ap.c 27 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061
  1. /*
  2. * WPA Supplicant - Basic AP mode support routines
  3. * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
  4. * Copyright (c) 2009, Atheros Communications
  5. *
  6. * This software may be distributed under the terms of the BSD license.
  7. * See README for more details.
  8. */
  9. #include "utils/includes.h"
  10. #include "utils/common.h"
  11. #include "utils/eloop.h"
  12. #include "utils/uuid.h"
  13. #include "common/ieee802_11_defs.h"
  14. #include "common/wpa_ctrl.h"
  15. #include "ap/hostapd.h"
  16. #include "ap/ap_config.h"
  17. #include "ap/ap_drv_ops.h"
  18. #ifdef NEED_AP_MLME
  19. #include "ap/ieee802_11.h"
  20. #endif /* NEED_AP_MLME */
  21. #include "ap/beacon.h"
  22. #include "ap/ieee802_1x.h"
  23. #include "ap/wps_hostapd.h"
  24. #include "ap/ctrl_iface_ap.h"
  25. #include "wps/wps.h"
  26. #include "common/ieee802_11_defs.h"
  27. #include "config_ssid.h"
  28. #include "config.h"
  29. #include "wpa_supplicant_i.h"
  30. #include "driver_i.h"
  31. #include "p2p_supplicant.h"
  32. #include "ap.h"
  33. #include "ap/sta_info.h"
  34. #include "notify.h"
  35. #ifdef CONFIG_WPS
  36. static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
  37. #endif /* CONFIG_WPS */
  38. static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
  39. struct wpa_ssid *ssid,
  40. struct hostapd_config *conf)
  41. {
  42. struct hostapd_bss_config *bss = &conf->bss[0];
  43. conf->driver = wpa_s->driver;
  44. os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
  45. if (ssid->frequency == 0) {
  46. /* default channel 11 */
  47. conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
  48. conf->channel = 11;
  49. } else {
  50. conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
  51. &conf->channel);
  52. if (conf->hw_mode == NUM_HOSTAPD_MODES) {
  53. wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: "
  54. "%d MHz", ssid->frequency);
  55. return -1;
  56. }
  57. }
  58. /* TODO: enable HT40 if driver supports it;
  59. * drop to 11b if driver does not support 11g */
  60. #ifdef CONFIG_IEEE80211N
  61. /*
  62. * Enable HT20 if the driver supports it, by setting conf->ieee80211n
  63. * and a mask of allowed capabilities within conf->ht_capab.
  64. * Using default config settings for: conf->ht_op_mode_fixed,
  65. * conf->secondary_channel, conf->require_ht
  66. */
  67. if (wpa_s->hw.modes) {
  68. struct hostapd_hw_modes *mode = NULL;
  69. int i, no_ht = 0;
  70. for (i = 0; i < wpa_s->hw.num_modes; i++) {
  71. if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
  72. mode = &wpa_s->hw.modes[i];
  73. break;
  74. }
  75. }
  76. #ifdef CONFIG_HT_OVERRIDES
  77. if (ssid->disable_ht) {
  78. conf->ieee80211n = 0;
  79. conf->ht_capab = 0;
  80. no_ht = 1;
  81. }
  82. #endif /* CONFIG_HT_OVERRIDES */
  83. if (!no_ht && mode && mode->ht_capab) {
  84. conf->ieee80211n = 1;
  85. #ifdef CONFIG_P2P
  86. if (conf->hw_mode == HOSTAPD_MODE_IEEE80211A &&
  87. (mode->ht_capab &
  88. HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) &&
  89. ssid->ht40)
  90. conf->secondary_channel =
  91. wpas_p2p_get_ht40_mode(wpa_s, mode,
  92. conf->channel);
  93. if (conf->secondary_channel)
  94. conf->ht_capab |=
  95. HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  96. #endif /* CONFIG_P2P */
  97. /*
  98. * white-list capabilities that won't cause issues
  99. * to connecting stations, while leaving the current
  100. * capabilities intact (currently disabled SMPS).
