1/* 2 * WPA Supplicant - Basic AP mode support routines 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * Copyright (c) 2009, Atheros Communications 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10#include "utils/includes.h" 11 12#include "utils/common.h" 13#include "utils/eloop.h" 14#include "utils/uuid.h" 15#include "common/ieee802_11_defs.h" 16#include "common/wpa_ctrl.h" 17#include "eapol_supp/eapol_supp_sm.h" 18#include "crypto/dh_group5.h" 19#include "ap/hostapd.h" 20#include "ap/ap_config.h" 21#include "ap/ap_drv_ops.h" 22#ifdef NEED_AP_MLME 23#include "ap/ieee802_11.h" 24#endif /* NEED_AP_MLME */ 25#include "ap/beacon.h" 26#include "ap/ieee802_1x.h" 27#include "ap/wps_hostapd.h" 28#include "ap/ctrl_iface_ap.h" 29#include "ap/dfs.h" 30#include "wps/wps.h" 31#include "common/ieee802_11_defs.h" 32#include "config_ssid.h" 33#include "config.h" 34#include "wpa_supplicant_i.h" 35#include "driver_i.h" 36#include "p2p_supplicant.h" 37#include "ap.h" 38#include "ap/sta_info.h" 39#include "notify.h" 40 41 42#ifdef CONFIG_WPS 43static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx); 44#endif /* CONFIG_WPS */ 45 46 47#ifdef CONFIG_IEEE80211N 48static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s, 49 struct hostapd_config *conf, 50 struct hostapd_hw_modes *mode) 51{ 52#ifdef CONFIG_P2P 53 u8 center_chan = 0; 54 u8 channel = conf->channel; 55 56 if (!conf->secondary_channel) 57 goto no_vht; 58 59 switch (conf->vht_oper_chwidth) { 60 case VHT_CHANWIDTH_80MHZ: 61 case VHT_CHANWIDTH_80P80MHZ: 62 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel); 63 break; 64 case VHT_CHANWIDTH_160MHZ: 65 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 66 break; 67 default: 68 /* 69 * conf->vht_oper_chwidth might not be set for non-P2P GO cases, 70 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is 71 * not supported. 72 */ 73 conf->vht_oper_chwidth = VHT_CHANWIDTH_160MHZ; 74 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel); 75 if (!center_chan) { 76 conf->vht_oper_chwidth = VHT_CHANWIDTH_80MHZ; 77 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, 78 channel); 79 } 80 break; 81 } 82 if (!center_chan) 83 goto no_vht; 84 85 conf->vht_oper_centr_freq_seg0_idx = center_chan; 86 return; 87 88no_vht: 89 conf->vht_oper_centr_freq_seg0_idx = 90 channel + conf->secondary_channel * 2; 91#else /* CONFIG_P2P */ 92 conf->vht_oper_centr_freq_seg0_idx = 93 conf->channel + conf->secondary_channel * 2; 94#endif /* CONFIG_P2P */ 95 conf->vht_oper_chwidth = VHT_CHANWIDTH_USE_HT; 96} 97#endif /* CONFIG_IEEE80211N */ 98 99 100int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s, 101 struct wpa_ssid *ssid, 102 struct hostapd_config *conf) 103{ 104 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency, 105 &conf->channel); 106 107 if (conf->hw_mode == NUM_HOSTAPD_MODES) { 108 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz", 109 ssid->frequency); 110 return -1; 111 } 112 113 /* TODO: enable HT40 if driver supports it; 114 * drop to 11b if driver does not support 11g */ 115 116#ifdef CONFIG_IEEE80211N 117 /* 118 * Enable HT20 if the driver supports it, by setting conf->ieee80211n 119 * and a mask of allowed capabilities within conf->ht_capab. 120 * Using default config settings for: conf->ht_op_mode_fixed, 121 * conf->secondary_channel, conf->require_ht 122 */ 123 if (wpa_s->hw.modes) { 124 struct hostapd_hw_modes *mode = NULL; 125 int i, no_ht = 0; 126 for (i = 0; i < wpa_s->hw.num_modes; i++) { 127 if (wpa_s->hw.modes[i].mode == conf->hw_mode) { 128 mode = &wpa_s->hw.modes[i]; 129 break; 130 } 131 } 132 133#ifdef CONFIG_HT_OVERRIDES 134 if (ssid->disable_ht) { 135 conf->ieee80211n = 0; 136 conf->ht_capab = 0; 137 no_ht = 1; 138 } 139#endif /* CONFIG_HT_OVERRIDES */ 140 141 if (!no_ht && mode && mode->ht_capab) { 142 conf->ieee80211n = 1; 143#ifdef CONFIG_P2P 144 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A && 145 (mode->ht_capab & 146 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) && 147 ssid->ht40) 148 conf->secondary_channel = 149 wpas_p2p_get_ht40_mode(wpa_s, mode, 150 conf->channel); 151 if (conf->secondary_channel) 152 conf->ht_capab |= 153 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 154#endif /* CONFIG_P2P */ 155 156 /* 157 * white-list capabilities that won't cause issues 158 * to connecting stations, while leaving the current 159 * capabilities intact (currently disabled SMPS). 160 */ 161 conf->ht_capab |= mode->ht_capab & 162 (HT_CAP_INFO_GREEN_FIELD | 163 HT_CAP_INFO_SHORT_GI20MHZ | 164 HT_CAP_INFO_SHORT_GI40MHZ | 165 HT_CAP_INFO_RX_STBC_MASK | 166 HT_CAP_INFO_TX_STBC | 167 HT_CAP_INFO_MAX_AMSDU_SIZE); 168 169 if (mode->vht_capab && ssid->vht) { 170 conf->ieee80211ac = 1; 171 conf->vht_capab |= mode->vht_capab; 172 wpas_conf_ap_vht(wpa_s, conf, mode); 173 } 174 } 175 } 176 177 if (conf->secondary_channel) { 178 struct wpa_supplicant *iface; 179 180 for (iface = wpa_s->global->ifaces; iface; iface = iface->next) 181 { 182 if (iface == wpa_s || 183 iface->wpa_state < WPA_AUTHENTICATING || 184 (int) iface->assoc_freq != ssid->frequency) 185 continue; 186 187 /* 188 * Do not allow 40 MHz co-ex PRI/SEC switch to force us 189 * to change our PRI channel since we have an existing, 190 * concurrent connection on that channel and doing 191 * multi-channel concurrency is likely to cause more 192 * harm than using different PRI/SEC selection in 193 * environment with multiple BSSes on these two channels 194 * with mixed 20 MHz or PRI channel selection. 