wps_supplicant.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793
  1. /*
  2. * wpa_supplicant / WPS integration
  3. * Copyright (c) 2008, Jouni Malinen <j@w1.fi>
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License version 2 as
  7. * published by the Free Software Foundation.
  8. *
  9. * Alternatively, this software may be distributed under the terms of BSD
  10. * license.
  11. *
  12. * See README and COPYING for more details.
  13. */
  14. #include "includes.h"
  15. #include "common.h"
  16. #include "ieee802_11_defs.h"
  17. #include "wpa_common.h"
  18. #include "config.h"
  19. #include "eap_peer/eap.h"
  20. #include "wpa_supplicant_i.h"
  21. #include "eloop.h"
  22. #include "uuid.h"
  23. #include "wpa_ctrl.h"
  24. #include "ctrl_iface_dbus.h"
  25. #include "eap_common/eap_wsc_common.h"
  26. #include "blacklist.h"
  27. #include "wps_supplicant.h"
  28. #define WPS_PIN_SCAN_IGNORE_SEL_REG 3
  29. static void wpas_wps_timeout(void *eloop_ctx, void *timeout_ctx);
  30. static void wpas_clear_wps(struct wpa_supplicant *wpa_s);
  31. int wpas_wps_eapol_cb(struct wpa_supplicant *wpa_s)
  32. {
  33. if (!wpa_s->wps_success &&
  34. wpa_s->current_ssid &&
  35. eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
  36. const u8 *bssid = wpa_s->bssid;
  37. if (is_zero_ether_addr(bssid))
  38. bssid = wpa_s->pending_bssid;
  39. wpa_printf(MSG_DEBUG, "WPS: PIN registration with " MACSTR
  40. " did not succeed - continue trying to find "
  41. "suitable AP", MAC2STR(bssid));
  42. wpa_blacklist_add(wpa_s, bssid);
  43. wpa_supplicant_deauthenticate(wpa_s,
  44. WLAN_REASON_DEAUTH_LEAVING);
  45. wpa_s->reassociate = 1;
  46. wpa_supplicant_req_scan(wpa_s,
  47. wpa_s->blacklist_cleared ? 5 : 0, 0);
  48. wpa_s->blacklist_cleared = 0;
  49. return 1;
  50. }
  51. eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL);
  52. if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid &&
  53. !(wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
  54. wpa_printf(MSG_DEBUG, "WPS: Network configuration replaced - "
  55. "try to associate with the received credential");
  56. wpa_supplicant_deauthenticate(wpa_s,
  57. WLAN_REASON_DEAUTH_LEAVING);
  58. wpa_s->reassociate = 1;
  59. wpa_supplicant_req_scan(wpa_s, 0, 0);
  60. return 1;
  61. }
  62. if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid) {
  63. wpa_printf(MSG_DEBUG, "WPS: Registration completed - waiting "
  64. "for external credential processing");
  65. wpas_clear_wps(wpa_s);
  66. wpa_supplicant_deauthenticate(wpa_s,
  67. WLAN_REASON_DEAUTH_LEAVING);
  68. return 1;
  69. }
  70. return 0;
  71. }
  72. static int wpa_supplicant_wps_cred(void *ctx,
  73. const struct wps_credential *cred)
  74. {
  75. struct wpa_supplicant *wpa_s = ctx;
  76. struct wpa_ssid *ssid = wpa_s->current_ssid;
  77. u8 key_idx;
  78. if ((wpa_s->conf->wps_cred_processing == 1 ||
  79. wpa_s->conf->wps_cred_processing == 2) && cred->cred_attr) {
  80. size_t blen = cred->cred_attr_len * 2 + 1;
  81. char *buf = os_malloc(blen);
  82. if (buf) {
  83. wpa_snprintf_hex(buf, blen,
  84. cred->cred_attr, cred->cred_attr_len);
  85. wpa_msg(wpa_s, MSG_INFO, "%s%s",
  86. WPS_EVENT_CRED_RECEIVED, buf);
  87. os_free(buf);
  88. }
  89. wpa_supplicant_dbus_notify_wps_cred(wpa_s, cred);
  90. } else
  91. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_CRED_RECEIVED);
  92. wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute",
  93. cred->cred_attr, cred->cred_attr_len);
  94. if (wpa_s->conf->wps_cred_processing == 1)
  95. return 0;
  96. if (cred->auth_type != WPS_AUTH_OPEN &&
  97. cred->auth_type != WPS_AUTH_SHARED &&
  98. cred->auth_type != WPS_AUTH_WPAPSK &&
