1 /*
2 * wpa_supplicant - DPP
3 * Copyright (c) 2017, Qualcomm Atheros, Inc.
4 * Copyright (c) 2018-2020, The Linux Foundation
5 *
6 * This software may be distributed under the terms of the BSD license.
7 * See README for more details.
8 */
9
10 #include "utils/includes.h"
11
12 #include "utils/common.h"
13 #include "utils/eloop.h"
14 #include "utils/ip_addr.h"
15 #include "utils/base64.h"
16 #include "common/dpp.h"
17 #include "common/gas.h"
18 #include "common/gas_server.h"
19 #include "rsn_supp/wpa.h"
20 #include "rsn_supp/pmksa_cache.h"
21 #include "wpa_supplicant_i.h"
22 #include "config.h"
23 #include "driver_i.h"
24 #include "offchannel.h"
25 #include "gas_query.h"
26 #include "bss.h"
27 #include "scan.h"
28 #include "notify.h"
29 #include "dpp_supplicant.h"
30
31
32 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
33 unsigned int freq);
34 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx);
35 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx);
36 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator);
37 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
38 unsigned int freq, const u8 *dst,
39 const u8 *src, const u8 *bssid,
40 const u8 *data, size_t data_len,
41 enum offchannel_send_action_result result);
42 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx);
43 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s);
44 static void
45 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
46 unsigned int freq, const u8 *dst,
47 const u8 *src, const u8 *bssid,
48 const u8 *data, size_t data_len,
49 enum offchannel_send_action_result result);
50 #ifdef CONFIG_DPP2
51 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
52 void *timeout_ctx);
53 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s);
54 static int wpas_dpp_process_conf_obj(void *ctx,
55 struct dpp_authentication *auth);
56 #endif /* CONFIG_DPP2 */
57
58 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
59
60 /* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only
61 * a single transaction in progress at any point in time. */
62 static const u8 TRANSACTION_ID = 1;
63
64
65 /**
66 * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code
67 * @wpa_s: Pointer to wpa_supplicant data
68 * @cmd: DPP URI read from a QR Code
69 * Returns: Identifier of the stored info or -1 on failure
70 */
wpas_dpp_qr_code(struct wpa_supplicant * wpa_s,const char * cmd)71 int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd)
72 {
73 struct dpp_bootstrap_info *bi;
74 struct dpp_authentication *auth = wpa_s->dpp_auth;
75
76 bi = dpp_add_qr_code(wpa_s->dpp, cmd);
77 if (!bi)
78 return -1;
79
80 if (auth && auth->response_pending &&
81 dpp_notify_new_qr_code(auth, bi) == 1) {
82 wpa_printf(MSG_DEBUG,
83 "DPP: Sending out pending authentication response");
84 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
85 " freq=%u type=%d",
86 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
87 DPP_PA_AUTHENTICATION_RESP);
88 offchannel_send_action(wpa_s, auth->curr_freq,
89 auth->peer_mac_addr, wpa_s->own_addr,
90 broadcast,
91 wpabuf_head(auth->resp_msg),
92 wpabuf_len(auth->resp_msg),
93 500, wpas_dpp_tx_status, 0);
94 }
95
96 #ifdef CONFIG_DPP2
97 dpp_controller_new_qr_code(wpa_s->dpp, bi);
98 #endif /* CONFIG_DPP2 */
99
100 return bi->id;
101 }
102
103
104 /**
105 * wpas_dpp_nfc_uri - Parse and add DPP bootstrapping info from NFC Tag (URI)
106 * @wpa_s: Pointer to wpa_supplicant data
107 * @cmd: DPP URI read from a NFC Tag (URI NDEF message)
108 * Returns: Identifier of the stored info or -1 on failure
109 */
wpas_dpp_nfc_uri(struct wpa_supplicant * wpa_s,const char * cmd)110 int wpas_dpp_nfc_uri(struct wpa_supplicant *wpa_s, const char *cmd)
111 {
112 struct dpp_bootstrap_info *bi;
113
114 bi = dpp_add_nfc_uri(wpa_s->dpp, cmd);
115 if (!bi)
116 return -1;
117
118 return bi->id;
119 }
120
121
wpas_dpp_nfc_handover_req(struct wpa_supplicant * wpa_s,const char * cmd)122 int wpas_dpp_nfc_handover_req(struct wpa_supplicant *wpa_s, const char *cmd)
123 {
124 const char *pos;
125 struct dpp_bootstrap_info *peer_bi, *own_bi;
126
127 pos = os_strstr(cmd, " own=");
128 if (!pos)
129 return -1;
130 pos += 5;
131 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
132 if (!own_bi)
133 return -1;
134 own_bi->nfc_negotiated = 1;
135
136 pos = os_strstr(cmd, " uri=");
137 if (!pos)
138 return -1;
139 pos += 5;
140 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
141 if (!peer_bi) {
142 wpa_printf(MSG_INFO,
143 "DPP: Failed to parse URI from NFC Handover Request");
144 return -1;
145 }
146
147 if (dpp_nfc_update_bi(own_bi, peer_bi) < 0)
148 return -1;
149
150 return peer_bi->id;
151 }
152
153
wpas_dpp_nfc_handover_sel(struct wpa_supplicant * wpa_s,const char * cmd)154 int wpas_dpp_nfc_handover_sel(struct wpa_supplicant *wpa_s, const char *cmd)
155 {
156 const char *pos;
157 struct dpp_bootstrap_info *peer_bi, *own_bi;
158
159 pos = os_strstr(cmd, " own=");
160 if (!pos)
161 return -1;
162 pos += 5;
163 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
164 if (!own_bi)
165 return -1;
166 own_bi->nfc_negotiated = 1;
167
168 pos = os_strstr(cmd, " uri=");
169 if (!pos)
170 return -1;
171 pos += 5;
172 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
173 if (!peer_bi) {
174 wpa_printf(MSG_INFO,
175 "DPP: Failed to parse URI from NFC Handover Select");
176 return -1;
177 }
178
179 if (peer_bi->curve != own_bi->curve) {
180 wpa_printf(MSG_INFO,
181 "DPP: Peer (NFC Handover Selector) used different curve");
182 return -1;
183 }
184
185 return peer_bi->id;
186 }
187
188
wpas_dpp_auth_resp_retry_timeout(void * eloop_ctx,void * timeout_ctx)189 static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx)
190 {
191 struct wpa_supplicant *wpa_s = eloop_ctx;
192 struct dpp_authentication *auth = wpa_s->dpp_auth;
193
194 if (!auth || !auth->resp_msg)
195 return;
196
197 wpa_printf(MSG_DEBUG,
198 "DPP: Retry Authentication Response after timeout");
199 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
200 " freq=%u type=%d",
201 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
202 DPP_PA_AUTHENTICATION_RESP);
203 offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr,
204 wpa_s->own_addr, broadcast,
205 wpabuf_head(auth->resp_msg),
206 wpabuf_len(auth->resp_msg),
207 500, wpas_dpp_tx_status, 0);
208 }
209
210
wpas_dpp_auth_resp_retry(struct wpa_supplicant * wpa_s)211 static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s)
212 {
213 struct dpp_authentication *auth = wpa_s->dpp_auth;
214 unsigned int wait_time, max_tries;
215
216 if (!auth || !auth->resp_msg)
217 return;
218
219 if (wpa_s->dpp_resp_max_tries)
220 max_tries = wpa_s->dpp_resp_max_tries;
221 else
222 max_tries = 5;
223 auth->auth_resp_tries++;
224 if (auth->auth_resp_tries >= max_tries) {
225 wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange");
226 offchannel_send_action_done(wpa_s);
227 dpp_auth_deinit(wpa_s->dpp_auth);
228 wpa_s->dpp_auth = NULL;
229 return;
230 }
231
232 if (wpa_s->dpp_resp_retry_time)
233 wait_time = wpa_s->dpp_resp_retry_time;
234 else
235 wait_time = 1000;
236 wpa_printf(MSG_DEBUG,
237 "DPP: Schedule retransmission of Authentication Response frame in %u ms",
238 wait_time);
239 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
240 eloop_register_timeout(wait_time / 1000,
241 (wait_time % 1000) * 1000,
242 wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
243 }
244
245
wpas_dpp_try_to_connect(struct wpa_supplicant * wpa_s)246 static void wpas_dpp_try_to_connect(struct wpa_supplicant *wpa_s)
247 {
248 wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network");
249 wpa_s->suitable_network = 0;
250 wpa_s->no_suitable_network = 0;
251 wpa_s->disconnected = 0;
252 wpa_s->reassociate = 1;
253 wpa_s->scan_runs = 0;
254 wpa_s->normal_scans = 0;
255 wpa_supplicant_cancel_sched_scan(wpa_s);
256 wpa_supplicant_req_scan(wpa_s, 0, 0);
257 }
258
259
260 #ifdef CONFIG_DPP2
261
wpas_dpp_stop_listen_for_tx(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait_time)262 static void wpas_dpp_stop_listen_for_tx(struct wpa_supplicant *wpa_s,
263 unsigned int freq,
264 unsigned int wait_time)
265 {
266 struct os_reltime now, res;
267 unsigned int remaining;
268
269 if (!wpa_s->dpp_listen_freq)
270 return;
271
272 os_get_reltime(&now);
273 if (os_reltime_before(&now, &wpa_s->dpp_listen_end)) {
274 os_reltime_sub(&wpa_s->dpp_listen_end, &now, &res);
275 remaining = res.sec * 1000 + res.usec / 1000;
276 } else {
277 remaining = 0;
278 }
279 if (wpa_s->dpp_listen_freq == freq && remaining > wait_time)
280 return;
281
282 wpa_printf(MSG_DEBUG,
283 "DPP: Stop listen on %u MHz ending in %u ms to allow immediate TX on %u MHz for %u ms",
284 wpa_s->dpp_listen_freq, remaining, freq, wait_time);
285 wpas_dpp_listen_stop(wpa_s);
286
287 /* TODO: Restart listen in some cases after TX? */
288 }
289
290
wpas_dpp_conn_status_result_timeout(void * eloop_ctx,void * timeout_ctx)291 static void wpas_dpp_conn_status_result_timeout(void *eloop_ctx,
292 void *timeout_ctx)
293 {
294 struct wpa_supplicant *wpa_s = eloop_ctx;
295 struct dpp_authentication *auth = wpa_s->dpp_auth;
296 enum dpp_status_error result;
297
298 if (!auth || !auth->conn_status_requested)
299 return;
300
301 wpa_printf(MSG_DEBUG,
302 "DPP: Connection timeout - report Connection Status Result");
303 if (wpa_s->suitable_network)
304 result = DPP_STATUS_AUTH_FAILURE;
305 else if (wpa_s->no_suitable_network)
306 result = DPP_STATUS_NO_AP;
307 else
308 result = 255; /* What to report here for unexpected state? */
309 if (wpa_s->wpa_state == WPA_SCANNING)
310 wpas_abort_ongoing_scan(wpa_s);
311 wpas_dpp_send_conn_status_result(wpa_s, result);
312 }
313
314
wpas_dpp_scan_channel_list(struct wpa_supplicant * wpa_s)315 static char * wpas_dpp_scan_channel_list(struct wpa_supplicant *wpa_s)
316 {
317 char *str, *end, *pos;
318 size_t len;
319 unsigned int i;
320 u8 last_op_class = 0;
321 int res;
322
323 if (!wpa_s->last_scan_freqs || !wpa_s->num_last_scan_freqs)
324 return NULL;
325
326 len = wpa_s->num_last_scan_freqs * 8;
327 str = os_zalloc(len);
328 if (!str)
329 return NULL;
330 end = str + len;
331 pos = str;
332
333 for (i = 0; i < wpa_s->num_last_scan_freqs; i++) {
334 enum hostapd_hw_mode mode;
335 u8 op_class, channel;
336
337 mode = ieee80211_freq_to_channel_ext(wpa_s->last_scan_freqs[i],
338 0, 0, &op_class, &channel);
339 if (mode == NUM_HOSTAPD_MODES)
340 continue;
341 if (op_class == last_op_class)
342 res = os_snprintf(pos, end - pos, ",%d", channel);
343 else
344 res = os_snprintf(pos, end - pos, "%s%d/%d",
345 pos == str ? "" : ",",
346 op_class, channel);
347 if (os_snprintf_error(end - pos, res)) {
348 *pos = '\0';
349 break;
350 }
351 pos += res;
352 last_op_class = op_class;
353 }
354
355 if (pos == str) {
356 os_free(str);
357 str = NULL;
358 }
359 return str;
360 }
361
362
wpas_dpp_send_conn_status_result(struct wpa_supplicant * wpa_s,enum dpp_status_error result)363 void wpas_dpp_send_conn_status_result(struct wpa_supplicant *wpa_s,
364 enum dpp_status_error result)
365 {
366 struct wpabuf *msg;
367 const char *channel_list = NULL;
368 char *channel_list_buf = NULL;
369 struct wpa_ssid *ssid = wpa_s->current_ssid;
370 struct dpp_authentication *auth = wpa_s->dpp_auth;
371
372 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
373
374 if (!auth || !auth->conn_status_requested)
375 return;
376 auth->conn_status_requested = 0;
377 wpa_printf(MSG_DEBUG, "DPP: Report connection status result %d",
378 result);
379
380 if (result == DPP_STATUS_NO_AP) {
381 channel_list_buf = wpas_dpp_scan_channel_list(wpa_s);
382 channel_list = channel_list_buf;
383 }
384
385 msg = dpp_build_conn_status_result(auth, result,
386 ssid ? ssid->ssid :
387 wpa_s->dpp_last_ssid,
388 ssid ? ssid->ssid_len :
389 wpa_s->dpp_last_ssid_len,
390 channel_list);
391 os_free(channel_list_buf);
392 if (!msg) {
393 dpp_auth_deinit(wpa_s->dpp_auth);
394 wpa_s->dpp_auth = NULL;
395 return;
396 }
397
398 wpa_msg(wpa_s, MSG_INFO,
399 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
400 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
401 DPP_PA_CONNECTION_STATUS_RESULT);
402 offchannel_send_action(wpa_s, auth->curr_freq,
403 auth->peer_mac_addr, wpa_s->own_addr, broadcast,
404 wpabuf_head(msg), wpabuf_len(msg),
405 500, wpas_dpp_tx_status, 0);
406 wpabuf_free(msg);
407
408 /* This exchange will be terminated in the TX status handler */
409 auth->remove_on_tx_status = 1;
410
411 return;
412 }
413
414
wpas_dpp_connected(struct wpa_supplicant * wpa_s)415 void wpas_dpp_connected(struct wpa_supplicant *wpa_s)
416 {
417 struct dpp_authentication *auth = wpa_s->dpp_auth;
418
419 if (auth && auth->conn_status_requested)
420 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_OK);
421 }
422
423 #endif /* CONFIG_DPP2 */
424
425
wpas_dpp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)426 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
427 unsigned int freq, const u8 *dst,
428 const u8 *src, const u8 *bssid,
429 const u8 *data, size_t data_len,
430 enum offchannel_send_action_result result)
431 {
432 const char *res_txt;
433 struct dpp_authentication *auth = wpa_s->dpp_auth;
434
435 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
436 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
437 "FAILED");
438 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
439 " result=%s", freq, MAC2STR(dst), res_txt);
440 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
441 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
442
443 if (!wpa_s->dpp_auth) {
444 wpa_printf(MSG_DEBUG,
445 "DPP: Ignore TX status since there is no ongoing authentication exchange");
446 return;
447 }
448
449 #ifdef CONFIG_DPP2
450 if (auth->connect_on_tx_status) {
451 auth->connect_on_tx_status = 0;
452 wpa_printf(MSG_DEBUG,
453 "DPP: Try to connect after completed configuration result");
454 wpas_dpp_try_to_connect(wpa_s);
455 if (auth->conn_status_requested) {
456 wpa_printf(MSG_DEBUG,
457 "DPP: Start 15 second timeout for reporting connection status result");
458 eloop_cancel_timeout(
459 wpas_dpp_conn_status_result_timeout,
460 wpa_s, NULL);
461 eloop_register_timeout(
462 15, 0, wpas_dpp_conn_status_result_timeout,
463 wpa_s, NULL);
464 } else {
465 dpp_auth_deinit(wpa_s->dpp_auth);
466 wpa_s->dpp_auth = NULL;
467 }
468 return;
469 }
470 #endif /* CONFIG_DPP2 */
471
472 if (wpa_s->dpp_auth->remove_on_tx_status) {
473 wpa_printf(MSG_DEBUG,
474 "DPP: Terminate authentication exchange due to a request to do so on TX status");
475 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
476 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
477 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
478 NULL);
479 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
480 NULL);
481 #ifdef CONFIG_DPP2
482 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
483 wpa_s, NULL);
484 #endif /* CONFIG_DPP2 */
485 offchannel_send_action_done(wpa_s);
486 dpp_auth_deinit(wpa_s->dpp_auth);
487 wpa_s->dpp_auth = NULL;
488 return;
489 }
490
491 if (wpa_s->dpp_auth_ok_on_ack)
492 wpas_dpp_auth_success(wpa_s, 1);
493
494 if (!is_broadcast_ether_addr(dst) &&
495 result != OFFCHANNEL_SEND_ACTION_SUCCESS) {
496 wpa_printf(MSG_DEBUG,
497 "DPP: Unicast DPP Action frame was not ACKed");
498 if (auth->waiting_auth_resp) {
499 /* In case of DPP Authentication Request frame, move to
500 * the next channel immediately. */
501 offchannel_send_action_done(wpa_s);
502 wpas_dpp_auth_init_next(wpa_s);
503 return;
504 }
505 if (auth->waiting_auth_conf) {
506 wpas_dpp_auth_resp_retry(wpa_s);
507 return;
508 }
509 }
510
511 if (auth->waiting_auth_conf &&
512 auth->auth_resp_status == DPP_STATUS_OK) {
513 /* Make sure we do not get stuck waiting for Auth Confirm
514 * indefinitely after successfully transmitted Auth Response to
515 * allow new authentication exchanges to be started. */
516 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
517 NULL);
518 eloop_register_timeout(1, 0, wpas_dpp_auth_conf_wait_timeout,
519 wpa_s, NULL);
520 }
521
522 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp &&
523 result == OFFCHANNEL_SEND_ACTION_SUCCESS) {
524 /* Allow timeout handling to stop iteration if no response is
525 * received from a peer that has ACKed a request. */
526 auth->auth_req_ack = 1;
527 }
528
529 if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 &&
530 wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) {
531 wpa_printf(MSG_DEBUG,
532 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response",
533 wpa_s->dpp_auth->curr_freq,
534 wpa_s->dpp_auth->neg_freq);
535 offchannel_send_action_done(wpa_s);
536 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_auth->neg_freq);
537 }
538
539 if (wpa_s->dpp_auth_ok_on_ack)
540 wpa_s->dpp_auth_ok_on_ack = 0;
541 }
542
543
wpas_dpp_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)544 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx)
545 {
546 struct wpa_supplicant *wpa_s = eloop_ctx;
547 struct dpp_authentication *auth = wpa_s->dpp_auth;
548 unsigned int freq;
549 struct os_reltime now, diff;
550 unsigned int wait_time, diff_ms;
551
552 if (!auth || !auth->waiting_auth_resp)
553 return;
554
555 wait_time = wpa_s->dpp_resp_wait_time ?
