]>
Commit | Line | Data |
---|---|---|
fa201b69 JM |
1 | /* |
2 | * wpa_supplicant / WPS integration | |
3 | * Copyright (c) 2008, Jouni Malinen <j@w1.fi> | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2 as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * Alternatively, this software may be distributed under the terms of BSD | |
10 | * license. | |
11 | * | |
12 | * See README and COPYING for more details. | |
13 | */ | |
14 | ||
15 | #include "includes.h" | |
16 | ||
17 | #include "common.h" | |
18 | #include "ieee802_11_defs.h" | |
19 | #include "wpa_common.h" | |
20 | #include "config.h" | |
b01c18a8 | 21 | #include "eap_peer/eap.h" |
fa201b69 | 22 | #include "wpa_supplicant_i.h" |
fcc60db4 | 23 | #include "eloop.h" |
79da74a2 | 24 | #include "uuid.h" |
a524f05e | 25 | #include "wpa_ctrl.h" |
47662164 | 26 | #include "ctrl_iface_dbus.h" |
fcc60db4 | 27 | #include "eap_common/eap_wsc_common.h" |
a6099152 | 28 | #include "blacklist.h" |
7cc1b6c9 | 29 | #include "wpa.h" |
fa201b69 | 30 | #include "wps_supplicant.h" |
46bdb83a | 31 | #include "dh_groups.h" |
fa201b69 | 32 | |
a6099152 | 33 | #define WPS_PIN_SCAN_IGNORE_SEL_REG 3 |
fa201b69 | 34 | |
fcc60db4 | 35 | static void wpas_wps_timeout(void *eloop_ctx, void *timeout_ctx); |
469fc3a4 | 36 | static void wpas_clear_wps(struct wpa_supplicant *wpa_s); |
fcc60db4 JM |
37 | |
38 | ||
fa201b69 JM |
39 | int wpas_wps_eapol_cb(struct wpa_supplicant *wpa_s) |
40 | { | |
a6099152 JM |
41 | if (!wpa_s->wps_success && |
42 | wpa_s->current_ssid && | |
43 | eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { | |
44 | const u8 *bssid = wpa_s->bssid; | |
45 | if (is_zero_ether_addr(bssid)) | |
46 | bssid = wpa_s->pending_bssid; | |
47 | ||
48 | wpa_printf(MSG_DEBUG, "WPS: PIN registration with " MACSTR | |
49 | " did not succeed - continue trying to find " | |
50 | "suitable AP", MAC2STR(bssid)); | |
51 | wpa_blacklist_add(wpa_s, bssid); | |
52 | ||
53 | wpa_supplicant_deauthenticate(wpa_s, | |
54 | WLAN_REASON_DEAUTH_LEAVING); | |
55 | wpa_s->reassociate = 1; | |
56 | wpa_supplicant_req_scan(wpa_s, | |
57 | wpa_s->blacklist_cleared ? 5 : 0, 0); | |
58 | wpa_s->blacklist_cleared = 0; | |
59 | return 1; | |
60 | } | |
61 | ||
fcc60db4 JM |
62 | eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); |
63 | ||
fa201b69 JM |
64 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid && |
65 | !(wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { | |
66 | wpa_printf(MSG_DEBUG, "WPS: Network configuration replaced - " | |
67 | "try to associate with the received credential"); | |
68 | wpa_supplicant_deauthenticate(wpa_s, | |
69 | WLAN_REASON_DEAUTH_LEAVING); | |
70 | wpa_s->reassociate = 1; | |
71 | wpa_supplicant_req_scan(wpa_s, 0, 0); | |
72 | return 1; | |
73 | } | |
74 | ||
47662164 JM |
75 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid) { |
76 | wpa_printf(MSG_DEBUG, "WPS: Registration completed - waiting " | |
77 | "for external credential processing"); | |
78 | wpas_clear_wps(wpa_s); | |
79 | wpa_supplicant_deauthenticate(wpa_s, | |
80 | WLAN_REASON_DEAUTH_LEAVING); | |
81 | return 1; | |
82 | } | |
83 | ||
fa201b69 JM |
84 | return 0; |
85 | } | |
86 | ||
87 | ||
7cc1b6c9 JM |
88 | static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s, |
89 | struct wpa_ssid *ssid, | |
90 | const struct wps_credential *cred) | |
91 | { | |
92 | struct wpa_driver_capa capa; | |
93 | size_t i; | |
94 | struct wpa_scan_res *bss; | |
95 | const u8 *ie; | |
96 | struct wpa_ie_data adv; | |
97 | int wpa2 = 0, ccmp = 0; | |
98 | ||
99 | /* | |
100 | * Many existing WPS APs do not know how to negotiate WPA2 or CCMP in | |
101 | * case they are configured for mixed mode operation (WPA+WPA2 and | |
102 | * TKIP+CCMP). Try to use scan results to figure out whether the AP | |
103 | * actually supports stronger security and select that if the client | |
104 | * has support for it, too. | |
105 | */ | |
106 | ||
107 | if (wpa_drv_get_capa(wpa_s, &capa)) | |
108 | return; /* Unknown what driver supports */ | |
109 | ||
110 | if (wpa_supplicant_get_scan_results(wpa_s) || wpa_s->scan_res == NULL) | |
111 | return; /* Could not get scan results for checking advertised | |
112 | * parameters */ | |
113 | ||
