ap.c revision 497c1d5e50162d6b3c1cce5dbd9c5fd9da69aaef
1/* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 as 8 * published by the Free Software Foundation. 9 * 10 * Alternatively, this software may be distributed under the terms of BSD 11 * license. 12 * 13 * See README and COPYING for more details. 14 */ 15 16#include "utils/includes.h" 17 18#include "utils/common.h" 19#include "utils/eloop.h" 20#include "utils/uuid.h" 21#include "common/ieee802_11_defs.h" 22#include "common/wpa_ctrl.h" 23#include "ap/hostapd.h" 24#include "ap/ap_config.h" 25#include "ap/ap_drv_ops.h" 26#if defined (NEED_AP_MLME) || defined (ANDROID_BRCM_P2P_PATCH) 27#include "ap/ieee802_11.h" 28#endif /* NEED_AP_MLME */ 29#include "ap/beacon.h" 30#include "ap/ieee802_1x.h" 31#include "ap/wps_hostapd.h" 32#include "ap/ctrl_iface_ap.h" 33#include "eap_common/eap_defs.h" 34#include "eap_server/eap_methods.h" 35#include "eap_common/eap_wsc_common.h" 36#include "wps/wps.h" 37#include "common/ieee802_11_defs.h" 38#include "config_ssid.h" 39#include "config.h" 40#include "wpa_supplicant_i.h" 41#include "driver_i.h" 42#include "p2p_supplicant.h" 43#include "ap.h" 44#include "ap/sta_info.h" 45#include "notify.h" 46 47 48#ifdef CONFIG_WPS 49static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 50#endif /* CONFIG_WPS */ 51 52 53static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 54 struct wpa_ssid *ssid, 55 struct hostapd_config *conf) 56{ 57 struct hostapd_bss_config *bss = &conf->bss[0]; 58 int pairwise; 59#ifdef CONFIG_IEEE80211N 60 struct hostapd_hw_modes *modes; 61 u16 num_modes, flags; 62#endif /* CONFIG_IEEE80211N */ 63 64 conf->driver = wpa_s->driver; 65 66 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 67 68 if (ssid->frequency == 0) { 69 /* default channel 11 */ 70 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 71 conf->channel = 11; 72 } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) { 73 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 74 conf->channel = (ssid->frequency - 2407) / 5; 75 } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) || 76 (ssid->frequency >= 5745 && ssid->frequency <= 5825)) { 77 conf->hw_mode = HOSTAPD_MODE_IEEE80211A; 78 conf->channel = (ssid->frequency - 5000) / 5; 79 } else { 80 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 81 ssid->frequency); 82 return -1; 83 } 84 85 /* TODO: enable HT40 if driver supports it; 86 * drop to 11b if driver does not support 11g */ 87 88#ifdef CONFIG_IEEE80211N 89 /* 90 * Enable HT20 if the driver supports it, by setting conf->ieee80211n. 91 * Using default config settings for: conf->ht_op_mode_fixed, 92 * conf->ht_capab, conf->secondary_channel, conf->require_ht 93 */ 94 modes = wpa_drv_get_hw_feature_data(wpa_s, &num_modes, &flags); 95 if (modes) { 96 struct hostapd_hw_modes *mode = NULL; 97 int i; 98 for (i = 0; i < num_modes; i++) { 99 if (modes[i].mode == conf->hw_mode) { 100 mode = &modes[i]; 101 break; 102 } 103 } 104 if (mode && mode->ht_capab) 105 conf->ieee80211n = 1; 106 ieee80211_sta_free_hw_features(modes, num_modes); 107 modes = NULL; 108 } 109#endif /* CONFIG_IEEE80211N */ 110 111#ifdef CONFIG_P2P 112 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { 113 /* Remove 802.11b rates from supported and basic rate sets */ 114 int *list = os_malloc(4 * sizeof(int)); 115 if (list) { 116 list[0] = 60; 117 list[1] = 120; 118 list[2] = 240; 119 list[3] = -1; 120 } 121 conf->basic_rates = list; 122 123 list = os_malloc(9 * sizeof(int)); 124 if (list) { 125 list[0] = 60; 126 list[1] = 90; 127 list[2] = 120; 128 list[3] = 180; 129 list[4] = 240; 130 list[5] = 360; 131 list[6] = 480; 132 list[7] = 540; 133 list[8] = -1; 134 } 135 conf->supported_rates = list; 136 } 137#endif /* CONFIG_P2P */ 138 139 if (ssid->ssid_len == 0) { 140 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 141 return -1; 142 } 143 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 144 bss->ssid.ssid[ssid->ssid_len] = '\0'; 145 bss->ssid.ssid_len = ssid->ssid_len; 146 bss->ssid.ssid_set = 1; 147 148 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 149 bss->wpa = ssid->proto; 150 bss->wpa_key_mgmt = ssid->key_mgmt; 151 bss->wpa_pairwise = ssid->pairwise_cipher; 152 if (ssid->passphrase) { 153 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 