1 /*
2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10 #include "utils/includes.h"
11
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
22 #ifdef NEED_AP_MLME
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
29 #include "ap/dfs.h"
30 #include "wps/wps.h"
31 #include "common/ieee802_11_defs.h"
32 #include "config_ssid.h"
33 #include "config.h"
34 #include "wpa_supplicant_i.h"
35 #include "driver_i.h"
36 #include "p2p_supplicant.h"
37 #include "ap.h"
38 #include "ap/sta_info.h"
39 #include "notify.h"
40
41
42 #ifdef CONFIG_WPS
43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
44 #endif /* CONFIG_WPS */
45
46
47 #ifdef CONFIG_P2P
is_chanwidth160_supported(struct hostapd_hw_modes * mode,struct hostapd_config * conf)48 static bool is_chanwidth160_supported(struct hostapd_hw_modes *mode,
49 struct hostapd_config *conf)
50 {
51 #ifdef CONFIG_IEEE80211AX
52 if (conf->ieee80211ax) {
53 struct he_capabilities *he_cap;
54
55 he_cap = &mode->he_capab[IEEE80211_MODE_AP];
56 if (he_cap->phy_cap[HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
57 (HE_PHYCAP_CHANNEL_WIDTH_SET_80PLUS80MHZ_IN_5G |
58 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G))
59 return true;
60 }
61 #endif /* CONFIG_IEEE80211AX */
62 if (mode->vht_capab & (VHT_CAP_SUPP_CHAN_WIDTH_160MHZ |
63 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ))
64 return true;
65 return false;
66 }
67 #endif /* CONFIG_P2P */
68
69
wpas_conf_ap_vht(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf,struct hostapd_hw_modes * mode)70 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
71 struct wpa_ssid *ssid,
72 struct hostapd_config *conf,
73 struct hostapd_hw_modes *mode)
74 {
75 #ifdef CONFIG_P2P
76 u8 center_chan = 0;
77 u8 channel = conf->channel;
78 #endif /* CONFIG_P2P */
79 u8 freq_seg_idx;
80
81 if (!conf->secondary_channel)
82 goto no_vht;
83
84 /* Use the maximum oper channel width if it's given. */
85 if (ssid->max_oper_chwidth)
86 hostapd_set_oper_chwidth(conf, ssid->max_oper_chwidth);
87 if (hostapd_get_oper_chwidth(conf))
88 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
89 hostapd_get_oper_chwidth(conf),
90 &conf->op_class,
91 &conf->channel);
92
93 if (hostapd_get_oper_chwidth(conf) == CONF_OPER_CHWIDTH_80P80MHZ) {
94 ieee80211_freq_to_chan(ssid->vht_center_freq2,
95 &freq_seg_idx);
96 hostapd_set_oper_centr_freq_seg1_idx(conf, freq_seg_idx);
97 }
98
99 if (!ssid->p2p_group) {
100 if (!ssid->vht_center_freq1)
101 goto no_vht;
102 ieee80211_freq_to_chan(ssid->vht_center_freq1,
103 &freq_seg_idx);
104 hostapd_set_oper_centr_freq_seg0_idx(conf, freq_seg_idx);
105
106 wpa_printf(MSG_DEBUG,
107 "VHT seg0 index %d and seg1 index %d for AP",
108 hostapd_get_oper_centr_freq_seg0_idx(conf),
109 hostapd_get_oper_centr_freq_seg1_idx(conf));
110 return;
111 }
112
113 #ifdef CONFIG_P2P
114 switch (hostapd_get_oper_chwidth(conf)) {
115 case CONF_OPER_CHWIDTH_80MHZ:
116 case CONF_OPER_CHWIDTH_80P80MHZ:
117 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel,
118 conf->op_class);
119 wpa_printf(MSG_DEBUG,
120 "VHT center channel %u for 80 or 80+80 MHz bandwidth",
121 center_chan);
122 break;
123 case CONF_OPER_CHWIDTH_160MHZ:
124 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel,
125 conf->op_class);
126 wpa_printf(MSG_DEBUG,
127 "VHT center channel %u for 160 MHz bandwidth",
128 center_chan);
129 break;
130 default:
131 /*
132 * conf->vht_oper_chwidth might not be set for non-P2P GO cases,
133 * try oper_cwidth 160 MHz first then VHT 80 MHz, if 160 MHz is
134 * not supported.
135 */
136 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_160MHZ);
137 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
138 conf->vht_oper_chwidth,
139 &conf->op_class,
140 &conf->channel);
141 center_chan = wpas_p2p_get_vht160_center(wpa_s, mode, channel,
142 conf->op_class);
143 if (center_chan && is_chanwidth160_supported(mode, conf)) {
144 wpa_printf(MSG_DEBUG,
145 "VHT center channel %u for auto-selected 160 MHz bandwidth",
146 center_chan);
147 } else {
148 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_80MHZ);
149 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
150 conf->vht_oper_chwidth,
151 &conf->op_class,
152 &conf->channel);
153 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode,
154 channel,
155 conf->op_class);
156 wpa_printf(MSG_DEBUG,
157 "VHT center channel %u for auto-selected 80 MHz bandwidth",
158 center_chan);
159 }
160 break;
161 }
162 if (!center_chan)
163 goto no_vht;
164
165 hostapd_set_oper_centr_freq_seg0_idx(conf, center_chan);
166 wpa_printf(MSG_DEBUG, "VHT seg0 index %d for P2P GO",
167 hostapd_get_oper_centr_freq_seg0_idx(conf));
168 return;
169 #endif /* CONFIG_P2P */
170
171 no_vht:
172 wpa_printf(MSG_DEBUG,
173 "No VHT higher bandwidth support for the selected channel %d",
174 conf->channel);
175 hostapd_set_oper_centr_freq_seg0_idx(
176 conf, conf->channel + conf->secondary_channel * 2);
177 hostapd_set_oper_chwidth(conf, CONF_OPER_CHWIDTH_USE_HT);
178 ieee80211_freq_to_channel_ext(ssid->frequency, 0,
179 conf->vht_oper_chwidth,
180 &conf->op_class, &conf->channel);
181 }
182
183
184 static struct hostapd_hw_modes *
wpa_supplicant_find_hw_mode(struct wpa_supplicant * wpa_s,enum hostapd_hw_mode hw_mode)185 wpa_supplicant_find_hw_mode(struct wpa_supplicant *wpa_s,
186 enum hostapd_hw_mode hw_mode)
187 {
188 struct hostapd_hw_modes *mode = NULL;
189 int i;
190
191 for (i = 0; i < wpa_s->hw.num_modes; i++) {
192 if (wpa_s->hw.modes[i].mode == hw_mode) {
193 mode = &wpa_s->hw.modes[i];
194 break;
195 }
196 }
197
198 return mode;
199 }
200
201
202 #ifdef CONFIG_P2P
203
get_max_oper_chwidth_6ghz(int chwidth)204 static int get_max_oper_chwidth_6ghz(int chwidth)
205 {
206 switch (chwidth) {
207 case CONF_OPER_CHWIDTH_USE_HT:
208 return 20;
209 case CONF_OPER_CHWIDTH_40MHZ_6GHZ:
210 return 40;
211 case CONF_OPER_CHWIDTH_80MHZ:
212 return 80;
213 case CONF_OPER_CHWIDTH_80P80MHZ:
214 case CONF_OPER_CHWIDTH_160MHZ:
215 return 160;
216 default:
217 return 0;
218 }
219 }
220
221
wpas_conf_ap_he_6ghz(struct wpa_supplicant * wpa_s,struct hostapd_hw_modes * mode,struct wpa_ssid * ssid,struct hostapd_config * conf)222 static void wpas_conf_ap_he_6ghz(struct wpa_supplicant *wpa_s,
223 struct hostapd_hw_modes *mode,
224 struct wpa_ssid *ssid,
225 struct hostapd_config *conf)
226 {
227 bool is_chanwidth_40_80, is_chanwidth_160;
228 int he_chanwidth;
229
230 he_chanwidth =
231 mode->he_capab[wpas_mode_to_ieee80211_mode(
232 ssid->mode)].phy_cap[HE_PHYCAP_CHANNEL_WIDTH_SET_IDX];
233 is_chanwidth_40_80 = he_chanwidth &
234 HE_PHYCAP_CHANNEL_WIDTH_SET_40MHZ_80MHZ_IN_5G;
235 is_chanwidth_160 = he_chanwidth &
236 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G;
237
238 wpa_printf(MSG_DEBUG,
239 "Enable HE support (p2p_group=%d he_chwidth_cap=%d)",
240 ssid->p2p_group, he_chanwidth);
241
242 if (mode->he_capab[wpas_mode_to_ieee80211_mode(
243 ssid->mode)].he_supported &&
244 ssid->he)
245 conf->ieee80211ax = 1;
246
247 if (is_chanwidth_40_80 && ssid->p2p_group &&
248 get_max_oper_chwidth_6ghz(ssid->max_oper_chwidth) >= 40) {
249 conf->secondary_channel =
250 wpas_p2p_get_sec_channel_offset_40mhz(
251 wpa_s, mode, conf->channel);
252 wpa_printf(MSG_DEBUG,
253 "Secondary channel offset %d for P2P group",
254 conf->secondary_channel);
255 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_40MHZ_6GHZ)
256 ssid->max_oper_chwidth = CONF_OPER_CHWIDTH_USE_HT;
257 }
258
259 if ((is_chanwidth_40_80 || is_chanwidth_160) && ssid->p2p_group &&
260 get_max_oper_chwidth_6ghz(ssid->max_oper_chwidth) >= 80)
261 wpas_conf_ap_vht(wpa_s, ssid, conf, mode);
262 }
263
264 #endif /* CONFIG_P2P */
265
266
wpa_supplicant_conf_ap_ht(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf)267 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s,
268 struct wpa_ssid *ssid,
269 struct hostapd_config *conf)
270 {
271 conf->hw_mode = ieee80211_freq_to_channel_ext(ssid->frequency, 0,
272 CONF_OPER_CHWIDTH_USE_HT,
273 &conf->op_class,
274 &conf->channel);
275 if (conf->hw_mode == NUM_HOSTAPD_MODES) {
276 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
277 ssid->frequency);
278 return -1;
279 }
280
281 /*
282 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
283 * and a mask of allowed capabilities within conf->ht_capab.