556 wpa_s->dpp_resp_wait_time : 2000;
557 os_get_reltime(&now);
558 os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff);
559 diff_ms = diff.sec * 1000 + diff.usec / 1000;
560 wpa_printf(MSG_DEBUG,
561 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u",
562 wait_time, diff_ms);
563
564 if (auth->auth_req_ack && diff_ms >= wait_time) {
565 /* Peer ACK'ed Authentication Request frame, but did not reply
566 * with Authentication Response frame within two seconds. */
567 wpa_printf(MSG_INFO,
568 "DPP: No response received from responder - stopping initiation attempt");
569 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
570 offchannel_send_action_done(wpa_s);
571 wpas_dpp_listen_stop(wpa_s);
572 dpp_auth_deinit(auth);
573 wpa_s->dpp_auth = NULL;
574 return;
575 }
576
577 if (diff_ms >= wait_time) {
578 /* Authentication Request frame was not ACK'ed and no reply
579 * was receiving within two seconds. */
580 wpa_printf(MSG_DEBUG,
581 "DPP: Continue Initiator channel iteration");
582 offchannel_send_action_done(wpa_s);
583 wpas_dpp_listen_stop(wpa_s);
584 wpas_dpp_auth_init_next(wpa_s);
585 return;
586 }
587
588 /* Driver did not support 2000 ms long wait_time with TX command, so
589 * schedule listen operation to continue waiting for the response.
590 *
591 * DPP listen operations continue until stopped, so simply schedule a
592 * new call to this function at the point when the two second reply
593 * wait has expired. */
594 wait_time -= diff_ms;
595
596 freq = auth->curr_freq;
597 if (auth->neg_freq > 0)
598 freq = auth->neg_freq;
599 wpa_printf(MSG_DEBUG,
600 "DPP: Continue reply wait on channel %u MHz for %u ms",
601 freq, wait_time);
602 wpa_s->dpp_in_response_listen = 1;
603 wpas_dpp_listen_start(wpa_s, freq);
604
605 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
606 wpas_dpp_reply_wait_timeout, wpa_s, NULL);
607 }
608
609
wpas_dpp_auth_conf_wait_timeout(void * eloop_ctx,void * timeout_ctx)610 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx)
611 {
612 struct wpa_supplicant *wpa_s = eloop_ctx;
613 struct dpp_authentication *auth = wpa_s->dpp_auth;
614
615 if (!auth || !auth->waiting_auth_conf)
616 return;
617
618 wpa_printf(MSG_DEBUG,
619 "DPP: Terminate authentication exchange due to Auth Confirm timeout");
620 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL "No Auth Confirm received");
621 offchannel_send_action_done(wpa_s);
622 dpp_auth_deinit(auth);
623 wpa_s->dpp_auth = NULL;
624 }
625
626
wpas_dpp_set_testing_options(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)627 static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s,
628 struct dpp_authentication *auth)
629 {
630 #ifdef CONFIG_TESTING_OPTIONS
631 if (wpa_s->dpp_config_obj_override)
632 auth->config_obj_override =
633 os_strdup(wpa_s->dpp_config_obj_override);
634 if (wpa_s->dpp_discovery_override)
635 auth->discovery_override =
636 os_strdup(wpa_s->dpp_discovery_override);
637 if (wpa_s->dpp_groups_override)
638 auth->groups_override =
639 os_strdup(wpa_s->dpp_groups_override);
640 auth->ignore_netaccesskey_mismatch =
641 wpa_s->dpp_ignore_netaccesskey_mismatch;
642 #endif /* CONFIG_TESTING_OPTIONS */
643 }
644
645
wpas_dpp_init_timeout(void * eloop_ctx,void * timeout_ctx)646 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx)
647 {
648 struct wpa_supplicant *wpa_s = eloop_ctx;
649
650 if (!wpa_s->dpp_auth)
651 return;
652 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout");
653 wpas_dpp_auth_init_next(wpa_s);
654 }
655
656
wpas_dpp_auth_init_next(struct wpa_supplicant * wpa_s)657 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s)
658 {
659 struct dpp_authentication *auth = wpa_s->dpp_auth;
660 const u8 *dst;
661 unsigned int wait_time, max_wait_time, freq, max_tries, used;
662 struct os_reltime now, diff;
663
664 wpa_s->dpp_in_response_listen = 0;
665 if (!auth)
666 return -1;
667
668 if (auth->freq_idx == 0)
669 os_get_reltime(&wpa_s->dpp_init_iter_start);
670
671 if (auth->freq_idx >= auth->num_freq) {
672 auth->num_freq_iters++;
673 if (wpa_s->dpp_init_max_tries)
674 max_tries = wpa_s->dpp_init_max_tries;
675 else
676 max_tries = 5;
677 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) {
678 wpa_printf(MSG_INFO,
679 "DPP: No response received from responder - stopping initiation attempt");
680 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
681 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout,
682 wpa_s, NULL);
683 offchannel_send_action_done(wpa_s);
684 dpp_auth_deinit(wpa_s->dpp_auth);
685 wpa_s->dpp_auth = NULL;
686 return -1;
687 }
688 auth->freq_idx = 0;
689 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
690 if (wpa_s->dpp_init_retry_time)
691 wait_time = wpa_s->dpp_init_retry_time;
692 else
693 wait_time = 10000;
694 os_get_reltime(&now);
695 os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff);
696 used = diff.sec * 1000 + diff.usec / 1000;
697 if (used > wait_time)
698 wait_time = 0;
699 else
700 wait_time -= used;
701 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms",
702 wait_time);
703 eloop_register_timeout(wait_time / 1000,
704 (wait_time % 1000) * 1000,
705 wpas_dpp_init_timeout, wpa_s,
706 NULL);
707 return 0;
708 }
709 freq = auth->freq[auth->freq_idx++];
710 auth->curr_freq = freq;
711
712 if (!is_zero_ether_addr(auth->peer_mac_addr))
713 dst = auth->peer_mac_addr;
714 else if (is_zero_ether_addr(auth->peer_bi->mac_addr))
715 dst = broadcast;
716 else
717 dst = auth->peer_bi->mac_addr;
718 wpa_s->dpp_auth_ok_on_ack = 0;
719 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
720 wait_time = wpa_s->max_remain_on_chan;
721 max_wait_time = wpa_s->dpp_resp_wait_time ?
722 wpa_s->dpp_resp_wait_time : 2000;
723 if (wait_time > max_wait_time)
724 wait_time = max_wait_time;
725 wait_time += 10; /* give the driver some extra time to complete */
726 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
727 wpas_dpp_reply_wait_timeout,
728 wpa_s, NULL);
729 wait_time -= 10;
730 if (auth->neg_freq > 0 && freq != auth->neg_freq) {
731 wpa_printf(MSG_DEBUG,
732 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response",
733 freq, auth->neg_freq);
734 }
735 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
736 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ);
737 auth->auth_req_ack = 0;
738 os_get_reltime(&wpa_s->dpp_last_init);
739 return offchannel_send_action(wpa_s, freq, dst,
740 wpa_s->own_addr, broadcast,
741 wpabuf_head(auth->req_msg),
742 wpabuf_len(auth->req_msg),
743 wait_time, wpas_dpp_tx_status, 0);
744 }
745
746
wpas_dpp_auth_init(struct wpa_supplicant * wpa_s,const char * cmd)747 int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
748 {
749 const char *pos;
750 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL;
751 struct dpp_authentication *auth;
752 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
753 unsigned int neg_freq = 0;
754 int tcp = 0;
755 #ifdef CONFIG_DPP2
756 int tcp_port = DPP_TCP_PORT;
757 struct hostapd_ip_addr ipaddr;
758 char *addr;
759 #endif /* CONFIG_DPP2 */
760
761 wpa_s->dpp_gas_client = 0;
762
763 pos = os_strstr(cmd, " peer=");
764 if (!pos)
765 return -1;
766 pos += 6;
767 peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
768 if (!peer_bi) {
769 wpa_printf(MSG_INFO,
770 "DPP: Could not find bootstrapping info for the identified peer");
771 return -1;
772 }
773
774 #ifdef CONFIG_DPP2
775 pos = os_strstr(cmd, " tcp_port=");
776 if (pos) {
777 pos += 10;
778 tcp_port = atoi(pos);
779 }
780
781 addr = get_param(cmd, " tcp_addr=");
782 if (addr) {
783 int res;
784
785 res = hostapd_parse_ip_addr(addr, &ipaddr);
786 os_free(addr);
787 if (res)
788 return -1;
789 tcp = 1;
790 }
791 #endif /* CONFIG_DPP2 */
792
793 pos = os_strstr(cmd, " own=");
794 if (pos) {
795 pos += 5;
796 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
797 if (!own_bi) {
798 wpa_printf(MSG_INFO,
799 "DPP: Could not find bootstrapping info for the identified local entry");
800 return -1;
801 }
802
803 if (peer_bi->curve != own_bi->curve) {
804 wpa_printf(MSG_INFO,
805 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
806 peer_bi->curve->name, own_bi->curve->name);
807 return -1;
808 }
809 }
810
811 pos = os_strstr(cmd, " role=");
812 if (pos) {
813 pos += 6;
814 if (os_strncmp(pos, "configurator", 12) == 0)
815 allowed_roles = DPP_CAPAB_CONFIGURATOR;
816 else if (os_strncmp(pos, "enrollee", 8) == 0)
817 allowed_roles = DPP_CAPAB_ENROLLEE;
818 else if (os_strncmp(pos, "either", 6) == 0)
819 allowed_roles = DPP_CAPAB_CONFIGURATOR |
820 DPP_CAPAB_ENROLLEE;
821 else
822 goto fail;
823 }
824
825 pos = os_strstr(cmd, " netrole=");
826 if (pos) {
827 pos += 9;
828 if (os_strncmp(pos, "ap", 2) == 0)
829 wpa_s->dpp_netrole = DPP_NETROLE_AP;
830 else if (os_strncmp(pos, "configurator", 12) == 0)
831 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
832 else
833 wpa_s->dpp_netrole = DPP_NETROLE_STA;
834 } else {
835 wpa_s->dpp_netrole = DPP_NETROLE_STA;
836 }
837
838 pos = os_strstr(cmd, " neg_freq=");
839 if (pos)
840 neg_freq = atoi(pos + 10);
841
842 if (!tcp && wpa_s->dpp_auth) {
843 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
844 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
845 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
846 NULL);
847 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
848 NULL);
849 #ifdef CONFIG_DPP2
850 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
851 wpa_s, NULL);
852 #endif /* CONFIG_DPP2 */
853 offchannel_send_action_done(wpa_s);
854 dpp_auth_deinit(wpa_s->dpp_auth);
855 wpa_s->dpp_auth = NULL;
856 }
857
858 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
859 neg_freq, wpa_s->hw.modes, wpa_s->hw.num_modes);
860 if (!auth)
861 goto fail;
862 wpas_dpp_set_testing_options(wpa_s, auth);
863 if (dpp_set_configurator(auth, cmd) < 0) {
864 dpp_auth_deinit(auth);
865 goto fail;
866 }
867
868 auth->neg_freq = neg_freq;
869
870 if (!is_zero_ether_addr(peer_bi->mac_addr))
871 os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN);
872
873 #ifdef CONFIG_DPP2
874 if (tcp)
875 return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port,
876 wpa_s->conf->dpp_name, DPP_NETROLE_STA,
877 wpa_s, wpa_s, wpas_dpp_process_conf_obj);
878 #endif /* CONFIG_DPP2 */
879
880 wpa_s->dpp_auth = auth;
881 return wpas_dpp_auth_init_next(wpa_s);
882 fail:
883 return -1;
884 }
885
886
887 struct wpas_dpp_listen_work {
888 unsigned int freq;
889 unsigned int duration;
890 struct wpabuf *probe_resp_ie;
891 };
892
893
wpas_dpp_listen_work_free(struct wpas_dpp_listen_work * lwork)894 static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork)
895 {
896 if (!lwork)
897 return;
898 os_free(lwork);
899 }
900
901
wpas_dpp_listen_work_done(struct wpa_supplicant * wpa_s)902 static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s)
903 {
904 struct wpas_dpp_listen_work *lwork;
905
906 if (!wpa_s->dpp_listen_work)
907 return;
908
909 lwork = wpa_s->dpp_listen_work->ctx;
910 wpas_dpp_listen_work_free(lwork);
911 radio_work_done(wpa_s->dpp_listen_work);
912 wpa_s->dpp_listen_work = NULL;
913 }
914
915
dpp_start_listen_cb(struct wpa_radio_work * work,int deinit)916 static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit)
917 {
918 struct wpa_supplicant *wpa_s = work->wpa_s;
919 struct wpas_dpp_listen_work *lwork = work->ctx;
920
921 if (deinit) {
922 if (work->started) {
923 wpa_s->dpp_listen_work = NULL;
924 wpas_dpp_listen_stop(wpa_s);
925 }
926 wpas_dpp_listen_work_free(lwork);
927 return;
928 }
929
930 wpa_s->dpp_listen_work = work;
931
932 wpa_s->dpp_pending_listen_freq = lwork->freq;
933
934 if (wpa_drv_remain_on_channel(wpa_s, lwork->freq,
935 wpa_s->max_remain_on_chan) < 0) {
936 wpa_printf(MSG_DEBUG,
937 "DPP: Failed to request the driver to remain on channel (%u MHz) for listen",
938 lwork->freq);
939 wpa_s->dpp_listen_freq = 0;
940 wpas_dpp_listen_work_done(wpa_s);
941 wpa_s->dpp_pending_listen_freq = 0;
942 return;
943 }
944 wpa_s->off_channel_freq = 0;
945 wpa_s->roc_waiting_drv_freq = lwork->freq;
946 wpa_drv_dpp_listen(wpa_s, true);
947 }
948
949
wpas_dpp_listen_start(struct wpa_supplicant * wpa_s,unsigned int freq)950 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
951 unsigned int freq)
952 {
953 struct wpas_dpp_listen_work *lwork;
954
955 if (wpa_s->dpp_listen_work) {
956 wpa_printf(MSG_DEBUG,
957 "DPP: Reject start_listen since dpp_listen_work already exists");
958 return -1;
959 }
960
961 if (wpa_s->dpp_listen_freq)
962 wpas_dpp_listen_stop(wpa_s);
963 wpa_s->dpp_listen_freq = freq;
964
965 lwork = os_zalloc(sizeof(*lwork));
966 if (!lwork)
967 return -1;
968 lwork->freq = freq;
969
970 if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb,
971 lwork) < 0) {
972 wpas_dpp_listen_work_free(lwork);
973 return -1;
974 }
975
976 return 0;
977 }
978
979
wpas_dpp_listen(struct wpa_supplicant * wpa_s,const char * cmd)980 int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd)
981 {
982 int freq;
983
984 freq = atoi(cmd);
985 if (freq <= 0)
986 return -1;
987
988 if (os_strstr(cmd, " role=configurator"))
989 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR;
990 else if (os_strstr(cmd, " role=enrollee"))
991 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
992 else
993 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR |
994 DPP_CAPAB_ENROLLEE;
995 wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
996 if (os_strstr(cmd, " netrole=ap"))
997 wpa_s->dpp_netrole = DPP_NETROLE_AP;
998 else if (os_strstr(cmd, " netrole=configurator"))
999 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
1000 else
1001 wpa_s->dpp_netrole = DPP_NETROLE_STA;
1002 if (wpa_s->dpp_listen_freq == (unsigned int) freq) {
1003 wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz",
1004 freq);
1005 return 0;
1006 }
1007
1008 return wpas_dpp_listen_start(wpa_s, freq);
1009 }
1010
1011
wpas_dpp_listen_stop(struct wpa_supplicant * wpa_s)1012 void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s)
1013 {
1014 wpa_s->dpp_in_response_listen = 0;
1015 if (!wpa_s->dpp_listen_freq)
1016 return;
1017
1018 wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz",
1019 wpa_s->dpp_listen_freq);
1020 wpa_drv_cancel_remain_on_channel(wpa_s);
1021 wpa_drv_dpp_listen(wpa_s, false);
1022 wpa_s->dpp_listen_freq = 0;
1023 wpas_dpp_listen_work_done(wpa_s);
1024 }
1025
1026
wpas_dpp_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int duration)1027 void wpas_dpp_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1028 unsigned int freq, unsigned int duration)
1029 {
1030 if (wpa_s->dpp_listen_freq != freq)
1031 return;
1032
1033 wpa_printf(MSG_DEBUG,
1034 "DPP: Remain-on-channel started for listen on %u MHz for %u ms",
1035 freq, duration);
1036 os_get_reltime(&wpa_s->dpp_listen_end);
1037 wpa_s->dpp_listen_end.usec += duration * 1000;
1038 while (wpa_s->dpp_listen_end.usec >= 1000000) {
1039 wpa_s->dpp_listen_end.sec++;
1040 wpa_s->dpp_listen_end.usec -= 1000000;
1041 }
1042 }
1043
1044
wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq)1045 void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1046 unsigned int freq)
1047 {
1048 wpas_dpp_listen_work_done(wpa_s);
1049
1050 if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) {
1051 unsigned int new_freq;
1052
1053 /* Continue listen with a new remain-on-channel */
1054 if (wpa_s->dpp_auth->neg_freq > 0)
1055 new_freq = wpa_s->dpp_auth->neg_freq;
1056 else
1057 new_freq = wpa_s->dpp_auth->curr_freq;
1058 wpa_printf(MSG_DEBUG,
1059 "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session",
1060 new_freq);
1061 wpas_dpp_listen_start(wpa_s, new_freq);
1062 return;
1063 }
1064
1065 if (wpa_s->dpp_listen_freq) {
1066 /* Continue listen with a new remain-on-channel */
1067 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq);
1068 }
1069 }
1070
1071
wpas_dpp_rx_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1072 static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
1073 const u8 *hdr, const u8 *buf, size_t len,
1074 unsigned int freq)
1075 {
1076 const u8 *r_bootstrap, *i_bootstrap;
1077 u16 r_bootstrap_len, i_bootstrap_len;
1078 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL;
1079
1080 if (!wpa_s->dpp)
1081 return;
1082
1083 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR,