114 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
115 | bss = wpa_s->scan_res->res[i]; | |
116 | if (os_memcmp(bss->bssid, cred->mac_addr, ETH_ALEN) != 0) | |
117 | continue; | |
118 | ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); | |
119 | if (ie == NULL) | |
120 | continue; | |
121 | if (ie[1] != ssid->ssid_len || ssid->ssid == NULL || | |
122 | os_memcmp(ie + 2, ssid->ssid, ssid->ssid_len) != 0) | |
123 | continue; | |
124 | ||
125 | wpa_printf(MSG_DEBUG, "WPS: AP found from scan results"); | |
126 | break; | |
127 | } | |
128 | ||
129 | if (i == wpa_s->scan_res->num) { | |
130 | wpa_printf(MSG_DEBUG, "WPS: The AP was not found from scan " | |
131 | "results - use credential as-is"); | |
132 | return; | |
133 | } | |
134 | ||
135 | ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
136 | if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0) { | |
137 | wpa2 = 1; | |
138 | if (adv.pairwise_cipher & WPA_CIPHER_CCMP) | |
139 | ccmp = 1; | |
140 | } else { | |
141 | ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
142 | if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0 && | |
143 | adv.pairwise_cipher & WPA_CIPHER_CCMP) | |
144 | ccmp = 1; | |
145 | } | |
146 | ||
147 | if (ie == NULL && (ssid->proto & WPA_PROTO_WPA) && | |
148 | (ssid->pairwise_cipher & WPA_CIPHER_TKIP)) { | |
149 | /* | |
150 | * TODO: This could be the initial AP configuration and the | |
151 | * Beacon contents could change shortly. Should request a new | |
152 | * scan and delay addition of the network until the updated | |
153 | * scan results are available. | |
154 | */ | |
155 | wpa_printf(MSG_DEBUG, "WPS: The AP did not yet advertise WPA " | |
156 | "support - use credential as-is"); | |
157 | return; | |
158 | } | |
159 | ||
160 | if (ccmp && !(ssid->pairwise_cipher & WPA_CIPHER_CCMP) && | |
161 | (ssid->pairwise_cipher & WPA_CIPHER_TKIP) && | |
162 | (capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) { | |
163 | wpa_printf(MSG_DEBUG, "WPS: Add CCMP into the credential " | |
164 | "based on scan results"); | |
165 | if (wpa_s->conf->ap_scan == 1) | |
166 | ssid->pairwise_cipher |= WPA_CIPHER_CCMP; | |
167 | else | |
168 | ssid->pairwise_cipher = WPA_CIPHER_CCMP; | |
169 | } | |
170 | ||
171 | if (wpa2 && !(ssid->proto & WPA_PROTO_RSN) && | |
172 | (ssid->proto & WPA_PROTO_WPA) && | |
173 | (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP)) { | |
174 | wpa_printf(MSG_DEBUG, "WPS: Add WPA2 into the credential " | |
175 | "based on scan results"); | |
176 | if (wpa_s->conf->ap_scan == 1) | |
177 | ssid->proto |= WPA_PROTO_RSN; | |
178 | else | |
179 | ssid->proto = WPA_PROTO_RSN; | |
180 | } | |
181 | } | |
182 | ||
183 | ||
bcbbc7af JM |
184 | static int wpa_supplicant_wps_cred(void *ctx, |
185 | const struct wps_credential *cred) | |
fa201b69 JM |
186 | { |
187 | struct wpa_supplicant *wpa_s = ctx; | |
188 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
522b5b6e | 189 | u8 key_idx = 0; |
fa201b69 | 190 | |
47662164 JM |
191 | if ((wpa_s->conf->wps_cred_processing == 1 || |
192 | wpa_s->conf->wps_cred_processing == 2) && cred->cred_attr) { | |
193 | size_t blen = cred->cred_attr_len * 2 + 1; | |
194 | char *buf = os_malloc(blen); | |
195 | if (buf) { | |
196 | wpa_snprintf_hex(buf, blen, | |
197 | cred->cred_attr, cred->cred_attr_len); | |
198 | wpa_msg(wpa_s, MSG_INFO, "%s%s", | |
199 | WPS_EVENT_CRED_RECEIVED, buf); | |
200 | os_free(buf); | |
201 | } | |
202 | wpa_supplicant_dbus_notify_wps_cred(wpa_s, cred); | |
203 | } else | |
204 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_CRED_RECEIVED); | |
fa201b69 | 205 | |
eca6e0a9 JM |
206 | wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute", |
207 | cred->cred_attr, cred->cred_attr_len); | |
208 | ||
47662164 JM |
209 | if (wpa_s->conf->wps_cred_processing == 1) |
210 | return 0; | |
211 | ||
f286077d JM |
212 | if (cred->auth_type != WPS_AUTH_OPEN && |
213 | cred->auth_type != WPS_AUTH_SHARED && | |
214 | cred->auth_type != WPS_AUTH_WPAPSK && | |
215 | cred->auth_type != WPS_AUTH_WPA2PSK) { | |
216 | wpa_printf(MSG_DEBUG, "WPS: Ignored credentials for " | |
217 | "unsupported authentication type %d", | |
218 | cred->auth_type); | |
219 | return 0; | |
220 | } | |
221 | ||
