• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * WPA Supplicant - Basic AP mode support routines
3  * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4  * Copyright (c) 2009, Atheros Communications
5  *
6  * This software may be distributed under the terms of the BSD license.
7  * See README for more details.
8  */
9 
10 #include "utils/includes.h"
11 
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
22 #ifdef NEED_AP_MLME
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
29 #include "wps/wps.h"
30 #include "common/ieee802_11_defs.h"
31 #include "config_ssid.h"
32 #include "config.h"
33 #include "wpa_supplicant_i.h"
34 #include "driver_i.h"
35 #include "p2p_supplicant.h"
36 #include "ap.h"
37 #include "ap/sta_info.h"
38 #include "notify.h"
39 
40 
41 #ifdef CONFIG_WPS
42 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
43 #endif /* CONFIG_WPS */
44 
45 
46 #ifdef CONFIG_IEEE80211N
wpas_conf_ap_vht(struct wpa_supplicant * wpa_s,struct hostapd_config * conf,struct hostapd_hw_modes * mode)47 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
48 			     struct hostapd_config *conf,
49 			     struct hostapd_hw_modes *mode)
50 {
51 #ifdef CONFIG_P2P
52 	u8 center_chan = 0;
53 	u8 channel = conf->channel;
54 
55 	if (!conf->secondary_channel)
56 		goto no_vht;
57 
58 	center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel);
59 	if (!center_chan)
60 		goto no_vht;
61 
62 	/* Use 80 MHz channel */
63 	conf->vht_oper_chwidth = 1;
64 	conf->vht_oper_centr_freq_seg0_idx = center_chan;
65 	return;
66 
67 no_vht:
68 	conf->vht_oper_centr_freq_seg0_idx =
69 		channel + conf->secondary_channel * 2;
70 #else /* CONFIG_P2P */
71 	conf->vht_oper_centr_freq_seg0_idx =
72 		conf->channel + conf->secondary_channel * 2;
73 #endif /* CONFIG_P2P */
74 }
75 #endif /* CONFIG_IEEE80211N */
76 
77 
wpa_supplicant_conf_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf)78 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
79 				  struct wpa_ssid *ssid,
80 				  struct hostapd_config *conf)
81 {
82 	struct hostapd_bss_config *bss = conf->bss[0];
83 
84 	conf->driver = wpa_s->driver;
85 
86 	os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
87 
88 	conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
89 					       &conf->channel);
90 	if (conf->hw_mode == NUM_HOSTAPD_MODES) {
91 		wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
92 			   ssid->frequency);
93 		return -1;
94 	}
95 
96 	/* TODO: enable HT40 if driver supports it;
97 	 * drop to 11b if driver does not support 11g */
98 
99 #ifdef CONFIG_IEEE80211N
100 	/*
101 	 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
102 	 * and a mask of allowed capabilities within conf->ht_capab.
103 	 * Using default config settings for: conf->ht_op_mode_fixed,
104 	 * conf->secondary_channel, conf->require_ht
105 	 */
106 	if (wpa_s->hw.modes) {
107 		struct hostapd_hw_modes *mode = NULL;
108 		int i, no_ht = 0;
109 		for (i = 0; i < wpa_s->hw.num_modes; i++) {
110 			if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
111 				mode = &wpa_s->hw.modes[i];
112 				break;
113 			}
114 		}
115 
116 #ifdef CONFIG_HT_OVERRIDES
117 		if (ssid->disable_ht) {
118 			conf->ieee80211n = 0;
119 			conf->ht_capab = 0;
120 			no_ht = 1;
121 		}
122 #endif /* CONFIG_HT_OVERRIDES */
123 
124 		if (!no_ht && mode && mode->ht_capab) {
125 			conf->ieee80211n = 1;
126 #ifdef CONFIG_P2P
127 			if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
128 			    (mode->ht_capab &
129 			     HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
130 			    ssid->ht40)
131 				conf->secondary_channel =
132 					wpas_p2p_get_ht40_mode(wpa_s, mode,
133 							       conf->channel);
134 			if (conf->secondary_channel)
135 				conf->ht_capab |=
136 					HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
137 #endif /* CONFIG_P2P */
138 
139 			/*
140 			 * white-list capabilities that won't cause issues
141 			 * to connecting stations, while leaving the current
142 			 * capabilities intact (currently disabled SMPS).
