1 /*
2 * wpa_supplicant - DPP
3 * Copyright (c) 2017, Qualcomm Atheros, Inc.
4 * Copyright (c) 2018-2020, The Linux Foundation
5 * Copyright (c) 2021-2022, Qualcomm Innovation Center, Inc.
6 *
7 * This software may be distributed under the terms of the BSD license.
8 * See README for more details.
9 */
10
11 #include "utils/includes.h"
12
13 #include "utils/common.h"
14 #include "utils/eloop.h"
15 #include "utils/ip_addr.h"
16 #include "utils/base64.h"
17 #include "common/dpp.h"
18 #include "common/gas.h"
19 #include "common/gas_server.h"
20 #include "rsn_supp/wpa.h"
21 #include "rsn_supp/pmksa_cache.h"
22 #include "wpa_supplicant_i.h"
23 #include "config.h"
24 #include "driver_i.h"
25 #include "offchannel.h"
26 #include "gas_query.h"
27 #include "bss.h"
28 #include "scan.h"
29 #include "notify.h"
30 #include "dpp_supplicant.h"
31
32
33 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
34 unsigned int freq);
35 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx);
36 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx);
37 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator);
38 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
39 unsigned int freq, const u8 *dst,
40 const u8 *src, const u8 *bssid,
41 const u8 *data, size_t data_len,
42 enum offchannel_send_action_result result);
43 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx);
44 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s);
45 static void
46 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
47 unsigned int freq, const u8 *dst,
48 const u8 *src, const u8 *bssid,
49 const u8 *data, size_t data_len,
50 enum offchannel_send_action_result result);
51 static void wpas_dpp_gas_client_timeout(void *eloop_ctx, void *timeout_ctx);
52 #ifdef CONFIG_DPP2
53 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
54 void *timeout_ctx);
55 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s);
56 static int wpas_dpp_process_conf_obj(void *ctx,
57 struct dpp_authentication *auth);
58 static bool wpas_dpp_tcp_msg_sent(void *ctx, struct dpp_authentication *auth);
59 #endif /* CONFIG_DPP2 */
60
61 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
62
63 /* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only
64 * a single transaction in progress at any point in time. */
65 static const u8 TRANSACTION_ID = 1;
66
67
68 /**
69 * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code
70 * @wpa_s: Pointer to wpa_supplicant data
71 * @cmd: DPP URI read from a QR Code
72 * Returns: Identifier of the stored info or -1 on failure
73 */
wpas_dpp_qr_code(struct wpa_supplicant * wpa_s,const char * cmd)74 int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd)
75 {
76 struct dpp_bootstrap_info *bi;
77 struct dpp_authentication *auth = wpa_s->dpp_auth;
78
79 bi = dpp_add_qr_code(wpa_s->dpp, cmd);
80 if (!bi)
81 return -1;
82
83 if (auth && auth->response_pending &&
84 dpp_notify_new_qr_code(auth, bi) == 1) {
85 wpa_printf(MSG_DEBUG,
86 "DPP: Sending out pending authentication response");
87 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
88 " freq=%u type=%d",
89 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
90 DPP_PA_AUTHENTICATION_RESP);
91 offchannel_send_action(wpa_s, auth->curr_freq,
92 auth->peer_mac_addr, wpa_s->own_addr,
93 broadcast,
94 wpabuf_head(auth->resp_msg),
95 wpabuf_len(auth->resp_msg),
96 500, wpas_dpp_tx_status, 0);
97 }
98
99 #ifdef CONFIG_DPP2
100 dpp_controller_new_qr_code(wpa_s->dpp, bi);
101 #endif /* CONFIG_DPP2 */
102
103 return bi->id;
104 }
105
106
107 /**
108 * wpas_dpp_nfc_uri - Parse and add DPP bootstrapping info from NFC Tag (URI)
109 * @wpa_s: Pointer to wpa_supplicant data
110 * @cmd: DPP URI read from a NFC Tag (URI NDEF message)
111 * Returns: Identifier of the stored info or -1 on failure
112 */
wpas_dpp_nfc_uri(struct wpa_supplicant * wpa_s,const char * cmd)113 int wpas_dpp_nfc_uri(struct wpa_supplicant *wpa_s, const char *cmd)
114 {
115 struct dpp_bootstrap_info *bi;
116
117 bi = dpp_add_nfc_uri(wpa_s->dpp, cmd);
118 if (!bi)
119 return -1;
120
121 return bi->id;
122 }
123
124
wpas_dpp_nfc_handover_req(struct wpa_supplicant * wpa_s,const char * cmd)125 int wpas_dpp_nfc_handover_req(struct wpa_supplicant *wpa_s, const char *cmd)
126 {
127 const char *pos;
128 struct dpp_bootstrap_info *peer_bi, *own_bi;
129
130 pos = os_strstr(cmd, " own=");
131 if (!pos)
132 return -1;
133 pos += 5;
134 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
135 if (!own_bi)
136 return -1;
137 own_bi->nfc_negotiated = 1;
138
139 pos = os_strstr(cmd, " uri=");
140 if (!pos)
141 return -1;
142 pos += 5;
143 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
144 if (!peer_bi) {
145 wpa_printf(MSG_INFO,
146 "DPP: Failed to parse URI from NFC Handover Request");
147 return -1;
148 }
149
150 if (dpp_nfc_update_bi(own_bi, peer_bi) < 0)
151 return -1;
152
153 return peer_bi->id;
154 }
155
156
wpas_dpp_nfc_handover_sel(struct wpa_supplicant * wpa_s,const char * cmd)157 int wpas_dpp_nfc_handover_sel(struct wpa_supplicant *wpa_s, const char *cmd)
158 {
159 const char *pos;
160 struct dpp_bootstrap_info *peer_bi, *own_bi;
161
162 pos = os_strstr(cmd, " own=");
163 if (!pos)
164 return -1;
165 pos += 5;
166 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
167 if (!own_bi)
168 return -1;
169 own_bi->nfc_negotiated = 1;
170
171 pos = os_strstr(cmd, " uri=");
172 if (!pos)
173 return -1;
174 pos += 5;
175 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
176 if (!peer_bi) {
177 wpa_printf(MSG_INFO,
178 "DPP: Failed to parse URI from NFC Handover Select");
179 return -1;
180 }
181
182 if (peer_bi->curve != own_bi->curve) {
183 wpa_printf(MSG_INFO,
184 "DPP: Peer (NFC Handover Selector) used different curve");
185 return -1;
186 }
187
188 return peer_bi->id;
189 }
190
191
wpas_dpp_auth_resp_retry_timeout(void * eloop_ctx,void * timeout_ctx)192 static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx)
193 {
194 struct wpa_supplicant *wpa_s = eloop_ctx;
195 struct dpp_authentication *auth = wpa_s->dpp_auth;
196
197 if (!auth || !auth->resp_msg)
198 return;
199
200 wpa_printf(MSG_DEBUG,
201 "DPP: Retry Authentication Response after timeout");
202 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
203 " freq=%u type=%d",
204 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
205 DPP_PA_AUTHENTICATION_RESP);
206 offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr,
207 wpa_s->own_addr, broadcast,