284 * Using default config settings for: conf->ht_op_mode_fixed,
285 * conf->secondary_channel, conf->require_ht
286 */
287 if (wpa_s->hw.modes) {
288 struct hostapd_hw_modes *mode = NULL;
289 int no_ht = 0;
290
291 wpa_printf(MSG_DEBUG,
292 "Determining HT/VHT options based on driver capabilities (freq=%u chan=%u)",
293 ssid->frequency, conf->channel);
294
295 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
296 conf->hw_mode, is_6ghz_freq(ssid->frequency));
297
298 /* May drop to IEEE 802.11b if the driver does not support IEEE
299 * 802.11g */
300 if (!mode && conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
301 conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
302 wpa_printf(MSG_INFO,
303 "Try downgrade to IEEE 802.11b as 802.11g is not supported by the current hardware");
304 mode = wpa_supplicant_find_hw_mode(wpa_s,
305 conf->hw_mode);
306 }
307
308 if (!mode) {
309 wpa_printf(MSG_ERROR,
310 "No match between requested and supported hw modes found");
311 return -1;
312 }
313
314 #ifdef CONFIG_HT_OVERRIDES
315 if (ssid->disable_ht)
316 ssid->ht = 0;
317 if (ssid->disable_ht40)
318 ssid->ht40 = 0;
319 #endif /* CONFIG_HT_OVERRIDES */
320
321 #ifdef CONFIG_VHT_OVERRIDES
322 if (ssid->disable_vht)
323 ssid->vht = 0;
324 #endif /* CONFIG_VHT_OVERRIDES */
325
326 #ifdef CONFIG_HE_OVERRIDES
327 if (ssid->disable_he)
328 ssid->he = 0;
329 #endif /* CONFIG_HE_OVERRIDES */
330
331 if (!ssid->ht) {
332 wpa_printf(MSG_DEBUG,
333 "HT not enabled in network profile");
334 conf->ieee80211n = 0;
335 conf->ht_capab = 0;
336 no_ht = 1;
337 }
338
339 if (mode && is_6ghz_freq(ssid->frequency) &&
340 conf->hw_mode == HOSTAPD_MODE_IEEE80211A) {
341 if (mode->eht_capab[wpas_mode_to_ieee80211_mode(
342 ssid->mode)].eht_supported &&
343 ssid->eht)
344 conf->ieee80211be = 1;
345
346 if (mode->he_capab[wpas_mode_to_ieee80211_mode(
347 ssid->mode)].he_supported &&
348 ssid->he)
349 conf->ieee80211ax = 1;
350
351 #ifdef CONFIG_P2P
352 wpas_conf_ap_he_6ghz(wpa_s, mode, ssid, conf);
353 #endif /* CONFIG_P2P */
354 } else if (!no_ht && mode && mode->ht_capab) {
355 wpa_printf(MSG_DEBUG,
356 "Enable HT support (p2p_group=%d 11a=%d ht40_hw_capab=%d ssid->ht40=%d)",
357 ssid->p2p_group,
358 conf->hw_mode == HOSTAPD_MODE_IEEE80211A,
359 !!(mode->ht_capab &
360 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET),
361 ssid->ht40);
362 conf->ieee80211n = 1;
363
364 if (ssid->ht40 &&
365 (mode->ht_capab &
366 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET))
367 conf->secondary_channel = ssid->ht40;
368 else
369 conf->secondary_channel = 0;
370
371 #ifdef CONFIG_P2P
372 if (ssid->p2p_group &&
373 conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
374 (mode->ht_capab &
375 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
376 ssid->ht40) {
377 conf->secondary_channel =
378 wpas_p2p_get_sec_channel_offset_40mhz(
379 wpa_s, mode, conf->channel);
380 wpa_printf(MSG_DEBUG,
381 "HT secondary channel offset %d for P2P group",
382 conf->secondary_channel);
383 } else if (ssid->p2p_group && conf->secondary_channel &&
384 conf->hw_mode != HOSTAPD_MODE_IEEE80211A) {
385 /* This ended up trying to configure invalid
386 * 2.4 GHz channels (e.g., HT40+ on channel 11)
387 * in some cases, so clear the secondary channel
388 * configuration now to avoid such cases that
389 * would lead to group formation failures. */
390 wpa_printf(MSG_DEBUG,
391 "Disable HT secondary channel for P2P group on 2.4 GHz");
392 conf->secondary_channel = 0;
393 }
394 #endif /* CONFIG_P2P */
395
396 if (!ssid->p2p_group &&
397 (mode->ht_capab &
398 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) {
399 conf->secondary_channel = ssid->ht40;
400 wpa_printf(MSG_DEBUG,
401 "HT secondary channel offset %d for AP",
402 conf->secondary_channel);
403 }
404
405 if (conf->secondary_channel)
406 conf->ht_capab |=
407 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
408
409 /*
410 * include capabilities that won't cause issues
411 * to connecting stations, while leaving the current
412 * capabilities intact (currently disabled SMPS).
413 */
414 conf->ht_capab |= mode->ht_capab &
415 (HT_CAP_INFO_GREEN_FIELD |
416 HT_CAP_INFO_SHORT_GI20MHZ |
417 HT_CAP_INFO_SHORT_GI40MHZ |
418 HT_CAP_INFO_RX_STBC_MASK |
419 HT_CAP_INFO_TX_STBC |
420 HT_CAP_INFO_MAX_AMSDU_SIZE);
421
422 /* check this before VHT, because setting oper chan
423 * width and friends is the same call for HE and VHT
424 * and checks if conf->ieee8021ax == 1 */
425 if (mode->eht_capab[wpas_mode_to_ieee80211_mode(
426 ssid->mode)].eht_supported &&
427 ssid->eht)
428 conf->ieee80211be = 1;
429
430 if (mode->he_capab[wpas_mode_to_ieee80211_mode(
431 ssid->mode)].he_supported &&
432 ssid->he)
433 conf->ieee80211ax = 1;
434
435 if (mode->vht_capab && ssid->vht) {
436 conf->ieee80211ac = 1;
437 conf->vht_capab |= mode->vht_capab;
438 wpas_conf_ap_vht(wpa_s, ssid, conf, mode);
439 }
440 }
441 }
442
443 #ifdef CONFIG_P2P
444 if (ssid->p2p_group && wpa_s->p2p_go_no_pri_sec_switch) {
445 conf->no_pri_sec_switch = 1;
446 return 0;
447 }
448 #endif /* CONFIG_P2P */
449
450 if (conf->secondary_channel) {
451 struct wpa_supplicant *iface;
452
453 for (iface = wpa_s->global->ifaces; iface; iface = iface->next)
454 {
455 if (iface == wpa_s ||
456 iface->wpa_state < WPA_AUTHENTICATING ||
457 (int) iface->assoc_freq != ssid->frequency)
458 continue;
459
460 /*
461 * Do not allow 40 MHz co-ex PRI/SEC switch to force us
462 * to change our PRI channel since we have an existing,
463 * concurrent connection on that channel and doing
464 * multi-channel concurrency is likely to cause more
465 * harm than using different PRI/SEC selection in
466 * environment with multiple BSSes on these two channels
467 * with mixed 20 MHz or PRI channel selection.
