Home | History | Annotate | Download | only in wpa_supplicant
      1 /*
      2  * WPA Supplicant - Basic AP mode support routines
      3  * Copyright (c) 2003-2009, Jouni Malinen <j (at) w1.fi>
      4  * Copyright (c) 2009, Atheros Communications
      5  *
      6  * This software may be distributed under the terms of the BSD license.
      7  * See README for more details.
      8  */
      9 
     10 #include "utils/includes.h"
     11 
     12 #include "utils/common.h"
     13 #include "utils/eloop.h"
     14 #include "utils/uuid.h"
     15 #include "common/ieee802_11_defs.h"
     16 #include "common/wpa_ctrl.h"
     17 #include "eapol_supp/eapol_supp_sm.h"
     18 #include "crypto/dh_group5.h"
     19 #include "ap/hostapd.h"
     20 #include "ap/ap_config.h"
     21 #include "ap/ap_drv_ops.h"
     22 #ifdef NEED_AP_MLME
     23 #include "ap/ieee802_11.h"
     24 #endif /* NEED_AP_MLME */
     25 #include "ap/beacon.h"
     26 #include "ap/ieee802_1x.h"
     27 #include "ap/wps_hostapd.h"
     28 #include "ap/ctrl_iface_ap.h"
     29 #include "wps/wps.h"
     30 #include "common/ieee802_11_defs.h"
     31 #include "config_ssid.h"
     32 #include "config.h"
     33 #include "wpa_supplicant_i.h"
     34 #include "driver_i.h"
     35 #include "p2p_supplicant.h"
     36 #include "ap.h"
     37 #include "ap/sta_info.h"
     38 #include "notify.h"
     39 
     40 
     41 #ifdef CONFIG_WPS
     42 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
     43 #endif /* CONFIG_WPS */
     44 
     45 
     46 #ifdef CONFIG_IEEE80211N
     47 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
     48 			     struct hostapd_config *conf,
     49 			     struct hostapd_hw_modes *mode)
     50 {
     51 #ifdef CONFIG_P2P
     52 	u8 center_chan = 0;
     53 	u8 channel = conf->channel;
     54 
     55 	if (!conf->secondary_channel)
     56 		goto no_vht;
     57 
     58 	center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel);
     59 	if (!center_chan)
     60 		goto no_vht;
     61 
     62 	/* Use 80 MHz channel */
     63 	conf->vht_oper_chwidth = 1;
     64 	conf->vht_oper_centr_freq_seg0_idx = center_chan;
     65 	return;
     66 
     67 no_vht:
     68 	conf->vht_oper_centr_freq_seg0_idx =
     69 		channel + conf->secondary_channel * 2;
     70 #else /* CONFIG_P2P */
     71 	conf->vht_oper_centr_freq_seg0_idx =
     72 		conf->channel + conf->secondary_channel * 2;
     73 #endif /* CONFIG_P2P */
     74 }
     75 #endif /* CONFIG_IEEE80211N */
     76 
     77 
     78 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
     79 				  struct wpa_ssid *ssid,
     80 				  struct hostapd_config *conf)
     81 {
     82 	struct hostapd_bss_config *bss = conf->bss[0];
     83 
     84 	conf->driver = wpa_s->driver;
     85 
     86 	os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
     87 
     88 	conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
     89 					       &conf->channel);
     90 	if (conf->hw_mode == NUM_HOSTAPD_MODES) {
     91 		wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
     92 			   ssid->frequency);
     93 		return -1;
     94 	}
     95 
     96 	/* TODO: enable HT40 if driver supports it;
     97 	 * drop to 11b if driver does not support 11g */
     98 
     99 #ifdef CONFIG_IEEE80211N
    100 	/*
    101 	 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
    102 	 * and a mask of allowed capabilities within conf->ht_capab.
    103 	 * Using default config settings for: conf->ht_op_mode_fixed,
    104 	 * conf->secondary_channel, conf->require_ht
    105 	 */
    106 	if (wpa_s->hw.modes) {
    107 		struct hostapd_hw_modes *mode = NULL;
    108 		int i, no_ht = 0;
    109 		for (i = 0; i < wpa_s->hw.num_modes; i++) {
    110 			if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
    111 				mode = &wpa_s->hw.modes[i];
    112 				break;
    113 			}
    114 		}
    115 
    116 #ifdef CONFIG_HT_OVERRIDES
    117 		if (ssid->disable_ht) {
    118 			conf->ieee80211n = 0;
    119 			conf->ht_capab = 0;
    120 			no_ht = 1;
    121 		}
    122 #endif /* CONFIG_HT_OVERRIDES */
    123 
    124 		if (!no_ht && mode && mode->ht_capab) {
    125 			conf->ieee80211n = 1;
    126 #ifdef CONFIG_P2P
    127 			if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
    128 			    (mode->ht_capab &
    129 			     HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
    130 			    ssid->ht40)
    131 				conf->secondary_channel =
    132 					wpas_p2p_get_ht40_mode(wpa_s, mode,
    133 							       conf->channel);
    134 			if (conf->secondary_channel)
    135 				conf->ht_capab |=
    136 					HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
    137 #endif /* CONFIG_P2P */
    138 
    139 			/*
    140 			 * white-list capabilities that won't cause issues
    141 			 * to connecting stations, while leaving the current
    142 			 * capabilities intact (currently disabled SMPS).
