2 * WPA Supplicant - Basic AP mode support routines
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2009, Atheros Communications
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
10 #include "utils/includes.h"
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/uuid.h"
15 #include "common/ieee802_11_defs.h"
16 #include "common/wpa_ctrl.h"
17 #include "eapol_supp/eapol_supp_sm.h"
18 #include "crypto/dh_group5.h"
19 #include "ap/hostapd.h"
20 #include "ap/ap_config.h"
21 #include "ap/ap_drv_ops.h"
23 #include "ap/ieee802_11.h"
24 #endif /* NEED_AP_MLME */
25 #include "ap/beacon.h"
26 #include "ap/ieee802_1x.h"
27 #include "ap/wps_hostapd.h"
28 #include "ap/ctrl_iface_ap.h"
30 #include "common/ieee802_11_defs.h"
31 #include "config_ssid.h"
33 #include "wpa_supplicant_i.h"
35 #include "p2p_supplicant.h"
37 #include "ap/sta_info.h"
42 static void wpas_wps_ap_pin_timeout(void *eloop_data
, void *user_ctx
);
43 #endif /* CONFIG_WPS */
46 #ifdef CONFIG_IEEE80211N
47 static void wpas_conf_ap_vht(struct wpa_supplicant
*wpa_s
,
48 struct hostapd_config
*conf
,
49 struct hostapd_hw_modes
*mode
)
53 u8 channel
= conf
->channel
;
55 if (!conf
->secondary_channel
)
58 center_chan
= wpas_p2p_get_vht80_center(wpa_s
, mode
, channel
);
62 /* Use 80 MHz channel */
63 conf
->vht_oper_chwidth
= 1;
64 conf
->vht_oper_centr_freq_seg0_idx
= center_chan
;
68 conf
->vht_oper_centr_freq_seg0_idx
=
69 channel
+ conf
->secondary_channel
* 2;
70 #else /* CONFIG_P2P */
71 conf
->vht_oper_centr_freq_seg0_idx
=
72 conf
->channel
+ conf
->secondary_channel
* 2;
73 #endif /* CONFIG_P2P */
75 #endif /* CONFIG_IEEE80211N */
78 void wpa_supplicant_conf_ap_ht(struct wpa_supplicant
*wpa_s
,
79 struct wpa_ssid
*ssid
,
80 struct hostapd_config
*conf
)
82 /* TODO: enable HT40 if driver supports it;
83 * drop to 11b if driver does not support 11g */
85 #ifdef CONFIG_IEEE80211N
87 * Enable HT20 if the driver supports it, by setting conf->ieee80211n
88 * and a mask of allowed capabilities within conf->ht_capab.
89 * Using default config settings for: conf->ht_op_mode_fixed,
90 * conf->secondary_channel, conf->require_ht
92 if (wpa_s
->hw
.modes
) {
93 struct hostapd_hw_modes
*mode
= NULL
;
95 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
96 if (wpa_s
->hw
.modes
[i
].mode
== conf
->hw_mode
) {
97 mode
= &wpa_s
->hw
.modes
[i
];
102 #ifdef CONFIG_HT_OVERRIDES
103 if (ssid
->disable_ht
) {
104 conf
->ieee80211n
= 0;
108 #endif /* CONFIG_HT_OVERRIDES */
110 if (!no_ht
&& mode
&& mode
->ht_capab
) {
111 conf
->ieee80211n
= 1;
113 if (conf
->hw_mode
== HOSTAPD_MODE_IEEE80211A
&&
115 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
) &&
117 conf
->secondary_channel
=
118 wpas_p2p_get_ht40_mode(wpa_s
, mode
,
120 if (conf
->secondary_channel
)
122 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
;
123 #endif /* CONFIG_P2P */
126 * white-list capabilities that won't cause issues
127 * to connecting stations, while leaving the current
128 * capabilities intact (currently disabled SMPS).
130 conf
->ht_capab
|= mode
->ht_capab
&
131 (HT_CAP_INFO_GREEN_FIELD
|
132 HT_CAP_INFO_SHORT_GI20MHZ
|
133 HT_CAP_INFO_SHORT_GI40MHZ
|
134 HT_CAP_INFO_RX_STBC_MASK
|
135 HT_CAP_INFO_MAX_AMSDU_SIZE
);
137 if (mode
->vht_capab
&& ssid
->vht
) {
138 conf
->ieee80211ac
= 1;
139 wpas_conf_ap_vht(wpa_s
, conf
, mode
);
143 #endif /* CONFIG_IEEE80211N */
147 static int wpa_supplicant_conf_ap(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
,
149 struct hostapd_config
*conf
)
151 struct hostapd_bss_config
*bss
= conf
->bss
[0];
153 conf
->driver
= wpa_s
->driver
;
155 os_strlcpy(bss
->iface
, wpa_s
->ifname
, sizeof(bss
->iface
));
157 conf
->hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
,
159 if (conf
->hw_mode
== NUM_HOSTAPD_MODES
) {
160 wpa_printf(MSG_ERROR
, "Unsupported AP mode frequency: %d MHz",
165 wpa_supplicant_conf_ap_ht(wpa_s
, ssid
, conf
);
168 if (conf
->hw_mode
== HOSTAPD_MODE_IEEE80211G
&&
169 (ssid
->mode
== WPAS_MODE_P2P_GO
||
170 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)) {
