2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
10 #include "utils/includes.h"
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
30 #include "common/ieee802_11_defs.h"
31 #include "config_ssid.h"
33 #include "wpa_supplicant_i.h"
35 #include "p2p_supplicant.h"
37 #include "ap/sta_info.h"
42 static void wpas_wps_ap_pin_timeout(void *eloop_data
, void *user_ctx
);
43 #endif /* CONFIG_WPS */
46 #ifdef CONFIG_IEEE80211N
47 static void wpas_conf_ap_vht(struct wpa_supplicant
*wpa_s
,
48 struct hostapd_config
*conf
,
49 struct hostapd_hw_modes
*mode
)
53 u8 channel
= conf
->channel
;
55 if (!conf
->secondary_channel
)
58 center_chan
= wpas_p2p_get_vht80_center(wpa_s
, mode
, channel
);
62 /* Use 80 MHz channel */
63 conf
->vht_oper_chwidth
= 1;
64 conf
->vht_oper_centr_freq_seg0_idx
= center_chan
;
68 conf
->vht_oper_centr_freq_seg0_idx
=
69 channel
+ conf
->secondary_channel
* 2;
70 #else /* CONFIG_P2P */
71 conf
->vht_oper_centr_freq_seg0_idx
=
72 conf
->channel
+ conf
->secondary_channel
* 2;
73 #endif /* CONFIG_P2P */
75 #endif /* CONFIG_IEEE80211N */
78 void wpa_supplicant_conf_ap_ht(struct wpa_supplicant
*wpa_s
,
79 struct wpa_ssid
*ssid
,
80 struct hostapd_config
*conf
)
82 /* TODO: enable HT40 if driver supports it;
83 * drop to 11b if driver does not support 11g */
85 #ifdef CONFIG_IEEE80211N
87 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
88 * and a mask of allowed capabilities within conf->ht_capab.
89 * Using default config settings for: conf->ht_op_mode_fixed,
90 * conf->secondary_channel, conf->require_ht
92 if (wpa_s
->hw
.modes
) {
93 struct hostapd_hw_modes
*mode
= NULL
;
95 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
96 if (wpa_s
->hw
.modes
[i
].mode
== conf
->hw_mode
) {
97 mode
= &wpa_s
->hw
.modes
[i
];
102 #ifdef CONFIG_HT_OVERRIDES
103 if (ssid
->disable_ht
) {
104 conf
->ieee80211n
= 0;
108 #endif /* CONFIG_HT_OVERRIDES */
110 if (!no_ht
&& mode
&& mode
->ht_capab
) {
111 conf
->ieee80211n
= 1;
113 if (conf
->hw_mode
== HOSTAPD_MODE_IEEE80211A
&&
115 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
) &&
117 conf
->secondary_channel
=
118 wpas_p2p_get_ht40_mode(wpa_s
, mode
,
120 if (conf
->secondary_channel
)
122 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
;
123 #endif /* CONFIG_P2P */
126 * white-list capabilities that won't cause issues
127 * to connecting stations, while leaving the current
128 * capabilities intact (currently disabled SMPS).
130 conf
->ht_capab
|= mode
->ht_capab
&
131 (HT_CAP_INFO_GREEN_FIELD
|
132 HT_CAP_INFO_SHORT_GI20MHZ
|
133 HT_CAP_INFO_SHORT_GI40MHZ
|
134 HT_CAP_INFO_RX_STBC_MASK
|
135 HT_CAP_INFO_MAX_AMSDU_SIZE
);
137 if (mode
->vht_capab
&& ssid
->vht
) {
138 conf
->ieee80211ac
= 1;
139 wpas_conf_ap_vht(wpa_s
, conf
, mode
);
143 #endif /* CONFIG_IEEE80211N */
147 static int wpa_supplicant_conf_ap(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
,
149 struct hostapd_config
*conf
)
151 struct hostapd_bss_config
*bss
= conf
->bss
[0];
153 conf
->driver
= wpa_s
->driver
;
155 os_strlcpy(bss
->iface
, wpa_s
->ifname
, sizeof(bss
->iface
));
157 conf
->hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
,
159 if (conf
->hw_mode
== NUM_HOSTAPD_MODES
) {
160 wpa_printf(MSG_ERROR
, "Unsupported AP mode frequency: %d MHz",
165 wpa_supplicant_conf_ap_ht(wpa_s
, ssid
, conf
);
168 if (conf
->hw_mode
== HOSTAPD_MODE_IEEE80211G
&&
169 (ssid
->mode
== WPAS_MODE_P2P_GO
||
170 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)) {
171 /* Remove 802.11b rates from supported and basic rate sets */
172 int *list
= os_malloc(4 * sizeof(int));
179 conf
->basic_rates
= list
;
181 list
= os_malloc(9 * sizeof(int));
193 conf
->supported_rates
= list
;
196 bss
->isolate
= !wpa_s
->conf
->p2p_intra_bss
;
197 bss
->force_per_enrollee_psk
= wpa_s
->global
->p2p_per_sta_psk
;
199 if (ssid
->p2p_group
) {
200 os_memcpy(bss
->ip_addr_go
, wpa_s
->parent
->conf
->ip_addr_go
, 4);
201 os_memcpy(bss
->ip_addr_mask
, wpa_s
->parent
->conf