    143 			 */
    144 			conf->ht_capab |= mode->ht_capab &
    145 				(HT_CAP_INFO_GREEN_FIELD |
    146 				 HT_CAP_INFO_SHORT_GI20MHZ |
    147 				 HT_CAP_INFO_SHORT_GI40MHZ |
    148 				 HT_CAP_INFO_RX_STBC_MASK |
    149 				 HT_CAP_INFO_MAX_AMSDU_SIZE);
    150 
    151 			if (mode->vht_capab && ssid->vht) {
    152 				conf->ieee80211ac = 1;
    153 				wpas_conf_ap_vht(wpa_s, conf, mode);
    154 			}
    155 		}
    156 	}
    157 #endif /* CONFIG_IEEE80211N */
    158 
    159 #ifdef CONFIG_P2P
    160 	if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
    161 	    (ssid->mode == WPAS_MODE_P2P_GO ||
    162 	     ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
    163 		/* Remove 802.11b rates from supported and basic rate sets */
    164 		int *list = os_malloc(4 * sizeof(int));
    165 		if (list) {
    166 			list[0] = 60;
    167 			list[1] = 120;
    168 			list[2] = 240;
    169 			list[3] = -1;
    170 		}
    171 		conf->basic_rates = list;
    172 
    173 		list = os_malloc(9 * sizeof(int));
    174 		if (list) {
    175 			list[0] = 60;
    176 			list[1] = 90;
    177 			list[2] = 120;
    178 			list[3] = 180;
    179 			list[4] = 240;
    180 			list[5] = 360;
    181 			list[6] = 480;
    182 			list[7] = 540;
    183 			list[8] = -1;
    184 		}
    185 		conf->supported_rates = list;
    186 	}
    187 
    188 	bss->isolate = !wpa_s->conf->p2p_intra_bss;
    189 	bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
    190 
    191 	if (ssid->p2p_group) {
    192 		os_memcpy(bss->ip_addr_go, wpa_s->parent->conf->ip_addr_go, 4);
    193 		os_memcpy(bss->ip_addr_mask, wpa_s->parent->conf->ip_addr_mask,
    194 			  4);
    195 		os_memcpy(bss->ip_addr_start,
    196 			  wpa_s->parent->conf->ip_addr_start, 4);
    197 		os_memcpy(bss->ip_addr_end, wpa_s->parent->conf->ip_addr_end,
    198 			  4);
    199 	}
    200 #endif /* CONFIG_P2P */
    201 
    202 	if (ssid->ssid_len == 0) {
    203 		wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
    204 		return -1;
    205 	}
    206 	os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
    207 	bss->ssid.ssid_len = ssid->ssid_len;
    208 	bss->ssid.ssid_set = 1;
    209 
    210 	bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
    211 
    212 	if (ssid->auth_alg)
    213 		bss->auth_algs = ssid->auth_alg;
    214 
    215 	if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
    216 		bss->wpa = ssid->proto;
    217 	bss->wpa_key_mgmt = ssid->key_mgmt;
    218 	bss->wpa_pairwise = ssid->pairwise_cipher;
    219 	if (ssid->psk_set) {
    220 		os_free(bss->ssid.wpa_psk);
    221 		bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
    222 		if (bss->ssid.wpa_psk == NULL)
    223 			return -1;
    224 		os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
    225 		bss->ssid.wpa_psk->group = 1;
    226 	} else if (ssid->passphrase) {
    227 		bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
    228 	} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
    229 		   ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
    230 		struct hostapd_wep_keys *wep = &bss->ssid.wep;
    231 		int i;
    232 		for (i = 0; i < NUM_WEP_KEYS; i++) {
    233 			if (ssid->wep_key_len[i] == 0)
    234 				continue;
    235 			wep->key[i] = os_malloc(ssid->wep_key_len[i]);
    236 			if (wep->key[i] == NULL)
    237 				return -1;
    238 			os_memcpy(wep->key[i], ssid->wep_key[i],
    239 				  ssid->wep_key_len[i]);
    240 			wep->len[i] = ssid->wep_key_len[i];
    241 		}
    242 		wep->idx = ssid->wep_tx_keyidx;
    243 		wep->keys_set = 1;
    244 	}
    245 
    246 	if (ssid->ap_max_inactivity)
    247 		bss->ap_max_inactivity = ssid->ap_max_inactivity;
    248 
    249 	if (ssid->dtim_period)
    250 		bss->dtim_period = ssid->dtim_period;
    251 	else if (wpa_s->conf->dtim_period)
    252 		bss->dtim_period = wpa_s->conf->dtim_period;
    253 
    254 	if (ssid->beacon_int)
    255 		conf->beacon_int = ssid->beacon_int;
    256 	else if (wpa_s->conf->beacon_int)
    257 		conf->beacon_int = wpa_s->conf->beacon_int;
    258 
    259 	if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
    260 		bss->rsn_pairwise = bss->wpa_pairwise;
    261 	bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
    262 						    bss->rsn_pairwise);
    263 
    264 	if (bss->wpa && bss->ieee802_1x)
    265 		bss->ssid.security_policy = SECURITY_WPA;
    266 	else if (bss->wpa)
    267 		bss->ssid.security_policy = SECURITY_WPA_PSK;
    268 	else if (bss->ieee802_1x) {
    269 		int cipher = WPA_CIPHER_NONE;
    270 		bss->ssid.security_policy = SECURITY_IEEE_802_1X;
    271 		bss->ssid.wep.default_len = bss->default_wep_key_len;
    272 		if (bss->default_wep_key_len)
    273 			cipher = bss->default_wep_key_len >= 13 ?
