]>
Commit | Line | Data |
---|---|---|
fa201b69 JM |
1 | /* |
2 | * wpa_supplicant / WPS integration | |
3 | * Copyright (c) 2008, Jouni Malinen <j@w1.fi> | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2 as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * Alternatively, this software may be distributed under the terms of BSD | |
10 | * license. | |
11 | * | |
12 | * See README and COPYING for more details. | |
13 | */ | |
14 | ||
15 | #include "includes.h" | |
16 | ||
17 | #include "common.h" | |
90973fb2 JM |
18 | #include "common/ieee802_11_defs.h" |
19 | #include "common/ieee802_11_common.h" | |
20 | #include "common/wpa_common.h" | |
fa201b69 | 21 | #include "config.h" |
b01c18a8 | 22 | #include "eap_peer/eap.h" |
fa201b69 | 23 | #include "wpa_supplicant_i.h" |
2d5b792d | 24 | #include "driver_i.h" |
fcc60db4 | 25 | #include "eloop.h" |
79da74a2 | 26 | #include "uuid.h" |
90973fb2 | 27 | #include "common/wpa_ctrl.h" |
8bac466b | 28 | #include "notify.h" |
fcc60db4 | 29 | #include "eap_common/eap_wsc_common.h" |
a6099152 | 30 | #include "blacklist.h" |
7cc1b6c9 | 31 | #include "wpa.h" |
fa201b69 | 32 | #include "wps_supplicant.h" |
f042122a | 33 | #include "dh_group5.h" |
fa201b69 | 34 | |
a6099152 | 35 | #define WPS_PIN_SCAN_IGNORE_SEL_REG 3 |
fa201b69 | 36 | |
fcc60db4 | 37 | static void wpas_wps_timeout(void *eloop_ctx, void *timeout_ctx); |
469fc3a4 | 38 | static void wpas_clear_wps(struct wpa_supplicant *wpa_s); |
fcc60db4 JM |
39 | |
40 | ||
fa201b69 JM |
41 | int wpas_wps_eapol_cb(struct wpa_supplicant *wpa_s) |
42 | { | |
a6099152 JM |
43 | if (!wpa_s->wps_success && |
44 | wpa_s->current_ssid && | |
45 | eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { | |
46 | const u8 *bssid = wpa_s->bssid; | |
47 | if (is_zero_ether_addr(bssid)) | |
48 | bssid = wpa_s->pending_bssid; | |
49 | ||
50 | wpa_printf(MSG_DEBUG, "WPS: PIN registration with " MACSTR | |
51 | " did not succeed - continue trying to find " | |
52 | "suitable AP", MAC2STR(bssid)); | |
53 | wpa_blacklist_add(wpa_s, bssid); | |
54 | ||
55 | wpa_supplicant_deauthenticate(wpa_s, | |
56 | WLAN_REASON_DEAUTH_LEAVING); | |
57 | wpa_s->reassociate = 1; | |
58 | wpa_supplicant_req_scan(wpa_s, | |
59 | wpa_s->blacklist_cleared ? 5 : 0, 0); | |
60 | wpa_s->blacklist_cleared = 0; | |
61 | return 1; | |
62 | } | |
63 | ||
fcc60db4 JM |
64 | eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); |
65 | ||
fa201b69 JM |
66 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid && |
67 | !(wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { | |
68 | wpa_printf(MSG_DEBUG, "WPS: Network configuration replaced - " | |
69 | "try to associate with the received credential"); | |
70 | wpa_supplicant_deauthenticate(wpa_s, | |
71 | WLAN_REASON_DEAUTH_LEAVING); | |
72 | wpa_s->reassociate = 1; | |
73 | wpa_supplicant_req_scan(wpa_s, 0, 0); | |
74 | return 1; | |
75 | } | |
76 | ||
47662164 JM |
77 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS && wpa_s->current_ssid) { |
78 | wpa_printf(MSG_DEBUG, "WPS: Registration completed - waiting " | |
79 | "for external credential processing"); | |
80 | wpas_clear_wps(wpa_s); | |
81 | wpa_supplicant_deauthenticate(wpa_s, | |
82 | WLAN_REASON_DEAUTH_LEAVING); | |
83 | return 1; | |
84 | } | |
85 | ||
fa201b69 JM |
86 | return 0; |
87 | } | |
88 | ||
89 | ||
7cc1b6c9 JM |
90 | static void wpas_wps_security_workaround(struct wpa_supplicant *wpa_s, |
91 | struct wpa_ssid *ssid, | |
92 | const struct wps_credential *cred) | |
93 | { | |
94 | struct wpa_driver_capa capa; | |
95 | size_t i; | |
96 | struct wpa_scan_res *bss; | |
97 | const u8 *ie; | |
98 | struct wpa_ie_data adv; | |
99 | int wpa2 = 0, ccmp = 0; | |
100 | ||
101 | /* | |
102 | * Many existing WPS APs do not know how to negotiate WPA2 or CCMP in | |
103 | * case they are configured for mixed mode operation (WPA+WPA2 and | |
104 | * TKIP+CCMP). Try to use scan results to figure out whether the AP | |
105 | * actually supports stronger security and select that if the client | |
106 | * has support for it, too. | |
107 | */ | |
108 | ||
109 | if (wpa_drv_get_capa(wpa_s, &capa)) | |
110 | return; /* Unknown what driver supports */ | |
111 | ||
112 | if (wpa_supplicant_get_scan_results(wpa_s) || wpa_s->scan_res == NULL) | |
113 | return; /* Could not get scan results for checking advertised | |
114 | * parameters */ | |
115 | ||
116 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
117 | bss = wpa_s->scan_res->res[i]; | |
118 | if (os_memcmp(bss->bssid, cred->mac_addr, ETH_ALEN) != 0) | |
119 | continue; | |
120 | ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); | |
121 | if (ie == NULL) | |
122 | continue; | |
123 | if (ie[1] != ssid->ssid_len || ssid->ssid == NULL || | |
124 | os_memcmp(ie + 2, ssid->ssid, ssid->ssid_len) != 0) | |
125 | continue; | |
126 | ||
127 | wpa_printf(MSG_DEBUG, "WPS: AP found from scan results"); | |
128 | break; | |
129 | } | |
130 | ||
131 | if (i == wpa_s->scan_res->num) { | |
132 | wpa_printf(MSG_DEBUG, "WPS: The AP was not found from scan " | |
133 | "results - use credential as-is"); | |
134 | return; | |
135 | } | |
136 | ||
137 | ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
138 | if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0) { | |
139 | wpa2 = 1; | |
140 | if (adv.pairwise_cipher & WPA_CIPHER_CCMP) | |
141 | ccmp = 1; | |
142 | } else { | |
143 | ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
