1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j (at) w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/uuid.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/wpa_ctrl.h" 17 #include "eapol_supp/eapol_supp_sm.h" 18 #include "ap/hostapd.h" 19 #include "ap/ap_config.h" 20 #include "ap/ap_drv_ops.h" 21 #ifdef NEED_AP_MLME 22 #include "ap/ieee802_11.h" 23 #endif /* NEED_AP_MLME */ 24 #include "ap/beacon.h" 25 #include "ap/ieee802_1x.h" 26 #include "ap/wps_hostapd.h" 27 #include "ap/ctrl_iface_ap.h" 28 #include "wps/wps.h" 29 #include "common/ieee802_11_defs.h" 30 #include "config_ssid.h" 31 #include "config.h" 32 #include "wpa_supplicant_i.h" 33 #include "driver_i.h" 34 #include "p2p_supplicant.h" 35 #include "ap.h" 36 #include "ap/sta_info.h" 37 #include "notify.h" 38 39 40 #ifdef CONFIG_WPS 41 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 42 #endif /* CONFIG_WPS */ 43 44 45 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 46 struct wpa_ssid *ssid, 47 struct hostapd_config *conf) 48 { 49 struct hostapd_bss_config *bss = &conf->bss[0]; 50 51 conf->driver = wpa_s->driver; 52 53 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 54 55 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 56 &conf->channel); 57 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 58 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 59 ssid->frequency); 60 return -1; 61 } 62 63 /* TODO: enable HT40 if driver supports it; 64 * drop to 11b if driver does not support 11g */ 65 66 #ifdef CONFIG_IEEE80211N 67 /* 68 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 69 * and a mask of allowed capabilities within conf->ht_capab. 70 * Using default config settings for: conf->ht_op_mode_fixed, 71 * conf->secondary_channel, conf->require_ht 72 */ 73 if (wpa_s->hw.modes) { 74 struct hostapd_hw_modes *mode = NULL; 75 int i, no_ht = 0; 76 for (i = 0; i < wpa_s->hw.num_modes; i++) { 77 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 78 mode = &wpa_s->hw.modes[i]; 79 break; 80 } 81 } 82 83 #ifdef CONFIG_HT_OVERRIDES 84 if (ssid->disable_ht) { 85 conf->ieee80211n = 0; 86 conf->ht_capab = 0; 87 no_ht = 1; 88 } 89 #endif /* CONFIG_HT_OVERRIDES */ 90 91 if (!no_ht && mode && mode->ht_capab) { 92 conf->ieee80211n = 1; 93 #ifdef CONFIG_P2P 94 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 95 (mode->ht_capab & 96 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 97 ssid->ht40) 98 conf->secondary_channel = 99 wpas_p2p_get_ht40_mode(wpa_s, mode, 100 conf->channel); 101 if (conf->secondary_channel) 102 conf->ht_capab |= 103 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 104 #endif /* CONFIG_P2P */ 105 106 /* 107 * white-list capabilities that won't cause issues 108 * to connecting stations, while leaving the current 109 * capabilities intact (currently disabled SMPS). 110 */ 111 conf->ht_capab |= mode->ht_capab & 112 (HT_CAP_INFO_GREEN_FIELD | 113 HT_CAP_INFO_SHORT_GI20MHZ | 114 HT_CAP_INFO_SHORT_GI40MHZ | 115 HT_CAP_INFO_RX_STBC_MASK | 116 HT_CAP_INFO_MAX_AMSDU_SIZE); 117 } 118 } 119 #endif /* CONFIG_IEEE80211N */ 120 121 #ifdef CONFIG_P2P 122 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 123 (ssid->mode == WPAS_MODE_P2P_GO || 124 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 125 /* Remove 802.11b rates from supported and basic rate sets */ 126 int *list = os_malloc(4 * sizeof(int)); 127 if (list) { 128 list[0] = 60; 129 list[1] = 120; 130 list[2] = 240; 131 list[3] = -1; 132 } 133 conf->basic_rates = list; 134 135 list = os_malloc(9 * sizeof(int)); 136 if (list) { 137 list[0] = 60; 138 list[1] = 90; 139 list[2] = 120; 140 list[3] = 180; 141 list[4] = 240; 142 list[5] = 360; 143 list[6] = 480; 144 list[7] = 540; 145 list[8] = -1; 146 } 147 conf->supported_rates = list; 148 } 149 150 bss->isolate = !wpa_s->conf->p2p_intra_bss; 151 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 152 #endif /* CONFIG_P2P */ 153 154 if (ssid->ssid_len == 0) { 155 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 156 return -1; 157 } 158 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 159 bss->ssid.ssid_len = ssid->ssid_len; 160 bss->ssid.ssid_set = 1; 161 162 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 163 164 if (ssid->auth_alg) 165 bss->auth_algs = ssid->auth_alg; 166 167 