  101. */
  102. conf->ht_capab |= mode->ht_capab &
  103. (HT_CAP_INFO_GREEN_FIELD |
  104. HT_CAP_INFO_SHORT_GI20MHZ |
  105. HT_CAP_INFO_SHORT_GI40MHZ |
  106. HT_CAP_INFO_RX_STBC_MASK |
  107. HT_CAP_INFO_MAX_AMSDU_SIZE);
  108. }
  109. }
  110. #endif /* CONFIG_IEEE80211N */
  111. #ifdef CONFIG_P2P
  112. if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
  113. /* Remove 802.11b rates from supported and basic rate sets */
  114. int *list = os_malloc(4 * sizeof(int));
  115. if (list) {
  116. list[0] = 60;
  117. list[1] = 120;
  118. list[2] = 240;
  119. list[3] = -1;
  120. }
  121. conf->basic_rates = list;
  122. list = os_malloc(9 * sizeof(int));
  123. if (list) {
  124. list[0] = 60;
  125. list[1] = 90;
  126. list[2] = 120;
  127. list[3] = 180;
  128. list[4] = 240;
  129. list[5] = 360;
  130. list[6] = 480;
  131. list[7] = 540;
  132. list[8] = -1;
  133. }
  134. conf->supported_rates = list;
  135. }
  136. bss->isolate = !wpa_s->conf->p2p_intra_bss;
  137. #endif /* CONFIG_P2P */
  138. if (ssid->ssid_len == 0) {
  139. wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
  140. return -1;
  141. }
  142. os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
  143. bss->ssid.ssid_len = ssid->ssid_len;
  144. bss->ssid.ssid_set = 1;
  145. bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
  146. if (ssid->auth_alg)
  147. bss->auth_algs = ssid->auth_alg;
  148. if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
  149. bss->wpa = ssid->proto;
  150. bss->wpa_key_mgmt = ssid->key_mgmt;
  151. bss->wpa_pairwise = ssid->pairwise_cipher;
  152. if (ssid->psk_set) {
  153. os_free(bss->ssid.wpa_psk);
  154. bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
  155. if (bss->ssid.wpa_psk == NULL)
  156. return -1;
  157. os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
  158. bss->ssid.wpa_psk->group = 1;
  159. } else if (ssid->passphrase) {
  160. bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
  161. } else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
  162. ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
  163. struct hostapd_wep_keys *wep = &bss->ssid.wep;
  164. int i;
  165. for (i = 0; i < NUM_WEP_KEYS; i++) {
  166. if (ssid->wep_key_len[i] == 0)
  167. continue;
  168. wep->key[i] = os_malloc(ssid->wep_key_len[i]);
  169. if (wep->key[i] == NULL)
  170. return -1;
  171. os_memcpy(wep->key[i], ssid->wep_key[i],
  172. ssid->wep_key_len[i]);
  173. wep->len[i] = ssid->wep_key_len[i];
  174. }
  175. wep->idx = ssid->wep_tx_keyidx;
  176. wep->keys_set = 1;
  177. }
  178. if (ssid->ap_max_inactivity)
  179. bss->ap_max_inactivity = ssid->ap_max_inactivity;
  180. if (ssid->dtim_period)
  181. bss->dtim_period = ssid->dtim_period;
  182. else if (wpa_s->conf->dtim_period)
  183. bss->dtim_period = wpa_s->conf->dtim_period;
  184. if (ssid->beacon_int)
  185. conf->beacon_int = ssid->beacon_int;
  186. else if (wpa_s->conf->beacon_int)
  187. conf->beacon_int = wpa_s->conf->beacon_int;
  188. if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
  189. bss->rsn_pairwise = bss->wpa_pairwise;
  190. bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
  191. bss->rsn_pairwise);
  192. if (bss->wpa && bss->ieee802_1x)
  193. bss->ssid.security_policy = SECURITY_WPA;
  194. else if (bss->wpa)
  195. bss->ssid.security_policy = SECURITY_WPA_PSK;
  196. else if (bss->ieee802_1x) {
  197. int cipher = WPA_CIPHER_NONE;
  198. bss->ssid.security_policy = SECURITY_IEEE_802_1X;
  199. bss->ssid.wep.default_len = bss->default_wep_key_len;
  200. if (bss->default_wep_key_len)
  201. cipher = bss->default_wep_key_len >= 13 ?