208 wpabuf_head(auth->resp_msg),
209 wpabuf_len(auth->resp_msg),
210 500, wpas_dpp_tx_status, 0);
211 }
212
213
wpas_dpp_auth_resp_retry(struct wpa_supplicant * wpa_s)214 static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s)
215 {
216 struct dpp_authentication *auth = wpa_s->dpp_auth;
217 unsigned int wait_time, max_tries;
218
219 if (!auth || !auth->resp_msg)
220 return;
221
222 if (wpa_s->dpp_resp_max_tries)
223 max_tries = wpa_s->dpp_resp_max_tries;
224 else
225 max_tries = 5;
226 auth->auth_resp_tries++;
227 if (auth->auth_resp_tries >= max_tries) {
228 wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange");
229 offchannel_send_action_done(wpa_s);
230 dpp_auth_deinit(wpa_s->dpp_auth);
231 wpa_s->dpp_auth = NULL;
232 return;
233 }
234
235 if (wpa_s->dpp_resp_retry_time)
236 wait_time = wpa_s->dpp_resp_retry_time;
237 else
238 wait_time = 1000;
239 wpa_printf(MSG_DEBUG,
240 "DPP: Schedule retransmission of Authentication Response frame in %u ms",
241 wait_time);
242 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
243 eloop_register_timeout(wait_time / 1000,
244 (wait_time % 1000) * 1000,
245 wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
246 }
247
248
wpas_dpp_try_to_connect(struct wpa_supplicant * wpa_s)249 static void wpas_dpp_try_to_connect(struct wpa_supplicant *wpa_s)
250 {
251 wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network");
252 wpa_s->suitable_network = 0;
253 wpa_s->no_suitable_network = 0;
254 wpa_s->disconnected = 0;
255 wpa_s->reassociate = 1;
256 wpa_s->scan_runs = 0;
257 wpa_s->normal_scans = 0;
258 wpa_supplicant_cancel_sched_scan(wpa_s);
259 wpa_supplicant_req_scan(wpa_s, 0, 0);
260 }
261
262
263 #ifdef CONFIG_DPP2
264
wpas_dpp_stop_listen_for_tx(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait_time)265 static void wpas_dpp_stop_listen_for_tx(struct wpa_supplicant *wpa_s,
266 unsigned int freq,
267 unsigned int wait_time)
268 {
269 struct os_reltime now, res;
270 unsigned int remaining;
271
272 if (!wpa_s->dpp_listen_freq)
273 return;
274
275 os_get_reltime(&now);
276 if (os_reltime_before(&now, &wpa_s->dpp_listen_end)) {
277 os_reltime_sub(&wpa_s->dpp_listen_end, &now, &res);
278 remaining = res.sec * 1000 + res.usec / 1000;
279 } else {
280 remaining = 0;
281 }
282 if (wpa_s->dpp_listen_freq == freq && remaining > wait_time)
283 return;
284
285 wpa_printf(MSG_DEBUG,
286 "DPP: Stop listen on %u MHz ending in %u ms to allow immediate TX on %u MHz for %u ms",
287 wpa_s->dpp_listen_freq, remaining, freq, wait_time);
288 wpas_dpp_listen_stop(wpa_s);
289
290 /* TODO: Restart listen in some cases after TX? */
291 }
292
293
wpas_dpp_conn_status_result_timeout(void * eloop_ctx,void * timeout_ctx)294 static void wpas_dpp_conn_status_result_timeout(void *eloop_ctx,
295 void *timeout_ctx)
296 {
297 struct wpa_supplicant *wpa_s = eloop_ctx;
298 struct dpp_authentication *auth = wpa_s->dpp_auth;
299 enum dpp_status_error result;
300
301 if ((!auth || !auth->conn_status_requested) &&
302 !dpp_tcp_conn_status_requested(wpa_s->dpp))
303 return;
304
305 wpa_printf(MSG_DEBUG,
306 "DPP: Connection timeout - report Connection Status Result");
307 if (wpa_s->suitable_network)
308 result = DPP_STATUS_AUTH_FAILURE;
309 else if (wpa_s->no_suitable_network)
310 result = DPP_STATUS_NO_AP;
311 else
312 result = 255; /* What to report here for unexpected state? */
313 if (wpa_s->wpa_state == WPA_SCANNING)
314 wpas_abort_ongoing_scan(wpa_s);
315 wpas_dpp_send_conn_status_result(wpa_s, result);
316 }
317
318
wpas_dpp_scan_channel_list(struct wpa_supplicant * wpa_s)319 static char * wpas_dpp_scan_channel_list(struct wpa_supplicant *wpa_s)
320 {
321 char *str, *end, *pos;
322 size_t len;
323 unsigned int i;
324 u8 last_op_class = 0;
325 int res;
326
327 if (!wpa_s->last_scan_freqs || !wpa_s->num_last_scan_freqs)
328 return NULL;
329
330 len = wpa_s->num_last_scan_freqs * 8;
331 str = os_zalloc(len);
332 if (!str)
333 return NULL;
334 end = str + len;
335 pos = str;
336
337 for (i = 0; i < wpa_s->num_last_scan_freqs; i++) {
338 enum hostapd_hw_mode mode;
339 u8 op_class, channel;
340
341 mode = ieee80211_freq_to_channel_ext(wpa_s->last_scan_freqs[i],
342 0, 0, &op_class, &channel);
343 if (mode == NUM_HOSTAPD_MODES)
344 continue;
345 if (op_class == last_op_class)
346 res = os_snprintf(pos, end - pos, ",%d", channel);
347 else
348 res = os_snprintf(pos, end - pos, "%s%d/%d",
349 pos == str ? "" : ",",
350 op_class, channel);
351 if (os_snprintf_error(end - pos, res)) {
352 *pos = '\0';
353 break;
354 }
355 pos += res;
356 last_op_class = op_class;
357 }
358
359 if (pos == str) {
360 os_free(str);
361 str = NULL;
362 }
363 return str;
364 }
365
366
wpas_dpp_send_conn_status_result(struct wpa_supplicant * wpa_s,enum dpp_status_error result)367 void wpas_dpp_send_conn_status_result(struct wpa_supplicant *wpa_s,
368 enum dpp_status_error result)
369 {
370 struct wpabuf *msg;
371 const char *channel_list = NULL;
372 char *channel_list_buf = NULL;
373 struct wpa_ssid *ssid = wpa_s->current_ssid;
374 struct dpp_authentication *auth = wpa_s->dpp_auth;
375
376 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
377
378 if ((!auth || !auth->conn_status_requested) &&
379 !dpp_tcp_conn_status_requested(wpa_s->dpp))
380 return;
381
382 wpa_printf(MSG_DEBUG, "DPP: Report connection status result %d",
383 result);
384
385 if (result == DPP_STATUS_NO_AP) {
386 channel_list_buf = wpas_dpp_scan_channel_list(wpa_s);
387 channel_list = channel_list_buf;
388 }
389
390 if (!auth || !auth->conn_status_requested) {
391 dpp_tcp_send_conn_status(wpa_s->dpp, result,
392 ssid ? ssid->ssid :
393 wpa_s->dpp_last_ssid,
394 ssid ? ssid->ssid_len :
395 wpa_s->dpp_last_ssid_len,
396 channel_list);
397 os_free(channel_list_buf);
398 return;
399 }
400
401 auth->conn_status_requested = 0;
402
403 msg = dpp_build_conn_status_result(auth, result,
404 ssid ? ssid->ssid :
405 wpa_s->dpp_last_ssid,
406 ssid ? ssid->ssid_len :
407 wpa_s->dpp_last_ssid_len,
408 channel_list);
409 os_free(channel_list_buf);
410 if (!msg) {
411 dpp_auth_deinit(wpa_s->dpp_auth);
412 wpa_s->dpp_auth = NULL;
413 return;
414 }
415
416 wpa_msg(wpa_s, MSG_INFO,
417 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
418 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
419 DPP_PA_CONNECTION_STATUS_RESULT);
420 offchannel_send_action(wpa_s, auth->curr_freq,
421 auth->peer_mac_addr, wpa_s->own_addr, broadcast,
