1 /* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j (at) w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "utils/includes.h" 11 12 #include "utils/common.h" 13 #include "utils/eloop.h" 14 #include "utils/uuid.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/wpa_ctrl.h" 17 #include "eapol_supp/eapol_supp_sm.h" 18 #include "crypto/dh_group5.h" 19 #include "ap/hostapd.h" 20 #include "ap/ap_config.h" 21 #include "ap/ap_drv_ops.h" 22 #ifdef NEED_AP_MLME 23 #include "ap/ieee802_11.h" 24 #endif /* NEED_AP_MLME */ 25 #include "ap/beacon.h" 26 #include "ap/ieee802_1x.h" 27 #include "ap/wps_hostapd.h" 28 #include "ap/ctrl_iface_ap.h" 29 #include "ap/dfs.h" 30 #include "wps/wps.h" 31 #include "common/ieee802_11_defs.h" 32 #include "config_ssid.h" 33 #include "config.h" 34 #include "wpa_supplicant_i.h" 35 #include "driver_i.h" 36 #include "p2p_supplicant.h" 37 #include "ap.h" 38 #include "ap/sta_info.h" 39 #include "notify.h" 40 41 42 #ifdef CONFIG_WPS 43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 44 #endif /* CONFIG_WPS */ 45 46 47 #ifdef CONFIG_IEEE80211N 48 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, 49 struct wpa_ssid *ssid, 50 struct hostapd_config *conf, 51 struct hostapd_hw_modes *mode) 52 { 53 #ifdef CONFIG_P2P 54 u8 center_chan = 0; 55 u8 channel = conf->channel; 56 #endif /* CONFIG_P2P */ 57 58 if (!conf->secondary_channel) 59 goto no_vht; 60 61 /* Use the maximum oper channel width if it's given. */ 62 if (ssid->max_oper_chwidth) 63 conf->vht_oper_chwidth = ssid->max_oper_chwidth; 64 65 ieee80211_freq_to_chan(ssid->vht_center_freq2, 66 &conf->vht_oper_centr_freq_seg1_idx); 67 68 if (!ssid->p2p_group) { 69 if (!ssid->vht_center_freq1 || 70 conf->vht_oper_chwidth == VHT_CHANWIDTH_USE_HT) 71 goto no_vht; 72 ieee80211_freq_to_chan(ssid->vht_center_freq1, 73 &conf->vht_oper_centr_freq_seg0_idx); 74 return; 75 } 76 77 #ifdef CONFIG_P2P 78 switch (conf->vht_oper_chwidth) { 79 case VHT_CHANWIDTH_80MHZ: 80 case VHT_CHANWIDTH_80P80MHZ: 81 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); 82 break; 83 case VHT_CHANWIDTH_160MHZ: 84 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 85 break; 86 default: 87 /* 88 * conf->vht_oper_chwidth might not be set for non-P2P GO cases, 89 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is 90 * not supported. 91 */ 92 conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ; 93 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 94 if (!center_chan) { 95 conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ; 96 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, 97 channel); 98 } 99 break; 100 } 101 if (!center_chan) 102 goto no_vht; 103 104 conf->vht_oper_centr_freq_seg0_idx = center_chan; 105 return; 106 #endif /* CONFIG_P2P */ 107 108 no_vht: 109 conf->vht_oper_centr_freq_seg0_idx = 110 conf->channel + conf->secondary_channel * 2; 111 conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT; 112 } 113 #endif /* CONFIG_IEEE80211N */ 114 115 116 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, 117 struct wpa_ssid *ssid, 118 struct hostapd_config *conf) 119 { 120 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 121 &conf->channel); 122 123 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 124 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 125 ssid->frequency); 126 return -1; 127 } 128 129 /* TODO: enable HT40 if driver supports it; 130 * drop to 11b if driver does not support 11g */ 131 132 #ifdef CONFIG_IEEE80211N 133 /* 134 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 135 * and a mask of allowed capabilities within conf->ht_capab. 136 * Using default config settings for: conf->ht_op_mode_fixed, 137 * conf->secondary_channel, conf->require_ht 138 */ 139 if (wpa_s->hw.modes) { 140 struct hostapd_hw_modes *mode = NULL; 141 int i, no_ht = 0; 142 for (i = 0; i < wpa_s->hw.num_modes; i++) { 143 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 144 mode = &wpa_s->hw.modes[i]; 145 break; 146 } 147 } 148 149 #ifdef CONFIG_HT_OVERRIDES 150 if (ssid->disable_ht) 151 ssid->ht = 0; 152 #endif /* CONFIG_HT_OVERRIDES */ 153 154 if (!ssid->ht) { 155 conf->ieee80211n = 0; 156 conf->ht_capab = 0; 157 no_ht = 1; 158 } 159 160 if (!no_ht && mode && mode->ht_capab) { 161 conf->ieee80211n = 1; 162 #ifdef CONFIG_P2P 163 if (ssid->p2p_group && 164 conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 165 (mode->ht_capab & 166 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 167 ssid->ht40) 168 conf->secondary_channel = 169 wpas_p2p_get_ht40_mode(wpa_s, mode, 170 conf->channel); 171 #endif /* CONFIG_P2P */ 172 173 if (!ssid->p2p_group && 174 (mode->ht_capab & 175 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) 176 conf->secondary_channel = ssid->ht40; 177 178 if (conf->secondary_channel) 179 conf->ht_capab |= 180 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 181 182 /* 183 * white-list capabilities that won't cause issues 184 * to connecting stations, while leaving the current 185 * capabilities intact (currently disabled SMPS). 186 */ 187 conf->ht_capab |= mode->ht_capab & 188 (HT_CAP_INFO_GREEN_FIELD | 189 HT_CAP_INFO_SHORT_GI20MHZ | 190 HT_CAP_INFO_SHORT_GI40MHZ | 191 HT_CAP_INFO_RX_STBC_MASK | 192 HT_CAP_INFO_TX_STBC | 193 HT_CAP_INFO_MAX_AMSDU_SIZE); 194 195 if (mode->vht_capab && ssid->vht) { 196 conf->ieee80211ac = 1; 197 conf->vht_capab |= mode->vht_capab; 198 wpas_conf_ap_vht(wpa_s, ssid, conf, mode); 199 } 200 } 201 } 202 203 if (conf->secondary_channel) { 204 struct wpa_supplicant *iface; 205 206 for (iface = wpa_s->global->ifaces; iface; iface = iface->next) 207 { 208 if (iface == wpa_s || 209 iface->wpa_state < WPA_AUTHENTICATING || 210 (int) iface->assoc_freq != ssid->frequency) 211 continue; 212 213 /* 214 * Do not allow 40 MHz co-ex PRI/SEC switch to force us 215 * to change our PRI channel since we have an existing, 216 * concurrent connection on that channel and doing 217 * multi-channel concurrency is likely to cause more 218 * harm than using different PRI/SEC selection in 219 * environment with multiple BSSes on these two channels 220 * with mixed 20 MHz or PRI channel selection. 