fa201b69 JM |
222 | if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { |
223 | wpa_printf(MSG_DEBUG, "WPS: Replace WPS network block based " | |
224 | "on the received credential"); | |
225 | os_free(ssid->eap.identity); | |
226 | ssid->eap.identity = NULL; | |
227 | ssid->eap.identity_len = 0; | |
228 | os_free(ssid->eap.phase1); | |
229 | ssid->eap.phase1 = NULL; | |
230 | os_free(ssid->eap.eap_methods); | |
231 | ssid->eap.eap_methods = NULL; | |
232 | } else { | |
233 | wpa_printf(MSG_DEBUG, "WPS: Create a new network based on the " | |
234 | "received credential"); | |
235 | ssid = wpa_config_add_network(wpa_s->conf); | |
236 | if (ssid == NULL) | |
237 | return -1; | |
238 | } | |
239 | ||
240 | wpa_config_set_network_defaults(ssid); | |
241 | ||
242 | os_free(ssid->ssid); | |
243 | ssid->ssid = os_malloc(cred->ssid_len); | |
244 | if (ssid->ssid) { | |
245 | os_memcpy(ssid->ssid, cred->ssid, cred->ssid_len); | |
246 | ssid->ssid_len = cred->ssid_len; | |
247 | } | |
248 | ||
249 | switch (cred->encr_type) { | |
250 | case WPS_ENCR_NONE: | |
fa201b69 JM |
251 | break; |
252 | case WPS_ENCR_WEP: | |
4b195a1b AT |
253 | if (cred->key_len <= 0) |
254 | break; | |
255 | if (cred->key_len != 5 && cred->key_len != 13 && | |
256 | cred->key_len != 10 && cred->key_len != 26) { | |
257 | wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key length " | |
258 | "%lu", (unsigned long) cred->key_len); | |
259 | return -1; | |
260 | } | |
522b5b6e | 261 | if (cred->key_idx > NUM_WEP_KEYS) { |
4b195a1b AT |
262 | wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key index %d", |
263 | cred->key_idx); | |
264 | return -1; | |
265 | } | |
522b5b6e AT |
266 | if (cred->key_idx) |
267 | key_idx = cred->key_idx - 1; | |
4b195a1b AT |
268 | if (cred->key_len == 10 || cred->key_len == 26) { |
269 | if (hexstr2bin((char *) cred->key, | |
270 | ssid->wep_key[key_idx], | |
271 | cred->key_len / 2) < 0) { | |
272 | wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key " | |
273 | "%d", key_idx); | |
274 | return -1; | |
275 | } | |
276 | ssid->wep_key_len[key_idx] = cred->key_len / 2; | |
277 | } else { | |
278 | os_memcpy(ssid->wep_key[key_idx], cred->key, | |
fa201b69 | 279 | cred->key_len); |
4b195a1b | 280 | ssid->wep_key_len[key_idx] = cred->key_len; |
fa201b69 | 281 | } |
4b195a1b | 282 | ssid->wep_tx_keyidx = key_idx; |
fa201b69 JM |
283 | break; |
284 | case WPS_ENCR_TKIP: | |
285 | ssid->pairwise_cipher = WPA_CIPHER_TKIP; | |
fa201b69 JM |
286 | break; |
287 | case WPS_ENCR_AES: | |
288 | ssid->pairwise_cipher = WPA_CIPHER_CCMP; | |
fa201b69 JM |
289 | break; |
290 | } | |
291 | ||
292 | switch (cred->auth_type) { | |
293 | case WPS_AUTH_OPEN: | |
294 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
295 | ssid->key_mgmt = WPA_KEY_MGMT_NONE; | |
296 | ssid->proto = 0; | |
297 | break; | |
298 | case WPS_AUTH_SHARED: | |
299 | ssid->auth_alg = WPA_AUTH_ALG_SHARED; | |
300 | ssid->key_mgmt = WPA_KEY_MGMT_NONE; | |
301 | ssid->proto = 0; | |
302 | break; | |
303 | case WPS_AUTH_WPAPSK: | |
304 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
305 | ssid->key_mgmt = WPA_KEY_MGMT_PSK; | |
306 | ssid->proto = WPA_PROTO_WPA; | |
307 | break; | |
308 | case WPS_AUTH_WPA: | |
309 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
310 | ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X; | |
311 | ssid->proto = WPA_PROTO_WPA; | |
312 | break; | |
313 | case WPS_AUTH_WPA2: | |
314 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
315 | ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X; | |
316 | ssid->proto = WPA_PROTO_RSN; | |
317 | break; | |
318 | case WPS_AUTH_WPA2PSK: | |
319 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
320 | ssid->key_mgmt = WPA_KEY_MGMT_PSK; | |
321 | ssid->proto = WPA_PROTO_RSN; | |
322 | break; | |
323 | } | |
324 | ||
325 | if (ssid->key_mgmt == WPA_KEY_MGMT_PSK) { | |
326 | if (cred->key_len == 2 * PMK_LEN) { | |
327 | if (hexstr2bin((const char *) cred->key, ssid->psk, | |
328 | PMK_LEN)) { | |
329 | wpa_printf(MSG_ERROR, "WPS: Invalid Network " | |
330 | "Key"); | |
331 | return -1; | |
332 | } | |
333 | ssid->psk_set = 1; | |
334 | } else if (cred->key_len >= 8 && cred->key_len < 2 * PMK_LEN) { | |
