2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
10 #include "utils/includes.h"
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
30 #include "common/ieee802_11_defs.h"
31 #include "config_ssid.h"
33 #include "wpa_supplicant_i.h"
35 #include "p2p_supplicant.h"
37 #include "ap/sta_info.h"
42 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
43 #endif /* CONFIG_WPS */
46 #ifdef CONFIG_IEEE80211N
47 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
48 struct hostapd_config *conf,
49 struct hostapd_hw_modes *mode)
52 u8 channel = conf->channel;
54 if (!conf->secondary_channel)
57 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel);
61 /* Use 80 MHz channel */
62 conf->vht_oper_chwidth = 1;
63 conf->vht_oper_centr_freq_seg0_idx = center_chan;
67 conf->vht_oper_centr_freq_seg0_idx =
68 channel + conf->secondary_channel * 2;
70 #endif /* CONFIG_IEEE80211N */
73 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
74 struct wpa_ssid *ssid,
75 struct hostapd_config *conf)
77 struct hostapd_bss_config *bss = conf->bss[0];
79 conf->driver = wpa_s->driver;
81 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
83 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
85 if (conf->hw_mode == NUM_HOSTAPD_MODES) {
86 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
91 /* TODO: enable HT40 if driver supports it;
92 * drop to 11b if driver does not support 11g */
94 #ifdef CONFIG_IEEE80211N
96 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
97 * and a mask of allowed capabilities within conf->ht_capab.
98 * Using default config settings for: conf->ht_op_mode_fixed,
99 * conf->secondary_channel, conf->require_ht
101 if (wpa_s->hw.modes) {
102 struct hostapd_hw_modes *mode = NULL;
104 for (i = 0; i < wpa_s->hw.num_modes; i++) {
105 if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
106 mode = &wpa_s->hw.modes[i];
111 #ifdef CONFIG_HT_OVERRIDES
112 if (ssid->disable_ht) {
113 conf->ieee80211n = 0;
117 #endif /* CONFIG_HT_OVERRIDES */
119 if (!no_ht && mode && mode->ht_capab) {
120 conf->ieee80211n = 1;
122 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
124 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
126 conf->secondary_channel =
127 wpas_p2p_get_ht40_mode(wpa_s, mode,
129 if (conf->secondary_channel)
131 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
132 #endif /* CONFIG_P2P */
135 * white-list capabilities that won't cause issues
136 * to connecting stations, while leaving the current
137 * capabilities intact (currently disabled SMPS).
139 conf->ht_capab |= mode->ht_capab &
140 (HT_CAP_INFO_GREEN_FIELD |
141 HT_CAP_INFO_SHORT_GI20MHZ |
142 HT_CAP_INFO_SHORT_GI40MHZ |
143 HT_CAP_INFO_RX_STBC_MASK |
144 HT_CAP_INFO_MAX_AMSDU_SIZE);
146 if (mode->vht_capab && ssid->vht) {
147 conf->ieee80211ac = 1;
148 wpas_conf_ap_vht(wpa_s, conf, mode);
152 #endif /* CONFIG_IEEE80211N */
155 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
156 (ssid->mode == WPAS_MODE_P2P_GO ||
157 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
158 /* Remove 802.11b rates from supported and basic rate sets */
159 int *list = os_malloc(4 * sizeof(int));
166 conf->basic_rates = list;
168 list = os_malloc(9 * sizeof(int));
180 conf->supported_rates = list;
183 bss->isolate = !wpa_s->conf->p2p_intra_bss;
184 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
186 if (ssid->p2p_group) {
187 os_memcpy(bss->ip_addr_go, wpa_s->parent->conf->ip_addr_go, 4);