144 | if (ie && wpa_parse_wpa_ie(ie, 2 + ie[1], &adv) == 0 && | |
145 | adv.pairwise_cipher & WPA_CIPHER_CCMP) | |
146 | ccmp = 1; | |
147 | } | |
148 | ||
149 | if (ie == NULL && (ssid->proto & WPA_PROTO_WPA) && | |
150 | (ssid->pairwise_cipher & WPA_CIPHER_TKIP)) { | |
151 | /* | |
152 | * TODO: This could be the initial AP configuration and the | |
153 | * Beacon contents could change shortly. Should request a new | |
154 | * scan and delay addition of the network until the updated | |
155 | * scan results are available. | |
156 | */ | |
157 | wpa_printf(MSG_DEBUG, "WPS: The AP did not yet advertise WPA " | |
158 | "support - use credential as-is"); | |
159 | return; | |
160 | } | |
161 | ||
162 | if (ccmp && !(ssid->pairwise_cipher & WPA_CIPHER_CCMP) && | |
163 | (ssid->pairwise_cipher & WPA_CIPHER_TKIP) && | |
164 | (capa.key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) { | |
165 | wpa_printf(MSG_DEBUG, "WPS: Add CCMP into the credential " | |
166 | "based on scan results"); | |
167 | if (wpa_s->conf->ap_scan == 1) | |
168 | ssid->pairwise_cipher |= WPA_CIPHER_CCMP; | |
169 | else | |
170 | ssid->pairwise_cipher = WPA_CIPHER_CCMP; | |
171 | } | |
172 | ||
173 | if (wpa2 && !(ssid->proto & WPA_PROTO_RSN) && | |
174 | (ssid->proto & WPA_PROTO_WPA) && | |
175 | (capa.enc & WPA_DRIVER_CAPA_ENC_CCMP)) { | |
176 | wpa_printf(MSG_DEBUG, "WPS: Add WPA2 into the credential " | |
177 | "based on scan results"); | |
178 | if (wpa_s->conf->ap_scan == 1) | |
179 | ssid->proto |= WPA_PROTO_RSN; | |
180 | else | |
181 | ssid->proto = WPA_PROTO_RSN; | |
182 | } | |
183 | } | |
184 | ||
185 | ||
bcbbc7af JM |
186 | static int wpa_supplicant_wps_cred(void *ctx, |
187 | const struct wps_credential *cred) | |
fa201b69 JM |
188 | { |
189 | struct wpa_supplicant *wpa_s = ctx; | |
190 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
522b5b6e | 191 | u8 key_idx = 0; |
49eba5f8 | 192 | u16 auth_type; |
fa201b69 | 193 | |
47662164 JM |
194 | if ((wpa_s->conf->wps_cred_processing == 1 || |
195 | wpa_s->conf->wps_cred_processing == 2) && cred->cred_attr) { | |
196 | size_t blen = cred->cred_attr_len * 2 + 1; | |
197 | char *buf = os_malloc(blen); | |
198 | if (buf) { | |
199 | wpa_snprintf_hex(buf, blen, | |
200 | cred->cred_attr, cred->cred_attr_len); | |
201 | wpa_msg(wpa_s, MSG_INFO, "%s%s", | |
202 | WPS_EVENT_CRED_RECEIVED, buf); | |
203 | os_free(buf); | |
204 | } | |
8bac466b JM |
205 | |
206 | wpas_notify_wps_credential(wpa_s, cred); | |
47662164 JM |
207 | } else |
208 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_CRED_RECEIVED); | |
fa201b69 | 209 | |
eca6e0a9 JM |
210 | wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute", |
211 | cred->cred_attr, cred->cred_attr_len); | |
212 | ||
47662164 JM |
213 | if (wpa_s->conf->wps_cred_processing == 1) |
214 | return 0; | |
215 | ||
73267b9c JM |
216 | wpa_hexdump_ascii(MSG_DEBUG, "WPS: SSID", cred->ssid, cred->ssid_len); |
217 | wpa_printf(MSG_DEBUG, "WPS: Authentication Type 0x%x", | |
218 | cred->auth_type); | |
219 | wpa_printf(MSG_DEBUG, "WPS: Encryption Type 0x%x", cred->encr_type); | |
220 | wpa_printf(MSG_DEBUG, "WPS: Network Key Index %d", cred->key_idx); | |
221 | wpa_hexdump_key(MSG_DEBUG, "WPS: Network Key", | |
222 | cred->key, cred->key_len); | |
223 | wpa_printf(MSG_DEBUG, "WPS: MAC Address " MACSTR, | |
224 | MAC2STR(cred->mac_addr)); | |
225 | ||
49eba5f8 JM |
226 | auth_type = cred->auth_type; |
227 | if (auth_type == (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK)) { | |
228 | wpa_printf(MSG_DEBUG, "WPS: Workaround - convert mixed-mode " | |
229 | "auth_type into WPA2PSK"); | |
230 | auth_type = WPS_AUTH_WPA2PSK; | |
231 | } | |
232 | ||
233 | if (auth_type != WPS_AUTH_OPEN && | |
234 | auth_type != WPS_AUTH_SHARED && | |
235 | auth_type != WPS_AUTH_WPAPSK && | |
236 | auth_type != WPS_AUTH_WPA2PSK) { | |
f286077d | 237 | wpa_printf(MSG_DEBUG, "WPS: Ignored credentials for " |
49eba5f8 JM |
238 | "unsupported authentication type 0x%x", |
239 | auth_type); | |
f286077d JM |
240 | return 0; |
241 | } | |
242 | ||
fa201b69 JM |
243 | if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { |
244 | wpa_printf(MSG_DEBUG, "WPS: Replace WPS network block based " | |
245 | "on the received credential"); | |
246 | os_free(ssid->eap.identity); | |
247 | ssid->eap.identity = NULL; | |
248 | ssid->eap.identity_len = 0; | |
249 | os_free(ssid->eap.phase1); | |
250 | ssid->eap.phase1 = NULL; | |
251 | os_free(ssid->eap.eap_methods); | |
252 | ssid->eap.eap_methods = NULL; | |
253 | } else { | |
254 | wpa_printf(MSG_DEBUG, "WPS: Create a new network based on the " | |
255 | "received credential"); | |
256 | ssid = wpa_config_add_network(wpa_s->conf); | |
257 | if (ssid == NULL) | |
258 | return -1; | |
8bac466b | 259 | wpas_notify_network_added(wpa_s, ssid); |
fa201b69 JM |
260 | } |
261 | ||
262 | wpa_config_set_network_defaults(ssid); | |
263 | ||
264 | os_free(ssid->ssid); | |
265 | ssid->ssid = os_malloc(cred->ssid_len); | |
266 | if (ssid->ssid) { | |
267 | os_memcpy(ssid->ssid, cred->ssid, cred->ssid_len); | |
268 | ssid->ssid_len = cred->ssid_len; | |
269 | } | |
270 | ||
271 | switch (cred->encr_type) { | |
272 | case WPS_ENCR_NONE: | |
fa201b69 JM |
273 | break; |
274 | case WPS_ENCR_WEP: | |
4b195a1b AT |
275 | if (cred->key_len <= 0) |
276 | break; | |
277 | if (cred->key_len != 5 && cred->key_len != 13 && | |