468 */
469 conf->no_pri_sec_switch = 1;
470 }
471 }
472
473 return 0;
474 }
475
476
wpa_supplicant_conf_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct hostapd_config * conf)477 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
478 struct wpa_ssid *ssid,
479 struct hostapd_config *conf)
480 {
481 struct hostapd_bss_config *bss = conf->bss[0];
482
483 conf->driver = wpa_s->driver;
484
485 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
486
487 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf))
488 return -1;
489
490 if (ssid->pbss > 1) {
491 wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode",
492 ssid->pbss);
493 return -1;
494 }
495 bss->pbss = ssid->pbss;
496
497 #ifdef CONFIG_ACS
498 if (ssid->acs) {
499 /* Setting channel to 0 in order to enable ACS */
500 conf->channel = 0;
501 wpa_printf(MSG_DEBUG, "Use automatic channel selection");
502 }
503 #endif /* CONFIG_ACS */
504
505 if (ieee80211_is_dfs(ssid->frequency, wpa_s->hw.modes,
506 wpa_s->hw.num_modes) && wpa_s->conf->country[0]) {
507 conf->ieee80211h = 1;
508 conf->ieee80211d = 1;
509 conf->country[0] = wpa_s->conf->country[0];
510 conf->country[1] = wpa_s->conf->country[1];
511 conf->country[2] = ' ';
512 }
513
514 #ifdef CONFIG_P2P
515 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
516 (ssid->mode == WPAS_MODE_P2P_GO ||
517 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
518 /* Remove 802.11b rates from supported and basic rate sets */
519 int *list = os_malloc(4 * sizeof(int));
520 if (list) {
521 list[0] = 60;
522 list[1] = 120;
523 list[2] = 240;
524 list[3] = -1;
525 }
526 conf->basic_rates = list;
527
528 list = os_malloc(9 * sizeof(int));
529 if (list) {
530 list[0] = 60;
531 list[1] = 90;
532 list[2] = 120;
533 list[3] = 180;
534 list[4] = 240;
535 list[5] = 360;
536 list[6] = 480;
537 list[7] = 540;
538 list[8] = -1;
539 }
540 conf->supported_rates = list;
541 }
542
543 #ifdef CONFIG_IEEE80211AX
544 if (ssid->mode == WPAS_MODE_P2P_GO ||
545 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
546 conf->ieee80211ax = ssid->he;
547 #endif /* CONFIG_IEEE80211AX */
548
549 bss->isolate = !wpa_s->conf->p2p_intra_bss;
550 bss->extended_key_id = wpa_s->conf->extended_key_id;
551 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
552 bss->wpa_deny_ptk0_rekey = ssid->wpa_deny_ptk0_rekey;
553
554 if (ssid->p2p_group) {
555 os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4);
556 os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask,
557 4);
558 os_memcpy(bss->ip_addr_start,
559 wpa_s->p2pdev->conf->ip_addr_start, 4);
560 os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end,
561 4);
562 }
563 #endif /* CONFIG_P2P */
564
565 if (ssid->ssid_len == 0) {
566 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
567 return -1;
568 }
569 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
570 bss->ssid.ssid_len = ssid->ssid_len;
571 bss->ssid.ssid_set = 1;
572
573 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
574
575 if (ssid->auth_alg)
576 bss->auth_algs = ssid->auth_alg;
577
578 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
579 bss->wpa = ssid->proto;
580 if (ssid->key_mgmt == DEFAULT_KEY_MGMT)
581 bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
582 else
583 bss->wpa_key_mgmt = ssid->key_mgmt;
584 bss->wpa_pairwise = ssid->pairwise_cipher;
585 if (wpa_key_mgmt_sae(bss->wpa_key_mgmt) && ssid->passphrase) {
586 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
587 } else if (ssid->psk_set) {
588 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk));
589 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
590 if (bss->ssid.wpa_psk == NULL)
591 return -1;
592 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
593 bss->ssid.wpa_psk->group = 1;
594 bss->ssid.wpa_psk_set = 1;
595 } else if (ssid->passphrase) {
596 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
597 #ifdef CONFIG_WEP
598 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
599 ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
600 struct hostapd_wep_keys *wep = &bss->ssid.wep;
601 int i;
602 for (i = 0; i < NUM_WEP_KEYS; i++) {
603 if (ssid->wep_key_len[i] == 0)
604 continue;
605 wep->key[i] = os_memdup(ssid->wep_key[i],
606 ssid->wep_key_len[i]);
607 if (wep->key[i] == NULL)
608 return -1;
609 wep->len[i] = ssid->wep_key_len[i];
610 }
611 wep->idx = ssid->wep_tx_keyidx;
612 wep->keys_set = 1;
613 #endif /* CONFIG_WEP */
614 }
615 #ifdef CONFIG_SAE
616 if (ssid->sae_password) {
617 struct sae_password_entry *pw;
618
619 pw = os_zalloc(sizeof(*pw));
620 if (!pw)
621 return -1;
622 os_memset(pw->peer_addr, 0xff, ETH_ALEN);
623 pw->password = os_strdup(ssid->sae_password);
624 if (!pw->password) {
625 os_free(pw);
626 return -1;
627 }
628 if (ssid->sae_password_id) {
629 pw->identifier = os_strdup(ssid->sae_password_id);
630 if (!pw->identifier) {
631 str_clear_free(pw->password);
632 os_free(pw);
633 return -1;
634 }
635 }
636
637 pw->next = bss->sae_passwords;
638 bss->sae_passwords = pw;
639 }
640
641 if (ssid->sae_pwe != DEFAULT_SAE_PWE)
642 bss->sae_pwe = ssid->sae_pwe;
643 else
644 bss->sae_pwe = wpa_s->conf->sae_pwe;
645 #endif /* CONFIG_SAE */
646
647 if (wpa_s->conf->go_interworking) {
648 wpa_printf(MSG_DEBUG,
649 "P2P: Enable Interworking with access_network_type: %d",
650 wpa_s->conf->go_access_network_type);
651 bss->interworking = wpa_s->conf->go_interworking;
652 bss->access_network_type = wpa_s->conf->go_access_network_type;
653 bss->internet = wpa_s->conf->go_internet;
654 if (wpa_s->conf->go_venue_group) {
655 wpa_printf(MSG_DEBUG,
656 "P2P: Venue group: %d Venue type: %d",
657 wpa_s->conf->go_venue_group,
658 wpa_s->conf->go_venue_type);
659 bss->venue_group = wpa_s->conf->go_venue_group;
660 bss->venue_type = wpa_s->conf->go_venue_type;
661 bss->venue_info_set = 1;
662 }
663 }
664
665 if (ssid->ap_max_inactivity)
666 bss->ap_max_inactivity = ssid->ap_max_inactivity;
667
668 if (ssid->dtim_period)
669 bss->dtim_period = ssid->dtim_period;
670 else if (wpa_s->conf->dtim_period)
671 bss->dtim_period = wpa_s->conf->dtim_period;
672
673 if (ssid->beacon_int)
674 conf->beacon_int = ssid->beacon_int;
675 else if (wpa_s->conf->beacon_int)
676 conf->beacon_int = wpa_s->conf->beacon_int;
677
678 #ifdef CONFIG_P2P
679 if (ssid->mode == WPAS_MODE_P2P_GO ||
680 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
681 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) {
682 wpa_printf(MSG_INFO,
683 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it",
684 wpa_s->conf->p2p_go_ctwindow,
685 conf->beacon_int);
686 conf->p2p_go_ctwindow = 0;
687 } else {
688 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow;
689 }
690 }
691 #endif /* CONFIG_P2P */
692
693 if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
694 bss->rsn_pairwise = bss->wpa_pairwise;
695 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
696 bss->rsn_pairwise);
697
698 if (bss->wpa && bss->ieee802_1x) {
699 bss->ssid.security_policy = SECURITY_WPA;
700 } else if (bss->wpa) {
701 bss->ssid.security_policy = SECURITY_WPA_PSK;
702 #ifdef CONFIG_WEP
703 } else if (bss->ieee802_1x) {
704 int cipher = WPA_CIPHER_NONE;
705 bss->ssid.security_policy = SECURITY_IEEE_802_1X;
706 bss->ssid.wep.default_len = bss->default_wep_key_len;
707 if (bss->default_wep_key_len)
708 cipher = bss->default_wep_key_len >= 13 ?
709 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
710 bss->wpa_group = cipher;
711 bss->wpa_pairwise = cipher;
712 bss->rsn_pairwise = cipher;
713 } else if (bss->ssid.wep.keys_set) {
714 int cipher = WPA_CIPHER_WEP40;
715 if (bss->ssid.wep.len[0] >= 13)
716 cipher = WPA_CIPHER_WEP104;
717 bss->ssid.security_policy = SECURITY_STATIC_WEP;
718 bss->wpa_group = cipher;
719 bss->wpa_pairwise = cipher;
720 bss->rsn_pairwise = cipher;
721 #endif /* CONFIG_WEP */
722 } else {
723 bss->ssid.security_policy = SECURITY_PLAINTEXT;
724 bss->wpa_group = WPA_CIPHER_NONE;
725 bss->wpa_pairwise = WPA_CIPHER_NONE;
726 bss->rsn_pairwise = WPA_CIPHER_NONE;
727 }
728
729 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
730 (bss->wpa_group == WPA_CIPHER_CCMP ||
731 bss->wpa_group == WPA_CIPHER_GCMP ||
732 bss->wpa_group == WPA_CIPHER_CCMP_256 ||
733 bss->wpa_group == WPA_CIPHER_GCMP_256)) {
734 /*
735 * Strong ciphers do not need frequent rekeying, so increase
736 * the default GTK rekeying period to 24 hours.
737 */
738 bss->wpa_group_rekey = 86400;
739 }
740
741 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT) {
742 bss->ieee80211w = ssid->ieee80211w;
743 } else if (wpa_s->conf->pmf != MGMT_FRAME_PROTECTION_DEFAULT) {
744 if (ssid->mode == WPAS_MODE_AP)
745 bss->ieee80211w = wpa_s->conf->pmf;
746 }
747
748 #ifdef CONFIG_OCV
749 bss->ocv = ssid->ocv;
750 #endif /* CONFIG_OCV */
751
752 #ifdef CONFIG_WPS
753 /*
754 * Enable WPS by default for open and WPA/WPA2-Personal network, but
755 * require user interaction to actually use it. Only the internal
756 * Registrar is supported.
757 */
758 if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
759 bss->ssid.security_policy != SECURITY_PLAINTEXT)
760 goto no_wps;
761 if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
762 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ||
763 !(bss->wpa & 2)))
764 goto no_wps; /* WPS2 does not allow WPA/TKIP-only
765 * configuration */
766 if (ssid->wps_disabled)
767 goto no_wps;
768 bss->eap_server = 1;
769
770 if (!ssid->ignore_broadcast_ssid)
771 bss->wps_state = 2;
772
773 bss->ap_setup_locked = 2;
774 if (wpa_s->conf->config_methods)
775 bss->config_methods = os_strdup(wpa_s->conf->config_methods);
776 os_memcpy(bss->device_type, wpa_s->conf->device_type,
777 WPS_DEV_TYPE_LEN);
778 if (wpa_s->conf->device_name) {
779 bss->device_name = os_strdup(wpa_s->conf->device_name);
780 bss->friendly_name = os_strdup(wpa_s->conf->device_name);
781 }
782 if (wpa_s->conf->manufacturer)
783 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
784 if (wpa_s->conf->model_name)
785 bss->model_name = os_strdup(wpa_s->conf->model_name);
786 if (wpa_s->conf->model_number)
787 bss->model_number = os_strdup(wpa_s->conf->model_number);
788 if (wpa_s->conf->serial_number)
789 bss->serial_number = os_strdup(wpa_s->conf->serial_number);
790 if (is_nil_uuid(wpa_s->conf->uuid))
791 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
792 else
793 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
794 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
795 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
796 if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE)
797 bss->fragment_size = ssid->eap.fragment_size;
798 no_wps:
799 #endif /* CONFIG_WPS */
800
801 if (wpa_s->max_stations &&
802 wpa_s->max_stations < wpa_s->conf->max_num_sta)
803 bss->max_num_sta = wpa_s->max_stations;
804 else
805 bss->max_num_sta = wpa_s->conf->max_num_sta;
806
807 if (!bss->isolate)
808 bss->isolate = wpa_s->conf->ap_isolate;
809
810 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
811
812 if (wpa_s->conf->ap_vendor_elements) {
813 bss->vendor_elements =
814 wpabuf_dup(wpa_s->conf->ap_vendor_elements);
815 }
816 if (wpa_s->conf->ap_assocresp_elements) {
817 bss->assocresp_elements =
818 wpabuf_dup(wpa_s->conf->ap_assocresp_elements);
819 }
820
821 bss->ftm_responder = wpa_s->conf->ftm_responder;
822 bss->ftm_initiator = wpa_s->conf->ftm_initiator;
823
824 bss->transition_disable = ssid->transition_disable;
825
826 return 0;
827 }
828
829
ap_public_action_rx(void * ctx,const u8 * buf,size_t len,int freq)830 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
831 {
832 #ifdef CONFIG_P2P
833 struct wpa_supplicant *wpa_s = ctx;
834 const struct ieee80211_mgmt *mgmt;
835
836 mgmt = (const struct ieee80211_mgmt *) buf;
837 if (len < IEEE80211_HDRLEN + 1)
838 return;
839 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
840 return;
841 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
842 mgmt->u.action.category,
843 buf + IEEE80211_HDRLEN + 1,
844 len - IEEE80211_HDRLEN - 1, freq);
845 #endif /* CONFIG_P2P */
846 }
847
848
ap_wps_event_cb(void * ctx,enum wps_event event,union wps_event_data * data)849 static void ap_wps_event_cb(void *ctx, enum wps_event event,
850 union wps_event_data *data)
851 {
852 #ifdef CONFIG_P2P
853 struct wpa_supplicant *wpa_s = ctx;
854
855 if (event == WPS_EV_FAIL) {
856 struct wps_event_fail *fail = &data->fail;
857
858 if (wpa_s->p2pdev && wpa_s->p2pdev != wpa_s &&
859 wpa_s == wpa_s->global->p2p_group_formation) {
860 /*
861 * src/ap/wps_hostapd.c has already sent this on the
862 * main interface, so only send on the parent interface
863 * here if needed.