422 wpabuf_head(msg), wpabuf_len(msg),
423 500, wpas_dpp_tx_status, 0);
424 wpabuf_free(msg);
425
426 /* This exchange will be terminated in the TX status handler */
427 auth->remove_on_tx_status = 1;
428
429 return;
430 }
431
432
wpas_dpp_connected(struct wpa_supplicant * wpa_s)433 void wpas_dpp_connected(struct wpa_supplicant *wpa_s)
434 {
435 struct dpp_authentication *auth = wpa_s->dpp_auth;
436
437 if ((auth && auth->conn_status_requested) ||
438 dpp_tcp_conn_status_requested(wpa_s->dpp))
439 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_OK);
440 }
441
442 #endif /* CONFIG_DPP2 */
443
444
wpas_dpp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)445 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
446 unsigned int freq, const u8 *dst,
447 const u8 *src, const u8 *bssid,
448 const u8 *data, size_t data_len,
449 enum offchannel_send_action_result result)
450 {
451 const char *res_txt;
452 struct dpp_authentication *auth = wpa_s->dpp_auth;
453
454 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
455 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
456 "FAILED");
457 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
458 " result=%s", freq, MAC2STR(dst), res_txt);
459 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
460 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
461
462 if (!wpa_s->dpp_auth) {
463 wpa_printf(MSG_DEBUG,
464 "DPP: Ignore TX status since there is no ongoing authentication exchange");
465 return;
466 }
467
468 #ifdef CONFIG_DPP2
469 if (auth->connect_on_tx_status) {
470 auth->connect_on_tx_status = 0;
471 wpa_printf(MSG_DEBUG,
472 "DPP: Try to connect after completed configuration result");
473 wpas_dpp_try_to_connect(wpa_s);
474 if (auth->conn_status_requested) {
475 wpa_printf(MSG_DEBUG,
476 "DPP: Start 15 second timeout for reporting connection status result");
477 eloop_cancel_timeout(
478 wpas_dpp_conn_status_result_timeout,
479 wpa_s, NULL);
480 eloop_register_timeout(
481 15, 0, wpas_dpp_conn_status_result_timeout,
482 wpa_s, NULL);
483 } else {
484 dpp_auth_deinit(wpa_s->dpp_auth);
485 wpa_s->dpp_auth = NULL;
486 }
487 return;
488 }
489 #endif /* CONFIG_DPP2 */
490
491 if (wpa_s->dpp_auth->remove_on_tx_status) {
492 wpa_printf(MSG_DEBUG,
493 "DPP: Terminate authentication exchange due to a request to do so on TX status");
494 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
495 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
496 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
497 NULL);
498 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
499 NULL);
500 #ifdef CONFIG_DPP2
501 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
502 wpa_s, NULL);
503 #endif /* CONFIG_DPP2 */
504 offchannel_send_action_done(wpa_s);
505 dpp_auth_deinit(wpa_s->dpp_auth);
506 wpa_s->dpp_auth = NULL;
507 return;
508 }
509
510 if (wpa_s->dpp_auth_ok_on_ack)
511 wpas_dpp_auth_success(wpa_s, 1);
512
513 if (!is_broadcast_ether_addr(dst) &&
514 result != OFFCHANNEL_SEND_ACTION_SUCCESS) {
515 wpa_printf(MSG_DEBUG,
516 "DPP: Unicast DPP Action frame was not ACKed");
517 if (auth->waiting_auth_resp) {
518 /* In case of DPP Authentication Request frame, move to
519 * the next channel immediately. */
520 offchannel_send_action_done(wpa_s);
521 wpas_dpp_auth_init_next(wpa_s);
522 return;
523 }
524 if (auth->waiting_auth_conf) {
525 wpas_dpp_auth_resp_retry(wpa_s);
526 return;
527 }
528 }
529
530 if (auth->waiting_auth_conf &&
531 auth->auth_resp_status == DPP_STATUS_OK) {
532 /* Make sure we do not get stuck waiting for Auth Confirm
533 * indefinitely after successfully transmitted Auth Response to
534 * allow new authentication exchanges to be started. */
535 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
536 NULL);
537 #ifdef __ZEPHYR__
538 eloop_register_timeout(5, 0, wpas_dpp_auth_conf_wait_timeout,
539 wpa_s, NULL);
540 #else
541 eloop_register_timeout(1, 0, wpas_dpp_auth_conf_wait_timeout,
542 wpa_s, NULL);
543 #endif
544 }
545
546 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp &&
547 result == OFFCHANNEL_SEND_ACTION_SUCCESS) {
548 /* Allow timeout handling to stop iteration if no response is
549 * received from a peer that has ACKed a request. */
550 auth->auth_req_ack = 1;
551 }
552
553 if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 &&
554 wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) {
555 wpa_printf(MSG_DEBUG,
556 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response",
557 wpa_s->dpp_auth->curr_freq,
558 wpa_s->dpp_auth->neg_freq);
559 offchannel_send_action_done(wpa_s);
560 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_auth->neg_freq);
561 }
562
563 if (wpa_s->dpp_auth_ok_on_ack)
564 wpa_s->dpp_auth_ok_on_ack = 0;
565 }
566
567
wpas_dpp_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)568 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx)
569 {
570 struct wpa_supplicant *wpa_s = eloop_ctx;
571 struct dpp_authentication *auth = wpa_s->dpp_auth;
572 unsigned int freq;
573 struct os_reltime now, diff;
574 unsigned int wait_time, diff_ms;
575
576 if (!auth || !auth->waiting_auth_resp)
577 return;
578
579 wait_time = wpa_s->dpp_resp_wait_time ?
580 wpa_s->dpp_resp_wait_time : 2000;
581 os_get_reltime(&now);
582 os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff);
583 diff_ms = diff.sec * 1000 + diff.usec / 1000;
584 wpa_printf(MSG_DEBUG,
585 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u",
586 wait_time, diff_ms);
587
588 if (auth->auth_req_ack && diff_ms >= wait_time) {
589 /* Peer ACK'ed Authentication Request frame, but did not reply
590 * with Authentication Response frame within two seconds. */
591 wpa_printf(MSG_INFO,
592 "DPP: No response received from responder - stopping initiation attempt");
593 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
594 offchannel_send_action_done(wpa_s);
595 wpas_dpp_listen_stop(wpa_s);
596 dpp_auth_deinit(auth);
597 wpa_s->dpp_auth = NULL;
598 return;
599 }
600
601 if (diff_ms >= wait_time) {
602 /* Authentication Request frame was not ACK'ed and no reply
603 * was receiving within two seconds. */
604 wpa_printf(MSG_DEBUG,
605 "DPP: Continue Initiator channel iteration");
606 offchannel_send_action_done(wpa_s);
607 wpas_dpp_listen_stop(wpa_s);
608 wpas_dpp_auth_init_next(wpa_s);
609 return;
610 }
611
612 /* Driver did not support 2000 ms long wait_time with TX command, so
613 * schedule listen operation to continue waiting for the response.