171 /* Remove 802.11b rates from supported and basic rate sets */
172 int *list
= os_malloc(4 * sizeof(int));
179 conf
->basic_rates
= list
;
181 list
= os_malloc(9 * sizeof(int));
193 conf
->supported_rates
= list
;
196 bss
->isolate
= !wpa_s
->conf
->p2p_intra_bss
;
197 bss
->force_per_enrollee_psk
= wpa_s
->global
->p2p_per_sta_psk
;
199 if (ssid
->p2p_group
) {
200 os_memcpy(bss
->ip_addr_go
, wpa_s
->parent
->conf
->ip_addr_go
, 4);
201 os_memcpy(bss
->ip_addr_mask
, wpa_s
->parent
->conf
->ip_addr_mask
,
203 os_memcpy(bss
->ip_addr_start
,
204 wpa_s
->parent
->conf
->ip_addr_start
, 4);
205 os_memcpy(bss
->ip_addr_end
, wpa_s
->parent
->conf
->ip_addr_end
,
208 #endif /* CONFIG_P2P */
210 if (ssid
->ssid_len
== 0) {
211 wpa_printf(MSG_ERROR
, "No SSID configured for AP mode");
214 os_memcpy(bss
->ssid
.ssid
, ssid
->ssid
, ssid
->ssid_len
);
215 bss
->ssid
.ssid_len
= ssid
->ssid_len
;
216 bss
->ssid
.ssid_set
= 1;
218 bss
->ignore_broadcast_ssid
= ssid
->ignore_broadcast_ssid
;
221 bss
->auth_algs
= ssid
->auth_alg
;
223 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
))
224 bss
->wpa
= ssid
->proto
;
225 bss
->wpa_key_mgmt
= ssid
->key_mgmt
;
226 bss
->wpa_pairwise
= ssid
->pairwise_cipher
;
228 os_free(bss
->ssid
.wpa_psk
);
229 bss
->ssid
.wpa_psk
= os_zalloc(sizeof(struct hostapd_wpa_psk
));
230 if (bss
->ssid
.wpa_psk
== NULL
)
232 os_memcpy(bss
->ssid
.wpa_psk
->psk
, ssid
->psk
, PMK_LEN
);
233 bss
->ssid
.wpa_psk
->group
= 1;
234 } else if (ssid
->passphrase
) {
235 bss
->ssid
.wpa_passphrase
= os_strdup(ssid
->passphrase
);
236 } else if (ssid
->wep_key_len
[0] || ssid
->wep_key_len
[1] ||
237 ssid
->wep_key_len
[2] || ssid
->wep_key_len
[3]) {
238 struct hostapd_wep_keys
*wep
= &bss
->ssid
.wep
;
240 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
241 if (ssid
->wep_key_len
[i
] == 0)
243 wep
->key
[i
] = os_malloc(ssid
->wep_key_len
[i
]);
244 if (wep
->key
[i
] == NULL
)
246 os_memcpy(wep
->key
[i
], ssid
->wep_key
[i
],
247 ssid
->wep_key_len
[i
]);
248 wep
->len
[i
] = ssid
->wep_key_len
[i
];
250 wep
->idx
= ssid
->wep_tx_keyidx
;
254 if (ssid
->ap_max_inactivity
)
255 bss
->ap_max_inactivity
= ssid
->ap_max_inactivity
;
257 if (ssid
->dtim_period
)
258 bss
->dtim_period
= ssid
->dtim_period
;
259 else if (wpa_s
->conf
->dtim_period
)
260 bss
->dtim_period
= wpa_s
->conf
->dtim_period
;
262 if (ssid
->beacon_int
)
263 conf
->beacon_int
= ssid
->beacon_int
;
264 else if (wpa_s
->conf
->beacon_int
)
265 conf
->beacon_int
= wpa_s
->conf
->beacon_int
;
267 if ((bss
->wpa
& 2) && bss
->rsn_pairwise
== 0)
268 bss
->rsn_pairwise
= bss
->wpa_pairwise
;
269 bss
->wpa_group
= wpa_select_ap_group_cipher(bss
->wpa
, bss
->wpa_pairwise
,
272 if (bss
->wpa
&& bss
->ieee802_1x
)
273 bss
->ssid
.security_policy
= SECURITY_WPA
;
275 bss
->ssid
.security_policy
= SECURITY_WPA_PSK
;
276 else if (bss
->ieee802_1x
) {
277 int cipher
= WPA_CIPHER_NONE
;
278 bss
->ssid
.security_policy
= SECURITY_IEEE_802_1X
;
279 bss
->ssid
.wep
.default_len
= bss
->default_wep_key_len
;
280 if (bss
->default_wep_key_len
)
281 cipher
= bss
->default_wep_key_len
>= 13 ?
282 WPA_CIPHER_WEP104
: WPA_CIPHER_WEP40
;
283 bss
->wpa_group
= cipher
;
284 bss
->wpa_pairwise
= cipher
;
285 bss
->rsn_pairwise
= cipher
;
286 } else if (bss
->ssid
.wep
.keys_set
) {
287 int cipher
= WPA_CIPHER_WEP40
;
288 if (bss
->ssid
.wep
.len
[0] >= 13)
289 cipher
= WPA_CIPHER_WEP104
;
290 bss
->ssid
.security_policy
= SECURITY_STATIC_WEP
;
291 bss
->wpa_group
= cipher
;
292 bss
->wpa_pairwise
= cipher
;
293 bss
->rsn_pairwise
= cipher
;
295 bss
->ssid
.security_policy
= SECURITY_PLAINTEXT
;
296 bss
->wpa_group
= WPA_CIPHER_NONE
;
297 bss
->wpa_pairwise
= WPA_CIPHER_NONE
;
298 bss
->rsn_pairwise
= WPA_CIPHER_NONE
;
301 if (bss
->wpa_group_rekey
< 86400 && (bss
->wpa
& 2) &&
302 (bss
->wpa_group
== WPA_CIPHER_CCMP
||
303 bss
->wpa_group
== WPA_CIPHER_GCMP
||
304 bss
->wpa_group
== WPA_CIPHER_CCMP_256
||
305 bss
->wpa_group
== WPA_CIPHER_GCMP_256
)) {
307 * Strong ciphers do not need frequent rekeying, so increase
308 * the default GTK rekeying period to 24 hours.
