1 /*
2 * wpa_supplicant - DPP
3 * Copyright (c) 2017, Qualcomm Atheros, Inc.
4 * Copyright (c) 2018-2020, The Linux Foundation
5 * Copyright (c) 2021-2022, Qualcomm Innovation Center, Inc.
6 *
7 * This software may be distributed under the terms of the BSD license.
8 * See README for more details.
9 */
10
11 #include "utils/includes.h"
12
13 #include "utils/common.h"
14 #include "utils/eloop.h"
15 #include "utils/ip_addr.h"
16 #include "utils/base64.h"
17 #include "common/dpp.h"
18 #include "common/gas.h"
19 #include "common/gas_server.h"
20 #include "rsn_supp/wpa.h"
21 #include "rsn_supp/pmksa_cache.h"
22 #include "wpa_supplicant_i.h"
23 #include "config.h"
24 #include "driver_i.h"
25 #include "offchannel.h"
26 #include "gas_query.h"
27 #include "bss.h"
28 #include "scan.h"
29 #include "notify.h"
30 #include "dpp_supplicant.h"
31
32
33 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
34 unsigned int freq);
35 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx);
36 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx);
37 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator);
38 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
39 unsigned int freq, const u8 *dst,
40 const u8 *src, const u8 *bssid,
41 const u8 *data, size_t data_len,
42 enum offchannel_send_action_result result);
43 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx);
44 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s);
45 static void
46 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
47 unsigned int freq, const u8 *dst,
48 const u8 *src, const u8 *bssid,
49 const u8 *data, size_t data_len,
50 enum offchannel_send_action_result result);
51 static void wpas_dpp_gas_client_timeout(void *eloop_ctx, void *timeout_ctx);
52 #ifdef CONFIG_DPP2
53 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
54 void *timeout_ctx);
55 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s);
56 static int wpas_dpp_process_conf_obj(void *ctx,
57 struct dpp_authentication *auth);
58 static bool wpas_dpp_tcp_msg_sent(void *ctx, struct dpp_authentication *auth);
59 #endif /* CONFIG_DPP2 */
60
61 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
62
63 /* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only
64 * a single transaction in progress at any point in time. */
65 static const u8 TRANSACTION_ID = 1;
66
67
68 /**
69 * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code
70 * @wpa_s: Pointer to wpa_supplicant data
71 * @cmd: DPP URI read from a QR Code
72 * Returns: Identifier of the stored info or -1 on failure
73 */
wpas_dpp_qr_code(struct wpa_supplicant * wpa_s,const char * cmd)74 int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd)
75 {
76 struct dpp_bootstrap_info *bi;
77 struct dpp_authentication *auth = wpa_s->dpp_auth;
78
79 bi = dpp_add_qr_code(wpa_s->dpp, cmd);
80 if (!bi)
81 return -1;
82
83 if (auth && auth->response_pending &&
84 dpp_notify_new_qr_code(auth, bi) == 1) {
85 wpa_printf(MSG_DEBUG,
86 "DPP: Sending out pending authentication response");
87 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
88 " freq=%u type=%d",
89 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
90 DPP_PA_AUTHENTICATION_RESP);
91 offchannel_send_action(wpa_s, auth->curr_freq,
92 auth->peer_mac_addr, wpa_s->own_addr,
93 broadcast,
94 wpabuf_head(auth->resp_msg),
95 wpabuf_len(auth->resp_msg),
96 500, wpas_dpp_tx_status, 0);
97 }
98
99 #ifdef CONFIG_DPP2
100 dpp_controller_new_qr_code(wpa_s->dpp, bi);
101 #endif /* CONFIG_DPP2 */
102
103 return bi->id;
104 }
105
106
107 /**
108 * wpas_dpp_nfc_uri - Parse and add DPP bootstrapping info from NFC Tag (URI)
109 * @wpa_s: Pointer to wpa_supplicant data
110 * @cmd: DPP URI read from a NFC Tag (URI NDEF message)
111 * Returns: Identifier of the stored info or -1 on failure
112 */
wpas_dpp_nfc_uri(struct wpa_supplicant * wpa_s,const char * cmd)113 int wpas_dpp_nfc_uri(struct wpa_supplicant *wpa_s, const char *cmd)
114 {
115 struct dpp_bootstrap_info *bi;
116
117 bi = dpp_add_nfc_uri(wpa_s->dpp, cmd);
118 if (!bi)
119 return -1;
120
121 return bi->id;
122 }
123
124
wpas_dpp_nfc_handover_req(struct wpa_supplicant * wpa_s,const char * cmd)125 int wpas_dpp_nfc_handover_req(struct wpa_supplicant *wpa_s, const char *cmd)
126 {
127 const char *pos;
128 struct dpp_bootstrap_info *peer_bi, *own_bi;
129
130 pos = os_strstr(cmd, " own=");
131 if (!pos)
132 return -1;
133 pos += 5;
134 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
135 if (!own_bi)
136 return -1;
137 own_bi->nfc_negotiated = 1;
138
139 pos = os_strstr(cmd, " uri=");
140 if (!pos)
141 return -1;
142 pos += 5;
143 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
144 if (!peer_bi) {
145 wpa_printf(MSG_INFO,
146 "DPP: Failed to parse URI from NFC Handover Request");
147 return -1;
148 }
149
150 if (dpp_nfc_update_bi(own_bi, peer_bi) < 0)
151 return -1;
152
153 return peer_bi->id;
154 }
155
156
wpas_dpp_nfc_handover_sel(struct wpa_supplicant * wpa_s,const char * cmd)157 int wpas_dpp_nfc_handover_sel(struct wpa_supplicant *wpa_s, const char *cmd)
158 {
159 const char *pos;
160 struct dpp_bootstrap_info *peer_bi, *own_bi;
161
162 pos = os_strstr(cmd, " own=");
163 if (!pos)
164 return -1;
165 pos += 5;
166 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
167 if (!own_bi)
168 return -1;
169 own_bi->nfc_negotiated = 1;
170
171 pos = os_strstr(cmd, " uri=");
172 if (!pos)
173 return -1;
174 pos += 5;
175 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
176 if (!peer_bi) {
177 wpa_printf(MSG_INFO,
178 "DPP: Failed to parse URI from NFC Handover Select");
179 return -1;
180 }
181
182 if (peer_bi->curve != own_bi->curve) {
183 wpa_printf(MSG_INFO,
184 "DPP: Peer (NFC Handover Selector) used different curve");
185 return -1;
186 }
187
188 return peer_bi->id;
189 }
190
191
wpas_dpp_auth_resp_retry_timeout(void * eloop_ctx,void * timeout_ctx)192 static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx)
193 {
194 struct wpa_supplicant *wpa_s = eloop_ctx;
195 struct dpp_authentication *auth = wpa_s->dpp_auth;
196
197 if (!auth || !auth->resp_msg)
198 return;
199
200 wpa_printf(MSG_DEBUG,
201 "DPP: Retry Authentication Response after timeout");
202 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
203 " freq=%u type=%d",
204 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
205 DPP_PA_AUTHENTICATION_RESP);
206 offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr,
207 wpa_s->own_addr, broadcast,
208 wpabuf_head(auth->resp_msg),
209 wpabuf_len(auth->resp_msg),
210 500, wpas_dpp_tx_status, 0);
211 }
212
213
wpas_dpp_auth_resp_retry(struct wpa_supplicant * wpa_s)214 static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s)
215 {
216 struct dpp_authentication *auth = wpa_s->dpp_auth;
217 unsigned int wait_time, max_tries;
218
219 if (!auth || !auth->resp_msg)
220 return;
221
222 if (wpa_s->dpp_resp_max_tries)
223 max_tries = wpa_s->dpp_resp_max_tries;
224 else
225 max_tries = 5;
226 auth->auth_resp_tries++;
227 if (auth->auth_resp_tries >= max_tries) {
228 wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange");
229 offchannel_send_action_done(wpa_s);
230 dpp_auth_deinit(wpa_s->dpp_auth);
231 wpa_s->dpp_auth = NULL;
232 return;
233 }
234
235 if (wpa_s->dpp_resp_retry_time)
236 wait_time = wpa_s->dpp_resp_retry_time;
237 else
238 wait_time = 1000;
239 wpa_printf(MSG_DEBUG,
240 "DPP: Schedule retransmission of Authentication Response frame in %u ms",
241 wait_time);
242 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
243 eloop_register_timeout(wait_time / 1000,
244 (wait_time % 1000) * 1000,
245 wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
246 }
247
248
wpas_dpp_try_to_connect(struct wpa_supplicant * wpa_s)249 static void wpas_dpp_try_to_connect(struct wpa_supplicant *wpa_s)
250 {
251 wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network");
252 wpa_s->suitable_network = 0;
253 wpa_s->no_suitable_network = 0;
254 wpa_s->disconnected = 0;
255 wpa_s->reassociate = 1;
256 wpa_s->scan_runs = 0;
257 wpa_s->normal_scans = 0;
258 wpa_supplicant_cancel_sched_scan(wpa_s);
259 wpa_supplicant_req_scan(wpa_s, 0, 0);
260 }
261
262
263 #ifdef CONFIG_DPP2
264
wpas_dpp_stop_listen_for_tx(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait_time)265 static void wpas_dpp_stop_listen_for_tx(struct wpa_supplicant *wpa_s,
266 unsigned int freq,
267 unsigned int wait_time)
268 {
269 struct os_reltime now, res;
270 unsigned int remaining;
271
272 if (!wpa_s->dpp_listen_freq)
273 return;
274
275 os_get_reltime(&now);
276 if (os_reltime_before(&now, &wpa_s->dpp_listen_end)) {
277 os_reltime_sub(&wpa_s->dpp_listen_end, &now, &res);
278 remaining = res.sec * 1000 + res.usec / 1000;
279 } else {
280 remaining = 0;
281 }
282 if (wpa_s->dpp_listen_freq == freq && remaining > wait_time)
283 return;
284
285 wpa_printf(MSG_DEBUG,
286 "DPP: Stop listen on %u MHz ending in %u ms to allow immediate TX on %u MHz for %u ms",
287 wpa_s->dpp_listen_freq, remaining, freq, wait_time);
288 wpas_dpp_listen_stop(wpa_s);
289
290 /* TODO: Restart listen in some cases after TX? */
291 }
292
293
wpas_dpp_conn_status_result_timeout(void * eloop_ctx,void * timeout_ctx)294 static void wpas_dpp_conn_status_result_timeout(void *eloop_ctx,
295 void *timeout_ctx)
296 {
297 struct wpa_supplicant *wpa_s = eloop_ctx;
298 struct dpp_authentication *auth = wpa_s->dpp_auth;
299 enum dpp_status_error result;
300
301 if ((!auth || !auth->conn_status_requested) &&
302 !dpp_tcp_conn_status_requested(wpa_s->dpp))
303 return;
304
305 wpa_printf(MSG_DEBUG,
306 "DPP: Connection timeout - report Connection Status Result");
307 if (wpa_s->suitable_network)
308 result = DPP_STATUS_AUTH_FAILURE;
309 else if (wpa_s->no_suitable_network)
310 result = DPP_STATUS_NO_AP;
311 else
312 result = 255; /* What to report here for unexpected state? */
313 if (wpa_s->wpa_state == WPA_SCANNING)
314 wpas_abort_ongoing_scan(wpa_s);
315 wpas_dpp_send_conn_status_result(wpa_s, result);
316 }
317
318
wpas_dpp_scan_channel_list(struct wpa_supplicant * wpa_s)319 static char * wpas_dpp_scan_channel_list(struct wpa_supplicant *wpa_s)
320 {
321 char *str, *end, *pos;
322 size_t len;
323 unsigned int i;
324 u8 last_op_class = 0;
325 int res;
326
327 if (!wpa_s->last_scan_freqs || !wpa_s->num_last_scan_freqs)
328 return NULL;
329
330 len = wpa_s->num_last_scan_freqs * 8;
331 str = os_zalloc(len);
332 if (!str)
333 return NULL;
334 end = str + len;
335 pos = str;
336
337 for (i = 0; i < wpa_s->num_last_scan_freqs; i++) {
338 enum hostapd_hw_mode mode;
339 u8 op_class, channel;
340
341 mode = ieee80211_freq_to_channel_ext(wpa_s->last_scan_freqs[i],
342 0, 0, &op_class, &channel);
343 if (mode == NUM_HOSTAPD_MODES)
344 continue;
345 if (op_class == last_op_class)
346 res = os_snprintf(pos, end - pos, ",%d", channel);
347 else
348 res = os_snprintf(pos, end - pos, "%s%d/%d",
349 pos == str ? "" : ",",
350 op_class, channel);
351 if (os_snprintf_error(end - pos, res)) {
352 *pos = '\0';
353 break;
354 }
355 pos += res;
356 last_op_class = op_class;
357 }
358
359 if (pos == str) {
360 os_free(str);
361 str = NULL;
362 }
363 return str;
364 }
365
366
wpas_dpp_send_conn_status_result(struct wpa_supplicant * wpa_s,enum dpp_status_error result)367 void wpas_dpp_send_conn_status_result(struct wpa_supplicant *wpa_s,
368 enum dpp_status_error result)
369 {
370 struct wpabuf *msg;
371 const char *channel_list = NULL;
372 char *channel_list_buf = NULL;
373 struct wpa_ssid *ssid = wpa_s->current_ssid;
374 struct dpp_authentication *auth = wpa_s->dpp_auth;
375
376 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
377
378 if ((!auth || !auth->conn_status_requested) &&
379 !dpp_tcp_conn_status_requested(wpa_s->dpp))
380 return;
381
382 wpa_printf(MSG_DEBUG, "DPP: Report connection status result %d",
383 result);
384
385 if (result == DPP_STATUS_NO_AP) {
386 channel_list_buf = wpas_dpp_scan_channel_list(wpa_s);
387 channel_list = channel_list_buf;
388 }
389
390 if (!auth || !auth->conn_status_requested) {
391 dpp_tcp_send_conn_status(wpa_s->dpp, result,
392 ssid ? ssid->ssid :
393 wpa_s->dpp_last_ssid,
394 ssid ? ssid->ssid_len :
395 wpa_s->dpp_last_ssid_len,
396 channel_list);
397 os_free(channel_list_buf);
398 return;
399 }
400
401 auth->conn_status_requested = 0;
402
403 msg = dpp_build_conn_status_result(auth, result,
404 ssid ? ssid->ssid :
405 wpa_s->dpp_last_ssid,
406 ssid ? ssid->ssid_len :
407 wpa_s->dpp_last_ssid_len,
408 channel_list);
409 os_free(channel_list_buf);
410 if (!msg) {
411 dpp_auth_deinit(wpa_s->dpp_auth);
412 wpa_s->dpp_auth = NULL;
413 return;
414 }
415
416 wpa_msg(wpa_s, MSG_INFO,
417 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
418 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
419 DPP_PA_CONNECTION_STATUS_RESULT);
420 offchannel_send_action(wpa_s, auth->curr_freq,
421 auth->peer_mac_addr, wpa_s->own_addr, broadcast,
422 wpabuf_head(msg), wpabuf_len(msg),
423 500, wpas_dpp_tx_status, 0);
424 wpabuf_free(msg);
425
426 /* This exchange will be terminated in the TX status handler */
427 auth->remove_on_tx_status = 1;
428
429 return;
430 }
431
432
wpas_dpp_connected(struct wpa_supplicant * wpa_s)433 void wpas_dpp_connected(struct wpa_supplicant *wpa_s)
434 {
435 struct dpp_authentication *auth = wpa_s->dpp_auth;
436
437 if ((auth && auth->conn_status_requested) ||
438 dpp_tcp_conn_status_requested(wpa_s->dpp))
439 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_OK);
440 }
441
442 #endif /* CONFIG_DPP2 */
443
444
wpas_dpp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)445 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
446 unsigned int freq, const u8 *dst,
447 const u8 *src, const u8 *bssid,
448 const u8 *data, size_t data_len,
449 enum offchannel_send_action_result result)
450 {
451 const char *res_txt;
452 struct dpp_authentication *auth = wpa_s->dpp_auth;
453
454 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
455 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
456 "FAILED");
457 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
458 " result=%s", freq, MAC2STR(dst), res_txt);
459 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
460 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
461
462 if (!wpa_s->dpp_auth) {
463 wpa_printf(MSG_DEBUG,
464 "DPP: Ignore TX status since there is no ongoing authentication exchange");
465 return;
466 }
467
468 #ifdef CONFIG_DPP2
469 if (auth->connect_on_tx_status) {
470 auth->connect_on_tx_status = 0;
471 wpa_printf(MSG_DEBUG,
472 "DPP: Try to connect after completed configuration result");
473 wpas_dpp_try_to_connect(wpa_s);
474 if (auth->conn_status_requested) {
475 wpa_printf(MSG_DEBUG,
476 "DPP: Start 15 second timeout for reporting connection status result");
477 eloop_cancel_timeout(
478 wpas_dpp_conn_status_result_timeout,
479 wpa_s, NULL);
480 eloop_register_timeout(
481 15, 0, wpas_dpp_conn_status_result_timeout,
482 wpa_s, NULL);
483 } else {
484 dpp_auth_deinit(wpa_s->dpp_auth);
485 wpa_s->dpp_auth = NULL;
486 }
487 return;
488 }
489 #endif /* CONFIG_DPP2 */
490
491 if (wpa_s->dpp_auth->remove_on_tx_status) {
492 wpa_printf(MSG_DEBUG,
493 "DPP: Terminate authentication exchange due to a request to do so on TX status");
494 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
495 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
496 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
497 NULL);
498 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
499 NULL);
500 #ifdef CONFIG_DPP2
501 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
502 wpa_s, NULL);
503 #endif /* CONFIG_DPP2 */
504 offchannel_send_action_done(wpa_s);
505 dpp_auth_deinit(wpa_s->dpp_auth);
506 wpa_s->dpp_auth = NULL;
507 return;
508 }
509
510 if (wpa_s->dpp_auth_ok_on_ack)
511 wpas_dpp_auth_success(wpa_s, 1);
512
513 if (!is_broadcast_ether_addr(dst) &&
514 result != OFFCHANNEL_SEND_ACTION_SUCCESS) {
515 wpa_printf(MSG_DEBUG,
516 "DPP: Unicast DPP Action frame was not ACKed");
517 if (auth->waiting_auth_resp) {
518 /* In case of DPP Authentication Request frame, move to
519 * the next channel immediately. */
520 offchannel_send_action_done(wpa_s);
521 wpas_dpp_auth_init_next(wpa_s);
522 return;
523 }
524 if (auth->waiting_auth_conf) {
525 wpas_dpp_auth_resp_retry(wpa_s);
526 return;
527 }
528 }
529
530 if (auth->waiting_auth_conf &&
531 auth->auth_resp_status == DPP_STATUS_OK) {
532 /* Make sure we do not get stuck waiting for Auth Confirm
533 * indefinitely after successfully transmitted Auth Response to
534 * allow new authentication exchanges to be started. */
535 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
536 NULL);
537 eloop_register_timeout(1, 0, wpas_dpp_auth_conf_wait_timeout,
538 wpa_s, NULL);
539 }
540
541 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp &&
542 result == OFFCHANNEL_SEND_ACTION_SUCCESS) {
543 /* Allow timeout handling to stop iteration if no response is
544 * received from a peer that has ACKed a request. */
545 auth->auth_req_ack = 1;
546 }
547
548 if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 &&
549 wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) {
550 wpa_printf(MSG_DEBUG,
551 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response",
552 wpa_s->dpp_auth->curr_freq,
553 wpa_s->dpp_auth->neg_freq);
554 offchannel_send_action_done(wpa_s);
555 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_auth->neg_freq);
556 }
557
558 if (wpa_s->dpp_auth_ok_on_ack)
559 wpa_s->dpp_auth_ok_on_ack = 0;
560 }
561
562
wpas_dpp_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)563 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx)
564 {
565 struct wpa_supplicant *wpa_s = eloop_ctx;
566 struct dpp_authentication *auth = wpa_s->dpp_auth;
567 unsigned int freq;
568 struct os_reltime now, diff;
569 unsigned int wait_time, diff_ms;
570
571 if (!auth || !auth->waiting_auth_resp)
572 return;
573
574 wait_time = wpa_s->dpp_resp_wait_time ?
