2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
10 #include "utils/includes.h"
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
31 #include "common/ieee802_11_defs.h"
32 #include "config_ssid.h"
34 #include "wpa_supplicant_i.h"
36 #include "p2p_supplicant.h"
38 #include "ap/sta_info.h"
43 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
44 #endif /* CONFIG_WPS */
47 #ifdef CONFIG_IEEE80211N
48 static void wpas_conf_ap_vht(struct wpa_supplicant *wpa_s,
49 struct hostapd_config *conf,
50 struct hostapd_hw_modes *mode)
54 u8 channel = conf->channel;
56 if (!conf->secondary_channel)
59 center_chan = wpas_p2p_get_vht80_center(wpa_s, mode, channel);
63 /* Use 80 MHz channel */
64 conf->vht_oper_chwidth = 1;
65 conf->vht_oper_centr_freq_seg0_idx = center_chan;
69 conf->vht_oper_centr_freq_seg0_idx =
70 channel + conf->secondary_channel * 2;
71 #else /* CONFIG_P2P */
72 conf->vht_oper_centr_freq_seg0_idx =
73 conf->channel + conf->secondary_channel * 2;
74 #endif /* CONFIG_P2P */
76 #endif /* CONFIG_IEEE80211N */
79 int wpa_supplicant_conf_ap_ht(struct wpa_supplicant *wpa_s,
80 struct wpa_ssid *ssid,
81 struct hostapd_config *conf)
83 conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
86 if (conf->hw_mode == NUM_HOSTAPD_MODES) {
87 wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
92 /* TODO: enable HT40 if driver supports it;
93 * drop to 11b if driver does not support 11g */
95 #ifdef CONFIG_IEEE80211N
97 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
98 * and a mask of allowed capabilities within conf->ht_capab.
99 * Using default config settings for: conf->ht_op_mode_fixed,
100 * conf->secondary_channel, conf->require_ht
102 if (wpa_s->hw.modes) {
103 struct hostapd_hw_modes *mode = NULL;
105 for (i = 0; i < wpa_s->hw.num_modes; i++) {
106 if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
107 mode = &wpa_s->hw.modes[i];
112 #ifdef CONFIG_HT_OVERRIDES
113 if (ssid->disable_ht) {
114 conf->ieee80211n = 0;
118 #endif /* CONFIG_HT_OVERRIDES */
120 if (!no_ht && mode && mode->ht_capab) {
121 conf->ieee80211n = 1;
123 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
125 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
127 conf->secondary_channel =
128 wpas_p2p_get_ht40_mode(wpa_s, mode,
130 if (conf->secondary_channel)
132 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
133 #endif /* CONFIG_P2P */
136 * white-list capabilities that won't cause issues
137 * to connecting stations, while leaving the current
138 * capabilities intact (currently disabled SMPS).
140 conf->ht_capab |= mode->ht_capab &
141 (HT_CAP_INFO_GREEN_FIELD |
142 HT_CAP_INFO_SHORT_GI20MHZ |
143 HT_CAP_INFO_SHORT_GI40MHZ |
144 HT_CAP_INFO_RX_STBC_MASK |
145 HT_CAP_INFO_TX_STBC |
146 HT_CAP_INFO_MAX_AMSDU_SIZE);
148 if (mode->vht_capab && ssid->vht) {
149 conf->ieee80211ac = 1;
150 wpas_conf_ap_vht(wpa_s, conf, mode);
155 if (conf->secondary_channel) {
156 struct wpa_supplicant *iface;
158 for (iface = wpa_s->global->ifaces; iface; iface = iface->next)
160 if (iface == wpa_s ||
161 iface->wpa_state < WPA_AUTHENTICATING ||
162 (int) iface->assoc_freq != ssid->frequency)
166 * Do not allow 40 MHz co-ex PRI/SEC switch to force us
167 * to change our PRI channel since we have an existing,
168 * concurrent connection on that channel and doing
169 * multi-channel concurrency is likely to cause more
170 * harm than using different PRI/SEC selection in
171 * environment with multiple BSSes on these two channels
172 * with mixed 20 MHz or PRI channel selection.