864 */
865 wpa_msg(wpa_s->p2pdev, MSG_INFO, WPS_EVENT_FAIL
866 "msg=%d config_error=%d",
867 fail->msg, fail->config_error);
868 }
869 wpas_p2p_wps_failed(wpa_s, fail);
870 }
871 #endif /* CONFIG_P2P */
872 }
873
874
ap_sta_authorized_cb(void * ctx,const u8 * mac_addr,int authorized,const u8 * p2p_dev_addr,const u8 * ip)875 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
876 int authorized, const u8 *p2p_dev_addr,
877 const u8 *ip)
878 {
879 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr, ip);
880 }
881
882
883 #ifdef CONFIG_P2P
ap_new_psk_cb(void * ctx,const u8 * mac_addr,const u8 * p2p_dev_addr,const u8 * psk,size_t psk_len)884 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
885 const u8 *psk, size_t psk_len)
886 {
887
888 struct wpa_supplicant *wpa_s = ctx;
889 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
890 return;
891 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
892 }
893 #endif /* CONFIG_P2P */
894
895
ap_vendor_action_rx(void * ctx,const u8 * buf,size_t len,int freq)896 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
897 {
898 #ifdef CONFIG_P2P
899 struct wpa_supplicant *wpa_s = ctx;
900 const struct ieee80211_mgmt *mgmt;
901
902 mgmt = (const struct ieee80211_mgmt *) buf;
903 if (len < IEEE80211_HDRLEN + 1)
904 return -1;
905 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
906 mgmt->u.action.category,
907 buf + IEEE80211_HDRLEN + 1,
908 len - IEEE80211_HDRLEN - 1, freq);
909 #endif /* CONFIG_P2P */
910 return 0;
911 }
912
913
ap_probe_req_rx(void * ctx,const u8 * sa,const u8 * da,const u8 * bssid,const u8 * ie,size_t ie_len,int ssi_signal)914 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
915 const u8 *bssid, const u8 *ie, size_t ie_len,
916 int ssi_signal)
917 {
918 struct wpa_supplicant *wpa_s = ctx;
919 unsigned int freq = 0;
920
921 if (wpa_s->ap_iface)
922 freq = wpa_s->ap_iface->freq;
923
924 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
925 freq, ssi_signal);
926 }
927
928
ap_wps_reg_success_cb(void * ctx,const u8 * mac_addr,const u8 * uuid_e)929 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
930 const u8 *uuid_e)
931 {
932 struct wpa_supplicant *wpa_s = ctx;
933 wpas_p2p_wps_success(wpa_s, mac_addr, 1);
934 }
935
936
wpas_ap_configured_cb(void * ctx)937 static void wpas_ap_configured_cb(void *ctx)
938 {
939 struct wpa_supplicant *wpa_s = ctx;
940
941 wpa_printf(MSG_DEBUG, "AP interface setup completed - state %s",
942 hostapd_state_text(wpa_s->ap_iface->state));
943 if (wpa_s->ap_iface->state == HAPD_IFACE_DISABLED) {
944 wpa_supplicant_ap_deinit(wpa_s);
945 return;
946 }
947
948 if (wpa_s->current_ssid) {
949 int acs = 0;
950
951 #ifdef CONFIG_ACS
952 acs = wpa_s->current_ssid->acs;
953 #endif /* CONFIG_ACS */
954 if (acs || (wpa_s->assoc_freq && wpa_s->ap_iface->freq &&
955 (int) wpa_s->assoc_freq != wpa_s->ap_iface->freq)) {
956 wpa_s->assoc_freq = wpa_s->ap_iface->freq;
957 wpa_s->current_ssid->frequency = wpa_s->ap_iface->freq;
958 }
959 }
960
961 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
962
963 if (wpa_s->ap_configured_cb)
964 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
965 wpa_s->ap_configured_cb_data);
966 }
967
968
wpa_supplicant_create_ap(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)969 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
970 struct wpa_ssid *ssid)
971 {
972 struct wpa_driver_associate_params params;
973 struct hostapd_iface *hapd_iface;
974 struct hostapd_config *conf;
975 size_t i;
976
977 if (ssid->ssid == NULL || ssid->ssid_len == 0) {
978 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
979 return -1;
980 }
981
982 wpa_supplicant_ap_deinit(wpa_s);
983
984 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
985 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
986
987 os_memset(¶ms, 0, sizeof(params));
988 params.ssid = ssid->ssid;
989 params.ssid_len = ssid->ssid_len;
990 switch (ssid->mode) {
991 case WPAS_MODE_AP:
992 case WPAS_MODE_P2P_GO:
993 case WPAS_MODE_P2P_GROUP_FORMATION:
994 params.mode = IEEE80211_MODE_AP;
995 break;
996 default:
997 return -1;
998 }
999 if (ssid->frequency == 0)
1000 ssid->frequency = 2462; /* default channel 11 */
1001 params.freq.freq = ssid->frequency;
1002
1003 if ((ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO) &&
1004 ssid->enable_edmg) {
1005 u8 primary_channel;
1006
1007 if (ieee80211_freq_to_chan(ssid->frequency, &primary_channel) ==
1008 NUM_HOSTAPD_MODES) {
1009 wpa_printf(MSG_WARNING,
1010 "EDMG: Failed to get the primary channel");
1011 return -1;
1012 }
1013
1014 hostapd_encode_edmg_chan(ssid->enable_edmg, ssid->edmg_channel,
1015 primary_channel, ¶ms.freq.edmg);
1016 }
1017
1018 params.wpa_proto = ssid->proto;
1019 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1020 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1021 else if (ssid->key_mgmt & WPA_KEY_MGMT_SAE)
1022 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1023 else
1024 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
1025 params.key_mgmt_suite = wpa_s->key_mgmt;
1026
1027 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
1028 1);
1029 if (wpa_s->pairwise_cipher < 0) {
1030 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
1031 "cipher.");
1032 return -1;
1033 }
1034 params.pairwise_suite = wpa_s->pairwise_cipher;
1035 params.group_suite = params.pairwise_suite;
1036
1037 #ifdef CONFIG_P2P
1038 if (ssid->mode == WPAS_MODE_P2P_GO ||
1039 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1040 params.p2p = 1;
1041 #endif /* CONFIG_P2P */
1042
1043 if (wpa_s->p2pdev->set_ap_uapsd)
1044 params.uapsd = wpa_s->p2pdev->ap_uapsd;
1045 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
1046 params.uapsd = 1; /* mandatory for P2P GO */
1047 else
1048 params.uapsd = -1;
1049
1050 if (ieee80211_is_dfs(params.freq.freq, wpa_s->hw.modes,
1051 wpa_s->hw.num_modes))
1052 params.freq.freq = 0; /* set channel after CAC */
1053
1054 if (params.p2p)
1055 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_GO);
1056 else
1057 wpa_drv_get_ext_capa(wpa_s, WPA_IF_AP_BSS);
1058
1059 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
1060 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
1061 return -1;
1062 }
1063
1064 wpa_s->ap_iface = hapd_iface = hostapd_alloc_iface();
1065 if (hapd_iface == NULL)
1066 return -1;
1067 hapd_iface->owner = wpa_s;
1068 hapd_iface->drv_flags = wpa_s->drv_flags;
1069 hapd_iface->drv_flags2 = wpa_s->drv_flags2;
1070 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
1071 hapd_iface->extended_capa = wpa_s->extended_capa;
1072 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
1073 hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
1074 hapd_iface->drv_max_acl_mac_addrs = wpa_s->drv_max_acl_mac_addrs;
1075
1076 wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
1077 if (conf == NULL) {
1078 wpa_supplicant_ap_deinit(wpa_s);
1079 return -1;
1080 }
1081
1082 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
1083 wpa_s->conf->wmm_ac_params,
1084 sizeof(wpa_s->conf->wmm_ac_params));
1085
1086 os_memcpy(wpa_s->ap_iface->conf->tx_queue, wpa_s->conf->tx_queue,
1087 sizeof(wpa_s->conf->tx_queue));
1088
1089 if (params.uapsd > 0) {
1090 conf->bss[0]->wmm_enabled = 1;
1091 conf->bss[0]->wmm_uapsd = 1;
1092 }
1093
1094 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
1095 wpa_printf(MSG_ERROR, "Failed to create AP configuration");
1096 wpa_supplicant_ap_deinit(wpa_s);
1097 return -1;
1098 }
1099
1100 #ifdef CONFIG_P2P
1101 if (ssid->mode == WPAS_MODE_P2P_GO)
1102 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1103 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1104 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1105 P2P_GROUP_FORMATION;