278 | cred->key_len != 10 && cred->key_len != 26) { | |
279 | wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key length " | |
280 | "%lu", (unsigned long) cred->key_len); | |
281 | return -1; | |
282 | } | |
522b5b6e | 283 | if (cred->key_idx > NUM_WEP_KEYS) { |
4b195a1b AT |
284 | wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key index %d", |
285 | cred->key_idx); | |
286 | return -1; | |
287 | } | |
522b5b6e AT |
288 | if (cred->key_idx) |
289 | key_idx = cred->key_idx - 1; | |
4b195a1b AT |
290 | if (cred->key_len == 10 || cred->key_len == 26) { |
291 | if (hexstr2bin((char *) cred->key, | |
292 | ssid->wep_key[key_idx], | |
293 | cred->key_len / 2) < 0) { | |
294 | wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key " | |
295 | "%d", key_idx); | |
296 | return -1; | |
297 | } | |
298 | ssid->wep_key_len[key_idx] = cred->key_len / 2; | |
299 | } else { | |
300 | os_memcpy(ssid->wep_key[key_idx], cred->key, | |
fa201b69 | 301 | cred->key_len); |
4b195a1b | 302 | ssid->wep_key_len[key_idx] = cred->key_len; |
fa201b69 | 303 | } |
4b195a1b | 304 | ssid->wep_tx_keyidx = key_idx; |
fa201b69 JM |
305 | break; |
306 | case WPS_ENCR_TKIP: | |
307 | ssid->pairwise_cipher = WPA_CIPHER_TKIP; | |
fa201b69 JM |
308 | break; |
309 | case WPS_ENCR_AES: | |
310 | ssid->pairwise_cipher = WPA_CIPHER_CCMP; | |
fa201b69 JM |
311 | break; |
312 | } | |
313 | ||
49eba5f8 | 314 | switch (auth_type) { |
fa201b69 JM |
315 | case WPS_AUTH_OPEN: |
316 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
317 | ssid->key_mgmt = WPA_KEY_MGMT_NONE; | |
318 | ssid->proto = 0; | |
319 | break; | |
320 | case WPS_AUTH_SHARED: | |
321 | ssid->auth_alg = WPA_AUTH_ALG_SHARED; | |
322 | ssid->key_mgmt = WPA_KEY_MGMT_NONE; | |
323 | ssid->proto = 0; | |
324 | break; | |
325 | case WPS_AUTH_WPAPSK: | |
326 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
327 | ssid->key_mgmt = WPA_KEY_MGMT_PSK; | |
328 | ssid->proto = WPA_PROTO_WPA; | |
329 | break; | |
330 | case WPS_AUTH_WPA: | |
331 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
332 | ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X; | |
333 | ssid->proto = WPA_PROTO_WPA; | |
334 | break; | |
335 | case WPS_AUTH_WPA2: | |
336 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
337 | ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X; | |
338 | ssid->proto = WPA_PROTO_RSN; | |
339 | break; | |
340 | case WPS_AUTH_WPA2PSK: | |
341 | ssid->auth_alg = WPA_AUTH_ALG_OPEN; | |
342 | ssid->key_mgmt = WPA_KEY_MGMT_PSK; | |
343 | ssid->proto = WPA_PROTO_RSN; | |
344 | break; | |
345 | } | |
346 | ||
347 | if (ssid->key_mgmt == WPA_KEY_MGMT_PSK) { | |
348 | if (cred->key_len == 2 * PMK_LEN) { | |
349 | if (hexstr2bin((const char *) cred->key, ssid->psk, | |
350 | PMK_LEN)) { | |
351 | wpa_printf(MSG_ERROR, "WPS: Invalid Network " | |
352 | "Key"); | |
353 | return -1; | |
354 | } | |
355 | ssid->psk_set = 1; | |
356 | } else if (cred->key_len >= 8 && cred->key_len < 2 * PMK_LEN) { | |
357 | os_free(ssid->passphrase); | |
358 | ssid->passphrase = os_malloc(cred->key_len + 1); | |
359 | if (ssid->passphrase == NULL) | |
360 | return -1; | |
361 | os_memcpy(ssid->passphrase, cred->key, cred->key_len); | |
362 | ssid->passphrase[cred->key_len] = '\0'; | |
363 | wpa_config_update_psk(ssid); | |
364 | } else { | |
365 | wpa_printf(MSG_ERROR, "WPS: Invalid Network Key " | |
366 | "length %lu", | |
367 | (unsigned long) cred->key_len); | |
368 | return -1; | |
369 | } | |
370 | } | |
371 | ||
7cc1b6c9 JM |
372 | wpas_wps_security_workaround(wpa_s, ssid, cred); |
373 | ||
fa201b69 JM |
374 | #ifndef CONFIG_NO_CONFIG_WRITE |
375 | if (wpa_s->conf->update_config && | |
376 | wpa_config_write(wpa_s->confname, wpa_s->conf)) { | |
377 | wpa_printf(MSG_DEBUG, "WPS: Failed to update configuration"); | |
378 | return -1; | |
379 | } | |
380 | #endif /* CONFIG_NO_CONFIG_WRITE */ | |
381 | ||
382 | return 0; | |
383 | } | |
384 | ||
385 | ||
4b68290e JM |
386 | static void wpa_supplicant_wps_event_m2d(struct wpa_supplicant *wpa_s, |
387 | struct wps_event_m2d *m2d) | |
388 | { | |
389 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_M2D | |
390 | "dev_password_id=%d config_error=%d", | |
391 | m2d->dev_password_id, m2d->config_error); | |
8bac466b | 392 | wpas_notify_wps_event_m2d(wpa_s, m2d); |
4b68290e JM |
393 | } |
394 | ||
395 | ||
469fc3a4 JM |
396 | static void wpa_supplicant_wps_event_fail(struct wpa_supplicant *wpa_s, |
397 | struct wps_event_fail *fail) | |
398 | { | |
399 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_FAIL "msg=%d", fail->msg); | |
400 | wpas_clear_wps(wpa_s); | |
8bac466b | 401 | wpas_notify_wps_event_fail(wpa_s, fail); |
469fc3a4 JM |
402 | } |
403 | ||
404 | ||
ad5302a1 JM |
405 | static void wpa_supplicant_wps_event_success(struct wpa_supplicant *wpa_s) |
406 | { | |
407 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_SUCCESS); | |
a6099152 | 408 | wpa_s->wps_success = 1; |
8bac466b | 409 | wpas_notify_wps_event_success(wpa_s); |
ad5302a1 JM |
410 | } |
411 | ||
412 | ||
b78bc3a3 JM |
413 | static void wpa_supplicant_wps_event_er_ap_add(struct wpa_supplicant *wpa_s, |
414 | struct wps_event_er_ap *ap) | |
415 | { | |
416 | char uuid_str[100]; | |
ed45947e | 417 | char dev_type[WPS_DEV_TYPE_BUFSIZE]; |
e694b344 | 418 | |
b78bc3a3 | 419 | uuid_bin2str(ap->uuid, uuid_str, sizeof(uuid_str)); |
e694b344 | 420 | if (ap->pri_dev_type) |