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 168 bss->wpa = ssid->proto; 169 bss->wpa_key_mgmt = ssid->key_mgmt; 170 bss->wpa_pairwise = ssid->pairwise_cipher; 171 if (ssid->psk_set) { 172 os_free(bss->ssid.wpa_psk); 173 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 174 if (bss->ssid.wpa_psk == NULL) 175 return -1; 176 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 177 bss->ssid.wpa_psk->group = 1; 178 } else if (ssid->passphrase) { 179 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 180 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 181 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 182 struct hostapd_wep_keys *wep = &bss->ssid.wep; 183 int i; 184 for (i = 0; i < NUM_WEP_KEYS; i++) { 185 if (ssid->wep_key_len[i] == 0) 186 continue; 187 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 188 if (wep->key[i] == NULL) 189 return -1; 190 os_memcpy(wep->key[i], ssid->wep_key[i], 191 ssid->wep_key_len[i]); 192 wep->len[i] = ssid->wep_key_len[i]; 193 } 194 wep->idx = ssid->wep_tx_keyidx; 195 wep->keys_set = 1; 196 } 197 198 if (ssid->ap_max_inactivity) 199 bss->ap_max_inactivity = ssid->ap_max_inactivity; 200 201 if (ssid->dtim_period) 202 bss->dtim_period = ssid->dtim_period; 203 else if (wpa_s->conf->dtim_period) 204 bss->dtim_period = wpa_s->conf->dtim_period; 205 206 if (ssid->beacon_int) 207 conf->beacon_int = ssid->beacon_int; 208 else if (wpa_s->conf->beacon_int) 209 conf->beacon_int = wpa_s->conf->beacon_int; 210 211 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 212 bss->rsn_pairwise = bss->wpa_pairwise; 213 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 214 bss->rsn_pairwise); 215 216 if (bss->wpa && bss->ieee802_1x) 217 bss->ssid.security_policy = SECURITY_WPA; 218 else if (bss->wpa) 219 bss->ssid.security_policy = SECURITY_WPA_PSK; 220 else if (bss->ieee802_1x) { 221 int cipher = WPA_CIPHER_NONE; 222 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 223 bss->ssid.wep.default_len = bss->default_wep_key_len; 224 if (bss->default_wep_key_len) 225 cipher = bss->default_wep_key_len >= 13 ? 226 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 227 bss->wpa_group = cipher; 228 bss->wpa_pairwise = cipher; 229 bss->rsn_pairwise = cipher; 230 } else if (bss->ssid.wep.keys_set) { 231 int cipher = WPA_CIPHER_WEP40; 232 if (bss->ssid.wep.len[0] >= 13) 233 cipher = WPA_CIPHER_WEP104; 234 bss->ssid.security_policy = SECURITY_STATIC_WEP; 235 bss->wpa_group = cipher; 236 bss->wpa_pairwise = cipher; 237 bss->rsn_pairwise = cipher; 238 } else { 239 bss->ssid.security_policy = SECURITY_PLAINTEXT; 240 bss->wpa_group = WPA_CIPHER_NONE; 241 bss->wpa_pairwise = WPA_CIPHER_NONE; 242 bss->rsn_pairwise = WPA_CIPHER_NONE; 243 } 244 245 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 246 (bss->wpa_group == WPA_CIPHER_CCMP || 247 bss->wpa_group == WPA_CIPHER_GCMP)) { 248 /* 249 * Strong ciphers do not need frequent rekeying, so increase 250 * the default GTK rekeying period to 24 hours. 251 */ 252 bss->wpa_group_rekey = 86400; 253 } 254 255 #ifdef CONFIG_WPS 256 /* 257 * Enable WPS by default for open and WPA/WPA2-Personal network, but 258 * require user interaction to actually use it. Only the internal 259 * Registrar is supported. 260 */ 261 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 262 bss->ssid.security_policy != SECURITY_PLAINTEXT) 263 goto no_wps; 264 #ifdef CONFIG_WPS2 265 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 266 (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) 267 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 268 * configuration */ 269 #endif /* CONFIG_WPS2 */ 270 bss->eap_server = 1; 271 272 if (!ssid->ignore_broadcast_ssid) 273 bss->wps_state = 2; 274 275 bss->ap_setup_locked = 2; 276 if (wpa_s->conf->config_methods) 277 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 278 os_memcpy(bss->device_type, wpa_s->conf->device_type, 279 WPS_DEV_TYPE_LEN); 280 if (wpa_s->conf->device_name) { 281 bss->device_name = os_strdup(wpa_s->conf->device_name); 282 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 283 } 284 if (wpa_s->conf->manufacturer) 285 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 286 if (wpa_s->conf->model_name) 287 bss->model_name = os_strdup(wpa_s->conf->model_name); 288 if (wpa_s->conf->model_number) 