1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j (at) w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/uuid.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/wpa_ctrl.h" 17 #include "eapol_supp/eapol_supp_sm.h" 18 #include "crypto/dh_group5.h" 19 #include "ap/hostapd.h" 20 #include "ap/ap_config.h" 21 #include "ap/ap_drv_ops.h" 22 #ifdef NEED_AP_MLME 23 #include "ap/ieee802_11.h" 24 #endif /* NEED_AP_MLME */ 25 #include "ap/beacon.h" 26 #include "ap/ieee802_1x.h" 27 #include "ap/wps_hostapd.h" 28 #include "ap/ctrl_iface_ap.h" 29 #include "ap/dfs.h" 30 #include "wps/wps.h" 31 #include "common/ieee802_11_defs.h" 32 #include "config_ssid.h" 33 #include "config.h" 34 #include "wpa_supplicant_i.h" 35 #include "driver_i.h" 36 #include "p2p_supplicant.h" 37 #include "ap.h" 38 #include "ap/sta_info.h" 39 #include "notify.h" 40 41 42 #ifdef CONFIG_WPS 43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 44 #endif /* CONFIG_WPS */ 45 46 47 #ifdef CONFIG_IEEE80211N 48 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, 49 struct hostapd_config *conf, 50 struct hostapd_hw_modes *mode) 51 { 52 #ifdef CONFIG_P2P 53 u8 center_chan = 0; 54 u8 channel = conf->channel; 55 56 if (!conf->secondary_channel) 57 goto no_vht; 58 59 switch (conf->vht_oper_chwidth) { 60 case VHT_CHANWIDTH_80MHZ: 61 case VHT_CHANWIDTH_80P80MHZ: 62 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); 63 break; 64 case VHT_CHANWIDTH_160MHZ: 65 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 66 break; 67 default: 68 /* 69 * conf->vht_oper_chwidth might not be set for non-P2P GO cases, 70 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is 71 * not supported. 72 */ 73 conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ; 74 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 75 if (!center_chan) { 76 conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ; 77 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, 78 channel); 79 } 80 break; 81 } 82 if (!center_chan) 83 goto no_vht; 84 85 conf->vht_oper_centr_freq_seg0_idx = center_chan; 86 return; 87 88 no_vht: 89 conf->vht_oper_centr_freq_seg0_idx = 90 channel + conf->secondary_channel * 2; 91 #else /* CONFIG_P2P */ 92 conf->vht_oper_centr_freq_seg0_idx = 93 conf->channel + conf->secondary_channel * 2; 94 #endif /* CONFIG_P2P */ 95 conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT; 96 } 97 #endif /* CONFIG_IEEE80211N */ 98 99 100 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, 101 struct wpa_ssid *ssid, 102 struct hostapd_config *conf) 103 { 104 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 105 &conf->channel); 106 107 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 108 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 109 ssid->frequency); 110 return -1; 111 } 112 113 /* TODO: enable HT40 if driver supports it; 114 * drop to 11b if driver does not support 11g */ 115 116 #ifdef CONFIG_IEEE80211N 117 /* 118 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 119 * and a mask of allowed capabilities within conf->ht_capab. 120 * Using default config settings for: conf->ht_op_mode_fixed, 121 * conf->secondary_channel, conf->require_ht 122 */ 123 if (wpa_s->hw.modes) { 124 struct hostapd_hw_modes *mode = NULL; 125 int i, no_ht = 0; 126 for (i = 0; i < wpa_s->hw.num_modes; i++) { 127 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 128 mode = &wpa_s->hw.modes[i]; 129 break; 130 } 131 } 132 133 #ifdef CONFIG_HT_OVERRIDES 134 if (ssid->disable_ht) { 135 conf->ieee80211n = 0; 136 conf->ht_capab = 0; 137 no_ht = 1; 138 } 139 #endif /* CONFIG_HT_OVERRIDES */ 140 141 if (!no_ht && mode && mode->ht_capab) { 142 conf->ieee80211n = 1; 143 #ifdef CONFIG_P2P 144 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 145 (mode->ht_capab & 146 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 147 ssid->ht40) 148 conf->secondary_channel = 149 wpas_p2p_get_ht40_mode(wpa_s, mode, 150 conf->channel); 151 if (conf->secondary_channel) 152 conf->ht_capab |= 153 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 154 #endif /* CONFIG_P2P */ 155 156 /* 157 * white-list capabilities that won't cause issues 158 * to connecting stations, while leaving the current 159 * capabilities intact (currently disabled SMPS). 160 */ 161 conf->ht_capab |= mode->ht_capab & 162 (HT_CAP_INFO_GREEN_FIELD | 163 HT_CAP_INFO_SHORT_GI20MHZ | 164 HT_CAP_INFO_SHORT_GI40MHZ | 165 HT_CAP_INFO_RX_STBC_MASK | 166 HT_CAP_INFO_TX_STBC | 167 HT_CAP_INFO_MAX_AMSDU_SIZE); 168 169 if (mode->vht_capab && ssid->vht) { 170 conf->ieee80211ac = 1; 171 wpas_conf_ap_vht(wpa_s, conf, mode); 172 } 173 } 174 } 175 176 if (conf->secondary_channel) { 177 struct wpa_supplicant *iface; 178 179 for (iface = wpa_s->global->ifaces; iface; iface = iface->next) 180 { 181 if (iface == wpa_s || 182 iface->wpa_state < WPA_AUTHENTICATING || 183 (int) iface->assoc_freq != ssid->frequency) 184 continue; 185 186 /* 187 * Do not allow 40 MHz co-ex PRI/SEC switch to force us 188 * to change our PRI channel since we have an existing, 189 * concurrent connection on that channel and doing 190 * multi-channel concurrency is likely to cause more 191 * harm than using different PRI/SEC selection in 192 * environment with multiple BSSes on these two channels 193 * with mixed 20 MHz or PRI channel selection. 