1 /* 2 * wpa_supplicant - DPP 3 * Copyright (c) 2017, Qualcomm Atheros, Inc. 4 * Copyright (c) 2018-2019, The Linux Foundation 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "common/dpp.h" 15 #include "common/gas.h" 16 #include "common/gas_server.h" 17 #include "rsn_supp/wpa.h" 18 #include "rsn_supp/pmksa_cache.h" 19 #include "wpa_supplicant_i.h" 20 #include "config.h" 21 #include "driver_i.h" 22 #include "offchannel.h" 23 #include "gas_query.h" 24 #include "bss.h" 25 #include "scan.h" 26 #include "notify.h" 27 #include "dpp_supplicant.h" 28 #include "hidl.h" 29 30 31 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s, 32 unsigned int freq); 33 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx); 34 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator); 35 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s, 36 unsigned int freq, const u8 *dst, 37 const u8 *src, const u8 *bssid, 38 const u8 *data, size_t data_len, 39 enum offchannel_send_action_result result); 40 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx); 41 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s); 42 static void 43 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s, 44 unsigned int freq, const u8 *dst, 45 const u8 *src, const u8 *bssid, 46 const u8 *data, size_t data_len, 47 enum offchannel_send_action_result result); 48 49 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 50 51 /* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only 52 * a single transaction in progress at any point in time. */ 53 static const u8 TRANSACTION_ID = 1; 54 55 56 /** 57 * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code 58 * @wpa_s: Pointer to wpa_supplicant data 59 * @cmd: DPP URI read from a QR Code 60 * Returns: Identifier of the stored info or -1 on failure 61 */ 62 int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd) 63 { 64 struct dpp_bootstrap_info *bi; 65 struct dpp_authentication *auth = wpa_s->dpp_auth; 66 67 bi = dpp_add_qr_code(wpa_s->dpp, cmd); 68 if (!bi) 69 return -1; 70 71 if (auth && auth->response_pending && 72 dpp_notify_new_qr_code(auth, bi) == 1) { 73 wpa_printf(MSG_DEBUG, 74 "DPP: Sending out pending authentication response"); 75 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 76 " freq=%u type=%d", 77 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 78 DPP_PA_AUTHENTICATION_RESP); 79 offchannel_send_action(wpa_s, auth->curr_freq, 80 auth->peer_mac_addr, wpa_s->own_addr, 81 broadcast, 82 wpabuf_head(auth->resp_msg), 83 wpabuf_len(auth->resp_msg), 84 500, wpas_dpp_tx_status, 0); 85 } 86 87 return bi->id; 88 } 89 90 91 static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx) 92 { 93 struct wpa_supplicant *wpa_s = eloop_ctx; 94 struct dpp_authentication *auth = wpa_s->dpp_auth; 95 96 if (!auth || !auth->resp_msg) 97 return; 98 99 wpa_printf(MSG_DEBUG, 100 "DPP: Retry Authentication Response after timeout"); 101 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 102 " freq=%u type=%d", 103 MAC2STR(auth->peer_mac_addr), auth->curr_freq, 104 DPP_PA_AUTHENTICATION_RESP); 105 offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr, 106 wpa_s->own_addr, broadcast, 107 wpabuf_head(auth->resp_msg), 108 wpabuf_len(auth->resp_msg), 109 500, wpas_dpp_tx_status, 0); 110 } 111 112 113 static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s) 114 { 115 struct dpp_authentication *auth = wpa_s->dpp_auth; 116 unsigned int wait_time, max_tries; 117 118 if (!auth || !auth->resp_msg) 119 return; 120 121 if (wpa_s->dpp_resp_max_tries) 122 max_tries = wpa_s->dpp_resp_max_tries; 123 else 124 max_tries = 5; 125 auth->auth_resp_tries++; 126 if (auth->auth_resp_tries >= max_tries) { 127 wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange"); 128 offchannel_send_action_done(wpa_s); 129 dpp_auth_deinit(wpa_s->dpp_auth); 130 wpa_s->dpp_auth = NULL; 131 return; 132 } 133 134 if (wpa_s->dpp_resp_retry_time) 135 wait_time = wpa_s->dpp_resp_retry_time; 136 else 137 wait_time = 1000; 138 wpa_printf(MSG_DEBUG, 139 "DPP: Schedule retransmission of Authentication Response frame in %u ms", 140 wait_time); 141 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 142 eloop_register_timeout(wait_time / 1000, 143 (wait_time % 1000) * 1000, 144 wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 145 } 146 147 148 static void wpas_dpp_try_to_connect(struct wpa_supplicant *wpa_s) 149 { 150 wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network"); 151 wpa_s->disconnected = 0; 152 wpa_s->reassociate = 1; 153 wpa_s->scan_runs = 0; 154 wpa_s->normal_scans = 0; 155 wpa_supplicant_cancel_sched_scan(wpa_s); 156 wpa_supplicant_req_scan(wpa_s, 0, 0); 157 } 158 159 160 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s, 161 unsigned int freq, const u8 *dst, 162 const u8 *src, const u8 *bssid, 163 const u8 *data, size_t data_len, 164 enum offchannel_send_action_result result) 165 { 166 const char *res_txt; 167 struct dpp_authentication *auth = wpa_s->dpp_auth; 168 169 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 170 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 171 "FAILED"); 172 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR 173 " result=%s", freq, MAC2STR(dst), res_txt); 174 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 175 " freq=%u result=%s", MAC2STR(dst), freq, res_txt); 176 177 if (!wpa_s->dpp_auth) { 178 wpa_printf(MSG_DEBUG, 179 "DPP: Ignore TX status since there is no ongoing authentication exchange"); 180 return; 181 } 182 183 #ifdef CONFIG_DPP2 184 if (auth->connect_on_tx_status) { 185 wpa_printf(MSG_DEBUG, 186 "DPP: Try to connect after completed configuration result"); 187 wpas_dpp_try_to_connect(wpa_s); 188 dpp_auth_deinit(wpa_s->dpp_auth); 189 wpa_s->dpp_auth = NULL; 190 return; 191 } 192 #endif /* CONFIG_DPP2 */ 193 194 if (wpa_s->dpp_auth->remove_on_tx_status) { 195 wpa_printf(MSG_DEBUG, 196 "DPP: Terminate authentication exchange due to an earlier error"); 197 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 198 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 199 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, 200 NULL); 201 offchannel_send_action_done(wpa_s); 202 dpp_auth_deinit(wpa_s->dpp_auth); 203 wpa_s->dpp_auth = NULL; 204 return; 205 } 206 207 if (wpa_s->dpp_auth_ok_on_ack) 208 wpas_dpp_auth_success(wpa_s, 1); 209 210 if (!is_broadcast_ether_addr(dst) && 211 result != OFFCHANNEL_SEND_ACTION_SUCCESS) { 212 wpa_printf(MSG_DEBUG, 213 "DPP: Unicast DPP Action frame was not ACKed"); 214 if (auth->waiting_auth_resp) { 215 /* In case of DPP Authentication Request frame, move to 216 * the next channel immediately. */ 217 offchannel_send_action_done(wpa_s); 218 wpas_dpp_auth_init_next(wpa_s); 219 return; 220 } 221 if (auth->waiting_auth_conf) { 222 wpas_dpp_auth_resp_retry(wpa_s); 223 return; 224 } 225 } 226 227 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp && 228 result == OFFCHANNEL_SEND_ACTION_SUCCESS) { 229 /* Allow timeout handling to stop iteration if no response is 230 * received from a peer that has ACKed a request. */ 231 auth->auth_req_ack = 1; 232 } 233 234 if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 && 235 wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) { 236 wpa_printf(MSG_DEBUG, 237 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response", 238 wpa_s->dpp_auth->curr_freq, 239 wpa_s->dpp_auth->neg_freq); 240 offchannel_send_action_done(wpa_s); 241 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_auth->neg_freq); 242 } 243 244 if (wpa_s->dpp_auth_ok_on_ack) 245 wpa_s->dpp_auth_ok_on_ack = 0; 246 } 247 248 249 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx) 250 { 251 struct wpa_supplicant *wpa_s = eloop_ctx; 252 struct dpp_authentication *auth = wpa_s->dpp_auth; 253 unsigned int freq; 254 struct os_reltime now, diff; 255 unsigned int wait_time, diff_ms; 256 257 if (!auth || !auth->waiting_auth_resp) 258 return; 259 260 wait_time = wpa_s->dpp_resp_wait_time ? 261 wpa_s->dpp_resp_wait_time : 2000; 262 os_get_reltime(&now); 263 os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff); 264 diff_ms = diff.sec * 1000 + diff.usec / 1000; 265 wpa_printf(MSG_DEBUG, 266 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u", 267 wait_time, diff_ms); 268 269 if (auth->auth_req_ack && diff_ms >= wait_time) { 270 /* Peer ACK'ed Authentication Request frame, but did not reply 271 * with Authentication Response frame within two seconds. */ 272 wpa_printf(MSG_INFO, 273 "DPP: No response received from responder - stopping initiation attempt"); 274 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); 275 wpas_notify_dpp_timeout(wpa_s); 276 offchannel_send_action_done(wpa_s); 277 wpas_dpp_listen_stop(wpa_s); 278 dpp_auth_deinit(auth); 279 wpa_s->dpp_auth = NULL; 280 return; 281 } 282 283 if (diff_ms >= wait_time) { 284 /* Authentication Request frame was not ACK'ed and no reply 285 * was receiving within two seconds. */ 286 wpa_printf(MSG_DEBUG, 287 "DPP: Continue Initiator channel iteration"); 288 offchannel_send_action_done(wpa_s); 289 wpas_dpp_listen_stop(wpa_s); 290 wpas_dpp_auth_init_next(wpa_s); 291 return; 292 } 293 294 /* Driver did not support 2000 ms long wait_time with TX command, so 295 * schedule listen operation to continue waiting for the response. 