143 			 */
144 			conf->ht_capab |= mode->ht_capab &
145 				(HT_CAP_INFO_GREEN_FIELD |
146 				 HT_CAP_INFO_SHORT_GI20MHZ |
147 				 HT_CAP_INFO_SHORT_GI40MHZ |
148 				 HT_CAP_INFO_RX_STBC_MASK |
149 				 HT_CAP_INFO_MAX_AMSDU_SIZE);
150 
151 			if (mode->vht_capab && ssid->vht) {
152 				conf->ieee80211ac = 1;
153 				wpas_conf_ap_vht(wpa_s, conf, mode);
154 			}
155 		}
156 	}
157 #endif /* CONFIG_IEEE80211N */
158 
159 #ifdef CONFIG_P2P
160 	if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
161 	    (ssid->mode == WPAS_MODE_P2P_GO ||
162 	     ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
163 		/* Remove 802.11b rates from supported and basic rate sets */
164 		int *list = os_malloc(4 * sizeof(int));
165 		if (list) {
166 			list[0] = 60;
167 			list[1] = 120;
168 			list[2] = 240;
169 			list[3] = -1;
170 		}
171 		conf->basic_rates = list;
172 
173 		list = os_malloc(9 * sizeof(int));
174 		if (list) {
175 			list[0] = 60;
176 			list[1] = 90;
177 			list[2] = 120;
178 			list[3] = 180;
179 			list[4] = 240;
180 			list[5] = 360;
181 			list[6] = 480;
182 			list[7] = 540;
183 			list[8] = -1;
184 		}
185 		conf->supported_rates = list;
186 	}
187 
188 	bss->isolate = !wpa_s->conf->p2p_intra_bss;
189 	bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
190 
191 	if (ssid->p2p_group) {
192 		os_memcpy(bss->ip_addr_go, wpa_s->parent->conf->ip_addr_go, 4);
193 		os_memcpy(bss->ip_addr_mask, wpa_s->parent->conf->ip_addr_mask,
194 			  4);
195 		os_memcpy(bss->ip_addr_start,
196 			  wpa_s->parent->conf->ip_addr_start, 4);
197 		os_memcpy(bss->ip_addr_end, wpa_s->parent->conf->ip_addr_end,
198 			  4);
199 	}
200 #endif /* CONFIG_P2P */
201 
202 	if (ssid->ssid_len == 0) {
203 		wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
204 		return -1;
205 	}
206 	os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
207 	bss->ssid.ssid_len = ssid->ssid_len;
208 	bss->ssid.ssid_set = 1;
209 
210 	bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
211 
212 	if (ssid->auth_alg)
213 		bss->auth_algs = ssid->auth_alg;
214 
215 	if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
216 		bss->wpa = ssid->proto;
217 	bss->wpa_key_mgmt = ssid->key_mgmt;
218 	bss->wpa_pairwise = ssid->pairwise_cipher;
219 	if (ssid->psk_set) {
220 		os_free(bss->ssid.wpa_psk);
221 		bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
222 		if (bss->ssid.wpa_psk == NULL)
223 			return -1;
224 		os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
225 		bss->ssid.wpa_psk->group = 1;
226 	} else if (ssid->passphrase) {
227 		bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
228 	} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
229 		   ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
230 		struct hostapd_wep_keys *wep = &bss->ssid.wep;
231 		int i;
232 		for (i = 0; i < NUM_WEP_KEYS; i++) {
233 			if (ssid->wep_key_len[i] == 0)
234 				continue;
235 			wep->key[i] = os_malloc(ssid->wep_key_len[i]);
236 			if (wep->key[i] == NULL)
237 				return -1;
238 			os_memcpy(wep->key[i], ssid->wep_key[i],
239 				  ssid->wep_key_len[i]);
240 			wep->len[i] = ssid->wep_key_len[i];
241 		}
242 		wep->idx = ssid->wep_tx_keyidx;
243 		wep->keys_set = 1;
244 	}
245 
246 	if (ssid->ap_max_inactivity)
247 		bss->ap_max_inactivity = ssid->ap_max_inactivity;
248 
249 	if (ssid->dtim_period)
250 		bss->dtim_period = ssid->dtim_period;
251 	else if (wpa_s->conf->dtim_period)
252 		bss->dtim_period = wpa_s->conf->dtim_period;
253 
254 	if (ssid->beacon_int)
255 		conf->beacon_int = ssid->beacon_int;
256 	else if (wpa_s->conf->beacon_int)
257 		conf->beacon_int = wpa_s->conf->beacon_int;
258 
259 	if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
260 		bss->rsn_pairwise = bss->wpa_pairwise;
261 	bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
262 						    bss->rsn_pairwise);
263 
264 	if (bss->wpa && bss->ieee802_1x)
265 		bss->ssid.security_policy = SECURITY_WPA;
266 	else if (bss->wpa)
267 		bss->ssid.security_policy = SECURITY_WPA_PSK;
268 	else if (bss->ieee802_1x) {
269 		int cipher = WPA_CIPHER_NONE;
270 		bss->ssid.security_policy = SECURITY_IEEE_802_1X;
271 		bss->ssid.wep.default_len = bss->default_wep_key_len;
272 		if (bss->default_wep_key_len)
273 			cipher = bss->default_wep_key_len >= 13 ?
274 				WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
275 		bss->wpa_group = cipher;
276 		bss->wpa_pairwise = cipher;
277 		bss->rsn_pairwise = cipher;
278 	} else if (bss->ssid.wep.keys_set) {
279 		int cipher = WPA_CIPHER_WEP40;
280 		if (bss->ssid.wep.len[0] >= 13)
281 			cipher = WPA_CIPHER_WEP104;
282 		bss->ssid.security_policy = SECURITY_STATIC_WEP;
283 		bss->wpa_group = cipher;
284 		bss->wpa_pairwise = cipher;
285 		bss->rsn_pairwise = cipher;
286 	} else {
287 		bss->ssid.security_policy = SECURITY_PLAINTEXT;
288 		bss->wpa_group = WPA_CIPHER_NONE;
289 		bss->wpa_pairwise = WPA_CIPHER_NONE;
290 		bss->rsn_pairwise = WPA_CIPHER_NONE;
291 	}
292 
293 	if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
294 	    (bss->wpa_group == WPA_CIPHER_CCMP ||
295 	     bss->wpa_group == WPA_CIPHER_GCMP ||
296 	     bss->wpa_group == WPA_CIPHER_CCMP_256 ||
297 	     bss->wpa_group == WPA_CIPHER_GCMP_256)) {
298 		/*
299 		 * Strong ciphers do not need frequent rekeying, so increase
300 		 * the default GTK rekeying period to 24 hours.