221 */ 222 conf->no_pri_sec_switch = 1; 223 } 224 } 225 #endif /* CONFIG_IEEE80211N */ 226 227 return 0; 228 } 229 230 231 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 232 struct wpa_ssid *ssid, 233 struct hostapd_config *conf) 234 { 235 struct hostapd_bss_config *bss = conf->bss[0]; 236 237 conf->driver = wpa_s->driver; 238 239 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 240 241 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf)) 242 return -1; 243 244 if (ssid->pbss > 1) { 245 wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode", 246 ssid->pbss); 247 return -1; 248 } 249 bss->pbss = ssid->pbss; 250 251 #ifdef CONFIG_ACS 252 if (ssid->acs) { 253 /* Setting channel to 0 in order to enable ACS */ 254 conf->channel = 0; 255 wpa_printf(MSG_DEBUG, "Use automatic channel selection"); 256 } 257 #endif /* CONFIG_ACS */ 258 259 if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) { 260 conf->ieee80211h = 1; 261 conf->ieee80211d = 1; 262 conf->country[0] = wpa_s->conf->country[0]; 263 conf->country[1] = wpa_s->conf->country[1]; 264 conf->country[2] = ' '; 265 } 266 267 #ifdef CONFIG_P2P 268 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 269 (ssid->mode == WPAS_MODE_P2P_GO || 270 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 271 /* Remove 802.11b rates from supported and basic rate sets */ 272 int *list = os_malloc(4 * sizeof(int)); 273 if (list) { 274 list[0] = 60; 275 list[1] = 120; 276 list[2] = 240; 277 list[3] = -1; 278 } 279 conf->basic_rates = list; 280 281 list = os_malloc(9 * sizeof(int)); 282 if (list) { 283 list[0] = 60; 284 list[1] = 90; 285 list[2] = 120; 286 list[3] = 180; 287 list[4] = 240; 288 list[5] = 360; 289 list[6] = 480; 290 list[7] = 540; 291 list[8] = -1; 292 } 293 conf->supported_rates = list; 294 } 295 296 bss->isolate = !wpa_s->conf->p2p_intra_bss; 297 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 298 299 if (ssid->p2p_group) { 300 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4); 301 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask, 302 4); 303 os_memcpy(bss->ip_addr_start, 304 wpa_s->p2pdev->conf->ip_addr_start, 4); 305 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end, 306 4); 307 } 308 #endif /* CONFIG_P2P */ 309 310 if (ssid->ssid_len == 0) { 311 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 312 return -1; 313 } 314 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 315 bss->ssid.ssid_len = ssid->ssid_len; 316 bss->ssid.ssid_set = 1; 317 318 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 319 320 if (ssid->auth_alg) 321 bss->auth_algs = ssid->auth_alg; 322 323 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 324 bss->wpa = ssid->proto; 325 if (ssid->key_mgmt == DEFAULT_KEY_MGMT) 326 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK; 327 else 328 bss->wpa_key_mgmt = ssid->key_mgmt; 329 bss->wpa_pairwise = ssid->pairwise_cipher; 330 if (ssid->psk_set) { 331 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk)); 332 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 333 if (bss->ssid.wpa_psk == NULL) 334 return -1; 335 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 336 bss->ssid.wpa_psk->group = 1; 337 bss->ssid.wpa_psk_set = 1; 338 } else if (ssid->passphrase) { 339 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 340 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 341 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 342 struct hostapd_wep_keys *wep = &bss->ssid.wep; 343 int i; 344 for (i = 0; i < NUM_WEP_KEYS; i++) { 345 if (ssid->wep_key_len[i] == 0) 346 continue; 347 wep->key[i] = os_memdup(ssid->wep_key[i], 348 ssid->wep_key_len[i]); 349 if (wep->key[i] == NULL) 350 return -1; 351 wep->len[i] = ssid->wep_key_len[i]; 352 } 353 wep->idx = ssid->wep_tx_keyidx; 354 wep->keys_set = 1; 355 } 356 357 if (wpa_s->conf->go_interworking) { 358 wpa_printf(MSG_DEBUG, 359 "P2P: Enable Interworking with access_network_type: %d", 360 wpa_s->conf->go_access_network_type); 361 bss->interworking = wpa_s->conf->go_interworking; 362 bss->access_network_type = wpa_s->conf->go_access_network_type; 363 bss->internet = wpa_s->conf->go_internet; 364 if (wpa_s->conf->go_venue_group) { 365 wpa_printf(MSG_DEBUG, 366 "P2P: Venue group: %d Venue type: %d", 367 wpa_s->conf->go_venue_group, 368 wpa_s->conf->go_venue_type); 369 bss->venue_group = wpa_s->conf->go_venue_group; 370 bss->venue_type = wpa_s->conf->go_venue_type; 371 bss->venue_info_set = 1; 372 } 373 } 374 375 if (ssid->ap_max_inactivity) 376 bss->ap_max_inactivity = ssid->ap_max_inactivity; 377 378 if (ssid->dtim_period) 379 bss->dtim_period = ssid->dtim_period; 380 else if (wpa_s->conf->dtim_period) 381 bss->dtim_period = wpa_s->conf->dtim_period; 382 383 if (ssid->beacon_int) 384 conf->beacon_int = ssid->beacon_int; 385 else if (wpa_s->conf->beacon_int) 386 conf->beacon_int = wpa_s->conf->beacon_int; 387 388 #ifdef CONFIG_P2P 389 if (ssid->mode == WPAS_MODE_P2P_GO || 390 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 391 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) { 392 wpa_printf(MSG_INFO, 393 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it", 394 wpa_s->conf->p2p_go_ctwindow, 395 conf->beacon_int); 396 conf->p2p_go_ctwindow = 0; 397 } else { 398 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow; 399 } 400 } 401 #endif /* CONFIG_P2P */ 402 403 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 404 bss->rsn_pairwise = bss->wpa_pairwise; 405 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 406 bss->rsn_pairwise); 407 408 if (bss->wpa && bss->ieee802_1x) 409 bss->ssid.security_policy = SECURITY_WPA; 410 else if (bss->wpa) 411 bss->ssid.security_policy = SECURITY_WPA_PSK; 412 else if (bss->ieee802_1x) { 413 int cipher = WPA_CIPHER_NONE; 414 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 415 bss->ssid.wep.default_len = bss->default_wep_key_len; 416 if (bss->default_wep_key_len) 417 cipher = bss->default_wep_key_len >= 13 ? 