ap.c revision 8da800a193fb6f8832218715f82a7b4e2d2ad338
1324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver/* 2324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver * WPA Supplicant - Basic AP mode support routines 3324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver * Copyright (c) 2009, Atheros Communications 5324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver * 6324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver * This software may be distributed under the terms of the BSD license. 7324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver * See README for more details. 8324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver */ 9324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 10324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "utils/includes.h" 11324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 12324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "utils/common.h" 13324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "utils/eloop.h" 14324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "utils/uuid.h" 15324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "common/ieee802_11_defs.h" 16324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "common/wpa_ctrl.h" 17324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/hostapd.h" 18324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/ap_config.h" 19324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/ap_drv_ops.h" 20324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#ifdef NEED_AP_MLME 21324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/ieee802_11.h" 22324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#endif /* NEED_AP_MLME */ 23324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/beacon.h" 24324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/ieee802_1x.h" 25324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/wps_hostapd.h" 26324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/ctrl_iface_ap.h" 27324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "wps/wps.h" 28324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "common/ieee802_11_defs.h" 29324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "config_ssid.h" 30324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "config.h" 31324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "wpa_supplicant_i.h" 32324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "driver_i.h" 33324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "p2p_supplicant.h" 34324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap.h" 35324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "ap/sta_info.h" 36324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#include "notify.h" 37324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 38324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 39324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#ifdef CONFIG_WPS 40324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruverstatic void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 41324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver#endif /* CONFIG_WPS */ 42324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 43324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 44324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruverstatic int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 45324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver struct wpa_ssid *ssid, 46324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver struct hostapd_config *conf) 47324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver{ 48324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver struct hostapd_bss_config *bss = &conf->bss[0]; 49324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 50324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver conf->driver = wpa_s->driver; 51324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 52324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 53324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver 54324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver if (ssid->frequency == 0) { 55324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver /* default channel 11 */ 56324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 57324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver conf->channel = 11; 58324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver } else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) { 59324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 60324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver conf->channel = (ssid->frequency - 2407) / 5; 61324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver } else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) || 62324c4644fee44b9898524c09511bd33c3f12e2dfBen Gruver (ssid->frequency >= 5745 && ssid->frequency <= 5825)) { 63 conf->hw_mode = HOSTAPD_MODE_IEEE80211A; 64 conf->channel = (ssid->frequency - 5000) / 5; 65 } else if (ssid->frequency >= 56160 + 2160 * 1 && 66 ssid->frequency <= 56160 + 2160 * 4) { 67 conf->hw_mode = HOSTAPD_MODE_IEEE80211AD; 68 conf->channel = (ssid->frequency - 56160) / 2160; 69 } else { 70 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 71 ssid->frequency); 72 return -1; 73 } 74 75 /* TODO: enable HT40 if driver supports it; 76 * drop to 11b if driver does not support 11g */ 77 78#ifdef CONFIG_IEEE80211N 79 /* 80 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 81 * and a mask of allowed capabilities within conf->ht_capab. 82 * Using default config settings for: conf->ht_op_mode_fixed, 83 * conf->secondary_channel, conf->require_ht 84 */ 85 if (wpa_s->hw.modes) { 86 struct hostapd_hw_modes *mode = NULL; 87 int i, no_ht = 0; 88 for (i = 0; i < wpa_s->hw.num_modes; i++) { 89 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 90 mode = &wpa_s->hw.modes[i]; 91 break; 92 } 93 } 94 95#ifdef CONFIG_HT_OVERRIDES 96 if (ssid->disable_ht) { 97 conf->ieee80211n = 0; 98 conf->ht_capab = 0; 99 no_ht = 1; 100 } 101#endif /* CONFIG_HT_OVERRIDES */ 102 103 if (!no_ht && mode && mode->ht_capab) { 104 conf->ieee80211n = 1; 105#ifdef CONFIG_P2P 106 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 107 (mode->ht_capab & 108 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 109 ssid->ht40) 110 conf->secondary_channel = 111 wpas_p2p_get_ht40_mode(wpa_s, mode, 112 conf->channel); 113 if (conf->secondary_channel) 114 conf->ht_capab |= 115 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 116#endif /* CONFIG_P2P */ 117 118 /* 119 * white-list capabilities that won't cause issues 120 * to connecting stations, while leaving the current 121 * capabilities intact (currently disabled SMPS). 122 */ 123 conf->ht_capab |= mode->ht_capab & 124 (HT_CAP_INFO_GREEN_FIELD | 125 HT_CAP_INFO_SHORT_GI20MHZ | 126 HT_CAP_INFO_SHORT_GI40MHZ | 127 HT_CAP_INFO_RX_STBC_MASK | 128 HT_CAP_INFO_MAX_AMSDU_SIZE); 129 } 130 } 131#endif /* CONFIG_IEEE80211N */ 132 133#ifdef CONFIG_P2P 134 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) { 135 /* Remove 802.11b rates from supported and basic rate sets */ 136 int *list = os_malloc(4 * sizeof(int)); 137 if (list) { 138 list[0] = 60; 139 list[1] = 120; 140 list[2] = 240; 141 list[3] = -1; 142 } 143 conf->basic_rates = list; 144 145 list = os_malloc(9 * sizeof(int)); 146 if (list) { 147 list[0] = 60; 148 list[1] = 90; 149 list[2] = 120; 150 list[3] = 180; 151 list[4] = 240; 152 list[5] = 360; 153 list[6] = 480; 154 list[7] = 540; 155 list[8] = -1; 156 } 157 conf->supported_rates = list; 158 } 159 160 bss->isolate = !wpa_s->conf->p2p_intra_bss; 161#endif /* CONFIG_P2P */ 162 163 if (ssid->ssid_len == 0) { 164 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 165 return -1; 166 } 167 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 168 bss->ssid.ssid_len = ssid->ssid_len; 169 bss->ssid.ssid_set = 1; 170 171 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 172 173 if (ssid->auth_alg) 174 bss->auth_algs = ssid->auth_alg; 175 176 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 177 bss->wpa = ssid->proto; 178 bss->wpa_key_mgmt = ssid->key_mgmt; 179 bss->wpa_pairwise = ssid->pairwise_cipher; 180 if (ssid->psk_set) { 181 os_free(bss->ssid.wpa_psk); 182 