1 /*
2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10 #include "utils/includes.h"
11
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "ap/hostapd.h"
18 #include "ap/ap_config.h"
19 #include "ap/ap_drv_ops.h"
20 #ifdef NEED_AP_MLME
21 #include "ap/ieee802_11.h"
22 #endif /* NEED_AP_MLME */
23 #include "ap/beacon.h"
24 #include "ap/ieee802_1x.h"
25 #include "ap/wps_hostapd.h"
26 #include "ap/ctrl_iface_ap.h"
27 #include "wps/wps.h"
28 #include "common/ieee802_11_defs.h"
29 #include "config_ssid.h"
30 #include "config.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "p2p_supplicant.h"
34 #include "ap.h"
35 #include "ap/sta_info.h"
36 #include "notify.h"
37
38
39 #ifdef CONFIG_WPS
40 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
41 #endif /* CONFIG_WPS */
42
43
wpa_supplicant_conf_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf)44 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
45 struct wpa_ssid *ssid,
46 struct hostapd_config *conf)
47 {
48 struct hostapd_bss_config *bss = &conf->bss[0];
49 int pairwise;
50
51 conf->driver = wpa_s->driver;
52
53 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
54
55 if (ssid->frequency == 0) {
56 /* default channel 11 */
57 conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
58 conf->channel = 11;
59 } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) {
60 conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
61 conf->channel = (ssid->frequency - 2407) / 5;
62 } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) ||
63 (ssid->frequency >= 5745 && ssid->frequency <= 5825)) {
64 conf->hw_mode = HOSTAPD_MODE_IEEE80211A;
65 conf->channel = (ssid->frequency - 5000) / 5;
66 } else {
67 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
68 ssid->frequency);
69 return -1;
70 }
71
72 /* TODO: enable HT40 if driver supports it;
73 * drop to 11b if driver does not support 11g */
74
75 #ifdef CONFIG_IEEE80211N
76 /*
77 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
78 * and a mask of allowed capabilities within conf->ht_capab.
79 * Using default config settings for: conf->ht_op_mode_fixed,
80 * conf->secondary_channel, conf->require_ht
81 */
82 if (wpa_s->hw.modes) {
83 struct hostapd_hw_modes *mode = NULL;
84 int i;
85 for (i = 0; i < wpa_s->hw.num_modes; i++) {
86 if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
87 mode = &wpa_s->hw.modes[i];
88 break;
89 }
90 }
91 if (mode && mode->ht_capab) {
92 conf->ieee80211n = 1;
93
94 /*
95 * white-list capabilities that won't cause issues
96 * to connecting stations, while leaving the current
97 * capabilities intact (currently disabled SMPS).
98 */
99 conf->ht_capab |= mode->ht_capab &
100 (HT_CAP_INFO_GREEN_FIELD |
101 HT_CAP_INFO_SHORT_GI20MHZ |
102 HT_CAP_INFO_SHORT_GI40MHZ |
103 HT_CAP_INFO_RX_STBC_MASK |
104 HT_CAP_INFO_MAX_AMSDU_SIZE);
105 }
106 }
107 #endif /* CONFIG_IEEE80211N */
108
109 #ifdef CONFIG_P2P
110 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
111 /* Remove 802.11b rates from supported and basic rate sets */
112 int *list = os_malloc(4 * sizeof(int));
113 if (list) {
114 list[0] = 60;
115 list[1] = 120;
116 list[2] = 240;
117 list[3] = -1;
118 }
119 conf->basic_rates = list;
120
121 list = os_malloc(9 * sizeof(int));
122 if (list) {
123 list[0] = 60;
124 list[1] = 90;
125 list[2] = 120;
126 list[3] = 180;