310 bss
->wpa_group_rekey
= 86400;
313 #ifdef CONFIG_IEEE80211W
314 if (ssid
->ieee80211w
!= MGMT_FRAME_PROTECTION_DEFAULT
)
315 bss
->ieee80211w
= ssid
->ieee80211w
;
316 #endif /* CONFIG_IEEE80211W */
320 * Enable WPS by default for open and WPA/WPA2-Personal network, but
321 * require user interaction to actually use it. Only the internal
322 * Registrar is supported.
324 if (bss
->ssid
.security_policy
!= SECURITY_WPA_PSK
&&
325 bss
->ssid
.security_policy
!= SECURITY_PLAINTEXT
)
327 if (bss
->ssid
.security_policy
== SECURITY_WPA_PSK
&&
328 (!(bss
->rsn_pairwise
& (WPA_CIPHER_CCMP
| WPA_CIPHER_GCMP
)) ||
330 goto no_wps
; /* WPS2 does not allow WPA/TKIP-only
334 if (!ssid
->ignore_broadcast_ssid
)
337 bss
->ap_setup_locked
= 2;
338 if (wpa_s
->conf
->config_methods
)
339 bss
->config_methods
= os_strdup(wpa_s
->conf
->config_methods
);
340 os_memcpy(bss
->device_type
, wpa_s
->conf
->device_type
,
342 if (wpa_s
->conf
->device_name
) {
343 bss
->device_name
= os_strdup(wpa_s
->conf
->device_name
);
344 bss
->friendly_name
= os_strdup(wpa_s
->conf
->device_name
);
346 if (wpa_s
->conf
->manufacturer
)
347 bss
->manufacturer
= os_strdup(wpa_s
->conf
->manufacturer
);
348 if (wpa_s
->conf
->model_name
)
349 bss
->model_name
= os_strdup(wpa_s
->conf
->model_name
);
350 if (wpa_s
->conf
->model_number
)
351 bss
->model_number
= os_strdup(wpa_s
->conf
->model_number
);
352 if (wpa_s
->conf
->serial_number
)
353 bss
->serial_number
= os_strdup(wpa_s
->conf
->serial_number
);
354 if (is_nil_uuid(wpa_s
->conf
->uuid
))
355 os_memcpy(bss
->uuid
, wpa_s
->wps
->uuid
, WPS_UUID_LEN
);
357 os_memcpy(bss
->uuid
, wpa_s
->conf
->uuid
, WPS_UUID_LEN
);
358 os_memcpy(bss
->os_version
, wpa_s
->conf
->os_version
, 4);
359 bss
->pbc_in_m1
= wpa_s
->conf
->pbc_in_m1
;
361 #endif /* CONFIG_WPS */
363 if (wpa_s
->max_stations
&&
364 wpa_s
->max_stations
< wpa_s
->conf
->max_num_sta
)
365 bss
->max_num_sta
= wpa_s
->max_stations
;
367 bss
->max_num_sta
= wpa_s
->conf
->max_num_sta
;
369 bss
->disassoc_low_ack
= wpa_s
->conf
->disassoc_low_ack
;
371 if (wpa_s
->conf
->ap_vendor_elements
) {
372 bss
->vendor_elements
=
373 wpabuf_dup(wpa_s
->conf
->ap_vendor_elements
);
380 static void ap_public_action_rx(void *ctx
, const u8
*buf
, size_t len
, int freq
)
383 struct wpa_supplicant
*wpa_s
= ctx
;
384 const struct ieee80211_mgmt
*mgmt
;
386 mgmt
= (const struct ieee80211_mgmt
*) buf
;
387 if (len
< IEEE80211_HDRLEN
+ 1)
389 if (mgmt
->u
.action
.category
!= WLAN_ACTION_PUBLIC
)
391 wpas_p2p_rx_action(wpa_s
, mgmt
->da
, mgmt
->sa
, mgmt
->bssid
,
392 mgmt
->u
.action
.category
,
393 buf
+ IEEE80211_HDRLEN
+ 1,
394 len
- IEEE80211_HDRLEN
- 1, freq
);
395 #endif /* CONFIG_P2P */
399 static void ap_wps_event_cb(void *ctx
, enum wps_event event
,
400 union wps_event_data
*data
)
403 struct wpa_supplicant
*wpa_s
= ctx
;
405 if (event
== WPS_EV_FAIL
) {
406 struct wps_event_fail
*fail
= &data
->fail
;
408 if (wpa_s
->parent
&& wpa_s
->parent
!= wpa_s
&&
409 wpa_s
== wpa_s
->global
->p2p_group_formation
) {
411 * src/ap/wps_hostapd.c has already sent this on the
412 * main interface, so only send on the parent interface
415 wpa_msg(wpa_s
->parent
, MSG_INFO
, WPS_EVENT_FAIL
416 "msg=%d config_error=%d",
417 fail
->msg
, fail
->config_error
);
419 wpas_p2p_wps_failed(wpa_s
, fail
);
421 #endif /* CONFIG_P2P */
425 static void ap_sta_authorized_cb(void *ctx
, const u8
*mac_addr
,
426 int authorized
, const u8
*p2p_dev_addr
)
428 wpas_notify_sta_authorized(ctx
, mac_addr
, authorized
, p2p_dev_addr
);
433 static void ap_new_psk_cb(void *ctx
, const u8
*mac_addr
, const u8
*p2p_dev_addr
,
434 const u8
*psk
, size_t psk_len
)
437 struct wpa_supplicant
*wpa_s
= ctx
;
438 if (wpa_s
->ap_iface
== NULL
|| wpa_s
->current_ssid
== NULL
)
440 wpas_p2p_new_psk_cb(wpa_s
, mac_addr
, p2p_dev_addr
, psk
, psk_len
);
442 #endif /* CONFIG_P2P */
445 static int ap_vendor_action_rx(void *ctx
, const u8
*buf
, size_t len
, int freq
)
448 struct wpa_supplicant
*wpa_s
= ctx
;
449 const struct ieee80211_mgmt
*mgmt
;
451 mgmt
= (const struct ieee80211_mgmt
*) buf
;
452 if (len
< IEEE80211_HDRLEN
+ 1)
454 wpas_p2p_rx_action(wpa_s
, mgmt
->da
, mgmt