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 183 if (bss->ssid.wpa_psk == NULL) 184 return -1; 185 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 186 bss->ssid.wpa_psk->group = 1; 187 } else if (ssid->passphrase) { 188 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 189 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 190 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 191 struct hostapd_wep_keys *wep = &bss->ssid.wep; 192 int i; 193 for (i = 0; i < NUM_WEP_KEYS; i++) { 194 if (ssid->wep_key_len[i] == 0) 195 continue; 196 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 197 if (wep->key[i] == NULL) 198 return -1; 199 os_memcpy(wep->key[i], ssid->wep_key[i], 200 ssid->wep_key_len[i]); 201 wep->len[i] = ssid->wep_key_len[i]; 202 } 203 wep->idx = ssid->wep_tx_keyidx; 204 wep->keys_set = 1; 205 } 206 207 if (ssid->ap_max_inactivity) 208 bss->ap_max_inactivity = ssid->ap_max_inactivity; 209 210 if (ssid->dtim_period) 211 bss->dtim_period = ssid->dtim_period; 212 else if (wpa_s->conf->dtim_period) 213 bss->dtim_period = wpa_s->conf->dtim_period; 214 215 if (ssid->beacon_int) 216 conf->beacon_int = ssid->beacon_int; 217 else if (wpa_s->conf->beacon_int) 218 conf->beacon_int = wpa_s->conf->beacon_int; 219 220 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 221 bss->rsn_pairwise = bss->wpa_pairwise; 222 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 223 bss->rsn_pairwise); 224 225 if (bss->wpa && bss->ieee802_1x) 226 bss->ssid.security_policy = SECURITY_WPA; 227 else if (bss->wpa) 228 bss->ssid.security_policy = SECURITY_WPA_PSK; 229 else if (bss->ieee802_1x) { 230 int cipher = WPA_CIPHER_NONE; 231 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 232 bss->ssid.wep.default_len = bss->default_wep_key_len; 233 if (bss->default_wep_key_len) 234 cipher = bss->default_wep_key_len >= 13 ? 235 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 236 bss->wpa_group = cipher; 237 bss->wpa_pairwise = cipher; 238 bss->rsn_pairwise = cipher; 239 } else if (bss->ssid.wep.keys_set) { 240 int cipher = WPA_CIPHER_WEP40; 241 if (bss->ssid.wep.len[0] >= 13) 242 cipher = WPA_CIPHER_WEP104; 243 bss->ssid.security_policy = SECURITY_STATIC_WEP; 244 bss->wpa_group = cipher; 245 bss->wpa_pairwise = cipher; 246 bss->rsn_pairwise = cipher; 247 } else { 248 bss->ssid.security_policy = SECURITY_PLAINTEXT; 249 bss->wpa_group = WPA_CIPHER_NONE; 250 bss->wpa_pairwise = WPA_CIPHER_NONE; 251 bss->rsn_pairwise = WPA_CIPHER_NONE; 252 } 253 254 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 255 (bss->wpa_group == WPA_CIPHER_CCMP || 256 bss->wpa_group == WPA_CIPHER_GCMP)) { 257 /* 258 * Strong ciphers do not need frequent rekeying, so increase 259 * the default GTK rekeying period to 24 hours. 260 */ 261 bss->wpa_group_rekey = 86400; 262 } 263 264#ifdef CONFIG_WPS 265 /* 266 * Enable WPS by default for open and WPA/WPA2-Personal network, but 267 * require user interaction to actually use it. Only the internal 268 * Registrar is supported. 269 */ 270 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 271 bss->ssid.security_policy != SECURITY_PLAINTEXT) 272 goto no_wps; 273#ifdef CONFIG_WPS2 274 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 275 (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2))) 276 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 277 * configuration */ 278#endif /* CONFIG_WPS2 */ 279 bss->eap_server = 1; 280 281 if (!ssid->ignore_broadcast_ssid) 282 bss->wps_state = 2; 283 284 bss->ap_setup_locked = 2; 285 if (wpa_s->conf->config_methods) 286 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 287 os_memcpy(bss->device_type, wpa_s->conf->device_type, 288 WPS_DEV_TYPE_LEN); 289 if (wpa_s->conf->device_name) { 290 bss->device_name = os_strdup(wpa_s->conf->device_name); 291 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 292 } 293 if (wpa_s->conf->manufacturer) 294 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 295 if (wpa_s->conf->model_name) 296 bss->model_name = os_strdup(wpa_s->conf->model_name); 297 if (wpa_s->conf->model_number) 298 bss->model_number = os_strdup(wpa_s->conf->model_number); 299 if (wpa_s->conf->serial_number) 300 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 301 if (is_nil_uuid(wpa_s->conf->uuid)) 302 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 303 else 304 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 305 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 306 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 307no_wps: 308#endif /* CONFIG_WPS */ 309 310 if (wpa_s->max_stations && 311 wpa_s->max_stations < wpa_s->conf->max_num_sta) 312 bss->max_num_sta = wpa_s->max_stations; 313 else 314 bss->max_num_sta = wpa_s->conf->max_num_sta; 315 316 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 317 318 if (wpa_s->conf->ap_vendor_elements) { 319 bss->vendor_elements = 320 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 321 } 322 323 return 0; 324} 325 326 327static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 328{ 329#ifdef CONFIG_P2P 330 struct wpa_supplicant *wpa_s = ctx; 331 const struct ieee80211_mgmt *mgmt; 332 size_t hdr_len; 333 334 mgmt = (const struct ieee80211_mgmt *) buf; 335 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 336 if (hdr_len > len) 337 return; 338 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 339 mgmt->u.action.category, 340 &mgmt->u.action.u.vs_public_action.action, 341 len - hdr_len, freq); 342#endif /* CONFIG_P2P */ 343} 344 345 346static void ap_wps_event_cb(void *ctx, enum wps_event event, 347 union wps_event_data *data) 348{ 349#ifdef CONFIG_P2P 350 struct wpa_supplicant *wpa_s = ctx; 351 352 if (event == WPS_EV_FAIL) { 353 struct wps_event_fail *fail = &data->fail; 354 355 if (wpa_s->parent && wpa_s->parent != wpa_s && 356 wpa_s == wpa_s->global->p2p_group_formation) { 357 /* 358 * src/ap/wps_hostapd.c has already sent this on the 359 * main interface, so only send on the parent interface 360 * here if needed. 361 */ 362 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL 363 "msg=%d config_error=%d", 364 fail->msg, fail->config_error); 365 } 366 wpas_p2p_wps_failed(wpa_s, fail); 367 } 368#endif /* CONFIG_P2P */ 369} 370 371 372static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 373 int authorized, const u8 *p2p_dev_addr) 374{ 375 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 376} 377 378 379static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 380{ 381#ifdef CONFIG_P2P 382 struct wpa_supplicant *wpa_s = ctx; 383 const struct ieee80211_mgmt *mgmt; 384 size_t hdr_len; 385 386 mgmt = (const struct ieee80211_mgmt *) buf; 387 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf; 388 if (hdr_len > len) 389 return -1; 390 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 391 mgmt->u.action.category, 392 &mgmt->u.action.u.vs_public_action.action, 393 len - hdr_len, freq); 394#endif /* CONFIG_P2P */ 395 return 0; 396} 397 398 399static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 400 const u8 *bssid, const u8 *ie, size_t ie_len, 401 int ssi_signal) 402{ 403#ifdef CONFIG_P2P 404 struct wpa_supplicant *wpa_s = ctx; 405 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 406 ssi_signal); 407#else /* CONFIG_P2P */ 408 return 0; 409#endif /* CONFIG_P2P */ 410} 411 412 413static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 414 const u8 *uuid_e) 415{ 416#ifdef CONFIG_P2P 417 struct wpa_supplicant *wpa_s = ctx; 418 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 419#endif /* CONFIG_P2P */ 420} 421 422 423static void wpas_ap_configured_cb(void *ctx) 424{ 425 struct wpa_supplicant *wpa_s = ctx; 426 427 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 428 429 if (wpa_s->ap_configured_cb) 430 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 431 wpa_s->ap_configured_cb_data); 432} 433 434 435int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 436 struct wpa_ssid *ssid) 437{ 438 struct wpa_driver_associate_params params; 439 struct hostapd_iface *hapd_iface; 440 struct hostapd_config *conf; 441 size_t i; 442 443 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 444 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 445 return -1; 446 } 447 448 wpa_supplicant_ap_deinit(wpa_s); 449 450 