194 */ 195 conf->no_pri_sec_switch = 1; 196 } 197 } 198 #endif /* CONFIG_IEEE80211N */ 199 200 return 0; 201 } 202 203 204 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 205 struct wpa_ssid *ssid, 206 struct hostapd_config *conf) 207 { 208 struct hostapd_bss_config *bss = conf->bss[0]; 209 210 conf->driver = wpa_s->driver; 211 212 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 213 214 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf)) 215 return -1; 216 217 #ifdef CONFIG_ACS 218 if (ssid->acs) { 219 /* Setting channel to 0 in order to enable ACS */ 220 conf->channel = 0; 221 wpa_printf(MSG_DEBUG, "Use automatic channel selection"); 222 } 223 #endif /* CONFIG_ACS */ 224 225 if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) { 226 conf->ieee80211h = 1; 227 conf->ieee80211d = 1; 228 conf->country[0] = wpa_s->conf->country[0]; 229 conf->country[1] = wpa_s->conf->country[1]; 230 } 231 232 #ifdef CONFIG_P2P 233 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 234 (ssid->mode == WPAS_MODE_P2P_GO || 235 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 236 /* Remove 802.11b rates from supported and basic rate sets */ 237 int *list = os_malloc(4 * sizeof(int)); 238 if (list) { 239 list[0] = 60; 240 list[1] = 120; 241 list[2] = 240; 242 list[3] = -1; 243 } 244 conf->basic_rates = list; 245 246 list = os_malloc(9 * sizeof(int)); 247 if (list) { 248 list[0] = 60; 249 list[1] = 90; 250 list[2] = 120; 251 list[3] = 180; 252 list[4] = 240; 253 list[5] = 360; 254 list[6] = 480; 255 list[7] = 540; 256 list[8] = -1; 257 } 258 conf->supported_rates = list; 259 } 260 261 bss->isolate = !wpa_s->conf->p2p_intra_bss; 262 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 263 264 if (ssid->p2p_group) { 265 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4); 266 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask, 267 4); 268 os_memcpy(bss->ip_addr_start, 269 wpa_s->p2pdev->conf->ip_addr_start, 4); 270 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end, 271 4); 272 } 273 #endif /* CONFIG_P2P */ 274 275 if (ssid->ssid_len == 0) { 276 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 277 return -1; 278 } 279 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 280 bss->ssid.ssid_len = ssid->ssid_len; 281 bss->ssid.ssid_set = 1; 282 283 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 284 285 if (ssid->auth_alg) 286 bss->auth_algs = ssid->auth_alg; 287 288 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 289 bss->wpa = ssid->proto; 290 bss->wpa_key_mgmt = ssid->key_mgmt; 291 bss->wpa_pairwise = ssid->pairwise_cipher; 292 if (ssid->psk_set) { 293 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk)); 294 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 295 if (bss->ssid.wpa_psk == NULL) 296 return -1; 297 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 298 bss->ssid.wpa_psk->group = 1; 299 } else if (ssid->passphrase) { 300 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 301 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 302 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 303 struct hostapd_wep_keys *wep = &bss->ssid.wep; 304 int i; 305 for (i = 0; i < NUM_WEP_KEYS; i++) { 306 if (ssid->wep_key_len[i] == 0) 307 continue; 308 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 309 if (wep->key[i] == NULL) 310 return -1; 311 os_memcpy(wep->key[i], ssid->wep_key[i], 312 ssid->wep_key_len[i]); 313 wep->len[i] = ssid->wep_key_len[i]; 314 } 315 wep->idx = ssid->wep_tx_keyidx; 316 wep->keys_set = 1; 317 } 318 319 if (ssid->ap_max_inactivity) 320 bss->ap_max_inactivity = ssid->ap_max_inactivity; 321 322 if (ssid->dtim_period) 323 bss->dtim_period = ssid->dtim_period; 324 else if (wpa_s->conf->dtim_period) 325 bss->dtim_period = wpa_s->conf->dtim_period; 326 327 if (ssid->beacon_int) 328 conf->beacon_int = ssid->beacon_int; 329 else if (wpa_s->conf->beacon_int) 330 conf->beacon_int = wpa_s->conf->beacon_int; 331 332 #ifdef CONFIG_P2P 333 if (ssid->mode == WPAS_MODE_P2P_GO || 334 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 335 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) { 336 wpa_printf(MSG_INFO, 337 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it", 338 wpa_s->conf->p2p_go_ctwindow, 339 conf->beacon_int); 340 conf->p2p_go_ctwindow = 0; 341 } else { 342 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow; 343 } 344 } 345 #endif /* CONFIG_P2P */ 346 347 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 348 bss->rsn_pairwise = bss->wpa_pairwise; 349 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 350 bss->rsn_pairwise); 351 352 if (bss->wpa && bss->ieee802_1x) 353 bss->ssid.security_policy = SECURITY_WPA; 354 else if (bss->wpa) 355 bss->ssid.security_policy = SECURITY_WPA_PSK; 356 else if (bss->ieee802_1x) { 357 int cipher = WPA_CIPHER_NONE; 358 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 359 bss->ssid.wep.default_len = bss->default_wep_key_len; 360 if (bss->default_wep_key_len) 361 cipher = bss->default_wep_key_len >= 13 ? 