  99. cred->auth_type != WPS_AUTH_WPA2PSK) {
  100. wpa_printf(MSG_DEBUG, "WPS: Ignored credentials for "
  101. "unsupported authentication type %d",
  102. cred->auth_type);
  103. return 0;
  104. }
  105. if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
  106. wpa_printf(MSG_DEBUG, "WPS: Replace WPS network block based "
  107. "on the received credential");
  108. os_free(ssid->eap.identity);
  109. ssid->eap.identity = NULL;
  110. ssid->eap.identity_len = 0;
  111. os_free(ssid->eap.phase1);
  112. ssid->eap.phase1 = NULL;
  113. os_free(ssid->eap.eap_methods);
  114. ssid->eap.eap_methods = NULL;
  115. } else {
  116. wpa_printf(MSG_DEBUG, "WPS: Create a new network based on the "
  117. "received credential");
  118. ssid = wpa_config_add_network(wpa_s->conf);
  119. if (ssid == NULL)
  120. return -1;
  121. }
  122. wpa_config_set_network_defaults(ssid);
  123. os_free(ssid->ssid);
  124. ssid->ssid = os_malloc(cred->ssid_len);
  125. if (ssid->ssid) {
  126. os_memcpy(ssid->ssid, cred->ssid, cred->ssid_len);
  127. ssid->ssid_len = cred->ssid_len;
  128. }
  129. switch (cred->encr_type) {
  130. case WPS_ENCR_NONE:
  131. break;
  132. case WPS_ENCR_WEP:
  133. if (cred->key_len <= 0)
  134. break;
  135. if (cred->key_len != 5 && cred->key_len != 13 &&
  136. cred->key_len != 10 && cred->key_len != 26) {
  137. wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key length "
  138. "%lu", (unsigned long) cred->key_len);
  139. return -1;
  140. }
  141. if (cred->key_idx >= NUM_WEP_KEYS) {
  142. wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key index %d",
  143. cred->key_idx);
  144. return -1;
  145. }
  146. key_idx = cred->key_idx;
  147. if (cred->key_len == 10 || cred->key_len == 26) {
  148. if (hexstr2bin((char *) cred->key,
  149. ssid->wep_key[key_idx],
  150. cred->key_len / 2) < 0) {
  151. wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key "
  152. "%d", key_idx);
  153. return -1;
  154. }
  155. ssid->wep_key_len[key_idx] = cred->key_len / 2;
  156. } else {
  157. os_memcpy(ssid->wep_key[key_idx], cred->key,
  158. cred->key_len);
  159. ssid->wep_key_len[key_idx] = cred->key_len;
  160. }
  161. ssid->wep_tx_keyidx = key_idx;
  162. break;
  163. case WPS_ENCR_TKIP:
  164. ssid->pairwise_cipher = WPA_CIPHER_TKIP;
  165. break;
  166. case WPS_ENCR_AES:
  167. ssid->pairwise_cipher = WPA_CIPHER_CCMP;
  168. break;
  169. }
  170. switch (cred->auth_type) {
  171. case WPS_AUTH_OPEN:
  172. ssid->auth_alg = WPA_AUTH_ALG_OPEN;
  173. ssid->key_mgmt = WPA_KEY_MGMT_NONE;
  174. ssid->proto = 0;
  175. break;
  176. case WPS_AUTH_SHARED:
  177. ssid->auth_alg = WPA_AUTH_ALG_SHARED;
  178. ssid->key_mgmt = WPA_KEY_MGMT_NONE;
  179. ssid->proto = 0;
  180. break;
  181. case WPS_AUTH_WPAPSK:
  182. ssid->auth_alg = WPA_AUTH_ALG_OPEN;
  183. ssid->key_mgmt = WPA_KEY_MGMT_PSK;
  184. ssid->proto = WPA_PROTO_WPA;
  185. break;
  186. case WPS_AUTH_WPA:
  187. ssid->auth_alg = WPA_AUTH_ALG_OPEN;
  188. ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
  189. ssid->proto = WPA_PROTO_WPA;
  190. break;
  191. case WPS_AUTH_WPA2:
  192. ssid->auth_alg = WPA_AUTH_ALG_OPEN;
  193. ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
  194. ssid->proto = WPA_PROTO_RSN;
  195. break;
  196. case WPS_AUTH_WPA2PSK:
  197. ssid->auth_alg = WPA_AUTH_ALG_OPEN;
  198. ssid->key_mgmt = WPA_KEY_MGMT_PSK;
  199. ssid->proto = WPA_PROTO_RSN;
  200. break;
  201. }
  202. if (ssid->key_mgmt == WPA_KEY_MGMT_PSK) {
  203. if (cred->key_len == 2 * PMK_LEN) {
  204. if (hexstr2bin((const char *) cred->key, ssid->psk,
  205. PMK_LEN)) {
  206. wpa_printf(MSG_ERROR, "WPS: Invalid Network "
  207. "Key");
  208. return -1;