301 		 */
302 		bss->wpa_group_rekey = 86400;
303 	}
304 
305 #ifdef CONFIG_IEEE80211W
306 	if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
307 		bss->ieee80211w = ssid->ieee80211w;
308 #endif /* CONFIG_IEEE80211W */
309 
310 #ifdef CONFIG_WPS
311 	/*
312 	 * Enable WPS by default for open and WPA/WPA2-Personal network, but
313 	 * require user interaction to actually use it. Only the internal
314 	 * Registrar is supported.
315 	 */
316 	if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
317 	    bss->ssid.security_policy != SECURITY_PLAINTEXT)
318 		goto no_wps;
319 	if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
320 	    (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
321 		goto no_wps; /* WPS2 does not allow WPA/TKIP-only
322 			      * configuration */
323 	bss->eap_server = 1;
324 
325 	if (!ssid->ignore_broadcast_ssid)
326 		bss->wps_state = 2;
327 
328 	bss->ap_setup_locked = 2;
329 	if (wpa_s->conf->config_methods)
330 		bss->config_methods = os_strdup(wpa_s->conf->config_methods);
331 	os_memcpy(bss->device_type, wpa_s->conf->device_type,
332 		  WPS_DEV_TYPE_LEN);
333 	if (wpa_s->conf->device_name) {
334 		bss->device_name = os_strdup(wpa_s->conf->device_name);
335 		bss->friendly_name = os_strdup(wpa_s->conf->device_name);
336 	}
337 	if (wpa_s->conf->manufacturer)
338 		bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
339 	if (wpa_s->conf->model_name)
340 		bss->model_name = os_strdup(wpa_s->conf->model_name);
341 	if (wpa_s->conf->model_number)
342 		bss->model_number = os_strdup(wpa_s->conf->model_number);
343 	if (wpa_s->conf->serial_number)
344 		bss->serial_number = os_strdup(wpa_s->conf->serial_number);
345 	if (is_nil_uuid(wpa_s->conf->uuid))
346 		os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
347 	else
348 		os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
349 	os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
350 	bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
351 no_wps:
352 #endif /* CONFIG_WPS */
353 
354 	if (wpa_s->max_stations &&
355 	    wpa_s->max_stations < wpa_s->conf->max_num_sta)
356 		bss->max_num_sta = wpa_s->max_stations;
357 	else
358 		bss->max_num_sta = wpa_s->conf->max_num_sta;
359 
360 	bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
361 
362 	if (wpa_s->conf->ap_vendor_elements) {
363 		bss->vendor_elements =
364 			wpabuf_dup(wpa_s->conf->ap_vendor_elements);
365 	}
366 
367 	return 0;
368 }
369 
370 
ap_public_action_rx(void * ctx,const u8 * buf,size_t len,int freq)371 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
372 {
373 #ifdef CONFIG_P2P
374 	struct wpa_supplicant *wpa_s = ctx;
375 	const struct ieee80211_mgmt *mgmt;
376 
377 	mgmt = (const struct ieee80211_mgmt *) buf;
378 	if (len < IEEE80211_HDRLEN + 1)
379 		return;
380 	if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
381 		return;
382 	wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
383 			   mgmt->u.action.category,
384 			   buf + IEEE80211_HDRLEN + 1,
385 			   len - IEEE80211_HDRLEN - 1, freq);
386 #endif /* CONFIG_P2P */
387 }
388 
389 
ap_wps_event_cb(void * ctx,enum wps_event event,union wps_event_data * data)390 static void ap_wps_event_cb(void *ctx, enum wps_event event,
391 			    union wps_event_data *data)
392 {
393 #ifdef CONFIG_P2P
394 	struct wpa_supplicant *wpa_s = ctx;
395 
396 	if (event == WPS_EV_FAIL) {
397 		struct wps_event_fail *fail = &data->fail;
398 
399 		if (wpa_s->parent && wpa_s->parent != wpa_s &&
400 		    wpa_s == wpa_s->global->p2p_group_formation) {
401 			/*
402 			 * src/ap/wps_hostapd.c has already sent this on the
403 			 * main interface, so only send on the parent interface
404 			 * here if needed.