->sa
, mgmt
->bssid
,
455 mgmt
->u
.action
.category
,
456 buf
+ IEEE80211_HDRLEN
+ 1,
457 len
- IEEE80211_HDRLEN
- 1, freq
);
458 #endif /* CONFIG_P2P */
463 static int ap_probe_req_rx(void *ctx
, const u8
*sa
, const u8
*da
,
464 const u8
*bssid
, const u8
*ie
, size_t ie_len
,
467 struct wpa_supplicant
*wpa_s
= ctx
;
468 return wpas_p2p_probe_req_rx(wpa_s
, sa
, da
, bssid
, ie
, ie_len
,
473 static void ap_wps_reg_success_cb(void *ctx
, const u8
*mac_addr
,
476 struct wpa_supplicant
*wpa_s
= ctx
;
477 wpas_p2p_wps_success(wpa_s
, mac_addr
, 1);
481 static void wpas_ap_configured_cb(void *ctx
)
483 struct wpa_supplicant
*wpa_s
= ctx
;
485 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
487 if (wpa_s
->ap_configured_cb
)
488 wpa_s
->ap_configured_cb(wpa_s
->ap_configured_cb_ctx
,
489 wpa_s
->ap_configured_cb_data
);
493 int wpa_supplicant_create_ap(struct wpa_supplicant
*wpa_s
,
494 struct wpa_ssid
*ssid
)
496 struct wpa_driver_associate_params params
;
497 struct hostapd_iface
*hapd_iface
;
498 struct hostapd_config
*conf
;
501 if (ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) {
502 wpa_printf(MSG_ERROR
, "No SSID configured for AP mode");
506 wpa_supplicant_ap_deinit(wpa_s
);
508 wpa_printf(MSG_DEBUG
, "Setting up AP (SSID='%s')",
509 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
511 os_memset(¶ms
, 0, sizeof(params
));
512 params
.ssid
= ssid
->ssid
;
513 params
.ssid_len
= ssid
->ssid_len
;
514 switch (ssid
->mode
) {
516 case WPAS_MODE_P2P_GO
:
517 case WPAS_MODE_P2P_GROUP_FORMATION
:
518 params
.mode
= IEEE80211_MODE_AP
;
523 if (ssid
->frequency
== 0)
524 ssid
->frequency
= 2462; /* default channel 11 */
525 params
.freq
.freq
= ssid
->frequency
;
527 params
.wpa_proto
= ssid
->proto
;
528 if (ssid
->key_mgmt
& WPA_KEY_MGMT_PSK
)
529 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
531 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
532 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
534 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(ssid
->pairwise_cipher
,
536 if (wpa_s
->pairwise_cipher
< 0) {
537 wpa_printf(MSG_WARNING
, "WPA: Failed to select pairwise "
541 params
.pairwise_suite
= wpa_s
->pairwise_cipher
;
542 params
.group_suite
= params
.pairwise_suite
;
545 if (ssid
->mode
== WPAS_MODE_P2P_GO
||
546 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
548 #endif /* CONFIG_P2P */
550 if (wpa_s
->parent
->set_ap_uapsd
)
551 params
.uapsd
= wpa_s
->parent
->ap_uapsd
;
552 else if (params
.p2p
&& (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP_UAPSD
))
553 params
.uapsd
= 1; /* mandatory for P2P GO */
557 if (wpa_drv_associate(wpa_s
, ¶ms
) < 0) {
558 wpa_msg(wpa_s
, MSG_INFO
, "Failed to start AP functionality");
562 wpa_s
->ap_iface
= hapd_iface
= os_zalloc(sizeof(*wpa_s
->ap_iface
));
563 if (hapd_iface
== NULL
)
565 hapd_iface
->owner
= wpa_s
;
566 hapd_iface
->drv_flags
= wpa_s
->drv_flags
;
567 hapd_iface
->smps_modes
= wpa_s
->drv_smps_modes
;
568 hapd_iface
->probe_resp_offloads
= wpa_s
->probe_resp_offloads
;
569 hapd_iface
->extended_capa
= wpa_s
->extended_capa
;
570 hapd_iface
->extended_capa_mask
= wpa_s
->extended_capa_mask
;
571 hapd_iface
->extended_capa_len
= wpa_s
->extended_capa_len
;
573 wpa_s
->ap_iface
->conf
= conf
= hostapd_config_defaults();
575 wpa_supplicant_ap_deinit(wpa_s
);
579 os_memcpy(wpa_s
->ap_iface
->conf
->wmm_ac_params
,
580 wpa_s
->conf
->wmm_ac_params
,
581 sizeof(wpa_s
->conf
->wmm_ac_params
));
583 if (params
.uapsd
> 0) {
584 conf
->bss
[0]->wmm_enabled
= 1;
585 conf
->bss
[0]->wmm_uapsd
= 1;
588 if (wpa_supplicant_conf_ap(wpa_s
, ssid
, conf
)) {
589 wpa_printf(MSG_ERROR
, "Failed to create AP configuration");
590 wpa_supplicant_ap_deinit(wpa_s
);
595 if (ssid
->mode
== WPAS_MODE_P2P_GO
)
596 conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
;
597 else if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
598 conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
|
600 #endif /* CONFIG_P2P */
602 hapd_iface
->num_bss
= conf
->num_bss
;
603 hapd_iface
->bss
= os_calloc(conf
->num_bss
,
604 sizeof(struct hostapd_data
*));
605 if (hapd_iface
->bss
== NULL
) {
