/** * wpas_dbus_iface_add_network - Add a new configured network * @message: Pointer to incoming dbus message * @wpa_s: wpa_supplicant structure for a network interface * Returns: A dbus message containing the object path of the new network * * Handler function for "addNetwork" method call of a network interface. */ DBusMessage * wpas_dbus_iface_add_network(DBusMessage *message, struct wpa_supplicant *wpa_s) { DBusMessage *reply = NULL; struct wpa_ssid *ssid; char path_buf[WPAS_DBUS_OBJECT_PATH_MAX], *path = path_buf; ssid = wpa_config_add_network(wpa_s->conf); if (ssid == NULL) { reply = dbus_message_new_error(message, WPAS_ERROR_ADD_NETWORK_ERROR, "wpa_supplicant could not add " "a network on this interface."); goto out; } wpas_notify_network_added(wpa_s, ssid); ssid->disabled = 1; wpa_config_set_network_defaults(ssid); /* Construct the object path for this network. */ os_snprintf(path, WPAS_DBUS_OBJECT_PATH_MAX, "%s/" WPAS_DBUS_NETWORKS_PART "/%d", wpa_s->dbus_path, ssid->id); reply = dbus_message_new_method_return(message); dbus_message_append_args(reply, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID); out: return reply; }
static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s, int registrar, const u8 *bssid) { struct wpa_ssid *ssid; ssid = wpa_config_add_network(wpa_s->conf); if (ssid == NULL) return NULL; wpas_notify_network_added(wpa_s, ssid); wpa_config_set_network_defaults(ssid); if (wpa_config_set(ssid, "key_mgmt", "WPS", 0) < 0 || wpa_config_set(ssid, "eap", "WSC", 0) < 0 || wpa_config_set(ssid, "identity", registrar ? "\"" WSC_ID_REGISTRAR "\"" : "\"" WSC_ID_ENROLLEE "\"", 0) < 0) { wpas_notify_network_removed(wpa_s, ssid); wpa_config_remove_network(wpa_s->conf, ssid->id); return NULL; } if (bssid) { struct wpa_bss *bss; int count = 0; os_memcpy(ssid->bssid, bssid, ETH_ALEN); ssid->bssid_set = 1; dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { if (os_memcmp(bssid, bss->bssid, ETH_ALEN) != 0) continue; os_free(ssid->ssid); ssid->ssid = os_malloc(bss->ssid_len); if (ssid->ssid == NULL) break; os_memcpy(ssid->ssid, bss->ssid, bss->ssid_len); ssid->ssid_len = bss->ssid_len; wpa_hexdump_ascii(MSG_DEBUG, "WPS: Picked SSID from " "scan results", ssid->ssid, ssid->ssid_len); count++; } if (count > 1) { wpa_printf(MSG_DEBUG, "WPS: More than one SSID found " "for the AP; use wildcard"); os_free(ssid->ssid); ssid->ssid = NULL; ssid->ssid_len = 0; } } return ssid; }
static int wpa_supplicant_wps_cred(void *ctx, const struct wps_credential *cred) { struct wpa_supplicant *wpa_s = ctx; struct wpa_ssid *ssid = wpa_s->current_ssid; u8 key_idx = 0; u16 auth_type; if ((wpa_s->conf->wps_cred_processing == 1 || wpa_s->conf->wps_cred_processing == 2) && cred->cred_attr) { size_t blen = cred->cred_attr_len * 2 + 1; char *buf = os_malloc(blen); if (buf) { wpa_snprintf_hex(buf, blen, cred->cred_attr, cred->cred_attr_len); wpa_msg(wpa_s, MSG_INFO, "%s%s", WPS_EVENT_CRED_RECEIVED, buf); os_free(buf); } wpas_notify_wps_credential(wpa_s, cred); } else wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_CRED_RECEIVED); wpa_hexdump_key(MSG_DEBUG, "WPS: Received Credential attribute", cred->cred_attr, cred->cred_attr_len); if (wpa_s->conf->wps_cred_processing == 