405 			 */
406 			wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
407 				"msg=%d config_error=%d",
408 				fail->msg, fail->config_error);
409 		}
410 		wpas_p2p_wps_failed(wpa_s, fail);
411 	}
412 #endif /* CONFIG_P2P */
413 }
414 
415 
ap_sta_authorized_cb(void * ctx,const u8 * mac_addr,int authorized,const u8 * p2p_dev_addr)416 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
417 				 int authorized, const u8 *p2p_dev_addr)
418 {
419 	wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
420 }
421 
422 
423 #ifdef CONFIG_P2P
ap_new_psk_cb(void * ctx,const u8 * mac_addr,const u8 * p2p_dev_addr,const u8 * psk,size_t psk_len)424 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
425 			  const u8 *psk, size_t psk_len)
426 {
427 
428 	struct wpa_supplicant *wpa_s = ctx;
429 	if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
430 		return;
431 	wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
432 }
433 #endif /* CONFIG_P2P */
434 
435 
ap_vendor_action_rx(void * ctx,const u8 * buf,size_t len,int freq)436 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
437 {
438 #ifdef CONFIG_P2P
439 	struct wpa_supplicant *wpa_s = ctx;
440 	const struct ieee80211_mgmt *mgmt;
441 
442 	mgmt = (const struct ieee80211_mgmt *) buf;
443 	if (len < IEEE80211_HDRLEN + 1)
444 		return -1;
445 	wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
446 			   mgmt->u.action.category,
447 			   buf + IEEE80211_HDRLEN + 1,
448 			   len - IEEE80211_HDRLEN - 1, freq);
449 #endif /* CONFIG_P2P */
450 	return 0;
451 }
452 
453 
ap_probe_req_rx(void * ctx,const u8 * sa,const u8 * da,const u8 * bssid,const u8 * ie,size_t ie_len,int ssi_signal)454 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
455 			   const u8 *bssid, const u8 *ie, size_t ie_len,
456 			   int ssi_signal)
457 {
458 	struct wpa_supplicant *wpa_s = ctx;
459 	return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
460 				     ssi_signal);
461 }
462 
463 
ap_wps_reg_success_cb(void * ctx,const u8 * mac_addr,const u8 * uuid_e)464 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
465 				  const u8 *uuid_e)
466 {
467 	struct wpa_supplicant *wpa_s = ctx;
468 	wpas_p2p_wps_success(wpa_s, mac_addr, 1);
469 }
470 
471 
wpas_ap_configured_cb(void * ctx)472 static void wpas_ap_configured_cb(void *ctx)
473 {
474 	struct wpa_supplicant *wpa_s = ctx;
475 
476 	wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
477 
478 	if (wpa_s->ap_configured_cb)
479 		wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
480 					wpa_s->ap_configured_cb_data);
481 }
482 
483 
wpa_supplicant_create_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)484 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
485 			     struct wpa_ssid *ssid)
486 {
487 	struct wpa_driver_associate_params params;
488 	struct hostapd_iface *hapd_iface;
489 	struct hostapd_config *conf;
490 	size_t i;
491 
492 	if (ssid->ssid == NULL || ssid->ssid_len == 0) {
493 		wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
494 		return -1;
495 	}
496 
497 	wpa_supplicant_ap_deinit(wpa_s);
498 
499 	wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
500 		   wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
501 
502 	os_memset(&params, 0, sizeof(params));
503 	params.ssid = ssid->ssid;
504 	params.ssid_len = ssid->ssid_len;
505 	switch (ssid->mode) {
506 	case WPAS_MODE_AP:
507 	case WPAS_MODE_P2P_GO:
508 	case WPAS_MODE_P2P_GROUP_FORMATION:
509 		params.mode = IEEE80211_MODE_AP;
510 		break;
511 	default:
512 		return -1;
513 	}
514 	if (ssid->frequency == 0)
515 		ssid->frequency = 2462; /* default channel 11 */
516 	params.freq.freq = ssid->frequency;
517 
518 	params.wpa_proto = ssid->proto;
519 	if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
520 		wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
521 	else
522 		wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
523 	params.key_mgmt_suite = wpa_s->key_mgmt;
524 
525 	wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
526 							  1);
527 	if (wpa_s->pairwise_cipher < 0) {
528 		wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
529 			   "cipher.");
530 		return -1;
531 	}
532 	params.pairwise_suite = wpa_s->pairwise_cipher;
533 	params.group_suite = params.pairwise_suite;
534 
535 #ifdef CONFIG_P2P
536 	if (ssid->mode == WPAS_MODE_P2P_GO ||
537 	    ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
538 		params.p2p = 1;
539 #endif /* CONFIG_P2P */
540 
541 	if (wpa_s->parent->set_ap_uapsd)
542 		params.uapsd = wpa_s->parent->ap_uapsd;
543 	else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
544 		params.uapsd = 1; /* mandatory for P2P GO */
545 	else
546 		params.uapsd = -1;
547 
548 	if (wpa_drv_associate(wpa_s, &params) < 0) {
549 		wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
550 		return -1;
551 	}
552 
553 	wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
554 	if (hapd_iface == NULL)
555 		return -1;
556 	hapd_iface->owner = wpa_s;
557 	hapd_iface->drv_flags = wpa_s->drv_flags;
558 	hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
559 	hapd_iface->extended_capa = wpa_s->extended_capa;
560 	hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
561 	hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
562 
563 	wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
564 	if (conf == NULL) {
565 		wpa_supplicant_ap_deinit(wpa_s);
566 		return -1;
567 	}
568 
569 	os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
570 		  wpa_s->conf->wmm_ac_params,
571 		  sizeof(wpa_s->conf->wmm_ac_params));
572 
573 	if (params.uapsd > 0) {
574 		conf->bss[0]->wmm_enabled = 1;
575 		conf->bss[0]->wmm_uapsd = 1;
576 	}
577 
578 	if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
579 		wpa_printf(MSG_ERROR, "Failed to create AP configuration");
580 		wpa_supplicant_ap_deinit(wpa_s);
581 		return -1;
582 	}
583 
584 #ifdef CONFIG_P2P
585 	if (ssid->mode == WPAS_MODE_P2P_GO)
586 		conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
587 	else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
588 		conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
589 			P2P_GROUP_FORMATION;
590 #endif /* CONFIG_P2P */
591 
592 	hapd_iface->num_bss = conf->num_bss;
593 	hapd_iface->bss = os_calloc(conf->num_bss,
594 				    sizeof(struct hostapd_data *));
595 	if (hapd_iface->bss == NULL) {
596 		wpa_supplicant_ap_deinit(wpa_s);
597 		return -1;
