WPS ER: Add command for configuring an AP
[mech_eap.git] / wpa_supplicant / wps_supplicant.c
index 5f1a3c6..2b90e57 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * wpa_supplicant / WPS integration
- * Copyright (c) 2008, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2008-2010, Jouni Malinen <j@w1.fi>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 as
 #include "includes.h"
 
 #include "common.h"
-#include "ieee802_11_defs.h"
-#include "ieee802_11_common.h"
-#include "wpa_common.h"
-#include "config.h"
+#include "eloop.h"
+#include "uuid.h"
+#include "crypto/dh_group5.h"
+#include "common/ieee802_11_defs.h"
+#include "common/ieee802_11_common.h"
+#include "common/wpa_common.h"
+#include "common/wpa_ctrl.h"
+#include "eap_common/eap_wsc_common.h"
 #include "eap_peer/eap.h"
+#include "rsn_supp/wpa.h"
+#include "config.h"
 #include "wpa_supplicant_i.h"
 #include "driver_i.h"
-#include "eloop.h"
-#include "uuid.h"
-#include "wpa_ctrl.h"
 #include "notify.h"
-#include "eap_common/eap_wsc_common.h"
 #include "blacklist.h"
-#include "wpa.h"
+#include "bss.h"
+#include "scan.h"
 #include "wps_supplicant.h"
-#include "dh_group5.h"
+
 
 #define WPS_PIN_SCAN_IGNORE_SEL_REG 3
 
@@ -69,6 +72,8 @@ int wpas_wps_eapol_cb(struct wpa_supplicant *wpa_s)
                           "try to associate with the received credential");
                wpa_supplicant_deauthenticate(wpa_s,
                                              WLAN_REASON_DEAUTH_LEAVING);
+               wpa_s->after_wps = 5;
+               wpa_s->wps_freq = wpa_s->assoc_freq;
                wpa_s->reassociate = 1;
                wpa_supplicant_req_scan(wpa_s, 0, 0);
                return 1;
@@ -92,8 +97,7 @@ static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s,
                                         const struct wps_credential *cred)
 {
        struct wpa_driver_capa capa;
-       size_t i;
-       struct wpa_scan_res *bss;
+       struct wpa_bss *bss;
        const u8 *ie;
        struct wpa_ie_data adv;
        int wpa2 = 0, ccmp = 0;
@@ -109,38 +113,22 @@ static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s,
        if (wpa_drv_get_capa(wpa_s, &capa))
                return; /* Unknown what driver supports */
 
-       if (wpa_supplicant_get_scan_results(wpa_s) || wpa_s->scan_res == NULL)
-               return; /* Could not get scan results for checking advertised
-                        * parameters */
-
-       for (i = 0; i < wpa_s->scan_res->num; i++) {
-               bss = wpa_s->scan_res->res[i];
-               if (os_memcmp(bss->bssid, cred->mac_addr, ETH_ALEN) != 0)
-                       continue;
-               ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
-               if (ie == NULL)
-                       continue;
-               if (ie[1] != ssid->ssid_len || ssid->ssid == NULL ||
-                   os_memcmp(ie + 2, ssid->ssid, ssid->ssid_len) != 0)
-                       continue;
-
-               wpa_printf(MSG_DEBUG, "WPS: AP found from scan results");
-               break;
-       }
-
-       if (i == wpa_s->scan_res->num) {
-               wpa_printf(MSG_DEBUG, "WPS: The AP was not found from scan "
-                          "results - use credential as-is");
+       bss = wpa_bss_get(wpa_s, cred->mac_addr, ssid->ssid, ssid->ssid_len);
+       if (bss == NULL) {
+               wpa_printf(MSG_DEBUG, "WPS: The AP was not found from BSS "
+                          "table - use credential as-is");
                return;
        }
 