1084 MAC2STR(src));
1085
1086 #ifdef CONFIG_DPP2
1087 wpas_dpp_chirp_stop(wpa_s);
1088 #endif /* CONFIG_DPP2 */
1089
1090 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
1091 &r_bootstrap_len);
1092 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
1093 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1094 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
1095 return;
1096 }
1097 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
1098 r_bootstrap, r_bootstrap_len);
1099
1100 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
1101 &i_bootstrap_len);
1102 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) {
1103 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1104 "Missing or invalid required Initiator Bootstrapping Key Hash attribute");
1105 return;
1106 }
1107 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash",
1108 i_bootstrap, i_bootstrap_len);
1109
1110 /* Try to find own and peer bootstrapping key matches based on the
1111 * received hash values */
1112 dpp_bootstrap_find_pair(wpa_s->dpp, i_bootstrap, r_bootstrap,
1113 &own_bi, &peer_bi);
1114 if (!own_bi) {
1115 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1116 "No matching own bootstrapping key found - ignore message");
1117 return;
1118 }
1119
1120 if (wpa_s->dpp_auth) {
1121 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1122 "Already in DPP authentication exchange - ignore new one");
1123 return;
1124 }
1125
1126 wpa_s->dpp_gas_client = 0;
1127 wpa_s->dpp_auth_ok_on_ack = 0;
1128 wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s->dpp, wpa_s,
1129 wpa_s->dpp_allowed_roles,
1130 wpa_s->dpp_qr_mutual,
1131 peer_bi, own_bi, freq, hdr, buf, len);
1132 if (!wpa_s->dpp_auth) {
1133 wpa_printf(MSG_DEBUG, "DPP: No response generated");
1134 return;
1135 }
1136 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth);
1137 if (dpp_set_configurator(wpa_s->dpp_auth,
1138 wpa_s->dpp_configurator_params) < 0) {
1139 dpp_auth_deinit(wpa_s->dpp_auth);
1140 wpa_s->dpp_auth = NULL;
1141 return;
1142 }
1143 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN);
1144
1145 if (wpa_s->dpp_listen_freq &&
1146 wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) {
1147 wpa_printf(MSG_DEBUG,
1148 "DPP: Stop listen on %u MHz to allow response on the request %u MHz",
1149 wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq);
1150 wpas_dpp_listen_stop(wpa_s);
1151 }
1152
1153 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1154 MAC2STR(src), wpa_s->dpp_auth->curr_freq,
1155 DPP_PA_AUTHENTICATION_RESP);
1156 offchannel_send_action(wpa_s, wpa_s->dpp_auth->curr_freq,
1157 src, wpa_s->own_addr, broadcast,
1158 wpabuf_head(wpa_s->dpp_auth->resp_msg),
1159 wpabuf_len(wpa_s->dpp_auth->resp_msg),
1160 500, wpas_dpp_tx_status, 0);
1161 }
1162
1163
wpas_dpp_start_gas_server(struct wpa_supplicant * wpa_s)1164 static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s)
1165 {
1166 /* TODO: stop wait and start ROC */
1167 }
1168
1169
wpas_dpp_add_network(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1170 static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
1171 struct dpp_authentication *auth,
1172 struct dpp_config_obj *conf)
1173 {
1174 struct wpa_ssid *ssid;
1175
1176 #ifdef CONFIG_DPP2
1177 if (conf->akm == DPP_AKM_SAE) {
1178 #ifdef CONFIG_SAE
1179 struct wpa_driver_capa capa;
1180 int res;
1181
1182 res = wpa_drv_get_capa(wpa_s, &capa);
1183 if (res == 0 &&
1184 !(capa.key_mgmt_iftype[WPA_IF_STATION] &
1185 WPA_DRIVER_CAPA_KEY_MGMT_SAE) &&
1186 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) {
1187 wpa_printf(MSG_DEBUG,
1188 "DPP: SAE not supported by the driver");
1189 return NULL;
1190 }
1191 #else /* CONFIG_SAE */
1192 wpa_printf(MSG_DEBUG, "DPP: SAE not supported in the build");
1193 return NULL;
1194 #endif /* CONFIG_SAE */
1195 }
1196 #endif /* CONFIG_DPP2 */
1197
1198 ssid = wpa_config_add_network(wpa_s->conf);
1199 if (!ssid)
1200 return NULL;
1201 wpas_notify_network_added(wpa_s, ssid);
1202 wpa_config_set_network_defaults(ssid);
1203 ssid->disabled = 1;
1204
1205 ssid->ssid = os_malloc(conf->ssid_len);
1206 if (!ssid->ssid)
1207 goto fail;
1208 os_memcpy(ssid->ssid, conf->ssid, conf->ssid_len);
1209 ssid->ssid_len = conf->ssid_len;
1210
1211 if (conf->connector) {
1212 if (dpp_akm_dpp(conf->akm)) {
1213 ssid->key_mgmt = WPA_KEY_MGMT_DPP;
1214 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1215 }
1216 ssid->dpp_connector = os_strdup(conf->connector);
1217 if (!ssid->dpp_connector)
1218 goto fail;
1219 }
1220
1221 if (conf->c_sign_key) {
1222 ssid->dpp_csign = os_malloc(wpabuf_len(conf->c_sign_key));
1223 if (!ssid->dpp_csign)
1224 goto fail;
1225 os_memcpy(ssid->dpp_csign, wpabuf_head(conf->c_sign_key),
1226 wpabuf_len(conf->c_sign_key));
1227 ssid->dpp_csign_len = wpabuf_len(conf->c_sign_key);
1228 }
1229
1230 if (conf->pp_key) {
1231 ssid->dpp_pp_key = os_malloc(wpabuf_len(conf->pp_key));
1232 if (!ssid->dpp_pp_key)
1233 goto fail;
1234 os_memcpy(ssid->dpp_pp_key, wpabuf_head(conf->pp_key),
1235 wpabuf_len(conf->pp_key));
1236 ssid->dpp_pp_key_len = wpabuf_len(conf->pp_key);
1237 }
1238
1239 if (auth->net_access_key) {
1240 ssid->dpp_netaccesskey =
1241 os_malloc(wpabuf_len(auth->net_access_key));
1242 if (!ssid->dpp_netaccesskey)
1243 goto fail;
1244 os_memcpy(ssid->dpp_netaccesskey,
1245 wpabuf_head(auth->net_access_key),
1246 wpabuf_len(auth->net_access_key));
1247 ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key);
1248 ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry;
1249 }
1250
1251 if (!conf->connector || dpp_akm_psk(conf->akm) ||
1252 dpp_akm_sae(conf->akm)) {
1253 if (!conf->connector || !dpp_akm_dpp(conf->akm))
1254 ssid->key_mgmt = 0;
1255 if (dpp_akm_psk(conf->akm))
1256 ssid->key_mgmt |= WPA_KEY_MGMT_PSK |
1257 WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK;
1258 if (dpp_akm_sae(conf->akm))
1259 ssid->key_mgmt |= WPA_KEY_MGMT_SAE |
1260 WPA_KEY_MGMT_FT_SAE;
1261 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1262 if (conf->passphrase[0]) {
1263 if (wpa_config_set_quoted(ssid, "psk",
1264 conf->passphrase) < 0)
1265 goto fail;
1266 wpa_config_update_psk(ssid);
1267 ssid->export_keys = 1;
1268 } else {
1269 ssid->psk_set = conf->psk_set;
1270 os_memcpy(ssid->psk, conf->psk, PMK_LEN);
1271 }
1272 }
1273
1274 #if defined(CONFIG_DPP2) && defined(IEEE8021X_EAPOL)
1275 if (conf->akm == DPP_AKM_DOT1X) {
1276 int i;
1277 char name[100], blobname[128];
1278 struct wpa_config_blob *blob;
1279
1280 ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X |
1281 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1282 WPA_KEY_MGMT_IEEE8021X_SHA256;
1283 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1284
1285 if (conf->cacert) {
1286 /* caCert is DER-encoded X.509v3 certificate for the
1287 * server certificate if that is different from the
1288 * trust root included in certBag. */
1289 /* TODO: ssid->eap.cert.ca_cert */
1290 }
1291
1292 if (conf->certs) {
1293 for (i = 0; ; i++) {
1294 os_snprintf(name, sizeof(name), "dpp-certs-%d",
1295 i);
1296 if (!wpa_config_get_blob(wpa_s->conf, name))
1297 break;
1298 }
1299
1300 blob = os_zalloc(sizeof(*blob));
1301 if (!blob)
1302 goto fail;
1303 blob->len = wpabuf_len(conf->certs);
1304 blob->name = os_strdup(name);
1305 blob->data = os_malloc(blob->len);
1306 if (!blob->name || !blob->data) {
1307 wpa_config_free_blob(blob);
1308 goto fail;
1309 }
1310 os_memcpy(blob->data, wpabuf_head(conf->certs),
1311 blob->len);
1312 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1313 name);
1314 wpa_config_set_blob(wpa_s->conf, blob);
1315 wpa_printf(MSG_DEBUG, "DPP: Added certificate blob %s",
1316 name);
1317 ssid->eap.cert.client_cert = os_strdup(blobname);
1318 if (!ssid->eap.cert.client_cert)
1319 goto fail;
1320
1321 /* TODO: ssid->eap.identity from own certificate */
1322 if (wpa_config_set(ssid, "identity", "\"dpp-ent\"",
1323 0) < 0)
1324 goto fail;
1325 }
1326
1327 if (auth->priv_key) {
1328 for (i = 0; ; i++) {
1329 os_snprintf(name, sizeof(name), "dpp-key-%d",
1330 i);
1331 if (!wpa_config_get_blob(wpa_s->conf, name))
1332 break;
1333 }
1334
1335 blob = os_zalloc(sizeof(*blob));
1336 if (!blob)
1337 goto fail;
1338 blob->len = wpabuf_len(auth->priv_key);
1339 blob->name = os_strdup(name);
1340 blob->data = os_malloc(blob->len);
1341 if (!blob->name || !blob->data) {
1342 wpa_config_free_blob(blob);
1343 goto fail;
1344 }
1345 os_memcpy(blob->data, wpabuf_head(auth->priv_key),
1346 blob->len);
1347 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1348 name);
1349 wpa_config_set_blob(wpa_s->conf, blob);
1350 wpa_printf(MSG_DEBUG, "DPP: Added private key blob %s",
1351 name);
1352 ssid->eap.cert.private_key = os_strdup(blobname);
1353 if (!ssid->eap.cert.private_key)
1354 goto fail;
1355 }
1356
1357 if (conf->server_name) {
1358 ssid->eap.cert.domain_suffix_match =
1359 os_strdup(conf->server_name);
1360 if (!ssid->eap.cert.domain_suffix_match)
1361 goto fail;
1362 }
1363
1364 /* TODO: Use entCreds::eapMethods */
1365 if (wpa_config_set(ssid, "eap", "TLS", 0) < 0)
1366 goto fail;
1367 }
1368 #endif /* CONFIG_DPP2 && IEEE8021X_EAPOL */
1369
1370 os_memcpy(wpa_s->dpp_last_ssid, conf->ssid, conf->ssid_len);
1371 wpa_s->dpp_last_ssid_len = conf->ssid_len;
1372
1373 return ssid;
1374 fail:
1375 wpas_notify_network_removed(wpa_s, ssid);
1376 wpa_config_remove_network(wpa_s->conf, ssid->id);
1377 return NULL;
1378 }
1379
1380
wpas_dpp_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1381 static int wpas_dpp_process_config(struct wpa_supplicant *wpa_s,
1382 struct dpp_authentication *auth,
1383 struct dpp_config_obj *conf)
1384 {
1385 struct wpa_ssid *ssid;
1386
1387 if (wpa_s->conf->dpp_config_processing < 1)
1388 return 0;
1389
1390 ssid = wpas_dpp_add_network(wpa_s, auth, conf);
1391 if (!ssid)
1392 return -1;
1393
1394 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id);
1395 if (wpa_s->conf->dpp_config_processing == 2)
1396 ssid->disabled = 0;
1397
1398 #ifndef CONFIG_NO_CONFIG_WRITE
1399 if (wpa_s->conf->update_config &&
1400 wpa_config_write(wpa_s->confname, wpa_s->conf))
1401 wpa_printf(MSG_DEBUG, "DPP: Failed to update configuration");
1402 #endif /* CONFIG_NO_CONFIG_WRITE */
1403
1404 return 0;
1405 }
1406
1407
wpas_dpp_post_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)1408 static void wpas_dpp_post_process_config(struct wpa_supplicant *wpa_s,
1409 struct dpp_authentication *auth)
1410 {
1411 #ifdef CONFIG_DPP2
1412 if (auth->reconfig && wpa_s->dpp_reconfig_ssid &&
1413 wpa_config_get_network(wpa_s->conf, wpa_s->dpp_reconfig_ssid_id) ==
1414 wpa_s->dpp_reconfig_ssid) {
1415 wpa_printf(MSG_DEBUG,
1416 "DPP: Remove reconfigured network profile");
1417 wpas_notify_network_removed(wpa_s, wpa_s->dpp_reconfig_ssid);
1418 wpa_config_remove_network(wpa_s->conf,
1419 wpa_s->dpp_reconfig_ssid_id);
1420 wpa_s->dpp_reconfig_ssid = NULL;
1421 wpa_s->dpp_reconfig_ssid_id = -1;
1422 }
1423 #endif /* CONFIG_DPP2 */
1424
1425 if (wpa_s->conf->dpp_config_processing < 2)
1426 return;
1427
1428 #ifdef CONFIG_DPP2
1429 if (auth->peer_version >= 2) {
1430 wpa_printf(MSG_DEBUG,
1431 "DPP: Postpone connection attempt to wait for completion of DPP Configuration Result");
1432 auth->connect_on_tx_status = 1;
1433 return;
1434 }
1435 #endif /* CONFIG_DPP2 */
1436
1437 wpas_dpp_try_to_connect(wpa_s);
1438 }
1439
1440
wpas_dpp_handle_config_obj(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1441 static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s,
1442 struct dpp_authentication *auth,
1443 struct dpp_config_obj *conf)
1444 {
1445 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1446 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s",
1447 dpp_akm_str(conf->akm));
1448 if (conf->ssid_len)
1449 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s",
1450 wpa_ssid_txt(conf->ssid, conf->ssid_len));
1451 if (conf->ssid_charset)
1452 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID_CHARSET "%d",
1453 conf->ssid_charset);
1454 if (conf->connector) {
1455 /* TODO: Save the Connector and consider using a command
1456 * to fetch the value instead of sending an event with
1457 * it. The Connector could end up being larger than what
1458 * most clients are ready to receive as an event
1459 * message. */
1460 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s",
1461 conf->connector);
1462 }
1463 if (conf->passphrase[0]) {
1464 char hex[64 * 2 + 1];
1465
1466 wpa_snprintf_hex(hex, sizeof(hex),
1467 (const u8 *) conf->passphrase,
1468 os_strlen(conf->passphrase));
1469 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s",
1470 hex);
1471 } else if (conf->psk_set) {
1472 char hex[PMK_LEN * 2 + 1];
1473
1474 wpa_snprintf_hex(hex, sizeof(hex), conf->psk, PMK_LEN);
1475 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s",
1476 hex);
1477 }
1478 if (conf->c_sign_key) {
1479 char *hex;
1480 size_t hexlen;
1481
1482 hexlen = 2 * wpabuf_len(conf->c_sign_key) + 1;
1483 hex = os_malloc(hexlen);
1484 if (hex) {
1485 wpa_snprintf_hex(hex, hexlen,
1486 wpabuf_head(conf->c_sign_key),
1487 wpabuf_len(conf->c_sign_key));
1488 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s",
1489 hex);
1490 os_free(hex);
1491 }
1492 }
1493 if (conf->pp_key) {
1494 char *hex;
1495 size_t hexlen;
1496
1497 hexlen = 2 * wpabuf_len(conf->pp_key) + 1;
1498 hex = os_malloc(hexlen);
1499 if (hex) {
1500 wpa_snprintf_hex(hex, hexlen,
1501 wpabuf_head(conf->pp_key),
1502 wpabuf_len(conf->pp_key));
1503 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PP_KEY "%s", hex);
1504 os_free(hex);
1505 }
1506 }
1507 if (auth->net_access_key) {
1508 char *hex;
1509 size_t hexlen;
1510
1511 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1;
1512 hex = os_malloc(hexlen);
1513 if (hex) {
1514 wpa_snprintf_hex(hex, hexlen,
1515 wpabuf_head(auth->net_access_key),
1516 wpabuf_len(auth->net_access_key));
1517 if (auth->net_access_key_expiry)
1518 wpa_msg(wpa_s, MSG_INFO,
1519 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex,
1520 (long unsigned)
1521 auth->net_access_key_expiry);
1522 else
1523 wpa_msg(wpa_s, MSG_INFO,
1524 DPP_EVENT_NET_ACCESS_KEY "%s", hex);
1525 os_free(hex);
1526 }
1527 }
1528
1529 #ifdef CONFIG_DPP2
1530 if (conf->certbag) {
1531 char *b64;
1532
1533 b64 = base64_encode_no_lf(wpabuf_head(conf->certbag),
1534 wpabuf_len(conf->certbag), NULL);
1535 if (b64)
1536 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CERTBAG "%s", b64);
1537 os_free(b64);
1538 }
1539
1540 if (conf->cacert) {
1541 char *b64;
1542
1543 b64 = base64_encode_no_lf(wpabuf_head(conf->cacert),
1544 wpabuf_len(conf->cacert), NULL);
1545 if (b64)
1546 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CACERT "%s", b64);
1547 os_free(b64);
1548 }
1549
1550 if (conf->server_name)
1551 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_SERVER_NAME "%s",
1552 conf->server_name);
1553 #endif /* CONFIG_DPP2 */
1554
1555 return wpas_dpp_process_config(wpa_s, auth, conf);
1556 }
1557
1558
wpas_dpp_handle_key_pkg(struct wpa_supplicant * wpa_s,struct dpp_asymmetric_key * key)1559 static int wpas_dpp_handle_key_pkg(struct wpa_supplicant *wpa_s,
1560 struct dpp_asymmetric_key *key)
1561 {
1562 #ifdef CONFIG_DPP2
1563 int res;
1564
1565 if (!key)
1566 return 0;
1567
1568 wpa_printf(MSG_DEBUG, "DPP: Received Configurator backup");
1569 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1570 wpa_s->dpp_conf_backup_received = true;
1571
1572 while (key) {
1573 res = dpp_configurator_from_backup(wpa_s->dpp, key);
1574 if (res < 0)
1575 return -1;
1576 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFIGURATOR_ID "%d",
1577 res);
1578 key = key->next;
1579 }
1580 #endif /* CONFIG_DPP2 */
1581
1582 return 0;
1583 }
1584
1585
1586 #ifdef CONFIG_DPP2
wpas_dpp_build_csr(void * eloop_ctx,void * timeout_ctx)1587 static void wpas_dpp_build_csr(void *eloop_ctx, void *timeout_ctx)
1588 {
1589 struct wpa_supplicant *wpa_s = eloop_ctx;
1590 struct dpp_authentication *auth = wpa_s->dpp_auth;
1591
1592 if (!auth || !auth->csrattrs)
1593 return;
1594
1595 wpa_printf(MSG_DEBUG, "DPP: Build CSR");
1596 wpabuf_free(auth->csr);
1597 /* TODO: Additional information needed for CSR based on csrAttrs */
1598 auth->csr = dpp_build_csr(auth, wpa_s->conf->dpp_name ?
