/* * hostapd / DPP integration * Copyright (c) 2017, Qualcomm Atheros, Inc. * * This software may be distributed under the terms of the BSD license. * See README for more details. */ #include "utils/includes.h" #include "utils/common.h" #include "utils/eloop.h" #include "common/dpp.h" #include "common/gas.h" #include "common/wpa_ctrl.h" #include "hostapd.h" #include "ap_drv_ops.h" #include "gas_query_ap.h" #include "dpp_hostapd.h" static void hostapd_dpp_auth_success(struct hostapd_data *hapd, int initiator); static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; static unsigned int hapd_dpp_next_id(struct hostapd_data *hapd) { struct dpp_bootstrap_info *bi; unsigned int max_id = 0; dl_list_for_each(bi, &hapd->dpp_bootstrap, struct dpp_bootstrap_info, list) { if (bi->id > max_id) max_id = bi->id; } return max_id + 1; } /** * hostapd_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code * @hapd: Pointer to hostapd_data * @cmd: DPP URI read from a QR Code * Returns: Identifier of the stored info or -1 on failure */ int hostapd_dpp_qr_code(struct hostapd_data *hapd, const char *cmd) { struct dpp_bootstrap_info *bi; struct dpp_authentication *auth = hapd->dpp_auth; bi = dpp_parse_qr_code(cmd); if (!bi) return -1; bi->id = hapd_dpp_next_id(hapd); dl_list_add(&hapd->dpp_bootstrap, &bi->list); if (auth && auth->response_pending && dpp_notify_new_qr_code(auth, bi) == 1) { struct wpabuf *msg; wpa_printf(MSG_DEBUG, "DPP: Sending out pending authentication response"); msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_RESP, wpabuf_len(auth->resp_attr)); if (!msg) goto out; wpabuf_put_buf(msg, hapd->dpp_auth->resp_attr); hostapd_drv_send_action(hapd, auth->curr_freq, 0, auth->peer_mac_addr, wpabuf_head(msg), wpabuf_len(msg)); wpabuf_free(msg); } out: return bi->id; } static char * get_param(const char *cmd, const char *param) { const char *pos, *end; char *val; size_t len; pos = os_strstr(cmd, param); if (!pos) return NULL; pos += os_strlen(param); end = os_strchr(pos, ' '); if (end) len = end - pos; else len = os_strlen(pos); val = os_malloc(len + 1); if (!val) return NULL; os_memcpy(val, pos, len); val[len] = '\0'; return val; } int hostapd_dpp_bootstrap_gen(struct hostapd_data *hapd, const char *cmd) { char *chan = NULL, *mac = NULL, *info = NULL, *pk = NULL, *curve = NULL; char *key = NULL; u8 *privkey = NULL; size_t privkey_len = 0; size_t len; int ret = -1; struct dpp_bootstrap_info *bi; bi = os_zalloc(sizeof(*bi)); if (!bi) goto fail; if (os_strstr(cmd, "type=qrcode")) bi->type = DPP_BOOTSTRAP_QR_CODE; else goto fail; chan = get_param(cmd, " chan="); mac = get_param(cmd, " mac="); info = get_param(cmd, " info="); curve = get_param(cmd, " curve="); key = get_param(cmd, " key="); if (key) { privkey_len = os_strlen(key) / 2; privkey = os_malloc(privkey_len); if (!privkey || hexstr2bin(key, privkey, privkey_len) < 0) goto fail; } pk = dpp_keygen(bi, curve, privkey, privkey_len); if (!pk) goto fail; len = 4; /* "DPP:" */ if (chan) { if (dpp_parse_uri_chan_list(bi, chan) < 0) goto fail; len += 3 + os_strlen(chan); /* C:...; */ } if (mac) { if (dpp_parse_uri_mac(bi, mac) < 0) goto fail; len += 3 + os_strlen(mac); /* M:...; */ } if (info) { if (dpp_parse_uri_info(bi, info) < 0) goto fail; len += 3 + os_strlen(info); /* I:...; */ } len += 4 + os_strlen(pk); bi->uri = os_malloc(len + 1); if (!bi->uri) goto fail; os_snprintf(bi->uri, len + 1, "DPP:%s%s%s%s%s%s%s%s%sK:%s;;", chan ? "C:" : "", chan ? chan : "", chan ? ";" : "", mac ? "M:" : "", mac ? mac : "", mac ? ";" : "", info ? "I:" : "", info ? info : "", info ? ";" : "", pk); bi->id = hapd_dpp_next_id(hapd); dl_list_add(&hapd->dpp_bootstrap, &bi->list); ret = bi->id; bi = NULL; fail: os_free(curve); os_free(pk); os_free(chan); os_free(mac); os_free(info); str_clear_free(key); bin_clear_free(privkey, privkey_len); dpp_bootstrap_info_free(bi); return ret; } static struct dpp_bootstrap_info * dpp_bootstrap_get_id(struct hostapd_data *hapd, unsigned int id) { struct dpp_bootstrap_info *bi; dl_list_for_each(bi, &hapd->dpp_bootstrap, struct dpp_bootstrap_info, list) { if (bi->id == id) return bi; } return NULL; } static int dpp_bootstrap_del(struct hostapd_data *hapd, unsigned int id) { struct dpp_bootstrap_info *bi, *tmp; int found = 0; dl_list_for_each_safe(bi, tmp, &hapd->dpp_bootstrap, struct dpp_bootstrap_info, list) { if (id && bi->id != id) continue; found = 1; dl_list_del(&bi->list); dpp_bootstrap_info_free(bi); } if (id == 0) return 0; /* flush succeeds regardless of entries found */ return found ? 0 : -1; } int hostapd_dpp_bootstrap_remove(struct hostapd_data *hapd, const char *id) { unsigned int id_val; if (os_strcmp(id, "*") == 0) { id_val = 0; } else { id_val = atoi(id); if (id_val == 0) return -1; } return dpp_bootstrap_del(hapd, id_val); } const char * hostapd_dpp_bootstrap_get_uri(struct hostapd_data *hapd, unsigned int id) { struct dpp_bootstrap_info *bi; bi = dpp_bootstrap_get_id(hapd, id); if (!bi) return NULL; return bi->uri; } void hostapd_dpp_tx_status(struct hostapd_data *hapd, const u8 *dst, const u8 *data, size_t data_len, int ok) { wpa_printf(MSG_DEBUG, "DPP: TX status: dst=" MACSTR " ok=%d", MAC2STR(dst), ok); if (!hapd->dpp_auth) { wpa_printf(MSG_DEBUG, "DPP: Ignore TX status since there is no ongoing authentication exchange"); return; } if (hapd->dpp_auth->remove_on_tx_status) { wpa_printf(MSG_DEBUG, "DPP: Terminate authentication exchange due to an earlier error"); dpp_auth_deinit(hapd->dpp_auth); hapd->dpp_auth = NULL; return; } if (hapd->dpp_auth_ok_on_ack) hostapd_dpp_auth_success(hapd, 1); } static void hostapd_dpp_set_testing_options(struct hostapd_data *hapd, struct dpp_authentication *auth) { #ifdef CONFIG_TESTING_OPTIONS if (hapd->dpp_config_obj_override) auth->config_obj_override = os_strdup(hapd->dpp_config_obj_override); if (hapd->dpp_discovery_override) auth->discovery_override = os_strdup(hapd->dpp_discovery_override); if (hapd->dpp_groups_override) auth->groups_override = os_strdup(hapd->dpp_groups_override); if (hapd->dpp_devices_override) auth->devices_override = os_strdup(hapd->dpp_devices_override); auth->ignore_netaccesskey_mismatch = hapd->dpp_ignore_netaccesskey_mismatch; #endif /* CONFIG_TESTING_OPTIONS */ } int hostapd_dpp_auth_init(struct hostapd_data *hapd, const char *cmd) { const char *pos; struct dpp_bootstrap_info *peer_bi, *own_bi = NULL; struct wpabuf *msg; const u8 *dst; int res; int configurator = 1; struct dpp_configuration *conf_sta = NULL, *conf_ap = NULL; pos = os_strstr(cmd, " peer="); if (!pos) return -1; pos += 6; peer_bi = dpp_bootstrap_get_id(hapd, atoi(pos)); if (!peer_bi) { wpa_printf(MSG_INFO, "DPP: Could not find bootstrapping info for the identified peer"); return -1; } pos = os_strstr(cmd, " own="); if (pos) { pos += 5; own_bi = dpp_bootstrap_get_id(hapd, atoi(pos)); if (!own_bi) { wpa_printf(MSG_INFO, "DPP: Could not find bootstrapping info for the identified local entry"); return -1; } if (peer_bi->curve != own_bi->curve) { wpa_printf(MSG_INFO, "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)", peer_bi->curve->name, own_bi->curve->name); return -1; } } pos = os_strstr(cmd, " role="); if (pos) { pos += 6; if (os_strncmp(pos, "configurator", 12) == 0) configurator = 1; else if (os_strncmp(pos, "enrollee", 8) == 0) configurator = 0; else goto fail; } if (os_strstr(cmd, " conf=sta-")) { conf_sta = os_zalloc(sizeof(struct dpp_configuration)); if (!conf_sta) goto fail; /* TODO: Configuration of network parameters from upper layers */ os_memcpy(conf_sta->ssid, "test", 4); conf_sta->ssid_len = 4; if (os_strstr(cmd, " conf=sta-psk")) { conf_sta->dpp = 0; conf_sta->passphrase = os_strdup("secret passphrase"); if (!conf_sta->passphrase) goto fail; } else if (os_strstr(cmd, " conf=sta-dpp")) { conf_sta->dpp = 1; } else { goto fail; } } if (os_strstr(cmd, " conf=ap-")) { conf_ap = os_zalloc(sizeof(struct dpp_configuration)); if (!conf_ap) goto fail; /* TODO: Configuration of network parameters from upper layers */ os_memcpy(conf_ap->ssid, "test", 4); conf_ap->ssid_len = 4; if (os_strstr(cmd, " conf=ap-psk")) { conf_ap->dpp = 0; conf_ap->passphrase = os_strdup("secret passphrase"); if (!conf_ap->passphrase) goto fail; } else if (os_strstr(cmd, " conf=ap-dpp")) { conf_ap->dpp = 1; } else { goto fail; } } pos = os_strstr(cmd, " expiry="); if (pos) { long int val; pos += 8; val = strtol(pos, NULL, 0); if (val <= 0) goto fail; if (conf_sta) conf_sta->netaccesskey_expiry = val; if (conf_ap) conf_ap->netaccesskey_expiry = val; } if (hapd->dpp_auth) dpp_auth_deinit(hapd->dpp_auth); hapd->dpp_auth = dpp_auth_init(hapd, peer_bi, own_bi, configurator); if (!hapd->dpp_auth) goto fail; hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); hapd->dpp_auth->conf_sta = conf_sta; hapd->dpp_auth->conf_ap = conf_ap; /* TODO: Support iteration over all frequencies and filtering of * frequencies based on locally enabled channels that allow initiation * of transmission. */ if (peer_bi->num_freq > 0) hapd->dpp_auth->curr_freq = peer_bi->freq[0]; else hapd->dpp_auth->curr_freq = 2412; msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_REQ, wpabuf_len(hapd->dpp_auth->req_attr)); if (!msg) return -1; wpabuf_put_buf(msg, hapd->dpp_auth->req_attr); if (is_zero_ether_addr(peer_bi->mac_addr)) { dst = broadcast; } else { dst = peer_bi->mac_addr; os_memcpy(hapd->dpp_auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN); } hapd->dpp_auth_ok_on_ack = 0; res = hostapd_drv_send_action(hapd, hapd->dpp_auth->curr_freq, 0, dst, wpabuf_head(msg), wpabuf_len(msg)); wpabuf_free(msg); return res; fail: dpp_configuration_free(conf_sta); dpp_configuration_free(conf_ap); return -1; } static void hostapd_dpp_rx_auth_req(struct hostapd_data *hapd, const u8 *src, const u8 *buf, size_t len, unsigned int freq) { const u8 *r_bootstrap, *i_bootstrap, *wrapped_data; u16 r_bootstrap_len, i_bootstrap_len, wrapped_data_len; struct dpp_bootstrap_info *bi, *own_bi = NULL, *peer_bi = NULL; struct wpabuf *msg; wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR, MAC2STR(src)); wrapped_data = dpp_get_attr(buf, len, DPP_ATTR_WRAPPED_DATA, &wrapped_data_len); if (!wrapped_data) { wpa_printf(MSG_DEBUG, "DPP: Missing required Wrapped data attribute"); return; } wpa_hexdump(MSG_MSGDUMP, "DPP: Wrapped data", wrapped_data, wrapped_data_len); r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH, &r_bootstrap_len); if (!r_bootstrap || r_bootstrap > wrapped_data || r_bootstrap_len != SHA256_MAC_LEN) { wpa_printf(MSG_DEBUG, "DPP: Missing or invalid required Responder Bootstrapping Key Hash attribute"); return; } wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash", r_bootstrap, r_bootstrap_len); i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH, &i_bootstrap_len); if (!i_bootstrap || i_bootstrap > wrapped_data || i_bootstrap_len != SHA256_MAC_LEN) { wpa_printf(MSG_DEBUG, "DPP: Missing or invalid required Initiator Bootstrapping Key Hash attribute"); return; } wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash", i_bootstrap, i_bootstrap_len); /* Try to find own and peer bootstrapping key matches based on the * received hash values */ dl_list_for_each(bi, &hapd->dpp_bootstrap, struct dpp_bootstrap_info, list) { if (!own_bi && bi->own && os_memcmp(bi->pubkey_hash, r_bootstrap, SHA256_MAC_LEN) == 0) { wpa_printf(MSG_DEBUG, "DPP: Found matching own bootstrapping information"); own_bi = bi; } if (!peer_bi && !bi->own && os_memcmp(bi->pubkey_hash, i_bootstrap, SHA256_MAC_LEN) == 0) { wpa_printf(MSG_DEBUG, "DPP: Found matching peer bootstrapping information"); peer_bi = bi; } if (own_bi && peer_bi) break; } if (!own_bi) { wpa_printf(MSG_DEBUG, "DPP: No matching own bootstrapping key found - ignore message"); return; } if (hapd->dpp_auth) { wpa_printf(MSG_DEBUG, "DPP: Already in DPP authentication exchange - ignore new one"); return; } hapd->dpp_auth_ok_on_ack = 0; hapd->dpp_auth = dpp_auth_req_rx(hapd->msg_ctx, hapd->dpp_allowed_roles, hapd->dpp_qr_mutual, peer_bi, own_bi, freq, buf, wrapped_data, wrapped_data_len); if (!hapd->dpp_auth) { wpa_printf(MSG_DEBUG, "DPP: No response generated"); return; } hostapd_dpp_set_testing_options(hapd, hapd->dpp_auth); os_memcpy(hapd->dpp_auth->peer_mac_addr, src, ETH_ALEN); msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_RESP, wpabuf_len(hapd->dpp_auth->resp_attr)); if (!msg) return; wpabuf_put_buf(msg, hapd->dpp_auth->resp_attr); hostapd_drv_send_action(hapd, hapd->dpp_auth->curr_freq, 0, src, wpabuf_head(msg), wpabuf_len(msg)); wpabuf_free(msg); } static void hostapd_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token, enum gas_query_ap_result result, const struct wpabuf *adv_proto, const struct wpabuf *resp, u16 status_code) { struct hostapd_data *hapd = ctx; const u8 *pos; struct dpp_authentication *auth = hapd->dpp_auth; if (!auth || !auth->auth_success) { wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress"); return; } if (!resp || status_code != WLAN_STATUS_SUCCESS) { wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed"); goto fail; } wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto", adv_proto); wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)", resp); if (wpabuf_len(adv_proto) != 10 || !