  209. }
  210. ssid->psk_set = 1;
  211. } else if (cred->key_len >= 8 && cred->key_len < 2 * PMK_LEN) {
  212. os_free(ssid->passphrase);
  213. ssid->passphrase = os_malloc(cred->key_len + 1);
  214. if (ssid->passphrase == NULL)
  215. return -1;
  216. os_memcpy(ssid->passphrase, cred->key, cred->key_len);
  217. ssid->passphrase[cred->key_len] = '\0';
  218. wpa_config_update_psk(ssid);
  219. } else {
  220. wpa_printf(MSG_ERROR, "WPS: Invalid Network Key "
  221. "length %lu",
  222. (unsigned long) cred->key_len);
  223. return -1;
  224. }
  225. }
  226. #ifndef CONFIG_NO_CONFIG_WRITE
  227. if (wpa_s->conf->update_config &&
  228. wpa_config_write(wpa_s->confname, wpa_s->conf)) {
  229. wpa_printf(MSG_DEBUG, "WPS: Failed to update configuration");
  230. return -1;
  231. }
  232. #endif /* CONFIG_NO_CONFIG_WRITE */
  233. return 0;
  234. }
  235. static void wpa_supplicant_wps_event_m2d(struct wpa_supplicant *wpa_s,
  236. struct wps_event_m2d *m2d)
  237. {
  238. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_M2D
  239. "dev_password_id=%d config_error=%d",
  240. m2d->dev_password_id, m2d->config_error);
  241. }
  242. static void wpa_supplicant_wps_event_fail(struct wpa_supplicant *wpa_s,
  243. struct wps_event_fail *fail)
  244. {
  245. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_FAIL "msg=%d", fail->msg);
  246. wpas_clear_wps(wpa_s);
  247. }
  248. static void wpa_supplicant_wps_event_success(struct wpa_supplicant *wpa_s)
  249. {
  250. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_SUCCESS);
  251. wpa_s->wps_success = 1;
  252. }
  253. static void wpa_supplicant_wps_event(void *ctx, enum wps_event event,
  254. union wps_event_data *data)
  255. {
  256. struct wpa_supplicant *wpa_s = ctx;
  257. switch (event) {
  258. case WPS_EV_M2D:
  259. wpa_supplicant_wps_event_m2d(wpa_s, &data->m2d);
  260. break;
  261. case WPS_EV_FAIL:
  262. wpa_supplicant_wps_event_fail(wpa_s, &data->fail);
  263. break;
  264. case WPS_EV_SUCCESS:
  265. wpa_supplicant_wps_event_success(wpa_s);
  266. break;
  267. case WPS_EV_PWD_AUTH_FAIL:
  268. break;
  269. }
  270. }
  271. enum wps_request_type wpas_wps_get_req_type(struct wpa_ssid *ssid)
  272. {
  273. if (eap_is_wps_pbc_enrollee(&ssid->eap) ||
  274. eap_is_wps_pin_enrollee(&ssid->eap))
  275. return WPS_REQ_ENROLLEE;
  276. else
  277. return WPS_REQ_REGISTRAR;
  278. }
  279. static void wpas_clear_wps(struct wpa_supplicant *wpa_s)
  280. {
  281. int id;
  282. struct wpa_ssid *ssid;
  283. eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL);
  284. /* Remove any existing WPS network from configuration */
  285. ssid = wpa_s->conf->ssid;
  286. while (ssid) {
  287. if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
  288. if (ssid == wpa_s->current_ssid)
  289. wpa_s->current_ssid = NULL;
  290. id = ssid->id;
  291. } else
  292. id = -1;
  293. ssid = ssid->next;
  294. if (id >= 0)
  295. wpa_config_remove_network(wpa_s->conf, id);
  296. }
  297. }
  298. static void wpas_wps_timeout(void *eloop_ctx, void *timeout_ctx)
  299. {
  300. struct wpa_supplicant *wpa_s = eloop_ctx;
  301. wpa_printf(MSG_INFO, WPS_EVENT_TIMEOUT "Requested operation timed "
  302. "out");
  303. wpas_clear_wps(wpa_s);
  304. }
  305. static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s,
  306. int registrar, const u8 *bssid)
  307. {
  308. struct wpa_ssid *ssid;
  309. ssid = wpa_config_add_network(wpa_s->conf);
  310. if (ssid == NULL)
  311. return NULL;
  312. wpa_config_set_network_defaults(ssid);
  313. if (wpa_config_set(ssid, "key_mgmt", "WPS", 0) < 0 ||
  314. wpa_config_set(ssid, "eap", "WSC", 0) < 0 ||
  315. wpa_config_set(ssid, "identity", registrar ?