575 wpa_s->dpp_resp_wait_time : 2000;
576 os_get_reltime(&now);
577 os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff);
578 diff_ms = diff.sec * 1000 + diff.usec / 1000;
579 wpa_printf(MSG_DEBUG,
580 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u",
581 wait_time, diff_ms);
582
583 if (auth->auth_req_ack && diff_ms >= wait_time) {
584 /* Peer ACK'ed Authentication Request frame, but did not reply
585 * with Authentication Response frame within two seconds. */
586 wpa_printf(MSG_INFO,
587 "DPP: No response received from responder - stopping initiation attempt");
588 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
589 offchannel_send_action_done(wpa_s);
590 wpas_dpp_listen_stop(wpa_s);
591 dpp_auth_deinit(auth);
592 wpa_s->dpp_auth = NULL;
593 return;
594 }
595
596 if (diff_ms >= wait_time) {
597 /* Authentication Request frame was not ACK'ed and no reply
598 * was receiving within two seconds. */
599 wpa_printf(MSG_DEBUG,
600 "DPP: Continue Initiator channel iteration");
601 offchannel_send_action_done(wpa_s);
602 wpas_dpp_listen_stop(wpa_s);
603 wpas_dpp_auth_init_next(wpa_s);
604 return;
605 }
606
607 /* Driver did not support 2000 ms long wait_time with TX command, so
608 * schedule listen operation to continue waiting for the response.
609 *
610 * DPP listen operations continue until stopped, so simply schedule a
611 * new call to this function at the point when the two second reply
612 * wait has expired. */
613 wait_time -= diff_ms;
614
615 freq = auth->curr_freq;
616 if (auth->neg_freq > 0)
617 freq = auth->neg_freq;
618 wpa_printf(MSG_DEBUG,
619 "DPP: Continue reply wait on channel %u MHz for %u ms",
620 freq, wait_time);
621 wpa_s->dpp_in_response_listen = 1;
622 wpas_dpp_listen_start(wpa_s, freq);
623
624 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
625 wpas_dpp_reply_wait_timeout, wpa_s, NULL);
626 }
627
628
wpas_dpp_auth_conf_wait_timeout(void * eloop_ctx,void * timeout_ctx)629 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx)
630 {
631 struct wpa_supplicant *wpa_s = eloop_ctx;
632 struct dpp_authentication *auth = wpa_s->dpp_auth;
633
634 if (!auth || !auth->waiting_auth_conf)
635 return;
636
637 wpa_printf(MSG_DEBUG,
638 "DPP: Terminate authentication exchange due to Auth Confirm timeout");
639 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL "No Auth Confirm received");
640 offchannel_send_action_done(wpa_s);
641 dpp_auth_deinit(auth);
642 wpa_s->dpp_auth = NULL;
643 }
644
645
wpas_dpp_set_testing_options(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)646 static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s,
647 struct dpp_authentication *auth)
648 {
649 #ifdef CONFIG_TESTING_OPTIONS
650 if (wpa_s->dpp_config_obj_override)
651 auth->config_obj_override =
652 os_strdup(wpa_s->dpp_config_obj_override);
653 if (wpa_s->dpp_discovery_override)
654 auth->discovery_override =
655 os_strdup(wpa_s->dpp_discovery_override);
656 if (wpa_s->dpp_groups_override)
657 auth->groups_override =
658 os_strdup(wpa_s->dpp_groups_override);
659 auth->ignore_netaccesskey_mismatch =
660 wpa_s->dpp_ignore_netaccesskey_mismatch;
661 #endif /* CONFIG_TESTING_OPTIONS */
662 }
663
664
wpas_dpp_init_timeout(void * eloop_ctx,void * timeout_ctx)665 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx)
666 {
667 struct wpa_supplicant *wpa_s = eloop_ctx;
668
669 if (!wpa_s->dpp_auth)
670 return;
671 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout");
672 wpas_dpp_auth_init_next(wpa_s);
673 }
674
675
wpas_dpp_auth_init_next(struct wpa_supplicant * wpa_s)676 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s)
677 {
678 struct dpp_authentication *auth = wpa_s->dpp_auth;
679 const u8 *dst;
680 unsigned int wait_time, max_wait_time, freq, max_tries, used;
681 struct os_reltime now, diff;
682
683 wpa_s->dpp_in_response_listen = 0;
684 if (!auth)
685 return -1;
686
687 if (auth->freq_idx == 0)
688 os_get_reltime(&wpa_s->dpp_init_iter_start);
689
690 if (auth->freq_idx >= auth->num_freq) {
691 auth->num_freq_iters++;
692 if (wpa_s->dpp_init_max_tries)
693 max_tries = wpa_s->dpp_init_max_tries;
694 else
695 max_tries = 5;
696 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) {
697 wpa_printf(MSG_INFO,
698 "DPP: No response received from responder - stopping initiation attempt");
699 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
700 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout,
701 wpa_s, NULL);
702 offchannel_send_action_done(wpa_s);
703 dpp_auth_deinit(wpa_s->dpp_auth);
704 wpa_s->dpp_auth = NULL;
705 return -1;
706 }
707 auth->freq_idx = 0;
708 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
709 if (wpa_s->dpp_init_retry_time)
710 wait_time = wpa_s->dpp_init_retry_time;
711 else
712 wait_time = 10000;
713 os_get_reltime(&now);
714 os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff);
715 used = diff.sec * 1000 + diff.usec / 1000;
716 if (used > wait_time)
717 wait_time = 0;
718 else
719 wait_time -= used;
720 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms",
721 wait_time);
722 eloop_register_timeout(wait_time / 1000,
723 (wait_time % 1000) * 1000,
724 wpas_dpp_init_timeout, wpa_s,
725 NULL);
726 return 0;
727 }
728 freq = auth->freq[auth->freq_idx++];
729 auth->curr_freq = freq;
730
731 if (!is_zero_ether_addr(auth->peer_mac_addr))
732 dst = auth->peer_mac_addr;
733 else if (is_zero_ether_addr(auth->peer_bi->mac_addr))
734 dst = broadcast;
735 else
736 dst = auth->peer_bi->mac_addr;
737 wpa_s->dpp_auth_ok_on_ack = 0;
738 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
739 wait_time = wpa_s->max_remain_on_chan;
740 max_wait_time = wpa_s->dpp_resp_wait_time ?
741 wpa_s->dpp_resp_wait_time : 2000;
742 if (wait_time > max_wait_time)
743 wait_time = max_wait_time;
744 wait_time += 10; /* give the driver some extra time to complete */
745 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
746 wpas_dpp_reply_wait_timeout,
747 wpa_s, NULL);
748 wait_time -= 10;
749 if (auth->neg_freq > 0 && freq != auth->neg_freq) {
750 wpa_printf(MSG_DEBUG,
751 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response",
752 freq, auth->neg_freq);
753 }
754 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
755 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ);
756 auth->auth_req_ack = 0;
757 os_get_reltime(&wpa_s->dpp_last_init);
758 return offchannel_send_action(wpa_s, freq, dst,
759 wpa_s->own_addr, broadcast,
760 wpabuf_head(auth->req_msg),
761 wpabuf_len(auth->req_msg),
762 wait_time, wpas_dpp_tx_status, 0);
763 }
764
765
wpas_dpp_auth_init(struct wpa_supplicant * wpa_s,const char * cmd)766 int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
767 {
768 const char *pos;
769 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL;
770 struct dpp_authentication *auth;
771 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
772 unsigned int neg_freq = 0;
773 int tcp = 0;
774 #ifdef CONFIG_DPP2
775 int tcp_port = DPP_TCP_PORT;
776 struct hostapd_ip_addr ipaddr;
777 char *addr;
778 #endif /* CONFIG_DPP2 */
779
780 wpa_s->dpp_gas_client = 0;
781 wpa_s->dpp_gas_server = 0;
782
783 pos = os_strstr(cmd, " peer=");
784 if (!pos)
785 return -1;
786 pos += 6;
787 peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
788 if (!peer_bi) {
789 wpa_printf(MSG_INFO,
790 "DPP: Could not find bootstrapping info for the identified peer");
791 return -1;
792 }
793
794 #ifdef CONFIG_DPP2
795 pos = os_strstr(cmd, " tcp_port=");
796 if (pos) {
797 pos += 10;
798 tcp_port = atoi(pos);
799 }
800
801 addr = get_param(cmd, " tcp_addr=");
802 if (addr) {
803 int res;
804
805 res = hostapd_parse_ip_addr(addr, &ipaddr);
806 os_free(addr);
807 if (res)
808 return -1;
809 tcp = 1;
810 }
811 #endif /* CONFIG_DPP2 */
812
813 pos = os_strstr(cmd, " own=");
814 if (pos) {
815 pos += 5;
816 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
817 if (!own_bi) {
818 wpa_printf(MSG_INFO,
819 "DPP: Could not find bootstrapping info for the identified local entry");
820 return -1;
821 }
822
823 if (peer_bi->curve != own_bi->curve) {
824 wpa_printf(MSG_INFO,
825 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
826 peer_bi->curve->name, own_bi->curve->name);
827 return -1;
828 }
829 }
830
831 pos = os_strstr(cmd, " role=");
832 if (pos) {
833 pos += 6;
834 if (os_strncmp(pos, "configurator", 12) == 0)
835 allowed_roles = DPP_CAPAB_CONFIGURATOR;
836 else if (os_strncmp(pos, "enrollee", 8) == 0)
837 allowed_roles = DPP_CAPAB_ENROLLEE;
838 else if (os_strncmp(pos, "either", 6) == 0)
839 allowed_roles = DPP_CAPAB_CONFIGURATOR |
840 DPP_CAPAB_ENROLLEE;
841 else
842 goto fail;
843 }
844
845 pos = os_strstr(cmd, " netrole=");
846 if (pos) {
847 pos += 9;
848 if (os_strncmp(pos, "ap", 2) == 0)
849 wpa_s->dpp_netrole = DPP_NETROLE_AP;
850 else if (os_strncmp(pos, "configurator", 12) == 0)
851 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
852 else
853 wpa_s->dpp_netrole = DPP_NETROLE_STA;
854 } else {
855 wpa_s->dpp_netrole = DPP_NETROLE_STA;
856 }
857
858 pos = os_strstr(cmd, " neg_freq=");
859 if (pos)
860 neg_freq = atoi(pos + 10);
861
862 if (!tcp && wpa_s->dpp_auth) {
863 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
864 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
865 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
866 NULL);
867 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
868 NULL);
869 #ifdef CONFIG_DPP2
870 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
871 wpa_s, NULL);
872 #endif /* CONFIG_DPP2 */
873 offchannel_send_action_done(wpa_s);
874 dpp_auth_deinit(wpa_s->dpp_auth);
875 wpa_s->dpp_auth = NULL;
876 }
877
878 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
879 neg_freq, wpa_s->hw.modes, wpa_s->hw.num_modes);
880 if (!auth)
881 goto fail;
882 wpas_dpp_set_testing_options(wpa_s, auth);
883 if (dpp_set_configurator(auth, cmd) < 0) {
884 dpp_auth_deinit(auth);
885 goto fail;
886 }
887
888 auth->neg_freq = neg_freq;
889
890 if (!is_zero_ether_addr(peer_bi->mac_addr))
891 os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN);
892
893 #ifdef CONFIG_DPP2
894 if (tcp)
895 return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port,
896 wpa_s->conf->dpp_name, DPP_NETROLE_STA,
897 wpa_s, wpa_s, wpas_dpp_process_conf_obj,
898 wpas_dpp_tcp_msg_sent);
899 #endif /* CONFIG_DPP2 */
900
901 wpa_s->dpp_auth = auth;
902 return wpas_dpp_auth_init_next(wpa_s);
903 fail:
904 return -1;
905 }
906
907
908 struct wpas_dpp_listen_work {
909 unsigned int freq;
910 unsigned int duration;
911 struct wpabuf *probe_resp_ie;
912 };
913
914
wpas_dpp_listen_work_free(struct wpas_dpp_listen_work * lwork)915 static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork)
916 {
917 if (!lwork)
918 return;
919 os_free(lwork);
920 }
921
922
wpas_dpp_listen_work_done(struct wpa_supplicant * wpa_s)923 static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s)
924 {
925 struct wpas_dpp_listen_work *lwork;
926
927 if (!wpa_s->dpp_listen_work)
928 return;
929
930 lwork = wpa_s->dpp_listen_work->ctx;
931 wpas_dpp_listen_work_free(lwork);
932 radio_work_done(wpa_s->dpp_listen_work);
933 wpa_s->dpp_listen_work = NULL;
934 }
935
936
dpp_start_listen_cb(struct wpa_radio_work * work,int deinit)937 static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit)
938 {
939 struct wpa_supplicant *wpa_s = work->wpa_s;
940 struct wpas_dpp_listen_work *lwork = work->ctx;
941
942 if (deinit) {
943 if (work->started) {
944 wpa_s->dpp_listen_work = NULL;
945 wpas_dpp_listen_stop(wpa_s);
946 }
947 wpas_dpp_listen_work_free(lwork);
948 return;
949 }
950
951 wpa_s->dpp_listen_work = work;
952
953 wpa_s->dpp_pending_listen_freq = lwork->freq;
954
955 if (wpa_drv_remain_on_channel(wpa_s, lwork->freq,
956 wpa_s->max_remain_on_chan) < 0) {
957 wpa_printf(MSG_DEBUG,
958 "DPP: Failed to request the driver to remain on channel (%u MHz) for listen",
959 lwork->freq);
960 wpa_s->dpp_listen_freq = 0;
961 wpas_dpp_listen_work_done(wpa_s);
962 wpa_s->dpp_pending_listen_freq = 0;
963 return;
964 }
965 wpa_s->off_channel_freq = 0;
966 wpa_s->roc_waiting_drv_freq = lwork->freq;
967 wpa_drv_dpp_listen(wpa_s, true);
968 }
969
970
wpas_dpp_listen_start(struct wpa_supplicant * wpa_s,unsigned int freq)971 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
972 unsigned int freq)
973 {
974 struct wpas_dpp_listen_work *lwork;
975
976 if (wpa_s->dpp_listen_work) {
977 wpa_printf(MSG_DEBUG,
978 "DPP: Reject start_listen since dpp_listen_work already exists");
979 return -1;
980 }
981
982 if (wpa_s->dpp_listen_freq)
983 wpas_dpp_listen_stop(wpa_s);
984 wpa_s->dpp_listen_freq = freq;
985
986 lwork = os_zalloc(sizeof(*lwork));
987 if (!lwork)
988 return -1;
989 lwork->freq = freq;
990
991 if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb,
992 lwork) < 0) {
993 wpas_dpp_listen_work_free(lwork);
994 return -1;
995 }
996
997 return 0;
998 }
999
1000
wpas_dpp_listen(struct wpa_supplicant * wpa_s,const char * cmd)1001 int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd)
1002 {
1003 int freq;
1004
1005 freq = atoi(cmd);
1006 if (freq <= 0)
1007 return -1;
1008
1009 if (os_strstr(cmd, " role=configurator"))
1010 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR;
1011 else if (os_strstr(cmd, " role=enrollee"))
1012 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
1013 else
1014 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR |
1015 DPP_CAPAB_ENROLLEE;
1016 wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
1017 if (os_strstr(cmd, " netrole=ap"))
1018 wpa_s->dpp_netrole = DPP_NETROLE_AP;
1019 else if (os_strstr(cmd, " netrole=configurator"))
1020 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
1021 else
1022 wpa_s->dpp_netrole = DPP_NETROLE_STA;
1023 if (wpa_s->dpp_listen_freq == (unsigned int) freq) {
1024 wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz",
1025 freq);
1026 return 0;
1027 }
1028
1029 return wpas_dpp_listen_start(wpa_s, freq);
1030 }
1031
1032
wpas_dpp_listen_stop(struct wpa_supplicant * wpa_s)1033 void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s)
1034 {
1035 wpa_s->dpp_in_response_listen = 0;
1036 if (!wpa_s->dpp_listen_freq)
1037 return;
1038
1039 wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz",
1040 wpa_s->dpp_listen_freq);
1041 wpa_drv_cancel_remain_on_channel(wpa_s);
1042 wpa_drv_dpp_listen(wpa_s, false);
1043 wpa_s->dpp_listen_freq = 0;
1044 wpas_dpp_listen_work_done(wpa_s);
1045 radio_remove_works(wpa_s, "dpp-listen", 0);
1046 }
1047
1048
wpas_dpp_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int duration)1049 void wpas_dpp_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1050 unsigned int freq, unsigned int duration)
1051 {
1052 if (wpa_s->dpp_listen_freq != freq)
1053 return;
1054
1055 wpa_printf(MSG_DEBUG,
1056 "DPP: Remain-on-channel started for listen on %u MHz for %u ms",
1057 freq, duration);
1058 os_get_reltime(&wpa_s->dpp_listen_end);
1059 wpa_s->dpp_listen_end.usec += duration * 1000;
1060 while (wpa_s->dpp_listen_end.usec >= 1000000) {
1061 wpa_s->dpp_listen_end.sec++;
1062 wpa_s->dpp_listen_end.usec -= 1000000;
1063 }
1064 }
1065
1066
wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq)1067 void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1068 unsigned int freq)
1069 {
1070 wpas_dpp_listen_work_done(wpa_s);
1071
1072 if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) {
1073 unsigned int new_freq;
1074
1075 /* Continue listen with a new remain-on-channel */
1076 if (wpa_s->dpp_auth->neg_freq > 0)
1077 new_freq = wpa_s->dpp_auth->neg_freq;
1078 else
1079 new_freq = wpa_s->dpp_auth->curr_freq;
1080 wpa_printf(MSG_DEBUG,
1081 "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session",
1082 new_freq);
1083 wpas_dpp_listen_start(wpa_s, new_freq);
1084 return;
1085 }
1086
1087 if (wpa_s->dpp_listen_freq) {
1088 /* Continue listen with a new remain-on-channel */
1089 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq);
1090 }
1091 }
1092
1093
wpas_dpp_rx_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1094 static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
1095 const u8 *hdr, const u8 *buf, size_t len,
1096 unsigned int freq)
1097 {
1098 const u8 *r_bootstrap, *i_bootstrap;
1099 u16 r_bootstrap_len, i_bootstrap_len;
1100 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL;
1101
1102 if (!wpa_s->dpp)
1103 return;
1104
1105 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR,
1106 MAC2STR(src));
1107
1108 #ifdef CONFIG_DPP2
1109 wpas_dpp_chirp_stop(wpa_s);
1110 #endif /* CONFIG_DPP2 */
1111
1112 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
1113 &r_bootstrap_len);
1114 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
1115 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1116 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
1117 return;
1118 }
1119 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
