1 /*
2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10 #include "utils/includes.h"
11
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
22 #ifdef NEED_AP_MLME
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
29 #include "ap/dfs.h"
30 #include "wps/wps.h"
31 #include "common/ieee802_11_defs.h"
32 #include "config_ssid.h"
33 #include "config.h"
34 #include "wpa_supplicant_i.h"
35 #include "driver_i.h"
36 #include "p2p_supplicant.h"
37 #include "ap.h"
38 #include "ap/sta_info.h"
39 #include "notify.h"
40
41
42 #ifdef CONFIG_WPS
43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
44 #endif /* CONFIG_WPS */
45
46
47 #ifdef CONFIG_P2P
is_chanwidth160_supported(struct hostapd_hw_modes * mode,struct hostapd_config * conf)48 static bool is_chanwidth160_supported(struct hostapd_hw_modes *mode,
49 struct hostapd_config *conf)
50 {
51 #ifdef CONFIG_IEEE80211AX
52 if (conf->ieee80211ax) {
53 struct he_capabilities *he_cap;
54
55 he_cap = &mode->he_capab[IEEE80211_MODE_AP];
56 if (he_cap->phy_cap[HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
57 (HE_PHYCAP_CHANNEL_WIDTH_SET_80PLUS80MHZ_IN_5G |
58 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G))
59 return true;
60 }
61 #endif /* CONFIG_IEEE80211AX */
62 if (mode->vht_capab & (VHT_CAP_SUPP_CHAN_WIDTH_160MHZ |
63 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ))
64 return true;
65 return false;
66 }
67 #endif /* CONFIG_P2P */
68
69
wpas_conf_ap_vht(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf,struct hostapd_hw_modes * mode)70 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
71 struct wpa_ssid *ssid,
72 struct hostapd_config *conf,
73 struct hostapd_hw_modes *mode)
74 {
75 #ifdef CONFIG_P2P
76 u8 center_chan = 0;
77 u8 channel = conf->channel;
78 #endif /* CONFIG_P2P */
79 u8 freq_seg_idx;
80
81 if (!conf->secondary_channel)
82 goto no_vht;
83
84 /* Use the maximum oper channel width if it's given. */
85 if (ssid->max_oper_chwidth)
86 hostapd_set_oper_chwidth(conf, ssid->max_oper_chwidth);
87 if (hostapd_get_oper_chwidth(conf))
88 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
89 hostapd_get_oper_chwidth(conf),
90 &conf->op_class,
91 &conf->channel);
92
93 if (hostapd_get_oper_chwidth(conf) == CONF_OPER_CHWIDTH_80P80MHZ) {
94 ieee80211_freq_to_chan(ssid->vht_center_freq2,
95 &freq_seg_idx);
96 hostapd_set_oper_centr_freq_seg1_idx(conf, freq_seg_idx);
97 }
98
99 if (!ssid->p2p_group) {
100 if (!ssid->vht_center_freq1)
101 goto no_vht;
102 ieee80211_freq_to_chan(ssid->vht_center_freq1,
103 &freq_seg_idx);
104 hostapd_set_oper_centr_freq_seg0_idx(conf, freq_seg_idx);
105
106 wpa_printf(MSG_DEBUG,
107 "VHT seg0 index %d and seg1 index %d for AP",
108 hostapd_get_oper_centr_freq_seg0_idx(conf),
109 hostapd_get_oper_centr_freq_seg1_idx(conf));
110 return;
111 }
112
113 #ifdef CONFIG_P2P
114 switch (hostapd_get_oper_chwidth(conf)) {
115 case CONF_OPER_CHWIDTH_80MHZ:
116 case CONF_OPER_CHWIDTH_80P80MHZ:
117 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel,
118 conf->op_class);
119 wpa_printf(MSG_DEBUG,
120 "VHT center channel %u for 80 or 80+80 MHz bandwidth",
121 center_chan);
122 break;
123 case CONF_OPER_CHWIDTH_160MHZ:
124 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel,
125 conf->op_class);
126 wpa_printf(MSG_DEBUG,
127 "VHT center channel %u for 160 MHz bandwidth",
128 center_chan);
129 break;
130 default:
131 /*
132 * conf->vht_oper_chwidth might not be set for non-P2P GO cases,
133 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is
134 * not supported.
135 */
136 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_160MHZ);
137 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
138 conf->vht_oper_chwidth,
139 &conf->op_class,
140 &conf->channel);
141 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel,
142 conf->op_class);
143 if (center_chan && is_chanwidth160_supported(mode, conf)) {
144 wpa_printf(MSG_DEBUG,
145 "VHT center channel %u for auto-selected 160 MHz bandwidth",
146 center_chan);
147 } else {
148 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_80MHZ);
149 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
150 conf->vht_oper_chwidth,
151 &conf->op_class,
152 &conf->channel);
153 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode,
154 channel,
155 conf->op_class);
156 wpa_printf(MSG_DEBUG,
157 "VHT center channel %u for auto-selected 80 MHz bandwidth",
158 center_chan);
159 }
160 break;
161 }
162 if (!center_chan)
163 goto no_vht;
164
165 hostapd_set_oper_centr_freq_seg0_idx(conf, center_chan);
166 wpa_printf(MSG_DEBUG, "VHT seg0 index %d for P2P GO",
167 hostapd_get_oper_centr_freq_seg0_idx(conf));
168 return;
169 #endif /* CONFIG_P2P */
170
171 no_vht:
172 wpa_printf(MSG_DEBUG,
173 "No VHT higher bandwidth support for the selected channel %d",
174 conf->channel);
175 hostapd_set_oper_centr_freq_seg0_idx(
176 conf, conf->channel + conf->secondary_channel * 2);
177 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_USE_HT);
178 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
179 conf->vht_oper_chwidth,
180 &conf->op_class, &conf->channel);
181 }
182
183
184 static struct hostapd_hw_modes *
wpa_supplicant_find_hw_mode(struct wpa_supplicant * wpa_s,enum hostapd_hw_mode hw_mode)185 wpa_supplicant_find_hw_mode(struct wpa_supplicant *wpa_s,
186 enum hostapd_hw_mode hw_mode)
187 {
188 struct hostapd_hw_modes *mode = NULL;
189 int i;
190
191 for (i = 0; i < wpa_s->hw.num_modes; i++) {
192 if (wpa_s->hw.modes[i].mode == hw_mode) {
193 mode = &wpa_s->hw.modes[i];
194 break;
195 }
196 }
197
198 return mode;
199 }
200
201
202 #ifdef CONFIG_P2P
203
get_max_oper_chwidth_6ghz(int chwidth)204 static int get_max_oper_chwidth_6ghz(int chwidth)
205 {
206 switch (chwidth) {
207 case CONF_OPER_CHWIDTH_USE_HT:
208 return 20;
209 case CONF_OPER_CHWIDTH_40MHZ_6GHZ:
210 return 40;
211 case CONF_OPER_CHWIDTH_80MHZ:
212 return 80;
213 case CONF_OPER_CHWIDTH_80P80MHZ:
214 case CONF_OPER_CHWIDTH_160MHZ:
215 return 160;
216 default:
217 return 0;
218 }
219 }
220
221
wpas_conf_ap_he_6ghz(struct wpa_supplicant * wpa_s,struct hostapd_hw_modes * mode,struct wpa_ssid * ssid,struct hostapd_config * conf)222 static void wpas_conf_ap_he_6ghz(struct wpa_supplicant *wpa_s,
223 struct hostapd_hw_modes *mode,
224 struct wpa_ssid *ssid,
225 struct hostapd_config *conf)
226 {
227 bool is_chanwidth_40_80, is_chanwidth_160;
228 int he_chanwidth;
229
230 he_chanwidth =
231 mode->he_capab[wpas_mode_to_ieee80211_mode(
232 ssid->mode)].phy_cap[HE_PHYCAP_CHANNEL_WIDTH_SET_IDX];
233 is_chanwidth_40_80 = he_chanwidth &
234 HE_PHYCAP_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G;
235 is_chanwidth_160 = he_chanwidth &
236 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G;
237
238 wpa_printf(MSG_DEBUG,
239 "Enable HE support (p2p_group=%d he_chwidth_cap=%d)",
240 ssid->p2p_group, he_chanwidth);
241
242 if (mode->he_capab[wpas_mode_to_ieee80211_mode(
243 ssid->mode)].he_supported &&
244 ssid->he)
245 conf->ieee80211ax = 1;
246
247 if (is_chanwidth_40_80 && ssid->p2p_group &&
248 get_max_oper_chwidth_6ghz(ssid->max_oper_chwidth) >= 40) {
249 conf->secondary_channel =
250 wpas_p2p_get_sec_channel_offset_40mhz(
251 wpa_s, mode, conf->channel);
252 wpa_printf(MSG_DEBUG,
253 "Secondary channel offset %d for P2P group",
254 conf->secondary_channel);
255 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_40MHZ_6GHZ)
256 ssid->max_oper_chwidth = CONF_OPER_CHWIDTH_USE_HT;
257 }
258
259 if ((is_chanwidth_40_80 || is_chanwidth_160) && ssid->p2p_group &&
260 get_max_oper_chwidth_6ghz(ssid->max_oper_chwidth) >= 80)
261 wpas_conf_ap_vht(wpa_s, ssid, conf, mode);
262 }
263
264 #endif /* CONFIG_P2P */
265
266
wpa_supplicant_conf_ap_ht(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf)267 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s,
268 struct wpa_ssid *ssid,
269 struct hostapd_config *conf)
270 {
271 conf->hw_mode = ieee80211_freq_to_channel_ext(ssid->frequency, 0,
272 CONF_OPER_CHWIDTH_USE_HT,
273 &conf->op_class,
274 &conf->channel);
275 if (conf->hw_mode == NUM_HOSTAPD_MODES) {
276 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
277 ssid->frequency);
278 return -1;
279 }
280
281 /*
282 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
283 * and a mask of allowed capabilities within conf->ht_capab.