362 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 363 bss->wpa_group = cipher; 364 bss->wpa_pairwise = cipher; 365 bss->rsn_pairwise = cipher; 366 } else if (bss->ssid.wep.keys_set) { 367 int cipher = WPA_CIPHER_WEP40; 368 if (bss->ssid.wep.len[0] >= 13) 369 cipher = WPA_CIPHER_WEP104; 370 bss->ssid.security_policy = SECURITY_STATIC_WEP; 371 bss->wpa_group = cipher; 372 bss->wpa_pairwise = cipher; 373 bss->rsn_pairwise = cipher; 374 } else { 375 bss->ssid.security_policy = SECURITY_PLAINTEXT; 376 bss->wpa_group = WPA_CIPHER_NONE; 377 bss->wpa_pairwise = WPA_CIPHER_NONE; 378 bss->rsn_pairwise = WPA_CIPHER_NONE; 379 } 380 381 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 382 (bss->wpa_group == WPA_CIPHER_CCMP || 383 bss->wpa_group == WPA_CIPHER_GCMP || 384 bss->wpa_group == WPA_CIPHER_CCMP_256 || 385 bss->wpa_group == WPA_CIPHER_GCMP_256)) { 386 /* 387 * Strong ciphers do not need frequent rekeying, so increase 388 * the default GTK rekeying period to 24 hours. 389 */ 390 bss->wpa_group_rekey = 86400; 391 } 392 393 #ifdef CONFIG_IEEE80211W 394 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) 395 bss->ieee80211w = ssid->ieee80211w; 396 #endif /* CONFIG_IEEE80211W */ 397 398 #ifdef CONFIG_WPS 399 /* 400 * Enable WPS by default for open and WPA/WPA2-Personal network, but 401 * require user interaction to actually use it. Only the internal 402 * Registrar is supported. 403 */ 404 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 405 bss->ssid.security_policy != SECURITY_PLAINTEXT) 406 goto no_wps; 407 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 408 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || 409 !(bss->wpa & 2))) 410 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 411 * configuration */ 412 bss->eap_server = 1; 413 414 if (!ssid->ignore_broadcast_ssid) 415 bss->wps_state = 2; 416 417 bss->ap_setup_locked = 2; 418 if (wpa_s->conf->config_methods) 419 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 420 os_memcpy(bss->device_type, wpa_s->conf->device_type, 421 WPS_DEV_TYPE_LEN); 422 if (wpa_s->conf->device_name) { 423 bss->device_name = os_strdup(wpa_s->conf->device_name); 424 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 425 } 426 if (wpa_s->conf->manufacturer) 427 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 428 if (wpa_s->conf->model_name) 429 bss->model_name = os_strdup(wpa_s->conf->model_name); 430 if (wpa_s->conf->model_number) 431 bss->model_number = os_strdup(wpa_s->conf->model_number); 432 if (wpa_s->conf->serial_number) 433 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 434 if (is_nil_uuid(wpa_s->conf->uuid)) 435 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 436 else 437 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 438 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 439 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 440 no_wps: 441 #endif /* CONFIG_WPS */ 442 443 if (wpa_s->max_stations && 444 wpa_s->max_stations < wpa_s->conf->max_num_sta) 445 bss->max_num_sta = wpa_s->max_stations; 446 else 447 bss->max_num_sta = wpa_s->conf->max_num_sta; 448 449 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 450 451 if (wpa_s->conf->ap_vendor_elements) { 452 bss->vendor_elements = 453 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 454 } 455 456 bss->pbss = ssid->pbss; 457 458 return 0; 459 } 460 461 462 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 463 { 464 #ifdef CONFIG_P2P 465 struct wpa_supplicant *wpa_s = ctx; 466 const struct ieee80211_mgmt *mgmt; 467 468 mgmt = (const struct ieee80211_mgmt *) buf; 469 if (len < IEEE80211_HDRLEN + 1) 470 return; 471 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC) 472 return; 473 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 474 mgmt->u.action.category, 475 buf + IEEE80211_HDRLEN + 1, 476 len - IEEE80211_HDRLEN - 1, freq); 477 #endif /* CONFIG_P2P */ 478 } 479 480 481 static void ap_wps_event_cb(void *ctx, enum wps_event event, 482 union wps_event_data *data) 483 { 484 #ifdef CONFIG_P2P 485 struct wpa_supplicant *wpa_s = ctx; 486 487 if (event == WPS_EV_FAIL) { 488 struct wps_event_fail *fail = &data->fail; 489 490 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s && 491 wpa_s == wpa_s->global->p2p_group_formation) { 492 /* 493 * src/ap/wps_hostapd.c has already sent this on the 494 * main interface, so only send on the parent interface 495 * here if needed. 496 */ 497 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL 498 "msg=%d config_error=%d", 499 fail->msg, fail->config_error); 500 } 501 wpas_p2p_wps_failed(wpa_s, fail); 502 } 503 #endif /* CONFIG_P2P */ 504 } 505 506 507 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 508 int authorized, const u8 *p2p_dev_addr) 509 { 510 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 511 } 512 513 514 #ifdef CONFIG_P2P 515 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 516 const u8 *psk, size_t psk_len) 517 { 518 519 struct wpa_supplicant *wpa_s = ctx; 520 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 521 return; 522 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 523 } 524 #endif /* CONFIG_P2P */ 525 526 527 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 528 { 529 #ifdef CONFIG_P2P 530 struct wpa_supplicant *wpa_s = ctx; 531 const struct ieee80211_mgmt *mgmt; 532 533 mgmt = (const struct ieee80211_mgmt *) buf; 534 if (len < IEEE80211_HDRLEN + 1) 535 return -1; 536 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 