1120 r_bootstrap, r_bootstrap_len);
1121
1122 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
1123 &i_bootstrap_len);
1124 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) {
1125 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1126 "Missing or invalid required Initiator Bootstrapping Key Hash attribute");
1127 return;
1128 }
1129 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash",
1130 i_bootstrap, i_bootstrap_len);
1131
1132 /* Try to find own and peer bootstrapping key matches based on the
1133 * received hash values */
1134 dpp_bootstrap_find_pair(wpa_s->dpp, i_bootstrap, r_bootstrap,
1135 &own_bi, &peer_bi);
1136 if (!own_bi) {
1137 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1138 "No matching own bootstrapping key found - ignore message");
1139 return;
1140 }
1141
1142 if (wpa_s->dpp_auth) {
1143 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1144 "Already in DPP authentication exchange - ignore new one");
1145 return;
1146 }
1147
1148 wpa_s->dpp_pkex_wait_auth_req = false;
1149 wpa_s->dpp_gas_client = 0;
1150 wpa_s->dpp_gas_server = 0;
1151 wpa_s->dpp_auth_ok_on_ack = 0;
1152 wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s->dpp, wpa_s,
1153 wpa_s->dpp_allowed_roles,
1154 wpa_s->dpp_qr_mutual,
1155 peer_bi, own_bi, freq, hdr, buf, len);
1156 if (!wpa_s->dpp_auth) {
1157 wpa_printf(MSG_DEBUG, "DPP: No response generated");
1158 return;
1159 }
1160 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth);
1161 if (dpp_set_configurator(wpa_s->dpp_auth,
1162 wpa_s->dpp_configurator_params) < 0) {
1163 dpp_auth_deinit(wpa_s->dpp_auth);
1164 wpa_s->dpp_auth = NULL;
1165 return;
1166 }
1167 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN);
1168
1169 if (wpa_s->dpp_listen_freq &&
1170 wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) {
1171 wpa_printf(MSG_DEBUG,
1172 "DPP: Stop listen on %u MHz to allow response on the request %u MHz",
1173 wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq);
1174 wpas_dpp_listen_stop(wpa_s);
1175 }
1176
1177 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1178 MAC2STR(src), wpa_s->dpp_auth->curr_freq,
1179 DPP_PA_AUTHENTICATION_RESP);
1180 offchannel_send_action(wpa_s, wpa_s->dpp_auth->curr_freq,
1181 src, wpa_s->own_addr, broadcast,
1182 wpabuf_head(wpa_s->dpp_auth->resp_msg),
1183 wpabuf_len(wpa_s->dpp_auth->resp_msg),
1184 500, wpas_dpp_tx_status, 0);
1185 }
1186
1187
wpas_dpp_tx_wait_expire(struct wpa_supplicant * wpa_s)1188 void wpas_dpp_tx_wait_expire(struct wpa_supplicant *wpa_s)
1189 {
1190 struct dpp_authentication *auth = wpa_s->dpp_auth;
1191 int freq;
1192
1193 if (!wpa_s->dpp_gas_server || !auth)
1194 return;
1195
1196 freq = auth->neg_freq > 0 ? auth->neg_freq : auth->curr_freq;
1197 if (wpa_s->dpp_listen_work || (int) wpa_s->dpp_listen_freq == freq)
1198 return; /* listen state is already in progress */
1199
1200 wpa_printf(MSG_DEBUG, "DPP: Start listen on %u MHz for GAS", freq);
1201 wpa_s->dpp_in_response_listen = 1;
1202 wpas_dpp_listen_start(wpa_s, freq);
1203 }
1204
1205
wpas_dpp_start_gas_server(struct wpa_supplicant * wpa_s)1206 static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s)
1207 {
1208 struct dpp_authentication *auth = wpa_s->dpp_auth;
1209
1210 wpa_printf(MSG_DEBUG,
1211 "DPP: Starting GAS server (curr_freq=%d neg_freq=%d dpp_listen_freq=%d dpp_listen_work=%d)",
1212 auth->curr_freq, auth->neg_freq, wpa_s->dpp_listen_freq,
1213 !!wpa_s->dpp_listen_work);
1214 wpa_s->dpp_gas_server = 1;
1215 }
1216
1217
wpas_dpp_add_network(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1218 static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
1219 struct dpp_authentication *auth,
1220 struct dpp_config_obj *conf)
1221 {
1222 struct wpa_ssid *ssid;
1223
1224 #ifdef CONFIG_DPP2
1225 if (conf->akm == DPP_AKM_SAE) {
1226 #ifdef CONFIG_SAE
1227 struct wpa_driver_capa capa;
1228 int res;
1229
1230 res = wpa_drv_get_capa(wpa_s, &capa);
1231 if (res == 0 &&
1232 !(capa.key_mgmt_iftype[WPA_IF_STATION] &
1233 WPA_DRIVER_CAPA_KEY_MGMT_SAE) &&
1234 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) {
1235 wpa_printf(MSG_DEBUG,
1236 "DPP: SAE not supported by the driver");
1237 return NULL;
1238 }
1239 #else /* CONFIG_SAE */
1240 wpa_printf(MSG_DEBUG, "DPP: SAE not supported in the build");
1241 return NULL;
1242 #endif /* CONFIG_SAE */
1243 }
1244 #endif /* CONFIG_DPP2 */
1245
1246 ssid = wpa_config_add_network(wpa_s->conf);
1247 if (!ssid)
1248 return NULL;
1249 wpas_notify_network_added(wpa_s, ssid);
1250 wpa_config_set_network_defaults(ssid);
1251 ssid->disabled = 1;
1252
1253 ssid->ssid = os_malloc(conf->ssid_len);
1254 if (!ssid->ssid)
1255 goto fail;
1256 os_memcpy(ssid->ssid, conf->ssid, conf->ssid_len);
1257 ssid->ssid_len = conf->ssid_len;
1258
1259 if (conf->connector) {
1260 if (dpp_akm_dpp(conf->akm)) {
1261 ssid->key_mgmt = WPA_KEY_MGMT_DPP;
1262 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1263 }
1264 ssid->dpp_connector = os_strdup(conf->connector);
1265 if (!ssid->dpp_connector)
1266 goto fail;
1267 }
1268
1269 if (conf->c_sign_key) {
1270 ssid->dpp_csign = os_malloc(wpabuf_len(conf->c_sign_key));
1271 if (!ssid->dpp_csign)
1272 goto fail;
1273 os_memcpy(ssid->dpp_csign, wpabuf_head(conf->c_sign_key),
1274 wpabuf_len(conf->c_sign_key));
1275 ssid->dpp_csign_len = wpabuf_len(conf->c_sign_key);
1276 }
1277
1278 if (conf->pp_key) {
1279 ssid->dpp_pp_key = os_malloc(wpabuf_len(conf->pp_key));
1280 if (!ssid->dpp_pp_key)
1281 goto fail;
1282 os_memcpy(ssid->dpp_pp_key, wpabuf_head(conf->pp_key),
1283 wpabuf_len(conf->pp_key));
1284 ssid->dpp_pp_key_len = wpabuf_len(conf->pp_key);
1285 }
1286
1287 if (auth->net_access_key) {
1288 ssid->dpp_netaccesskey =
1289 os_malloc(wpabuf_len(auth->net_access_key));
1290 if (!ssid->dpp_netaccesskey)
1291 goto fail;
1292 os_memcpy(ssid->dpp_netaccesskey,
1293 wpabuf_head(auth->net_access_key),
1294 wpabuf_len(auth->net_access_key));
1295 ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key);
1296 ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry;
1297 }
1298
1299 if (!conf->connector || dpp_akm_psk(conf->akm) ||
1300 dpp_akm_sae(conf->akm)) {
1301 if (!conf->connector || !dpp_akm_dpp(conf->akm))
1302 ssid->key_mgmt = 0;
1303 if (dpp_akm_psk(conf->akm))
1304 ssid->key_mgmt |= WPA_KEY_MGMT_PSK |
1305 WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK;
1306 if (dpp_akm_sae(conf->akm))
1307 ssid->key_mgmt |= WPA_KEY_MGMT_SAE |
1308 WPA_KEY_MGMT_FT_SAE;
1309 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1310 if (conf->passphrase[0]) {
1311 if (wpa_config_set_quoted(ssid, "psk",
1312 conf->passphrase) < 0)
1313 goto fail;
1314 wpa_config_update_psk(ssid);
1315 ssid->export_keys = 1;
1316 } else {
1317 ssid->psk_set = conf->psk_set;
1318 os_memcpy(ssid->psk, conf->psk, PMK_LEN);
1319 }
1320 }
1321
1322 #if defined(CONFIG_DPP2) && defined(IEEE8021X_EAPOL)
1323 if (conf->akm == DPP_AKM_DOT1X) {
1324 int i;
1325 char name[100], blobname[128];
1326 struct wpa_config_blob *blob;
1327
1328 ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X |
1329 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1330 WPA_KEY_MGMT_IEEE8021X_SHA256;
1331 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1332
1333 if (conf->cacert) {
1334 /* caCert is DER-encoded X.509v3 certificate for the
1335 * server certificate if that is different from the
1336 * trust root included in certBag. */
1337 /* TODO: ssid->eap.cert.ca_cert */
1338 }
1339
1340 if (conf->certs) {
1341 for (i = 0; ; i++) {
1342 os_snprintf(name, sizeof(name), "dpp-certs-%d",
1343 i);
1344 if (!wpa_config_get_blob(wpa_s->conf, name))
1345 break;
1346 }
1347
1348 blob = os_zalloc(sizeof(*blob));
1349 if (!blob)
1350 goto fail;
1351 blob->len = wpabuf_len(conf->certs);
1352 blob->name = os_strdup(name);
1353 blob->data = os_malloc(blob->len);
1354 if (!blob->name || !blob->data) {
1355 wpa_config_free_blob(blob);
1356 goto fail;
1357 }
1358 os_memcpy(blob->data, wpabuf_head(conf->certs),
1359 blob->len);
1360 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1361 name);
1362 wpa_config_set_blob(wpa_s->conf, blob);
1363 wpa_printf(MSG_DEBUG, "DPP: Added certificate blob %s",
1364 name);
1365 ssid->eap.cert.client_cert = os_strdup(blobname);
1366 if (!ssid->eap.cert.client_cert)
1367 goto fail;
1368
1369 /* TODO: ssid->eap.identity from own certificate */
1370 if (wpa_config_set(ssid, "identity", "\"dpp-ent\"",
1371 0) < 0)
1372 goto fail;
1373 }
1374
1375 if (auth->priv_key) {
1376 for (i = 0; ; i++) {
1377 os_snprintf(name, sizeof(name), "dpp-key-%d",
1378 i);
1379 if (!wpa_config_get_blob(wpa_s->conf, name))
1380 break;
1381 }
1382
1383 blob = os_zalloc(sizeof(*blob));
1384 if (!blob)
1385 goto fail;
1386 blob->len = wpabuf_len(auth->priv_key);
1387 blob->name = os_strdup(name);
1388 blob->data = os_malloc(blob->len);
1389 if (!blob->name || !blob->data) {
1390 wpa_config_free_blob(blob);
1391 goto fail;
1392 }
1393 os_memcpy(blob->data, wpabuf_head(auth->priv_key),
1394 blob->len);
1395 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1396 name);
1397 wpa_config_set_blob(wpa_s->conf, blob);
1398 wpa_printf(MSG_DEBUG, "DPP: Added private key blob %s",
1399 name);
1400 ssid->eap.cert.private_key = os_strdup(blobname);
1401 if (!ssid->eap.cert.private_key)
1402 goto fail;
1403 }
1404
1405 if (conf->server_name) {
1406 ssid->eap.cert.domain_suffix_match =
1407 os_strdup(conf->server_name);
1408 if (!ssid->eap.cert.domain_suffix_match)
1409 goto fail;
1410 }
1411
1412 /* TODO: Use entCreds::eapMethods */
1413 if (wpa_config_set(ssid, "eap", "TLS", 0) < 0)
1414 goto fail;
1415 }
1416 #endif /* CONFIG_DPP2 && IEEE8021X_EAPOL */
1417
1418 os_memcpy(wpa_s->dpp_last_ssid, conf->ssid, conf->ssid_len);
1419 wpa_s->dpp_last_ssid_len = conf->ssid_len;
1420
1421 return ssid;
1422 fail:
1423 wpas_notify_network_removed(wpa_s, ssid);
1424 wpa_config_remove_network(wpa_s->conf, ssid->id);
1425 return NULL;
1426 }
1427
1428
wpas_dpp_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1429 static int wpas_dpp_process_config(struct wpa_supplicant *wpa_s,
1430 struct dpp_authentication *auth,
1431 struct dpp_config_obj *conf)
1432 {
1433 struct wpa_ssid *ssid;
1434
1435 if (wpa_s->conf->dpp_config_processing < 1)
1436 return 0;
1437
1438 ssid = wpas_dpp_add_network(wpa_s, auth, conf);
1439 if (!ssid)
1440 return -1;
1441
1442 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id);
1443 if (wpa_s->conf->dpp_config_processing == 2)
1444 ssid->disabled = 0;
1445
1446 #ifndef CONFIG_NO_CONFIG_WRITE
1447 if (wpa_s->conf->update_config &&
1448 wpa_config_write(wpa_s->confname, wpa_s->conf))
1449 wpa_printf(MSG_DEBUG, "DPP: Failed to update configuration");
1450 #endif /* CONFIG_NO_CONFIG_WRITE */
1451
1452 return 0;
1453 }
1454
1455
wpas_dpp_post_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)1456 static void wpas_dpp_post_process_config(struct wpa_supplicant *wpa_s,
1457 struct dpp_authentication *auth)
1458 {
1459 #ifdef CONFIG_DPP2
1460 if (auth->reconfig && wpa_s->dpp_reconfig_ssid &&
1461 wpa_config_get_network(wpa_s->conf, wpa_s->dpp_reconfig_ssid_id) ==
1462 wpa_s->dpp_reconfig_ssid) {
1463 wpa_printf(MSG_DEBUG,
1464 "DPP: Remove reconfigured network profile");
1465 wpas_notify_network_removed(wpa_s, wpa_s->dpp_reconfig_ssid);
1466 wpa_config_remove_network(wpa_s->conf,
1467 wpa_s->dpp_reconfig_ssid_id);
1468 wpa_s->dpp_reconfig_ssid = NULL;
1469 wpa_s->dpp_reconfig_ssid_id = -1;
1470 }
1471 #endif /* CONFIG_DPP2 */
1472
1473 if (wpa_s->conf->dpp_config_processing < 2)
1474 return;
1475
1476 #ifdef CONFIG_DPP2
1477 if (auth->peer_version >= 2) {
1478 wpa_printf(MSG_DEBUG,
1479 "DPP: Postpone connection attempt to wait for completion of DPP Configuration Result");
1480 auth->connect_on_tx_status = 1;
1481 return;
1482 }
1483 #endif /* CONFIG_DPP2 */
1484
1485 wpas_dpp_try_to_connect(wpa_s);
1486 }
1487
1488
wpas_dpp_handle_config_obj(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1489 static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s,
1490 struct dpp_authentication *auth,
1491 struct dpp_config_obj *conf)
1492 {
1493 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1494 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s",
1495 dpp_akm_str(conf->akm));
1496 if (conf->ssid_len)
1497 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s",
1498 wpa_ssid_txt(conf->ssid, conf->ssid_len));
1499 if (conf->ssid_charset)
1500 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID_CHARSET "%d",
1501 conf->ssid_charset);
1502 if (conf->connector) {
1503 /* TODO: Save the Connector and consider using a command
1504 * to fetch the value instead of sending an event with
1505 * it. The Connector could end up being larger than what
1506 * most clients are ready to receive as an event
1507 * message. */
1508 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s",
1509 conf->connector);
1510 }
1511 if (conf->passphrase[0]) {
1512 char hex[64 * 2 + 1];
1513
1514 wpa_snprintf_hex(hex, sizeof(hex),
1515 (const u8 *) conf->passphrase,
1516 os_strlen(conf->passphrase));
1517 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s",
1518 hex);
1519 } else if (conf->psk_set) {
1520 char hex[PMK_LEN * 2 + 1];
1521
1522 wpa_snprintf_hex(hex, sizeof(hex), conf->psk, PMK_LEN);
1523 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s",
1524 hex);
1525 }
1526 if (conf->c_sign_key) {
1527 char *hex;
1528 size_t hexlen;
1529
1530 hexlen = 2 * wpabuf_len(conf->c_sign_key) + 1;
1531 hex = os_malloc(hexlen);
1532 if (hex) {
1533 wpa_snprintf_hex(hex, hexlen,
1534 wpabuf_head(conf->c_sign_key),
1535 wpabuf_len(conf->c_sign_key));
1536 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s",
1537 hex);
1538 os_free(hex);
1539 }
1540 }
1541 if (conf->pp_key) {
1542 char *hex;
1543 size_t hexlen;
1544
1545 hexlen = 2 * wpabuf_len(conf->pp_key) + 1;
1546 hex = os_malloc(hexlen);
1547 if (hex) {
1548 wpa_snprintf_hex(hex, hexlen,
1549 wpabuf_head(conf->pp_key),
1550 wpabuf_len(conf->pp_key));
1551 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PP_KEY "%s", hex);
1552 os_free(hex);
1553 }
1554 }
1555 if (auth->net_access_key) {
1556 char *hex;
1557 size_t hexlen;
1558
1559 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1;
1560 hex = os_malloc(hexlen);
1561 if (hex) {
1562 wpa_snprintf_hex(hex, hexlen,
1563 wpabuf_head(auth->net_access_key),
1564 wpabuf_len(auth->net_access_key));
1565 if (auth->net_access_key_expiry)
1566 wpa_msg(wpa_s, MSG_INFO,
1567 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex,
1568 (long unsigned)
1569 auth->net_access_key_expiry);
1570 else
1571 wpa_msg(wpa_s, MSG_INFO,
1572 DPP_EVENT_NET_ACCESS_KEY "%s", hex);
1573 os_free(hex);
1574 }
1575 }
1576
1577 #ifdef CONFIG_DPP2
1578 if (conf->certbag) {
1579 char *b64;
1580
1581 b64 = base64_encode_no_lf(wpabuf_head(conf->certbag),
1582 wpabuf_len(conf->certbag), NULL);
1583 if (b64)
1584 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CERTBAG "%s", b64);
1585 os_free(b64);
1586 }
1587
1588 if (conf->cacert) {
1589 char *b64;
1590
1591 b64 = base64_encode_no_lf(wpabuf_head(conf->cacert),
1592 wpabuf_len(conf->cacert), NULL);
1593 if (b64)
1594 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CACERT "%s", b64);
1595 os_free(b64);
1596 }
1597
1598 if (conf->server_name)
1599 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_SERVER_NAME "%s",
1600 conf->server_name);
1601 #endif /* CONFIG_DPP2 */
1602
1603 return wpas_dpp_process_config(wpa_s, auth, conf);
1604 }
1605
1606
wpas_dpp_handle_key_pkg(struct wpa_supplicant * wpa_s,struct dpp_asymmetric_key * key)1607 static int wpas_dpp_handle_key_pkg(struct wpa_supplicant *wpa_s,
1608 struct dpp_asymmetric_key *key)
1609 {
1610 #ifdef CONFIG_DPP2
1611 int res;
1612
1613 if (!key)
1614 return 0;
1615
1616 wpa_printf(MSG_DEBUG, "DPP: Received Configurator backup");
1617 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1618 wpa_s->dpp_conf_backup_received = true;
1619
1620 while (key) {
1621 res = dpp_configurator_from_backup(wpa_s->dpp, key);
1622 if (res < 0)
1623 return -1;
1624 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFIGURATOR_ID "%d",
1625 res);
1626 key = key->next;
1627 }
1628 #endif /* CONFIG_DPP2 */
1629
1630 return 0;
1631 }
1632
1633
1634 #ifdef CONFIG_DPP2
wpas_dpp_build_csr(void * eloop_ctx,void * timeout_ctx)1635 static void wpas_dpp_build_csr(void *eloop_ctx, void *timeout_ctx)
1636 {
1637 struct wpa_supplicant *wpa_s = eloop_ctx;
1638 struct dpp_authentication *auth = wpa_s->dpp_auth;
1639
1640 if (!auth || !auth->csrattrs)
1641 return;
1642
1643 wpa_printf(MSG_DEBUG, "DPP: Build CSR");
1644 wpabuf_free(auth->csr);
1645 /* TODO: Additional information needed for CSR based on csrAttrs */
1646 auth->csr = dpp_build_csr(auth, wpa_s->conf->dpp_name ?
