hostap/wpa_supplicant/ap.c
Jouni Malinen 04ed4e984e AP: Only enable WPS for open and WPA/WPA2-Personal configuration
When wpa_supplicant AP mode is used, WPS was enabled by default
regardless of security mode. This is not desired for WEP, so change
the AP configuration to enable WPS only for open and WPA/WPA2-Personal
networks.

Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
2011-11-14 16:16:29 +02:00

938 lines
24 KiB
C

/*
* WPA Supplicant - Basic AP mode support routines
* Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
* Copyright (c) 2009, Atheros Communications
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* Alternatively, this software may be distributed under the terms of BSD
* license.
*
* See README and COPYING for more details.
*/
#include "utils/includes.h"
#include "utils/common.h"
#include "utils/eloop.h"
#include "utils/uuid.h"
#include "common/ieee802_11_defs.h"
#include "common/wpa_ctrl.h"
#include "ap/hostapd.h"
#include "ap/ap_config.h"
#include "ap/ap_drv_ops.h"
#ifdef NEED_AP_MLME
#include "ap/ieee802_11.h"
#endif /* NEED_AP_MLME */
#include "ap/beacon.h"
#include "ap/ieee802_1x.h"
#include "ap/wps_hostapd.h"
#include "ap/ctrl_iface_ap.h"
#include "wps/wps.h"
#include "common/ieee802_11_defs.h"
#include "config_ssid.h"
#include "config.h"
#include "wpa_supplicant_i.h"
#include "driver_i.h"
#include "p2p_supplicant.h"
#include "ap.h"
#include "ap/sta_info.h"
#include "notify.h"
#ifdef CONFIG_WPS
static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx);
#endif /* CONFIG_WPS */
static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid,
struct hostapd_config *conf)
{
struct hostapd_bss_config *bss = &conf->bss[0];
int pairwise;
conf->driver = wpa_s->driver;
os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
if (ssid->frequency == 0) {
/* default channel 11 */
conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
conf->channel = 11;
} else if (ssid->frequency >= 2412 && ssid->frequency <= 2472) {
conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
conf->channel = (ssid->frequency - 2407) / 5;
} else if ((ssid->frequency >= 5180 && ssid->frequency <= 5240) ||
(ssid->frequency >= 5745 && ssid->frequency <= 5825)) {
conf->hw_mode = HOSTAPD_MODE_IEEE80211A;
conf->channel = (ssid->frequency - 5000) / 5;
} else {
wpa_printf(MSG_ERROR, "Unsupported AP mode frequency: %d MHz",
ssid->frequency);
return -1;
}
/* TODO: enable HT40 if driver supports it;
* drop to 11b if driver does not support 11g */
#ifdef CONFIG_IEEE80211N
/*
* Enable HT20 if the driver supports it, by setting conf->ieee80211n.
* Using default config settings for: conf->ht_op_mode_fixed,
* conf->ht_capab, conf->secondary_channel, conf->require_ht
*/
if (wpa_s->hw.modes) {
struct hostapd_hw_modes *mode = NULL;
int i;
for (i = 0; i < wpa_s->hw.num_modes; i++) {
if (wpa_s->hw.modes[i].mode == conf->hw_mode) {
mode = &wpa_s->hw.modes[i];
break;
}
}
if (mode && mode->ht_capab)
conf->ieee80211n = 1;
}
#endif /* CONFIG_IEEE80211N */
#ifdef CONFIG_P2P
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
/* Remove 802.11b rates from supported and basic rate sets */
int *list = os_malloc(4 * sizeof(int));
if (list) {
list[0] = 60;
list[1] = 120;
list[2] = 240;
list[3] = -1;
}
conf->basic_rates = list;
list = os_malloc(9 * sizeof(int));
if (list) {
list[0] = 60;
list[1] = 90;
list[2] = 120;
list[3] = 180;
list[4] = 240;
list[5] = 360;
list[6] = 480;
list[7] = 540;
list[8] = -1;
}
conf->supported_rates = list;
}
bss->isolate = !wpa_s->conf->p2p_intra_bss;
#endif /* CONFIG_P2P */
if (ssid->ssid_len == 0) {
wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
return -1;
}
os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
bss->ssid.ssid[ssid->ssid_len] = '\0';
bss->ssid.ssid_len = ssid->ssid_len;
bss->ssid.ssid_set = 1;
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
bss->wpa = ssid->proto;
bss->wpa_key_mgmt = ssid->key_mgmt;
bss->wpa_pairwise = ssid->pairwise_cipher;
if (ssid->passphrase) {
bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
} else if (ssid->psk_set) {
os_free(bss->ssid.wpa_psk);
bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
if (bss->ssid.wpa_psk == NULL)