-       ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
+       wpa_printf(MSG_DEBUG, "WPS: AP found from BSS table");
+
+       ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
        if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0) {
                wpa2 = 1;
                if (adv.pairwise_cipher & WPA_CIPHER_CCMP)
                        ccmp = 1;
        } else {
-               ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
+               ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
                if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0 &&
                    adv.pairwise_cipher & WPA_CIPHER_CCMP)
                        ccmp = 1;
@@ -414,9 +402,18 @@ static void wpa_supplicant_wps_event_er_ap_add(struct wpa_supplicant *wpa_s,
                                               struct wps_event_er_ap *ap)
 {
        char uuid_str[100];
+       char dev_type[WPS_DEV_TYPE_BUFSIZE];
+
        uuid_bin2str(ap->uuid, uuid_str, sizeof(uuid_str));
-       wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_ER_AP_ADD "%s|%s|%s|%s|%s|%s|%s",
-               uuid_str,
+       if (ap->pri_dev_type)
+               wps_dev_type_bin2str(ap->pri_dev_type, dev_type,
+                                    sizeof(dev_type));
+       else
+               dev_type[0] = '\0';
+
+       wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_ER_AP_ADD "%s " MACSTR
+               " pri_dev_type=%s wps_state=%d |%s|%s|%s|%s|%s|%s|",
+               uuid_str, MAC2STR(ap->mac_addr), dev_type, ap->wps_state,
                ap->friendly_name ? ap->friendly_name : "",
                ap->manufacturer ? ap->manufacturer : "",
                ap->model_description ? ap->model_description : "",
@@ -439,14 +436,12 @@ static void wpa_supplicant_wps_event_er_enrollee_add(
        struct wpa_supplicant *wpa_s, struct wps_event_er_enrollee *enrollee)
 {
        char uuid_str[100];
-       char dev_type[20];
+       char dev_type[WPS_DEV_TYPE_BUFSIZE];
 
        uuid_bin2str(enrollee->uuid, uuid_str, sizeof(uuid_str));
        if (enrollee->pri_dev_type)
-               os_snprintf(dev_type, sizeof(dev_type), "%u-%08X-%u",
-                           WPA_GET_BE16(enrollee->pri_dev_type),
-                           WPA_GET_BE32(enrollee->pri_dev_type + 2),
-                           WPA_GET_BE16(enrollee->pri_dev_type + 6));
+               wps_dev_type_bin2str(enrollee->pri_dev_type, dev_type,
+                                    sizeof(dev_type));
        else
                dev_type[0] = '\0';
 
@@ -473,6 +468,32 @@ static void wpa_supplicant_wps_event_er_enrollee_remove(
 }
 
 
+static void wpa_supplicant_wps_event_er_ap_settings(
+       struct wpa_supplicant *wpa_s,
+       struct wps_event_er_ap_settings *ap_settings)
+{
+       char uuid_str[100];
+       char key_str[65];
+       const struct wps_credential *cred = ap_settings->cred;
+
+       key_str[0] = '\0';
+       if (cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK)) {
+               if (cred->key_len >= 8 && cred->key_len <= 64) {
+                       os_memcpy(key_str, cred->key, cred->key_len);
+                       key_str[cred->key_len] = '\0';
+               }
+       }
+
+       uuid_bin2str(ap_settings->uuid, uuid_str, sizeof(uuid_str));
+       /* Use wpa_msg_ctrl to avoid showing the key in debug log */
+       wpa_msg_ctrl(wpa_s, MSG_INFO, WPS_EVENT_ER_AP_SETTINGS
+                    "uuid=%s ssid=%s auth_type=0x%04x encr_type=0x%04x "
+                    "key=%s",
+                    uuid_str, wpa_ssid_txt(cred->ssid, cred->ssid_len),
+                    cred->auth_type, cred->encr_type, key_str);
+}
+
+
 static void wpa_supplicant_wps_event(void *ctx, enum wps_event event,
                                     union wps_event_data *data)
 {
@@ -507,6 +528,10 @@ static void wpa_supplicant_wps_event(void *ctx, enum wps_event event,
                wpa_supplicant_wps_event_er_enrollee_remove(wpa_s,
                                                            &data->enrollee);
                break;
+       case WPS_EV_ER_AP_SETTINGS:
+               wpa_supplicant_wps_event_er_ap_settings(wpa_s,
+                                                       &data->ap_settings);
+               break;
        }
 }
 
@@ -580,34 +605,34 @@ static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s,
        }
 
        if (bssid) {
-               size_t i;
-               struct wpa_scan_res *res;
+               struct wpa_bss *bss;
+               int count = 0;
 
                os_memcpy(ssid->bssid, bssid, ETH_ALEN);
                ssid->bssid_set = 1;
 