1647 wpa_s->conf->dpp_name : "Test");
1648 if (!auth->csr) {
1649 dpp_auth_deinit(wpa_s->dpp_auth);
1650 wpa_s->dpp_auth = NULL;
1651 return;
1652 }
1653
1654 wpas_dpp_start_gas_client(wpa_s);
1655 }
1656 #endif /* CONFIG_DPP2 */
1657
1658
1659 #ifdef CONFIG_DPP3
wpas_dpp_build_new_key(void * eloop_ctx,void * timeout_ctx)1660 static void wpas_dpp_build_new_key(void *eloop_ctx, void *timeout_ctx)
1661 {
1662 struct wpa_supplicant *wpa_s = eloop_ctx;
1663 struct dpp_authentication *auth = wpa_s->dpp_auth;
1664
1665 if (!auth || !auth->waiting_new_key)
1666 return;
1667
1668 wpa_printf(MSG_DEBUG, "DPP: Build config request with a new key");
1669 wpas_dpp_start_gas_client(wpa_s);
1670 }
1671 #endif /* CONFIG_DPP3 */
1672
1673
wpas_dpp_gas_resp_cb(void * ctx,const u8 * addr,u8 dialog_token,enum gas_query_result result,const struct wpabuf * adv_proto,const struct wpabuf * resp,u16 status_code)1674 static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token,
1675 enum gas_query_result result,
1676 const struct wpabuf *adv_proto,
1677 const struct wpabuf *resp, u16 status_code)
1678 {
1679 struct wpa_supplicant *wpa_s = ctx;
1680 const u8 *pos;
1681 struct dpp_authentication *auth = wpa_s->dpp_auth;
1682 int res;
1683 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED;
1684 unsigned int i;
1685
1686 eloop_cancel_timeout(wpas_dpp_gas_client_timeout, wpa_s, NULL);
1687 wpa_s->dpp_gas_dialog_token = -1;
1688
1689 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
1690 os_memcmp(addr, auth->peer_mac_addr, ETH_ALEN) != 0) {
1691 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
1692 return;
1693 }
1694 if (result != GAS_QUERY_SUCCESS ||
1695 !resp || status_code != WLAN_STATUS_SUCCESS) {
1696 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed");
1697 goto fail;
1698 }
1699
1700 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto",
1701 adv_proto);
1702 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)",
1703 resp);
1704
1705 if (wpabuf_len(adv_proto) != 10 ||
1706 !(pos = wpabuf_head(adv_proto)) ||
1707 pos[0] != WLAN_EID_ADV_PROTO ||
1708 pos[1] != 8 ||
1709 pos[3] != WLAN_EID_VENDOR_SPECIFIC ||
1710 pos[4] != 5 ||
1711 WPA_GET_BE24(&pos[5]) != OUI_WFA ||
1712 pos[8] != 0x1a ||
1713 pos[9] != 1) {
1714 wpa_printf(MSG_DEBUG,
1715 "DPP: Not a DPP Advertisement Protocol ID");
1716 goto fail;
1717 }
1718
1719 res = dpp_conf_resp_rx(auth, resp);
1720 #ifdef CONFIG_DPP2
1721 if (res == -2) {
1722 wpa_printf(MSG_DEBUG, "DPP: CSR needed");
1723 eloop_register_timeout(0, 0, wpas_dpp_build_csr, wpa_s, NULL);
1724 return;
1725 }
1726 #endif /* CONFIG_DPP2 */
1727 #ifdef CONFIG_DPP3
1728 if (res == -3) {
1729 wpa_printf(MSG_DEBUG, "DPP: New protocol key needed");
1730 eloop_register_timeout(0, 0, wpas_dpp_build_new_key, wpa_s,
1731 NULL);
1732 return;
1733 }
1734 #endif /* CONFIG_DPP3 */
1735 if (res < 0) {
1736 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed");
1737 goto fail;
1738 }
1739
1740 wpa_s->dpp_conf_backup_received = false;
1741 for (i = 0; i < auth->num_conf_obj; i++) {
1742 res = wpas_dpp_handle_config_obj(wpa_s, auth,
1743 &auth->conf_obj[i]);
1744 if (res < 0)
1745 goto fail;
1746 }
1747 if (auth->num_conf_obj)
1748 wpas_dpp_post_process_config(wpa_s, auth);
1749 if (wpas_dpp_handle_key_pkg(wpa_s, auth->conf_key_pkg) < 0)
1750 goto fail;
1751
1752 status = DPP_STATUS_OK;
1753 #ifdef CONFIG_TESTING_OPTIONS
1754 if (dpp_test == DPP_TEST_REJECT_CONFIG) {
1755 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object");
1756 status = DPP_STATUS_CONFIG_REJECTED;
1757 }
1758 #endif /* CONFIG_TESTING_OPTIONS */
1759 fail:
1760 if (status != DPP_STATUS_OK)
1761 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1762 #ifdef CONFIG_DPP2
1763 if (auth->peer_version >= 2 &&
1764 auth->conf_resp_status == DPP_STATUS_OK) {
1765 struct wpabuf *msg;
1766
1767 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result");
1768 msg = dpp_build_conf_result(auth, status);
1769 if (!msg)
1770 goto fail2;
1771
1772 wpa_msg(wpa_s, MSG_INFO,
1773 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1774 MAC2STR(addr), auth->curr_freq,
1775 DPP_PA_CONFIGURATION_RESULT);
1776 offchannel_send_action(wpa_s, auth->curr_freq,
1777 addr, wpa_s->own_addr, broadcast,
1778 wpabuf_head(msg),
1779 wpabuf_len(msg),
1780 500, wpas_dpp_tx_status, 0);
1781 wpabuf_free(msg);
1782
1783 /* This exchange will be terminated in the TX status handler */
1784 if (wpa_s->conf->dpp_config_processing < 2 ||
1785 wpa_s->dpp_conf_backup_received)
1786 auth->remove_on_tx_status = 1;
1787 return;
1788 }
1789 fail2:
1790 #endif /* CONFIG_DPP2 */
1791 dpp_auth_deinit(wpa_s->dpp_auth);
1792 wpa_s->dpp_auth = NULL;
1793 }
1794
1795
wpas_dpp_gas_client_timeout(void * eloop_ctx,void * timeout_ctx)1796 static void wpas_dpp_gas_client_timeout(void *eloop_ctx, void *timeout_ctx)
1797 {
1798 struct wpa_supplicant *wpa_s = eloop_ctx;
1799 struct dpp_authentication *auth = wpa_s->dpp_auth;
1800
1801 if (!wpa_s->dpp_gas_client || !auth ||
1802 (!auth->auth_success && !auth->reconfig_success))
1803 return;
1804
1805 wpa_printf(MSG_DEBUG, "DPP: Timeout while waiting for Config Response");
1806 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1807 dpp_auth_deinit(wpa_s->dpp_auth);
1808 wpa_s->dpp_auth = NULL;
1809 }
1810
1811
wpas_dpp_start_gas_client(struct wpa_supplicant * wpa_s)1812 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
1813 {
1814 struct dpp_authentication *auth = wpa_s->dpp_auth;
1815 struct wpabuf *buf;
1816 int res;
1817 int *supp_op_classes;
1818
1819 wpa_s->dpp_gas_client = 1;
1820 offchannel_send_action_done(wpa_s);
1821 wpas_dpp_listen_stop(wpa_s);
1822
1823 supp_op_classes = wpas_supp_op_classes(wpa_s);
1824 buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name,
1825 wpa_s->dpp_netrole,
1826 wpa_s->conf->dpp_mud_url,
1827 supp_op_classes);
1828 os_free(supp_op_classes);
1829 if (!buf) {
1830 wpa_printf(MSG_DEBUG,
1831 "DPP: No configuration request data available");
1832 return;
1833 }
1834
1835 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)",
1836 MAC2STR(auth->peer_mac_addr), auth->curr_freq);
1837
1838 /* Use a 120 second timeout since the gas_query_req() operation could
1839 * remain waiting indefinitely for the response if the Configurator
1840 * keeps sending out comeback responses with additional delay. The
1841 * DPP technical specification expects the Enrollee to continue sending
1842 * out new Config Requests for 60 seconds, so this gives an extra 60
1843 * second time after the last expected new Config Request for the
1844 * Configurator to determine what kind of configuration to provide. */
1845 eloop_register_timeout(120, 0, wpas_dpp_gas_client_timeout,
1846 wpa_s, NULL);
1847
1848 res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq,
1849 1, 1, buf, wpas_dpp_gas_resp_cb, wpa_s);
1850 if (res < 0) {
1851 wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request");
1852 wpabuf_free(buf);
1853 } else {
1854 wpa_printf(MSG_DEBUG,
1855 "DPP: GAS query started with dialog token %u", res);
1856 wpa_s->dpp_gas_dialog_token = res;
1857 }
1858 }
1859
1860
wpas_dpp_auth_success(struct wpa_supplicant * wpa_s,int initiator)1861 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator)
1862 {
1863 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
1864 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator);
1865 #ifdef CONFIG_TESTING_OPTIONS
1866 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) {
1867 wpa_printf(MSG_INFO,
1868 "DPP: TESTING - stop at Authentication Confirm");
1869 if (wpa_s->dpp_auth->configurator) {
1870 /* Prevent GAS response */
1871 wpa_s->dpp_auth->auth_success = 0;
1872 }
1873 return;
1874 }
1875 #endif /* CONFIG_TESTING_OPTIONS */
1876
1877 if (wpa_s->dpp_auth->configurator)
1878 wpas_dpp_start_gas_server(wpa_s);
1879 else
1880 wpas_dpp_start_gas_client(wpa_s);
1881 }
1882
1883
wpas_dpp_rx_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1884 static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
1885 const u8 *hdr, const u8 *buf, size_t len,
1886 unsigned int freq)
1887 {
1888 struct dpp_authentication *auth = wpa_s->dpp_auth;
1889 struct wpabuf *msg;
1890
1891 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR
1892 " (freq %u MHz)", MAC2STR(src), freq);
1893
1894 if (!auth) {
1895 wpa_printf(MSG_DEBUG,
1896 "DPP: No DPP Authentication in progress - drop");
1897 return;
1898 }
1899
1900 if (!is_zero_ether_addr(auth->peer_mac_addr) &&
1901 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1902 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1903 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1904 return;
1905 }
1906
1907 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
1908
1909 if (auth->curr_freq != freq && auth->neg_freq == freq) {
1910 wpa_printf(MSG_DEBUG,
1911 "DPP: Responder accepted request for different negotiation channel");
1912 auth->curr_freq = freq;
1913 }
1914
1915 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
1916 msg = dpp_auth_resp_rx(auth, hdr, buf, len);
1917 if (!msg) {
1918 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) {
1919 wpa_printf(MSG_DEBUG,
1920 "DPP: Start wait for full response");
1921 offchannel_send_action_done(wpa_s);
1922 wpas_dpp_listen_start(wpa_s, auth->curr_freq);
1923 return;
1924 }
1925 wpa_printf(MSG_DEBUG, "DPP: No confirm generated");
1926 return;
1927 }
1928 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
1929
1930 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1931 MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF);
1932 offchannel_send_action(wpa_s, auth->curr_freq,
1933 src, wpa_s->own_addr, broadcast,
1934 wpabuf_head(msg), wpabuf_len(msg),
1935 500, wpas_dpp_tx_status, 0);
1936 wpabuf_free(msg);
1937 wpa_s->dpp_auth_ok_on_ack = 1;
1938 }
1939
1940
wpas_dpp_rx_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)1941 static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
1942 const u8 *hdr, const u8 *buf, size_t len)
1943 {
1944 struct dpp_authentication *auth = wpa_s->dpp_auth;
1945
1946 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR,
1947 MAC2STR(src));
1948
1949 if (!auth) {
1950 wpa_printf(MSG_DEBUG,
1951 "DPP: No DPP Authentication in progress - drop");
1952 return;
1953 }
1954
1955 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1956 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1957 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1958 return;
1959 }
1960
1961 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
1962
1963 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) {
1964 wpa_printf(MSG_DEBUG, "DPP: Authentication failed");
1965 return;
1966 }
1967
1968 wpas_dpp_auth_success(wpa_s, 0);
1969 }
1970
1971
1972 #ifdef CONFIG_DPP2
1973
wpas_dpp_config_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)1974 static void wpas_dpp_config_result_wait_timeout(void *eloop_ctx,
1975 void *timeout_ctx)
1976 {
1977 struct wpa_supplicant *wpa_s = eloop_ctx;
1978 struct dpp_authentication *auth = wpa_s->dpp_auth;
1979
1980 if (!auth || !auth->waiting_conf_result)
1981 return;
1982
1983 wpa_printf(MSG_DEBUG,
1984 "DPP: Timeout while waiting for Configuration Result");
1985 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1986 dpp_auth_deinit(auth);
1987 wpa_s->dpp_auth = NULL;
1988 }
1989
1990
wpas_dpp_conn_status_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)1991 static void wpas_dpp_conn_status_result_wait_timeout(void *eloop_ctx,
1992 void *timeout_ctx)
1993 {
1994 struct wpa_supplicant *wpa_s = eloop_ctx;
1995 struct dpp_authentication *auth = wpa_s->dpp_auth;
1996
1997 if (!auth || !auth->waiting_conn_status_result)
1998 return;
1999
2000 wpa_printf(MSG_DEBUG,
2001 "DPP: Timeout while waiting for Connection Status Result");
2002 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT "timeout");
2003 wpas_dpp_listen_stop(wpa_s);
2004 dpp_auth_deinit(auth);
2005 wpa_s->dpp_auth = NULL;
2006 }
2007
2008
wpas_dpp_rx_conf_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2009 static void wpas_dpp_rx_conf_result(struct wpa_supplicant *wpa_s, const u8 *src,
2010 const u8 *hdr, const u8 *buf, size_t len)
2011 {
2012 struct dpp_authentication *auth = wpa_s->dpp_auth;
2013 enum dpp_status_error status;
2014
2015 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR,
2016 MAC2STR(src));
2017
2018 if (!auth || !auth->waiting_conf_result) {
2019 if (auth &&
2020 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) == 0 &&
2021 gas_server_response_sent(wpa_s->gas_server,
2022 auth->gas_server_ctx)) {
2023 /* This could happen if the TX status event gets delayed
2024 * long enough for the Enrollee to have time to send
2025 * the next frame before the TX status gets processed
2026 * locally. */
2027 wpa_printf(MSG_DEBUG,
2028 "DPP: GAS response was sent but TX status not yet received - assume it was ACKed since the Enrollee sent the next frame in the sequence");
2029 auth->waiting_conf_result = 1;
2030 } else {
2031 wpa_printf(MSG_DEBUG,
2032 "DPP: No DPP Configuration waiting for result - drop");
2033 return;
2034 }
2035 }
2036
2037 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2038 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2039 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2040 return;
2041 }
2042
2043 status = dpp_conf_result_rx(auth, hdr, buf, len);
2044
2045 if (status == DPP_STATUS_OK && auth->send_conn_status) {
2046 int freq;
2047
2048 wpa_msg(wpa_s, MSG_INFO,
2049 DPP_EVENT_CONF_SENT "wait_conn_status=1");
2050 wpa_printf(MSG_DEBUG, "DPP: Wait for Connection Status Result");
2051 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
2052 wpa_s, NULL);
2053 auth->waiting_conn_status_result = 1;
2054 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2055 wpa_s, NULL);
2056 eloop_register_timeout(16, 0,
2057 wpas_dpp_conn_status_result_wait_timeout,
2058 wpa_s, NULL);
2059 offchannel_send_action_done(wpa_s);
2060 freq = auth->neg_freq ? auth->neg_freq : auth->curr_freq;
2061 if (!wpa_s->dpp_in_response_listen ||
2062 (int) wpa_s->dpp_listen_freq != freq)
2063 wpas_dpp_listen_start(wpa_s, freq);
2064 return;
2065 }
2066 offchannel_send_action_done(wpa_s);
2067 wpas_dpp_listen_stop(wpa_s);
2068 if (status == DPP_STATUS_OK)
2069 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
2070 else
2071 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
2072 dpp_auth_deinit(auth);
2073 wpa_s->dpp_auth = NULL;
2074 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
2075 }
2076
2077
wpas_dpp_rx_conn_status_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2078 static void wpas_dpp_rx_conn_status_result(struct wpa_supplicant *wpa_s,
2079 const u8 *src, const u8 *hdr,
2080 const u8 *buf, size_t len)
2081 {
2082 struct dpp_authentication *auth = wpa_s->dpp_auth;
2083 enum dpp_status_error status;
2084 u8 ssid[SSID_MAX_LEN];
2085 size_t ssid_len = 0;
2086 char *channel_list = NULL;
2087
2088 wpa_printf(MSG_DEBUG, "DPP: Connection Status Result");
2089
2090 if (!auth || !auth->waiting_conn_status_result) {
2091 wpa_printf(MSG_DEBUG,
2092 "DPP: No DPP Configuration waiting for connection status result - drop");
2093 return;
2094 }
2095
2096 status = dpp_conn_status_result_rx(auth, hdr, buf, len,
2097 ssid, &ssid_len, &channel_list);
2098 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT
2099 "result=%d ssid=%s channel_list=%s",
2100 status, wpa_ssid_txt(ssid, ssid_len),
2101 channel_list ? channel_list : "N/A");
2102 os_free(channel_list);
2103 offchannel_send_action_done(wpa_s);
2104 wpas_dpp_listen_stop(wpa_s);
2105 dpp_auth_deinit(auth);
2106 wpa_s->dpp_auth = NULL;
2107 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2108 wpa_s, NULL);
2109 }
2110
2111
wpas_dpp_process_conf_obj(void * ctx,struct dpp_authentication * auth)2112 static int wpas_dpp_process_conf_obj(void *ctx,
2113 struct dpp_authentication *auth)
2114 {
2115 struct wpa_supplicant *wpa_s = ctx;
2116 unsigned int i;
2117 int res = -1;
2118
2119 for (i = 0; i < auth->num_conf_obj; i++) {
2120 res = wpas_dpp_handle_config_obj(wpa_s, auth,
2121 &auth->conf_obj[i]);
2122 if (res)
2123 break;
2124 }
2125 if (!res)
2126 wpas_dpp_post_process_config(wpa_s, auth);
2127
2128 return res;
2129 }
2130
2131
wpas_dpp_tcp_msg_sent(void * ctx,struct dpp_authentication * auth)2132 static bool wpas_dpp_tcp_msg_sent(void *ctx, struct dpp_authentication *auth)
2133 {
2134 struct wpa_supplicant *wpa_s = ctx;
2135
2136 wpa_printf(MSG_DEBUG, "DPP: TCP message sent callback");
2137
2138 if (auth->connect_on_tx_status) {
2139 auth->connect_on_tx_status = 0;
2140 wpa_printf(MSG_DEBUG,
2141 "DPP: Try to connect after completed configuration result");
2142 wpas_dpp_try_to_connect(wpa_s);
2143 if (auth->conn_status_requested) {
2144 wpa_printf(MSG_DEBUG,
2145 "DPP: Start 15 second timeout for reporting connection status result");
2146 eloop_cancel_timeout(
2147 wpas_dpp_conn_status_result_timeout,
2148 wpa_s, NULL);
2149 eloop_register_timeout(
2150 15, 0, wpas_dpp_conn_status_result_timeout,
2151 wpa_s, NULL);
2152 return true;
2153 }
2154 }
2155
2156 return false;
2157 }
2158
2159
wpas_dpp_remove_bi(void * ctx,struct dpp_bootstrap_info * bi)2160 static void wpas_dpp_remove_bi(void *ctx, struct dpp_bootstrap_info *bi)
2161 {
2162 struct wpa_supplicant *wpa_s = ctx;
2163
2164 if (bi == wpa_s->dpp_chirp_bi)
2165 wpas_dpp_chirp_stop(wpa_s);
2166 }
2167
2168
2169 static void
wpas_dpp_rx_presence_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2170 wpas_dpp_rx_presence_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2171 const u8 *hdr, const u8 *buf, size_t len,
2172 unsigned int freq)
2173 {
2174 const u8 *r_bootstrap;
2175 u16 r_bootstrap_len;
2176 struct dpp_bootstrap_info *peer_bi;
2177 struct dpp_authentication *auth;
2178
2179 if (!wpa_s->dpp)
2180 return;
2181
2182 if (wpa_s->dpp_auth) {
2183 wpa_printf(MSG_DEBUG,
2184 "DPP: Ignore Presence Announcement during ongoing Authentication");
2185 return;
2186 }
2187
2188 wpa_printf(MSG_DEBUG, "DPP: Presence Announcement from " MACSTR,
2189 MAC2STR(src));
2190
2191 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
2192 &r_bootstrap_len);
2193 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
2194 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2195 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
2196 return;
2197 }
2198 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
2199 r_bootstrap, r_bootstrap_len);
2200 peer_bi = dpp_bootstrap_find_chirp(wpa_s->dpp, r_bootstrap);
2201 dpp_notify_chirp_received(wpa_s, peer_bi ? (int) peer_bi->id : -1, src,
2202 freq, r_bootstrap);
2203 if (!peer_bi) {
2204 wpa_printf(MSG_DEBUG,
2205 "DPP: No matching bootstrapping information found");
2206 return;
2207 }
2208
2209 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, NULL,
2210 DPP_CAPAB_CONFIGURATOR, freq, NULL, 0);
2211 if (!auth)
2212 return;
2213 wpas_dpp_set_testing_options(wpa_s, auth);
2214 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2215 dpp_auth_deinit(auth);
2216 return;
2217 }
2218
2219 auth->neg_freq = freq;
2220
2221 /* The source address of the Presence Announcement frame overrides any
2222 * MAC address information from the bootstrapping information. */
2223 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2224
2225 wpa_s->dpp_auth = auth;
2226 if (wpas_dpp_auth_init_next(wpa_s) < 0) {
2227 dpp_auth_deinit(wpa_s->dpp_auth);
2228 wpa_s->dpp_auth = NULL;
2229 }
2230 }
2231
2232
wpas_dpp_reconfig_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)2233 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
2234 void *timeout_ctx)
2235 {
2236 struct wpa_supplicant *wpa_s = eloop_ctx;
2237 struct dpp_authentication *auth = wpa_s->dpp_auth;
2238
2239 if (!auth)
2240 return;
2241
2242 wpa_printf(MSG_DEBUG, "DPP: Reconfig Reply wait timeout");
2243 offchannel_send_action_done(wpa_s);
2244 wpas_dpp_listen_stop(wpa_s);
2245 dpp_auth_deinit(auth);
2246 wpa_s->dpp_auth = NULL;
2247 }
2248
2249
2250 static void
wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2251 wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2252 const u8 *hdr, const u8 *buf, size_t len,
2253 unsigned int freq)
2254 {
2255 const u8 *csign_hash, *fcgroup, *a_nonce, *e_id;
2256 u16 csign_hash_len, fcgroup_len, a_nonce_len, e_id_len;
2257 struct dpp_configurator *conf;
2258 struct dpp_authentication *auth;
2259 unsigned int wait_time, max_wait_time;
2260 u16 group;
2261
2262 if (!wpa_s->dpp)
2263 return;
2264
2265 if (wpa_s->dpp_auth) {
2266 wpa_printf(MSG_DEBUG,
2267 "DPP: Ignore Reconfig Announcement during ongoing Authentication");
2268 return;
2269 }
2270
2271 wpa_printf(MSG_DEBUG, "DPP: Reconfig Announcement from " MACSTR,
2272 MAC2STR(src));
2273
2274 csign_hash = dpp_get_attr(buf, len, DPP_ATTR_C_SIGN_KEY_HASH,
2275 &csign_hash_len);
2276 if (!csign_hash || csign_hash_len != SHA256_MAC_LEN) {
2277 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2278 "Missing or invalid required Configurator C-sign key Hash attribute");
2279 return;
2280 }
2281 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator C-sign key Hash (kid)",
2282 csign_hash, csign_hash_len);
2283 conf = dpp_configurator_find_kid(wpa_s->dpp, csign_hash);
2284 if (!conf) {
2285 wpa_printf(MSG_DEBUG,
2286 "DPP: No matching Configurator information found");
2287 return;
2288 }
2289
2290 fcgroup = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP,
2291 &fcgroup_len);
2292 if (!fcgroup || fcgroup_len != 2) {
2293 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2294 "Missing or invalid required Finite Cyclic Group attribute");
2295 return;
2296 }
2297 group = WPA_GET_LE16(fcgroup);
2298 wpa_printf(MSG_DEBUG, "DPP: Enrollee finite cyclic group: %u", group);
2299
2300 a_nonce = dpp_get_attr(buf, len, DPP_ATTR_A_NONCE, &a_nonce_len);
2301 e_id = dpp_get_attr(buf, len, DPP_ATTR_E_PRIME_ID, &e_id_len);
2302
2303 auth = dpp_reconfig_init(wpa_s->dpp, wpa_s, conf, freq, group,
2304 a_nonce, a_nonce_len, e_id, e_id_len);
2305 if (!auth)
2306 return;
2307 wpas_dpp_set_testing_options(wpa_s, auth);
2308 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2309 dpp_auth_deinit(auth);
2310 return;
2311 }
2312
2313 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2314 wpa_s->dpp_auth = auth;
2315
2316 wpa_s->dpp_in_response_listen = 0;
2317 wpa_s->dpp_auth_ok_on_ack = 0;
2318 wait_time = wpa_s->max_remain_on_chan;
2319 max_wait_time = wpa_s->dpp_resp_wait_time ?