284 * Using default config settings for: conf->ht_op_mode_fixed,
285 * conf->secondary_channel, conf->require_ht
286 */
287 if (wpa_s->hw.modes) {
288 struct hostapd_hw_modes *mode = NULL;
289 int no_ht = 0;
290
291 wpa_printf(MSG_DEBUG,
292 "Determining HT/VHT options based on driver capabilities (freq=%u chan=%u)",
293 ssid->frequency, conf->channel);
294
295 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
296 conf->hw_mode, is_6ghz_freq(ssid->frequency));
297
298 /* May drop to IEEE 802.11b if the driver does not support IEEE
299 * 802.11g */
300 if (!mode && conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
301 conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
302 wpa_printf(MSG_INFO,
303 "Try downgrade to IEEE 802.11b as 802.11g is not supported by the current hardware");
304 mode = wpa_supplicant_find_hw_mode(wpa_s,
305 conf->hw_mode);
306 }
307
308 if (!mode) {
309 wpa_printf(MSG_ERROR,
310 "No match between requested and supported hw modes found");
311 return -1;
312 }
313
314 #ifdef CONFIG_HT_OVERRIDES
315 if (ssid->disable_ht)
316 ssid->ht = 0;
317 if (ssid->disable_ht40)
318 ssid->ht40 = 0;
319 #endif /* CONFIG_HT_OVERRIDES */
320
321 #ifdef CONFIG_VHT_OVERRIDES
322 if (ssid->disable_vht)
323 ssid->vht = 0;
324 #endif /* CONFIG_VHT_OVERRIDES */
325
326 #ifdef CONFIG_HE_OVERRIDES
327 if (ssid->disable_he)
328 ssid->he = 0;
329 #endif /* CONFIG_HE_OVERRIDES */
330
331 if (!ssid->ht) {
332 wpa_printf(MSG_DEBUG,
333 "HT not enabled in network profile");
334 conf->ieee80211n = 0;
335 conf->ht_capab = 0;
336 no_ht = 1;
337 }
338
339 if (mode && is_6ghz_freq(ssid->frequency) &&
340 conf->hw_mode == HOSTAPD_MODE_IEEE80211A) {
341 if (mode->eht_capab[wpas_mode_to_ieee80211_mode(
342 ssid->mode)].eht_supported &&
343 ssid->eht)
344 conf->ieee80211be = 1;
345
346 if (mode->he_capab[wpas_mode_to_ieee80211_mode(
347 ssid->mode)].he_supported &&
348 ssid->he)
349 conf->ieee80211ax = 1;
350
351 #ifdef CONFIG_P2P
352 wpas_conf_ap_he_6ghz(wpa_s, mode, ssid, conf);
353 #endif /* CONFIG_P2P */
354 } else if (!no_ht && mode && mode->ht_capab) {
355 wpa_printf(MSG_DEBUG,
356 "Enable HT support (p2p_group=%d 11a=%d ht40_hw_capab=%d ssid->ht40=%d)",
357 ssid->p2p_group,
358 conf->hw_mode == HOSTAPD_MODE_IEEE80211A,
359 !!(mode->ht_capab &
360 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET),
361 ssid->ht40);
362 conf->ieee80211n = 1;
363
364 if (ssid->ht40 &&
365 (mode->ht_capab &
366 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
367 conf->secondary_channel = ssid->ht40;
368 else
369 conf->secondary_channel = 0;
370
371 #ifdef CONFIG_P2P
372 if (ssid->p2p_group &&
373 conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
374 (mode->ht_capab &
375 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
376 ssid->ht40) {
377 conf->secondary_channel =
378 wpas_p2p_get_sec_channel_offset_40mhz(
379 wpa_s, mode, conf->channel);
380 wpa_printf(MSG_DEBUG,
381 "HT secondary channel offset %d for P2P group",
382 conf->secondary_channel);
383 } else if (ssid->p2p_group && conf->secondary_channel &&
384 conf->hw_mode != HOSTAPD_MODE_IEEE80211A) {
385 /* This ended up trying to configure invalid
386 * 2.4 GHz channels (e.g., HT40+ on channel 11)
387 * in some cases, so clear the secondary channel
388 * configuration now to avoid such cases that
389 * would lead to group formation failures. */
390 wpa_printf(MSG_DEBUG,
391 "Disable HT secondary channel for P2P group on 2.4 GHz");
392 conf->secondary_channel = 0;
393 }
394 #endif /* CONFIG_P2P */
395
396 if (!ssid->p2p_group &&
397 (mode->ht_capab &
398 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) {
399 conf->secondary_channel = ssid->ht40;
400 wpa_printf(MSG_DEBUG,
401 "HT secondary channel offset %d for AP",
402 conf->secondary_channel);
403 }
404
405 if (conf->secondary_channel)
406 conf->ht_capab |=
407 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
408
409 /*
410 * include capabilities that won't cause issues
411 * to connecting stations, while leaving the current
412 * capabilities intact (currently disabled SMPS).
413 */
414 conf->ht_capab |= mode->ht_capab &
415 (HT_CAP_INFO_GREEN_FIELD |
416 HT_CAP_INFO_SHORT_GI20MHZ |
417 HT_CAP_INFO_SHORT_GI40MHZ |
418 HT_CAP_INFO_RX_STBC_MASK |
419 HT_CAP_INFO_TX_STBC |
420 HT_CAP_INFO_MAX_AMSDU_SIZE);
421
422 /* check this before VHT, because setting oper chan
423 * width and friends is the same call for HE and VHT
424 * and checks if conf->ieee8021ax == 1 */
425 if (mode->eht_capab[wpas_mode_to_ieee80211_mode(
426 ssid->mode)].eht_supported &&
427 ssid->eht)
428 conf->ieee80211be = 1;
429
430 if (mode->he_capab[wpas_mode_to_ieee80211_mode(
431 ssid->mode)].he_supported &&
432 ssid->he)
433 conf->ieee80211ax = 1;
434
435 if (mode->vht_capab && ssid->vht) {
436 conf->ieee80211ac = 1;
437 conf->vht_capab |= mode->vht_capab;
438 wpas_conf_ap_vht(wpa_s, ssid, conf, mode);
439 }
440 }
441 }
442
443 if (wpa_s->p2p_go_no_pri_sec_switch) {
444 conf->no_pri_sec_switch = 1;
445 } else if (conf->secondary_channel) {
446 struct wpa_supplicant *iface;
447
448 for (iface = wpa_s->global->ifaces; iface; iface = iface->next)
449 {
450 if (iface == wpa_s ||
451 iface->wpa_state < WPA_AUTHENTICATING ||
452 (int) iface->assoc_freq != ssid->frequency)
453 continue;
454
455 /*
456 * Do not allow 40 MHz co-ex PRI/SEC switch to force us
457 * to change our PRI channel since we have an existing,
458 * concurrent connection on that channel and doing
459 * multi-channel concurrency is likely to cause more
460 * harm than using different PRI/SEC selection in
461 * environment with multiple BSSes on these two channels
462 * with mixed 20 MHz or PRI channel selection.