154 } else if (ssid->psk_set) { 155 os_free(bss->ssid.wpa_psk); 156 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 157 if (bss->ssid.wpa_psk == NULL) 158 return -1; 159 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 160 bss->ssid.wpa_psk->group = 1; 161 } 162 163 /* Select group cipher based on the enabled pairwise cipher suites */ 164 pairwise = 0; 165 if (bss->wpa & 1) 166 pairwise |= bss->wpa_pairwise; 167 if (bss->wpa & 2) { 168 if (bss->rsn_pairwise == 0) 169 bss->rsn_pairwise = bss->wpa_pairwise; 170 pairwise |= bss->rsn_pairwise; 171 } 172 if (pairwise & WPA_CIPHER_TKIP) 173 bss->wpa_group = WPA_CIPHER_TKIP; 174 else 175 bss->wpa_group = WPA_CIPHER_CCMP; 176 177 if (bss->wpa && bss->ieee802_1x) 178 bss->ssid.security_policy = SECURITY_WPA; 179 else if (bss->wpa) 180 bss->ssid.security_policy = SECURITY_WPA_PSK; 181 else if (bss->ieee802_1x) { 182 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 183 bss->ssid.wep.default_len = bss->default_wep_key_len; 184 } else if (bss->ssid.wep.keys_set) 185 bss->ssid.security_policy = SECURITY_STATIC_WEP; 186 else 187 bss->ssid.security_policy = SECURITY_PLAINTEXT; 188 189#ifdef CONFIG_WPS 190 /* 191 * Enable WPS by default, but require user interaction to actually use 192 * it. Only the internal Registrar is supported. 193 */ 194 bss->eap_server = 1; 195 bss->wps_state = 2; 196 bss->ap_setup_locked = 2; 197 if (wpa_s->conf->config_methods) 198 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 199 os_memcpy(bss->device_type, wpa_s->conf->device_type, 200 WPS_DEV_TYPE_LEN); 201 if (wpa_s->conf->device_name) { 202 bss->device_name = os_strdup(wpa_s->conf->device_name); 203 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 204 } 205 if (wpa_s->conf->manufacturer) 206 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 207 if (wpa_s->conf->model_name) 208 bss->model_name = os_strdup(wpa_s->conf->model_name); 209 if (wpa_s->conf->model_number) 210 bss->model_number = os_strdup(wpa_s->conf->model_number); 211 if (wpa_s->conf->serial_number) 212 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 213 if (is_nil_uuid(wpa_s->conf->uuid)) 214 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 215 else 216 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 217 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 218#endif /* CONFIG_WPS */ 219 220 if (wpa_s->max_stations && 221 wpa_s->max_stations < wpa_s->conf->max_num_sta) 222 bss->max_num_sta = wpa_s->max_stations; 223 else 224 bss->max_num_sta = wpa_s->conf->max_num_sta; 225 226 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 227 228 return 0; 229} 230 231 232static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 233{ 234#ifdef CONFIG_P2P 235 struct wpa_supplicant *wpa_s = ctx; 236 const struct ieee80211_mgmt *mgmt; 237 size_t hdr_len; 238 239 mgmt = (const struct ieee80211_mgmt *) buf; 240 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 241 if (hdr_len > len) 242 return; 243 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 244 mgmt->u.action.category, 245 &mgmt->u.action.u.vs_public_action.action, 246 len - hdr_len, freq); 247#endif /* CONFIG_P2P */ 248} 249 250 251static void ap_wps_event_cb(void *ctx, enum wps_event event, 252 union wps_event_data *data) 253{ 254#ifdef CONFIG_P2P 255 struct wpa_supplicant *wpa_s = ctx; 256 257 if (event == WPS_EV_FAIL) { 258 struct wps_event_fail *fail = &data->fail; 259 260 if (wpa_s->parent && wpa_s->parent != wpa_s && 261 wpa_s == wpa_s->global->p2p_group_formation) { 262 /* 263 * src/ap/wps_hostapd.c has already sent this on the 264 * main interface, so only send on the parent interface 265 * here if needed. 