static int wpa_supplicant_conf_ap(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid,
struct hostapd_config *conf)
{
struct hostapd_bss_config *bss = conf->bss[0];
conf->driver = wpa_s->driver;
os_strlcpy(bss->iface, wpa_s->ifname, sizeof(bss->iface));
if (wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf))
return -1;
if (ssid->pbss > 1) {
wpa_printf(MSG_ERROR, "Invalid pbss value(%d) for AP mode",
ssid->pbss);
return -1;
}
bss->pbss = ssid->pbss;
#ifdef CONFIG_ACS
if (ssid->acs) {
/* Setting channel to 0 in order to enable ACS */
conf->channel = 0;
wpa_printf(MSG_DEBUG, "Use automatic channel selection");
}
#endif /* CONFIG_ACS */
if (ieee80211_is_dfs(ssid->frequency) && wpa_s->conf->country[0]) {
conf->ieee80211h = 1;
conf->ieee80211d = 1;
conf->country[0] = wpa_s->conf->country[0];
conf->country[1] = wpa_s->conf->country[1];
}
#ifdef CONFIG_P2P
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G &&
(ssid->mode == WPAS_MODE_P2P_GO ||
ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)) {
/* Remove 802.11b rates from supported and basic rate sets */
int *list = os_malloc(4 * sizeof(int));
if (list) {
list[0] = 60;
list[1] = 120;
list[2] = 240;
list[3] = -1;
}
conf->basic_rates = list;
list = os_malloc(9 * sizeof(int));
if (list) {
list[0] = 60;
list[1] = 90;
list[2] = 120;
list[3] = 180;
list[4] = 240;
list[5] = 360;
list[6] = 480;
list[7] = 540;
list[8] = -1;
}
conf->supported_rates = list;
}
bss->isolate = !wpa_s->conf->p2p_intra_bss;
bss->force_per_enrollee_psk = wpa_s->global->p2p_per_sta_psk;
if (ssid->p2p_group) {
os_memcpy(bss->ip_addr_go, wpa_s->p2pdev->conf->ip_addr_go, 4);
os_memcpy(bss->ip_addr_mask, wpa_s->p2pdev->conf->ip_addr_mask,
4);
os_memcpy(bss->ip_addr_start,
wpa_s->p2pdev->conf->ip_addr_start, 4);
os_memcpy(bss->ip_addr_end, wpa_s->p2pdev->conf->ip_addr_end,
4);
}
#endif /* CONFIG_P2P */
if (ssid->ssid_len == 0) {
wpa_printf(MSG_ERROR, "No SSID configured for AP mode");
return -1;
}
os_memcpy(bss->ssid.ssid, ssid->ssid, ssid->ssid_len);
bss->ssid.ssid_len = ssid->ssid_len;
bss->ssid.ssid_set = 1;
bss->ignore_broadcast_ssid = ssid->ignore_broadcast_ssid;
if (ssid->auth_alg)
bss->auth_algs = ssid->auth_alg;
if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt))
bss->wpa = ssid->proto;
if (ssid->key_mgmt == DEFAULT_KEY_MGMT)
bss->wpa_key_mgmt = WPA_KEY_MGMT_PSK;
else
bss->wpa_key_mgmt = ssid->key_mgmt;
bss->wpa_pairwise = ssid->pairwise_cipher;
if (ssid->psk_set) {
bin_clear_free(bss->ssid.wpa_psk, sizeof(*bss->ssid.wpa_psk));
bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
if (bss->ssid.wpa_psk == NULL)
return -1;
os_memcpy(bss->ssid.wpa_psk->psk, ssid->psk, PMK_LEN);
bss->ssid.wpa_psk->group = 1;
bss->ssid.wpa_psk_set = 1;
} else if (ssid->passphrase) {
bss->ssid.wpa_passphrase = os_strdup(ssid->passphrase);
} else if (ssid->wep_key_len[0] || ssid->wep_key_len[1] ||
ssid->wep_key_len[2] || ssid->wep_key_len[3]) {
struct hostapd_wep_keys *wep = &bss->ssid.wep;