  202. WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
  203. bss->wpa_group = cipher;
  204. bss->wpa_pairwise = cipher;
  205. bss->rsn_pairwise = cipher;
  206. } else if (bss->ssid.wep.keys_set) {
  207. int cipher = WPA_CIPHER_WEP40;
  208. if (bss->ssid.wep.len[0] >= 13)
  209. cipher = WPA_CIPHER_WEP104;
  210. bss->ssid.security_policy = SECURITY_STATIC_WEP;
  211. bss->wpa_group = cipher;
  212. bss->wpa_pairwise = cipher;
  213. bss->rsn_pairwise = cipher;
  214. } else {
  215. bss->ssid.security_policy = SECURITY_PLAINTEXT;
  216. bss->wpa_group = WPA_CIPHER_NONE;
  217. bss->wpa_pairwise = WPA_CIPHER_NONE;
  218. bss->rsn_pairwise = WPA_CIPHER_NONE;
  219. }
  220. if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
  221. (bss->wpa_group == WPA_CIPHER_CCMP ||
  222. bss->wpa_group == WPA_CIPHER_GCMP)) {
  223. /*
  224. * Strong ciphers do not need frequent rekeying, so increase
  225. * the default GTK rekeying period to 24 hours.
  226. */
  227. bss->wpa_group_rekey = 86400;
  228. }
  229. #ifdef CONFIG_WPS
  230. /*
  231. * Enable WPS by default for open and WPA/WPA2-Personal network, but
  232. * require user interaction to actually use it. Only the internal
  233. * Registrar is supported.
  234. */
  235. if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
  236. bss->ssid.security_policy != SECURITY_PLAINTEXT)
  237. goto no_wps;
  238. #ifdef CONFIG_WPS2
  239. if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
  240. (!(bss->rsn_pairwise & WPA_CIPHER_CCMP) || !(bss->wpa & 2)))
  241. goto no_wps; /* WPS2 does not allow WPA/TKIP-only
  242. * configuration */
  243. #endif /* CONFIG_WPS2 */
  244. bss->eap_server = 1;
  245. if (!ssid->ignore_broadcast_ssid)
  246. bss->wps_state = 2;
  247. bss->ap_setup_locked = 2;
  248. if (wpa_s->conf->config_methods)
  249. bss->config_methods = os_strdup(wpa_s->conf->config_methods);
  250. os_memcpy(bss->device_type, wpa_s->conf->device_type,
  251. WPS_DEV_TYPE_LEN);
  252. if (wpa_s->conf->device_name) {
  253. bss->device_name = os_strdup(wpa_s->conf->device_name);
  254. bss->friendly_name = os_strdup(wpa_s->conf->device_name);
  255. }
  256. if (wpa_s->conf->manufacturer)
  257. bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
  258. if (wpa_s->conf->model_name)
  259. bss->model_name = os_strdup(wpa_s->conf->model_name);
  260. if (wpa_s->conf->model_number)
  261. bss->model_number = os_strdup(wpa_s->conf->model_number);
  262. if (wpa_s->conf->serial_number)
  263. bss->serial_number = os_strdup(wpa_s->conf->serial_number);
  264. if (is_nil_uuid(wpa_s->conf->uuid))
  265. os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
  266. else
  267. os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
  268. os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
  269. bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
  270. no_wps:
  271. #endif /* CONFIG_WPS */
  272. if (wpa_s->max_stations &&
  273. wpa_s->max_stations < wpa_s->conf->max_num_sta)
  274. bss->max_num_sta = wpa_s->max_stations;
  275. else
  276. bss->max_num_sta = wpa_s->conf->max_num_sta;
  277. bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
  278. if (wpa_s->conf->ap_vendor_elements) {
  279. bss->vendor_elements =
  280. wpabuf_dup(wpa_s->conf->ap_vendor_elements);
  281. }
  282. return 0;
  283. }
  284. static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
  285. {
  286. #ifdef CONFIG_P2P
  287. struct wpa_supplicant *wpa_s = ctx;
  288. const struct ieee80211_mgmt *mgmt;
  289. size_t hdr_len;
  290. mgmt = (const struct ieee80211_mgmt *) buf;
  291. hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
  292. if (hdr_len > len)
  293. return;
  294. wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
  295. mgmt->u.action.category,
  296. &mgmt->u.action.u.vs_public_action.action,
  297. len - hdr_len, freq);
  298. #endif /* CONFIG_P2P */
  299. }
  300. static void ap_wps_event_cb(void *ctx, enum wps_event event,
  301. union wps_event_data *data)
  302. {
  303. #ifdef CONFIG_P2P
  304. struct wpa_supplicant *wpa_s = ctx;
  305. if (event == WPS_EV_FAIL) {
  306. struct wps_event_fail *fail = &data->fail;
  307. if (wpa_s->parent && wpa_s->parent != wpa_s &&
  308. wpa_s == wpa_s->global->p2p_group_formation) {
  309. /*
  310. * src/ap/wps_hostapd.c has already sent this on the
  311. * main interface, so only send on the parent interface
  312. * here if needed.