463 */
464 conf->no_pri_sec_switch = 1;
465 }
466 }
467
468 return 0;
469 }
470
471
wpa_supplicant_conf_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf)472 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
473 struct wpa_ssid *ssid,
474 struct hostapd_config *conf)
475 {
476 struct hostapd_bss_config *bss = conf->bss[0];
477
478 conf->driver = wpa_s->driver;
479
480 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
481
482 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf))
483 return -1;
484
485 if (ssid->pbss > 1) {
486 wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode",
487 ssid->pbss);
488 return -1;
489 }
490 bss->pbss = ssid->pbss;
491
492 #ifdef CONFIG_ACS
493 if (ssid->acs) {
494 /* Setting channel to 0 in order to enable ACS */
495 conf->channel = 0;
496 wpa_printf(MSG_DEBUG, "Use automatic channel selection");
497 }
498 #endif /* CONFIG_ACS */
499
500 if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes,
501 wpa_s->hw.num_modes) && wpa_s->conf->country[0]) {
502 conf->ieee80211h = 1;
503 conf->ieee80211d = 1;
504 conf->country[0] = wpa_s->conf->country[0];
505 conf->country[1] = wpa_s->conf->country[1];
506 conf->country[2] = ' ';
507 }
508
509 #ifdef CONFIG_P2P
510 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
511 (ssid->mode == WPAS_MODE_P2P_GO ||
512 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
513 /* Remove 802.11b rates from supported and basic rate sets */
514 int *list = os_malloc(4 * sizeof(int));
515 if (list) {
516 list[0] = 60;
517 list[1] = 120;
518 list[2] = 240;
519 list[3] = -1;
520 }
521 conf->basic_rates = list;
522
523 list = os_malloc(9 * sizeof(int));
524 if (list) {
525 list[0] = 60;
526 list[1] = 90;
527 list[2] = 120;
528 list[3] = 180;
529 list[4] = 240;
530 list[5] = 360;
531 list[6] = 480;
532 list[7] = 540;
533 list[8] = -1;
534 }
535 conf->supported_rates = list;
536 }
537
538 #ifdef CONFIG_IEEE80211AX
539 if (ssid->mode == WPAS_MODE_P2P_GO ||
540 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
541 conf->ieee80211ax = ssid->he;
542 #endif /* CONFIG_IEEE80211AX */
543
544 bss->isolate = !wpa_s->conf->p2p_intra_bss;
545 bss->extended_key_id = wpa_s->conf->extended_key_id;
546 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
547 bss->wpa_deny_ptk0_rekey = ssid->wpa_deny_ptk0_rekey;
548
549 if (ssid->p2p_group) {
550 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4);
551 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask,
552 4);
553 os_memcpy(bss->ip_addr_start,
554 wpa_s->p2pdev->conf->ip_addr_start, 4);
555 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end,
556 4);
557 }
558 #endif /* CONFIG_P2P */
559
560 if (ssid->ssid_len == 0) {
561 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
562 return -1;
563 }
564 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
565 bss->ssid.ssid_len = ssid->ssid_len;
566 bss->ssid.ssid_set = 1;
567
568 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
569
570 if (ssid->auth_alg)
571 bss->auth_algs = ssid->auth_alg;
572
573 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
574 bss->wpa = ssid->proto;
575 if (ssid->key_mgmt == DEFAULT_KEY_MGMT)
576 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
577 else
578 bss->wpa_key_mgmt = ssid->key_mgmt;
579 bss->wpa_pairwise = ssid->pairwise_cipher;
580 if (wpa_key_mgmt_sae(bss->wpa_key_mgmt) && ssid->passphrase) {
581 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
582 } else if (ssid->psk_set) {
583 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk));
584 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
585 if (bss->ssid.wpa_psk == NULL)
586 return -1;
587 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
588 bss->ssid.wpa_psk->group = 1;
589 bss->ssid.wpa_psk_set = 1;
590 } else if (ssid->passphrase) {
591 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
592 #ifdef CONFIG_WEP
593 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
594 ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
595 struct hostapd_wep_keys *wep = &bss->ssid.wep;
596 int i;
597 for (i = 0; i < NUM_WEP_KEYS; i++) {
598 if (ssid->wep_key_len[i] == 0)
599 continue;
600 wep->key[i] = os_memdup(ssid->wep_key[i],
601 ssid->wep_key_len[i]);
602 if (wep->key[i] == NULL)
603 return -1;
604 wep->len[i] = ssid->wep_key_len[i];
605 }
606 wep->idx = ssid->wep_tx_keyidx;
607 wep->keys_set = 1;
608 #endif /* CONFIG_WEP */
609 }
610 #ifdef CONFIG_SAE
611 if (ssid->sae_password) {
612 struct sae_password_entry *pw;
613
614 pw = os_zalloc(sizeof(*pw));
615 if (!pw)
616 return -1;
617 os_memset(pw->peer_addr, 0xff, ETH_ALEN);
618 pw->password = os_strdup(ssid->sae_password);
619 if (!pw->password) {
620 os_free(pw);
621 return -1;
622 }
623 if (ssid->sae_password_id) {
624 pw->identifier = os_strdup(ssid->sae_password_id);
625 if (!pw->identifier) {
626 str_clear_free(pw->password);
627 os_free(pw);
628 return -1;
629 }
630 }
631
632 pw->next = bss->sae_passwords;
633 bss->sae_passwords = pw;
634 }
635
636 if (ssid->sae_pwe != DEFAULT_SAE_PWE)
637 bss->sae_pwe = ssid->sae_pwe;
638 else
639 bss->sae_pwe = wpa_s->conf->sae_pwe;
640 #endif /* CONFIG_SAE */
641
642 if (wpa_s->conf->go_interworking) {
643 wpa_printf(MSG_DEBUG,
644 "P2P: Enable Interworking with access_network_type: %d",
645 wpa_s->conf->go_access_network_type);
646 bss->interworking = wpa_s->conf->go_interworking;
647 bss->access_network_type = wpa_s->conf->go_access_network_type;
648 bss->internet = wpa_s->conf->go_internet;
649 if (wpa_s->conf->go_venue_group) {
650 wpa_printf(MSG_DEBUG,
651 "P2P: Venue group: %d Venue type: %d",
652 wpa_s->conf->go_venue_group,
653 wpa_s->conf->go_venue_type);
654 bss->venue_group = wpa_s->conf->go_venue_group;
655 bss->venue_type = wpa_s->conf->go_venue_type;
656 bss->venue_info_set = 1;
657 }
658 }
659
660 if (ssid->ap_max_inactivity)
661 bss->ap_max_inactivity = ssid->ap_max_inactivity;
662
663 if (ssid->dtim_period)
664 bss->dtim_period = ssid->dtim_period;
665 else if (wpa_s->conf->dtim_period)
666 bss->dtim_period = wpa_s->conf->dtim_period;
667
668 if (ssid->beacon_int)
669 conf->beacon_int = ssid->beacon_int;
670 else if (wpa_s->conf->beacon_int)
671 conf->beacon_int = wpa_s->conf->beacon_int;
672
673 #ifdef CONFIG_P2P
674 if (ssid->mode == WPAS_MODE_P2P_GO ||
675 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
676 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) {
677 wpa_printf(MSG_INFO,
678 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it",
679 wpa_s->conf->p2p_go_ctwindow,
680 conf->beacon_int);
681 conf->p2p_go_ctwindow = 0;
682 } else {
683 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow;
684 }
685 }
686 #endif /* CONFIG_P2P */
687
688 if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
689 bss->rsn_pairwise = bss->wpa_pairwise;
690 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
691 bss->rsn_pairwise);
692
693 if (bss->wpa && bss->ieee802_1x) {
694 bss->ssid.security_policy = SECURITY_WPA;
695 } else if (bss->wpa) {
696 bss->ssid.security_policy = SECURITY_WPA_PSK;
697 #ifdef CONFIG_WEP
698 } else if (bss->ieee802_1x) {
699 int cipher = WPA_CIPHER_NONE;
700 bss->ssid.security_policy = SECURITY_IEEE_802_1X;
701 bss->ssid.wep.default_len = bss->default_wep_key_len;
702 if (bss->default_wep_key_len)
703 cipher = bss->default_wep_key_len >= 13 ?
704 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
705 bss->wpa_group = cipher;
706 bss->wpa_pairwise = cipher;
707 bss->rsn_pairwise = cipher;
708 } else if (bss->ssid.wep.keys_set) {
709 int cipher = WPA_CIPHER_WEP40;
710 if (bss->ssid.wep.len[0] >= 13)
711 cipher = WPA_CIPHER_WEP104;
712 bss->ssid.security_policy = SECURITY_STATIC_WEP;
713 bss->wpa_group = cipher;
714 bss->wpa_pairwise = cipher;
715 bss->rsn_pairwise = cipher;
716 #endif /* CONFIG_WEP */
717 } else {
718 bss->ssid.security_policy = SECURITY_PLAINTEXT;
719 bss->wpa_group = WPA_CIPHER_NONE;
720 bss->wpa_pairwise = WPA_CIPHER_NONE;
721 bss->rsn_pairwise = WPA_CIPHER_NONE;
722 }
723
724 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
725 (bss->wpa_group == WPA_CIPHER_CCMP ||
726 bss->wpa_group == WPA_CIPHER_GCMP ||
727 bss->wpa_group == WPA_CIPHER_CCMP_256 ||
728 bss->wpa_group == WPA_CIPHER_GCMP_256)) {
729 /*
730 * Strong ciphers do not need frequent rekeying, so increase
731 * the default GTK rekeying period to 24 hours.
732 */
733 bss->wpa_group_rekey = 86400;
734 }
735
736 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) {
737 bss->ieee80211w = ssid->ieee80211w;
738 } else if (wpa_s->conf->pmf != MGMT_FRAME_PROTECTION_DEFAULT) {
739 if (ssid->mode == WPAS_MODE_AP)
740 bss->ieee80211w = wpa_s->conf->pmf;
741 }
742
743 #ifdef CONFIG_OCV
744 bss->ocv = ssid->ocv;
745 #endif /* CONFIG_OCV */
746
747 #ifdef CONFIG_WPS
748 /*
749 * Enable WPS by default for open and WPA/WPA2-Personal network, but
750 * require user interaction to actually use it. Only the internal
751 * Registrar is supported.