1106 #endif /* CONFIG_P2P */
1107
1108 hapd_iface->num_bss = conf->num_bss;
1109 hapd_iface->bss = os_calloc(conf->num_bss,
1110 sizeof(struct hostapd_data *));
1111 if (hapd_iface->bss == NULL) {
1112 wpa_supplicant_ap_deinit(wpa_s);
1113 return -1;
1114 }
1115
1116 for (i = 0; i < conf->num_bss; i++) {
1117 hapd_iface->bss[i] =
1118 hostapd_alloc_bss_data(hapd_iface, conf,
1119 conf->bss[i]);
1120 if (hapd_iface->bss[i] == NULL) {
1121 wpa_supplicant_ap_deinit(wpa_s);
1122 return -1;
1123 }
1124
1125 hapd_iface->bss[i]->msg_ctx = wpa_s;
1126 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->p2pdev;
1127 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
1128 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
1129 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
1130 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
1131 hostapd_register_probereq_cb(hapd_iface->bss[i],
1132 ap_probe_req_rx, wpa_s);
1133 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
1134 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
1135 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
1136 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
1137 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
1138 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
1139 #ifdef CONFIG_P2P
1140 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
1141 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
1142 hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
1143 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
1144 ssid);
1145 #endif /* CONFIG_P2P */
1146 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
1147 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
1148 #ifdef CONFIG_TESTING_OPTIONS
1149 hapd_iface->bss[i]->ext_eapol_frame_io =
1150 wpa_s->ext_eapol_frame_io;
1151 #endif /* CONFIG_TESTING_OPTIONS */
1152
1153 #ifdef CONFIG_WNM_AP
1154 if (ssid->mode == WPAS_MODE_AP)
1155 hapd_iface->bss[i]->conf->bss_transition = 1;
1156 #endif /* CONFIG_WNM_AP */
1157 }
1158
1159 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
1160 hapd_iface->bss[0]->driver = wpa_s->driver;
1161 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
1162
1163 wpa_s->current_ssid = ssid;
1164 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1165 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
1166 wpa_s->assoc_freq = ssid->frequency;
1167 wpa_s->ap_iface->conf->enable_edmg = ssid->enable_edmg;
1168 wpa_s->ap_iface->conf->edmg_channel = ssid->edmg_channel;
1169
1170 #if defined(CONFIG_P2P) && defined(CONFIG_ACS)
1171 if (wpa_s->p2p_go_do_acs) {
1172 wpa_s->ap_iface->conf->channel = 0;
1173 wpa_s->ap_iface->conf->hw_mode = wpa_s->p2p_go_acs_band;
1174 ssid->acs = 1;
1175 }
1176 #endif /* CONFIG_P2P && CONFIG_ACS */
1177
1178 if (hostapd_setup_interface(wpa_s->ap_iface)) {
1179 wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
1180 wpa_supplicant_ap_deinit(wpa_s);
1181 return -1;
1182 }
1183
1184 return 0;
1185 }
1186
1187
wpa_supplicant_ap_deinit(struct wpa_supplicant * wpa_s)1188 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
1189 {
1190 #ifdef CONFIG_WPS
1191 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
1192 #endif /* CONFIG_WPS */
1193
1194 if (wpa_s->ap_iface == NULL)
1195 return;
1196
1197 wpa_s->current_ssid = NULL;
1198 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1199 wpa_s->assoc_freq = 0;
1200 wpas_p2p_ap_deinit(wpa_s);
1201 wpa_s->ap_iface->driver_ap_teardown =
1202 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
1203
1204 hostapd_interface_deinit(wpa_s->ap_iface);
1205 hostapd_interface_free(wpa_s->ap_iface);
1206 wpa_s->ap_iface = NULL;
1207 wpa_drv_deinit_ap(wpa_s);
1208 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR
1209 " reason=%d locally_generated=1",
1210 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING);
1211 }
1212
1213
ap_tx_status(void * ctx,const u8 * addr,const u8 * buf,size_t len,int ack)1214 void ap_tx_status(void *ctx, const u8 *addr,
1215 const u8 *buf, size_t len, int ack)
1216 {
1217 #ifdef NEED_AP_MLME
1218 struct wpa_supplicant *wpa_s = ctx;
1219 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
1220 #endif /* NEED_AP_MLME */
1221 }
1222
1223
ap_eapol_tx_status(void * ctx,const u8 * dst,const u8 * data,size_t len,int ack)1224 void ap_eapol_tx_status(void *ctx, const u8 *dst,
1225 const u8 *data, size_t len, int ack)
1226 {
1227 #ifdef NEED_AP_MLME
1228 struct wpa_supplicant *wpa_s = ctx;
1229 if (!wpa_s->ap_iface)
1230 return;
1231 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
1232 #endif /* NEED_AP_MLME */
1233 }
1234
1235
ap_client_poll_ok(void * ctx,const u8 * addr)1236 void ap_client_poll_ok(void *ctx, const u8 *addr)
1237 {
1238 #ifdef NEED_AP_MLME
1239 struct wpa_supplicant *wpa_s = ctx;
1240 if (wpa_s->ap_iface)
1241 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
1242 #endif /* NEED_AP_MLME */
1243 }
1244
1245
ap_rx_from_unknown_sta(void * ctx,const u8 * addr,int wds)1246 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
1247 {
1248 #ifdef NEED_AP_MLME
1249 struct wpa_supplicant *wpa_s = ctx;
1250 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
1251 #endif /* NEED_AP_MLME */
1252 }
1253
1254
ap_mgmt_rx(void * ctx,struct rx_mgmt * rx_mgmt)1255 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
1256 {
1257 #ifdef NEED_AP_MLME
1258 struct wpa_supplicant *wpa_s = ctx;
1259 struct hostapd_frame_info fi;
1260 os_memset(&fi, 0, sizeof(fi));
1261 fi.freq = rx_mgmt->freq;
1262 fi.datarate = rx_mgmt->datarate;
1263 fi.ssi_signal = rx_mgmt->ssi_signal;
1264 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
1265 rx_mgmt->frame_len, &fi);
1266 #endif /* NEED_AP_MLME */
1267 }
1268
1269
ap_mgmt_tx_cb(void * ctx,const u8 * buf,size_t len,u16 stype,int ok)1270 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
1271 {
1272 #ifdef NEED_AP_MLME
1273 struct wpa_supplicant *wpa_s = ctx;
1274 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
1275 #endif /* NEED_AP_MLME */
1276 }
1277
1278
wpa_supplicant_ap_rx_eapol(struct wpa_supplicant * wpa_s,const u8 * src_addr,const u8 * buf,size_t len,enum frame_encryption encrypted)1279 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
1280 const u8 *src_addr, const u8 *buf, size_t len,
1281 enum frame_encryption encrypted)
1282 {
1283 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len,
1284 encrypted);
1285 }
1286
1287
1288 #ifdef CONFIG_WPS
1289
wpa_supplicant_ap_wps_pbc(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * p2p_dev_addr)1290 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
1291 const u8 *p2p_dev_addr)
1292 {
1293 if (!wpa_s->ap_iface)
1294 return -1;
1295 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
1296 p2p_dev_addr);
1297 }
1298
1299
wpa_supplicant_ap_wps_cancel(struct wpa_supplicant * wpa_s)1300 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
1301 {
1302 struct wps_registrar *reg;
1303 int reg_sel = 0, wps_sta = 0;
1304
1305 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
1306 return -1;
1307
1308 reg = wpa_s->ap_iface->bss[0]->wps->registrar;
1309 reg_sel = wps_registrar_wps_cancel(reg);
1310 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
1311 ap_sta_wps_cancel, NULL);
1312
1313 if (!reg_sel && !wps_sta) {
1314 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
1315 "time");
1316 return -1;
1317 }
1318
1319 /*
1320 * There are 2 cases to return wps cancel as success:
1321 * 1. When wps cancel was initiated but no connection has been
1322 * established with client yet.
1323 * 2. Client is in the middle of exchanging WPS messages.