296 * 297 * DPP listen operations continue until stopped, so simply schedule a 298 * new call to this function at the point when the two second reply 299 * wait has expired. */ 300 wait_time -= diff_ms; 301 302 freq = auth->curr_freq; 303 if (auth->neg_freq > 0) 304 freq = auth->neg_freq; 305 wpa_printf(MSG_DEBUG, 306 "DPP: Continue reply wait on channel %u MHz for %u ms", 307 freq, wait_time); 308 wpa_s->dpp_in_response_listen = 1; 309 wpas_dpp_listen_start(wpa_s, freq); 310 311 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 312 wpas_dpp_reply_wait_timeout, wpa_s, NULL); 313 } 314 315 316 static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s, 317 struct dpp_authentication *auth) 318 { 319 #ifdef CONFIG_TESTING_OPTIONS 320 if (wpa_s->dpp_config_obj_override) 321 auth->config_obj_override = 322 os_strdup(wpa_s->dpp_config_obj_override); 323 if (wpa_s->dpp_discovery_override) 324 auth->discovery_override = 325 os_strdup(wpa_s->dpp_discovery_override); 326 if (wpa_s->dpp_groups_override) 327 auth->groups_override = 328 os_strdup(wpa_s->dpp_groups_override); 329 auth->ignore_netaccesskey_mismatch = 330 wpa_s->dpp_ignore_netaccesskey_mismatch; 331 #endif /* CONFIG_TESTING_OPTIONS */ 332 } 333 334 335 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx) 336 { 337 struct wpa_supplicant *wpa_s = eloop_ctx; 338 339 if (!wpa_s->dpp_auth) 340 return; 341 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout"); 342 wpas_dpp_auth_init_next(wpa_s); 343 } 344 345 346 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s) 347 { 348 struct dpp_authentication *auth = wpa_s->dpp_auth; 349 const u8 *dst; 350 unsigned int wait_time, max_wait_time, freq, max_tries, used; 351 struct os_reltime now, diff; 352 353 wpa_s->dpp_in_response_listen = 0; 354 if (!auth) 355 return -1; 356 357 if (auth->freq_idx == 0) 358 os_get_reltime(&wpa_s->dpp_init_iter_start); 359 360 if (auth->freq_idx >= auth->num_freq) { 361 auth->num_freq_iters++; 362 if (wpa_s->dpp_init_max_tries) 363 max_tries = wpa_s->dpp_init_max_tries; 364 else 365 max_tries = 5; 366 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) { 367 wpa_printf(MSG_INFO, 368 "DPP: No response received from responder - stopping initiation attempt"); 369 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED); 370 wpas_notify_dpp_timeout(wpa_s); 371 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, 372 wpa_s, NULL); 373 offchannel_send_action_done(wpa_s); 374 dpp_auth_deinit(wpa_s->dpp_auth); 375 wpa_s->dpp_auth = NULL; 376 return -1; 377 } 378 auth->freq_idx = 0; 379 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 380 if (wpa_s->dpp_init_retry_time) 381 wait_time = wpa_s->dpp_init_retry_time; 382 else 383 wait_time = 10000; 384 os_get_reltime(&now); 385 os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff); 386 used = diff.sec * 1000 + diff.usec / 1000; 387 if (used > wait_time) 388 wait_time = 0; 389 else 390 wait_time -= used; 391 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms", 392 wait_time); 393 eloop_register_timeout(wait_time / 1000, 394 (wait_time % 1000) * 1000, 395 wpas_dpp_init_timeout, wpa_s, 396 NULL); 397 return 0; 398 } 399 freq = auth->freq[auth->freq_idx++]; 400 auth->curr_freq = freq; 401 402 if (is_zero_ether_addr(auth->peer_bi->mac_addr)) 403 dst = broadcast; 404 else 405 dst = auth->peer_bi->mac_addr; 406 wpa_s->dpp_auth_ok_on_ack = 0; 407 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 408 wait_time = wpa_s->max_remain_on_chan; 409 max_wait_time = wpa_s->dpp_resp_wait_time ? 410 wpa_s->dpp_resp_wait_time : 2000; 411 if (wait_time > max_wait_time) 412 wait_time = max_wait_time; 413 wait_time += 10; /* give the driver some extra time to complete */ 414 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000, 415 wpas_dpp_reply_wait_timeout, 416 wpa_s, NULL); 417 wait_time -= 10; 418 if (auth->neg_freq > 0 && freq != auth->neg_freq) { 419 wpa_printf(MSG_DEBUG, 420 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response", 421 freq, auth->neg_freq); 422 } 423 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 424 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ); 425 auth->auth_req_ack = 0; 426 os_get_reltime(&wpa_s->dpp_last_init); 427 return offchannel_send_action(wpa_s, freq, dst, 428 wpa_s->own_addr, broadcast, 429 wpabuf_head(auth->req_msg), 430 wpabuf_len(auth->req_msg), 431 wait_time, wpas_dpp_tx_status, 0); 432 } 433 434 435 int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd) 436 { 437 const char *pos; 438 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; 439 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR; 440 unsigned int neg_freq = 0; 441 442 wpa_s->dpp_gas_client = 0; 443 444 pos = os_strstr(cmd, " peer="); 445 if (!pos) 446 return -1; 447 pos += 6; 448 peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 449 if (!peer_bi) { 450 wpa_printf(MSG_INFO, 451 "DPP: Could not find bootstrapping info for the identified peer"); 452 return -1; 453 } 454 455 pos = os_strstr(cmd, " own="); 456 if (pos) { 457 pos += 5; 458 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 459 if (!own_bi) { 460 wpa_printf(MSG_INFO, 461 "DPP: Could not find bootstrapping info for the identified local entry"); 462 return -1; 463 } 464 465 if (peer_bi->curve != own_bi->curve) { 466 wpa_printf(MSG_INFO, 467 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)", 468 peer_bi->curve->name, own_bi->curve->name); 469 return -1; 470 } 471 } 472 473 pos = os_strstr(cmd, " role="); 474 if (pos) { 475 pos += 6; 476 if (os_strncmp(pos, "configurator", 12) == 0) 477 allowed_roles = DPP_CAPAB_CONFIGURATOR; 478 else if (os_strncmp(pos, "enrollee", 8) == 0) 479 allowed_roles = DPP_CAPAB_ENROLLEE; 480 else if (os_strncmp(pos, "either", 6) == 0) 481 allowed_roles = DPP_CAPAB_CONFIGURATOR | 482 DPP_CAPAB_ENROLLEE; 483 else 484 goto fail; 485 } 486 487 pos = os_strstr(cmd, " netrole="); 488 if (pos) { 489 pos += 9; 490 wpa_s->dpp_netrole_ap = os_strncmp(pos, "ap", 2) == 0; 491 } 492 493 pos = os_strstr(cmd, " neg_freq="); 494 if (pos) 495 neg_freq = atoi(pos + 10); 496 497 if (wpa_s->dpp_auth) { 498 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 499 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 500 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, 501 NULL); 502 offchannel_send_action_done(wpa_s); 503 dpp_auth_deinit(wpa_s->dpp_auth); 504 } 505 wpa_s->dpp_auth = dpp_auth_init(wpa_s, peer_bi, own_bi, allowed_roles, 506 neg_freq, 507 wpa_s->hw.modes, wpa_s->hw.num_modes); 508 if (!wpa_s->dpp_auth) 509 goto fail; 510 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth); 511 if (dpp_set_configurator(wpa_s->dpp, wpa_s, wpa_s->dpp_auth, cmd) < 0) { 512 dpp_auth_deinit(wpa_s->dpp_auth); 513 wpa_s->dpp_auth = NULL; 514 goto fail; 515 } 516 517 wpa_s->dpp_auth->neg_freq = neg_freq; 518 519 if (!is_zero_ether_addr(peer_bi->mac_addr)) 520 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, peer_bi->mac_addr, 521 ETH_ALEN); 522 523 return wpas_dpp_auth_init_next(wpa_s); 524 fail: 525 return -1; 526 } 527 528 529 struct wpas_dpp_listen_work { 530 unsigned int freq; 531 unsigned int duration; 532 struct wpabuf *probe_resp_ie; 533 }; 534 535 536 static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork) 537 { 538 if (!lwork) 539 return; 540 os_free(lwork); 541 } 542 543 544 static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s) 545 { 546 struct wpas_dpp_listen_work *lwork; 547 548 if (!wpa_s->dpp_listen_work) 549 return; 550 551 lwork = wpa_s->dpp_listen_work->ctx; 552 wpas_dpp_listen_work_free(lwork); 553 radio_work_done(wpa_s->dpp_listen_work); 554 wpa_s->dpp_listen_work = NULL; 555 } 556 557 558 static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit) 559 { 560 struct wpa_supplicant *wpa_s = work->wpa_s; 561 struct wpas_dpp_listen_work *lwork = work->ctx; 562 563 if (deinit) { 564 if (work->started) { 565 wpa_s->dpp_listen_work = NULL; 566 wpas_dpp_listen_stop(wpa_s); 567 } 568 wpas_dpp_listen_work_free(lwork); 