1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j (at) w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/uuid.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/wpa_ctrl.h" 17 #include "ap/hostapd.h" 18 #include "ap/ap_config.h" 19 #include "ap/ap_drv_ops.h" 20 #ifdef NEED_AP_MLME 21 #include "ap/ieee802_11.h" 22 #endif /* NEED_AP_MLME */ 23 #include "ap/beacon.h" 24 #include "ap/ieee802_1x.h" 25 #include "ap/wps_hostapd.h" 26 #include "ap/ctrl_iface_ap.h" 27 #include "wps/wps.h" 28 #include "common/ieee802_11_defs.h" 29 #include "config_ssid.h" 30 #include "config.h" 31 #include "wpa_supplicant_i.h" 32 #include "driver_i.h" 33 #include "p2p_supplicant.h" 34 #include "ap.h" 35 #include "ap/sta_info.h" 36 #include "notify.h" 37 38 39 #ifdef CONFIG_WPS 40 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 41 #endif /* CONFIG_WPS */ 42 43 44 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 45 struct wpa_ssid *ssid, 46 struct hostapd_config *conf) 47 { 48 struct hostapd_bss_config *bss = &conf->bss[0]; 49 int pairwise; 50 51 conf->driver = wpa_s->driver; 52 53 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 54 55 if (ssid->frequency == 0) { 56 /* default channel 11 */ 57 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 58 conf->channel = 11; 59 } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) { 60 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 61 conf->channel = (ssid->frequency - 2407) / 5; 62 } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) || 63 (ssid->frequency >= 5745 && ssid->frequency <= 5825)) { 64 conf->hw_mode = HOSTAPD_MODE_IEEE80211A; 65 conf->channel = (ssid->frequency - 5000) / 5; 66 } else { 67 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 68 ssid->frequency); 69 return -1; 70 } 71 72 /* TODO: enable HT40 if driver supports it; 73 * drop to 11b if driver does not support 11g */ 74 75 #ifdef CONFIG_IEEE80211N 76 /* 77 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 78 * and a mask of allowed capabilities within conf->ht_capab. 79 * Using default config settings for: conf->ht_op_mode_fixed, 80 * conf->secondary_channel, conf->require_ht 81 */ 82 if (wpa_s->hw.modes) { 83 struct hostapd_hw_modes *mode = NULL; 84 int i; 85 for (i = 0; i < wpa_s->hw.num_modes; i++) { 86 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 87 mode = &wpa_s->hw.modes[i]; 88 break; 89 } 90 } 91 if (mode && mode->ht_capab) { 92 conf->ieee80211n = 1; 93 94 /* 95 * white-list capabilities that won't cause issues 96 * to connecting stations, while leaving the current 97 * capabilities intact (currently disabled SMPS). 98 */ 99 conf->ht_capab |= mode->ht_capab & 100 (HT_CAP_INFO_GREEN_FIELD | 101 HT_CAP_INFO_SHORT_GI20MHZ | 102 HT_CAP_INFO_SHORT_GI40MHZ | 103 HT_CAP_INFO_RX_STBC_MASK | 104 HT_CAP_INFO_MAX_AMSDU_SIZE); 105 } 106 } 107 #endif /* CONFIG_IEEE80211N */ 108 109 #ifdef CONFIG_P2P 110 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { 111 /* Remove 802.11b rates from supported and basic rate sets */ 112 int *list = os_malloc(4 * sizeof(int)); 113 if (list) { 114 list[0] = 60; 115 list[1] = 120; 116 list[2] = 240; 117 list[3] = -1; 118 } 119 conf->basic_rates = list; 120 121 list = os_malloc(9 * sizeof(int)); 122 if (list) { 123 list[0] = 60; 124 list[1] = 90; 125 list[2] = 120; 126 list[3] = 180; 127 list[4] = 240; 128 list[5] = 360; 129 list[6] = 480; 130 list[7] = 540; 131 list[8] = -1; 132 } 133 conf->supported_rates = list; 134 } 135 136 bss->isolate = !wpa_s->conf->p2p_intra_bss; 137 #endif /* CONFIG_P2P */ 138 139 if (ssid->ssid_len == 0) { 140 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 141 return -1; 142 } 143 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 144 bss->ssid.ssid[ssid->ssid_len] = '\0'; 145 bss->ssid.ssid_len = ssid->ssid_len; 146 bss->ssid.ssid_set = 1; 147 148 if (ssid->auth_alg) 149 bss->auth_algs = ssid->auth_alg; 150 151 