->ip_addr_mask
,
203 os_memcpy(bss
->ip_addr_start
,
204 wpa_s
->parent
->conf
->ip_addr_start
, 4);
205 os_memcpy(bss
->ip_addr_end
, wpa_s
->parent
->conf
->ip_addr_end
,
208 #endif /* CONFIG_P2P */
210 if (ssid
->ssid_len
== 0) {
211 wpa_printf(MSG_ERROR
, "No SSID configured for AP mode");
214 os_memcpy(bss
->ssid
.ssid
, ssid
->ssid
, ssid
->ssid_len
);
215 bss
->ssid
.ssid_len
= ssid
->ssid_len
;
216 bss
->ssid
.ssid_set
= 1;
218 bss
->ignore_broadcast_ssid
= ssid
->ignore_broadcast_ssid
;
221 bss
->auth_algs
= ssid
->auth_alg
;
223 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
))
224 bss
->wpa
= ssid
->proto
;
225 bss
->wpa_key_mgmt
= ssid
->key_mgmt
;
226 bss
->wpa_pairwise
= ssid
->pairwise_cipher
;
228 os_free(bss
->ssid
.wpa_psk
);
229 bss
->ssid
.wpa_psk
= os_zalloc(sizeof(struct hostapd_wpa_psk
));
230 if (bss
->ssid
.wpa_psk
== NULL
)
232 os_memcpy(bss
->ssid
.wpa_psk
->psk
, ssid
->psk
, PMK_LEN
);
233 bss
->ssid
.wpa_psk
->group
= 1;
234 } else if (ssid
->passphrase
) {
235 bss
->ssid
.wpa_passphrase
= os_strdup(ssid
->passphrase
);
236 } else if (ssid
->wep_key_len
[0] || ssid
->wep_key_len
[1] ||
237 ssid
->wep_key_len
[2] || ssid
->wep_key_len
[3]) {
238 struct hostapd_wep_keys
*wep
= &bss
->ssid
.wep
;
240 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
241 if (ssid
->wep_key_len
[i
] == 0)
243 wep
->key
[i
] = os_malloc(ssid
->wep_key_len
[i
]);
244 if (wep
->key
[i
] == NULL
)
246 os_memcpy(wep
->key
[i
], ssid
->wep_key
[i
],
247 ssid
->wep_key_len
[i
]);
248 wep
->len
[i
] = ssid
->wep_key_len
[i
];
250 wep
->idx
= ssid
->wep_tx_keyidx
;
254 if (ssid
->ap_max_inactivity
)
255 bss
->ap_max_inactivity
= ssid
->ap_max_inactivity
;
257 if (ssid
->dtim_period
)
258 bss
->dtim_period
= ssid
->dtim_period
;
259 else if (wpa_s
->conf
->dtim_period
)
260 bss
->dtim_period
= wpa_s
->conf
->dtim_period
;
262 if (ssid
->beacon_int
)
263 conf
->beacon_int
= ssid
->beacon_int
;
264 else if (wpa_s
->conf
->beacon_int
)
265 conf
->beacon_int
= wpa_s
->conf
->beacon_int
;
267 if ((bss
->wpa
& 2) && bss
->rsn_pairwise
== 0)
268 bss
->rsn_pairwise
= bss
->wpa_pairwise
;
269 bss
->wpa_group
= wpa_select_ap_group_cipher(bss
->wpa
, bss
->wpa_pairwise
,
272 if (bss
->wpa
&& bss
->ieee802_1x
)
273 bss
->ssid
.security_policy
= SECURITY_WPA
;
275 bss
->ssid
.security_policy
= SECURITY_WPA_PSK
;
276 else if (bss
->ieee802_1x
) {
277 int cipher
= WPA_CIPHER_NONE
;
278 bss
->ssid
.security_policy
= SECURITY_IEEE_802_1X
;
279 bss
->ssid
.wep
.default_len
= bss
->default_wep_key_len
;
280 if (bss
->default_wep_key_len
)
281 cipher
= bss
->default_wep_key_len
>= 13 ?
282 WPA_CIPHER_WEP104
: WPA_CIPHER_WEP40
;
283 bss
->wpa_group
= cipher
;
284 bss
->wpa_pairwise
= cipher
;
285 bss
->rsn_pairwise
= cipher
;
286 } else if (bss
->ssid
.wep
.keys_set
) {
287 int cipher
= WPA_CIPHER_WEP40
;
288 if (bss
->ssid
.wep
.len
[0] >= 13)
289 cipher
= WPA_CIPHER_WEP104
;
290 bss
->ssid
.security_policy
= SECURITY_STATIC_WEP
;
291 bss
->wpa_group
= cipher
;
292 bss
->wpa_pairwise
= cipher
;
293 bss
->rsn_pairwise
= cipher
;
295 bss
->ssid
.security_policy
= SECURITY_PLAINTEXT
;
296 bss
->wpa_group
= WPA_CIPHER_NONE
;
297 bss
->wpa_pairwise
= WPA_CIPHER_NONE
;
298 bss
->rsn_pairwise
= WPA_CIPHER_NONE
;
301 if (bss
->wpa_group_rekey
< 86400 && (bss
->wpa
& 2) &&
302 (bss
->wpa_group
== WPA_CIPHER_CCMP
||
303 bss
->wpa_group
== WPA_CIPHER_GCMP
||
304 bss
->wpa_group
== WPA_CIPHER_CCMP_256
||
305 bss
->wpa_group
== WPA_CIPHER_GCMP_256
)) {
307 * Strong ciphers do not need frequent rekeying, so increase
308 * the default GTK rekeying period to 24 hours.
310 bss
->wpa_group_rekey
= 86400;
313 #ifdef CONFIG_IEEE80211W
314 if (ssid
->ieee80211w
!= MGMT_FRAME_PROTECTION_DEFAULT
)
315 bss
->ieee80211w
= ssid
->ieee80211w
;
316 #endif /* CONFIG_IEEE80211W */
320 * Enable WPS by default for open and WPA/WPA2-Personal network, but
321 * require user interaction to actually use it. Only the internal
322 * Registrar is supported.