  313. */
  314. wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
  315. "msg=%d config_error=%d",
  316. fail->msg, fail->config_error);
  317. }
  318. wpas_p2p_wps_failed(wpa_s, fail);
  319. }
  320. #endif /* CONFIG_P2P */
  321. }
  322. static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
  323. int authorized, const u8 *p2p_dev_addr)
  324. {
  325. wpas_notify_sta_authorized(ctx, mac_addr, authorized, p2p_dev_addr);
  326. }
  327. static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
  328. {
  329. #ifdef CONFIG_P2P
  330. struct wpa_supplicant *wpa_s = ctx;
  331. const struct ieee80211_mgmt *mgmt;
  332. size_t hdr_len;
  333. mgmt = (const struct ieee80211_mgmt *) buf;
  334. hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
  335. if (hdr_len > len)
  336. return -1;
  337. wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
  338. mgmt->u.action.category,
  339. &mgmt->u.action.u.vs_public_action.action,
  340. len - hdr_len, freq);
  341. #endif /* CONFIG_P2P */
  342. return 0;
  343. }
  344. static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
  345. const u8 *bssid, const u8 *ie, size_t ie_len,
  346. int ssi_signal)
  347. {
  348. #ifdef CONFIG_P2P
  349. struct wpa_supplicant *wpa_s = ctx;
  350. return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len,
  351. ssi_signal);
  352. #else /* CONFIG_P2P */
  353. return 0;
  354. #endif /* CONFIG_P2P */
  355. }
  356. static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
  357. const u8 *uuid_e)
  358. {
  359. #ifdef CONFIG_P2P
  360. struct wpa_supplicant *wpa_s = ctx;
  361. wpas_p2p_wps_success(wpa_s, mac_addr, 1);
  362. #endif /* CONFIG_P2P */
  363. }
  364. static void wpas_ap_configured_cb(void *ctx)
  365. {
  366. struct wpa_supplicant *wpa_s = ctx;
  367. wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
  368. if (wpa_s->ap_configured_cb)
  369. wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
  370. wpa_s->ap_configured_cb_data);
  371. }
  372. int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
  373. struct wpa_ssid *ssid)
  374. {
  375. struct wpa_driver_associate_params params;
  376. struct hostapd_iface *hapd_iface;
  377. struct hostapd_config *conf;
  378. size_t i;
  379. if (ssid->ssid == NULL || ssid->ssid_len == 0) {
  380. wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
  381. return -1;
  382. }
  383. wpa_supplicant_ap_deinit(wpa_s);
  384. wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
  385. wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
  386. os_memset(&params, 0, sizeof(params));
  387. params.ssid = ssid->ssid;
  388. params.ssid_len = ssid->ssid_len;
  389. switch (ssid->mode) {
  390. case WPAS_MODE_INFRA:
  391. params.mode = IEEE80211_MODE_INFRA;
  392. break;
  393. case WPAS_MODE_IBSS:
  394. params.mode = IEEE80211_MODE_IBSS;
  395. break;
  396. case WPAS_MODE_AP:
  397. case WPAS_MODE_P2P_GO:
  398. case WPAS_MODE_P2P_GROUP_FORMATION:
  399. params.mode = IEEE80211_MODE_AP;
  400. break;
  401. }
  402. params.freq = ssid->frequency;
  403. params.wpa_proto = ssid->proto;
  404. if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
  405. wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
  406. else
  407. wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
  408. params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
  409. wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(ssid->pairwise_cipher,
  410. 1);
  411. if (wpa_s->pairwise_cipher < 0) {
  412. wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
  413. "cipher.");
  414. return -1;
  415. }
  416. params.pairwise_suite =
  417. wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
  418. params.group_suite = params.pairwise_suite;
  419. #ifdef CONFIG_P2P