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 152 bss->wpa = ssid->proto; 153 bss->wpa_key_mgmt = ssid->key_mgmt; 154 bss->wpa_pairwise = ssid->pairwise_cipher; 155 if (ssid->passphrase) { 156 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 157 } else if (ssid->psk_set) { 158 os_free(bss->ssid.wpa_psk); 159 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 160 if (bss->ssid.wpa_psk == NULL) 161 return -1; 162 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 163 bss->ssid.wpa_psk->group = 1; 164 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 165 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 166 struct hostapd_wep_keys *wep = &bss->ssid.wep; 167 int i; 168 for (i = 0; i < NUM_WEP_KEYS; i++) { 169 if (ssid->wep_key_len[i] == 0) 170 continue; 171 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 172 if (wep->key[i] == NULL) 173 return -1; 174 os_memcpy(wep->key[i], ssid->wep_key[i], 175 ssid->wep_key_len[i]); 176 wep->len[i] = ssid->wep_key_len[i]; 177 } 178 wep->idx = ssid->wep_tx_keyidx; 179 wep->keys_set = 1; 180 } 181 182 /* Select group cipher based on the enabled pairwise cipher suites */ 183 pairwise = 0; 184 if (bss->wpa & 1) 185 pairwise |= bss->wpa_pairwise; 186 if (bss->wpa & 2) { 187 if (bss->rsn_pairwise == 0) 188 bss->rsn_pairwise = bss->wpa_pairwise; 189 pairwise |= bss->rsn_pairwise; 190 } 191 if (pairwise & WPA_CIPHER_TKIP) 192 bss->wpa_group = WPA_CIPHER_TKIP; 193 else 194 bss->wpa_group = WPA_CIPHER_CCMP; 195 196 if (bss->wpa && bss->ieee802_1x) 197 bss->ssid.security_policy = SECURITY_WPA; 198 else if (bss->wpa) 199 bss->ssid.security_policy = SECURITY_WPA_PSK; 200 else if (bss->ieee802_1x) { 201 int cipher = WPA_CIPHER_NONE; 202 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 203 bss->ssid.wep.default_len = bss->default_wep_key_len; 204 if (bss->default_wep_key_len) 205 cipher = bss->default_wep_key_len >= 13 ? 206 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 207 bss->wpa_group = cipher; 208 bss->wpa_pairwise = cipher; 209 bss->rsn_pairwise = cipher; 210 } else if (bss->ssid.wep.keys_set) { 211 int cipher = WPA_CIPHER_WEP40; 212 if (bss->ssid.wep.len[0] >= 13) 213 cipher = WPA_CIPHER_WEP104; 214 bss->ssid.security_policy = SECURITY_STATIC_WEP; 215 bss->wpa_group = cipher; 216 bss->wpa_pairwise = cipher; 217 bss->rsn_pairwise = cipher; 218 } else { 219 bss->ssid.security_policy = SECURITY_PLAINTEXT; 220 bss->wpa_group = WPA_CIPHER_NONE; 221 bss->wpa_pairwise = WPA_CIPHER_NONE; 222 bss->rsn_pairwise = WPA_CIPHER_NONE; 223 } 224 225 #ifdef CONFIG_WPS 226 /* 227 * Enable WPS by default for open and WPA/WPA2-Personal network, but 228 * require user interaction to actually use it. Only the internal 229 * Registrar is supported. 230 */ 231 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 232 bss->ssid.security_policy != SECURITY_PLAINTEXT) 233 goto no_wps; 234 #ifdef CONFIG_WPS2 235 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 236 (!(pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) 237 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 238 * configuration */ 239 #endif /* CONFIG_WPS2 */ 240 bss->eap_server = 1; 241 bss->wps_state = 2; 242 bss->ap_setup_locked = 2; 243 if (wpa_s->conf->config_methods) 244 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 245 os_memcpy(bss->device_type, wpa_s->conf->device_type, 246 WPS_DEV_TYPE_LEN); 247 if (wpa_s->conf->device_name) { 248 bss->device_name = os_strdup(wpa_s->conf->device_name); 249 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 250 } 251 if (wpa_s->conf->manufacturer) 252 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 253 if (wpa_s->conf->model_name) 254 bss->model_name = os_strdup(wpa_s->conf->model_name); 255 if (wpa_s->conf->model_number) 256 bss->model_number = os_strdup(wpa_s->conf->model_number); 257 if (wpa_s->conf->serial_number) 258 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 