418 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 419 bss->wpa_group = cipher; 420 bss->wpa_pairwise = cipher; 421 bss->rsn_pairwise = cipher; 422 } else if (bss->ssid.wep.keys_set) { 423 int cipher = WPA_CIPHER_WEP40; 424 if (bss->ssid.wep.len[0] >= 13) 425 cipher = WPA_CIPHER_WEP104; 426 bss->ssid.security_policy = SECURITY_STATIC_WEP; 427 bss->wpa_group = cipher; 428 bss->wpa_pairwise = cipher; 429 bss->rsn_pairwise = cipher; 430 } else { 431 bss->ssid.security_policy = SECURITY_PLAINTEXT; 432 bss->wpa_group = WPA_CIPHER_NONE; 433 bss->wpa_pairwise = WPA_CIPHER_NONE; 434 bss->rsn_pairwise = WPA_CIPHER_NONE; 435 } 436 437 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 438 (bss->wpa_group == WPA_CIPHER_CCMP || 439 bss->wpa_group == WPA_CIPHER_GCMP || 440 bss->wpa_group == WPA_CIPHER_CCMP_256 || 441 bss->wpa_group == WPA_CIPHER_GCMP_256)) { 442 /* 443 * Strong ciphers do not need frequent rekeying, so increase 444 * the default GTK rekeying period to 24 hours. 445 */ 446 bss->wpa_group_rekey = 86400; 447 } 448 449 #ifdef CONFIG_IEEE80211W 450 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) 451 bss->ieee80211w = ssid->ieee80211w; 452 #endif /* CONFIG_IEEE80211W */ 453 454 #ifdef CONFIG_WPS 455 /* 456 * Enable WPS by default for open and WPA/WPA2-Personal network, but 457 * require user interaction to actually use it. Only the internal 458 * Registrar is supported. 459 */ 460 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 461 bss->ssid.security_policy != SECURITY_PLAINTEXT) 462 goto no_wps; 463 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 464 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || 465 !(bss->wpa & 2))) 466 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 467 * configuration */ 468 if (ssid->wps_disabled) 469 goto no_wps; 470 bss->eap_server = 1; 471 472 if (!ssid->ignore_broadcast_ssid) 473 bss->wps_state = 2; 474 475 bss->ap_setup_locked = 2; 476 if (wpa_s->conf->config_methods) 477 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 478 os_memcpy(bss->device_type, wpa_s->conf->device_type, 479 WPS_DEV_TYPE_LEN); 480 if (wpa_s->conf->device_name) { 481 bss->device_name = os_strdup(wpa_s->conf->device_name); 482 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 483 } 484 if (wpa_s->conf->manufacturer) 485 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 486 if (wpa_s->conf->model_name) 487 bss->model_name = os_strdup(wpa_s->conf->model_name); 488 if (wpa_s->conf->model_number) 489 bss->model_number = os_strdup(wpa_s->conf->model_number); 490 if (wpa_s->conf->serial_number) 491 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 492 if (is_nil_uuid(wpa_s->conf->uuid)) 493 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 494 else 495 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 496 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 497 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 498 if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE) 499 bss->fragment_size = ssid->eap.fragment_size; 500 no_wps: 501 #endif /* CONFIG_WPS */ 502 503 if (wpa_s->max_stations && 504 wpa_s->max_stations < wpa_s->conf->max_num_sta) 505 bss->max_num_sta = wpa_s->max_stations; 506 else 507 bss->max_num_sta = wpa_s->conf->max_num_sta; 508 509 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 510 511 if (wpa_s->conf->ap_vendor_elements) { 512 bss->vendor_elements = 513 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 514 } 515 516 bss->ftm_responder = wpa_s->conf->ftm_responder; 517 bss->ftm_initiator = wpa_s->conf->ftm_initiator; 518 519 return 0; 520 } 521 522 523 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 524 { 525 #ifdef CONFIG_P2P 526 struct wpa_supplicant *wpa_s = ctx; 527 const struct ieee80211_mgmt *mgmt; 528 529 mgmt = (const struct ieee80211_mgmt *) buf; 530 if (len < IEEE80211_HDRLEN + 1) 531 return; 532 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC) 533 return; 534 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 535 mgmt->u.action.category, 536 buf + IEEE80211_HDRLEN + 1, 537 len - IEEE80211_HDRLEN - 1, freq); 538 #endif /* CONFIG_P2P */ 539 } 540 541 542 static void ap_wps_event_cb(void *ctx, enum wps_event event, 543 union wps_event_data *data) 544 { 545 #ifdef CONFIG_P2P 546 struct wpa_supplicant *wpa_s = ctx; 547 548 if (event == WPS_EV_FAIL) { 549 struct wps_event_fail *fail = &data->fail; 550 551 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s && 552 wpa_s == wpa_s->global->p2p_group_formation) { 553 /* 554 * src/ap/wps_hostapd.c has already sent this on the 555 * main interface, so only send on the parent interface 556 * here if needed. 