return -1;
os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
bss->ssid.wpa_psk->group = 1;
} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
struct hostapd_wep_keys *wep = &bss->ssid.wep;
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i] == 0)
continue;
wep->key[i] = os_malloc(ssid->wep_key_len[i]);
if (wep->key[i] == NULL)
return -1;
os_memcpy(wep->key[i], ssid->wep_key[i],
ssid->wep_key_len[i]);
wep->len[i] = ssid->wep_key_len[i];
}
wep->idx = ssid->wep_tx_keyidx;
wep->keys_set = 1;
}
/* Select group cipher based on the enabled pairwise cipher suites */
pairwise = 0;
if (bss->wpa & 1)
pairwise |= bss->wpa_pairwise;
if (bss->wpa & 2) {
if (bss->rsn_pairwise == 0)
bss->rsn_pairwise = bss->wpa_pairwise;
pairwise |= bss->rsn_pairwise;
}
if (pairwise & WPA_CIPHER_TKIP)
bss->wpa_group = WPA_CIPHER_TKIP;
else
bss->wpa_group = WPA_CIPHER_CCMP;
if (bss->wpa && bss->ieee802_1x)
bss->ssid.security_policy = SECURITY_WPA;
else if (bss->wpa)
bss->ssid.security_policy = SECURITY_WPA_PSK;
else if (bss->ieee802_1x) {
int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X;
bss->ssid.wep.default_len = bss->default_wep_key_len;
if (bss->default_wep_key_len)
cipher = bss->default_wep_key_len >= 13 ?
WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
bss->wpa_group = cipher;
bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher;
} else if (bss->ssid.wep.keys_set) {
int cipher = WPA_CIPHER_WEP40;
if (bss->ssid.wep.len[0] >= 13)
cipher = WPA_CIPHER_WEP104;
bss->ssid.security_policy = SECURITY_STATIC_WEP;
bss->wpa_group = cipher;
bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher;
} else {
bss->ssid.security_policy = SECURITY_PLAINTEXT;
bss->wpa_group = WPA_CIPHER_NONE;
bss->wpa_pairwise = WPA_CIPHER_NONE;
bss->rsn_pairwise = WPA_CIPHER_NONE;
}
#ifdef CONFIG_WPS
/*
* Enable WPS by default for open and WPA/WPA2-Personal network, but
* require user interaction to actually use it. Only the internal
* Registrar is supported.
*/
if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
bss->ssid.security_policy != SECURITY_PLAINTEXT)
goto no_wps;
bss->eap_server = 1;
bss->wps_state = 2;
bss->ap_setup_locked = 2;
if (wpa_s->conf->config_methods)
bss->config_methods = os_strdup(wpa_s->conf->config_methods);
os_memcpy(bss->device_type, wpa_s->conf->device_type,
WPS_DEV_TYPE_LEN);
if (wpa_s->conf->device_name) {
bss->device_name = os_strdup(wpa_s->conf->device_name);
bss->friendly_name = os_strdup(wpa_s->conf->device_name);
}
if (wpa_s->conf->manufacturer)
bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
if (wpa_s->conf->model_name)
bss->model_name = os_strdup(wpa_s->conf->model_name);
if (wpa_s->conf->model_number)
bss->model_number = os_strdup(wpa_s->conf->model_number);
if (wpa_s->conf->serial_number)
bss->serial_number = os_strdup(wpa_s->conf->serial_number);
if (is_nil_uuid(wpa_s->conf->uuid))
os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
else
os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
no_wps:
#endif /* CONFIG_WPS */
if (wpa_s->max_stations &&
wpa_s->max_stations < wpa_s->conf->max_num_sta)
bss->max_num_sta = wpa_s->max_stations;
else
bss->max_num_sta = wpa_s->conf->max_num_sta;
bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
return 0;
}
static void ap_public_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
{
#ifdef CONFIG_P2P
struct wpa_supplicant *wpa_s = ctx;
const struct ieee80211_mgmt *mgmt;
size_t hdr_len;
mgmt = (const struct ieee80211_mgmt *) buf;
hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
if (hdr_len > len)
return;
wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
mgmt->u.action.category,
&mgmt->u.action.u.vs_public_action.action,
len - hdr_len, freq);
#endif /* CONFIG_P2P */
}
static void ap_wps_event_cb(void *ctx, enum wps_event event,
union wps_event_data *data)
{
#ifdef CONFIG_P2P
struct wpa_supplicant *wpa_s = ctx;
if (event == WPS_EV_FAIL) {
struct wps_event_fail *fail = &data->fail;
if (wpa_s->parent && wpa_s->parent != wpa_s &&
wpa_s == wpa_s->global->p2p_group_formation) {
/*
* src/ap/wps_hostapd.c has already sent this on the
* main interface, so only send on the parent interface
* here if needed.