614 *
615 * DPP listen operations continue until stopped, so simply schedule a
616 * new call to this function at the point when the two second reply
617 * wait has expired. */
618 wait_time -= diff_ms;
619
620 freq = auth->curr_freq;
621 if (auth->neg_freq > 0)
622 freq = auth->neg_freq;
623 wpa_printf(MSG_DEBUG,
624 "DPP: Continue reply wait on channel %u MHz for %u ms",
625 freq, wait_time);
626 wpa_s->dpp_in_response_listen = 1;
627 wpas_dpp_listen_start(wpa_s, freq);
628
629 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
630 wpas_dpp_reply_wait_timeout, wpa_s, NULL);
631 }
632
633
wpas_dpp_auth_conf_wait_timeout(void * eloop_ctx,void * timeout_ctx)634 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx)
635 {
636 struct wpa_supplicant *wpa_s = eloop_ctx;
637 struct dpp_authentication *auth = wpa_s->dpp_auth;
638
639 if (!auth || !auth->waiting_auth_conf)
640 return;
641
642 wpa_printf(MSG_DEBUG,
643 "DPP: Terminate authentication exchange due to Auth Confirm timeout");
644 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL "No Auth Confirm received");
645 offchannel_send_action_done(wpa_s);
646 dpp_auth_deinit(auth);
647 wpa_s->dpp_auth = NULL;
648 }
649
650
wpas_dpp_set_testing_options(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)651 static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s,
652 struct dpp_authentication *auth)
653 {
654 #ifdef CONFIG_TESTING_OPTIONS
655 if (wpa_s->dpp_config_obj_override)
656 auth->config_obj_override =
657 os_strdup(wpa_s->dpp_config_obj_override);
658 if (wpa_s->dpp_discovery_override)
659 auth->discovery_override =
660 os_strdup(wpa_s->dpp_discovery_override);
661 if (wpa_s->dpp_groups_override)
662 auth->groups_override =
663 os_strdup(wpa_s->dpp_groups_override);
664 auth->ignore_netaccesskey_mismatch =
665 wpa_s->dpp_ignore_netaccesskey_mismatch;
666 #endif /* CONFIG_TESTING_OPTIONS */
667 }
668
669
wpas_dpp_init_timeout(void * eloop_ctx,void * timeout_ctx)670 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx)
671 {
672 struct wpa_supplicant *wpa_s = eloop_ctx;
673
674 if (!wpa_s->dpp_auth)
675 return;
676 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout");
677 wpas_dpp_auth_init_next(wpa_s);
678 }
679
680
wpas_dpp_auth_init_next(struct wpa_supplicant * wpa_s)681 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s)
682 {
683 struct dpp_authentication *auth = wpa_s->dpp_auth;
684 const u8 *dst;
685 unsigned int wait_time, max_wait_time, freq, max_tries, used;
686 struct os_reltime now, diff;
687
688 wpa_s->dpp_in_response_listen = 0;
689 if (!auth)
690 return -1;
691
692 if (auth->freq_idx == 0)
693 os_get_reltime(&wpa_s->dpp_init_iter_start);
694
695 if (auth->freq_idx >= auth->num_freq) {
696 auth->num_freq_iters++;
697 if (wpa_s->dpp_init_max_tries)
698 max_tries = wpa_s->dpp_init_max_tries;
699 else
700 max_tries = 5;
701 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) {
702 wpa_printf(MSG_INFO,
703 "DPP: No response received from responder - stopping initiation attempt");
704 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
705 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout,
706 wpa_s, NULL);
707 offchannel_send_action_done(wpa_s);
708 dpp_auth_deinit(wpa_s->dpp_auth);
709 wpa_s->dpp_auth = NULL;
710 return -1;
711 }
712 auth->freq_idx = 0;
713 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
714 if (wpa_s->dpp_init_retry_time)
715 wait_time = wpa_s->dpp_init_retry_time;
716 else
717 wait_time = 10000;
718 os_get_reltime(&now);
719 os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff);
720 used = diff.sec * 1000 + diff.usec / 1000;
721 if (used > wait_time)
722 wait_time = 0;
723 else
724 wait_time -= used;
725 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms",
726 wait_time);
727 eloop_register_timeout(wait_time / 1000,
728 (wait_time % 1000) * 1000,
729 wpas_dpp_init_timeout, wpa_s,
730 NULL);
731 return 0;
732 }
733 freq = auth->freq[auth->freq_idx++];
734 auth->curr_freq = freq;
735
736 if (!is_zero_ether_addr(auth->peer_mac_addr))
737 dst = auth->peer_mac_addr;
738 else if (is_zero_ether_addr(auth->peer_bi->mac_addr))
739 dst = broadcast;
740 else
741 dst = auth->peer_bi->mac_addr;
742 wpa_s->dpp_auth_ok_on_ack = 0;
743 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
744 wait_time = wpa_s->max_remain_on_chan;
745 max_wait_time = wpa_s->dpp_resp_wait_time ?
746 wpa_s->dpp_resp_wait_time : 2000;
747 if (wait_time > max_wait_time)
748 wait_time = max_wait_time;
749 wait_time += 10; /* give the driver some extra time to complete */
750 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
751 wpas_dpp_reply_wait_timeout,
752 wpa_s, NULL);
753 wait_time -= 10;
754 if (auth->neg_freq > 0 && freq != auth->neg_freq) {
755 wpa_printf(MSG_DEBUG,
756 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response",
757 freq, auth->neg_freq);
758 }
759 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
760 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ);
761 auth->auth_req_ack = 0;
762 os_get_reltime(&wpa_s->dpp_last_init);
763 return offchannel_send_action(wpa_s, freq, dst,
764 wpa_s->own_addr, broadcast,
765 wpabuf_head(auth->req_msg),
766 wpabuf_len(auth->req_msg),
767 wait_time, wpas_dpp_tx_status, 0);
768 }
769
770
wpas_dpp_auth_init(struct wpa_supplicant * wpa_s,const char * cmd)771 int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
772 {
773 const char *pos;
774 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL;
775 struct dpp_authentication *auth;
776 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
777 unsigned int neg_freq = 0;
778 int tcp = 0;
779 #ifdef CONFIG_DPP2
780 int tcp_port = DPP_TCP_PORT;
781 struct hostapd_ip_addr ipaddr;
782 char *addr;
783 #endif /* CONFIG_DPP2 */
784
785 wpa_s->dpp_gas_client = 0;
786 wpa_s->dpp_gas_server = 0;
787
788 pos = os_strstr(cmd, " peer=");
789 if (!pos)
790 return -1;
791 pos += 6;
792 peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
793 if (!peer_bi) {
794 wpa_printf(MSG_INFO,
795 "DPP: Could not find bootstrapping info for the identified peer");
796 return -1;
797 }
798
799 #ifdef CONFIG_DPP2
800 pos = os_strstr(cmd, " tcp_port=");
801 if (pos) {
802 pos += 10;
803 tcp_port = atoi(pos);
804 }
805
806 addr = get_param(cmd, " tcp_addr=");
807 if (addr) {
808 int res;
809
810 res = hostapd_parse_ip_addr(addr, &ipaddr);
811 os_free(addr);
812 if (res)
813 return -1;
814 tcp = 1;
815 }
816 #endif /* CONFIG_DPP2 */
817
818 pos = os_strstr(cmd, " own=");
819 if (pos) {
820 pos += 5;
821 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
822 if (!own_bi) {
823 wpa_printf(MSG_INFO,
824 "DPP: Could not find bootstrapping info for the identified local entry");
825 return -1;
826 }
827
828 if (peer_bi->curve != own_bi->curve) {