557 */ 558 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL 559 "msg=%d config_error=%d", 560 fail->msg, fail->config_error); 561 } 562 wpas_p2p_wps_failed(wpa_s, fail); 563 } 564 #endif /* CONFIG_P2P */ 565 } 566 567 568 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 569 int authorized, const u8 *p2p_dev_addr) 570 { 571 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 572 } 573 574 575 #ifdef CONFIG_P2P 576 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 577 const u8 *psk, size_t psk_len) 578 { 579 580 struct wpa_supplicant *wpa_s = ctx; 581 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 582 return; 583 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 584 } 585 #endif /* CONFIG_P2P */ 586 587 588 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 589 { 590 #ifdef CONFIG_P2P 591 struct wpa_supplicant *wpa_s = ctx; 592 const struct ieee80211_mgmt *mgmt; 593 594 mgmt = (const struct ieee80211_mgmt *) buf; 595 if (len < IEEE80211_HDRLEN + 1) 596 return -1; 597 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 598 mgmt->u.action.category, 599 buf + IEEE80211_HDRLEN + 1, 600 len - IEEE80211_HDRLEN - 1, freq); 601 #endif /* CONFIG_P2P */ 602 return 0; 603 } 604 605 606 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 607 const u8 *bssid, const u8 *ie, size_t ie_len, 608 int ssi_signal) 609 { 610 struct wpa_supplicant *wpa_s = ctx; 611 unsigned int freq = 0; 612 613 if (wpa_s->ap_iface) 614 freq = wpa_s->ap_iface->freq; 615 616 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 617 freq, ssi_signal); 618 } 619 620 621 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 622 const u8 *uuid_e) 623 { 624 struct wpa_supplicant *wpa_s = ctx; 625 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 626 } 627 628 629 static void wpas_ap_configured_cb(void *ctx) 630 { 631 struct wpa_supplicant *wpa_s = ctx; 632 633 #ifdef CONFIG_ACS 634 if (wpa_s->current_ssid && wpa_s->current_ssid->acs) 635 wpa_s->assoc_freq = wpa_s->ap_iface->freq; 636 #endif /* CONFIG_ACS */ 637 638 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 639 640 if (wpa_s->ap_configured_cb) 641 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 642 wpa_s->ap_configured_cb_data); 643 } 644 645 646 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 647 struct wpa_ssid *ssid) 648 { 649 struct wpa_driver_associate_params params; 650 struct hostapd_iface *hapd_iface; 651 struct hostapd_config *conf; 652 size_t i; 653 654 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 655 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 656 return -1; 657 } 658 659 wpa_supplicant_ap_deinit(wpa_s); 660 661 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 662 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 663 664 os_memset(¶ms, 0, sizeof(params)); 665 params.ssid = ssid->ssid; 666 params.ssid_len = ssid->ssid_len; 667 switch (ssid->mode) { 668 case WPAS_MODE_AP: 669 case WPAS_MODE_P2P_GO: 670 case WPAS_MODE_P2P_GROUP_FORMATION: 671 params.mode = IEEE80211_MODE_AP; 672 break; 673 default: 674 return -1; 675 } 676 if (ssid->frequency == 0) 677 ssid->frequency = 2462; /* default channel 11 */ 678 params.freq.freq = ssid->frequency; 679 680 params.wpa_proto = ssid->proto; 681 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 682 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 683 else 684 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 685 params.key_mgmt_suite = wpa_s->key_mgmt; 686 687 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 688 1); 689 if (wpa_s->pairwise_cipher < 0) { 690 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 691 "cipher."); 692 return -1; 693 } 694 params.pairwise_suite = wpa_s->pairwise_cipher; 695 params.group_suite = params.pairwise_suite; 696 697 #ifdef CONFIG_P2P 698 if (ssid->mode == WPAS_MODE_P2P_GO || 699 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 700 params.p2p = 1; 701 #endif /* CONFIG_P2P */ 702 703 if (wpa_s->p2pdev->set_ap_uapsd) 704 params.uapsd = wpa_s->p2pdev->ap_uapsd; 705 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD)) 706 params.uapsd = 1; /* mandatory for P2P GO */ 707 else 708 params.uapsd = -1; 709 710 if (ieee80211_is_dfs(params.freq.freq)) 711 params.freq.freq = 0; /* set channel after CAC */ 712 713 if (params.p2p) 714 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO); 715 else 716 wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS); 717 718 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 719 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 720 return -1; 721 } 722 723 wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface(); 724 if (hapd_iface == NULL) 725 return -1; 726 hapd_iface->owner = wpa_s; 727 hapd_iface->drv_flags = wpa_s->drv_flags; 728 hapd_iface->smps_modes = wpa_s->drv_smps_modes; 729 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 730 hapd_iface->extended_capa = wpa_s->extended_capa; 731 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 732 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 733 734 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 735 if (conf == NULL) { 736 wpa_supplicant_ap_deinit(wpa_s); 737 return -1; 738 } 739 740 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 741 wpa_s->conf->wmm_ac_params, 742 sizeof(wpa_s->conf->wmm_ac_params)); 743 744 if (params.uapsd > 0) { 745 conf->bss[0]->wmm_enabled = 1; 746 conf->bss[0]->wmm_uapsd = 1; 747 } 748 749 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 750 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 751 wpa_supplicant_ap_deinit(wpa_s); 752 return -1; 753 } 754 755 #ifdef CONFIG_P2P 756 if (ssid->mode == WPAS_MODE_P2P_GO) 757 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 758 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 