ed45947e JM |
421 | wps_dev_type_bin2str(ap->pri_dev_type, dev_type, |
422 | sizeof(dev_type)); | |
e694b344 JM |
423 | else |
424 | dev_type[0] = '\0'; | |
425 | ||
426 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_ER_AP_ADD "%s " MACSTR | |
427 | " pri_dev_type=%s wps_state=%d |%s|%s|%s|%s|%s|%s|", | |
428 | uuid_str, MAC2STR(ap->mac_addr), dev_type, ap->wps_state, | |
b78bc3a3 JM |
429 | ap->friendly_name ? ap->friendly_name : "", |
430 | ap->manufacturer ? ap->manufacturer : "", | |
431 | ap->model_description ? ap->model_description : "", | |
432 | ap->model_name ? ap->model_name : "", | |
433 | ap->manufacturer_url ? ap->manufacturer_url : "", | |
434 | ap->model_url ? ap->model_url : ""); | |
435 | } | |
436 | ||
437 | ||
438 | static void wpa_supplicant_wps_event_er_ap_remove(struct wpa_supplicant *wpa_s, | |
439 | struct wps_event_er_ap *ap) | |
440 | { | |
441 | char uuid_str[100]; | |
442 | uuid_bin2str(ap->uuid, uuid_str, sizeof(uuid_str)); | |
443 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_ER_AP_REMOVE "%s", uuid_str); | |
444 | } | |
445 | ||
446 | ||
447 | static void wpa_supplicant_wps_event_er_enrollee_add( | |
448 | struct wpa_supplicant *wpa_s, struct wps_event_er_enrollee *enrollee) | |
449 | { | |
450 | char uuid_str[100]; | |
ed45947e | 451 | char dev_type[WPS_DEV_TYPE_BUFSIZE]; |
b78bc3a3 JM |
452 | |
453 | uuid_bin2str(enrollee->uuid, uuid_str, sizeof(uuid_str)); | |
454 | if (enrollee->pri_dev_type) | |
ed45947e JM |
455 | wps_dev_type_bin2str(enrollee->pri_dev_type, dev_type, |
456 | sizeof(dev_type)); | |
b78bc3a3 JM |
457 | else |
458 | dev_type[0] = '\0'; | |
459 | ||
460 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_ER_ENROLLEE_ADD "%s " MACSTR | |
461 | " M1=%d config_methods=0x%x dev_passwd_id=%d pri_dev_type=%s " | |
462 | "|%s|%s|%s|%s|%s|", | |
463 | uuid_str, MAC2STR(enrollee->mac_addr), enrollee->m1_received, | |
464 | enrollee->config_methods, enrollee->dev_passwd_id, dev_type, | |
465 | enrollee->dev_name ? enrollee->dev_name : "", | |
466 | enrollee->manufacturer ? enrollee->manufacturer : "", | |
467 | enrollee->model_name ? enrollee->model_name : "", | |
468 | enrollee->model_number ? enrollee->model_number : "", | |
469 | enrollee->serial_number ? enrollee->serial_number : ""); | |
470 | } | |
471 | ||
472 | ||
473 | static void wpa_supplicant_wps_event_er_enrollee_remove( | |
474 | struct wpa_supplicant *wpa_s, struct wps_event_er_enrollee *enrollee) | |
475 | { | |
476 | char uuid_str[100]; | |
477 | uuid_bin2str(enrollee->uuid, uuid_str, sizeof(uuid_str)); | |
478 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_ER_ENROLLEE_REMOVE "%s " MACSTR, | |
479 | uuid_str, MAC2STR(enrollee->mac_addr)); | |
480 | } | |
481 | ||
482 | ||
4b68290e JM |
483 | static void wpa_supplicant_wps_event(void *ctx, enum wps_event event, |
484 | union wps_event_data *data) | |
485 | { | |
486 | struct wpa_supplicant *wpa_s = ctx; | |
487 | switch (event) { | |
488 | case WPS_EV_M2D: | |
489 | wpa_supplicant_wps_event_m2d(wpa_s, &data->m2d); | |
490 | break; | |
469fc3a4 JM |
491 | case WPS_EV_FAIL: |
492 | wpa_supplicant_wps_event_fail(wpa_s, &data->fail); | |
493 | break; | |
ad5302a1 JM |
494 | case WPS_EV_SUCCESS: |
495 | wpa_supplicant_wps_event_success(wpa_s); | |
496 | break; | |
3b2cf800 JM |
497 | case WPS_EV_PWD_AUTH_FAIL: |
498 | break; | |
63330c68 OK |
499 | case WPS_EV_PBC_OVERLAP: |
500 | break; | |
501 | case WPS_EV_PBC_TIMEOUT: | |
502 | break; | |
b78bc3a3 JM |
503 | case WPS_EV_ER_AP_ADD: |
504 | wpa_supplicant_wps_event_er_ap_add(wpa_s, &data->ap); | |
505 | break; | |
506 | case WPS_EV_ER_AP_REMOVE: | |
507 | wpa_supplicant_wps_event_er_ap_remove(wpa_s, &data->ap); | |
508 | break; | |
509 | case WPS_EV_ER_ENROLLEE_ADD: | |
510 | wpa_supplicant_wps_event_er_enrollee_add(wpa_s, | |
511 | &data->enrollee); | |
512 | break; | |
513 | case WPS_EV_ER_ENROLLEE_REMOVE: | |
514 | wpa_supplicant_wps_event_er_enrollee_remove(wpa_s, | |
515 | &data->enrollee); | |
516 | break; | |
4b68290e JM |
517 | } |
518 | } | |
519 | ||
520 | ||
f90c86d4 | 521 | enum wps_request_type wpas_wps_get_req_type(struct wpa_ssid *ssid) |
fa201b69 | 522 | { |
b01c18a8 JM |
523 | if (eap_is_wps_pbc_enrollee(&ssid->eap) || |
524 | eap_is_wps_pin_enrollee(&ssid->eap)) | |
525 | return WPS_REQ_ENROLLEE; | |
526 | else | |
527 | return WPS_REQ_REGISTRAR; | |
fa201b69 | 528 | } |
116654ce JM |
529 | |
530 | ||
fcc60db4 JM |
531 | static void wpas_clear_wps(struct wpa_supplicant *wpa_s) |
532 | { | |
533 | int id; | |
8bac466b | 534 | struct wpa_ssid *ssid, *remove_ssid = NULL; |
fcc60db4 JM |
535 | |
536 | eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); | |
537 | ||
538 | /* Remove any existing WPS network from configuration */ | |
539 | ssid = wpa_s->conf->ssid; | |
540 | while (ssid) { | |
f0477201 | 541 | if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { |
8bac466b | 542 | if (ssid == wpa_s->current_ssid) { |
f0477201 | 543 | wpa_s->current_ssid = NULL; |
8bac466b JM |
544 | if (ssid != NULL) |
545 | wpas_notify_network_changed(wpa_s); | |
546 | } | |
fcc60db4 | 547 | id = ssid->id; |
8bac466b | 548 | remove_ssid = ssid; |
f0477201 | 549 | } else |
fcc60db4 JM |
550 | id = -1; |
551 | ssid = ssid->next; | |
8bac466b JM |
552 | if (id >= 0) { |
553 | wpas_notify_network_removed(wpa_s, remove_ssid); | |
fcc60db4 | 554 | wpa_config_remove_network(wpa_s->conf, id); |