752 */
753 if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
754 bss->ssid.security_policy != SECURITY_PLAINTEXT)
755 goto no_wps;
756 if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
757 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ||
758 !(bss->wpa & 2)))
759 goto no_wps; /* WPS2 does not allow WPA/TKIP-only
760 * configuration */
761 if (ssid->wps_disabled)
762 goto no_wps;
763 bss->eap_server = 1;
764
765 if (!ssid->ignore_broadcast_ssid)
766 bss->wps_state = 2;
767
768 bss->ap_setup_locked = 2;
769 if (wpa_s->conf->config_methods)
770 bss->config_methods = os_strdup(wpa_s->conf->config_methods);
771 os_memcpy(bss->device_type, wpa_s->conf->device_type,
772 WPS_DEV_TYPE_LEN);
773 if (wpa_s->conf->device_name) {
774 bss->device_name = os_strdup(wpa_s->conf->device_name);
775 bss->friendly_name = os_strdup(wpa_s->conf->device_name);
776 }
777 if (wpa_s->conf->manufacturer)
778 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
779 if (wpa_s->conf->model_name)
780 bss->model_name = os_strdup(wpa_s->conf->model_name);
781 if (wpa_s->conf->model_number)
782 bss->model_number = os_strdup(wpa_s->conf->model_number);
783 if (wpa_s->conf->serial_number)
784 bss->serial_number = os_strdup(wpa_s->conf->serial_number);
785 if (is_nil_uuid(wpa_s->conf->uuid))
786 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
787 else
788 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
789 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
790 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
791 if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE)
792 bss->fragment_size = ssid->eap.fragment_size;
793 no_wps:
794 #endif /* CONFIG_WPS */
795
796 if (wpa_s->max_stations &&
797 wpa_s->max_stations < wpa_s->conf->max_num_sta)
798 bss->max_num_sta = wpa_s->max_stations;
799 else
800 bss->max_num_sta = wpa_s->conf->max_num_sta;
801
802 if (!bss->isolate)
803 bss->isolate = wpa_s->conf->ap_isolate;
804
805 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
806
807 if (wpa_s->conf->ap_vendor_elements) {
808 bss->vendor_elements =
809 wpabuf_dup(wpa_s->conf->ap_vendor_elements);
810 }
811 if (wpa_s->conf->ap_assocresp_elements) {
812 bss->assocresp_elements =
813 wpabuf_dup(wpa_s->conf->ap_assocresp_elements);
814 }
815
816 bss->ftm_responder = wpa_s->conf->ftm_responder;
817 bss->ftm_initiator = wpa_s->conf->ftm_initiator;
818
819 bss->transition_disable = ssid->transition_disable;
820
821 return 0;
822 }
823
824
ap_public_action_rx(void * ctx,const u8 * buf,size_t len,int freq)825 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
826 {
827 #ifdef CONFIG_P2P
828 struct wpa_supplicant *wpa_s = ctx;
829 const struct ieee80211_mgmt *mgmt;
830
831 mgmt = (const struct ieee80211_mgmt *) buf;
832 if (len < IEEE80211_HDRLEN + 1)
833 return;
834 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
835 return;
836 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
837 mgmt->u.action.category,
838 buf + IEEE80211_HDRLEN + 1,
839 len - IEEE80211_HDRLEN - 1, freq);
840 #endif /* CONFIG_P2P */
841 }
842
843
ap_wps_event_cb(void * ctx,enum wps_event event,union wps_event_data * data)844 static void ap_wps_event_cb(void *ctx, enum wps_event event,
845 union wps_event_data *data)
846 {
847 #ifdef CONFIG_P2P
848 struct wpa_supplicant *wpa_s = ctx;
849
850 if (event == WPS_EV_FAIL) {
851 struct wps_event_fail *fail = &data->fail;
852
853 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s &&
854 wpa_s == wpa_s->global->p2p_group_formation) {
855 /*
856 * src/ap/wps_hostapd.c has already sent this on the
857 * main interface, so only send on the parent interface
858 * here if needed.
859 */
860 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL
861 "msg=%d config_error=%d",
862 fail->msg, fail->config_error);
863 }
864 wpas_p2p_wps_failed(wpa_s, fail);
865 }
866 #endif /* CONFIG_P2P */
867 }
868
869
ap_sta_authorized_cb(void * ctx,const u8 * mac_addr,int authorized,const u8 * p2p_dev_addr,const u8 * ip)870 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
871 int authorized, const u8 *p2p_dev_addr, const u8 *ip)
872 {
873 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr, ip);
874 }
875
876
877 #ifdef CONFIG_P2P
ap_new_psk_cb(void * ctx,const u8 * mac_addr,const u8 * p2p_dev_addr,const u8 * psk,size_t psk_len)878 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
879 const u8 *psk, size_t psk_len)
880 {
881
882 struct wpa_supplicant *wpa_s = ctx;
883 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
884 return;
885 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
886 }
887 #endif /* CONFIG_P2P */
888
889
ap_vendor_action_rx(void * ctx,const u8 * buf,size_t len,int freq)890 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
891 {
892 #ifdef CONFIG_P2P
893 struct wpa_supplicant *wpa_s = ctx;
894 const struct ieee80211_mgmt *mgmt;
895
896 mgmt = (const struct ieee80211_mgmt *) buf;
897 if (len < IEEE80211_HDRLEN + 1)
898 return -1;
899 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
900 mgmt->u.action.category,
901 buf + IEEE80211_HDRLEN + 1,
902 len - IEEE80211_HDRLEN - 1, freq);
903 #endif /* CONFIG_P2P */
904 return 0;
905 }
906
907
ap_probe_req_rx(void * ctx,const u8 * sa,const u8 * da,const u8 * bssid,const u8 * ie,size_t ie_len,int ssi_signal)908 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
909 const u8 *bssid, const u8 *ie, size_t ie_len,
910 int ssi_signal)
911 {
912 struct wpa_supplicant *wpa_s = ctx;
913 unsigned int freq = 0;
914
915 if (wpa_s->ap_iface)
916 freq = wpa_s->ap_iface->freq;
917
918 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
919 freq, ssi_signal);
920 }
921
922
ap_wps_reg_success_cb(void * ctx,const u8 * mac_addr,const u8 * uuid_e)923 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
924 const u8 *uuid_e)
925 {
926 struct wpa_supplicant *wpa_s = ctx;
927 wpas_p2p_wps_success(wpa_s, mac_addr, 1);
928 }
929
930
wpas_ap_configured_cb(void * ctx)931 static void wpas_ap_configured_cb(void *ctx)
932 {
933 struct wpa_supplicant *wpa_s = ctx;
934
935 wpa_printf(MSG_DEBUG, "AP interface setup completed - state %s",
936 hostapd_state_text(wpa_s->ap_iface->state));
937 if (wpa_s->ap_iface->state == HAPD_IFACE_DISABLED) {
938 wpa_supplicant_ap_deinit(wpa_s);
939 return;
940 }
941
942 if (wpa_s->current_ssid) {
943 int acs = 0;
944
945 #ifdef CONFIG_ACS
946 acs = wpa_s->current_ssid->acs;
947 #endif /* CONFIG_ACS */
948 if (acs || (wpa_s->assoc_freq && wpa_s->ap_iface->freq &&
949 (int) wpa_s->assoc_freq != wpa_s->ap_iface->freq)) {
950 wpa_s->assoc_freq = wpa_s->ap_iface->freq;
951 wpa_s->current_ssid->frequency = wpa_s->ap_iface->freq;
952 }
953 }
954
955 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
956
957 if (wpa_s->ap_configured_cb)
958 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
959 wpa_s->ap_configured_cb_data);
960 }
961
962
wpa_supplicant_create_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)963 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
964 struct wpa_ssid *ssid)
965 {
966 struct wpa_driver_associate_params params;
967 struct hostapd_iface *hapd_iface;
968 struct hostapd_config *conf;
969 size_t i;
970
971 if (ssid->ssid == NULL || ssid->ssid_len == 0) {
972 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
973 return -1;
974 }
975
976 wpa_supplicant_ap_deinit(wpa_s);
977
978 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
979 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
980
981 os_memset(¶ms, 0, sizeof(params));
982 params.ssid = ssid->ssid;
983 params.ssid_len = ssid->ssid_len;
984 switch (ssid->mode) {
985 case WPAS_MODE_AP:
986 case WPAS_MODE_P2P_GO:
987 case WPAS_MODE_P2P_GROUP_FORMATION:
988 params.mode = IEEE80211_MODE_AP;
989 break;
990 default:
991 return -1;
992 }
993 if (ssid->frequency == 0)
994 ssid->frequency = 2462; /* default channel 11 */
995 params.freq.freq = ssid->frequency;
996
997 if ((ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO) &&
998 ssid->enable_edmg) {
999 u8 primary_channel;
1000
1001 if (ieee80211_freq_to_chan(ssid->frequency, &primary_channel) ==
1002 NUM_HOSTAPD_MODES) {
1003 wpa_printf(MSG_WARNING,
1004 "EDMG: Failed to get the primary channel");
1005 return -1;
1006 }
1007
1008 hostapd_encode_edmg_chan(ssid->enable_edmg, ssid->edmg_channel,
1009 primary_channel, ¶ms.freq.edmg);
1010 }
1011
1012 params.wpa_proto = ssid->proto;
1013 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1014 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1015 else if (ssid->key_mgmt & WPA_KEY_MGMT_SAE)
1016 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1017 else
1018 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
1019 params.key_mgmt_suite = wpa_s->key_mgmt;
1020
1021 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
1022 1);
1023 if (wpa_s->pairwise_cipher < 0) {
1024 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
1025 "cipher.");
1026 return -1;
1027 }
1028 params.pairwise_suite = wpa_s->pairwise_cipher;
1029 params.group_suite = params.pairwise_suite;
1030
1031 #ifdef CONFIG_P2P
1032 if (ssid->mode == WPAS_MODE_P2P_GO ||
1033 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1034 params.p2p = 1;
1035 #endif /* CONFIG_P2P */
1036
1037 if (wpa_s->p2pdev->set_ap_uapsd)
1038 params.uapsd = wpa_s->p2pdev->ap_uapsd;
1039 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
1040 params.uapsd = 1; /* mandatory for P2P GO */
1041 else
1042 params.uapsd = -1;
1043
1044 if (ieee80211_is_dfs(params.freq.freq, wpa_s->hw.modes,