195 */ 196 conf->no_pri_sec_switch = 1; 197 } 198 } 199#endif /* CONFIG_IEEE80211N */ 200 201 return 0; 202} 203 204 205static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s, 206 struct wpa_ssid *ssid, 207 struct hostapd_config *conf) 208{ 209 struct hostapd_bss_config *bss = conf->bss[0]; 210 211 conf->driver = wpa_s->driver; 212 213 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface)); 214 215 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf)) 216 return -1; 217 218 if (ssid->pbss > 1) { 219 wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode", 220 ssid->pbss); 221 return -1; 222 } 223 bss->pbss = ssid->pbss; 224 225#ifdef CONFIG_ACS 226 if (ssid->acs) { 227 /* Setting channel to 0 in order to enable ACS */ 228 conf->channel = 0; 229 wpa_printf(MSG_DEBUG, "Use automatic channel selection"); 230 } 231#endif /* CONFIG_ACS */ 232 233 if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) { 234 conf->ieee80211h = 1; 235 conf->ieee80211d = 1; 236 conf->country[0] = wpa_s->conf->country[0]; 237 conf->country[1] = wpa_s->conf->country[1]; 238 conf->country[2] = ' '; 239 } 240 241#ifdef CONFIG_P2P 242 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G && 243 (ssid->mode == WPAS_MODE_P2P_GO || 244 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) { 245 /* Remove 802.11b rates from supported and basic rate sets */ 246 int *list = os_malloc(4 * sizeof(int)); 247 if (list) { 248 list[0] = 60; 249 list[1] = 120; 250 list[2] = 240; 251 list[3] = -1; 252 } 253 conf->basic_rates = list; 254 255 list = os_malloc(9 * sizeof(int)); 256 if (list) { 257 list[0] = 60; 258 list[1] = 90; 259 list[2] = 120; 260 list[3] = 180; 261 list[4] = 240; 262 list[5] = 360; 263 list[6] = 480; 264 list[7] = 540; 265 list[8] = -1; 266 } 267 conf->supported_rates = list; 268 } 269 270 bss->isolate = !wpa_s->conf->p2p_intra_bss; 271 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk; 272 273 if (ssid->p2p_group) { 274 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4); 275 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask, 276 4); 277 os_memcpy(bss->ip_addr_start, 278 wpa_s->p2pdev->conf->ip_addr_start, 4); 279 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end, 280 4); 281 } 282#endif /* CONFIG_P2P */ 283 284 if (ssid->ssid_len == 0) { 285 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 286 return -1; 287 } 288 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len); 289 bss->ssid.ssid_len = ssid->ssid_len; 290 bss->ssid.ssid_set = 1; 291 292 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid; 293 294 if (ssid->auth_alg) 295 bss->auth_algs = ssid->auth_alg; 296 297 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) 298 bss->wpa = ssid->proto; 299 if (ssid->key_mgmt == DEFAULT_KEY_MGMT) 300 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK; 301 else 302 bss->wpa_key_mgmt = ssid->key_mgmt; 303 bss->wpa_pairwise = ssid->pairwise_cipher; 304 if (ssid->psk_set) { 305 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk)); 306 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 307 if (bss->ssid.wpa_psk == NULL) 308 return -1; 309 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN); 310 bss->ssid.wpa_psk->group = 1; 311 bss->ssid.wpa_psk_set = 1; 312 } else if (ssid->passphrase) { 313 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase); 314 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] || 315 ssid->wep_key_len[2] || ssid->wep_key_len[3]) { 316 struct hostapd_wep_keys *wep = &bss->ssid.wep; 317 int i; 318 for (i = 0; i < NUM_WEP_KEYS; i++) { 319 if (ssid->wep_key_len[i] == 0) 320 continue; 321 wep->key[i] = os_malloc(ssid->wep_key_len[i]); 322 if (wep->key[i] == NULL) 323 return -1; 324 os_memcpy(wep->key[i], ssid->wep_key[i], 325 ssid->wep_key_len[i]); 326 wep->len[i] = ssid->wep_key_len[i]; 327 } 328 wep->idx = ssid->wep_tx_keyidx; 329 wep->keys_set = 1; 330 } 331 332 if (ssid->ap_max_inactivity) 333 bss->ap_max_inactivity = ssid->ap_max_inactivity; 334 335 if (ssid->dtim_period) 336 bss->dtim_period = ssid->dtim_period; 337 else if (wpa_s->conf->dtim_period) 338 bss->dtim_period = wpa_s->conf->dtim_period; 339 340 if (ssid->beacon_int) 341 conf->beacon_int = ssid->beacon_int; 342 else if (wpa_s->conf->beacon_int) 343 conf->beacon_int = wpa_s->conf->beacon_int; 344 345#ifdef CONFIG_P2P 346 if (ssid->mode == WPAS_MODE_P2P_GO || 347 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 348 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) { 349 wpa_printf(MSG_INFO, 350 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it", 351 wpa_s->conf->p2p_go_ctwindow, 352 conf->beacon_int); 353 conf->p2p_go_ctwindow = 0; 354 } else { 355 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow; 356 } 357 } 358#endif /* CONFIG_P2P */ 359 360 if ((bss->wpa & 2) && bss->rsn_pairwise == 0) 361 bss->rsn_pairwise = bss->wpa_pairwise; 362 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise, 363 bss->rsn_pairwise); 364 365 if (bss->wpa && bss->ieee802_1x) 366 bss->ssid.security_policy = SECURITY_WPA; 367 else if (bss->wpa) 368 bss->ssid.security_policy = SECURITY_WPA_PSK; 369 else if (bss->ieee802_1x) { 370 int cipher = WPA_CIPHER_NONE; 371 bss->ssid.security_policy = SECURITY_IEEE_802_1X; 372 bss->ssid.wep.default_len = bss->default_wep_key_len; 373 if (bss->default_wep_key_len) 374 cipher = bss->default_wep_key_len >= 13 ? 