335 | os_free(ssid->passphrase); | |
336 | ssid->passphrase = os_malloc(cred->key_len + 1); | |
337 | if (ssid->passphrase == NULL) | |
338 | return -1; | |
339 | os_memcpy(ssid->passphrase, cred->key, cred->key_len); | |
340 | ssid->passphrase[cred->key_len] = '\0'; | |
341 | wpa_config_update_psk(ssid); | |
342 | } else { | |
343 | wpa_printf(MSG_ERROR, "WPS: Invalid Network Key " | |
344 | "length %lu", | |
345 | (unsigned long) cred->key_len); | |
346 | return -1; | |
347 | } | |
348 | } | |
349 | ||
7cc1b6c9 JM |
350 | wpas_wps_security_workaround(wpa_s, ssid, cred); |
351 | ||
fa201b69 JM |
352 | #ifndef CONFIG_NO_CONFIG_WRITE |
353 | if (wpa_s->conf->update_config && | |
354 | wpa_config_write(wpa_s->confname, wpa_s->conf)) { | |
355 | wpa_printf(MSG_DEBUG, "WPS: Failed to update configuration"); | |
356 | return -1; | |
357 | } | |
358 | #endif /* CONFIG_NO_CONFIG_WRITE */ | |
359 | ||
360 | return 0; | |
361 | } | |
362 | ||
363 | ||
4b68290e JM |
364 | static void wpa_supplicant_wps_event_m2d(struct wpa_supplicant *wpa_s, |
365 | struct wps_event_m2d *m2d) | |
366 | { | |
367 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_M2D | |
368 | "dev_password_id=%d config_error=%d", | |
369 | m2d->dev_password_id, m2d->config_error); | |
370 | } | |
371 | ||
372 | ||
469fc3a4 JM |
373 | static void wpa_supplicant_wps_event_fail(struct wpa_supplicant *wpa_s, |
374 | struct wps_event_fail *fail) | |
375 | { | |
376 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_FAIL "msg=%d", fail->msg); | |
377 | wpas_clear_wps(wpa_s); | |
378 | } | |
379 | ||
380 | ||
ad5302a1 JM |
381 | static void wpa_supplicant_wps_event_success(struct wpa_supplicant *wpa_s) |
382 | { | |
383 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_SUCCESS); | |
a6099152 | 384 | wpa_s->wps_success = 1; |
ad5302a1 JM |
385 | } |
386 | ||
387 | ||
4b68290e JM |
388 | static void wpa_supplicant_wps_event(void *ctx, enum wps_event event, |
389 | union wps_event_data *data) | |
390 | { | |
391 | struct wpa_supplicant *wpa_s = ctx; | |
392 | switch (event) { | |
393 | case WPS_EV_M2D: | |
394 | wpa_supplicant_wps_event_m2d(wpa_s, &data->m2d); | |
395 | break; | |
469fc3a4 JM |
396 | case WPS_EV_FAIL: |
397 | wpa_supplicant_wps_event_fail(wpa_s, &data->fail); | |
398 | break; | |
ad5302a1 JM |
399 | case WPS_EV_SUCCESS: |
400 | wpa_supplicant_wps_event_success(wpa_s); | |
401 | break; | |
3b2cf800 JM |
402 | case WPS_EV_PWD_AUTH_FAIL: |
403 | break; | |
4b68290e JM |
404 | } |
405 | } | |
406 | ||
407 | ||
f90c86d4 | 408 | enum wps_request_type wpas_wps_get_req_type(struct wpa_ssid *ssid) |
fa201b69 | 409 | { |
b01c18a8 JM |
410 | if (eap_is_wps_pbc_enrollee(&ssid->eap) || |
411 | eap_is_wps_pin_enrollee(&ssid->eap)) | |
412 | return WPS_REQ_ENROLLEE; | |
413 | else | |
414 | return WPS_REQ_REGISTRAR; | |
fa201b69 | 415 | } |
116654ce JM |
416 | |
417 | ||
fcc60db4 JM |
418 | static void wpas_clear_wps(struct wpa_supplicant *wpa_s) |
419 | { | |
420 | int id; | |
421 | struct wpa_ssid *ssid; | |
422 | ||
423 | eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); | |
424 | ||
425 | /* Remove any existing WPS network from configuration */ | |
426 | ssid = wpa_s->conf->ssid; | |
427 | while (ssid) { | |
f0477201 JM |
428 | if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { |
429 | if (ssid == wpa_s->current_ssid) | |
430 | wpa_s->current_ssid = NULL; | |
fcc60db4 | 431 | id = ssid->id; |
f0477201 | 432 | } else |
fcc60db4 JM |
433 | id = -1; |
434 | ssid = ssid->next; | |
435 | if (id >= 0) | |
436 | wpa_config_remove_network(wpa_s->conf, id); | |
437 | } | |
438 | } | |
439 | ||
440 | ||
441 | static void wpas_wps_timeout(void *eloop_ctx, void *timeout_ctx) | |
442 | { | |
443 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
a6099152 JM |
444 | wpa_printf(MSG_INFO, WPS_EVENT_TIMEOUT "Requested operation timed " |
445 | "out"); | |
fcc60db4 JM |
446 | wpas_clear_wps(wpa_s); |
447 | } | |
448 | ||
449 | ||
450 | static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s, | |
451 | int registrar, const u8 *bssid) | |
452 | { | |
453 | struct wpa_ssid *ssid; | |
454 | ||
455 | ssid = wpa_config_add_network(wpa_s->conf); | |
456 | if (ssid == NULL) | |
457 | return NULL; | |