259 if (is_nil_uuid(wpa_s->conf->uuid)) 260 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 261 else 262 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 263 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 264 no_wps: 265 #endif /* CONFIG_WPS */ 266 267 if (wpa_s->max_stations && 268 wpa_s->max_stations < wpa_s->conf->max_num_sta) 269 bss->max_num_sta = wpa_s->max_stations; 270 else 271 bss->max_num_sta = wpa_s->conf->max_num_sta; 272 273 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 274 275 return 0; 276 } 277 278 279 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 280 { 281 #ifdef CONFIG_P2P 282 struct wpa_supplicant *wpa_s = ctx; 283 const struct ieee80211_mgmt *mgmt; 284 size_t hdr_len; 285 286 mgmt = (const struct ieee80211_mgmt *) buf; 287 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 288 if (hdr_len > len) 289 return; 290 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 291 mgmt->u.action.category, 292 &mgmt->u.action.u.vs_public_action.action, 293 len - hdr_len, freq); 294 #endif /* CONFIG_P2P */ 295 } 296 297 298 static void ap_wps_event_cb(void *ctx, enum wps_event event, 299 union wps_event_data *data) 300 { 301 #ifdef CONFIG_P2P 302 struct wpa_supplicant *wpa_s = ctx; 303 304 if (event == WPS_EV_FAIL) { 305 struct wps_event_fail *fail = &data->fail; 306 307 if (wpa_s->parent && wpa_s->parent != wpa_s && 308 wpa_s == wpa_s->global->p2p_group_formation) { 309 /* 310 * src/ap/wps_hostapd.c has already sent this on the 311 * main interface, so only send on the parent interface 312 * here if needed. 313 */ 314 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 315 "msg=%d config_error=%d", 316 fail->msg, fail->config_error); 317 } 318 wpas_p2p_wps_failed(wpa_s, fail); 319 } 320 #endif /* CONFIG_P2P */ 321 } 322 323 324 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 325 int authorized, const u8 *p2p_dev_addr) 326 { 327 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 328 } 329 330 331 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 332 { 333 #ifdef CONFIG_P2P 334 struct wpa_supplicant *wpa_s = ctx; 335 const struct ieee80211_mgmt *mgmt; 336 size_t hdr_len; 337 338 mgmt = (const struct ieee80211_mgmt *) buf; 339 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 340 if (hdr_len > len) 341 return -1; 342 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 343 mgmt->u.action.category, 344 &mgmt->u.action.u.vs_public_action.action, 345 len - hdr_len, freq); 346 #endif /* CONFIG_P2P */ 347 return 0; 348 } 349 350 351 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 352 const u8 *bssid, const u8 *ie, size_t ie_len) 353 { 354 #ifdef CONFIG_P2P 355 struct wpa_supplicant *wpa_s = ctx; 356 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len); 357 #else /* CONFIG_P2P */ 358 return 0; 359 #endif /* CONFIG_P2P */ 360 } 361 362 363 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 364 const u8 *uuid_e) 365 { 366 #ifdef CONFIG_P2P 367 struct wpa_supplicant *wpa_s = ctx; 368 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 369 #endif /* CONFIG_P2P */ 370 } 371 372 373 static void wpas_ap_configured_cb(void *ctx) 374 { 375 struct wpa_supplicant *wpa_s = ctx; 376 377 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 378 379 if (wpa_s->ap_configured_cb) 380 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 381 wpa_s->ap_configured_cb_data); 382 } 383 384 385 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 386 struct wpa_ssid *ssid) 387 { 388 struct wpa_driver_associate_params params; 389 struct hostapd_iface *hapd_iface; 390 struct hostapd_config *conf; 391 size_t i; 392 393 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 394 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 395 return -1; 396 } 397 398 wpa_supplicant_ap_deinit(wpa_s); 399 400 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 401 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 