127 list[4] = 240;
128 list[5] = 360;
129 list[6] = 480;
130 list[7] = 540;
131 list[8] = -1;
132 }
133 conf->supported_rates = list;
134 }
135
136 bss->isolate = !wpa_s->conf->p2p_intra_bss;
137 #endif /* CONFIG_P2P */
138
139 if (ssid->ssid_len == 0) {
140 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
141 return -1;
142 }
143 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
144 bss->ssid.ssid[ssid->ssid_len] = '\0';
145 bss->ssid.ssid_len = ssid->ssid_len;
146 bss->ssid.ssid_set = 1;
147
148 if (ssid->auth_alg)
149 bss->auth_algs = ssid->auth_alg;
150
151 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
152 bss->wpa = ssid->proto;
153 bss->wpa_key_mgmt = ssid->key_mgmt;
154 bss->wpa_pairwise = ssid->pairwise_cipher;
155 if (ssid->passphrase) {
156 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
157 } else if (ssid->psk_set) {
158 os_free(bss->ssid.wpa_psk);
159 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
160 if (bss->ssid.wpa_psk == NULL)
161 return -1;
162 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
163 bss->ssid.wpa_psk->group = 1;
164 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
165 ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
166 struct hostapd_wep_keys *wep = &bss->ssid.wep;
167 int i;
168 for (i = 0; i < NUM_WEP_KEYS; i++) {
169 if (ssid->wep_key_len[i] == 0)
170 continue;
171 wep->key[i] = os_malloc(ssid->wep_key_len[i]);
172 if (wep->key[i] == NULL)
173 return -1;
174 os_memcpy(wep->key[i], ssid->wep_key[i],
175 ssid->wep_key_len[i]);
176 wep->len[i] = ssid->wep_key_len[i];
177 }
178 wep->idx = ssid->wep_tx_keyidx;
179 wep->keys_set = 1;
180 }
181
182 /* Select group cipher based on the enabled pairwise cipher suites */
183 pairwise = 0;
184 if (bss->wpa & 1)
185 pairwise |= bss->wpa_pairwise;
186 if (bss->wpa & 2) {
187 if (bss->rsn_pairwise == 0)
188 bss->rsn_pairwise = bss->wpa_pairwise;
189 pairwise |= bss->rsn_pairwise;
190 }
191 if (pairwise & WPA_CIPHER_TKIP)
192 bss->wpa_group = WPA_CIPHER_TKIP;
193 else
194 bss->wpa_group = WPA_CIPHER_CCMP;
195
196 if (bss->wpa && bss->ieee802_1x)
197 bss->ssid.security_policy = SECURITY_WPA;
198 else if (bss->wpa)
199 bss->ssid.security_policy = SECURITY_WPA_PSK;
200 else if (bss->ieee802_1x) {
201 int cipher = WPA_CIPHER_NONE;
202 bss->ssid.security_policy = SECURITY_IEEE_802_1X;
203 bss->ssid.wep.default_len = bss->default_wep_key_len;
204 if (bss->default_wep_key_len)
205 cipher = bss->default_wep_key_len >= 13 ?
206 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
207 bss->wpa_group = cipher;
208 bss->wpa_pairwise = cipher;
209 bss->rsn_pairwise = cipher;
210 } else if (bss->ssid.wep.keys_set) {
211 int cipher = WPA_CIPHER_WEP40;
212 if (bss->ssid.wep.len[0] >= 13)
213 cipher = WPA_CIPHER_WEP104;
214 bss->ssid.security_policy = SECURITY_STATIC_WEP;
215 bss->wpa_group = cipher;
216 bss->wpa_pairwise = cipher;
217 bss->rsn_pairwise = cipher;
218 } else {
219 bss->ssid.security_policy = SECURITY_PLAINTEXT;
220 bss->wpa_group = WPA_CIPHER_NONE;
221 bss->wpa_pairwise = WPA_CIPHER_NONE;
222 bss->rsn_pairwise = WPA_CIPHER_NONE;
223 }
224
225 #ifdef CONFIG_WPS
226 /*
227 * Enable WPS by default for open and WPA/WPA2-Personal network, but
228 * require user interaction to actually use it. Only the internal
229 * Registrar is supported.