375 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40; 376 bss->wpa_group = cipher; 377 bss->wpa_pairwise = cipher; 378 bss->rsn_pairwise = cipher; 379 } else if (bss->ssid.wep.keys_set) { 380 int cipher = WPA_CIPHER_WEP40; 381 if (bss->ssid.wep.len[0] >= 13) 382 cipher = WPA_CIPHER_WEP104; 383 bss->ssid.security_policy = SECURITY_STATIC_WEP; 384 bss->wpa_group = cipher; 385 bss->wpa_pairwise = cipher; 386 bss->rsn_pairwise = cipher; 387 } else { 388 bss->ssid.security_policy = SECURITY_PLAINTEXT; 389 bss->wpa_group = WPA_CIPHER_NONE; 390 bss->wpa_pairwise = WPA_CIPHER_NONE; 391 bss->rsn_pairwise = WPA_CIPHER_NONE; 392 } 393 394 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) && 395 (bss->wpa_group == WPA_CIPHER_CCMP || 396 bss->wpa_group == WPA_CIPHER_GCMP || 397 bss->wpa_group == WPA_CIPHER_CCMP_256 || 398 bss->wpa_group == WPA_CIPHER_GCMP_256)) { 399 /* 400 * Strong ciphers do not need frequent rekeying, so increase 401 * the default GTK rekeying period to 24 hours. 402 */ 403 bss->wpa_group_rekey = 86400; 404 } 405 406#ifdef CONFIG_IEEE80211W 407 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) 408 bss->ieee80211w = ssid->ieee80211w; 409#endif /* CONFIG_IEEE80211W */ 410 411#ifdef CONFIG_WPS 412 /* 413 * Enable WPS by default for open and WPA/WPA2-Personal network, but 414 * require user interaction to actually use it. Only the internal 415 * Registrar is supported. 416 */ 417 if (bss->ssid.security_policy != SECURITY_WPA_PSK && 418 bss->ssid.security_policy != SECURITY_PLAINTEXT) 419 goto no_wps; 420 if (bss->ssid.security_policy == SECURITY_WPA_PSK && 421 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) || 422 !(bss->wpa & 2))) 423 goto no_wps; /* WPS2 does not allow WPA/TKIP-only 424 * configuration */ 425 if (ssid->wps_disabled) 426 goto no_wps; 427 bss->eap_server = 1; 428 429 if (!ssid->ignore_broadcast_ssid) 430 bss->wps_state = 2; 431 432 bss->ap_setup_locked = 2; 433 if (wpa_s->conf->config_methods) 434 bss->config_methods = os_strdup(wpa_s->conf->config_methods); 435 os_memcpy(bss->device_type, wpa_s->conf->device_type, 436 WPS_DEV_TYPE_LEN); 437 if (wpa_s->conf->device_name) { 438 bss->device_name = os_strdup(wpa_s->conf->device_name); 439 bss->friendly_name = os_strdup(wpa_s->conf->device_name); 440 } 441 if (wpa_s->conf->manufacturer) 442 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer); 443 if (wpa_s->conf->model_name) 444 bss->model_name = os_strdup(wpa_s->conf->model_name); 445 if (wpa_s->conf->model_number) 446 bss->model_number = os_strdup(wpa_s->conf->model_number); 447 if (wpa_s->conf->serial_number) 448 bss->serial_number = os_strdup(wpa_s->conf->serial_number); 449 if (is_nil_uuid(wpa_s->conf->uuid)) 450 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN); 451 else 452 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); 453 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4); 454 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1; 455 if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE) 456 bss->fragment_size = ssid->eap.fragment_size; 457no_wps: 458#endif /* CONFIG_WPS */ 459 460 if (wpa_s->max_stations && 461 wpa_s->max_stations < wpa_s->conf->max_num_sta) 462 bss->max_num_sta = wpa_s->max_stations; 463 else 464 bss->max_num_sta = wpa_s->conf->max_num_sta; 465 466 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack; 467 468 if (wpa_s->conf->ap_vendor_elements) { 469 bss->vendor_elements = 470 wpabuf_dup(wpa_s->conf->ap_vendor_elements); 471 } 472 473 bss->ftm_responder = wpa_s->conf->ftm_responder; 474 bss->ftm_initiator = wpa_s->conf->ftm_initiator; 475 476 return 0; 477} 478 479 480static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 481{ 482#ifdef CONFIG_P2P 483 struct wpa_supplicant *wpa_s = ctx; 484 const struct ieee80211_mgmt *mgmt; 485 486 mgmt = (const struct ieee80211_mgmt *) buf; 487 if (len < IEEE80211_HDRLEN + 1) 488 return; 489 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC) 490 return; 491 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 492 mgmt->u.action.category, 493 buf + IEEE80211_HDRLEN + 1, 494 len - IEEE80211_HDRLEN - 1, freq); 495#endif /* CONFIG_P2P */ 496} 497 498 499static void ap_wps_event_cb(void *ctx, enum wps_event event, 500 union wps_event_data *data) 501{ 502#ifdef CONFIG_P2P 503 struct wpa_supplicant *wpa_s = ctx; 504 505 if (event == WPS_EV_FAIL) { 506 struct wps_event_fail *fail = &data->fail; 507 508 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s && 509 wpa_s == wpa_s->global->p2p_group_formation) { 510 /* 511 * src/ap/wps_hostapd.c has already sent this on the 512 * main interface, so only send on the parent interface 513 * here if needed. 514 */ 515 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL 516 "msg=%d config_error=%d", 517 fail->msg, fail->config_error); 518 } 519 wpas_p2p_wps_failed(wpa_s, fail); 520 } 521#endif /* CONFIG_P2P */ 522} 523 524 525static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr, 526 int authorized, const u8 *p2p_dev_addr) 527{ 528 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr); 529} 530 531 532#ifdef CONFIG_P2P 533static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr, 534 const u8 *psk, size_t psk_len) 535{ 536 537 struct wpa_supplicant *wpa_s = ctx; 538 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL) 539 return; 540 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len); 541} 542#endif /* CONFIG_P2P */ 543 544 545static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq) 546{ 547#ifdef CONFIG_P2P 548 struct wpa_supplicant *wpa_s = ctx; 549 const struct ieee80211_mgmt *mgmt; 550 551 mgmt = (const struct ieee80211_mgmt *) buf; 552 if (len < IEEE80211_HDRLEN + 1) 553 