    274 				WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
    275 		bss->wpa_group = cipher;
    276 		bss->wpa_pairwise = cipher;
    277 		bss->rsn_pairwise = cipher;
    278 	} else if (bss->ssid.wep.keys_set) {
    279 		int cipher = WPA_CIPHER_WEP40;
    280 		if (bss->ssid.wep.len[0] >= 13)
    281 			cipher = WPA_CIPHER_WEP104;
    282 		bss->ssid.security_policy = SECURITY_STATIC_WEP;
    283 		bss->wpa_group = cipher;
    284 		bss->wpa_pairwise = cipher;
    285 		bss->rsn_pairwise = cipher;
    286 	} else {
    287 		bss->ssid.security_policy = SECURITY_PLAINTEXT;
    288 		bss->wpa_group = WPA_CIPHER_NONE;
    289 		bss->wpa_pairwise = WPA_CIPHER_NONE;
    290 		bss->rsn_pairwise = WPA_CIPHER_NONE;
    291 	}
    292 
    293 	if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
    294 	    (bss->wpa_group == WPA_CIPHER_CCMP ||
    295 	     bss->wpa_group == WPA_CIPHER_GCMP ||
    296 	     bss->wpa_group == WPA_CIPHER_CCMP_256 ||
    297 	     bss->wpa_group == WPA_CIPHER_GCMP_256)) {
    298 		/*
    299 		 * Strong ciphers do not need frequent rekeying, so increase
    300 		 * the default GTK rekeying period to 24 hours.
    301 		 */
    302 		bss->wpa_group_rekey = 86400;
    303 	}
    304 
    305 #ifdef CONFIG_IEEE80211W
    306 	if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
    307 		bss->ieee80211w = ssid->ieee80211w;
    308 #endif /* CONFIG_IEEE80211W */
    309 
    310 #ifdef CONFIG_WPS
    311 	/*
    312 	 * Enable WPS by default for open and WPA/WPA2-Personal network, but
    313 	 * require user interaction to actually use it. Only the internal
    314 	 * Registrar is supported.
    315 	 */
    316 	if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
    317 	    bss->ssid.security_policy != SECURITY_PLAINTEXT)
    318 		goto no_wps;
    319 	if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
    320 	    (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
    321 		goto no_wps; /* WPS2 does not allow WPA/TKIP-only
    322 			      * configuration */
    323 	bss->eap_server = 1;
    324 
    325 	if (!ssid->ignore_broadcast_ssid)
    326 		bss->wps_state = 2;
    327 
    328 	bss->ap_setup_locked = 2;
    329 	if (wpa_s->conf->config_methods)
    330 		bss->config_methods = os_strdup(wpa_s->conf->config_methods);
    331 	os_memcpy(bss->device_type, wpa_s->conf->device_type,
    332 		  WPS_DEV_TYPE_LEN);
    333 	if (wpa_s->conf->device_name) {
    334 		bss->device_name = os_strdup(wpa_s->conf->device_name);
    335 		bss->friendly_name = os_strdup(wpa_s->conf->device_name);
    336 	}
    337 	if (wpa_s->conf->manufacturer)
    338 		bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
    339 	if (wpa_s->conf->model_name)
    340 		bss->model_name = os_strdup(wpa_s->conf->model_name);
    341 	if (wpa_s->conf->model_number)
    342 		bss->model_number = os_strdup(wpa_s->conf->model_number);
    343 	if (wpa_s->conf->serial_number)
    344 		bss->serial_number = os_strdup(wpa_s->conf->serial_number);
    345 	if (is_nil_uuid(wpa_s->conf->uuid))
    346 		os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
    347 	else
    348 		os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
    349 	os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
    350 	bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
    351 no_wps:
    352 #endif /* CONFIG_WPS */
    353 
    354 	if (wpa_s->max_stations &&
    355 	    wpa_s->max_stations < wpa_s->conf->max_num_sta)
    356 		bss->max_num_sta = wpa_s->max_stations;
    357 	else
    358 		bss->max_num_sta = wpa_s->conf->max_num_sta;
    359 
    360 	bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
    361 
    362 	if (wpa_s->conf->ap_vendor_elements) {
    363 		bss->vendor_elements =
    364 			wpabuf_dup(wpa_s->conf->ap_vendor_elements);
    365 	}
    366 
    367 	return 0;
    368 }
    369 
    370 
    371 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
    372 {
    373 #ifdef CONFIG_P2P
    374 	struct wpa_supplicant *wpa_s = ctx;
    375 	const struct ieee80211_mgmt *mgmt;
    376 
    377 	mgmt = (const struct ieee80211_mgmt *) buf;
    378 	if (len < IEEE80211_HDRLEN + 1)
    379 		return;
    380 	if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
    381 		return;
    382 	wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
    383 			   mgmt->u.action.category,
    384 			   buf + IEEE80211_HDRLEN + 1,
    385 			   len - IEEE80211_HDRLEN - 1, freq);
    386 #endif /* CONFIG_P2P */
    387 }
    388 
    389 
    390 static void ap_wps_event_cb(void *ctx, enum wps_event event,
    391 			    union wps_event_data *data)
    392 {
    393 #ifdef CONFIG_P2P
    394 	struct wpa_supplicant *wpa_s = ctx;
    395 
    396 	if (event == WPS_EV_FAIL) {
    397 		struct wps_event_fail *fail = &data->fail;
    398 
    399 		if (wpa_s->parent && wpa_s->parent != wpa_s &&
    400 		    wpa_s == wpa_s->global->p2p_group_formation) {
    401 			/*
    402 			 * src/ap/wps_hostapd.c has already sent this on the
    403 			 * main interface, so only send on the parent interface
    404 			 * here if needed.