289 bss->model_number = os_strdup(wpa_s->conf->model_number); 290 if (wpa_s->conf->serial_number) 291 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 292 if (is_nil_uuid(wpa_s->conf->uuid)) 293 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 294 else 295 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 296 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 297 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 298 no_wps: 299 #endif /* CONFIG_WPS */ 300 301 if (wpa_s->max_stations && 302 wpa_s->max_stations < wpa_s->conf->max_num_sta) 303 bss->max_num_sta = wpa_s->max_stations; 304 else 305 bss->max_num_sta = wpa_s->conf->max_num_sta; 306 307 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 308 309 if (wpa_s->conf->ap_vendor_elements) { 310 bss->vendor_elements = 311 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 312 } 313 314 return 0; 315 } 316 317 318 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 319 { 320 #ifdef CONFIG_P2P 321 struct wpa_supplicant *wpa_s = ctx; 322 const struct ieee80211_mgmt *mgmt; 323 size_t hdr_len; 324 325 mgmt = (const struct ieee80211_mgmt *) buf; 326 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 327 if (hdr_len > len) 328 return; 329 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 330 mgmt->u.action.category, 331 &mgmt->u.action.u.vs_public_action.action, 332 len - hdr_len, freq); 333 #endif /* CONFIG_P2P */ 334 } 335 336 337 static void ap_wps_event_cb(void *ctx, enum wps_event event, 338 union wps_event_data *data) 339 { 340 #ifdef CONFIG_P2P 341 struct wpa_supplicant *wpa_s = ctx; 342 343 if (event == WPS_EV_FAIL) { 344 struct wps_event_fail *fail = &data->fail; 345 346 if (wpa_s->parent && wpa_s->parent != wpa_s && 347 wpa_s == wpa_s->global->p2p_group_formation) { 348 /* 349 * src/ap/wps_hostapd.c has already sent this on the 350 * main interface, so only send on the parent interface 351 * here if needed. 352 */ 353 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 354 "msg=%d config_error=%d", 355 fail->msg, fail->config_error); 356 } 357 wpas_p2p_wps_failed(wpa_s, fail); 358 } 359 #endif /* CONFIG_P2P */ 360 } 361 362 363 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 364 int authorized, const u8 *p2p_dev_addr) 365 { 366 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 367 } 368 369 370 #ifdef CONFIG_P2P 371 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 372 const u8 *psk, size_t psk_len) 373 { 374 375 struct wpa_supplicant *wpa_s = ctx; 376 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 377 return; 378 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 379 } 380 #endif /* CONFIG_P2P */ 381 382 383 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 384 { 385 #ifdef CONFIG_P2P 386 struct wpa_supplicant *wpa_s = ctx; 387 const struct ieee80211_mgmt *mgmt; 388 size_t hdr_len; 389 390 mgmt = (const struct ieee80211_mgmt *) buf; 391 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 392 if (hdr_len > len) 393 return -1; 394 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 395 mgmt->u.action.category, 396 &mgmt->u.action.u.vs_public_action.action, 397 len - hdr_len, freq); 398 #endif /* CONFIG_P2P */ 399 return 0; 400 } 401 402 403 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 404 const u8 *bssid, const u8 *ie, size_t ie_len, 405 int ssi_signal) 406 { 407 #ifdef CONFIG_P2P 408 struct wpa_supplicant *wpa_s = ctx; 409 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 410 ssi_signal); 411 #else /* CONFIG_P2P */ 412 return 0; 413 #endif /* CONFIG_P2P */ 414 } 415 416 417 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 418 const u8 *uuid_e) 419 { 420 #ifdef CONFIG_P2P 421 struct wpa_supplicant *wpa_s = ctx; 422 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 423 #endif /* CONFIG_P2P */ 424 } 425 426 427 static void wpas_ap_configured_cb(void *ctx) 428 { 429 struct wpa_supplicant *wpa_s = ctx; 430 431 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 432 433 if (wpa_s->ap_configured_cb) 434 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 435 wpa_s->ap_configured_cb_data); 436 } 437 438 439 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 440 struct wpa_ssid *ssid) 441 { 442 struct wpa_driver_associate_params params; 443 struct hostapd_iface *hapd_iface; 