  316. "\"" WSC_ID_REGISTRAR "\"" :
  317. "\"" WSC_ID_ENROLLEE "\"", 0) < 0) {
  318. wpa_config_remove_network(wpa_s->conf, ssid->id);
  319. return NULL;
  320. }
  321. if (bssid) {
  322. size_t i;
  323. struct wpa_scan_res *res;
  324. os_memcpy(ssid->bssid, bssid, ETH_ALEN);
  325. ssid->bssid_set = 1;
  326. /* Try to get SSID from scan results */
  327. if (wpa_s->scan_res == NULL &&
  328. wpa_supplicant_get_scan_results(wpa_s) < 0)
  329. return ssid; /* Could not find any scan results */
  330. for (i = 0; i < wpa_s->scan_res->num; i++) {
  331. const u8 *ie;
  332. res = wpa_s->scan_res->res[i];
  333. if (os_memcmp(bssid, res->bssid, ETH_ALEN) != 0)
  334. continue;
  335. ie = wpa_scan_get_ie(res, WLAN_EID_SSID);
  336. if (ie == NULL)
  337. break;
  338. os_free(ssid->ssid);
  339. ssid->ssid = os_malloc(ie[1]);
  340. if (ssid->ssid == NULL)
  341. break;
  342. os_memcpy(ssid->ssid, ie + 2, ie[1]);
  343. ssid->ssid_len = ie[1];
  344. break;
  345. }
  346. }
  347. return ssid;
  348. }
  349. static void wpas_wps_reassoc(struct wpa_supplicant *wpa_s,
  350. struct wpa_ssid *selected)
  351. {
  352. struct wpa_ssid *ssid;
  353. /* Mark all other networks disabled and trigger reassociation */
  354. ssid = wpa_s->conf->ssid;
  355. while (ssid) {
  356. ssid->disabled = ssid != selected;
  357. ssid = ssid->next;
  358. }
  359. wpa_s->disconnected = 0;
  360. wpa_s->reassociate = 1;
  361. wpa_s->scan_runs = 0;
  362. wpa_s->wps_success = 0;
  363. wpa_s->blacklist_cleared = 0;
  364. wpa_supplicant_req_scan(wpa_s, 0, 0);
  365. }
  366. int wpas_wps_start_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid)
  367. {
  368. struct wpa_ssid *ssid;
  369. wpas_clear_wps(wpa_s);
  370. ssid = wpas_wps_add_network(wpa_s, 0, bssid);
  371. if (ssid == NULL)
  372. return -1;
  373. wpa_config_set(ssid, "phase1", "\"pbc=1\"", 0);
  374. eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout,
  375. wpa_s, NULL);
  376. wpas_wps_reassoc(wpa_s, ssid);
  377. return 0;
  378. }
  379. int wpas_wps_start_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
  380. const char *pin)
  381. {
  382. struct wpa_ssid *ssid;
  383. char val[30];
  384. unsigned int rpin = 0;
  385. wpas_clear_wps(wpa_s);
  386. ssid = wpas_wps_add_network(wpa_s, 0, bssid);
  387. if (ssid == NULL)
  388. return -1;
  389. if (pin)
  390. os_snprintf(val, sizeof(val), "\"pin=%s\"", pin);
  391. else {
  392. rpin = wps_generate_pin();
  393. os_snprintf(val, sizeof(val), "\"pin=%08d\"", rpin);
  394. }
  395. wpa_config_set(ssid, "phase1", val, 0);
  396. eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout,
  397. wpa_s, NULL);
  398. wpas_wps_reassoc(wpa_s, ssid);
  399. return rpin;
  400. }
  401. int wpas_wps_start_reg(struct wpa_supplicant *wpa_s, const u8 *bssid,