    405 			 */
    406 			wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
    407 				"msg=%d config_error=%d",
    408 				fail->msg, fail->config_error);
    409 		}
    410 		wpas_p2p_wps_failed(wpa_s, fail);
    411 	}
    412 #endif /* CONFIG_P2P */
    413 }
    414 
    415 
    416 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
    417 				 int authorized, const u8 *p2p_dev_addr)
    418 {
    419 	wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
    420 }
    421 
    422 
    423 #ifdef CONFIG_P2P
    424 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
    425 			  const u8 *psk, size_t psk_len)
    426 {
    427 
    428 	struct wpa_supplicant *wpa_s = ctx;
    429 	if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
    430 		return;
    431 	wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
    432 }
    433 #endif /* CONFIG_P2P */
    434 
    435 
    436 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
    437 {
    438 #ifdef CONFIG_P2P
    439 	struct wpa_supplicant *wpa_s = ctx;
    440 	const struct ieee80211_mgmt *mgmt;
    441 
    442 	mgmt = (const struct ieee80211_mgmt *) buf;
    443 	if (len < IEEE80211_HDRLEN + 1)
    444 		return -1;
    445 	wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
    446 			   mgmt->u.action.category,
    447 			   buf + IEEE80211_HDRLEN + 1,
    448 			   len - IEEE80211_HDRLEN - 1, freq);
    449 #endif /* CONFIG_P2P */
    450 	return 0;
    451 }
    452 
    453 
    454 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
    455 			   const u8 *bssid, const u8 *ie, size_t ie_len,
    456 			   int ssi_signal)
    457 {
    458 	struct wpa_supplicant *wpa_s = ctx;
    459 	return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
    460 				     ssi_signal);
    461 }
    462 
    463 
    464 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
    465 				  const u8 *uuid_e)
    466 {
    467 	struct wpa_supplicant *wpa_s = ctx;
    468 	wpas_p2p_wps_success(wpa_s, mac_addr, 1);
    469 }
    470 
    471 
    472 static void wpas_ap_configured_cb(void *ctx)
    473 {
    474 	struct wpa_supplicant *wpa_s = ctx;
    475 
    476 	wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
    477 
    478 	if (wpa_s->ap_configured_cb)
    479 		wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
    480 					wpa_s->ap_configured_cb_data);
    481 }
    482 
    483 
    484 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
    485 			     struct wpa_ssid *ssid)
    486 {
    487 	struct wpa_driver_associate_params params;
    488 	struct hostapd_iface *hapd_iface;
    489 	struct hostapd_config *conf;
    490 	size_t i;
    491 
    492 	if (ssid->ssid == NULL || ssid->ssid_len == 0) {
    493 		wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
    494 		return -1;
    495 	}
    496 
    497 	wpa_supplicant_ap_deinit(wpa_s);
    498 
    499 	wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
    500 		   wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
    501 
    502 	os_memset(&params, 0, sizeof(params));
    503 	params.ssid = ssid->ssid;
    504 	params.ssid_len = ssid->ssid_len;
    505 	switch (ssid->mode) {
    506 	case WPAS_MODE_AP:
    507 	case WPAS_MODE_P2P_GO:
    508 	case WPAS_MODE_P2P_GROUP_FORMATION:
    509 		params.mode = IEEE80211_MODE_AP;
    510 		break;
    511 	default:
    512 		return -1;
    513 	}
    514 	if (ssid->frequency == 0)
    515 		ssid->frequency = 2462; /* default channel 11 */
    516 	params.freq = ssid->frequency;
    517 
    518 	params.wpa_proto = ssid->proto;
    519 	if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
    520 		wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
    521 	else
    522 		wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
    523 	params.key_mgmt_suite = wpa_s->key_mgmt;
    524 
    525 	wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
    526 							  1);
    527 	if (wpa_s->pairwise_cipher < 0) {
    528 		wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
    529 			   "cipher.");
    530 		return -1;
    531 	}
    532 	params.pairwise_suite = wpa_s->pairwise_cipher;
    533 	params.group_suite = params.pairwise_suite;
    534 
    535 #ifdef CONFIG_P2P
    536 	if (ssid->mode == WPAS_MODE_P2P_GO ||
    537 	    ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
    538 		params.p2p = 1;
    539 #endif /* CONFIG_P2P */
    540 
    541 	if (wpa_s->parent->set_ap_uapsd)
    542 		params.uapsd = wpa_s->parent->ap_uapsd;
    543 	else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
    544 		params.uapsd = 1; /* mandatory for P2P GO */
    545 	else
    546 		params.uapsd = -1;
    547 
    548 	if (wpa_drv_associate(wpa_s, &params) < 0) {
    549 		wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
    550 		return -1;
    551 	}
    552 
    553 	wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
    554 	if (hapd_iface == NULL)
    555 		return -1;
    556 	hapd_iface->owner = wpa_s;
    557 	hapd_iface->drv_flags = wpa_s->drv_flags;
    558 	hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
    559 	hapd_iface->extended_capa = wpa_s->extended_capa;
    560 	hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
    561 	hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
    562 
    563 	wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
    564 	if (conf == NULL) {
    565 		wpa_supplicant_ap_deinit(wpa_s);
    566 		return -1;
    567 	}
    568 
    569 	os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
    570 		  wpa_s->conf->wmm_ac_params,
    571 		  sizeof(wpa_s->conf->wmm_ac_params));
    572 
    573 	if (params.uapsd > 0) {