1045 wpa_s->hw.num_modes))
1046 params.freq.freq = 0; /* set channel after CAC */
1047
1048 if (params.p2p)
1049 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO);
1050 else
1051 wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS);
1052
1053 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
1054 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
1055 return -1;
1056 }
1057
1058 wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface();
1059 if (hapd_iface == NULL)
1060 return -1;
1061 hapd_iface->owner = wpa_s;
1062 hapd_iface->drv_flags = wpa_s->drv_flags;
1063 hapd_iface->drv_flags2 = wpa_s->drv_flags2;
1064 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
1065 hapd_iface->extended_capa = wpa_s->extended_capa;
1066 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
1067 hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
1068 hapd_iface->drv_max_acl_mac_addrs = wpa_s->drv_max_acl_mac_addrs;
1069
1070 wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
1071 if (conf == NULL) {
1072 wpa_supplicant_ap_deinit(wpa_s);
1073 return -1;
1074 }
1075
1076 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
1077 wpa_s->conf->wmm_ac_params,
1078 sizeof(wpa_s->conf->wmm_ac_params));
1079
1080 os_memcpy(wpa_s->ap_iface->conf->tx_queue, wpa_s->conf->tx_queue,
1081 sizeof(wpa_s->conf->tx_queue));
1082
1083 if (params.uapsd > 0) {
1084 conf->bss[0]->wmm_enabled = 1;
1085 conf->bss[0]->wmm_uapsd = 1;
1086 }
1087
1088 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
1089 wpa_printf(MSG_ERROR, "Failed to create AP configuration");
1090 wpa_supplicant_ap_deinit(wpa_s);
1091 return -1;
1092 }
1093
1094 #ifdef CONFIG_P2P
1095 if (ssid->mode == WPAS_MODE_P2P_GO)
1096 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1097 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1098 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1099 P2P_GROUP_FORMATION;
1100 #endif /* CONFIG_P2P */
1101
1102 hapd_iface->num_bss = conf->num_bss;
1103 hapd_iface->bss = os_calloc(conf->num_bss,
1104 sizeof(struct hostapd_data *));
1105 if (hapd_iface->bss == NULL) {
1106 wpa_supplicant_ap_deinit(wpa_s);
1107 return -1;
1108 }
1109
1110 for (i = 0; i < conf->num_bss; i++) {
1111 hapd_iface->bss[i] =
1112 hostapd_alloc_bss_data(hapd_iface, conf,
1113 conf->bss[i]);
1114 if (hapd_iface->bss[i] == NULL) {
1115 wpa_supplicant_ap_deinit(wpa_s);
1116 return -1;
1117 }
1118
1119 hapd_iface->bss[i]->msg_ctx = wpa_s;
1120 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev;
1121 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
1122 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
1123 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
1124 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
1125 hostapd_register_probereq_cb(hapd_iface->bss[i],
1126 ap_probe_req_rx, wpa_s);
1127 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
1128 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
1129 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
1130 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
1131 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
1132 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
1133 #ifdef CONFIG_P2P
1134 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
1135 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
1136 hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
1137 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
1138 ssid);
1139 #endif /* CONFIG_P2P */
1140 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
1141 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
1142 #ifdef CONFIG_TESTING_OPTIONS
1143 hapd_iface->bss[i]->ext_eapol_frame_io =
1144 wpa_s->ext_eapol_frame_io;
1145 #endif /* CONFIG_TESTING_OPTIONS */
1146
1147 #ifdef CONFIG_WNM_AP
1148 if (ssid->mode == WPAS_MODE_AP)
1149 hapd_iface->bss[i]->conf->bss_transition = 1;
1150 #endif /* CONFIG_WNM_AP */
1151 }
1152
1153 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
1154 hapd_iface->bss[0]->driver = wpa_s->driver;
1155 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
1156
1157 wpa_s->current_ssid = ssid;
1158 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1159 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
1160 wpa_s->assoc_freq = ssid->frequency;
1161 wpa_s->ap_iface->conf->enable_edmg = ssid->enable_edmg;
1162 wpa_s->ap_iface->conf->edmg_channel = ssid->edmg_channel;
1163
1164 #if defined(CONFIG_P2P) && defined(CONFIG_ACS)
1165 if (wpa_s->p2p_go_do_acs) {
1166 wpa_s->ap_iface->conf->channel = 0;
1167 wpa_s->ap_iface->conf->hw_mode = wpa_s->p2p_go_acs_band;
1168 ssid->acs = 1;
1169 }
1170 #endif /* CONFIG_P2P && CONFIG_ACS */
1171
1172 if (hostapd_setup_interface(wpa_s->ap_iface)) {
1173 wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
1174 wpa_supplicant_ap_deinit(wpa_s);
1175 return -1;
1176 }
1177
1178 return 0;
1179 }
1180
1181
wpa_supplicant_ap_deinit(struct wpa_supplicant * wpa_s)1182 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
1183 {
1184 #ifdef CONFIG_WPS
1185 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
1186 #endif /* CONFIG_WPS */
1187
1188 if (wpa_s->ap_iface == NULL)
1189 return;
1190
1191 wpa_s->current_ssid = NULL;
1192 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1193 wpa_s->assoc_freq = 0;
1194 wpas_p2p_ap_deinit(wpa_s);
1195 wpa_s->ap_iface->driver_ap_teardown =
1196 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
1197
1198 hostapd_interface_deinit(wpa_s->ap_iface);
1199 hostapd_interface_free(wpa_s->ap_iface);
1200 wpa_s->ap_iface = NULL;
1201 wpa_drv_deinit_ap(wpa_s);
1202 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR
1203 " reason=%d locally_generated=1",
1204 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING);
1205 }
1206
1207
ap_tx_status(void * ctx,const u8 * addr,const u8 * buf,size_t len,int ack)1208 void ap_tx_status(void *ctx, const u8 *addr,
1209 const u8 *buf, size_t len, int ack)
1210 {
1211 #ifdef NEED_AP_MLME
1212 struct wpa_supplicant *wpa_s = ctx;
1213 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
1214 #endif /* NEED_AP_MLME */
1215 }
1216
1217
ap_eapol_tx_status(void * ctx,const u8 * dst,const u8 * data,size_t len,int ack)1218 void ap_eapol_tx_status(void *ctx, const u8 *dst,
1219 const u8 *data, size_t len, int ack)
1220 {
1221 #ifdef NEED_AP_MLME
1222 struct wpa_supplicant *wpa_s = ctx;
1223 if (!wpa_s->ap_iface)
1224 return;
1225 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
1226 #endif /* NEED_AP_MLME */
1227 }
1228
1229
ap_client_poll_ok(void * ctx,const u8 * addr)1230 void ap_client_poll_ok(void *ctx, const u8 *addr)
1231 {
1232 #ifdef NEED_AP_MLME
1233 struct wpa_supplicant *wpa_s = ctx;
1234 if (wpa_s->ap_iface)
1235 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
1236 #endif /* NEED_AP_MLME */
1237 }
1238
1239
ap_rx_from_unknown_sta(void * ctx,const u8 * addr,int wds)1240 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
1241 {
1242 #ifdef NEED_AP_MLME
1243 struct wpa_supplicant *wpa_s = ctx;
1244 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
1245 #endif /* NEED_AP_MLME */
1246 }
1247
1248
ap_mgmt_rx(void * ctx,struct rx_mgmt * rx_mgmt)1249 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
1250 {
1251 #ifdef NEED_AP_MLME
1252 struct wpa_supplicant *wpa_s = ctx;
1253 struct hostapd_frame_info fi;
1254 os_memset(&fi, 0, sizeof(fi));
1255 fi.freq = rx_mgmt->freq;
1256 fi.datarate = rx_mgmt->datarate;
1257 fi.ssi_signal = rx_mgmt->ssi_signal;
1258 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
1259 rx_mgmt->frame_len, &fi);
1260 #endif /* NEED_AP_MLME */
1261 }
1262
1263
ap_mgmt_tx_cb(void * ctx,const u8 * buf,size_t len,u16 stype,int ok)1264 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
1265 {
1266 #ifdef NEED_AP_MLME
1267 struct wpa_supplicant *wpa_s = ctx;
1268 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
1269 #endif /* NEED_AP_MLME */
1270 }
1271
1272
wpa_supplicant_ap_rx_eapol(struct wpa_supplicant * wpa_s,const u8 * src_addr,const u8 * buf,size_t len,enum frame_encryption encrypted)1273 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
1274 const u8 *src_addr, const u8 *buf, size_t len,
1275 enum frame_encryption encrypted)
1276 {
1277 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len,
1278 encrypted);
1279 }
1280
1281
1282 #ifdef CONFIG_WPS
1283
wpa_supplicant_ap_wps_pbc(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * p2p_dev_addr)1284 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
1285 const u8 *p2p_dev_addr)
1286 {
1287 if (!wpa_s->ap_iface)
1288 return -1;
1289 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
1290 p2p_dev_addr);
1291 }
1292
1293
wpa_supplicant_ap_wps_cancel(struct wpa_supplicant * wpa_s)1294 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
1295 {
1296 struct wps_registrar *reg;
1297 int reg_sel = 0, wps_sta = 0;
1298
1299 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
1300 return -1;
1301
1302 reg = wpa_s->ap_iface->bss[0]->wps->registrar;
1303 reg_sel = wps_registrar_wps_cancel(reg);
1304 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
1305 ap_sta_wps_cancel, NULL);
1306
1307 if (!reg_sel && !wps_sta) {
1308 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
1309 "time");
1310 return -1;
1311 }
1312
1313 /*
1314 * There are 2 cases to return wps cancel as success:
1315 * 1. When wps cancel was initiated but no connection has been
1316 * established with client yet.
1317 * 2. Client is in the middle of exchanging WPS messages.