  402. const char *pin)
  403. {
  404. struct wpa_ssid *ssid;
  405. char val[30];
  406. if (!pin)
  407. return -1;
  408. wpas_clear_wps(wpa_s);
  409. ssid = wpas_wps_add_network(wpa_s, 1, bssid);
  410. if (ssid == NULL)
  411. return -1;
  412. os_snprintf(val, sizeof(val), "\"pin=%s\"", pin);
  413. wpa_config_set(ssid, "phase1", val, 0);
  414. eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout,
  415. wpa_s, NULL);
  416. wpas_wps_reassoc(wpa_s, ssid);
  417. return 0;
  418. }
  419. static int wpas_wps_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *psk,
  420. size_t psk_len)
  421. {
  422. wpa_printf(MSG_DEBUG, "WPS: Received new WPA/WPA2-PSK from WPS for "
  423. "STA " MACSTR, MAC2STR(mac_addr));
  424. wpa_hexdump_key(MSG_DEBUG, "Per-device PSK", psk, psk_len);
  425. /* TODO */
  426. return 0;
  427. }
  428. static void wpas_wps_pin_needed_cb(void *ctx, const u8 *uuid_e,
  429. const struct wps_device_data *dev)
  430. {
  431. char uuid[40], txt[400];
  432. int len;
  433. if (uuid_bin2str(uuid_e, uuid, sizeof(uuid)))
  434. return;
  435. wpa_printf(MSG_DEBUG, "WPS: PIN needed for UUID-E %s", uuid);
  436. len = os_snprintf(txt, sizeof(txt), "WPS-EVENT-PIN-NEEDED %s " MACSTR
  437. " [%s|%s|%s|%s|%s|%d-%08X-%d]",
  438. uuid, MAC2STR(dev->mac_addr), dev->device_name,
  439. dev->manufacturer, dev->model_name,
  440. dev->model_number, dev->serial_number,
  441. dev->categ, dev->oui, dev->sub_categ);
  442. if (len > 0 && len < (int) sizeof(txt))
  443. wpa_printf(MSG_INFO, "%s", txt);
  444. }
  445. int wpas_wps_init(struct wpa_supplicant *wpa_s)
  446. {
  447. struct wps_context *wps;
  448. struct wps_registrar_config rcfg;
  449. wps = os_zalloc(sizeof(*wps));
  450. if (wps == NULL)
  451. return -1;
  452. wps->cred_cb = wpa_supplicant_wps_cred;
  453. wps->event_cb = wpa_supplicant_wps_event;
  454. wps->cb_ctx = wpa_s;
  455. wps->dev.device_name = wpa_s->conf->device_name;
  456. wps->dev.manufacturer = wpa_s->conf->manufacturer;
  457. wps->dev.model_name = wpa_s->conf->model_name;
  458. wps->dev.model_number = wpa_s->conf->model_number;
  459. wps->dev.serial_number = wpa_s->conf->serial_number;
  460. if (wpa_s->conf->device_type) {
  461. char *pos;
  462. u8 oui[4];
  463. /* <categ>-<OUI>-<subcateg> */
  464. wps->dev.categ = atoi(wpa_s->conf->device_type);
  465. pos = os_strchr(wpa_s->conf->device_type, '-');
  466. if (pos == NULL) {
  467. wpa_printf(MSG_ERROR, "WPS: Invalid device_type");
  468. os_free(wps);
  469. return -1;
  470. }
  471. pos++;
  472. if (hexstr2bin(pos, oui, 4)) {
  473. wpa_printf(MSG_ERROR, "WPS: Invalid device_type OUI");
  474. os_free(wps);
  475. return -1;
  476. }
  477. wps->dev.oui = WPA_GET_BE32(oui);