537 mgmt->u.action.category, 538 buf + IEEE80211_HDRLEN + 1, 539 len - IEEE80211_HDRLEN - 1, freq); 540 #endif /* CONFIG_P2P */ 541 return 0; 542 } 543 544 545 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 546 const u8 *bssid, const u8 *ie, size_t ie_len, 547 int ssi_signal) 548 { 549 struct wpa_supplicant *wpa_s = ctx; 550 unsigned int freq = 0; 551 552 if (wpa_s->ap_iface) 553 freq = wpa_s->ap_iface->freq; 554 555 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 556 freq, ssi_signal); 557 } 558 559 560 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 561 const u8 *uuid_e) 562 { 563 struct wpa_supplicant *wpa_s = ctx; 564 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 565 } 566 567 568 static void wpas_ap_configured_cb(void *ctx) 569 { 570 struct wpa_supplicant *wpa_s = ctx; 571 572 #ifdef CONFIG_ACS 573 if (wpa_s->current_ssid && wpa_s->current_ssid->acs) 574 wpa_s->assoc_freq = wpa_s->ap_iface->freq; 575 #endif /* CONFIG_ACS */ 576 577 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 578 579 if (wpa_s->ap_configured_cb) 580 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 581 wpa_s->ap_configured_cb_data); 582 } 583 584 585 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 586 struct wpa_ssid *ssid) 587 { 588 struct wpa_driver_associate_params params; 589 struct hostapd_iface *hapd_iface; 590 struct hostapd_config *conf; 591 size_t i; 592 593 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 594 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 595 return -1; 596 } 597 598 wpa_supplicant_ap_deinit(wpa_s); 599 600 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 601 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 602 603 os_memset(¶ms, 0, sizeof(params)); 604 params.ssid = ssid->ssid; 605 params.ssid_len = ssid->ssid_len; 606 switch (ssid->mode) { 607 case WPAS_MODE_AP: 608 case WPAS_MODE_P2P_GO: 609 case WPAS_MODE_P2P_GROUP_FORMATION: 610 params.mode = IEEE80211_MODE_AP; 611 break; 612 default: 613 return -1; 614 } 615 if (ssid->frequency == 0) 616 ssid->frequency = 2462; /* default channel 11 */ 617 params.freq.freq = ssid->frequency; 618 619 params.wpa_proto = ssid->proto; 620 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 621 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 622 else 623 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 624 params.key_mgmt_suite = wpa_s->key_mgmt; 625 626 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 627 1); 628 if (wpa_s->pairwise_cipher < 0) { 629 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 630 "cipher."); 631 return -1; 632 } 633 params.pairwise_suite = wpa_s->pairwise_cipher; 634 params.group_suite = params.pairwise_suite; 635 636 #ifdef CONFIG_P2P 637 if (ssid->mode == WPAS_MODE_P2P_GO || 638 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 639 params.p2p = 1; 640 #endif /* CONFIG_P2P */ 641 642 if (wpa_s->p2pdev->set_ap_uapsd) 643 params.uapsd = wpa_s->p2pdev->ap_uapsd; 644 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD)) 645 params.uapsd = 1; /* mandatory for P2P GO */ 646 else 647 params.uapsd = -1; 648 649 if (ieee80211_is_dfs(params.freq.freq)) 650 params.freq.freq = 0; /* set channel after CAC */ 651 652 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 653 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 654 return -1; 655 } 656 657 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 658 if (hapd_iface == NULL) 659 return -1; 660 hapd_iface->owner = wpa_s; 661 hapd_iface->drv_flags = wpa_s->drv_flags; 662 hapd_iface->smps_modes = wpa_s->drv_smps_modes; 663 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 664 hapd_iface->extended_capa = wpa_s->extended_capa; 665 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 666 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 667 668 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 669 if (conf == NULL) { 670 wpa_supplicant_ap_deinit(wpa_s); 671 return -1; 672 } 673 674 /* Use the maximum oper channel width if it's given. */ 675 if (ssid->max_oper_chwidth) 676 conf->vht_oper_chwidth = ssid->max_oper_chwidth; 677 678 ieee80211_freq_to_chan(ssid->vht_center_freq2, 679 &conf->vht_oper_centr_freq_seg1_idx); 680 681 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 682 wpa_s->conf->wmm_ac_params, 683 sizeof(wpa_s->conf->wmm_ac_params)); 684 685 if (params.uapsd > 0) { 686 conf->bss[0]->wmm_enabled = 1; 687 conf->bss[0]->wmm_uapsd = 1; 688 } 689 690 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 691 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 692 wpa_supplicant_ap_deinit(wpa_s); 693 return -1; 694 } 695 696 #ifdef CONFIG_P2P 697 if (ssid->mode == WPAS_MODE_P2P_GO) 698 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 699 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 700 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 701 P2P_GROUP_FORMATION; 702 #endif /* CONFIG_P2P */ 703 704 hapd_iface->num_bss = conf->num_bss; 705 hapd_iface->bss = os_calloc(conf->num_bss, 706 sizeof(struct hostapd_data *)); 707 if (hapd_iface->bss == NULL) { 708 wpa_supplicant_ap_deinit(wpa_s); 709 return -1; 710 } 711 712 for (i = 0; i < conf->num_bss; i++) { 713 hapd_iface->bss[i] = 714 hostapd_alloc_bss_data(hapd_iface, conf, 715 conf->bss[i]); 