ap.c revision 8d520ff1dc2da35cdca849e982051b86468016d8
1/* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 as 8 * published by the Free Software Foundation. 9 * 10 * Alternatively, this software may be distributed under the terms of BSD 11 * license. 12 * 13 * See README and COPYING for more details. 14 */ 15 16#include "utils/includes.h" 17 18#include "utils/common.h" 19#include "utils/eloop.h" 20#include "utils/uuid.h" 21#include "common/ieee802_11_defs.h" 22#include "common/wpa_ctrl.h" 23#include "ap/hostapd.h" 24#include "ap/ap_config.h" 25#include "ap/ap_drv_ops.h" 26#ifdef NEED_AP_MLME 27#include "ap/ieee802_11.h" 28#endif /* NEED_AP_MLME */ 29#include "ap/beacon.h" 30#include "ap/ieee802_1x.h" 31#include "ap/wps_hostapd.h" 32#include "ap/ctrl_iface_ap.h" 33#include "eap_common/eap_defs.h" 34#include "eap_server/eap_methods.h" 35#include "eap_common/eap_wsc_common.h" 36#include "wps/wps.h" 37#include "common/ieee802_11_defs.h" 38#include "config_ssid.h" 39#include "config.h" 40#include "wpa_supplicant_i.h" 41#include "driver_i.h" 42#include "p2p_supplicant.h" 43#include "ap.h" 44#include "ap/sta_info.h" 45#include "notify.h" 46 47 48#ifdef CONFIG_WPS 49static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 50#endif /* CONFIG_WPS */ 51 52 53static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 54 struct wpa_ssid *ssid, 55 struct hostapd_config *conf) 56{ 57 struct hostapd_bss_config *bss = &conf->bss[0]; 58 int pairwise; 59 60 conf->driver = wpa_s->driver; 61 62 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 63 64 if (ssid->frequency == 0) { 65 /* default channel 11 */ 66 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 67 conf->channel = 11; 68 } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) { 69 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 70 conf->channel = (ssid->frequency - 2407) / 5; 71 } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) || 72 (ssid->frequency >= 5745 && ssid->frequency <= 5825)) { 73 conf->hw_mode = HOSTAPD_MODE_IEEE80211A; 74 conf->channel = (ssid->frequency - 5000) / 5; 75 } else { 76 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 77 ssid->frequency); 78 return -1; 79 } 80 81 /* TODO: enable HT if driver supports it; 82 * drop to 11b if driver does not support 11g */ 83 84#ifdef CONFIG_P2P 85 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { 86 /* Remove 802.11b rates from supported and basic rate sets */ 87 int *list = os_malloc(4 * sizeof(int)); 88 if (list) { 89 list[0] = 60; 90 list[1] = 120; 91 list[2] = 240; 92 list[3] = -1; 93 } 94 conf->basic_rates = list; 95 96 list = os_malloc(9 * sizeof(int)); 97 if (list) { 98 list[0] = 60; 99 list[1] = 90; 100 list[2] = 120; 101 list[3] = 180; 102 list[4] = 240; 103 list[5] = 360; 104 list[6] = 480; 105 list[7] = 540; 106 list[8] = -1; 107 } 108 conf->supported_rates = list; 109 } 110#endif /* CONFIG_P2P */ 111 112 if (ssid->ssid_len == 0) { 113 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 114 return -1; 115 } 116 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 117 bss->ssid.ssid[ssid->ssid_len] = '\0'; 118 bss->ssid.ssid_len = ssid->ssid_len; 119 bss->ssid.ssid_set = 1; 120 121 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 122 bss->wpa = ssid->proto; 123 bss->wpa_key_mgmt = ssid->key_mgmt; 124 bss->wpa_pairwise = ssid->pairwise_cipher; 125 if (ssid->passphrase) { 126 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 127 } else if (ssid->psk_set) { 128 os_free(bss->ssid.wpa_psk); 129 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 130 if (bss->ssid.wpa_psk == NULL) 131 return -1; 132 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 133 bss->ssid.wpa_psk->group = 1; 134 } 135 136 /* Select group cipher based on the enabled pairwise cipher suites */ 137 pairwise = 0; 138 if (bss->wpa & 1) 139 pairwise |= bss->wpa_pairwise; 140 if (bss->wpa & 2) { 141 if (bss->rsn_pairwise == 0) 142 bss->rsn_pairwise = bss->wpa_pairwise; 143 pairwise |= bss->rsn_pairwise; 144 } 145 if (pairwise & WPA_CIPHER_TKIP) 146 