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) {
if (ssid->wep_key_len[i] == 0)
continue;
wep->key[i] = os_malloc(ssid->wep_key_len[i]);
if (wep->key[i] == NULL)
return -1;
os_memcpy(wep->key[i], ssid->wep_key[i],
ssid->wep_key_len[i]);
wep->len[i] = ssid->wep_key_len[i];
}
wep->idx = ssid->wep_tx_keyidx;
wep->keys_set = 1;
}
if (ssid->ap_max_inactivity)
bss->ap_max_inactivity = ssid->ap_max_inactivity;
if (ssid->dtim_period)
bss->dtim_period = ssid->dtim_period;
else if (wpa_s->conf->dtim_period)
bss->dtim_period = wpa_s->conf->dtim_period;
if (ssid->beacon_int)
conf->beacon_int = ssid->beacon_int;
else if (wpa_s->conf->beacon_int)
conf->beacon_int = wpa_s->conf->beacon_int;
#ifdef CONFIG_P2P
if (ssid->mode == WPAS_MODE_P2P_GO ||
ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
if (wpa_s->conf->p2p_go_ctwindow > conf->beacon_int) {
wpa_printf(MSG_INFO,
"CTWindow (%d) is bigger than beacon interval (%d) - avoid configuring it",
wpa_s->conf->p2p_go_ctwindow,
conf->beacon_int);
conf->p2p_go_ctwindow = 0;
} else {
conf->p2p_go_ctwindow = wpa_s->conf->p2p_go_ctwindow;
}
}
#endif /* CONFIG_P2P */
if ((bss->wpa & 2) && bss->rsn_pairwise == 0)
bss->rsn_pairwise = bss->wpa_pairwise;
bss->wpa_group = wpa_select_ap_group_cipher(bss->wpa, bss->wpa_pairwise,
bss->rsn_pairwise);
if (bss->wpa && bss->ieee802_1x)
bss->ssid.security_policy = SECURITY_WPA;
else if (bss->wpa)
bss->ssid.security_policy = SECURITY_WPA_PSK;
else if (bss->ieee802_1x) {
int cipher = WPA_CIPHER_NONE;
bss->ssid.security_policy = SECURITY_IEEE_802_1X;
bss->ssid.wep.default_len = bss->default_wep_key_len;
if (bss->default_wep_key_len)
cipher = bss->default_wep_key_len >= 13 ?
WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
bss->wpa_group = cipher;
bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher;
} else if (bss->ssid.wep.keys_set) {
int cipher = WPA_CIPHER_WEP40;
if (bss->ssid.wep.len[0] >= 13)
cipher = WPA_CIPHER_WEP104;
bss->ssid.security_policy = SECURITY_STATIC_WEP;
bss->wpa_group = cipher;
bss->wpa_pairwise = cipher;
bss->rsn_pairwise = cipher;
} else {
bss->ssid.security_policy = SECURITY_PLAINTEXT;
bss->wpa_group = WPA_CIPHER_NONE;
bss->wpa_pairwise = WPA_CIPHER_NONE;
bss->rsn_pairwise = WPA_CIPHER_NONE;
}
if (bss->wpa_group_rekey < 86400 && (bss->wpa & 2) &&
(bss->wpa_group == WPA_CIPHER_CCMP ||
bss->wpa_group == WPA_CIPHER_GCMP ||
bss->wpa_group == WPA_CIPHER_CCMP_256 ||
bss->wpa_group == WPA_CIPHER_GCMP_256)) {
/*
* Strong ciphers do not need frequent rekeying, so increase
* the default GTK rekeying period to 24 hours.
*/
bss->wpa_group_rekey = 86400;
}
#ifdef CONFIG_IEEE80211W
if (ssid->ieee80211w != MGMT_FRAME_PROTECTION_DEFAULT)
bss->ieee80211w = ssid->ieee80211w;
#endif /* CONFIG_IEEE80211W */
#ifdef CONFIG_WPS
/*
* Enable WPS by default for open and WPA/WPA2-Personal network, but
* require user interaction to actually use it. Only the internal
* Registrar is supported.