230 */
231 if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
232 bss->ssid.security_policy != SECURITY_PLAINTEXT)
233 goto no_wps;
234 #ifdef CONFIG_WPS2
235 if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
236 (!(pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
237 goto no_wps; /* WPS2 does not allow WPA/TKIP-only
238 * configuration */
239 #endif /* CONFIG_WPS2 */
240 bss->eap_server = 1;
241 bss->wps_state = 2;
242 bss->ap_setup_locked = 2;
243 if (wpa_s->conf->config_methods)
244 bss->config_methods = os_strdup(wpa_s->conf->config_methods);
245 os_memcpy(bss->device_type, wpa_s->conf->device_type,
246 WPS_DEV_TYPE_LEN);
247 if (wpa_s->conf->device_name) {
248 bss->device_name = os_strdup(wpa_s->conf->device_name);
249 bss->friendly_name = os_strdup(wpa_s->conf->device_name);
250 }
251 if (wpa_s->conf->manufacturer)
252 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
253 if (wpa_s->conf->model_name)
254 bss->model_name = os_strdup(wpa_s->conf->model_name);
255 if (wpa_s->conf->model_number)
256 bss->model_number = os_strdup(wpa_s->conf->model_number);
257 if (wpa_s->conf->serial_number)
258 bss->serial_number = os_strdup(wpa_s->conf->serial_number);
259 if (is_nil_uuid(wpa_s->conf->uuid))
260 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
261 else
262 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
263 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
264 no_wps:
265 #endif /* CONFIG_WPS */
266
267 if (wpa_s->max_stations &&
268 wpa_s->max_stations < wpa_s->conf->max_num_sta)
269 bss->max_num_sta = wpa_s->max_stations;
270 else
271 bss->max_num_sta = wpa_s->conf->max_num_sta;
272
273 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
274
275 return 0;
276 }
277
278
ap_public_action_rx(void * ctx,const u8 * buf,size_t len,int freq)279 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
280 {
281 #ifdef CONFIG_P2P
282 struct wpa_supplicant *wpa_s = ctx;
283 const struct ieee80211_mgmt *mgmt;
284 size_t hdr_len;
285
286 mgmt = (const struct ieee80211_mgmt *) buf;
287 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
288 if (hdr_len > len)
289 return;
290 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
291 mgmt->u.action.category,
292 &mgmt->u.action.u.vs_public_action.action,
293 len - hdr_len, freq);
294 #endif /* CONFIG_P2P */
295 }
296
297
ap_wps_event_cb(void * ctx,enum wps_event event,union wps_event_data * data)298 static void ap_wps_event_cb(void *ctx, enum wps_event event,
299 union wps_event_data *data)
300 {
301 #ifdef CONFIG_P2P
302 struct wpa_supplicant *wpa_s = ctx;
303
304 if (event == WPS_EV_FAIL) {
305 struct wps_event_fail *fail = &data->fail;
306
307 if (wpa_s->parent && wpa_s->parent != wpa_s &&
308 wpa_s == wpa_s->global->p2p_group_formation) {
309 /*
310 * src/ap/wps_hostapd.c has already sent this on the
311 * main interface, so only send on the parent interface
312 * here if needed.