bss->wpa_group = WPA_CIPHER_TKIP; 147 else 148 bss->wpa_group = WPA_CIPHER_CCMP; 149 150 if (bss->wpa && bss->ieee802_1x) 151 bss->ssid.security_policy = SECURITY_WPA; 152 else if (bss->wpa) 153 bss->ssid.security_policy = SECURITY_WPA_PSK; 154 else if (bss->ieee802_1x) { 155 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 156 bss->ssid.wep.default_len = bss->default_wep_key_len; 157 } else if (bss->ssid.wep.keys_set) 158 bss->ssid.security_policy = SECURITY_STATIC_WEP; 159 else 160 bss->ssid.security_policy = SECURITY_PLAINTEXT; 161 162#ifdef CONFIG_WPS 163 /* 164 * Enable WPS by default, but require user interaction to actually use 165 * it. Only the internal Registrar is supported. 166 */ 167 bss->eap_server = 1; 168 bss->wps_state = 2; 169 bss->ap_setup_locked = 2; 170 if (wpa_s->conf->config_methods) 171 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 172 os_memcpy(bss->device_type, wpa_s->conf->device_type, 173 WPS_DEV_TYPE_LEN); 174 if (wpa_s->conf->device_name) { 175 bss->device_name = os_strdup(wpa_s->conf->device_name); 176 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 177 } 178 if (wpa_s->conf->manufacturer) 179 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 180 if (wpa_s->conf->model_name) 181 bss->model_name = os_strdup(wpa_s->conf->model_name); 182 if (wpa_s->conf->model_number) 183 bss->model_number = os_strdup(wpa_s->conf->model_number); 184 if (wpa_s->conf->serial_number) 185 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 186 if (is_nil_uuid(wpa_s->conf->uuid)) 187 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 188 else 189 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 190 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 191#endif /* CONFIG_WPS */ 192 193 if (wpa_s->max_stations && 194 wpa_s->max_stations < wpa_s->conf->max_num_sta) 195 bss->max_num_sta = wpa_s->max_stations; 196 else 197 bss->max_num_sta = wpa_s->conf->max_num_sta; 198 199 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 200 201 return 0; 202} 203 204 205static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 206{ 207#ifdef CONFIG_P2P 208 struct wpa_supplicant *wpa_s = ctx; 209 const struct ieee80211_mgmt *mgmt; 210 size_t hdr_len; 211 212 mgmt = (const struct ieee80211_mgmt *) buf; 213 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 214 if (hdr_len > len) 215 return; 216 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 217 mgmt->u.action.category, 218 &mgmt->u.action.u.vs_public_action.action, 219 len - hdr_len, freq); 220#endif /* CONFIG_P2P */ 221} 222 223 224static void ap_wps_event_cb(void *ctx, enum wps_event event, 225 union wps_event_data *data) 226{ 227#ifdef CONFIG_P2P 228 struct wpa_supplicant *wpa_s = ctx; 229 230 if (event == WPS_EV_FAIL && wpa_s->parent && wpa_s->parent != wpa_s && 231 wpa_s == wpa_s->global->p2p_group_formation) { 232 struct wps_event_fail *fail = &data->fail; 233 234 /* 235 * src/ap/wps_hostapd.c has already sent this on the main 236 * interface, so only send on the parent interface here if 237 * needed. 238 */ 239 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 240 "msg=%d config_error=%d", 241 fail->msg, fail->config_error); 242 } 243#endif /* CONFIG_P2P */ 244} 245 246 247static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 248 int authorized) 249{ 250 wpas_notify_sta_authorized(ctx, mac_addr, authorized); 251} 252 253 254static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 255{ 256#ifdef CONFIG_P2P 257 struct wpa_supplicant *wpa_s = ctx; 258 const struct ieee80211_mgmt *mgmt; 259 size_t hdr_len; 260 261 mgmt = (const struct ieee80211_mgmt *) buf; 262 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 263 if (hdr_len > len) 264 return -1; 265 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 266 mgmt->u.action.category, 267 &mgmt->u.action.u.vs_public_action.action, 268 len - hdr_len, freq); 269#endif /* CONFIG_P2P */ 270 return 0; 271} 272 273 274static int ap_probe_req_rx(void *ctx, const u8 *addr, const u8 *ie, 275 size_t ie_len) 276{ 277#ifdef