  478. pos = os_strchr(pos, '-');
  479. if (pos == NULL) {
  480. wpa_printf(MSG_ERROR, "WPS: Invalid device_type");
  481. os_free(wps);
  482. return -1;
  483. }
  484. pos++;
  485. wps->dev.sub_categ = atoi(pos);
  486. }
  487. wps->dev.os_version = WPA_GET_BE32(wpa_s->conf->os_version);
  488. wps->dev.rf_bands = WPS_RF_24GHZ | WPS_RF_50GHZ; /* TODO: config */
  489. os_memcpy(wps->dev.mac_addr, wpa_s->own_addr, ETH_ALEN);
  490. if (is_nil_uuid(wpa_s->conf->uuid)) {
  491. uuid_gen_mac_addr(wpa_s->own_addr, wps->uuid);
  492. wpa_hexdump(MSG_DEBUG, "WPS: UUID based on MAC address",
  493. wps->uuid, WPS_UUID_LEN);
  494. } else
  495. os_memcpy(wps->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
  496. wps->auth_types = WPS_AUTH_WPA2PSK | WPS_AUTH_WPAPSK;
  497. wps->encr_types = WPS_ENCR_AES | WPS_ENCR_TKIP;
  498. os_memset(&rcfg, 0, sizeof(rcfg));
  499. rcfg.new_psk_cb = wpas_wps_new_psk_cb;
  500. rcfg.pin_needed_cb = wpas_wps_pin_needed_cb;
  501. rcfg.cb_ctx = wpa_s;
  502. wps->registrar = wps_registrar_init(wps, &rcfg);
  503. if (wps->registrar == NULL) {
  504. wpa_printf(MSG_DEBUG, "Failed to initialize WPS Registrar");
  505. os_free(wps);
  506. return -1;
  507. }
  508. wpa_s->wps = wps;
  509. return 0;
  510. }
  511. void wpas_wps_deinit(struct wpa_supplicant *wpa_s)
  512. {
  513. eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL);
  514. if (wpa_s->wps == NULL)
  515. return;
  516. wps_registrar_deinit(wpa_s->wps->registrar);
  517. os_free(wpa_s->wps->network_key);
  518. os_free(wpa_s->wps);
  519. wpa_s->wps = NULL;
  520. }
  521. int wpas_wps_ssid_bss_match(struct wpa_supplicant *wpa_s,
  522. struct wpa_ssid *ssid, struct wpa_scan_res *bss)
  523. {
  524. struct wpabuf *wps_ie;
  525. if (!(ssid->key_mgmt & WPA_KEY_MGMT_WPS))
  526. return -1;
  527. wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
  528. if (eap_is_wps_pbc_enrollee(&ssid->eap)) {
  529. if (!wps_ie) {
  530. wpa_printf(MSG_DEBUG, " skip - non-WPS AP");
  531. return 0;
  532. }
  533. if (!wps_is_selected_pbc_registrar(wps_ie)) {
  534. wpa_printf(MSG_DEBUG, " skip - WPS AP "
  535. "without active PBC Registrar");
  536. wpabuf_free(wps_ie);
  537. return 0;
  538. }
  539. /* TODO: overlap detection */
  540. wpa_printf(MSG_DEBUG, " selected based on WPS IE "
  541. "(Active PBC)");
  542. wpabuf_free(wps_ie);
  543. return 1;
  544. }
  545. if (eap_is_wps_pin_enrollee(&ssid->eap)) {
  546. if (!wps_ie) {
  547. wpa_printf(MSG_DEBUG, " skip - non-WPS AP");
  548. return 0;
  549. }
  550. /*
  551. * Start with WPS APs that advertise active PIN Registrar and
  552. * allow any WPS AP after third scan since some APs do not set
  553. * Selected Registrar attribute properly when using external
  554. * Registrar.