313 */
314 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
315 "msg=%d config_error=%d",
316 fail->msg, fail->config_error);
317 }
318 wpas_p2p_wps_failed(wpa_s, fail);
319 }
320 #endif /* CONFIG_P2P */
321 }
322
323
ap_sta_authorized_cb(void * ctx,const u8 * mac_addr,int authorized,const u8 * p2p_dev_addr)324 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
325 int authorized, const u8 *p2p_dev_addr)
326 {
327 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
328 }
329
330
ap_vendor_action_rx(void * ctx,const u8 * buf,size_t len,int freq)331 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
332 {
333 #ifdef CONFIG_P2P
334 struct wpa_supplicant *wpa_s = ctx;
335 const struct ieee80211_mgmt *mgmt;
336 size_t hdr_len;
337
338 mgmt = (const struct ieee80211_mgmt *) buf;
339 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
340 if (hdr_len > len)
341 return -1;
342 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
343 mgmt->u.action.category,
344 &mgmt->u.action.u.vs_public_action.action,
345 len - hdr_len, freq);
346 #endif /* CONFIG_P2P */
347 return 0;
348 }
349
350
ap_probe_req_rx(void * ctx,const u8 * sa,const u8 * da,const u8 * bssid,const u8 * ie,size_t ie_len)351 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
352 const u8 *bssid, const u8 *ie, size_t ie_len)
353 {
354 #ifdef CONFIG_P2P
355 struct wpa_supplicant *wpa_s = ctx;
356 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len);
357 #else /* CONFIG_P2P */
358 return 0;
359 #endif /* CONFIG_P2P */
360 }
361
362
ap_wps_reg_success_cb(void * ctx,const u8 * mac_addr,const u8 * uuid_e)363 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
364 const u8 *uuid_e)
365 {
366 #ifdef CONFIG_P2P
367 struct wpa_supplicant *wpa_s = ctx;
368 wpas_p2p_wps_success(wpa_s, mac_addr, 1);
369 #endif /* CONFIG_P2P */
370 }
371
372
wpas_ap_configured_cb(void * ctx)373 static void wpas_ap_configured_cb(void *ctx)
374 {
375 struct wpa_supplicant *wpa_s = ctx;
376
377 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
378
379 if (wpa_s->ap_configured_cb)
380 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
381 wpa_s->ap_configured_cb_data);
382 }
383
384
wpa_supplicant_create_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)385 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
386 struct wpa_ssid *ssid)
387 {
388 struct wpa_driver_associate_params params;
389 struct hostapd_iface *hapd_iface;
390 struct hostapd_config *conf;
391 size_t i;
392
393 if (ssid->ssid == NULL || ssid->ssid_len == 0) {
394 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
395 return -1;
396 }
397
398 wpa_supplicant_ap_deinit(wpa_s);
399
400 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
401 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
402
403 os_memset(¶ms, 0, sizeof(params));
404 params.ssid = ssid->ssid;
405 params.ssid_len = ssid->ssid_len;
406 switch (ssid->mode) {
407 case WPAS_MODE_INFRA:
408 params.mode = IEEE80211_MODE_INFRA;
409 break;
410 case WPAS_MODE_IBSS:
411 params.mode = IEEE80211_MODE_IBSS;
412 break;
413 case WPAS_MODE_AP:
414 case WPAS_MODE_P2P_GO:
415 case WPAS_MODE_P2P_GROUP_FORMATION:
416 params.mode = IEEE80211_MODE_AP;
417 break;
418 }
419 params.freq = ssid->frequency;
420
421 params.wpa_proto = ssid->proto;
422 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
423 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
424 else
425 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
426 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
427
428 if (ssid->pairwise_cipher & WPA_CIPHER_CCMP)
429 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
430 else if (ssid->pairwise_cipher & WPA_CIPHER_TKIP)
431 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
432 else if (ssid->pairwise_cipher & WPA_CIPHER_NONE)
433 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
434 else {
435 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
436 "cipher.");
437 return -1;
438 }
439 params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher);
440 params.group_suite = params.pairwise_suite;
441