444 struct hostapd_config *conf; 445 size_t i; 446 447 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 448 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 449 return -1; 450 } 451 452 wpa_supplicant_ap_deinit(wpa_s); 453 454 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 455 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 456 457 os_memset(¶ms, 0, sizeof(params)); 458 params.ssid = ssid->ssid; 459 params.ssid_len = ssid->ssid_len; 460 switch (ssid->mode) { 461 case WPAS_MODE_INFRA: 462 params.mode = IEEE80211_MODE_INFRA; 463 break; 464 case WPAS_MODE_IBSS: 465 params.mode = IEEE80211_MODE_IBSS; 466 break; 467 case WPAS_MODE_AP: 468 case WPAS_MODE_P2P_GO: 469 case WPAS_MODE_P2P_GROUP_FORMATION: 470 params.mode = IEEE80211_MODE_AP; 471 break; 472 } 473 if (ssid->frequency == 0) 474 ssid->frequency = 2462; /* default channel 11 */ 475 params.freq = ssid->frequency; 476 477 params.wpa_proto = ssid->proto; 478 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 479 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 480 else 481 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 482 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 483 484 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 485 1); 486 if (wpa_s->pairwise_cipher < 0) { 487 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 488 "cipher."); 489 return -1; 490 } 491 params.pairwise_suite = 492 wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher); 493 params.group_suite = params.pairwise_suite; 494 495 #ifdef CONFIG_P2P 496 if (ssid->mode == WPAS_MODE_P2P_GO || 497 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 498 params.p2p = 1; 499 #endif /* CONFIG_P2P */ 500 501 if (wpa_s->parent->set_ap_uapsd) 502 params.uapsd = wpa_s->parent->ap_uapsd; 503 else 504 params.uapsd = -1; 505 506 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 507 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 508 return -1; 509 } 510 511 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 512 if (hapd_iface == NULL) 513 return -1; 514 hapd_iface->owner = wpa_s; 515 hapd_iface->drv_flags = wpa_s->drv_flags; 516 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 517 hapd_iface->extended_capa = wpa_s->extended_capa; 518 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 519 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 520 521 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 522 if (conf == NULL) { 523 wpa_supplicant_ap_deinit(wpa_s); 524 return -1; 525 } 526 527 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 528 wpa_s->conf->wmm_ac_params, 529 sizeof(wpa_s->conf->wmm_ac_params)); 530 531 if (params.uapsd > 0) { 532 conf->bss->wmm_enabled = 1; 533 conf->bss->wmm_uapsd = 1; 534 } 535 536 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 537 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 538 wpa_supplicant_ap_deinit(wpa_s); 539 return -1; 540 } 541 542 #ifdef CONFIG_P2P 543 if (ssid->mode == WPAS_MODE_P2P_GO) 544 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 545 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 546 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 547 P2P_GROUP_FORMATION; 548 #endif /* CONFIG_P2P */ 549 550 hapd_iface->num_bss = conf->num_bss; 551 hapd_iface->bss = os_calloc(conf->num_bss, 552 sizeof(struct hostapd_data *)); 553 if (hapd_iface->bss == NULL) { 554 wpa_supplicant_ap_deinit(wpa_s); 555 return -1; 556 } 557 558 for (i = 0; i < conf->num_bss; i++) { 559 hapd_iface->bss[i] = 560 hostapd_alloc_bss_data(hapd_iface, conf, 561 &conf->bss[i]); 562 if (hapd_iface->bss[i] == NULL) { 563 wpa_supplicant_ap_deinit(wpa_s); 564 return -1; 565 } 566 567 hapd_iface->bss[i]->msg_ctx = wpa_s; 568 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent; 569 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 570 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 571 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 572 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 573 hostapd_register_probereq_cb(hapd_iface->bss[i], 574 ap_probe_req_rx, wpa_s); 575 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 576 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 577 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 578 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 