*/
wpa_msg(wpa_s->parent, MSG_INFO, WPS_EVENT_FAIL
"msg=%d config_error=%d",
fail->msg, fail->config_error);
}
wpas_p2p_wps_failed(wpa_s, fail);
}
#endif /* CONFIG_P2P */
}
static void ap_sta_authorized_cb(void *ctx, const u8 *mac_addr,
int authorized)
{
wpas_notify_sta_authorized(ctx, mac_addr, authorized);
}
static int ap_vendor_action_rx(void *ctx, const u8 *buf, size_t len, int freq)
{
#ifdef CONFIG_P2P
struct wpa_supplicant *wpa_s = ctx;
const struct ieee80211_mgmt *mgmt;
size_t hdr_len;
mgmt = (const struct ieee80211_mgmt *) buf;
hdr_len = (const u8 *) &mgmt->u.action.u.vs_public_action.action - buf;
if (hdr_len > len)
return -1;
wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid,
mgmt->u.action.category,
&mgmt->u.action.u.vs_public_action.action,
len - hdr_len, freq);
#endif /* CONFIG_P2P */
return 0;
}
static int ap_probe_req_rx(void *ctx, const u8 *sa, const u8 *da,
const u8 *bssid, const u8 *ie, size_t ie_len)
{
#ifdef CONFIG_P2P
struct wpa_supplicant *wpa_s = ctx;
return wpas_p2p_probe_req_rx(wpa_s, sa, da, bssid, ie, ie_len);
#else /* CONFIG_P2P */
return 0;
#endif /* CONFIG_P2P */
}
static void ap_wps_reg_success_cb(void *ctx, const u8 *mac_addr,
const u8 *uuid_e)
{
#ifdef CONFIG_P2P
struct wpa_supplicant *wpa_s = ctx;
wpas_p2p_wps_success(wpa_s, mac_addr, 1);
#endif /* CONFIG_P2P */
}
static void wpas_ap_configured_cb(void *ctx)
{
struct wpa_supplicant *wpa_s = ctx;
wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
if (wpa_s->ap_configured_cb)
wpa_s->ap_configured_cb(wpa_s->ap_configured_cb_ctx,
wpa_s->ap_configured_cb_data);
}
int wpa_supplicant_create_ap(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid)
{
struct wpa_driver_associate_params params;
struct hostapd_iface *hapd_iface;
struct hostapd_config *conf;
size_t i;
if (ssid->ssid == NULL || ssid->ssid_len == 0) {
wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
return -1;
}
wpa_supplicant_ap_deinit(wpa_s);
wpa_printf(MSG_DEBUG, "Setting up AP (SSID='%s')",
wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
os_memset(&params, 0, sizeof(params));
params.ssid = ssid->ssid;
params.ssid_len = ssid->ssid_len;
switch (ssid->mode) {
case WPAS_MODE_INFRA:
params.mode = IEEE80211_MODE_INFRA;
break;
case WPAS_MODE_IBSS:
params.mode = IEEE80211_MODE_IBSS;
break;
case WPAS_MODE_AP:
case WPAS_MODE_P2P_GO:
case WPAS_MODE_P2P_GROUP_FORMATION:
params.mode = IEEE80211_MODE_AP;
break;
}
params.freq = ssid->frequency;
params.wpa_proto = ssid->proto;
if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
else
wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
if (ssid->pairwise_cipher & WPA_CIPHER_CCMP)
wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
else if (ssid->pairwise_cipher & WPA_CIPHER_TKIP)
wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
else if (ssid->pairwise_cipher & WPA_CIPHER_NONE)
wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
else {
wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
"cipher.");
return -1;
}
params.pairwise_suite = cipher_suite2driver(wpa_s->pairwise_cipher);