442 #ifdef CONFIG_P2P
443 if (ssid->mode == WPAS_MODE_P2P_GO ||
444 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
445 params.p2p = 1;
446 #endif /* CONFIG_P2P */
447
448 if (wpa_s->parent->set_ap_uapsd)
449 params.uapsd = wpa_s->parent->ap_uapsd;
450 else
451 params.uapsd = -1;
452
453 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
454 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
455 return -1;
456 }
457
458 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
459 if (hapd_iface == NULL)
460 return -1;
461 hapd_iface->owner = wpa_s;
462 hapd_iface->drv_flags = wpa_s->drv_flags;
463 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
464
465 wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
466 if (conf == NULL) {
467 wpa_supplicant_ap_deinit(wpa_s);
468 return -1;
469 }
470
471 if (params.uapsd > 0) {
472 conf->bss->wmm_enabled = 1;
473 conf->bss->wmm_uapsd = 1;
474 }
475
476 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
477 wpa_printf(MSG_ERROR, "Failed to create AP configuration");
478 wpa_supplicant_ap_deinit(wpa_s);
479 return -1;
480 }
481
482 #ifdef CONFIG_P2P
483 if (ssid->mode == WPAS_MODE_P2P_GO)
484 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER;
485 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
486 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER |
487 P2P_GROUP_FORMATION;
488 #endif /* CONFIG_P2P */
489
490 hapd_iface->num_bss = conf->num_bss;
491 hapd_iface->bss = os_zalloc(conf->num_bss *
492 sizeof(struct hostapd_data *));
493 if (hapd_iface->bss == NULL) {
494 wpa_supplicant_ap_deinit(wpa_s);
495 return -1;
496 }
497
498 for (i = 0; i < conf->num_bss; i++) {
499 hapd_iface->bss[i] =
500 hostapd_alloc_bss_data(hapd_iface, conf,
501 &conf->bss[i]);
502 if (hapd_iface->bss[i] == NULL) {
503 wpa_supplicant_ap_deinit(wpa_s);
504 return -1;
505 }
506
507 hapd_iface->bss[i]->msg_ctx = wpa_s;
508 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent;
509 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
510 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
511 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
512 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
513 hostapd_register_probereq_cb(hapd_iface->bss[i],
514 ap_probe_req_rx, wpa_s);
515 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
516 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
517 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
518 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
519 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
520 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
521 #ifdef CONFIG_P2P
522 hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
523 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(
524 wpa_s, ssid->p2p_persistent_group,
525 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION);
526 #endif /* CONFIG_P2P */
527 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
528 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
529 }
530
531 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
532 hapd_iface->bss[0]->driver = wpa_s->driver;
533 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
534
535 wpa_s->current_ssid = ssid;
536 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
537 wpa_s->assoc_freq = ssid->frequency;
538
539 if (hostapd_setup_interface(wpa_s->ap_iface)) {
540 wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
541 wpa_supplicant_ap_deinit(wpa_s);
542 return -1;
543 }
544
545 return 0;
546 }
547
548
wpa_supplicant_ap_deinit(struct wpa_supplicant * wpa_s)549 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
550 {
551 #ifdef CONFIG_WPS
552 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
553 #endif /* CONFIG_WPS */
554
555 if (wpa_s->ap_iface == NULL)
556 return;
557
558 wpa_s->current_ssid = NULL;
559 wpa_s->assoc_freq = 0;
560 wpa_s->reassociated_connection = 0;
561 #ifdef CONFIG_P2P
562 if (wpa_s->ap_iface->bss)
563 wpa_s->ap_iface->bss[0]->p2p_group = NULL;
564 wpas_p2p_group_deinit(wpa_s);
565 #endif /* CONFIG_P2P */
566 hostapd_interface_deinit(wpa_s->ap_iface);