829 wpa_printf(MSG_INFO,
830 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
831 peer_bi->curve->name, own_bi->curve->name);
832 return -1;
833 }
834 }
835
836 pos = os_strstr(cmd, " role=");
837 if (pos) {
838 pos += 6;
839 if (os_strncmp(pos, "configurator", 12) == 0)
840 allowed_roles = DPP_CAPAB_CONFIGURATOR;
841 else if (os_strncmp(pos, "enrollee", 8) == 0)
842 allowed_roles = DPP_CAPAB_ENROLLEE;
843 else if (os_strncmp(pos, "either", 6) == 0)
844 allowed_roles = DPP_CAPAB_CONFIGURATOR |
845 DPP_CAPAB_ENROLLEE;
846 else
847 goto fail;
848 }
849
850 pos = os_strstr(cmd, " netrole=");
851 if (pos) {
852 pos += 9;
853 if (os_strncmp(pos, "ap", 2) == 0)
854 wpa_s->dpp_netrole = DPP_NETROLE_AP;
855 else if (os_strncmp(pos, "configurator", 12) == 0)
856 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
857 else
858 wpa_s->dpp_netrole = DPP_NETROLE_STA;
859 } else {
860 wpa_s->dpp_netrole = DPP_NETROLE_STA;
861 }
862
863 pos = os_strstr(cmd, " neg_freq=");
864 if (pos)
865 neg_freq = atoi(pos + 10);
866
867 if (!tcp && wpa_s->dpp_auth) {
868 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
869 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
870 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
871 NULL);
872 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
873 NULL);
874 #ifdef CONFIG_DPP2
875 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
876 wpa_s, NULL);
877 #endif /* CONFIG_DPP2 */
878 offchannel_send_action_done(wpa_s);
879 dpp_auth_deinit(wpa_s->dpp_auth);
880 wpa_s->dpp_auth = NULL;
881 }
882
883 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
884 neg_freq, wpa_s->hw.modes, wpa_s->hw.num_modes);
885 if (!auth)
886 goto fail;
887 wpas_dpp_set_testing_options(wpa_s, auth);
888 if (dpp_set_configurator(auth, cmd) < 0) {
889 dpp_auth_deinit(auth);
890 goto fail;
891 }
892
893 auth->neg_freq = neg_freq;
894
895 if (!is_zero_ether_addr(peer_bi->mac_addr))
896 os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN);
897
898 #ifdef CONFIG_DPP2
899 if (tcp)
900 return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port,
901 wpa_s->conf->dpp_name, DPP_NETROLE_STA,
902 wpa_s, wpa_s, wpas_dpp_process_conf_obj,
903 wpas_dpp_tcp_msg_sent);
904 #endif /* CONFIG_DPP2 */
905
906 wpa_s->dpp_auth = auth;
907 return wpas_dpp_auth_init_next(wpa_s);
908 fail:
909 return -1;
910 }
911
912
913 struct wpas_dpp_listen_work {
914 unsigned int freq;
915 unsigned int duration;
916 struct wpabuf *probe_resp_ie;
917 };
918
919
wpas_dpp_listen_work_free(struct wpas_dpp_listen_work * lwork)920 static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork)
921 {
922 if (!lwork)
923 return;
924 os_free(lwork);
925 }
926
927
wpas_dpp_listen_work_done(struct wpa_supplicant * wpa_s)928 static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s)
929 {
930 struct wpas_dpp_listen_work *lwork;
931
932 if (!wpa_s->dpp_listen_work)
933 return;
934
935 lwork = wpa_s->dpp_listen_work->ctx;
936 wpas_dpp_listen_work_free(lwork);
937 radio_work_done(wpa_s->dpp_listen_work);
938 wpa_s->dpp_listen_work = NULL;
939 }
940
941
dpp_start_listen_cb(struct wpa_radio_work * work,int deinit)942 static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit)
943 {
944 struct wpa_supplicant *wpa_s = work->wpa_s;
945 struct wpas_dpp_listen_work *lwork = work->ctx;
946
947 if (deinit) {
948 if (work->started) {
949 wpa_s->dpp_listen_work = NULL;
950 wpas_dpp_listen_stop(wpa_s);
951 }
952 wpas_dpp_listen_work_free(lwork);
953 return;
954 }
955
956 wpa_s->dpp_listen_work = work;
957
958 wpa_s->dpp_pending_listen_freq = lwork->freq;
959
960 if (wpa_drv_remain_on_channel(wpa_s, lwork->freq,
961 wpa_s->max_remain_on_chan) < 0) {
962 wpa_printf(MSG_DEBUG,
963 "DPP: Failed to request the driver to remain on channel (%u MHz) for listen",
964 lwork->freq);
965 wpa_s->dpp_listen_freq = 0;
966 wpas_dpp_listen_work_done(wpa_s);
967 wpa_s->dpp_pending_listen_freq = 0;
968 return;
969 }
970 wpa_s->off_channel_freq = 0;
971 wpa_s->roc_waiting_drv_freq = lwork->freq;
972 wpa_drv_dpp_listen(wpa_s, true);
973 }
974
975
wpas_dpp_listen_start(struct wpa_supplicant * wpa_s,unsigned int freq)976 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
977 unsigned int freq)
978 {
979 struct wpas_dpp_listen_work *lwork;
980
981 if (wpa_s->dpp_listen_work) {
982 wpa_printf(MSG_DEBUG,
983 "DPP: Reject start_listen since dpp_listen_work already exists");
984 return -1;
985 }
986
987 if (wpa_s->dpp_listen_freq)
988 wpas_dpp_listen_stop(wpa_s);
989 wpa_s->dpp_listen_freq = freq;
990
991 lwork = os_zalloc(sizeof(*lwork));
992 if (!lwork)
993 return -1;
994 lwork->freq = freq;
995
996 if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb,
997 lwork) < 0) {
998 wpas_dpp_listen_work_free(lwork);
999 return -1;
1000 }
1001
1002 return 0;
1003 }
1004
1005
wpas_dpp_listen(struct wpa_supplicant * wpa_s,const char * cmd)1006 int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd)
1007 {
1008 int freq;
1009
1010 freq = atoi(cmd);
1011 if (freq <= 0)
1012 return -1;
1013
1014 if (os_strstr(cmd, " role=configurator"))
1015 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR;
1016 else if (os_strstr(cmd, " role=enrollee"))
1017 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
1018 else
1019 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR |
1020 DPP_CAPAB_ENROLLEE;
1021 wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
1022 if (os_strstr(cmd, " netrole=ap"))
1023 wpa_s->dpp_netrole = DPP_NETROLE_AP;
1024 else if (os_strstr(cmd, " netrole=configurator"))
1025 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
1026 else
1027 wpa_s->dpp_netrole = DPP_NETROLE_STA;
1028 if (wpa_s->dpp_listen_freq == (unsigned int) freq) {
1029 wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz",
1030 freq);
1031 return 0;
1032 }
1033
1034 return wpas_dpp_listen_start(wpa_s, freq);
1035 }
1036
1037
wpas_dpp_listen_stop(struct wpa_supplicant * wpa_s)1038 void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s)
1039 {
1040 wpa_s->dpp_in_response_listen = 0;
1041 if (!wpa_s->dpp_listen_freq)
1042 return;
1043
1044 wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz",
1045 wpa_s->dpp_listen_freq);
1046 wpa_drv_cancel_remain_on_channel(wpa_s);
1047 wpa_drv_dpp_listen(wpa_s, false);
1048 wpa_s->dpp_listen_freq = 0;
1049 wpas_dpp_listen_work_done(wpa_s);
1050 radio_remove_works(wpa_s, "dpp-listen", 0);
1051 }
1052
1053
wpas_dpp_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int duration)1054 void wpas_dpp_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1055 unsigned int freq, unsigned int duration)
1056 {
1057 if (wpa_s->dpp_listen_freq != freq)
1058 return;
1059
1060 wpa_printf(MSG_DEBUG,
1061 "DPP: Remain-on-channel started for listen on %u MHz for %u ms",
1062 freq, duration);