579 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 580 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 581 #ifdef CONFIG_P2P 582 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 583 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 584 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 585 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 586 ssid); 587 #endif /* CONFIG_P2P */ 588 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 589 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 590 } 591 592 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 593 hapd_iface->bss[0]->driver = wpa_s->driver; 594 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 595 596 wpa_s->current_ssid = ssid; 597 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 598 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 599 wpa_s->assoc_freq = ssid->frequency; 600 601 if (hostapd_setup_interface(wpa_s->ap_iface)) { 602 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 603 wpa_supplicant_ap_deinit(wpa_s); 604 return -1; 605 } 606 607 return 0; 608 } 609 610 611 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 612 { 613 #ifdef CONFIG_WPS 614 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 615 #endif /* CONFIG_WPS */ 616 617 if (wpa_s->ap_iface == NULL) 618 return; 619 620 wpa_s->current_ssid = NULL; 621 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 622 wpa_s->assoc_freq = 0; 623 #ifdef CONFIG_P2P 624 if (wpa_s->ap_iface->bss) 625 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 626 wpas_p2p_group_deinit(wpa_s); 627 #endif /* CONFIG_P2P */ 628 hostapd_interface_deinit(wpa_s->ap_iface); 629 hostapd_interface_free(wpa_s->ap_iface); 630 wpa_s->ap_iface = NULL; 631 wpa_drv_deinit_ap(wpa_s); 632 } 633 634 635 void ap_tx_status(void *ctx, const u8 *addr, 636 const u8 *buf, size_t len, int ack) 637 { 638 #ifdef NEED_AP_MLME 639 struct wpa_supplicant *wpa_s = ctx; 640 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 641 #endif /* NEED_AP_MLME */ 642 } 643 644 645 void ap_eapol_tx_status(void *ctx, const u8 *dst, 646 const u8 *data, size_t len, int ack) 647 { 648 #ifdef NEED_AP_MLME 649 struct wpa_supplicant *wpa_s = ctx; 650 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 651 #endif /* NEED_AP_MLME */ 652 } 653 654 655 void ap_client_poll_ok(void *ctx, const u8 *addr) 656 { 657 #ifdef NEED_AP_MLME 658 struct wpa_supplicant *wpa_s = ctx; 659 if (wpa_s->ap_iface) 660 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 661 #endif /* NEED_AP_MLME */ 662 } 663 664 665 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 666 { 667 #ifdef NEED_AP_MLME 668 struct wpa_supplicant *wpa_s = ctx; 669 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 670 #endif /* NEED_AP_MLME */ 671 } 672 673 674 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 675 { 676 #ifdef NEED_AP_MLME 677 struct wpa_supplicant *wpa_s = ctx; 678 struct hostapd_frame_info fi; 679 os_memset(&fi, 0, sizeof(fi)); 680 fi.datarate = rx_mgmt->datarate; 681 fi.ssi_signal = rx_mgmt->ssi_signal; 682 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 683 rx_mgmt->frame_len, &fi); 684 #endif /* NEED_AP_MLME */ 685 } 686 687 688 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 689 { 690 #ifdef NEED_AP_MLME 691 struct wpa_supplicant *wpa_s = ctx; 692 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 693 #endif /* NEED_AP_MLME */ 694 } 695 696 697 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 698 const u8 *src_addr, const u8 *buf, size_t len) 699 { 700 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 701 } 702 703 704 #ifdef CONFIG_WPS 705 706 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 707 const u8 *p2p_dev_addr) 708 { 709 if (!wpa_s->ap_iface) 710 return -1; 711 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 712 p2p_dev_addr); 713 } 714 715 716 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 717 { 718 struct wps_registrar *reg; 719 int reg_sel = 0, wps_sta = 0; 720 721 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 722 return -1; 723 724 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 725 reg_sel = wps_registrar_wps_cancel(reg); 726 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 727 ap_sta_wps_cancel, NULL); 728 729 if (!reg_sel && !wps_sta) { 730 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 731 "time"); 732 return -1; 733 } 734 735 /* 736 * There are 2 cases to return wps cancel as success: 737 * 1. When wps cancel was initiated but no connection has been 738 * established with client yet. 739 * 2. Client is in the middle of exchanging WPS messages. 