458 | wpa_config_set_network_defaults(ssid); | |
459 | if (wpa_config_set(ssid, "key_mgmt", "WPS", 0) < 0 || | |
460 | wpa_config_set(ssid, "eap", "WSC", 0) < 0 || | |
461 | wpa_config_set(ssid, "identity", registrar ? | |
462 | "\"" WSC_ID_REGISTRAR "\"" : | |
463 | "\"" WSC_ID_ENROLLEE "\"", 0) < 0) { | |
464 | wpa_config_remove_network(wpa_s->conf, ssid->id); | |
465 | return NULL; | |
466 | } | |
467 | ||
468 | if (bssid) { | |
469 | size_t i; | |
470 | struct wpa_scan_res *res; | |
471 | ||
472 | os_memcpy(ssid->bssid, bssid, ETH_ALEN); | |
24c23d1b | 473 | ssid->bssid_set = 1; |
fcc60db4 JM |
474 | |
475 | /* Try to get SSID from scan results */ | |
476 | if (wpa_s->scan_res == NULL && | |
477 | wpa_supplicant_get_scan_results(wpa_s) < 0) | |
478 | return ssid; /* Could not find any scan results */ | |
479 | ||
480 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
481 | const u8 *ie; | |
482 | ||
483 | res = wpa_s->scan_res->res[i]; | |
484 | if (os_memcmp(bssid, res->bssid, ETH_ALEN) != 0) | |
485 | continue; | |
486 | ||
487 | ie = wpa_scan_get_ie(res, WLAN_EID_SSID); | |
488 | if (ie == NULL) | |
489 | break; | |
490 | os_free(ssid->ssid); | |
491 | ssid->ssid = os_malloc(ie[1]); | |
492 | if (ssid->ssid == NULL) | |
493 | break; | |
494 | os_memcpy(ssid->ssid, ie + 2, ie[1]); | |
495 | ssid->ssid_len = ie[1]; | |
496 | break; | |
497 | } | |
498 | } | |
499 | ||
500 | return ssid; | |
501 | } | |
502 | ||
503 | ||
504 | static void wpas_wps_reassoc(struct wpa_supplicant *wpa_s, | |
505 | struct wpa_ssid *selected) | |
506 | { | |
507 | struct wpa_ssid *ssid; | |
508 | ||
509 | /* Mark all other networks disabled and trigger reassociation */ | |
510 | ssid = wpa_s->conf->ssid; | |
511 | while (ssid) { | |
512 | ssid->disabled = ssid != selected; | |
513 | ssid = ssid->next; | |
514 | } | |
515 | wpa_s->disconnected = 0; | |
516 | wpa_s->reassociate = 1; | |
a6099152 JM |
517 | wpa_s->scan_runs = 0; |
518 | wpa_s->wps_success = 0; | |
519 | wpa_s->blacklist_cleared = 0; | |
fcc60db4 JM |
520 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
521 | } | |
522 | ||
523 | ||
524 | int wpas_wps_start_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid) | |
525 | { | |
526 | struct wpa_ssid *ssid; | |
527 | wpas_clear_wps(wpa_s); | |
528 | ssid = wpas_wps_add_network(wpa_s, 0, bssid); | |
529 | if (ssid == NULL) | |
530 | return -1; | |
531 | wpa_config_set(ssid, "phase1", "\"pbc=1\"", 0); | |
532 | eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, | |
533 | wpa_s, NULL); | |
534 | wpas_wps_reassoc(wpa_s, ssid); | |
535 | return 0; | |
536 | } | |
537 | ||
538 | ||
539 | int wpas_wps_start_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, | |
540 | const char *pin) | |
541 | { | |
542 | struct wpa_ssid *ssid; | |
46bdb83a | 543 | char val[128]; |
fcc60db4 JM |
544 | unsigned int rpin = 0; |
545 | ||
546 | wpas_clear_wps(wpa_s); | |
547 | ssid = wpas_wps_add_network(wpa_s, 0, bssid); | |
548 | if (ssid == NULL) | |
549 | return -1; | |
550 | if (pin) | |
551 | os_snprintf(val, sizeof(val), "\"pin=%s\"", pin); | |
552 | else { | |
553 | rpin = wps_generate_pin(); | |
554 | os_snprintf(val, sizeof(val), "\"pin=%08d\"", rpin); | |
555 | } | |
556 | wpa_config_set(ssid, "phase1", val, 0); | |
557 | eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, | |
558 | wpa_s, NULL); | |
559 | wpas_wps_reassoc(wpa_s, ssid); | |
560 | return rpin; | |
561 | } | |
562 | ||
563 | ||
116f7bb0 | 564 | #ifdef CONFIG_WPS_OOB |
46bdb83a | 565 | int wpas_wps_start_oob(struct wpa_supplicant *wpa_s, char *device_type, |
e1ee6b60 | 566 | char *path, char *method, char *name) |
46bdb83a MH |
567 | { |
568 | struct wps_context *wps = wpa_s->wps; | |
7cbf51bb | 569 | struct oob_device_data *oob_dev; |
46bdb83a | 570 | |
7cbf51bb JM |
571 | oob_dev = wps_get_oob_device(device_type); |
572 | if (oob_dev == NULL) | |
46bdb83a | 573 | return -1; |
7cbf51bb | 574 | oob_dev->device_path = path; |
e1ee6b60 | 575 | oob_dev->device_name = name; |
46bdb83a MH |
576 | wps->oob_conf.oob_method = wps_get_oob_method(method); |
577 | ||
d5e2b2d2 JM |
578 | if (wps->oob_conf.oob_method == OOB_METHOD_DEV_PWD_E) { |
579 | /* | |
580 | * Use pre-configured DH keys in order to be able to write the | |