2320 wpa_s->dpp_resp_wait_time : 2000;
2321 if (wait_time > max_wait_time)
2322 wait_time = max_wait_time;
2323 wait_time += 10; /* give the driver some extra time to complete */
2324 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
2325 wpas_dpp_reconfig_reply_wait_timeout,
2326 wpa_s, NULL);
2327 wait_time -= 10;
2328
2329 wpas_dpp_stop_listen_for_tx(wpa_s, freq, wait_time);
2330
2331 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2332 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_REQ);
2333 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2334 wpabuf_head(auth->reconfig_req_msg),
2335 wpabuf_len(auth->reconfig_req_msg),
2336 wait_time, wpas_dpp_tx_status, 0) < 0) {
2337 dpp_auth_deinit(wpa_s->dpp_auth);
2338 wpa_s->dpp_auth = NULL;
2339 }
2340 }
2341
2342
2343 static void
wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2344 wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
2345 const u8 *hdr, const u8 *buf, size_t len,
2346 unsigned int freq)
2347 {
2348 struct wpa_ssid *ssid;
2349 struct dpp_authentication *auth;
2350
2351 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Request from "
2352 MACSTR, MAC2STR(src));
2353
2354 if (!wpa_s->dpp)
2355 return;
2356 if (wpa_s->dpp_auth) {
2357 wpa_printf(MSG_DEBUG,
2358 "DPP: Not ready for reconfiguration - pending authentication exchange in progress");
2359 return;
2360 }
2361 if (!wpa_s->dpp_reconfig_ssid) {
2362 wpa_printf(MSG_DEBUG,
2363 "DPP: Not ready for reconfiguration - not requested");
2364 return;
2365 }
2366 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2367 if (ssid == wpa_s->dpp_reconfig_ssid &&
2368 ssid->id == wpa_s->dpp_reconfig_ssid_id)
2369 break;
2370 }
2371 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2372 !ssid->dpp_csign) {
2373 wpa_printf(MSG_DEBUG,
2374 "DPP: Not ready for reconfiguration - no matching network profile with Connector found");
2375 return;
2376 }
2377
2378 auth = dpp_reconfig_auth_req_rx(wpa_s->dpp, wpa_s, ssid->dpp_connector,
2379 ssid->dpp_netaccesskey,
2380 ssid->dpp_netaccesskey_len,
2381 ssid->dpp_csign, ssid->dpp_csign_len,
2382 freq, hdr, buf, len);
2383 if (!auth)
2384 return;
2385 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2386 wpa_s->dpp_auth = auth;
2387
2388 wpas_dpp_chirp_stop(wpa_s);
2389
2390 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2391 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_RESP);
2392 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2393 wpabuf_head(auth->reconfig_resp_msg),
2394 wpabuf_len(auth->reconfig_resp_msg),
2395 500, wpas_dpp_tx_status, 0) < 0) {
2396 dpp_auth_deinit(wpa_s->dpp_auth);
2397 wpa_s->dpp_auth = NULL;
2398 }
2399 }
2400
2401
2402 static void
wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2403 wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2404 const u8 *hdr, const u8 *buf, size_t len,
2405 unsigned int freq)
2406 {
2407 struct dpp_authentication *auth = wpa_s->dpp_auth;
2408 struct wpabuf *conf;
2409
2410 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Response from "
2411 MACSTR, MAC2STR(src));
2412
2413 if (!auth || !auth->reconfig || !auth->configurator) {
2414 wpa_printf(MSG_DEBUG,
2415 "DPP: No DPP Reconfig Authentication in progress - drop");
2416 return;
2417 }
2418
2419 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2420 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2421 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2422 return;
2423 }
2424
2425 conf = dpp_reconfig_auth_resp_rx(auth, hdr, buf, len);
2426 if (!conf)
2427 return;
2428
2429 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, wpa_s, NULL);
2430
2431 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2432 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_CONF);
2433 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2434 wpabuf_head(conf), wpabuf_len(conf),
2435 500, wpas_dpp_tx_status, 0) < 0) {
2436 wpabuf_free(conf);
2437 dpp_auth_deinit(wpa_s->dpp_auth);
2438 wpa_s->dpp_auth = NULL;
2439 return;
2440 }
2441 wpabuf_free(conf);
2442
2443 wpas_dpp_start_gas_server(wpa_s);
2444 }
2445
2446
2447 static void
wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2448 wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
2449 const u8 *hdr, const u8 *buf, size_t len,
2450 unsigned int freq)
2451 {
2452 struct dpp_authentication *auth = wpa_s->dpp_auth;
2453
2454 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Confirm from "
2455 MACSTR, MAC2STR(src));
2456
2457 if (!auth || !auth->reconfig || auth->configurator) {
2458 wpa_printf(MSG_DEBUG,
2459 "DPP: No DPP Reconfig Authentication in progress - drop");
2460 return;
2461 }
2462
2463 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2464 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2465 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2466 return;
2467 }
2468
2469 if (dpp_reconfig_auth_conf_rx(auth, hdr, buf, len) < 0)
2470 return;
2471
2472 wpas_dpp_start_gas_client(wpa_s);
2473 }
2474
2475 #endif /* CONFIG_DPP2 */
2476
2477
wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len)2478 static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s,
2479 const u8 *src,
2480 const u8 *buf, size_t len)
2481 {
2482 struct wpa_ssid *ssid;
2483 const u8 *connector, *trans_id, *status;
2484 u16 connector_len, trans_id_len, status_len;
2485 #ifdef CONFIG_DPP2
2486 const u8 *version;
2487 u16 version_len;
2488 #endif /* CONFIG_DPP2 */
2489 u8 peer_version = 1;
2490 struct dpp_introduction intro;
2491 struct rsn_pmksa_cache_entry *entry;
2492 struct os_time now;
2493 struct os_reltime rnow;
2494 os_time_t expiry;
2495 unsigned int seconds;
2496 enum dpp_status_error res;
2497
2498 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR,
2499 MAC2STR(src));
2500 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) ||
2501 os_memcmp(src, wpa_s->dpp_intro_bssid, ETH_ALEN) != 0) {
2502 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from "
2503 MACSTR " - drop", MAC2STR(src));
2504 return;
2505 }
2506 offchannel_send_action_done(wpa_s);
2507
2508 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2509 if (ssid == wpa_s->dpp_intro_network)
2510 break;
2511 }
2512 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2513 !ssid->dpp_csign) {
2514 wpa_printf(MSG_DEBUG,
2515 "DPP: Profile not found for network introduction");
2516 return;
2517 }
2518
2519 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID,
2520 &trans_id_len);
2521 if (!trans_id || trans_id_len != 1) {
2522 wpa_printf(MSG_DEBUG,
2523 "DPP: Peer did not include Transaction ID");
2524 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2525 " fail=missing_transaction_id", MAC2STR(src));
2526 goto fail;
2527 }
2528 if (trans_id[0] != TRANSACTION_ID) {
2529 wpa_printf(MSG_DEBUG,
2530 "DPP: Ignore frame with unexpected Transaction ID %u",
2531 trans_id[0]);
2532 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2533 " fail=transaction_id_mismatch", MAC2STR(src));
2534 goto fail;
2535 }
2536
2537 status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len);
2538 if (!status || status_len != 1) {
2539 wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status");
2540 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2541 " fail=missing_status", MAC2STR(src));
2542 goto fail;
2543 }
2544 if (status[0] != DPP_STATUS_OK) {
2545 wpa_printf(MSG_DEBUG,
2546 "DPP: Peer rejected network introduction: Status %u",
2547 status[0]);
2548 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2549 " status=%u", MAC2STR(src), status[0]);
2550 #ifdef CONFIG_DPP2
2551 wpas_dpp_send_conn_status_result(wpa_s, status[0]);
2552 #endif /* CONFIG_DPP2 */
2553 goto fail;
2554 }
2555
2556 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len);
2557 if (!connector) {
2558 wpa_printf(MSG_DEBUG,
2559 "DPP: Peer did not include its Connector");
2560 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2561 " fail=missing_connector", MAC2STR(src));
2562 goto fail;
2563 }
2564
2565 res = dpp_peer_intro(&intro, ssid->dpp_connector,
2566 ssid->dpp_netaccesskey,
2567 ssid->dpp_netaccesskey_len,
2568 ssid->dpp_csign,
2569 ssid->dpp_csign_len,
2570 connector, connector_len, &expiry);
2571 if (res != DPP_STATUS_OK) {
2572 wpa_printf(MSG_INFO,
2573 "DPP: Network Introduction protocol resulted in failure");
2574 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2575 " fail=peer_connector_validation_failed", MAC2STR(src));
2576 #ifdef CONFIG_DPP2
2577 wpas_dpp_send_conn_status_result(wpa_s, res);
2578 #endif /* CONFIG_DPP2 */
2579 goto fail;
2580 }
2581
2582 entry = os_zalloc(sizeof(*entry));
2583 if (!entry)
2584 goto fail;
2585 os_memcpy(entry->aa, src, ETH_ALEN);
2586 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN);
2587 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len);
2588 entry->pmk_len = intro.pmk_len;
2589 entry->akmp = WPA_KEY_MGMT_DPP;
2590 #ifdef CONFIG_DPP2
2591 version = dpp_get_attr(buf, len, DPP_ATTR_PROTOCOL_VERSION,
2592 &version_len);
2593 if (version && version_len >= 1)
2594 peer_version = version[0];
2595 #ifdef CONFIG_DPP3
2596 if (intro.peer_version && intro.peer_version >= 2 &&
2597 peer_version != intro.peer_version) {
2598 wpa_printf(MSG_INFO,
2599 "DPP: Protocol version mismatch (Connector: %d Attribute: %d",
2600 intro.peer_version, peer_version);
2601 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_NO_MATCH);
2602 goto fail;
2603 }
2604 #endif /* CONFIG_DPP3 */
2605 entry->dpp_pfs = peer_version >= 2;
2606 #endif /* CONFIG_DPP2 */
2607 if (expiry) {
2608 os_get_time(&now);
2609 seconds = expiry - now.sec;
2610 } else {
2611 seconds = 86400 * 7;
2612 }
2613 os_get_reltime(&rnow);
2614 entry->expiration = rnow.sec + seconds;
2615 entry->reauth_time = rnow.sec + seconds;
2616 entry->network_ctx = ssid;
2617 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry);
2618
2619 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2620 " status=%u version=%u", MAC2STR(src), status[0], peer_version);
2621
2622 wpa_printf(MSG_DEBUG,
2623 "DPP: Try connection again after successful network introduction");
2624 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2625 wpa_supplicant_cancel_sched_scan(wpa_s);
2626 wpa_supplicant_req_scan(wpa_s, 0, 0);
2627 }
2628 fail:
2629 os_memset(&intro, 0, sizeof(intro));
2630 }
2631
2632
wpas_dpp_allow_ir(struct wpa_supplicant * wpa_s,unsigned int freq)2633 static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq)
2634 {
2635 int i, j;
2636
2637 if (!wpa_s->hw.modes)
2638 return -1;
2639
2640 for (i = 0; i < wpa_s->hw.num_modes; i++) {
2641 struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i];
2642
2643 for (j = 0; j < mode->num_channels; j++) {
2644 struct hostapd_channel_data *chan = &mode->channels[j];
2645
2646 if (chan->freq != (int) freq)
2647 continue;
2648
2649 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2650 HOSTAPD_CHAN_NO_IR |
2651 HOSTAPD_CHAN_RADAR))
2652 continue;
2653
2654 return 1;
2655 }
2656 }
2657
2658 wpa_printf(MSG_DEBUG,
2659 "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list",
2660 freq);
2661
2662 return 0;
2663 }
2664
2665
wpas_dpp_pkex_next_channel(struct wpa_supplicant * wpa_s,struct dpp_pkex * pkex)2666 static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s,
2667 struct dpp_pkex *pkex)
2668 {
2669 if (pkex->freq == 2437)
2670 pkex->freq = 5745;
2671 else if (pkex->freq == 5745)
2672 pkex->freq = 5220;
2673 else if (pkex->freq == 5220)
2674 pkex->freq = 60480;
2675 else
2676 return -1; /* no more channels to try */
2677
2678 if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) {
2679 wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz",
2680 pkex->freq);
2681 return 0;
2682 }
2683
2684 /* Could not use this channel - try the next one */
2685 return wpas_dpp_pkex_next_channel(wpa_s, pkex);
2686 }
2687
2688
2689 #ifdef CONFIG_DPP2
wpas_dpp_pkex_done(void * ctx,void * conn,struct dpp_bootstrap_info * peer_bi)2690 static int wpas_dpp_pkex_done(void *ctx, void *conn,
2691 struct dpp_bootstrap_info *peer_bi)
2692 {
2693 struct wpa_supplicant *wpa_s = ctx;
2694 const char *cmd = wpa_s->dpp_pkex_auth_cmd;
2695 const char *pos;
2696 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
2697 struct dpp_bootstrap_info *own_bi = NULL;
2698 struct dpp_authentication *auth;
2699
2700 if (!cmd)
2701 cmd = "";
2702 wpa_printf(MSG_DEBUG, "DPP: Start authentication after PKEX (cmd: %s)",
2703 cmd);
2704
2705 pos = os_strstr(cmd, " own=");
2706 if (pos) {
2707 pos += 5;
2708 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
2709 if (!own_bi) {
2710 wpa_printf(MSG_INFO,
2711 "DPP: Could not find bootstrapping info for the identified local entry");
2712 return -1;
2713 }
2714
2715 if (peer_bi->curve != own_bi->curve) {
2716 wpa_printf(MSG_INFO,
2717 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
2718 peer_bi->curve->name, own_bi->curve->name);
2719 return -1;
2720 }
2721 }
2722
2723 pos = os_strstr(cmd, " role=");
2724 if (pos) {
2725 pos += 6;
2726 if (os_strncmp(pos, "configurator", 12) == 0)
2727 allowed_roles = DPP_CAPAB_CONFIGURATOR;
2728 else if (os_strncmp(pos, "enrollee", 8) == 0)
2729 allowed_roles = DPP_CAPAB_ENROLLEE;
2730 else if (os_strncmp(pos, "either", 6) == 0)
2731 allowed_roles = DPP_CAPAB_CONFIGURATOR |
2732 DPP_CAPAB_ENROLLEE;
2733 else
2734 return -1;
2735 }
2736
2737 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
2738 0, wpa_s->hw.modes, wpa_s->hw.num_modes);
2739 if (!auth)
2740 return -1;
2741
2742 wpas_dpp_set_testing_options(wpa_s, auth);
2743 if (dpp_set_configurator(auth, cmd) < 0) {
2744 dpp_auth_deinit(auth);
2745 return -1;
2746 }
2747
2748 return dpp_tcp_auth(wpa_s->dpp, conn, auth, wpa_s->conf->dpp_name,
2749 DPP_NETROLE_STA, wpas_dpp_process_conf_obj,
2750 wpas_dpp_tcp_msg_sent);
2751 }
2752 #endif /* CONFIG_DPP2 */
2753
2754
wpas_dpp_pkex_init(struct wpa_supplicant * wpa_s,enum dpp_pkex_ver ver,const struct hostapd_ip_addr * ipaddr,int tcp_port)2755 static int wpas_dpp_pkex_init(struct wpa_supplicant *wpa_s,
2756 enum dpp_pkex_ver ver,
2757 const struct hostapd_ip_addr *ipaddr,
2758 int tcp_port)
2759 {
2760 struct dpp_pkex *pkex;
2761 struct wpabuf *msg;
2762 unsigned int wait_time;
2763 bool v2 = ver != PKEX_VER_ONLY_1;
2764
2765 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEXv%d", v2 ? 2 : 1);
2766 dpp_pkex_free(wpa_s->dpp_pkex);
2767 wpa_s->dpp_pkex = NULL;
2768 pkex = dpp_pkex_init(wpa_s, wpa_s->dpp_pkex_bi, wpa_s->own_addr,
2769 wpa_s->dpp_pkex_identifier,
2770 wpa_s->dpp_pkex_code, v2);
2771 if (!pkex)
2772 return -1;
2773 pkex->forced_ver = ver != PKEX_VER_AUTO;
2774
2775 if (ipaddr) {
2776 #ifdef CONFIG_DPP2
2777 return dpp_tcp_pkex_init(wpa_s->dpp, pkex, ipaddr, tcp_port,
2778 wpa_s, wpa_s, wpas_dpp_pkex_done);
2779 #else /* CONFIG_DPP2 */
2780 return -1;
2781 #endif /* CONFIG_DPP2 */
2782 }
2783
2784 wpa_s->dpp_pkex = pkex;
2785 msg = pkex->exchange_req;
2786 wait_time = wpa_s->max_remain_on_chan;
2787 if (wait_time > 2000)
2788 wait_time = 2000;
2789 pkex->freq = 2437;
2790 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
2791 " freq=%u type=%d",
2792 MAC2STR(broadcast), pkex->freq,
2793 v2 ? DPP_PA_PKEX_EXCHANGE_REQ :
2794 DPP_PA_PKEX_V1_EXCHANGE_REQ);
2795 offchannel_send_action(wpa_s, pkex->freq, broadcast,
2796 wpa_s->own_addr, broadcast,
2797 wpabuf_head(msg), wpabuf_len(msg),
2798 wait_time, wpas_dpp_tx_pkex_status, 0);
2799 if (wait_time == 0)
2800 wait_time = 2000;
2801 pkex->exch_req_wait_time = wait_time;
2802 pkex->exch_req_tries = 1;
2803
2804 return 0;
2805 }
2806
2807
wpas_dpp_pkex_retry_timeout(void * eloop_ctx,void * timeout_ctx)2808 static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx)
2809 {
2810 struct wpa_supplicant *wpa_s = eloop_ctx;
2811 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2812
2813 if (!pkex || !pkex->exchange_req)
2814 return;
2815 if (pkex->exch_req_tries >= 5) {
2816 if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) {
2817 #ifdef CONFIG_DPP3
2818 if (pkex->v2 && !pkex->forced_ver) {
2819 wpa_printf(MSG_DEBUG,
2820 "DPP: Fall back to PKEXv1");
2821 wpas_dpp_pkex_init(wpa_s, PKEX_VER_ONLY_1,
2822 NULL, 0);
2823 return;
2824 }
2825 #endif /* CONFIG_DPP3 */
2826 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2827 "No response from PKEX peer");
2828 dpp_pkex_free(pkex);
2829 wpa_s->dpp_pkex = NULL;
2830 return;
2831 }
2832 pkex->exch_req_tries = 0;
2833 }
2834
2835 pkex->exch_req_tries++;
2836 wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)",
2837 pkex->exch_req_tries);
2838 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2839 MAC2STR(broadcast), pkex->freq,
2840 pkex->v2 ? DPP_PA_PKEX_EXCHANGE_REQ :
2841 DPP_PA_PKEX_V1_EXCHANGE_REQ);
2842 offchannel_send_action(wpa_s, pkex->freq, broadcast,
2843 wpa_s->own_addr, broadcast,
2844 wpabuf_head(pkex->exchange_req),