1324 */
1325
1326 return 0;
1327 }
1328
1329
wpa_supplicant_ap_wps_pin(struct wpa_supplicant * wpa_s,const u8 * bssid,const char * pin,char * buf,size_t buflen,int timeout)1330 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
1331 const char *pin, char *buf, size_t buflen,
1332 int timeout)
1333 {
1334 int ret, ret_len = 0;
1335
1336 if (!wpa_s->ap_iface)
1337 return -1;
1338
1339 if (pin == NULL) {
1340 unsigned int rpin;
1341
1342 if (wps_generate_pin(&rpin) < 0)
1343 return -1;
1344 ret_len = os_snprintf(buf, buflen, "%08d", rpin);
1345 if (os_snprintf_error(buflen, ret_len))
1346 return -1;
1347 pin = buf;
1348 } else if (buf) {
1349 ret_len = os_snprintf(buf, buflen, "%s", pin);
1350 if (os_snprintf_error(buflen, ret_len))
1351 return -1;
1352 }
1353
1354 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
1355 timeout);
1356 if (ret)
1357 return -1;
1358 return ret_len;
1359 }
1360
1361
wpas_wps_ap_pin_timeout(void * eloop_data,void * user_ctx)1362 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
1363 {
1364 struct wpa_supplicant *wpa_s = eloop_data;
1365 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
1366 wpas_wps_ap_pin_disable(wpa_s);
1367 }
1368
1369
wpas_wps_ap_pin_enable(struct wpa_supplicant * wpa_s,int timeout)1370 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
1371 {
1372 struct hostapd_data *hapd;
1373
1374 if (wpa_s->ap_iface == NULL)
1375 return;
1376 hapd = wpa_s->ap_iface->bss[0];
1377 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
1378 hapd->ap_pin_failures = 0;
1379 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
1380 if (timeout > 0)
1381 eloop_register_timeout(timeout, 0,
1382 wpas_wps_ap_pin_timeout, wpa_s, NULL);
1383 }
1384
1385
wpas_wps_ap_pin_disable(struct wpa_supplicant * wpa_s)1386 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
1387 {
1388 struct hostapd_data *hapd;
1389
1390 if (wpa_s->ap_iface == NULL)
1391 return;
1392 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
1393 hapd = wpa_s->ap_iface->bss[0];
1394 os_free(hapd->conf->ap_pin);
1395 hapd->conf->ap_pin = NULL;
1396 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
1397 }
1398
1399
wpas_wps_ap_pin_random(struct wpa_supplicant * wpa_s,int timeout)1400 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
1401 {
1402 struct hostapd_data *hapd;
1403 unsigned int pin;
1404 char pin_txt[9];
1405
1406 if (wpa_s->ap_iface == NULL)
1407 return NULL;
1408 hapd = wpa_s->ap_iface->bss[0];
1409 if (wps_generate_pin(&pin) < 0)
1410 return NULL;
1411 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
1412 os_free(hapd->conf->ap_pin);
1413 hapd->conf->ap_pin = os_strdup(pin_txt);
1414 if (hapd->conf->ap_pin == NULL)
1415 return NULL;
1416 wpas_wps_ap_pin_enable(wpa_s, timeout);
1417
1418 return hapd->conf->ap_pin;
1419 }
1420
1421
wpas_wps_ap_pin_get(struct wpa_supplicant * wpa_s)1422 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
1423 {
1424 struct hostapd_data *hapd;
1425 if (wpa_s->ap_iface == NULL)
1426 return NULL;
1427 hapd = wpa_s->ap_iface->bss[0];
1428 return hapd->conf->ap_pin;
1429 }
1430
1431
wpas_wps_ap_pin_set(struct wpa_supplicant * wpa_s,const char * pin,int timeout)1432 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
1433 int timeout)
1434 {
1435 struct hostapd_data *hapd;
1436 char pin_txt[9];
1437 int ret;
1438
1439 if (wpa_s->ap_iface == NULL)
1440 return -1;
1441 hapd = wpa_s->ap_iface->bss[0];
1442 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
1443 if (os_snprintf_error(sizeof(pin_txt), ret))
1444 return -1;
1445 os_free(hapd->conf->ap_pin);
1446 hapd->conf->ap_pin = os_strdup(pin_txt);
1447 if (hapd->conf->ap_pin == NULL)
1448 return -1;
1449 wpas_wps_ap_pin_enable(wpa_s, timeout);
1450
1451 return 0;
1452 }
1453
1454
wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant * wpa_s)1455 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
1456 {
1457 struct hostapd_data *hapd;
1458
1459 if (wpa_s->ap_iface == NULL)
1460 return;
1461 hapd = wpa_s->ap_iface->bss[0];
1462
1463 /*
1464 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
1465 * PIN if this happens multiple times to slow down brute force attacks.
1466 */
1467 hapd->ap_pin_failures++;
1468 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
1469 hapd->ap_pin_failures);
1470 if (hapd->ap_pin_failures < 3)
1471 return;
1472
1473 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
1474 hapd->ap_pin_failures = 0;
1475 os_free(hapd->conf->ap_pin);
1476 hapd->conf->ap_pin = NULL;
1477 }
1478
1479
1480 #ifdef CONFIG_WPS_NFC
1481
wpas_ap_wps_nfc_config_token(struct wpa_supplicant * wpa_s,int ndef)1482 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
1483 int ndef)
1484 {
1485 struct hostapd_data *hapd;
1486
1487 if (wpa_s->ap_iface == NULL)
1488 return NULL;
1489 hapd = wpa_s->ap_iface->bss[0];
1490 return hostapd_wps_nfc_config_token(hapd, ndef);
1491 }
1492
1493
wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant * wpa_s,int ndef)1494 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
1495 int ndef)
1496 {
1497 struct hostapd_data *hapd;
1498
1499 if (wpa_s->ap_iface == NULL)
1500 return NULL;
1501 hapd = wpa_s->ap_iface->bss[0];
1502 return hostapd_wps_nfc_hs_cr(hapd, ndef);
1503 }
1504
1505
wpas_ap_wps_nfc_report_handover(struct wpa_supplicant * wpa_s,const struct wpabuf * req,const struct wpabuf * sel)1506 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
1507 const struct wpabuf *req,
1508 const struct wpabuf *sel)
1509 {
1510 struct hostapd_data *hapd;
1511
1512 if (wpa_s->ap_iface == NULL)
1513 return -1;
1514 hapd = wpa_s->ap_iface->bss[0];
1515 return hostapd_wps_nfc_report_handover(hapd, req, sel);
1516 }
1517
1518 #endif /* CONFIG_WPS_NFC */
1519
1520 #endif /* CONFIG_WPS */
1521
1522
1523 #ifdef CONFIG_CTRL_IFACE
1524
ap_ctrl_iface_sta_first(struct wpa_supplicant * wpa_s,char * buf,size_t buflen)1525 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
1526 char *buf, size_t buflen)
1527 {
1528 struct hostapd_data *hapd;
1529
1530 if (wpa_s->ap_iface)
1531 hapd = wpa_s->ap_iface->bss[0];
1532 else if (wpa_s->ifmsh)
1533 hapd = wpa_s->ifmsh->bss[0];
1534 else
1535 return -1;
1536 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen);
1537 }
1538
1539
ap_ctrl_iface_sta(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)1540 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
1541 char *buf, size_t buflen)
1542 {
1543 struct hostapd_data *hapd;
1544
1545 if (wpa_s->ap_iface)
1546 hapd = wpa_s->ap_iface->bss[0];
1547 else if (wpa_s->ifmsh)
1548 hapd = wpa_s->ifmsh->bss[0];
1549 else
1550 return -1;
1551 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen);
1552 }
1553
1554
ap_ctrl_iface_sta_next(struct wpa_supplicant * wpa_s,const char * txtaddr,char * buf,size_t buflen)1555 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
1556 char *buf, size_t buflen)
1557 {
1558 struct hostapd_data *hapd;
1559
1560 if (wpa_s->ap_iface)
1561 hapd = wpa_s->ap_iface->bss[0];
1562 else if (wpa_s->ifmsh)
1563 hapd = wpa_s->ifmsh->bss[0];
1564 else
1565 return -1;
1566 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen);
1567 }
1568
1569
ap_ctrl_iface_sta_disassociate(struct wpa_supplicant * wpa_s,const char * txtaddr)1570 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
1571 const char *txtaddr)
1572 {
1573 if (wpa_s->ap_iface == NULL)
1574 return -1;
1575 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
1576 txtaddr);
1577 }
1578
1579
ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant * wpa_s,const char * txtaddr)1580 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
1581 const char *txtaddr)
1582 {
1583 if (wpa_s->ap_iface == NULL)
1584 return -1;
1585 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
1586 txtaddr);
1587 }
1588
1589
ap_ctrl_iface_wpa_get_status(struct wpa_supplicant * wpa_s,char * buf,size_t buflen,int verbose)1590 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
1591 size_t buflen, int verbose)
1592 {
1593 char *pos = buf, *end = buf + buflen;
1594 int ret;
1595 struct hostapd_bss_config *conf;
1596
1597 if (wpa_s->ap_iface == NULL)
1598 return -1;
1599
1600 conf = wpa_s->ap_iface->bss[0]->conf;
1601 if (conf->wpa == 0)
1602 return 0;
1603
1604 ret = os_snprintf(pos, end - pos,
1605 "pairwise_cipher=%s\n"
1606 "group_cipher=%s\n"
1607 "key_mgmt=%s\n",
1608 wpa_cipher_txt(conf->rsn_pairwise),
1609 wpa_cipher_txt(conf->wpa_group),
1610 wpa_key_mgmt_txt(conf->wpa_key_mgmt,
1611 conf->wpa));
1612 if (os_snprintf_error(end - pos, ret))
1613 return pos - buf;
