ap.c revision 1846323989242844f0e857458a8939fa5836429c
1/* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10#include "utils/includes.h" 11 12#include "utils/common.h" 13#include "utils/eloop.h" 14#include "utils/uuid.h" 15#include "common/ieee802_11_defs.h" 16#include "common/wpa_ctrl.h" 17#include "eapol_supp/eapol_supp_sm.h" 18#include "ap/hostapd.h" 19#include "ap/ap_config.h" 20#include "ap/ap_drv_ops.h" 21#ifdef NEED_AP_MLME 22#include "ap/ieee802_11.h" 23#endif /* NEED_AP_MLME */ 24#include "ap/beacon.h" 25#include "ap/ieee802_1x.h" 26#include "ap/wps_hostapd.h" 27#include "ap/ctrl_iface_ap.h" 28#include "wps/wps.h" 29#include "common/ieee802_11_defs.h" 30#include "config_ssid.h" 31#include "config.h" 32#include "wpa_supplicant_i.h" 33#include "driver_i.h" 34#include "p2p_supplicant.h" 35#include "ap.h" 36#include "ap/sta_info.h" 37#include "notify.h" 38 39 40#ifdef CONFIG_WPS 41static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 42#endif /* CONFIG_WPS */ 43 44 45#ifdef CONFIG_IEEE80211N 46static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, 47 struct hostapd_config *conf, 48 struct hostapd_hw_modes *mode) 49{ 50 u8 center_chan = 0; 51 u8 channel = conf->channel; 52 53 if (!conf->secondary_channel) 54 goto no_vht; 55 56 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); 57 if (!center_chan) 58 goto no_vht; 59 60 /* Use 80 MHz channel */ 61 conf->vht_oper_chwidth = 1; 62 conf->vht_oper_centr_freq_seg0_idx = center_chan; 63 return; 64 65no_vht: 66 conf->vht_oper_centr_freq_seg0_idx = 67 channel + conf->secondary_channel * 2; 68} 69#endif /* CONFIG_IEEE80211N */ 70 71 72static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 73 struct wpa_ssid *ssid, 74 struct hostapd_config *conf) 75{ 76 struct hostapd_bss_config *bss = conf->bss[0]; 77 78 conf->driver = wpa_s->driver; 79 80 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 81 82 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 83 &conf->channel); 84 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 85 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 86 ssid->frequency); 87 return -1; 88 } 89 90 /* TODO: enable HT40 if driver supports it; 91 * drop to 11b if driver does not support 11g */ 92 93#ifdef CONFIG_IEEE80211N 94 /* 95 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 96 * and a mask of allowed capabilities within conf->ht_capab. 97 * Using default config settings for: conf->ht_op_mode_fixed, 98 * conf->secondary_channel, conf->require_ht 99 */ 100 if (wpa_s->hw.modes) { 101 struct hostapd_hw_modes *mode = NULL; 102 int i, no_ht = 0; 103 for (i = 0; i < wpa_s->hw.num_modes; i++) { 104 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 105 mode = &wpa_s->hw.modes[i]; 106 break; 107 } 108 } 109 110#ifdef CONFIG_HT_OVERRIDES 111 if (ssid->disable_ht) { 112 conf->ieee80211n = 0; 113 conf->ht_capab = 0; 114 no_ht = 1; 115 } 116#endif /* CONFIG_HT_OVERRIDES */ 117 118 if (!no_ht && mode && mode->ht_capab) { 119 conf->ieee80211n = 1; 120#ifdef CONFIG_P2P 121 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 122 (mode->ht_capab & 123 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 124 ssid->ht40) 125 conf->secondary_channel = 126 wpas_p2p_get_ht40_mode(wpa_s, mode, 127 conf->channel); 128 if (conf->secondary_channel) 129 conf->ht_capab |= 130 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 131#endif /* CONFIG_P2P */ 132 133 /* 134 * white-list capabilities that won't cause issues 135 * to connecting stations, while leaving the current 136 * capabilities intact (currently disabled SMPS). 