1599 wpa_s->conf->dpp_name : "Test");
1600 if (!auth->csr) {
1601 dpp_auth_deinit(wpa_s->dpp_auth);
1602 wpa_s->dpp_auth = NULL;
1603 return;
1604 }
1605
1606 wpas_dpp_start_gas_client(wpa_s);
1607 }
1608 #endif /* CONFIG_DPP2 */
1609
1610
wpas_dpp_gas_resp_cb(void * ctx,const u8 * addr,u8 dialog_token,enum gas_query_result result,const struct wpabuf * adv_proto,const struct wpabuf * resp,u16 status_code)1611 static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token,
1612 enum gas_query_result result,
1613 const struct wpabuf *adv_proto,
1614 const struct wpabuf *resp, u16 status_code)
1615 {
1616 struct wpa_supplicant *wpa_s = ctx;
1617 const u8 *pos;
1618 struct dpp_authentication *auth = wpa_s->dpp_auth;
1619 int res;
1620 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED;
1621 unsigned int i;
1622
1623 wpa_s->dpp_gas_dialog_token = -1;
1624
1625 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
1626 os_memcmp(addr, auth->peer_mac_addr, ETH_ALEN) != 0) {
1627 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
1628 return;
1629 }
1630 if (result != GAS_QUERY_SUCCESS ||
1631 !resp || status_code != WLAN_STATUS_SUCCESS) {
1632 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed");
1633 goto fail;
1634 }
1635
1636 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto",
1637 adv_proto);
1638 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)",
1639 resp);
1640
1641 if (wpabuf_len(adv_proto) != 10 ||
1642 !(pos = wpabuf_head(adv_proto)) ||
1643 pos[0] != WLAN_EID_ADV_PROTO ||
1644 pos[1] != 8 ||
1645 pos[3] != WLAN_EID_VENDOR_SPECIFIC ||
1646 pos[4] != 5 ||
1647 WPA_GET_BE24(&pos[5]) != OUI_WFA ||
1648 pos[8] != 0x1a ||
1649 pos[9] != 1) {
1650 wpa_printf(MSG_DEBUG,
1651 "DPP: Not a DPP Advertisement Protocol ID");
1652 goto fail;
1653 }
1654
1655 res = dpp_conf_resp_rx(auth, resp);
1656 #ifdef CONFIG_DPP2
1657 if (res == -2) {
1658 wpa_printf(MSG_DEBUG, "DPP: CSR needed");
1659 eloop_register_timeout(0, 0, wpas_dpp_build_csr, wpa_s, NULL);
1660 return;
1661 }
1662 #endif /* CONFIG_DPP2 */
1663 if (res < 0) {
1664 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed");
1665 goto fail;
1666 }
1667
1668 wpa_s->dpp_conf_backup_received = false;
1669 for (i = 0; i < auth->num_conf_obj; i++) {
1670 res = wpas_dpp_handle_config_obj(wpa_s, auth,
1671 &auth->conf_obj[i]);
1672 if (res < 0)
1673 goto fail;
1674 }
1675 if (auth->num_conf_obj)
1676 wpas_dpp_post_process_config(wpa_s, auth);
1677 if (wpas_dpp_handle_key_pkg(wpa_s, auth->conf_key_pkg) < 0)
1678 goto fail;
1679
1680 status = DPP_STATUS_OK;
1681 #ifdef CONFIG_TESTING_OPTIONS
1682 if (dpp_test == DPP_TEST_REJECT_CONFIG) {
1683 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object");
1684 status = DPP_STATUS_CONFIG_REJECTED;
1685 }
1686 #endif /* CONFIG_TESTING_OPTIONS */
1687 fail:
1688 if (status != DPP_STATUS_OK)
1689 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1690 #ifdef CONFIG_DPP2
1691 if (auth->peer_version >= 2 &&
1692 auth->conf_resp_status == DPP_STATUS_OK) {
1693 struct wpabuf *msg;
1694
1695 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result");
1696 msg = dpp_build_conf_result(auth, status);
1697 if (!msg)
1698 goto fail2;
1699
1700 wpa_msg(wpa_s, MSG_INFO,
1701 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1702 MAC2STR(addr), auth->curr_freq,
1703 DPP_PA_CONFIGURATION_RESULT);
1704 offchannel_send_action(wpa_s, auth->curr_freq,
1705 addr, wpa_s->own_addr, broadcast,
1706 wpabuf_head(msg),
1707 wpabuf_len(msg),
1708 500, wpas_dpp_tx_status, 0);
1709 wpabuf_free(msg);
1710
1711 /* This exchange will be terminated in the TX status handler */
1712 if (wpa_s->conf->dpp_config_processing < 2 ||
1713 wpa_s->dpp_conf_backup_received)
1714 auth->remove_on_tx_status = 1;
1715 return;
1716 }
1717 fail2:
1718 #endif /* CONFIG_DPP2 */
1719 dpp_auth_deinit(wpa_s->dpp_auth);
1720 wpa_s->dpp_auth = NULL;
1721 }
1722
1723
wpas_dpp_start_gas_client(struct wpa_supplicant * wpa_s)1724 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
1725 {
1726 struct dpp_authentication *auth = wpa_s->dpp_auth;
1727 struct wpabuf *buf;
1728 int res;
1729 int *supp_op_classes;
1730
1731 wpa_s->dpp_gas_client = 1;
1732 offchannel_send_action_done(wpa_s);
1733 wpas_dpp_listen_stop(wpa_s);
1734
1735 supp_op_classes = wpas_supp_op_classes(wpa_s);
1736 buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name,
1737 wpa_s->dpp_netrole,
1738 wpa_s->conf->dpp_mud_url,
1739 supp_op_classes);
1740 os_free(supp_op_classes);
1741 if (!buf) {
1742 wpa_printf(MSG_DEBUG,
1743 "DPP: No configuration request data available");
1744 return;
1745 }
1746
1747 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)",
1748 MAC2STR(auth->peer_mac_addr), auth->curr_freq);
1749
1750 res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq,
1751 1, 1, buf, wpas_dpp_gas_resp_cb, wpa_s);
1752 if (res < 0) {
1753 wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request");
1754 wpabuf_free(buf);
1755 } else {
1756 wpa_printf(MSG_DEBUG,
1757 "DPP: GAS query started with dialog token %u", res);
1758 wpa_s->dpp_gas_dialog_token = res;
1759 }
1760 }
1761
1762
wpas_dpp_auth_success(struct wpa_supplicant * wpa_s,int initiator)1763 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator)
1764 {
1765 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
1766 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator);
1767 #ifdef CONFIG_TESTING_OPTIONS
1768 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) {
1769 wpa_printf(MSG_INFO,
1770 "DPP: TESTING - stop at Authentication Confirm");
1771 if (wpa_s->dpp_auth->configurator) {
1772 /* Prevent GAS response */
1773 wpa_s->dpp_auth->auth_success = 0;
1774 }
1775 return;
1776 }
1777 #endif /* CONFIG_TESTING_OPTIONS */
1778
1779 if (wpa_s->dpp_auth->configurator)
1780 wpas_dpp_start_gas_server(wpa_s);
1781 else
1782 wpas_dpp_start_gas_client(wpa_s);
1783 }
1784
1785
wpas_dpp_rx_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1786 static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
1787 const u8 *hdr, const u8 *buf, size_t len,
1788 unsigned int freq)
1789 {
1790 struct dpp_authentication *auth = wpa_s->dpp_auth;
1791 struct wpabuf *msg;
1792
1793 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR
1794 " (freq %u MHz)", MAC2STR(src), freq);
1795
1796 if (!auth) {
1797 wpa_printf(MSG_DEBUG,
1798 "DPP: No DPP Authentication in progress - drop");
1799 return;
1800 }
1801
1802 if (!is_zero_ether_addr(auth->peer_mac_addr) &&
1803 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1804 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1805 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1806 return;
1807 }
1808
1809 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
1810
1811 if (auth->curr_freq != freq && auth->neg_freq == freq) {
1812 wpa_printf(MSG_DEBUG,
1813 "DPP: Responder accepted request for different negotiation channel");
1814 auth->curr_freq = freq;
1815 }
1816
1817 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
1818 msg = dpp_auth_resp_rx(auth, hdr, buf, len);
1819 if (!msg) {
1820 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) {
1821 wpa_printf(MSG_DEBUG,
1822 "DPP: Start wait for full response");
1823 offchannel_send_action_done(wpa_s);
1824 wpas_dpp_listen_start(wpa_s, auth->curr_freq);
1825 return;
1826 }
1827 wpa_printf(MSG_DEBUG, "DPP: No confirm generated");
1828 return;
1829 }
1830 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
1831
1832 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1833 MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF);
1834 offchannel_send_action(wpa_s, auth->curr_freq,
1835 src, wpa_s->own_addr, broadcast,
1836 wpabuf_head(msg), wpabuf_len(msg),
1837 500, wpas_dpp_tx_status, 0);
1838 wpabuf_free(msg);
1839 wpa_s->dpp_auth_ok_on_ack = 1;
1840 }
1841
1842
wpas_dpp_rx_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)1843 static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
1844 const u8 *hdr, const u8 *buf, size_t len)
1845 {
1846 struct dpp_authentication *auth = wpa_s->dpp_auth;
1847
1848 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR,
1849 MAC2STR(src));
1850
1851 if (!auth) {
1852 wpa_printf(MSG_DEBUG,
1853 "DPP: No DPP Authentication in progress - drop");
1854 return;
1855 }
1856
1857 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1858 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1859 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1860 return;
1861 }
1862
1863 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
1864
1865 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) {
1866 wpa_printf(MSG_DEBUG, "DPP: Authentication failed");
1867 return;
1868 }
1869
1870 wpas_dpp_auth_success(wpa_s, 0);
1871 }
1872
1873
1874 #ifdef CONFIG_DPP2
1875
wpas_dpp_config_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)1876 static void wpas_dpp_config_result_wait_timeout(void *eloop_ctx,
1877 void *timeout_ctx)
1878 {
1879 struct wpa_supplicant *wpa_s = eloop_ctx;
1880 struct dpp_authentication *auth = wpa_s->dpp_auth;
1881
1882 if (!auth || !auth->waiting_conf_result)
1883 return;
1884
1885 wpa_printf(MSG_DEBUG,
1886 "DPP: Timeout while waiting for Configuration Result");
1887 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1888 dpp_auth_deinit(auth);
1889 wpa_s->dpp_auth = NULL;
1890 }
1891
1892
wpas_dpp_conn_status_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)1893 static void wpas_dpp_conn_status_result_wait_timeout(void *eloop_ctx,
1894 void *timeout_ctx)
1895 {
1896 struct wpa_supplicant *wpa_s = eloop_ctx;
1897 struct dpp_authentication *auth = wpa_s->dpp_auth;
1898
1899 if (!auth || !auth->waiting_conn_status_result)
1900 return;
1901
1902 wpa_printf(MSG_DEBUG,
1903 "DPP: Timeout while waiting for Connection Status Result");
1904 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT "timeout");
1905 wpas_dpp_listen_stop(wpa_s);
1906 dpp_auth_deinit(auth);
1907 wpa_s->dpp_auth = NULL;
1908 }
1909
1910
wpas_dpp_rx_conf_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)1911 static void wpas_dpp_rx_conf_result(struct wpa_supplicant *wpa_s, const u8 *src,
1912 const u8 *hdr, const u8 *buf, size_t len)
1913 {
1914 struct dpp_authentication *auth = wpa_s->dpp_auth;
1915 enum dpp_status_error status;
1916
1917 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR,
1918 MAC2STR(src));
1919
1920 if (!auth || !auth->waiting_conf_result) {
1921 if (auth &&
1922 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) == 0 &&
1923 gas_server_response_sent(wpa_s->gas_server,
1924 auth->gas_server_ctx)) {
1925 /* This could happen if the TX status event gets delayed
1926 * long enough for the Enrollee to have time to send
1927 * the next frame before the TX status gets processed
1928 * locally. */
1929 wpa_printf(MSG_DEBUG,
1930 "DPP: GAS response was sent but TX status not yet received - assume it was ACKed since the Enrollee sent the next frame in the sequence");
1931 auth->waiting_conf_result = 1;
1932 } else {
1933 wpa_printf(MSG_DEBUG,
1934 "DPP: No DPP Configuration waiting for result - drop");
1935 return;
1936 }
1937 }
1938
1939 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1940 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1941 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1942 return;
1943 }
1944
1945 status = dpp_conf_result_rx(auth, hdr, buf, len);
1946
1947 if (status == DPP_STATUS_OK && auth->send_conn_status) {
1948 wpa_msg(wpa_s, MSG_INFO,
1949 DPP_EVENT_CONF_SENT "wait_conn_status=1");
1950 wpa_printf(MSG_DEBUG, "DPP: Wait for Connection Status Result");
1951 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
1952 wpa_s, NULL);
1953 auth->waiting_conn_status_result = 1;
1954 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
1955 wpa_s, NULL);
1956 eloop_register_timeout(16, 0,
1957 wpas_dpp_conn_status_result_wait_timeout,
1958 wpa_s, NULL);
1959 offchannel_send_action_done(wpa_s);
1960 wpas_dpp_listen_start(wpa_s, auth->neg_freq ? auth->neg_freq :
1961 auth->curr_freq);
1962 return;
1963 }
1964 offchannel_send_action_done(wpa_s);
1965 wpas_dpp_listen_stop(wpa_s);
1966 if (status == DPP_STATUS_OK)
1967 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
1968 else
1969 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1970 dpp_auth_deinit(auth);
1971 wpa_s->dpp_auth = NULL;
1972 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
1973 }
1974
1975
wpas_dpp_rx_conn_status_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)1976 static void wpas_dpp_rx_conn_status_result(struct wpa_supplicant *wpa_s,
1977 const u8 *src, const u8 *hdr,
1978 const u8 *buf, size_t len)
1979 {
1980 struct dpp_authentication *auth = wpa_s->dpp_auth;
1981 enum dpp_status_error status;
1982 u8 ssid[SSID_MAX_LEN];
1983 size_t ssid_len = 0;
1984 char *channel_list = NULL;
1985
1986 wpa_printf(MSG_DEBUG, "DPP: Connection Status Result");
1987
1988 if (!auth || !auth->waiting_conn_status_result) {
1989 wpa_printf(MSG_DEBUG,
1990 "DPP: No DPP Configuration waiting for connection status result - drop");
1991 return;
1992 }
1993
1994 status = dpp_conn_status_result_rx(auth, hdr, buf, len,
1995 ssid, &ssid_len, &channel_list);
1996 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT
1997 "result=%d ssid=%s channel_list=%s",
1998 status, wpa_ssid_txt(ssid, ssid_len),
1999 channel_list ? channel_list : "N/A");
2000 os_free(channel_list);
2001 offchannel_send_action_done(wpa_s);
2002 wpas_dpp_listen_stop(wpa_s);
2003 dpp_auth_deinit(auth);
2004 wpa_s->dpp_auth = NULL;
2005 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2006 wpa_s, NULL);
2007 }
2008
2009
wpas_dpp_process_conf_obj(void * ctx,struct dpp_authentication * auth)2010 static int wpas_dpp_process_conf_obj(void *ctx,
2011 struct dpp_authentication *auth)
2012 {
2013 struct wpa_supplicant *wpa_s = ctx;
2014 unsigned int i;
2015 int res = -1;
2016
2017 for (i = 0; i < auth->num_conf_obj; i++) {
2018 res = wpas_dpp_handle_config_obj(wpa_s, auth,
2019 &auth->conf_obj[i]);
2020 if (res)
2021 break;
2022 }
2023 if (!res)
2024 wpas_dpp_post_process_config(wpa_s, auth);
2025
2026 return res;
2027 }
2028
2029
wpas_dpp_remove_bi(void * ctx,struct dpp_bootstrap_info * bi)2030 static void wpas_dpp_remove_bi(void *ctx, struct dpp_bootstrap_info *bi)
2031 {
2032 struct wpa_supplicant *wpa_s = ctx;
2033
2034 if (bi == wpa_s->dpp_chirp_bi)
2035 wpas_dpp_chirp_stop(wpa_s);
2036 }
2037
2038
2039 static void
wpas_dpp_rx_presence_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2040 wpas_dpp_rx_presence_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2041 const u8 *hdr, const u8 *buf, size_t len,
2042 unsigned int freq)
2043 {
2044 const u8 *r_bootstrap;
2045 u16 r_bootstrap_len;
2046 struct dpp_bootstrap_info *peer_bi;
2047 struct dpp_authentication *auth;
2048
2049 if (!wpa_s->dpp)
2050 return;
2051
2052 if (wpa_s->dpp_auth) {
2053 wpa_printf(MSG_DEBUG,
2054 "DPP: Ignore Presence Announcement during ongoing Authentication");
2055 return;
2056 }
2057
2058 wpa_printf(MSG_DEBUG, "DPP: Presence Announcement from " MACSTR,
2059 MAC2STR(src));
2060
2061 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