266 */ 267 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 268 "msg=%d config_error=%d", 269 fail->msg, fail->config_error); 270 } 271 wpas_p2p_wps_failed(wpa_s, fail); 272 } 273#endif /* CONFIG_P2P */ 274} 275 276 277static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 278 int authorized) 279{ 280 wpas_notify_sta_authorized(ctx, mac_addr, authorized); 281} 282 283 284static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 285{ 286#ifdef CONFIG_P2P 287 struct wpa_supplicant *wpa_s = ctx; 288 const struct ieee80211_mgmt *mgmt; 289 size_t hdr_len; 290 291 mgmt = (const struct ieee80211_mgmt *) buf; 292 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 293 if (hdr_len > len) 294 return -1; 295 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 296 mgmt->u.action.category, 297 &mgmt->u.action.u.vs_public_action.action, 298 len - hdr_len, freq); 299#endif /* CONFIG_P2P */ 300 return 0; 301} 302 303 304static int ap_probe_req_rx(void *ctx, const u8 *addr, const u8 *ie, 305 size_t ie_len) 306{ 307#ifdef CONFIG_P2P 308 struct wpa_supplicant *wpa_s = ctx; 309 return wpas_p2p_probe_req_rx(wpa_s, addr, ie, ie_len); 310#else /* CONFIG_P2P */ 311 return 0; 312#endif /* CONFIG_P2P */ 313} 314 315 316static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 317 const u8 *uuid_e) 318{ 319#ifdef CONFIG_P2P 320 struct wpa_supplicant *wpa_s = ctx; 321 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 322#endif /* CONFIG_P2P */ 323} 324 325 326static void wpas_ap_configured_cb(void *ctx) 327{ 328 struct wpa_supplicant *wpa_s = ctx; 329 330 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 331 332 if (wpa_s->ap_configured_cb) 333 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 334 wpa_s->ap_configured_cb_data); 335} 336 337 338int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 339 struct wpa_ssid *ssid) 340{ 341 struct wpa_driver_associate_params params; 342 struct hostapd_iface *hapd_iface; 343 struct hostapd_config *conf; 344 size_t i; 345 346 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 347 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 348 return -1; 349 } 350 351 wpa_supplicant_ap_deinit(wpa_s); 352 353 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 354 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 355 356 os_memset(¶ms, 0, sizeof(params)); 357 params.ssid = ssid->ssid; 358 params.ssid_len = ssid->ssid_len; 359 switch (ssid->mode) { 360 case WPAS_MODE_INFRA: 361 params.mode = IEEE80211_MODE_INFRA; 362 break; 363 case WPAS_MODE_IBSS: 364 params.mode = IEEE80211_MODE_IBSS; 365 break; 366 case WPAS_MODE_AP: 367 case WPAS_MODE_P2P_GO: 368 case WPAS_MODE_P2P_GROUP_FORMATION: 369 params.mode = IEEE80211_MODE_AP; 370 break; 371 } 372 params.freq = ssid->frequency; 373 374 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 375 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 376 else 377 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 378 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 379 380 if (ssid->pairwise_cipher & WPA_CIPHER_CCMP) 381 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 382 else if (ssid->pairwise_cipher & WPA_CIPHER_TKIP) 383 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 384 else if (ssid->pairwise_cipher & WPA_CIPHER_NONE) 385 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 386 else { 387 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 388 "cipher."); 389 return -1; 390 } 391 params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher); 392 params.group_suite = params.pairwise_suite; 393 394#ifdef CONFIG_P2P 395 if (ssid->mode == WPAS_MODE_P2P_GO || 396 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 397 params.p2p = 1; 398 wpa_drv_set_intra_bss(wpa_s, wpa_s->conf->p2p_intra_bss); 399#endif /* CONFIG_P2P */ 400 401 if (wpa_s->parent->set_ap_uapsd) 402 params.uapsd = wpa_s->parent->ap_uapsd; 403 else 404 params.uapsd = -1; 405 406 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 407 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 408 return -1; 409 } 410 411 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 412 if (hapd_iface == NULL) 413 return -1; 414 hapd_iface->owner = wpa_s; 415 416 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 417 if (conf == NULL) { 418 wpa_supplicant_ap_deinit(wpa_s); 419 return -1; 420 } 421 422 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 423 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 424 wpa_supplicant_ap_deinit(wpa_s); 425 return -1; 426 } 427 428#ifdef CONFIG_P2P 429 if (ssid->mode == WPAS_MODE_P2P_GO) 430 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 431 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 432 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 433 P2P_GROUP_FORMATION; 434#endif /* CONFIG_P2P */ 435 436 hapd_iface->num_bss = conf->num_bss; 437 hapd_iface->bss = os_zalloc(conf->num_bss * 438 