324 if (bss
->ssid
.security_policy
!= SECURITY_WPA_PSK
&&
325 bss
->ssid
.security_policy
!= SECURITY_PLAINTEXT
)
327 if (bss
->ssid
.security_policy
== SECURITY_WPA_PSK
&&
328 (!(bss
->rsn_pairwise
& (WPA_CIPHER_CCMP
| WPA_CIPHER_GCMP
)) ||
330 goto no_wps
; /* WPS2 does not allow WPA/TKIP-only
334 if (!ssid
->ignore_broadcast_ssid
)
337 bss
->ap_setup_locked
= 2;
338 if (wpa_s
->conf
->config_methods
)
339 bss
->config_methods
= os_strdup(wpa_s
->conf
->config_methods
);
340 os_memcpy(bss
->device_type
, wpa_s
->conf
->device_type
,
342 if (wpa_s
->conf
->device_name
) {
343 bss
->device_name
= os_strdup(wpa_s
->conf
->device_name
);
344 bss
->friendly_name
= os_strdup(wpa_s
->conf
->device_name
);
346 if (wpa_s
->conf
->manufacturer
)
347 bss
->manufacturer
= os_strdup(wpa_s
->conf
->manufacturer
);
348 if (wpa_s
->conf
->model_name
)
349 bss
->model_name
= os_strdup(wpa_s
->conf
->model_name
);
350 if (wpa_s
->conf
->model_number
)
351 bss
->model_number
= os_strdup(wpa_s
->conf
->model_number
);
352 if (wpa_s
->conf
->serial_number
)
353 bss
->serial_number
= os_strdup(wpa_s
->conf
->serial_number
);
354 if (is_nil_uuid(wpa_s
->conf
->uuid
))
355 os_memcpy(bss
->uuid
, wpa_s
->wps
->uuid
, WPS_UUID_LEN
);
357 os_memcpy(bss
->uuid
, wpa_s
->conf
->uuid
, WPS_UUID_LEN
);
358 os_memcpy(bss
->os_version
, wpa_s
->conf
->os_version
, 4);
359 bss
->pbc_in_m1
= wpa_s
->conf
->pbc_in_m1
;
361 #endif /* CONFIG_WPS */
363 if (wpa_s
->max_stations
&&
364 wpa_s
->max_stations
< wpa_s
->conf
->max_num_sta
)
365 bss
->max_num_sta
= wpa_s
->max_stations
;
367 bss
->max_num_sta
= wpa_s
->conf
->max_num_sta
;
369 bss
->disassoc_low_ack
= wpa_s
->conf
->disassoc_low_ack
;
371 if (wpa_s
->conf
->ap_vendor_elements
) {
372 bss
->vendor_elements
=
373 wpabuf_dup(wpa_s
->conf
->ap_vendor_elements
);
380 static void ap_public_action_rx(void *ctx
, const u8
*buf
, size_t len
, int freq
)
383 struct wpa_supplicant
*wpa_s
= ctx
;
384 const struct ieee80211_mgmt
*mgmt
;
386 mgmt
= (const struct ieee80211_mgmt
*) buf
;
387 if (len
< IEEE80211_HDRLEN
+ 1)
389 if (mgmt
->u
.action
.category
!= WLAN_ACTION_PUBLIC
)
391 wpas_p2p_rx_action(wpa_s
, mgmt
->da
, mgmt
->sa
, mgmt
->bssid
,
392 mgmt
->u
.action
.category
,
393 buf
+ IEEE80211_HDRLEN
+ 1,
394 len
- IEEE80211_HDRLEN
- 1, freq
);
395 #endif /* CONFIG_P2P */
399 static void ap_wps_event_cb(void *ctx
, enum wps_event event
,
400 union wps_event_data
*data
)
403 struct wpa_supplicant
*wpa_s
= ctx
;
405 if (event
== WPS_EV_FAIL
) {
406 struct wps_event_fail
*fail
= &data
->fail
;
408 if (wpa_s
->parent
&& wpa_s
->parent
!= wpa_s
&&
409 wpa_s
== wpa_s
->global
->p2p_group_formation
) {
411 * src/ap/wps_hostapd.c has already sent this on the
412 * main interface, so only send on the parent interface
415 wpa_msg(wpa_s
->parent
, MSG_INFO
, WPS_EVENT_FAIL
416 "msg=%d config_error=%d",
417 fail
->msg
, fail
->config_error
);
419 wpas_p2p_wps_failed(wpa_s
, fail
);
421 #endif /* CONFIG_P2P */
425 static void ap_sta_authorized_cb(void *ctx
, const u8
*mac_addr
,
426 int authorized
, const u8
*p2p_dev_addr
)
428 wpas_notify_sta_authorized(ctx
, mac_addr
, authorized
, p2p_dev_addr
);
433 static void ap_new_psk_cb(void *ctx
, const u8
*mac_addr
, const u8
*p2p_dev_addr
,
434 const u8
*psk
, size_t psk_len
)
437 struct wpa_supplicant
*wpa_s
= ctx
;
438 if (wpa_s
->ap_iface
== NULL
|| wpa_s
->current_ssid
== NULL
)
440 wpas_p2p_new_psk_cb(wpa_s
, mac_addr
, p2p_dev_addr
, psk
, psk_len
);
442 #endif /* CONFIG_P2P */
445 static int ap_vendor_action_rx(void *ctx
, const u8
*buf
, size_t len
, int freq
)
448 struct wpa_supplicant
*wpa_s
= ctx
;
449 const struct ieee80211_mgmt
*mgmt
;
451 mgmt
= (const struct ieee80211_mgmt
*) buf
;
452 if (len
< IEEE80211_HDRLEN
+ 1)
454 wpas_p2p_rx_action(wpa_s
, mgmt
->da
, mgmt
->sa
, mgmt
->bssid
,
455 mgmt
->u
.action
.category
,
456 buf
+ IEEE80211_HDRLEN
+ 1,
457 len
- IEEE80211_HDRLEN
- 1, freq
);
458 #endif /* CONFIG_P2P */
463 static int ap_probe_req_rx(void *ctx
, const u8
*sa
, const u8
*da
,
464 const u8
*bssid
, const u8
*ie
, size_t ie_len
,