2845 wpabuf_len(pkex->exchange_req),
2846 pkex->exch_req_wait_time,
2847 wpas_dpp_tx_pkex_status, 0);
2848 }
2849
2850
2851 static void
wpas_dpp_tx_pkex_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)2852 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
2853 unsigned int freq, const u8 *dst,
2854 const u8 *src, const u8 *bssid,
2855 const u8 *data, size_t data_len,
2856 enum offchannel_send_action_result result)
2857 {
2858 const char *res_txt;
2859 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2860
2861 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
2862 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
2863 "FAILED");
2864 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
2865 " result=%s (PKEX)",
2866 freq, MAC2STR(dst), res_txt);
2867 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
2868 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
2869
2870 if (!pkex) {
2871 wpa_printf(MSG_DEBUG,
2872 "DPP: Ignore TX status since there is no ongoing PKEX exchange");
2873 return;
2874 }
2875
2876 if (pkex->failed) {
2877 wpa_printf(MSG_DEBUG,
2878 "DPP: Terminate PKEX exchange due to an earlier error");
2879 if (pkex->t > pkex->own_bi->pkex_t)
2880 pkex->own_bi->pkex_t = pkex->t;
2881 dpp_pkex_free(pkex);
2882 wpa_s->dpp_pkex = NULL;
2883 return;
2884 }
2885
2886 if (pkex->exch_req_wait_time && pkex->exchange_req) {
2887 /* Wait for PKEX Exchange Response frame and retry request if
2888 * no response is seen. */
2889 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
2890 eloop_register_timeout(pkex->exch_req_wait_time / 1000,
2891 (pkex->exch_req_wait_time % 1000) * 1000,
2892 wpas_dpp_pkex_retry_timeout, wpa_s,
2893 NULL);
2894 }
2895 }
2896
2897
2898 static void
wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq,bool v2)2899 wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src,
2900 const u8 *buf, size_t len, unsigned int freq,
2901 bool v2)
2902 {
2903 struct wpabuf *msg;
2904 unsigned int wait_time;
2905
2906 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR,
2907 MAC2STR(src));
2908
2909 if (wpa_s->dpp_pkex_ver == PKEX_VER_ONLY_1 && v2) {
2910 wpa_printf(MSG_DEBUG,
2911 "DPP: Ignore PKEXv2 Exchange Request when configured to be PKEX v1 only");
2912 return;
2913 }
2914 if (wpa_s->dpp_pkex_ver == PKEX_VER_ONLY_2 && !v2) {
2915 wpa_printf(MSG_DEBUG,
2916 "DPP: Ignore PKEXv1 Exchange Request when configured to be PKEX v2 only");
2917 return;
2918 }
2919
2920 /* TODO: Support multiple PKEX codes by iterating over all the enabled
2921 * values here */
2922
2923 if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) {
2924 wpa_printf(MSG_DEBUG,
2925 "DPP: No PKEX code configured - ignore request");
2926 return;
2927 }
2928
2929 if (wpa_s->dpp_pkex) {
2930 /* TODO: Support parallel operations */
2931 wpa_printf(MSG_DEBUG,
2932 "DPP: Already in PKEX session - ignore new request");
2933 return;
2934 }
2935
2936 wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi,
2937 wpa_s->own_addr, src,
2938 wpa_s->dpp_pkex_identifier,
2939 wpa_s->dpp_pkex_code,
2940 buf, len, v2);
2941 if (!wpa_s->dpp_pkex) {
2942 wpa_printf(MSG_DEBUG,
2943 "DPP: Failed to process the request - ignore it");
2944 return;
2945 }
2946
2947 wpa_s->dpp_pkex_wait_auth_req = false;
2948 msg = wpa_s->dpp_pkex->exchange_resp;
2949 wait_time = wpa_s->max_remain_on_chan;
2950 if (wait_time > 2000)
2951 wait_time = 2000;
2952 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2953 MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP);
2954 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
2955 broadcast,
2956 wpabuf_head(msg), wpabuf_len(msg),
2957 wait_time, wpas_dpp_tx_pkex_status, 0);
2958 }
2959
2960
2961 static void
wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)2962 wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2963 const u8 *buf, size_t len, unsigned int freq)
2964 {
2965 struct wpabuf *msg;
2966 unsigned int wait_time;
2967
2968 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR,
2969 MAC2STR(src));
2970
2971 /* TODO: Support multiple PKEX codes by iterating over all the enabled
2972 * values here */
2973
2974 if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator ||
2975 wpa_s->dpp_pkex->exchange_done) {
2976 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
2977 return;
2978 }
2979
2980 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
2981 wpa_s->dpp_pkex->exch_req_wait_time = 0;
2982
2983 msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len);
2984 if (!msg) {
2985 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
2986 return;
2987 }
2988
2989 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR,
2990 MAC2STR(src));
2991
2992 wait_time = wpa_s->max_remain_on_chan;
2993 if (wait_time > 2000)
2994 wait_time = 2000;
2995 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2996 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ);
2997 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
2998 broadcast,
2999 wpabuf_head(msg), wpabuf_len(msg),
3000 wait_time, wpas_dpp_tx_pkex_status, 0);
3001 wpabuf_free(msg);
3002 }
3003
3004
3005 static struct dpp_bootstrap_info *
wpas_dpp_pkex_finish(struct wpa_supplicant * wpa_s,const u8 * peer,unsigned int freq)3006 wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer,
3007 unsigned int freq)
3008 {
3009 struct dpp_bootstrap_info *bi;
3010
3011 bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq);
3012 if (!bi)
3013 return NULL;
3014 wpa_s->dpp_pkex = NULL;
3015 return bi;
3016 }
3017
3018
3019 static void
wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3020 wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
3021 const u8 *hdr, const u8 *buf, size_t len,
3022 unsigned int freq)
3023 {
3024 struct wpabuf *msg;
3025 unsigned int wait_time;
3026 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3027
3028 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR,
3029 MAC2STR(src));
3030
3031 if (!pkex || pkex->initiator || !pkex->exchange_done) {
3032 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3033 return;
3034 }
3035
3036 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len);
3037 if (!msg) {
3038 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request");
3039 if (pkex->failed) {
3040 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange");
3041 if (pkex->t > pkex->own_bi->pkex_t)
3042 pkex->own_bi->pkex_t = pkex->t;
3043 dpp_pkex_free(wpa_s->dpp_pkex);
3044 wpa_s->dpp_pkex = NULL;
3045 }
3046 return;
3047 }
3048
3049 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to "
3050 MACSTR, MAC2STR(src));
3051
3052 wait_time = wpa_s->max_remain_on_chan;
3053 if (wait_time > 2000)
3054 wait_time = 2000;
3055 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3056 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP);
3057 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
3058 broadcast,
3059 wpabuf_head(msg), wpabuf_len(msg),
3060 wait_time, wpas_dpp_tx_pkex_status, 0);
3061 wpabuf_free(msg);
3062
3063 wpas_dpp_pkex_finish(wpa_s, src, freq);
3064 wpa_s->dpp_pkex_wait_auth_req = true;
3065 }
3066
3067
3068 static void
wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3069 wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
3070 const u8 *hdr, const u8 *buf, size_t len,
3071 unsigned int freq)
3072 {
3073 int res;
3074 struct dpp_bootstrap_info *bi;
3075 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3076 char cmd[500];
3077
3078 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR,
3079 MAC2STR(src));
3080
3081 if (!pkex || !pkex->initiator || !pkex->exchange_done) {
3082 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3083 return;
3084 }
3085
3086 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len);
3087 if (res < 0) {
3088 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
3089 return;
3090 }
3091
3092 bi = wpas_dpp_pkex_finish(wpa_s, src, freq);
3093 if (!bi)
3094 return;
3095
3096 os_snprintf(cmd, sizeof(cmd), " peer=%u %s",
3097 bi->id,
3098 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : "");
3099 wpa_printf(MSG_DEBUG,
3100 "DPP: Start authentication after PKEX with parameters: %s",
3101 cmd);
3102 if (wpas_dpp_auth_init(wpa_s, cmd) < 0) {
3103 wpa_printf(MSG_DEBUG,
3104 "DPP: Authentication initialization failed");
3105 offchannel_send_action_done(wpa_s);
3106 return;
3107 }
3108 }
3109
3110
wpas_dpp_rx_action(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)3111 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src,
3112 const u8 *buf, size_t len, unsigned int freq)
3113 {
3114 u8 crypto_suite;
3115 enum dpp_public_action_frame_type type;
3116 const u8 *hdr;
3117 unsigned int pkex_t;
3118
3119 if (len < DPP_HDR_LEN)
3120 return;
3121 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE)
3122 return;
3123 hdr = buf;
3124 buf += 4;
3125 len -= 4;
3126 crypto_suite = *buf++;
3127 type = *buf++;
3128 len -= 2;
3129
3130 wpa_printf(MSG_DEBUG,
3131 "DPP: Received DPP Public Action frame crypto suite %u type %d from "
3132 MACSTR " freq=%u",
3133 crypto_suite, type, MAC2STR(src), freq);
3134 if (crypto_suite != 1) {
3135 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u",
3136 crypto_suite);
3137 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
3138 " freq=%u type=%d ignore=unsupported-crypto-suite",
3139 MAC2STR(src), freq, type);
3140 return;
3141 }
3142 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len);
3143 if (dpp_check_attrs(buf, len) < 0) {
3144 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
3145 " freq=%u type=%d ignore=invalid-attributes",
3146 MAC2STR(src), freq, type);
3147 return;
3148 }
3149 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d",
3150 MAC2STR(src), freq, type);
3151
3152 switch (type) {
3153 case DPP_PA_AUTHENTICATION_REQ:
3154 wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq);
3155 break;
3156 case DPP_PA_AUTHENTICATION_RESP:
3157 wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq);
3158 break;
3159 case DPP_PA_AUTHENTICATION_CONF:
3160 wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len);
3161 break;
3162 case DPP_PA_PEER_DISCOVERY_RESP:
3163 wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len);
3164 break;
3165 #ifdef CONFIG_DPP3
3166 case DPP_PA_PKEX_EXCHANGE_REQ:
3167 /* This is for PKEXv2, but for now, process only with
3168 * CONFIG_DPP3 to avoid issues with a capability that has not
3169 * been tested with other implementations. */
3170 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq, true);
3171 break;
3172 #endif /* CONFIG_DPP3 */
3173 case DPP_PA_PKEX_V1_EXCHANGE_REQ:
3174 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq,
3175 false);
3176 break;
3177 case DPP_PA_PKEX_EXCHANGE_RESP:
3178 wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq);
3179 break;
3180 case DPP_PA_PKEX_COMMIT_REVEAL_REQ:
3181 wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len,
3182 freq);
3183 break;
3184 case DPP_PA_PKEX_COMMIT_REVEAL_RESP:
3185 wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len,
3186 freq);
3187 break;
3188 #ifdef CONFIG_DPP2
3189 case DPP_PA_CONFIGURATION_RESULT:
3190 wpas_dpp_rx_conf_result(wpa_s, src, hdr, buf, len);
3191 break;
3192 case DPP_PA_CONNECTION_STATUS_RESULT:
3193 wpas_dpp_rx_conn_status_result(wpa_s, src, hdr, buf, len);
3194 break;
3195 case DPP_PA_PRESENCE_ANNOUNCEMENT:
3196 wpas_dpp_rx_presence_announcement(wpa_s, src, hdr, buf, len,
3197 freq);
3198 break;
3199 case DPP_PA_RECONFIG_ANNOUNCEMENT:
3200 wpas_dpp_rx_reconfig_announcement(wpa_s, src, hdr, buf, len,
3201 freq);
3202 break;
3203 case DPP_PA_RECONFIG_AUTH_REQ:
3204 wpas_dpp_rx_reconfig_auth_req(wpa_s, src, hdr, buf, len, freq);
3205 break;
3206 case DPP_PA_RECONFIG_AUTH_RESP:
3207 wpas_dpp_rx_reconfig_auth_resp(wpa_s, src, hdr, buf, len, freq);
3208 break;
3209 case DPP_PA_RECONFIG_AUTH_CONF:
3210 wpas_dpp_rx_reconfig_auth_conf(wpa_s, src, hdr, buf, len, freq);
3211 break;
3212 #endif /* CONFIG_DPP2 */
3213 default:
3214 wpa_printf(MSG_DEBUG,
3215 "DPP: Ignored unsupported frame subtype %d", type);
3216 break;
3217 }
3218
3219 if (wpa_s->dpp_pkex)
3220 pkex_t = wpa_s->dpp_pkex->t;
3221 else if (wpa_s->dpp_pkex_bi)
3222 pkex_t = wpa_s->dpp_pkex_bi->pkex_t;
3223 else
3224 pkex_t = 0;
3225 if (pkex_t >= PKEX_COUNTER_T_LIMIT) {
3226 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0");
3227 wpas_dpp_pkex_remove(wpa_s, "*");
3228 }
3229 }
3230
3231
wpas_dpp_gas_initial_resp_timeout(void * eloop_ctx,void * timeout_ctx)3232 static void wpas_dpp_gas_initial_resp_timeout(void *eloop_ctx,
3233 void *timeout_ctx)
3234 {
3235 struct wpa_supplicant *wpa_s = eloop_ctx;
3236 struct dpp_authentication *auth = wpa_s->dpp_auth;
3237
3238 if (!auth || !auth->waiting_config || !auth->config_resp_ctx)
3239 return;
3240
3241 wpa_printf(MSG_DEBUG,
3242 "DPP: No configuration available from upper layers - send initial response with comeback delay");
3243 gas_server_set_comeback_delay(wpa_s->gas_server, auth->config_resp_ctx,
3244 500);
3245 }
3246
3247
3248 static struct wpabuf *
wpas_dpp_gas_req_handler(void * ctx,void * resp_ctx,const u8 * sa,const u8 * query,size_t query_len,int * comeback_delay)3249 wpas_dpp_gas_req_handler(void *ctx, void *resp_ctx, const u8 *sa,
3250 const u8 *query, size_t query_len, int *comeback_delay)
3251 {
3252 struct wpa_supplicant *wpa_s = ctx;
3253 struct dpp_authentication *auth = wpa_s->dpp_auth;
3254 struct wpabuf *resp;
3255
3256 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR,
3257 MAC2STR(sa));
3258 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
3259 os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) {
3260 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
3261 return NULL;
3262 }
3263
3264 if (wpa_s->dpp_auth_ok_on_ack && auth->configurator) {
3265 wpa_printf(MSG_DEBUG,
3266 "DPP: Have not received ACK for Auth Confirm yet - assume it was received based on this GAS request");
3267 /* wpas_dpp_auth_success() would normally have been called from
3268 * TX status handler, but since there was no such handler call
3269 * yet, simply send out the event message and proceed with
3270 * exchange. */
3271 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=1");
3272 wpa_s->dpp_auth_ok_on_ack = 0;
3273 }
3274
3275 wpa_hexdump(MSG_DEBUG,
3276 "DPP: Received Configuration Request (GAS Query Request)",
3277 query, query_len);
3278 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR,
3279 MAC2STR(sa));
3280 resp = dpp_conf_req_rx(auth, query, query_len);
3281
3282 auth->gas_server_ctx = resp_ctx;
3283
3284 #ifdef CONFIG_DPP2
3285 if (!resp && auth->waiting_cert) {
3286 wpa_printf(MSG_DEBUG, "DPP: Certificate not yet ready");
3287 auth->config_resp_ctx = resp_ctx;
3288 *comeback_delay = 500;
3289 return NULL;
3290 }
3291 #endif /* CONFIG_DPP2 */
3292
3293 if (!resp && auth->waiting_config &&
3294 (auth->peer_bi || auth->tmp_peer_bi)) {
3295 char *buf = NULL, *name = "";
3296 char band[200], *pos, *end;
3297 int i, res, *opclass = auth->e_band_support;
3298 char *mud_url = "N/A";
3299
3300 wpa_printf(MSG_DEBUG, "DPP: Configuration not yet ready");
3301 auth->config_resp_ctx = resp_ctx;
3302 *comeback_delay = -1;
3303 if (auth->e_name) {
3304 size_t len = os_strlen(auth->e_name);
3305
3306 buf = os_malloc(len * 4 + 1);
3307 if (buf) {
3308 printf_encode(buf, len * 4 + 1,
3309 (const u8 *) auth->e_name, len);
3310 name = buf;
3311 }
3312 }
3313 band[0] = '\0';
3314 pos = band;
3315 end = band + sizeof(band);
3316 for (i = 0; opclass && opclass[i]; i++) {
3317 res = os_snprintf(pos, end - pos, "%s%d",
3318 pos == band ? "" : ",", opclass[i]);
3319 if (os_snprintf_error(end - pos, res)) {
3320 *pos = '\0';
3321 break;
3322 }
3323 pos += res;
3324 }
3325 if (auth->e_mud_url) {
3326 size_t len = os_strlen(auth->e_mud_url);
3327
3328 if (!has_ctrl_char((const u8 *) auth->e_mud_url, len))
3329 mud_url = auth->e_mud_url;
3330 }
3331 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_NEEDED "peer=%d src="
3332 MACSTR " net_role=%s name=\"%s\" opclass=%s mud_url=%s",
3333 auth->peer_bi ? auth->peer_bi->id :
3334 auth->tmp_peer_bi->id, MAC2STR(sa),
3335 dpp_netrole_str(auth->e_netrole), name, band, mud_url);
3336 os_free(buf);
3337
3338 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s,
3339 NULL);
3340 eloop_register_timeout(0, 50000,
3341 wpas_dpp_gas_initial_resp_timeout, wpa_s,
3342 NULL);
3343 return NULL;
3344 }
3345
3346 auth->conf_resp = resp;
3347 if (!resp) {
3348 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
3349 dpp_auth_deinit(wpa_s->dpp_auth);
3350 wpa_s->dpp_auth = NULL;
3351 }
3352 return resp;
3353 }
3354
3355
3356 static void
wpas_dpp_gas_status_handler(void * ctx,struct wpabuf * resp,int ok)3357 wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok)
3358 {
3359 struct wpa_supplicant *wpa_s = ctx;