402 403 os_memset(¶ms, 0, sizeof(params)); 404 params.ssid = ssid->ssid; 405 params.ssid_len = ssid->ssid_len; 406 switch (ssid->mode) { 407 case WPAS_MODE_INFRA: 408 params.mode = IEEE80211_MODE_INFRA; 409 break; 410 case WPAS_MODE_IBSS: 411 params.mode = IEEE80211_MODE_IBSS; 412 break; 413 case WPAS_MODE_AP: 414 case WPAS_MODE_P2P_GO: 415 case WPAS_MODE_P2P_GROUP_FORMATION: 416 params.mode = IEEE80211_MODE_AP; 417 break; 418 } 419 params.freq = ssid->frequency; 420 421 params.wpa_proto = ssid->proto; 422 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 423 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 424 else 425 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 426 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 427 428 if (ssid->pairwise_cipher & WPA_CIPHER_CCMP) 429 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 430 else if (ssid->pairwise_cipher & WPA_CIPHER_TKIP) 431 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 432 else if (ssid->pairwise_cipher & WPA_CIPHER_NONE) 433 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 434 else { 435 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 436 "cipher."); 437 return -1; 438 } 439 params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher); 440 params.group_suite = params.pairwise_suite; 441 442 #ifdef CONFIG_P2P 443 if (ssid->mode == WPAS_MODE_P2P_GO || 444 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 445 params.p2p = 1; 446 #endif /* CONFIG_P2P */ 447 448 if (wpa_s->parent->set_ap_uapsd) 449 params.uapsd = wpa_s->parent->ap_uapsd; 450 else 451 params.uapsd = -1; 452 453 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 454 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 455 return -1; 456 } 457 458 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 459 if (hapd_iface == NULL) 460 return -1; 461 hapd_iface->owner = wpa_s; 462 hapd_iface->drv_flags = wpa_s->drv_flags; 463 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 464 465 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 466 if (conf == NULL) { 467 wpa_supplicant_ap_deinit(wpa_s); 468 return -1; 469 } 470 471 if (params.uapsd > 0) { 472 conf->bss->wmm_enabled = 1; 473 conf->bss->wmm_uapsd = 1; 474 } 475 476 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 477 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 478 wpa_supplicant_ap_deinit(wpa_s); 479 return -1; 480 } 481 482 #ifdef CONFIG_P2P 483 if (ssid->mode == WPAS_MODE_P2P_GO) 484 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 485 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 486 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 487 P2P_GROUP_FORMATION; 488 #endif /* CONFIG_P2P */ 489 490 hapd_iface->num_bss = conf->num_bss; 491 hapd_iface->bss = os_zalloc(conf->num_bss * 492 sizeof(struct hostapd_data *)); 493 if (hapd_iface->bss == NULL) { 494 wpa_supplicant_ap_deinit(wpa_s); 495 return -1; 496 } 497 498 for (i = 0; i < conf->num_bss; i++) { 499 hapd_iface->bss[i] = 500 hostapd_alloc_bss_data(hapd_iface, conf, 501 &conf->bss[i]); 502 if (hapd_iface->bss[i] == NULL) { 503 wpa_supplicant_ap_deinit(wpa_s); 504 return -1; 505 } 506 507 hapd_iface->bss[i]->msg_ctx = wpa_s; 508 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent; 509 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 510 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 511 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 512 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 513 hostapd_register_probereq_cb(hapd_iface->bss[i], 514 ap_probe_req_rx, wpa_s); 515 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 516 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 517 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 518 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 519 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 520 