137 */ 138 conf->ht_capab |= mode->ht_capab & 139 (HT_CAP_INFO_GREEN_FIELD | 140 HT_CAP_INFO_SHORT_GI20MHZ | 141 HT_CAP_INFO_SHORT_GI40MHZ | 142 HT_CAP_INFO_RX_STBC_MASK | 143 HT_CAP_INFO_MAX_AMSDU_SIZE); 144 145 if (mode->vht_capab && ssid->vht) { 146 conf->ieee80211ac = 1; 147 wpas_conf_ap_vht(wpa_s, conf, mode); 148 } 149 } 150 } 151#endif /* CONFIG_IEEE80211N */ 152 153#ifdef CONFIG_P2P 154 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 155 (ssid->mode == WPAS_MODE_P2P_GO || 156 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 157 /* Remove 802.11b rates from supported and basic rate sets */ 158 int *list = os_malloc(4 * sizeof(int)); 159 if (list) { 160 list[0] = 60; 161 list[1] = 120; 162 list[2] = 240; 163 list[3] = -1; 164 } 165 conf->basic_rates = list; 166 167 list = os_malloc(9 * sizeof(int)); 168 if (list) { 169 list[0] = 60; 170 list[1] = 90; 171 list[2] = 120; 172 list[3] = 180; 173 list[4] = 240; 174 list[5] = 360; 175 list[6] = 480; 176 list[7] = 540; 177 list[8] = -1; 178 } 179 conf->supported_rates = list; 180 } 181 182 bss->isolate = !wpa_s->conf->p2p_intra_bss; 183 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 184#endif /* CONFIG_P2P */ 185 186 if (ssid->ssid_len == 0) { 187 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 188 return -1; 189 } 190 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 191 bss->ssid.ssid_len = ssid->ssid_len; 192 bss->ssid.ssid_set = 1; 193 194 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 195 196 if (ssid->auth_alg) 197 bss->auth_algs = ssid->auth_alg; 198 199 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 200 bss->wpa = ssid->proto; 201 bss->wpa_key_mgmt = ssid->key_mgmt; 202 bss->wpa_pairwise = ssid->pairwise_cipher; 203 if (ssid->psk_set) { 204 os_free(bss->ssid.wpa_psk); 205 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 206 if (bss->ssid.wpa_psk == NULL) 207 return -1; 208 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 209 bss->ssid.wpa_psk->group = 1; 210 } else if (ssid->passphrase) { 211 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 212 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 213 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 214 struct hostapd_wep_keys *wep = &bss->ssid.wep; 215 int i; 216 for (i = 0; i < NUM_WEP_KEYS; i++) { 217 if (ssid->wep_key_len[i] == 0) 218 continue; 219 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 220 if (wep->key[i] == NULL) 221 return -1; 222 os_memcpy(wep->key[i], ssid->wep_key[i], 223 ssid->wep_key_len[i]); 224 wep->len[i] = ssid->wep_key_len[i]; 225 } 226 wep->idx = ssid->wep_tx_keyidx; 227 wep->keys_set = 1; 228 } 229 230 if (ssid->ap_max_inactivity) 231 bss->ap_max_inactivity = ssid->ap_max_inactivity; 232 233 if (ssid->dtim_period) 234 bss->dtim_period = ssid->dtim_period; 235 else if (wpa_s->conf->dtim_period) 236 bss->dtim_period = wpa_s->conf->dtim_period; 237 238 if (ssid->beacon_int) 239 conf->beacon_int = ssid->beacon_int; 240 else if (wpa_s->conf->beacon_int) 241 conf->beacon_int = wpa_s->conf->beacon_int; 242 243 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 244 bss->rsn_pairwise = bss->wpa_pairwise; 245 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 246 bss->rsn_pairwise); 247 248 if (bss->wpa && bss->ieee802_1x) 249 bss->ssid.security_policy = SECURITY_WPA; 250 else if (bss->wpa) 251 bss->ssid.security_policy = SECURITY_WPA_PSK; 252 else if (bss->ieee802_1x) { 253 int cipher = WPA_CIPHER_NONE; 254 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 255 bss->ssid.wep.default_len = bss->default_wep_key_len; 256 if (bss->default_wep_key_len) 257 cipher = bss->default_wep_key_len >= 13 ? 258 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 259 bss->wpa_group = cipher; 260 bss->wpa_pairwise = cipher; 261 bss->rsn_pairwise = cipher; 262 } else if (bss->ssid.wep.keys_set) { 263 int cipher = WPA_CIPHER_WEP40; 264 if (bss->ssid.wep.len[0] >= 13) 265 cipher = WPA_CIPHER_WEP104; 266 bss->ssid.security_policy = SECURITY_STATIC_WEP; 267 bss->wpa_group = cipher; 268 bss->wpa_pairwise = cipher; 269 bss->rsn_pairwise = cipher; 270 } else { 271 bss->ssid.security_policy = SECURITY_PLAINTEXT; 272 bss->wpa_group = WPA_CIPHER_NONE; 273 bss->wpa_pairwise = WPA_CIPHER_NONE; 274 bss->rsn_pairwise = WPA_CIPHER_NONE; 275 } 276 277 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 278 (bss->wpa_group == WPA_CIPHER_CCMP || 279 bss->wpa_group == WPA_CIPHER_GCMP || 280 bss->wpa_group == WPA_CIPHER_CCMP_256 || 281 bss->wpa_group == WPA_CIPHER_GCMP_256)) { 282 /* 283 * Strong ciphers do not need frequent rekeying, so increase 284 * the default GTK rekeying period to 24 hours. 