  555. */
  556. if (!wps_is_selected_pin_registrar(wps_ie)) {
  557. if (wpa_s->scan_runs < WPS_PIN_SCAN_IGNORE_SEL_REG) {
  558. wpa_printf(MSG_DEBUG, " skip - WPS AP "
  559. "without active PIN Registrar");
  560. wpabuf_free(wps_ie);
  561. return 0;
  562. }
  563. wpa_printf(MSG_DEBUG, " selected based on WPS IE");
  564. } else {
  565. wpa_printf(MSG_DEBUG, " selected based on WPS IE "
  566. "(Active PIN)");
  567. }
  568. wpabuf_free(wps_ie);
  569. return 1;
  570. }
  571. if (wps_ie) {
  572. wpa_printf(MSG_DEBUG, " selected based on WPS IE");
  573. wpabuf_free(wps_ie);
  574. return 1;
  575. }
  576. return -1;
  577. }
  578. int wpas_wps_ssid_wildcard_ok(struct wpa_supplicant *wpa_s,
  579. struct wpa_ssid *ssid,
  580. struct wpa_scan_res *bss)
  581. {
  582. struct wpabuf *wps_ie = NULL;
  583. int ret = 0;
  584. if (eap_is_wps_pbc_enrollee(&ssid->eap)) {
  585. wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
  586. if (wps_ie && wps_is_selected_pbc_registrar(wps_ie)) {
  587. /* allow wildcard SSID for WPS PBC */
  588. ret = 1;
  589. }
  590. } else if (eap_is_wps_pin_enrollee(&ssid->eap)) {
  591. wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
  592. if (wps_ie &&
  593. (wps_is_selected_pin_registrar(wps_ie) ||
  594. wpa_s->scan_runs >= WPS_PIN_SCAN_IGNORE_SEL_REG)) {
  595. /* allow wildcard SSID for WPS PIN */
  596. ret = 1;
  597. }
  598. }
  599. if (!ret && ssid->bssid_set &&
  600. os_memcmp(ssid->bssid, bss->bssid, ETH_ALEN) == 0) {
  601. /* allow wildcard SSID due to hardcoded BSSID match */
  602. ret = 1;
  603. }
  604. wpabuf_free(wps_ie);
  605. return ret;
  606. }
  607. int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s,
  608. struct wpa_scan_res *selected,
  609. struct wpa_ssid *ssid)
  610. {
  611. const u8 *sel_uuid, *uuid;
  612. size_t i;
  613. struct wpabuf *wps_ie;
  614. int ret = 0;
  615. if (!eap_is_wps_pbc_enrollee(&ssid->eap))
  616. return 0;
  617. /* Make sure that only one AP is in active PBC mode */
  618. wps_ie = wpa_scan_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE);
  619. if (wps_ie)
  620. sel_uuid = wps_get_uuid_e(wps_ie);
  621. else
  622. sel_uuid = NULL;
  623. for (i = 0; i < wpa_s->scan_res->num; i++) {
  624. struct wpa_scan_res *bss = wpa_s->scan_res->res[i];
  625. struct wpabuf *ie;
  626. if (bss == selected)
  627. continue;
  628. ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
  629. if (!ie)
  630. continue;
  631. if (!wps_is_selected_pbc_registrar(ie)) {
  632. wpabuf_free(ie);
  633. continue;
  634. }
  635. uuid = wps_get_uuid_e(ie);
  636. if (sel_uuid == NULL || uuid == NULL ||
  637. os_memcmp(sel_uuid, uuid, 16) != 0) {
  638. ret = 1; /* PBC overlap */
  639. wpabuf_free(ie);
  640. break;
  641. }
  642. /* TODO: verify that this is reasonable dual-band situation */
  643. wpabuf_free(ie);
  644. }
  645. wpabuf_free(wps_ie);
  646. return ret;
  647. }
  648. void wpas_wps_notify_scan_results(struct wpa_supplicant *wpa_s)
  649. {
  650. size_t i;
  651. if (wpa_s->disconnected || wpa_s->wpa_state >= WPA_ASSOCIATED)
  652. return;
  653. for (i = 0; i < wpa_s->scan_res->num; i++) {
  654. struct wpa_scan_res *bss = wpa_s->scan_res->res[i];
  655. struct wpabuf *ie;
  656. ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
  657. if (!ie)
  658. continue;
  659. if (wps_is_selected_pbc_registrar(ie))
  660. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PBC);
  661. else if (wps_is_selected_pin_registrar(ie))
  662. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PIN);
  663. else
  664. wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE);
  665. wpabuf_free(ie);
  666. break;
  667. }
  668. }
  669. int wpas_wps_searching(struct wpa_supplicant *wpa_s)
  670. {
  671. struct wpa_ssid *ssid;
  672. for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
  673. if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && !ssid->disabled)
  674. return 1;
  675. }
  676. return 0;
  677. }