8bac466b | 555 | } |
fcc60db4 JM |
556 | } |
557 | } | |
558 | ||
559 | ||
560 | static void wpas_wps_timeout(void *eloop_ctx, void *timeout_ctx) | |
561 | { | |
562 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
a6099152 JM |
563 | wpa_printf(MSG_INFO, WPS_EVENT_TIMEOUT "Requested operation timed " |
564 | "out"); | |
fcc60db4 JM |
565 | wpas_clear_wps(wpa_s); |
566 | } | |
567 | ||
568 | ||
569 | static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s, | |
570 | int registrar, const u8 *bssid) | |
571 | { | |
572 | struct wpa_ssid *ssid; | |
573 | ||
574 | ssid = wpa_config_add_network(wpa_s->conf); | |
575 | if (ssid == NULL) | |
576 | return NULL; | |
8bac466b | 577 | wpas_notify_network_added(wpa_s, ssid); |
fcc60db4 JM |
578 | wpa_config_set_network_defaults(ssid); |
579 | if (wpa_config_set(ssid, "key_mgmt", "WPS", 0) < 0 || | |
580 | wpa_config_set(ssid, "eap", "WSC", 0) < 0 || | |
581 | wpa_config_set(ssid, "identity", registrar ? | |
582 | "\"" WSC_ID_REGISTRAR "\"" : | |
583 | "\"" WSC_ID_ENROLLEE "\"", 0) < 0) { | |
8bac466b | 584 | wpas_notify_network_removed(wpa_s, ssid); |
fcc60db4 JM |
585 | wpa_config_remove_network(wpa_s->conf, ssid->id); |
586 | return NULL; | |
587 | } | |
588 | ||
589 | if (bssid) { | |
590 | size_t i; | |
591 | struct wpa_scan_res *res; | |
592 | ||
593 | os_memcpy(ssid->bssid, bssid, ETH_ALEN); | |
24c23d1b | 594 | ssid->bssid_set = 1; |
fcc60db4 JM |
595 | |
596 | /* Try to get SSID from scan results */ | |
597 | if (wpa_s->scan_res == NULL && | |
598 | wpa_supplicant_get_scan_results(wpa_s) < 0) | |
599 | return ssid; /* Could not find any scan results */ | |
600 | ||
601 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
602 | const u8 *ie; | |
603 | ||
604 | res = wpa_s->scan_res->res[i]; | |
605 | if (os_memcmp(bssid, res->bssid, ETH_ALEN) != 0) | |
606 | continue; | |
607 | ||
608 | ie = wpa_scan_get_ie(res, WLAN_EID_SSID); | |
609 | if (ie == NULL) | |
610 | break; | |
611 | os_free(ssid->ssid); | |
612 | ssid->ssid = os_malloc(ie[1]); | |
613 | if (ssid->ssid == NULL) | |
614 | break; | |
615 | os_memcpy(ssid->ssid, ie + 2, ie[1]); | |
616 | ssid->ssid_len = ie[1]; | |
617 | break; | |
618 | } | |
619 | } | |
620 | ||
621 | return ssid; | |
622 | } | |
623 | ||
624 | ||
625 | static void wpas_wps_reassoc(struct wpa_supplicant *wpa_s, | |
626 | struct wpa_ssid *selected) | |
627 | { | |
628 | struct wpa_ssid *ssid; | |
629 | ||
630 | /* Mark all other networks disabled and trigger reassociation */ | |
631 | ssid = wpa_s->conf->ssid; | |
632 | while (ssid) { | |
8bac466b | 633 | int was_disabled = ssid->disabled; |
fcc60db4 | 634 | ssid->disabled = ssid != selected; |
8bac466b JM |
635 | if (was_disabled != ssid->disabled) |
636 | wpas_notify_network_enabled_changed(wpa_s, ssid); | |
fcc60db4 JM |
637 | ssid = ssid->next; |
638 | } | |
639 | wpa_s->disconnected = 0; | |
640 | wpa_s->reassociate = 1; | |
a6099152 JM |
641 | wpa_s->scan_runs = 0; |
642 | wpa_s->wps_success = 0; | |
643 | wpa_s->blacklist_cleared = 0; | |
fcc60db4 JM |
644 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
645 | } | |
646 | ||
647 | ||
648 | int wpas_wps_start_pbc(struct wpa_supplicant *wpa_s, const u8 *bssid) | |
649 | { | |
650 | struct wpa_ssid *ssid; | |
651 | wpas_clear_wps(wpa_s); | |
652 | ssid = wpas_wps_add_network(wpa_s, 0, bssid); | |
653 | if (ssid == NULL) | |
654 | return -1; | |
655 | wpa_config_set(ssid, "phase1", "\"pbc=1\"", 0); | |
656 | eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, | |
657 | wpa_s, NULL); | |
658 | wpas_wps_reassoc(wpa_s, ssid); | |
659 | return 0; | |
660 | } | |
661 | ||
662 | ||
663 | int wpas_wps_start_pin(struct wpa_supplicant *wpa_s, const u8 *bssid, | |
664 | const char *pin) | |
665 | { | |
666 | struct wpa_ssid *ssid; | |
46bdb83a | 667 | char val[128]; |
fcc60db4 JM |
668 | unsigned int rpin = 0; |
669 | ||
670 | wpas_clear_wps(wpa_s); | |
671 | ssid = wpas_wps_add_network(wpa_s, 0, bssid); | |
672 | if (ssid == NULL) | |
673 | return -1; | |
674 | if (pin) | |
675 | os_snprintf(val, sizeof(val), "\"pin=%s\"", pin); | |
676 | else { | |
677 | rpin = wps_generate_pin(); | |
678 | os_snprintf(val, sizeof(val), "\"pin=%08d\"", rpin); | |
679 | } | |
680 | wpa_config_set(ssid, "phase1", val, 0); | |
681 | eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, | |
682 | wpa_s, NULL); | |
683 | wpas_wps_reassoc(wpa_s, ssid); | |
684 | return rpin; | |
685 | } | |
686 | ||
687 | ||
116f7bb0 | 688 | #ifdef CONFIG_WPS_OOB |
46bdb83a | 689 | int wpas_wps_start_oob(struct wpa_supplicant *wpa_s, char *device_type, |
e1ee6b60 | 690 | char *path, char *method, char *name) |
46bdb83a MH |
691 | { |
692 | struct wps_context *wps = wpa_s->wps; | |
7cbf51bb | 693 | struct oob_device_data *oob_dev; |
46bdb83a | 694 | |
7cbf51bb JM |
695 | oob_dev = wps_get_oob_device(device_type); |
696 | if (oob_dev == NULL) | |
46bdb83a | 697 | return -1; |
7cbf51bb | 698 | oob_dev->device_path = path; |
e1ee6b60 | 699 | oob_dev->device_name = name; |
46bdb83a MH |
700 | wps->oob_conf.oob_method = wps_get_oob_method(method); |
701 | ||
d5e2b2d2 JM |
702 | if (wps->oob_conf.oob_method == OOB_METHOD_DEV_PWD_E) { |
703 | /* | |
704 | * Use pre-configured DH keys in order to be able to write the | |
705 | * key hash into the OOB file. | |
706 | */ | |
707 | wpabuf_free(wps->dh_pubkey); | |
708 | wpabuf_free(wps->dh_privkey); | |