567 hostapd_interface_free(wpa_s->ap_iface);
568 wpa_s->ap_iface = NULL;
569 wpa_drv_deinit_ap(wpa_s);
570 }
571
572
ap_tx_status(void * ctx,const u8 * addr,const u8 * buf,size_t len,int ack)573 void ap_tx_status(void *ctx, const u8 *addr,
574 const u8 *buf, size_t len, int ack)
575 {
576 #ifdef NEED_AP_MLME
577 struct wpa_supplicant *wpa_s = ctx;
578 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
579 #endif /* NEED_AP_MLME */
580 }
581
582
ap_eapol_tx_status(void * ctx,const u8 * dst,const u8 * data,size_t len,int ack)583 void ap_eapol_tx_status(void *ctx, const u8 *dst,
584 const u8 *data, size_t len, int ack)
585 {
586 #ifdef NEED_AP_MLME
587 struct wpa_supplicant *wpa_s = ctx;
588 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
589 #endif /* NEED_AP_MLME */
590 }
591
592
ap_client_poll_ok(void * ctx,const u8 * addr)593 void ap_client_poll_ok(void *ctx, const u8 *addr)
594 {
595 #ifdef NEED_AP_MLME
596 struct wpa_supplicant *wpa_s = ctx;
597 if (wpa_s->ap_iface)
598 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
599 #endif /* NEED_AP_MLME */
600 }
601
602
ap_rx_from_unknown_sta(void * ctx,const u8 * addr,int wds)603 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
604 {
605 #ifdef NEED_AP_MLME
606 struct wpa_supplicant *wpa_s = ctx;
607 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
608 #endif /* NEED_AP_MLME */
609 }
610
611
ap_mgmt_rx(void * ctx,struct rx_mgmt * rx_mgmt)612 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
613 {
614 #ifdef NEED_AP_MLME
615 struct wpa_supplicant *wpa_s = ctx;
616 struct hostapd_frame_info fi;
617 os_memset(&fi, 0, sizeof(fi));
618 fi.datarate = rx_mgmt->datarate;
619 fi.ssi_signal = rx_mgmt->ssi_signal;
620 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
621 rx_mgmt->frame_len, &fi);
622 #endif /* NEED_AP_MLME */
623 }
624
625
ap_mgmt_tx_cb(void * ctx,const u8 * buf,size_t len,u16 stype,int ok)626 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
627 {
628 #ifdef NEED_AP_MLME
629 struct wpa_supplicant *wpa_s = ctx;
630 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
631 #endif /* NEED_AP_MLME */
632 }
633
634
wpa_supplicant_ap_rx_eapol(struct wpa_supplicant * wpa_s,const u8 * src_addr,const u8 * buf,size_t len)635 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
636 const u8 *src_addr, const u8 *buf, size_t len)
637 {
638 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
639 }
640
641
642 #ifdef CONFIG_WPS
643
wpa_supplicant_ap_wps_pbc(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * p2p_dev_addr)644 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
645 const u8 *p2p_dev_addr)
646 {
647 if (!wpa_s->ap_iface)
648 return -1;
649 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
650 p2p_dev_addr);
651 }
652
653
wpa_supplicant_ap_wps_sta_cancel(struct hostapd_data * hapd,struct sta_info * sta,void * ctx)654 static int wpa_supplicant_ap_wps_sta_cancel(struct hostapd_data *hapd,
655 struct sta_info *sta, void *ctx)
656 {
657 if (sta && (sta->flags & WLAN_STA_WPS)) {
658 ap_sta_deauthenticate(hapd, sta,
659 WLAN_REASON_PREV_AUTH_NOT_VALID);
660 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR,
661 __func__, MAC2STR(sta->addr));
662 return 1;
663 }
664
665 return 0;
666 }
667
668
wpa_supplicant_ap_wps_cancel(struct wpa_supplicant * wpa_s)669 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
670 {
671 struct wps_registrar *reg;
672 int reg_sel = 0, wps_sta = 0;
673
674 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
675 return -1;
676
677 reg = wpa_s->ap_iface->bss[0]->wps->registrar;
678 reg_sel = wps_registrar_wps_cancel(reg);
679 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
680 wpa_supplicant_ap_wps_sta_cancel, NULL);
681
682 if (!reg_sel && !wps_sta) {
683 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
684 "time");
685 return -1;
686 }
687
688 /*
689 * There are 2 cases to return wps cancel as success:
690 * 1. When wps cancel was initiated but no connection has been
691 * established with client yet.
692 * 2. Client is in the middle of exchanging WPS messages.