1063 os_get_reltime(&wpa_s->dpp_listen_end);
1064 wpa_s->dpp_listen_end.usec += duration * 1000;
1065 while (wpa_s->dpp_listen_end.usec >= 1000000) {
1066 wpa_s->dpp_listen_end.sec++;
1067 wpa_s->dpp_listen_end.usec -= 1000000;
1068 }
1069 }
1070
1071
wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq)1072 void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1073 unsigned int freq)
1074 {
1075 wpas_dpp_listen_work_done(wpa_s);
1076
1077 if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) {
1078 unsigned int new_freq;
1079
1080 /* Continue listen with a new remain-on-channel */
1081 if (wpa_s->dpp_auth->neg_freq > 0)
1082 new_freq = wpa_s->dpp_auth->neg_freq;
1083 else
1084 new_freq = wpa_s->dpp_auth->curr_freq;
1085 wpa_printf(MSG_DEBUG,
1086 "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session",
1087 new_freq);
1088 wpas_dpp_listen_start(wpa_s, new_freq);
1089 return;
1090 }
1091
1092 if (wpa_s->dpp_listen_freq) {
1093 /* Continue listen with a new remain-on-channel */
1094 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq);
1095 }
1096 }
1097
1098
wpas_dpp_rx_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1099 static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
1100 const u8 *hdr, const u8 *buf, size_t len,
1101 unsigned int freq)
1102 {
1103 const u8 *r_bootstrap, *i_bootstrap;
1104 u16 r_bootstrap_len, i_bootstrap_len;
1105 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL;
1106
1107 if (!wpa_s->dpp)
1108 return;
1109
1110 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR,
1111 MAC2STR(src));
1112
1113 #ifdef CONFIG_DPP2
1114 wpas_dpp_chirp_stop(wpa_s);
1115 #endif /* CONFIG_DPP2 */
1116
1117 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
1118 &r_bootstrap_len);
1119 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
1120 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1121 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
1122 return;
1123 }
1124 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
1125 r_bootstrap, r_bootstrap_len);
1126
1127 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
1128 &i_bootstrap_len);
1129 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) {
1130 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1131 "Missing or invalid required Initiator Bootstrapping Key Hash attribute");
1132 return;
1133 }
1134 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash",
1135 i_bootstrap, i_bootstrap_len);
1136
1137 /* Try to find own and peer bootstrapping key matches based on the
1138 * received hash values */
1139 dpp_bootstrap_find_pair(wpa_s->dpp, i_bootstrap, r_bootstrap,
1140 &own_bi, &peer_bi);
1141 if (!own_bi) {
1142 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1143 "No matching own bootstrapping key found - ignore message");
1144 return;
1145 }
1146
1147 if (wpa_s->dpp_auth) {
1148 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1149 "Already in DPP authentication exchange - ignore new one");
1150 return;
1151 }
1152
1153 wpa_s->dpp_pkex_wait_auth_req = false;
1154 wpa_s->dpp_gas_client = 0;
1155 wpa_s->dpp_gas_server = 0;
1156 wpa_s->dpp_auth_ok_on_ack = 0;
1157 wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s->dpp, wpa_s,
1158 wpa_s->dpp_allowed_roles,
1159 wpa_s->dpp_qr_mutual,
1160 peer_bi, own_bi, freq, hdr, buf, len);
1161 if (!wpa_s->dpp_auth) {
1162 wpa_printf(MSG_DEBUG, "DPP: No response generated");
1163 return;
1164 }
1165 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth);
1166 if (dpp_set_configurator(wpa_s->dpp_auth,
1167 wpa_s->dpp_configurator_params) < 0) {
1168 dpp_auth_deinit(wpa_s->dpp_auth);
1169 wpa_s->dpp_auth = NULL;
1170 return;
1171 }
1172 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN);
1173
1174 if (wpa_s->dpp_listen_freq &&
1175 wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) {
1176 wpa_printf(MSG_DEBUG,
1177 "DPP: Stop listen on %u MHz to allow response on the request %u MHz",
1178 wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq);
1179 wpas_dpp_listen_stop(wpa_s);
1180 }
1181
1182 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1183 MAC2STR(src), wpa_s->dpp_auth->curr_freq,
1184 DPP_PA_AUTHENTICATION_RESP);
1185 offchannel_send_action(wpa_s, wpa_s->dpp_auth->curr_freq,
1186 src, wpa_s->own_addr, broadcast,
1187 wpabuf_head(wpa_s->dpp_auth->resp_msg),
1188 wpabuf_len(wpa_s->dpp_auth->resp_msg),
1189 500, wpas_dpp_tx_status, 0);
1190 }
1191
1192
wpas_dpp_tx_wait_expire(struct wpa_supplicant * wpa_s)1193 void wpas_dpp_tx_wait_expire(struct wpa_supplicant *wpa_s)
1194 {
1195 struct dpp_authentication *auth = wpa_s->dpp_auth;
1196 int freq;
1197
1198 if (!wpa_s->dpp_gas_server || !auth)
1199 return;
1200
1201 freq = auth->neg_freq > 0 ? auth->neg_freq : auth->curr_freq;
1202 if (wpa_s->dpp_listen_work || (int) wpa_s->dpp_listen_freq == freq)
1203 return; /* listen state is already in progress */
1204
1205 wpa_printf(MSG_DEBUG, "DPP: Start listen on %u MHz for GAS", freq);
1206 wpa_s->dpp_in_response_listen = 1;
1207 wpas_dpp_listen_start(wpa_s, freq);
1208 }
1209
1210
wpas_dpp_start_gas_server(struct wpa_supplicant * wpa_s)1211 static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s)
1212 {
1213 struct dpp_authentication *auth = wpa_s->dpp_auth;
1214
1215 wpa_printf(MSG_DEBUG,
1216 "DPP: Starting GAS server (curr_freq=%d neg_freq=%d dpp_listen_freq=%d dpp_listen_work=%d)",
1217 auth->curr_freq, auth->neg_freq, wpa_s->dpp_listen_freq,
1218 !!wpa_s->dpp_listen_work);
1219 wpa_s->dpp_gas_server = 1;
1220 }
1221
1222
wpas_dpp_add_network(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1223 static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
1224 struct dpp_authentication *auth,
1225 struct dpp_config_obj *conf)
1226 {
1227 struct wpa_ssid *ssid;
1228
1229 #ifdef CONFIG_DPP2
1230 if (conf->akm == DPP_AKM_SAE) {
1231 #ifdef CONFIG_SAE
1232 struct wpa_driver_capa capa;
1233 int res;
1234
1235 res = wpa_drv_get_capa(wpa_s, &capa);
1236 if (res == 0 &&
1237 !(capa.key_mgmt_iftype[WPA_IF_STATION] &
1238 WPA_DRIVER_CAPA_KEY_MGMT_SAE) &&
1239 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) {
1240 wpa_printf(MSG_DEBUG,
1241 "DPP: SAE not supported by the driver");
1242 return NULL;
1243 }
1244 #else /* CONFIG_SAE */
1245 wpa_printf(MSG_DEBUG, "DPP: SAE not supported in the build");
1246 return NULL;
1247 #endif /* CONFIG_SAE */
1248 }
1249 #endif /* CONFIG_DPP2 */
1250
1251 ssid = wpa_config_add_network(wpa_s->conf);
1252 if (!ssid)
1253 return NULL;
1254 wpas_notify_network_added(wpa_s, ssid);
1255 wpa_config_set_network_defaults(ssid);
1256 ssid->disabled = 1;
1257
1258 ssid->ssid = os_malloc(conf->ssid_len);
1259 if (!ssid->ssid)
1260 goto fail;
1261 os_memcpy(ssid->ssid, conf->ssid, conf->ssid_len);
1262 ssid->ssid_len = conf->ssid_len;