1) return 0; wpa_hexdump_ascii(MSG_DEBUG, "WPS: SSID", cred->ssid, cred->ssid_len); wpa_printf(MSG_DEBUG, "WPS: Authentication Type 0x%x", cred->auth_type); wpa_printf(MSG_DEBUG, "WPS: Encryption Type 0x%x", cred->encr_type); wpa_printf(MSG_DEBUG, "WPS: Network Key Index %d", cred->key_idx); wpa_hexdump_key(MSG_DEBUG, "WPS: Network Key", cred->key, cred->key_len); wpa_printf(MSG_DEBUG, "WPS: MAC Address " MACSTR, MAC2STR(cred->mac_addr)); auth_type = cred->auth_type; if (auth_type == (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK)) { wpa_printf(MSG_DEBUG, "WPS: Workaround - convert mixed-mode " "auth_type into WPA2PSK"); auth_type = WPS_AUTH_WPA2PSK; } if (auth_type != WPS_AUTH_OPEN && auth_type != WPS_AUTH_SHARED && auth_type != WPS_AUTH_WPAPSK && auth_type != WPS_AUTH_WPA2PSK) { wpa_printf(MSG_DEBUG, "WPS: Ignored credentials for " "unsupported authentication type 0x%x", auth_type); return 0; } if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { wpa_printf(MSG_DEBUG, "WPS: Replace WPS network block based " "on the received credential"); os_free(ssid->eap.identity); ssid->eap.identity = NULL; ssid->eap.identity_len = 0; os_free(ssid->eap.phase1); ssid->eap.phase1 = NULL; os_free(ssid->eap.eap_methods); ssid->eap.eap_methods = NULL; } else { wpa_printf(MSG_DEBUG, "WPS: Create a new network based on the " "received credential"); ssid = wpa_config_add_network(wpa_s->conf); if (ssid == NULL) return -1; wpas_notify_network_added(wpa_s, ssid); } wpa_config_set_network_defaults(ssid); os_free(ssid->ssid); ssid->ssid = os_malloc(cred->ssid_len); if (ssid->ssid) { os_memcpy(ssid->ssid, cred->ssid, cred->ssid_len); ssid->ssid_len = cred->ssid_len; } switch (cred->encr_type) { case WPS_ENCR_NONE: break; case WPS_ENCR_WEP: if (cred->key_len <= 0) break; if (cred->key_len != 5 && cred->key_len != 13 && cred->key_len != 10 && cred->key_len != 26) { wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key length " "%lu", (unsigned long) cred->key_len); return -1; } if (cred->key_idx > NUM_WEP_KEYS) { wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key index %d", cred->key_idx); return -1; } if (cred->key_idx) key_idx = cred->key_idx - 1; if (cred->key_len == 10 || cred->key_len == 26) { if (hexstr2bin((char *) cred->key, ssid->wep_key[key_idx], cred->key_len / 2) < 0) { wpa_printf(MSG_ERROR, "WPS: Invalid WEP Key " "%d", key_idx); return -1; } ssid->wep_key_len[key_idx] = cred->key_len / 2; } else { os_memcpy(ssid->wep_key[key_idx], cred->key, cred->key_len); ssid->wep_key_len[key_idx] = cred->key_len; } ssid->wep_tx_keyidx = key_idx; break; case WPS_ENCR_TKIP: ssid->pairwise_cipher = WPA_CIPHER_TKIP; break; case WPS_ENCR_AES: ssid->pairwise_cipher = WPA_CIPHER_CCMP; break; } switch (auth_type) { case WPS_AUTH_OPEN: ssid->auth_alg = WPA_AUTH_ALG_OPEN; ssid->key_mgmt = WPA_KEY_MGMT_NONE; ssid->proto = 0; break; case WPS_AUTH_SHARED: ssid->auth_alg = WPA_AUTH_ALG_SHARED; ssid->key_mgmt = WPA_KEY_MGMT_NONE; ssid->proto = 0; break; case WPS_AUTH_WPAPSK: ssid->auth_alg = WPA_AUTH_ALG_OPEN; ssid->key_mgmt = WPA_KEY_MGMT_PSK; ssid->proto = WPA_PROTO_WPA; break; case WPS_AUTH_WPA: ssid->auth_alg = WPA_AUTH_ALG_OPEN; ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X; ssid->proto = WPA_PROTO_WPA; break; case WPS_AUTH_WPA2: ssid->auth_alg = WPA_AUTH_ALG_OPEN; ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X; ssid->proto = WPA_PROTO_RSN; break; case WPS_AUTH_WPA2PSK: ssid->auth_alg = WPA_AUTH_ALG_OPEN; ssid->key_mgmt = WPA_KEY_MGMT_PSK; ssid->proto = WPA_PROTO_RSN; break; } if (ssid->key_mgmt == WPA_KEY_MGMT_PSK) { if (cred->key_len == 2 * PMK_LEN) { if (hexstr2bin((const char *) cred->key, ssid->psk, PMK_LEN)) { wpa_printf(MSG_ERROR, "WPS: Invalid Network " "Key"); return -1; } ssid->psk_set = 1; } else if (cred->key_len >= 8 && cred->key_len < 2 * PMK_LEN) { os_free(ssid->passphrase); ssid->passphrase = os_malloc(cred->key_len + 1); if (ssid->passphrase == NULL) return -1; os_memcpy(ssid->passphrase, cred->key, cred->key_len); ssid->passphrase[cred->key_len] = '\0'; wpa_config_update_psk(ssid); } else { wpa_printf(MSG_ERROR, "WPS: Invalid Network Key " "length %lu", (unsigned long) cred->key_len); return -1; } } wpas_wps_security_workaround(wpa_s, ssid, cred); #ifndef CONFIG_NO_CONFIG_WRITE if (wpa_s->conf->update_config && wpa_config_write(wpa_s->confname, wpa_s->conf)) { wpa_printf(MSG_DEBUG, "WPS: Failed to update configuration"); return -1; } #endif /* CONFIG_NO_CONFIG_WRITE */ return 0; }
int interworking_connect(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) { struct wpa_ssid *ssid; struct nai_realm *realm; struct nai_realm_eap *eap = NULL; u16 count, i; char buf[100]; const u8 *ie; if (bss == NULL) return -1; ie = wpa_bss_get_ie(bss, WLAN_EID_SSID); if (ie == NULL || ie[1] == 0) { wpa_printf(MSG_DEBUG, "Interworking: No SSID known for " MACSTR, MAC2STR(bss->bssid)); return -1; } realm = nai_realm_parse(bss->anqp_nai_realm, &count); if (realm == NULL) { wpa_printf(MSG_DEBUG, "Interworking: Could not parse NAI " "Realm list from " MACSTR, MAC2STR(bss->bssid)); count = 0; } for (i = 0; i < count; i++) { if (!nai_realm_match(&realm[i], wpa_s->conf->home_realm)) continue; eap = nai_realm_find_eap(wpa_s, &realm[i]); if (eap) break; } if (!eap) { if (interworking_connect_3gpp(wpa_s, bss) == 0) { if (realm) nai_realm_free(realm, count); return 0; } wpa_printf(MSG_DEBUG, "Interworking: No matching credentials " "and EAP method found for " MACSTR, MAC2STR(bss->bssid)); nai_realm_free(realm, count); return -1; } wpa_printf(MSG_DEBUG, "Interworking: Connect with " MACSTR, MAC2STR(bss->bssid)); ssid = wpa_config_add_network(wpa_s->conf); if (ssid == NULL) { nai_realm_free(realm, count); return -1; } wpas_notify_network_added(wpa_s, ssid); wpa_config_set_network_defaults(ssid); ssid->temporary = 1; ssid->ssid = os_zalloc(ie[1] + 1); if (ssid->ssid == NULL) goto fail; os_memcpy(ssid->ssid, ie + 2, ie[1]); ssid->ssid_len = ie[1]; if (wpa_config_set(ssid, "eap", eap_get_name(EAP_VENDOR_IETF, eap->method), 0) < 0) goto fail; if (wpa_s->conf->home_username && wpa_s->conf->home_username[0] && wpa_config_set_quoted(ssid, "identity", wpa_s->conf->home_username) < 0) goto fail; if (wpa_s->conf->home_password && wpa_s->conf->home_password[0] && wpa_config_set_quoted(ssid, "password", wpa_s->conf->home_password) < 0) goto fail; switch (eap->method) { case EAP_TYPE_TTLS: if (eap->inner_method) { os_snprintf(buf, sizeof(buf), "\"autheap=%s\"", eap_get_name(EAP_VENDOR_IETF, eap->inner_method)); if (wpa_config_set(ssid, "phase2", buf, 0) < 0) goto fail; break; } switch (eap->inner_non_eap) { case NAI_REALM_INNER_NON_EAP_PAP: if (wpa_config_set(ssid, "phase2", "\"auth=PAP\"", 0) < 0) goto fail; break; case NAI_REALM_INNER_NON_EAP_CHAP: if (wpa_config_set(ssid, "phase2", "\"auth=CHAP\"", 0) < 0) goto fail; break; case NAI_REALM_INNER_NON_EAP_MSCHAP: if (wpa_config_set(ssid, "phase2", "\"auth=MSCHAP\"", 0) < 0) goto fail; break; case NAI_REALM_INNER_NON_EAP_MSCHAPV2: if (wpa_config_set(ssid, "phase2", "\"auth=MSCHAPV2\"", 0) < 0) goto fail; break; } break; case EAP_TYPE_PEAP: os_snprintf(buf, sizeof(buf), "\"auth=%s\"", eap_get_name(EAP_VENDOR_IETF, eap->inner_method)); if (wpa_config_set(ssid, "phase2", buf, 0) < 0) goto fail; break; } if (wpa_s->conf->home_ca_cert && wpa_s->conf->home_ca_cert[0] && wpa_config_set_quoted(ssid, "ca_cert", wpa_s->conf->home_ca_cert) < 0) goto fail; nai_realm_free(realm, count); wpa_supplicant_select_network(wpa_s, ssid); return 0; fail: wpas_notify_network_removed(wpa_s, ssid); wpa_config_remove_network(wpa_s->conf, ssid->id); nai_realm_free(realm, count); return -1; }
static int interworking_connect_3gpp(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) { #ifdef INTERWORKING_3GPP struct wpa_ssid *ssid; const u8 *ie; ie = wpa_bss_get_ie(bss, WLAN_EID_SSID); if (ie == NULL) return -1; wpa_printf(MSG_DEBUG, "Interworking: Connect with " MACSTR " (3GPP)", MAC2STR(bss->bssid)); ssid = wpa_config_add_network(wpa_s->conf); if (ssid == NULL) return -1; wpas_notify_network_added(wpa_s, ssid); wpa_config_set_network_defaults(ssid); ssid->temporary = 1; ssid->ssid = os_zalloc(ie[1] + 1); if (ssid->ssid == NULL) goto fail; os_memcpy(ssid->ssid, ie + 2, ie[1]); ssid->ssid_len = ie[1]; /* TODO: figure out whether to use EAP-SIM, EAP-AKA, or EAP-AKA' */ if (wpa_config_set(ssid, "eap", "SIM", 0) < 0) { wpa_printf(MSG_DEBUG, "EAP-SIM not supported"); goto fail; } if (set_root_nai(ssid, wpa_s->conf->home_imsi, '1') < 0) { wpa_printf(MSG_DEBUG, "Failed to set Root NAI"); goto fail; } if (wpa_s->conf->home_milenage && wpa_s->conf->home_milenage[0]) { if (wpa_config_set_quoted(ssid, "password", wpa_s->conf->home_milenage) < 0) goto fail; } else { /* TODO: PIN */ if (wpa_config_set_quoted(ssid, "pcsc", "") < 0) goto fail; } if (wpa_s->conf->home_password && wpa_s->conf->home_password[0] && wpa_config_set_quoted(ssid, "password", wpa_s->conf->home_password) < 0) goto fail; wpa_supplicant_select_network(wpa_s, ssid); return 0; fail: wpas_notify_network_removed(wpa_s, ssid); wpa_config_remove_network(wpa_s->conf, ssid->id); #endif /* INTERWORKING_3GPP */ return -1; }
status_t WPASupplicantApp::_JoinNetwork(BMessage *message) { const char *interfaceName = NULL; status_t status = message->FindString("device", &interfaceName); if (status != B_OK) return status; // Check if we already registered this interface. wpa_supplicant *interface = wpa_supplicant_get_iface(fWPAGlobal, interfaceName); if (interface == NULL) { wpa_interface interfaceOptions; memset(&interfaceOptions, 0, sizeof(wpa_interface)); interfaceOptions.ifname = interfaceName; interface = wpa_supplicant_add_iface(fWPAGlobal, &interfaceOptions); if (interface == NULL) return B_NO_MEMORY; } else { // Disable everything wpa_supplicant_disable_network(interface, NULL); // Try to remove any existing network while (true) { wpa_ssid *network = wpa_config_get_network(interface->conf, 0); if (network == NULL) break; wpas_notify_network_removed(interface, network); wpa_config_remove_network(interface->conf, network->id); } } const char *networkName = NULL; status = message->FindString("name", &networkName); if (status != B_OK) return status; uint32 authMode = B_NETWORK_AUTHENTICATION_NONE; status = message->FindUInt32("authentication", &authMode); if (status != B_OK) return status; uint32 encapMode = B_NETWORK_EAP_ENCAPSULATION_NONE; if (authMode == B_NETWORK_AUTHENTICATION_EAP) message->FindUInt32("encapsulation", &encapMode); const char *username = NULL; if (encapMode > B_NETWORK_EAP_ENCAPSULATION_NONE) { status = message->FindString("username", &username); if (status != B_OK) return status; } const char *password = NULL; if (authMode > B_NETWORK_AUTHENTICATION_NONE) { status = message->FindString("password", &password); if (status != B_OK) return status; } wpa_ssid *network = wpa_config_add_network(interface->conf); if (network == NULL) return B_NO_MEMORY; wpas_notify_network_added(interface, network); network->disabled = 1; wpa_config_set_network_defaults(network); // Fill in the info from the join request // The format includes the quotes BString value; value = "\""; value += networkName; value += "\""; int result = wpa_config_set(network, "ssid", value.String(), 0); if (result == 0) result = wpa_config_set(network, "scan_ssid", "1", 1); if (authMode >= B_NETWORK_AUTHENTICATION_WPA) { if (result == 0) result = wpa_config_set(network, "proto", "WPA RSN", 2); if (result == 0) { switch (authMode) { case B_NETWORK_AUTHENTICATION_WPA: case B_NETWORK_AUTHENTICATION_WPA2: default: result = wpa_config_set(network, "key_mgmt", "WPA-PSK", 3); break; case B_NETWORK_AUTHENTICATION_EAP: result = wpa_config_set(network, "key_mgmt", "WPA-EAP", 3); break; } } if (result == 0) result = wpa_config_set(network, "pairwise", "CCMP TKIP NONE", 4); if (result == 0) { result = wpa_config_set(network, "group", "CCMP TKIP WEP104 WEP40", 5); } if (result == 0) { if (encapMode > B_NETWORK_EAP_ENCAPSULATION_NONE) { switch (encapMode) { case B_NETWORK_EAP_ENCAPSULATION_PEAP: result = wpa_config_set(network, "eap", "PEAP", 6); break; case B_NETWORK_EAP_ENCAPSULATION_TLS: result = wpa_config_set(network, "eap", "TLS", 6); break; } } } } else { // Open or WEP. if (result == 0) result = wpa_config_set(network, "key_mgmt", "NONE", 6); } if (result == 0) { if (authMode == B_NETWORK_AUTHENTICATION_WEP) { if (strncmp("0x", password, 2) == 0) { // interpret as hex key // TODO: make this non-ambiguous result = wpa_config_set(network, "wep_key0", password + 2, 7); } else { value = "\""; value += password; value += "\""; result = wpa_config_set(network, "wep_key0", value.String(), 8); } if (result == 0) result = wpa_config_set(network, "wep_tx_keyidx", "0", 9); } else if (authMode == B_NETWORK_AUTHENTICATION_EAP) { // EAP value = "\""; value += password; value += "\""; result = wpa_config_set(network, "password", value.String(), 10); if (encapMode > B_NETWORK_EAP_ENCAPSULATION_NONE) { value = "\""; value += username; value += "\""; result = wpa_config_set(network, "identity", value.String(), 11); } // TODO: Does EAP need the same thing? #if 0 if (result == 0) { // We need to actually "apply" the PSK wpa_config_update_psk(network); } #endif } else if (authMode >= B_NETWORK_AUTHENTICATION_WPA) { // WPA/WPA2 value = "\""; value += password; value += "\""; result = wpa_config_set(network, "psk", value.String(), 10); if (result == 0) { // We need to actually "apply" the PSK wpa_config_update_psk(network); } } if (result != 0) { // The key format is invalid, we need to ask for another password. BMessage newJoinRequest = *message; newJoinRequest.RemoveName("password"); newJoinRequest.AddString("error", "Password format invalid"); newJoinRequest.AddBool("forceDialog", true); PostMessage(&newJoinRequest); } } if (result != 0) { wpas_notify_network_removed(interface, network); wpa_config_remove_network(interface->conf, network->id); return B_ERROR; } // Set up watching for the completion event _StartWatchingInterfaceChanges(interface, _InterfaceStateChangeCallback, message); // Now attempt to connect wpa_supplicant_select_network(interface, network); // Use a message runner to return a timeout and stop watching after a while BMessage timeout(kMsgJoinTimeout); timeout.AddPointer("interface", interface); BMessageRunner::StartSending(be_app_messenger, &timeout, 15 * 1000 * 1000, 1); // Note that we don't need to cancel this. If joining works before the // timeout happens, it will take the StateChangeWatchingEntry with it // and the timeout message won't match anything and be discarded. return B_OK; }
static struct wpa_ssid * wpas_wps_add_network(struct wpa_supplicant *wpa_s, int registrar, const u8 *bssid) { struct wpa_ssid *ssid; ssid = wpa_config_add_network(wpa_s->conf); if (ssid == NULL) return NULL; wpas_notify_network_added(wpa_s, ssid); wpa_config_set_network_defaults(ssid); ssid->temporary = 1; if (wpa_config_set(ssid, "key_mgmt", "WPS", 0) < 0 || wpa_config_set(ssid, "eap", "WSC", 0) < 0 || wpa_config_set(ssid, "identity", registrar ? "\"" WSC_ID_REGISTRAR "\"" : "\"" WSC_ID_ENROLLEE "\"", 0) < 0) { wpas_notify_network_removed(wpa_s, ssid); wpa_config_remove_network(wpa_s->conf, ssid->id); return NULL; } if (bssid) { #ifndef CONFIG_P2P struct wpa_bss *bss; int count = 0; #endif /* CONFIG_P2P */ os_memcpy(ssid->bssid, bssid, ETH_ALEN); ssid->bssid_set = 1; /* * Note: With P2P, the SSID may change at the time the WPS * provisioning is started, so better not filter the AP based * on the current SSID in the scan results. */ #ifndef CONFIG_P2P dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { if (os_memcmp(bssid, bss->bssid, ETH_ALEN) != 0) continue; os_free(ssid->ssid); ssid->ssid = os_malloc(bss->ssid_len); if (ssid->ssid == NULL) break; os_memcpy(ssid->ssid, bss->ssid, bss->ssid_len); ssid->ssid_len = bss->ssid_len; wpa_hexdump_ascii(MSG_DEBUG, "WPS: Picked SSID from " "scan results", ssid->ssid, ssid->ssid_len); count++; } if (count > 1) { wpa_printf(MSG_DEBUG, "WPS: More than one SSID found " "for the AP; use wildcard"); os_free(ssid->ssid); ssid->ssid = NULL; ssid->ssid_len = 0; } #endif /* CONFIG_P2P */ } return ssid; }