174 conf->no_pri_sec_switch = 1;
177 #endif /* CONFIG_IEEE80211N */
183 static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
184 struct wpa_ssid *ssid,
185 struct hostapd_config *conf)
187 struct hostapd_bss_config *bss = conf->bss[0];
189 conf->driver = wpa_s->driver;
191 os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
193 if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf))
196 if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) {
197 conf->ieee80211h = 1;
198 conf->ieee80211d = 1;
199 conf->country[0] = wpa_s->conf->country[0];
200 conf->country[1] = wpa_s->conf->country[1];
204 if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
205 (ssid->mode == WPAS_MODE_P2P_GO ||
206 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
207 /* Remove 802.11b rates from supported and basic rate sets */
208 int *list = os_malloc(4 * sizeof(int));
215 conf->basic_rates = list;
217 list = os_malloc(9 * sizeof(int));
229 conf->supported_rates = list;
232 bss->isolate = !wpa_s->conf->p2p_intra_bss;
233 bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
235 if (ssid->p2p_group) {
236 os_memcpy(bss->ip_addr_go, wpa_s->parent->conf->ip_addr_go, 4);
237 os_memcpy(bss->ip_addr_mask, wpa_s->parent->conf->ip_addr_mask,
239 os_memcpy(bss->ip_addr_start,
240 wpa_s->parent->conf->ip_addr_start, 4);
241 os_memcpy(bss->ip_addr_end, wpa_s->parent->conf->ip_addr_end,
244 #endif /* CONFIG_P2P */
246 if (ssid->ssid_len == 0) {
247 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
250 os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
251 bss->ssid.ssid_len = ssid->ssid_len;
252 bss->ssid.ssid_set = 1;
254 bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
257 bss->auth_algs = ssid->auth_alg;
259 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
260 bss->wpa = ssid->proto;
261 bss->wpa_key_mgmt = ssid->key_mgmt;
262 bss->wpa_pairwise = ssid->pairwise_cipher;
264 bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk));
265 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
266 if (bss->ssid.wpa_psk == NULL)
268 os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
269 bss->ssid.wpa_psk->group = 1;
270 } else if (ssid->passphrase) {
271 bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
272 } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
273 ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
274 struct hostapd_wep_keys *wep = &bss->ssid.wep;
276 for (i = 0; i < NUM_WEP_KEYS; i++) {
277 if (ssid->wep_key_len[i] == 0)
279 wep->key[i] = os_malloc(ssid->wep_key_len[i]);
280 if (wep->key[i] == NULL)
282 os_memcpy(wep->key[i], ssid->wep_key[i],
283 ssid->wep_key_len[i]);
284 wep->len[i] = ssid->wep_key_len[i];
286 wep->idx = ssid->wep_tx_keyidx;
290 if (ssid->ap_max_inactivity)
291 bss->ap_max_inactivity = ssid->ap_max_inactivity;
293 if (ssid->dtim_period)
294 bss->dtim_period = ssid->dtim_period;
295 else if (wpa_s->conf->dtim_period)
296 bss->dtim_period = wpa_s->conf->dtim_period;
298 if (ssid->beacon_int)
299 conf->beacon_int = ssid->beacon_int;
300 else if (wpa_s->conf->beacon_int)
301 conf->beacon_int = wpa_s->conf->beacon_int;
304 if (ssid->mode == WPAS_MODE_P2P_GO ||
305 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
306 if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) {
308 "CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it",
309 wpa_s->conf->p2p_go_ctwindow,
311 conf->p2p_go_ctwindow = 0;
313 conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow;
316 #endif /* CONFIG_P2P */
318 if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
319 bss->rsn_pairwise = bss->wpa_pairwise;
320 bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
323 if (bss->wpa && bss->ieee802_1x)
324 bss->ssid.security_policy = SECURITY_WPA;
326 bss->ssid.security_policy = SECURITY_WPA_PSK;
327 else if (bss->ieee802_1x) {
328 int cipher = WPA_CIPHER_NONE;
329 bss->ssid.security_policy = SECURITY_IEEE_802_1X;
330 bss->ssid.wep.default_len = bss->default_wep_key_len;
331 if (bss->default_wep_key_len)
332 cipher = bss->default_wep_key_len >= 13 ?