*/
if (bss->ssid.security_policy != SECURITY_WPA_PSK &&
bss->ssid.security_policy != SECURITY_PLAINTEXT)
goto no_wps;
if (bss->ssid.security_policy == SECURITY_WPA_PSK &&
(!(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ||
!(bss->wpa & 2)))
goto no_wps; /* WPS2 does not allow WPA/TKIP-only
* configuration */
if (ssid->wps_disabled)
goto no_wps;
bss->eap_server = 1;
if (!ssid->ignore_broadcast_ssid)
bss->wps_state = 2;
bss->ap_setup_locked = 2;
if (wpa_s->conf->config_methods)
bss->config_methods = os_strdup(wpa_s->conf->config_methods);
os_memcpy(bss->device_type, wpa_s->conf->device_type,
WPS_DEV_TYPE_LEN);
if (wpa_s->conf->device_name) {
bss->device_name = os_strdup(wpa_s->conf->device_name);
bss->friendly_name = os_strdup(wpa_s->conf->device_name);
}
if (wpa_s->conf->manufacturer)
bss->manufacturer = os_strdup(wpa_s->conf->manufacturer);
if (wpa_s->conf->model_name)
bss->model_name = os_strdup(wpa_s->conf->model_name);
if (wpa_s->conf->model_number)
bss->model_number = os_strdup(wpa_s->conf->model_number);
if (wpa_s->conf->serial_number)
bss->serial_number = os_strdup(wpa_s->conf->serial_number);
if (is_nil_uuid(wpa_s->conf->uuid))
os_memcpy(bss->uuid, wpa_s->wps->uuid, WPS_UUID_LEN);
else
os_memcpy(bss->uuid, wpa_s->conf->uuid, WPS_UUID_LEN);
os_memcpy(bss->os_version, wpa_s->conf->os_version, 4);
bss->pbc_in_m1 = wpa_s->conf->pbc_in_m1;
if (ssid->eap.fragment_size != DEFAULT_FRAGMENT_SIZE)
bss->fragment_size = ssid->eap.fragment_size;
no_wps:
#endif /* CONFIG_WPS */
if (wpa_s->max_stations &&
wpa_s->max_stations < wpa_s->conf->max_num_sta)
bss->max_num_sta = wpa_s->max_stations;
else
bss->max_num_sta = wpa_s->conf->max_num_sta;
bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
if (wpa_s->conf->ap_vendor_elements) {
bss->vendor_elements =
wpabuf_dup(wpa_s->conf->ap_vendor_elements);
}
bss->ftm_responder = wpa_s->conf->ftm_responder;
bss->ftm_initiator = wpa_s->conf->ftm_initiator;
return 0;
}
static int wpa_supplicant_mesh_init(struct wpa_supplicant *wpa_s,
struct wpa_ssid *ssid)
{
struct hostapd_iface *ifmsh;
struct hostapd_data *bss;
struct hostapd_config *conf;
struct mesh_conf *mconf;
int basic_rates_erp[] = { 10, 20, 55, 60, 110, 120, 240, -1 };
static int default_groups[] = { 19, 20, 21, 25, 26, -1 };
size_t len;
int rate_len;
if (!wpa_s->conf->user_mpm) {
/* not much for us to do here */
wpa_msg(wpa_s, MSG_WARNING,
"user_mpm is not enabled in configuration");
return 0;
}
wpa_s->ifmsh = ifmsh = os_zalloc(sizeof(*wpa_s->ifmsh));
if (!ifmsh)
return -ENOMEM;
ifmsh->drv_flags = wpa_s->drv_flags;
ifmsh->num_bss = 1;
ifmsh->bss = os_calloc(wpa_s->ifmsh->num_bss,
sizeof(struct hostapd_data *));
if (!ifmsh->bss)
goto out_free;
ifmsh->bss[0] = bss = os_zalloc(sizeof(struct hostapd_data));
if (!bss)
goto out_free;
os_memcpy(bss->own_addr, wpa_s->own_addr, ETH_ALEN);
bss->driver = wpa_s->driver;
bss->drv_priv = wpa_s->drv_priv;
bss->iface = ifmsh;