581 | * key hash into the OOB file. | |
582 | */ | |
583 | wpabuf_free(wps->dh_pubkey); | |
584 | wpabuf_free(wps->dh_privkey); | |
585 | wps->dh_privkey = NULL; | |
586 | wps->dh_pubkey = dh_init(dh_groups_get(WPS_DH_GROUP), | |
587 | &wps->dh_privkey); | |
588 | wps->dh_pubkey = wpabuf_zeropad(wps->dh_pubkey, 192); | |
589 | if (wps->dh_pubkey == NULL) { | |
590 | wpa_printf(MSG_ERROR, "WPS: Failed to initialize " | |
591 | "Diffie-Hellman handshake"); | |
592 | return -1; | |
593 | } | |
594 | } | |
595 | ||
46bdb83a MH |
596 | if (wps->oob_conf.oob_method == OOB_METHOD_CRED) |
597 | wpas_clear_wps(wpa_s); | |
598 | ||
7cbf51bb | 599 | if (wps_process_oob(wps, oob_dev, 0) < 0) |
46bdb83a MH |
600 | return -1; |
601 | ||
602 | if ((wps->oob_conf.oob_method == OOB_METHOD_DEV_PWD_E || | |
603 | wps->oob_conf.oob_method == OOB_METHOD_DEV_PWD_R) && | |
604 | wpas_wps_start_pin(wpa_s, NULL, | |
605 | wpabuf_head(wps->oob_conf.dev_password)) < 0) | |
606 | return -1; | |
607 | ||
608 | return 0; | |
609 | } | |
116f7bb0 | 610 | #endif /* CONFIG_WPS_OOB */ |
46bdb83a MH |
611 | |
612 | ||
fcc60db4 JM |
613 | int wpas_wps_start_reg(struct wpa_supplicant *wpa_s, const u8 *bssid, |
614 | const char *pin) | |
615 | { | |
616 | struct wpa_ssid *ssid; | |
617 | char val[30]; | |
618 | ||
619 | if (!pin) | |
620 | return -1; | |
621 | wpas_clear_wps(wpa_s); | |
622 | ssid = wpas_wps_add_network(wpa_s, 1, bssid); | |
623 | if (ssid == NULL) | |
624 | return -1; | |
625 | os_snprintf(val, sizeof(val), "\"pin=%s\"", pin); | |
626 | wpa_config_set(ssid, "phase1", val, 0); | |
627 | eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, | |
628 | wpa_s, NULL); | |
629 | wpas_wps_reassoc(wpa_s, ssid); | |
630 | return 0; | |
631 | } | |
632 | ||
633 | ||
c5adf528 JM |
634 | static int wpas_wps_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *psk, |
635 | size_t psk_len) | |
636 | { | |
637 | wpa_printf(MSG_DEBUG, "WPS: Received new WPA/WPA2-PSK from WPS for " | |
638 | "STA " MACSTR, MAC2STR(mac_addr)); | |
639 | wpa_hexdump_key(MSG_DEBUG, "Per-device PSK", psk, psk_len); | |
640 | ||
641 | /* TODO */ | |
642 | ||
643 | return 0; | |
644 | } | |
645 | ||
646 | ||
647 | static void wpas_wps_pin_needed_cb(void *ctx, const u8 *uuid_e, | |
648 | const struct wps_device_data *dev) | |
649 | { | |
650 | char uuid[40], txt[400]; | |
651 | int len; | |
652 | if (uuid_bin2str(uuid_e, uuid, sizeof(uuid))) | |
653 | return; | |
654 | wpa_printf(MSG_DEBUG, "WPS: PIN needed for UUID-E %s", uuid); | |
655 | len = os_snprintf(txt, sizeof(txt), "WPS-EVENT-PIN-NEEDED %s " MACSTR | |
656 | " [%s|%s|%s|%s|%s|%d-%08X-%d]", | |
657 | uuid, MAC2STR(dev->mac_addr), dev->device_name, | |
658 | dev->manufacturer, dev->model_name, | |
659 | dev->model_number, dev->serial_number, | |
660 | dev->categ, dev->oui, dev->sub_categ); | |
661 | if (len > 0 && len < (int) sizeof(txt)) | |
662 | wpa_printf(MSG_INFO, "%s", txt); | |
663 | } | |
664 | ||
665 | ||
116654ce JM |
666 | int wpas_wps_init(struct wpa_supplicant *wpa_s) |
667 | { | |
668 | struct wps_context *wps; | |
c5adf528 | 669 | struct wps_registrar_config rcfg; |
116654ce JM |
670 | |
671 | wps = os_zalloc(sizeof(*wps)); | |
672 | if (wps == NULL) | |
673 | return -1; | |
674 | ||
675 | wps->cred_cb = wpa_supplicant_wps_cred; | |
4b68290e | 676 | wps->event_cb = wpa_supplicant_wps_event; |
116654ce JM |
677 | wps->cb_ctx = wpa_s; |
678 | ||
3c0b7aa4 JM |
679 | wps->dev.device_name = wpa_s->conf->device_name; |
680 | wps->dev.manufacturer = wpa_s->conf->manufacturer; | |
681 | wps->dev.model_name = wpa_s->conf->model_name; | |
682 | wps->dev.model_number = wpa_s->conf->model_number; | |
683 | wps->dev.serial_number = wpa_s->conf->serial_number; | |
684 | if (wpa_s->conf->device_type) { | |
685 | char *pos; | |
686 | u8 oui[4]; | |
687 | /* <categ>-<OUI>-<subcateg> */ | |
688 | wps->dev.categ = atoi(wpa_s->conf->device_type); | |
689 | pos = os_strchr(wpa_s->conf->device_type, '-'); | |
690 | if (pos == NULL) { | |
691 | wpa_printf(MSG_ERROR, "WPS: Invalid device_type"); | |
692 | os_free(wps); | |
693 | return -1; | |
694 | } | |
695 | pos++; | |
696 | if (hexstr2bin(pos, oui, 4)) { | |