606 wpa_supplicant_ap_deinit(wpa_s
);
610 for (i
= 0; i
< conf
->num_bss
; i
++) {
612 hostapd_alloc_bss_data(hapd_iface
, conf
,
614 if (hapd_iface
->bss
[i
] == NULL
) {
615 wpa_supplicant_ap_deinit(wpa_s
);
619 hapd_iface
->bss
[i
]->msg_ctx
= wpa_s
;
620 hapd_iface
->bss
[i
]->msg_ctx_parent
= wpa_s
->parent
;
621 hapd_iface
->bss
[i
]->public_action_cb
= ap_public_action_rx
;
622 hapd_iface
->bss
[i
]->public_action_cb_ctx
= wpa_s
;
623 hapd_iface
->bss
[i
]->vendor_action_cb
= ap_vendor_action_rx
;
624 hapd_iface
->bss
[i
]->vendor_action_cb_ctx
= wpa_s
;
625 hostapd_register_probereq_cb(hapd_iface
->bss
[i
],
626 ap_probe_req_rx
, wpa_s
);
627 hapd_iface
->bss
[i
]->wps_reg_success_cb
= ap_wps_reg_success_cb
;
628 hapd_iface
->bss
[i
]->wps_reg_success_cb_ctx
= wpa_s
;
629 hapd_iface
->bss
[i
]->wps_event_cb
= ap_wps_event_cb
;
630 hapd_iface
->bss
[i
]->wps_event_cb_ctx
= wpa_s
;
631 hapd_iface
->bss
[i
]->sta_authorized_cb
= ap_sta_authorized_cb
;
632 hapd_iface
->bss
[i
]->sta_authorized_cb_ctx
= wpa_s
;
634 hapd_iface
->bss
[i
]->new_psk_cb
= ap_new_psk_cb
;
635 hapd_iface
->bss
[i
]->new_psk_cb_ctx
= wpa_s
;
636 hapd_iface
->bss
[i
]->p2p
= wpa_s
->global
->p2p
;
637 hapd_iface
->bss
[i
]->p2p_group
= wpas_p2p_group_init(wpa_s
,
639 #endif /* CONFIG_P2P */
640 hapd_iface
->bss
[i
]->setup_complete_cb
= wpas_ap_configured_cb
;
641 hapd_iface
->bss
[i
]->setup_complete_cb_ctx
= wpa_s
;
642 #ifdef CONFIG_TESTING_OPTIONS
643 hapd_iface
->bss
[i
]->ext_eapol_frame_io
=
644 wpa_s
->ext_eapol_frame_io
;
645 #endif /* CONFIG_TESTING_OPTIONS */
648 os_memcpy(hapd_iface
->bss
[0]->own_addr
, wpa_s
->own_addr
, ETH_ALEN
);
649 hapd_iface
->bss
[0]->driver
= wpa_s
->driver
;
650 hapd_iface
->bss
[0]->drv_priv
= wpa_s
->drv_priv
;
652 wpa_s
->current_ssid
= ssid
;
653 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
654 os_memcpy(wpa_s
->bssid
, wpa_s
->own_addr
, ETH_ALEN
);
655 wpa_s
->assoc_freq
= ssid
->frequency
;
657 if (hostapd_setup_interface(wpa_s
->ap_iface
)) {
658 wpa_printf(MSG_ERROR
, "Failed to initialize AP interface");
659 wpa_supplicant_ap_deinit(wpa_s
);
667 void wpa_supplicant_ap_deinit(struct wpa_supplicant
*wpa_s
)
670 eloop_cancel_timeout(wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
671 #endif /* CONFIG_WPS */
673 if (wpa_s
->ap_iface
== NULL
)
676 wpa_s
->current_ssid
= NULL
;
677 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
678 wpa_s
->assoc_freq
= 0;
679 wpas_p2p_ap_deinit(wpa_s
);
680 wpa_s
->ap_iface
->driver_ap_teardown
=
681 !!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT
);
683 hostapd_interface_deinit(wpa_s
->ap_iface
);
684 hostapd_interface_free(wpa_s
->ap_iface
);
685 wpa_s
->ap_iface
= NULL
;
686 wpa_drv_deinit_ap(wpa_s
);
690 void ap_tx_status(void *ctx
, const u8
*addr
,
691 const u8
*buf
, size_t len
, int ack
)
694 struct wpa_supplicant
*wpa_s
= ctx
;
695 hostapd_tx_status(wpa_s
->ap_iface
->bss
[0], addr
, buf
, len
, ack
);
696 #endif /* NEED_AP_MLME */
700 void ap_eapol_tx_status(void *ctx
, const u8
*dst
,
701 const u8
*data
, size_t len
, int ack
)
704 struct wpa_supplicant
*wpa_s
= ctx
;
705 if (!wpa_s
->ap_iface
)
707 hostapd_tx_status(wpa_s
->ap_iface
->bss
[0], dst
, data
, len
, ack
);
708 #endif /* NEED_AP_MLME */
712 void ap_client_poll_ok(void *ctx
, const u8
*addr
)
715 struct wpa_supplicant
*wpa_s
= ctx
;
717 hostapd_client_poll_ok(wpa_s
->ap_iface
->bss
[0], addr
);
718 #endif /* NEED_AP_MLME */
722 void ap_rx_from_unknown_sta(void *ctx
, const u8
*addr
, int wds
)
725 struct wpa_supplicant
*wpa_s
= ctx
;
726 ieee802_11_rx_from_unknown(wpa_s
->ap_iface
->bss
[0], addr
, wds
);
727 #endif /* NEED_AP_MLME */
731 void ap_mgmt_rx(void *ctx
, struct rx_mgmt
*rx_mgmt
)
734 struct wpa_supplicant
*wpa_s
= ctx
;
735 struct hostapd_frame_info fi
;
736 os_memset(&fi
, 0, sizeof(fi
));
737 fi
.datarate
= rx_mgmt
->datarate
;
738 fi
.ssi_signal
= rx_mgmt
->ssi_signal
;
739 ieee802_11_mgmt(wpa_s
->ap_iface
->bss
[0], rx_mgmt
->frame
,
740 rx_mgmt
->frame_len
, &fi
);
741 #endif /* NEED_AP_MLME */
745 void ap_mgmt_tx_cb(void *ctx
, const u8
*buf
, size_t len
, u16 stype
, int ok
)
748 struct wpa_supplicant
*wpa_s
= ctx
;