1263
1264 if (conf->connector) {
1265 if (dpp_akm_dpp(conf->akm)) {
1266 ssid->key_mgmt = WPA_KEY_MGMT_DPP;
1267 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1268 }
1269 ssid->dpp_connector = os_strdup(conf->connector);
1270 if (!ssid->dpp_connector)
1271 goto fail;
1272 }
1273
1274 if (conf->c_sign_key) {
1275 ssid->dpp_csign = os_malloc(wpabuf_len(conf->c_sign_key));
1276 if (!ssid->dpp_csign)
1277 goto fail;
1278 os_memcpy(ssid->dpp_csign, wpabuf_head(conf->c_sign_key),
1279 wpabuf_len(conf->c_sign_key));
1280 ssid->dpp_csign_len = wpabuf_len(conf->c_sign_key);
1281 }
1282
1283 if (conf->pp_key) {
1284 ssid->dpp_pp_key = os_malloc(wpabuf_len(conf->pp_key));
1285 if (!ssid->dpp_pp_key)
1286 goto fail;
1287 os_memcpy(ssid->dpp_pp_key, wpabuf_head(conf->pp_key),
1288 wpabuf_len(conf->pp_key));
1289 ssid->dpp_pp_key_len = wpabuf_len(conf->pp_key);
1290 }
1291
1292 if (auth->net_access_key) {
1293 ssid->dpp_netaccesskey =
1294 os_malloc(wpabuf_len(auth->net_access_key));
1295 if (!ssid->dpp_netaccesskey)
1296 goto fail;
1297 os_memcpy(ssid->dpp_netaccesskey,
1298 wpabuf_head(auth->net_access_key),
1299 wpabuf_len(auth->net_access_key));
1300 ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key);
1301 ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry;
1302 }
1303
1304 if (!conf->connector || dpp_akm_psk(conf->akm) ||
1305 dpp_akm_sae(conf->akm)) {
1306 if (!conf->connector || !dpp_akm_dpp(conf->akm))
1307 ssid->key_mgmt = 0;
1308 if (dpp_akm_psk(conf->akm))
1309 ssid->key_mgmt |= WPA_KEY_MGMT_PSK |
1310 WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK;
1311 if (dpp_akm_sae(conf->akm))
1312 ssid->key_mgmt |= WPA_KEY_MGMT_SAE |
1313 WPA_KEY_MGMT_FT_SAE;
1314 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1315 if (conf->passphrase[0]) {
1316 if (wpa_config_set_quoted(ssid, "psk",
1317 conf->passphrase) < 0)
1318 goto fail;
1319 wpa_config_update_psk(ssid);
1320 ssid->export_keys = 1;
1321 } else {
1322 ssid->psk_set = conf->psk_set;
1323 os_memcpy(ssid->psk, conf->psk, PMK_LEN);
1324 }
1325 }
1326
1327 #if defined(CONFIG_DPP2) && defined(IEEE8021X_EAPOL)
1328 if (conf->akm == DPP_AKM_DOT1X) {
1329 int i;
1330 char name[100], blobname[128];
1331 struct wpa_config_blob *blob;
1332
1333 ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X |
1334 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1335 WPA_KEY_MGMT_IEEE8021X_SHA256;
1336 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1337
1338 if (conf->cacert) {
1339 /* caCert is DER-encoded X.509v3 certificate for the
1340 * server certificate if that is different from the
1341 * trust root included in certBag. */
1342 /* TODO: ssid->eap.cert.ca_cert */
1343 }
1344
1345 if (conf->certs) {
1346 for (i = 0; ; i++) {
1347 os_snprintf(name, sizeof(name), "dpp-certs-%d",
1348 i);
1349 if (!wpa_config_get_blob(wpa_s->conf, name))
1350 break;
1351 }
1352
1353 blob = os_zalloc(sizeof(*blob));
1354 if (!blob)
1355 goto fail;
1356 blob->len = wpabuf_len(conf->certs);
1357 blob->name = os_strdup(name);
1358 blob->data = os_malloc(blob->len);
1359 if (!blob->name || !blob->data) {
1360 wpa_config_free_blob(blob);
1361 goto fail;
1362 }
1363 os_memcpy(blob->data, wpabuf_head(conf->certs),
1364 blob->len);
1365 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1366 name);
1367 wpa_config_set_blob(wpa_s->conf, blob);
1368 wpa_printf(MSG_DEBUG, "DPP: Added certificate blob %s",
1369 name);
1370 ssid->eap.cert.client_cert = os_strdup(blobname);
1371 if (!ssid->eap.cert.client_cert)
1372 goto fail;
1373
1374 /* TODO: ssid->eap.identity from own certificate */
1375 if (wpa_config_set(ssid, "identity", "\"dpp-ent\"",
1376 0) < 0)
1377 goto fail;
1378 }
1379
1380 if (auth->priv_key) {
1381 for (i = 0; ; i++) {
1382 os_snprintf(name, sizeof(name), "dpp-key-%d",
1383 i);
1384 if (!wpa_config_get_blob(wpa_s->conf, name))
1385 break;
1386 }
1387
1388 blob = os_zalloc(sizeof(*blob));
1389 if (!blob)
1390 goto fail;
1391 blob->len = wpabuf_len(auth->priv_key);
1392 blob->name = os_strdup(name);
1393 blob->data = os_malloc(blob->len);
1394 if (!blob->name || !blob->data) {
1395 wpa_config_free_blob(blob);
1396 goto fail;
1397 }
1398 os_memcpy(blob->data, wpabuf_head(auth->priv_key),
1399 blob->len);
1400 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1401 name);
1402 wpa_config_set_blob(wpa_s->conf, blob);
1403 wpa_printf(MSG_DEBUG, "DPP: Added private key blob %s",
1404 name);
1405 ssid->eap.cert.private_key = os_strdup(blobname);
1406 if (!ssid->eap.cert.private_key)
1407 goto fail;
1408 }
1409
1410 if (conf->server_name) {
1411 ssid->eap.cert.domain_suffix_match =
1412 os_strdup(conf->server_name);
1413 if (!ssid->eap.cert.domain_suffix_match)
1414 goto fail;
1415 }
1416
1417 /* TODO: Use entCreds::eapMethods */
1418 if (wpa_config_set(ssid, "eap", "TLS", 0) < 0)
1419 goto fail;
1420 }
1421 #endif /* CONFIG_DPP2 && IEEE8021X_EAPOL */
1422
1423 os_memcpy(wpa_s->dpp_last_ssid, conf->ssid, conf->ssid_len);
1424 wpa_s->dpp_last_ssid_len = conf->ssid_len;
1425
1426 return ssid;
1427 fail:
1428 wpas_notify_network_removed(wpa_s, ssid);
1429 wpa_config_remove_network(wpa_s->conf, ssid->id);
1430 return NULL;
1431 }
1432
1433
wpas_dpp_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1434 static int wpas_dpp_process_config(struct wpa_supplicant *wpa_s,
1435 struct dpp_authentication *auth,
1436 struct dpp_config_obj *conf)
1437 {
1438 struct wpa_ssid *ssid;
1439
1440 if (wpa_s->conf->dpp_config_processing < 1)
1441 return 0;
1442
1443 ssid = wpas_dpp_add_network(wpa_s, auth, conf);
1444 if (!ssid)
1445 return -1;
1446
1447 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id);
1448 if (wpa_s->conf->dpp_config_processing == 2)
1449 ssid->disabled = 0;
1450
1451 #ifndef CONFIG_NO_CONFIG_WRITE
1452 if (wpa_s->conf->update_config &&
1453 wpa_config_write(wpa_s->confname, wpa_s->conf))
1454 wpa_printf(MSG_DEBUG, "DPP: Failed to update configuration");
1455 #endif /* CONFIG_NO_CONFIG_WRITE */
1456
1457 return 0;
1458 }
1459
1460
wpas_dpp_post_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)1461 static void wpas_dpp_post_process_config(struct wpa_supplicant *wpa_s,
1462 struct dpp_authentication *auth)
1463 {
1464 #ifdef CONFIG_DPP2
1465 if (auth->reconfig && wpa_s->dpp_reconfig_ssid &&
1466 wpa_config_get_network(wpa_s->conf, wpa_s->dpp_reconfig_ssid_id) ==
1467 wpa_s->dpp_reconfig_ssid) {
1468 wpa_printf(MSG_DEBUG,
1469 "DPP: Remove reconfigured network profile");
1470 wpas_notify_network_removed(wpa_s, wpa_s->dpp_reconfig_ssid);
1471 wpa_config_remove_network(wpa_s->conf,
1472 wpa_s->dpp_reconfig_ssid_id);
1473 wpa_s->dpp_reconfig_ssid = NULL;
1474 wpa_s->dpp_reconfig_ssid_id = -1;
1475 }
1476 #endif /* CONFIG_DPP2 */
1477
1478 if (wpa_s->conf->dpp_config_processing < 2)