285 */ 286 bss->wpa_group_rekey = 86400; 287 } 288 289#ifdef CONFIG_WPS 290 /* 291 * Enable WPS by default for open and WPA/WPA2-Personal network, but 292 * require user interaction to actually use it. Only the internal 293 * Registrar is supported. 294 */ 295 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 296 bss->ssid.security_policy != SECURITY_PLAINTEXT) 297 goto no_wps; 298#ifdef CONFIG_WPS2 299 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 300 (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) 301 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 302 * configuration */ 303#endif /* CONFIG_WPS2 */ 304 bss->eap_server = 1; 305 306 if (!ssid->ignore_broadcast_ssid) 307 bss->wps_state = 2; 308 309 bss->ap_setup_locked = 2; 310 if (wpa_s->conf->config_methods) 311 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 312 os_memcpy(bss->device_type, wpa_s->conf->device_type, 313 WPS_DEV_TYPE_LEN); 314 if (wpa_s->conf->device_name) { 315 bss->device_name = os_strdup(wpa_s->conf->device_name); 316 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 317 } 318 if (wpa_s->conf->manufacturer) 319 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 320 if (wpa_s->conf->model_name) 321 bss->model_name = os_strdup(wpa_s->conf->model_name); 322 if (wpa_s->conf->model_number) 323 bss->model_number = os_strdup(wpa_s->conf->model_number); 324 if (wpa_s->conf->serial_number) 325 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 326 if (is_nil_uuid(wpa_s->conf->uuid)) 327 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 328 else 329 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 330 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 331 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 332no_wps: 333#endif /* CONFIG_WPS */ 334 335 if (wpa_s->max_stations && 336 wpa_s->max_stations < wpa_s->conf->max_num_sta) 337 bss->max_num_sta = wpa_s->max_stations; 338 else 339 bss->max_num_sta = wpa_s->conf->max_num_sta; 340 341 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 342 343 if (wpa_s->conf->ap_vendor_elements) { 344 bss->vendor_elements = 345 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 346 } 347 348 return 0; 349} 350 351 352static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 353{ 354#ifdef CONFIG_P2P 355 struct wpa_supplicant *wpa_s = ctx; 356 const struct ieee80211_mgmt *mgmt; 357 size_t hdr_len; 358 359 mgmt = (const struct ieee80211_mgmt *) buf; 360 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 361 if (hdr_len > len) 362 return; 363 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC) 364 return; 365 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 366 mgmt->u.action.category, 367 &mgmt->u.action.u.vs_public_action.action, 368 len - hdr_len, freq); 369#endif /* CONFIG_P2P */ 370} 371 372 373static void ap_wps_event_cb(void *ctx, enum wps_event event, 374 union wps_event_data *data) 375{ 376#ifdef CONFIG_P2P 377 struct wpa_supplicant *wpa_s = ctx; 378 379 if (event == WPS_EV_FAIL) { 380 struct wps_event_fail *fail = &data->fail; 381 382 if (wpa_s->parent && wpa_s->parent != wpa_s && 383 wpa_s == wpa_s->global->p2p_group_formation) { 384 /* 385 * src/ap/wps_hostapd.c has already sent this on the 386 * main interface, so only send on the parent interface 387 * here if needed. 