467 struct wpa_supplicant
*wpa_s
= ctx
;
468 return wpas_p2p_probe_req_rx(wpa_s
, sa
, da
, bssid
, ie
, ie_len
,
473 static void ap_wps_reg_success_cb(void *ctx
, const u8
*mac_addr
,
476 struct wpa_supplicant
*wpa_s
= ctx
;
477 wpas_p2p_wps_success(wpa_s
, mac_addr
, 1);
481 static void wpas_ap_configured_cb(void *ctx
)
483 struct wpa_supplicant
*wpa_s
= ctx
;
485 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
487 if (wpa_s
->ap_configured_cb
)
488 wpa_s
->ap_configured_cb(wpa_s
->ap_configured_cb_ctx
,
489 wpa_s
->ap_configured_cb_data
);
493 int wpa_supplicant_create_ap(struct wpa_supplicant
*wpa_s
,
494 struct wpa_ssid
*ssid
)
496 struct wpa_driver_associate_params params
;
497 struct hostapd_iface
*hapd_iface
;
498 struct hostapd_config
*conf
;
501 if (ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) {
502 wpa_printf(MSG_ERROR
, "No SSID configured for AP mode");
506 wpa_supplicant_ap_deinit(wpa_s
);
508 wpa_printf(MSG_DEBUG
, "Setting up AP (SSID='%s')",
509 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
511 os_memset(¶ms
, 0, sizeof(params
));
512 params
.ssid
= ssid
->ssid
;
513 params
.ssid_len
= ssid
->ssid_len
;
514 switch (ssid
->mode
) {
516 case WPAS_MODE_P2P_GO
:
517 case WPAS_MODE_P2P_GROUP_FORMATION
:
518 params
.mode
= IEEE80211_MODE_AP
;
523 if (ssid
->frequency
== 0)
524 ssid
->frequency
= 2462; /* default channel 11 */
525 params
.freq
.freq
= ssid
->frequency
;
527 params
.wpa_proto
= ssid
->proto
;
528 if (ssid
->key_mgmt
& WPA_KEY_MGMT_PSK
)
529 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
531 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
532 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
534 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(ssid
->pairwise_cipher
,
536 if (wpa_s
->pairwise_cipher
< 0) {
537 wpa_printf(MSG_WARNING
, "WPA: Failed to select pairwise "
541 params
.pairwise_suite
= wpa_s
->pairwise_cipher
;
542 params
.group_suite
= params
.pairwise_suite
;
545 if (ssid
->mode
== WPAS_MODE_P2P_GO
||
546 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
548 #endif /* CONFIG_P2P */
550 if (wpa_s
->parent
->set_ap_uapsd
)
551 params
.uapsd
= wpa_s
->parent
->ap_uapsd
;
552 else if (params
.p2p
&& (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP_UAPSD
))
553 params
.uapsd
= 1; /* mandatory for P2P GO */
557 if (wpa_drv_associate(wpa_s
, ¶ms
) < 0) {
558 wpa_msg(wpa_s
, MSG_INFO
, "Failed to start AP functionality");
562 wpa_s
->ap_iface
= hapd_iface
= os_zalloc(sizeof(*wpa_s
->ap_iface
));
563 if (hapd_iface
== NULL
)
565 hapd_iface
->owner
= wpa_s
;
566 hapd_iface
->drv_flags
= wpa_s
->drv_flags
;
567 hapd_iface
->smps_modes
= wpa_s
->drv_smps_modes
;
568 hapd_iface
->probe_resp_offloads
= wpa_s
->probe_resp_offloads
;
569 hapd_iface
->extended_capa
= wpa_s
->extended_capa
;
570 hapd_iface
->extended_capa_mask
= wpa_s
->extended_capa_mask
;
571 hapd_iface
->extended_capa_len
= wpa_s
->extended_capa_len
;
573 wpa_s
->ap_iface
->conf
= conf
= hostapd_config_defaults();
575 wpa_supplicant_ap_deinit(wpa_s
);
579 os_memcpy(wpa_s
->ap_iface
->conf
->wmm_ac_params
,
580 wpa_s
->conf
->wmm_ac_params
,
581 sizeof(wpa_s
->conf
->wmm_ac_params
));
583 if (params
.uapsd
> 0) {
584 conf
->bss
[0]->wmm_enabled
= 1;
585 conf
->bss
[0]->wmm_uapsd
= 1;
588 if (wpa_supplicant_conf_ap(wpa_s
, ssid
, conf
)) {
589 wpa_printf(MSG_ERROR
, "Failed to create AP configuration");
590 wpa_supplicant_ap_deinit(wpa_s
);
595 if (ssid
->mode
== WPAS_MODE_P2P_GO
)
596 conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
;
597 else if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
598 conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
|
600 #endif /* CONFIG_P2P */
602 hapd_iface
->num_bss
= conf
->num_bss
;
603 hapd_iface
->bss
= os_calloc(conf
->num_bss
,
604 sizeof(struct hostapd_data
*));
605 if (hapd_iface
->bss
== NULL
) {
606 wpa_supplicant_ap_deinit(wpa_s
);
610 for (i
= 0; i
< conf
->num_bss
; i
++) {
612 hostapd_alloc_bss_data(hapd_iface
, conf
,
614 if (hapd_iface
->bss
[i
] == NULL
) {
615 wpa_supplicant_ap_deinit(wpa_s
);