693 */
694
695 return 0;
696 }
697
698
wpa_supplicant_ap_wps_pin(struct wpa_supplicant * wpa_s,const u8 * bssid,const char * pin,char * buf,size_t buflen)699 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
700 const char *pin, char *buf, size_t buflen)
701 {
702 int ret, ret_len = 0;
703
704 if (!wpa_s->ap_iface)
705 return -1;
706
707 if (pin == NULL) {
708 unsigned int rpin = wps_generate_pin();
709 ret_len = os_snprintf(buf, buflen, "%08d", rpin);
710 pin = buf;
711 } else
712 ret_len = os_snprintf(buf, buflen, "%s", pin);
713
714 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
715 0);
716 if (ret)
717 return -1;
718 return ret_len;
719 }
720
721
wpas_wps_ap_pin_timeout(void * eloop_data,void * user_ctx)722 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
723 {
724 struct wpa_supplicant *wpa_s = eloop_data;
725 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
726 wpas_wps_ap_pin_disable(wpa_s);
727 }
728
729
wpas_wps_ap_pin_enable(struct wpa_supplicant * wpa_s,int timeout)730 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
731 {
732 struct hostapd_data *hapd;
733
734 if (wpa_s->ap_iface == NULL)
735 return;
736 hapd = wpa_s->ap_iface->bss[0];
737 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
738 hapd->ap_pin_failures = 0;
739 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
740 if (timeout > 0)
741 eloop_register_timeout(timeout, 0,
742 wpas_wps_ap_pin_timeout, wpa_s, NULL);
743 }
744
745
wpas_wps_ap_pin_disable(struct wpa_supplicant * wpa_s)746 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
747 {
748 struct hostapd_data *hapd;
749
750 if (wpa_s->ap_iface == NULL)
751 return;
752 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
753 hapd = wpa_s->ap_iface->bss[0];
754 os_free(hapd->conf->ap_pin);
755 hapd->conf->ap_pin = NULL;
756 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
757 }
758
759
wpas_wps_ap_pin_random(struct wpa_supplicant * wpa_s,int timeout)760 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
761 {
762 struct hostapd_data *hapd;
763 unsigned int pin;
764 char pin_txt[9];
765
766 if (wpa_s->ap_iface == NULL)
767 return NULL;
768 hapd = wpa_s->ap_iface->bss[0];
769 pin = wps_generate_pin();
770 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
771 os_free(hapd->conf->ap_pin);
772 hapd->conf->ap_pin = os_strdup(pin_txt);
773 if (hapd->conf->ap_pin == NULL)
774 return NULL;
775 wpas_wps_ap_pin_enable(wpa_s, timeout);
776
777 return hapd->conf->ap_pin;
778 }
779
780
wpas_wps_ap_pin_get(struct wpa_supplicant * wpa_s)781 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
782 {
783 struct hostapd_data *hapd;
784 if (wpa_s->ap_iface == NULL)
785 return NULL;
786 hapd = wpa_s->ap_iface->bss[0];
787 return hapd->conf->ap_pin;
788 }
789
790
wpas_wps_ap_pin_set(struct wpa_supplicant * wpa_s,const char * pin,int timeout)791 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
792 int timeout)
793 {
794 struct hostapd_data *hapd;
795 char pin_txt[9];
796 int ret;
797
798 if (wpa_s->ap_iface == NULL)
799 return -1;
800 hapd = wpa_s->ap_iface->bss[0];
801 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
802 if (ret < 0 || ret >= (int) sizeof(pin_txt))
803 return -1;
804 os_free(hapd->conf->ap_pin);
805 hapd->conf->ap_pin = os_strdup(pin_txt);
806 if (hapd->conf->ap_pin == NULL)
807 return -1;
808 wpas_wps_ap_pin_enable(wpa_s, timeout);
809
810 return 0;
811 }
812
813
wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant * wpa_s)814 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
815 {
816 struct hostapd_data *hapd;
817
818 if (wpa_s->ap_iface == NULL)
819 return;
820 hapd = wpa_s->ap_iface->bss[0];
821
822 /*
823 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
824 * PIN if this happens multiple times to slow down brute force attacks.