569 return; 570 } 571 572 wpa_s->dpp_listen_work = work; 573 574 wpa_s->dpp_pending_listen_freq = lwork->freq; 575 576 if (wpa_drv_remain_on_channel(wpa_s, lwork->freq, 577 wpa_s->max_remain_on_chan) < 0) { 578 wpa_printf(MSG_DEBUG, 579 "DPP: Failed to request the driver to remain on channel (%u MHz) for listen", 580 lwork->freq); 581 wpa_s->dpp_listen_freq = 0; 582 wpas_dpp_listen_work_done(wpa_s); 583 wpa_s->dpp_pending_listen_freq = 0; 584 return; 585 } 586 wpa_s->off_channel_freq = 0; 587 wpa_s->roc_waiting_drv_freq = lwork->freq; 588 } 589 590 591 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s, 592 unsigned int freq) 593 { 594 struct wpas_dpp_listen_work *lwork; 595 596 if (wpa_s->dpp_listen_work) { 597 wpa_printf(MSG_DEBUG, 598 "DPP: Reject start_listen since dpp_listen_work already exists"); 599 return -1; 600 } 601 602 if (wpa_s->dpp_listen_freq) 603 wpas_dpp_listen_stop(wpa_s); 604 wpa_s->dpp_listen_freq = freq; 605 606 lwork = os_zalloc(sizeof(*lwork)); 607 if (!lwork) 608 return -1; 609 lwork->freq = freq; 610 611 if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb, 612 lwork) < 0) { 613 wpas_dpp_listen_work_free(lwork); 614 return -1; 615 } 616 617 return 0; 618 } 619 620 621 int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd) 622 { 623 int freq; 624 625 freq = atoi(cmd); 626 if (freq <= 0) 627 return -1; 628 629 if (os_strstr(cmd, " role=configurator")) 630 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR; 631 else if (os_strstr(cmd, " role=enrollee")) 632 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE; 633 else 634 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | 635 DPP_CAPAB_ENROLLEE; 636 wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL; 637 wpa_s->dpp_netrole_ap = os_strstr(cmd, " netrole=ap") != NULL; 638 if (wpa_s->dpp_listen_freq == (unsigned int) freq) { 639 wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz", 640 freq); 641 return 0; 642 } 643 644 return wpas_dpp_listen_start(wpa_s, freq); 645 } 646 647 648 void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s) 649 { 650 wpa_s->dpp_in_response_listen = 0; 651 if (!wpa_s->dpp_listen_freq) 652 return; 653 654 wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz", 655 wpa_s->dpp_listen_freq); 656 wpa_drv_cancel_remain_on_channel(wpa_s); 657 wpa_s->dpp_listen_freq = 0; 658 wpas_dpp_listen_work_done(wpa_s); 659 } 660 661 662 void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s, 663 unsigned int freq) 664 { 665 wpas_dpp_listen_work_done(wpa_s); 666 667 if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) { 668 unsigned int new_freq; 669 670 /* Continue listen with a new remain-on-channel */ 671 if (wpa_s->dpp_auth->neg_freq > 0) 672 new_freq = wpa_s->dpp_auth->neg_freq; 673 else 674 new_freq = wpa_s->dpp_auth->curr_freq; 675 wpa_printf(MSG_DEBUG, 676 "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session", 677 new_freq); 678 wpas_dpp_listen_start(wpa_s, new_freq); 679 return; 680 } 681 682 if (wpa_s->dpp_listen_freq) { 683 /* Continue listen with a new remain-on-channel */ 684 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq); 685 } 686 } 687 688 689 static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src, 690 const u8 *hdr, const u8 *buf, size_t len, 691 unsigned int freq) 692 { 693 const u8 *r_bootstrap, *i_bootstrap; 694 u16 r_bootstrap_len, i_bootstrap_len; 695 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL; 696 697 if (!wpa_s->dpp) 698 return; 699 700 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR, 701 MAC2STR(src)); 702 703 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, 704 &r_bootstrap_len); 705 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) { 706 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 707 "Missing or invalid required Responder Bootstrapping Key Hash attribute"); 708 return; 709 } 710 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", 711 r_bootstrap, r_bootstrap_len); 712 713 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH, 714 &i_bootstrap_len); 715 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) { 716 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 717 "Missing or invalid required Initiator Bootstrapping Key Hash attribute"); 718 return; 719 } 720 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash", 721 i_bootstrap, i_bootstrap_len); 722 723 /* Try to find own and peer bootstrapping key matches based on the 724 * received hash values */ 725 dpp_bootstrap_find_pair(wpa_s->dpp, i_bootstrap, r_bootstrap, 726 &own_bi, &peer_bi); 727 if (!own_bi) { 728 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 729 "No matching own bootstrapping key found - ignore message"); 730 return; 731 } 732 733 if (wpa_s->dpp_auth) { 734 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 735 "Already in DPP authentication exchange - ignore new one"); 736 return; 737 } 738 739 wpa_s->dpp_gas_client = 0; 740 wpa_s->dpp_auth_ok_on_ack = 0; 741 wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s, wpa_s->dpp_allowed_roles, 742 wpa_s->dpp_qr_mutual, 743 peer_bi, own_bi, freq, hdr, buf, len); 744 if (!wpa_s->dpp_auth) { 745 wpa_printf(MSG_DEBUG, "DPP: No response generated"); 746 return; 747 } 748 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth); 749 if (dpp_set_configurator(wpa_s->dpp, wpa_s, wpa_s->dpp_auth, 750 wpa_s->dpp_configurator_params) < 0) { 751 dpp_auth_deinit(wpa_s->dpp_auth); 752 wpa_s->dpp_auth = NULL; 753 return; 754 } 755 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN); 756 757 if (wpa_s->dpp_listen_freq && 758 wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) { 759 wpa_printf(MSG_DEBUG, 760 "DPP: Stop listen on %u MHz to allow response on the request %u MHz", 761 wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq); 762 wpas_dpp_listen_stop(wpa_s); 763 } 764 765 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 766 MAC2STR(src), wpa_s->dpp_auth->curr_freq, 767 DPP_PA_AUTHENTICATION_RESP); 768 offchannel_send_action(wpa_s, wpa_s->dpp_auth->curr_freq, 769 src, wpa_s->own_addr, broadcast, 770 wpabuf_head(wpa_s->dpp_auth->resp_msg), 771 wpabuf_len(wpa_s->dpp_auth->resp_msg), 772 500, wpas_dpp_tx_status, 0); 773 } 774 775 776 static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s) 777 { 778 /* TODO: stop wait and start ROC */ 779 } 780 781 782 static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s, 783 struct dpp_authentication *auth) 784 { 785 struct wpa_ssid *ssid; 786 787 #ifdef CONFIG_DPP2 788 if (auth->akm == DPP_AKM_SAE) { 789 #ifdef CONFIG_SAE 790 struct wpa_driver_capa capa; 791 int res; 792 793 res = wpa_drv_get_capa(wpa_s, &capa); 794 if (res == 0 && 795 !(capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_SAE) && 796 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) { 797 wpa_printf(MSG_DEBUG, 798 "DPP: SAE not supported by the driver"); 799 return NULL; 800 } 801 #else /* CONFIG_SAE */ 802 wpa_printf(MSG_DEBUG, "DPP: SAE not supported in the build"); 803 return NULL; 804 #endif /* CONFIG_SAE */ 805 } 806 #endif /* CONFIG_DPP2 */ 807 808 ssid = wpa_config_add_network(wpa_s->conf); 809 if (!ssid) 810 return NULL; 811 wpas_notify_network_added(wpa_s, ssid); 812 wpa_config_set_network_defaults(ssid); 813 ssid->disabled = 1; 814 815 ssid->ssid = os_malloc(auth->ssid_len); 816 if (!ssid->ssid) 817 goto fail; 818 os_memcpy(ssid->ssid, auth->ssid, auth->ssid_len); 819 ssid->ssid_len = auth->ssid_len; 820 821 if (auth->connector) { 822 ssid->key_mgmt = WPA_KEY_MGMT_DPP; 823 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED; 824 ssid->dpp_connector = os_strdup(auth->connector); 825 if (!ssid->dpp_connector) 826 goto fail; 827 } 828 829 if (auth->c_sign_key) { 830 ssid->dpp_csign = os_malloc(wpabuf_len(auth->c_sign_key)); 831 if (!ssid->dpp_csign) 832 goto fail; 833 os_memcpy(ssid->dpp_csign, wpabuf_head(auth->c_sign_key), 834 wpabuf_len(auth->c_sign_key)); 835 ssid->dpp_csign_len = wpabuf_len(auth->c_sign_key); 836 } 837 838 if (auth->net_access_key) { 839 ssid->dpp_netaccesskey = 840 os_malloc(wpabuf_len(auth->net_access_key)); 841 if (!ssid->dpp_netaccesskey) 842 goto fail; 843 os_memcpy(ssid->dpp_netaccesskey, 844 wpabuf_head(auth->net_access_key), 845 wpabuf_len(auth->net_access_key)); 846 ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key); 847 ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry; 848 } 849 850 if (!auth->connector || dpp_akm_psk(auth->akm) || 851 dpp_akm_sae(auth->akm)) { 852 if (!auth->connector) 853 ssid->key_mgmt = 0; 854 if (dpp_akm_psk(auth->akm)) 855 ssid->key_mgmt |= WPA_KEY_MGMT_PSK | 856 WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK; 