    574 		conf->bss[0]->wmm_enabled = 1;
    575 		conf->bss[0]->wmm_uapsd = 1;
    576 	}
    577 
    578 	if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
    579 		wpa_printf(MSG_ERROR, "Failed to create AP configuration");
    580 		wpa_supplicant_ap_deinit(wpa_s);
    581 		return -1;
    582 	}
    583 
    584 #ifdef CONFIG_P2P
    585 	if (ssid->mode == WPAS_MODE_P2P_GO)
    586 		conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
    587 	else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
    588 		conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
    589 			P2P_GROUP_FORMATION;
    590 #endif /* CONFIG_P2P */
    591 
    592 	hapd_iface->num_bss = conf->num_bss;
    593 	hapd_iface->bss = os_calloc(conf->num_bss,
    594 				    sizeof(struct hostapd_data *));
    595 	if (hapd_iface->bss == NULL) {
    596 		wpa_supplicant_ap_deinit(wpa_s);
    597 		return -1;
    598 	}
    599 
    600 	for (i = 0; i < conf->num_bss; i++) {
    601 		hapd_iface->bss[i] =
    602 			hostapd_alloc_bss_data(hapd_iface, conf,
    603 					       conf->bss[i]);
    604 		if (hapd_iface->bss[i] == NULL) {
    605 			wpa_supplicant_ap_deinit(wpa_s);
    606 			return -1;
    607 		}
    608 
    609 		hapd_iface->bss[i]->msg_ctx = wpa_s;
    610 		hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent;
    611 		hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
    612 		hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
    613 		hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
    614 		hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
    615 		hostapd_register_probereq_cb(hapd_iface->bss[i],
    616 					     ap_probe_req_rx, wpa_s);
    617 		hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
    618 		hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
    619 		hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
    620 		hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
    621 		hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
    622 		hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
    623 #ifdef CONFIG_P2P
    624 		hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
    625 		hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
    626 		hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
    627 		hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
    628 								    ssid);
    629 #endif /* CONFIG_P2P */
    630 		hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
    631 		hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
    632 	}
    633 
    634 	os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
    635 	hapd_iface->bss[0]->driver = wpa_s->driver;
    636 	hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
    637 
    638 	wpa_s->current_ssid = ssid;
    639 	eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
    640 	os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
    641 	wpa_s->assoc_freq = ssid->frequency;
    642 
    643 	if (hostapd_setup_interface(wpa_s->ap_iface)) {
    644 		wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
    645 		wpa_supplicant_ap_deinit(wpa_s);
    646 		return -1;
    647 	}
    648 
    649 	return 0;
    650 }
    651 
    652 
    653 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
    654 {
    655 #ifdef CONFIG_WPS
    656 	eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
    657 #endif /* CONFIG_WPS */
    658 
    659 	if (wpa_s->ap_iface == NULL)
    660 		return;
    661 
    662 	wpa_s->current_ssid = NULL;
    663 	eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
    664 	wpa_s->assoc_freq = 0;
    665 	wpas_p2p_ap_deinit(wpa_s);
    666 	wpa_s->ap_iface->driver_ap_teardown =
    667 		!!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
    668 
    669 	hostapd_interface_deinit(wpa_s->ap_iface);
    670 	hostapd_interface_free(wpa_s->ap_iface);
    671 	wpa_s->ap_iface = NULL;
    672 	wpa_drv_deinit_ap(wpa_s);
    673 }
    674 
    675 
    676 void ap_tx_status(void *ctx, const u8 *addr,
    677 		  const u8 *buf, size_t len, int ack)
    678 {
    679 #ifdef NEED_AP_MLME
    680 	struct wpa_supplicant *wpa_s = ctx;
    681 	hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
    682 #endif /* NEED_AP_MLME */
    683 }
    684 
    685 
    686 void ap_eapol_tx_status(void *ctx, const u8 *dst,
    687 			const u8 *data, size_t len, int ack)
    688 {
    689 #ifdef NEED_AP_MLME
    690 	struct wpa_supplicant *wpa_s = ctx;
    691 	if (!wpa_s->ap_iface)
    692 		return;
    693 	hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
    694 #endif /* NEED_AP_MLME */
    695 }
    696 
    697 
    698 void ap_client_poll_ok(void *ctx, const u8 *addr)
    699 {
    700 #ifdef NEED_AP_MLME
    701 	struct wpa_supplicant *wpa_s = ctx;
    702 	if (wpa_s->ap_iface)
    703 		hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
    704 #endif /* NEED_AP_MLME */
    705 }
    706 
    707 
    708 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
    709 {
    710 #ifdef NEED_AP_MLME
    711 	struct wpa_supplicant *wpa_s = ctx;
    712 	ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
    713 #endif /* NEED_AP_MLME */
    714 }
    715 
    716 
    717 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
    718 {
    719 #ifdef NEED_AP_MLME
    720 	struct wpa_supplicant *wpa_s = ctx;
    721 	struct hostapd_frame_info fi;
    722 	os_memset(&fi, 0, sizeof(fi));
    723 	fi.datarate = rx_mgmt->datarate;
    724 	fi.ssi_signal = rx_mgmt->ssi_signal;
    725 	ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
    726 			rx_mgmt->frame_len, &fi);
    727 #endif /* NEED_AP_MLME */