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 521 #ifdef CONFIG_P2P 522 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 523 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init( 524 wpa_s, ssid->p2p_persistent_group, 525 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION); 526 #endif /* CONFIG_P2P */ 527 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 528 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 529 } 530 531 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 532 hapd_iface->bss[0]->driver = wpa_s->driver; 533 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 534 535 wpa_s->current_ssid = ssid; 536 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 537 wpa_s->assoc_freq = ssid->frequency; 538 539 if (hostapd_setup_interface(wpa_s->ap_iface)) { 540 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 541 wpa_supplicant_ap_deinit(wpa_s); 542 return -1; 543 } 544 545 return 0; 546 } 547 548 549 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 550 { 551 #ifdef CONFIG_WPS 552 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 553 #endif /* CONFIG_WPS */ 554 555 if (wpa_s->ap_iface == NULL) 556 return; 557 558 wpa_s->current_ssid = NULL; 559 wpa_s->assoc_freq = 0; 560 wpa_s->reassociated_connection = 0; 561 #ifdef CONFIG_P2P 562 if (wpa_s->ap_iface->bss) 563 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 564 wpas_p2p_group_deinit(wpa_s); 565 #endif /* CONFIG_P2P */ 566 hostapd_interface_deinit(wpa_s->ap_iface); 567 hostapd_interface_free(wpa_s->ap_iface); 568 wpa_s->ap_iface = NULL; 569 wpa_drv_deinit_ap(wpa_s); 570 } 571 572 573 void ap_tx_status(void *ctx, const u8 *addr, 574 const u8 *buf, size_t len, int ack) 575 { 576 #ifdef NEED_AP_MLME 577 struct wpa_supplicant *wpa_s = ctx; 578 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 579 #endif /* NEED_AP_MLME */ 580 } 581 582 583 void ap_eapol_tx_status(void *ctx, const u8 *dst, 584 const u8 *data, size_t len, int ack) 585 { 586 #ifdef NEED_AP_MLME 587 struct wpa_supplicant *wpa_s = ctx; 588 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 589 #endif /* NEED_AP_MLME */ 590 } 591 592 593 void ap_client_poll_ok(void *ctx, const u8 *addr) 594 { 595 #ifdef NEED_AP_MLME 596 struct wpa_supplicant *wpa_s = ctx; 597 if (wpa_s->ap_iface) 598 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 599 #endif /* NEED_AP_MLME */ 600 } 601 602 603 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 604 { 605 #ifdef NEED_AP_MLME 606 struct wpa_supplicant *wpa_s = ctx; 607 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 608 #endif /* NEED_AP_MLME */ 609 } 610 611 612 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 613 { 614 #ifdef NEED_AP_MLME 615 struct wpa_supplicant *wpa_s = ctx; 616 struct hostapd_frame_info fi; 617 os_memset(&fi, 0, sizeof(fi)); 618 fi.datarate = rx_mgmt->datarate; 619 fi.ssi_signal = rx_mgmt->ssi_signal; 620 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 621 rx_mgmt->frame_len, &fi); 622 #endif /* NEED_AP_MLME */ 623 } 624 625 626 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 627 { 628 #ifdef NEED_AP_MLME 629 struct wpa_supplicant *wpa_s = ctx; 630 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 631 #endif /* NEED_AP_MLME */ 632 } 633 634 635 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 636 const u8 *src_addr, const u8 *buf, size_t len) 637 { 638 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 639 } 640 641 642 #ifdef CONFIG_WPS 643 644 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 645 const u8 *p2p_dev_addr) 646 { 647 if (!wpa_s->ap_iface) 648 return -1; 649 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 650 p2p_dev_addr); 651 } 652 653 654 static int wpa_supplicant_ap_wps_sta_cancel(struct hostapd_data *hapd, 655 struct sta_info *sta, void *ctx) 656 { 657 if (sta && (sta->flags & WLAN_STA_WPS)) { 658 ap_sta_deauthenticate(hapd, sta, 659 WLAN_REASON_PREV_AUTH_NOT_VALID); 