188 os_memcpy(bss->ip_addr_mask, wpa_s->parent->conf->ip_addr_mask,
190 os_memcpy(bss->ip_addr_start,
191 wpa_s->parent->conf->ip_addr_start, 4);
192 os_memcpy(bss->ip_addr_end, wpa_s->parent->conf->ip_addr_end,
195 #endif /* CONFIG_P2P */
197 if (ssid->ssid_len == 0) {
198 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
201 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
202 bss->ssid.ssid_len = ssid->ssid_len;
203 bss->ssid.ssid_set = 1;
205 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
208 bss->auth_algs = ssid->auth_alg;
210 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
211 bss->wpa = ssid->proto;
212 bss->wpa_key_mgmt = ssid->key_mgmt;
213 bss->wpa_pairwise = ssid->pairwise_cipher;
215 os_free(bss->ssid.wpa_psk);
216 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
217 if (bss->ssid.wpa_psk == NULL)
219 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
220 bss->ssid.wpa_psk->group = 1;
221 } else if (ssid->passphrase) {
222 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
223 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
224 ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
225 struct hostapd_wep_keys *wep = &bss->ssid.wep;
227 for (i = 0; i < NUM_WEP_KEYS; i++) {
228 if (ssid->wep_key_len[i] == 0)
230 wep->key[i] = os_malloc(ssid->wep_key_len[i]);
231 if (wep->key[i] == NULL)
233 os_memcpy(wep->key[i], ssid->wep_key[i],
234 ssid->wep_key_len[i]);
235 wep->len[i] = ssid->wep_key_len[i];
237 wep->idx = ssid->wep_tx_keyidx;
241 if (ssid->ap_max_inactivity)
242 bss->ap_max_inactivity = ssid->ap_max_inactivity;
244 if (ssid->dtim_period)
245 bss->dtim_period = ssid->dtim_period;
246 else if (wpa_s->conf->dtim_period)
247 bss->dtim_period = wpa_s->conf->dtim_period;
249 if (ssid->beacon_int)
250 conf->beacon_int = ssid->beacon_int;
251 else if (wpa_s->conf->beacon_int)
252 conf->beacon_int = wpa_s->conf->beacon_int;
254 if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
255 bss->rsn_pairwise = bss->wpa_pairwise;
256 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
259 if (bss->wpa && bss->ieee802_1x)
260 bss->ssid.security_policy = SECURITY_WPA;
262 bss->ssid.security_policy = SECURITY_WPA_PSK;
263 else if (bss->ieee802_1x) {
264 int cipher = WPA_CIPHER_NONE;
265 bss->ssid.security_policy = SECURITY_IEEE_802_1X;
266 bss->ssid.wep.default_len = bss->default_wep_key_len;
267 if (bss->default_wep_key_len)
268 cipher = bss->default_wep_key_len >= 13 ?
269 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
270 bss->wpa_group = cipher;
271 bss->wpa_pairwise = cipher;
272 bss->rsn_pairwise = cipher;
273 } else if (bss->ssid.wep.keys_set) {
274 int cipher = WPA_CIPHER_WEP40;
275 if (bss->ssid.wep.len[0] >= 13)
276 cipher = WPA_CIPHER_WEP104;
277 bss->ssid.security_policy = SECURITY_STATIC_WEP;
278 bss->wpa_group = cipher;
279 bss->wpa_pairwise = cipher;
280 bss->rsn_pairwise = cipher;
282 bss->ssid.security_policy = SECURITY_PLAINTEXT;
283 bss->wpa_group = WPA_CIPHER_NONE;
284 bss->wpa_pairwise = WPA_CIPHER_NONE;
285 bss->rsn_pairwise = WPA_CIPHER_NONE;
288 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
289 (bss->wpa_group == WPA_CIPHER_CCMP ||
290 bss->wpa_group == WPA_CIPHER_GCMP ||
291 bss->wpa_group == WPA_CIPHER_CCMP_256 ||
292 bss->wpa_group == WPA_CIPHER_GCMP_256)) {
294 * Strong ciphers do not need frequent rekeying, so increase
295 * the default GTK rekeying period to 24 hours.