619 hapd_iface
->bss
[i
]->msg_ctx
= wpa_s
;
620 hapd_iface
->bss
[i
]->msg_ctx_parent
= wpa_s
->parent
;
621 hapd_iface
->bss
[i
]->public_action_cb
= ap_public_action_rx
;
622 hapd_iface
->bss
[i
]->public_action_cb_ctx
= wpa_s
;
623 hapd_iface
->bss
[i
]->vendor_action_cb
= ap_vendor_action_rx
;
624 hapd_iface
->bss
[i
]->vendor_action_cb_ctx
= wpa_s
;
625 hostapd_register_probereq_cb(hapd_iface
->bss
[i
],
626 ap_probe_req_rx
, wpa_s
);
627 hapd_iface
->bss
[i
]->wps_reg_success_cb
= ap_wps_reg_success_cb
;
628 hapd_iface
->bss
[i
]->wps_reg_success_cb_ctx
= wpa_s
;
629 hapd_iface
->bss
[i
]->wps_event_cb
= ap_wps_event_cb
;
630 hapd_iface
->bss
[i
]->wps_event_cb_ctx
= wpa_s
;
631 hapd_iface
->bss
[i
]->sta_authorized_cb
= ap_sta_authorized_cb
;
632 hapd_iface
->bss
[i
]->sta_authorized_cb_ctx
= wpa_s
;
634 hapd_iface
->bss
[i
]->new_psk_cb
= ap_new_psk_cb
;
635 hapd_iface
->bss
[i
]->new_psk_cb_ctx
= wpa_s
;
636 hapd_iface
->bss
[i
]->p2p
= wpa_s
->global
->p2p
;
637 hapd_iface
->bss
[i
]->p2p_group
= wpas_p2p_group_init(wpa_s
,
639 #endif /* CONFIG_P2P */
640 hapd_iface
->bss
[i
]->setup_complete_cb
= wpas_ap_configured_cb
;
641 hapd_iface
->bss
[i
]->setup_complete_cb_ctx
= wpa_s
;
642 #ifdef CONFIG_TESTING_OPTIONS
643 hapd_iface
->bss
[i
]->ext_eapol_frame_io
=
644 wpa_s
->ext_eapol_frame_io
;
645 #endif /* CONFIG_TESTING_OPTIONS */
648 os_memcpy(hapd_iface
->bss
[0]->own_addr
, wpa_s
->own_addr
, ETH_ALEN
);
649 hapd_iface
->bss
[0]->driver
= wpa_s
->driver
;
650 hapd_iface
->bss
[0]->drv_priv
= wpa_s
->drv_priv
;
652 wpa_s
->current_ssid
= ssid
;
653 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
654 os_memcpy(wpa_s
->bssid
, wpa_s
->own_addr
, ETH_ALEN
);
655 wpa_s
->assoc_freq
= ssid
->frequency
;
657 if (hostapd_setup_interface(wpa_s
->ap_iface
)) {
658 wpa_printf(MSG_ERROR
, "Failed to initialize AP interface");
659 wpa_supplicant_ap_deinit(wpa_s
);
667 void wpa_supplicant_ap_deinit(struct wpa_supplicant
*wpa_s
)
670 eloop_cancel_timeout(wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
671 #endif /* CONFIG_WPS */
673 if (wpa_s
->ap_iface
== NULL
)
676 wpa_s
->current_ssid
= NULL
;
677 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
678 wpa_s
->assoc_freq
= 0;
679 wpas_p2p_ap_deinit(wpa_s
);
680 wpa_s
->ap_iface
->driver_ap_teardown
=
681 !!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT
);
683 hostapd_interface_deinit(wpa_s
->ap_iface
);
684 hostapd_interface_free(wpa_s
->ap_iface
);
685 wpa_s
->ap_iface
= NULL
;
686 wpa_drv_deinit_ap(wpa_s
);
690 void ap_tx_status(void *ctx
, const u8
*addr
,
691 const u8
*buf
, size_t len
, int ack
)
694 struct wpa_supplicant
*wpa_s
= ctx
;
695 hostapd_tx_status(wpa_s
->ap_iface
->bss
[0], addr
, buf
, len
, ack
);
696 #endif /* NEED_AP_MLME */
700 void ap_eapol_tx_status(void *ctx
, const u8
*dst
,
701 const u8
*data
, size_t len
, int ack
)
704 struct wpa_supplicant
*wpa_s
= ctx
;
705 if (!wpa_s
->ap_iface
)
707 hostapd_tx_status(wpa_s
->ap_iface
->bss
[0], dst
, data
, len
, ack
);
708 #endif /* NEED_AP_MLME */
712 void ap_client_poll_ok(void *ctx
, const u8
*addr
)
715 struct wpa_supplicant
*wpa_s
= ctx
;
717 hostapd_client_poll_ok(wpa_s
->ap_iface
->bss
[0], addr
);
718 #endif /* NEED_AP_MLME */
722 void ap_rx_from_unknown_sta(void *ctx
, const u8
*addr
, int wds
)
725 struct wpa_supplicant
*wpa_s
= ctx
;
726 ieee802_11_rx_from_unknown(wpa_s
->ap_iface
->bss
[0], addr
, wds
);
727 #endif /* NEED_AP_MLME */
731 void ap_mgmt_rx(void *ctx
, struct rx_mgmt
*rx_mgmt
)
734 struct wpa_supplicant
*wpa_s
= ctx
;
735 struct hostapd_frame_info fi
;
736 os_memset(&fi
, 0, sizeof(fi
));
737 fi
.datarate
= rx_mgmt
->datarate
;
738 fi
.ssi_signal
= rx_mgmt
->ssi_signal
;
739 ieee802_11_mgmt(wpa_s
->ap_iface
->bss
[0], rx_mgmt
->frame
,
740 rx_mgmt
->frame_len
, &fi
);
741 #endif /* NEED_AP_MLME */
745 void ap_mgmt_tx_cb(void *ctx
, const u8
*buf
, size_t len
, u16 stype
, int ok
)
748 struct wpa_supplicant
*wpa_s
= ctx
;
749 ieee802_11_mgmt_cb(wpa_s
->ap_iface
->bss
[0], buf
, len
, stype
, ok
);
750 #endif /* NEED_AP_MLME */