-               /* Try to get SSID from scan results */
-               if (wpa_s->scan_res == NULL &&
-                   wpa_supplicant_get_scan_results(wpa_s) < 0)
-                       return ssid; /* Could not find any scan results */
-
-               for (i = 0; i < wpa_s->scan_res->num; i++) {
-                       const u8 *ie;
-
-                       res = wpa_s->scan_res->res[i];
-                       if (os_memcmp(bssid, res->bssid, ETH_ALEN) != 0)
+               dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
+                       if (os_memcmp(bssid, bss->bssid, ETH_ALEN) != 0)
                                continue;
 
-                       ie = wpa_scan_get_ie(res, WLAN_EID_SSID);
-                       if (ie == NULL)
-                               break;
                        os_free(ssid->ssid);
-                       ssid->ssid = os_malloc(ie[1]);
+                       ssid->ssid = os_malloc(bss->ssid_len);
                        if (ssid->ssid == NULL)
                                break;
-                       os_memcpy(ssid->ssid, ie + 2, ie[1]);
-                       ssid->ssid_len = ie[1];
-                       break;
+                       os_memcpy(ssid->ssid, bss->ssid, bss->ssid_len);
+                       ssid->ssid_len = bss->ssid_len;
+                       wpa_hexdump_ascii(MSG_DEBUG, "WPS: Picked SSID from "
+                                         "scan results",
+                                         ssid->ssid, ssid->ssid_len);
+                       count++;
+               }
+
+               if (count > 1) {
+                       wpa_printf(MSG_DEBUG, "WPS: More than one SSID found "
+                                  "for the AP; use wildcard");
+                       os_free(ssid->ssid);
+                       ssid->ssid = NULL;
+                       ssid->ssid_len = 0;
                }
        }
 
@@ -786,15 +811,17 @@ static void wpas_wps_pin_needed_cb(void *ctx, const u8 *uuid_e,
 {
        char uuid[40], txt[400];
        int len;
+       char devtype[WPS_DEV_TYPE_BUFSIZE];
        if (uuid_bin2str(uuid_e, uuid, sizeof(uuid)))
                return;
        wpa_printf(MSG_DEBUG, "WPS: PIN needed for UUID-E %s", uuid);
        len = os_snprintf(txt, sizeof(txt), "WPS-EVENT-PIN-NEEDED %s " MACSTR
-                         " [%s|%s|%s|%s|%s|%d-%08X-%d]",
+                         " [%s|%s|%s|%s|%s|%s]",
                          uuid, MAC2STR(dev->mac_addr), dev->device_name,
                          dev->manufacturer, dev->model_name,
                          dev->model_number, dev->serial_number,
-                         dev->categ, dev->oui, dev->sub_categ);
+                         wps_dev_type_bin2str(dev->pri_dev_type, devtype,
+                                              sizeof(devtype)));
        if (len > 0 && len < (int) sizeof(txt))
                wpa_printf(MSG_INFO, "%s", txt);
 }
@@ -832,32 +859,14 @@ int wpas_wps_init(struct wpa_supplicant *wpa_s)
        wps->dev.model_name = wpa_s->conf->model_name;
        wps->dev.model_number = wpa_s->conf->model_number;
        wps->dev.serial_number = wpa_s->conf->serial_number;
-       if (wpa_s->conf->device_type) {
-               char *pos;
-               u8 oui[4];
-               /* <categ>-<OUI>-<subcateg> */
-               wps->dev.categ = atoi(wpa_s->conf->device_type);
-               pos = os_strchr(wpa_s->conf->device_type, '-');
-               if (pos == NULL) {
-                       wpa_printf(MSG_ERROR, "WPS: Invalid device_type");
-                       os_free(wps);
-                       return -1;
-               }
-               pos++;
-               if (hexstr2bin(pos, oui, 4)) {
-                       wpa_printf(MSG_ERROR, "WPS: Invalid device_type OUI");
-                       os_free(wps);
-                       return -1;
-               }
-               wps->dev.oui = WPA_GET_BE32(oui);
-               pos = os_strchr(pos, '-');
-               if (pos == NULL) {
-                       wpa_printf(MSG_ERROR, "WPS: Invalid device_type");
-                       os_free(wps);
-                       return -1;
-               }
-               pos++;
-               wps->dev.sub_categ = atoi(pos);
+       wps->config_methods =
+               wps_config_methods_str2bin(wpa_s->conf->config_methods);
+       if (wpa_s->conf->device_type &&
+           wps_dev_type_str2bin(wpa_s->conf->device_type,
+                                wps->dev.pri_dev_type) < 0) {
+               wpa_printf(MSG_ERROR, "WPS: Invalid device_type");
+               os_free(wps);
+               return -1;
        }
        wps->dev.os_version = WPA_GET_BE32(wpa_s->conf->os_version);
        wps->dev.rf_bands = WPS_RF_24GHZ | WPS_RF_50GHZ; /* TODO: config */
@@ -899,7 +908,7 @@ void wpas_wps_deinit(struct wpa_supplicant *wpa_s)
                return;
 