388 */ 389 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 390 "msg=%d config_error=%d", 391 fail->msg, fail->config_error); 392 } 393 wpas_p2p_wps_failed(wpa_s, fail); 394 } 395#endif /* CONFIG_P2P */ 396} 397 398 399static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 400 int authorized, const u8 *p2p_dev_addr) 401{ 402 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 403} 404 405 406#ifdef CONFIG_P2P 407static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 408 const u8 *psk, size_t psk_len) 409{ 410 411 struct wpa_supplicant *wpa_s = ctx; 412 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 413 return; 414 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 415} 416#endif /* CONFIG_P2P */ 417 418 419static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 420{ 421#ifdef CONFIG_P2P 422 struct wpa_supplicant *wpa_s = ctx; 423 const struct ieee80211_mgmt *mgmt; 424 size_t hdr_len; 425 426 mgmt = (const struct ieee80211_mgmt *) buf; 427 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 428 if (hdr_len > len) 429 return -1; 430 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 431 mgmt->u.action.category, 432 &mgmt->u.action.u.vs_public_action.action, 433 len - hdr_len, freq); 434#endif /* CONFIG_P2P */ 435 return 0; 436} 437 438 439static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 440 const u8 *bssid, const u8 *ie, size_t ie_len, 441 int ssi_signal) 442{ 443#ifdef CONFIG_P2P 444 struct wpa_supplicant *wpa_s = ctx; 445 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 446 ssi_signal); 447#else /* CONFIG_P2P */ 448 return 0; 449#endif /* CONFIG_P2P */ 450} 451 452 453static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 454 const u8 *uuid_e) 455{ 456#ifdef CONFIG_P2P 457 struct wpa_supplicant *wpa_s = ctx; 458 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 459#endif /* CONFIG_P2P */ 460} 461 462 463static void wpas_ap_configured_cb(void *ctx) 464{ 465 struct wpa_supplicant *wpa_s = ctx; 466 467 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 468 469 if (wpa_s->ap_configured_cb) 470 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 471 wpa_s->ap_configured_cb_data); 472} 473 474 475int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 476 struct wpa_ssid *ssid) 477{ 478 struct wpa_driver_associate_params params; 479 struct hostapd_iface *hapd_iface; 480 struct hostapd_config *conf; 481 size_t i; 482 483 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 484 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 485 return -1; 486 } 487 488 wpa_supplicant_ap_deinit(wpa_s); 489 490 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 491 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 492 493 os_memset(¶ms, 0, sizeof(params)); 494 params.ssid = ssid->ssid; 495 params.ssid_len = ssid->ssid_len; 496 switch (ssid->mode) { 497 case WPAS_MODE_INFRA: 498 params.mode = IEEE80211_MODE_INFRA; 499 break; 500 case WPAS_MODE_IBSS: 501 params.mode = IEEE80211_MODE_IBSS; 502 break; 503 case WPAS_MODE_AP: 504 case WPAS_MODE_P2P_GO: 505 case WPAS_MODE_P2P_GROUP_FORMATION: 506 params.mode = IEEE80211_MODE_AP; 507 break; 508 } 509 if (ssid->frequency == 0) 510 ssid->frequency = 2462; /* default channel 11 */ 511 params.freq = ssid->frequency; 512 513 params.wpa_proto = ssid->proto; 514 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 515 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 516 else 517 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 518 params.key_mgmt_suite = wpa_s->key_mgmt; 519 520 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 521 1); 522 if (wpa_s->pairwise_cipher < 0) { 523 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 524 "cipher."); 525 return -1; 526 } 527 params.pairwise_suite = wpa_s->pairwise_cipher; 528 params.group_suite = params.pairwise_suite; 529 530#ifdef CONFIG_P2P 531 if (ssid->mode == WPAS_MODE_P2P_GO || 532 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 533 params.p2p = 1; 534#endif /* CONFIG_P2P */ 535 536 if (wpa_s->parent->set_ap_uapsd) 537 params.uapsd = wpa_s->parent->ap_uapsd; 538 else 539 params.uapsd = -1; 540 541 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 542 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 543 return -1; 544 } 545 546 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 547 if (hapd_iface == NULL) 548 return -1; 549 hapd_iface->owner = wpa_s; 550 hapd_iface->drv_flags = wpa_s->drv_flags; 551 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 552 hapd_iface->extended_capa = wpa_s->extended_capa; 553 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 554 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 555 556 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 557 if (conf == NULL) { 558 wpa_supplicant_ap_deinit(wpa_s); 559 return -1; 560 } 561 562 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 563 wpa_s->conf->wmm_ac_params, 564 sizeof(wpa_s->conf->wmm_ac_params)); 565 566 if (params.uapsd > 0) { 567 conf->bss[0]->wmm_enabled = 1; 568 conf->bss[0]->wmm_uapsd = 1; 569 } 570 571 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 572 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 573 wpa_supplicant_ap_deinit(wpa_s); 574 return -1; 575 } 576 577#ifdef CONFIG_P2P 578 if (ssid->mode == WPAS_MODE_P2P_GO) 579 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 580 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 581 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 582 P2P_GROUP_FORMATION; 583#endif /* CONFIG_P2P */ 584 585 hapd_iface->num_bss = conf->num_bss; 586 hapd_iface->bss = os_calloc(conf->num_bss, 587 sizeof(struct hostapd_data *)); 588 if (hapd_iface->bss == NULL) { 589 wpa_supplicant_ap_deinit(wpa_s); 590 return -1; 591 } 592 593 for (i = 0; i < conf->num_bss; i++) { 594 hapd_iface->bss[i] = 595 hostapd_alloc_bss_data(hapd_iface, conf, 596 conf->bss[i]); 597 if (hapd_iface->bss[i] == NULL) { 598 wpa_supplicant_ap_deinit(wpa_s); 599 return -1; 600 } 601 602 hapd_iface->bss[i]->msg_ctx = wpa_s; 603 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent; 604 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 605 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 606 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 607 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 608 hostapd_register_probereq_cb(hapd_iface->bss[i], 609 ap_probe_req_rx, wpa_s); 610 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 611 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 612 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 613 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 614 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 615 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 616#ifdef CONFIG_P2P 617 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 618 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 619 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 620 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 621 ssid); 622#endif /* CONFIG_P2P */ 623 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 624 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 625 } 626 627 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 628 hapd_iface->bss[0]->driver = wpa_s->driver; 629 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 630 631 wpa_s->current_ssid = ssid; 632 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 633 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 634 wpa_s->assoc_freq = ssid->frequency; 635 636 if (hostapd_setup_interface(wpa_s->ap_iface)) { 637 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 638 wpa_supplicant_ap_deinit(wpa_s); 639 return -1; 640 } 641 642 return 0; 643} 644 645 646void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 647{ 648#ifdef CONFIG_WPS 649 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 650#endif /* CONFIG_WPS */ 651 652 if (wpa_s->ap_iface == NULL) 653 return; 654 655 wpa_s->current_ssid = NULL; 656 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 657 wpa_s->assoc_freq = 0; 658#ifdef CONFIG_P2P 659 if (wpa_s->ap_iface->bss) 660 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 661 wpas_p2p_group_deinit(wpa_s); 662#endif /* CONFIG_P2P */ 663 hostapd_interface_deinit(wpa_s->ap_iface); 664 hostapd_interface_free(wpa_s->ap_iface); 