return -1; 554 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 555 mgmt->u.action.category, 556 buf + IEEE80211_HDRLEN + 1, 557 len - IEEE80211_HDRLEN - 1, freq); 558#endif /* CONFIG_P2P */ 559 return 0; 560} 561 562 563static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da, 564 const u8 *bssid, const u8 *ie, size_t ie_len, 565 int ssi_signal) 566{ 567 struct wpa_supplicant *wpa_s = ctx; 568 unsigned int freq = 0; 569 570 if (wpa_s->ap_iface) 571 freq = wpa_s->ap_iface->freq; 572 573 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len, 574 freq, ssi_signal); 575} 576 577 578static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr, 579 const u8 *uuid_e) 580{ 581 struct wpa_supplicant *wpa_s = ctx; 582 wpas_p2p_wps_success(wpa_s, mac_addr, 1); 583} 584 585 586static void wpas_ap_configured_cb(void *ctx) 587{ 588 struct wpa_supplicant *wpa_s = ctx; 589 590#ifdef CONFIG_ACS 591 if (wpa_s->current_ssid && wpa_s->current_ssid->acs) 592 wpa_s->assoc_freq = wpa_s->ap_iface->freq; 593#endif /* CONFIG_ACS */ 594 595 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 596 597 if (wpa_s->ap_configured_cb) 598 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx, 599 wpa_s->ap_configured_cb_data); 600} 601 602 603int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s, 604 struct wpa_ssid *ssid) 605{ 606 struct wpa_driver_associate_params params; 607 struct hostapd_iface *hapd_iface; 608 struct hostapd_config *conf; 609 size_t i; 610 611 if (ssid->ssid == NULL || ssid->ssid_len == 0) { 612 wpa_printf(MSG_ERROR, "No SSID configured for AP mode"); 613 return -1; 614 } 615 616 wpa_supplicant_ap_deinit(wpa_s); 617 618 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')", 619 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 620 621 os_memset(¶ms, 0, sizeof(params)); 622 params.ssid = ssid->ssid; 623 params.ssid_len = ssid->ssid_len; 624 switch (ssid->mode) { 625 case WPAS_MODE_AP: 626 case WPAS_MODE_P2P_GO: 627 case WPAS_MODE_P2P_GROUP_FORMATION: 628 params.mode = IEEE80211_MODE_AP; 629 break; 630 default: 631 return -1; 632 } 633 if (ssid->frequency == 0) 634 ssid->frequency = 2462; /* default channel 11 */ 635 params.freq.freq = ssid->frequency; 636 637 params.wpa_proto = ssid->proto; 638 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 639 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 640 else 641 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 642 params.key_mgmt_suite = wpa_s->key_mgmt; 643 644 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher, 645 1); 646 if (wpa_s->pairwise_cipher < 0) { 647 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 648 "cipher."); 649 return -1; 650 } 651 params.pairwise_suite = wpa_s->pairwise_cipher; 652 params.group_suite = params.pairwise_suite; 653 654#ifdef CONFIG_P2P 655 if (ssid->mode == WPAS_MODE_P2P_GO || 656 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 657 params.p2p = 1; 658#endif /* CONFIG_P2P */ 659 660 if (wpa_s->p2pdev->set_ap_uapsd) 661 params.uapsd = wpa_s->p2pdev->ap_uapsd; 662 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD)) 663 params.uapsd = 1; /* mandatory for P2P GO */ 664 else 665 params.uapsd = -1; 666 667 if (ieee80211_is_dfs(params.freq.freq)) 668 params.freq.freq = 0; /* set channel after CAC */ 669 670 if (params.p2p) 671 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO); 672 else 673 wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS); 674 675 if (wpa_drv_associate(wpa_s, ¶ms) < 0) { 676 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality"); 677 return -1; 678 } 679 680 wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface(); 681 if (hapd_iface == NULL) 682 return -1; 683 hapd_iface->owner = wpa_s; 684 hapd_iface->drv_flags = wpa_s->drv_flags; 685 hapd_iface->smps_modes = wpa_s->drv_smps_modes; 686 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads; 687 hapd_iface->extended_capa = wpa_s->extended_capa; 688 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask; 689 hapd_iface->extended_capa_len = wpa_s->extended_capa_len; 690 691 wpa_s->ap_iface->conf = conf = hostapd_config_defaults(); 692 if (conf == NULL) { 693 wpa_supplicant_ap_deinit(wpa_s); 694 return -1; 695 } 696 697 /* Use the maximum oper channel width if it's given. */ 698 if (ssid->max_oper_chwidth) 699 conf->vht_oper_chwidth = ssid->max_oper_chwidth; 700 701 ieee80211_freq_to_chan(ssid->vht_center_freq2, 702 &conf->vht_oper_centr_freq_seg1_idx); 703 704 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params, 705 wpa_s->conf->wmm_ac_params, 706 sizeof(wpa_s->conf->wmm_ac_params)); 707 708 if (params.uapsd > 0) { 709 conf->bss[0]->wmm_enabled = 1; 710 conf->bss[0]->wmm_uapsd = 1; 711 } 712 713 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) { 714 wpa_printf(MSG_ERROR, "Failed to create AP configuration"); 715 wpa_supplicant_ap_deinit(wpa_s); 716 return -1; 717 } 718 719#ifdef CONFIG_P2P 720 if (ssid->mode == WPAS_MODE_P2P_GO) 721 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 722 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 723 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 724 P2P_GROUP_FORMATION; 725#endif /* CONFIG_P2P */ 726 727 hapd_iface->num_bss = conf->num_bss; 728 hapd_iface->bss = os_calloc(conf->num_bss, 729 sizeof(struct hostapd_data *)); 730 if (hapd_iface->bss == NULL) { 731 wpa_supplicant_ap_deinit(wpa_s); 732 return -1; 733 } 734 735 for (i = 0; i < conf->num_bss; i++) { 736 hapd_iface->bss[i] = 737 hostapd_alloc_bss_data(hapd_iface, conf, 738 conf->bss[i]); 