709 | wps->dh_privkey = NULL; | |
f042122a JM |
710 | wps->dh_pubkey = NULL; |
711 | dh5_free(wps->dh_ctx); | |
712 | wps->dh_ctx = dh5_init(&wps->dh_privkey, &wps->dh_pubkey); | |
d5e2b2d2 | 713 | wps->dh_pubkey = wpabuf_zeropad(wps->dh_pubkey, 192); |
f042122a | 714 | if (wps->dh_ctx == NULL || wps->dh_pubkey == NULL) { |
d5e2b2d2 JM |
715 | wpa_printf(MSG_ERROR, "WPS: Failed to initialize " |
716 | "Diffie-Hellman handshake"); | |
717 | return -1; | |
718 | } | |
719 | } | |
720 | ||
46bdb83a MH |
721 | if (wps->oob_conf.oob_method == OOB_METHOD_CRED) |
722 | wpas_clear_wps(wpa_s); | |
723 | ||
7cbf51bb | 724 | if (wps_process_oob(wps, oob_dev, 0) < 0) |
46bdb83a MH |
725 | return -1; |
726 | ||
727 | if ((wps->oob_conf.oob_method == OOB_METHOD_DEV_PWD_E || | |
728 | wps->oob_conf.oob_method == OOB_METHOD_DEV_PWD_R) && | |
729 | wpas_wps_start_pin(wpa_s, NULL, | |
730 | wpabuf_head(wps->oob_conf.dev_password)) < 0) | |
731 | return -1; | |
732 | ||
733 | return 0; | |
734 | } | |
116f7bb0 | 735 | #endif /* CONFIG_WPS_OOB */ |
46bdb83a MH |
736 | |
737 | ||
fcc60db4 | 738 | int wpas_wps_start_reg(struct wpa_supplicant *wpa_s, const u8 *bssid, |
52eb293d | 739 | const char *pin, struct wps_new_ap_settings *settings) |
fcc60db4 JM |
740 | { |
741 | struct wpa_ssid *ssid; | |
52eb293d JM |
742 | char val[200]; |
743 | char *pos, *end; | |
744 | int res; | |
fcc60db4 JM |
745 | |
746 | if (!pin) | |
747 | return -1; | |
748 | wpas_clear_wps(wpa_s); | |
749 | ssid = wpas_wps_add_network(wpa_s, 1, bssid); | |
750 | if (ssid == NULL) | |
751 | return -1; | |
52eb293d JM |
752 | pos = val; |
753 | end = pos + sizeof(val); | |
754 | res = os_snprintf(pos, end - pos, "\"pin=%s", pin); | |
755 | if (res < 0 || res >= end - pos) | |
756 | return -1; | |
757 | pos += res; | |
758 | if (settings) { | |
759 | res = os_snprintf(pos, end - pos, " new_ssid=%s new_auth=%s " | |
760 | "new_encr=%s new_key=%s", | |
761 | settings->ssid_hex, settings->auth, | |
762 | settings->encr, settings->key_hex); | |
763 | if (res < 0 || res >= end - pos) | |
764 | return -1; | |
765 | pos += res; | |
766 | } | |
767 | res = os_snprintf(pos, end - pos, "\""); | |
768 | if (res < 0 || res >= end - pos) | |
769 | return -1; | |
fcc60db4 JM |
770 | wpa_config_set(ssid, "phase1", val, 0); |
771 | eloop_register_timeout(WPS_PBC_WALK_TIME, 0, wpas_wps_timeout, | |
772 | wpa_s, NULL); | |
773 | wpas_wps_reassoc(wpa_s, ssid); | |
774 | return 0; | |
775 | } | |
776 | ||
777 | ||
c5adf528 JM |
778 | static int wpas_wps_new_psk_cb(void *ctx, const u8 *mac_addr, const u8 *psk, |
779 | size_t psk_len) | |
780 | { | |
781 | wpa_printf(MSG_DEBUG, "WPS: Received new WPA/WPA2-PSK from WPS for " | |
782 | "STA " MACSTR, MAC2STR(mac_addr)); | |
783 | wpa_hexdump_key(MSG_DEBUG, "Per-device PSK", psk, psk_len); | |
784 | ||
785 | /* TODO */ | |
786 | ||
787 | return 0; | |
788 | } | |
789 | ||
790 | ||
791 | static void wpas_wps_pin_needed_cb(void *ctx, const u8 *uuid_e, | |
792 | const struct wps_device_data *dev) | |
793 | { | |
794 | char uuid[40], txt[400]; | |
795 | int len; | |
96750ea5 | 796 | char devtype[WPS_DEV_TYPE_BUFSIZE]; |
c5adf528 JM |
797 | if (uuid_bin2str(uuid_e, uuid, sizeof(uuid))) |
798 | return; | |
799 | wpa_printf(MSG_DEBUG, "WPS: PIN needed for UUID-E %s", uuid); | |
800 | len = os_snprintf(txt, sizeof(txt), "WPS-EVENT-PIN-NEEDED %s " MACSTR | |
96750ea5 | 801 | " [%s|%s|%s|%s|%s|%s]", |
c5adf528 JM |
802 | uuid, MAC2STR(dev->mac_addr), dev->device_name, |
803 | dev->manufacturer, dev->model_name, | |
804 | dev->model_number, dev->serial_number, | |
96750ea5 JM |
805 | wps_dev_type_bin2str(dev->pri_dev_type, devtype, |
806 | sizeof(devtype))); | |
c5adf528 JM |
807 | if (len > 0 && len < (int) sizeof(txt)) |
808 | wpa_printf(MSG_INFO, "%s", txt); | |
809 | } | |
810 | ||
811 | ||
72df2f5f JM |
812 | static void wpas_wps_set_sel_reg_cb(void *ctx, int sel_reg, u16 dev_passwd_id, |
813 | u16 sel_reg_config_methods) | |
814 | { | |
815 | #ifdef CONFIG_WPS_ER | |
816 | struct wpa_supplicant *wpa_s = ctx; | |
817 | ||
818 | if (wpa_s->wps_er == NULL) | |
819 | return; | |
820 | wps_er_set_sel_reg(wpa_s->wps_er, sel_reg, dev_passwd_id, | |
821 | sel_reg_config_methods); | |
822 | #endif /* CONFIG_WPS_ER */ | |
823 | } | |
824 | ||
825 | ||
116654ce JM |
826 | int wpas_wps_init(struct wpa_supplicant *wpa_s) |
827 | { | |
828 | struct wps_context *wps; | |
c5adf528 | 829 | struct wps_registrar_config rcfg; |
116654ce JM |
830 | |
831 | wps = os_zalloc(sizeof(*wps)); | |
832 | if (wps == NULL) | |
833 | return -1; | |
834 | ||
835 | wps->cred_cb = wpa_supplicant_wps_cred; | |
4b68290e | 836 | wps->event_cb = wpa_supplicant_wps_event; |
116654ce JM |
837 | wps->cb_ctx = wpa_s; |
838 | ||
3c0b7aa4 JM |
839 | wps->dev.device_name = wpa_s->conf->device_name; |
840 | wps->dev.manufacturer = wpa_s->conf->manufacturer; | |
841 | wps->dev.model_name = wpa_s->conf->model_name; | |
842 | wps->dev.model_number = wpa_s->conf->model_number; | |
843 | wps->dev.serial_number = wpa_s->conf->serial_number; | |
96750ea5 JM |
844 | if (wpa_s->conf->device_type && |
845 | wps_dev_type_str2bin(wpa_s->conf->device_type, | |
846 | wps->dev.pri_dev_type) < 0) { | |
847 | wpa_printf(MSG_ERROR, "WPS: Invalid device_type"); | |
848 | os_free(wps); | |
849 | return -1; | |
3c0b7aa4 JM |
850 | } |
851 | wps->dev.os_version = WPA_GET_BE32(wpa_s->conf->os_version); | |