665 wpa_s->ap_iface = NULL; 666 wpa_drv_deinit_ap(wpa_s); 667} 668 669 670void ap_tx_status(void *ctx, const u8 *addr, 671 const u8 *buf, size_t len, int ack) 672{ 673#ifdef NEED_AP_MLME 674 struct wpa_supplicant *wpa_s = ctx; 675 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 676#endif /* NEED_AP_MLME */ 677} 678 679 680void ap_eapol_tx_status(void *ctx, const u8 *dst, 681 const u8 *data, size_t len, int ack) 682{ 683#ifdef NEED_AP_MLME 684 struct wpa_supplicant *wpa_s = ctx; 685 if (!wpa_s->ap_iface) 686 return; 687 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 688#endif /* NEED_AP_MLME */ 689} 690 691 692void ap_client_poll_ok(void *ctx, const u8 *addr) 693{ 694#ifdef NEED_AP_MLME 695 struct wpa_supplicant *wpa_s = ctx; 696 if (wpa_s->ap_iface) 697 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 698#endif /* NEED_AP_MLME */ 699} 700 701 702void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 703{ 704#ifdef NEED_AP_MLME 705 struct wpa_supplicant *wpa_s = ctx; 706 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 707#endif /* NEED_AP_MLME */ 708} 709 710 711void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 712{ 713#ifdef NEED_AP_MLME 714 struct wpa_supplicant *wpa_s = ctx; 715 struct hostapd_frame_info fi; 716 os_memset(&fi, 0, sizeof(fi)); 717 fi.datarate = rx_mgmt->datarate; 718 fi.ssi_signal = rx_mgmt->ssi_signal; 719 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 720 rx_mgmt->frame_len, &fi); 721#endif /* NEED_AP_MLME */ 722} 723 724 725void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 726{ 727#ifdef NEED_AP_MLME 728 struct wpa_supplicant *wpa_s = ctx; 729 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 730#endif /* NEED_AP_MLME */ 731} 732 733 734void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 735 const u8 *src_addr, const u8 *buf, size_t len) 736{ 737 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 738} 739 740 741#ifdef CONFIG_WPS 742 743int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 744 const u8 *p2p_dev_addr) 745{ 746 if (!wpa_s->ap_iface) 747 return -1; 748 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 749 p2p_dev_addr); 750} 751 752 753int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 754{ 755 struct wps_registrar *reg; 756 int reg_sel = 0, wps_sta = 0; 757 758 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 759 return -1; 760 761 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 762 reg_sel = wps_registrar_wps_cancel(reg); 763 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 764 ap_sta_wps_cancel, NULL); 765 766 if (!reg_sel && !wps_sta) { 767 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 768 "time"); 769 return -1; 770 } 771 772 /* 773 * There are 2 cases to return wps cancel as success: 774 * 1. When wps cancel was initiated but no connection has been 775 * established with client yet. 776 * 2. Client is in the middle of exchanging WPS messages. 777 */ 778 779 return 0; 780} 781 782 783int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 784 const char *pin, char *buf, size_t buflen, 785 int timeout) 786{ 787 int ret, ret_len = 0; 788 789 if (!wpa_s->ap_iface) 790 return -1; 791 792 if (pin == NULL) { 793 unsigned int rpin = wps_generate_pin(); 794 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 795 pin = buf; 796 } else 797 ret_len = os_snprintf(buf, buflen, "%s", pin); 798 799 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 800 timeout); 801 if (ret) 802 return -1; 803 return ret_len; 804} 805 806 807static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 808{ 809 struct wpa_supplicant *wpa_s = eloop_data; 810 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 811 wpas_wps_ap_pin_disable(wpa_s); 812} 813 814 815static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 816{ 817 struct hostapd_data *hapd; 818 819 if (wpa_s->ap_iface == NULL) 820 return; 821 hapd = wpa_s->ap_iface->bss[0]; 822 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 