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 451 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 452 453 os_memset(¶ms, 0, sizeof(params)); 454 params.ssid = ssid->ssid; 455 params.ssid_len = ssid->ssid_len; 456 switch (ssid->mode) { 457 case WPAS_MODE_INFRA: 458 params.mode = IEEE80211_MODE_INFRA; 459 break; 460 case WPAS_MODE_IBSS: 461 params.mode = IEEE80211_MODE_IBSS; 462 break; 463 case WPAS_MODE_AP: 464 case WPAS_MODE_P2P_GO: 465 case WPAS_MODE_P2P_GROUP_FORMATION: 466 params.mode = IEEE80211_MODE_AP; 467 break; 468 } 469 params.freq = ssid->frequency; 470 471 params.wpa_proto = ssid->proto; 472 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 473 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 474 else 475 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 476 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 477 478 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 479 1); 480 if (wpa_s->pairwise_cipher < 0) { 481 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 482 "cipher."); 483 return -1; 484 } 485 params.pairwise_suite = 486 wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher); 487 params.group_suite = params.pairwise_suite; 488 489#ifdef CONFIG_P2P 490 if (ssid->mode == WPAS_MODE_P2P_GO || 491 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 492 params.p2p = 1; 493#endif /* CONFIG_P2P */ 494 495 if (wpa_s->parent->set_ap_uapsd) 496 params.uapsd = wpa_s->parent->ap_uapsd; 497 else 498 params.uapsd = -1; 499 500 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 501 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 502 return -1; 503 } 504 505 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface)); 506 if (hapd_iface == NULL) 507 return -1; 508 hapd_iface->owner = wpa_s; 509 hapd_iface->drv_flags = wpa_s->drv_flags; 510 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 511 hapd_iface->extended_capa = wpa_s->extended_capa; 512 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 513 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 514 515 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 516 if (conf == NULL) { 517 wpa_supplicant_ap_deinit(wpa_s); 518 return -1; 519 } 520 521 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 522 wpa_s->conf->wmm_ac_params, 523 sizeof(wpa_s->conf->wmm_ac_params)); 524 525 if (params.uapsd > 0) { 526 conf->bss->wmm_enabled = 1; 527 conf->bss->wmm_uapsd = 1; 528 } 529 530 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 531 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 532 wpa_supplicant_ap_deinit(wpa_s); 533 return -1; 534 } 535 536#ifdef CONFIG_P2P 537 if (ssid->mode == WPAS_MODE_P2P_GO) 538 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 539 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 540 conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 541 P2P_GROUP_FORMATION; 542#endif /* CONFIG_P2P */ 543 544 hapd_iface->num_bss = conf->num_bss; 545 hapd_iface->bss = os_calloc(conf->num_bss, 546 sizeof(struct hostapd_data *)); 547 if (hapd_iface->bss == NULL) { 548 wpa_supplicant_ap_deinit(wpa_s); 549 return -1; 550 } 551 552 for (i = 0; i < conf->num_bss; i++) { 553 hapd_iface->bss[i] = 554 hostapd_alloc_bss_data(hapd_iface, conf, 555 &conf->bss[i]); 556 if (hapd_iface->bss[i] == NULL) { 557 wpa_supplicant_ap_deinit(wpa_s); 558 return -1; 559 } 560 561 hapd_iface->bss[i]->msg_ctx = wpa_s; 562 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent; 563 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 564 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 565 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 566 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 567 hostapd_register_probereq_cb(hapd_iface->bss[i], 568 ap_probe_req_rx, wpa_s); 569 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 570 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 571 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 572 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 573 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 574 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 575#ifdef CONFIG_P2P 576 