    728 }
    729 
    730 
    731 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
    732 {
    733 #ifdef NEED_AP_MLME
    734 	struct wpa_supplicant *wpa_s = ctx;
    735 	ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
    736 #endif /* NEED_AP_MLME */
    737 }
    738 
    739 
    740 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
    741 				const u8 *src_addr, const u8 *buf, size_t len)
    742 {
    743 	ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
    744 }
    745 
    746 
    747 #ifdef CONFIG_WPS
    748 
    749 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
    750 			      const u8 *p2p_dev_addr)
    751 {
    752 	if (!wpa_s->ap_iface)
    753 		return -1;
    754 	return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
    755 					 p2p_dev_addr);
    756 }
    757 
    758 
    759 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
    760 {
    761 	struct wps_registrar *reg;
    762 	int reg_sel = 0, wps_sta = 0;
    763 
    764 	if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
    765 		return -1;
    766 
    767 	reg = wpa_s->ap_iface->bss[0]->wps->registrar;
    768 	reg_sel = wps_registrar_wps_cancel(reg);
    769 	wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
    770 				  ap_sta_wps_cancel, NULL);
    771 
    772 	if (!reg_sel && !wps_sta) {
    773 		wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
    774 			   "time");
    775 		return -1;
    776 	}
    777 
    778 	/*
    779 	 * There are 2 cases to return wps cancel as success:
    780 	 * 1. When wps cancel was initiated but no connection has been
    781 	 *    established with client yet.
    782 	 * 2. Client is in the middle of exchanging WPS messages.
    783 	 */
    784 
    785 	return 0;
    786 }
    787 
    788 
    789 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
    790 			      const char *pin, char *buf, size_t buflen,
    791 			      int timeout)
    792 {
    793 	int ret, ret_len = 0;
    794 
    795 	if (!wpa_s->ap_iface)
    796 		return -1;
    797 
    798 	if (pin == NULL) {
    799 		unsigned int rpin = wps_generate_pin();
    800 		ret_len = os_snprintf(buf, buflen, "%08d", rpin);
    801 		pin = buf;
    802 	} else
    803 		ret_len = os_snprintf(buf, buflen, "%s", pin);
    804 
    805 	ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
    806 				  timeout);
    807 	if (ret)
    808 		return -1;
    809 	return ret_len;
    810 }
    811 
    812 
    813 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
    814 {
    815 	struct wpa_supplicant *wpa_s = eloop_data;
    816 	wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
    817 	wpas_wps_ap_pin_disable(wpa_s);
    818 }
    819 
    820 
    821 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
    822 {
    823 	struct hostapd_data *hapd;
    824 
    825 	if (wpa_s->ap_iface == NULL)
    826 		return;
    827 	hapd = wpa_s->ap_iface->bss[0];
    828 	wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
    829 	hapd->ap_pin_failures = 0;
    830 	eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
    831 	if (timeout > 0)
    832 		eloop_register_timeout(timeout, 0,
    833 				       wpas_wps_ap_pin_timeout, wpa_s, NULL);
    834 }
    835 
    836 
    837 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
    838 {
    839 	struct hostapd_data *hapd;
    840 
    841 	if (wpa_s->ap_iface == NULL)
    842 		return;
    843 	wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
    844 	hapd = wpa_s->ap_iface->bss[0];
    845 	os_free(hapd->conf->ap_pin);
    846 	hapd->conf->ap_pin = NULL;
    847 	eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
    848 }
    849 
    850 
    851 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
    852 {
    853 	struct hostapd_data *hapd;
    854 	unsigned int pin;
    855 	char pin_txt[9];
    856 
    857 	if (wpa_s->ap_iface == NULL)
    858 		return NULL;
    859 	hapd = wpa_s->ap_iface->bss[0];
    860 	pin = wps_generate_pin();
    861 	os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
    862 	os_free(hapd->conf->ap_pin);
    863 	hapd->conf->ap_pin = os_strdup(pin_txt);
    864 	if (hapd->conf->ap_pin == NULL)
    865 		return NULL;
    866 	wpas_wps_ap_pin_enable(wpa_s, timeout);
    867 
    868 	return hapd->conf->ap_pin;
    869 }
    870 
    871 
    872 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
    873 {
    874 	struct hostapd_data *hapd;
    875 	if (wpa_s->ap_iface == NULL)
    876 		return NULL;
    877 	hapd = wpa_s->ap_iface->bss[0];
    878 	return hapd->conf->ap_pin;
    879 }
    880 
    881 
    882 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
    883 			int timeout)
    884 {
    885 	struct hostapd_data *hapd;
    886 	char pin_txt[9];
    887 	int ret;
    888 
    889 	if (wpa_s->ap_iface == NULL)
    890 		return -1;
    891 	hapd = wpa_s->ap_iface->bss[0];
    892 	ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
    893 	if (ret < 0 || ret >= (int) sizeof(pin_txt))
    894 		return -1;
    895 	os_free(hapd->conf->ap_pin);
    896 	hapd->conf->ap_pin = os_strdup(pin_txt);
    897 	if (hapd->conf->ap_pin == NULL)
    898 		return -1;
    899 	wpas_wps_ap_pin_enable(wpa_s, timeout);
    900 
    901 	return 0;
    902 }
    903 
    904 
    905 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
    906 {
    907 	struct hostapd_data *hapd;
    908 
    909 	if (wpa_s->ap_iface == NULL)
    910 		return;
    911 	hapd = wpa_s->ap_iface->bss[0];
    912 
    913 	/*
    914 	 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
    915 	 * PIN if this happens multiple times to slow down brute force attacks.