598 	}
599 
600 	for (i = 0; i < conf->num_bss; i++) {
601 		hapd_iface->bss[i] =
602 			hostapd_alloc_bss_data(hapd_iface, conf,
603 					       conf->bss[i]);
604 		if (hapd_iface->bss[i] == NULL) {
605 			wpa_supplicant_ap_deinit(wpa_s);
606 			return -1;
607 		}
608 
609 		hapd_iface->bss[i]->msg_ctx = wpa_s;
610 		hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent;
611 		hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
612 		hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
613 		hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
614 		hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
615 		hostapd_register_probereq_cb(hapd_iface->bss[i],
616 					     ap_probe_req_rx, wpa_s);
617 		hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
618 		hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
619 		hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
620 		hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
621 		hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
622 		hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
623 #ifdef CONFIG_P2P
624 		hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
625 		hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
626 		hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
627 		hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
628 								    ssid);
629 #endif /* CONFIG_P2P */
630 		hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
631 		hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
632 	}
633 
634 	os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
635 	hapd_iface->bss[0]->driver = wpa_s->driver;
636 	hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
637 
638 	wpa_s->current_ssid = ssid;
639 	eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
640 	os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
641 	wpa_s->assoc_freq = ssid->frequency;
642 
643 	if (hostapd_setup_interface(wpa_s->ap_iface)) {
644 		wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
645 		wpa_supplicant_ap_deinit(wpa_s);
646 		return -1;
647 	}
648 
649 	return 0;
650 }
651 
652 
wpa_supplicant_ap_deinit(struct wpa_supplicant * wpa_s)653 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
654 {
655 #ifdef CONFIG_WPS
656 	eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
657 #endif /* CONFIG_WPS */
658 
659 	if (wpa_s->ap_iface == NULL)
660 		return;
661 
662 	wpa_s->current_ssid = NULL;
663 	eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
664 	wpa_s->assoc_freq = 0;
665 	wpas_p2p_ap_deinit(wpa_s);
666 	wpa_s->ap_iface->driver_ap_teardown =
667 		!!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
668 
669 	hostapd_interface_deinit(wpa_s->ap_iface);
670 	hostapd_interface_free(wpa_s->ap_iface);
671 	wpa_s->ap_iface = NULL;
672 	wpa_drv_deinit_ap(wpa_s);
673 }
674 
675 
ap_tx_status(void * ctx,const u8 * addr,const u8 * buf,size_t len,int ack)676 void ap_tx_status(void *ctx, const u8 *addr,
677 		  const u8 *buf, size_t len, int ack)
678 {
679 #ifdef NEED_AP_MLME
680 	struct wpa_supplicant *wpa_s = ctx;
681 	hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
682 #endif /* NEED_AP_MLME */
683 }
684 
685 
ap_eapol_tx_status(void * ctx,const u8 * dst,const u8 * data,size_t len,int ack)686 void ap_eapol_tx_status(void *ctx, const u8 *dst,
687 			const u8 *data, size_t len, int ack)
688 {
689 #ifdef NEED_AP_MLME
690 	struct wpa_supplicant *wpa_s = ctx;
691 	if (!wpa_s->ap_iface)
692 		return;
693 	hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
694 #endif /* NEED_AP_MLME */
695 }
696 
697 
ap_client_poll_ok(void * ctx,const u8 * addr)698 void ap_client_poll_ok(void *ctx, const u8 *addr)
699 {
700 #ifdef NEED_AP_MLME
701 	struct wpa_supplicant *wpa_s = ctx;
702 	if (wpa_s->ap_iface)
703 		hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
704 #endif /* NEED_AP_MLME */
705 }
706 
707 
ap_rx_from_unknown_sta(void * ctx,const u8 * addr,int wds)708 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
709 {
710 #ifdef NEED_AP_MLME
711 	struct wpa_supplicant *wpa_s = ctx;
712 	ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
713 #endif /* NEED_AP_MLME */
714 }
715 
716 
ap_mgmt_rx(void * ctx,struct rx_mgmt * rx_mgmt)717 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
718 {
719 #ifdef NEED_AP_MLME
720 	struct wpa_supplicant *wpa_s = ctx;
721 	struct hostapd_frame_info fi;
722 	os_memset(&fi, 0, sizeof(fi));
723 	fi.datarate = rx_mgmt->datarate;
724 	fi.ssi_signal = rx_mgmt->ssi_signal;
725 	ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
726 			rx_mgmt->frame_len, &fi);
727 #endif /* NEED_AP_MLME */
728 }
729 
730 
ap_mgmt_tx_cb(void * ctx,const u8 * buf,size_t len,u16 stype,int ok)731 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
732 {
733 #ifdef NEED_AP_MLME
734 	struct wpa_supplicant *wpa_s = ctx;
735 	ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
736 #endif /* NEED_AP_MLME */
737 }
738 
739 
wpa_supplicant_ap_rx_eapol(struct wpa_supplicant * wpa_s,const u8 * src_addr,const u8 * buf,size_t len)740 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
741 				const u8 *src_addr, const u8 *buf, size_t len)
742 {
743 	ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
744 }
745 
746 
747 #ifdef CONFIG_WPS
748 
wpa_supplicant_ap_wps_pbc(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * p2p_dev_addr)749 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
750 			      const u8 *p2p_dev_addr)
751 {
752 	if (!wpa_s->ap_iface)
753 		return -1;
754 	return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
755 					 p2p_dev_addr);
756 }
757 
758 
wpa_supplicant_ap_wps_cancel(struct wpa_supplicant * wpa_s)759 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
760 {
761 	struct wps_registrar *reg;
762 	int reg_sel = 0, wps_sta = 0;
763 
764 	if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
765 		return -1;
766 
767 	reg = wpa_s->ap_iface->bss[0]->wps->registrar;
768 	reg_sel = wps_registrar_wps_cancel(reg);
769 	wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
770 				  ap_sta_wps_cancel, NULL);
771 
772 	if (!reg_sel && !wps_sta) {
773 		wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
774 			   "time");
775 		return -1;
776 	}
777 
778 	/*
779 	 * There are 2 cases to return wps cancel as success:
780 	 * 1. When wps cancel was initiated but no connection has been
781 	 *    established with client yet.