697 | wpa_printf(MSG_ERROR, "WPS: Invalid device_type OUI"); | |
698 | os_free(wps); | |
699 | return -1; | |
700 | } | |
701 | wps->dev.oui = WPA_GET_BE32(oui); | |
702 | pos = os_strchr(pos, '-'); | |
703 | if (pos == NULL) { | |
704 | wpa_printf(MSG_ERROR, "WPS: Invalid device_type"); | |
705 | os_free(wps); | |
706 | return -1; | |
707 | } | |
708 | pos++; | |
709 | wps->dev.sub_categ = atoi(pos); | |
710 | } | |
711 | wps->dev.os_version = WPA_GET_BE32(wpa_s->conf->os_version); | |
712 | wps->dev.rf_bands = WPS_RF_24GHZ | WPS_RF_50GHZ; /* TODO: config */ | |
398cfbf6 | 713 | os_memcpy(wps->dev.mac_addr, wpa_s->own_addr, ETH_ALEN); |
79da74a2 JM |
714 | if (is_nil_uuid(wpa_s->conf->uuid)) { |
715 | uuid_gen_mac_addr(wpa_s->own_addr, wps->uuid); | |
716 | wpa_hexdump(MSG_DEBUG, "WPS: UUID based on MAC address", | |
717 | wps->uuid, WPS_UUID_LEN); | |
718 | } else | |
719 | os_memcpy(wps->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); | |
116654ce | 720 | |
c5adf528 JM |
721 | wps->auth_types = WPS_AUTH_WPA2PSK | WPS_AUTH_WPAPSK; |
722 | wps->encr_types = WPS_ENCR_AES | WPS_ENCR_TKIP; | |
723 | ||
724 | os_memset(&rcfg, 0, sizeof(rcfg)); | |
725 | rcfg.new_psk_cb = wpas_wps_new_psk_cb; | |
726 | rcfg.pin_needed_cb = wpas_wps_pin_needed_cb; | |
727 | rcfg.cb_ctx = wpa_s; | |
728 | ||
729 | wps->registrar = wps_registrar_init(wps, &rcfg); | |
730 | if (wps->registrar == NULL) { | |
731 | wpa_printf(MSG_DEBUG, "Failed to initialize WPS Registrar"); | |
732 | os_free(wps); | |
733 | return -1; | |
734 | } | |
735 | ||
116654ce JM |
736 | wpa_s->wps = wps; |
737 | ||
738 | return 0; | |
739 | } | |
740 | ||
741 | ||
742 | void wpas_wps_deinit(struct wpa_supplicant *wpa_s) | |
743 | { | |
fcc60db4 JM |
744 | eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); |
745 | ||
116654ce JM |
746 | if (wpa_s->wps == NULL) |
747 | return; | |
748 | ||
c5adf528 | 749 | wps_registrar_deinit(wpa_s->wps->registrar); |
46bdb83a MH |
750 | wpabuf_free(wpa_s->wps->dh_pubkey); |
751 | wpabuf_free(wpa_s->wps->dh_privkey); | |
752 | wpabuf_free(wpa_s->wps->oob_conf.pubkey_hash); | |
753 | wpabuf_free(wpa_s->wps->oob_conf.dev_password); | |
116654ce JM |
754 | os_free(wpa_s->wps->network_key); |
755 | os_free(wpa_s->wps); | |
756 | wpa_s->wps = NULL; | |
757 | } | |
351f09a2 JM |
758 | |
759 | ||
a6099152 JM |
760 | int wpas_wps_ssid_bss_match(struct wpa_supplicant *wpa_s, |
761 | struct wpa_ssid *ssid, struct wpa_scan_res *bss) | |
351f09a2 JM |
762 | { |
763 | struct wpabuf *wps_ie; | |
764 | ||
765 | if (!(ssid->key_mgmt & WPA_KEY_MGMT_WPS)) | |
766 | return -1; | |
767 | ||
768 | wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
769 | if (eap_is_wps_pbc_enrollee(&ssid->eap)) { | |
770 | if (!wps_ie) { | |
771 | wpa_printf(MSG_DEBUG, " skip - non-WPS AP"); | |
772 | return 0; | |
773 | } | |
774 | ||
775 | if (!wps_is_selected_pbc_registrar(wps_ie)) { | |
776 | wpa_printf(MSG_DEBUG, " skip - WPS AP " | |
777 | "without active PBC Registrar"); | |
778 | wpabuf_free(wps_ie); | |
779 | return 0; | |
780 | } | |
781 | ||
782 | /* TODO: overlap detection */ | |
783 | wpa_printf(MSG_DEBUG, " selected based on WPS IE " | |
784 | "(Active PBC)"); | |
785 | wpabuf_free(wps_ie); | |
786 | return 1; | |
787 | } | |
788 | ||
789 | if (eap_is_wps_pin_enrollee(&ssid->eap)) { | |
790 | if (!wps_ie) { | |
791 | wpa_printf(MSG_DEBUG, " skip - non-WPS AP"); | |
792 | return 0; | |
793 | } | |
794 | ||
a6099152 JM |
795 | /* |
796 | * Start with WPS APs that advertise active PIN Registrar and | |
797 | * allow any WPS AP after third scan since some APs do not set | |
798 | * Selected Registrar attribute properly when using external | |
799 | * Registrar. | |
800 | */ | |
351f09a2 | 801 | if (!wps_is_selected_pin_registrar(wps_ie)) { |
a6099152 JM |
802 | if (wpa_s->scan_runs < WPS_PIN_SCAN_IGNORE_SEL_REG) { |
803 | wpa_printf(MSG_DEBUG, " skip - WPS AP " | |
804 | "without active PIN Registrar"); | |
805 | wpabuf_free(wps_ie); | |
806 | return 0; | |
807 | } | |
808 | wpa_printf(MSG_DEBUG, " selected based on WPS IE"); | |
809 | } else { | |
810 | wpa_printf(MSG_DEBUG, " selected based on WPS IE " | |
811 | "(Active PIN)"); | |
351f09a2 | 812 | } |
351f09a2 JM |
813 | wpabuf_free(wps_ie); |
814 | return 1; | |