params.group_suite = params.pairwise_suite;
#ifdef CONFIG_P2P
if (ssid->mode == WPAS_MODE_P2P_GO ||
ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
params.p2p = 1;
#endif /* CONFIG_P2P */
if (wpa_s->parent->set_ap_uapsd)
params.uapsd = wpa_s->parent->ap_uapsd;
else
params.uapsd = -1;
if (wpa_drv_associate(wpa_s, &params) < 0) {
wpa_msg(wpa_s, MSG_INFO, "Failed to start AP functionality");
return -1;
}
wpa_s->ap_iface = hapd_iface = os_zalloc(sizeof(*wpa_s->ap_iface));
if (hapd_iface == NULL)
return -1;
hapd_iface->owner = wpa_s;
hapd_iface->drv_flags = wpa_s->drv_flags;
wpa_s->ap_iface->conf = conf = hostapd_config_defaults();
if (conf == NULL) {
wpa_supplicant_ap_deinit(wpa_s);
return -1;
}
if (params.uapsd > 0) {
conf->bss->wmm_enabled = 1;
conf->bss->wmm_uapsd = 1;
}
if (wpa_supplicant_conf_ap(wpa_s, ssid, conf)) {
wpa_printf(MSG_ERROR, "Failed to create AP configuration");
wpa_supplicant_ap_deinit(wpa_s);
return -1;
}
#ifdef CONFIG_P2P
if (ssid->mode == WPAS_MODE_P2P_GO)
conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER;
else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER |
P2P_GROUP_FORMATION;
#endif /* CONFIG_P2P */
hapd_iface->num_bss = conf->num_bss;
hapd_iface->bss = os_zalloc(conf->num_bss *
sizeof(struct hostapd_data *));
if (hapd_iface->bss == NULL) {
wpa_supplicant_ap_deinit(wpa_s);
return -1;
}
for (i = 0; i < conf->num_bss; i++) {
hapd_iface->bss[i] =
hostapd_alloc_bss_data(hapd_iface, conf,
&conf->bss[i]);
if (hapd_iface->bss[i] == NULL) {
wpa_supplicant_ap_deinit(wpa_s);
return -1;
}
hapd_iface->bss[i]->msg_ctx = wpa_s;
hapd_iface->bss[i]->public_action_cb = ap_public_action_rx;
hapd_iface->bss[i]->public_action_cb_ctx = wpa_s;
hapd_iface->bss[i]->vendor_action_cb = ap_vendor_action_rx;
hapd_iface->bss[i]->vendor_action_cb_ctx = wpa_s;
hostapd_register_probereq_cb(hapd_iface->bss[i],
ap_probe_req_rx, wpa_s);
hapd_iface->bss[i]->wps_reg_success_cb = ap_wps_reg_success_cb;
hapd_iface->bss[i]->wps_reg_success_cb_ctx = wpa_s;
hapd_iface->bss[i]->wps_event_cb = ap_wps_event_cb;
hapd_iface->bss[i]->wps_event_cb_ctx = wpa_s;
hapd_iface->bss[i]->sta_authorized_cb = ap_sta_authorized_cb;
hapd_iface->bss[i]->sta_authorized_cb_ctx = wpa_s;
#ifdef CONFIG_P2P
hapd_iface->bss[i]->p2p = wpa_s->global->p2p;
hapd_iface->bss[i]->p2p_group = wpas_p2p_group_init(
wpa_s, ssid->p2p_persistent_group,
ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION);
#endif /* CONFIG_P2P */
hapd_iface->bss[i]->setup_complete_cb = wpas_ap_configured_cb;
hapd_iface->bss[i]->setup_complete_cb_ctx = wpa_s;
}
os_memcpy(hapd_iface->bss[0]->own_addr, wpa_s->own_addr, ETH_ALEN);
hapd_iface->bss[0]->driver = wpa_s->driver;
hapd_iface->bss[0]->drv_priv = wpa_s->drv_priv;
wpa_s->current_ssid = ssid;
os_memcpy(wpa_s->bssid, wpa_s->own_addr, ETH_ALEN);
wpa_s->assoc_freq = ssid->frequency;
if (hostapd_setup_interface(wpa_s->ap_iface)) {
wpa_printf(MSG_ERROR, "Failed to initialize AP interface");
wpa_supplicant_ap_deinit(wpa_s);
return -1;
}
return 0;
}
void wpa_supplicant_ap_deinit(struct wpa_supplicant *wpa_s)
{
#ifdef CONFIG_WPS
eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
#endif /* CONFIG_WPS */
if (wpa_s->ap_iface == NULL)
return;
wpa_s->current_ssid = NULL;
wpa_s->assoc_freq = 0;
wpa_s->reassociated_connection = 0;
#ifdef CONFIG_P2P
if (wpa_s->ap_iface->bss)
wpa_s->ap_iface->bss[0]->p2p_group = NULL;
wpas_p2p_group_deinit(wpa_s);
#endif /* CONFIG_P2P */
hostapd_interface_deinit(wpa_s->ap_iface);
hostapd_interface_free(wpa_s->ap_iface);
wpa_s->ap_iface = NULL;
wpa_drv_deinit_ap(wpa_s);
}
void ap_tx_status(void *ctx, const u8 *addr,
const u8 *buf, size_t len, int ack)
{
#ifdef NEED_AP_MLME
struct wpa_supplicant *wpa_s = ctx;
hostapd_tx_status(wpa_s->ap_iface->bss[0], addr, buf, len, ack);
#endif /* NEED_AP_MLME */
}
void ap_client_poll_ok(void *ctx, const u8 *addr)
{
#ifdef NEED_AP_MLME
struct wpa_supplicant *wpa_s = ctx;
if (wpa_s->ap_iface)
hostapd_client_poll_ok(wpa_s->ap_iface->bss[0], addr);
#endif /* NEED_AP_MLME */
}
void ap_rx_from_unknown_sta(void *ctx, const u8 *addr, int wds)
{
#ifdef NEED_AP_MLME
struct wpa_supplicant *wpa_s = ctx;
ieee802_11_rx_from_unknown(wpa_s->ap_iface->bss[0], addr, wds);
#endif /* NEED_AP_MLME */
}
void ap_mgmt_rx(void *ctx, struct rx_mgmt *rx_mgmt)
{
#ifdef NEED_AP_MLME
struct wpa_supplicant *wpa_s = ctx;
struct hostapd_frame_info fi;
os_memset(&fi, 0, sizeof(fi));
fi.datarate = rx_mgmt->datarate;
fi.ssi_signal = rx_mgmt->ssi_signal;
ieee802_11_mgmt(wpa_s->ap_iface->bss[0], rx_mgmt->frame,
rx_mgmt->frame_len, &fi);
#endif /* NEED_AP_MLME */
}
void ap_mgmt_tx_cb(void *ctx, const u8 *buf, size_t len, u16 stype, int ok)
{
#ifdef NEED_AP_MLME
struct wpa_supplicant *wpa_s = ctx;
ieee802_11_mgmt_cb(wpa_s->ap_iface->bss[0], buf, len, stype, ok);
#endif /* NEED_AP_MLME */
}
void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant *wpa_s,
const u8 *src_addr, const u8 *buf, size_t len)
{
ieee802_1x_receive(wpa_s->ap_iface->bss[0], src_addr, buf, len);
}
#ifdef CONFIG_WPS
int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid,
const u8 *p2p_dev_addr)
{
if (!wpa_s->ap_iface)
return -1;
return hostapd_wps_button_pushed(wpa_s->ap_iface->bss[0],
p2p_dev_addr);
}
static int wpa_supplicant_ap_wps_sta_cancel(struct hostapd_data *hapd,
struct sta_info *sta, void *ctx)
{
if (sta && (sta->flags & WLAN_STA_WPS)) {
ap_sta_deauthenticate(hapd, sta,
WLAN_REASON_PREV_AUTH_NOT_VALID);
wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR,
__func__, MAC2STR(sta->addr));
return 1;
}
return 0;
}
int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant *wpa_s)
{
struct wps_registrar *reg;
int reg_sel = 0, wps_sta = 0;
if (!wpa_s->ap_iface || !wpa_s->ap_iface->bss[0]->wps)
return -1;
reg = wpa_s->ap_iface->bss[0]->wps->registrar;
reg_sel = wps_registrar_wps_cancel(reg);
wps_sta = ap_for_each_sta(wpa_s->ap_iface->bss[0],
wpa_supplicant_ap_wps_sta_cancel, NULL);
if (!reg_sel && !wps_sta) {
wpa_printf(MSG_DEBUG, "No WPS operation in progress at this "
"time");
return -1;
}
/*
* There are 2 cases to return wps cancel as success:
* 1. When wps cancel was initiated but no connection has been
* established with client yet.