759 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 760 P2P_GROUP_FORMATION; 761 #endif /* CONFIG_P2P */ 762 763 hapd_iface->num_bss = conf->num_bss; 764 hapd_iface->bss = os_calloc(conf->num_bss, 765 sizeof(struct hostapd_data *)); 766 if (hapd_iface->bss == NULL) { 767 wpa_supplicant_ap_deinit(wpa_s); 768 return -1; 769 } 770 771 for (i = 0; i < conf->num_bss; i++) { 772 hapd_iface->bss[i] = 773 hostapd_alloc_bss_data(hapd_iface, conf, 774 conf->bss[i]); 775 if (hapd_iface->bss[i] == NULL) { 776 wpa_supplicant_ap_deinit(wpa_s); 777 return -1; 778 } 779 780 hapd_iface->bss[i]->msg_ctx = wpa_s; 781 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev; 782 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 783 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 784 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 785 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 786 hostapd_register_probereq_cb(hapd_iface->bss[i], 787 ap_probe_req_rx, wpa_s); 788 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 789 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 790 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 791 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 792 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 793 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 794 #ifdef CONFIG_P2P 795 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 796 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 797 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 798 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 799 ssid); 800 #endif /* CONFIG_P2P */ 801 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 802 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 803 #ifdef CONFIG_TESTING_OPTIONS 804 hapd_iface->bss[i]->ext_eapol_frame_io = 805 wpa_s->ext_eapol_frame_io; 806 #endif /* CONFIG_TESTING_OPTIONS */ 807 } 808 809 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 810 hapd_iface->bss[0]->driver = wpa_s->driver; 811 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 812 813 wpa_s->current_ssid = ssid; 814 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 815 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 816 wpa_s->assoc_freq = ssid->frequency; 817 818 if (hostapd_setup_interface(wpa_s->ap_iface)) { 819 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 820 wpa_supplicant_ap_deinit(wpa_s); 821 return -1; 822 } 823 824 return 0; 825 } 826 827 828 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 829 { 830 #ifdef CONFIG_WPS 831 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 832 #endif /* CONFIG_WPS */ 833 834 if (wpa_s->ap_iface == NULL) 835 return; 836 837 wpa_s->current_ssid = NULL; 838 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 839 wpa_s->assoc_freq = 0; 840 wpas_p2p_ap_deinit(wpa_s); 841 wpa_s->ap_iface->driver_ap_teardown = 842 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 843 844 hostapd_interface_deinit(wpa_s->ap_iface); 845 hostapd_interface_free(wpa_s->ap_iface); 846 wpa_s->ap_iface = NULL; 847 wpa_drv_deinit_ap(wpa_s); 848 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 849 " reason=%d locally_generated=1", 850 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING); 851 } 852 853 854 void ap_tx_status(void *ctx, const u8 *addr, 855 const u8 *buf, size_t len, int ack) 856 { 857 #ifdef NEED_AP_MLME 858 struct wpa_supplicant *wpa_s = ctx; 859 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 860 #endif /* NEED_AP_MLME */ 861 } 862 863 864 void ap_eapol_tx_status(void *ctx, const u8 *dst, 865 const u8 *data, size_t len, int ack) 866 { 867 #ifdef NEED_AP_MLME 868 struct wpa_supplicant *wpa_s = ctx; 869 if (!wpa_s->ap_iface) 870 return; 871 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 872 #endif /* NEED_AP_MLME */ 873 } 874 875 876 void ap_client_poll_ok(void *ctx, const u8 *addr) 877 { 878 #ifdef NEED_AP_MLME 879 struct wpa_supplicant *wpa_s = ctx; 880 if (wpa_s->ap_iface) 881 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 882 #endif /* NEED_AP_MLME */ 883 } 884 885 886 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 887 { 888 #ifdef NEED_AP_MLME 889 struct wpa_supplicant *wpa_s = ctx; 890 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 891 #endif /* NEED_AP_MLME */ 892 } 893 894 895 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 896 { 897 #ifdef NEED_AP_MLME 898 struct wpa_supplicant *wpa_s = ctx; 899 struct hostapd_frame_info fi; 900 os_memset(&fi, 0, sizeof(fi)); 901 fi.datarate = rx_mgmt->datarate; 902 fi.ssi_signal = rx_mgmt->ssi_signal; 903 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 904 rx_mgmt->frame_len, &fi); 905 #endif /* NEED_AP_MLME */ 906 } 907 908 909 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 910 { 911 #ifdef NEED_AP_MLME 912 struct wpa_supplicant *wpa_s = ctx; 913 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 914 #endif /* NEED_AP_MLME */ 915 } 916 917 918 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 919 const u8 *src_addr, const u8 *buf, size_t len) 920 { 921 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 922 } 923 924 925 #ifdef CONFIG_WPS 926 927 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 928 const u8 *p2p_dev_addr) 929 { 930 if (!wpa_s->ap_iface) 931 return -1; 932 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 933 p2p_dev_addr); 934 } 935 936 937 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 938 { 939 struct wps_registrar *reg; 940 int reg_sel = 0, wps_sta = 0; 941 942 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 943 return -1; 944 945 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 946 reg_sel = wps_registrar_wps_cancel(reg); 947 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 948 ap_sta_wps_cancel, NULL); 949 950 if (!reg_sel && !wps_sta) { 951 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 952 "time"); 953 return -1; 954 } 955 956 /* 957 * There are 2 cases to return wps cancel as success: 958 * 1. When wps cancel was initiated but no connection has been 959 * established with client yet. 960 * 2. Client is in the middle of exchanging WPS messages. 