0 : wps->dh_pubkey = NULL;
1361 0 : wpabuf_free(wps->dh_privkey);
1362 0 : wps->dh_privkey = NULL;
1363 0 : return -1;
1364 : }
1365 15 : wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
1366 15 : if (wps->dh_ctx == NULL)
1367 0 : return -1;
1368 :
1369 15 : return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
1370 : pw_id,
1371 : pw ? wpabuf_head(pw) : NULL,
1372 : pw ? wpabuf_len(pw) : 0, 1);
1373 : }
1374 : #endif /* CONFIG_WPS_NFC */
1375 :
1376 :
1377 : #ifdef CONFIG_CTRL_IFACE
1378 2 : int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s)
1379 : {
1380 : struct hostapd_data *hapd;
1381 :
1382 2 : if (!wpa_s->ap_iface)
1383 0 : return -1;
1384 2 : hapd = wpa_s->ap_iface->bss[0];
1385 2 : return hostapd_ctrl_iface_stop_ap(hapd);
1386 : }
1387 :
1388 :
1389 277 : int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf,
1390 : size_t len)
1391 : {
1392 277 : size_t reply_len = 0, i;
1393 277 : char ap_delimiter[] = "---- AP ----\n";
1394 277 : char mesh_delimiter[] = "---- mesh ----\n";
1395 : size_t dlen;
1396 :
1397 277 : if (wpa_s->ap_iface) {
1398 1 : dlen = os_strlen(ap_delimiter);
1399 1 : if (dlen > len - reply_len)
1400 0 : return reply_len;
1401 1 : os_memcpy(&buf[reply_len], ap_delimiter, dlen);
1402 1 : reply_len += dlen;
1403 :
1404 2 : for (i = 0; i < wpa_s->ap_iface->num_bss; i++) {
1405 2 : reply_len += hostapd_ctrl_iface_pmksa_list(
1406 1 : wpa_s->ap_iface->bss[i],
1407 : &buf[reply_len], len - reply_len);
1408 : }
1409 : }
1410 :
1411 277 : if (wpa_s->ifmsh) {
1412 13 : dlen = os_strlen(mesh_delimiter);
1413 13 : if (dlen > len - reply_len)
1414 0 : return reply_len;
1415 13 : os_memcpy(&buf[reply_len], mesh_delimiter, dlen);
1416 13 : reply_len += dlen;
1417 :
1418 26 : reply_len += hostapd_ctrl_iface_pmksa_list(
1419 13 : wpa_s->ifmsh->bss[0], &buf[reply_len],
1420 : len - reply_len);
1421 : }
1422 :
1423 277 : return reply_len;
1424 : }
1425 :
1426 :
1427 14 : void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
1428 : {
1429 : size_t i;
1430 :
1431 14 : if (wpa_s->ap_iface) {
1432 2 : for (i = 0; i < wpa_s->ap_iface->num_bss; i++)
1433 1 : hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]);
1434 : }
1435 :
1436 14 : if (wpa_s->ifmsh)
1437 1 : hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]);
1438 14 : }
1439 : #endif /* CONFIG_CTRL_IFACE */
1440 :
1441 :
1442 : #ifdef NEED_AP_MLME
1443 21 : void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s,
1444 : struct dfs_event *radar)
1445 : {
1446 21 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1447 42 : return;
1448 0 : wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq);
1449 0 : hostapd_dfs_radar_detected(wpa_s->ap_iface, radar->freq,
1450 : radar->ht_enabled, radar->chan_offset,
1451 0 : radar->chan_width,
1452 : radar->cf1, radar->cf2);
1453 : }
1454 :
1455 :
1456 0 : void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s,
1457 : struct dfs_event *radar)
1458 : {
1459 0 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1460 0 : return;
1461 0 : wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq);
1462 0 : hostapd_dfs_start_cac(wpa_s->ap_iface, radar->freq,
1463 : radar->ht_enabled, radar->chan_offset,
1464 0 : radar->chan_width, radar->cf1, radar->cf2);
1465 : }
1466 :
1467 :
1468 1 : void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s,
1469 : struct dfs_event *radar)
1470 : {
1471 1 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1472 1 : return;
1473 1 : wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq);
1474 2 : hostapd_dfs_complete_cac(wpa_s->ap_iface, 1, radar->freq,
1475 : radar->ht_enabled, radar->chan_offset,
1476 1 : radar->chan_width, radar->cf1, radar->cf2);
1477 : }
1478 :
1479 :
1480 0 : void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s,
1481 : struct dfs_event *radar)
1482 : {
1483 0 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1484 0 : return;
1485 0 : wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq);
1486 0 : hostapd_dfs_complete_cac(wpa_s->ap_iface, 0, radar->freq,
1487 : radar->ht_enabled, radar->chan_offset,
1488 0 : radar->chan_width, radar->cf1, radar->cf2);
1489 : }
1490 :
1491 :
1492 0 : void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s,
1493 : struct dfs_event *radar)
1494 : {
1495 0 : if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1496 0 : return;
1497 0 : wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq);
1498 0 : hostapd_dfs_nop_finished(wpa_s->ap_iface, radar->freq,
1499 : radar->ht_enabled, radar->chan_offset,
1500 0 : radar->chan_width, radar->cf1, radar->cf2);
1501 : }
1502 : #endif /* NEED_AP_MLME */
1503 :
1504 :
1505 2434 : void ap_periodic(struct wpa_supplicant *wpa_s)
1506 : {
1507 2434 : if (wpa_s->ap_iface)
1508 279 : hostapd_periodic_iface(wpa_s->ap_iface);
1509 2434 : }
|