3360 struct dpp_authentication *auth = wpa_s->dpp_auth;
3361
3362 if (!auth) {
3363 wpabuf_free(resp);
3364 return;
3365 }
3366 if (auth->conf_resp != resp) {
3367 wpa_printf(MSG_DEBUG,
3368 "DPP: Ignore GAS status report (ok=%d) for unknown response",
3369 ok);
3370 wpabuf_free(resp);
3371 return;
3372 }
3373
3374 #ifdef CONFIG_DPP2
3375 if (auth->waiting_csr && ok) {
3376 wpa_printf(MSG_DEBUG, "DPP: Waiting for CSR");
3377 wpabuf_free(resp);
3378 return;
3379 }
3380 #endif /* CONFIG_DPP2 */
3381
3382 #ifdef CONFIG_DPP3
3383 if (auth->waiting_new_key && ok) {
3384 wpa_printf(MSG_DEBUG, "DPP: Waiting for a new key");
3385 wpabuf_free(resp);
3386 return;
3387 }
3388 #endif /* CONFIG_DPP3 */
3389
3390 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)",
3391 ok);
3392 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
3393 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
3394 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
3395 #ifdef CONFIG_DPP2
3396 if (ok && auth->peer_version >= 2 &&
3397 auth->conf_resp_status == DPP_STATUS_OK &&
3398 !auth->waiting_conf_result) {
3399 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result");
3400 auth->waiting_conf_result = 1;
3401 auth->conf_resp = NULL;
3402 wpabuf_free(resp);
3403 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
3404 wpa_s, NULL);
3405 eloop_register_timeout(2, 0,
3406 wpas_dpp_config_result_wait_timeout,
3407 wpa_s, NULL);
3408 return;
3409 }
3410 #endif /* CONFIG_DPP2 */
3411 offchannel_send_action_done(wpa_s);
3412 wpas_dpp_listen_stop(wpa_s);
3413 if (ok)
3414 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
3415 else
3416 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
3417 dpp_auth_deinit(wpa_s->dpp_auth);
3418 wpa_s->dpp_auth = NULL;
3419 wpabuf_free(resp);
3420 }
3421
3422
wpas_dpp_configurator_sign(struct wpa_supplicant * wpa_s,const char * cmd)3423 int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd)
3424 {
3425 struct dpp_authentication *auth;
3426 int ret = -1;
3427 char *curve = NULL;
3428
3429 auth = dpp_alloc_auth(wpa_s->dpp, wpa_s);
3430 if (!auth)
3431 return -1;
3432
3433 curve = get_param(cmd, " curve=");
3434 wpas_dpp_set_testing_options(wpa_s, auth);
3435 if (dpp_set_configurator(auth, cmd) == 0 &&
3436 dpp_configurator_own_config(auth, curve, 0) == 0)
3437 ret = wpas_dpp_handle_config_obj(wpa_s, auth,
3438 &auth->conf_obj[0]);
3439 if (!ret)
3440 wpas_dpp_post_process_config(wpa_s, auth);
3441
3442 dpp_auth_deinit(auth);
3443 os_free(curve);
3444
3445 return ret;
3446 }
3447
3448
3449 static void
wpas_dpp_tx_introduction_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3450 wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s,
3451 unsigned int freq, const u8 *dst,
3452 const u8 *src, const u8 *bssid,
3453 const u8 *data, size_t data_len,
3454 enum offchannel_send_action_result result)
3455 {
3456 const char *res_txt;
3457
3458 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
3459 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
3460 "FAILED");
3461 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
3462 " result=%s (DPP Peer Discovery Request)",
3463 freq, MAC2STR(dst), res_txt);
3464 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
3465 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
3466 /* TODO: Time out wait for response more quickly in error cases? */
3467 }
3468
3469
wpas_dpp_check_connect(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_bss * bss)3470 int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3471 struct wpa_bss *bss)
3472 {
3473 struct os_time now;
3474 struct wpabuf *msg;
3475 unsigned int wait_time;
3476 const u8 *rsn;
3477 struct wpa_ie_data ied;
3478 size_t len;
3479
3480 if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss)
3481 return 0; /* Not using DPP AKM - continue */
3482 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3483 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
3484 !(ied.key_mgmt & WPA_KEY_MGMT_DPP))
3485 return 0; /* AP does not support DPP AKM - continue */
3486 if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid))
3487 return 0; /* PMKSA exists for DPP AKM - continue */
3488
3489 if (!ssid->dpp_connector || !ssid->dpp_netaccesskey ||
3490 !ssid->dpp_csign) {
3491 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
3492 "missing %s",
3493 !ssid->dpp_connector ? "Connector" :
3494 (!ssid->dpp_netaccesskey ? "netAccessKey" :
3495 "C-sign-key"));
3496 return -1;
3497 }
3498
3499 os_get_time(&now);
3500
3501 if (ssid->dpp_netaccesskey_expiry &&
3502 (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) {
3503 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
3504 "netAccessKey expired");
3505 return -1;
3506 }
3507
3508 wpa_printf(MSG_DEBUG,
3509 "DPP: Starting network introduction protocol to derive PMKSA for "
3510 MACSTR, MAC2STR(bss->bssid));
3511 if (wpa_s->wpa_state == WPA_SCANNING)
3512 wpa_supplicant_set_state(wpa_s, wpa_s->scan_prev_wpa_state);
3513
3514 len = 5 + 4 + os_strlen(ssid->dpp_connector);
3515 #ifdef CONFIG_DPP2
3516 len += 5;
3517 #endif /* CONFIG_DPP2 */
3518 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, len);
3519 if (!msg)
3520 return -1;
3521
3522 #ifdef CONFIG_TESTING_OPTIONS
3523 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) {
3524 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID");
3525 goto skip_trans_id;
3526 }
3527 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) {
3528 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID");
3529 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3530 wpabuf_put_le16(msg, 0);
3531 goto skip_trans_id;
3532 }
3533 #endif /* CONFIG_TESTING_OPTIONS */
3534
3535 /* Transaction ID */
3536 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3537 wpabuf_put_le16(msg, 1);
3538 wpabuf_put_u8(msg, TRANSACTION_ID);
3539
3540 #ifdef CONFIG_TESTING_OPTIONS
3541 skip_trans_id:
3542 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) {
3543 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector");
3544 goto skip_connector;
3545 }
3546 if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) {
3547 char *connector;
3548
3549 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector");
3550 connector = dpp_corrupt_connector_signature(
3551 ssid->dpp_connector);
3552 if (!connector) {
3553 wpabuf_free(msg);
3554 return -1;
3555 }
3556 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
3557 wpabuf_put_le16(msg, os_strlen(connector));
3558 wpabuf_put_str(msg, connector);
3559 os_free(connector);
3560 goto skip_connector;
3561 }
3562 #endif /* CONFIG_TESTING_OPTIONS */
3563
3564 /* DPP Connector */
3565 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
3566 wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector));
3567 wpabuf_put_str(msg, ssid->dpp_connector);
3568
3569 #ifdef CONFIG_TESTING_OPTIONS
3570 skip_connector:
3571 if (dpp_test == DPP_TEST_NO_PROTOCOL_VERSION_PEER_DISC_REQ) {
3572 wpa_printf(MSG_INFO, "DPP: TESTING - no Protocol Version");
3573 goto skip_proto_ver;
3574 }
3575 #endif /* CONFIG_TESTING_OPTIONS */
3576
3577 #ifdef CONFIG_DPP2
3578 if (DPP_VERSION > 1) {
3579 u8 ver = DPP_VERSION;
3580 #ifdef CONFIG_DPP3
3581 int conn_ver;
3582
3583 conn_ver = dpp_get_connector_version(ssid->dpp_connector);
3584 if (conn_ver > 0 && ver != conn_ver) {
3585 wpa_printf(MSG_DEBUG,
3586 "DPP: Use Connector version %d instead of current protocol version %d",
3587 conn_ver, ver);
3588 ver = conn_ver;
3589 }
3590 #endif /* CONFIG_DPP3 */
3591
3592 #ifdef CONFIG_TESTING_OPTIONS
3593 if (dpp_test == DPP_TEST_INVALID_PROTOCOL_VERSION_PEER_DISC_REQ) {
3594 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Protocol Version");
3595 ver = 1;
3596 }
3597 #endif /* CONFIG_TESTING_OPTIONS */
3598
3599 /* Protocol Version */
3600 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
3601 wpabuf_put_le16(msg, 1);
3602 wpabuf_put_u8(msg, ver);
3603 }
3604 #endif /* CONFIG_DPP2 */
3605
3606 #ifdef CONFIG_TESTING_OPTIONS
3607 skip_proto_ver:
3608 #endif /* CONFIG_TESTING_OPTIONS */
3609
3610 /* TODO: Timeout on AP response */
3611 wait_time = wpa_s->max_remain_on_chan;
3612 if (wait_time > 2000)
3613 wait_time = 2000;
3614 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3615 MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ);
3616 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr,
3617 broadcast,
3618 wpabuf_head(msg), wpabuf_len(msg),
3619 wait_time, wpas_dpp_tx_introduction_status, 0);
3620 wpabuf_free(msg);
3621
3622 /* Request this connection attempt to terminate - new one will be
3623 * started when network introduction protocol completes */
3624 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN);
3625 wpa_s->dpp_intro_network = ssid;
3626 return 1;
3627 }
3628
3629
wpas_dpp_pkex_add(struct wpa_supplicant * wpa_s,const char * cmd)3630 int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd)
3631 {
3632 struct dpp_bootstrap_info *own_bi;
3633 const char *pos, *end;
3634 #ifdef CONFIG_DPP3
3635 enum dpp_pkex_ver ver = PKEX_VER_AUTO;
3636 #else /* CONFIG_DPP3 */
3637 enum dpp_pkex_ver ver = PKEX_VER_ONLY_1;
3638 #endif /* CONFIG_DPP3 */
3639 int tcp_port = DPP_TCP_PORT;
3640 struct hostapd_ip_addr *ipaddr = NULL;
3641 #ifdef CONFIG_DPP2
3642 struct hostapd_ip_addr ipaddr_buf;
3643 char *addr;
3644
3645 pos = os_strstr(cmd, " tcp_port=");
3646 if (pos) {
3647 pos += 10;
3648 tcp_port = atoi(pos);
3649 }
3650
3651 addr = get_param(cmd, " tcp_addr=");
3652 if (addr) {
3653 int res;
3654
3655 res = hostapd_parse_ip_addr(addr, &ipaddr_buf);
3656 os_free(addr);
3657 if (res)
3658 return -1;
3659 ipaddr = &ipaddr_buf;
3660 }
3661 #endif /* CONFIG_DPP2 */
3662
3663 pos = os_strstr(cmd, " own=");
3664 if (!pos)
3665 return -1;
3666 pos += 5;
3667 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
3668 if (!own_bi) {
3669 wpa_printf(MSG_DEBUG,
3670 "DPP: Identified bootstrap info not found");
3671 return -1;
3672 }
3673 if (own_bi->type != DPP_BOOTSTRAP_PKEX) {
3674 wpa_printf(MSG_DEBUG,
3675 "DPP: Identified bootstrap info not for PKEX");
3676 return -1;
3677 }
3678 wpa_s->dpp_pkex_bi = own_bi;
3679 own_bi->pkex_t = 0; /* clear pending errors on new code */
3680
3681 os_free(wpa_s->dpp_pkex_identifier);
3682 wpa_s->dpp_pkex_identifier = NULL;
3683 pos = os_strstr(cmd, " identifier=");
3684 if (pos) {
3685 pos += 12;
3686 end = os_strchr(pos, ' ');
3687 if (!end)
3688 return -1;
3689 wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1);
3690 if (!wpa_s->dpp_pkex_identifier)
3691 return -1;
3692 os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos);
3693 wpa_s->dpp_pkex_identifier[end - pos] = '\0';
3694 }
3695
3696 pos = os_strstr(cmd, " code=");
3697 if (!pos)
3698 return -1;
3699 os_free(wpa_s->dpp_pkex_code);
3700 wpa_s->dpp_pkex_code = os_strdup(pos + 6);
3701 if (!wpa_s->dpp_pkex_code)
3702 return -1;
3703
3704 pos = os_strstr(cmd, " ver=");
3705 if (pos) {
3706 int v;
3707
3708 pos += 5;
3709 v = atoi(pos);
3710 if (v == 1)
3711 ver = PKEX_VER_ONLY_1;
3712 else if (v == 2)
3713 ver = PKEX_VER_ONLY_2;
3714 else
3715 return -1;
3716 }
3717 wpa_s->dpp_pkex_ver = ver;
3718
3719 if (os_strstr(cmd, " init=1")) {
3720 if (wpas_dpp_pkex_init(wpa_s, ver, ipaddr, tcp_port) < 0)
3721 return -1;
3722 } else {
3723 #ifdef CONFIG_DPP2
3724 dpp_controller_pkex_add(wpa_s->dpp, own_bi,
3725 wpa_s->dpp_pkex_code,
3726 wpa_s->dpp_pkex_identifier);
3727 #endif /* CONFIG_DPP2 */
3728 }
3729
3730 /* TODO: Support multiple PKEX info entries */
3731
3732 os_free(wpa_s->dpp_pkex_auth_cmd);
3733 wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd);
3734
3735 return 1;
3736 }
3737
3738
wpas_dpp_pkex_remove(struct wpa_supplicant * wpa_s,const char * id)3739 int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id)
3740 {
3741 unsigned int id_val;
3742
3743 if (os_strcmp(id, "*") == 0) {
3744 id_val = 0;
3745 } else {
3746 id_val = atoi(id);
3747 if (id_val == 0)
3748 return -1;
3749 }
3750
3751 if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code)
3752 return -1;
3753
3754 /* TODO: Support multiple PKEX entries */
3755 os_free(wpa_s->dpp_pkex_code);
3756 wpa_s->dpp_pkex_code = NULL;
3757 os_free(wpa_s->dpp_pkex_identifier);
3758 wpa_s->dpp_pkex_identifier = NULL;
3759 os_free(wpa_s->dpp_pkex_auth_cmd);
3760 wpa_s->dpp_pkex_auth_cmd = NULL;
3761 wpa_s->dpp_pkex_bi = NULL;
3762 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */
3763 dpp_pkex_free(wpa_s->dpp_pkex);
3764 wpa_s->dpp_pkex = NULL;
3765 return 0;
3766 }
3767
3768
wpas_dpp_stop(struct wpa_supplicant * wpa_s)3769 void wpas_dpp_stop(struct wpa_supplicant *wpa_s)
3770 {
3771 if (wpa_s->dpp_auth || wpa_s->dpp_pkex || wpa_s->dpp_pkex_wait_auth_req)
3772 offchannel_send_action_done(wpa_s);
3773 dpp_auth_deinit(wpa_s->dpp_auth);
3774 wpa_s->dpp_auth = NULL;
3775 dpp_pkex_free(wpa_s->dpp_pkex);
3776 wpa_s->dpp_pkex = NULL;
3777 wpa_s->dpp_pkex_wait_auth_req = false;
3778 if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0)
3779 gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token);
3780 }
3781
3782
wpas_dpp_init(struct wpa_supplicant * wpa_s)3783 int wpas_dpp_init(struct wpa_supplicant *wpa_s)
3784 {
3785 struct dpp_global_config config;
3786 u8 adv_proto_id[7];
3787
3788 adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC;
3789 adv_proto_id[1] = 5;
3790 WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA);
3791 adv_proto_id[5] = DPP_OUI_TYPE;
3792 adv_proto_id[6] = 0x01;
3793
3794 if (gas_server_register(wpa_s->gas_server, adv_proto_id,
3795 sizeof(adv_proto_id), wpas_dpp_gas_req_handler,
3796 wpas_dpp_gas_status_handler, wpa_s) < 0)
3797 return -1;
3798
3799 os_memset(&config, 0, sizeof(config));
3800 config.cb_ctx = wpa_s;
3801 #ifdef CONFIG_DPP2
3802 config.remove_bi = wpas_dpp_remove_bi;
3803 #endif /* CONFIG_DPP2 */
3804 wpa_s->dpp = dpp_global_init(&config);
3805 return wpa_s->dpp ? 0 : -1;
3806 }
3807
3808
wpas_dpp_deinit(struct wpa_supplicant * wpa_s)3809 void wpas_dpp_deinit(struct wpa_supplicant *wpa_s)
3810 {
3811 #ifdef CONFIG_TESTING_OPTIONS
3812 os_free(wpa_s->dpp_config_obj_override);
3813 wpa_s->dpp_config_obj_override = NULL;
3814 os_free(wpa_s->dpp_discovery_override);
3815 wpa_s->dpp_discovery_override = NULL;
3816 os_free(wpa_s->dpp_groups_override);
3817 wpa_s->dpp_groups_override = NULL;
3818 wpa_s->dpp_ignore_netaccesskey_mismatch = 0;
3819 #endif /* CONFIG_TESTING_OPTIONS */
3820 if (!wpa_s->dpp)
3821 return;
3822 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
3823 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
3824 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
3825 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
3826 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
3827 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s, NULL);
3828 eloop_cancel_timeout(wpas_dpp_gas_client_timeout, wpa_s, NULL);
3829 #ifdef CONFIG_DPP2
3830 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
3831 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
3832 wpa_s, NULL);
3833 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
3834 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
3835 wpa_s, NULL);
3836 eloop_cancel_timeout(wpas_dpp_build_csr, wpa_s, NULL);
3837 dpp_pfs_free(wpa_s->dpp_pfs);
3838 wpa_s->dpp_pfs = NULL;
3839 wpas_dpp_chirp_stop(wpa_s);
3840 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
3841 wpa_s->dpp_reconfig_id = NULL;
3842 #endif /* CONFIG_DPP2 */
3843 #ifdef CONFIG_DPP3
3844 eloop_cancel_timeout(wpas_dpp_build_new_key, wpa_s, NULL);
3845 #endif /* CONFIG_DPP3 */
3846 offchannel_send_action_done(wpa_s);
3847 wpas_dpp_listen_stop(wpa_s);
3848 wpas_dpp_stop(wpa_s);
3849 wpas_dpp_pkex_remove(wpa_s, "*");
3850 os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN);
3851 os_free(wpa_s->dpp_configurator_params);
3852 wpa_s->dpp_configurator_params = NULL;
3853 dpp_global_clear(wpa_s->dpp);
3854 }
3855
3856
wpas_dpp_build_conf_resp(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,bool tcp)3857 static int wpas_dpp_build_conf_resp(struct wpa_supplicant *wpa_s,
3858 struct dpp_authentication *auth, bool tcp)
3859 {
3860 struct wpabuf *resp;
3861
3862 resp = dpp_build_conf_resp(auth, auth->e_nonce, auth->curve->nonce_len,
3863 auth->e_netrole, true);
3864 if (!resp)
3865 return -1;
3866
3867 if (tcp) {
3868 auth->conf_resp_tcp = resp;
3869 return 0;
3870 }
3871
3872 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s, NULL);
3873 if (gas_server_set_resp(wpa_s->gas_server, auth->config_resp_ctx,
3874 resp) < 0) {
3875 wpa_printf(MSG_DEBUG,
3876 "DPP: Could not find pending GAS response");
3877 wpabuf_free(resp);
3878 return -1;
3879 }
3880 auth->conf_resp = resp;
3881 return 0;
3882 }
3883
3884
wpas_dpp_conf_set(struct wpa_supplicant * wpa_s,const char * cmd)3885 int wpas_dpp_conf_set(struct wpa_supplicant *wpa_s, const char *cmd)