CONFIG_P2P 278 struct wpa_supplicant *wpa_s = ctx; 279 return wpas_p2p_probe_req_rx(wpa_s, addr, ie, ie_len); 280#else /* CONFIG_P2P */ 281 return 0; 282#endif /* CONFIG_P2P */ 283} 284 285 286static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 287 const u8 *uuid_e) 288{ 289#ifdef CONFIG_P2P 290 struct wpa_supplicant *wpa_s = ctx; 291 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 292#endif /* CONFIG_P2P */ 293} 294 295 296static void wpas_ap_configured_cb(void *ctx) 297{ 298 struct wpa_supplicant *wpa_s = ctx; 299 300 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 301 302 if (wpa_s->ap_configured_cb) 303 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 304 wpa_s->ap_configured_cb_data); 305} 306 307 308int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 309 struct wpa_ssid *ssid) 310{ 311 struct wpa_driver_associate_params params; 312 struct hostapd_iface *hapd_iface; 313 struct hostapd_config *conf; 314 size_t i; 315 316 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 317 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 318 return -1; 319 } 320 321 wpa_supplicant_ap_deinit(wpa_s); 322 323 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 324 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 325 326 os_memset(¶ms, 0, sizeof(params)); 327 params.ssid = ssid->ssid; 328 params.ssid_len = ssid->ssid_len; 329 switch (ssid->mode) { 330 case WPAS_MODE_INFRA: 331 params.mode = IEEE80211_MODE_INFRA; 332 break; 333 case WPAS_MODE_IBSS: 334 params.mode = IEEE80211_MODE_IBSS; 335 break; 336 case WPAS_MODE_AP: 337 case WPAS_MODE_P2P_GO: 338 case WPAS_MODE_P2P_GROUP_FORMATION: 339 params.mode = IEEE80211_MODE_AP; 340 break; 341 } 342 params.freq = ssid->frequency; 343 344 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 345 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 346 else 347 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 348 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 349 350 if (ssid->pairwise_cipher & WPA_CIPHER_CCMP) 351 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 352 else if (ssid->pairwise_cipher & WPA_CIPHER_TKIP) 353 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 354 else if (ssid->pairwise_cipher & WPA_CIPHER_NONE) 355 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 356 else { 357 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 358 "cipher."); 359 return -1; 360 } 361 params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher); 362 params.group_suite = params.pairwise_suite; 363 364#ifdef CONFIG_P2P 365 if (ssid->mode == WPAS_MODE_P2P_GO || 366 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 367 params.p2p = 1; 368 wpa_drv_set_intra_bss(wpa_s, wpa_s->conf->p2p_intra_bss); 369#endif /* CONFIG_P2P */ 370 371 if (wpa_s->parent->set_ap_uapsd) 372 params.uapsd = wpa_s->parent->ap_uapsd; 373 else 374 params.uapsd = -1; 375 376 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 377 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 378 return -1; 379 } 380 381 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 382 if (hapd_iface == NULL) 383 return -1; 384 hapd_iface->owner = wpa_s; 385 386 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 387 if (conf == NULL) { 388 wpa_supplicant_ap_deinit(wpa_s); 389 return -1; 390 } 391 392 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 393 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 394 wpa_supplicant_ap_deinit(wpa_s); 395 return -1; 396 } 397 398#ifdef CONFIG_P2P 399 if (ssid->mode == WPAS_MODE_P2P_GO) 400 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 401 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 402 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 403 P2P_GROUP_FORMATION; 404#endif /* CONFIG_P2P */ 405 406 hapd_iface->num_bss = conf->num_bss; 407 hapd_iface->bss = os_zalloc(conf->num_bss * 408 sizeof(struct hostapd_data *)); 409 if (hapd_iface->bss == NULL) { 410 wpa_supplicant_ap_deinit(wpa_s); 411 return -1; 412 } 413 414 for (i = 0; i < conf->num_bss; i++) { 415 