749 ieee802_11_mgmt_cb(wpa_s
->ap_iface
->bss
[0], buf
, len
, stype
, ok
);
750 #endif /* NEED_AP_MLME */
754 void wpa_supplicant_ap_rx_eapol(struct wpa_supplicant
*wpa_s
,
755 const u8
*src_addr
, const u8
*buf
, size_t len
)
757 ieee802_1x_receive(wpa_s
->ap_iface
->bss
[0], src_addr
, buf
, len
);
763 int wpa_supplicant_ap_wps_pbc(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
764 const u8
*p2p_dev_addr
)
766 if (!wpa_s
->ap_iface
)
768 return hostapd_wps_button_pushed(wpa_s
->ap_iface
->bss
[0],
773 int wpa_supplicant_ap_wps_cancel(struct wpa_supplicant
*wpa_s
)
775 struct wps_registrar
*reg
;
776 int reg_sel
= 0, wps_sta
= 0;
778 if (!wpa_s
->ap_iface
|| !wpa_s
->ap_iface
->bss
[0]->wps
)
781 reg
= wpa_s
->ap_iface
->bss
[0]->wps
->registrar
;
782 reg_sel
= wps_registrar_wps_cancel(reg
);
783 wps_sta
= ap_for_each_sta(wpa_s
->ap_iface
->bss
[0],
784 ap_sta_wps_cancel
, NULL
);
786 if (!reg_sel
&& !wps_sta
) {
787 wpa_printf(MSG_DEBUG
, "No WPS operation in progress at this "
793 * There are 2 cases to return wps cancel as success:
794 * 1. When wps cancel was initiated but no connection has been
795 * established with client yet.
796 * 2. Client is in the middle of exchanging WPS messages.
803 int wpa_supplicant_ap_wps_pin(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
804 const char *pin
, char *buf
, size_t buflen
,
807 int ret
, ret_len
= 0;
809 if (!wpa_s
->ap_iface
)
813 unsigned int rpin
= wps_generate_pin();
814 ret_len
= os_snprintf(buf
, buflen
, "%08d", rpin
);
817 ret_len
= os_snprintf(buf
, buflen
, "%s", pin
);
819 ret
= hostapd_wps_add_pin(wpa_s
->ap_iface
->bss
[0], bssid
, "any", pin
,
827 static void wpas_wps_ap_pin_timeout(void *eloop_data
, void *user_ctx
)
829 struct wpa_supplicant
*wpa_s
= eloop_data
;
830 wpa_printf(MSG_DEBUG
, "WPS: AP PIN timed out");
831 wpas_wps_ap_pin_disable(wpa_s
);
835 static void wpas_wps_ap_pin_enable(struct wpa_supplicant
*wpa_s
, int timeout
)
837 struct hostapd_data
*hapd
;
839 if (wpa_s
->ap_iface
== NULL
)
841 hapd
= wpa_s
->ap_iface
->bss
[0];
842 wpa_printf(MSG_DEBUG
, "WPS: Enabling AP PIN (timeout=%d)", timeout
);
843 hapd
->ap_pin_failures
= 0;
844 eloop_cancel_timeout(wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
846 eloop_register_timeout(timeout
, 0,
847 wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
851 void wpas_wps_ap_pin_disable(struct wpa_supplicant
*wpa_s
)
853 struct hostapd_data
*hapd
;
855 if (wpa_s
->ap_iface
== NULL
)
857 wpa_printf(MSG_DEBUG
, "WPS: Disabling AP PIN");
858 hapd
= wpa_s
->ap_iface
->bss
[0];
859 os_free(hapd
->conf
->ap_pin
);
860 hapd
->conf
->ap_pin
= NULL
;
861 eloop_cancel_timeout(wpas_wps_ap_pin_timeout
, wpa_s
, NULL
);
865 const char * wpas_wps_ap_pin_random(struct wpa_supplicant
*wpa_s
, int timeout
)
867 struct hostapd_data
*hapd
;
871 if (wpa_s
->ap_iface
== NULL
)
873 hapd
= wpa_s
->ap_iface
->bss
[0];
874 pin
= wps_generate_pin();
875 os_snprintf(pin_txt
, sizeof(pin_txt
), "%08u", pin
);
876 os_free(hapd
->conf
->ap_pin
);
877 hapd
->conf
->ap_pin
= os_strdup(pin_txt
);
878 if (hapd
->conf
->ap_pin
== NULL
)
880 wpas_wps_ap_pin_enable(wpa_s
, timeout
);
882 return hapd
->conf
->ap_pin
;
886 const char * wpas_wps_ap_pin_get(struct wpa_supplicant
*wpa_s
)
888 struct hostapd_data
*hapd
;
889 if (wpa_s
->ap_iface
== NULL
)
891 hapd
= wpa_s
->ap_iface
->bss
[0];
892 return hapd
->conf
->ap_pin
;
896 int wpas_wps_ap_pin_set(struct wpa_supplicant
*wpa_s
, const char *pin
,
899 struct hostapd_data
*hapd
;
903 if (wpa_s
->ap_iface
== NULL
)
905 hapd
= wpa_s
->ap_iface
->bss
[0];
906 ret
= os_snprintf(pin_txt
, sizeof(pin_txt
), "%s", pin
);
907 if (ret
< 0 || ret
>= (int) sizeof(pin_txt
))
909 os_free(hapd
->conf
->ap_pin
);
910 hapd
->conf
->ap_pin
= os_strdup(pin_txt
);
911 if (hapd
->conf
->ap_pin
== NULL
)
913 wpas_wps_ap_pin_enable(wpa_s
, timeout
);
919 void wpa_supplicant_ap_pwd_auth_fail(struct wpa_supplicant
*wpa_s
)
921 struct hostapd_data
*hapd
;
923 if (wpa_s
->ap_iface
== NULL
)
925 hapd
= wpa_s
->ap_iface
->bss
[0];
928 * Registrar failed to prove its knowledge of the AP PIN. Disable AP
929 * PIN if this happens multiple times to slow down brute force attacks.