    916 	 */
    917 	hapd->ap_pin_failures++;
    918 	wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
    919 		   hapd->ap_pin_failures);
    920 	if (hapd->ap_pin_failures < 3)
    921 		return;
    922 
    923 	wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
    924 	hapd->ap_pin_failures = 0;
    925 	os_free(hapd->conf->ap_pin);
    926 	hapd->conf->ap_pin = NULL;
    927 }
    928 
    929 
    930 #ifdef CONFIG_WPS_NFC
    931 
    932 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
    933 					     int ndef)
    934 {
    935 	struct hostapd_data *hapd;
    936 
    937 	if (wpa_s->ap_iface == NULL)
    938 		return NULL;
    939 	hapd = wpa_s->ap_iface->bss[0];
    940 	return hostapd_wps_nfc_config_token(hapd, ndef);
    941 }
    942 
    943 
    944 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
    945 					     int ndef)
    946 {
    947 	struct hostapd_data *hapd;
    948 
    949 	if (wpa_s->ap_iface == NULL)
    950 		return NULL;
    951 	hapd = wpa_s->ap_iface->bss[0];
    952 	return hostapd_wps_nfc_hs_cr(hapd, ndef);
    953 }
    954 
    955 
    956 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
    957 				    const struct wpabuf *req,
    958 				    const struct wpabuf *sel)
    959 {
    960 	struct hostapd_data *hapd;
    961 
    962 	if (wpa_s->ap_iface == NULL)
    963 		return -1;
    964 	hapd = wpa_s->ap_iface->bss[0];
    965 	return hostapd_wps_nfc_report_handover(hapd, req, sel);
    966 }
    967 
    968 #endif /* CONFIG_WPS_NFC */
    969 
    970 #endif /* CONFIG_WPS */
    971 
    972 
    973 #ifdef CONFIG_CTRL_IFACE
    974 
    975 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
    976 			    char *buf, size_t buflen)
    977 {
    978 	if (wpa_s->ap_iface == NULL)
    979 		return -1;
    980 	return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0],
    981 					    buf, buflen);
    982 }
    983 
    984 
    985 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
    986 		      char *buf, size_t buflen)
    987 {
    988 	if (wpa_s->ap_iface == NULL)
    989 		return -1;
    990 	return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr,
    991 				      buf, buflen);
    992 }
    993 
    994 
    995 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
    996 			   char *buf, size_t buflen)
    997 {
    998 	if (wpa_s->ap_iface == NULL)
    999 		return -1;
   1000 	return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr,
   1001 					   buf, buflen);
   1002 }
   1003 
   1004 
   1005 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
   1006 				   const char *txtaddr)
   1007 {
   1008 	if (wpa_s->ap_iface == NULL)
   1009 		return -1;
   1010 	return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
   1011 					       txtaddr);
   1012 }
   1013 
   1014 
   1015 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
   1016 				     const char *txtaddr)
   1017 {
   1018 	if (wpa_s->ap_iface == NULL)
   1019 		return -1;
   1020 	return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
   1021 						 txtaddr);
   1022 }
   1023 
   1024 
   1025 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
   1026 				 size_t buflen, int verbose)
   1027 {
   1028 	char *pos = buf, *end = buf + buflen;
   1029 	int ret;
   1030 	struct hostapd_bss_config *conf;
   1031 
   1032 	if (wpa_s->ap_iface == NULL)
   1033 		return -1;
   1034 
   1035 	conf = wpa_s->ap_iface->bss[0]->conf;
   1036 	if (conf->wpa == 0)
   1037 		return 0;
   1038 
   1039 	ret = os_snprintf(pos, end - pos,
   1040 			  "pairwise_cipher=%s\n"
   1041 			  "group_cipher=%s\n"
   1042 			  "key_mgmt=%s\n",
   1043 			  wpa_cipher_txt(conf->rsn_pairwise),
   1044 			  wpa_cipher_txt(conf->wpa_group),
   1045 			  wpa_key_mgmt_txt(conf->wpa_key_mgmt,
   1046 					   conf->wpa));
   1047 	if (ret < 0 || ret >= end - pos)
   1048 		return pos - buf;
   1049 	pos += ret;
   1050 	return pos - buf;
   1051 }
   1052 
   1053 #endif /* CONFIG_CTRL_IFACE */
   1054 
   1055 
   1056 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
   1057 {
   1058 	struct hostapd_iface *iface = wpa_s->ap_iface;
   1059 	struct wpa_ssid *ssid = wpa_s->current_ssid;
   1060 	struct hostapd_data *hapd;
   1061 
   1062 	if (ssid == NULL || wpa_s->ap_iface == NULL ||
   1063 	    ssid->mode == WPAS_MODE_INFRA ||
   1064 	    ssid->mode == WPAS_MODE_IBSS)
   1065 		return -1;