hapd_iface->bss[i] = 416 hostapd_alloc_bss_data(hapd_iface, conf, 417 &conf->bss[i]); 418 if (hapd_iface->bss[i] == NULL) { 419 wpa_supplicant_ap_deinit(wpa_s); 420 return -1; 421 } 422 423 hapd_iface->bss[i]->msg_ctx = wpa_s; 424 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 425 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 426 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 427 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 428 hostapd_register_probereq_cb(hapd_iface->bss[i], 429 ap_probe_req_rx, wpa_s); 430 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 431 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 432 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 433 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 434 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 435 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 436#ifdef CONFIG_P2P 437 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 438 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init( 439 wpa_s, ssid->p2p_persistent_group, 440 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION); 441#endif /* CONFIG_P2P */ 442 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 443 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 444 } 445 446 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 447 hapd_iface->bss[0]->driver = wpa_s->driver; 448 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 449 450 wpa_s->current_ssid = ssid; 451 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 452 wpa_s->assoc_freq = ssid->frequency; 453 454 if (hostapd_setup_interface(wpa_s->ap_iface)) { 455 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 456 wpa_supplicant_ap_deinit(wpa_s); 457 return -1; 458 } 459 460 return 0; 461} 462 463 464void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 465{ 466#ifdef CONFIG_WPS 467 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 468#endif /* CONFIG_WPS */ 469 470 if (wpa_s->ap_iface == NULL) 471 return; 472 473 wpa_s->current_ssid = NULL; 474 wpa_s->assoc_freq = 0; 475#ifdef CONFIG_P2P 476 if (wpa_s->ap_iface->bss) 477 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 478 wpas_p2p_group_deinit(wpa_s); 479#endif /* CONFIG_P2P */ 480 hostapd_interface_deinit(wpa_s->ap_iface); 481 hostapd_interface_free(wpa_s->ap_iface); 482 wpa_s->ap_iface = NULL; 483 wpa_drv_deinit_ap(wpa_s); 484} 485 486 487void ap_tx_status(void *ctx, const u8 *addr, 488 const u8 *buf, size_t len, int ack) 489{ 490#ifdef NEED_AP_MLME 491 struct wpa_supplicant *wpa_s = ctx; 492 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 493#endif /* NEED_AP_MLME */ 494} 495 496 497void ap_rx_from_unknown_sta(void *ctx, const u8 *frame, size_t len) 498{ 499#ifdef NEED_AP_MLME 500 struct wpa_supplicant *wpa_s = ctx; 501 const struct ieee80211_hdr *hdr = 502 (const struct ieee80211_hdr *) frame; 503 u16 fc = le_to_host16(hdr->frame_control); 504 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], hdr->addr2, 505 (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) == 506 (WLAN_FC_TODS | WLAN_FC_FROMDS)); 507#endif /* NEED_AP_MLME */ 508} 509 510 511void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 512{ 513#ifdef NEED_AP_MLME 514 struct wpa_supplicant *wpa_s = ctx; 515 struct hostapd_frame_info fi; 516 os_memset(&fi, 0, sizeof(fi)); 517 fi.datarate = rx_mgmt->datarate; 518 fi.ssi_signal = rx_mgmt->ssi_signal; 519 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 520 rx_mgmt->frame_len, &fi); 521#endif /* NEED_AP_MLME */ 522} 523 524 525void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 526{ 527#ifdef NEED_AP_MLME 528 struct wpa_supplicant *wpa_s = ctx; 529 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 530#endif /* NEED_AP_MLME */ 531} 532 533 534void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 535 const u8 *src_addr, const u8 *buf, size_t len) 536{ 537 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 538} 539 540 541#ifdef CONFIG_WPS 542 543int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 