931 hapd
->ap_pin_failures
++;
932 wpa_printf(MSG_DEBUG
, "WPS: AP PIN authentication failure number %u",
933 hapd
->ap_pin_failures
);
934 if (hapd
->ap_pin_failures
< 3)
937 wpa_printf(MSG_DEBUG
, "WPS: Disable AP PIN");
938 hapd
->ap_pin_failures
= 0;
939 os_free(hapd
->conf
->ap_pin
);
940 hapd
->conf
->ap_pin
= NULL
;
944 #ifdef CONFIG_WPS_NFC
946 struct wpabuf
* wpas_ap_wps_nfc_config_token(struct wpa_supplicant
*wpa_s
,
949 struct hostapd_data
*hapd
;
951 if (wpa_s
->ap_iface
== NULL
)
953 hapd
= wpa_s
->ap_iface
->bss
[0];
954 return hostapd_wps_nfc_config_token(hapd
, ndef
);
958 struct wpabuf
* wpas_ap_wps_nfc_handover_sel(struct wpa_supplicant
*wpa_s
,
961 struct hostapd_data
*hapd
;
963 if (wpa_s
->ap_iface
== NULL
)
965 hapd
= wpa_s
->ap_iface
->bss
[0];
966 return hostapd_wps_nfc_hs_cr(hapd
, ndef
);
970 int wpas_ap_wps_nfc_report_handover(struct wpa_supplicant
*wpa_s
,
971 const struct wpabuf
*req
,
972 const struct wpabuf
*sel
)
974 struct hostapd_data
*hapd
;
976 if (wpa_s
->ap_iface
== NULL
)
978 hapd
= wpa_s
->ap_iface
->bss
[0];
979 return hostapd_wps_nfc_report_handover(hapd
, req
, sel
);
982 #endif /* CONFIG_WPS_NFC */
984 #endif /* CONFIG_WPS */
987 #ifdef CONFIG_CTRL_IFACE
989 int ap_ctrl_iface_sta_first(struct wpa_supplicant
*wpa_s
,
990 char *buf
, size_t buflen
)
992 if (wpa_s
->ap_iface
== NULL
)
994 return hostapd_ctrl_iface_sta_first(wpa_s
->ap_iface
->bss
[0],
999 int ap_ctrl_iface_sta(struct wpa_supplicant
*wpa_s
, const char *txtaddr
,
1000 char *buf
, size_t buflen
)
1002 if (wpa_s
->ap_iface
== NULL
)
1004 return hostapd_ctrl_iface_sta(wpa_s
->ap_iface
->bss
[0], txtaddr
,
1009 int ap_ctrl_iface_sta_next(struct wpa_supplicant
*wpa_s
, const char *txtaddr
,
1010 char *buf
, size_t buflen
)
1012 if (wpa_s
->ap_iface
== NULL
)
1014 return hostapd_ctrl_iface_sta_next(wpa_s
->ap_iface
->bss
[0], txtaddr
,
1019 int ap_ctrl_iface_sta_disassociate(struct wpa_supplicant
*wpa_s
,
1020 const char *txtaddr
)
1022 if (wpa_s
->ap_iface
== NULL
)
1024 return hostapd_ctrl_iface_disassociate(wpa_s
->ap_iface
->bss
[0],
1029 int ap_ctrl_iface_sta_deauthenticate(struct wpa_supplicant
*wpa_s
,
1030 const char *txtaddr
)
1032 if (wpa_s
->ap_iface
== NULL
)
1034 return hostapd_ctrl_iface_deauthenticate(wpa_s
->ap_iface
->bss
[0],
1039 int ap_ctrl_iface_wpa_get_status(struct wpa_supplicant
*wpa_s
, char *buf
,
1040 size_t buflen
, int verbose
)
1042 char *pos
= buf
, *end
= buf
+ buflen
;
1044 struct hostapd_bss_config
*conf
;
1046 if (wpa_s
->ap_iface
== NULL
)
1049 conf
= wpa_s
->ap_iface
->bss
[0]->conf
;
1053 ret
= os_snprintf(pos
, end
- pos
,
1054 "pairwise_cipher=%s\n"
1057 wpa_cipher_txt(conf
->rsn_pairwise
),
1058 wpa_cipher_txt(conf
->wpa_group
),
1059 wpa_key_mgmt_txt(conf
->wpa_key_mgmt
,
1061 if (ret
< 0 || ret
>= end
- pos
)
1067 #endif /* CONFIG_CTRL_IFACE */
1070 int wpa_supplicant_ap_update_beacon(struct wpa_supplicant
*wpa_s
)
1072 struct hostapd_iface
*iface
= wpa_s
->ap_iface
;
1073 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
1074 struct hostapd_data
*hapd
;
1076 if (ssid
== NULL
|| wpa_s
->ap_iface
== NULL
||
1077 ssid
->mode
== WPAS_MODE_INFRA
||
1078 ssid
->mode
== WPAS_MODE_IBSS
)
1082 if (ssid
->mode
== WPAS_MODE_P2P_GO
)
1083 iface
->conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
;
1084 else if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1085 iface
->conf
->bss
[0]->p2p
= P2P_ENABLED
| P2P_GROUP_OWNER
|
1086 P2P_GROUP_FORMATION
;
1087 #endif /* CONFIG_P2P */
1089 hapd
= iface
->bss
[0];
1090 if (hapd
->drv_priv
== NULL
)
1092 ieee802_11_set_beacons(iface
);
1093 hostapd_set_ap_wps_ie(hapd
);
1099 int ap_switch_channel(struct wpa_supplicant
*wpa_s
,
1100 struct csa_settings
*settings
)
1103 if (!wpa_s
->ap_iface
|| !wpa_s
->ap_iface
->bss
[0])
1106 return hostapd_switch_channel(wpa_s
->ap_iface
->bss
[0], settings
);
1107 #else /* NEED_AP_MLME */
1109 #endif /* NEED_AP_MLME */
1113 int ap_ctrl_iface_chanswitch(struct wpa_supplicant
*wpa_s
, const char *pos
)
1115 struct csa_settings settings
;
1116 int ret
= hostapd_parse_csa_settings(pos
, &settings
);
1121 return ap_switch_channel(wpa_s
, &settings
);
1125 void wpas_ap_ch_switch(struct wpa_supplicant
*wpa_s
, int freq
, int ht
,
1126 int offset
, int width
, int cf1
, int cf2
)
1128 if (!wpa_s
->ap_iface
)
1131 wpa_s
->assoc_freq
= freq
;
1132 hostapd_event_ch_switch(wpa_s
->ap_iface
->bss
[0], freq
, ht
, offset
, width
, cf1
, cf1
);
1136 int wpa_supplicant_ap_mac_addr_filter(struct wpa_supplicant
*wpa_s
,
1139 struct hostapd_data
*hapd
;
1140 struct hostapd_bss_config
*conf
;
1142 if (!wpa_s
->ap_iface
)
1146 wpa_printf(MSG_DEBUG
, "AP: Set MAC address filter: " MACSTR
,
1149 wpa_printf(MSG_DEBUG
, "AP: Clear MAC address filter");
1151 hapd
= wpa_s
->ap_iface
->bss
[0];
1154 os_free(conf
->accept_mac
);
1155 conf
->accept_mac
= NULL
;
1156 conf
->num_accept_mac
= 0;
1157 os_free(conf
->deny_mac
);
1158 conf
->deny_mac
= NULL
;
1159 conf
->num_deny_mac
= 0;
1162 conf
->macaddr_acl
= ACCEPT_UNLESS_DENIED
;
1166 conf
->macaddr_acl
= DENY_UNLESS_ACCEPTED
;
1167 conf
->accept_mac
= os_zalloc(sizeof(struct mac_acl_entry
));
1168 if (conf
->accept_mac
== NULL
)
1170 os_memcpy(conf
->accept_mac
[0].addr
, addr
, ETH_ALEN
);
1171 conf
->num_accept_mac
= 1;
1177 #ifdef CONFIG_WPS_NFC
1178 int wpas_ap_wps_add_nfc_pw(struct wpa_supplicant
*wpa_s
, u16 pw_id
,
1179 const struct wpabuf
*pw
, const u8
*pubkey_hash
)
1181 struct hostapd_data
*hapd
;
1182 struct wps_context
*wps
;
1184 if (!wpa_s
->ap_iface
)
1186 hapd
= wpa_s
->ap_iface
->bss
[0];
1189 if (wpa_s
->parent
->conf
->wps_nfc_dh_pubkey
== NULL
||
1190 wpa_s
->parent
->conf
->wps_nfc_dh_privkey
== NULL
) {
1191 wpa_printf(MSG_DEBUG
, "P2P: No NFC DH key known");
1195 dh5_free(wps
->dh_ctx
);
1196 wpabuf_free(wps
->dh_pubkey
);
1197 wpabuf_free(wps
->dh_privkey
);
1198 wps
->dh_privkey
= wpabuf_dup(
1199 wpa_s
->parent
->conf
->wps_nfc_dh_privkey
);
1200 wps
->dh_pubkey
= wpabuf_dup(
1201 wpa_s
->parent
->conf
->wps_nfc_dh_pubkey
);
1202 if (wps
->dh_privkey
== NULL
|| wps
->dh_pubkey
== NULL
) {
1204 wpabuf_free(wps
->dh_pubkey
);
1205 wps
->dh_pubkey
= NULL
;
1206 wpabuf_free(wps
->dh_privkey
);
1207 wps
->dh_privkey
= NULL
;
1210 wps
->dh_ctx
= dh5_init_fixed(wps
->dh_privkey
, wps
->dh_pubkey
);
1211 if (wps
->dh_ctx
== NULL
)
1214 return wps_registrar_add_nfc_pw_token(hapd
->wps
->registrar
, pubkey_hash
,
1216 pw
? wpabuf_head(pw
) : NULL
,
1217 pw
? wpabuf_len(pw
) : 0, 1);
1219 #endif /* CONFIG_WPS_NFC */