823 hapd->ap_pin_failures = 0; 824 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 825 if (timeout > 0) 826 eloop_register_timeout(timeout, 0, 827 wpas_wps_ap_pin_timeout, wpa_s, NULL); 828} 829 830 831void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 832{ 833 struct hostapd_data *hapd; 834 835 if (wpa_s->ap_iface == NULL) 836 return; 837 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 838 hapd = wpa_s->ap_iface->bss[0]; 839 os_free(hapd->conf->ap_pin); 840 hapd->conf->ap_pin = NULL; 841 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 842} 843 844 845const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 846{ 847 struct hostapd_data *hapd; 848 unsigned int pin; 849 char pin_txt[9]; 850 851 if (wpa_s->ap_iface == NULL) 852 return NULL; 853 hapd = wpa_s->ap_iface->bss[0]; 854 pin = wps_generate_pin(); 855 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 856 os_free(hapd->conf->ap_pin); 857 hapd->conf->ap_pin = os_strdup(pin_txt); 858 if (hapd->conf->ap_pin == NULL) 859 return NULL; 860 wpas_wps_ap_pin_enable(wpa_s, timeout); 861 862 return hapd->conf->ap_pin; 863} 864 865 866const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 867{ 868 struct hostapd_data *hapd; 869 if (wpa_s->ap_iface == NULL) 870 return NULL; 871 hapd = wpa_s->ap_iface->bss[0]; 872 return hapd->conf->ap_pin; 873} 874 875 876int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 877 int timeout) 878{ 879 struct hostapd_data *hapd; 880 char pin_txt[9]; 881 int ret; 882 883 if (wpa_s->ap_iface == NULL) 884 return -1; 885 hapd = wpa_s->ap_iface->bss[0]; 886 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 887 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 888 return -1; 889 os_free(hapd->conf->ap_pin); 890 hapd->conf->ap_pin = os_strdup(pin_txt); 891 if (hapd->conf->ap_pin == NULL) 892 return -1; 893 wpas_wps_ap_pin_enable(wpa_s, timeout); 894 895 return 0; 896} 897 898 899void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 900{ 901 struct hostapd_data *hapd; 902 903 if (wpa_s->ap_iface == NULL) 904 return; 905 hapd = wpa_s->ap_iface->bss[0]; 906 907 /* 908 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 909 * PIN if this happens multiple times to slow down brute force attacks. 910 */ 911 hapd->ap_pin_failures++; 912 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 913 hapd->ap_pin_failures); 914 if (hapd->ap_pin_failures < 3) 915 return; 916 917 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 918 hapd->ap_pin_failures = 0; 919 os_free(hapd->conf->ap_pin); 920 hapd->conf->ap_pin = NULL; 921} 922 923 924#ifdef CONFIG_WPS_NFC 925 926struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 927 int ndef) 928{ 929 struct hostapd_data *hapd; 930 931 if (wpa_s->ap_iface == NULL) 932 return NULL; 933 hapd = wpa_s->ap_iface->bss[0]; 934 return hostapd_wps_nfc_config_token(hapd, ndef); 935} 936 937 938struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 939 int ndef) 940{ 941 struct hostapd_data *hapd; 942 943 if (wpa_s->ap_iface == NULL) 944 return NULL; 945 hapd = wpa_s->ap_iface->bss[0]; 946 return hostapd_wps_nfc_hs_cr(hapd, ndef); 947} 948 949#endif /* CONFIG_WPS_NFC */ 950 951#endif /* CONFIG_WPS */ 952 953 954#ifdef CONFIG_CTRL_IFACE 955 956int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 957 char *buf, size_t buflen) 958{ 959 if (wpa_s->ap_iface == NULL) 960 return -1; 961 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 962 buf, buflen); 963} 964 965 966int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 967 char *buf, size_t buflen) 968{ 969 if (wpa_s->ap_iface == NULL) 970 return -1; 971 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 972 buf, buflen); 973} 974 975 976int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 977 char *buf, size_t buflen) 978{ 979 if (wpa_s->ap_iface == NULL) 980 return -1; 981 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 982 buf, buflen); 983} 984 985 