739 if (hapd_iface->bss[i] == NULL) { 740 wpa_supplicant_ap_deinit(wpa_s); 741 return -1; 742 } 743 744 hapd_iface->bss[i]->msg_ctx = wpa_s; 745 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev; 746 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx; 747 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s; 748 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx; 749 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s; 750 hostapd_register_probereq_cb(hapd_iface->bss[i], 751 ap_probe_req_rx, wpa_s); 752 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb; 753 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s; 754 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb; 755 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s; 756 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb; 757 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s; 758#ifdef CONFIG_P2P 759 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb; 760 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s; 761 hapd_iface->bss[i]->p2p = wpa_s->global->p2p; 762 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s, 763 ssid); 764#endif /* CONFIG_P2P */ 765 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb; 766 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s; 767#ifdef CONFIG_TESTING_OPTIONS 768 hapd_iface->bss[i]->ext_eapol_frame_io = 769 wpa_s->ext_eapol_frame_io; 770#endif /* CONFIG_TESTING_OPTIONS */ 771 } 772 773 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN); 774 hapd_iface->bss[0]->driver = wpa_s->driver; 775 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv; 776 777 wpa_s->current_ssid = ssid; 778 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 779 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN); 780 wpa_s->assoc_freq = ssid->frequency; 781 782 if (hostapd_setup_interface(wpa_s->ap_iface)) { 783 wpa_printf(MSG_ERROR, "Failed to initialize AP interface"); 784 wpa_supplicant_ap_deinit(wpa_s); 785 return -1; 786 } 787 788 return 0; 789} 790 791 792void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s) 793{ 794#ifdef CONFIG_WPS 795 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 796#endif /* CONFIG_WPS */ 797 798 if (wpa_s->ap_iface == NULL) 799 return; 800 801 wpa_s->current_ssid = NULL; 802 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 803 wpa_s->assoc_freq = 0; 804 wpas_p2p_ap_deinit(wpa_s); 805 wpa_s->ap_iface->driver_ap_teardown = 806 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 807 808 hostapd_interface_deinit(wpa_s->ap_iface); 809 hostapd_interface_free(wpa_s->ap_iface); 810 wpa_s->ap_iface = NULL; 811 wpa_drv_deinit_ap(wpa_s); 812 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 813 " reason=%d locally_generated=1", 814 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING); 815} 816 817 818void ap_tx_status(void *ctx, const u8 *addr, 819 const u8 *buf, size_t len, int ack) 820{ 821#ifdef NEED_AP_MLME 822 struct wpa_supplicant *wpa_s = ctx; 823 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack); 824#endif /* NEED_AP_MLME */ 825} 826 827 828void ap_eapol_tx_status(void *ctx, const u8 *dst, 829 const u8 *data, size_t len, int ack) 830{ 831#ifdef NEED_AP_MLME 832 struct wpa_supplicant *wpa_s = ctx; 833 if (!wpa_s->ap_iface) 834 return; 835 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack); 836#endif /* NEED_AP_MLME */ 837} 838 839 840void ap_client_poll_ok(void *ctx, const u8 *addr) 841{ 842#ifdef NEED_AP_MLME 843 struct wpa_supplicant *wpa_s = ctx; 844 if (wpa_s->ap_iface) 845 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr); 846#endif /* NEED_AP_MLME */ 847} 848 849 850void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds) 851{ 852#ifdef NEED_AP_MLME 853 struct wpa_supplicant *wpa_s = ctx; 854 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds); 855#endif /* NEED_AP_MLME */ 856} 857 858 859void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt) 860{ 861#ifdef NEED_AP_MLME 862 struct wpa_supplicant *wpa_s = ctx; 863 struct hostapd_frame_info fi; 864 os_memset(&fi, 0, sizeof(fi)); 865 fi.datarate = rx_mgmt->datarate; 866 fi.ssi_signal = rx_mgmt->ssi_signal; 867 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame, 868 rx_mgmt->frame_len, &fi); 869#endif /* NEED_AP_MLME */ 870} 871 872 873void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok) 874{ 875#ifdef NEED_AP_MLME 876 struct wpa_supplicant *wpa_s = ctx; 877 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok); 878#endif /* NEED_AP_MLME */ 879} 880 881 882void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s, 883 const u8 *src_addr, const u8 *buf, size_t len) 884{ 885 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len); 886} 887 888 889#ifdef CONFIG_WPS 890 891int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid, 892 const u8 *p2p_dev_addr) 893{ 894 if (!wpa_s->ap_iface) 895 return -1; 896 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0], 897 p2p_dev_addr); 898} 899 900 901int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s) 902{ 903 struct wps_registrar *reg; 904 int reg_sel = 0, wps_sta = 0; 905 906 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps) 907 return -1; 908 909 reg = wpa_s->ap_iface->bss[0]->wps->registrar; 910 reg_sel = wps_registrar_wps_cancel(reg); 911 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0], 912 ap_sta_wps_cancel, NULL); 913 914 if (!reg_sel && !wps_sta) { 915 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this " 916 "time"); 917 return -1; 918 } 919 920 /* 921 * There are 2 cases to return wps cancel as success: 922 * 1. When wps cancel was initiated but no connection has been 923 * established with client yet. 924 * 2. Client is in the middle of exchanging WPS messages. 