333 WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
334 bss->wpa_group = cipher;
335 bss->wpa_pairwise = cipher;
336 bss->rsn_pairwise = cipher;
337 } else if (bss->ssid.wep.keys_set) {
338 int cipher = WPA_CIPHER_WEP40;
339 if (bss->ssid.wep.len[0] >= 13)
340 cipher = WPA_CIPHER_WEP104;
341 bss->ssid.security_policy = SECURITY_STATIC_WEP;
342 bss->wpa_group = cipher;
343 bss->wpa_pairwise = cipher;
344 bss->rsn_pairwise = cipher;
346 bss->ssid.security_policy = SECURITY_PLAINTEXT;
347 bss->wpa_group = WPA_CIPHER_NONE;
348 bss->wpa_pairwise = WPA_CIPHER_NONE;
349 bss->rsn_pairwise = WPA_CIPHER_NONE;
352 if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
353 (bss->wpa_group == WPA_CIPHER_CCMP ||
354 bss->wpa_group == WPA_CIPHER_GCMP ||
355 bss->wpa_group == WPA_CIPHER_CCMP_256 ||
356 bss->wpa_group == WPA_CIPHER_GCMP_256)) {
358 * Strong ciphers do not need frequent rekeying, so increase
359 * the default GTK rekeying period to 24 hours.
361 bss->wpa_group_rekey = 86400;
364 #ifdef CONFIG_IEEE80211W
365 if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
366 bss->ieee80211w = ssid->ieee80211w;
367 #endif /* CONFIG_IEEE80211W */
371 * Enable WPS by default for open and WPA/WPA2-Personal network, but
372 * require user interaction to actually use it. Only the internal
373 * Registrar is supported.
375 if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
376 bss->ssid.security_policy != SECURITY_PLAINTEXT)
378 if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
379 (!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ||
381 goto no_wps; /* WPS2 does not allow WPA/TKIP-only
385 if (!ssid->ignore_broadcast_ssid)
388 bss->ap_setup_locked = 2;
389 if (wpa_s->conf->config_methods)
390 bss->config_methods = os_strdup(wpa_s->conf->config_methods);
391 os_memcpy(bss->device_type, wpa_s->conf->device_type,
393 if (wpa_s->conf->device_name) {
394 bss->device_name = os_strdup(wpa_s->conf->device_name);
395 bss->friendly_name = os_strdup(wpa_s->conf->device_name);
397 if (wpa_s->conf->manufacturer)
398 bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
399 if (wpa_s->conf->model_name)
400 bss->model_name = os_strdup(wpa_s->conf->model_name);
401 if (wpa_s->conf->model_number)
402 bss->model_number = os_strdup(wpa_s->conf->model_number);
403 if (wpa_s->conf->serial_number)
404 bss->serial_number = os_strdup(wpa_s->conf->serial_number);
405 if (is_nil_uuid(wpa_s->conf->uuid))
406 os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
408 os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
409 os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
410 bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
412 #endif /* CONFIG_WPS */
414 if (wpa_s->max_stations &&
415 wpa_s->max_stations < wpa_s->conf->max_num_sta)
416 bss->max_num_sta = wpa_s->max_stations;
418 bss->max_num_sta = wpa_s->conf->max_num_sta;
420 bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
422 if (wpa_s->conf->ap_vendor_elements) {
423 bss->vendor_elements =
424 wpabuf_dup(wpa_s->conf->ap_vendor_elements);
431 static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
434 struct wpa_supplicant *wpa_s = ctx;
435 const struct ieee80211_mgmt *mgmt;
437 mgmt = (const struct ieee80211_mgmt *) buf;
438 if (len < IEEE80211_HDRLEN + 1)
440 if (mgmt->u.action.category != WLAN_ACTION_PUBLIC)
442 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
443 mgmt->u.action.category,
444 buf + IEEE80211_HDRLEN + 1,
445 len - IEEE80211_HDRLEN - 1, freq);
446 #endif /* CONFIG_P2P */
450 static void ap_wps_event_cb(void *ctx, enum wps_event event,
451 union wps_event_data *data)
454 struct wpa_supplicant *wpa_s = ctx;
456 if (event == WPS_EV_FAIL) {
457 struct wps_event_fail *fail = &data->fail;
459 if (wpa_s->parent && wpa_s->parent != wpa_s &&
460 wpa_s == wpa_s->global->p2p_group_formation) {
462 * src/ap/wps_hostapd.c has already sent this on the
463 * main interface, so only send on the parent interface
466 wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
467 "msg=%d config_error=%d",
468 fail->msg, fail->config_error);
470 wpas_p2p_wps_failed(wpa_s, fail);
472 #endif /* CONFIG_P2P */
476 static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
477 int authorized, const u8 *p2p_dev_addr)
479 wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
484 static void ap_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *p2p_dev_addr,
485 const u8 *psk, size_t psk_len)
488 struct wpa_supplicant *wpa_s = ctx;
489 if (wpa_s->ap_iface == NULL || wpa_s->current_ssid == NULL)
491 wpas_p2p_new_psk_cb(wpa_s, mac_addr, p2p_dev_addr, psk, psk_len);
493 #endif /* CONFIG_P2P */
496 static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