sizeof(struct hostapd_data *)); 439 if (hapd_iface->bss == NULL) { 440 wpa_supplicant_ap_deinit(wpa_s); 441 return -1; 442 } 443 444 for (i = 0; i < conf->num_bss; i++) { 445 hapd_iface->bss[i] = 446 hostapd_alloc_bss_data(hapd_iface, conf, 447 &conf->bss[i]); 448 if (hapd_iface->bss[i] == NULL) { 449 wpa_supplicant_ap_deinit(wpa_s); 450 return -1; 451 } 452 453 hapd_iface->bss[i]->msg_ctx = wpa_s; 454#ifdef ANDROID_BRCM_P2P_PATCH 455 /* Sending the event to parent is required as SSL listens on parent ctrl iface */ 456 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent; 457#endif 458 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 459 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 460 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 461 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 462 hostapd_register_probereq_cb(hapd_iface->bss[i], 463 ap_probe_req_rx, wpa_s); 464 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 465 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 466 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 467 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 468 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 469 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 470#ifdef CONFIG_P2P 471 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 472 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init( 473 wpa_s, ssid->p2p_persistent_group, 474 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION); 475#endif /* CONFIG_P2P */ 476 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 477 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 478 } 479 480 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 481 hapd_iface->bss[0]->driver = wpa_s->driver; 482 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 483 484 wpa_s->current_ssid = ssid; 485 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 486 wpa_s->assoc_freq = ssid->frequency; 487 488 if (hostapd_setup_interface(wpa_s->ap_iface)) { 489 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 490 wpa_supplicant_ap_deinit(wpa_s); 491 return -1; 492 } 493 494#ifdef ANDROID_BRCM_P2P_PATCH 495 if (wpa_drv_probe_req_report(wpa_s, 1) < 0) { 496 wpa_printf(MSG_DEBUG, "P2P: Failed to request the driver to " 497 "report received Probe Request frames"); 498 return -1; 499 } 500#endif 501 502 return 0; 503} 504 505 506void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 507{ 508#ifdef CONFIG_WPS 509 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 510#endif /* CONFIG_WPS */ 511 512 if (wpa_s->ap_iface == NULL) 513 return; 514 515 wpa_s->current_ssid = NULL; 516 wpa_s->assoc_freq = 0; 517 wpa_s->reassociated_connection = 0; 518#ifdef CONFIG_P2P 519 if (wpa_s->ap_iface->bss) 520 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 521 wpas_p2p_group_deinit(wpa_s); 522#endif /* CONFIG_P2P */ 523 hostapd_interface_deinit(wpa_s->ap_iface); 524 hostapd_interface_free(wpa_s->ap_iface); 525 wpa_s->ap_iface = NULL; 526 wpa_drv_deinit_ap(wpa_s); 527} 528 529 530void ap_tx_status(void *ctx, const u8 *addr, 531 const u8 *buf, size_t len, int ack) 532{ 533#ifdef NEED_AP_MLME 534 struct wpa_supplicant *wpa_s = ctx; 535 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 536#endif /* NEED_AP_MLME */ 537} 538 539 540void ap_rx_from_unknown_sta(void *ctx, const u8 *frame, size_t len) 541{ 542#ifdef NEED_AP_MLME 543 struct wpa_supplicant *wpa_s = ctx; 544 const struct ieee80211_hdr *hdr = 545 (const struct ieee80211_hdr *) frame; 546 u16 fc = le_to_host16(hdr->frame_control); 547 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], hdr->addr2, 548 (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) == 549 (WLAN_FC_TODS | WLAN_FC_FROMDS)); 550#endif /* NEED_AP_MLME */ 551} 552 553 554void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 555{ 556#if defined (NEED_AP_MLME) || defined (ANDROID_BRCM_P2P_PATCH) 557 struct wpa_supplicant *wpa_s = ctx; 558 struct hostapd_frame_info fi; 559 os_memset(&fi, 0, sizeof(fi)); 560 fi.datarate = rx_mgmt->datarate; 561 fi.ssi_signal = rx_mgmt->ssi_signal; 562 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 563 rx_mgmt->frame_len, &fi); 564#endif /* defined (NEED_AP_MLME) || defined (ANDROID_BRCM_P2P_PATCH) */ 565} 566 567 