925 */ 926 927 return 0; 928} 929 930 931int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, 932 const char *pin, char *buf, size_t buflen, 933 int timeout) 934{ 935 int ret, ret_len = 0; 936 937 if (!wpa_s->ap_iface) 938 return -1; 939 940 if (pin == NULL) { 941 unsigned int rpin; 942 943 if (wps_generate_pin(&rpin) < 0) 944 return -1; 945 ret_len = os_snprintf(buf, buflen, "%08d", rpin); 946 if (os_snprintf_error(buflen, ret_len)) 947 return -1; 948 pin = buf; 949 } else if (buf) { 950 ret_len = os_snprintf(buf, buflen, "%s", pin); 951 if (os_snprintf_error(buflen, ret_len)) 952 return -1; 953 } 954 955 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin, 956 timeout); 957 if (ret) 958 return -1; 959 return ret_len; 960} 961 962 963static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx) 964{ 965 struct wpa_supplicant *wpa_s = eloop_data; 966 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out"); 967 wpas_wps_ap_pin_disable(wpa_s); 968} 969 970 971static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout) 972{ 973 struct hostapd_data *hapd; 974 975 if (wpa_s->ap_iface == NULL) 976 return; 977 hapd = wpa_s->ap_iface->bss[0]; 978 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout); 979 hapd->ap_pin_failures = 0; 980 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 981 if (timeout > 0) 982 eloop_register_timeout(timeout, 0, 983 wpas_wps_ap_pin_timeout, wpa_s, NULL); 984} 985 986 987void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s) 988{ 989 struct hostapd_data *hapd; 990 991 if (wpa_s->ap_iface == NULL) 992 return; 993 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN"); 994 hapd = wpa_s->ap_iface->bss[0]; 995 os_free(hapd->conf->ap_pin); 996 hapd->conf->ap_pin = NULL; 997 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL); 998} 999 1000 1001const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout) 1002{ 1003 struct hostapd_data *hapd; 1004 unsigned int pin; 1005 char pin_txt[9]; 1006 1007 if (wpa_s->ap_iface == NULL) 1008 return NULL; 1009 hapd = wpa_s->ap_iface->bss[0]; 1010 if (wps_generate_pin(&pin) < 0) 1011 return NULL; 1012 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin); 1013 os_free(hapd->conf->ap_pin); 1014 hapd->conf->ap_pin = os_strdup(pin_txt); 1015 if (hapd->conf->ap_pin == NULL) 1016 return NULL; 1017 wpas_wps_ap_pin_enable(wpa_s, timeout); 1018 1019 return hapd->conf->ap_pin; 1020} 1021 1022 1023const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s) 1024{ 1025 struct hostapd_data *hapd; 1026 if (wpa_s->ap_iface == NULL) 1027 return NULL; 1028 hapd = wpa_s->ap_iface->bss[0]; 1029 return hapd->conf->ap_pin; 1030} 1031 1032 1033int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin, 1034 int timeout) 1035{ 1036 struct hostapd_data *hapd; 1037 char pin_txt[9]; 1038 int ret; 1039 1040 if (wpa_s->ap_iface == NULL) 1041 return -1; 1042 hapd = wpa_s->ap_iface->bss[0]; 1043 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin); 1044 if (os_snprintf_error(sizeof(pin_txt), ret)) 1045 return -1; 1046 os_free(hapd->conf->ap_pin); 1047 hapd->conf->ap_pin = os_strdup(pin_txt); 1048 if (hapd->conf->ap_pin == NULL) 1049 return -1; 1050 wpas_wps_ap_pin_enable(wpa_s, timeout); 1051 1052 return 0; 1053} 1054 1055 1056void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s) 1057{ 1058 struct hostapd_data *hapd; 1059 1060 if (wpa_s->ap_iface == NULL) 1061 return; 1062 hapd = wpa_s->ap_iface->bss[0]; 1063 1064 /* 1065 * Registrar failed to prove its knowledge of the AP PIN. Disable AP 1066 * PIN if this happens multiple times to slow down brute force attacks. 1067 */ 1068 hapd->ap_pin_failures++; 1069 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u", 1070 hapd->ap_pin_failures); 1071 if (hapd->ap_pin_failures < 3) 1072 return; 1073 1074 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN"); 1075 hapd->ap_pin_failures = 0; 1076 os_free(hapd->conf->ap_pin); 1077 hapd->conf->ap_pin = NULL; 1078} 1079 1080 1081#ifdef CONFIG_WPS_NFC 1082 1083struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s, 1084 int ndef) 1085{ 1086 struct hostapd_data *hapd; 1087 1088 if (wpa_s->ap_iface == NULL) 1089 return NULL; 1090 hapd = wpa_s->ap_iface->bss[0]; 1091 return hostapd_wps_nfc_config_token(hapd, ndef); 1092} 1093 1094 1095struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s, 1096 int ndef) 1097{ 1098 struct hostapd_data *hapd; 1099 1100 if (wpa_s->ap_iface == NULL) 1101 return NULL; 1102 hapd = wpa_s->ap_iface->bss[0]; 1103 return hostapd_wps_nfc_hs_cr(hapd, ndef); 1104} 1105 1106 1107int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s, 1108 const struct wpabuf *req, 1109 const struct wpabuf *sel) 1110{ 1111 struct hostapd_data *hapd; 1112 1113 if (wpa_s->ap_iface == NULL) 1114 return -1; 1115 hapd = wpa_s->ap_iface->bss[0]; 1116 return hostapd_wps_nfc_report_handover(hapd, req, sel); 1117} 1118 1119#endif /* CONFIG_WPS_NFC */ 1120 1121#endif /* CONFIG_WPS */ 1122 1123 1124#ifdef CONFIG_CTRL_IFACE 1125 1126int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s, 1127 char *buf, size_t buflen) 1128{ 1129 struct hostapd_data *hapd; 1130 1131 if (wpa_s->ap_iface) 1132 hapd = wpa_s->ap_iface->bss[0]; 1133 else if (wpa_s->ifmsh) 1134 hapd = wpa_s->ifmsh->bss[0]; 1135 else 1136 return -1; 1137 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen); 