499 struct wpa_supplicant *wpa_s = ctx;
500 const struct ieee80211_mgmt *mgmt;
502 mgmt = (const struct ieee80211_mgmt *) buf;
503 if (len < IEEE80211_HDRLEN + 1)
505 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
506 mgmt->u.action.category,
507 buf + IEEE80211_HDRLEN + 1,
508 len - IEEE80211_HDRLEN - 1, freq);
509 #endif /* CONFIG_P2P */
514 static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
515 const u8 *bssid, const u8 *ie, size_t ie_len,
518 struct wpa_supplicant *wpa_s = ctx;
519 unsigned int freq = 0;
522 freq = wpa_s->ap_iface->freq;
524 return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
529 static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
532 struct wpa_supplicant *wpa_s = ctx;
533 wpas_p2p_wps_success(wpa_s, mac_addr, 1);
537 static void wpas_ap_configured_cb(void *ctx)
539 struct wpa_supplicant *wpa_s = ctx;
541 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
543 if (wpa_s->ap_configured_cb)
544 wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
545 wpa_s->ap_configured_cb_data);
549 int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
550 struct wpa_ssid *ssid)
552 struct wpa_driver_associate_params params;
553 struct hostapd_iface *hapd_iface;
554 struct hostapd_config *conf;
557 if (ssid->ssid == NULL || ssid->ssid_len == 0) {
558 wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
562 wpa_supplicant_ap_deinit(wpa_s);
564 wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
565 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
567 os_memset(¶ms, 0, sizeof(params));
568 params.ssid = ssid->ssid;
569 params.ssid_len = ssid->ssid_len;
570 switch (ssid->mode) {
572 case WPAS_MODE_P2P_GO:
573 case WPAS_MODE_P2P_GROUP_FORMATION:
574 params.mode = IEEE80211_MODE_AP;
579 if (ssid->frequency == 0)
580 ssid->frequency = 2462; /* default channel 11 */
581 params.freq.freq = ssid->frequency;
583 params.wpa_proto = ssid->proto;
584 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
585 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
587 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
588 params.key_mgmt_suite = wpa_s->key_mgmt;
590 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
592 if (wpa_s->pairwise_cipher < 0) {
593 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
597 params.pairwise_suite = wpa_s->pairwise_cipher;
598 params.group_suite = params.pairwise_suite;
601 if (ssid->mode == WPAS_MODE_P2P_GO ||
602 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
604 #endif /* CONFIG_P2P */
606 if (wpa_s->parent->set_ap_uapsd)
607 params.uapsd = wpa_s->parent->ap_uapsd;
608 else if (params.p2p && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_UAPSD))
609 params.uapsd = 1; /* mandatory for P2P GO */
613 if (ieee80211_is_dfs(params.freq.freq))
614 params.freq.freq = 0; /* set channel after CAC */
616 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
617 wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
621 wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
622 if (hapd_iface == NULL)
624 hapd_iface->owner = wpa_s;
625 hapd_iface->drv_flags = wpa_s->drv_flags;
626 hapd_iface->smps_modes = wpa_s->drv_smps_modes;
627 hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
628 hapd_iface->extended_capa = wpa_s->extended_capa;
629 hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
630 hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
632 wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
634 wpa_supplicant_ap_deinit(wpa_s);
638 os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
639 wpa_s->conf->wmm_ac_params,
640 sizeof(wpa_s->conf->wmm_ac_params));
642 if (params.uapsd > 0) {
643 conf->bss[0]->wmm_enabled = 1;
644 conf->bss[0]->wmm_uapsd = 1;
647 if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
648 wpa_printf(MSG_ERROR, "Failed to create AP configuration");
649 wpa_supplicant_ap_deinit(wpa_s);
654 if (ssid->mode == WPAS_MODE_P2P_GO)
655 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
656 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
657 conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
659 #endif /* CONFIG_P2P */
661 hapd_iface->num_bss = conf->num_bss;
662 hapd_iface->bss = os_calloc(conf->num_bss,
663 sizeof(struct hostapd_data *));
664 if (hapd_iface->bss == NULL) {
665 wpa_supplicant_ap_deinit(wpa_s);
669 for (i = 0; i < conf->num_bss; i++) {
671 hostapd_alloc_bss_data(hapd_iface, conf,
673 if (hapd_iface->bss[i] == NULL) {
674 wpa_supplicant_ap_deinit(wpa_s);
678 hapd_iface->bss[i]->msg_ctx = wpa_s;
679 hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent;
680 hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
681 hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