986int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 987 const char *txtaddr) 988{ 989 if (wpa_s->ap_iface == NULL) 990 return -1; 991 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 992 txtaddr); 993} 994 995 996int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 997 const char *txtaddr) 998{ 999 if (wpa_s->ap_iface == NULL) 1000 return -1; 1001 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 1002 txtaddr); 1003} 1004 1005 1006int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 1007 size_t buflen, int verbose) 1008{ 1009 char *pos = buf, *end = buf + buflen; 1010 int ret; 1011 struct hostapd_bss_config *conf; 1012 1013 if (wpa_s->ap_iface == NULL) 1014 return -1; 1015 1016 conf = wpa_s->ap_iface->bss[0]->conf; 1017 if (conf->wpa == 0) 1018 return 0; 1019 1020 ret = os_snprintf(pos, end - pos, 1021 "pairwise_cipher=%s\n" 1022 "group_cipher=%s\n" 1023 "key_mgmt=%s\n", 1024 wpa_cipher_txt(conf->rsn_pairwise), 1025 wpa_cipher_txt(conf->wpa_group), 1026 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 1027 conf->wpa)); 1028 if (ret < 0 || ret >= end - pos) 1029 return pos - buf; 1030 pos += ret; 1031 return pos - buf; 1032} 1033 1034#endif /* CONFIG_CTRL_IFACE */ 1035 1036 1037int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1038{ 1039 struct hostapd_iface *iface = wpa_s->ap_iface; 1040 struct wpa_ssid *ssid = wpa_s->current_ssid; 1041 struct hostapd_data *hapd; 1042 1043 if (ssid == NULL || wpa_s->ap_iface == NULL || 1044 ssid->mode == WPAS_MODE_INFRA || 1045 ssid->mode == WPAS_MODE_IBSS) 1046 return -1; 1047 1048#ifdef CONFIG_P2P 1049 if (ssid->mode == WPAS_MODE_P2P_GO) 1050 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1051 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1052 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1053 P2P_GROUP_FORMATION; 1054#endif /* CONFIG_P2P */ 1055 1056 hapd = iface->bss[0]; 1057 if (hapd->drv_priv == NULL) 1058 return -1; 1059 ieee802_11_set_beacons(iface); 1060 hostapd_set_ap_wps_ie(hapd); 1061 1062 return 0; 1063} 1064 1065 1066int ap_switch_channel(struct wpa_supplicant *wpa_s, 1067 struct csa_settings *settings) 1068{ 1069#ifdef NEED_AP_MLME 1070 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1071 return -1; 1072 1073 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings); 1074#else /* NEED_AP_MLME */ 1075 return -1; 1076#endif /* NEED_AP_MLME */ 1077} 1078 1079 1080int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos) 1081{ 1082 struct csa_settings settings; 1083 int ret = hostapd_parse_csa_settings(pos, &settings); 1084 1085 if (ret) 1086 return ret; 1087 1088 return ap_switch_channel(wpa_s, &settings); 1089} 1090 1091 1092void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1093 int offset, int width, int cf1, int cf2) 1094{ 1095 if (!wpa_s->ap_iface) 1096 return; 1097 1098 wpa_s->assoc_freq = freq; 1099 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset, width, cf1, cf1); 1100} 1101 1102 1103int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1104 const u8 *addr) 1105{ 1106 struct hostapd_data *hapd; 1107 struct hostapd_bss_config *conf; 1108 1109 if (!wpa_s->ap_iface) 1110 return -1; 1111 1112 if (addr) 1113 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1114 MAC2STR(addr)); 1115 else 1116 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1117 1118 hapd = wpa_s->ap_iface->bss[0]; 1119 conf = hapd->conf; 1120 1121 os_free(conf->accept_mac); 1122 conf->accept_mac = NULL; 1123 conf->num_accept_mac = 0; 1124 os_free(conf->deny_mac); 1125 conf->deny_mac = NULL; 1126 conf->num_deny_mac = 0; 1127 1128 if (addr == NULL) { 1129 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1130 return 0; 1131 } 1132 1133 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1134 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1135 if (conf->accept_mac == NULL) 1136 return -1; 1137 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1138 conf->num_accept_mac = 1; 1139 1140 return 0; 1141} 1142