297 bss->wpa_group_rekey = 86400;
300 #ifdef CONFIG_IEEE80211W
301 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
302 bss->ieee80211w = ssid->ieee80211w;
303 #endif /* CONFIG_IEEE80211W */
307 * Enable WPS by default for open and WPA/WPA2-Personal network, but
308 * require user interaction to actually use it. Only the internal
309 * Registrar is supported.
311 if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
312 bss->ssid.security_policy != SECURITY_PLAINTEXT)
314 if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
315 (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
316 goto no_wps; /* WPS2 does not allow WPA/TKIP-only
320 if (!ssid->ignore_broadcast_ssid)
323 bss->ap_setup_locked = 2;
324 if (wpa_s->conf->config_methods)
325 bss->config_methods = os_strdup(wpa_s->conf->config_methods);
326 os_memcpy(bss->device_type, wpa_s->conf->device_type,
328 if (wpa_s->conf->device_name) {
329 bss->device_name = os_strdup(wpa_s->conf->device_name);
330 bss->friendly_name = os_strdup(wpa_s->conf->device_name);
332 if (wpa_s->conf->manufacturer)
333 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
334 if (wpa_s->conf->model_name)
335 bss->model_name = os_strdup(wpa_s->conf->model_name);
336 if (wpa_s->conf->model_number)
337 bss->model_number = os_strdup(wpa_s->conf->model_number);
338 if (wpa_s->conf->serial_number)
339 bss->serial_number = os_strdup(wpa_s->conf->serial_number);
340 if (is_nil_uuid(wpa_s->conf->uuid))
341 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
343 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
344 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
345 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
347 #endif /* CONFIG_WPS */
349 if (wpa_s->max_stations &&
350 wpa_s->max_stations < wpa_s->conf->max_num_sta)
351 bss->max_num_sta = wpa_s->max_stations;
353 bss->max_num_sta = wpa_s->conf->max_num_sta;
355 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
357 if (wpa_s->conf->ap_vendor_elements) {
358 bss->vendor_elements =
359 wpabuf_dup(wpa_s->conf->ap_vendor_elements);
366 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
369 struct wpa_supplicant *wpa_s = ctx;
370 const struct ieee80211_mgmt *mgmt;
373 mgmt = (const struct ieee80211_mgmt *) buf;
374 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
377 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
379 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
380 mgmt->u.action.category,
381 &mgmt->u.action.u.vs_public_action.action,
382 len - hdr_len, freq);
383 #endif /* CONFIG_P2P */
387 static void ap_wps_event_cb(void *ctx, enum wps_event event,
388 union wps_event_data *data)
391 struct wpa_supplicant *wpa_s = ctx;
393 if (event == WPS_EV_FAIL) {
394 struct wps_event_fail *fail = &data->fail;
396 if (wpa_s->parent && wpa_s->parent != wpa_s &&
397 wpa_s == wpa_s->global->p2p_group_formation) {
399 * src/ap/wps_hostapd.c has already sent this on the
400 * main interface, so only send on the parent interface
403 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
404 "msg=%d config_error=%d",
405 fail->msg, fail->config_error);
407 wpas_p2p_wps_failed(wpa_s, fail);
409 #endif /* CONFIG_P2P */
413 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
414 int authorized, const u8 *p2p_dev_addr)
416 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
421 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
422 const u8 *psk, size_t psk_len)
425 struct wpa_supplicant *wpa_s = ctx;
426 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
428 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
430 #endif /* CONFIG_P2P */
433 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
436 struct wpa_supplicant *wpa_s = ctx;
437 const struct ieee80211_mgmt *mgmt;
440 mgmt = (const struct ieee80211_mgmt *) buf;
441 hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
444 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
445 mgmt->u.action.category,
446 &mgmt->u.action.u.vs_public_action.action,
447 len - hdr_len, freq);
448 #endif /* CONFIG_P2P */
453 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
454 const u8 *bssid, const u8 *ie, size_t ie_len,
458 struct wpa_supplicant *wpa_s = ctx;
459 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