(pos = wpabuf_head(adv_proto)) || pos[0] != WLAN_EID_ADV_PROTO || pos[1] != 8 || pos[3] != WLAN_EID_VENDOR_SPECIFIC || pos[4] != 5 || WPA_GET_BE24(&pos[5]) != OUI_WFA || pos[8] != 0x1a || pos[9] != 1) { wpa_printf(MSG_DEBUG, "DPP: Not a DPP Advertisement Protocol ID"); goto fail; } if (dpp_conf_resp_rx(auth, resp) < 0) { wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed"); goto fail; } wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_RECEIVED); if (auth->ssid_len) wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s", wpa_ssid_txt(auth->ssid, auth->ssid_len)); if (auth->connector) { /* TODO: Save the Connector and consider using a command * to fetch the value instead of sending an event with * it. The Connector could end up being larger than what * most clients are ready to receive as an event * message. */ wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONNECTOR "%s", auth->connector); } if (auth->c_sign_key) { char *hex; size_t hexlen; hexlen = 2 * wpabuf_len(auth->c_sign_key) + 1; hex = os_malloc(hexlen); if (hex) { wpa_snprintf_hex(hex, hexlen, wpabuf_head(auth->c_sign_key), wpabuf_len(auth->c_sign_key)); if (auth->c_sign_key_expiry) wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s %lu", hex, (unsigned long) auth->c_sign_key_expiry); else wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s", hex); os_free(hex); } } if (auth->net_access_key) { char *hex; size_t hexlen; hexlen = 2 * wpabuf_len(auth->net_access_key) + 1; hex = os_malloc(hexlen); if (hex) { wpa_snprintf_hex(hex, hexlen, wpabuf_head(auth->net_access_key), wpabuf_len(auth->net_access_key)); if (auth->net_access_key_expiry) wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex, (unsigned long) auth->net_access_key_expiry); else wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_NET_ACCESS_KEY "%s", hex); os_free(hex); } } dpp_auth_deinit(hapd->dpp_auth); hapd->dpp_auth = NULL; return; fail: wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_CONF_FAILED); dpp_auth_deinit(hapd->dpp_auth); hapd->dpp_auth = NULL; } static void hostapd_dpp_start_gas_client(struct hostapd_data *hapd) { struct dpp_authentication *auth = hapd->dpp_auth; struct wpabuf *buf, *conf_req; char json[100]; int res; int netrole_ap = 1; os_snprintf(json, sizeof(json), "{\"name\":\"Test\"," "\"wi-fi_tech\":\"infra\"," "\"netRole\":\"%s\"}", netrole_ap ? "ap" : "sta"); wpa_printf(MSG_DEBUG, "DPP: GAS Config Attributes: %s", json); conf_req = dpp_build_conf_req(auth, json); if (!conf_req) { wpa_printf(MSG_DEBUG, "DPP: No configuration request data available"); return; } buf = gas_build_initial_req(0, 10 + 2 + wpabuf_len(conf_req)); if (!buf) { wpabuf_free(conf_req); return; } /* Advertisement Protocol IE */ wpabuf_put_u8(buf, WLAN_EID_ADV_PROTO); wpabuf_put_u8(buf, 8); /* Length */ wpabuf_put_u8(buf, 0x7f); wpabuf_put_u8(buf, WLAN_EID_VENDOR_SPECIFIC); wpabuf_put_u8(buf, 5); wpabuf_put_be24(buf, OUI_WFA); wpabuf_put_u8(buf, DPP_OUI_TYPE); wpabuf_put_u8(buf, 0x01); /* GAS Query */ wpabuf_put_le16(buf, wpabuf_len(conf_req)); wpabuf_put_buf(buf, conf_req); wpabuf_free(conf_req); wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)", MAC2STR(auth->peer_mac_addr), auth->curr_freq); res = gas_query_ap_req(hapd->gas, auth->peer_mac_addr, auth->curr_freq, buf, hostapd_dpp_gas_resp_cb, hapd); if (res < 0) { wpa_msg(hapd->msg_ctx, MSG_DEBUG, "GAS: Failed to send Query Request"); wpabuf_free(buf); } else { wpa_printf(MSG_DEBUG, "DPP: GAS query started with dialog token %u", res); } } static void hostapd_dpp_auth_success(struct hostapd_data *hapd, int initiator) { wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded"); wpa_msg(hapd->msg_ctx, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator); if (!hapd->dpp_auth->configurator) hostapd_dpp_start_gas_client(hapd); } static void hostapd_dpp_rx_auth_resp(struct hostapd_data *hapd, const u8 *src, const u8 *buf, size_t len) { struct dpp_authentication *auth = hapd->dpp_auth; struct wpabuf *msg, *attr; wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR, MAC2STR(src)); if (!auth) { wpa_printf(MSG_DEBUG, "DPP: No DPP Authentication in progress - drop"); return; } if (!is_zero_ether_addr(auth->peer_mac_addr) && os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); return; } attr = dpp_auth_resp_rx(auth, buf, len); if (!attr) { if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) { wpa_printf(MSG_DEBUG, "DPP: Wait for full response"); return; } wpa_printf(MSG_DEBUG, "DPP: No confirm generated"); return; } os_memcpy(auth->peer_mac_addr, src, ETH_ALEN); msg = dpp_alloc_msg(DPP_PA_AUTHENTICATION_CONF, wpabuf_len(attr)); if (!msg) { wpabuf_free(attr); return; } wpabuf_put_buf(msg, attr); wpabuf_free(attr); hostapd_drv_send_action(hapd, auth->curr_freq, 0, src, wpabuf_head(msg), wpabuf_len(msg)); wpabuf_free(msg); hapd->dpp_auth_ok_on_ack = 1; } static void hostapd_dpp_rx_auth_conf(struct hostapd_data *hapd, const u8 *src, const u8 *buf, size_t len) { struct dpp_authentication *auth = hapd->dpp_auth; wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR, MAC2STR(src)); if (!auth) { wpa_printf(MSG_DEBUG, "DPP: No DPP Authentication in progress - drop"); return; } if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) { wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected " MACSTR ") - drop", MAC2STR(auth->peer_mac_addr)); return; } if (dpp_auth_conf_rx(auth, buf, len) < 0) { wpa_printf(MSG_DEBUG, "DPP: Authentication failed"); return; } hostapd_dpp_auth_success(hapd, 0); } void hostapd_dpp_rx_action(struct hostapd_data *hapd, const u8 *src, const u8 *buf, size_t len, unsigned int freq) { enum dpp_public_action_frame_type type; if (len < 1) return; type = buf[0]; buf++; len--; wpa_printf(MSG_DEBUG, "DPP: Received DPP Public Action frame type %d from " MACSTR " freq=%u", type, MAC2STR(src), freq); wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len); if (dpp_check_attrs(buf, len) < 0) return; switch (type) { case DPP_PA_AUTHENTICATION_REQ: hostapd_dpp_rx_auth_req(hapd, src, buf, len, freq); break; case DPP_PA_AUTHENTICATION_RESP: hostapd_dpp_rx_auth_resp(hapd, src, buf, len); break; case DPP_PA_AUTHENTICATION_CONF: hostapd_dpp_rx_auth_conf(hapd, src, buf, len); break; default: wpa_printf(MSG_DEBUG, "DPP: Ignored unsupported frame subtype %d", type); break; } } int hostapd_dpp_init(struct hostapd_data *hapd) { dl_list_init(&hapd->dpp_bootstrap); hapd->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR | DPP_CAPAB_ENROLLEE; hapd->dpp_init_done = 1; return 0; } void hostapd_dpp_deinit(struct hostapd_data *hapd) { #ifdef CONFIG_TESTING_OPTIONS os_free(hapd->dpp_config_obj_override); hapd->dpp_config_obj_override = NULL; os_free(hapd->dpp_discovery_override); hapd->dpp_discovery_override = NULL; os_free(hapd->dpp_groups_override); hapd->dpp_groups_override = NULL; os_free(hapd->dpp_devices_override); hapd->dpp_devices_override = NULL; hapd->dpp_ignore_netaccesskey_mismatch = 0; #endif /* CONFIG_TESTING_OPTIONS */ if (!hapd->dpp_init_done) return; dpp_bootstrap_del(hapd, 0); dpp_auth_deinit(hapd->dpp_auth); hapd->dpp_auth = NULL; }