961 */ 962 963 return 0; 964 } 965 966 967 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 968 const char *pin, char *buf, size_t buflen, 969 int timeout) 970 { 971 int ret, ret_len = 0; 972 973 if (!wpa_s->ap_iface) 974 return -1; 975 976 if (pin == NULL) { 977 unsigned int rpin; 978 979 if (wps_generate_pin(&rpin) < 0) 980 return -1; 981 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 982 if (os_snprintf_error(buflen, ret_len)) 983 return -1; 984 pin = buf; 985 } else if (buf) { 986 ret_len = os_snprintf(buf, buflen, "%s", pin); 987 if (os_snprintf_error(buflen, ret_len)) 988 return -1; 989 } 990 991 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 992 timeout); 993 if (ret) 994 return -1; 995 return ret_len; 996 } 997 998 999 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 1000 { 1001 struct wpa_supplicant *wpa_s = eloop_data; 1002 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 1003 wpas_wps_ap_pin_disable(wpa_s); 1004 } 1005 1006 1007 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 1008 { 1009 struct hostapd_data *hapd; 1010 1011 if (wpa_s->ap_iface == NULL) 1012 return; 1013 hapd = wpa_s->ap_iface->bss[0]; 1014 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 1015 hapd->ap_pin_failures = 0; 1016 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1017 if (timeout > 0) 1018 eloop_register_timeout(timeout, 0, 1019 wpas_wps_ap_pin_timeout, wpa_s, NULL); 1020 } 1021 1022 1023 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 1024 { 1025 struct hostapd_data *hapd; 1026 1027 if (wpa_s->ap_iface == NULL) 1028 return; 1029 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 1030 hapd = wpa_s->ap_iface->bss[0]; 1031 os_free(hapd->conf->ap_pin); 1032 hapd->conf->ap_pin = NULL; 1033 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 1034 } 1035 1036 1037 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 1038 { 1039 struct hostapd_data *hapd; 1040 unsigned int pin; 1041 char pin_txt[9]; 1042 1043 if (wpa_s->ap_iface == NULL) 1044 return NULL; 1045 hapd = wpa_s->ap_iface->bss[0]; 1046 if (wps_generate_pin(&pin) < 0) 1047 return NULL; 1048 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 1049 os_free(hapd->conf->ap_pin); 1050 hapd->conf->ap_pin = os_strdup(pin_txt); 1051 if (hapd->conf->ap_pin == NULL) 1052 return NULL; 1053 wpas_wps_ap_pin_enable(wpa_s, timeout); 1054 1055 return hapd->conf->ap_pin; 1056 } 1057 1058 1059 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 1060 { 1061 struct hostapd_data *hapd; 1062 if (wpa_s->ap_iface == NULL) 1063 return NULL; 1064 hapd = wpa_s->ap_iface->bss[0]; 1065 return hapd->conf->ap_pin; 1066 } 1067 1068 1069 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 1070 int timeout) 1071 { 1072 struct hostapd_data *hapd; 1073 char pin_txt[9]; 1074 int ret; 1075 1076 if (wpa_s->ap_iface == NULL) 1077 return -1; 1078 hapd = wpa_s->ap_iface->bss[0]; 1079 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 1080 if (os_snprintf_error(sizeof(pin_txt), ret)) 1081 return -1; 1082 os_free(hapd->conf->ap_pin); 1083 hapd->conf->ap_pin = os_strdup(pin_txt); 1084 if (hapd->conf->ap_pin == NULL) 1085 return -1; 1086 wpas_wps_ap_pin_enable(wpa_s, timeout); 1087 1088 return 0; 1089 } 1090 1091 1092 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 1093 { 1094 struct hostapd_data *hapd; 1095 1096 if (wpa_s->ap_iface == NULL) 1097 return; 1098 hapd = wpa_s->ap_iface->bss[0]; 1099 1100 /* 1101 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 1102 * PIN if this happens multiple times to slow down brute force attacks. 1103 */ 1104 hapd->ap_pin_failures++; 1105 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 1106 hapd->ap_pin_failures); 1107 if (hapd->ap_pin_failures < 3) 1108 return; 1109 1110 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 1111 hapd->ap_pin_failures = 0; 1112 os_free(hapd->conf->ap_pin); 1113 hapd->conf->ap_pin = NULL; 1114 } 1115 1116 1117 #ifdef CONFIG_WPS_NFC 1118 1119 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 1120 int ndef) 1121 { 1122 struct hostapd_data *hapd; 1123 1124 if (wpa_s->ap_iface == NULL) 1125 return NULL; 1126 hapd = wpa_s->ap_iface->bss[0]; 1127 return hostapd_wps_nfc_config_token(hapd, ndef); 1128 } 1129 1130 1131 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 1132 int ndef) 1133 { 1134 struct hostapd_data *hapd; 1135 1136 if (wpa_s->ap_iface == NULL) 1137 return NULL; 1138 hapd = wpa_s->ap_iface->bss[0]; 1139 return hostapd_wps_nfc_hs_cr(hapd, ndef); 1140 } 1141 1142 1143 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s, 1144 const struct wpabuf *req, 1145 const struct wpabuf *sel) 1146 { 1147 struct hostapd_data *hapd; 1148 1149 if (wpa_s->ap_iface == NULL) 1150 return -1; 1151 hapd = wpa_s->ap_iface->bss[0]; 1152 return hostapd_wps_nfc_report_handover(hapd, req, sel); 1153 } 1154 1155 #endif /* CONFIG_WPS_NFC */ 1156 1157 #endif /* CONFIG_WPS */ 1158 1159 1160 #ifdef CONFIG_CTRL_IFACE 1161 1162 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 1163 char *buf, size_t buflen) 1164 { 1165 struct hostapd_data *hapd; 1166 1167 if (wpa_s->ap_iface) 