461 #else /* CONFIG_P2P */
463 #endif /* CONFIG_P2P */
467 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
471 struct wpa_supplicant *wpa_s = ctx;
472 wpas_p2p_wps_success(wpa_s, mac_addr, 1);
473 #endif /* CONFIG_P2P */
477 static void wpas_ap_configured_cb(void *ctx)
479 struct wpa_supplicant *wpa_s = ctx;
481 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
483 if (wpa_s->ap_configured_cb)
484 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
485 wpa_s->ap_configured_cb_data);
489 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
490 struct wpa_ssid *ssid)
492 struct wpa_driver_associate_params params;
493 struct hostapd_iface *hapd_iface;
494 struct hostapd_config *conf;
497 if (ssid->ssid == NULL || ssid->ssid_len == 0) {
498 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
502 wpa_supplicant_ap_deinit(wpa_s);
504 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
505 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
507 os_memset(¶ms, 0, sizeof(params));
508 params.ssid = ssid->ssid;
509 params.ssid_len = ssid->ssid_len;
510 switch (ssid->mode) {
512 case WPAS_MODE_P2P_GO:
513 case WPAS_MODE_P2P_GROUP_FORMATION:
514 params.mode = IEEE80211_MODE_AP;
519 if (ssid->frequency == 0)
520 ssid->frequency = 2462; /* default channel 11 */
521 params.freq = ssid->frequency;
523 params.wpa_proto = ssid->proto;
524 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
525 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
527 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
528 params.key_mgmt_suite = wpa_s->key_mgmt;
530 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
532 if (wpa_s->pairwise_cipher < 0) {
533 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
537 params.pairwise_suite = wpa_s->pairwise_cipher;
538 params.group_suite = params.pairwise_suite;
541 if (ssid->mode == WPAS_MODE_P2P_GO ||
542 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
544 #endif /* CONFIG_P2P */
546 if (wpa_s->parent->set_ap_uapsd)
547 params.uapsd = wpa_s->parent->ap_uapsd;
548 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
549 params.uapsd = 1; /* mandatory for P2P GO */
553 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
554 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
558 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
559 if (hapd_iface == NULL)
561 hapd_iface->owner = wpa_s;
562 hapd_iface->drv_flags = wpa_s->drv_flags;
563 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
564 hapd_iface->extended_capa = wpa_s->extended_capa;
565 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
566 hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
568 wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
570 wpa_supplicant_ap_deinit(wpa_s);
574 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
575 wpa_s->conf->wmm_ac_params,
576 sizeof(wpa_s->conf->wmm_ac_params));
578 if (params.uapsd > 0) {
579 conf->bss[0]->wmm_enabled = 1;
580 conf->bss[0]->wmm_uapsd = 1;
583 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
584 wpa_printf(MSG_ERROR, "Failed to create AP configuration");
585 wpa_supplicant_ap_deinit(wpa_s);
590 if (ssid->mode == WPAS_MODE_P2P_GO)
591 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
592 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
593 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
595 #endif /* CONFIG_P2P */
597 hapd_iface->num_bss = conf->num_bss;
598 hapd_iface->bss = os_calloc(conf->num_bss,
599 sizeof(struct hostapd_data *));
600 if (hapd_iface->bss == NULL) {
601 wpa_supplicant_ap_deinit(wpa_s);
605 for (i = 0; i < conf->num_bss; i++) {
607 hostapd_alloc_bss_data(hapd_iface, conf,
609 if (hapd_iface->bss[i] == NULL) {
610 wpa_supplicant_ap_deinit(wpa_s);
614 hapd_iface->bss[i]->msg_ctx = wpa_s;
615 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent;
616 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
617 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
618 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
619 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
620 hostapd_register_probereq_cb(hapd_iface->bss[i],
621 ap_probe_req_rx, wpa_s);
622 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