  420. if (ssid->mode == WPAS_MODE_P2P_GO ||
  421. ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
  422. params.p2p = 1;
  423. #endif /* CONFIG_P2P */
  424. if (wpa_s->parent->set_ap_uapsd)
  425. params.uapsd = wpa_s->parent->ap_uapsd;
  426. else
  427. params.uapsd = -1;
  428. if (wpa_drv_associate(wpa_s, &params) < 0) {
  429. wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
  430. return -1;
  431. }
  432. wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
  433. if (hapd_iface == NULL)
  434. return -1;
  435. hapd_iface->owner = wpa_s;
  436. hapd_iface->drv_flags = wpa_s->drv_flags;
  437. hapd_iface->probe_resp_offloads = wpa_s->probe_resp_offloads;
  438. hapd_iface->extended_capa = wpa_s->extended_capa;
  439. hapd_iface->extended_capa_mask = wpa_s->extended_capa_mask;
  440. hapd_iface->extended_capa_len = wpa_s->extended_capa_len;
  441. wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
  442. if (conf == NULL) {
  443. wpa_supplicant_ap_deinit(wpa_s);
  444. return -1;
  445. }
  446. os_memcpy(wpa_s->ap_iface->conf->wmm_ac_params,
  447. wpa_s->conf->wmm_ac_params,
  448. sizeof(wpa_s->conf->wmm_ac_params));
  449. if (params.uapsd > 0) {
  450. conf->bss->wmm_enabled = 1;
  451. conf->bss->wmm_uapsd = 1;
  452. }
  453. if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
  454. wpa_printf(MSG_ERROR, "Failed to create AP configuration");
  455. wpa_supplicant_ap_deinit(wpa_s);
  456. return -1;
  457. }
  458. #ifdef CONFIG_P2P
  459. if (ssid->mode == WPAS_MODE_P2P_GO)
  460. conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER;
  461. else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
  462. conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER |
  463. P2P_GROUP_FORMATION;
  464. #endif /* CONFIG_P2P */
  465. hapd_iface->num_bss = conf->num_bss;
  466. hapd_iface->bss = os_calloc(conf->num_bss,
  467. sizeof(struct hostapd_data *));
  468. if (hapd_iface->bss == NULL) {
  469. wpa_supplicant_ap_deinit(wpa_s);
  470. return -1;
  471. }
  472. for (i = 0; i < conf->num_bss; i++) {
  473. hapd_iface->bss[i] =
  474. hostapd_alloc_bss_data(hapd_iface, conf,
  475. &conf->bss[i]);
  476. if (hapd_iface->bss[i] == NULL) {
  477. wpa_supplicant_ap_deinit(wpa_s);
  478. return -1;
  479. }
  480. hapd_iface->bss[i]->msg_ctx = wpa_s;
  481. hapd_iface->bss[i]->msg_ctx_parent = wpa_s->parent;
  482. hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
  483. hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
  484. hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
  485. hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
  486. hostapd_register_probereq_cb(hapd_iface->bss[i],
  487. ap_probe_req_rx, wpa_s);
  488. hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
  489. hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
  490. hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
  491. hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
  492. hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
  493. hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
  494. #ifdef CONFIG_P2P
  495. hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
  496. hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(wpa_s,
  497. ssid);
  498. #endif /* CONFIG_P2P */
  499. hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
  500. hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
  501. }
  502. os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
  503. hapd_iface->bss[0]->driver = wpa_s->driver;
  504. hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
  505. wpa_s->current_ssid = ssid;
  506. os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
  507. wpa_s->assoc_freq = ssid->frequency;
  508. if (hostapd_setup_interface(wpa_s->ap_iface)) {
  509. wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