2062 &r_bootstrap_len);
2063 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
2064 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2065 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
2066 return;
2067 }
2068 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
2069 r_bootstrap, r_bootstrap_len);
2070 peer_bi = dpp_bootstrap_find_chirp(wpa_s->dpp, r_bootstrap);
2071 dpp_notify_chirp_received(wpa_s, peer_bi ? (int) peer_bi->id : -1, src,
2072 freq, r_bootstrap);
2073 if (!peer_bi) {
2074 wpa_printf(MSG_DEBUG,
2075 "DPP: No matching bootstrapping information found");
2076 return;
2077 }
2078
2079 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, NULL,
2080 DPP_CAPAB_CONFIGURATOR, freq, NULL, 0);
2081 if (!auth)
2082 return;
2083 wpas_dpp_set_testing_options(wpa_s, auth);
2084 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2085 dpp_auth_deinit(auth);
2086 return;
2087 }
2088
2089 auth->neg_freq = freq;
2090
2091 /* The source address of the Presence Announcement frame overrides any
2092 * MAC address information from the bootstrapping information. */
2093 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2094
2095 wpa_s->dpp_auth = auth;
2096 if (wpas_dpp_auth_init_next(wpa_s) < 0) {
2097 dpp_auth_deinit(wpa_s->dpp_auth);
2098 wpa_s->dpp_auth = NULL;
2099 }
2100 }
2101
2102
wpas_dpp_reconfig_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)2103 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
2104 void *timeout_ctx)
2105 {
2106 struct wpa_supplicant *wpa_s = eloop_ctx;
2107 struct dpp_authentication *auth = wpa_s->dpp_auth;
2108
2109 if (!auth)
2110 return;
2111
2112 wpa_printf(MSG_DEBUG, "DPP: Reconfig Reply wait timeout");
2113 offchannel_send_action_done(wpa_s);
2114 wpas_dpp_listen_stop(wpa_s);
2115 dpp_auth_deinit(auth);
2116 wpa_s->dpp_auth = NULL;
2117 }
2118
2119
2120 static void
wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2121 wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2122 const u8 *hdr, const u8 *buf, size_t len,
2123 unsigned int freq)
2124 {
2125 const u8 *csign_hash, *fcgroup, *a_nonce, *e_id;
2126 u16 csign_hash_len, fcgroup_len, a_nonce_len, e_id_len;
2127 struct dpp_configurator *conf;
2128 struct dpp_authentication *auth;
2129 unsigned int wait_time, max_wait_time;
2130 u16 group;
2131
2132 if (!wpa_s->dpp)
2133 return;
2134
2135 if (wpa_s->dpp_auth) {
2136 wpa_printf(MSG_DEBUG,
2137 "DPP: Ignore Reconfig Announcement during ongoing Authentication");
2138 return;
2139 }
2140
2141 wpa_printf(MSG_DEBUG, "DPP: Reconfig Announcement from " MACSTR,
2142 MAC2STR(src));
2143
2144 csign_hash = dpp_get_attr(buf, len, DPP_ATTR_C_SIGN_KEY_HASH,
2145 &csign_hash_len);
2146 if (!csign_hash || csign_hash_len != SHA256_MAC_LEN) {
2147 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2148 "Missing or invalid required Configurator C-sign key Hash attribute");
2149 return;
2150 }
2151 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator C-sign key Hash (kid)",
2152 csign_hash, csign_hash_len);
2153 conf = dpp_configurator_find_kid(wpa_s->dpp, csign_hash);
2154 if (!conf) {
2155 wpa_printf(MSG_DEBUG,
2156 "DPP: No matching Configurator information found");
2157 return;
2158 }
2159
2160 fcgroup = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP,
2161 &fcgroup_len);
2162 if (!fcgroup || fcgroup_len != 2) {
2163 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2164 "Missing or invalid required Finite Cyclic Group attribute");
2165 return;
2166 }
2167 group = WPA_GET_LE16(fcgroup);
2168 wpa_printf(MSG_DEBUG, "DPP: Enrollee finite cyclic group: %u", group);
2169
2170 a_nonce = dpp_get_attr(buf, len, DPP_ATTR_A_NONCE, &a_nonce_len);
2171 e_id = dpp_get_attr(buf, len, DPP_ATTR_E_PRIME_ID, &e_id_len);
2172
2173 auth = dpp_reconfig_init(wpa_s->dpp, wpa_s, conf, freq, group,
2174 a_nonce, a_nonce_len, e_id, e_id_len);
2175 if (!auth)
2176 return;
2177 wpas_dpp_set_testing_options(wpa_s, auth);
2178 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2179 dpp_auth_deinit(auth);
2180 return;
2181 }
2182
2183 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2184 wpa_s->dpp_auth = auth;
2185
2186 wpa_s->dpp_in_response_listen = 0;
2187 wpa_s->dpp_auth_ok_on_ack = 0;
2188 wait_time = wpa_s->max_remain_on_chan;
2189 max_wait_time = wpa_s->dpp_resp_wait_time ?
2190 wpa_s->dpp_resp_wait_time : 2000;
2191 if (wait_time > max_wait_time)
2192 wait_time = max_wait_time;
2193 wait_time += 10; /* give the driver some extra time to complete */
2194 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
2195 wpas_dpp_reconfig_reply_wait_timeout,
2196 wpa_s, NULL);
2197 wait_time -= 10;
2198
2199 wpas_dpp_stop_listen_for_tx(wpa_s, freq, wait_time);
2200
2201 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2202 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_REQ);
2203 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2204 wpabuf_head(auth->reconfig_req_msg),
2205 wpabuf_len(auth->reconfig_req_msg),
2206 wait_time, wpas_dpp_tx_status, 0) < 0) {
2207 dpp_auth_deinit(wpa_s->dpp_auth);
2208 wpa_s->dpp_auth = NULL;
2209 }
2210 }
2211
2212
2213 static void
wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2214 wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
2215 const u8 *hdr, const u8 *buf, size_t len,
2216 unsigned int freq)
2217 {
2218 struct wpa_ssid *ssid;
2219 struct dpp_authentication *auth;
2220
2221 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Request from "
2222 MACSTR, MAC2STR(src));
2223
2224 if (!wpa_s->dpp)
2225 return;
2226 if (wpa_s->dpp_auth) {
2227 wpa_printf(MSG_DEBUG,
2228 "DPP: Not ready for reconfiguration - pending authentication exchange in progress");
2229 return;
2230 }
2231 if (!wpa_s->dpp_reconfig_ssid) {
2232 wpa_printf(MSG_DEBUG,
2233 "DPP: Not ready for reconfiguration - not requested");
2234 return;
2235 }
2236 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2237 if (ssid == wpa_s->dpp_reconfig_ssid &&
2238 ssid->id == wpa_s->dpp_reconfig_ssid_id)
2239 break;
2240 }
2241 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2242 !ssid->dpp_csign) {
2243 wpa_printf(MSG_DEBUG,
2244 "DPP: Not ready for reconfiguration - no matching network profile with Connector found");
2245 return;
2246 }
2247
2248 auth = dpp_reconfig_auth_req_rx(wpa_s->dpp, wpa_s, ssid->dpp_connector,
2249 ssid->dpp_netaccesskey,
2250 ssid->dpp_netaccesskey_len,
2251 ssid->dpp_csign, ssid->dpp_csign_len,
2252 freq, hdr, buf, len);
2253 if (!auth)
2254 return;
2255 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2256 wpa_s->dpp_auth = auth;
2257
2258 wpas_dpp_chirp_stop(wpa_s);
2259
2260 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2261 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_RESP);
2262 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2263 wpabuf_head(auth->reconfig_resp_msg),
2264 wpabuf_len(auth->reconfig_resp_msg),
2265 500, wpas_dpp_tx_status, 0) < 0) {
2266 dpp_auth_deinit(wpa_s->dpp_auth);
2267 wpa_s->dpp_auth = NULL;
2268 }
2269 }
2270
2271
2272 static void
wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2273 wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2274 const u8 *hdr, const u8 *buf, size_t len,
2275 unsigned int freq)
2276 {
2277 struct dpp_authentication *auth = wpa_s->dpp_auth;
2278 struct wpabuf *conf;
2279
2280 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Response from "
2281 MACSTR, MAC2STR(src));
2282
2283 if (!auth || !auth->reconfig || !auth->configurator) {
2284 wpa_printf(MSG_DEBUG,
2285 "DPP: No DPP Reconfig Authentication in progress - drop");
2286 return;
2287 }
2288
2289 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2290 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2291 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2292 return;
2293 }
2294
2295 conf = dpp_reconfig_auth_resp_rx(auth, hdr, buf, len);
2296 if (!conf)
2297 return;
2298
2299 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, wpa_s, NULL);
2300
2301 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2302 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_CONF);
2303 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2304 wpabuf_head(conf), wpabuf_len(conf),
2305 500, wpas_dpp_tx_status, 0) < 0) {
2306 wpabuf_free(conf);
2307 dpp_auth_deinit(wpa_s->dpp_auth);
2308 wpa_s->dpp_auth = NULL;
2309 return;
2310 }
2311 wpabuf_free(conf);
2312
2313 wpas_dpp_start_gas_server(wpa_s);
2314 }
2315
2316
2317 static void
wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2318 wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
2319 const u8 *hdr, const u8 *buf, size_t len,
2320 unsigned int freq)
2321 {
2322 struct dpp_authentication *auth = wpa_s->dpp_auth;
2323
2324 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Confirm from "
2325 MACSTR, MAC2STR(src));
2326
2327 if (!auth || !auth->reconfig || auth->configurator) {
2328 wpa_printf(MSG_DEBUG,
2329 "DPP: No DPP Reconfig Authentication in progress - drop");
2330 return;
2331 }
2332
2333 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2334 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2335 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2336 return;
2337 }
2338
2339 if (dpp_reconfig_auth_conf_rx(auth, hdr, buf, len) < 0)
2340 return;
2341
2342 wpas_dpp_start_gas_client(wpa_s);
2343 }
2344
2345 #endif /* CONFIG_DPP2 */
2346
2347
wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len)2348 static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s,
2349 const u8 *src,
2350 const u8 *buf, size_t len)
2351 {
2352 struct wpa_ssid *ssid;
2353 const u8 *connector, *trans_id, *status;
2354 u16 connector_len, trans_id_len, status_len;
2355 #ifdef CONFIG_DPP2
2356 const u8 *version;
2357 u16 version_len;
2358 #endif /* CONFIG_DPP2 */
2359 u8 peer_version = 1;
2360 struct dpp_introduction intro;
2361 struct rsn_pmksa_cache_entry *entry;
2362 struct os_time now;
2363 struct os_reltime rnow;
2364 os_time_t expiry;
2365 unsigned int seconds;
2366 enum dpp_status_error res;
2367
2368 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR,
2369 MAC2STR(src));
2370 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) ||
2371 os_memcmp(src, wpa_s->dpp_intro_bssid, ETH_ALEN) != 0) {
2372 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from "
2373 MACSTR " - drop", MAC2STR(src));
2374 return;
2375 }
2376 offchannel_send_action_done(wpa_s);
2377
2378 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2379 if (ssid == wpa_s->dpp_intro_network)
2380 break;
2381 }
2382 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2383 !ssid->dpp_csign) {
2384 wpa_printf(MSG_DEBUG,
2385 "DPP: Profile not found for network introduction");
2386 return;
2387 }
2388
2389 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID,
2390 &trans_id_len);
2391 if (!trans_id || trans_id_len != 1) {
2392 wpa_printf(MSG_DEBUG,
2393 "DPP: Peer did not include Transaction ID");
2394 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2395 " fail=missing_transaction_id", MAC2STR(src));
2396 goto fail;
2397 }
2398 if (trans_id[0] != TRANSACTION_ID) {
2399 wpa_printf(MSG_DEBUG,
2400 "DPP: Ignore frame with unexpected Transaction ID %u",
2401 trans_id[0]);
2402 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2403 " fail=transaction_id_mismatch", MAC2STR(src));
2404 goto fail;
2405 }
2406
2407 status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len);
2408 if (!status || status_len != 1) {
2409 wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status");
2410 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2411 " fail=missing_status", MAC2STR(src));
2412 goto fail;
2413 }
2414 if (status[0] != DPP_STATUS_OK) {
2415 wpa_printf(MSG_DEBUG,
2416 "DPP: Peer rejected network introduction: Status %u",
2417 status[0]);
2418 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2419 " status=%u", MAC2STR(src), status[0]);
2420 #ifdef CONFIG_DPP2
2421 wpas_dpp_send_conn_status_result(wpa_s, status[0]);
2422 #endif /* CONFIG_DPP2 */
2423 goto fail;
2424 }
2425
2426 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len);
2427 if (!connector) {
2428 wpa_printf(MSG_DEBUG,
2429 "DPP: Peer did not include its Connector");
2430 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2431 " fail=missing_connector", MAC2STR(src));
2432 goto fail;
2433 }
2434
2435 res = dpp_peer_intro(&intro, ssid->dpp_connector,
2436 ssid->dpp_netaccesskey,
2437 ssid->dpp_netaccesskey_len,
2438 ssid->dpp_csign,
2439 ssid->dpp_csign_len,
2440 connector, connector_len, &expiry);
2441 if (res != DPP_STATUS_OK) {
2442 wpa_printf(MSG_INFO,
2443 "DPP: Network Introduction protocol resulted in failure");
2444 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2445 " fail=peer_connector_validation_failed", MAC2STR(src));
2446 #ifdef CONFIG_DPP2
2447 wpas_dpp_send_conn_status_result(wpa_s, res);
2448 #endif /* CONFIG_DPP2 */
2449 goto fail;
2450 }
2451
2452 entry = os_zalloc(sizeof(*entry));
2453 if (!entry)
2454 goto fail;
2455 os_memcpy(entry->aa, src, ETH_ALEN);
2456 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN);
2457 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len);
2458 entry->pmk_len = intro.pmk_len;
2459 entry->akmp = WPA_KEY_MGMT_DPP;
2460 #ifdef CONFIG_DPP2
2461 version = dpp_get_attr(buf, len, DPP_ATTR_PROTOCOL_VERSION,
2462 &version_len);
2463 if (version && version_len >= 1)
2464 peer_version = version[0];
2465 entry->dpp_pfs = peer_version >= 2;
2466 #endif /* CONFIG_DPP2 */
2467 if (expiry) {
2468 os_get_time(&now);
2469 seconds = expiry - now.sec;
2470 } else {
2471 seconds = 86400 * 7;
2472 }
2473 os_get_reltime(&rnow);
2474 entry->expiration = rnow.sec + seconds;
2475 entry->reauth_time = rnow.sec + seconds;
2476 entry->network_ctx = ssid;
2477 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry);
2478
2479 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2480 " status=%u version=%u", MAC2STR(src), status[0], peer_version);
2481
2482 wpa_printf(MSG_DEBUG,
2483 "DPP: Try connection again after successful network introduction");
2484 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2485 wpa_supplicant_cancel_sched_scan(wpa_s);
2486 wpa_supplicant_req_scan(wpa_s, 0, 0);
2487 }
2488 fail:
2489 os_memset(&intro, 0, sizeof(intro));
2490 }
2491
2492
wpas_dpp_allow_ir(struct wpa_supplicant * wpa_s,unsigned int freq)2493 static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq)
2494 {
2495 int i, j;
2496
2497 if (!wpa_s->hw.modes)
2498 return -1;
2499
2500 for (i = 0; i < wpa_s->hw.num_modes; i++) {
2501 struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i];
2502
2503 for (j = 0; j < mode->num_channels; j++) {
2504 struct hostapd_channel_data *chan = &mode->channels[j];
2505
2506 if (chan->freq != (int) freq)
2507 continue;
2508
2509 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2510 HOSTAPD_CHAN_NO_IR |
2511 HOSTAPD_CHAN_RADAR))
2512 continue;
2513
2514 return 1;
2515 }
2516 }
2517
2518 wpa_printf(MSG_DEBUG,
2519 "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list",
2520 freq);
2521
2522 return 0;
2523 }
2524
2525
wpas_dpp_pkex_next_channel(struct wpa_supplicant * wpa_s,struct dpp_pkex * pkex)2526 static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s,
