ap.c revision 4b06059785b935dd1f4f09314e4e12c417d2c6a4
1/* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10#include "utils/includes.h" 11 12#include "utils/common.h" 13#include "utils/eloop.h" 14#include "utils/uuid.h" 15#include "common/ieee802_11_defs.h" 16#include "common/wpa_ctrl.h" 17#include "ap/hostapd.h" 18#include "ap/ap_config.h" 19#include "ap/ap_drv_ops.h" 20#ifdef NEED_AP_MLME 21#include "ap/ieee802_11.h" 22#endif /* NEED_AP_MLME */ 23#include "ap/beacon.h" 24#include "ap/ieee802_1x.h" 25#include "ap/wps_hostapd.h" 26#include "ap/ctrl_iface_ap.h" 27#include "wps/wps.h" 28#include "common/ieee802_11_defs.h" 29#include "config_ssid.h" 30#include "config.h" 31#include "wpa_supplicant_i.h" 32#include "driver_i.h" 33#include "p2p_supplicant.h" 34#include "ap.h" 35#include "ap/sta_info.h" 36#include "notify.h" 37 38 39#ifdef CONFIG_WPS 40static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 41#endif /* CONFIG_WPS */ 42 43 44static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 45 struct wpa_ssid *ssid, 46 struct hostapd_config *conf) 47{ 48 struct hostapd_bss_config *bss = &conf->bss[0]; 49 50 conf->driver = wpa_s->driver; 51 52 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 53 54 if (ssid->frequency == 0) { 55 /* default channel 11 */ 56 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 57 conf->channel = 11; 58 } else { 59 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 60 &conf->channel); 61 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 62 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: " 63 "%d MHz", ssid->frequency); 64 return -1; 65 } 66 } 67 68 /* TODO: enable HT40 if driver supports it; 69 * drop to 11b if driver does not support 11g */ 70 71#ifdef CONFIG_IEEE80211N 72 /* 73 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 74 * and a mask of allowed capabilities within conf->ht_capab. 75 * Using default config settings for: conf->ht_op_mode_fixed, 76 * conf->secondary_channel, conf->require_ht 77 */ 78 if (wpa_s->hw.modes) { 79 struct hostapd_hw_modes *mode = NULL; 80 int i, no_ht = 0; 81 for (i = 0; i < wpa_s->hw.num_modes; i++) { 82 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 83 mode = &wpa_s->hw.modes[i]; 84 break; 85 } 86 } 87 88#ifdef CONFIG_HT_OVERRIDES 89 if (ssid->disable_ht) { 90 conf->ieee80211n = 0; 91 conf->ht_capab = 0; 92 no_ht = 1; 93 } 94#endif /* CONFIG_HT_OVERRIDES */ 95 96 if (!no_ht && mode && mode->ht_capab) { 97 conf->ieee80211n = 1; 98#ifdef CONFIG_P2P 99 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 100 (mode->ht_capab & 101 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 102 ssid->ht40) 103 conf->secondary_channel = 104 wpas_p2p_get_ht40_mode(wpa_s, mode, 105 conf->channel); 106 if (conf->secondary_channel) 107 conf->ht_capab |= 108 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 109#endif /* CONFIG_P2P */ 110 111 /* 112 * white-list capabilities that won't cause issues 113 * to connecting stations, while leaving the current 114 * capabilities intact (currently disabled SMPS). 115 */ 116 conf->ht_capab |= mode->ht_capab & 117 (HT_CAP_INFO_GREEN_FIELD | 118 HT_CAP_INFO_SHORT_GI20MHZ | 119 HT_CAP_INFO_SHORT_GI40MHZ | 120 HT_CAP_INFO_RX_STBC_MASK | 121 HT_CAP_INFO_MAX_AMSDU_SIZE); 122 } 123 } 124#endif /* CONFIG_IEEE80211N */ 125 126#ifdef CONFIG_P2P 127 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { 128 /* Remove 802.11b rates from supported and basic rate sets */ 129 int *list = os_malloc(4 * sizeof(int)); 130 if (list) { 131 list[0] = 60; 132 list[1] = 120; 133 list[2] = 240; 134 list[3] = -1; 135 } 136 conf->basic_rates = list; 137 138 list = os_malloc(9 * sizeof(int)); 139 if (list) { 140 list[0] = 60; 141 list[1] = 90; 142 list[2] = 120; 143 list[3] = 180; 144 list[4] = 240; 145 list[5] = 360; 146 list[6] = 480; 147 list[7] = 540; 148 list[8] = -1; 149 } 150 conf->supported_rates = list; 151 } 152 153 bss->isolate = !wpa_s->conf->p2p_intra_bss; 154#endif /* CONFIG_P2P */ 155 156 if (ssid->ssid_len == 0) { 157 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 158 return -1; 159 } 160 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 161 bss->ssid.ssid_len = ssid->ssid_len; 162 bss->ssid.ssid_set = 1; 163 164 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 165 166 if (ssid->auth_alg) 167 bss->auth_algs = ssid->auth_alg; 168 169 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 170 bss->wpa = ssid->proto; 171 bss->wpa_key_mgmt = ssid->key_mgmt; 172 bss->wpa_pairwise = ssid->pairwise_cipher; 173 if (ssid->psk_set) { 174 os_free(bss->ssid.wpa_psk); 175 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 176 if (bss->ssid.wpa_psk == NULL) 177 return -1; 178 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 179 bss->ssid.wpa_psk->group = 1; 180 } else if (ssid->passphrase) { 181 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 182 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 183 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 184 struct hostapd_wep_keys *wep = &bss->ssid.wep; 185 int i; 186 for (i = 0; i < NUM_WEP_KEYS; i++) { 187 if (ssid->wep_key_len[i] == 0) 188 continue; 189 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 190 if (wep->key[i] == NULL) 191 return -1; 192 os_memcpy(wep->key[i], ssid->wep_key[i], 193 ssid->wep_key_len[i]); 194 wep->len[i] = ssid->wep_key_len[i]; 195 } 196 wep->idx = ssid->wep_tx_keyidx; 197 wep->keys_set = 1; 198 } 199 200 if (ssid->ap_max_inactivity) 201 bss->ap_max_inactivity = ssid->ap_max_inactivity; 202 203 if (ssid->dtim_period) 204 bss->dtim_period = ssid->dtim_period; 205 else if (wpa_s->conf->dtim_period) 206 bss->dtim_period = wpa_s->conf->dtim_period; 207 208 if (ssid->beacon_int) 209 conf->beacon_int = ssid->beacon_int; 210 else if (wpa_s->conf->beacon_int) 211 conf->beacon_int = wpa_s->conf->beacon_int; 212 213 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 214 bss->rsn_pairwise = bss->wpa_pairwise; 215 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 216 bss->rsn_pairwise); 217 218 if (bss->wpa && bss->ieee802_1x) 219 bss->ssid.security_policy = SECURITY_WPA; 220 else if (bss->wpa) 221 bss->ssid.security_policy = SECURITY_WPA_PSK; 222 else if (bss->ieee802_1x) { 223 int cipher = WPA_CIPHER_NONE; 224 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 225 bss->ssid.wep.default_len = bss->default_wep_key_len; 226 if (bss->default_wep_key_len) 227 cipher = bss->default_wep_key_len >= 13 ? 228 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 229 bss->wpa_group = cipher; 230 bss->wpa_pairwise = cipher; 231 bss->rsn_pairwise = cipher; 232 } else if (bss->ssid.wep.keys_set) { 233 int cipher = WPA_CIPHER_WEP40; 234 if (bss->ssid.wep.len[0] >= 13) 235 cipher = WPA_CIPHER_WEP104; 236 bss->ssid.security_policy = SECURITY_STATIC_WEP; 237 bss->wpa_group = cipher; 238 bss->wpa_pairwise = cipher; 239 bss->rsn_pairwise = cipher; 240 } else { 241 bss->ssid.security_policy = SECURITY_PLAINTEXT; 242 bss->wpa_group = WPA_CIPHER_NONE; 243 bss->wpa_pairwise = WPA_CIPHER_NONE; 244 bss->rsn_pairwise = WPA_CIPHER_NONE; 245 } 246 247 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 248 (bss->wpa_group == WPA_CIPHER_CCMP || 249 bss->wpa_group == WPA_CIPHER_GCMP)) { 250 /* 251 * Strong ciphers do not need frequent rekeying, so increase 252 * the default GTK rekeying period to 24 hours. 253 */ 254 bss->wpa_group_rekey = 86400; 255 } 256 257#ifdef CONFIG_WPS 258 /* 259 * Enable WPS by default for open and WPA/WPA2-Personal network, but 260 * require user interaction to actually use it. Only the internal 261 * Registrar is supported. 262 */ 263 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 264 bss->ssid.security_policy != SECURITY_PLAINTEXT) 265 goto no_wps; 266#ifdef CONFIG_WPS2 267 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 268 (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) 269 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 270 * configuration */ 271#endif /* CONFIG_WPS2 */ 272 bss->eap_server = 1; 273 274 if (!ssid->ignore_broadcast_ssid) 275 bss->wps_state = 2; 276 277 bss->ap_setup_locked = 2; 278 if (wpa_s->conf->config_methods) 279 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 280 os_memcpy(bss->device_type, wpa_s->conf->device_type, 281 WPS_DEV_TYPE_LEN); 282 if (wpa_s->conf->device_name) { 283 bss->device_name = os_strdup(wpa_s->conf->device_name); 284 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 