bss->mesh_sta_free_cb = mesh_mpm_free_sta;
wpa_s->assoc_freq = ssid->frequency;
wpa_s->current_ssid = ssid;
/* setup an AP config for auth processing */
conf = hostapd_config_defaults();
if (!conf)
goto out_free;
bss->conf = *conf->bss;
bss->conf->start_disabled = 1;
bss->conf->mesh = MESH_ENABLED;
bss->conf->ap_max_inactivity = wpa_s->conf->mesh_max_inactivity;
bss->iconf = conf;
ifmsh->conf = conf;
ifmsh->bss[0]->max_plinks = wpa_s->conf->max_peer_links;
os_strlcpy(bss->conf->iface, wpa_s->ifname, sizeof(bss->conf->iface));
mconf = mesh_config_create(ssid);
if (!mconf)
goto out_free;
ifmsh->mconf = mconf;
/* need conf->hw_mode for supported rates. */
if (ssid->frequency == 0) {
conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
conf->channel = 1;
} else {
conf->hw_mode = ieee80211_freq_to_chan(ssid->frequency,
&conf->channel);
}
if (conf->hw_mode == NUM_HOSTAPD_MODES) {
wpa_printf(MSG_ERROR, "Unsupported mesh mode frequency: %d MHz",
ssid->frequency);
goto out_free;
}
if (ssid->mesh_basic_rates == NULL) {
/*
* XXX: Hack! This is so an MPM which correctly sets the ERP
* mandatory rates as BSSBasicRateSet doesn't reject us. We
* could add a new hw_mode HOSTAPD_MODE_IEEE80211G_ERP, but
* this is way easier. This also makes our BSSBasicRateSet
* advertised in beacons match the one in peering frames, sigh.
*/
if (conf->hw_mode == HOSTAPD_MODE_IEEE80211G) {
conf->basic_rates = os_malloc(sizeof(basic_rates_erp));
if (!conf->basic_rates)
goto out_free;
os_memcpy(conf->basic_rates, basic_rates_erp,
sizeof(basic_rates_erp));
}
} else {
rate_len = 0;
while (1) {
if (ssid->mesh_basic_rates[rate_len] < 1)
break;
rate_len++;
}
conf->basic_rates = os_calloc(rate_len + 1, sizeof(int));
if (conf->basic_rates == NULL)
goto out_free;
os_memcpy(conf->basic_rates, ssid->mesh_basic_rates,
rate_len * sizeof(int));
conf->basic_rates[rate_len] = -1;
}
if (hostapd_setup_interface(ifmsh)) {
wpa_printf(MSG_ERROR,
"Failed to initialize hostapd interface for mesh");
return -1;
}
if (wpa_drv_init_mesh(wpa_s)) {
wpa_msg(wpa_s, MSG_ERROR, "Failed to init mesh in driver");
return -1;
}
if (mconf->security != MESH_CONF_SEC_NONE) {
if (ssid->passphrase == NULL) {
wpa_printf(MSG_ERROR,
"mesh: Passphrase for SAE not configured");
goto out_free;
}
bss->conf->wpa = ssid->proto;
bss->conf->wpa_key_mgmt = ssid->key_mgmt;
if (wpa_s->conf->sae_groups &&
wpa_s->conf->sae_groups[0] > 0) {
wpas_mesh_copy_groups(bss, wpa_s);
} else {
bss->conf->sae_groups =
os_malloc(sizeof(default_groups));
if (!bss->conf->sae_groups)
goto out_free;
os_memcpy(bss->conf->sae_groups, default_groups,
sizeof(default_groups));
}
len = os_strlen(ssid->passphrase);
bss->conf->ssid.wpa_passphrase =
dup_binstr(ssid->passphrase, len);
wpa_s->mesh_rsn = mesh_rsn_auth_init(wpa_s, mconf);
if (!wpa_s->mesh_rsn)
goto out_free;
}
wpa_supplicant_conf_ap_ht(wpa_s, ssid, conf);
return 0;
out_free:
wpa_supplicant_mesh_deinit(wpa_s);
return -ENOMEM;
}