852 | wps->dev.rf_bands = WPS_RF_24GHZ | WPS_RF_50GHZ; /* TODO: config */ | |
398cfbf6 | 853 | os_memcpy(wps->dev.mac_addr, wpa_s->own_addr, ETH_ALEN); |
79da74a2 JM |
854 | if (is_nil_uuid(wpa_s->conf->uuid)) { |
855 | uuid_gen_mac_addr(wpa_s->own_addr, wps->uuid); | |
856 | wpa_hexdump(MSG_DEBUG, "WPS: UUID based on MAC address", | |
857 | wps->uuid, WPS_UUID_LEN); | |
858 | } else | |
859 | os_memcpy(wps->uuid, wpa_s->conf->uuid, WPS_UUID_LEN); | |
116654ce | 860 | |
c5adf528 JM |
861 | wps->auth_types = WPS_AUTH_WPA2PSK | WPS_AUTH_WPAPSK; |
862 | wps->encr_types = WPS_ENCR_AES | WPS_ENCR_TKIP; | |
863 | ||
864 | os_memset(&rcfg, 0, sizeof(rcfg)); | |
865 | rcfg.new_psk_cb = wpas_wps_new_psk_cb; | |
866 | rcfg.pin_needed_cb = wpas_wps_pin_needed_cb; | |
72df2f5f | 867 | rcfg.set_sel_reg_cb = wpas_wps_set_sel_reg_cb; |
c5adf528 JM |
868 | rcfg.cb_ctx = wpa_s; |
869 | ||
870 | wps->registrar = wps_registrar_init(wps, &rcfg); | |
871 | if (wps->registrar == NULL) { | |
872 | wpa_printf(MSG_DEBUG, "Failed to initialize WPS Registrar"); | |
873 | os_free(wps); | |
874 | return -1; | |
875 | } | |
876 | ||
116654ce JM |
877 | wpa_s->wps = wps; |
878 | ||
879 | return 0; | |
880 | } | |
881 | ||
882 | ||
883 | void wpas_wps_deinit(struct wpa_supplicant *wpa_s) | |
884 | { | |
fcc60db4 JM |
885 | eloop_cancel_timeout(wpas_wps_timeout, wpa_s, NULL); |
886 | ||
116654ce JM |
887 | if (wpa_s->wps == NULL) |
888 | return; | |
889 | ||
a6b63078 JM |
890 | #ifdef CONFIG_WPS_ER |
891 | wps_er_deinit(wpa_s->wps_er); | |
892 | wpa_s->wps_er = NULL; | |
893 | #endif /* CONFIG_WPS_ER */ | |
894 | ||
c5adf528 | 895 | wps_registrar_deinit(wpa_s->wps->registrar); |
46bdb83a MH |
896 | wpabuf_free(wpa_s->wps->dh_pubkey); |
897 | wpabuf_free(wpa_s->wps->dh_privkey); | |
898 | wpabuf_free(wpa_s->wps->oob_conf.pubkey_hash); | |
899 | wpabuf_free(wpa_s->wps->oob_conf.dev_password); | |
116654ce JM |
900 | os_free(wpa_s->wps->network_key); |
901 | os_free(wpa_s->wps); | |
902 | wpa_s->wps = NULL; | |
903 | } | |
351f09a2 JM |
904 | |
905 | ||
a6099152 JM |
906 | int wpas_wps_ssid_bss_match(struct wpa_supplicant *wpa_s, |
907 | struct wpa_ssid *ssid, struct wpa_scan_res *bss) | |
351f09a2 JM |
908 | { |
909 | struct wpabuf *wps_ie; | |
910 | ||
911 | if (!(ssid->key_mgmt & WPA_KEY_MGMT_WPS)) | |
912 | return -1; | |
913 | ||
914 | wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
915 | if (eap_is_wps_pbc_enrollee(&ssid->eap)) { | |
916 | if (!wps_ie) { | |
917 | wpa_printf(MSG_DEBUG, " skip - non-WPS AP"); | |
918 | return 0; | |
919 | } | |
920 | ||
921 | if (!wps_is_selected_pbc_registrar(wps_ie)) { | |
922 | wpa_printf(MSG_DEBUG, " skip - WPS AP " | |
923 | "without active PBC Registrar"); | |
924 | wpabuf_free(wps_ie); | |
925 | return 0; | |
926 | } | |
927 | ||
928 | /* TODO: overlap detection */ | |
929 | wpa_printf(MSG_DEBUG, " selected based on WPS IE " | |
930 | "(Active PBC)"); | |
931 | wpabuf_free(wps_ie); | |
932 | return 1; | |
933 | } | |
934 | ||
935 | if (eap_is_wps_pin_enrollee(&ssid->eap)) { | |
936 | if (!wps_ie) { | |
937 | wpa_printf(MSG_DEBUG, " skip - non-WPS AP"); | |
938 | return 0; | |
939 | } | |
940 | ||
a6099152 JM |
941 | /* |
942 | * Start with WPS APs that advertise active PIN Registrar and | |
943 | * allow any WPS AP after third scan since some APs do not set | |
944 | * Selected Registrar attribute properly when using external | |
945 | * Registrar. | |
946 | */ | |
351f09a2 | 947 | if (!wps_is_selected_pin_registrar(wps_ie)) { |
a6099152 JM |
948 | if (wpa_s->scan_runs < WPS_PIN_SCAN_IGNORE_SEL_REG) { |
949 | wpa_printf(MSG_DEBUG, " skip - WPS AP " | |
950 | "without active PIN Registrar"); | |
951 | wpabuf_free(wps_ie); | |
952 | return 0; | |
953 | } | |
954 | wpa_printf(MSG_DEBUG, " selected based on WPS IE"); | |
955 | } else { | |
956 | wpa_printf(MSG_DEBUG, " selected based on WPS IE " | |
957 | "(Active PIN)"); | |
351f09a2 | 958 | } |
351f09a2 JM |
959 | wpabuf_free(wps_ie); |
960 | return 1; | |
961 | } | |
962 | ||
963 | if (wps_ie) { | |
964 | wpa_printf(MSG_DEBUG, " selected based on WPS IE"); | |
965 | wpabuf_free(wps_ie); | |
966 | return 1; | |
967 | } | |
968 | ||
969 | return -1; | |
970 | } | |
971 | ||
972 | ||
a6099152 JM |
973 | int wpas_wps_ssid_wildcard_ok(struct wpa_supplicant *wpa_s, |
974 | struct wpa_ssid *ssid, | |
351f09a2 JM |
975 | struct wpa_scan_res *bss) |
976 | { | |
977 | struct wpabuf *wps_ie = NULL; | |
978 | int ret = 0; | |
979 | ||
980 | if (eap_is_wps_pbc_enrollee(&ssid->eap)) { | |
981 | wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
982 | if (wps_ie && wps_is_selected_pbc_registrar(wps_ie)) { | |
983 | /* allow wildcard SSID for WPS PBC */ | |
984 | ret = 1; | |
985 | } | |
986 | } else if (eap_is_wps_pin_enrollee(&ssid->eap)) { | |
987 | wps_ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
a6099152 JM |
988 | if (wps_ie && |
989 | (wps_is_selected_pin_registrar(wps_ie) || | |
990 | wpa_s->scan_runs >= WPS_PIN_SCAN_IGNORE_SEL_REG)) { | |
351f09a2 JM |
991 | /* allow wildcard SSID for WPS PIN */ |
992 | ret = 1; | |
993 | } | |
994 | } | |
995 | ||
24c23d1b JM |
996 | if (!ret && ssid->bssid_set && |
997 | os_memcmp(ssid->bssid, bss->bssid, ETH_ALEN) == 0) { | |
998 | /* allow wildcard SSID due to hardcoded BSSID match */ | |
999 | ret = 1; | |
1000 | } | |
1001 | ||
351f09a2 JM |
1002 | wpabuf_free(wps_ie); |
1003 | ||
1004 | return ret; | |
1005 | } | |