2527 struct dpp_pkex *pkex)
2528 {
2529 if (pkex->freq == 2437)
2530 pkex->freq = 5745;
2531 else if (pkex->freq == 5745)
2532 pkex->freq = 5220;
2533 else if (pkex->freq == 5220)
2534 pkex->freq = 60480;
2535 else
2536 return -1; /* no more channels to try */
2537
2538 if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) {
2539 wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz",
2540 pkex->freq);
2541 return 0;
2542 }
2543
2544 /* Could not use this channel - try the next one */
2545 return wpas_dpp_pkex_next_channel(wpa_s, pkex);
2546 }
2547
2548
wpas_dpp_pkex_retry_timeout(void * eloop_ctx,void * timeout_ctx)2549 static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx)
2550 {
2551 struct wpa_supplicant *wpa_s = eloop_ctx;
2552 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2553
2554 if (!pkex || !pkex->exchange_req)
2555 return;
2556 if (pkex->exch_req_tries >= 5) {
2557 if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) {
2558 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2559 "No response from PKEX peer");
2560 dpp_pkex_free(pkex);
2561 wpa_s->dpp_pkex = NULL;
2562 return;
2563 }
2564 pkex->exch_req_tries = 0;
2565 }
2566
2567 pkex->exch_req_tries++;
2568 wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)",
2569 pkex->exch_req_tries);
2570 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2571 MAC2STR(broadcast), pkex->freq, DPP_PA_PKEX_EXCHANGE_REQ);
2572 offchannel_send_action(wpa_s, pkex->freq, broadcast,
2573 wpa_s->own_addr, broadcast,
2574 wpabuf_head(pkex->exchange_req),
2575 wpabuf_len(pkex->exchange_req),
2576 pkex->exch_req_wait_time,
2577 wpas_dpp_tx_pkex_status, 0);
2578 }
2579
2580
2581 static void
wpas_dpp_tx_pkex_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)2582 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
2583 unsigned int freq, const u8 *dst,
2584 const u8 *src, const u8 *bssid,
2585 const u8 *data, size_t data_len,
2586 enum offchannel_send_action_result result)
2587 {
2588 const char *res_txt;
2589 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2590
2591 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
2592 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
2593 "FAILED");
2594 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
2595 " result=%s (PKEX)",
2596 freq, MAC2STR(dst), res_txt);
2597 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
2598 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
2599
2600 if (!pkex) {
2601 wpa_printf(MSG_DEBUG,
2602 "DPP: Ignore TX status since there is no ongoing PKEX exchange");
2603 return;
2604 }
2605
2606 if (pkex->failed) {
2607 wpa_printf(MSG_DEBUG,
2608 "DPP: Terminate PKEX exchange due to an earlier error");
2609 if (pkex->t > pkex->own_bi->pkex_t)
2610 pkex->own_bi->pkex_t = pkex->t;
2611 dpp_pkex_free(pkex);
2612 wpa_s->dpp_pkex = NULL;
2613 return;
2614 }
2615
2616 if (pkex->exch_req_wait_time && pkex->exchange_req) {
2617 /* Wait for PKEX Exchange Response frame and retry request if
2618 * no response is seen. */
2619 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
2620 eloop_register_timeout(pkex->exch_req_wait_time / 1000,
2621 (pkex->exch_req_wait_time % 1000) * 1000,
2622 wpas_dpp_pkex_retry_timeout, wpa_s,
2623 NULL);
2624 }
2625 }
2626
2627
2628 static void
wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)2629 wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src,
2630 const u8 *buf, size_t len, unsigned int freq)
2631 {
2632 struct wpabuf *msg;
2633 unsigned int wait_time;
2634
2635 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR,
2636 MAC2STR(src));
2637
2638 /* TODO: Support multiple PKEX codes by iterating over all the enabled
2639 * values here */
2640
2641 if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) {
2642 wpa_printf(MSG_DEBUG,
2643 "DPP: No PKEX code configured - ignore request");
2644 return;
2645 }
2646
2647 if (wpa_s->dpp_pkex) {
2648 /* TODO: Support parallel operations */
2649 wpa_printf(MSG_DEBUG,
2650 "DPP: Already in PKEX session - ignore new request");
2651 return;
2652 }
2653
2654 wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi,
2655 wpa_s->own_addr, src,
2656 wpa_s->dpp_pkex_identifier,
2657 wpa_s->dpp_pkex_code,
2658 buf, len);
2659 if (!wpa_s->dpp_pkex) {
2660 wpa_printf(MSG_DEBUG,
2661 "DPP: Failed to process the request - ignore it");
2662 return;
2663 }
2664
2665 msg = wpa_s->dpp_pkex->exchange_resp;
2666 wait_time = wpa_s->max_remain_on_chan;
2667 if (wait_time > 2000)
2668 wait_time = 2000;
2669 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2670 MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP);
2671 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
2672 broadcast,
2673 wpabuf_head(msg), wpabuf_len(msg),
2674 wait_time, wpas_dpp_tx_pkex_status, 0);
2675 }
2676
2677
2678 static void
wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)2679 wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2680 const u8 *buf, size_t len, unsigned int freq)
2681 {
2682 struct wpabuf *msg;
2683 unsigned int wait_time;
2684
2685 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR,
2686 MAC2STR(src));
2687
2688 /* TODO: Support multiple PKEX codes by iterating over all the enabled
2689 * values here */
2690
2691 if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator ||
2692 wpa_s->dpp_pkex->exchange_done) {
2693 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
2694 return;
2695 }
2696
2697 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
2698 wpa_s->dpp_pkex->exch_req_wait_time = 0;
2699
2700 msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len);
2701 if (!msg) {
2702 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
2703 return;
2704 }
2705
2706 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR,
2707 MAC2STR(src));
2708
2709 wait_time = wpa_s->max_remain_on_chan;
2710 if (wait_time > 2000)
2711 wait_time = 2000;
2712 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2713 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ);
2714 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
2715 broadcast,
2716 wpabuf_head(msg), wpabuf_len(msg),
2717 wait_time, wpas_dpp_tx_pkex_status, 0);
2718 wpabuf_free(msg);
2719 }
2720
2721
2722 static struct dpp_bootstrap_info *
wpas_dpp_pkex_finish(struct wpa_supplicant * wpa_s,const u8 * peer,unsigned int freq)2723 wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer,
2724 unsigned int freq)
2725 {
2726 struct dpp_bootstrap_info *bi;
2727
2728 bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq);
2729 if (!bi)
2730 return NULL;
2731 wpa_s->dpp_pkex = NULL;
2732 return bi;
2733 }
2734
2735
2736 static void
wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2737 wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
2738 const u8 *hdr, const u8 *buf, size_t len,
2739 unsigned int freq)
2740 {
2741 struct wpabuf *msg;
2742 unsigned int wait_time;
2743 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2744
2745 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR,
2746 MAC2STR(src));
2747
2748 if (!pkex || pkex->initiator || !pkex->exchange_done) {
2749 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
2750 return;
2751 }
2752
2753 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len);
2754 if (!msg) {
2755 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request");
2756 if (pkex->failed) {
2757 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange");
2758 if (pkex->t > pkex->own_bi->pkex_t)
2759 pkex->own_bi->pkex_t = pkex->t;
2760 dpp_pkex_free(wpa_s->dpp_pkex);
2761 wpa_s->dpp_pkex = NULL;
2762 }
2763 return;
2764 }
2765
2766 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to "
2767 MACSTR, MAC2STR(src));
2768
2769 wait_time = wpa_s->max_remain_on_chan;
2770 if (wait_time > 2000)
2771 wait_time = 2000;
2772 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2773 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP);
2774 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
2775 broadcast,
2776 wpabuf_head(msg), wpabuf_len(msg),
2777 wait_time, wpas_dpp_tx_pkex_status, 0);
2778 wpabuf_free(msg);
2779
2780 wpas_dpp_pkex_finish(wpa_s, src, freq);
2781 }
2782
2783
2784 static void
wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2785 wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2786 const u8 *hdr, const u8 *buf, size_t len,
2787 unsigned int freq)
2788 {
2789 int res;
2790 struct dpp_bootstrap_info *bi;
2791 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2792 char cmd[500];
2793
2794 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR,
2795 MAC2STR(src));
2796
2797 if (!pkex || !pkex->initiator || !pkex->exchange_done) {
2798 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
2799 return;
2800 }
2801
2802 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len);
2803 if (res < 0) {
2804 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
2805 return;
2806 }
2807
2808 bi = wpas_dpp_pkex_finish(wpa_s, src, freq);
2809 if (!bi)
2810 return;
2811
2812 os_snprintf(cmd, sizeof(cmd), " peer=%u %s",
2813 bi->id,
2814 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : "");
2815 wpa_printf(MSG_DEBUG,
2816 "DPP: Start authentication after PKEX with parameters: %s",
2817 cmd);
2818 if (wpas_dpp_auth_init(wpa_s, cmd) < 0) {
2819 wpa_printf(MSG_DEBUG,
2820 "DPP: Authentication initialization failed");
2821 offchannel_send_action_done(wpa_s);
2822 return;
2823 }
2824 }
2825
2826
wpas_dpp_rx_action(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)2827 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src,
2828 const u8 *buf, size_t len, unsigned int freq)
2829 {
2830 u8 crypto_suite;
2831 enum dpp_public_action_frame_type type;
2832 const u8 *hdr;
2833 unsigned int pkex_t;
2834
2835 if (len < DPP_HDR_LEN)
2836 return;
2837 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE)
2838 return;
2839 hdr = buf;
2840 buf += 4;
2841 len -= 4;
2842 crypto_suite = *buf++;
2843 type = *buf++;
2844 len -= 2;
2845
2846 wpa_printf(MSG_DEBUG,
2847 "DPP: Received DPP Public Action frame crypto suite %u type %d from "
2848 MACSTR " freq=%u",
2849 crypto_suite, type, MAC2STR(src), freq);
2850 if (crypto_suite != 1) {
2851 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u",
2852 crypto_suite);
2853 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
2854 " freq=%u type=%d ignore=unsupported-crypto-suite",
2855 MAC2STR(src), freq, type);
2856 return;
2857 }
2858 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len);
2859 if (dpp_check_attrs(buf, len) < 0) {
2860 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
2861 " freq=%u type=%d ignore=invalid-attributes",
2862 MAC2STR(src), freq, type);
2863 return;
2864 }
2865 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d",
2866 MAC2STR(src), freq, type);
2867
2868 switch (type) {
2869 case DPP_PA_AUTHENTICATION_REQ:
2870 wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq);
2871 break;
2872 case DPP_PA_AUTHENTICATION_RESP:
2873 wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq);
2874 break;
2875 case DPP_PA_AUTHENTICATION_CONF:
2876 wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len);
2877 break;
2878 case DPP_PA_PEER_DISCOVERY_RESP:
2879 wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len);
2880 break;
2881 case DPP_PA_PKEX_EXCHANGE_REQ:
2882 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq);
2883 break;
2884 case DPP_PA_PKEX_EXCHANGE_RESP:
2885 wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq);
2886 break;
2887 case DPP_PA_PKEX_COMMIT_REVEAL_REQ:
2888 wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len,
2889 freq);
2890 break;
2891 case DPP_PA_PKEX_COMMIT_REVEAL_RESP:
2892 wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len,
2893 freq);
2894 break;
2895 #ifdef CONFIG_DPP2
2896 case DPP_PA_CONFIGURATION_RESULT:
2897 wpas_dpp_rx_conf_result(wpa_s, src, hdr, buf, len);
2898 break;
2899 case DPP_PA_CONNECTION_STATUS_RESULT:
2900 wpas_dpp_rx_conn_status_result(wpa_s, src, hdr, buf, len);
2901 break;
2902 case DPP_PA_PRESENCE_ANNOUNCEMENT:
2903 wpas_dpp_rx_presence_announcement(wpa_s, src, hdr, buf, len,
2904 freq);
2905 break;
2906 case DPP_PA_RECONFIG_ANNOUNCEMENT:
2907 wpas_dpp_rx_reconfig_announcement(wpa_s, src, hdr, buf, len,
2908 freq);
2909 break;
2910 case DPP_PA_RECONFIG_AUTH_REQ:
2911 wpas_dpp_rx_reconfig_auth_req(wpa_s, src, hdr, buf, len, freq);
2912 break;
2913 case DPP_PA_RECONFIG_AUTH_RESP:
2914 wpas_dpp_rx_reconfig_auth_resp(wpa_s, src, hdr, buf, len, freq);
2915 break;
2916 case DPP_PA_RECONFIG_AUTH_CONF:
2917 wpas_dpp_rx_reconfig_auth_conf(wpa_s, src, hdr, buf, len, freq);
2918 break;
2919 #endif /* CONFIG_DPP2 */
2920 default:
2921 wpa_printf(MSG_DEBUG,
2922 "DPP: Ignored unsupported frame subtype %d", type);
2923 break;
2924 }
2925
2926 if (wpa_s->dpp_pkex)
2927 pkex_t = wpa_s->dpp_pkex->t;
2928 else if (wpa_s->dpp_pkex_bi)
2929 pkex_t = wpa_s->dpp_pkex_bi->pkex_t;
2930 else
2931 pkex_t = 0;
2932 if (pkex_t >= PKEX_COUNTER_T_LIMIT) {
2933 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0");
2934 wpas_dpp_pkex_remove(wpa_s, "*");
2935 }
2936 }
2937
2938
2939 static struct wpabuf *
wpas_dpp_gas_req_handler(void * ctx,void * resp_ctx,const u8 * sa,const u8 * query,size_t query_len,u16 * comeback_delay)2940 wpas_dpp_gas_req_handler(void *ctx, void *resp_ctx, const u8 *sa,
2941 const u8 *query, size_t query_len, u16 *comeback_delay)
2942 {
2943 struct wpa_supplicant *wpa_s = ctx;
2944 struct dpp_authentication *auth = wpa_s->dpp_auth;
2945 struct wpabuf *resp;
2946
2947 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR,
2948 MAC2STR(sa));
2949 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
2950 os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) {
2951 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
2952 return NULL;
2953 }
2954
2955 if (wpa_s->dpp_auth_ok_on_ack && auth->configurator) {
2956 wpa_printf(MSG_DEBUG,
2957 "DPP: Have not received ACK for Auth Confirm yet - assume it was received based on this GAS request");
2958 /* wpas_dpp_auth_success() would normally have been called from
2959 * TX status handler, but since there was no such handler call
2960 * yet, simply send out the event message and proceed with
2961 * exchange. */
2962 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=1");
2963 wpa_s->dpp_auth_ok_on_ack = 0;
2964 }
2965
2966 wpa_hexdump(MSG_DEBUG,
2967 "DPP: Received Configuration Request (GAS Query Request)",
2968 query, query_len);
2969 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR,
2970 MAC2STR(sa));
2971 resp = dpp_conf_req_rx(auth, query, query_len);
2972
2973 #ifdef CONFIG_DPP2
2974 if (!resp && auth->waiting_cert) {
2975 wpa_printf(MSG_DEBUG, "DPP: Certificate not yet ready");
2976 auth->cert_resp_ctx = resp_ctx;
2977 *comeback_delay = 500;
2978 return NULL;
2979 }
2980 #endif /* CONFIG_DPP2 */
2981
2982 if (!resp)
2983 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
2984 auth->conf_resp = resp;
2985 auth->gas_server_ctx = resp_ctx;
2986 return resp;
2987 }
2988
2989
2990 static void