1318 */
1319
1320 return 0;
1321 }
1322
1323
wpa_supplicant_ap_wps_pin(struct wpa_supplicant * wpa_s,const u8 * bssid,const char * pin,char * buf,size_t buflen,int timeout)1324 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
1325 const char *pin, char *buf, size_t buflen,
1326 int timeout)
1327 {
1328 int ret, ret_len = 0;
1329
1330 if (!wpa_s->ap_iface)
1331 return -1;
1332
1333 if (pin == NULL) {
1334 unsigned int rpin;
1335
1336 if (wps_generate_pin(&rpin) < 0)
1337 return -1;
1338 ret_len = os_snprintf(buf, buflen, "%08d", rpin);
1339 if (os_snprintf_error(buflen, ret_len))
1340 return -1;
1341 pin = buf;
1342 } else if (buf) {
1343 ret_len = os_snprintf(buf, buflen, "%s", pin);
1344 if (os_snprintf_error(buflen, ret_len))
1345 return -1;
1346 }
1347
1348 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
1349 timeout);
1350 if (ret)
1351 return -1;
1352 return ret_len;
1353 }
1354
1355
wpas_wps_ap_pin_timeout(void * eloop_data,void * user_ctx)1356 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
1357 {
1358 struct wpa_supplicant *wpa_s = eloop_data;
1359 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
1360 wpas_wps_ap_pin_disable(wpa_s);
1361 }
1362
1363
wpas_wps_ap_pin_enable(struct wpa_supplicant * wpa_s,int timeout)1364 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
1365 {
1366 struct hostapd_data *hapd;
1367
1368 if (wpa_s->ap_iface == NULL)
1369 return;
1370 hapd = wpa_s->ap_iface->bss[0];
1371 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
1372 hapd->ap_pin_failures = 0;
1373 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
1374 if (timeout > 0)
1375 eloop_register_timeout(timeout, 0,
1376 wpas_wps_ap_pin_timeout, wpa_s, NULL);
1377 }
1378
1379
wpas_wps_ap_pin_disable(struct wpa_supplicant * wpa_s)1380 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
1381 {
1382 struct hostapd_data *hapd;
1383
1384 if (wpa_s->ap_iface == NULL)
1385 return;
1386 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
1387 hapd = wpa_s->ap_iface->bss[0];
1388 os_free(hapd->conf->ap_pin);
1389 hapd->conf->ap_pin = NULL;
1390 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
1391 }
1392
1393
wpas_wps_ap_pin_random(struct wpa_supplicant * wpa_s,int timeout)1394 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
1395 {
1396 struct hostapd_data *hapd;
1397 unsigned int pin;
1398 char pin_txt[9];
1399
1400 if (wpa_s->ap_iface == NULL)
1401 return NULL;
1402 hapd = wpa_s->ap_iface->bss[0];
1403 if (wps_generate_pin(&pin) < 0)
1404 return NULL;
1405 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
1406 os_free(hapd->conf->ap_pin);
1407 hapd->conf->ap_pin = os_strdup(pin_txt);
1408 if (hapd->conf->ap_pin == NULL)
1409 return NULL;
1410 wpas_wps_ap_pin_enable(wpa_s, timeout);
1411
1412 return hapd->conf->ap_pin;
1413 }
1414
1415
wpas_wps_ap_pin_get(struct wpa_supplicant * wpa_s)1416 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
1417 {
1418 struct hostapd_data *hapd;
1419 if (wpa_s->ap_iface == NULL)
1420 return NULL;
1421 hapd = wpa_s->ap_iface->bss[0];
1422 return hapd->conf->ap_pin;
1423 }
1424
1425
wpas_wps_ap_pin_set(struct wpa_supplicant * wpa_s,const char * pin,int timeout)1426 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
1427 int timeout)
1428 {
1429 struct hostapd_data *hapd;
1430 char pin_txt[9];
1431 int ret;
1432
1433 if (wpa_s->ap_iface == NULL)
1434 return -1;
1435 hapd = wpa_s->ap_iface->bss[0];
1436 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
1437 if (os_snprintf_error(sizeof(pin_txt), ret))
1438 return -1;
1439 os_free(hapd->conf->ap_pin);
1440 hapd->conf->ap_pin = os_strdup(pin_txt);
1441 if (hapd->conf->ap_pin == NULL)
1442 return -1;
1443 wpas_wps_ap_pin_enable(wpa_s, timeout);
1444
1445 return 0;
1446 }
1447
1448
wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant * wpa_s)1449 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
1450 {
1451 struct hostapd_data *hapd;
1452
1453 if (wpa_s->ap_iface == NULL)
1454 return;
1455 hapd = wpa_s->ap_iface->bss[0];
1456
1457 /*
1458 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
1459 * PIN if this happens multiple times to slow down brute force attacks.
1460 */
1461 hapd->ap_pin_failures++;
1462 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
1463 hapd->ap_pin_failures);
1464 if (hapd->ap_pin_failures < 3)
1465 return;
1466
1467 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
1468 hapd->ap_pin_failures = 0;
1469 os_free(hapd->conf->ap_pin);
1470 hapd->conf->ap_pin = NULL;
1471 }
1472
1473
1474 #ifdef CONFIG_WPS_NFC
1475
wpas_ap_wps_nfc_config_token(struct wpa_supplicant * wpa_s,int ndef)1476 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
1477 int ndef)
1478 {
1479 struct hostapd_data *hapd;
1480
1481 if (wpa_s->ap_iface == NULL)
1482 return NULL;
1483 hapd = wpa_s->ap_iface->bss[0];
1484 return hostapd_wps_nfc_config_token(hapd, ndef);
1485 }
1486
1487
wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant * wpa_s,int ndef)1488 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
1489 int ndef)
1490 {
1491 struct hostapd_data *hapd;
1492
1493 if (wpa_s->ap_iface == NULL)
1494 return NULL;
1495 hapd = wpa_s->ap_iface->bss[0];
1496 return hostapd_wps_nfc_hs_cr(hapd, ndef);
1497 }
1498
1499
wpas_ap_wps_nfc_report_handover(struct wpa_supplicant * wpa_s,const struct wpabuf * req,const struct wpabuf * sel)1500 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
1501 const struct wpabuf *req,
1502 const struct wpabuf *sel)
1503 {
1504 struct hostapd_data *hapd;
1505
1506 if (wpa_s->ap_iface == NULL)
1507 return -1;
1508 hapd = wpa_s->ap_iface->bss[0];
1509 return hostapd_wps_nfc_report_handover(hapd, req, sel);
1510 }
1511
1512 #endif /* CONFIG_WPS_NFC */
1513
1514 #endif /* CONFIG_WPS */
1515
1516
1517 #ifdef CONFIG_CTRL_IFACE
1518
ap_ctrl_iface_sta_first(struct wpa_supplicant * wpa_s,char * buf,size_t buflen)1519 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
1520 char *buf, size_t buflen)
1521 {
1522 struct hostapd_data *hapd;
1523
1524 if (wpa_s->ap_iface)
1525 hapd = wpa_s->ap_iface->bss[0];
1526 else if (wpa_s->ifmsh)
1527 hapd = wpa_s->ifmsh->bss[0];
1528 else
1529 return -1;
1530 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen);
1531 }
1532
1533
ap_ctrl_iface_sta(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)1534 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
1535 char *buf, size_t buflen)
1536 {
1537 struct hostapd_data *hapd;
1538
1539 if (wpa_s->ap_iface)
1540 hapd = wpa_s->ap_iface->bss[0];
1541 else if (wpa_s->ifmsh)
1542 hapd = wpa_s->ifmsh->bss[0];
1543 else
1544 return -1;
1545 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen);
1546 }
1547
1548
ap_ctrl_iface_sta_next(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)1549 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
1550 char *buf, size_t buflen)
1551 {
1552 struct hostapd_data *hapd;
1553
1554 if (wpa_s->ap_iface)
1555 hapd = wpa_s->ap_iface->bss[0];
1556 else if (wpa_s->ifmsh)
1557 hapd = wpa_s->ifmsh->bss[0];
1558 else
1559 return -1;
1560 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen);
1561 }
1562
1563
ap_ctrl_iface_sta_disassociate(struct wpa_supplicant * wpa_s,const char * txtaddr)1564 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
1565 const char *txtaddr)
1566 {
1567 if (wpa_s->ap_iface == NULL)
1568 return -1;
1569 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
1570 txtaddr);
1571 }
1572
1573
ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant * wpa_s,const char * txtaddr)1574 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
1575 const char *txtaddr)
1576 {
1577 if (wpa_s->ap_iface == NULL)
1578 return -1;
1579 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
1580 txtaddr);
1581 }
1582
1583
ap_ctrl_iface_wpa_get_status(struct wpa_supplicant * wpa_s,char * buf,size_t buflen,int verbose)1584 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
1585 size_t buflen, int verbose)
1586 {
1587 char *pos = buf, *end = buf + buflen;
1588 int ret;
1589 struct hostapd_bss_config *conf;
1590
1591 if (wpa_s->ap_iface == NULL)
1592 return -1;
1593
1594 conf = wpa_s->ap_iface->bss[0]->conf;
1595 if (conf->wpa == 0)
1596 return 0;
1597
1598 ret = os_snprintf(pos, end - pos,
1599 "pairwise_cipher=%s\n"
1600 "group_cipher=%s\n"
1601 "key_mgmt=%s\n",
1602 wpa_cipher_txt(conf->rsn_pairwise),
1603 wpa_cipher_txt(conf->wpa_group),
1604 wpa_key_mgmt_txt(conf->wpa_key_mgmt,
1605 conf->wpa));
1606 if (os_snprintf_error(end - pos, ret))