754 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant
*wpa_s
,
755 const u8
*src_addr
, const u8
*buf
, size_t len
)
757 ieee802_1x_receive(wpa_s
->ap_iface
->bss
[0], src_addr
, buf
, len
);
763 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
764 const u8
*p2p_dev_addr
)
766 if (!wpa_s
->ap_iface
)
768 return hostapd_wps_button_pushed(wpa_s
->ap_iface
->bss
[0],
773 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant
*wpa_s
)
775 struct wps_registrar
*reg
;
776 int reg_sel
= 0, wps_sta
= 0;
778 if (!wpa_s
->ap_iface
|| !wpa_s
->ap_iface
->bss
[0]->wps
)
781 reg
= wpa_s
->ap_iface
->bss
[0]->wps
->registrar
;
782 reg_sel
= wps_registrar_wps_cancel(reg
);
783 wps_sta
= ap_for_each_sta(wpa_s
->ap_iface
->bss
[0],
784 ap_sta_wps_cancel
, NULL
);
786 if (!reg_sel
&& !wps_sta
) {
787 wpa_printf(MSG_DEBUG
, "No WPS operation in progress at this "
793 * There are 2 cases to return wps cancel as success:
794 * 1. When wps cancel was initiated but no connection has been
795 * established with client yet.
796 * 2. Client is in the middle of exchanging WPS messages.
803 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
804 const char *pin
, char *buf
, size_t buflen
,
807 int ret
, ret_len
= 0;
809 if (!wpa_s
->ap_iface
)
813 unsigned int rpin
= wps_generate_pin();
814 ret_len
= os_snprintf(buf
, buflen
, "%08d", rpin
);
815 if (os_snprintf_error(buflen
, ret_len
))
819 ret_len
= os_snprintf(buf
, buflen
, "%s", pin
);
820 if (os_snprintf_error(buflen
, ret_len
))
824 ret
= hostapd_wps_add_pin(wpa_s
->ap_iface
->bss
[0], bssid
, "any", pin
,
832 static void wpas_wps_ap_pin_timeout(void *eloop_data
, void *user_ctx
)
834 struct wpa_supplicant
*wpa_s
= eloop_data
;
835 wpa_printf(MSG_DEBUG
, "WPS: AP PIN timed out");
836 wpas_wps_ap_pin_disable(wpa_s
);
840 static void wpas_wps_ap_pin_enable(struct wpa_supplicant
*wpa_s
, int timeout
)
842 struct hostapd_data
*hapd
;
844 if (wpa_s
->ap_iface
== NULL
)
846 hapd
= wpa_s
->ap_iface
->bss
[0];
847 wpa_printf(MSG_DEBUG
, "WPS: Enabling AP PIN (timeout=%d)", timeout
);
848 hapd
->ap_pin_failures
= 0;
849 eloop_cancel_timeout(wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
851 eloop_register_timeout(timeout
, 0,
852 wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
856 void wpas_wps_ap_pin_disable(struct wpa_supplicant
*wpa_s
)
858 struct hostapd_data
*hapd
;
860 if (wpa_s
->ap_iface
== NULL
)
862 wpa_printf(MSG_DEBUG
, "WPS: Disabling AP PIN");
863 hapd
= wpa_s
->ap_iface
->bss
[0];
864 os_free(hapd
->conf
->ap_pin
);
865 hapd
->conf
->ap_pin
= NULL
;
866 eloop_cancel_timeout(wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
870 const char * wpas_wps_ap_pin_random(struct wpa_supplicant
*wpa_s
, int timeout
)
872 struct hostapd_data
*hapd
;
876 if (wpa_s
->ap_iface
== NULL
)
878 hapd
= wpa_s
->ap_iface
->bss
[0];
879 pin
= wps_generate_pin();
880 os_snprintf(pin_txt
, sizeof(pin_txt
), "%08u", pin
);
881 os_free(hapd
->conf
->ap_pin
);
882 hapd
->conf
->ap_pin
= os_strdup(pin_txt
);
883 if (hapd
->conf
->ap_pin
== NULL
)
885 wpas_wps_ap_pin_enable(wpa_s
, timeout
);
887 return hapd
->conf
->ap_pin
;
891 const char * wpas_wps_ap_pin_get(struct wpa_supplicant
*wpa_s
)
893 struct hostapd_data
*hapd
;
894 if (wpa_s
->ap_iface
== NULL
)
896 hapd
= wpa_s
->ap_iface
->bss
[0];
897 return hapd
->conf
->ap_pin
;
901 int wpas_wps_ap_pin_set(struct wpa_supplicant
*wpa_s
, const char *pin
,
904 struct hostapd_data
*hapd
;
908 if (wpa_s
->ap_iface
== NULL
)
910 hapd
= wpa_s
->ap_iface
->bss
[0];
911 ret
= os_snprintf(pin_txt
, sizeof(pin_txt
), "%s", pin
);
912 if (os_snprintf_error(sizeof(pin_txt
), ret
))
914 os_free(hapd
->conf
->ap_pin
);
915 hapd
->conf
->ap_pin
= os_strdup(pin_txt
);
916 if (hapd
->conf
->ap_pin
== NULL
)
918 wpas_wps_ap_pin_enable(wpa_s
, timeout
);
924 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant
*wpa_s
)
926 struct hostapd_data
*hapd
;
928 if (wpa_s
->ap_iface
== NULL
)
930 hapd
= wpa_s
->ap_iface
->bss
[0];
933 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
934 * PIN if this happens multiple times to slow down brute force attacks.