857 if (dpp_akm_sae(auth->akm)) 858 ssid->key_mgmt |= WPA_KEY_MGMT_SAE | 859 WPA_KEY_MGMT_FT_SAE; 860 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL; 861 if (auth->passphrase[0]) { 862 if (wpa_config_set_quoted(ssid, "psk", 863 auth->passphrase) < 0) 864 goto fail; 865 wpa_config_update_psk(ssid); 866 ssid->export_keys = 1; 867 } else { 868 ssid->psk_set = auth->psk_set; 869 os_memcpy(ssid->psk, auth->psk, PMK_LEN); 870 } 871 } 872 873 return ssid; 874 fail: 875 wpas_notify_network_removed(wpa_s, ssid); 876 wpa_config_remove_network(wpa_s->conf, ssid->id); 877 return NULL; 878 } 879 880 881 static int wpas_dpp_process_config(struct wpa_supplicant *wpa_s, 882 struct dpp_authentication *auth) 883 { 884 struct wpa_ssid *ssid; 885 886 if (wpa_s->conf->dpp_config_processing < 1) 887 return 0; 888 889 ssid = wpas_dpp_add_network(wpa_s, auth); 890 if (!ssid) 891 return -1; 892 893 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id); 894 895 wpas_notify_dpp_config_received(wpa_s, ssid); 896 897 if (wpa_s->conf->dpp_config_processing == 2) 898 ssid->disabled = 0; 899 900 #ifndef CONFIG_NO_CONFIG_WRITE 901 if (wpa_s->conf->update_config && 902 wpa_config_write(wpa_s->confname, wpa_s->conf)) 903 wpa_printf(MSG_DEBUG, "DPP: Failed to update configuration"); 904 #endif /* CONFIG_NO_CONFIG_WRITE */ 905 906 if (wpa_s->conf->dpp_config_processing < 2) 907 return 0; 908 909 #ifdef CONFIG_DPP2 910 if (auth->peer_version >= 2) { 911 wpa_printf(MSG_DEBUG, 912 "DPP: Postpone connection attempt to wait for completion of DPP Configuration Result"); 913 auth->connect_on_tx_status = 1; 914 return 0; 915 } 916 #endif /* CONFIG_DPP2 */ 917 918 wpas_dpp_try_to_connect(wpa_s); 919 return 0; 920 } 921 922 923 static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s, 924 struct dpp_authentication *auth) 925 { 926 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED); 927 if (auth->ssid_len) 928 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s", 929 wpa_ssid_txt(auth->ssid, auth->ssid_len)); 930 if (auth->connector) { 931 /* TODO: Save the Connector and consider using a command 932 * to fetch the value instead of sending an event with 933 * it. The Connector could end up being larger than what 934 * most clients are ready to receive as an event 935 * message. */ 936 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s", 937 auth->connector); 938 } 939 if (auth->c_sign_key) { 940 char *hex; 941 size_t hexlen; 942 943 hexlen = 2 * wpabuf_len(auth->c_sign_key) + 1; 944 hex = os_malloc(hexlen); 945 if (hex) { 946 wpa_snprintf_hex(hex, hexlen, 947 wpabuf_head(auth->c_sign_key), 948 wpabuf_len(auth->c_sign_key)); 949 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s", 950 hex); 951 os_free(hex); 952 } 953 } 954 if (auth->net_access_key) { 955 char *hex; 956 size_t hexlen; 957 958 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1; 959 hex = os_malloc(hexlen); 960 if (hex) { 961 wpa_snprintf_hex(hex, hexlen, 962 wpabuf_head(auth->net_access_key), 963 wpabuf_len(auth->net_access_key)); 964 if (auth->net_access_key_expiry) 965 wpa_msg(wpa_s, MSG_INFO, 966 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex, 967 (long unsigned) 968 auth->net_access_key_expiry); 969 else 970 wpa_msg(wpa_s, MSG_INFO, 971 DPP_EVENT_NET_ACCESS_KEY "%s", hex); 972 os_free(hex); 973 } 974 } 975 976 return wpas_dpp_process_config(wpa_s, auth); 977 } 978 979 980 static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token, 981 enum gas_query_result result, 982 const struct wpabuf *adv_proto, 983 const struct wpabuf *resp, u16 status_code) 984 { 985 struct wpa_supplicant *wpa_s = ctx; 986 const u8 *pos; 987 struct dpp_authentication *auth = wpa_s->dpp_auth; 988 int res; 989 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED; 990 991 wpa_s->dpp_gas_dialog_token = -1; 992 993 if (!auth || !auth->auth_success) { 994 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); 995 return; 996 } 997 if (result != GAS_QUERY_SUCCESS || 998 !resp || status_code != WLAN_STATUS_SUCCESS) { 999 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed"); 1000 goto fail; 1001 } 1002 1003 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto", 1004 adv_proto); 1005 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)", 1006 resp); 1007 1008 if (wpabuf_len(adv_proto) != 10 || 1009 !(pos = wpabuf_head(adv_proto)) || 1010 pos[0] != WLAN_EID_ADV_PROTO || 1011 pos[1] != 8 || 1012 pos[3] != WLAN_EID_VENDOR_SPECIFIC || 1013 pos[4] != 5 || 1014 WPA_GET_BE24(&pos[5]) != OUI_WFA || 1015 pos[8] != 0x1a || 1016 pos[9] != 1) { 1017 wpa_printf(MSG_DEBUG, 1018 "DPP: Not a DPP Advertisement Protocol ID"); 1019 goto fail; 1020 } 1021 1022 if (dpp_conf_resp_rx(auth, resp) < 0) { 1023 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed"); 1024 goto fail; 1025 } 1026 1027 res = wpas_dpp_handle_config_obj(wpa_s, auth); 1028 if (res < 0) 1029 goto fail; 1030 1031 status = DPP_STATUS_OK; 1032 #ifdef CONFIG_TESTING_OPTIONS 1033 if (dpp_test == DPP_TEST_REJECT_CONFIG) { 1034 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object"); 1035 status = DPP_STATUS_CONFIG_REJECTED; 1036 } 1037 #endif /* CONFIG_TESTING_OPTIONS */ 1038 fail: 1039 if (status != DPP_STATUS_OK) { 1040 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1041 wpas_notify_dpp_configuration_failure(wpa_s); 1042 } 1043 #ifdef CONFIG_DPP2 1044 if (auth->peer_version >= 2 && 1045 auth->conf_resp_status == DPP_STATUS_OK) { 1046 struct wpabuf *msg; 1047 1048 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result"); 1049 msg = dpp_build_conf_result(auth, status); 1050 if (!msg) 1051 goto fail2; 1052 1053 wpa_msg(wpa_s, MSG_INFO, 1054 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1055 MAC2STR(addr), auth->curr_freq, 1056 DPP_PA_CONFIGURATION_RESULT); 1057 offchannel_send_action(wpa_s, auth->curr_freq, 1058 addr, wpa_s->own_addr, broadcast, 1059 wpabuf_head(msg), 1060 wpabuf_len(msg), 1061 500, wpas_dpp_tx_status, 0); 1062 wpabuf_free(msg); 1063 1064 /* This exchange will be terminated in the TX status handler */ 1065 return; 1066 } 1067 fail2: 1068 #endif /* CONFIG_DPP2 */ 1069 dpp_auth_deinit(wpa_s->dpp_auth); 1070 wpa_s->dpp_auth = NULL; 1071 } 1072 1073 1074 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s) 1075 { 1076 struct dpp_authentication *auth = wpa_s->dpp_auth; 1077 struct wpabuf *buf; 1078 char json[100]; 1079 int res; 1080 1081 wpa_s->dpp_gas_client = 1; 1082 os_snprintf(json, sizeof(json), 1083 "{\"name\":\"Test\"," 1084 "\"wi-fi_tech\":\"infra\"," 1085 "\"netRole\":\"%s\"}", 1086 wpa_s->dpp_netrole_ap ? "ap" : "sta"); 1087 #ifdef CONFIG_TESTING_OPTIONS 1088 if (dpp_test == DPP_TEST_INVALID_CONFIG_ATTR_OBJ_CONF_REQ) { 1089 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Config Attr"); 1090 json[29] = 'k'; /* replace "infra" with "knfra" */ 1091 } 1092 #endif /* CONFIG_TESTING_OPTIONS */ 1093 wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json); 1094 1095 offchannel_send_action_done(wpa_s); 1096 wpas_dpp_listen_stop(wpa_s); 1097 1098 buf = dpp_build_conf_req(auth, json); 1099 if (!buf) { 1100 wpa_printf(MSG_DEBUG, 1101 "DPP: No configuration request data available"); 1102 return; 1103 } 1104 1105 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)", 1106 MAC2STR(auth->peer_mac_addr), auth->curr_freq); 1107 1108 res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq, 1109 1, buf, wpas_dpp_gas_resp_cb, wpa_s); 1110 if (res < 0) { 1111 wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request"); 1112 wpabuf_free(buf); 1113 } else { 1114 wpa_printf(MSG_DEBUG, 1115 "DPP: GAS query started with dialog token %u", res); 1116 wpa_s->dpp_gas_dialog_token = res; 1117 } 1118 } 1119 1120 1121 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator) 1122 { 1123 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded"); 1124 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator); 1125 wpas_notify_dpp_auth_success(wpa_s); 1126 #ifdef CONFIG_TESTING_OPTIONS 1127 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) { 1128 wpa_printf(MSG_INFO, 1129 "DPP: TESTING - stop at Authentication Confirm"); 1130 if (wpa_s->dpp_auth->configurator) { 1131 /* Prevent GAS response */ 1132 wpa_s->dpp_auth->auth_success = 0; 1133 } 1134 return; 1135 } 1136 #endif /* CONFIG_TESTING_OPTIONS */ 1137 1138 if (wpa_s->dpp_auth->configurator) 1139 wpas_dpp_start_gas_server(wpa_s); 1140 else 1141 wpas_dpp_start_gas_client(wpa_s); 1142 } 1143 1144 1145 static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src, 1146 const u8 *hdr, const u8 *buf, size_t len, 1147 unsigned int freq) 1148 { 1149 struct dpp_authentication *auth = wpa_s->dpp_auth; 1150 struct wpabuf *msg; 1151 1152 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR 1153 " (freq %u MHz)", MAC2STR(src), freq); 1154 1155 if (!auth) { 1156 wpa_printf(MSG_DEBUG, 1157 "DPP: No DPP Authentication in progress - drop"); 1158 return; 1159 } 1160 1161 if (!is_zero_ether_addr(auth->peer_mac_addr) && 1162 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1163 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1164 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1165 return; 1166 } 1167 1168 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 1169 1170 if (auth->curr_freq != freq && auth->neg_freq == freq) { 1171 wpa_printf(MSG_DEBUG, 1172 "DPP: Responder accepted request for different negotiation channel"); 1173 auth->curr_freq = freq; 1174 } 1175 1176 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 1177 msg = dpp_auth_resp_rx(auth, hdr, buf, len); 1178 if (!msg) { 1179 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) { 1180 wpa_printf(MSG_DEBUG, 1181 "DPP: Start wait for full response"); 1182 wpas_notify_dpp_resp_pending(wpa_s); 1183 offchannel_send_action_done(wpa_s); 1184 wpas_dpp_listen_start(wpa_s, auth->curr_freq); 1185 return; 1186 } 1187 wpa_printf(MSG_DEBUG, "DPP: No confirm generated"); 1188 return; 1189 } 1190 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); 1191 1192 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1193 MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF); 1194 offchannel_send_action(wpa_s, auth->curr_freq, 1195 src, wpa_s->own_addr, broadcast, 1196 wpabuf_head(msg), wpabuf_len(msg), 1197 500, wpas_dpp_tx_status, 0); 1198 wpabuf_free(msg); 1199 wpa_s->dpp_auth_ok_on_ack = 1; 1200 } 1201 1202 1203 static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src, 1204 const u8 *hdr, const u8 *buf, size_t len) 1205 { 1206 struct dpp_authentication *auth = wpa_s->dpp_auth; 1207 1208 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR, 1209 MAC2STR(src)); 1210 1211 if (!auth) { 1212 wpa_printf(MSG_DEBUG, 1213 "DPP: No DPP Authentication in progress - drop"); 1214 return; 1215 } 1216 1217 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1218 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1219 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1220 return; 1221 } 1222 1223 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) { 1224 wpa_printf(MSG_DEBUG, "DPP: Authentication failed"); 1225 wpas_notify_dpp_auth_failure(wpa_s); 1226 return; 1227 } 1228 1229 wpas_dpp_auth_success(wpa_s, 0); 1230 } 1231 1232 1233 #ifdef CONFIG_DPP2 1234 1235 static void wpas_dpp_config_result_wait_timeout(void *eloop_ctx, 1236 void *timeout_ctx) 1237 { 1238 struct wpa_supplicant *wpa_s = eloop_ctx; 1239 struct dpp_authentication *auth = wpa_s->dpp_auth; 1240 1241 if (!auth || !auth->waiting_conf_result) 1242 return; 1243 1244 wpa_printf(MSG_DEBUG, 1245 "DPP: Timeout while waiting for Configuration Result"); 1246 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1247 dpp_auth_deinit(auth); 1248 wpa_s->dpp_auth = NULL; 1249 } 1250 1251 1252 static void wpas_dpp_rx_conf_result(struct wpa_supplicant *wpa_s, const u8 *src, 1253 const u8 *hdr, const u8 *buf, size_t len) 1254 { 1255 struct dpp_authentication *auth = wpa_s->dpp_auth; 1256 enum dpp_status_error status; 1257 1258 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR, 1259 MAC2STR(src)); 1260 1261 if (!auth || !auth->waiting_conf_result) { 1262 wpa_printf(MSG_DEBUG, 1263 "DPP: No DPP Configuration waiting for result - drop"); 1264 return; 1265 } 1266 1267 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { 1268 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " 1269 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); 1270 return; 1271 } 1272 1273 status = dpp_conf_result_rx(auth, hdr, buf, len); 1274 1275 offchannel_send_action_done(wpa_s); 1276 wpas_dpp_listen_stop(wpa_s); 1277 if (status == DPP_STATUS_OK) 1278 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT); 1279 else 1280 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1281 dpp_auth_deinit(auth); 1282 wpa_s->dpp_auth = NULL; 1283 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL); 1284 } 1285 1286 #endif /* CONFIG_DPP2 */ 1287 1288 1289 static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s, 1290 const u8 *src, 1291 const u8 *buf, size_t len) 1292 { 1293 struct wpa_ssid *ssid; 1294 const u8 *connector, *trans_id, *status; 1295 u16 connector_len, trans_id_len, status_len; 1296 struct dpp_introduction intro; 1297 struct rsn_pmksa_cache_entry *entry; 1298 struct os_time now; 1299 struct os_reltime rnow; 1300 os_time_t expiry; 1301 unsigned int seconds; 1302 enum dpp_status_error res; 1303 1304 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR, 1305 MAC2STR(src)); 1306 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) || 1307 os_memcmp(src, wpa_s->dpp_intro_bssid, ETH_ALEN) != 0) { 1308 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from " 1309 MACSTR " - drop", MAC2STR(src)); 1310 return; 1311 } 1312 offchannel_send_action_done(wpa_s); 1313 1314 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 1315 if (ssid == wpa_s->dpp_intro_network) 1316 break; 1317 } 1318 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey || 1319 !ssid->dpp_csign) { 1320 wpa_printf(MSG_DEBUG, 1321 "DPP: Profile not found for network introduction"); 1322 return; 1323 } 1324 1325 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID, 1326 &trans_id_len); 1327 if (!trans_id || trans_id_len != 1) { 1328 wpa_printf(MSG_DEBUG, 1329 "DPP: Peer did not include Transaction ID"); 1330 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1331 " fail=missing_transaction_id", MAC2STR(src)); 1332 goto fail; 1333 } 1334 if (trans_id[0] != TRANSACTION_ID) { 1335 wpa_printf(MSG_DEBUG, 1336 "DPP: Ignore frame with unexpected Transaction ID %u", 1337 trans_id[0]); 1338 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1339 " fail=transaction_id_mismatch", MAC2STR(src)); 1340 goto fail; 1341 } 1342 1343 status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len); 1344 if (!status || status_len != 1) { 1345 wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status"); 1346 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1347 " fail=missing_status", MAC2STR(src)); 1348 goto fail; 1349 } 1350 if (status[0] != DPP_STATUS_OK) { 1351 wpa_printf(MSG_DEBUG, 1352 "DPP: Peer rejected network introduction: Status %u", 1353 status[0]); 1354 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1355 " status=%u", MAC2STR(src), status[0]); 1356 goto fail; 1357 } 1358 1359 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len); 1360 if (!connector) { 1361 wpa_printf(MSG_DEBUG, 1362 "DPP: Peer did not include its Connector"); 1363 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1364 " fail=missing_connector", MAC2STR(src)); 1365 goto fail; 1366 } 1367 1368 res = dpp_peer_intro(&intro, ssid->dpp_connector, 1369 ssid->dpp_netaccesskey, 1370 ssid->dpp_netaccesskey_len, 1371 ssid->dpp_csign, 1372 ssid->dpp_csign_len, 1373 connector, connector_len, &expiry); 1374 if (res != DPP_STATUS_OK) { 1375 wpa_printf(MSG_INFO, 1376 "DPP: Network Introduction protocol resulted in failure"); 1377 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1378 " fail=peer_connector_validation_failed", MAC2STR(src)); 1379 goto fail; 1380 } 1381 1382 entry = os_zalloc(sizeof(*entry)); 1383 if (!entry) 1384 goto fail; 1385 os_memcpy(entry->aa, src, ETH_ALEN); 1386 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN); 1387 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len); 1388 entry->pmk_len = intro.pmk_len; 1389 entry->akmp = WPA_KEY_MGMT_DPP; 1390 if (expiry) { 1391 os_get_time(&now); 1392 seconds = expiry - now.sec; 1393 } else { 1394 seconds = 86400 * 7; 1395 } 1396 os_get_reltime(&rnow); 1397 entry->expiration = rnow.sec + seconds; 1398 entry->reauth_time = rnow.sec + seconds; 1399 entry->network_ctx = ssid; 1400 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry); 1401 1402 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR 1403 " status=%u", MAC2STR(src), status[0]); 1404 1405 wpa_printf(MSG_DEBUG, 1406 "DPP: Try connection again after successful network introduction"); 1407 if (wpa_supplicant_fast_associate(wpa_s) != 1) { 1408 wpa_supplicant_cancel_sched_scan(wpa_s); 1409 wpa_supplicant_req_scan(wpa_s, 0, 0); 1410 } 1411 fail: 1412 os_memset(&intro, 0, sizeof(intro)); 1413 } 1414 1415 1416 static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq) 1417 { 1418 int i, j; 1419 1420 if (!wpa_s->hw.modes) 1421 return -1; 1422 1423 for (i = 0; i < wpa_s->hw.num_modes; i++) { 1424 struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i]; 1425 1426 for (j = 0; j < mode->num_channels; j++) { 1427 struct hostapd_channel_data *chan = &mode->channels[j]; 1428 1429 if (chan->freq != (int) freq) 1430 continue; 1431 1432 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 1433 HOSTAPD_CHAN_NO_IR | 1434 HOSTAPD_CHAN_RADAR)) 1435 continue; 1436 1437 return 1; 1438 } 1439 } 1440 1441 wpa_printf(MSG_DEBUG, 1442 "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list", 1443 freq); 1444 1445 return 0; 1446 } 1447 1448 1449 static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s, 1450 struct dpp_pkex *pkex) 1451 { 1452 if (pkex->freq == 2437) 1453 pkex->freq = 5745; 1454 else if (pkex->freq == 5745) 1455 pkex->freq = 5220; 1456 else if (pkex->freq == 5220) 1457 pkex->freq = 60480; 1458 else 1459 return -1; /* no more channels to try */ 1460 1461 if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) { 1462 wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz", 1463 pkex->freq); 1464 return 0; 1465 } 1466 1467 /* Could not use this channel - try the next one */ 1468 return wpas_dpp_pkex_next_channel(wpa_s, pkex); 1469 } 1470 1471 1472 static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx) 1473 { 1474 struct wpa_supplicant *wpa_s = eloop_ctx; 1475 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 1476 1477 if (!pkex || !pkex->exchange_req) 1478 return; 1479 if (pkex->exch_req_tries >= 5) { 1480 if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) { 1481 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL 1482 "No response from PKEX peer"); 1483 dpp_pkex_free(pkex); 1484 wpa_s->dpp_pkex = NULL; 1485 return; 1486 } 1487 pkex->exch_req_tries = 0; 1488 } 1489 1490 pkex->exch_req_tries++; 1491 wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)", 1492 pkex->exch_req_tries); 1493 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1494 MAC2STR(broadcast), pkex->freq, DPP_PA_PKEX_EXCHANGE_REQ); 1495 offchannel_send_action(wpa_s, pkex->freq, broadcast, 1496 wpa_s->own_addr, broadcast, 1497 wpabuf_head(pkex->exchange_req), 1498 wpabuf_len(pkex->exchange_req), 1499 pkex->exch_req_wait_time, 1500 wpas_dpp_tx_pkex_status, 0); 1501 } 1502 1503 1504 static void 1505 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s, 1506 unsigned int freq, const u8 *dst, 1507 const u8 *src, const u8 *bssid, 1508 const u8 *data, size_t data_len, 1509 enum offchannel_send_action_result result) 1510 { 1511 const char *res_txt; 1512 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 1513 1514 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 1515 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 1516 "FAILED"); 1517 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR 1518 " result=%s (PKEX)", 1519 freq, MAC2STR(dst), res_txt); 1520 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 1521 " freq=%u result=%s", MAC2STR(dst), freq, res_txt); 1522 1523 if (!pkex) { 1524 wpa_printf(MSG_DEBUG, 1525 "DPP: Ignore TX status since there is no ongoing PKEX exchange"); 1526 return; 1527 } 1528 1529 if (pkex->failed) { 1530 wpa_printf(MSG_DEBUG, 1531 "DPP: Terminate PKEX exchange due to an earlier error"); 1532 if (pkex->t > pkex->own_bi->pkex_t) 1533 pkex->own_bi->pkex_t = pkex->t; 1534 dpp_pkex_free(pkex); 1535 wpa_s->dpp_pkex = NULL; 1536 return; 1537 } 1538 1539 if (pkex->exch_req_wait_time && pkex->exchange_req) { 1540 /* Wait for PKEX Exchange Response frame and retry request if 1541 * no response is seen. */ 1542 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); 1543 eloop_register_timeout(pkex->exch_req_wait_time / 1000, 1544 (pkex->exch_req_wait_time % 1000) * 1000, 1545 wpas_dpp_pkex_retry_timeout, wpa_s, 1546 NULL); 1547 } 1548 } 1549 1550 1551 static void 1552 wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src, 1553 const u8 *buf, size_t len, unsigned int freq) 1554 { 1555 struct wpabuf *msg; 1556 unsigned int wait_time; 1557 1558 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR, 1559 MAC2STR(src)); 1560 1561 /* TODO: Support multiple PKEX codes by iterating over all the enabled 1562 * values here */ 1563 1564 if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) { 1565 wpa_printf(MSG_DEBUG, 1566 "DPP: No PKEX code configured - ignore request"); 1567 return; 1568 } 1569 1570 if (wpa_s->dpp_pkex) { 1571 /* TODO: Support parallel operations */ 1572 wpa_printf(MSG_DEBUG, 1573 "DPP: Already in PKEX session - ignore new request"); 1574 return; 1575 } 1576 1577 wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi, 1578 wpa_s->own_addr, src, 1579 wpa_s->dpp_pkex_identifier, 1580 wpa_s->dpp_pkex_code, 1581 buf, len); 1582 if (!wpa_s->dpp_pkex) { 1583 wpa_printf(MSG_DEBUG, 1584 "DPP: Failed to process the request - ignore it"); 1585 return; 1586 } 1587 1588 msg = wpa_s->dpp_pkex->exchange_resp; 1589 wait_time = wpa_s->max_remain_on_chan; 1590 if (wait_time > 2000) 1591 wait_time = 2000; 1592 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1593 MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP); 1594 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, 1595 broadcast, 1596 wpabuf_head(msg), wpabuf_len(msg), 1597 wait_time, wpas_dpp_tx_pkex_status, 0); 1598 } 1599 1600 1601 static void 1602 wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src, 1603 const u8 *buf, size_t len, unsigned int freq) 1604 { 1605 struct wpabuf *msg; 1606 unsigned int wait_time; 1607 1608 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR, 1609 MAC2STR(src)); 1610 1611 /* TODO: Support multiple PKEX codes by iterating over all the enabled 1612 * values here */ 1613 1614 if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator || 1615 wpa_s->dpp_pkex->exchange_done) { 1616 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 1617 return; 1618 } 1619 1620 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); 1621 wpa_s->dpp_pkex->exch_req_wait_time = 0; 1622 1623 msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len); 1624 if (!msg) { 1625 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); 1626 return; 1627 } 1628 1629 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR, 1630 MAC2STR(src)); 1631 1632 wait_time = wpa_s->max_remain_on_chan; 1633 if (wait_time > 2000) 1634 wait_time = 2000; 1635 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1636 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ); 1637 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, 1638 broadcast, 1639 wpabuf_head(msg), wpabuf_len(msg), 1640 wait_time, wpas_dpp_tx_pkex_status, 0); 1641 wpabuf_free(msg); 1642 } 1643 1644 1645 static struct dpp_bootstrap_info * 1646 wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer, 1647 unsigned int freq) 1648 { 1649 struct dpp_bootstrap_info *bi; 1650 1651 bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq); 1652 if (!bi) 1653 return NULL; 1654 wpa_s->dpp_pkex = NULL; 1655 return bi; 1656 } 1657 1658 1659 static void 1660 wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src, 1661 const u8 *hdr, const u8 *buf, size_t len, 1662 unsigned int freq) 1663 { 1664 struct wpabuf *msg; 1665 unsigned int wait_time; 1666 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 1667 1668 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR, 1669 MAC2STR(src)); 1670 1671 if (!pkex || pkex->initiator || !pkex->exchange_done) { 1672 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 1673 return; 1674 } 1675 1676 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len); 1677 if (!msg) { 1678 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request"); 1679 if (pkex->failed) { 1680 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange"); 1681 if (pkex->t > pkex->own_bi->pkex_t) 1682 pkex->own_bi->pkex_t = pkex->t; 1683 dpp_pkex_free(wpa_s->dpp_pkex); 1684 wpa_s->dpp_pkex = NULL; 1685 } 1686 return; 1687 } 1688 1689 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to " 1690 MACSTR, MAC2STR(src)); 1691 1692 wait_time = wpa_s->max_remain_on_chan; 1693 if (wait_time > 2000) 1694 wait_time = 2000; 1695 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 1696 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP); 1697 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, 1698 broadcast, 1699 wpabuf_head(msg), wpabuf_len(msg), 1700 wait_time, wpas_dpp_tx_pkex_status, 0); 1701 wpabuf_free(msg); 1702 1703 wpas_dpp_pkex_finish(wpa_s, src, freq); 1704 } 1705 1706 1707 static void 1708 wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src, 1709 const u8 *hdr, const u8 *buf, size_t len, 1710 unsigned int freq) 1711 { 1712 int res; 1713 struct