740 */ 741 742 return 0; 743 } 744 745 746 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 747 const char *pin, char *buf, size_t buflen, 748 int timeout) 749 { 750 int ret, ret_len = 0; 751 752 if (!wpa_s->ap_iface) 753 return -1; 754 755 if (pin == NULL) { 756 unsigned int rpin = wps_generate_pin(); 757 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 758 pin = buf; 759 } else 760 ret_len = os_snprintf(buf, buflen, "%s", pin); 761 762 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 763 timeout); 764 if (ret) 765 return -1; 766 return ret_len; 767 } 768 769 770 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 771 { 772 struct wpa_supplicant *wpa_s = eloop_data; 773 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 774 wpas_wps_ap_pin_disable(wpa_s); 775 } 776 777 778 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 779 { 780 struct hostapd_data *hapd; 781 782 if (wpa_s->ap_iface == NULL) 783 return; 784 hapd = wpa_s->ap_iface->bss[0]; 785 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 786 hapd->ap_pin_failures = 0; 787 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 788 if (timeout > 0) 789 eloop_register_timeout(timeout, 0, 790 wpas_wps_ap_pin_timeout, wpa_s, NULL); 791 } 792 793 794 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 795 { 796 struct hostapd_data *hapd; 797 798 if (wpa_s->ap_iface == NULL) 799 return; 800 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 801 hapd = wpa_s->ap_iface->bss[0]; 802 os_free(hapd->conf->ap_pin); 803 hapd->conf->ap_pin = NULL; 804 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 805 } 806 807 808 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 809 { 810 struct hostapd_data *hapd; 811 unsigned int pin; 812 char pin_txt[9]; 813 814 if (wpa_s->ap_iface == NULL) 815 return NULL; 816 hapd = wpa_s->ap_iface->bss[0]; 817 pin = wps_generate_pin(); 818 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 819 os_free(hapd->conf->ap_pin); 820 hapd->conf->ap_pin = os_strdup(pin_txt); 821 if (hapd->conf->ap_pin == NULL) 822 return NULL; 823 wpas_wps_ap_pin_enable(wpa_s, timeout); 824 825 return hapd->conf->ap_pin; 826 } 827 828 829 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 830 { 831 struct hostapd_data *hapd; 832 if (wpa_s->ap_iface == NULL) 833 return NULL; 834 hapd = wpa_s->ap_iface->bss[0]; 835 return hapd->conf->ap_pin; 836 } 837 838 839 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 840 int timeout) 841 { 842 struct hostapd_data *hapd; 843 char pin_txt[9]; 844 int ret; 845 846 if (wpa_s->ap_iface == NULL) 847 return -1; 848 hapd = wpa_s->ap_iface->bss[0]; 849 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 850 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 851 return -1; 852 os_free(hapd->conf->ap_pin); 853 hapd->conf->ap_pin = os_strdup(pin_txt); 854 if (hapd->conf->ap_pin == NULL) 855 return -1; 856 wpas_wps_ap_pin_enable(wpa_s, timeout); 857 858 return 0; 859 } 860 861 862 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 863 { 864 struct hostapd_data *hapd; 865 866 if (wpa_s->ap_iface == NULL) 867 return; 868 hapd = wpa_s->ap_iface->bss[0]; 869 870 /* 871 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 872 * PIN if this happens multiple times to slow down brute force attacks. 873 */ 874 hapd->ap_pin_failures++; 875 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 876 hapd->ap_pin_failures); 877 if (hapd->ap_pin_failures < 3) 878 return; 879 880 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 881 hapd->ap_pin_failures = 0; 882 os_free(hapd->conf->ap_pin); 883 hapd->conf->ap_pin = NULL; 884 } 885 886 887 #ifdef CONFIG_WPS_NFC 888 889 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 890 int ndef) 891 { 892 struct hostapd_data *hapd; 893 894 if (wpa_s->ap_iface == NULL) 895 return NULL; 896 hapd = wpa_s->ap_iface->bss[0]; 897 return hostapd_wps_nfc_config_token(hapd, ndef); 898 } 899 900 901 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 