544 const u8 *p2p_dev_addr) 545{ 546 if (!wpa_s->ap_iface) 547 return -1; 548 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 549 p2p_dev_addr); 550} 551 552 553static int wpa_supplicant_ap_wps_sta_cancel(struct hostapd_data *hapd, 554 struct sta_info *sta, void *ctx) 555{ 556 if (sta && (sta->flags & WLAN_STA_WPS)) { 557 ap_sta_deauthenticate(hapd, sta, 558 WLAN_REASON_PREV_AUTH_NOT_VALID); 559 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 560 __func__, MAC2STR(sta->addr)); 561 return 1; 562 } 563 564 return 0; 565} 566 567 568int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 569{ 570 struct wps_registrar *reg; 571 int reg_sel = 0, wps_sta = 0; 572 573 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 574 return -1; 575 576 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 577 reg_sel = wps_registrar_wps_cancel(reg); 578 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 579 wpa_supplicant_ap_wps_sta_cancel, NULL); 580 581 if (!reg_sel && !wps_sta) { 582 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 583 "time"); 584 return -1; 585 } 586 587 /* 588 * There are 2 cases to return wps cancel as success: 589 * 1. When wps cancel was initiated but no connection has been 590 * established with client yet. 591 * 2. Client is in the middle of exchanging WPS messages. 592 */ 593 594 return 0; 595} 596 597 598int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 599 const char *pin, char *buf, size_t buflen) 600{ 601 int ret, ret_len = 0; 602 603 if (!wpa_s->ap_iface) 604 return -1; 605 606 if (pin == NULL) { 607 unsigned int rpin = wps_generate_pin(); 608 ret_len = os_snprintf(buf, buflen, "%d", rpin); 609 pin = buf; 610 } else 611 ret_len = os_snprintf(buf, buflen, "%s", pin); 612 613 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 614 0); 615 if (ret) 616 return -1; 617 return ret_len; 618} 619 620 621static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 622{ 623 struct wpa_supplicant *wpa_s = eloop_data; 624 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 625 wpas_wps_ap_pin_disable(wpa_s); 626} 627 628 629static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 630{ 631 struct hostapd_data *hapd; 632 633 if (wpa_s->ap_iface == NULL) 634 return; 635 hapd = wpa_s->ap_iface->bss[0]; 636 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 637 hapd->ap_pin_failures = 0; 638 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 639 if (timeout > 0) 640 eloop_register_timeout(timeout, 0, 641 wpas_wps_ap_pin_timeout, wpa_s, NULL); 642} 643 644 645void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 646{ 647 struct hostapd_data *hapd; 648 649 if (wpa_s->ap_iface == NULL) 650 return; 651 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 652 hapd = wpa_s->ap_iface->bss[0]; 653 os_free(hapd->conf->ap_pin); 654 hapd->conf->ap_pin = NULL; 655 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 656} 657 658 659const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 660{ 661 struct hostapd_data *hapd; 662 unsigned int pin; 663 char pin_txt[9]; 664 665 if (wpa_s->ap_iface == NULL) 666 return NULL; 667 hapd = wpa_s->ap_iface->bss[0]; 668 pin = wps_generate_pin(); 669 os_snprintf(pin_txt, sizeof(pin_txt), "%u", pin); 670 os_free(hapd->conf->ap_pin); 671 hapd->conf->ap_pin = os_strdup(pin_txt); 672 if (hapd->conf->ap_pin == NULL) 673 return NULL; 674 wpas_wps_ap_pin_enable(wpa_s, timeout); 675 676 return hapd->conf->ap_pin; 677} 678 679 680const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 681{ 682 struct hostapd_data *hapd; 683 if (wpa_s->ap_iface == NULL) 684 return NULL; 685 hapd = wpa_s->ap_iface->bss[0]; 686 return hapd->conf->ap_pin; 687} 688 689 690int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 691 int timeout) 692{ 693 struct hostapd_data *hapd; 694 char pin_txt[9]; 695 int ret; 696 697 if (wpa_s->ap_iface == NULL) 698 return -1; 699 hapd = wpa_s->ap_iface->bss[0]; 700 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 701 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 702 return -1; 703 os_free(hapd->conf->ap_pin); 704 hapd->conf->ap_pin = os_strdup(pin_txt); 705 if (hapd->conf->ap_pin == NULL) 706 return -1; 707 wpas_wps_ap_pin_enable(wpa_s, timeout); 708 709 return 0; 710} 711 712 713void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 714{ 715 struct hostapd_data *hapd; 716 717 if (wpa_s->ap_iface == NULL) 718 return; 719 hapd = wpa_s->ap_iface->bss[0]; 720 721 /* 722 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 723 * PIN if this happens multiple times to slow down brute force attacks. 