1168 hapd = wpa_s->ap_iface->bss[0]; 1169 else if (wpa_s->ifmsh) 1170 hapd = wpa_s->ifmsh->bss[0]; 1171 else 1172 return -1; 1173 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen); 1174 } 1175 1176 1177 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 1178 char *buf, size_t buflen) 1179 { 1180 struct hostapd_data *hapd; 1181 1182 if (wpa_s->ap_iface) 1183 hapd = wpa_s->ap_iface->bss[0]; 1184 else if (wpa_s->ifmsh) 1185 hapd = wpa_s->ifmsh->bss[0]; 1186 else 1187 return -1; 1188 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen); 1189 } 1190 1191 1192 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 1193 char *buf, size_t buflen) 1194 { 1195 struct hostapd_data *hapd; 1196 1197 if (wpa_s->ap_iface) 1198 hapd = wpa_s->ap_iface->bss[0]; 1199 else if (wpa_s->ifmsh) 1200 hapd = wpa_s->ifmsh->bss[0]; 1201 else 1202 return -1; 1203 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen); 1204 } 1205 1206 1207 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 1208 const char *txtaddr) 1209 { 1210 if (wpa_s->ap_iface == NULL) 1211 return -1; 1212 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 1213 txtaddr); 1214 } 1215 1216 1217 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 1218 const char *txtaddr) 1219 { 1220 if (wpa_s->ap_iface == NULL) 1221 return -1; 1222 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 1223 txtaddr); 1224 } 1225 1226 1227 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 1228 size_t buflen, int verbose) 1229 { 1230 char *pos = buf, *end = buf + buflen; 1231 int ret; 1232 struct hostapd_bss_config *conf; 1233 1234 if (wpa_s->ap_iface == NULL) 1235 return -1; 1236 1237 conf = wpa_s->ap_iface->bss[0]->conf; 1238 if (conf->wpa == 0) 1239 return 0; 1240 1241 ret = os_snprintf(pos, end - pos, 1242 "pairwise_cipher=%s\n" 1243 "group_cipher=%s\n" 1244 "key_mgmt=%s\n", 1245 wpa_cipher_txt(conf->rsn_pairwise), 1246 wpa_cipher_txt(conf->wpa_group), 1247 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 1248 conf->wpa)); 1249 if (os_snprintf_error(end - pos, ret)) 1250 return pos - buf; 1251 pos += ret; 1252 return pos - buf; 1253 } 1254 1255 #endif /* CONFIG_CTRL_IFACE */ 1256 1257 1258 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1259 { 1260 struct hostapd_iface *iface = wpa_s->ap_iface; 1261 struct wpa_ssid *ssid = wpa_s->current_ssid; 1262 struct hostapd_data *hapd; 1263 1264 if (ssid == NULL || wpa_s->ap_iface == NULL || 1265 ssid->mode == WPAS_MODE_INFRA || 1266 ssid->mode == WPAS_MODE_IBSS) 1267 return -1; 1268 1269 #ifdef CONFIG_P2P 1270 if (ssid->mode == WPAS_MODE_P2P_GO) 1271 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1272 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1273 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1274 P2P_GROUP_FORMATION; 1275 #endif /* CONFIG_P2P */ 1276 1277 hapd = iface->bss[0]; 1278 if (hapd->drv_priv == NULL) 1279 return -1; 1280 ieee802_11_set_beacons(iface); 1281 hostapd_set_ap_wps_ie(hapd); 1282 1283 return 0; 1284 } 1285 1286 1287 int ap_switch_channel(struct wpa_supplicant *wpa_s, 1288 struct csa_settings *settings) 1289 { 1290 #ifdef NEED_AP_MLME 1291 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1292 return -1; 1293 1294 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings); 1295 #else /* NEED_AP_MLME */ 1296 return -1; 1297 #endif /* NEED_AP_MLME */ 1298 } 1299 1300 1301 #ifdef CONFIG_CTRL_IFACE 1302 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos) 1303 { 1304 struct csa_settings settings; 1305 int ret = hostapd_parse_csa_settings(pos, &settings); 1306 1307 if (ret) 1308 return ret; 1309 1310 return ap_switch_channel(wpa_s, &settings); 1311 } 1312 #endif /* CONFIG_CTRL_IFACE */ 1313 1314 1315 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1316 int offset, int width, int cf1, int cf2) 1317 { 1318 if (!wpa_s->ap_iface) 1319 return; 1320 1321 wpa_s->assoc_freq = freq; 1322 if (wpa_s->current_ssid) 1323 wpa_s->current_ssid->frequency = freq; 1324 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, 1325 offset, width, cf1, cf2); 1326 } 1327 1328 1329 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1330 const u8 *addr) 1331 { 1332 struct hostapd_data *hapd; 1333 struct hostapd_bss_config *conf; 1334 1335 if (!wpa_s->ap_iface) 1336 return -1; 1337 1338 if (addr) 1339 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1340 MAC2STR(addr)); 1341 else 1342 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1343 1344 hapd = wpa_s->ap_iface->bss[0]; 1345 conf = hapd->conf; 1346 1347 os_free(conf->accept_mac); 1348 conf->accept_mac = NULL; 1349 conf->num_accept_mac = 0; 1350 os_free(conf->deny_mac); 1351 conf->deny_mac = NULL; 1352 conf->num_deny_mac = 0; 1353 1354 if (addr == NULL) { 1355 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1356 return 0; 1357 } 1358 1359 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1360 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1361 if (conf->accept_mac == NULL) 1362 return -1; 1363 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1364 conf->num_accept_mac = 1; 1365 1366 return 0; 1367 } 1368 1369 1370 #ifdef CONFIG_WPS_NFC 1371 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id, 1372 const struct wpabuf *pw, const u8 *pubkey_hash) 1373 { 1374 struct hostapd_data *hapd; 1375 struct wps_context *wps; 1376 1377 if (!wpa_s->ap_iface) 1378 return -1; 1379 hapd = wpa_s->ap_iface->bss[0]; 1380 wps = hapd->wps; 1381 1382 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL || 1383 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) { 1384 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known"); 1385 