623 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
624 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
625 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
626 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
627 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
629 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
630 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
631 hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
632 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
634 #endif /* CONFIG_P2P */
635 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
636 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
639 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
640 hapd_iface->bss[0]->driver = wpa_s->driver;
641 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
643 wpa_s->current_ssid = ssid;
644 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
645 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
646 wpa_s->assoc_freq = ssid->frequency;
648 if (hostapd_setup_interface(wpa_s->ap_iface)) {
649 wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
650 wpa_supplicant_ap_deinit(wpa_s);
658 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
661 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
662 #endif /* CONFIG_WPS */
664 if (wpa_s->ap_iface == NULL)
667 wpa_s->current_ssid = NULL;
668 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
669 wpa_s->assoc_freq = 0;
671 if (wpa_s->ap_iface->bss)
672 wpa_s->ap_iface->bss[0]->p2p_group = NULL;
673 wpas_p2p_group_deinit(wpa_s);
674 #endif /* CONFIG_P2P */
675 wpa_s->ap_iface->driver_ap_teardown =
676 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
678 hostapd_interface_deinit(wpa_s->ap_iface);
679 hostapd_interface_free(wpa_s->ap_iface);
680 wpa_s->ap_iface = NULL;
681 wpa_drv_deinit_ap(wpa_s);
685 void ap_tx_status(void *ctx, const u8 *addr,
686 const u8 *buf, size_t len, int ack)
689 struct wpa_supplicant *wpa_s = ctx;
690 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
691 #endif /* NEED_AP_MLME */
695 void ap_eapol_tx_status(void *ctx, const u8 *dst,
696 const u8 *data, size_t len, int ack)
699 struct wpa_supplicant *wpa_s = ctx;
700 if (!wpa_s->ap_iface)
702 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
703 #endif /* NEED_AP_MLME */
707 void ap_client_poll_ok(void *ctx, const u8 *addr)
710 struct wpa_supplicant *wpa_s = ctx;
712 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
713 #endif /* NEED_AP_MLME */
717 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
720 struct wpa_supplicant *wpa_s = ctx;
721 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
722 #endif /* NEED_AP_MLME */
726 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
729 struct wpa_supplicant *wpa_s = ctx;
730 struct hostapd_frame_info fi;
731 os_memset(&fi, 0, sizeof(fi));
732 fi.datarate = rx_mgmt->datarate;
733 fi.ssi_signal = rx_mgmt->ssi_signal;
734 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
735 rx_mgmt->frame_len, &fi);
736 #endif /* NEED_AP_MLME */
740 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
743 struct wpa_supplicant *wpa_s = ctx;
744 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
745 #endif /* NEED_AP_MLME */
749 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
750 const u8 *src_addr, const u8 *buf, size_t len)
752 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
758 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
759 const u8 *p2p_dev_addr)
761 if (!wpa_s->ap_iface)
763 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
768 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
770 struct wps_registrar *reg;
771 int reg_sel = 0, wps_sta = 0;
773 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
776 reg = wpa_s->ap_iface->bss[0]->wps->registrar;
777 reg_sel = wps_registrar_wps_cancel(reg);
778 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
779 ap_sta_wps_cancel, NULL);
781 if (!reg_sel && !wps_sta) {
782 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
788 * There are 2 cases to return wps cancel as success:
789 * 1. When wps cancel was initiated but no connection has been
790 * established with client yet.
791 * 2. Client is in the middle of exchanging WPS messages.