wpas_dpp_gas_status_handler(void * ctx,struct wpabuf * resp,int ok)2991 wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok)
2992 {
2993 struct wpa_supplicant *wpa_s = ctx;
2994 struct dpp_authentication *auth = wpa_s->dpp_auth;
2995
2996 if (!auth) {
2997 wpabuf_free(resp);
2998 return;
2999 }
3000 if (auth->conf_resp != resp) {
3001 wpa_printf(MSG_DEBUG,
3002 "DPP: Ignore GAS status report (ok=%d) for unknown response",
3003 ok);
3004 wpabuf_free(resp);
3005 return;
3006 }
3007
3008 #ifdef CONFIG_DPP2
3009 if (auth->waiting_csr && ok) {
3010 wpa_printf(MSG_DEBUG, "DPP: Waiting for CSR");
3011 wpabuf_free(resp);
3012 return;
3013 }
3014 #endif /* CONFIG_DPP2 */
3015
3016 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)",
3017 ok);
3018 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
3019 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
3020 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
3021 #ifdef CONFIG_DPP2
3022 if (ok && auth->peer_version >= 2 &&
3023 auth->conf_resp_status == DPP_STATUS_OK &&
3024 !auth->waiting_conf_result) {
3025 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result");
3026 auth->waiting_conf_result = 1;
3027 auth->conf_resp = NULL;
3028 wpabuf_free(resp);
3029 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
3030 wpa_s, NULL);
3031 eloop_register_timeout(2, 0,
3032 wpas_dpp_config_result_wait_timeout,
3033 wpa_s, NULL);
3034 return;
3035 }
3036 #endif /* CONFIG_DPP2 */
3037 offchannel_send_action_done(wpa_s);
3038 wpas_dpp_listen_stop(wpa_s);
3039 if (ok)
3040 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
3041 else
3042 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
3043 dpp_auth_deinit(wpa_s->dpp_auth);
3044 wpa_s->dpp_auth = NULL;
3045 wpabuf_free(resp);
3046 }
3047
3048
wpas_dpp_configurator_sign(struct wpa_supplicant * wpa_s,const char * cmd)3049 int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd)
3050 {
3051 struct dpp_authentication *auth;
3052 int ret = -1;
3053 char *curve = NULL;
3054
3055 auth = dpp_alloc_auth(wpa_s->dpp, wpa_s);
3056 if (!auth)
3057 return -1;
3058
3059 curve = get_param(cmd, " curve=");
3060 wpas_dpp_set_testing_options(wpa_s, auth);
3061 if (dpp_set_configurator(auth, cmd) == 0 &&
3062 dpp_configurator_own_config(auth, curve, 0) == 0)
3063 ret = wpas_dpp_handle_config_obj(wpa_s, auth,
3064 &auth->conf_obj[0]);
3065 if (!ret)
3066 wpas_dpp_post_process_config(wpa_s, auth);
3067
3068 dpp_auth_deinit(auth);
3069 os_free(curve);
3070
3071 return ret;
3072 }
3073
3074
3075 static void
wpas_dpp_tx_introduction_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3076 wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s,
3077 unsigned int freq, const u8 *dst,
3078 const u8 *src, const u8 *bssid,
3079 const u8 *data, size_t data_len,
3080 enum offchannel_send_action_result result)
3081 {
3082 const char *res_txt;
3083
3084 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
3085 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
3086 "FAILED");
3087 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
3088 " result=%s (DPP Peer Discovery Request)",
3089 freq, MAC2STR(dst), res_txt);
3090 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
3091 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
3092 /* TODO: Time out wait for response more quickly in error cases? */
3093 }
3094
3095
wpas_dpp_check_connect(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_bss * bss)3096 int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3097 struct wpa_bss *bss)
3098 {
3099 struct os_time now;
3100 struct wpabuf *msg;
3101 unsigned int wait_time;
3102 const u8 *rsn;
3103 struct wpa_ie_data ied;
3104 size_t len;
3105
3106 if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss)
3107 return 0; /* Not using DPP AKM - continue */
3108 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3109 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
3110 !(ied.key_mgmt & WPA_KEY_MGMT_DPP))
3111 return 0; /* AP does not support DPP AKM - continue */
3112 if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid))
3113 return 0; /* PMKSA exists for DPP AKM - continue */
3114
3115 if (!ssid->dpp_connector || !ssid->dpp_netaccesskey ||
3116 !ssid->dpp_csign) {
3117 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
3118 "missing %s",
3119 !ssid->dpp_connector ? "Connector" :
3120 (!ssid->dpp_netaccesskey ? "netAccessKey" :
3121 "C-sign-key"));
3122 return -1;
3123 }
3124
3125 os_get_time(&now);
3126
3127 if (ssid->dpp_netaccesskey_expiry &&
3128 (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) {
3129 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
3130 "netAccessKey expired");
3131 return -1;
3132 }
3133
3134 wpa_printf(MSG_DEBUG,
3135 "DPP: Starting network introduction protocol to derive PMKSA for "
3136 MACSTR, MAC2STR(bss->bssid));
3137
3138 len = 5 + 4 + os_strlen(ssid->dpp_connector);
3139 #ifdef CONFIG_DPP2
3140 len += 5;
3141 #endif /* CONFIG_DPP2 */
3142 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, len);
3143 if (!msg)
3144 return -1;
3145
3146 #ifdef CONFIG_TESTING_OPTIONS
3147 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) {
3148 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID");
3149 goto skip_trans_id;
3150 }
3151 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) {
3152 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID");
3153 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3154 wpabuf_put_le16(msg, 0);
3155 goto skip_trans_id;
3156 }
3157 #endif /* CONFIG_TESTING_OPTIONS */
3158
3159 /* Transaction ID */
3160 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3161 wpabuf_put_le16(msg, 1);
3162 wpabuf_put_u8(msg, TRANSACTION_ID);
3163
3164 #ifdef CONFIG_TESTING_OPTIONS
3165 skip_trans_id:
3166 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) {
3167 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector");
3168 goto skip_connector;
3169 }
3170 if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) {
3171 char *connector;
3172
3173 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector");
3174 connector = dpp_corrupt_connector_signature(
3175 ssid->dpp_connector);
3176 if (!connector) {
3177 wpabuf_free(msg);
3178 return -1;
3179 }
3180 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
3181 wpabuf_put_le16(msg, os_strlen(connector));
3182 wpabuf_put_str(msg, connector);
3183 os_free(connector);
3184 goto skip_connector;
3185 }
3186 #endif /* CONFIG_TESTING_OPTIONS */
3187
3188 /* DPP Connector */
3189 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
3190 wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector));
3191 wpabuf_put_str(msg, ssid->dpp_connector);
3192
3193 #ifdef CONFIG_TESTING_OPTIONS
3194 skip_connector:
3195 #endif /* CONFIG_TESTING_OPTIONS */
3196
3197 #ifdef CONFIG_DPP2
3198 if (DPP_VERSION > 1) {
3199 /* Protocol Version */
3200 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
3201 wpabuf_put_le16(msg, 1);
3202 wpabuf_put_u8(msg, DPP_VERSION);
3203 }
3204 #endif /* CONFIG_DPP2 */
3205
3206 /* TODO: Timeout on AP response */
3207 wait_time = wpa_s->max_remain_on_chan;
3208 if (wait_time > 2000)
3209 wait_time = 2000;
3210 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3211 MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ);
3212 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr,
3213 broadcast,
3214 wpabuf_head(msg), wpabuf_len(msg),
3215 wait_time, wpas_dpp_tx_introduction_status, 0);
3216 wpabuf_free(msg);
3217
3218 /* Request this connection attempt to terminate - new one will be
3219 * started when network introduction protocol completes */
3220 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN);
3221 wpa_s->dpp_intro_network = ssid;
3222 return 1;
3223 }
3224
3225
wpas_dpp_pkex_add(struct wpa_supplicant * wpa_s,const char * cmd)3226 int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd)
3227 {
3228 struct dpp_bootstrap_info *own_bi;
3229 const char *pos, *end;
3230 unsigned int wait_time;
3231
3232 pos = os_strstr(cmd, " own=");
3233 if (!pos)
3234 return -1;
3235 pos += 5;
3236 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
3237 if (!own_bi) {
3238 wpa_printf(MSG_DEBUG,
3239 "DPP: Identified bootstrap info not found");
3240 return -1;
3241 }
3242 if (own_bi->type != DPP_BOOTSTRAP_PKEX) {
3243 wpa_printf(MSG_DEBUG,
3244 "DPP: Identified bootstrap info not for PKEX");
3245 return -1;
3246 }
3247 wpa_s->dpp_pkex_bi = own_bi;
3248 own_bi->pkex_t = 0; /* clear pending errors on new code */
3249
3250 os_free(wpa_s->dpp_pkex_identifier);
3251 wpa_s->dpp_pkex_identifier = NULL;
3252 pos = os_strstr(cmd, " identifier=");
3253 if (pos) {
3254 pos += 12;
3255 end = os_strchr(pos, ' ');
3256 if (!end)
3257 return -1;
3258 wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1);
3259 if (!wpa_s->dpp_pkex_identifier)
3260 return -1;
3261 os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos);
3262 wpa_s->dpp_pkex_identifier[end - pos] = '\0';
3263 }
3264
3265 pos = os_strstr(cmd, " code=");
3266 if (!pos)
3267 return -1;
3268 os_free(wpa_s->dpp_pkex_code);
3269 wpa_s->dpp_pkex_code = os_strdup(pos + 6);
3270 if (!wpa_s->dpp_pkex_code)
3271 return -1;
3272
3273 if (os_strstr(cmd, " init=1")) {
3274 struct dpp_pkex *pkex;
3275 struct wpabuf *msg;
3276
3277 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEX");
3278 dpp_pkex_free(wpa_s->dpp_pkex);
3279 wpa_s->dpp_pkex = dpp_pkex_init(wpa_s, own_bi, wpa_s->own_addr,
3280 wpa_s->dpp_pkex_identifier,
3281 wpa_s->dpp_pkex_code);
3282 pkex = wpa_s->dpp_pkex;
3283 if (!pkex)
3284 return -1;
3285
3286 msg = pkex->exchange_req;
3287 wait_time = wpa_s->max_remain_on_chan;
3288 if (wait_time > 2000)
3289 wait_time = 2000;
3290 pkex->freq = 2437;
3291 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
3292 " freq=%u type=%d",
3293 MAC2STR(broadcast), pkex->freq,
3294 DPP_PA_PKEX_EXCHANGE_REQ);
3295 offchannel_send_action(wpa_s, pkex->freq, broadcast,
3296 wpa_s->own_addr, broadcast,
3297 wpabuf_head(msg), wpabuf_len(msg),
3298 wait_time, wpas_dpp_tx_pkex_status, 0);
3299 if (wait_time == 0)
3300 wait_time = 2000;
3301 pkex->exch_req_wait_time = wait_time;
3302 pkex->exch_req_tries = 1;
3303 }
3304
3305 /* TODO: Support multiple PKEX info entries */
3306
3307 os_free(wpa_s->dpp_pkex_auth_cmd);
3308 wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd);
3309
3310 return 1;
3311 }
3312
3313
wpas_dpp_pkex_remove(struct wpa_supplicant * wpa_s,const char * id)3314 int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id)
3315 {
3316 unsigned int id_val;
3317
3318 if (os_strcmp(id, "*") == 0) {
3319 id_val = 0;
3320 } else {
3321 id_val = atoi(id);
3322 if (id_val == 0)
3323 return -1;
3324 }
3325
3326 if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code)
3327 return -1;
3328
3329 /* TODO: Support multiple PKEX entries */
3330 os_free(wpa_s->dpp_pkex_code);
3331 wpa_s->dpp_pkex_code = NULL;
3332 os_free(wpa_s->dpp_pkex_identifier);
3333 wpa_s->dpp_pkex_identifier = NULL;
3334 os_free(wpa_s->dpp_pkex_auth_cmd);
3335 wpa_s->dpp_pkex_auth_cmd = NULL;
3336 wpa_s->dpp_pkex_bi = NULL;
3337 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */
3338 dpp_pkex_free(wpa_s->dpp_pkex);
3339 wpa_s->dpp_pkex = NULL;
3340 return 0;
3341 }
3342
3343
wpas_dpp_stop(struct wpa_supplicant * wpa_s)3344 void wpas_dpp_stop(struct wpa_supplicant *wpa_s)
3345 {
3346 if (wpa_s->dpp_auth || wpa_s->dpp_pkex)
3347 offchannel_send_action_done(wpa_s);
3348 dpp_auth_deinit(wpa_s->dpp_auth);
3349 wpa_s->dpp_auth = NULL;
3350 dpp_pkex_free(wpa_s->dpp_pkex);
3351 wpa_s->dpp_pkex = NULL;
3352 if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0)
3353 gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token);
3354 }
3355
3356
wpas_dpp_init(struct wpa_supplicant * wpa_s)3357 int wpas_dpp_init(struct wpa_supplicant *wpa_s)
3358 {
3359 struct dpp_global_config config;
3360 u8 adv_proto_id[7];
3361
3362 adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC;
3363 adv_proto_id[1] = 5;
3364 WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA);
3365 adv_proto_id[5] = DPP_OUI_TYPE;
3366 adv_proto_id[6] = 0x01;
3367
3368 if (gas_server_register(wpa_s->gas_server, adv_proto_id,
3369 sizeof(adv_proto_id), wpas_dpp_gas_req_handler,
3370 wpas_dpp_gas_status_handler, wpa_s) < 0)
3371 return -1;
3372
3373 os_memset(&config, 0, sizeof(config));
3374 config.cb_ctx = wpa_s;
3375 #ifdef CONFIG_DPP2
3376 config.remove_bi = wpas_dpp_remove_bi;
3377 #endif /* CONFIG_DPP2 */
3378 wpa_s->dpp = dpp_global_init(&config);
3379 return wpa_s->dpp ? 0 : -1;
3380 }
3381
3382
wpas_dpp_deinit(struct wpa_supplicant * wpa_s)3383 void wpas_dpp_deinit(struct wpa_supplicant *wpa_s)
3384 {
3385 #ifdef CONFIG_TESTING_OPTIONS
3386 os_free(wpa_s->dpp_config_obj_override);
3387 wpa_s->dpp_config_obj_override = NULL;
3388 os_free(wpa_s->dpp_discovery_override);
3389 wpa_s->dpp_discovery_override = NULL;
3390 os_free(wpa_s->dpp_groups_override);
3391 wpa_s->dpp_groups_override = NULL;
3392 wpa_s->dpp_ignore_netaccesskey_mismatch = 0;
3393 #endif /* CONFIG_TESTING_OPTIONS */
3394 if (!wpa_s->dpp)
3395 return;
3396 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
3397 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
3398 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
3399 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
3400 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
3401 #ifdef CONFIG_DPP2
3402 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
3403 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
3404 wpa_s, NULL);
3405 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
3406 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
3407 wpa_s, NULL);
3408 eloop_cancel_timeout(wpas_dpp_build_csr, wpa_s, NULL);
3409 dpp_pfs_free(wpa_s->dpp_pfs);
3410 wpa_s->dpp_pfs = NULL;
3411 wpas_dpp_chirp_stop(wpa_s);
3412 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
3413 wpa_s->dpp_reconfig_id = NULL;
3414 #endif /* CONFIG_DPP2 */
3415 offchannel_send_action_done(wpa_s);
3416 wpas_dpp_listen_stop(wpa_s);
3417 wpas_dpp_stop(wpa_s);
3418 wpas_dpp_pkex_remove(wpa_s, "*");
3419 os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN);
3420 os_free(wpa_s->dpp_configurator_params);
3421 wpa_s->dpp_configurator_params = NULL;
3422 dpp_global_clear(wpa_s->dpp);
3423 }
3424
3425
3426 #ifdef CONFIG_DPP2
3427
wpas_dpp_controller_start(struct wpa_supplicant * wpa_s,const char * cmd)3428 int wpas_dpp_controller_start(struct wpa_supplicant *wpa_s, const char *cmd)
3429 {
3430 struct dpp_controller_config config;
3431 const char *pos;
3432
3433 os_memset(&config, 0, sizeof(config));
3434 config.allowed_roles = DPP_CAPAB_ENROLLEE | DPP_CAPAB_CONFIGURATOR;
3435 config.netrole = DPP_NETROLE_STA;
3436 config.msg_ctx = wpa_s;
3437 config.cb_ctx = wpa_s;
3438 config.process_conf_obj = wpas_dpp_process_conf_obj;
3439 if (cmd) {
3440 pos = os_strstr(cmd, " tcp_port=");
3441 if (pos) {
3442 pos += 10;
3443 config.tcp_port = atoi(pos);
3444 }
3445
3446 pos = os_strstr(cmd, " role=");
3447 if (pos) {
3448 pos += 6;
3449 if (os_strncmp(pos, "configurator", 12) == 0)
3450 config.allowed_roles = DPP_CAPAB_CONFIGURATOR;
3451 else if (os_strncmp(pos, "enrollee", 8) == 0)