285 } 286 if (wpa_s->conf->manufacturer) 287 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 288 if (wpa_s->conf->model_name) 289 bss->model_name = os_strdup(wpa_s->conf->model_name); 290 if (wpa_s->conf->model_number) 291 bss->model_number = os_strdup(wpa_s->conf->model_number); 292 if (wpa_s->conf->serial_number) 293 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 294 if (is_nil_uuid(wpa_s->conf->uuid)) 295 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 296 else 297 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 298 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 299 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 300no_wps: 301#endif /* CONFIG_WPS */ 302 303 if (wpa_s->max_stations && 304 wpa_s->max_stations < wpa_s->conf->max_num_sta) 305 bss->max_num_sta = wpa_s->max_stations; 306 else 307 bss->max_num_sta = wpa_s->conf->max_num_sta; 308 309 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 310 311 if (wpa_s->conf->ap_vendor_elements) { 312 bss->vendor_elements = 313 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 314 } 315 316 return 0; 317} 318 319 320static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 321{ 322#ifdef CONFIG_P2P 323 struct wpa_supplicant *wpa_s = ctx; 324 const struct ieee80211_mgmt *mgmt; 325 size_t hdr_len; 326 327 mgmt = (const struct ieee80211_mgmt *) buf; 328 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 329 if (hdr_len > len) 330 return; 331 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 332 mgmt->u.action.category, 333 &mgmt->u.action.u.vs_public_action.action, 334 len - hdr_len, freq); 335#endif /* CONFIG_P2P */ 336} 337 338 339static void ap_wps_event_cb(void *ctx, enum wps_event event, 340 union wps_event_data *data) 341{ 342#ifdef CONFIG_P2P 343 struct wpa_supplicant *wpa_s = ctx; 344 345 if (event == WPS_EV_FAIL) { 346 struct wps_event_fail *fail = &data->fail; 347 348 if (wpa_s->parent && wpa_s->parent != wpa_s && 349 wpa_s == wpa_s->global->p2p_group_formation) { 350 /* 351 * src/ap/wps_hostapd.c has already sent this on the 352 * main interface, so only send on the parent interface 353 * here if needed. 354 */ 355 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 356 "msg=%d config_error=%d", 357 fail->msg, fail->config_error); 358 } 359 wpas_p2p_wps_failed(wpa_s, fail); 360 } 361#endif /* CONFIG_P2P */ 362} 363 364 365static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 366 int authorized, const u8 *p2p_dev_addr) 367{ 368 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 369} 370 371 372static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 373{ 374#ifdef CONFIG_P2P 375 struct wpa_supplicant *wpa_s = ctx; 376 const struct ieee80211_mgmt *mgmt; 377 size_t hdr_len; 378 379 mgmt = (const struct ieee80211_mgmt *) buf; 380 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 381 if (hdr_len > len) 382 return -1; 383 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 384 mgmt->u.action.category, 385 &mgmt->u.action.u.vs_public_action.action, 386 len - hdr_len, freq); 387#endif /* CONFIG_P2P */ 388 return 0; 389} 390 391 392static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 393 const u8 *bssid, const u8 *ie, size_t ie_len, 394 int ssi_signal) 395{ 396#ifdef CONFIG_P2P 397 struct wpa_supplicant *wpa_s = ctx; 398 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 399 ssi_signal); 400#else /* CONFIG_P2P */ 401 return 0; 402#endif /* CONFIG_P2P */ 403} 404 405 406static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 407 const u8 *uuid_e) 408{ 409#ifdef CONFIG_P2P 410 struct wpa_supplicant *wpa_s = ctx; 411 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 412#endif /* CONFIG_P2P */ 413} 414 415 416static void wpas_ap_configured_cb(void *ctx) 417{ 418 struct wpa_supplicant *wpa_s = ctx; 419 420 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 421 422 if (wpa_s->ap_configured_cb) 423 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 424 wpa_s->ap_configured_cb_data); 425} 426 427 428int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 429 struct wpa_ssid *ssid) 430{ 431 struct wpa_driver_associate_params params; 432 struct hostapd_iface *hapd_iface; 433 struct