902 int ndef) 903 { 904 struct hostapd_data *hapd; 905 906 if (wpa_s->ap_iface == NULL) 907 return NULL; 908 hapd = wpa_s->ap_iface->bss[0]; 909 return hostapd_wps_nfc_hs_cr(hapd, ndef); 910 } 911 912 #endif /* CONFIG_WPS_NFC */ 913 914 #endif /* CONFIG_WPS */ 915 916 917 #ifdef CONFIG_CTRL_IFACE 918 919 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 920 char *buf, size_t buflen) 921 { 922 if (wpa_s->ap_iface == NULL) 923 return -1; 924 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 925 buf, buflen); 926 } 927 928 929 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 930 char *buf, size_t buflen) 931 { 932 if (wpa_s->ap_iface == NULL) 933 return -1; 934 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 935 buf, buflen); 936 } 937 938 939 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 940 char *buf, size_t buflen) 941 { 942 if (wpa_s->ap_iface == NULL) 943 return -1; 944 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 945 buf, buflen); 946 } 947 948 949 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 950 const char *txtaddr) 951 { 952 if (wpa_s->ap_iface == NULL) 953 return -1; 954 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 955 txtaddr); 956 } 957 958 959 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 960 const char *txtaddr) 961 { 962 if (wpa_s->ap_iface == NULL) 963 return -1; 964 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 965 txtaddr); 966 } 967 968 969 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 970 size_t buflen, int verbose) 971 { 972 char *pos = buf, *end = buf + buflen; 973 int ret; 974 struct hostapd_bss_config *conf; 975 976 if (wpa_s->ap_iface == NULL) 977 return -1; 978 979 conf = wpa_s->ap_iface->bss[0]->conf; 980 if (conf->wpa == 0) 981 return 0; 982 983 ret = os_snprintf(pos, end - pos, 984 "pairwise_cipher=%s\n" 985 "group_cipher=%s\n" 986 "key_mgmt=%s\n", 987 wpa_cipher_txt(conf->rsn_pairwise), 988 wpa_cipher_txt(conf->wpa_group), 989 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 990 conf->wpa)); 991 if (ret < 0 || ret >= end - pos) 992 return pos - buf; 993 pos += ret; 994 return pos - buf; 995 } 996 997 #endif /* CONFIG_CTRL_IFACE */ 998 999 1000 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1001 { 1002 struct hostapd_iface *iface = wpa_s->ap_iface; 1003 struct wpa_ssid *ssid = wpa_s->current_ssid; 1004 struct hostapd_data *hapd; 1005 1006 if (ssid == NULL || wpa_s->ap_iface == NULL || 1007 ssid->mode == WPAS_MODE_INFRA || 1008 ssid->mode == WPAS_MODE_IBSS) 1009 return -1; 1010 1011 #ifdef CONFIG_P2P 1012 if (ssid->mode == WPAS_MODE_P2P_GO) 1013 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1014 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1015 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1016 P2P_GROUP_FORMATION; 1017 #endif /* CONFIG_P2P */ 1018 1019 hapd = iface->bss[0]; 1020 if (hapd->drv_priv == NULL) 1021 return -1; 1022 ieee802_11_set_beacons(iface); 1023 hostapd_set_ap_wps_ie(hapd); 1024 1025 return 0; 1026 } 1027 1028 1029 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1030 int offset) 1031 { 1032 if (!wpa_s->ap_iface) 1033 return; 1034 1035 wpa_s->assoc_freq = freq; 1036 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset); 1037 } 1038 1039 1040 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1041 const u8 *addr) 1042 { 1043 struct hostapd_data *hapd; 1044 struct hostapd_bss_config *conf; 1045 1046 if (!wpa_s->ap_iface) 1047 return -1; 1048 1049 if (addr) 1050 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1051 MAC2STR(addr)); 1052 else 1053 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1054 1055 hapd = wpa_s->ap_iface->bss[0]; 1056 conf = hapd->conf; 1057 1058 os_free(conf->accept_mac); 1059 conf->accept_mac = NULL; 1060 conf->num_accept_mac = 0; 1061 os_free(conf->deny_mac); 1062 conf->deny_mac = NULL; 1063 conf->num_deny_mac = 0; 1064 1065 if (addr == NULL) { 1066 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1067 return 0; 1068 } 1069 1070 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1071 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1072 if (conf->accept_mac == NULL) 1073 return -1; 1074 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1075 conf->num_accept_mac = 1; 1076 1077 return 0; 1078 } 1079