936 hapd
->ap_pin_failures
++;
937 wpa_printf(MSG_DEBUG
, "WPS: AP PIN authentication failure number %u",
938 hapd
->ap_pin_failures
);
939 if (hapd
->ap_pin_failures
< 3)
942 wpa_printf(MSG_DEBUG
, "WPS: Disable AP PIN");
943 hapd
->ap_pin_failures
= 0;
944 os_free(hapd
->conf
->ap_pin
);
945 hapd
->conf
->ap_pin
= NULL
;
949 #ifdef CONFIG_WPS_NFC
951 struct wpabuf
* wpas_ap_wps_nfc_config_token(struct wpa_supplicant
*wpa_s
,
954 struct hostapd_data
*hapd
;
956 if (wpa_s
->ap_iface
== NULL
)
958 hapd
= wpa_s
->ap_iface
->bss
[0];
959 return hostapd_wps_nfc_config_token(hapd
, ndef
);
963 struct wpabuf
* wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant
*wpa_s
,
966 struct hostapd_data
*hapd
;
968 if (wpa_s
->ap_iface
== NULL
)
970 hapd
= wpa_s
->ap_iface
->bss
[0];
971 return hostapd_wps_nfc_hs_cr(hapd
, ndef
);
975 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant
*wpa_s
,
976 const struct wpabuf
*req
,
977 const struct wpabuf
*sel
)
979 struct hostapd_data
*hapd
;
981 if (wpa_s
->ap_iface
== NULL
)
983 hapd
= wpa_s
->ap_iface
->bss
[0];
984 return hostapd_wps_nfc_report_handover(hapd
, req
, sel
);
987 #endif /* CONFIG_WPS_NFC */
989 #endif /* CONFIG_WPS */
992 #ifdef CONFIG_CTRL_IFACE
994 int ap_ctrl_iface_sta_first(struct wpa_supplicant
*wpa_s
,
995 char *buf
, size_t buflen
)
997 struct hostapd_data
*hapd
;
1000 hapd
= wpa_s
->ap_iface
->bss
[0];
1001 else if (wpa_s
->ifmsh
)
1002 hapd
= wpa_s
->ifmsh
->bss
[0];
1005 return hostapd_ctrl_iface_sta_first(hapd
, buf
, buflen
);
1009 int ap_ctrl_iface_sta(struct wpa_supplicant
*wpa_s
, const char *txtaddr
,
1010 char *buf
, size_t buflen
)
1012 struct hostapd_data
*hapd
;
1014 if (wpa_s
->ap_iface
)
1015 hapd
= wpa_s
->ap_iface
->bss
[0];
1016 else if (wpa_s
->ifmsh
)
1017 hapd
= wpa_s
->ifmsh
->bss
[0];
1020 return hostapd_ctrl_iface_sta(hapd
, txtaddr
, buf
, buflen
);
1024 int ap_ctrl_iface_sta_next(struct wpa_supplicant
*wpa_s
, const char *txtaddr
,
1025 char *buf
, size_t buflen
)
1027 struct hostapd_data
*hapd
;
1029 if (wpa_s
->ap_iface
)
1030 hapd
= wpa_s
->ap_iface
->bss
[0];
1031 else if (wpa_s
->ifmsh
)
1032 hapd
= wpa_s
->ifmsh
->bss
[0];
1035 return hostapd_ctrl_iface_sta_next(hapd
, txtaddr
, buf
, buflen
);
1039 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant
*wpa_s
,
1040 const char *txtaddr
)
1042 if (wpa_s
->ap_iface
== NULL
)
1044 return hostapd_ctrl_iface_disassociate(wpa_s
->ap_iface
->bss
[0],
1049 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant
*wpa_s
,
1050 const char *txtaddr
)
1052 if (wpa_s
->ap_iface
== NULL
)
1054 return hostapd_ctrl_iface_deauthenticate(wpa_s
->ap_iface
->bss
[0],
1059 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant
*wpa_s
, char *buf
,
1060 size_t buflen
, int verbose
)
1062 char *pos
= buf
, *end
= buf
+ buflen
;
1064 struct hostapd_bss_config
*conf
;
1066 if (wpa_s
->ap_iface
== NULL
)
1069 conf
= wpa_s
->ap_iface
->bss
[0]->conf
;
1073 ret
= os_snprintf(pos
, end
- pos
,
1074 "pairwise_cipher=%s\n"
1077 wpa_cipher_txt(conf
->rsn_pairwise
),
1078 wpa_cipher_txt(conf
->wpa_group
),
1079 wpa_key_mgmt_txt(conf
->wpa_key_mgmt
,
1081 if (os_snprintf_error(end
- pos
, ret
))
1087 #endif /* CONFIG_CTRL_IFACE */
1090 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant
*wpa_s
)
1092 struct hostapd_iface
*iface
= wpa_s
->ap_iface
;
1093 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
1094 struct hostapd_data
*hapd
;
1096 if (ssid