hostapd_config *conf; 434 size_t i; 435 436 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 437 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 438 return -1; 439 } 440 441 wpa_supplicant_ap_deinit(wpa_s); 442 443 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 444 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 445 446 os_memset(¶ms, 0, sizeof(params)); 447 params.ssid = ssid->ssid; 448 params.ssid_len = ssid->ssid_len; 449 switch (ssid->mode) { 450 case WPAS_MODE_INFRA: 451 params.mode = IEEE80211_MODE_INFRA; 452 break; 453 case WPAS_MODE_IBSS: 454 params.mode = IEEE80211_MODE_IBSS; 455 break; 456 case WPAS_MODE_AP: 457 case WPAS_MODE_P2P_GO: 458 case WPAS_MODE_P2P_GROUP_FORMATION: 459 params.mode = IEEE80211_MODE_AP; 460 break; 461 } 462 params.freq = ssid->frequency; 463 464 params.wpa_proto = ssid->proto; 465 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 466 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 467 else 468 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 469 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 470 471 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 472 1); 473 if (wpa_s->pairwise_cipher < 0) { 474 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 475 "cipher."); 476 return -1; 477 } 478 params.pairwise_suite = 479 wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher); 480 params.group_suite = params.pairwise_suite; 481 482#ifdef CONFIG_P2P 483 if (ssid->mode == WPAS_MODE_P2P_GO || 484 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 485 params.p2p = 1; 486#endif /* CONFIG_P2P */ 487 488 if (wpa_s->parent->set_ap_uapsd) 489 params.uapsd = wpa_s->parent->ap_uapsd; 490 else 491 params.uapsd = -1; 492 493 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 494 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 495 return -1; 496 } 497 498 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 499 if (hapd_iface == NULL) 500 return -1; 501 hapd_iface->owner = wpa_s; 502 hapd_iface->drv_flags = wpa_s->drv_flags; 503 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 504 hapd_iface->extended_capa = wpa_s->extended_capa; 505 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 506 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 507 508 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 509 if (conf == NULL) { 510 wpa_supplicant_ap_deinit(wpa_s); 511 return -1; 512 } 513 514 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 515 wpa_s->conf->wmm_ac_params, 516 sizeof(wpa_s->conf->wmm_ac_params)); 517 518 if (params.uapsd > 0) { 519 conf->bss->wmm_enabled = 1; 520 conf->bss->wmm_uapsd = 1; 521 } 522 523 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 524 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 525 wpa_supplicant_ap_deinit(wpa_s); 526 return -1; 527 } 528 529#ifdef CONFIG_P2P 530 if (ssid->mode == WPAS_MODE_P2P_GO) 531 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 532 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 533 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 534 P2P_GROUP_FORMATION; 535#endif /* CONFIG_P2P */ 536 537 hapd_iface->num_bss = conf->num_bss; 538 hapd_iface->bss = os_calloc(conf->num_bss, 539 sizeof(struct hostapd_data *)); 540 if (hapd_iface->bss == NULL) { 541 wpa_supplicant_ap_deinit(wpa_s); 542 return -1; 543 } 544 545 for (i = 0; i < conf->num_bss; i++) { 546 hapd_iface->bss[i] = 547 hostapd_alloc_bss_data(hapd_iface, conf, 548 &conf->bss[i]); 549 if (hapd_iface->bss[i] == NULL) { 550 wpa_supplicant_ap_deinit(wpa_s); 551 return -1; 552 } 553 554 hapd_iface->bss[i]->msg_ctx = wpa_s; 555 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent; 556 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 557 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 558 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 559 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 560 hostapd_register_probereq_cb(hapd_iface->bss[i], 561 ap_probe_req_rx, wpa_s); 562 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 563 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 564 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 565 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 