return -1; 1386 } 1387 1388 dh5_free(wps->dh_ctx); 1389 wpabuf_free(wps->dh_pubkey); 1390 wpabuf_free(wps->dh_privkey); 1391 wps->dh_privkey = wpabuf_dup( 1392 wpa_s->p2pdev->conf->wps_nfc_dh_privkey); 1393 wps->dh_pubkey = wpabuf_dup( 1394 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey); 1395 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) { 1396 wps->dh_ctx = NULL; 1397 wpabuf_free(wps->dh_pubkey); 1398 wps->dh_pubkey = NULL; 1399 wpabuf_free(wps->dh_privkey); 1400 wps->dh_privkey = NULL; 1401 return -1; 1402 } 1403 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey); 1404 if (wps->dh_ctx == NULL) 1405 return -1; 1406 1407 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash, 1408 pw_id, 1409 pw ? wpabuf_head(pw) : NULL, 1410 pw ? wpabuf_len(pw) : 0, 1); 1411 } 1412 #endif /* CONFIG_WPS_NFC */ 1413 1414 1415 #ifdef CONFIG_CTRL_IFACE 1416 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s) 1417 { 1418 struct hostapd_data *hapd; 1419 1420 if (!wpa_s->ap_iface) 1421 return -1; 1422 hapd = wpa_s->ap_iface->bss[0]; 1423 return hostapd_ctrl_iface_stop_ap(hapd); 1424 } 1425 1426 1427 int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, 1428 size_t len) 1429 { 1430 size_t reply_len = 0, i; 1431 char ap_delimiter[] = "---- AP ----\n"; 1432 char mesh_delimiter[] = "---- mesh ----\n"; 1433 size_t dlen; 1434 1435 if (wpa_s->ap_iface) { 1436 dlen = os_strlen(ap_delimiter); 1437 if (dlen > len - reply_len) 1438 return reply_len; 1439 os_memcpy(&buf[reply_len], ap_delimiter, dlen); 1440 reply_len += dlen; 1441 1442 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { 1443 reply_len += hostapd_ctrl_iface_pmksa_list( 1444 wpa_s->ap_iface->bss[i], 1445 &buf[reply_len], len - reply_len); 1446 } 1447 } 1448 1449 if (wpa_s->ifmsh) { 1450 dlen = os_strlen(mesh_delimiter); 1451 if (dlen > len - reply_len) 1452 return reply_len; 1453 os_memcpy(&buf[reply_len], mesh_delimiter, dlen); 1454 reply_len += dlen; 1455 1456 reply_len += hostapd_ctrl_iface_pmksa_list( 1457 wpa_s->ifmsh->bss[0], &buf[reply_len], 1458 len - reply_len); 1459 } 1460 1461 return reply_len; 1462 } 1463 1464 1465 void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 1466 { 1467 size_t i; 1468 1469 if (wpa_s->ap_iface) { 1470 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) 1471 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]); 1472 } 1473 1474 if (wpa_s->ifmsh) 1475 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); 1476 } 1477 1478 1479 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 1480 #ifdef CONFIG_MESH 1481 1482 int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr, 1483 char *buf, size_t len) 1484 { 1485 return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr, 1486 &buf[0], len); 1487 } 1488 1489 1490 int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd) 1491 { 1492 struct external_pmksa_cache *entry; 1493 void *pmksa_cache; 1494 1495 pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr, 1496 cmd); 1497 if (!pmksa_cache) 1498 return -1; 1499 1500 entry = os_zalloc(sizeof(struct external_pmksa_cache)); 1501 if (!entry) 1502 return -1; 1503 1504 entry->pmksa_cache = pmksa_cache; 1505 1506 dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list); 1507 1508 return 0; 1509 } 1510 1511 #endif /* CONFIG_MESH */ 1512 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 1513 1514 #endif /* CONFIG_CTRL_IFACE */ 1515 1516 1517 #ifdef NEED_AP_MLME 1518 void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, 1519 struct dfs_event *radar) 1520 { 1521 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1522 return; 1523 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 1524 hostapd_dfs_radar_detected(wpa_s->ap_iface, radar->freq, 1525 radar->ht_enabled, radar->chan_offset, 1526 radar->chan_width, 1527 radar->cf1, radar->cf2); 1528 } 1529 1530 1531 void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, 1532 struct dfs_event *radar) 1533 { 1534 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1535 return; 1536 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq); 1537 hostapd_dfs_start_cac(wpa_s->ap_iface, radar->freq, 1538 radar->ht_enabled, radar->chan_offset, 1539 radar->chan_width, radar->cf1, radar->cf2); 1540 } 1541 1542 1543 void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, 1544 struct dfs_event *radar) 1545 { 1546 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1547 return; 1548 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 1549 hostapd_dfs_complete_cac(wpa_s->ap_iface, 1, radar->freq, 1550 radar->ht_enabled, radar->chan_offset, 1551 radar->chan_width, radar->cf1, radar->cf2); 1552 } 1553 1554 1555 void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, 1556 struct dfs_event *radar) 1557 { 1558 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1559 return; 1560 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 1561 hostapd_dfs_complete_cac(wpa_s->ap_iface, 0, radar->freq, 1562 radar->ht_enabled, radar->chan_offset, 1563 radar->chan_width, radar->cf1, radar->cf2); 1564 } 1565 1566 1567 void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, 1568 struct dfs_event *radar) 1569 { 1570 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1571 return; 1572 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 1573 hostapd_dfs_nop_finished(wpa_s->ap_iface, radar->freq, 1574 radar->ht_enabled, radar->chan_offset, 1575 radar->chan_width, radar->cf1, radar->cf2); 1576 } 1577 #endif /* NEED_AP_MLME */ 1578 1579 1580 void ap_periodic(struct wpa_supplicant *wpa_s) 1581 { 1582 if (wpa_s->ap_iface) 1583 hostapd_periodic_iface(wpa_s->ap_iface); 1584 } 1585