682 hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
683 hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
684 hostapd_register_probereq_cb(hapd_iface->bss[i],
685 ap_probe_req_rx, wpa_s);
686 hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
687 hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
688 hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
689 hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
690 hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
691 hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
693 hapd_iface->bss[i]->new_psk_cb = ap_new_psk_cb;
694 hapd_iface->bss[i]->new_psk_cb_ctx = wpa_s;
695 hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
696 hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
698 #endif /* CONFIG_P2P */
699 hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
700 hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
701 #ifdef CONFIG_TESTING_OPTIONS
702 hapd_iface->bss[i]->ext_eapol_frame_io =
703 wpa_s->ext_eapol_frame_io;
704 #endif /* CONFIG_TESTING_OPTIONS */
707 os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
708 hapd_iface->bss[0]->driver = wpa_s->driver;
709 hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
711 wpa_s->current_ssid = ssid;
712 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
713 os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
714 wpa_s->assoc_freq = ssid->frequency;
716 if (hostapd_setup_interface(wpa_s->ap_iface)) {
717 wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
718 wpa_supplicant_ap_deinit(wpa_s);
726 void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
729 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
730 #endif /* CONFIG_WPS */
732 if (wpa_s->ap_iface == NULL)
735 wpa_s->current_ssid = NULL;
736 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
737 wpa_s->assoc_freq = 0;
738 wpas_p2p_ap_deinit(wpa_s);
739 wpa_s->ap_iface->driver_ap_teardown =
740 !!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT);
742 hostapd_interface_deinit(wpa_s->ap_iface);
743 hostapd_interface_free(wpa_s->ap_iface);
744 wpa_s->ap_iface = NULL;
745 wpa_drv_deinit_ap(wpa_s);
746 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR
747 " reason=%d locally_generated=1",
748 MAC2STR(wpa_s->own_addr), WLAN_REASON_DEAUTH_LEAVING);
752 void ap_tx_status(void *ctx, const u8 *addr,
753 const u8 *buf, size_t len, int ack)
756 struct wpa_supplicant *wpa_s = ctx;
757 hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
758 #endif /* NEED_AP_MLME */
762 void ap_eapol_tx_status(void *ctx, const u8 *dst,
763 const u8 *data, size_t len, int ack)
766 struct wpa_supplicant *wpa_s = ctx;
767 if (!wpa_s->ap_iface)
769 hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
770 #endif /* NEED_AP_MLME */
774 void ap_client_poll_ok(void *ctx, const u8 *addr)
777 struct wpa_supplicant *wpa_s = ctx;
779 hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
780 #endif /* NEED_AP_MLME */
784 void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
787 struct wpa_supplicant *wpa_s = ctx;
788 ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
789 #endif /* NEED_AP_MLME */
793 void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
796 struct wpa_supplicant *wpa_s = ctx;
797 struct hostapd_frame_info fi;
798 os_memset(&fi, 0, sizeof(fi));
799 fi.datarate = rx_mgmt->datarate;
800 fi.ssi_signal = rx_mgmt->ssi_signal;
801 ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
802 rx_mgmt->frame_len, &fi);
803 #endif /* NEED_AP_MLME */
807 void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
810 struct wpa_supplicant *wpa_s = ctx;
811 ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
812 #endif /* NEED_AP_MLME */
816 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
817 const u8 *src_addr, const u8 *buf, size_t len)
819 ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
825 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
826 const u8 *p2p_dev_addr)
828 if (!wpa_s->ap_iface)
830 return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
835 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
837 struct wps_registrar *reg;
838 int reg_sel = 0, wps_sta = 0;
840 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
843 reg = wpa_s->ap_iface->bss[0]->wps->registrar;
844 reg_sel = wps_registrar_wps_cancel(reg);
845 wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
846 ap_sta_wps_cancel, NULL);
848 if (!reg_sel && !wps_sta) {
849 wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
855 * There are 2 cases to return wps cancel as success:
856 * 1. When wps cancel was initiated but no connection has been
857 * established with client yet.
858 * 2. Client is in the middle of exchanging WPS messages.