 #ifdef CONFIG_WPS_ER
-       wps_er_deinit(wpa_s->wps_er);
+       wps_er_deinit(wpa_s->wps_er, NULL, NULL);
        wpa_s->wps_er = NULL;
 #endif /* CONFIG_WPS_ER */
 
@@ -1017,30 +1026,28 @@ int wpas_wps_ssid_wildcard_ok(struct wpa_supplicant *wpa_s,
 
 
 int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
-                             struct wpa_scan_res *selected,
-                             struct wpa_ssid *ssid)
+                             struct wpa_bss *selected, struct wpa_ssid *ssid)
 {
        const u8 *sel_uuid, *uuid;
-       size_t i;
        struct wpabuf *wps_ie;
        int ret = 0;
+       struct wpa_bss *bss;
 
        if (!eap_is_wps_pbc_enrollee(&ssid->eap))
                return 0;
 
        /* Make sure that only one AP is in active PBC mode */
-       wps_ie = wpa_scan_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE);
+       wps_ie = wpa_bss_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE);
        if (wps_ie)
                sel_uuid = wps_get_uuid_e(wps_ie);
        else
                sel_uuid = NULL;
 
-       for (i = 0; i < wpa_s->scan_res->num; i++) {
-               struct wpa_scan_res *bss = wpa_s->scan_res->res[i];
+       dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
                struct wpabuf *ie;
                if (bss == selected)
                        continue;
-               ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
+               ie = wpa_bss_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
                if (!ie)
                        continue;
                if (!wps_is_selected_pbc_registrar(ie)) {
@@ -1068,23 +1075,25 @@ int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
 
 void wpas_wps_notify_scan_results(struct wpa_supplicant *wpa_s)
 {
-       size_t i;
+       struct wpa_bss *bss;
 
        if (wpa_s->disconnected || wpa_s->wpa_state >= WPA_ASSOCIATED)
                return;
 
-       for (i = 0; i < wpa_s->scan_res->num; i++) {
-               struct wpa_scan_res *bss = wpa_s->scan_res->res[i];
+       dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
                struct wpabuf *ie;
-               ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
+               ie = wpa_bss_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
                if (!ie)
                        continue;
                if (wps_is_selected_pbc_registrar(ie))
-                       wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PBC);
+                       wpa_msg_ctrl(wpa_s, MSG_INFO,
+                                    WPS_EVENT_AP_AVAILABLE_PBC);
                else if (wps_is_selected_pin_registrar(ie))
-                       wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PIN);
+                       wpa_msg_ctrl(wpa_s, MSG_INFO,
+                                    WPS_EVENT_AP_AVAILABLE_PIN);
                else
-                       wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE);
+                       wpa_msg_ctrl(wpa_s, MSG_INFO,
+                                    WPS_EVENT_AP_AVAILABLE);
                wpabuf_free(ie);
                break;
        }
@@ -1120,14 +1129,14 @@ int wpas_wps_scan_result_text(const u8 *ies, size_t ies_len, char *buf,
 }
 