1614 pos += ret;
1615 return pos - buf;
1616 }
1617
1618
1619 #ifdef CONFIG_WNM_AP
1620
ap_ctrl_iface_disassoc_imminent(struct wpa_supplicant * wpa_s,const char * buf)1621 int ap_ctrl_iface_disassoc_imminent(struct wpa_supplicant *wpa_s,
1622 const char *buf)
1623 {
1624 struct hostapd_data *hapd;
1625
1626 if (wpa_s->ap_iface)
1627 hapd = wpa_s->ap_iface->bss[0];
1628 else
1629 return -1;
1630 return hostapd_ctrl_iface_disassoc_imminent(hapd, buf);
1631 }
1632
1633
ap_ctrl_iface_ess_disassoc(struct wpa_supplicant * wpa_s,const char * buf)1634 int ap_ctrl_iface_ess_disassoc(struct wpa_supplicant *wpa_s, const char *buf)
1635 {
1636 struct hostapd_data *hapd;
1637
1638 if (wpa_s->ap_iface)
1639 hapd = wpa_s->ap_iface->bss[0];
1640 else
1641 return -1;
1642 return hostapd_ctrl_iface_ess_disassoc(hapd, buf);
1643 }
1644
1645
ap_ctrl_iface_bss_tm_req(struct wpa_supplicant * wpa_s,const char * buf)1646 int ap_ctrl_iface_bss_tm_req(struct wpa_supplicant *wpa_s, const char *buf)
1647 {
1648 struct hostapd_data *hapd;
1649
1650 if (wpa_s->ap_iface)
1651 hapd = wpa_s->ap_iface->bss[0];
1652 else
1653 return -1;
1654 return hostapd_ctrl_iface_bss_tm_req(hapd, buf);
1655 }
1656
1657 #endif /* CONFIG_WNM_AP */
1658
1659
ap_ctrl_iface_acl_add_mac(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type,const char * buf)1660 int ap_ctrl_iface_acl_add_mac(struct wpa_supplicant *wpa_s,
1661 enum macaddr_acl acl_type,
1662 const char *buf)
1663 {
1664 struct hostapd_data *hapd;
1665
1666 if (wpa_s->ap_iface)
1667 hapd = wpa_s->ap_iface->bss[0];
1668 else
1669 return -1;
1670
1671 hapd->conf->macaddr_acl = acl_type;
1672
1673 if (acl_type == ACCEPT_UNLESS_DENIED)
1674 return hostapd_ctrl_iface_acl_add_mac(&hapd->conf->deny_mac,
1675 &hapd->conf->num_deny_mac,
1676 buf);
1677 if (acl_type == DENY_UNLESS_ACCEPTED)
1678 return hostapd_ctrl_iface_acl_add_mac(
1679 &hapd->conf->accept_mac,
1680 &hapd->conf->num_accept_mac, buf);
1681
1682 return -1;
1683 }
1684
1685
ap_ctrl_iface_acl_del_mac(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type,const char * buf)1686 int ap_ctrl_iface_acl_del_mac(struct wpa_supplicant *wpa_s,
1687 enum macaddr_acl acl_type,
1688 const char *buf)
1689 {
1690 struct hostapd_data *hapd;
1691
1692 if (wpa_s->ap_iface)
1693 hapd = wpa_s->ap_iface->bss[0];
1694 else
1695 return -1;
1696
1697 hapd->conf->macaddr_acl = acl_type;
1698
1699 if (acl_type == ACCEPT_UNLESS_DENIED)
1700 return hostapd_ctrl_iface_acl_del_mac(&hapd->conf->deny_mac,
1701 &hapd->conf->num_deny_mac,
1702 buf);
1703 if (acl_type == DENY_UNLESS_ACCEPTED)
1704 return hostapd_ctrl_iface_acl_del_mac(
1705 &hapd->conf->accept_mac, &hapd->conf->num_accept_mac,
1706 buf);
1707
1708 return -1;
1709 }
1710
1711
ap_ctrl_iface_acl_show_mac(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type,char * buf,size_t buflen)1712 int ap_ctrl_iface_acl_show_mac(struct wpa_supplicant *wpa_s,
1713 enum macaddr_acl acl_type, char *buf,
1714 size_t buflen)
1715 {
1716 struct hostapd_data *hapd;
1717
1718 if (wpa_s->ap_iface)
1719 hapd = wpa_s->ap_iface->bss[0];
1720 else
1721 return -1;
1722
1723 if (acl_type == ACCEPT_UNLESS_DENIED)
1724 return hostapd_ctrl_iface_acl_show_mac(hapd->conf->deny_mac,
1725 hapd->conf->num_deny_mac,
1726 buf, buflen);
1727 if (acl_type == DENY_UNLESS_ACCEPTED)
1728 return hostapd_ctrl_iface_acl_show_mac(
1729 hapd->conf->accept_mac, hapd->conf->num_accept_mac,
1730 buf, buflen);
1731
1732 return -1;
1733 }
1734
1735
ap_ctrl_iface_acl_clear_list(struct wpa_supplicant * wpa_s,enum macaddr_acl acl_type)1736 void ap_ctrl_iface_acl_clear_list(struct wpa_supplicant *wpa_s,
1737 enum macaddr_acl acl_type)
1738 {
1739 struct hostapd_data *hapd;
1740
1741 if (wpa_s->ap_iface)
1742 hapd = wpa_s->ap_iface->bss[0];
1743 else
1744 return;
1745
1746 hapd->conf->macaddr_acl = acl_type;
1747
1748 if (acl_type == ACCEPT_UNLESS_DENIED)
1749 hostapd_ctrl_iface_acl_clear_list(&hapd->conf->deny_mac,
1750 &hapd->conf->num_deny_mac);
1751 else if (acl_type == DENY_UNLESS_ACCEPTED)
1752 hostapd_ctrl_iface_acl_clear_list(&hapd->conf->accept_mac,
1753 &hapd->conf->num_accept_mac);
1754 }
1755
1756
ap_ctrl_iface_disassoc_deny_mac(struct wpa_supplicant * wpa_s)1757 int ap_ctrl_iface_disassoc_deny_mac(struct wpa_supplicant *wpa_s)
1758 {
1759 struct hostapd_data *hapd;
1760
1761 if (wpa_s->ap_iface)
1762 hapd = wpa_s->ap_iface->bss[0];
1763 else
1764 return -1;
1765
1766 return hostapd_disassoc_deny_mac(hapd);
1767 }
1768
1769
ap_ctrl_iface_disassoc_accept_mac(struct wpa_supplicant * wpa_s)1770 int ap_ctrl_iface_disassoc_accept_mac(struct wpa_supplicant *wpa_s)
1771 {
1772 struct hostapd_data *hapd;
1773
1774 if (wpa_s->ap_iface)
1775 hapd = wpa_s->ap_iface->bss[0];
1776 else
1777 return -1;
1778
1779 return hostapd_disassoc_accept_mac(hapd);
1780 }
1781
1782
ap_ctrl_iface_set_acl(struct wpa_supplicant * wpa_s)1783 int ap_ctrl_iface_set_acl(struct wpa_supplicant *wpa_s)
1784 {
1785 struct hostapd_data *hapd;
1786
1787 if (wpa_s->ap_iface)
1788 hapd = wpa_s->ap_iface->bss[0];
1789 else
1790 return -1;
1791
1792 return hostapd_set_acl(hapd);
1793 }
1794
1795 #endif /* CONFIG_CTRL_IFACE */
1796
1797
wpa_supplicant_ap_update_beacon(struct wpa_supplicant * wpa_s)1798 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
1799 {
1800 struct hostapd_iface *iface = wpa_s->ap_iface;
1801 struct wpa_ssid *ssid = wpa_s->current_ssid;
1802 struct hostapd_data *hapd;
1803
1804 if (ssid == NULL || wpa_s->ap_iface == NULL ||
1805 ssid->mode == WPAS_MODE_INFRA ||
1806 ssid->mode == WPAS_MODE_IBSS)
1807 return -1;
1808
1809 #ifdef CONFIG_P2P
1810 if (ssid->mode == WPAS_MODE_P2P_GO)
1811 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1812 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1813 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1814 P2P_GROUP_FORMATION;
1815 #endif /* CONFIG_P2P */
1816
1817 hapd = iface->bss[0];
1818 if (hapd->drv_priv == NULL)
1819 return -1;
1820 ieee802_11_set_beacons(iface);
1821 hostapd_set_ap_wps_ie(hapd);
1822
1823 return 0;
1824 }
1825
1826
ap_switch_channel(struct wpa_supplicant * wpa_s,struct csa_settings * settings)1827 int ap_switch_channel(struct wpa_supplicant *wpa_s,
1828 struct csa_settings *settings)
1829 {
1830 #ifdef NEED_AP_MLME
1831 struct hostapd_iface *iface = NULL;
1832
1833 if (wpa_s->ap_iface)
1834 iface = wpa_s->ap_iface;
1835 else if (wpa_s->ifmsh)
1836 iface = wpa_s->ifmsh;
1837
1838 if (!iface || !iface->bss[0])
1839 return -1;
1840
1841 return hostapd_switch_channel(iface->bss[0], settings);
1842 #else /* NEED_AP_MLME */
1843 return -1;
1844 #endif /* NEED_AP_MLME */
1845 }
1846
1847
1848 #ifdef CONFIG_CTRL_IFACE
ap_ctrl_iface_chanswitch(struct wpa_supplicant * wpa_s,const char * pos)1849 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
1850 {
1851 struct csa_settings settings;
1852 int ret = hostapd_parse_csa_settings(pos, &settings);
1853
1854 if (ret)
1855 return ret;
1856
1857 settings.link_id = -1;
1858
1859 return ap_switch_channel(wpa_s, &settings);
1860 }
1861 #endif /* CONFIG_CTRL_IFACE */
1862
1863
wpas_ap_ch_switch(struct wpa_supplicant * wpa_s,int freq,int ht,int offset,int width,int cf1,int cf2,u16 punct_bitmap,int finished)1864 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
1865 int offset, int width, int cf1, int cf2,
1866 u16 punct_bitmap, int finished)
1867 {
1868 struct hostapd_iface *iface = wpa_s->ap_iface;
1869
1870 if (!iface)
1871 iface = wpa_s->ifmsh;
1872 if (!iface)
1873 return;
1874 wpa_s->assoc_freq = freq;
1875 if (wpa_s->current_ssid)
1876 wpa_s->current_ssid->frequency = freq;
1877 hostapd_event_ch_switch(iface->bss[0], freq, ht,
1878 offset, width, cf1, cf2, punct_bitmap,
1879 finished);
1880 }
1881
1882
wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant * wpa_s,const u8 * addr)1883 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
1884 const u8 *addr)
1885 {
1886 struct hostapd_data *hapd;
1887 struct hostapd_bss_config *conf;
1888
1889 if (!wpa_s->ap_iface)
1890 return -1;
1891
1892 if (addr)
1893 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
1894 MAC2STR(addr));
1895 else
1896 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
1897
1898 hapd = wpa_s->ap_iface->bss[0];
1899 conf = hapd->conf;
1900
1901 os_free(conf->accept_mac);
1902 conf->accept_mac = NULL;
1903 conf->num_accept_mac = 0;
1904 os_free(conf->deny_mac);
1905 conf->deny_mac = NULL;
1906 conf->num_deny_mac = 0;
1907
1908 if (addr == NULL) {
1909 conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
1910 return 0;
1911 }
1912