782 	 * 2. Client is in the middle of exchanging WPS messages.
783 	 */
784 
785 	return 0;
786 }
787 
788 
wpa_supplicant_ap_wps_pin(struct wpa_supplicant * wpa_s,const u8 * bssid,const char * pin,char * buf,size_t buflen,int timeout)789 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
790 			      const char *pin, char *buf, size_t buflen,
791 			      int timeout)
792 {
793 	int ret, ret_len = 0;
794 
795 	if (!wpa_s->ap_iface)
796 		return -1;
797 
798 	if (pin == NULL) {
799 		unsigned int rpin = wps_generate_pin();
800 		ret_len = os_snprintf(buf, buflen, "%08d", rpin);
801 		pin = buf;
802 	} else
803 		ret_len = os_snprintf(buf, buflen, "%s", pin);
804 
805 	ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
806 				  timeout);
807 	if (ret)
808 		return -1;
809 	return ret_len;
810 }
811 
812 
wpas_wps_ap_pin_timeout(void * eloop_data,void * user_ctx)813 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
814 {
815 	struct wpa_supplicant *wpa_s = eloop_data;
816 	wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
817 	wpas_wps_ap_pin_disable(wpa_s);
818 }
819 
820 
wpas_wps_ap_pin_enable(struct wpa_supplicant * wpa_s,int timeout)821 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
822 {
823 	struct hostapd_data *hapd;
824 
825 	if (wpa_s->ap_iface == NULL)
826 		return;
827 	hapd = wpa_s->ap_iface->bss[0];
828 	wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
829 	hapd->ap_pin_failures = 0;
830 	eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
831 	if (timeout > 0)
832 		eloop_register_timeout(timeout, 0,
833 				       wpas_wps_ap_pin_timeout, wpa_s, NULL);
834 }
835 
836 
wpas_wps_ap_pin_disable(struct wpa_supplicant * wpa_s)837 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
838 {
839 	struct hostapd_data *hapd;
840 
841 	if (wpa_s->ap_iface == NULL)
842 		return;
843 	wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
844 	hapd = wpa_s->ap_iface->bss[0];
845 	os_free(hapd->conf->ap_pin);
846 	hapd->conf->ap_pin = NULL;
847 	eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
848 }
849 
850 
wpas_wps_ap_pin_random(struct wpa_supplicant * wpa_s,int timeout)851 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
852 {
853 	struct hostapd_data *hapd;
854 	unsigned int pin;
855 	char pin_txt[9];
856 
857 	if (wpa_s->ap_iface == NULL)
858 		return NULL;
859 	hapd = wpa_s->ap_iface->bss[0];
860 	pin = wps_generate_pin();
861 	os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
862 	os_free(hapd->conf->ap_pin);
863 	hapd->conf->ap_pin = os_strdup(pin_txt);
864 	if (hapd->conf->ap_pin == NULL)
865 		return NULL;
866 	wpas_wps_ap_pin_enable(wpa_s, timeout);
867 
868 	return hapd->conf->ap_pin;
869 }
870 
871 
wpas_wps_ap_pin_get(struct wpa_supplicant * wpa_s)872 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
873 {
874 	struct hostapd_data *hapd;
875 	if (wpa_s->ap_iface == NULL)
876 		return NULL;
877 	hapd = wpa_s->ap_iface->bss[0];
878 	return hapd->conf->ap_pin;
879 }
880 
881 
wpas_wps_ap_pin_set(struct wpa_supplicant * wpa_s,const char * pin,int timeout)882 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
883 			int timeout)
884 {
885 	struct hostapd_data *hapd;
886 	char pin_txt[9];
887 	int ret;
888 
889 	if (wpa_s->ap_iface == NULL)
890 		return -1;
891 	hapd = wpa_s->ap_iface->bss[0];
892 	ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
893 	if (ret < 0 || ret >= (int) sizeof(pin_txt))
894 		return -1;
895 	os_free(hapd->conf->ap_pin);
896 	hapd->conf->ap_pin = os_strdup(pin_txt);
897 	if (hapd->conf->ap_pin == NULL)
898 		return -1;
899 	wpas_wps_ap_pin_enable(wpa_s, timeout);
900 
901 	return 0;
902 }
903 
904 
wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant * wpa_s)905 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
906 {
907 	struct hostapd_data *hapd;
908 
909 	if (wpa_s->ap_iface == NULL)
910 		return;
911 	hapd = wpa_s->ap_iface->bss[0];
912 
913 	/*
914 	 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
915 	 * PIN if this happens multiple times to slow down brute force attacks.