== NULL
|| wpa_s
->ap_iface
== NULL
||
1097 ssid
->mode
== WPAS_MODE_INFRA
||
1098 ssid
->mode
== WPAS_MODE_IBSS
)
1102 if (ssid
->mode
== WPAS_MODE_P2P_GO
)
1103 iface
->conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
;
1104 else if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1105 iface
->conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
|
1106 P2P_GROUP_FORMATION
;
1107 #endif /* CONFIG_P2P */
1109 hapd
= iface
->bss
[0];
1110 if (hapd
->drv_priv
== NULL
)
1112 ieee802_11_set_beacons(iface
);
1113 hostapd_set_ap_wps_ie(hapd
);
1119 int ap_switch_channel(struct wpa_supplicant
*wpa_s
,
1120 struct csa_settings
*settings
)
1123 if (!wpa_s
->ap_iface
|| !wpa_s
->ap_iface
->bss
[0])
1126 return hostapd_switch_channel(wpa_s
->ap_iface
->bss
[0], settings
);
1127 #else /* NEED_AP_MLME */
1129 #endif /* NEED_AP_MLME */
1133 int ap_ctrl_iface_chanswitch(struct wpa_supplicant
*wpa_s
, const char *pos
)
1135 struct csa_settings settings
;
1136 int ret
= hostapd_parse_csa_settings(pos
, &settings
);
1141 return ap_switch_channel(wpa_s
, &settings
);
1145 void wpas_ap_ch_switch(struct wpa_supplicant
*wpa_s
, int freq
, int ht
,
1146 int offset
, int width
, int cf1
, int cf2
)
1148 if (!wpa_s
->ap_iface
)
1151 wpa_s
->assoc_freq
= freq
;
1152 hostapd_event_ch_switch(wpa_s
->ap_iface
->bss
[0], freq
, ht
, offset
, width
, cf1
, cf1
);
1156 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant
*wpa_s
,
1159 struct hostapd_data
*hapd
;
1160 struct hostapd_bss_config
*conf
;
1162 if (!wpa_s
->ap_iface
)
1166 wpa_printf(MSG_DEBUG
, "AP: Set MAC address filter: " MACSTR
,
1169 wpa_printf(MSG_DEBUG
, "AP: Clear MAC address filter");
1171 hapd
= wpa_s
->ap_iface
->bss
[0];
1174 os_free(conf
->accept_mac
);
1175 conf
->accept_mac
= NULL
;
1176 conf
->num_accept_mac
= 0;
1177 os_free(conf
->deny_mac
);
1178 conf
->deny_mac
= NULL
;
1179 conf
->num_deny_mac
= 0;
1182 conf
->macaddr_acl
= ACCEPT_UNLESS_DENIED
;
1186 conf
->macaddr_acl
= DENY_UNLESS_ACCEPTED
;
1187 conf
->accept_mac
= os_zalloc(sizeof(struct mac_acl_entry
));
1188 if (conf
->accept_mac
== NULL
)
1190 os_memcpy(conf
->accept_mac
[0].addr
, addr
, ETH_ALEN
);
1191 conf
->num_accept_mac
= 1;
1197 #ifdef CONFIG_WPS_NFC
1198 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant
*wpa_s
, u16 pw_id
,
1199 const struct wpabuf
*pw
, const u8
*pubkey_hash
)
1201 struct hostapd_data
*hapd
;
1202 struct wps_context
*wps
;
1204 if (!wpa_s
->ap_iface
)
1206 hapd
= wpa_s
->ap_iface
->bss
[0];
1209 if (wpa_s
->parent
->conf
->wps_nfc_dh_pubkey
== NULL
||
1210 wpa_s
->parent
->conf
->wps_nfc_dh_privkey
== NULL
) {
1211 wpa_printf(MSG_DEBUG
, "P2P: No NFC DH key known");
1215 dh5_free(wps
->dh_ctx
);
1216 wpabuf_free(wps
->dh_pubkey
);
1217 wpabuf_free(wps
->dh_privkey
);
1218 wps
->dh_privkey
= wpabuf_dup(
1219 wpa_s
->parent
->conf
->wps_nfc_dh_privkey
);
1220 wps
->dh_pubkey
= wpabuf_dup(
1221 wpa_s
->parent
->conf
->wps_nfc_dh_pubkey
);
1222 if (wps
->dh_privkey
== NULL
|| wps
->dh_pubkey
== NULL
) {
1224 wpabuf_free(wps
->dh_pubkey
);
1225 wps
->dh_pubkey
= NULL
;
1226 wpabuf_free(wps
->dh_privkey
);
1227 wps
->dh_privkey
= NULL
;
1230 wps
->dh_ctx
= dh5_init_fixed(wps
->dh_privkey
, wps
->dh_pubkey
);
1231 if (wps
->dh_ctx
== NULL
)
1234 return wps_registrar_add_nfc_pw_token(hapd
->wps
->registrar
, pubkey_hash
,
1236 pw
? wpabuf_head(pw
) : NULL
,
1237 pw
? wpabuf_len(pw
) : 0, 1);
1239 #endif /* CONFIG_WPS_NFC */