865 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
866 const char *pin, char *buf, size_t buflen,
869 int ret, ret_len = 0;
871 if (!wpa_s->ap_iface)
875 unsigned int rpin = wps_generate_pin();
876 ret_len = os_snprintf(buf, buflen, "%08d", rpin);
877 if (os_snprintf_error(buflen, ret_len))
881 ret_len = os_snprintf(buf, buflen, "%s", pin);
882 if (os_snprintf_error(buflen, ret_len))
886 ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
894 static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
896 struct wpa_supplicant *wpa_s = eloop_data;
897 wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
898 wpas_wps_ap_pin_disable(wpa_s);
902 static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
904 struct hostapd_data *hapd;
906 if (wpa_s->ap_iface == NULL)
908 hapd = wpa_s->ap_iface->bss[0];
909 wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
910 hapd->ap_pin_failures = 0;
911 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
913 eloop_register_timeout(timeout, 0,
914 wpas_wps_ap_pin_timeout, wpa_s, NULL);
918 void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
920 struct hostapd_data *hapd;
922 if (wpa_s->ap_iface == NULL)
924 wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
925 hapd = wpa_s->ap_iface->bss[0];
926 os_free(hapd->conf->ap_pin);
927 hapd->conf->ap_pin = NULL;
928 eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
932 const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
934 struct hostapd_data *hapd;
938 if (wpa_s->ap_iface == NULL)
940 hapd = wpa_s->ap_iface->bss[0];
941 pin = wps_generate_pin();
942 os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
943 os_free(hapd->conf->ap_pin);
944 hapd->conf->ap_pin = os_strdup(pin_txt);
945 if (hapd->conf->ap_pin == NULL)
947 wpas_wps_ap_pin_enable(wpa_s, timeout);
949 return hapd->conf->ap_pin;
953 const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
955 struct hostapd_data *hapd;
956 if (wpa_s->ap_iface == NULL)
958 hapd = wpa_s->ap_iface->bss[0];
959 return hapd->conf->ap_pin;
963 int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
966 struct hostapd_data *hapd;
970 if (wpa_s->ap_iface == NULL)
972 hapd = wpa_s->ap_iface->bss[0];
973 ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
974 if (os_snprintf_error(sizeof(pin_txt), ret))
976 os_free(hapd->conf->ap_pin);
977 hapd->conf->ap_pin = os_strdup(pin_txt);
978 if (hapd->conf->ap_pin == NULL)
980 wpas_wps_ap_pin_enable(wpa_s, timeout);
986 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
988 struct hostapd_data *hapd;
990 if (wpa_s->ap_iface == NULL)
992 hapd = wpa_s->ap_iface->bss[0];
995 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
996 * PIN if this happens multiple times to slow down brute force attacks.
998 hapd->ap_pin_failures++;
999 wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
1000 hapd->ap_pin_failures);
1001 if (hapd->ap_pin_failures < 3)
1004 wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
1005 hapd->ap_pin_failures = 0;
1006 os_free(hapd->conf->ap_pin);
1007 hapd->conf->ap_pin = NULL;
1011 #ifdef CONFIG_WPS_NFC
1013 struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
1016 struct hostapd_data *hapd;
1018 if (wpa_s->ap_iface == NULL)
1020 hapd = wpa_s->ap_iface->bss[0];
1021 return hostapd_wps_nfc_config_token(hapd, ndef);
1025 struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
1028 struct hostapd_data *hapd;
1030 if (wpa_s->ap_iface == NULL)
1032 hapd = wpa_s->ap_iface->bss[0];
1033 return hostapd_wps_nfc_hs_cr(hapd, ndef);
1037 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant *wpa_s,
1038 const struct wpabuf *req,
1039 const struct wpabuf *sel)
1041 struct hostapd_data *hapd;
1043 if (wpa_s->ap_iface == NULL)
1045 hapd = wpa_s->ap_iface->bss[0];
1046 return hostapd_wps_nfc_report_handover(hapd, req, sel);
1049 #endif /* CONFIG_WPS_NFC */
1051 #endif /* CONFIG_WPS */