716 if (hapd_iface->bss[i] == NULL) { 717 wpa_supplicant_ap_deinit(wpa_s); 718 return -1; 719 } 720 721 hapd_iface->bss[i]->msg_ctx = wpa_s; 722 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev; 723 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 724 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 725 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 726 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 727 hostapd_register_probereq_cb(hapd_iface->bss[i], 728 ap_probe_req_rx, wpa_s); 729 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 730 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 731 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 732 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 733 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 734 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 735 #ifdef CONFIG_P2P 736 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 737 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 738 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 739 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 740 ssid); 741 #endif /* CONFIG_P2P */ 742 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 743 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 744 #ifdef CONFIG_TESTING_OPTIONS 745 hapd_iface->bss[i]->ext_eapol_frame_io = 746 wpa_s->ext_eapol_frame_io; 747 #endif /* CONFIG_TESTING_OPTIONS */ 748 } 749 750 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 751 hapd_iface->bss[0]->driver = wpa_s->driver; 752 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 753 754 wpa_s->current_ssid = ssid; 755 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 756 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 757 wpa_s->assoc_freq = ssid->frequency; 758 759 if (hostapd_setup_interface(wpa_s->ap_iface)) { 760 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 761 wpa_supplicant_ap_deinit(wpa_s); 762 return -1; 763 } 764 765 return 0; 766 } 767 768 769 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 770 { 771 #ifdef CONFIG_WPS 772 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 773 #endif /* CONFIG_WPS */ 774 775 if (wpa_s->ap_iface == NULL) 776 return; 777 778 wpa_s->current_ssid = NULL; 779 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 780 wpa_s->assoc_freq = 0; 781 wpas_p2p_ap_deinit(wpa_s); 782 wpa_s->ap_iface->driver_ap_teardown = 783 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 784 785 hostapd_interface_deinit(wpa_s->ap_iface); 786 hostapd_interface_free(wpa_s->ap_iface); 787 wpa_s->ap_iface = NULL; 788 wpa_drv_deinit_ap(wpa_s); 789 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 790 " reason=%d locally_generated=1", 791 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING); 792 } 793 794 795 void ap_tx_status(void *ctx, const u8 *addr, 796 const u8 *buf, size_t len, int ack) 797 { 798 #ifdef NEED_AP_MLME 799 struct wpa_supplicant *wpa_s = ctx; 800 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 801 #endif /* NEED_AP_MLME */ 802 } 803 804 805 void ap_eapol_tx_status(void *ctx, const u8 *dst, 806 const u8 *data, size_t len, int ack) 807 { 808 #ifdef NEED_AP_MLME 809 struct wpa_supplicant *wpa_s = ctx; 810 if (!wpa_s->ap_iface) 811 return; 812 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 813 #endif /* NEED_AP_MLME */ 814 } 815 816 817 void ap_client_poll_ok(void *ctx, const u8 *addr) 818 { 819 #ifdef NEED_AP_MLME 820 struct wpa_supplicant *wpa_s = ctx; 821 if (wpa_s->ap_iface) 822 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 823 #endif /* NEED_AP_MLME */ 824 } 825 826 827 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 828 { 829 #ifdef NEED_AP_MLME 830 struct wpa_supplicant *wpa_s = ctx; 831 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 832 #endif /* NEED_AP_MLME */ 833 } 834 835 836 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 837 { 838 #ifdef NEED_AP_MLME 839 struct wpa_supplicant *wpa_s = ctx; 840 struct hostapd_frame_info fi; 841 os_memset(&fi, 0, sizeof(fi)); 842 fi.datarate = rx_mgmt->datarate; 843 fi.ssi_signal = rx_mgmt->ssi_signal; 844 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 845 rx_mgmt->frame_len, &fi); 846 #endif /* NEED_AP_MLME */ 847 } 848 849 850 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 851 { 852 #ifdef NEED_AP_MLME 853 struct wpa_supplicant *wpa_s = ctx; 854 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 855 #endif /* NEED_AP_MLME */ 856 } 857 858 859 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 860 const u8 *src_addr, const u8 *buf, size_t len) 861 { 862 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 863 } 864 865 866 #ifdef CONFIG_WPS 867 868 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 869 const u8 *p2p_dev_addr) 870 { 871 if (!wpa_s->ap_iface) 872 return -1; 873 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 874 p2p_dev_addr); 875 } 876 877 878 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 879 { 880 struct wps_registrar *reg; 881 int reg_sel = 0, wps_sta = 0; 882 883 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 884 return -1; 885 886 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 887 reg_sel = wps_registrar_wps_cancel(reg); 888 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 889 ap_sta_wps_cancel, NULL); 890 891 if (!reg_sel && !wps_sta) { 892 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 893 "time"); 894 return -1; 895 } 896 897 /* 898 * There are 2 cases to return wps cancel as success: 899 * 1. When wps cancel was initiated but no connection has been 900 * established with client yet. 901 * 2. Client is in the middle of exchanging WPS messages. 