* 2. Client is in the middle of exchanging WPS messages.
*/
return 0;
}
int wpa_supplicant_ap_wps_pin(struct wpa_supplicant *wpa_s, const u8 *bssid,
const char *pin, char *buf, size_t buflen)
{
int ret, ret_len = 0;
if (!wpa_s->ap_iface)
return -1;
if (pin == NULL) {
unsigned int rpin = wps_generate_pin();
ret_len = os_snprintf(buf, buflen, "%d", rpin);
pin = buf;
} else
ret_len = os_snprintf(buf, buflen, "%s", pin);
ret = hostapd_wps_add_pin(wpa_s->ap_iface->bss[0], bssid, "any", pin,
0);
if (ret)
return -1;
return ret_len;
}
static void wpas_wps_ap_pin_timeout(void *eloop_data, void *user_ctx)
{
struct wpa_supplicant *wpa_s = eloop_data;
wpa_printf(MSG_DEBUG, "WPS: AP PIN timed out");
wpas_wps_ap_pin_disable(wpa_s);
}
static void wpas_wps_ap_pin_enable(struct wpa_supplicant *wpa_s, int timeout)
{
struct hostapd_data *hapd;
if (wpa_s->ap_iface == NULL)
return;
hapd = wpa_s->ap_iface->bss[0];
wpa_printf(MSG_DEBUG, "WPS: Enabling AP PIN (timeout=%d)", timeout);
hapd->ap_pin_failures = 0;
eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
if (timeout > 0)
eloop_register_timeout(timeout, 0,
wpas_wps_ap_pin_timeout, wpa_s, NULL);
}
void wpas_wps_ap_pin_disable(struct wpa_supplicant *wpa_s)
{
struct hostapd_data *hapd;
if (wpa_s->ap_iface == NULL)
return;
wpa_printf(MSG_DEBUG, "WPS: Disabling AP PIN");
hapd = wpa_s->ap_iface->bss[0];
os_free(hapd->conf->ap_pin);
hapd->conf->ap_pin = NULL;
eloop_cancel_timeout(wpas_wps_ap_pin_timeout, wpa_s, NULL);
}
const char * wpas_wps_ap_pin_random(struct wpa_supplicant *wpa_s, int timeout)
{
struct hostapd_data *hapd;
unsigned int pin;
char pin_txt[9];
if (wpa_s->ap_iface == NULL)
return NULL;
hapd = wpa_s->ap_iface->bss[0];
pin = wps_generate_pin();
os_snprintf(pin_txt, sizeof(pin_txt), "%u", pin);
os_free(hapd->conf->ap_pin);
hapd->conf->ap_pin = os_strdup(pin_txt);
if (hapd->conf->ap_pin == NULL)
return NULL;
wpas_wps_ap_pin_enable(wpa_s, timeout);
return hapd->conf->ap_pin;
}
const char * wpas_wps_ap_pin_get(struct wpa_supplicant *wpa_s)
{
struct hostapd_data *hapd;
if (wpa_s->ap_iface == NULL)
return NULL;
hapd = wpa_s->ap_iface->bss[0];
return hapd->conf->ap_pin;
}
int wpas_wps_ap_pin_set(struct wpa_supplicant *wpa_s, const char *pin,
int timeout)
{
struct hostapd_data *hapd;
char pin_txt[9];
int ret;
if (wpa_s->ap_iface == NULL)
return -1;
hapd = wpa_s->ap_iface->bss[0];
ret = os_snprintf(pin_txt, sizeof(pin_txt), "%s", pin);
if (ret < 0 || ret >= (int) sizeof(pin_txt))
return -1;
os_free(hapd->conf->ap_pin);
hapd->conf->ap_pin = os_strdup(pin_txt);
if (hapd->conf->ap_pin == NULL)
return -1;
wpas_wps_ap_pin_enable(wpa_s, timeout);
return 0;
}
void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant *wpa_s)
{
struct hostapd_data *hapd;
if (wpa_s->ap_iface == NULL)
return;
hapd = wpa_s->ap_iface->bss[0];
/*
* Registrar failed to prove its knowledge of the AP PIN. Disable AP
* PIN if this happens multiple times to slow down brute force attacks.