1138} 1139 1140 1141int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr, 1142 char *buf, size_t buflen) 1143{ 1144 struct hostapd_data *hapd; 1145 1146 if (wpa_s->ap_iface) 1147 hapd = wpa_s->ap_iface->bss[0]; 1148 else if (wpa_s->ifmsh) 1149 hapd = wpa_s->ifmsh->bss[0]; 1150 else 1151 return -1; 1152 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen); 1153} 1154 1155 1156int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr, 1157 char *buf, size_t buflen) 1158{ 1159 struct hostapd_data *hapd; 1160 1161 if (wpa_s->ap_iface) 1162 hapd = wpa_s->ap_iface->bss[0]; 1163 else if (wpa_s->ifmsh) 1164 hapd = wpa_s->ifmsh->bss[0]; 1165 else 1166 return -1; 1167 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen); 1168} 1169 1170 1171int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s, 1172 const char *txtaddr) 1173{ 1174 if (wpa_s->ap_iface == NULL) 1175 return -1; 1176 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0], 1177 txtaddr); 1178} 1179 1180 1181int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s, 1182 const char *txtaddr) 1183{ 1184 if (wpa_s->ap_iface == NULL) 1185 return -1; 1186 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0], 1187 txtaddr); 1188} 1189 1190 1191int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf, 1192 size_t buflen, int verbose) 1193{ 1194 char *pos = buf, *end = buf + buflen; 1195 int ret; 1196 struct hostapd_bss_config *conf; 1197 1198 if (wpa_s->ap_iface == NULL) 1199 return -1; 1200 1201 conf = wpa_s->ap_iface->bss[0]->conf; 1202 if (conf->wpa == 0) 1203 return 0; 1204 1205 ret = os_snprintf(pos, end - pos, 1206 "pairwise_cipher=%s\n" 1207 "group_cipher=%s\n" 1208 "key_mgmt=%s\n", 1209 wpa_cipher_txt(conf->rsn_pairwise), 1210 wpa_cipher_txt(conf->wpa_group), 1211 wpa_key_mgmt_txt(conf->wpa_key_mgmt, 1212 conf->wpa)); 1213 if (os_snprintf_error(end - pos, ret)) 1214 return pos - buf; 1215 pos += ret; 1216 return pos - buf; 1217} 1218 1219#endif /* CONFIG_CTRL_IFACE */ 1220 1221 1222int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s) 1223{ 1224 struct hostapd_iface *iface = wpa_s->ap_iface; 1225 struct wpa_ssid *ssid = wpa_s->current_ssid; 1226 struct hostapd_data *hapd; 1227 1228 if (ssid == NULL || wpa_s->ap_iface == NULL || 1229 ssid->mode == WPAS_MODE_INFRA || 1230 ssid->mode == WPAS_MODE_IBSS) 1231 return -1; 1232 1233#ifdef CONFIG_P2P 1234 if (ssid->mode == WPAS_MODE_P2P_GO) 1235 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER; 1236 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1237 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER | 1238 P2P_GROUP_FORMATION; 1239#endif /* CONFIG_P2P */ 1240 1241 hapd = iface->bss[0]; 1242 if (hapd->drv_priv == NULL) 1243 return -1; 1244 ieee802_11_set_beacons(iface); 1245 hostapd_set_ap_wps_ie(hapd); 1246 1247 return 0; 1248} 1249 1250 1251int ap_switch_channel(struct wpa_supplicant *wpa_s, 1252 struct csa_settings *settings) 1253{ 1254#ifdef NEED_AP_MLME 1255 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1256 return -1; 1257 1258 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings); 1259#else /* NEED_AP_MLME */ 1260 return -1; 1261#endif /* NEED_AP_MLME */ 1262} 1263 1264 1265#ifdef CONFIG_CTRL_IFACE 1266int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos) 1267{ 1268 struct csa_settings settings; 1269 int ret = hostapd_parse_csa_settings(pos, &settings); 1270 1271 if (ret) 1272 return ret; 1273 1274 return ap_switch_channel(wpa_s, &settings); 1275} 1276#endif /* CONFIG_CTRL_IFACE */ 1277 1278 1279void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht, 1280 int offset, int width, int cf1, int cf2) 1281{ 1282 if (!wpa_s->ap_iface) 1283 return; 1284 1285 wpa_s->assoc_freq = freq; 1286 if (wpa_s->current_ssid) 1287 wpa_s->current_ssid->frequency = freq; 1288 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, 1289 offset, width, cf1, cf2); 1290} 1291 1292 1293int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s, 1294 const u8 *addr) 1295{ 1296 struct hostapd_data *hapd; 1297 struct hostapd_bss_config *conf; 1298 1299 if (!wpa_s->ap_iface) 1300 return -1; 1301 1302 if (addr) 1303 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR, 1304 MAC2STR(addr)); 1305 else 1306 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter"); 1307 1308 hapd = wpa_s->ap_iface->bss[0]; 1309 conf = hapd->conf; 1310 1311 os_free(conf->accept_mac); 1312 conf->accept_mac = NULL; 1313 conf->num_accept_mac = 0; 1314 os_free(conf->deny_mac); 1315 conf->deny_mac = NULL; 1316 conf->num_deny_mac = 0; 1317 1318 if (addr == NULL) { 1319 conf->macaddr_acl = ACCEPT_UNLESS_DENIED; 1320 return 0; 1321 } 1322 1323 conf->macaddr_acl = DENY_UNLESS_ACCEPTED; 1324 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry)); 1325 if (conf->accept_mac == NULL) 1326 return -1; 1327 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN); 1328 conf->num_accept_mac = 1; 1329 1330 return 0; 1331} 1332 1333 1334#ifdef CONFIG_WPS_NFC 1335int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id, 1336 const struct wpabuf *pw, const u8 *pubkey_hash) 1337{ 1338 struct hostapd_data *hapd; 1339 struct wps_context *wps; 1340 1341 if (!wpa_s->ap_iface) 1342 return -1; 1343 hapd = wpa_s->ap_iface->bss[0]; 1344 wps = hapd->wps; 1345 1346 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL || 1347 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) { 1348 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known"); 1349 return -1; 1350 } 1351 1352 dh5_free(wps->dh_ctx); 1353 