902 */ 903 904 return 0; 905 } 906 907 908 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 909 const char *pin, char *buf, size_t buflen, 910 int timeout) 911 { 912 int ret, ret_len = 0; 913 914 if (!wpa_s->ap_iface) 915 return -1; 916 917 if (pin == NULL) { 918 unsigned int rpin; 919 920 if (wps_generate_pin(&rpin) < 0) 921 return -1; 922 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 923 if (os_snprintf_error(buflen, ret_len)) 924 return -1; 925 pin = buf; 926 } else if (buf) { 927 ret_len = os_snprintf(buf, buflen, "%s", pin); 928 if (os_snprintf_error(buflen, ret_len)) 929 return -1; 930 } 931 932 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 933 timeout); 934 if (ret) 935 return -1; 936 return ret_len; 937 } 938 939 940 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 941 { 942 struct wpa_supplicant *wpa_s = eloop_data; 943 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 944 wpas_wps_ap_pin_disable(wpa_s); 945 } 946 947 948 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 949 { 950 struct hostapd_data *hapd; 951 952 if (wpa_s->ap_iface == NULL) 953 return; 954 hapd = wpa_s->ap_iface->bss[0]; 955 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 956 hapd->ap_pin_failures = 0; 957 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 958 if (timeout > 0) 959 eloop_register_timeout(timeout, 0, 960 wpas_wps_ap_pin_timeout, wpa_s, NULL); 961 } 962 963 964 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 965 { 966 struct hostapd_data *hapd; 967 968 if (wpa_s->ap_iface == NULL) 969 return; 970 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 971 hapd = wpa_s->ap_iface->bss[0]; 972 os_free(hapd->conf->ap_pin); 973 hapd->conf->ap_pin = NULL; 974 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 975 } 976 977 978 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 979 { 980 struct hostapd_data *hapd; 981 unsigned int pin; 982 char pin_txt[9]; 983 984 if (wpa_s->ap_iface == NULL) 985 return NULL; 986 hapd = wpa_s->ap_iface->bss[0]; 987 if (wps_generate_pin(&pin) < 0) 988 return NULL; 989 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 990 os_free(hapd->conf->ap_pin); 991 hapd->conf->ap_pin = os_strdup(pin_txt); 992 if (hapd->conf->ap_pin == NULL) 993 return NULL; 994 wpas_wps_ap_pin_enable(wpa_s, timeout); 995 996 return hapd->conf->ap_pin; 997 } 998 999 1000 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 1001 { 1002 struct hostapd_data *hapd; 1003 if (wpa_s->ap_iface == NULL) 1004 return NULL; 1005 hapd = wpa_s->ap_iface->bss[0]; 1006 return hapd->conf->ap_pin; 1007 } 1008 1009 1010 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 1011 int timeout) 1012 { 1013 struct hostapd_data *hapd; 1014 char pin_txt[9]; 1015 int ret; 1016 1017 if (wpa_s->ap_iface == NULL) 1018 return -1; 1019 hapd = wpa_s->ap_iface->bss[0]; 1020 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 1021 if (os_snprintf_error(sizeof(pin_txt), ret)) 1022 return -1; 1023 os_free(hapd->conf->ap_pin); 1024 hapd->conf->ap_pin = os_strdup(pin_txt); 1025 if (hapd->conf->ap_pin == NULL) 1026 return -1; 1027 wpas_wps_ap_pin_enable(wpa_s, timeout); 1028 1029 return 0; 1030 } 1031 1032 1033 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 1034 { 1035 struct hostapd_data *hapd; 1036 1037 if (wpa_s->ap_iface == NULL) 1038 return; 1039 hapd = wpa_s->ap_iface->bss[0]; 1040 1041 /* 1042 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 1043 * PIN if this happens multiple times to slow down brute force attacks. 1044 */ 1045 hapd->ap_pin_failures++; 1046 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 1047 hapd->ap_pin_failures); 1048 if (hapd->ap_pin_failures < 3) 1049 return; 1050 1051 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 1052 hapd->ap_pin_failures = 0; 1053 os_free(hapd->conf->ap_pin); 1054 hapd->conf->ap_pin = NULL; 1055 } 1056 1057 1058 #ifdef CONFIG_WPS_NFC 1059 1060 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 1061 int ndef) 1062 { 1063 struct hostapd_data *hapd; 1064 1065 if (wpa_s->ap_iface == NULL) 1066 return NULL; 1067 hapd = wpa_s->ap_iface->bss[0]; 1068 return hostapd_wps_nfc_config_token(hapd, ndef); 1069 } 1070 1071 1072 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 1073 int ndef) 1074 { 1075 struct hostapd_data *hapd; 1076 1077 if (wpa_s->ap_iface == NULL) 1078 return NULL; 1079 hapd = wpa_s->ap_iface->bss[0]; 1080 return hostapd_wps_nfc_hs_cr(hapd, ndef); 1081 } 1082 1083 1084 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s, 1085 const struct wpabuf *req, 1086 const struct wpabuf *sel) 1087 { 1088 struct hostapd_data *hapd; 1089 1090 if (wpa_s->ap_iface == NULL) 1091 return -1; 1092 hapd = wpa_s->ap_iface->bss[0]; 1093 return hostapd_wps_nfc_report_handover(hapd, req, sel); 1094 } 1095 1096 #endif /* CONFIG_WPS_NFC */ 1097 1098 #endif /* CONFIG_WPS */ 1099 1100 1101 #ifdef