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 577 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 578 ssid); 579#endif /* CONFIG_P2P */ 580 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 581 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 582 } 583 584 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 585 hapd_iface->bss[0]->driver = wpa_s->driver; 586 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 587 588 wpa_s->current_ssid = ssid; 589 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 590 wpa_s->assoc_freq = ssid->frequency; 591 592 if (hostapd_setup_interface(wpa_s->ap_iface)) { 593 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 594 wpa_supplicant_ap_deinit(wpa_s); 595 return -1; 596 } 597 598 return 0; 599} 600 601 602void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 603{ 604#ifdef CONFIG_WPS 605 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 606#endif /* CONFIG_WPS */ 607 608 if (wpa_s->ap_iface == NULL) 609 return; 610 611 wpa_s->current_ssid = NULL; 612 wpa_s->assoc_freq = 0; 613#ifdef CONFIG_P2P 614 if (wpa_s->ap_iface->bss) 615 wpa_s->ap_iface->bss[0]->p2p_group = NULL; 616 wpas_p2p_group_deinit(wpa_s); 617#endif /* CONFIG_P2P */ 618 hostapd_interface_deinit(wpa_s->ap_iface); 619 hostapd_interface_free(wpa_s->ap_iface); 620 wpa_s->ap_iface = NULL; 621 wpa_drv_deinit_ap(wpa_s); 622} 623 624 625void ap_tx_status(void *ctx, const u8 *addr, 626 const u8 *buf, size_t len, int ack) 627{ 628#ifdef NEED_AP_MLME 629 struct wpa_supplicant *wpa_s = ctx; 630 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 631#endif /* NEED_AP_MLME */ 632} 633 634 635void ap_eapol_tx_status(void *ctx, const u8 *dst, 636 const u8 *data, size_t len, int ack) 637{ 638#ifdef NEED_AP_MLME 639 struct wpa_supplicant *wpa_s = ctx; 640 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 641#endif /* NEED_AP_MLME */ 642} 643 644 645void ap_client_poll_ok(void *ctx, const u8 *addr) 646{ 647#ifdef NEED_AP_MLME 648 struct wpa_supplicant *wpa_s = ctx; 649 if (wpa_s->ap_iface) 650 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 651#endif /* NEED_AP_MLME */ 652} 653 654 655void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 656{ 657#ifdef NEED_AP_MLME 658 struct wpa_supplicant *wpa_s = ctx; 659 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 660#endif /* NEED_AP_MLME */ 661} 662 663 664void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 665{ 666#ifdef NEED_AP_MLME 667 struct wpa_supplicant *wpa_s = ctx; 668 struct hostapd_frame_info fi; 669 os_memset(&fi, 0, sizeof(fi)); 670 fi.datarate = rx_mgmt->datarate; 671 fi.ssi_signal = rx_mgmt->ssi_signal; 672 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 673 rx_mgmt->frame_len, &fi); 674#endif /* NEED_AP_MLME */ 675} 676 677 678void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 679{ 680#ifdef NEED_AP_MLME 681 struct wpa_supplicant *wpa_s = ctx; 682 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 683#endif /* NEED_AP_MLME */ 684} 685 686 687void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 688 const u8 *src_addr, const u8 *buf, size_t len) 689{ 690 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 691} 692 693 694#ifdef CONFIG_WPS 695 696int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 697 const u8 *p2p_dev_addr) 698{ 699 if (!wpa_s->ap_iface) 700 return -1; 701 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 702 p2p_dev_addr); 703} 704 705 706int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 707{ 708 struct wps_registrar *reg; 709 int reg_sel = 0, wps_sta = 0; 710 711 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 712 return -1; 713 714 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 715 reg_sel = wps_registrar_wps_cancel(reg); 716 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 717 ap_sta_wps_cancel, NULL); 718 719 if (!reg_sel && !wps_sta) { 720 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 721 "time"); 722 return -1; 723 } 724 725 /* 726 * There are 2 cases to return wps cancel as success: 727 * 1. When wps cancel was initiated but no connection has been 728 * established with client yet. 729 * 2. Client is in the middle of exchanging WPS messages. 