1607 return pos - buf;
1608 pos += ret;
1609 return pos - buf;
1610 }
1611
1612
1613 #ifdef CONFIG_WNM_AP
1614
ap_ctrl_iface_disassoc_imminent(struct wpa_supplicant * wpa_s,const char * buf)1615 int ap_ctrl_iface_disassoc_imminent(struct wpa_supplicant *wpa_s,
1616 const char *buf)
1617 {
1618 struct hostapd_data *hapd;
1619
1620 if (wpa_s->ap_iface)
1621 hapd = wpa_s->ap_iface->bss[0];
1622 else
1623 return -1;
1624 return hostapd_ctrl_iface_disassoc_imminent(hapd, buf);
1625 }
1626
1627
ap_ctrl_iface_ess_disassoc(struct wpa_supplicant * wpa_s,const char * buf)1628 int ap_ctrl_iface_ess_disassoc(struct wpa_supplicant *wpa_s, const char *buf)
1629 {
1630 struct hostapd_data *hapd;
1631
1632 if (wpa_s->ap_iface)
1633 hapd = wpa_s->ap_iface->bss[0];
1634 else
1635 return -1;
1636 return hostapd_ctrl_iface_ess_disassoc(hapd, buf);
1637 }
1638
1639
ap_ctrl_iface_bss_tm_req(struct wpa_supplicant * wpa_s,const char * buf)1640 int ap_ctrl_iface_bss_tm_req(struct wpa_supplicant *wpa_s, const char *buf)
1641 {
1642 struct hostapd_data *hapd;
1643
1644 if (wpa_s->ap_iface)
1645 hapd = wpa_s->ap_iface->bss[0];
1646 else
1647 return -1;
1648 return hostapd_ctrl_iface_bss_tm_req(hapd, buf);
1649 }
1650
1651 #endif /* CONFIG_WNM_AP */
1652
1653
ap_ctrl_iface_acl_add_mac(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type,const char * buf)1654 int ap_ctrl_iface_acl_add_mac(struct wpa_supplicant *wpa_s,
1655 enum macaddr_acl acl_type,
1656 const char *buf)
1657 {
1658 struct hostapd_data *hapd;
1659
1660 if (wpa_s->ap_iface)
1661 hapd = wpa_s->ap_iface->bss[0];
1662 else
1663 return -1;
1664
1665 hapd->conf->macaddr_acl = acl_type;
1666
1667 if (acl_type == ACCEPT_UNLESS_DENIED)
1668 return hostapd_ctrl_iface_acl_add_mac(&hapd->conf->deny_mac,
1669 &hapd->conf->num_deny_mac,
1670 buf);
1671 if (acl_type == DENY_UNLESS_ACCEPTED)
1672 return hostapd_ctrl_iface_acl_add_mac(
1673 &hapd->conf->accept_mac,
1674 &hapd->conf->num_accept_mac, buf);
1675
1676 return -1;
1677 }
1678
1679
ap_ctrl_iface_acl_del_mac(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type,const char * buf)1680 int ap_ctrl_iface_acl_del_mac(struct wpa_supplicant *wpa_s,
1681 enum macaddr_acl acl_type,
1682 const char *buf)
1683 {
1684 struct hostapd_data *hapd;
1685
1686 if (wpa_s->ap_iface)
1687 hapd = wpa_s->ap_iface->bss[0];
1688 else
1689 return -1;
1690
1691 hapd->conf->macaddr_acl = acl_type;
1692
1693 if (acl_type == ACCEPT_UNLESS_DENIED)
1694 return hostapd_ctrl_iface_acl_del_mac(&hapd->conf->deny_mac,
1695 &hapd->conf->num_deny_mac,
1696 buf);
1697 if (acl_type == DENY_UNLESS_ACCEPTED)
1698 return hostapd_ctrl_iface_acl_del_mac(
1699 &hapd->conf->accept_mac, &hapd->conf->num_accept_mac,
1700 buf);
1701
1702 return -1;
1703 }
1704
1705
ap_ctrl_iface_acl_show_mac(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type,char * buf,size_t buflen)1706 int ap_ctrl_iface_acl_show_mac(struct wpa_supplicant *wpa_s,
1707 enum macaddr_acl acl_type, char *buf,
1708 size_t buflen)
1709 {
1710 struct hostapd_data *hapd;
1711
1712 if (wpa_s->ap_iface)
1713 hapd = wpa_s->ap_iface->bss[0];
1714 else
1715 return -1;
1716
1717 if (acl_type == ACCEPT_UNLESS_DENIED)
1718 return hostapd_ctrl_iface_acl_show_mac(hapd->conf->deny_mac,
1719 hapd->conf->num_deny_mac,
1720 buf, buflen);
1721 if (acl_type == DENY_UNLESS_ACCEPTED)
1722 return hostapd_ctrl_iface_acl_show_mac(
1723 hapd->conf->accept_mac, hapd->conf->num_accept_mac,
1724 buf, buflen);
1725
1726 return -1;
1727 }
1728
1729
ap_ctrl_iface_acl_clear_list(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type)1730 void ap_ctrl_iface_acl_clear_list(struct wpa_supplicant *wpa_s,
1731 enum macaddr_acl acl_type)
1732 {
1733 struct hostapd_data *hapd;
1734
1735 if (wpa_s->ap_iface)
1736 hapd = wpa_s->ap_iface->bss[0];
1737 else
1738 return;
1739
1740 hapd->conf->macaddr_acl = acl_type;
1741
1742 if (acl_type == ACCEPT_UNLESS_DENIED)
1743 hostapd_ctrl_iface_acl_clear_list(&hapd->conf->deny_mac,
1744 &hapd->conf->num_deny_mac);
1745 else if (acl_type == DENY_UNLESS_ACCEPTED)
1746 hostapd_ctrl_iface_acl_clear_list(&hapd->conf->accept_mac,
1747 &hapd->conf->num_accept_mac);
1748 }
1749
1750
ap_ctrl_iface_disassoc_deny_mac(struct wpa_supplicant * wpa_s)1751 int ap_ctrl_iface_disassoc_deny_mac(struct wpa_supplicant *wpa_s)
1752 {
1753 struct hostapd_data *hapd;
1754
1755 if (wpa_s->ap_iface)
1756 hapd = wpa_s->ap_iface->bss[0];
1757 else
1758 return -1;
1759
1760 return hostapd_disassoc_deny_mac(hapd);
1761 }
1762
1763
ap_ctrl_iface_disassoc_accept_mac(struct wpa_supplicant * wpa_s)1764 int ap_ctrl_iface_disassoc_accept_mac(struct wpa_supplicant *wpa_s)
1765 {
1766 struct hostapd_data *hapd;
1767
1768 if (wpa_s->ap_iface)
1769 hapd = wpa_s->ap_iface->bss[0];
1770 else
1771 return -1;
1772
1773 return hostapd_disassoc_accept_mac(hapd);
1774 }
1775
1776
ap_ctrl_iface_set_acl(struct wpa_supplicant * wpa_s)1777 int ap_ctrl_iface_set_acl(struct wpa_supplicant *wpa_s)
1778 {
1779 struct hostapd_data *hapd;
1780
1781 if (wpa_s->ap_iface)
1782 hapd = wpa_s->ap_iface->bss[0];
1783 else
1784 return -1;
1785
1786 return hostapd_set_acl(hapd);
1787 }
1788
1789 #endif /* CONFIG_CTRL_IFACE */
1790
1791
wpa_supplicant_ap_update_beacon(struct wpa_supplicant * wpa_s)1792 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
1793 {
1794 struct hostapd_iface *iface = wpa_s->ap_iface;
1795 struct wpa_ssid *ssid = wpa_s->current_ssid;
1796 struct hostapd_data *hapd;
1797
1798 if (ssid == NULL || wpa_s->ap_iface == NULL ||
1799 ssid->mode == WPAS_MODE_INFRA ||
1800 ssid->mode == WPAS_MODE_IBSS)
1801 return -1;
1802
1803 #ifdef CONFIG_P2P
1804 if (ssid->mode == WPAS_MODE_P2P_GO)
1805 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1806 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1807 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1808 P2P_GROUP_FORMATION;
1809 #endif /* CONFIG_P2P */
1810
1811 hapd = iface->bss[0];
1812 if (hapd->drv_priv == NULL)
1813 return -1;
1814 ieee802_11_set_beacons(iface);
1815 hostapd_set_ap_wps_ie(hapd);
1816
1817 return 0;
1818 }
1819
1820
ap_switch_channel(struct wpa_supplicant * wpa_s,struct csa_settings * settings)1821 int ap_switch_channel(struct wpa_supplicant *wpa_s,
1822 struct csa_settings *settings)
1823 {
1824 #ifdef NEED_AP_MLME
1825 struct hostapd_iface *iface = NULL;
1826
1827 if (wpa_s->ap_iface)
1828 iface = wpa_s->ap_iface;
1829 else if (wpa_s->ifmsh)
1830 iface = wpa_s->ifmsh;
1831
1832 if (!iface || !iface->bss[0])
1833 return -1;
1834
1835 return hostapd_switch_channel(iface->bss[0], settings);
1836 #else /* NEED_AP_MLME */
1837 return -1;
1838 #endif /* NEED_AP_MLME */
1839 }
1840
1841
1842 #ifdef CONFIG_CTRL_IFACE
ap_ctrl_iface_chanswitch(struct wpa_supplicant * wpa_s,const char * pos)1843 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
1844 {
1845 struct csa_settings settings;
1846 int ret = hostapd_parse_csa_settings(pos, &settings);
1847
1848 if (ret)
1849 return ret;
1850
1851 return ap_switch_channel(wpa_s, &settings);
1852 }
1853 #endif /* CONFIG_CTRL_IFACE */
1854
1855
wpas_ap_ch_switch(struct wpa_supplicant * wpa_s,int freq,int ht,int offset,int width,int cf1,int cf2,u16 punct_bitmap,int finished)1856 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
1857 int offset, int width, int cf1, int cf2,
1858 u16 punct_bitmap, int finished)
1859 {
1860 struct hostapd_iface *iface = wpa_s->ap_iface;
1861
1862 if (!iface)
1863 iface = wpa_s->ifmsh;
1864 if (!iface)
1865 return;
1866 wpa_s->assoc_freq = freq;
1867 if (wpa_s->current_ssid)
1868 wpa_s->current_ssid->frequency = freq;
1869 hostapd_event_ch_switch(iface->bss[0], freq, ht,
1870 offset, width, cf1, cf2, punct_bitmap,
1871 finished);
1872 }
1873
1874
wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant * wpa_s,const u8 * addr)1875 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
1876 const u8 *addr)
1877 {
1878 struct hostapd_data *hapd;
1879 struct hostapd_bss_config *conf;
1880
1881 if (!wpa_s->ap_iface)
1882 return -1;
1883
1884 if (addr)
1885 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
1886 MAC2STR(addr));
1887 else
1888 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
1889
1890 hapd = wpa_s->ap_iface->bss[0];
1891 conf = hapd->conf;
1892
1893 os_free(conf->accept_mac);
1894 conf->accept_mac = NULL;
1895 conf->num_accept_mac = 0;
1896 os_free(conf->deny_mac);
1897 conf->deny_mac = NULL;
1898 conf->num_deny_mac = 0;
1899
1900 if (addr == NULL) {
1901 conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