566 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 567 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 568#ifdef CONFIG_P2P 569 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 570 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 571 ssid); 572#endif /* CONFIG_P2P */ 573 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 574 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 575 } 576 577 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 578 hapd_iface->bss[0]->driver = wpa_s->driver; 579 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 580 581 wpa_s->current_ssid = ssid; 582 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 583 wpa_s->assoc_freq = ssid->frequency; 584 585 if (hostapd_setup_interface(wpa_s->ap_iface)) { 586 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 587 wpa_supplicant_ap_deinit(wpa_s); 588 return -1; 589 } 590 591 return 0; 592} 593 594 595void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 596{ 597#ifdef CONFIG_WPS 598 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 599#endif /* CONFIG_WPS */ 600 601 if (wpa_s->ap_iface == NULL) 602 return; 603 604 wpa_s->current_ssid = NULL; 605 wpa_s->assoc_freq = 0; 606#ifdef CONFIG_P2P 607 if (wpa_s->ap_iface->bss) 608 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 609 wpas_p2p_group_deinit(wpa_s); 610#endif /* CONFIG_P2P */ 611 hostapd_interface_deinit(wpa_s->ap_iface); 612 hostapd_interface_free(wpa_s->ap_iface); 613 wpa_s->ap_iface = NULL; 614 wpa_drv_deinit_ap(wpa_s); 615} 616 617 618void ap_tx_status(void *ctx, const u8 *addr, 619 const u8 *buf, size_t len, int ack) 620{ 621#ifdef NEED_AP_MLME 622 struct wpa_supplicant *wpa_s = ctx; 623 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 624#endif /* NEED_AP_MLME */ 625} 626 627 628void ap_eapol_tx_status(void *ctx, const u8 *dst, 629 const u8 *data, size_t len, int ack) 630{ 631#ifdef NEED_AP_MLME 632 struct wpa_supplicant *wpa_s = ctx; 633 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 634#endif /* NEED_AP_MLME */ 635} 636 637 638void ap_client_poll_ok(void *ctx, const u8 *addr) 639{ 640#ifdef NEED_AP_MLME 641 struct wpa_supplicant *wpa_s = ctx; 642 if (wpa_s->ap_iface) 643 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 644#endif /* NEED_AP_MLME */ 645} 646 647 648void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 649{ 650#ifdef NEED_AP_MLME 651 struct wpa_supplicant *wpa_s = ctx; 652 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 653#endif /* NEED_AP_MLME */ 654} 655 656 657void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 658{ 659#ifdef NEED_AP_MLME 660 struct wpa_supplicant *wpa_s = ctx; 661 struct hostapd_frame_info fi; 662 os_memset(&fi, 0, sizeof(fi)); 663 fi.datarate = rx_mgmt->datarate; 664 fi.ssi_signal = rx_mgmt->ssi_signal; 665 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 666 rx_mgmt->frame_len, &fi); 667#endif /* NEED_AP_MLME */ 668} 669 670 671void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 672{ 673#ifdef NEED_AP_MLME 674 struct wpa_supplicant *wpa_s = ctx; 675 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 676#endif /* NEED_AP_MLME */ 677} 678 679 680void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 681 const u8 *src_addr, const u8 *buf, size_t len) 682{ 683 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 684} 685 686 687#ifdef CONFIG_WPS 688 689int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 690 const u8 *p2p_dev_addr) 691{ 692 if (!wpa_s->ap_iface) 693 return -1; 694 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 695 p2p_dev_addr); 696} 697 698 699int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 700{ 701 struct wps_registrar *reg; 702 int reg_sel = 0, wps_sta = 0; 703 704 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 705 return -1; 706 707 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 708 reg_sel = wps_registrar_wps_cancel(reg); 709 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 710 ap_sta_wps_cancel, NULL); 711 712 if (!reg_sel && !wps_sta) { 713 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 714 "time"); 715 return -1; 716 } 717 718 /* 719 * There are 2 cases to return wps cancel as success: 720 * 1. When wps cancel was initiated but no connection has been 721 * established with client yet. 722 * 2. Client is in the middle of exchanging WPS messages. 