1913 conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
1914 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
1915 if (conf->accept_mac == NULL)
1916 return -1;
1917 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
1918 conf->num_accept_mac = 1;
1919
1920 return 0;
1921 }
1922
1923
1924 #ifdef CONFIG_WPS_NFC
wpas_ap_wps_add_nfc_pw(struct wpa_supplicant * wpa_s,u16 pw_id,const struct wpabuf * pw,const u8 * pubkey_hash)1925 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
1926 const struct wpabuf *pw, const u8 *pubkey_hash)
1927 {
1928 struct hostapd_data *hapd;
1929 struct wps_context *wps;
1930
1931 if (!wpa_s->ap_iface)
1932 return -1;
1933 hapd = wpa_s->ap_iface->bss[0];
1934 wps = hapd->wps;
1935
1936 if (wpa_s->p2pdev->conf->wps_nfc_dh_pubkey == NULL ||
1937 wpa_s->p2pdev->conf->wps_nfc_dh_privkey == NULL) {
1938 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
1939 return -1;
1940 }
1941
1942 dh5_free(wps->dh_ctx);
1943 wpabuf_free(wps->dh_pubkey);
1944 wpabuf_free(wps->dh_privkey);
1945 wps->dh_privkey = wpabuf_dup(
1946 wpa_s->p2pdev->conf->wps_nfc_dh_privkey);
1947 wps->dh_pubkey = wpabuf_dup(
1948 wpa_s->p2pdev->conf->wps_nfc_dh_pubkey);
1949 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
1950 wps->dh_ctx = NULL;
1951 wpabuf_free(wps->dh_pubkey);
1952 wps->dh_pubkey = NULL;
1953 wpabuf_free(wps->dh_privkey);
1954 wps->dh_privkey = NULL;
1955 return -1;
1956 }
1957 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
1958 if (wps->dh_ctx == NULL)
1959 return -1;
1960
1961 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
1962 pw_id,
1963 pw ? wpabuf_head(pw) : NULL,
1964 pw ? wpabuf_len(pw) : 0, 1);
1965 }
1966 #endif /* CONFIG_WPS_NFC */
1967
1968
1969 #ifdef CONFIG_CTRL_IFACE
wpas_ap_stop_ap(struct wpa_supplicant * wpa_s)1970 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s)
1971 {
1972 struct hostapd_data *hapd;
1973
1974 if (!wpa_s->ap_iface)
1975 return -1;
1976 hapd = wpa_s->ap_iface->bss[0];
1977 return hostapd_ctrl_iface_stop_ap(hapd);
1978 }
1979
1980
wpas_ap_pmksa_cache_list(struct wpa_supplicant * wpa_s,char * buf,size_t len)1981 int wpas_ap_pmksa_cache_list(struct wpa_supplicant *wpa_s, char *buf,
1982 size_t len)
1983 {
1984 size_t reply_len = 0, i;
1985 char ap_delimiter[] = "---- AP ----\n";
1986 char mesh_delimiter[] = "---- mesh ----\n";
1987 size_t dlen;
1988
1989 if (wpa_s->ap_iface) {
1990 dlen = os_strlen(ap_delimiter);
1991 if (dlen > len - reply_len)
1992 return reply_len;
1993 os_memcpy(&buf[reply_len], ap_delimiter, dlen);
1994 reply_len += dlen;
1995
1996 for (i = 0; i < wpa_s->ap_iface->num_bss; i++) {
1997 reply_len += hostapd_ctrl_iface_pmksa_list(
1998 wpa_s->ap_iface->bss[i],
1999 &buf[reply_len], len - reply_len);
2000 }
2001 }
2002
2003 if (wpa_s->ifmsh) {
2004 dlen = os_strlen(mesh_delimiter);
2005 if (dlen > len - reply_len)
2006 return reply_len;
2007 os_memcpy(&buf[reply_len], mesh_delimiter, dlen);
2008 reply_len += dlen;
2009
2010 reply_len += hostapd_ctrl_iface_pmksa_list(
2011 wpa_s->ifmsh->bss[0], &buf[reply_len],
2012 len - reply_len);
2013 }
2014
2015 return reply_len;
2016 }
2017
2018
wpas_ap_pmksa_cache_flush(struct wpa_supplicant * wpa_s)2019 void wpas_ap_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
2020 {
2021 size_t i;
2022
2023 if (wpa_s->ap_iface) {
2024 for (i = 0; i < wpa_s->ap_iface->num_bss; i++)
2025 hostapd_ctrl_iface_pmksa_flush(wpa_s->ap_iface->bss[i]);
2026 }
2027
2028 if (wpa_s->ifmsh)
2029 hostapd_ctrl_iface_pmksa_flush(wpa_s->ifmsh->bss[0]);
2030 }
2031
2032
2033 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
2034 #ifdef CONFIG_MESH
2035
wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant * wpa_s,const u8 * addr,char * buf,size_t len)2036 int wpas_ap_pmksa_cache_list_mesh(struct wpa_supplicant *wpa_s, const u8 *addr,
2037 char *buf, size_t len)
2038 {
2039 return hostapd_ctrl_iface_pmksa_list_mesh(wpa_s->ifmsh->bss[0], addr,
2040 &buf[0], len);
2041 }
2042
2043
wpas_ap_pmksa_cache_add_external(struct wpa_supplicant * wpa_s,char * cmd)2044 int wpas_ap_pmksa_cache_add_external(struct wpa_supplicant *wpa_s, char *cmd)
2045 {
2046 struct external_pmksa_cache *entry;
2047 void *pmksa_cache;
2048
2049 pmksa_cache = hostapd_ctrl_iface_pmksa_create_entry(wpa_s->own_addr,
2050 cmd);
2051 if (!pmksa_cache)
2052 return -1;
2053
2054 entry = os_zalloc(sizeof(struct external_pmksa_cache));
2055 if (!entry)
2056 return -1;
2057
2058 entry->pmksa_cache = pmksa_cache;
2059
2060 dl_list_add(&wpa_s->mesh_external_pmksa_cache, &entry->list);
2061
2062 return 0;
2063 }
2064
2065 #endif /* CONFIG_MESH */
2066 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
2067
2068
wpas_ap_update_beacon(struct wpa_supplicant * wpa_s)2069 int wpas_ap_update_beacon(struct wpa_supplicant *wpa_s)
2070 {
2071 struct hostapd_data *hapd;
2072
2073 if (!wpa_s->ap_iface)
2074 return -1;
2075 hapd = wpa_s->ap_iface->bss[0];
2076
2077 wpabuf_free(hapd->conf->assocresp_elements);
2078 hapd->conf->assocresp_elements = NULL;
2079 if (wpa_s->conf->ap_assocresp_elements) {
2080 hapd->conf->assocresp_elements =
2081 wpabuf_dup(wpa_s->conf->ap_assocresp_elements);
2082 }
2083
2084 wpabuf_free(hapd->conf->vendor_elements);
2085 hapd->conf->vendor_elements = NULL;
2086 if (wpa_s->conf->ap_vendor_elements) {
2087 hapd->conf->vendor_elements =
2088 wpabuf_dup(wpa_s->conf->ap_vendor_elements);
2089 }
2090
2091 return ieee802_11_set_beacon(hapd);
2092 }
2093
2094 #endif /* CONFIG_CTRL_IFACE */
2095
2096
2097 #ifdef NEED_AP_MLME
wpas_ap_event_dfs_radar_detected(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2098 void wpas_ap_event_dfs_radar_detected(struct wpa_supplicant *wpa_s,
2099 struct dfs_event *radar)
2100 {
2101 struct hostapd_iface *iface = wpa_s->ap_iface;
2102
2103 if (!iface)
2104 iface = wpa_s->ifmsh;
2105 if (!iface || !iface->bss[0])
2106 return;
2107 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq);
2108 hostapd_dfs_radar_detected(iface, radar->freq,
2109 radar->ht_enabled, radar->chan_offset,
2110 radar->chan_width,
2111 radar->cf1, radar->cf2);
2112 }
2113
2114
wpas_ap_event_dfs_cac_started(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2115 void wpas_ap_event_dfs_cac_started(struct wpa_supplicant *wpa_s,
2116 struct dfs_event *radar)
2117 {
2118 struct hostapd_iface *iface = wpa_s->ap_iface;
2119
2120 if (!iface)
2121 iface = wpa_s->ifmsh;
2122 if (!iface || !iface->bss[0])
2123 return;
2124 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq);
2125 hostapd_dfs_start_cac(iface, radar->freq,
2126 radar->ht_enabled, radar->chan_offset,
2127 radar->chan_width, radar->cf1, radar->cf2);
2128 }
2129
2130
wpas_ap_event_dfs_cac_finished(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2131 void wpas_ap_event_dfs_cac_finished(struct wpa_supplicant *wpa_s,
2132 struct dfs_event *radar)
2133 {
2134 struct hostapd_iface *iface = wpa_s->ap_iface;
2135
2136 if (!iface)
2137 iface = wpa_s->ifmsh;
2138 if (!iface || !iface->bss[0])
2139 return;
2140 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq);
2141 hostapd_dfs_complete_cac(iface, 1, radar->freq,
2142 radar->ht_enabled, radar->chan_offset,
2143 radar->chan_width, radar->cf1, radar->cf2);
2144 }
2145
2146
wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2147 void wpas_ap_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s,
2148 struct dfs_event *radar)
2149 {
2150 struct hostapd_iface *iface = wpa_s->ap_iface;
2151
2152 if (!iface)
2153 iface = wpa_s->ifmsh;
2154 if (!iface || !iface->bss[0])
2155 return;
2156 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq);
2157 hostapd_dfs_complete_cac(iface, 0, radar->freq,
2158 radar->ht_enabled, radar->chan_offset,
2159 radar->chan_width, radar->cf1, radar->cf2);
2160 }
2161
2162
wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant * wpa_s,struct dfs_event * radar)2163 void wpas_ap_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s,
2164 struct dfs_event *radar)
2165 {
2166 struct hostapd_iface *iface = wpa_s->ap_iface;
2167
2168 if (!iface)
2169 iface = wpa_s->ifmsh;
2170 if (!iface || !iface->bss[0])
2171 return;
2172 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq);
2173 hostapd_dfs_nop_finished(iface, radar->freq,
2174 radar->ht_enabled, radar->chan_offset,
2175 radar->chan_width, radar->cf1, radar->cf2);
2176 }
2177 #endif /* NEED_AP_MLME */
2178
2179
ap_periodic(struct wpa_supplicant * wpa_s)2180 void ap_periodic(struct wpa_supplicant *wpa_s)
2181 {
2182 if (wpa_s->ap_iface)
2183 hostapd_periodic_iface(wpa_s->ap_iface);
2184 }
2185