815 | } | |
816 | ||
817 | if (wps_ie) { | |
818 | wpa_printf(MSG_DEBUG, " selected based on WPS IE"); | |
819 | wpabuf_free(wps_ie); | |
820 | return 1; | |
821 | } | |
822 | ||
823 | return -1; | |
824 | } | |
825 | ||
826 | ||
a6099152 JM |
827 | int wpas_wps_ssid_wildcard_ok(struct wpa_supplicant *wpa_s, |
828 | struct wpa_ssid *ssid, | |
351f09a2 JM |
829 | struct wpa_scan_res *bss) |
830 | { | |
831 | struct wpabuf *wps_ie = NULL; | |
832 | int ret = 0; | |
833 | ||
834 | if (eap_is_wps_pbc_enrollee(&ssid->eap)) { | |
835 | wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
836 | if (wps_ie && wps_is_selected_pbc_registrar(wps_ie)) { | |
837 | /* allow wildcard SSID for WPS PBC */ | |
838 | ret = 1; | |
839 | } | |
840 | } else if (eap_is_wps_pin_enrollee(&ssid->eap)) { | |
841 | wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
a6099152 JM |
842 | if (wps_ie && |
843 | (wps_is_selected_pin_registrar(wps_ie) || | |
844 | wpa_s->scan_runs >= WPS_PIN_SCAN_IGNORE_SEL_REG)) { | |
351f09a2 JM |
845 | /* allow wildcard SSID for WPS PIN */ |
846 | ret = 1; | |
847 | } | |
848 | } | |
849 | ||
24c23d1b JM |
850 | if (!ret && ssid->bssid_set && |
851 | os_memcmp(ssid->bssid, bss->bssid, ETH_ALEN) == 0) { | |
852 | /* allow wildcard SSID due to hardcoded BSSID match */ | |
853 | ret = 1; | |
854 | } | |
855 | ||
351f09a2 JM |
856 | wpabuf_free(wps_ie); |
857 | ||
858 | return ret; | |
859 | } | |
860 | ||
861 | ||
862 | int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s, | |
863 | struct wpa_scan_res *selected, | |
864 | struct wpa_ssid *ssid) | |
865 | { | |
866 | const u8 *sel_uuid, *uuid; | |
867 | size_t i; | |
868 | struct wpabuf *wps_ie; | |
869 | int ret = 0; | |
870 | ||
871 | if (!eap_is_wps_pbc_enrollee(&ssid->eap)) | |
872 | return 0; | |
873 | ||
874 | /* Make sure that only one AP is in active PBC mode */ | |
875 | wps_ie = wpa_scan_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE); | |
876 | if (wps_ie) | |
877 | sel_uuid = wps_get_uuid_e(wps_ie); | |
878 | else | |
879 | sel_uuid = NULL; | |
351f09a2 JM |
880 | |
881 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
882 | struct wpa_scan_res *bss = wpa_s->scan_res->res[i]; | |
883 | struct wpabuf *ie; | |
884 | if (bss == selected) | |
885 | continue; | |
886 | ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
887 | if (!ie) | |
888 | continue; | |
889 | if (!wps_is_selected_pbc_registrar(ie)) { | |
890 | wpabuf_free(ie); | |
891 | continue; | |
892 | } | |
893 | uuid = wps_get_uuid_e(ie); | |
44cd430f JM |
894 | if (sel_uuid == NULL || uuid == NULL || |
895 | os_memcmp(sel_uuid, uuid, 16) != 0) { | |
351f09a2 JM |
896 | ret = 1; /* PBC overlap */ |
897 | wpabuf_free(ie); | |
898 | break; | |
899 | } | |
900 | ||
901 | /* TODO: verify that this is reasonable dual-band situation */ | |
484957ae JM |
902 | |
903 | wpabuf_free(ie); | |
351f09a2 JM |
904 | } |
905 | ||
906 | wpabuf_free(wps_ie); | |
907 | ||
908 | return ret; | |
909 | } | |
a524f05e JM |
910 | |
911 | ||
912 | void wpas_wps_notify_scan_results(struct wpa_supplicant *wpa_s) | |
913 | { | |
914 | size_t i; | |
915 | ||
916 | if (wpa_s->disconnected || wpa_s->wpa_state >= WPA_ASSOCIATED) | |
917 | return; | |
918 | ||
919 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
920 | struct wpa_scan_res *bss = wpa_s->scan_res->res[i]; | |
921 | struct wpabuf *ie; | |
922 | ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
923 | if (!ie) | |
924 | continue; | |
925 | if (wps_is_selected_pbc_registrar(ie)) | |
926 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PBC); | |
927 | else if (wps_is_selected_pin_registrar(ie)) | |
928 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PIN); | |
929 | else | |
930 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE); | |
931 | wpabuf_free(ie); | |
932 | break; | |
933 | } | |
934 | } | |
24c23d1b JM |
935 | |
936 | ||
937 | int wpas_wps_searching(struct wpa_supplicant *wpa_s) | |
938 | { | |
939 | struct wpa_ssid *ssid; | |
940 | ||
941 | for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { | |
942 | if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && !ssid->disabled) | |
943 | return 1; | |
944 | } | |
945 | ||
946 | return 0; | |
947 | } |