724 */ 725 hapd->ap_pin_failures++; 726 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 727 hapd->ap_pin_failures); 728 if (hapd->ap_pin_failures < 3) 729 return; 730 731 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 732 hapd->ap_pin_failures = 0; 733 os_free(hapd->conf->ap_pin); 734 hapd->conf->ap_pin = NULL; 735} 736 737#endif /* CONFIG_WPS */ 738 739 740#ifdef CONFIG_CTRL_IFACE 741 742int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 743 char *buf, size_t buflen) 744{ 745 if (wpa_s->ap_iface == NULL) 746 return -1; 747 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 748 buf, buflen); 749} 750 751 752int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 753 char *buf, size_t buflen) 754{ 755 if (wpa_s->ap_iface == NULL) 756 return -1; 757 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 758 buf, buflen); 759} 760 761 762int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 763 char *buf, size_t buflen) 764{ 765 if (wpa_s->ap_iface == NULL) 766 return -1; 767 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 768 buf, buflen); 769} 770 771 772int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 773 size_t buflen, int verbose) 774{ 775 char *pos = buf, *end = buf + buflen; 776 int ret; 777 struct hostapd_bss_config *conf; 778 779 if (wpa_s->ap_iface == NULL) 780 return -1; 781 782 conf = wpa_s->ap_iface->bss[0]->conf; 783 if (conf->wpa == 0) 784 return 0; 785 786 ret = os_snprintf(pos, end - pos, 787 "pairwise_cipher=%s\n" 788 "group_cipher=%s\n" 789 "key_mgmt=%s\n", 790 wpa_cipher_txt(conf->rsn_pairwise), 791 wpa_cipher_txt(conf->wpa_group), 792 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 793 conf->wpa)); 794 if (ret < 0 || ret >= end - pos) 795 return pos - buf; 796 pos += ret; 797 return pos - buf; 798} 799 800#endif /* CONFIG_CTRL_IFACE */ 801 802 803int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 804{ 805 struct hostapd_iface *iface = wpa_s->ap_iface; 806 struct wpa_ssid *ssid = wpa_s->current_ssid; 807 struct hostapd_data *hapd; 808 809 if (ssid == NULL || wpa_s->ap_iface == NULL) 810 return -1; 811 812#ifdef CONFIG_P2P 813 if (ssid->mode == WPAS_MODE_P2P_GO) 814 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 815 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 816 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 817 P2P_GROUP_FORMATION; 818#endif /* CONFIG_P2P */ 819 820 ieee802_11_set_beacons(iface); 821 hapd = iface->bss[0]; 822 hostapd_set_ap_wps_ie(hapd); 823 824 return 0; 825} 826 827 828int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 829 const u8 *addr) 830{ 831 struct hostapd_data *hapd; 832 struct hostapd_bss_config *conf; 833 834 if (!wpa_s->ap_iface) 835 return -1; 836 837 if (addr) 838 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 839 MAC2STR(addr)); 840 else 841 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 842 843 hapd = wpa_s->ap_iface->bss[0]; 844 conf = hapd->conf; 845 846 os_free(conf->accept_mac); 847 conf->accept_mac = NULL; 848 conf->num_accept_mac = 0; 849 os_free(conf->deny_mac); 850 conf->deny_mac = NULL; 851 conf->num_deny_mac = 0; 852 853 if (addr == NULL) { 854 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 855 return 0; 856 } 857 858 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 859 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 860 if (conf->accept_mac == NULL) 861 return -1; 862 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 863 conf->num_accept_mac = 1; 864 865 return 0; 866} 867