1054 #ifdef CONFIG_CTRL_IFACE
1056 int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
1057 char *buf, size_t buflen)
1059 struct hostapd_data *hapd;
1061 if (wpa_s->ap_iface)
1062 hapd = wpa_s->ap_iface->bss[0];
1063 else if (wpa_s->ifmsh)
1064 hapd = wpa_s->ifmsh->bss[0];
1067 return hostapd_ctrl_iface_sta_first(hapd, buf, buflen);
1071 int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
1072 char *buf, size_t buflen)
1074 struct hostapd_data *hapd;
1076 if (wpa_s->ap_iface)
1077 hapd = wpa_s->ap_iface->bss[0];
1078 else if (wpa_s->ifmsh)
1079 hapd = wpa_s->ifmsh->bss[0];
1082 return hostapd_ctrl_iface_sta(hapd, txtaddr, buf, buflen);
1086 int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
1087 char *buf, size_t buflen)
1089 struct hostapd_data *hapd;
1091 if (wpa_s->ap_iface)
1092 hapd = wpa_s->ap_iface->bss[0];
1093 else if (wpa_s->ifmsh)
1094 hapd = wpa_s->ifmsh->bss[0];
1097 return hostapd_ctrl_iface_sta_next(hapd, txtaddr, buf, buflen);
1101 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
1102 const char *txtaddr)
1104 if (wpa_s->ap_iface == NULL)
1106 return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
1111 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
1112 const char *txtaddr)
1114 if (wpa_s->ap_iface == NULL)
1116 return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
1121 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
1122 size_t buflen, int verbose)
1124 char *pos = buf, *end = buf + buflen;
1126 struct hostapd_bss_config *conf;
1128 if (wpa_s->ap_iface == NULL)
1131 conf = wpa_s->ap_iface->bss[0]->conf;
1135 ret = os_snprintf(pos, end - pos,
1136 "pairwise_cipher=%s\n"
1139 wpa_cipher_txt(conf->rsn_pairwise),
1140 wpa_cipher_txt(conf->wpa_group),
1141 wpa_key_mgmt_txt(conf->wpa_key_mgmt,
1143 if (os_snprintf_error(end - pos, ret))
1149 #endif /* CONFIG_CTRL_IFACE */
1152 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
1154 struct hostapd_iface *iface = wpa_s->ap_iface;
1155 struct wpa_ssid *ssid = wpa_s->current_ssid;
1156 struct hostapd_data *hapd;
1158 if (ssid == NULL || wpa_s->ap_iface == NULL ||
1159 ssid->mode == WPAS_MODE_INFRA ||
1160 ssid->mode == WPAS_MODE_IBSS)
1164 if (ssid->mode == WPAS_MODE_P2P_GO)
1165 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER;
1166 else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1167 iface->conf->bss[0]->p2p = P2P_ENABLED | P2P_GROUP_OWNER |
1168 P2P_GROUP_FORMATION;
1169 #endif /* CONFIG_P2P */
1171 hapd = iface->bss[0];
1172 if (hapd->drv_priv == NULL)
1174 ieee802_11_set_beacons(iface);
1175 hostapd_set_ap_wps_ie(hapd);
1181 int ap_switch_channel(struct wpa_supplicant *wpa_s,
1182 struct csa_settings *settings)
1185 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1188 return hostapd_switch_channel(wpa_s->ap_iface->bss[0], settings);
1189 #else /* NEED_AP_MLME */
1191 #endif /* NEED_AP_MLME */
1195 #ifdef CONFIG_CTRL_IFACE
1196 int ap_ctrl_iface_chanswitch(struct wpa_supplicant *wpa_s, const char *pos)
1198 struct csa_settings settings;
1199 int ret = hostapd_parse_csa_settings(pos, &settings);
1204 return ap_switch_channel(wpa_s, &settings);
1206 #endif /* CONFIG_CTRL_IFACE */
1209 void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
1210 int offset, int width, int cf1, int cf2)
1212 if (!wpa_s->ap_iface)
1215 wpa_s->assoc_freq = freq;
1216 if (wpa_s->current_ssid)
1217 wpa_s->current_ssid->frequency = freq;
1218 hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht,
1219 offset, width, cf1, cf2);
1223 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
1226 struct hostapd_data *hapd;
1227 struct hostapd_bss_config *conf;
1229 if (!wpa_s->ap_iface)
1233 wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
1236 wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
1238 hapd = wpa_s->ap_iface->bss[0];
1241 os_free(conf->accept_mac);
1242 conf->accept_mac = NULL;