798 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
799 const char *pin, char *buf, size_t buflen,
802 int ret, ret_len = 0;
804 if (!wpa_s->ap_iface)
808 unsigned int rpin = wps_generate_pin();
809 ret_len = os_snprintf(buf, buflen, "%08d", rpin);
812 ret_len = os_snprintf(buf, buflen, "%s", pin);
814 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
822 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
824 struct wpa_supplicant *wpa_s = eloop_data;
825 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
826 wpas_wps_ap_pin_disable(wpa_s);
830 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
832 struct hostapd_data *hapd;
834 if (wpa_s->ap_iface == NULL)
836 hapd = wpa_s->ap_iface->bss[0];
837 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
838 hapd->ap_pin_failures = 0;
839 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
841 eloop_register_timeout(timeout, 0,
842 wpas_wps_ap_pin_timeout, wpa_s, NULL);
846 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
848 struct hostapd_data *hapd;
850 if (wpa_s->ap_iface == NULL)
852 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
853 hapd = wpa_s->ap_iface->bss[0];
854 os_free(hapd->conf->ap_pin);
855 hapd->conf->ap_pin = NULL;
856 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
860 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
862 struct hostapd_data *hapd;
866 if (wpa_s->ap_iface == NULL)
868 hapd = wpa_s->ap_iface->bss[0];
869 pin = wps_generate_pin();
870 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
871 os_free(hapd->conf->ap_pin);
872 hapd->conf->ap_pin = os_strdup(pin_txt);
873 if (hapd->conf->ap_pin == NULL)
875 wpas_wps_ap_pin_enable(wpa_s, timeout);
877 return hapd->conf->ap_pin;
881 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
883 struct hostapd_data *hapd;
884 if (wpa_s->ap_iface == NULL)
886 hapd = wpa_s->ap_iface->bss[0];
887 return hapd->conf->ap_pin;
891 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
894 struct hostapd_data *hapd;
898 if (wpa_s->ap_iface == NULL)
900 hapd = wpa_s->ap_iface->bss[0];
901 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
902 if (ret < 0 || ret >= (int) sizeof(pin_txt))
904 os_free(hapd->conf->ap_pin);
905 hapd->conf->ap_pin = os_strdup(pin_txt);
906 if (hapd->conf->ap_pin == NULL)
908 wpas_wps_ap_pin_enable(wpa_s, timeout);
914 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
916 struct hostapd_data *hapd;
918 if (wpa_s->ap_iface == NULL)
920 hapd = wpa_s->ap_iface->bss[0];
923 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
924 * PIN if this happens multiple times to slow down brute force attacks.
926 hapd->ap_pin_failures++;
927 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
928 hapd->ap_pin_failures);
929 if (hapd->ap_pin_failures < 3)
932 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
933 hapd->ap_pin_failures = 0;
934 os_free(hapd->conf->ap_pin);
935 hapd->conf->ap_pin = NULL;
939 #ifdef CONFIG_WPS_NFC
941 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
944 struct hostapd_data *hapd;
946 if (wpa_s->ap_iface == NULL)
948 hapd = wpa_s->ap_iface->bss[0];
949 return hostapd_wps_nfc_config_token(hapd, ndef);
953 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
956 struct hostapd_data *hapd;
958 if (wpa_s->ap_iface == NULL)
960 hapd = wpa_s->ap_iface->bss[0];
961 return hostapd_wps_nfc_hs_cr(hapd, ndef);
965 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
966 const struct wpabuf *req,
967 const struct wpabuf *sel)
969 struct hostapd_data *hapd;
971 if (wpa_s->ap_iface == NULL)
973 hapd = wpa_s->ap_iface->bss[0];
974 return hostapd_wps_nfc_report_handover(hapd, req, sel);
977 #endif /* CONFIG_WPS_NFC */
979 #endif /* CONFIG_WPS */
982 #ifdef CONFIG_CTRL_IFACE
984 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
985 char *buf, size_t buflen)
987 if (wpa_s->ap_iface == NULL)
989 return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0],
994 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
995 char *buf, size_t buflen)
997 if (wpa_s->ap_iface == NULL)
999 return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr,
1004 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
1005 char *buf, size_t buflen)
1007 if (wpa_s->ap_iface == NULL)
1009 return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr,