3886 {
3887 int peer;
3888 const char *pos;
3889 struct dpp_authentication *auth = wpa_s->dpp_auth;
3890 bool tcp = false;
3891
3892 pos = os_strstr(cmd, " peer=");
3893 if (!pos)
3894 return -1;
3895 peer = atoi(pos + 6);
3896 #ifdef CONFIG_DPP2
3897 if (!auth || !auth->waiting_config ||
3898 (auth->peer_bi &&
3899 (unsigned int) peer != auth->peer_bi->id)) {
3900 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
3901 tcp = true;
3902 }
3903 #endif /* CONFIG_DPP2 */
3904
3905 if (!auth || !auth->waiting_config) {
3906 wpa_printf(MSG_DEBUG,
3907 "DPP: No authentication exchange waiting for configuration information");
3908 return -1;
3909 }
3910
3911 if ((!auth->peer_bi ||
3912 (unsigned int) peer != auth->peer_bi->id) &&
3913 (!auth->tmp_peer_bi ||
3914 (unsigned int) peer != auth->tmp_peer_bi->id)) {
3915 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
3916 return -1;
3917 }
3918
3919 pos = os_strstr(cmd, " comeback=");
3920 if (pos) {
3921 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s,
3922 NULL);
3923 gas_server_set_comeback_delay(wpa_s->gas_server,
3924 auth->config_resp_ctx,
3925 atoi(pos + 10));
3926 return 0;
3927 }
3928
3929 if (dpp_set_configurator(auth, cmd) < 0)
3930 return -1;
3931
3932 auth->use_config_query = false;
3933 auth->waiting_config = false;
3934 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
3935 }
3936
3937
3938 #ifdef CONFIG_DPP2
3939
wpas_dpp_controller_start(struct wpa_supplicant * wpa_s,const char * cmd)3940 int wpas_dpp_controller_start(struct wpa_supplicant *wpa_s, const char *cmd)
3941 {
3942 struct dpp_controller_config config;
3943 const char *pos;
3944
3945 os_memset(&config, 0, sizeof(config));
3946 config.allowed_roles = DPP_CAPAB_ENROLLEE | DPP_CAPAB_CONFIGURATOR;
3947 config.netrole = DPP_NETROLE_STA;
3948 config.msg_ctx = wpa_s;
3949 config.cb_ctx = wpa_s;
3950 config.process_conf_obj = wpas_dpp_process_conf_obj;
3951 config.tcp_msg_sent = wpas_dpp_tcp_msg_sent;
3952 if (cmd) {
3953 pos = os_strstr(cmd, " tcp_port=");
3954 if (pos) {
3955 pos += 10;
3956 config.tcp_port = atoi(pos);
3957 }
3958
3959 pos = os_strstr(cmd, " role=");
3960 if (pos) {
3961 pos += 6;
3962 if (os_strncmp(pos, "configurator", 12) == 0)
3963 config.allowed_roles = DPP_CAPAB_CONFIGURATOR;
3964 else if (os_strncmp(pos, "enrollee", 8) == 0)
3965 config.allowed_roles = DPP_CAPAB_ENROLLEE;
3966 else if (os_strncmp(pos, "either", 6) == 0)
3967 config.allowed_roles = DPP_CAPAB_CONFIGURATOR |
3968 DPP_CAPAB_ENROLLEE;
3969 else
3970 return -1;
3971 }
3972
3973 config.qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
3974 }
3975 config.configurator_params = wpa_s->dpp_configurator_params;
3976 return dpp_controller_start(wpa_s->dpp, &config);
3977 }
3978
3979
3980 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx);
3981
wpas_dpp_chirp_timeout(void * eloop_ctx,void * timeout_ctx)3982 static void wpas_dpp_chirp_timeout(void *eloop_ctx, void *timeout_ctx)
3983 {
3984 struct wpa_supplicant *wpa_s = eloop_ctx;
3985
3986 wpa_printf(MSG_DEBUG, "DPP: No chirp response received");
3987 offchannel_send_action_done(wpa_s);
3988 wpas_dpp_chirp_next(wpa_s, NULL);
3989 }
3990
3991
wpas_dpp_chirp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3992 static void wpas_dpp_chirp_tx_status(struct wpa_supplicant *wpa_s,
3993 unsigned int freq, const u8 *dst,
3994 const u8 *src, const u8 *bssid,
3995 const u8 *data, size_t data_len,
3996 enum offchannel_send_action_result result)
3997 {
3998 if (result == OFFCHANNEL_SEND_ACTION_FAILED) {
3999 wpa_printf(MSG_DEBUG, "DPP: Failed to send chirp on %d MHz",
4000 wpa_s->dpp_chirp_freq);
4001 if (eloop_register_timeout(0, 0, wpas_dpp_chirp_next,
4002 wpa_s, NULL) < 0)
4003 wpas_dpp_chirp_stop(wpa_s);
4004 return;
4005 }
4006
4007 wpa_printf(MSG_DEBUG, "DPP: Chirp send completed - wait for response");
4008 if (eloop_register_timeout(2, 0, wpas_dpp_chirp_timeout,
4009 wpa_s, NULL) < 0)
4010 wpas_dpp_chirp_stop(wpa_s);
4011 }
4012
4013
wpas_dpp_chirp_start(struct wpa_supplicant * wpa_s)4014 static void wpas_dpp_chirp_start(struct wpa_supplicant *wpa_s)
4015 {
4016 struct wpabuf *msg, *announce = NULL;
4017 int type;
4018
4019 msg = wpa_s->dpp_presence_announcement;
4020 type = DPP_PA_PRESENCE_ANNOUNCEMENT;
4021 if (!msg) {
4022 struct wpa_ssid *ssid = wpa_s->dpp_reconfig_ssid;
4023
4024 if (ssid && wpa_s->dpp_reconfig_id &&
4025 wpa_config_get_network(wpa_s->conf,
4026 wpa_s->dpp_reconfig_ssid_id) ==
4027 ssid) {
4028 announce = dpp_build_reconfig_announcement(
4029 ssid->dpp_csign,
4030 ssid->dpp_csign_len,
4031 ssid->dpp_netaccesskey,
4032 ssid->dpp_netaccesskey_len,
4033 wpa_s->dpp_reconfig_id);
4034 msg = announce;
4035 }
4036 if (!msg)
4037 return;
4038 type = DPP_PA_RECONFIG_ANNOUNCEMENT;
4039 }
4040 wpa_printf(MSG_DEBUG, "DPP: Chirp on %d MHz", wpa_s->dpp_chirp_freq);
4041 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
4042 MAC2STR(broadcast), wpa_s->dpp_chirp_freq, type);
4043 if (offchannel_send_action(
4044 wpa_s, wpa_s->dpp_chirp_freq, broadcast,
4045 wpa_s->own_addr, broadcast,
4046 wpabuf_head(msg), wpabuf_len(msg),
4047 2000, wpas_dpp_chirp_tx_status, 0) < 0)
4048 wpas_dpp_chirp_stop(wpa_s);
4049
4050 wpabuf_free(announce);
4051 }
4052
4053
wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant * wpa_s,struct wpa_scan_results * scan_res)4054 static void wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant *wpa_s,
4055 struct wpa_scan_results *scan_res)
4056 {
4057 struct dpp_bootstrap_info *bi = wpa_s->dpp_chirp_bi;
4058 unsigned int i;
4059 struct hostapd_hw_modes *mode;
4060 int c;
4061 struct wpa_bss *bss;
4062 bool chan6 = wpa_s->hw.modes == NULL;
4063
4064 if (!bi && !wpa_s->dpp_reconfig_ssid)
4065 return;
4066
4067 wpa_s->dpp_chirp_scan_done = 1;
4068
4069 os_free(wpa_s->dpp_chirp_freqs);
4070 wpa_s->dpp_chirp_freqs = NULL;
4071
4072 /* Channels from own bootstrapping info */
4073 if (bi) {
4074 for (i = 0; i < bi->num_freq; i++)
4075 int_array_add_unique(&wpa_s->dpp_chirp_freqs,
4076 bi->freq[i]);
4077 }
4078
4079 /* Preferred chirping channels */
4080 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
4081 HOSTAPD_MODE_IEEE80211G, false);
4082 if (mode) {
4083 for (c = 0; c < mode->num_channels; c++) {
4084 struct hostapd_channel_data *chan = &mode->channels[c];
4085
4086 if ((chan->flag & HOSTAPD_CHAN_DISABLED) ||
4087 chan->freq != 2437)
4088 continue;
4089 chan6 = true;
4090 break;
4091 }
4092 }
4093 if (chan6)
4094 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 2437);
4095
4096 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
4097 HOSTAPD_MODE_IEEE80211A, false);
4098 if (mode) {
4099 int chan44 = 0, chan149 = 0;
4100
4101 for (c = 0; c < mode->num_channels; c++) {
4102 struct hostapd_channel_data *chan = &mode->channels[c];
4103
4104 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
4105 HOSTAPD_CHAN_RADAR))
4106 continue;
4107 if (chan->freq == 5220)
4108 chan44 = 1;
4109 if (chan->freq == 5745)
4110 chan149 = 1;
4111 }
4112 if (chan149)
4113 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5745);
4114 else if (chan44)
4115 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5220);
4116 }
4117
4118 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
4119 HOSTAPD_MODE_IEEE80211AD, false);
4120 if (mode) {
4121 for (c = 0; c < mode->num_channels; c++) {
4122 struct hostapd_channel_data *chan = &mode->channels[c];
4123
4124 if ((chan->flag & (HOSTAPD_CHAN_DISABLED |
4125 HOSTAPD_CHAN_RADAR)) ||
4126 chan->freq != 60480)
4127 continue;
4128 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 60480);
4129 break;
4130 }
4131 }
4132
4133 /* Add channels from scan results for APs that advertise Configurator
4134 * Connectivity element */
4135 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4136 if (wpa_bss_get_vendor_ie(bss, DPP_CC_IE_VENDOR_TYPE))
4137 int_array_add_unique(&wpa_s->dpp_chirp_freqs,
4138 bss->freq);
4139 }
4140
4141 if (!wpa_s->dpp_chirp_freqs ||
4142 eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL) < 0)
4143 wpas_dpp_chirp_stop(wpa_s);
4144 }
4145
4146
wpas_dpp_chirp_next(void * eloop_ctx,void * timeout_ctx)4147 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx)
4148 {
4149 struct wpa_supplicant *wpa_s = eloop_ctx;
4150 int i;
4151
4152 if (wpa_s->dpp_chirp_listen)
4153 wpas_dpp_listen_stop(wpa_s);
4154
4155 if (wpa_s->dpp_chirp_freq == 0) {
4156 if (wpa_s->dpp_chirp_round % 4 == 0 &&
4157 !wpa_s->dpp_chirp_scan_done) {
4158 if (wpas_scan_scheduled(wpa_s)) {
4159 wpa_printf(MSG_DEBUG,
4160 "DPP: Deferring chirp scan because another scan is planned already");
4161 if (eloop_register_timeout(1, 0,
4162 wpas_dpp_chirp_next,
4163 wpa_s, NULL) < 0) {
4164 wpas_dpp_chirp_stop(wpa_s);
4165 return;
4166 }
4167 return;
4168 }
4169 wpa_printf(MSG_DEBUG,
4170 "DPP: Update channel list for chirping");
4171 wpa_s->scan_req = MANUAL_SCAN_REQ;
4172 wpa_s->scan_res_handler =
4173 wpas_dpp_chirp_scan_res_handler;
4174 wpa_supplicant_req_scan(wpa_s, 0, 0);
4175 return;
4176 }
4177 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[0];
4178 wpa_s->dpp_chirp_round++;
4179 wpa_printf(MSG_DEBUG, "DPP: Start chirping round %d",
4180 wpa_s->dpp_chirp_round);
4181 } else {
4182 for (i = 0; wpa_s->dpp_chirp_freqs[i]; i++)
4183 if (wpa_s->dpp_chirp_freqs[i] == wpa_s->dpp_chirp_freq)
4184 break;
4185 if (!wpa_s->dpp_chirp_freqs[i]) {
4186 wpa_printf(MSG_DEBUG,
4187 "DPP: Previous chirp freq %d not found",
4188 wpa_s->dpp_chirp_freq);
4189 return;
4190 }
4191 i++;
4192 if (wpa_s->dpp_chirp_freqs[i]) {
4193 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[i];
4194 } else {
4195 wpa_s->dpp_chirp_iter--;
4196 if (wpa_s->dpp_chirp_iter <= 0) {
4197 wpa_printf(MSG_DEBUG,
4198 "DPP: Chirping iterations completed");
4199 wpas_dpp_chirp_stop(wpa_s);
4200 return;
4201 }
4202 wpa_s->dpp_chirp_freq = 0;
4203 wpa_s->dpp_chirp_scan_done = 0;
4204 if (eloop_register_timeout(30, 0, wpas_dpp_chirp_next,
4205 wpa_s, NULL) < 0) {
4206 wpas_dpp_chirp_stop(wpa_s);
4207 return;
4208 }
4209 if (wpa_s->dpp_chirp_listen) {
4210 wpa_printf(MSG_DEBUG,
4211 "DPP: Listen on %d MHz during chirp 30 second wait",
4212 wpa_s->dpp_chirp_listen);
4213 wpas_dpp_listen_start(wpa_s,
4214 wpa_s->dpp_chirp_listen);
4215 } else {
4216 wpa_printf(MSG_DEBUG,
4217 "DPP: Wait 30 seconds before starting the next chirping round");
4218 }
4219 return;
4220 }
4221 }
4222
4223 wpas_dpp_chirp_start(wpa_s);
4224 }
4225
4226
wpas_dpp_chirp(struct wpa_supplicant * wpa_s,const char * cmd)4227 int wpas_dpp_chirp(struct wpa_supplicant *wpa_s, const char *cmd)
4228 {
4229 const char *pos;
4230 int iter = 1, listen_freq = 0;
4231 struct dpp_bootstrap_info *bi;
4232
4233 pos = os_strstr(cmd, " own=");
4234 if (!pos)
4235 return -1;
4236 pos += 5;
4237 bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
4238 if (!bi) {
4239 wpa_printf(MSG_DEBUG,
4240 "DPP: Identified bootstrap info not found");
4241 return -1;
4242 }
4243
4244 pos = os_strstr(cmd, " iter=");
4245 if (pos) {
4246 iter = atoi(pos + 6);
4247 if (iter <= 0)
4248 return -1;
4249 }
4250
4251 pos = os_strstr(cmd, " listen=");
4252 if (pos) {
4253 listen_freq = atoi(pos + 8);
4254 if (listen_freq <= 0)
4255 return -1;
4256 }
4257
4258 wpas_dpp_chirp_stop(wpa_s);
4259 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
4260 wpa_s->dpp_netrole = DPP_NETROLE_STA;
4261 wpa_s->dpp_qr_mutual = 0;
4262 wpa_s->dpp_chirp_bi = bi;
4263 wpa_s->dpp_presence_announcement = dpp_build_presence_announcement(bi);
4264 if (!wpa_s->dpp_presence_announcement)
4265 return -1;
4266 wpa_s->dpp_chirp_iter = iter;
4267 wpa_s->dpp_chirp_round = 0;
4268 wpa_s->dpp_chirp_scan_done = 0;
4269 wpa_s->dpp_chirp_listen = listen_freq;
4270
4271 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
4272 }
4273
4274
wpas_dpp_chirp_stop(struct wpa_supplicant * wpa_s)4275 void wpas_dpp_chirp_stop(struct wpa_supplicant *wpa_s)
4276 {
4277 if (wpa_s->dpp_presence_announcement ||
4278 wpa_s->dpp_reconfig_ssid) {
4279 offchannel_send_action_done(wpa_s);
4280 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CHIRP_STOPPED);
4281 }
4282 wpa_s->dpp_chirp_bi = NULL;
4283 wpabuf_free(wpa_s->dpp_presence_announcement);
4284 wpa_s->dpp_presence_announcement = NULL;
4285 if (wpa_s->dpp_chirp_listen)
4286 wpas_dpp_listen_stop(wpa_s);
4287 wpa_s->dpp_chirp_listen = 0;
4288 wpa_s->dpp_chirp_freq = 0;
4289 os_free(wpa_s->dpp_chirp_freqs);
4290 wpa_s->dpp_chirp_freqs = NULL;
4291 eloop_cancel_timeout(wpas_dpp_chirp_next, wpa_s, NULL);
4292 eloop_cancel_timeout(wpas_dpp_chirp_timeout, wpa_s, NULL);
4293 if (wpa_s->scan_res_handler == wpas_dpp_chirp_scan_res_handler) {
4294 wpas_abort_ongoing_scan(wpa_s);
4295 wpa_s->scan_res_handler = NULL;
4296 }
4297 }
4298
4299
wpas_dpp_reconfig(struct wpa_supplicant * wpa_s,const char * cmd)4300 int wpas_dpp_reconfig(struct wpa_supplicant *wpa_s, const char *cmd)
4301 {
4302 struct wpa_ssid *ssid;
4303 int iter = 1;
4304 const char *pos;
4305
4306 ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd));
4307 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
4308 !ssid->dpp_csign) {
4309 wpa_printf(MSG_DEBUG,
4310 "DPP: Not a valid network profile for reconfiguration");
4311 return -1;
4312 }
4313
4314 pos = os_strstr(cmd, " iter=");
4315 if (pos) {
4316 iter = atoi(pos + 6);
4317 if (iter <= 0)
4318 return -1;
4319 }
4320
4321 if (wpa_s->dpp_auth) {
4322 wpa_printf(MSG_DEBUG,
4323 "DPP: Not ready to start reconfiguration - pending authentication exchange in progress");
4324 return -1;
4325 }
4326
4327 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
4328 wpa_s->dpp_reconfig_id = dpp_gen_reconfig_id(ssid->dpp_csign,
4329 ssid->dpp_csign_len,
4330 ssid->dpp_pp_key,
4331 ssid->dpp_pp_key_len);
4332 if (!wpa_s->dpp_reconfig_id) {
4333 wpa_printf(MSG_DEBUG,
4334 "DPP: Failed to generate E-id for reconfiguration");
4335 return -1;
4336 }
4337 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4338 wpa_printf(MSG_DEBUG, "DPP: Disconnect for reconfiguration");
4339 wpa_s->own_disconnect_req = 1;
4340 wpa_supplicant_deauthenticate(
4341 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4342 }
4343 wpas_dpp_chirp_stop(wpa_s);
4344 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
4345 wpa_s->dpp_netrole = DPP_NETROLE_STA;
4346 wpa_s->dpp_qr_mutual = 0;
4347 wpa_s->dpp_reconfig_ssid = ssid;
4348 wpa_s->dpp_reconfig_ssid_id = ssid->id;
4349 wpa_s->dpp_chirp_iter = iter;
4350 wpa_s->dpp_chirp_round = 0;
4351 wpa_s->dpp_chirp_scan_done = 0;
4352 wpa_s->dpp_chirp_listen = 0;
4353
4354 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
4355 }
4356
4357
wpas_dpp_ca_set(struct wpa_supplicant * wpa_s,const char * cmd)4358 int wpas_dpp_ca_set(struct wpa_supplicant *wpa_s, const char *cmd)
4359 {
4360 int peer = -1;
4361 const char *pos, *value;
4362 struct dpp_authentication *auth = wpa_s->dpp_auth;
4363 u8 *bin;
4364 size_t bin_len;
4365 struct wpabuf *buf;
4366 bool tcp = false;
4367
4368 pos = os_strstr(cmd, " peer=");
4369 if (pos) {
4370 peer = atoi(pos + 6);
4371 if (!auth || !auth->waiting_cert ||
4372 (auth->peer_bi &&
4373 (unsigned int) peer != auth->peer_bi->id)) {
4374 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
4375 tcp = true;
4376 }
4377 }
4378
4379 if (!auth || !auth->waiting_cert) {
4380 wpa_printf(MSG_DEBUG,
4381 "DPP: No authentication exchange waiting for certificate information");
4382 return -1;
4383 }
4384
4385 if (peer >= 0 &&
4386 (!auth->peer_bi ||
4387 (unsigned int) peer != auth->peer_bi->id) &&
4388 (!auth->tmp_peer_bi ||
4389 (unsigned int) peer != auth->tmp_peer_bi->id)) {
4390 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
4391 return -1;
4392 }
4393
4394 pos = os_strstr(cmd, " value=");
4395 if (!pos)
4396 return -1;
4397 value = pos + 7;
4398
4399 pos = os_strstr(cmd, " name=");
4400 if (!pos)
4401 return -1;
4402 pos += 6;
4403
4404 if (os_strncmp(pos, "status ", 7) == 0) {
4405 auth->force_conf_resp_status = atoi(value);
4406 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
4407 }
4408
4409 if (os_strncmp(pos, "trustedEapServerName ", 21) == 0) {
4410 os_free(auth->trusted_eap_server_name);
4411 auth->trusted_eap_server_name = os_strdup(value);
4412 return auth->trusted_eap_server_name ? 0 : -1;
4413 }
4414
4415 bin = base64_decode(value, os_strlen(value), &bin_len);
4416 if (!bin)
4417 return -1;
4418 buf = wpabuf_alloc_copy(bin, bin_len);
4419 os_free(bin);
4420
4421 if (os_strncmp(pos, "caCert ", 7) == 0) {
4422 wpabuf_free(auth->cacert);
4423 auth->cacert = buf;
4424 return 0;
4425 }
4426
4427 if (os_strncmp(pos, "certBag ", 8) == 0) {
4428 wpabuf_free(auth->certbag);
4429 auth->certbag = buf;
4430 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
4431 }
4432
4433 wpabuf_free(buf);
4434 return -1;
4435 }
4436
4437 #endif /* CONFIG_DPP2 */
4438