  510. wpa_supplicant_ap_deinit(wpa_s);
  511. return -1;
  512. }
  513. return 0;
  514. }
  515. void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
  516. {
  517. #ifdef CONFIG_WPS
  518. eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
  519. #endif /* CONFIG_WPS */
  520. if (wpa_s->ap_iface == NULL)
  521. return;
  522. wpa_s->current_ssid = NULL;
  523. wpa_s->assoc_freq = 0;
  524. #ifdef CONFIG_P2P
  525. if (wpa_s->ap_iface->bss)
  526. wpa_s->ap_iface->bss[0]->p2p_group = NULL;
  527. wpas_p2p_group_deinit(wpa_s);
  528. #endif /* CONFIG_P2P */
  529. hostapd_interface_deinit(wpa_s->ap_iface);
  530. hostapd_interface_free(wpa_s->ap_iface);
  531. wpa_s->ap_iface = NULL;
  532. wpa_drv_deinit_ap(wpa_s);
  533. }
  534. void ap_tx_status(void *ctx, const u8 *addr,
  535. const u8 *buf, size_t len, int ack)
  536. {
  537. #ifdef NEED_AP_MLME
  538. struct wpa_supplicant *wpa_s = ctx;
  539. hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
  540. #endif /* NEED_AP_MLME */
  541. }
  542. void ap_eapol_tx_status(void *ctx, const u8 *dst,
  543. const u8 *data, size_t len, int ack)
  544. {
  545. #ifdef NEED_AP_MLME
  546. struct wpa_supplicant *wpa_s = ctx;
  547. hostapd_tx_status(wpa_s->ap_iface->bss[0], dst, data, len, ack);
  548. #endif /* NEED_AP_MLME */
  549. }
  550. void ap_client_poll_ok(void *ctx, const u8 *addr)
  551. {
  552. #ifdef NEED_AP_MLME
  553. struct wpa_supplicant *wpa_s = ctx;
  554. if (wpa_s->ap_iface)
  555. hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
  556. #endif /* NEED_AP_MLME */
  557. }
  558. void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
  559. {
  560. #ifdef NEED_AP_MLME
  561. struct wpa_supplicant *wpa_s = ctx;
  562. ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
  563. #endif /* NEED_AP_MLME */
  564. }
  565. void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
  566. {
  567. #ifdef NEED_AP_MLME
  568. struct wpa_supplicant *wpa_s = ctx;
  569. struct hostapd_frame_info fi;
  570. os_memset(&fi, 0, sizeof(fi));
  571. fi.datarate = rx_mgmt->datarate;
  572. fi.ssi_signal = rx_mgmt->ssi_signal;
  573. ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
  574. rx_mgmt->frame_len, &fi);
  575. #endif /* NEED_AP_MLME */
  576. }
  577. void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
  578. {
  579. #ifdef NEED_AP_MLME
  580. struct wpa_supplicant *wpa_s = ctx;
  581. ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
  582. #endif /* NEED_AP_MLME */
  583. }
  584. void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
  585. const u8 *src_addr, const u8 *buf, size_t len)
  586. {
  587. ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
  588. }
  589. #ifdef CONFIG_WPS
  590. int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
  591. const u8 *p2p_dev_addr)
  592. {
  593. if (!wpa_s->ap_iface)
  594. return -1;
  595. return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
  596. p2p_dev_addr);
  597. }
  598. int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
  599. {
  600. struct wps_registrar *reg;
  601. int reg_sel = 0, wps_sta = 0;
  602. if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
  603. return -1;
  604. reg = wpa_s->ap_iface->bss[0]->wps->registrar;
  605. reg_sel = wps_registrar_wps_cancel(reg);
  606. wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
  607. ap_sta_wps_cancel, NULL);
  608. if (!reg_sel && !wps_sta) {
  609. wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
  610. "time");
  611. return -1;
  612. }
  613. /*
  614. * There are 2 cases to return wps cancel as success:
  615. * 1. When wps cancel was initiated but no connection has been
  616. * established with client yet.
  617. * 2. Client is in the middle of exchanging WPS messages.