CONFIG_CTRL_IFACE 1102 1103 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 1104 char *buf, size_t buflen) 1105 { 1106 struct hostapd_data *hapd; 1107 1108 if (wpa_s->ap_iface) 1109 hapd = wpa_s->ap_iface->bss[0]; 1110 else if (wpa_s->ifmsh) 1111 hapd = wpa_s->ifmsh->bss[0]; 1112 else 1113 return -1; 1114 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen); 1115 } 1116 1117 1118 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 1119 char *buf, size_t buflen) 1120 { 1121 struct hostapd_data *hapd; 1122 1123 if (wpa_s->ap_iface) 1124 hapd = wpa_s->ap_iface->bss[0]; 1125 else if (wpa_s->ifmsh) 1126 hapd = wpa_s->ifmsh->bss[0]; 1127 else 1128 return -1; 1129 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen); 1130 } 1131 1132 1133 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 1134 char *buf, size_t buflen) 1135 { 1136 struct hostapd_data *hapd; 1137 1138 if (wpa_s->ap_iface) 1139 hapd = wpa_s->ap_iface->bss[0]; 1140 else if (wpa_s->ifmsh) 1141 hapd = wpa_s->ifmsh->bss[0]; 1142 else 1143 return -1; 1144 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen); 1145 } 1146 1147 1148 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 1149 const char *txtaddr) 1150 { 1151 if (wpa_s->ap_iface == NULL) 1152 return -1; 1153 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 1154 txtaddr); 1155 } 1156 1157 1158 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 1159 const char *txtaddr) 1160 { 1161 if (wpa_s->ap_iface == NULL) 1162 return -1; 1163 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 1164 txtaddr); 1165 } 1166 1167 1168 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 1169 size_t buflen, int verbose) 1170 { 1171 char *pos = buf, *end = buf + buflen; 1172 int ret; 1173 struct hostapd_bss_config *conf; 1174 1175 if (wpa_s->ap_iface == NULL) 1176 return -1; 1177 1178 conf = wpa_s->ap_iface->bss[0]->conf; 1179 if (conf->wpa == 0) 1180 return 0; 1181 1182 ret = os_snprintf(pos, end - pos, 1183 "pairwise_cipher=%s\n" 1184 "group_cipher=%s\n" 1185 "key_mgmt=%s\n", 1186 wpa_cipher_txt(conf->rsn_pairwise), 1187 wpa_cipher_txt(conf->wpa_group), 1188 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 1189 conf->wpa)); 1190 if (os_snprintf_error(end - pos, ret)) 1191 return pos - buf; 1192 pos += ret; 1193 return pos - buf; 1194 } 1195 1196 #endif /* CONFIG_CTRL_IFACE */ 1197 1198 1199 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1200 { 1201 struct hostapd_iface *iface = wpa_s->ap_iface; 1202 struct wpa_ssid *ssid = wpa_s->current_ssid; 1203 struct hostapd_data *hapd; 1204 1205 if (ssid == NULL || wpa_s->ap_iface == NULL || 1206 ssid->mode == WPAS_MODE_INFRA || 1207 ssid->mode == WPAS_MODE_IBSS) 1208 return -1; 1209 1210 #ifdef CONFIG_P2P 1211 if (ssid->mode == WPAS_MODE_P2P_GO) 1212 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1213 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1214 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1215 P2P_GROUP_FORMATION; 1216 #endif /* CONFIG_P2P */ 1217 1218 hapd = iface->bss[0]; 1219 if (hapd->drv_priv == NULL) 1220 return -1; 1221 ieee802_11_set_beacons(iface); 1222 hostapd_set_ap_wps_ie(hapd); 1223 1224 return 0; 1225 } 1226 1227 1228 int ap_switch_channel(struct wpa_supplicant *wpa_s, 1229 struct csa_settings *settings) 1230 { 1231 #ifdef NEED_AP_MLME 1232 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1233 return -1; 1234 1235 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings); 1236 #else /* NEED_AP_MLME */ 1237 return -1; 1238 #endif /* NEED_AP_MLME */ 1239 } 1240 1241 1242 #ifdef CONFIG_CTRL_IFACE 1243 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos) 1244 { 1245 struct csa_settings settings; 1246 int ret = hostapd_parse_csa_settings(pos, &settings); 1247 1248 if (ret) 1249 return ret; 1250 1251 return ap_switch_channel(wpa_s, &settings); 1252 } 1253 #endif /* CONFIG_CTRL_IFACE */ 1254 1255 1256 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1257 int offset, int width, int cf1, int cf2) 1258 { 1259 if (!wpa_s->ap_iface) 1260 return; 1261 1262 wpa_s->assoc_freq = freq; 1263 if (wpa_s->current_ssid) 1264 wpa_s->current_ssid->frequency = freq; 1265 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, 1266 offset, width, cf1, cf2); 1267 } 1268 1269 1270 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1271 const u8 *addr) 1272 { 1273 struct hostapd_data *hapd; 1274 struct hostapd_bss_config *conf; 1275 1276 if (!wpa_s->ap_iface) 1277 return -1; 1278 1279 if (addr) 1280 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1281 MAC2STR(addr)); 1282 else 1283 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1284 1285 hapd = wpa_s->ap_iface->bss[0]; 1286 conf = hapd->conf; 1287 1288 os_free(conf->accept_mac); 1289 conf->accept_mac = NULL; 1290 conf->num_accept_mac = 0; 1291 os_free(conf->deny_mac); 1292 conf->deny_mac = NULL; 1293 conf->num_deny_mac = 0; 1294 1295 if (addr == NULL) { 1296 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1297 return 0; 1298 } 1299 1300 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1301 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1302 if (conf->accept_mac == NULL) 1303 return -1; 1304 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1305 conf->num_accept_mac = 1; 1306 1307 return 0; 