3452 config.allowed_roles = DPP_CAPAB_ENROLLEE;
3453 else if (os_strncmp(pos, "either", 6) == 0)
3454 config.allowed_roles = DPP_CAPAB_CONFIGURATOR |
3455 DPP_CAPAB_ENROLLEE;
3456 else
3457 return -1;
3458 }
3459
3460 config.qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
3461 }
3462 config.configurator_params = wpa_s->dpp_configurator_params;
3463 return dpp_controller_start(wpa_s->dpp, &config);
3464 }
3465
3466
3467 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx);
3468
wpas_dpp_chirp_timeout(void * eloop_ctx,void * timeout_ctx)3469 static void wpas_dpp_chirp_timeout(void *eloop_ctx, void *timeout_ctx)
3470 {
3471 struct wpa_supplicant *wpa_s = eloop_ctx;
3472
3473 wpa_printf(MSG_DEBUG, "DPP: No chirp response received");
3474 offchannel_send_action_done(wpa_s);
3475 wpas_dpp_chirp_next(wpa_s, NULL);
3476 }
3477
3478
wpas_dpp_chirp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3479 static void wpas_dpp_chirp_tx_status(struct wpa_supplicant *wpa_s,
3480 unsigned int freq, const u8 *dst,
3481 const u8 *src, const u8 *bssid,
3482 const u8 *data, size_t data_len,
3483 enum offchannel_send_action_result result)
3484 {
3485 if (result == OFFCHANNEL_SEND_ACTION_FAILED) {
3486 wpa_printf(MSG_DEBUG, "DPP: Failed to send chirp on %d MHz",
3487 wpa_s->dpp_chirp_freq);
3488 if (eloop_register_timeout(0, 0, wpas_dpp_chirp_next,
3489 wpa_s, NULL) < 0)
3490 wpas_dpp_chirp_stop(wpa_s);
3491 return;
3492 }
3493
3494 wpa_printf(MSG_DEBUG, "DPP: Chirp send completed - wait for response");
3495 if (eloop_register_timeout(2, 0, wpas_dpp_chirp_timeout,
3496 wpa_s, NULL) < 0)
3497 wpas_dpp_chirp_stop(wpa_s);
3498 }
3499
3500
wpas_dpp_chirp_start(struct wpa_supplicant * wpa_s)3501 static void wpas_dpp_chirp_start(struct wpa_supplicant *wpa_s)
3502 {
3503 struct wpabuf *msg, *announce = NULL;
3504 int type;
3505
3506 msg = wpa_s->dpp_presence_announcement;
3507 type = DPP_PA_PRESENCE_ANNOUNCEMENT;
3508 if (!msg) {
3509 struct wpa_ssid *ssid = wpa_s->dpp_reconfig_ssid;
3510
3511 if (ssid && wpa_s->dpp_reconfig_id &&
3512 wpa_config_get_network(wpa_s->conf,
3513 wpa_s->dpp_reconfig_ssid_id) ==
3514 ssid) {
3515 announce = dpp_build_reconfig_announcement(
3516 ssid->dpp_csign,
3517 ssid->dpp_csign_len,
3518 ssid->dpp_netaccesskey,
3519 ssid->dpp_netaccesskey_len,
3520 wpa_s->dpp_reconfig_id);
3521 msg = announce;
3522 }
3523 if (!msg)
3524 return;
3525 type = DPP_PA_RECONFIG_ANNOUNCEMENT;
3526 }
3527 wpa_printf(MSG_DEBUG, "DPP: Chirp on %d MHz", wpa_s->dpp_chirp_freq);
3528 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3529 MAC2STR(broadcast), wpa_s->dpp_chirp_freq, type);
3530 if (offchannel_send_action(
3531 wpa_s, wpa_s->dpp_chirp_freq, broadcast,
3532 wpa_s->own_addr, broadcast,
3533 wpabuf_head(msg), wpabuf_len(msg),
3534 2000, wpas_dpp_chirp_tx_status, 0) < 0)
3535 wpas_dpp_chirp_stop(wpa_s);
3536
3537 wpabuf_free(announce);
3538 }
3539
3540
wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant * wpa_s,struct wpa_scan_results * scan_res)3541 static void wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant *wpa_s,
3542 struct wpa_scan_results *scan_res)
3543 {
3544 struct dpp_bootstrap_info *bi = wpa_s->dpp_chirp_bi;
3545 unsigned int i;
3546 struct hostapd_hw_modes *mode;
3547 int c;
3548 struct wpa_bss *bss;
3549 bool chan6 = wpa_s->hw.modes == NULL;
3550
3551 if (!bi && !wpa_s->dpp_reconfig_ssid)
3552 return;
3553
3554 wpa_s->dpp_chirp_scan_done = 1;
3555
3556 os_free(wpa_s->dpp_chirp_freqs);
3557 wpa_s->dpp_chirp_freqs = NULL;
3558
3559 /* Channels from own bootstrapping info */
3560 if (bi) {
3561 for (i = 0; i < bi->num_freq; i++)
3562 int_array_add_unique(&wpa_s->dpp_chirp_freqs,
3563 bi->freq[i]);
3564 }
3565
3566 /* Preferred chirping channels */
3567 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
3568 HOSTAPD_MODE_IEEE80211G, false);
3569 if (mode) {
3570 for (c = 0; c < mode->num_channels; c++) {
3571 struct hostapd_channel_data *chan = &mode->channels[c];
3572
3573 if ((chan->flag & HOSTAPD_CHAN_DISABLED) ||
3574 chan->freq != 2437)
3575 continue;
3576 chan6 = true;
3577 break;
3578 }
3579 }
3580 if (chan6)
3581 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 2437);
3582
3583 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
3584 HOSTAPD_MODE_IEEE80211A, false);
3585 if (mode) {
3586 int chan44 = 0, chan149 = 0;
3587
3588 for (c = 0; c < mode->num_channels; c++) {
3589 struct hostapd_channel_data *chan = &mode->channels[c];
3590
3591 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
3592 HOSTAPD_CHAN_RADAR))
3593 continue;
3594 if (chan->freq == 5220)
3595 chan44 = 1;
3596 if (chan->freq == 5745)
3597 chan149 = 1;
3598 }
3599 if (chan149)
3600 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5745);
3601 else if (chan44)
3602 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5220);
3603 }
3604
3605 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
3606 HOSTAPD_MODE_IEEE80211AD, false);
3607 if (mode) {
3608 for (c = 0; c < mode->num_channels; c++) {
3609 struct hostapd_channel_data *chan = &mode->channels[c];
3610
3611 if ((chan->flag & (HOSTAPD_CHAN_DISABLED |
3612 HOSTAPD_CHAN_RADAR)) ||
3613 chan->freq != 60480)
3614 continue;
3615 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 60480);
3616 break;
3617 }
3618 }
3619
3620 /* Add channels from scan results for APs that advertise Configurator
3621 * Connectivity element */
3622 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3623 if (wpa_bss_get_vendor_ie(bss, DPP_CC_IE_VENDOR_TYPE))
3624 int_array_add_unique(&wpa_s->dpp_chirp_freqs,
3625 bss->freq);
3626 }
3627
3628 if (!wpa_s->dpp_chirp_freqs ||
3629 eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL) < 0)
3630 wpas_dpp_chirp_stop(wpa_s);
3631 }
3632
3633
wpas_dpp_chirp_next(void * eloop_ctx,void * timeout_ctx)3634 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx)
3635 {
3636 struct wpa_supplicant *wpa_s = eloop_ctx;
3637 int i;
3638
3639 if (wpa_s->dpp_chirp_listen)
3640 wpas_dpp_listen_stop(wpa_s);
3641
3642 if (wpa_s->dpp_chirp_freq == 0) {
3643 if (wpa_s->dpp_chirp_round % 4 == 0 &&
3644 !wpa_s->dpp_chirp_scan_done) {
3645 if (wpas_scan_scheduled(wpa_s)) {
3646 wpa_printf(MSG_DEBUG,
3647 "DPP: Deferring chirp scan because another scan is planned already");
3648 if (eloop_register_timeout(1, 0,
3649 wpas_dpp_chirp_next,
3650 wpa_s, NULL) < 0) {
3651 wpas_dpp_chirp_stop(wpa_s);
3652 return;
3653 }
3654 return;
3655 }
3656 wpa_printf(MSG_DEBUG,
3657 "DPP: Update channel list for chirping");
3658 wpa_s->scan_req = MANUAL_SCAN_REQ;
3659 wpa_s->scan_res_handler =
3660 wpas_dpp_chirp_scan_res_handler;
3661 wpa_supplicant_req_scan(wpa_s, 0, 0);
3662 return;
3663 }
3664 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[0];
3665 wpa_s->dpp_chirp_round++;
3666 wpa_printf(MSG_DEBUG, "DPP: Start chirping round %d",
3667 wpa_s->dpp_chirp_round);
3668 } else {
3669 for (i = 0; wpa_s->dpp_chirp_freqs[i]; i++)
3670 if (wpa_s->dpp_chirp_freqs[i] == wpa_s->dpp_chirp_freq)
3671 break;
3672 if (!wpa_s->dpp_chirp_freqs[i]) {
3673 wpa_printf(MSG_DEBUG,
3674 "DPP: Previous chirp freq %d not found",
3675 wpa_s->dpp_chirp_freq);
3676 return;
3677 }
3678 i++;
3679 if (wpa_s->dpp_chirp_freqs[i]) {
3680 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[i];
3681 } else {
3682 wpa_s->dpp_chirp_iter--;
3683 if (wpa_s->dpp_chirp_iter <= 0) {
3684 wpa_printf(MSG_DEBUG,
3685 "DPP: Chirping iterations completed");
3686 wpas_dpp_chirp_stop(wpa_s);
3687 return;
3688 }
3689 wpa_s->dpp_chirp_freq = 0;
3690 wpa_s->dpp_chirp_scan_done = 0;
3691 if (eloop_register_timeout(30, 0, wpas_dpp_chirp_next,
3692 wpa_s, NULL) < 0) {
3693 wpas_dpp_chirp_stop(wpa_s);
3694 return;
3695 }
3696 if (wpa_s->dpp_chirp_listen) {
3697 wpa_printf(MSG_DEBUG,
3698 "DPP: Listen on %d MHz during chirp 30 second wait",
3699 wpa_s->dpp_chirp_listen);
3700 wpas_dpp_listen_start(wpa_s,
3701 wpa_s->dpp_chirp_listen);
3702 } else {
3703 wpa_printf(MSG_DEBUG,
3704 "DPP: Wait 30 seconds before starting the next chirping round");
3705 }
3706 return;
3707 }
3708 }
3709
3710 wpas_dpp_chirp_start(wpa_s);
3711 }
3712
3713
wpas_dpp_chirp(struct wpa_supplicant * wpa_s,const char * cmd)3714 int wpas_dpp_chirp(struct wpa_supplicant *wpa_s, const char *cmd)
3715 {
3716 const char *pos;
3717 int iter = 1, listen_freq = 0;
3718 struct dpp_bootstrap_info *bi;
3719
3720 pos = os_strstr(cmd, " own=");
3721 if (!pos)
3722 return -1;
3723 pos += 5;
3724 bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
3725 if (!bi) {
3726 wpa_printf(MSG_DEBUG,
3727 "DPP: Identified bootstrap info not found");
3728 return -1;
3729 }
3730
3731 pos = os_strstr(cmd, " iter=");
3732 if (pos) {
3733 iter = atoi(pos + 6);
3734 if (iter <= 0)
3735 return -1;
3736 }
3737
3738 pos = os_strstr(cmd, " listen=");
3739 if (pos) {
3740 listen_freq = atoi(pos + 8);
3741 if (listen_freq <= 0)
3742 return -1;
3743 }
3744
3745 wpas_dpp_chirp_stop(wpa_s);
3746 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
3747 wpa_s->dpp_qr_mutual = 0;
3748 wpa_s->dpp_chirp_bi = bi;
3749 wpa_s->dpp_presence_announcement = dpp_build_presence_announcement(bi);
3750 if (!wpa_s->dpp_presence_announcement)
3751 return -1;
3752 wpa_s->dpp_chirp_iter = iter;
3753 wpa_s->dpp_chirp_round = 0;
3754 wpa_s->dpp_chirp_scan_done = 0;
3755 wpa_s->dpp_chirp_listen = listen_freq;
3756
3757 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
3758 }
3759
3760
wpas_dpp_chirp_stop(struct wpa_supplicant * wpa_s)3761 void wpas_dpp_chirp_stop(struct wpa_supplicant *wpa_s)
3762 {
3763 if (wpa_s->dpp_presence_announcement ||
3764 wpa_s->dpp_reconfig_ssid) {
3765 offchannel_send_action_done(wpa_s);
3766 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CHIRP_STOPPED);
3767 }
3768 wpa_s->dpp_chirp_bi = NULL;
3769 wpabuf_free(wpa_s->dpp_presence_announcement);
3770 wpa_s->dpp_presence_announcement = NULL;
3771 if (wpa_s->dpp_chirp_listen)
3772 wpas_dpp_listen_stop(wpa_s);
3773 wpa_s->dpp_chirp_listen = 0;
3774 wpa_s->dpp_chirp_freq = 0;
3775 os_free(wpa_s->dpp_chirp_freqs);
3776 wpa_s->dpp_chirp_freqs = NULL;
3777 eloop_cancel_timeout(wpas_dpp_chirp_next, wpa_s, NULL);
3778 eloop_cancel_timeout(wpas_dpp_chirp_timeout, wpa_s, NULL);
3779 if (wpa_s->scan_res_handler == wpas_dpp_chirp_scan_res_handler) {
3780 wpas_abort_ongoing_scan(wpa_s);
3781 wpa_s->scan_res_handler = NULL;
3782 }
3783 }
3784
3785
wpas_dpp_reconfig(struct wpa_supplicant * wpa_s,const char * cmd)3786 int wpas_dpp_reconfig(struct wpa_supplicant *wpa_s, const char *cmd)
3787 {
3788 struct wpa_ssid *ssid;
3789 int iter = 1;
3790 const char *pos;
3791
3792 ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd));
3793 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
3794 !ssid->dpp_csign) {
3795 wpa_printf(MSG_DEBUG,
3796 "DPP: Not a valid network profile for reconfiguration");
3797 return -1;
3798 }
3799
3800 pos = os_strstr(cmd, " iter=");
3801 if (pos) {
3802 iter = atoi(pos + 6);
3803 if (iter <= 0)
3804 return -1;
3805 }
3806
3807 if (wpa_s->dpp_auth) {
3808 wpa_printf(MSG_DEBUG,
3809 "DPP: Not ready to start reconfiguration - pending authentication exchange in progress");
3810 return -1;
3811 }
3812
3813 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
3814 wpa_s->dpp_reconfig_id = dpp_gen_reconfig_id(ssid->dpp_csign,
3815 ssid->dpp_csign_len,
3816 ssid->dpp_pp_key,
3817 ssid->dpp_pp_key_len);
3818 if (!wpa_s->dpp_reconfig_id) {
3819 wpa_printf(MSG_DEBUG,
3820 "DPP: Failed to generate E-id for reconfiguration");
3821 return -1;
3822 }
3823 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) {
3824 wpa_printf(MSG_DEBUG, "DPP: Disconnect for reconfiguration");
3825 wpa_s->own_disconnect_req = 1;
3826 wpa_supplicant_deauthenticate(
3827 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3828 }
3829 wpas_dpp_chirp_stop(wpa_s);
3830 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
3831 wpa_s->dpp_qr_mutual = 0;
3832 wpa_s->dpp_reconfig_ssid = ssid;
3833 wpa_s->dpp_reconfig_ssid_id = ssid->id;
3834 wpa_s->dpp_chirp_iter = iter;
3835 wpa_s->dpp_chirp_round = 0;
3836 wpa_s->dpp_chirp_scan_done = 0;
3837 wpa_s->dpp_chirp_listen = 0;
3838
3839 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
3840 }
3841
3842
wpas_dpp_build_conf_resp(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,bool tcp)3843 static int wpas_dpp_build_conf_resp(struct wpa_supplicant *wpa_s,
3844 struct dpp_authentication *auth, bool tcp)
3845 {
3846 struct wpabuf *resp;
3847
3848 resp = dpp_build_conf_resp(auth, auth->e_nonce, auth->curve->nonce_len,
3849 auth->e_netrole, true);
3850 if (!resp)
3851 return -1;
3852
3853 if (tcp) {
3854 auth->conf_resp_tcp = resp;
3855 return 0;
3856 }
3857
3858 if (gas_server_set_resp(wpa_s->gas_server, auth->cert_resp_ctx,
3859 resp) < 0) {
3860 wpa_printf(MSG_DEBUG,
3861 "DPP: Could not find pending GAS response");
3862 wpabuf_free(resp);
3863 return -1;
3864 }
3865 auth->conf_resp = resp;
3866 return 0;
3867 }
3868
3869
wpas_dpp_ca_set(struct wpa_supplicant * wpa_s,const char * cmd)3870 int wpas_dpp_ca_set(struct wpa_supplicant *wpa_s, const char *cmd)
3871 {
3872 int peer = -1;
3873 const char *pos, *value;
3874 struct dpp_authentication *auth = wpa_s->dpp_auth;
3875 u8 *bin;
3876 size_t bin_len;
3877 struct wpabuf *buf;
3878 bool tcp = false;
3879
3880 pos = os_strstr(cmd, " peer=");
3881 if (pos) {
3882 peer = atoi(pos + 6);
3883 if (!auth || !auth->waiting_cert ||
3884 (auth->peer_bi &&
3885 (unsigned int) peer != auth->peer_bi->id)) {
3886 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
3887 tcp = true;
3888 }
3889 }
3890
3891 if (!auth || !auth->waiting_cert) {
3892 wpa_printf(MSG_DEBUG,
3893 "DPP: No authentication exchange waiting for certificate information");
3894 return -1;
3895 }
3896
3897 if (peer >= 0 &&
3898 (!auth->peer_bi ||
3899 (unsigned int) peer != auth->peer_bi->id) &&
3900 (!auth->tmp_peer_bi ||
3901 (unsigned int) peer != auth->tmp_peer_bi->id)) {
3902 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
3903 return -1;
3904 }
3905
3906 pos = os_strstr(cmd, " value=");
3907 if (!pos)
3908 return -1;
3909 value = pos + 7;
3910
3911 pos = os_strstr(cmd, " name=");
3912 if (!pos)
3913 return -1;
3914 pos += 6;
3915
3916 if (os_strncmp(pos, "status ", 7) == 0) {
3917 auth->force_conf_resp_status = atoi(value);
3918 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
3919 }
3920
3921 if (os_strncmp(pos, "trustedEapServerName ", 21) == 0) {
3922 os_free(auth->trusted_eap_server_name);
3923 auth->trusted_eap_server_name = os_strdup(value);
3924 return auth->trusted_eap_server_name ? 0 : -1;
3925 }
3926
3927 bin = base64_decode(value, os_strlen(value), &bin_len);
3928 if (!bin)
3929 return -1;
3930 buf = wpabuf_alloc_copy(bin, bin_len);
3931 os_free(bin);
3932
3933 if (os_strncmp(pos, "caCert ", 7) == 0) {
3934 wpabuf_free(auth->cacert);
3935 auth->cacert = buf;
3936 return 0;
3937 }
3938
3939 if (os_strncmp(pos, "certBag ", 8) == 0) {
3940 wpabuf_free(auth->certbag);
3941 auth->certbag = buf;
3942 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
3943 }
3944
3945 wpabuf_free(buf);
3946 return -1;
3947 }
3948
3949 #endif /* CONFIG_DPP2 */
3950