916 	 */
917 	hapd->ap_pin_failures++;
918 	wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
919 		   hapd->ap_pin_failures);
920 	if (hapd->ap_pin_failures < 3)
921 		return;
922 
923 	wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
924 	hapd->ap_pin_failures = 0;
925 	os_free(hapd->conf->ap_pin);
926 	hapd->conf->ap_pin = NULL;
927 }
928 
929 
930 #ifdef CONFIG_WPS_NFC
931 
wpas_ap_wps_nfc_config_token(struct wpa_supplicant * wpa_s,int ndef)932 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
933 					     int ndef)
934 {
935 	struct hostapd_data *hapd;
936 
937 	if (wpa_s->ap_iface == NULL)
938 		return NULL;
939 	hapd = wpa_s->ap_iface->bss[0];
940 	return hostapd_wps_nfc_config_token(hapd, ndef);
941 }
942 
943 
wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant * wpa_s,int ndef)944 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
945 					     int ndef)
946 {
947 	struct hostapd_data *hapd;
948 
949 	if (wpa_s->ap_iface == NULL)
950 		return NULL;
951 	hapd = wpa_s->ap_iface->bss[0];
952 	return hostapd_wps_nfc_hs_cr(hapd, ndef);
953 }
954 
955 
wpas_ap_wps_nfc_report_handover(struct wpa_supplicant * wpa_s,const struct wpabuf * req,const struct wpabuf * sel)956 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
957 				    const struct wpabuf *req,
958 				    const struct wpabuf *sel)
959 {
960 	struct hostapd_data *hapd;
961 
962 	if (wpa_s->ap_iface == NULL)
963 		return -1;
964 	hapd = wpa_s->ap_iface->bss[0];
965 	return hostapd_wps_nfc_report_handover(hapd, req, sel);
966 }
967 
968 #endif /* CONFIG_WPS_NFC */
969 
970 #endif /* CONFIG_WPS */
971 
972 
973 #ifdef CONFIG_CTRL_IFACE
974 
ap_ctrl_iface_sta_first(struct wpa_supplicant * wpa_s,char * buf,size_t buflen)975 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
976 			    char *buf, size_t buflen)
977 {
978 	if (wpa_s->ap_iface == NULL)
979 		return -1;
980 	return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0],
981 					    buf, buflen);
982 }
983 
984 
ap_ctrl_iface_sta(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)985 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
986 		      char *buf, size_t buflen)
987 {
988 	if (wpa_s->ap_iface == NULL)
989 		return -1;
990 	return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr,
991 				      buf, buflen);
992 }
993 
994 
ap_ctrl_iface_sta_next(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)995 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
996 			   char *buf, size_t buflen)
997 {
998 	if (wpa_s->ap_iface == NULL)
999 		return -1;
1000 	return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr,
1001 					   buf, buflen);
1002 }
1003 
1004 
ap_ctrl_iface_sta_disassociate(struct wpa_supplicant * wpa_s,const char * txtaddr)1005 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
1006 				   const char *txtaddr)
1007 {
1008 	if (wpa_s->ap_iface == NULL)
1009 		return -1;
1010 	return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
1011 					       txtaddr);
1012 }
1013 
1014 
ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant * wpa_s,const char * txtaddr)1015 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
1016 				     const char *txtaddr)
1017 {
1018 	if (wpa_s->ap_iface == NULL)
1019 		return -1;
1020 	return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
1021 						 txtaddr);
1022 }
1023 
1024 
ap_ctrl_iface_wpa_get_status(struct wpa_supplicant * wpa_s,char * buf,size_t buflen,int verbose)1025 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
1026 				 size_t buflen, int verbose)
1027 {
1028 	char *pos = buf, *end = buf + buflen;
1029 	int ret;
1030 	struct hostapd_bss_config *conf;
1031 
1032 	if (wpa_s->ap_iface == NULL)
1033 		return -1;
1034 
1035 	conf = wpa_s->ap_iface->bss[0]->conf;
1036 	if (conf->wpa == 0)
1037 		return 0;
1038 
1039 	ret = os_snprintf(pos, end - pos,
1040 			  "pairwise_cipher=%s\n"
1041 			  "group_cipher=%s\n"
1042 			  "key_mgmt=%s\n",
1043 			  wpa_cipher_txt(conf->rsn_pairwise),
1044 			  wpa_cipher_txt(conf->wpa_group),
1045 			  wpa_key_mgmt_txt(conf->wpa_key_mgmt,
1046 					   conf->wpa));
1047 	if (ret < 0 || ret >= end - pos)
1048 		return pos - buf;
1049 	pos += ret;
1050 	return pos - buf;
1051 }
1052 
1053 #endif /* CONFIG_CTRL_IFACE */
1054 
1055 
wpa_supplicant_ap_update_beacon(struct wpa_supplicant * wpa_s)1056 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
1057 {
1058 	struct hostapd_iface *iface = wpa_s->ap_iface;
1059 	struct wpa_ssid *ssid = wpa_s->current_ssid;
1060 	struct hostapd_data *hapd;
1061 