wpabuf_free(wps->dh_pubkey); 1354 wpabuf_free(wps->dh_privkey); 1355 wps->dh_privkey = wpabuf_dup( 1356 wpa_s->p2pdev->conf->wps_nfc_dh_privkey); 1357 wps->dh_pubkey = wpabuf_dup( 1358 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey); 1359 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) { 1360 wps->dh_ctx = NULL; 1361 wpabuf_free(wps->dh_pubkey); 1362 wps->dh_pubkey = NULL; 1363 wpabuf_free(wps->dh_privkey); 1364 wps->dh_privkey = NULL; 1365 return -1; 1366 } 1367 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey); 1368 if (wps->dh_ctx == NULL) 1369 return -1; 1370 1371 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash, 1372 pw_id, 1373 pw ? wpabuf_head(pw) : NULL, 1374 pw ? wpabuf_len(pw) : 0, 1); 1375} 1376#endif /* CONFIG_WPS_NFC */ 1377 1378 1379#ifdef CONFIG_CTRL_IFACE 1380int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s) 1381{ 1382 struct hostapd_data *hapd; 1383 1384 if (!wpa_s->ap_iface) 1385 return -1; 1386 hapd = wpa_s->ap_iface->bss[0]; 1387 return hostapd_ctrl_iface_stop_ap(hapd); 1388} 1389 1390 1391int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf, 1392 size_t len) 1393{ 1394 size_t reply_len = 0, i; 1395 char ap_delimiter[] = "---- AP ----\n"; 1396 char mesh_delimiter[] = "---- mesh ----\n"; 1397 size_t dlen; 1398 1399 if (wpa_s->ap_iface) { 1400 dlen = os_strlen(ap_delimiter); 1401 if (dlen > len - reply_len) 1402 return reply_len; 1403 os_memcpy(&buf[reply_len], ap_delimiter, dlen); 1404 reply_len += dlen; 1405 1406 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) { 1407 reply_len += hostapd_ctrl_iface_pmksa_list( 1408 wpa_s->ap_iface->bss[i], 1409 &buf[reply_len], len - reply_len); 1410 } 1411 } 1412 1413 if (wpa_s->ifmsh) { 1414 dlen = os_strlen(mesh_delimiter); 1415 if (dlen > len - reply_len) 1416 return reply_len; 1417 os_memcpy(&buf[reply_len], mesh_delimiter, dlen); 1418 reply_len += dlen; 1419 1420 reply_len += hostapd_ctrl_iface_pmksa_list( 1421 wpa_s->ifmsh->bss[0], &buf[reply_len], 1422 len - reply_len); 1423 } 1424 1425 return reply_len; 1426} 1427 1428 1429void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 1430{ 1431 size_t i; 1432 1433 if (wpa_s->ap_iface) { 1434 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) 1435 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]); 1436 } 1437 1438 if (wpa_s->ifmsh) 1439 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]); 1440} 1441 1442 1443#ifdef CONFIG_PMKSA_CACHE_EXTERNAL 1444#ifdef CONFIG_MESH 1445 1446int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr, 1447 char *buf, size_t len) 1448{ 1449 return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr, 1450 &buf[0], len); 1451} 1452 1453 1454int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd) 1455{ 1456 struct external_pmksa_cache *entry; 1457 void *pmksa_cache; 1458 1459 pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr, 1460 cmd); 1461 if (!pmksa_cache) 1462 return -1; 1463 1464 entry = os_zalloc(sizeof(struct external_pmksa_cache)); 1465 if (!entry) 1466 return -1; 1467 1468 entry->pmksa_cache = pmksa_cache; 1469 1470 dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list); 1471 1472 return 0; 1473} 1474 1475#endif /* CONFIG_MESH */ 1476#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 1477 1478#endif /* CONFIG_CTRL_IFACE */ 1479 1480 1481#ifdef NEED_AP_MLME 1482void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s, 1483 struct dfs_event *radar) 1484{ 1485 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1486 return; 1487 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 1488 hostapd_dfs_radar_detected(wpa_s->ap_iface, radar->freq, 1489 radar->ht_enabled, radar->chan_offset, 1490 radar->chan_width, 1491 radar->cf1, radar->cf2); 1492} 1493 1494 1495void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s, 1496 struct dfs_event *radar) 1497{ 1498 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1499 return; 1500 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq); 1501 hostapd_dfs_start_cac(wpa_s->ap_iface, radar->freq, 1502 radar->ht_enabled, radar->chan_offset, 1503 radar->chan_width, radar->cf1, radar->cf2); 1504} 1505 1506 1507void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s, 1508 struct dfs_event *radar) 1509{ 1510 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1511 return; 1512 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 1513 hostapd_dfs_complete_cac(wpa_s->ap_iface, 1, radar->freq, 1514 radar->ht_enabled, radar->chan_offset, 1515 radar->chan_width, radar->cf1, radar->cf2); 1516} 1517 1518 1519void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s, 1520 struct dfs_event *radar) 1521{ 1522 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1523 return; 1524 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 1525 hostapd_dfs_complete_cac(wpa_s->ap_iface, 0, radar->freq, 1526 radar->ht_enabled, radar->chan_offset, 1527 radar->chan_width, radar->cf1, radar->cf2); 1528} 1529 1530 1531void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s, 1532 struct dfs_event *radar) 1533{ 1534 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]) 1535 return; 1536 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 1537 hostapd_dfs_nop_finished(wpa_s->ap_iface, radar->freq, 1538 radar->ht_enabled, radar->chan_offset, 1539 radar->chan_width, radar->cf1, radar->cf2); 1540} 1541#endif /* NEED_AP_MLME */ 1542 1543 1544void ap_periodic(struct wpa_supplicant *wpa_s) 1545{ 1546 if (wpa_s->ap_iface) 1547 hostapd_periodic_iface(wpa_s->ap_iface); 1548} 1549