dpp_bootstrap_info *bi; 1714 struct dpp_pkex *pkex = wpa_s->dpp_pkex; 1715 char cmd[500]; 1716 1717 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR, 1718 MAC2STR(src)); 1719 1720 if (!pkex || !pkex->initiator || !pkex->exchange_done) { 1721 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session"); 1722 return; 1723 } 1724 1725 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len); 1726 if (res < 0) { 1727 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response"); 1728 return; 1729 } 1730 1731 bi = wpas_dpp_pkex_finish(wpa_s, src, freq); 1732 if (!bi) 1733 return; 1734 1735 os_snprintf(cmd, sizeof(cmd), " peer=%u %s", 1736 bi->id, 1737 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : ""); 1738 wpa_printf(MSG_DEBUG, 1739 "DPP: Start authentication after PKEX with parameters: %s", 1740 cmd); 1741 if (wpas_dpp_auth_init(wpa_s, cmd) < 0) { 1742 wpa_printf(MSG_DEBUG, 1743 "DPP: Authentication initialization failed"); 1744 return; 1745 } 1746 } 1747 1748 1749 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src, 1750 const u8 *buf, size_t len, unsigned int freq) 1751 { 1752 u8 crypto_suite; 1753 enum dpp_public_action_frame_type type; 1754 const u8 *hdr; 1755 unsigned int pkex_t; 1756 1757 if (len < DPP_HDR_LEN) 1758 return; 1759 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE) 1760 return; 1761 hdr = buf; 1762 buf += 4; 1763 len -= 4; 1764 crypto_suite = *buf++; 1765 type = *buf++; 1766 len -= 2; 1767 1768 wpa_printf(MSG_DEBUG, 1769 "DPP: Received DPP Public Action frame crypto suite %u type %d from " 1770 MACSTR " freq=%u", 1771 crypto_suite, type, MAC2STR(src), freq); 1772 if (crypto_suite != 1) { 1773 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u", 1774 crypto_suite); 1775 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 1776 " freq=%u type=%d ignore=unsupported-crypto-suite", 1777 MAC2STR(src), freq, type); 1778 return; 1779 } 1780 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len); 1781 if (dpp_check_attrs(buf, len) < 0) { 1782 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR 1783 " freq=%u type=%d ignore=invalid-attributes", 1784 MAC2STR(src), freq, type); 1785 return; 1786 } 1787 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d", 1788 MAC2STR(src), freq, type); 1789 1790 switch (type) { 1791 case DPP_PA_AUTHENTICATION_REQ: 1792 wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq); 1793 break; 1794 case DPP_PA_AUTHENTICATION_RESP: 1795 wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq); 1796 break; 1797 case DPP_PA_AUTHENTICATION_CONF: 1798 wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len); 1799 break; 1800 case DPP_PA_PEER_DISCOVERY_RESP: 1801 wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len); 1802 break; 1803 case DPP_PA_PKEX_EXCHANGE_REQ: 1804 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq); 1805 break; 1806 case DPP_PA_PKEX_EXCHANGE_RESP: 1807 wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq); 1808 break; 1809 case DPP_PA_PKEX_COMMIT_REVEAL_REQ: 1810 wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len, 1811 freq); 1812 break; 1813 case DPP_PA_PKEX_COMMIT_REVEAL_RESP: 1814 wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len, 1815 freq); 1816 break; 1817 #ifdef CONFIG_DPP2 1818 case DPP_PA_CONFIGURATION_RESULT: 1819 wpas_dpp_rx_conf_result(wpa_s, src, hdr, buf, len); 1820 break; 1821 #endif /* CONFIG_DPP2 */ 1822 default: 1823 wpa_printf(MSG_DEBUG, 1824 "DPP: Ignored unsupported frame subtype %d", type); 1825 break; 1826 } 1827 1828 if (wpa_s->dpp_pkex) 1829 pkex_t = wpa_s->dpp_pkex->t; 1830 else if (wpa_s->dpp_pkex_bi) 1831 pkex_t = wpa_s->dpp_pkex_bi->pkex_t; 1832 else 1833 pkex_t = 0; 1834 if (pkex_t >= PKEX_COUNTER_T_LIMIT) { 1835 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0"); 1836 wpas_dpp_pkex_remove(wpa_s, "*"); 1837 } 1838 } 1839 1840 1841 static struct wpabuf * 1842 wpas_dpp_gas_req_handler(void *ctx, const u8 *sa, const u8 *query, 1843 size_t query_len) 1844 { 1845 struct wpa_supplicant *wpa_s = ctx; 1846 struct dpp_authentication *auth = wpa_s->dpp_auth; 1847 struct wpabuf *resp; 1848 1849 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR, 1850 MAC2STR(sa)); 1851 if (!auth || !auth->auth_success || 1852 os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) { 1853 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); 1854 return NULL; 1855 } 1856 wpa_hexdump(MSG_DEBUG, 1857 "DPP: Received Configuration Request (GAS Query Request)", 1858 query, query_len); 1859 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR, 1860 MAC2STR(sa)); 1861 resp = dpp_conf_req_rx(auth, query, query_len); 1862 if (!resp) { 1863 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1864 wpas_notify_dpp_configuration_failure(wpa_s); 1865 } 1866 auth->conf_resp = resp; 1867 return resp; 1868 } 1869 1870 1871 static void 1872 wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok) 1873 { 1874 struct wpa_supplicant *wpa_s = ctx; 1875 struct dpp_authentication *auth = wpa_s->dpp_auth; 1876 1877 if (!auth) { 1878 wpabuf_free(resp); 1879 return; 1880 } 1881 if (auth->conf_resp != resp) { 1882 wpa_printf(MSG_DEBUG, 1883 "DPP: Ignore GAS status report (ok=%d) for unknown response", 1884 ok); 1885 wpabuf_free(resp); 1886 return; 1887 } 1888 1889 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)", 1890 ok); 1891 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 1892 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 1893 #ifdef CONFIG_DPP2 1894 if (ok && auth->peer_version >= 2 && 1895 auth->conf_resp_status == DPP_STATUS_OK) { 1896 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result"); 1897 auth->waiting_conf_result = 1; 1898 auth->conf_resp = NULL; 1899 wpabuf_free(resp); 1900 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, 1901 wpa_s, NULL); 1902 eloop_register_timeout(2, 0, 1903 wpas_dpp_config_result_wait_timeout, 1904 wpa_s, NULL); 1905 return; 1906 } 1907 #endif /* CONFIG_DPP2 */ 1908 offchannel_send_action_done(wpa_s); 1909 wpas_dpp_listen_stop(wpa_s); 1910 if (ok) { 1911 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT); 1912 wpas_notify_dpp_config_sent(wpa_s); 1913 } 1914 else { 1915 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED); 1916 wpas_notify_dpp_configuration_failure(wpa_s); 1917 } 1918 dpp_auth_deinit(wpa_s->dpp_auth); 1919 wpa_s->dpp_auth = NULL; 1920 wpabuf_free(resp); 1921 } 1922 1923 1924 int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd) 1925 { 1926 struct dpp_authentication *auth; 1927 int ret = -1; 1928 char *curve = NULL; 1929 1930 auth = os_zalloc(sizeof(*auth)); 1931 if (!auth) 1932 return -1; 1933 1934 curve = get_param(cmd, " curve="); 1935 wpas_dpp_set_testing_options(wpa_s, auth); 1936 if (dpp_set_configurator(wpa_s->dpp, wpa_s, auth, cmd) == 0 && 1937 dpp_configurator_own_config(auth, curve, 0) == 0) 1938 ret = wpas_dpp_handle_config_obj(wpa_s, auth); 1939 1940 dpp_auth_deinit(auth); 1941 os_free(curve); 1942 1943 return ret; 1944 } 1945 1946 1947 static void 1948 wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s, 1949 unsigned int freq, const u8 *dst, 1950 const u8 *src, const u8 *bssid, 1951 const u8 *data, size_t data_len, 1952 enum offchannel_send_action_result result) 1953 { 1954 const char *res_txt; 1955 1956 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 1957 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 1958 "FAILED"); 1959 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR 1960 " result=%s (DPP Peer Discovery Request)", 1961 freq, MAC2STR(dst), res_txt); 1962 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR 1963 " freq=%u result=%s", MAC2STR(dst), freq, res_txt); 1964 /* TODO: Time out wait for response more quickly in error cases? */ 1965 } 1966 1967 1968 int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 1969 struct wpa_bss *bss) 1970 { 1971 struct os_time now; 1972 struct wpabuf *msg; 1973 unsigned int wait_time; 1974 const u8 *rsn; 1975 struct wpa_ie_data ied; 1976 1977 if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss) 1978 return 0; /* Not using DPP AKM - continue */ 1979 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1980 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 && 1981 !