  618. */
  619. return 0;
  620. }
  621. int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
  622. const char *pin, char *buf, size_t buflen,
  623. int timeout)
  624. {
  625. int ret, ret_len = 0;
  626. if (!wpa_s->ap_iface)
  627. return -1;
  628. if (pin == NULL) {
  629. unsigned int rpin = wps_generate_pin();
  630. ret_len = os_snprintf(buf, buflen, "%08d", rpin);
  631. pin = buf;
  632. } else
  633. ret_len = os_snprintf(buf, buflen, "%s", pin);
  634. ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
  635. timeout);
  636. if (ret)
  637. return -1;
  638. return ret_len;
  639. }
  640. static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
  641. {
  642. struct wpa_supplicant *wpa_s = eloop_data;
  643. wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
  644. wpas_wps_ap_pin_disable(wpa_s);
  645. }
  646. static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
  647. {
  648. struct hostapd_data *hapd;
  649. if (wpa_s->ap_iface == NULL)
  650. return;
  651. hapd = wpa_s->ap_iface->bss[0];
  652. wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
  653. hapd->ap_pin_failures = 0;
  654. eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
  655. if (timeout > 0)
  656. eloop_register_timeout(timeout, 0,
  657. wpas_wps_ap_pin_timeout, wpa_s, NULL);
  658. }
  659. void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
  660. {
  661. struct hostapd_data *hapd;
  662. if (wpa_s->ap_iface == NULL)
  663. return;
  664. wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
  665. hapd = wpa_s->ap_iface->bss[0];
  666. os_free(hapd->conf->ap_pin);
  667. hapd->conf->ap_pin = NULL;
  668. eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
  669. }
  670. const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
  671. {
  672. struct hostapd_data *hapd;
  673. unsigned int pin;
  674. char pin_txt[9];
  675. if (wpa_s->ap_iface == NULL)
  676. return NULL;
  677. hapd = wpa_s->ap_iface->bss[0];
  678. pin = wps_generate_pin();
  679. os_snprintf(pin_txt, sizeof(pin_txt), "%08u", pin);
  680. os_free(hapd->conf->ap_pin);
  681. hapd->conf->ap_pin = os_strdup(pin_txt);
  682. if (hapd->conf->ap_pin == NULL)
  683. return NULL;
  684. wpas_wps_ap_pin_enable(wpa_s, timeout);
  685. return hapd->conf->ap_pin;
  686. }
  687. const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
  688. {
  689. struct hostapd_data *hapd;
  690. if (wpa_s->ap_iface == NULL)
  691. return NULL;
  692. hapd = wpa_s->ap_iface->bss[0];
  693. return hapd->conf->ap_pin;
  694. }
  695. int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
  696. int timeout)
  697. {
  698. struct hostapd_data *hapd;
  699. char pin_txt[9];
  700. int ret;
  701. if (wpa_s->ap_iface == NULL)
  702. return -1;
  703. hapd = wpa_s->ap_iface->bss[0];
  704. ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
  705. if (ret < 0 || ret >= (int) sizeof(pin_txt))
  706. return -1;
  707. os_free(hapd->conf->ap_pin);
  708. hapd->conf->ap_pin = os_strdup(pin_txt);
  709. if (hapd->conf->ap_pin == NULL)
  710. return -1;
  711. wpas_wps_ap_pin_enable(wpa_s, timeout);
  712. return 0;
  713. }
  714. void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
  715. {
  716. struct hostapd_data *hapd;
  717. if (wpa_s->ap_iface == NULL)
  718. return;
  719. hapd = wpa_s->ap_iface->bss[0];
  720. /*
  721. * Registrar failed to prove its knowledge of the AP PIN. Disable AP
  722. * PIN if this happens multiple times to slow down brute force attacks.
  723. */
  724. hapd->ap_pin_failures++;
  725. wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
  726. hapd->ap_pin_failures);
  727. if (hapd->ap_pin_failures < 3)
  728. return;
  729. wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
  730. hapd->ap_pin_failures = 0;
  731. os_free(hapd->conf->ap_pin);
  732. hapd->conf->ap_pin = NULL;
  733. }
  734. #ifdef CONFIG_WPS_NFC
  735. struct wpabuf * wpas_ap_wps_nfc_config_token(struct wpa_supplicant *wpa_s,
  736. int ndef)
  737. {
  738. struct hostapd_data *hapd;
  739. if (wpa_s->ap_iface == NULL)
  740. return NULL;
  741. hapd = wpa_s->ap_iface->bss[0];
  742. return hostapd_wps_nfc_config_token(hapd, ndef);
  743. }
  744. struct wpabuf * wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant *wpa_s,
  745. int ndef)
  746. {
  747. struct hostapd_data *hapd;
  748. if (wpa_s->ap_iface == NULL)
  749. return NULL;
  750. hapd = wpa_s->ap_iface->bss[0];