1308 } 1309 1310 1311 #ifdef CONFIG_WPS_NFC 1312 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id, 1313 const struct wpabuf *pw, const u8 *pubkey_hash) 1314 { 1315 struct hostapd_data *hapd; 1316 struct wps_context *wps; 1317 1318 if (!wpa_s->ap_iface) 1319 return -1; 1320 hapd = wpa_s->ap_iface->bss[0]; 1321 wps = hapd->wps; 1322 1323 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL || 1324 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) { 1325 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known"); 1326 return -1; 1327 } 1328 1329 dh5_free(wps->dh_ctx); 1330 wpabuf_free(wps->dh_pubkey); 1331 wpabuf_free(wps->dh_privkey); 1332 wps->dh_privkey = wpabuf_dup( 1333 wpa_s->p2pdev->conf->wps_nfc_dh_privkey); 1334 wps->dh_pubkey = wpabuf_dup( 1335 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey); 1336 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) { 1337 wps->dh_ctx = NULL; 1338 wpabuf_free(wps->dh_pubkey); 1339 wps->dh_pubkey = NULL; 1340 wpabuf_free(wps->dh_privkey); 1341 wps->dh_privkey = NULL; 1342 return -1; 1343 } 1344 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey); 1345 if (wps->dh_ctx == NULL) 1346 return -1; 1347 1348 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash, 1349 pw_id, 1350 pw ? wpabuf_head(pw) : NULL, 1351 pw ? wpabuf_len(pw) : 0, 1); 1352 } 1353 #endif /* CONFIG_WPS_NFC */ 1354 1355 1356 #ifdef CONFIG_CTRL_IFACE 1357 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s) 1358 { 1359 struct hostapd_data *hapd; 1360 1361 if (!wpa_s->ap_iface) 1362 return -1; 1363 hapd = wpa_s->ap_iface->bss[0]; 1364 return hostapd_ctrl_iface_stop_ap(hapd); 1365 } 1366 #endif /* CONFIG_CTRL_IFACE */ 1367 1368 1369 int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, 1370 size_t len) 1371 { 1372 size_t reply_len = 0, i; 1373 char ap_delimiter[] = "---- AP ----\n"; 1374 char mesh_delimiter[] = "---- mesh ----\n"; 1375 size_t dlen; 1376 1377 if (wpa_s->ap_iface) { 1378 dlen = os_strlen(ap_delimiter); 1379 if (dlen > len - reply_len) 1380 return reply_len; 1381 os_memcpy(&buf[reply_len], ap_delimiter, dlen); 1382 reply_len += dlen; 1383 1384 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { 1385 reply_len += hostapd_ctrl_iface_pmksa_list( 1386 wpa_s->ap_iface->bss[i], 1387 &buf[reply_len], len - reply_len); 1388 } 1389 } 1390 1391 if (wpa_s->ifmsh) { 1392 dlen = os_strlen(mesh_delimiter); 1393 if (dlen > len - reply_len) 1394 return reply_len; 1395 os_memcpy(&buf[reply_len], mesh_delimiter, dlen); 1396 reply_len += dlen; 1397 1398 reply_len += hostapd_ctrl_iface_pmksa_list( 1399 wpa_s->ifmsh->bss[0], &buf[reply_len], 1400 len - reply_len); 1401 } 1402 1403 return reply_len; 1404 } 1405 1406 1407 void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 1408 { 1409 size_t i; 1410 1411 if (wpa_s->ap_iface) { 1412 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) 1413 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]); 1414 } 1415 1416 if (wpa_s->ifmsh) 1417 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); 1418 } 1419 1420 1421 #ifdef NEED_AP_MLME 1422 void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, 1423 struct dfs_event *radar) 1424 { 1425 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1426 return; 1427 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 1428 hostapd_dfs_radar_detected(wpa_s->ap_iface, radar->freq, 1429 radar->ht_enabled, radar->chan_offset, 1430 radar->chan_width, 1431 radar->cf1, radar->cf2); 1432 } 1433 1434 1435 void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, 1436 struct dfs_event *radar) 1437 { 1438 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1439 return; 1440 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq); 1441 hostapd_dfs_start_cac(wpa_s->ap_iface, radar->freq, 1442 radar->ht_enabled, radar->chan_offset, 1443 radar->chan_width, radar->cf1, radar->cf2); 1444 } 1445 1446 1447 void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, 1448 struct dfs_event *radar) 1449 { 1450 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1451 return; 1452 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 1453 hostapd_dfs_complete_cac(wpa_s->ap_iface, 1, radar->freq, 1454 radar->ht_enabled, radar->chan_offset, 1455 radar->chan_width, radar->cf1, radar->cf2); 1456 } 1457 1458 1459 void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, 1460 struct dfs_event *radar) 1461 { 1462 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1463 return; 1464 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 1465 hostapd_dfs_complete_cac(wpa_s->ap_iface, 0, radar->freq, 1466 radar->ht_enabled, radar->chan_offset, 1467 radar->chan_width, radar->cf1, radar->cf2); 1468 } 1469 1470 1471 void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, 1472 struct dfs_event *radar) 1473 { 1474 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1475 return; 1476 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 1477 hostapd_dfs_nop_finished(wpa_s->ap_iface, radar->freq, 1478 radar->ht_enabled, radar->chan_offset, 1479 radar->chan_width, radar->cf1, radar->cf2); 1480 } 1481 #endif /* NEED_AP_MLME */ 1482 1483 1484 void ap_periodic(struct wpa_supplicant *wpa_s) 1485 { 1486 if (wpa_s->ap_iface) 1487 hostapd_periodic_iface(wpa_s->ap_iface); 1488 } 1489