825 */
826 hapd->ap_pin_failures++;
827 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
828 hapd->ap_pin_failures);
829 if (hapd->ap_pin_failures < 3)
830 return;
831
832 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
833 hapd->ap_pin_failures = 0;
834 os_free(hapd->conf->ap_pin);
835 hapd->conf->ap_pin = NULL;
836 }
837
838 #endif /* CONFIG_WPS */
839
840
841 #ifdef CONFIG_CTRL_IFACE
842
ap_ctrl_iface_sta_first(struct wpa_supplicant * wpa_s,char * buf,size_t buflen)843 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
844 char *buf, size_t buflen)
845 {
846 if (wpa_s->ap_iface == NULL)
847 return -1;
848 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0],
849 buf, buflen);
850 }
851
852
ap_ctrl_iface_sta(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)853 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
854 char *buf, size_t buflen)
855 {
856 if (wpa_s->ap_iface == NULL)
857 return -1;
858 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr,
859 buf, buflen);
860 }
861
862
ap_ctrl_iface_sta_next(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)863 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
864 char *buf, size_t buflen)
865 {
866 if (wpa_s->ap_iface == NULL)
867 return -1;
868 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr,
869 buf, buflen);
870 }
871
872
ap_ctrl_iface_wpa_get_status(struct wpa_supplicant * wpa_s,char * buf,size_t buflen,int verbose)873 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
874 size_t buflen, int verbose)
875 {
876 char *pos = buf, *end = buf + buflen;
877 int ret;
878 struct hostapd_bss_config *conf;
879
880 if (wpa_s->ap_iface == NULL)
881 return -1;
882
883 conf = wpa_s->ap_iface->bss[0]->conf;
884 if (conf->wpa == 0)
885 return 0;
886
887 ret = os_snprintf(pos, end - pos,
888 "pairwise_cipher=%s\n"
889 "group_cipher=%s\n"
890 "key_mgmt=%s\n",
891 wpa_cipher_txt(conf->rsn_pairwise),
892 wpa_cipher_txt(conf->wpa_group),
893 wpa_key_mgmt_txt(conf->wpa_key_mgmt,
894 conf->wpa));
895 if (ret < 0 || ret >= end - pos)
896 return pos - buf;
897 pos += ret;
898 return pos - buf;
899 }
900
901 #endif /* CONFIG_CTRL_IFACE */
902
903
wpa_supplicant_ap_update_beacon(struct wpa_supplicant * wpa_s)904 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
905 {
906 struct hostapd_iface *iface = wpa_s->ap_iface;
907 struct wpa_ssid *ssid = wpa_s->current_ssid;
908 struct hostapd_data *hapd;
909
910 if (ssid == NULL || wpa_s->ap_iface == NULL ||
911 ssid->mode == WPAS_MODE_INFRA ||
912 ssid->mode == WPAS_MODE_IBSS)
913 return -1;
914
915 #ifdef CONFIG_P2P
916 if (ssid->mode == WPAS_MODE_P2P_GO)
917 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER;
918 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
919 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER |
920 P2P_GROUP_FORMATION;
921 #endif /* CONFIG_P2P */
922
923 hapd = iface->bss[0];
924 if (hapd->drv_priv == NULL)
925 return -1;
926 ieee802_11_set_beacons(iface);
927 hostapd_set_ap_wps_ie(hapd);
928
929 return 0;
930 }
931
932
wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant * wpa_s,const u8 * addr)933 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
934 const u8 *addr)
935 {
936 struct hostapd_data *hapd;
937 struct hostapd_bss_config *conf;
938
939 if (!wpa_s->ap_iface)
940 return -1;
941
942 if (addr)
943 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
944 MAC2STR(addr));
945 else
946 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
947
948 hapd = wpa_s->ap_iface->bss[0];
949 conf = hapd->conf;
950
951 os_free(conf->accept_mac);
952 conf->accept_mac = NULL;
953 conf->num_accept_mac = 0;
954 os_free(conf->deny_mac);
955 conf->deny_mac = NULL;
956 conf->num_deny_mac = 0;
957
958 if (addr == NULL) {
959 conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
960 return 0;
961 }
962
963 conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
964 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
965 if (conf->accept_mac == NULL)
966 return -1;
967 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
968 conf->num_accept_mac = 1;
969
970 return 0;
971 }
972