1014 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
1015 const char *txtaddr)
1017 if (wpa_s->ap_iface == NULL)
1019 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
1024 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
1025 const char *txtaddr)
1027 if (wpa_s->ap_iface == NULL)
1029 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
1034 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
1035 size_t buflen, int verbose)
1037 char *pos = buf, *end = buf + buflen;
1039 struct hostapd_bss_config *conf;
1041 if (wpa_s->ap_iface == NULL)
1044 conf = wpa_s->ap_iface->bss[0]->conf;
1048 ret = os_snprintf(pos, end - pos,
1049 "pairwise_cipher=%s\n"
1052 wpa_cipher_txt(conf->rsn_pairwise),
1053 wpa_cipher_txt(conf->wpa_group),
1054 wpa_key_mgmt_txt(conf->wpa_key_mgmt,
1056 if (ret < 0 || ret >= end - pos)
1062 #endif /* CONFIG_CTRL_IFACE */
1065 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
1067 struct hostapd_iface *iface = wpa_s->ap_iface;
1068 struct wpa_ssid *ssid = wpa_s->current_ssid;
1069 struct hostapd_data *hapd;
1071 if (ssid == NULL || wpa_s->ap_iface == NULL ||
1072 ssid->mode == WPAS_MODE_INFRA ||
1073 ssid->mode == WPAS_MODE_IBSS)
1077 if (ssid->mode == WPAS_MODE_P2P_GO)
1078 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1079 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1080 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1081 P2P_GROUP_FORMATION;
1082 #endif /* CONFIG_P2P */
1084 hapd = iface->bss[0];
1085 if (hapd->drv_priv == NULL)
1087 ieee802_11_set_beacons(iface);
1088 hostapd_set_ap_wps_ie(hapd);
1094 int ap_switch_channel(struct wpa_supplicant *wpa_s,
1095 struct csa_settings *settings)
1098 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1101 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings);
1102 #else /* NEED_AP_MLME */
1104 #endif /* NEED_AP_MLME */
1108 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
1110 struct csa_settings settings;
1111 int ret = hostapd_parse_csa_settings(pos, &settings);
1116 return ap_switch_channel(wpa_s, &settings);
1120 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
1121 int offset, int width, int cf1, int cf2)
1123 if (!wpa_s->ap_iface)
1126 wpa_s->assoc_freq = freq;
1127 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset, width, cf1, cf1);
1131 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
1134 struct hostapd_data *hapd;
1135 struct hostapd_bss_config *conf;
1137 if (!wpa_s->ap_iface)
1141 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
1144 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
1146 hapd = wpa_s->ap_iface->bss[0];
1149 os_free(conf->accept_mac);
1150 conf->accept_mac = NULL;
1151 conf->num_accept_mac = 0;
1152 os_free(conf->deny_mac);
1153 conf->deny_mac = NULL;
1154 conf->num_deny_mac = 0;
1157 conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
1161 conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
1162 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
1163 if (conf->accept_mac == NULL)
1165 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
1166 conf->num_accept_mac = 1;
1172 #ifdef CONFIG_WPS_NFC
1173 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
1174 const struct wpabuf *pw, const u8 *pubkey_hash)
1176 struct hostapd_data *hapd;
1177 struct wps_context *wps;
1179 if (!wpa_s->ap_iface)
1181 hapd = wpa_s->ap_iface->bss[0];
1184 if (wpa_s->parent->conf->wps_nfc_dh_pubkey == NULL ||
1185 wpa_s->parent->conf->wps_nfc_dh_privkey == NULL) {
1186 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
1190 dh5_free(wps->dh_ctx);
1191 wpabuf_free(wps->dh_pubkey);
1192 wpabuf_free(wps->dh_privkey);
1193 wps->dh_privkey = wpabuf_dup(
1194 wpa_s->parent->conf->wps_nfc_dh_privkey);
1195 wps->dh_pubkey = wpabuf_dup(
1196 wpa_s->parent->conf->wps_nfc_dh_pubkey);
1197 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
1199 wpabuf_free(wps->dh_pubkey);
1200 wps->dh_pubkey = NULL;
1201 wpabuf_free(wps->dh_privkey);
1202 wps->dh_privkey = NULL;
1205 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
1206 if (wps->dh_ctx == NULL)
1209 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
1211 pw ? wpabuf_head(pw) : NULL,
1212 pw ? wpabuf_len(pw) : 0, 1);
1214 #endif /* CONFIG_WPS_NFC */
projects / mech_eap.git / blob