  751. return hostapd_wps_nfc_hs_cr(hapd, ndef);
  752. }
  753. #endif /* CONFIG_WPS_NFC */
  754. #endif /* CONFIG_WPS */
  755. #ifdef CONFIG_CTRL_IFACE
  756. int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
  757. char *buf, size_t buflen)
  758. {
  759. if (wpa_s->ap_iface == NULL)
  760. return -1;
  761. return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0],
  762. buf, buflen);
  763. }
  764. int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
  765. char *buf, size_t buflen)
  766. {
  767. if (wpa_s->ap_iface == NULL)
  768. return -1;
  769. return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr,
  770. buf, buflen);
  771. }
  772. int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
  773. char *buf, size_t buflen)
  774. {
  775. if (wpa_s->ap_iface == NULL)
  776. return -1;
  777. return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr,
  778. buf, buflen);
  779. }
  780. int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant *wpa_s,
  781. const char *txtaddr)
  782. {
  783. if (wpa_s->ap_iface == NULL)
  784. return -1;
  785. return hostapd_ctrl_iface_disassociate(wpa_s->ap_iface->bss[0],
  786. txtaddr);
  787. }
  788. int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant *wpa_s,
  789. const char *txtaddr)
  790. {
  791. if (wpa_s->ap_iface == NULL)
  792. return -1;
  793. return hostapd_ctrl_iface_deauthenticate(wpa_s->ap_iface->bss[0],
  794. txtaddr);
  795. }
  796. int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
  797. size_t buflen, int verbose)
  798. {
  799. char *pos = buf, *end = buf + buflen;
  800. int ret;
  801. struct hostapd_bss_config *conf;
  802. if (wpa_s->ap_iface == NULL)
  803. return -1;
  804. conf = wpa_s->ap_iface->bss[0]->conf;
  805. if (conf->wpa == 0)
  806. return 0;
  807. ret = os_snprintf(pos, end - pos,
  808. "pairwise_cipher=%s\n"
  809. "group_cipher=%s\n"
  810. "key_mgmt=%s\n",
  811. wpa_cipher_txt(conf->rsn_pairwise),
  812. wpa_cipher_txt(conf->wpa_group),
  813. wpa_key_mgmt_txt(conf->wpa_key_mgmt,
  814. conf->wpa));
  815. if (ret < 0 || ret >= end - pos)
  816. return pos - buf;
  817. pos += ret;
  818. return pos - buf;
  819. }
  820. #endif /* CONFIG_CTRL_IFACE */
  821. int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
  822. {
  823. struct hostapd_iface *iface = wpa_s->ap_iface;
  824. struct wpa_ssid *ssid = wpa_s->current_ssid;
  825. struct hostapd_data *hapd;
  826. if (ssid == NULL || wpa_s->ap_iface == NULL ||
  827. ssid->mode == WPAS_MODE_INFRA ||
  828. ssid->mode == WPAS_MODE_IBSS)
  829. return -1;
  830. #ifdef CONFIG_P2P
  831. if (ssid->mode == WPAS_MODE_P2P_GO)
  832. iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER;
  833. else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
  834. iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER |
  835. P2P_GROUP_FORMATION;
  836. #endif /* CONFIG_P2P */
  837. hapd = iface->bss[0];
  838. if (hapd->drv_priv == NULL)
  839. return -1;
  840. ieee802_11_set_beacons(iface);
  841. hostapd_set_ap_wps_ie(hapd);
  842. return 0;
  843. }
  844. void wpas_ap_ch_switch(struct wpa_supplicant *wpa_s, int freq, int ht,
  845. int offset)
  846. {
  847. if (!wpa_s->ap_iface)
  848. return;
  849. wpa_s->assoc_freq = freq;
  850. hostapd_event_ch_switch(wpa_s->ap_iface->bss[0], freq, ht, offset);
  851. }
  852. int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
  853. const u8 *addr)
  854. {
  855. struct hostapd_data *hapd;
  856. struct hostapd_bss_config *conf;
  857. if (!wpa_s->ap_iface)
  858. return -1;
  859. if (addr)
  860. wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
  861. MAC2STR(addr));
  862. else
  863. wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
  864. hapd = wpa_s->ap_iface->bss[0];
  865. conf = hapd->conf;
  866. os_free(conf->accept_mac);
  867. conf->accept_mac = NULL;
  868. conf->num_accept_mac = 0;
  869. os_free(conf->deny_mac);
  870. conf->deny_mac = NULL;
  871. conf->num_deny_mac = 0;
  872. if (addr == NULL) {
  873. conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
  874. return 0;
  875. }
  876. conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
  877. conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
  878. if (conf->accept_mac == NULL)
  879. return -1;
  880. os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
  881. conf->num_accept_mac = 1;
  882. return 0;
  883. }