 
-int wpas_wps_er_start(struct wpa_supplicant *wpa_s)
+int wpas_wps_er_start(struct wpa_supplicant *wpa_s, const char *filter)
 {
 #ifdef CONFIG_WPS_ER
        if (wpa_s->wps_er) {
-               /* TODO: re-send ctrl_iface events for current data? */
+               wps_er_refresh(wpa_s->wps_er);
                return 0;
        }
-       wpa_s->wps_er = wps_er_init(wpa_s->wps, wpa_s->ifname);
+       wpa_s->wps_er = wps_er_init(wpa_s->wps, wpa_s->ifname, filter);
        if (wpa_s->wps_er == NULL)
                return -1;
        return 0;
@@ -1140,7 +1149,7 @@ int wpas_wps_er_start(struct wpa_supplicant *wpa_s)
 int wpas_wps_er_stop(struct wpa_supplicant *wpa_s)
 {
 #ifdef CONFIG_WPS_ER
-       wps_er_deinit(wpa_s->wps_er);
+       wps_er_deinit(wpa_s->wps_er, NULL, NULL);
        wpa_s->wps_er = NULL;
 #endif /* CONFIG_WPS_ER */
        return 0;
@@ -1183,4 +1192,75 @@ int wpas_wps_er_learn(struct wpa_supplicant *wpa_s, const char *uuid,
        return wps_er_learn(wpa_s->wps_er, u, (const u8 *) pin,
                            os_strlen(pin));
 }
+
+
+int wpas_wps_er_config(struct wpa_supplicant *wpa_s, const char *uuid,
+                      const char *pin, struct wps_new_ap_settings *settings)
+{
+       u8 u[UUID_LEN];
+       struct wps_credential cred;
+       size_t len;
+
+       if (uuid_str2bin(uuid, u))
+               return -1;
+       if (settings->ssid_hex == NULL || settings->auth == NULL ||
+           settings->encr == NULL || settings->key_hex == NULL)
+               return -1;
+
+       os_memset(&cred, 0, sizeof(cred));
+       len = os_strlen(settings->ssid_hex);
+       if ((len & 1) || len > 2 * sizeof(cred.ssid) ||
+           hexstr2bin(settings->ssid_hex, cred.ssid, len / 2))
+               return -1;
+       cred.ssid_len = len / 2;
+
+       len = os_strlen(settings->key_hex);
+       if ((len & 1) || len > 2 * sizeof(cred.key) ||
+           hexstr2bin(settings->key_hex, cred.key, len / 2))
+               return -1;
+       cred.key_len = len / 2;
+
+       if (os_strcmp(settings->auth, "OPEN") == 0)
+               cred.auth_type = WPS_AUTH_OPEN;
+       else if (os_strcmp(settings->auth, "WPAPSK") == 0)
+               cred.auth_type = WPS_AUTH_WPAPSK;
+       else if (os_strcmp(settings->auth, "WPA2PSK") == 0)
+               cred.auth_type = WPS_AUTH_WPA2PSK;
+       else
+               return -1;
+
+       if (os_strcmp(settings->encr, "NONE") == 0)
+               cred.encr_type = WPS_ENCR_NONE;
+       else if (os_strcmp(settings->encr, "WEP") == 0)
+               cred.encr_type = WPS_ENCR_WEP;
+       else if (os_strcmp(settings->encr, "TKIP") == 0)
+               cred.encr_type = WPS_ENCR_TKIP;
+       else if (os_strcmp(settings->encr, "CCMP") == 0)
+               cred.encr_type = WPS_ENCR_AES;
+       else
+               return -1;
+
+       return wps_er_config(wpa_s->wps_er, u, (const u8 *) pin,
+                            os_strlen(pin), &cred);
+}
+
+
+static void wpas_wps_terminate_cb(void *ctx)
+{
+       wpa_printf(MSG_DEBUG, "WPS ER: Terminated");
+       eloop_terminate();
+}
 #endif /* CONFIG_WPS_ER */
+
+
+int wpas_wps_terminate_pending(struct wpa_supplicant *wpa_s)
+{
+#ifdef CONFIG_WPS_ER
+       if (wpa_s->wps_er) {
+               wps_er_deinit(wpa_s->wps_er, wpas_wps_terminate_cb, wpa_s);
+               wpa_s->wps_er = NULL;
+               return 1;
+       }
+#endif /* CONFIG_WPS_ER */
+       return 0;
+}