1062 	if (ssid == NULL || wpa_s->ap_iface == NULL ||
1063 	    ssid->mode == WPAS_MODE_INFRA ||
1064 	    ssid->mode == WPAS_MODE_IBSS)
1065 		return -1;
1066 
1067 #ifdef CONFIG_P2P
1068 	if (ssid->mode == WPAS_MODE_P2P_GO)
1069 		iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1070 	else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1071 		iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1072 			P2P_GROUP_FORMATION;
1073 #endif /* CONFIG_P2P */
1074 
1075 	hapd = iface->bss[0];
1076 	if (hapd->drv_priv == NULL)
1077 		return -1;
1078 	ieee802_11_set_beacons(iface);
1079 	hostapd_set_ap_wps_ie(hapd);
1080 
1081 	return 0;
1082 }
1083 
1084 
ap_switch_channel(struct wpa_supplicant * wpa_s,struct csa_settings * settings)1085 int ap_switch_channel(struct wpa_supplicant *wpa_s,
1086 		      struct csa_settings *settings)
1087 {
1088 #ifdef NEED_AP_MLME
1089 	if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1090 		return -1;
1091 
1092 	return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings);
1093 #else /* NEED_AP_MLME */
1094 	return -1;
1095 #endif /* NEED_AP_MLME */
1096 }
1097 
1098 
ap_ctrl_iface_chanswitch(struct wpa_supplicant * wpa_s,const char * pos)1099 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
1100 {
1101 	struct csa_settings settings;
1102 	int ret = hostapd_parse_csa_settings(pos, &settings);
1103 
1104 	if (ret)
1105 		return ret;
1106 
1107 	return ap_switch_channel(wpa_s, &settings);
1108 }
1109 
1110 
wpas_ap_ch_switch(struct wpa_supplicant * wpa_s,int freq,int ht,int offset,int width,int cf1,int cf2)1111 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
1112 		       int offset, int width, int cf1, int cf2)
1113 {
1114 	if (!wpa_s->ap_iface)
1115 		return;
1116 
1117 	wpa_s->assoc_freq = freq;
1118 	hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset, width, cf1, cf1);
1119 }
1120 
1121 
wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant * wpa_s,const u8 * addr)1122 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
1123 				      const u8 *addr)
1124 {
1125 	struct hostapd_data *hapd;
1126 	struct hostapd_bss_config *conf;
1127 
1128 	if (!wpa_s->ap_iface)
1129 		return -1;
1130 
1131 	if (addr)
1132 		wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
1133 			   MAC2STR(addr));
1134 	else
1135 		wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
1136 
1137 	hapd = wpa_s->ap_iface->bss[0];
1138 	conf = hapd->conf;
1139 
1140 	os_free(conf->accept_mac);
1141 	conf->accept_mac = NULL;
1142 	conf->num_accept_mac = 0;
1143 	os_free(conf->deny_mac);
1144 	conf->deny_mac = NULL;
1145 	conf->num_deny_mac = 0;
1146 
1147 	if (addr == NULL) {
1148 		conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
1149 		return 0;
1150 	}
1151 
1152 	conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
1153 	conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
1154 	if (conf->accept_mac == NULL)
1155 		return -1;
1156 	os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
1157 	conf->num_accept_mac = 1;
1158 
1159 	return 0;
1160 }
1161 
1162 
1163 #ifdef CONFIG_WPS_NFC
wpas_ap_wps_add_nfc_pw(struct wpa_supplicant * wpa_s,u16 pw_id,const struct wpabuf * pw,const u8 * pubkey_hash)1164 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
1165 			   const struct wpabuf *pw, const u8 *pubkey_hash)
1166 {
1167 	struct hostapd_data *hapd;
1168 	struct wps_context *wps;
1169 
1170 	if (!wpa_s->ap_iface)
1171 		return -1;
1172 	hapd = wpa_s->ap_iface->bss[0];
1173 	wps = hapd->wps;
1174 
1175 	if (wpa_s->parent->conf->wps_nfc_dh_pubkey == NULL ||
1176 	    wpa_s->parent->conf->wps_nfc_dh_privkey == NULL) {
1177 		wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
1178 		return -1;
1179 	}
1180 
1181 	dh5_free(wps->dh_ctx);
1182 	wpabuf_free(wps->dh_pubkey);
1183 	wpabuf_free(wps->dh_privkey);
1184 	wps->dh_privkey = wpabuf_dup(
1185 		wpa_s->parent->conf->wps_nfc_dh_privkey);
1186 	wps->dh_pubkey = wpabuf_dup(
1187 		wpa_s->parent->conf->wps_nfc_dh_pubkey);
1188 	if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
1189 		wps->dh_ctx = NULL;
1190 		wpabuf_free(wps->dh_pubkey);
1191 		wps->dh_pubkey = NULL;
1192 		wpabuf_free(wps->dh_privkey);
1193 		wps->dh_privkey = NULL;
1194 		return -1;
1195 	}
1196 	wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
1197 	if (wps->dh_ctx == NULL)
1198 		return -1;
1199 
1200 	return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
1201 					      pw_id,
1202 					      pw ? wpabuf_head(pw) : NULL,
1203 					      pw ? wpabuf_len(pw) : 0, 1);
1204 }
1205 #endif /* CONFIG_WPS_NFC */
1206