660 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 661 __func__, MAC2STR(sta->addr)); 662 return 1; 663 } 664 665 return 0; 666 } 667 668 669 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 670 { 671 struct wps_registrar *reg; 672 int reg_sel = 0, wps_sta = 0; 673 674 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 675 return -1; 676 677 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 678 reg_sel = wps_registrar_wps_cancel(reg); 679 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 680 wpa_supplicant_ap_wps_sta_cancel, NULL); 681 682 if (!reg_sel && !wps_sta) { 683 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 684 "time"); 685 return -1; 686 } 687 688 /* 689 * There are 2 cases to return wps cancel as success: 690 * 1. When wps cancel was initiated but no connection has been 691 * established with client yet. 692 * 2. Client is in the middle of exchanging WPS messages. 693 */ 694 695 return 0; 696 } 697 698 699 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 700 const char *pin, char *buf, size_t buflen) 701 { 702 int ret, ret_len = 0; 703 704 if (!wpa_s->ap_iface) 705 return -1; 706 707 if (pin == NULL) { 708 unsigned int rpin = wps_generate_pin(); 709 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 710 pin = buf; 711 } else 712 ret_len = os_snprintf(buf, buflen, "%s", pin); 713 714 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 715 0); 716 if (ret) 717 return -1; 718 return ret_len; 719 } 720 721 722 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 723 { 724 struct wpa_supplicant *wpa_s = eloop_data; 725 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 726 wpas_wps_ap_pin_disable(wpa_s); 727 } 728 729 730 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 731 { 732 struct hostapd_data *hapd; 733 734 if (wpa_s->ap_iface == NULL) 735 return; 736 hapd = wpa_s->ap_iface->bss[0]; 737 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 738 hapd->ap_pin_failures = 0; 739 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 740 if (timeout > 0) 741 eloop_register_timeout(timeout, 0, 742 wpas_wps_ap_pin_timeout, wpa_s, NULL); 743 } 744 745 746 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 747 { 748 struct hostapd_data *hapd; 749 750 if (wpa_s->ap_iface == NULL) 751 return; 752 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 753 hapd = wpa_s->ap_iface->bss[0]; 754 os_free(hapd->conf->ap_pin); 755 hapd->conf->ap_pin = NULL; 756 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 757 } 758 759 760 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 761 { 762 struct hostapd_data *hapd; 763 unsigned int pin; 764 char pin_txt[9]; 765 766 if (wpa_s->ap_iface == NULL) 767 return NULL; 768 hapd = wpa_s->ap_iface->bss[0]; 769 pin = wps_generate_pin(); 770 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 771 os_free(hapd->conf->ap_pin); 772 hapd->conf->ap_pin = os_strdup(pin_txt); 773 if (hapd->conf->ap_pin == NULL) 774 return NULL; 775 wpas_wps_ap_pin_enable(wpa_s, timeout); 776 777 return hapd->conf->ap_pin; 778 } 779 780 781 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 782 { 783 struct hostapd_data *hapd; 784 if (wpa_s->ap_iface == NULL) 785 return NULL; 786 hapd = wpa_s->ap_iface->bss[0]; 787 return hapd->conf->ap_pin; 788 } 789 790 791 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 792 int timeout) 793 { 794 struct hostapd_data *hapd; 795 char pin_txt[9]; 796 int ret; 797 798 if (wpa_s->ap_iface == NULL) 799 return -1; 800 hapd = wpa_s->ap_iface->bss[0]; 801 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 802 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 803 return -1; 804 os_free(hapd->conf->ap_pin); 805 hapd->conf->ap_pin = os_strdup(pin_txt); 806 if (hapd->conf->ap_pin == NULL) 807 return -1; 808 wpas_wps_ap_pin_enable(wpa_s, timeout); 809 810 return 0; 811 } 812 813 814 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 815 { 816 struct hostapd_data *hapd; 817 818 if (wpa_s->ap_iface == NULL) 819 return; 820 hapd = wpa_s->ap_iface->bss[0]; 821 822 /* 823 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 824 * PIN if this happens multiple times to slow down brute force attacks. 