1243 conf->num_accept_mac = 0;
1244 os_free(conf->deny_mac);
1245 conf->deny_mac = NULL;
1246 conf->num_deny_mac = 0;
1249 conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
1253 conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
1254 conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
1255 if (conf->accept_mac == NULL)
1257 os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
1258 conf->num_accept_mac = 1;
1264 #ifdef CONFIG_WPS_NFC
1265 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant *wpa_s, u16 pw_id,
1266 const struct wpabuf *pw, const u8 *pubkey_hash)
1268 struct hostapd_data *hapd;
1269 struct wps_context *wps;
1271 if (!wpa_s->ap_iface)
1273 hapd = wpa_s->ap_iface->bss[0];
1276 if (wpa_s->parent->conf->wps_nfc_dh_pubkey == NULL ||
1277 wpa_s->parent->conf->wps_nfc_dh_privkey == NULL) {
1278 wpa_printf(MSG_DEBUG, "P2P: No NFC DH key known");
1282 dh5_free(wps->dh_ctx);
1283 wpabuf_free(wps->dh_pubkey);
1284 wpabuf_free(wps->dh_privkey);
1285 wps->dh_privkey = wpabuf_dup(
1286 wpa_s->parent->conf->wps_nfc_dh_privkey);
1287 wps->dh_pubkey = wpabuf_dup(
1288 wpa_s->parent->conf->wps_nfc_dh_pubkey);
1289 if (wps->dh_privkey == NULL || wps->dh_pubkey == NULL) {
1291 wpabuf_free(wps->dh_pubkey);
1292 wps->dh_pubkey = NULL;
1293 wpabuf_free(wps->dh_privkey);
1294 wps->dh_privkey = NULL;
1297 wps->dh_ctx = dh5_init_fixed(wps->dh_privkey, wps->dh_pubkey);
1298 if (wps->dh_ctx == NULL)
1301 return wps_registrar_add_nfc_pw_token(hapd->wps->registrar, pubkey_hash,
1303 pw ? wpabuf_head(pw) : NULL,
1304 pw ? wpabuf_len(pw) : 0, 1);
1306 #endif /* CONFIG_WPS_NFC */
1309 #ifdef CONFIG_CTRL_IFACE
1310 int wpas_ap_stop_ap(struct wpa_supplicant *wpa_s)
1312 struct hostapd_data *hapd;
1314 if (!wpa_s->ap_iface)
1316 hapd = wpa_s->ap_iface->bss[0];
1317 return hostapd_ctrl_iface_stop_ap(hapd);
1319 #endif /* CONFIG_CTRL_IFACE */
1323 void wpas_event_dfs_radar_detected(struct wpa_supplicant *wpa_s,
1324 struct dfs_event *radar)
1326 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1328 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq);
1329 hostapd_dfs_radar_detected(wpa_s->ap_iface, radar->freq,
1330 radar->ht_enabled, radar->chan_offset,
1332 radar->cf1, radar->cf2);
1336 void wpas_event_dfs_cac_started(struct wpa_supplicant *wpa_s,
1337 struct dfs_event *radar)
1339 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1341 wpa_printf(MSG_DEBUG, "DFS CAC started on %d MHz", radar->freq);
1342 hostapd_dfs_start_cac(wpa_s->ap_iface, radar->freq,
1343 radar->ht_enabled, radar->chan_offset,
1344 radar->chan_width, radar->cf1, radar->cf2);
1348 void wpas_event_dfs_cac_finished(struct wpa_supplicant *wpa_s,
1349 struct dfs_event *radar)
1351 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1353 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq);
1354 hostapd_dfs_complete_cac(wpa_s->ap_iface, 1, radar->freq,
1355 radar->ht_enabled, radar->chan_offset,
1356 radar->chan_width, radar->cf1, radar->cf2);
1360 void wpas_event_dfs_cac_aborted(struct wpa_supplicant *wpa_s,
1361 struct dfs_event *radar)
1363 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1365 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq);
1366 hostapd_dfs_complete_cac(wpa_s->ap_iface, 0, radar->freq,
1367 radar->ht_enabled, radar->chan_offset,
1368 radar->chan_width, radar->cf1, radar->cf2);
1372 void wpas_event_dfs_cac_nop_finished(struct wpa_supplicant *wpa_s,
1373 struct dfs_event *radar)
1375 if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0])
1377 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq);
1378 hostapd_dfs_nop_finished(wpa_s->ap_iface, radar->freq,
1379 radar->ht_enabled, radar->chan_offset,
1380 radar->chan_width, radar->cf1, radar->cf2);
1382 #endif /* NEED_AP_MLME */
1385 void ap_periodic(struct wpa_supplicant *wpa_s)
1387 if (wpa_s->ap_iface)
1388 hostapd_periodic_iface(wpa_s->ap_iface);