723 */ 724 725 return 0; 726} 727 728 729int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 730 const char *pin, char *buf, size_t buflen, 731 int timeout) 732{ 733 int ret, ret_len = 0; 734 735 if (!wpa_s->ap_iface) 736 return -1; 737 738 if (pin == NULL) { 739 unsigned int rpin = wps_generate_pin(); 740 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 741 pin = buf; 742 } else 743 ret_len = os_snprintf(buf, buflen, "%s", pin); 744 745 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 746 timeout); 747 if (ret) 748 return -1; 749 return ret_len; 750} 751 752 753static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 754{ 755 struct wpa_supplicant *wpa_s = eloop_data; 756 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 757 wpas_wps_ap_pin_disable(wpa_s); 758} 759 760 761static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 762{ 763 struct hostapd_data *hapd; 764 765 if (wpa_s->ap_iface == NULL) 766 return; 767 hapd = wpa_s->ap_iface->bss[0]; 768 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 769 hapd->ap_pin_failures = 0; 770 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 771 if (timeout > 0) 772 eloop_register_timeout(timeout, 0, 773 wpas_wps_ap_pin_timeout, wpa_s, NULL); 774} 775 776 777void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 778{ 779 struct hostapd_data *hapd; 780 781 if (wpa_s->ap_iface == NULL) 782 return; 783 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 784 hapd = wpa_s->ap_iface->bss[0]; 785 os_free(hapd->conf->ap_pin); 786 hapd->conf->ap_pin = NULL; 787 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 788} 789 790 791const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 792{ 793 struct hostapd_data *hapd; 794 unsigned int pin; 795 char pin_txt[9]; 796 797 if (wpa_s->ap_iface == NULL) 798 return NULL; 799 hapd = wpa_s->ap_iface->bss[0]; 800 pin = wps_generate_pin(); 801 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 802 os_free(hapd->conf->ap_pin); 803 hapd->conf->ap_pin = os_strdup(pin_txt); 804 if (hapd->conf->ap_pin == NULL) 805 return NULL; 806 wpas_wps_ap_pin_enable(wpa_s, timeout); 807 808 return hapd->conf->ap_pin; 809} 810 811 812const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 813{ 814 struct hostapd_data *hapd; 815 if (wpa_s->ap_iface == NULL) 816 return NULL; 817 hapd = wpa_s->ap_iface->bss[0]; 818 return hapd->conf->ap_pin; 819} 820 821 822int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 823 int timeout) 824{ 825 struct hostapd_data *hapd; 826 char pin_txt[9]; 827 int ret; 828 829 if (wpa_s->ap_iface == NULL) 830 return -1; 831 hapd = wpa_s->ap_iface->bss[0]; 832 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 833 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 834 return -1; 835 os_free(hapd->conf->ap_pin); 836 hapd->conf->ap_pin = os_strdup(pin_txt); 837 if (hapd->conf->ap_pin == NULL) 838 return -1; 839 wpas_wps_ap_pin_enable(wpa_s, timeout); 840 841 return 0; 842} 843 844 845void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 846{ 847 struct hostapd_data *hapd; 848 849 if (wpa_s->ap_iface == NULL) 850 return; 851 hapd = wpa_s->ap_iface->bss[0]; 852 853 /* 854 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 855 * PIN if this happens multiple times to slow down brute force attacks. 856 */ 857 hapd->ap_pin_failures++; 858 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 859 hapd->ap_pin_failures); 860 if (hapd->ap_pin_failures < 3) 861 return; 862 863 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 864 hapd->ap_pin_failures = 0; 865 os_free(hapd->conf->ap_pin); 866 hapd->conf->ap_pin = NULL; 867} 868 869 870#ifdef CONFIG_WPS_NFC 871 872struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 873 int ndef) 874{ 875 struct hostapd_data *hapd; 876 877 if (wpa_s->ap_iface == NULL) 878 return NULL; 879 hapd = wpa_s->ap_iface->bss[0]; 880 return hostapd_wps_nfc_config_token(hapd, ndef); 881} 882 883 884struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 885 int ndef) 886{ 887 struct hostapd_data *hapd; 