825 */ 826 hapd->ap_pin_failures++; 827 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 828 hapd->ap_pin_failures); 829 if (hapd->ap_pin_failures < 3) 830 return; 831 832 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 833 hapd->ap_pin_failures = 0; 834 os_free(hapd->conf->ap_pin); 835 hapd->conf->ap_pin = NULL; 836 } 837 838 #endif /* CONFIG_WPS */ 839 840 841 #ifdef CONFIG_CTRL_IFACE 842 843 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 844 char *buf, size_t buflen) 845 { 846 if (wpa_s->ap_iface == NULL) 847 return -1; 848 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 849 buf, buflen); 850 } 851 852 853 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 854 char *buf, size_t buflen) 855 { 856 if (wpa_s->ap_iface == NULL) 857 return -1; 858 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 859 buf, buflen); 860 } 861 862 863 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 864 char *buf, size_t buflen) 865 { 866 if (wpa_s->ap_iface == NULL) 867 return -1; 868 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 869 buf, buflen); 870 } 871 872 873 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 874 size_t buflen, int verbose) 875 { 876 char *pos = buf, *end = buf + buflen; 877 int ret; 878 struct hostapd_bss_config *conf; 879 880 if (wpa_s->ap_iface == NULL) 881 return -1; 882 883 conf = wpa_s->ap_iface->bss[0]->conf; 884 if (conf->wpa == 0) 885 return 0; 886 887 ret = os_snprintf(pos, end - pos, 888 "pairwise_cipher=%s\n" 889 "group_cipher=%s\n" 890 "key_mgmt=%s\n", 891 wpa_cipher_txt(conf->rsn_pairwise), 892 wpa_cipher_txt(conf->wpa_group), 893 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 894 conf->wpa)); 895 if (ret < 0 || ret >= end - pos) 896 return pos - buf; 897 pos += ret; 898 return pos - buf; 899 } 900 901 #endif /* CONFIG_CTRL_IFACE */ 902 903 904 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 905 { 906 struct hostapd_iface *iface = wpa_s->ap_iface; 907 struct wpa_ssid *ssid = wpa_s->current_ssid; 908 struct hostapd_data *hapd; 909 910 if (ssid == NULL || wpa_s->ap_iface == NULL || 911 ssid->mode == WPAS_MODE_INFRA || 912 ssid->mode == WPAS_MODE_IBSS) 913 return -1; 914 915 #ifdef CONFIG_P2P 916 if (ssid->mode == WPAS_MODE_P2P_GO) 917 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 918 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 919 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 920 P2P_GROUP_FORMATION; 921 #endif /* CONFIG_P2P */ 922 923 hapd = iface->bss[0]; 924 if (hapd->drv_priv == NULL) 925 return -1; 926 ieee802_11_set_beacons(iface); 927 hostapd_set_ap_wps_ie(hapd); 928 929 return 0; 930 } 931 932 933 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 934 const u8 *addr) 935 { 936 struct hostapd_data *hapd; 937 struct hostapd_bss_config *conf; 938 939 if (!wpa_s->ap_iface) 940 return -1; 941 942 if (addr) 943 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 944 MAC2STR(addr)); 945 else 946 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 947 948 hapd = wpa_s->ap_iface->bss[0]; 949 conf = hapd->conf; 950 951 os_free(conf->accept_mac); 952 conf->accept_mac = NULL; 953 conf->num_accept_mac = 0; 954 os_free(conf->deny_mac); 955 conf->deny_mac = NULL; 956 conf->num_deny_mac = 0; 957 958 if (addr == NULL) { 959 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 960 return 0; 961 } 962 963 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 964 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 965 if (conf->accept_mac == NULL) 966 return -1; 967 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 968 conf->num_accept_mac = 1; 969 970 return 0; 971 } 972