*/
hapd->ap_pin_failures++;
wpa_printf(MSG_DEBUG, "WPS: AP PIN authentication failure number %u",
hapd->ap_pin_failures);
if (hapd->ap_pin_failures < 3)
return;
wpa_printf(MSG_DEBUG, "WPS: Disable AP PIN");
hapd->ap_pin_failures = 0;
os_free(hapd->conf->ap_pin);
hapd->conf->ap_pin = NULL;
}
#endif /* CONFIG_WPS */
#ifdef CONFIG_CTRL_IFACE
int ap_ctrl_iface_sta_first(struct wpa_supplicant *wpa_s,
char *buf, size_t buflen)
{
if (wpa_s->ap_iface == NULL)
return -1;
return hostapd_ctrl_iface_sta_first(wpa_s->ap_iface->bss[0],
buf, buflen);
}
int ap_ctrl_iface_sta(struct wpa_supplicant *wpa_s, const char *txtaddr,
char *buf, size_t buflen)
{
if (wpa_s->ap_iface == NULL)
return -1;
return hostapd_ctrl_iface_sta(wpa_s->ap_iface->bss[0], txtaddr,
buf, buflen);
}
int ap_ctrl_iface_sta_next(struct wpa_supplicant *wpa_s, const char *txtaddr,
char *buf, size_t buflen)
{
if (wpa_s->ap_iface == NULL)
return -1;
return hostapd_ctrl_iface_sta_next(wpa_s->ap_iface->bss[0], txtaddr,
buf, buflen);
}
int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant *wpa_s, char *buf,
size_t buflen, int verbose)
{
char *pos = buf, *end = buf + buflen;
int ret;
struct hostapd_bss_config *conf;
if (wpa_s->ap_iface == NULL)
return -1;
conf = wpa_s->ap_iface->bss[0]->conf;
if (conf->wpa == 0)
return 0;
ret = os_snprintf(pos, end - pos,
"pairwise_cipher=%s\n"
"group_cipher=%s\n"
"key_mgmt=%s\n",
wpa_cipher_txt(conf->rsn_pairwise),
wpa_cipher_txt(conf->wpa_group),
wpa_key_mgmt_txt(conf->wpa_key_mgmt,
conf->wpa));
if (ret < 0 || ret >= end - pos)
return pos - buf;
pos += ret;
return pos - buf;
}
#endif /* CONFIG_CTRL_IFACE */
int wpa_supplicant_ap_update_beacon(struct wpa_supplicant *wpa_s)
{
struct hostapd_iface *iface = wpa_s->ap_iface;
struct wpa_ssid *ssid = wpa_s->current_ssid;
struct hostapd_data *hapd;
if (ssid == NULL || wpa_s->ap_iface == NULL)
return -1;
#ifdef CONFIG_P2P
if (ssid->mode == WPAS_MODE_P2P_GO)
iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER;
else if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
iface->conf->bss[0].p2p = P2P_ENABLED | P2P_GROUP_OWNER |
P2P_GROUP_FORMATION;
#endif /* CONFIG_P2P */
ieee802_11_set_beacons(iface);
hapd = iface->bss[0];
hostapd_set_ap_wps_ie(hapd);
return 0;
}
int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant *wpa_s,
const u8 *addr)
{
struct hostapd_data *hapd;
struct hostapd_bss_config *conf;
if (!wpa_s->ap_iface)
return -1;
if (addr)
wpa_printf(MSG_DEBUG, "AP: Set MAC address filter: " MACSTR,
MAC2STR(addr));
else
wpa_printf(MSG_DEBUG, "AP: Clear MAC address filter");
hapd = wpa_s->ap_iface->bss[0];
conf = hapd->conf;
os_free(conf->accept_mac);
conf->accept_mac = NULL;
conf->num_accept_mac = 0;
os_free(conf->deny_mac);
conf->deny_mac = NULL;
conf->num_deny_mac = 0;
if (addr == NULL) {
conf->macaddr_acl = ACCEPT_UNLESS_DENIED;
return 0;
}
conf->macaddr_acl = DENY_UNLESS_ACCEPTED;
conf->accept_mac = os_zalloc(sizeof(struct mac_acl_entry));
if (conf->accept_mac == NULL)
return -1;
os_memcpy(conf->accept_mac[0].addr, addr, ETH_ALEN);
conf->num_accept_mac = 1;
return 0;
}