568void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 569{ 570#ifdef NEED_AP_MLME 571 struct wpa_supplicant *wpa_s = ctx; 572 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 573#endif /* NEED_AP_MLME */ 574} 575 576 577void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 578 const u8 *src_addr, const u8 *buf, size_t len) 579{ 580 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 581} 582 583 584#ifdef CONFIG_WPS 585 586int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 587 const u8 *p2p_dev_addr) 588{ 589 if (!wpa_s->ap_iface) 590 return -1; 591 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 592 p2p_dev_addr); 593} 594 595 596static int wpa_supplicant_ap_wps_sta_cancel(struct hostapd_data *hapd, 597 struct sta_info *sta, void *ctx) 598{ 599 if (sta && (sta->flags & WLAN_STA_WPS)) { 600 ap_sta_deauthenticate(hapd, sta, 601 WLAN_REASON_PREV_AUTH_NOT_VALID); 602 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 603 __func__, MAC2STR(sta->addr)); 604 return 1; 605 } 606 607 return 0; 608} 609 610 611int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 612{ 613 struct wps_registrar *reg; 614 int reg_sel = 0, wps_sta = 0; 615 616 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 617 return -1; 618 619 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 620 reg_sel = wps_registrar_wps_cancel(reg); 621 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 622 wpa_supplicant_ap_wps_sta_cancel, NULL); 623 624 if (!reg_sel && !wps_sta) { 625 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 626 "time"); 627 return -1; 628 } 629 630 /* 631 * There are 2 cases to return wps cancel as success: 632 * 1. When wps cancel was initiated but no connection has been 633 * established with client yet. 634 * 2. Client is in the middle of exchanging WPS messages. 635 */ 636 637 return 0; 638} 639 640 641int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 642 const char *pin, char *buf, size_t buflen) 643{ 644 int ret, ret_len = 0; 645 646 if (!wpa_s->ap_iface) 647 return -1; 648 649 if (pin == NULL) { 650 unsigned int rpin = wps_generate_pin(); 651 ret_len = os_snprintf(buf, buflen, "%d", rpin); 652 pin = buf; 653 } else 654 ret_len = os_snprintf(buf, buflen, "%s", pin); 655 656 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 657 0); 658 if (ret) 659 return -1; 660 return ret_len; 661} 662 663 664static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 665{ 666 struct wpa_supplicant *wpa_s = eloop_data; 667 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 668 wpas_wps_ap_pin_disable(wpa_s); 669} 670 671 672static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 673{ 674 struct hostapd_data *hapd; 675 676 if (wpa_s->ap_iface == NULL) 677 return; 678 hapd = wpa_s->ap_iface->bss[0]; 679 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 680 hapd->ap_pin_failures = 0; 681 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 682 if (timeout > 0) 683 eloop_register_timeout(timeout, 0, 684 wpas_wps_ap_pin_timeout, wpa_s, NULL); 685} 686 687 688void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 689{ 690 struct hostapd_data *hapd; 691 692 if (wpa_s->ap_iface == NULL) 693 return; 694 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 695 hapd = wpa_s->ap_iface->bss[0]; 696 os_free(hapd->conf->ap_pin); 697 hapd->conf->ap_pin = NULL; 698 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 699} 700 701 702const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 703{ 704 struct hostapd_data *hapd; 705 unsigned int pin; 706 char pin_txt[9]; 707 708 if (wpa_s->ap_iface == NULL) 709 return NULL; 710 hapd = wpa_s->ap_iface->bss[0]; 711 pin = wps_generate_pin(); 712 os_snprintf(pin_txt, sizeof(pin_txt), "%u", pin); 713 os_free(hapd->conf->ap_pin); 714 hapd->conf->ap_pin = os_strdup(pin_txt); 715 if (hapd->conf->ap_pin == NULL) 716 return NULL; 717 wpas_wps_ap_pin_enable(wpa_s, timeout); 718 719 return hapd->conf->ap_pin; 720} 721 722 723const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 724{ 725 struct hostapd_data *hapd; 726 if (wpa_s->ap_iface == NULL) 727 return NULL; 728 hapd = wpa_s->ap_iface->bss[0]; 729 return hapd->conf->ap_pin; 730} 731 732 733int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 734 int timeout) 735{ 736 struct hostapd_data *hapd; 737 char