888 889 if (wpa_s->ap_iface == NULL) 890 return NULL; 891 hapd = wpa_s->ap_iface->bss[0]; 892 return hostapd_wps_nfc_hs_cr(hapd, ndef); 893} 894 895#endif /* CONFIG_WPS_NFC */ 896 897#endif /* CONFIG_WPS */ 898 899 900#ifdef CONFIG_CTRL_IFACE 901 902int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 903 char *buf, size_t buflen) 904{ 905 if (wpa_s->ap_iface == NULL) 906 return -1; 907 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 908 buf, buflen); 909} 910 911 912int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 913 char *buf, size_t buflen) 914{ 915 if (wpa_s->ap_iface == NULL) 916 return -1; 917 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 918 buf, buflen); 919} 920 921 922int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 923 char *buf, size_t buflen) 924{ 925 if (wpa_s->ap_iface == NULL) 926 return -1; 927 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 928 buf, buflen); 929} 930 931 932int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 933 const char *txtaddr) 934{ 935 if (wpa_s->ap_iface == NULL) 936 return -1; 937 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 938 txtaddr); 939} 940 941 942int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 943 const char *txtaddr) 944{ 945 if (wpa_s->ap_iface == NULL) 946 return -1; 947 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 948 txtaddr); 949} 950 951 952int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 953 size_t buflen, int verbose) 954{ 955 char *pos = buf, *end = buf + buflen; 956 int ret; 957 struct hostapd_bss_config *conf; 958 959 if (wpa_s->ap_iface == NULL) 960 return -1; 961 962 conf = wpa_s->ap_iface->bss[0]->conf; 963 if (conf->wpa == 0) 964 return 0; 965 966 ret = os_snprintf(pos, end - pos, 967 "pairwise_cipher=%s\n" 968 "group_cipher=%s\n" 969 "key_mgmt=%s\n", 970 wpa_cipher_txt(conf->rsn_pairwise), 971 wpa_cipher_txt(conf->wpa_group), 972 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 973 conf->wpa)); 974 if (ret < 0 || ret >= end - pos) 975 return pos - buf; 976 pos += ret; 977 return pos - buf; 978} 979 980#endif /* CONFIG_CTRL_IFACE */ 981 982 983int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 984{ 985 struct hostapd_iface *iface = wpa_s->ap_iface; 986 struct wpa_ssid *ssid = wpa_s->current_ssid; 987 struct hostapd_data *hapd; 988 989 if (ssid == NULL || wpa_s->ap_iface == NULL || 990 ssid->mode == WPAS_MODE_INFRA || 991 ssid->mode == WPAS_MODE_IBSS) 992 return -1; 993 994#ifdef CONFIG_P2P 995 if (ssid->mode == WPAS_MODE_P2P_GO) 996 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 997 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 998 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 999 P2P_GROUP_FORMATION; 1000#endif /* CONFIG_P2P */ 1001 1002 hapd = iface->bss[0]; 1003 if (hapd->drv_priv == NULL) 1004 return -1; 1005 ieee802_11_set_beacons(iface); 1006 hostapd_set_ap_wps_ie(hapd); 1007 1008 return 0; 1009} 1010 1011 1012void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1013 int offset) 1014{ 1015 if (!wpa_s->ap_iface) 1016 return; 1017 1018 wpa_s->assoc_freq = freq; 1019 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset); 1020} 1021 1022 1023int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1024 const u8 *addr) 1025{ 1026 struct hostapd_data *hapd; 1027 struct hostapd_bss_config *conf; 1028 1029 if (!wpa_s->ap_iface) 1030 return -1; 1031 1032 if (addr) 1033 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1034 MAC2STR(addr)); 1035 else 1036 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1037 1038 hapd = wpa_s->ap_iface->bss[0]; 1039 conf = hapd->conf; 1040 1041 os_free(conf->accept_mac); 1042 conf->accept_mac = NULL; 1043 conf->num_accept_mac = 0; 1044 os_free(conf->deny_mac); 1045 conf->deny_mac = NULL; 1046 conf->num_deny_mac = 0; 1047 1048 if (addr == NULL) { 1049 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1050 return 0; 1051 } 1052 1053 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1054 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1055 if (conf->accept_mac == NULL) 1056 return -1; 1057 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1058 conf->num_accept_mac = 1; 1059 1060 return 0; 1061} 1062