   1066 
   1067 #ifdef CONFIG_P2P
   1068 	if (ssid->mode == WPAS_MODE_P2P_GO)
   1069 		iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
   1070 	else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
   1071 		iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
   1072 			P2P_GROUP_FORMATION;
   1073 #endif /* CONFIG_P2P */
   1074 
   1075 	hapd = iface->bss[0];
   1076 	if (hapd->drv_priv == NULL)
   1077 		return -1;
   1078 	ieee802_11_set_beacons(iface);
   1079 	hostapd_set_ap_wps_ie(hapd);
   1080 
   1081 	return 0;
   1082 }
   1083 
   1084 
   1085 int ap_switch_channel(struct wpa_supplicant *wpa_s,
   1086 		      struct csa_settings *settings)
   1087 {
   1088 #ifdef NEED_AP_MLME
   1089 	if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
   1090 		return -1;
   1091 
   1092 	return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings);
   1093 #else /* NEED_AP_MLME */
   1094 	return -1;
   1095 #endif /* NEED_AP_MLME */
   1096 }
   1097 
   1098 
   1099 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
   1100 {
   1101 	struct csa_settings settings;
   1102 	int ret = hostapd_parse_csa_settings(pos, &settings);
   1103 
   1104 	if (ret)
   1105 		return ret;
   1106 
   1107 	return ap_switch_channel(wpa_s, &settings);
   1108 }
   1109 
   1110 
   1111 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
   1112 		       int offset, int width, int cf1, int cf2)
   1113 {
   1114 	if (!wpa_s->ap_iface)
   1115 		return;
   1116 
   1117 	wpa_s->assoc_freq = freq;
   1118 	hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset, width, cf1, cf1);
   1119 }
   1120 
   1121 
   1122 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
   1123 				      const u8 *addr)
   1124 {
   1125 	struct hostapd_data *hapd;
   1126 	struct hostapd_bss_config *conf;
   1127 
   1128 	if (!wpa_s->ap_iface)
   1129 		return -1;
   1130 
   1131 	if (addr)
   1132 		wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
   1133 			   MAC2STR(addr));
   1134 	else
   1135 		wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
   1136 
   1137 	hapd = wpa_s->ap_iface->bss[0];
   1138 	conf = hapd->conf;
   1139 
   1140 	os_free(conf->accept_mac);
   1141 	conf->accept_mac = NULL;
   1142 	conf->num_accept_mac = 0;
   1143 	os_free(conf->deny_mac);
   1144 	conf->deny_mac = NULL;
   1145 	conf->num_deny_mac = 0;
   1146 
   1147 	if (addr == NULL) {
   1148 		conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
   1149 		return 0;
   1150 	}
   1151 
   1152 	conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
   1153 	conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
   1154 	if (conf->accept_mac == NULL)
   1155 		return -1;
   1156 	os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
   1157 	conf->num_accept_mac = 1;
   1158 
   1159 	return 0;
   1160 }
   1161 
   1162 
   1163 #ifdef CONFIG_WPS_NFC
   1164 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
   1165 			   const struct wpabuf *pw, const u8 *pubkey_hash)
   1166 {
   1167 	struct hostapd_data *hapd;
   1168 	struct wps_context *wps;
   1169 
   1170 	if (!wpa_s->ap_iface)
   1171 		return -1;
   1172 	hapd = wpa_s->ap_iface->bss[0];
   1173 	wps = hapd->wps;
   1174 
   1175 	if (wpa_s->parent->conf->wps_nfc_dh_pubkey == NULL ||
   1176 	    wpa_s->parent->conf->wps_nfc_dh_privkey == NULL) {
   1177 		wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
   1178 		return -1;
   1179 	}
   1180 
   1181 	dh5_free(wps->dh_ctx);
   1182 	wpabuf_free(wps->dh_pubkey);
   1183 	wpabuf_free(wps->dh_privkey);
   1184 	wps->dh_privkey = wpabuf_dup(
   1185 		wpa_s->parent->conf->wps_nfc_dh_privkey);
   1186 	wps->dh_pubkey = wpabuf_dup(
   1187 		wpa_s->parent->conf->wps_nfc_dh_pubkey);
   1188 	if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
   1189 		wps->dh_ctx = NULL;
   1190 		wpabuf_free(wps->dh_pubkey);
   1191 		wps->dh_pubkey = NULL;
   1192 		wpabuf_free(wps->dh_privkey);
   1193 		wps->dh_privkey = NULL;
   1194 		return -1;
   1195 	}
   1196 	wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
   1197 	if (wps->dh_ctx == NULL)
   1198 		return -1;
   1199 
   1200 	return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
   1201 					      pw_id,
   1202 					      pw ? wpabuf_head(pw) : NULL,
   1203 					      pw ? wpabuf_len(pw) : 0, 1);
   1204 }
   1205 #endif /* CONFIG_WPS_NFC */
   1206