pin_txt[9]; 738 int ret; 739 740 if (wpa_s->ap_iface == NULL) 741 return -1; 742 hapd = wpa_s->ap_iface->bss[0]; 743 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 744 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 745 return -1; 746 os_free(hapd->conf->ap_pin); 747 hapd->conf->ap_pin = os_strdup(pin_txt); 748 if (hapd->conf->ap_pin == NULL) 749 return -1; 750 wpas_wps_ap_pin_enable(wpa_s, timeout); 751 752 return 0; 753} 754 755 756void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 757{ 758 struct hostapd_data *hapd; 759 760 if (wpa_s->ap_iface == NULL) 761 return; 762 hapd = wpa_s->ap_iface->bss[0]; 763 764 /* 765 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 766 * PIN if this happens multiple times to slow down brute force attacks. 767 */ 768 hapd->ap_pin_failures++; 769 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 770 hapd->ap_pin_failures); 771 if (hapd->ap_pin_failures < 3) 772 return; 773 774 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 775 hapd->ap_pin_failures = 0; 776 os_free(hapd->conf->ap_pin); 777 hapd->conf->ap_pin = NULL; 778} 779 780#endif /* CONFIG_WPS */ 781 782 783#ifdef CONFIG_CTRL_IFACE 784 785int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 786 char *buf, size_t buflen) 787{ 788 if (wpa_s->ap_iface == NULL) 789 return -1; 790 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 791 buf, buflen); 792} 793 794 795int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 796 char *buf, size_t buflen) 797{ 798 if (wpa_s->ap_iface == NULL) 799 return -1; 800 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 801 buf, buflen); 802} 803 804 805int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 806 char *buf, size_t buflen) 807{ 808 if (wpa_s->ap_iface == NULL) 809 return -1; 810 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 811 buf, buflen); 812} 813 814 815int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 816 size_t buflen, int verbose) 817{ 818 char *pos = buf, *end = buf + buflen; 819 int ret; 820 struct hostapd_bss_config *conf; 821 822 if (wpa_s->ap_iface == NULL) 823 return -1; 824 825 conf = wpa_s->ap_iface->bss[0]->conf; 826 if (conf->wpa == 0) 827 return 0; 828 829 ret = os_snprintf(pos, end - pos, 830 "pairwise_cipher=%s\n" 831 "group_cipher=%s\n" 832 "key_mgmt=%s\n", 833 wpa_cipher_txt(conf->rsn_pairwise), 834 wpa_cipher_txt(conf->wpa_group), 835 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 836 conf->wpa)); 837 if (ret < 0 || ret >= end - pos) 838 return pos - buf; 839 pos += ret; 840 return pos - buf; 841} 842 843#endif /* CONFIG_CTRL_IFACE */ 844 845 846int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 847{ 848 struct hostapd_iface *iface = wpa_s->ap_iface; 849 struct wpa_ssid *ssid = wpa_s->current_ssid; 850 struct hostapd_data *hapd; 851 852 if (ssid == NULL || wpa_s->ap_iface == NULL) 853 return -1; 854 855#ifdef CONFIG_P2P 856 if (ssid->mode == WPAS_MODE_P2P_GO) 857 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 858 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 859 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 860 P2P_GROUP_FORMATION; 861#endif /* CONFIG_P2P */ 862 863 ieee802_11_set_beacons(iface); 864 hapd = iface->bss[0]; 865 hostapd_set_ap_wps_ie(hapd); 866 867 return 0; 868} 869 870 871int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 872 const u8 *addr) 873{ 874 struct hostapd_data *hapd; 875 struct hostapd_bss_config *conf; 876 877 if (!wpa_s->ap_iface) 878 return -1; 879 880 if (addr) 881 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 882 MAC2STR(addr)); 883 else 884 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 885 886 hapd = wpa_s->ap_iface->bss[0]; 887 conf = hapd->conf; 888 889 os_free(conf->accept_mac); 890 conf->accept_mac = NULL; 891 conf->num_accept_mac = 0; 892 os_free(conf->deny_mac); 893 conf->deny_mac = NULL; 894 conf->num_deny_mac = 0; 895 896 if (addr == NULL) { 897 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 898 return 0; 899 } 900 901 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 902 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 903 if (conf->accept_mac == NULL) 904 return -1; 905 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 906 conf->num_accept_mac = 1; 907 908 return 0; 909} 910