1902 return 0;
1903 }
1904
1905 conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
1906 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
1907 if (conf->accept_mac == NULL)
1908 return -1;
1909 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
1910 conf->num_accept_mac = 1;
1911
1912 return 0;
1913 }
1914
1915
1916 #ifdef CONFIG_WPS_NFC
wpas_ap_wps_add_nfc_pw(struct wpa_supplicant * wpa_s,u16 pw_id,const struct wpabuf * pw,const u8 * pubkey_hash)1917 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
1918 const struct wpabuf *pw, const u8 *pubkey_hash)
1919 {
1920 struct hostapd_data *hapd;
1921 struct wps_context *wps;
1922
1923 if (!wpa_s->ap_iface)
1924 return -1;
1925 hapd = wpa_s->ap_iface->bss[0];
1926 wps = hapd->wps;
1927
1928 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL ||
1929 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) {
1930 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
1931 return -1;
1932 }
1933
1934 dh5_free(wps->dh_ctx);
1935 wpabuf_free(wps->dh_pubkey);
1936 wpabuf_free(wps->dh_privkey);
1937 wps->dh_privkey = wpabuf_dup(
1938 wpa_s->p2pdev->conf->wps_nfc_dh_privkey);
1939 wps->dh_pubkey = wpabuf_dup(
1940 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey);
1941 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
1942 wps->dh_ctx = NULL;
1943 wpabuf_free(wps->dh_pubkey);
1944 wps->dh_pubkey = NULL;
1945 wpabuf_free(wps->dh_privkey);
1946 wps->dh_privkey = NULL;
1947 return -1;
1948 }
1949 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
1950 if (wps->dh_ctx == NULL)
1951 return -1;
1952
1953 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
1954 pw_id,
1955 pw ? wpabuf_head(pw) : NULL,
1956 pw ? wpabuf_len(pw) : 0, 1);
1957 }
1958 #endif /* CONFIG_WPS_NFC */
1959
1960
1961 #ifdef CONFIG_CTRL_IFACE
wpas_ap_stop_ap(struct wpa_supplicant * wpa_s)1962 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s)
1963 {
1964 struct hostapd_data *hapd;
1965
1966 if (!wpa_s->ap_iface)
1967 return -1;
1968 hapd = wpa_s->ap_iface->bss[0];
1969 return hostapd_ctrl_iface_stop_ap(hapd);
1970 }
1971
1972
wpas_ap_pmksa_cache_list(struct wpa_supplicant * wpa_s,char * buf,size_t len)1973 int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf,
1974 size_t len)
1975 {
1976 size_t reply_len = 0, i;
1977 char ap_delimiter[] = "---- AP ----\n";
1978 char mesh_delimiter[] = "---- mesh ----\n";
1979 size_t dlen;
1980
1981 if (wpa_s->ap_iface) {
1982 dlen = os_strlen(ap_delimiter);
1983 if (dlen > len - reply_len)
1984 return reply_len;
1985 os_memcpy(&buf[reply_len], ap_delimiter, dlen);
1986 reply_len += dlen;
1987
1988 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) {
1989 reply_len += hostapd_ctrl_iface_pmksa_list(
1990 wpa_s->ap_iface->bss[i],
1991 &buf[reply_len], len - reply_len);
1992 }
1993 }
1994
1995 if (wpa_s->ifmsh) {
1996 dlen = os_strlen(mesh_delimiter);
1997 if (dlen > len - reply_len)
1998 return reply_len;
1999 os_memcpy(&buf[reply_len], mesh_delimiter, dlen);
2000 reply_len += dlen;
2001
2002 reply_len += hostapd_ctrl_iface_pmksa_list(
2003 wpa_s->ifmsh->bss[0], &buf[reply_len],
2004 len - reply_len);
2005 }
2006
2007 return reply_len;
2008 }
2009
2010
wpas_ap_pmksa_cache_flush(struct wpa_supplicant * wpa_s)2011 void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
2012 {
2013 size_t i;
2014
2015 if (wpa_s->ap_iface) {
2016 for (i = 0; i < wpa_s->ap_iface->num_bss; i++)
2017 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]);
2018 }
2019
2020 if (wpa_s->ifmsh)
2021 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]);
2022 }
2023
2024
2025 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
2026 #ifdef CONFIG_MESH
2027
wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant * wpa_s,const u8 * addr,char * buf,size_t len)2028 int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr,
2029 char *buf, size_t len)
2030 {
2031 return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr,
2032 &buf[0], len);
2033 }
2034
2035
wpas_ap_pmksa_cache_add_external(struct wpa_supplicant * wpa_s,char * cmd)2036 int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd)
2037 {
2038 struct external_pmksa_cache *entry;
2039 void *pmksa_cache;
2040
2041 pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr,
2042 cmd);
2043 if (!pmksa_cache)
2044 return -1;
2045
2046 entry = os_zalloc(sizeof(struct external_pmksa_cache));
2047 if (!entry)
2048 return -1;
2049
2050 entry->pmksa_cache = pmksa_cache;
2051
2052 dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list);
2053
2054 return 0;
2055 }
2056
2057 #endif /* CONFIG_MESH */
2058 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
2059
2060
wpas_ap_update_beacon(struct wpa_supplicant * wpa_s)2061 int wpas_ap_update_beacon(struct wpa_supplicant *wpa_s)
2062 {
2063 struct hostapd_data *hapd;
2064
2065 if (!wpa_s->ap_iface)
2066 return -1;
2067 hapd = wpa_s->ap_iface->bss[0];
2068
2069 wpabuf_free(hapd->conf->assocresp_elements);
2070 hapd->conf->assocresp_elements = NULL;
2071 if (wpa_s->conf->ap_assocresp_elements) {
2072 hapd->conf->assocresp_elements =
2073 wpabuf_dup(wpa_s->conf->ap_assocresp_elements);
2074 }
2075
2076 wpabuf_free(hapd->conf->vendor_elements);
2077 hapd->conf->vendor_elements = NULL;
2078 if (wpa_s->conf->ap_vendor_elements) {
2079 hapd->conf->vendor_elements =
2080 wpabuf_dup(wpa_s->conf->ap_vendor_elements);
2081 }
2082
2083 return ieee802_11_set_beacon(hapd);
2084 }
2085
2086 #endif /* CONFIG_CTRL_IFACE */
2087
2088
2089 #ifdef NEED_AP_MLME
wpas_ap_event_dfs_radar_detected(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2090 void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s,
2091 struct dfs_event *radar)
2092 {
2093 struct hostapd_iface *iface = wpa_s->ap_iface;
2094
2095 if (!iface)
2096 iface = wpa_s->ifmsh;
2097 if (!iface || !iface->bss[0])
2098 return;
2099 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq);
2100 hostapd_dfs_radar_detected(iface, radar->freq,
2101 radar->ht_enabled, radar->chan_offset,
2102 radar->chan_width,
2103 radar->cf1, radar->cf2);
2104 }
2105
2106
wpas_ap_event_dfs_cac_started(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2107 void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s,
2108 struct dfs_event *radar)
2109 {
2110 struct hostapd_iface *iface = wpa_s->ap_iface;
2111
2112 if (!iface)
2113 iface = wpa_s->ifmsh;
2114 if (!iface || !iface->bss[0])
2115 return;
2116 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq);
2117 hostapd_dfs_start_cac(iface, radar->freq,
2118 radar->ht_enabled, radar->chan_offset,
2119 radar->chan_width, radar->cf1, radar->cf2);
2120 }
2121
2122
wpas_ap_event_dfs_cac_finished(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2123 void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s,
2124 struct dfs_event *radar)
2125 {
2126 struct hostapd_iface *iface = wpa_s->ap_iface;
2127
2128 if (!iface)
2129 iface = wpa_s->ifmsh;
2130 if (!iface || !iface->bss[0])
2131 return;
2132 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq);
2133 hostapd_dfs_complete_cac(iface, 1, radar->freq,
2134 radar->ht_enabled, radar->chan_offset,
2135 radar->chan_width, radar->cf1, radar->cf2);
2136 }
2137
2138
wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2139 void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s,
2140 struct dfs_event *radar)
2141 {
2142 struct hostapd_iface *iface = wpa_s->ap_iface;
2143
2144 if (!iface)
2145 iface = wpa_s->ifmsh;
2146 if (!iface || !iface->bss[0])
2147 return;
2148 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq);
2149 hostapd_dfs_complete_cac(iface, 0, radar->freq,
2150 radar->ht_enabled, radar->chan_offset,
2151 radar->chan_width, radar->cf1, radar->cf2);
2152 }
2153
2154
wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2155 void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s,
2156 struct dfs_event *radar)
2157 {
2158 struct hostapd_iface *iface = wpa_s->ap_iface;
2159
2160 if (!iface)
2161 iface = wpa_s->ifmsh;
2162 if (!iface || !iface->bss[0])
2163 return;
2164 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq);
2165 hostapd_dfs_nop_finished(iface, radar->freq,
2166 radar->ht_enabled, radar->chan_offset,
2167 radar->chan_width, radar->cf1, radar->cf2);
2168 }
2169 #endif /* NEED_AP_MLME */
2170
2171
ap_periodic(struct wpa_supplicant * wpa_s)2172 void ap_periodic(struct wpa_supplicant *wpa_s)
2173 {
2174 if (wpa_s->ap_iface)
2175 hostapd_periodic_iface(wpa_s->ap_iface);
2176 }
2177