(ied.key_mgmt & WPA_KEY_MGMT_DPP)) 1982 return 0; /* AP does not support DPP AKM - continue */ 1983 if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid)) 1984 return 0; /* PMKSA exists for DPP AKM - continue */ 1985 1986 if (!ssid->dpp_connector || !ssid->dpp_netaccesskey || 1987 !ssid->dpp_csign) { 1988 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR 1989 "missing %s", 1990 !ssid->dpp_connector ? "Connector" : 1991 (!ssid->dpp_netaccesskey ? "netAccessKey" : 1992 "C-sign-key")); 1993 return -1; 1994 } 1995 1996 os_get_time(&now); 1997 1998 if (ssid->dpp_netaccesskey_expiry && 1999 (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) { 2000 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR 2001 "netAccessKey expired"); 2002 return -1; 2003 } 2004 2005 wpa_printf(MSG_DEBUG, 2006 "DPP: Starting network introduction protocol to derive PMKSA for " 2007 MACSTR, MAC2STR(bss->bssid)); 2008 2009 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, 2010 5 + 4 + os_strlen(ssid->dpp_connector)); 2011 if (!msg) 2012 return -1; 2013 2014 #ifdef CONFIG_TESTING_OPTIONS 2015 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) { 2016 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID"); 2017 goto skip_trans_id; 2018 } 2019 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) { 2020 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID"); 2021 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); 2022 wpabuf_put_le16(msg, 0); 2023 goto skip_trans_id; 2024 } 2025 #endif /* CONFIG_TESTING_OPTIONS */ 2026 2027 /* Transaction ID */ 2028 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID); 2029 wpabuf_put_le16(msg, 1); 2030 wpabuf_put_u8(msg, TRANSACTION_ID); 2031 2032 #ifdef CONFIG_TESTING_OPTIONS 2033 skip_trans_id: 2034 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) { 2035 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector"); 2036 goto skip_connector; 2037 } 2038 if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) { 2039 char *connector; 2040 2041 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector"); 2042 connector = dpp_corrupt_connector_signature( 2043 ssid->dpp_connector); 2044 if (!connector) { 2045 wpabuf_free(msg); 2046 return -1; 2047 } 2048 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); 2049 wpabuf_put_le16(msg, os_strlen(connector)); 2050 wpabuf_put_str(msg, connector); 2051 os_free(connector); 2052 goto skip_connector; 2053 } 2054 #endif /* CONFIG_TESTING_OPTIONS */ 2055 2056 /* DPP Connector */ 2057 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR); 2058 wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector)); 2059 wpabuf_put_str(msg, ssid->dpp_connector); 2060 2061 #ifdef CONFIG_TESTING_OPTIONS 2062 skip_connector: 2063 #endif /* CONFIG_TESTING_OPTIONS */ 2064 2065 /* TODO: Timeout on AP response */ 2066 wait_time = wpa_s->max_remain_on_chan; 2067 if (wait_time > 2000) 2068 wait_time = 2000; 2069 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d", 2070 MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ); 2071 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr, 2072 broadcast, 2073 wpabuf_head(msg), wpabuf_len(msg), 2074 wait_time, wpas_dpp_tx_introduction_status, 0); 2075 wpabuf_free(msg); 2076 2077 /* Request this connection attempt to terminate - new one will be 2078 * started when network introduction protocol completes */ 2079 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN); 2080 wpa_s->dpp_intro_network = ssid; 2081 return 1; 2082 } 2083 2084 2085 int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd) 2086 { 2087 struct dpp_bootstrap_info *own_bi; 2088 const char *pos, *end; 2089 unsigned int wait_time; 2090 2091 pos = os_strstr(cmd, " own="); 2092 if (!pos) 2093 return -1; 2094 pos += 5; 2095 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos)); 2096 if (!own_bi) { 2097 wpa_printf(MSG_DEBUG, 2098 "DPP: Identified bootstrap info not found"); 2099 return -1; 2100 } 2101 if (own_bi->type != DPP_BOOTSTRAP_PKEX) { 2102 wpa_printf(MSG_DEBUG, 2103 "DPP: Identified bootstrap info not for PKEX"); 2104 return -1; 2105 } 2106 wpa_s->dpp_pkex_bi = own_bi; 2107 own_bi->pkex_t = 0; /* clear pending errors on new code */ 2108 2109 os_free(wpa_s->dpp_pkex_identifier); 2110 wpa_s->dpp_pkex_identifier = NULL; 2111 pos = os_strstr(cmd, " identifier="); 2112 if (pos) { 2113 pos += 12; 2114 end = os_strchr(pos, ' '); 2115 if (!end) 2116 return -1; 2117 wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1); 2118 if (!wpa_s->dpp_pkex_identifier) 2119 return -1; 2120 os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos); 2121 wpa_s->dpp_pkex_identifier[end - pos] = '\0'; 2122 } 2123 2124 pos = os_strstr(cmd, " code="); 2125 if (!pos) 2126 return -1; 2127 os_free(wpa_s->dpp_pkex_code); 2128 wpa_s->dpp_pkex_code = os_strdup(pos + 6); 2129 if (!wpa_s->dpp_pkex_code) 2130 return -1; 2131 2132 if (os_strstr(cmd, " init=1")) { 2133 struct dpp_pkex *pkex; 2134 struct wpabuf *msg; 2135 2136 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEX"); 2137 dpp_pkex_free(wpa_s->dpp_pkex); 2138 wpa_s->dpp_pkex = dpp_pkex_init(wpa_s, own_bi, wpa_s->own_addr, 2139 wpa_s->dpp_pkex_identifier, 2140 wpa_s->dpp_pkex_code); 2141 pkex = wpa_s->dpp_pkex; 2142 if (!pkex) 2143 return -1; 2144 2145 msg = pkex->exchange_req; 2146 wait_time = wpa_s->max_remain_on_chan; 2147 if (wait_time > 2000) 2148 wait_time = 2000; 2149 pkex->freq = 2437; 2150 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR 2151 " freq=%u type=%d", 2152 MAC2STR(broadcast), pkex->freq, 2153 DPP_PA_PKEX_EXCHANGE_REQ); 2154 offchannel_send_action(wpa_s, pkex->freq, broadcast, 2155 wpa_s->own_addr, broadcast, 2156 wpabuf_head(msg), wpabuf_len(msg), 2157 wait_time, wpas_dpp_tx_pkex_status, 0); 2158 if (wait_time == 0) 2159 wait_time = 2000; 2160 pkex->exch_req_wait_time = wait_time; 2161 pkex->exch_req_tries = 1; 2162 } 2163 2164 /* TODO: Support multiple PKEX info entries */ 2165 2166 os_free(wpa_s->dpp_pkex_auth_cmd); 2167 wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd); 2168 2169 return 1; 2170 } 2171 2172 2173 int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id) 2174 { 2175 unsigned int id_val; 2176 2177 if (os_strcmp(id, "*") == 0) { 2178 id_val = 0; 2179 } else { 2180 id_val = atoi(id); 2181 if (id_val == 0) 2182 return -1; 2183 } 2184 2185 if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code) 2186 return -1; 2187 2188 /* TODO: Support multiple PKEX entries */ 2189 os_free(wpa_s->dpp_pkex_code); 2190 wpa_s->dpp_pkex_code = NULL; 2191 os_free(wpa_s->dpp_pkex_identifier); 2192 wpa_s->dpp_pkex_identifier = NULL; 2193 os_free(wpa_s->dpp_pkex_auth_cmd); 2194 wpa_s->dpp_pkex_auth_cmd = NULL; 2195 wpa_s->dpp_pkex_bi = NULL; 2196 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */ 2197 dpp_pkex_free(wpa_s->dpp_pkex); 2198 wpa_s->dpp_pkex = NULL; 2199 return 0; 2200 } 2201 2202 2203 void wpas_dpp_stop(struct wpa_supplicant *wpa_s) 2204 { 2205 dpp_auth_deinit(wpa_s->dpp_auth); 2206 wpa_s->dpp_auth = NULL; 2207 dpp_pkex_free(wpa_s->dpp_pkex); 2208 wpa_s->dpp_pkex = NULL; 2209 if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0) 2210 gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token); 2211 } 2212 2213 2214 int wpas_dpp_init(struct wpa_supplicant *wpa_s) 2215 { 2216 u8 adv_proto_id[7]; 2217 2218 adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC; 2219 adv_proto_id[1] = 5; 2220 WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA); 2221 adv_proto_id[5] = DPP_OUI_TYPE; 2222 adv_proto_id[6] = 0x01; 2223 2224 if (gas_server_register(wpa_s->gas_server, adv_proto_id, 2225 sizeof(adv_proto_id), wpas_dpp_gas_req_handler, 2226 wpas_dpp_gas_status_handler, wpa_s) < 0) 2227 return -1; 2228 wpa_s->dpp = dpp_global_init(); 2229 return wpa_s->dpp ? 0 : -1; 2230 } 2231 2232 2233 void wpas_dpp_deinit(struct wpa_supplicant *wpa_s) 2234 { 2235 #ifdef CONFIG_TESTING_OPTIONS 2236 os_free(wpa_s->dpp_config_obj_override); 2237 wpa_s->dpp_config_obj_override = NULL; 2238 os_free(wpa_s->dpp_discovery_override); 2239 wpa_s->dpp_discovery_override = NULL; 2240 os_free(wpa_s->dpp_groups_override); 2241 wpa_s->dpp_groups_override = NULL; 2242 wpa_s->dpp_ignore_netaccesskey_mismatch = 0; 2243 #endif /* CONFIG_TESTING_OPTIONS */ 2244 if (!wpa_s->dpp) 2245 return; 2246 dpp_global_clear(wpa_s->dpp); 2247 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL); 2248 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL); 2249 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL); 2250 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL); 2251 #ifdef CONFIG_DPP2 2252 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL); 2253 dpp_pfs_free(wpa_s->dpp_pfs); 2254 wpa_s->dpp_pfs = NULL; 2255 #endif /* CONFIG_DPP2 */ 2256 offchannel_send_action_done(wpa_s); 2257 wpas_dpp_listen_stop(wpa_s); 2258 wpas_dpp_stop(wpa_s); 2259 wpas_dpp_pkex_remove(wpa_s, "*"); 2260 os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN); 2261 os_free(wpa_s->dpp_configurator_params); 2262 wpa_s->dpp_configurator_params = NULL; 2263 } 2264