1006 | ||
1007 | ||
1008 | int wpas_wps_scan_pbc_overlap(struct wpa_supplicant *wpa_s, | |
1009 | struct wpa_scan_res *selected, | |
1010 | struct wpa_ssid *ssid) | |
1011 | { | |
1012 | const u8 *sel_uuid, *uuid; | |
1013 | size_t i; | |
1014 | struct wpabuf *wps_ie; | |
1015 | int ret = 0; | |
1016 | ||
1017 | if (!eap_is_wps_pbc_enrollee(&ssid->eap)) | |
1018 | return 0; | |
1019 | ||
1020 | /* Make sure that only one AP is in active PBC mode */ | |
1021 | wps_ie = wpa_scan_get_vendor_ie_multi(selected, WPS_IE_VENDOR_TYPE); | |
1022 | if (wps_ie) | |
1023 | sel_uuid = wps_get_uuid_e(wps_ie); | |
1024 | else | |
1025 | sel_uuid = NULL; | |
351f09a2 JM |
1026 | |
1027 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
1028 | struct wpa_scan_res *bss = wpa_s->scan_res->res[i]; | |
1029 | struct wpabuf *ie; | |
1030 | if (bss == selected) | |
1031 | continue; | |
1032 | ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
1033 | if (!ie) | |
1034 | continue; | |
1035 | if (!wps_is_selected_pbc_registrar(ie)) { | |
1036 | wpabuf_free(ie); | |
1037 | continue; | |
1038 | } | |
1039 | uuid = wps_get_uuid_e(ie); | |
44cd430f JM |
1040 | if (sel_uuid == NULL || uuid == NULL || |
1041 | os_memcmp(sel_uuid, uuid, 16) != 0) { | |
351f09a2 JM |
1042 | ret = 1; /* PBC overlap */ |
1043 | wpabuf_free(ie); | |
1044 | break; | |
1045 | } | |
1046 | ||
1047 | /* TODO: verify that this is reasonable dual-band situation */ | |
484957ae JM |
1048 | |
1049 | wpabuf_free(ie); | |
351f09a2 JM |
1050 | } |
1051 | ||
1052 | wpabuf_free(wps_ie); | |
1053 | ||
1054 | return ret; | |
1055 | } | |
a524f05e JM |
1056 | |
1057 | ||
1058 | void wpas_wps_notify_scan_results(struct wpa_supplicant *wpa_s) | |
1059 | { | |
1060 | size_t i; | |
1061 | ||
1062 | if (wpa_s->disconnected || wpa_s->wpa_state >= WPA_ASSOCIATED) | |
1063 | return; | |
1064 | ||
1065 | for (i = 0; i < wpa_s->scan_res->num; i++) { | |
1066 | struct wpa_scan_res *bss = wpa_s->scan_res->res[i]; | |
1067 | struct wpabuf *ie; | |
1068 | ie = wpa_scan_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE); | |
1069 | if (!ie) | |
1070 | continue; | |
1071 | if (wps_is_selected_pbc_registrar(ie)) | |
1072 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PBC); | |
1073 | else if (wps_is_selected_pin_registrar(ie)) | |
1074 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE_PIN); | |
1075 | else | |
1076 | wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_AP_AVAILABLE); | |
1077 | wpabuf_free(ie); | |
1078 | break; | |
1079 | } | |
1080 | } | |
24c23d1b JM |
1081 | |
1082 | ||
1083 | int wpas_wps_searching(struct wpa_supplicant *wpa_s) | |
1084 | { | |
1085 | struct wpa_ssid *ssid; | |
1086 | ||
1087 | for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { | |
1088 | if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && !ssid->disabled) | |
1089 | return 1; | |
1090 | } | |
1091 | ||
1092 | return 0; | |
1093 | } | |
611ed491 JM |
1094 | |
1095 | ||
1096 | int wpas_wps_scan_result_text(const u8 *ies, size_t ies_len, char *buf, | |
1097 | char *end) | |
1098 | { | |
1099 | struct wpabuf *wps_ie; | |
1100 | int ret; | |
1101 | ||
1102 | wps_ie = ieee802_11_vendor_ie_concat(ies, ies_len, WPS_DEV_OUI_WFA); | |
1103 | if (wps_ie == NULL) | |
1104 | return 0; | |
1105 | ||
1106 | ret = wps_attr_text(wps_ie, buf, end); | |
1107 | wpabuf_free(wps_ie); | |
1108 | return ret; | |
1109 | } | |
e9bcfebf JM |
1110 | |
1111 | ||
1112 | int wpas_wps_er_start(struct wpa_supplicant *wpa_s) | |
1113 | { | |
1114 | #ifdef CONFIG_WPS_ER | |
1115 | if (wpa_s->wps_er) { | |
b3f371ca | 1116 | wps_er_refresh(wpa_s->wps_er); |
e9bcfebf JM |
1117 | return 0; |
1118 | } | |
1119 | wpa_s->wps_er = wps_er_init(wpa_s->wps, wpa_s->ifname); | |
1120 | if (wpa_s->wps_er == NULL) | |
1121 | return -1; | |
1122 | return 0; | |
1123 | #else /* CONFIG_WPS_ER */ | |
1124 | return 0; | |
1125 | #endif /* CONFIG_WPS_ER */ | |
1126 | } | |
1127 | ||
1128 | ||
1129 | int wpas_wps_er_stop(struct wpa_supplicant *wpa_s) | |
1130 | { | |
1131 | #ifdef CONFIG_WPS_ER | |
1132 | wps_er_deinit(wpa_s->wps_er); | |
1133 | wpa_s->wps_er = NULL; | |
1134 | #endif /* CONFIG_WPS_ER */ | |
1135 | return 0; | |
1136 | } | |
72df2f5f JM |
1137 | |
1138 | ||
1139 | #ifdef CONFIG_WPS_ER | |
1140 | int wpas_wps_er_add_pin(struct wpa_supplicant *wpa_s, const char *uuid, | |
1141 | const char *pin) | |
1142 | { | |
1143 | u8 u[UUID_LEN]; | |
1144 | int any = 0; | |
1145 | ||
1146 | if (os_strcmp(uuid, "any") == 0) | |
1147 | any = 1; | |
1148 | else if (uuid_str2bin(uuid, u)) | |
1149 | return -1; | |
1150 | return wps_registrar_add_pin(wpa_s->wps->registrar, any ? NULL : u, | |
1151 | (const u8 *) pin, os_strlen(pin), 300); | |
1152 | } | |
564cd7fa JM |
1153 | |
1154 | ||
1155 | int wpas_wps_er_pbc(struct wpa_supplicant *wpa_s, const char *uuid) | |
1156 | { | |
1157 | u8 u[UUID_LEN]; | |
1158 | ||
1159 | if (uuid_str2bin(uuid, u)) | |
1160 | return -1; | |
1161 | return wps_er_pbc(wpa_s->wps_er, u); | |
1162 | } | |
e64dcfd5 JM |
1163 | |
1164 | ||
1165 | int wpas_wps_er_learn(struct wpa_supplicant *wpa_s, const char *uuid, | |
1166 | const char *pin) | |
1167 | { | |
1168 | u8 u[UUID_LEN]; | |
1169 | ||
1170 | if (uuid_str2bin(uuid, u)) | |
1171 | return -1; | |
1172 | return wps_er_learn(wpa_s->wps_er, u, (const u8 *) pin, | |
1173 | os_strlen(pin)); | |
1174 | } | |
72df2f5f | 1175 | #endif /* CONFIG_WPS_ER */ |