730 */ 731 732 return 0; 733} 734 735 736int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 737 const char *pin, char *buf, size_t buflen, 738 int timeout) 739{ 740 int ret, ret_len = 0; 741 742 if (!wpa_s->ap_iface) 743 return -1; 744 745 if (pin == NULL) { 746 unsigned int rpin = wps_generate_pin(); 747 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 748 pin = buf; 749 } else 750 ret_len = os_snprintf(buf, buflen, "%s", pin); 751 752 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 753 timeout); 754 if (ret) 755 return -1; 756 return ret_len; 757} 758 759 760static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 761{ 762 struct wpa_supplicant *wpa_s = eloop_data; 763 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 764 wpas_wps_ap_pin_disable(wpa_s); 765} 766 767 768static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 769{ 770 struct hostapd_data *hapd; 771 772 if (wpa_s->ap_iface == NULL) 773 return; 774 hapd = wpa_s->ap_iface->bss[0]; 775 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 776 hapd->ap_pin_failures = 0; 777 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 778 if (timeout > 0) 779 eloop_register_timeout(timeout, 0, 780 wpas_wps_ap_pin_timeout, wpa_s, NULL); 781} 782 783 784void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 785{ 786 struct hostapd_data *hapd; 787 788 if (wpa_s->ap_iface == NULL) 789 return; 790 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 791 hapd = wpa_s->ap_iface->bss[0]; 792 os_free(hapd->conf->ap_pin); 793 hapd->conf->ap_pin = NULL; 794 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 795} 796 797 798const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 799{ 800 struct hostapd_data *hapd; 801 unsigned int pin; 802 char pin_txt[9]; 803 804 if (wpa_s->ap_iface == NULL) 805 return NULL; 806 hapd = wpa_s->ap_iface->bss[0]; 807 pin = wps_generate_pin(); 808 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 809 os_free(hapd->conf->ap_pin); 810 hapd->conf->ap_pin = os_strdup(pin_txt); 811 if (hapd->conf->ap_pin == NULL) 812 return NULL; 813 wpas_wps_ap_pin_enable(wpa_s, timeout); 814 815 return hapd->conf->ap_pin; 816} 817 818 819const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 820{ 821 struct hostapd_data *hapd; 822 if (wpa_s->ap_iface == NULL) 823 return NULL; 824 hapd = wpa_s->ap_iface->bss[0]; 825 return hapd->conf->ap_pin; 826} 827 828 829int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 830 int timeout) 831{ 832 struct hostapd_data *hapd; 833 char pin_txt[9]; 834 int ret; 835 836 if (wpa_s->ap_iface == NULL) 837 return -1; 838 hapd = wpa_s->ap_iface->bss[0]; 839 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 840 if (ret < 0 || ret >= (int) sizeof(pin_txt)) 841 return -1; 842 os_free(hapd->conf->ap_pin); 843 hapd->conf->ap_pin = os_strdup(pin_txt); 844 if (hapd->conf->ap_pin == NULL) 845 return -1; 846 wpas_wps_ap_pin_enable(wpa_s, timeout); 847 848 return 0; 849} 850 851 852void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 853{ 854 struct hostapd_data *hapd; 855 856 if (wpa_s->ap_iface == NULL) 857 return; 858 hapd = wpa_s->ap_iface->bss[0]; 859 860 /* 861 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 862 * PIN if this happens multiple times to slow down brute force attacks. 863 */ 864 hapd->ap_pin_failures++; 865 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 866 hapd->ap_pin_failures); 867 if (hapd->ap_pin_failures < 3) 868 return; 869 870 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 871 hapd->ap_pin_failures = 0; 872 os_free(hapd->conf->ap_pin); 873 hapd->conf->ap_pin = NULL; 874} 875 876 877#ifdef CONFIG_WPS_NFC 878 879struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 880 int ndef) 881{ 882 struct hostapd_data *hapd; 883 884 if (wpa_s->ap_iface == NULL) 885 return NULL; 886 hapd = wpa_s->ap_iface->bss[0]; 887 return hostapd_wps_nfc_config_token(hapd, ndef); 888} 889 890 891struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 892 int ndef) 893{ 894 struct hostapd_data *hapd; 895 896 if (wpa_s->ap_iface == NULL) 897 return NULL; 898 hapd = wpa_s->ap_iface->bss[0]; 899 return hostapd_wps_nfc_hs_cr(hapd, ndef); 900} 901 902#endif /* CONFIG_WPS_NFC */ 903 904#endif /* CONFIG_WPS */ 905 906 907#ifdef CONFIG_CTRL_IFACE 908 909int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 910 char *buf, size_t buflen) 911{ 912 if (wpa_s->ap_iface == NULL) 913 return -1; 914 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0], 915 buf, buflen); 916} 917 918 919int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 920 char *buf, size_t buflen) 921{ 922 if (wpa_s->ap_iface == NULL) 923 return -1; 924 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr, 925 buf, buflen); 926} 927 928 929int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 930 char *buf, size_t buflen) 931{ 932 if (wpa_s->ap_iface == NULL) 933 return -1; 934 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr, 935 buf, buflen); 936} 937 938 939int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 940 const char *txtaddr) 941{ 942 if (wpa_s->ap_iface == NULL) 943 return -1; 944 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 945 txtaddr); 946} 947 948 949int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 950 const char *txtaddr) 951{ 952 if (wpa_s->ap_iface == NULL) 953 return -1; 954 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 955 txtaddr); 956} 957 958 959int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 960 size_t buflen, int verbose) 961{ 962 char *pos = buf, *end = buf + buflen; 963 int ret; 964 struct hostapd_bss_config *conf; 965 966 if (wpa_s->ap_iface == NULL) 967 return -1; 968 969 conf = wpa_s->ap_iface->bss[0]->conf; 970 if (conf->wpa == 0) 971 return 0; 972 973 ret = os_snprintf(pos, end - pos, 974 "pairwise_cipher=%s\n" 975 "group_cipher=%s\n" 976 "key_mgmt=%s\n", 977 wpa_cipher_txt(conf->rsn_pairwise), 978 wpa_cipher_txt(conf->wpa_group), 979 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 980 conf->wpa)); 981 if (ret < 0 || ret >= end - pos) 982 return pos - buf; 983 pos += ret; 984 return pos - buf; 985} 986 987#endif /* CONFIG_CTRL_IFACE */ 988 989 990int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 991{ 992 struct hostapd_iface *iface = wpa_s->ap_iface; 993 struct wpa_ssid *ssid = wpa_s->current_ssid; 994 struct hostapd_data *hapd; 995 996 if (ssid == NULL || wpa_s->ap_iface == NULL || 997 ssid->mode == WPAS_MODE_INFRA || 998 ssid->mode == WPAS_MODE_IBSS) 999 return -1; 1000 1001#ifdef CONFIG_P2P 1002 if (ssid->mode == WPAS_MODE_P2P_GO) 1003 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1004 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1005 iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1006 P2P_GROUP_FORMATION; 1007#endif /* CONFIG_P2P */ 1008 1009 hapd = iface->bss[0]; 1010 if (hapd->drv_priv == NULL) 1011 return -1; 1012 ieee802_11_set_beacons(iface); 1013 hostapd_set_ap_wps_ie(hapd); 1014 1015 return 0; 1016} 1017 1018 1019void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1020 int offset) 1021{ 1022 if (!wpa_s->ap_iface) 1023 return; 1024 1025 wpa_s->assoc_freq = freq; 1026 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset); 1027} 1028 1029 1030int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1031 const u8 *addr) 1032{ 1033 struct hostapd_data *hapd; 1034 struct hostapd_bss_config *conf; 1035 1036 if (!wpa_s->ap_iface) 1037 return -1; 1038 1039 if (addr) 1040 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1041 MAC2STR(addr)); 1042 else 1043 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1044 1045 hapd = wpa_s->ap_iface->bss[0]; 1046 conf = hapd->conf; 1047 1048 os_free(conf->accept_mac); 1049 conf->accept_mac = NULL; 1050 conf->num_accept_mac = 0; 1051 os_free(conf->deny_mac); 1052 conf->deny_mac = NULL; 1053 conf->num_deny_mac = 0; 1054 1055 if (addr == NULL) { 1056 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1057 return 0; 1058 } 1059 1060 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1061 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1062 if (conf->accept_mac == NULL) 1063 return -1; 1064 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1065 conf->num_accept_mac = 1; 1066 1067 return 0; 1068} 1069