1479 return;
1480
1481 #ifdef CONFIG_DPP2
1482 if (auth->peer_version >= 2) {
1483 wpa_printf(MSG_DEBUG,
1484 "DPP: Postpone connection attempt to wait for completion of DPP Configuration Result");
1485 auth->connect_on_tx_status = 1;
1486 return;
1487 }
1488 #endif /* CONFIG_DPP2 */
1489
1490 wpas_dpp_try_to_connect(wpa_s);
1491 }
1492
1493
wpas_dpp_handle_config_obj(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1494 static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s,
1495 struct dpp_authentication *auth,
1496 struct dpp_config_obj *conf)
1497 {
1498 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1499 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s",
1500 dpp_akm_str(conf->akm));
1501 if (conf->ssid_len)
1502 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s",
1503 wpa_ssid_txt(conf->ssid, conf->ssid_len));
1504 if (conf->ssid_charset)
1505 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID_CHARSET "%d",
1506 conf->ssid_charset);
1507 if (conf->connector) {
1508 /* TODO: Save the Connector and consider using a command
1509 * to fetch the value instead of sending an event with
1510 * it. The Connector could end up being larger than what
1511 * most clients are ready to receive as an event
1512 * message. */
1513 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s",
1514 conf->connector);
1515 }
1516 if (conf->passphrase[0]) {
1517 char hex[64 * 2 + 1];
1518
1519 wpa_snprintf_hex(hex, sizeof(hex),
1520 (const u8 *) conf->passphrase,
1521 os_strlen(conf->passphrase));
1522 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s",
1523 hex);
1524 } else if (conf->psk_set) {
1525 char hex[PMK_LEN * 2 + 1];
1526
1527 wpa_snprintf_hex(hex, sizeof(hex), conf->psk, PMK_LEN);
1528 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s",
1529 hex);
1530 }
1531 if (conf->c_sign_key) {
1532 char *hex;
1533 size_t hexlen;
1534
1535 hexlen = 2 * wpabuf_len(conf->c_sign_key) + 1;
1536 hex = os_malloc(hexlen);
1537 if (hex) {
1538 wpa_snprintf_hex(hex, hexlen,
1539 wpabuf_head(conf->c_sign_key),
1540 wpabuf_len(conf->c_sign_key));
1541 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s",
1542 hex);
1543 os_free(hex);
1544 }
1545 }
1546 if (conf->pp_key) {
1547 char *hex;
1548 size_t hexlen;
1549
1550 hexlen = 2 * wpabuf_len(conf->pp_key) + 1;
1551 hex = os_malloc(hexlen);
1552 if (hex) {
1553 wpa_snprintf_hex(hex, hexlen,
1554 wpabuf_head(conf->pp_key),
1555 wpabuf_len(conf->pp_key));
1556 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PP_KEY "%s", hex);
1557 os_free(hex);
1558 }
1559 }
1560 if (auth->net_access_key) {
1561 char *hex;
1562 size_t hexlen;
1563
1564 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1;
1565 hex = os_malloc(hexlen);
1566 if (hex) {
1567 wpa_snprintf_hex(hex, hexlen,
1568 wpabuf_head(auth->net_access_key),
1569 wpabuf_len(auth->net_access_key));
1570 if (auth->net_access_key_expiry)
1571 wpa_msg(wpa_s, MSG_INFO,
1572 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex,
1573 (long unsigned)
1574 auth->net_access_key_expiry);
1575 else
1576 wpa_msg(wpa_s, MSG_INFO,
1577 DPP_EVENT_NET_ACCESS_KEY "%s", hex);
1578 os_free(hex);
1579 }
1580 }
1581
1582 #ifdef CONFIG_DPP2
1583 if (conf->certbag) {
1584 char *b64;
1585
1586 b64 = base64_encode_no_lf(wpabuf_head(conf->certbag),
1587 wpabuf_len(conf->certbag), NULL);
1588 if (b64)
1589 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CERTBAG "%s", b64);
1590 os_free(b64);
1591 }
1592
1593 if (conf->cacert) {
1594 char *b64;
1595
1596 b64 = base64_encode_no_lf(wpabuf_head(conf->cacert),
1597 wpabuf_len(conf->cacert), NULL);
1598 if (b64)
1599 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CACERT "%s", b64);
1600 os_free(b64);
1601 }
1602
1603 if (conf->server_name)
1604 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_SERVER_NAME "%s",
1605 conf->server_name);
1606 #endif /* CONFIG_DPP2 */
1607
1608 return wpas_dpp_process_config(wpa_s, auth, conf);
1609 }
1610
1611
wpas_dpp_handle_key_pkg(struct wpa_supplicant * wpa_s,struct dpp_asymmetric_key * key)1612 static int wpas_dpp_handle_key_pkg(struct wpa_supplicant *wpa_s,
1613 struct dpp_asymmetric_key *key)
1614 {
1615 #ifdef CONFIG_DPP2
1616 int res;
1617
1618 if (!key)
1619 return 0;
1620
1621 wpa_printf(MSG_DEBUG, "DPP: Received Configurator backup");
1622 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1623 wpa_s->dpp_conf_backup_received = true;
1624
1625 while (key) {
1626 res = dpp_configurator_from_backup(wpa_s->dpp, key);
1627 if (res < 0)
1628 return -1;
1629 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFIGURATOR_ID "%d",
1630 res);
1631 key = key->next;
1632 }
1633 #endif /* CONFIG_DPP2 */
1634
1635 return 0;
1636 }
1637
1638
1639 #ifdef CONFIG_DPP2
wpas_dpp_build_csr(void * eloop_ctx,void * timeout_ctx)1640 static void wpas_dpp_build_csr(void *eloop_ctx, void *timeout_ctx)
1641 {
1642 struct wpa_supplicant *wpa_s = eloop_ctx;
1643 struct dpp_authentication *auth = wpa_s->dpp_auth;
1644
1645 if (!auth || !auth->csrattrs)
1646 return;
1647
1648 wpa_printf(MSG_DEBUG, "DPP: Build CSR");
1649 wpabuf_free(auth->csr);
1650 /* TODO: Additional information needed for CSR based on csrAttrs */
1651 auth->csr = dpp_build_csr(auth, wpa_s->conf->dpp_name ?
1652 wpa_s->conf->dpp_name : "Test");
1653 if (!auth->csr) {
1654 dpp_auth_deinit(wpa_s->dpp_auth);
1655 wpa_s->dpp_auth = NULL;
1656 return;
1657 }
1658
1659 wpas_dpp_start_gas_client(wpa_s);
1660 }
1661 #endif /* CONFIG_DPP2 */
1662
1663
1664 #ifdef CONFIG_DPP3
wpas_dpp_build_new_key(void * eloop_ctx,void * timeout_ctx)1665 static void wpas_dpp_build_new_key(void *eloop_ctx, void *timeout_ctx)
1666 {
1667 struct wpa_supplicant *wpa_s = eloop_ctx;
1668 struct dpp_authentication *auth = wpa_s->dpp_auth;
1669
1670 if (!auth || !auth->waiting_new_key)
1671 return;
1672
1673 wpa_printf(MSG_DEBUG, "DPP: Build config request with a new key");
1674 wpas_dpp_start_gas_client(wpa_s);
1675 }
1676 #endif /* CONFIG_DPP3 */
1677
1678
wpas_dpp_gas_resp_cb(void * ctx,const u8 * addr,u8 dialog_token,enum gas_query_result result,const struct wpabuf * adv_proto,const struct wpabuf * resp,u16 status_code)1679 static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token,
1680 enum gas_query_result result,
1681 const struct wpabuf *adv_proto,
1682 const struct wpabuf *resp, u16 status_code)
1683 {
1684 struct wpa_supplicant *wpa_s = ctx;
1685 const u8 *pos;
1686 struct dpp_authentication *auth = wpa_s->dpp_auth;
1687 int res;
1688 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED;
1689 unsigned int i;
1690
1691 eloop_cancel_timeout(wpas_dpp_gas_client_timeout, wpa_s, NULL);
1692 wpa_s->dpp_gas_dialog_token = -1;
1693
1694 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
1695 os_memcmp(addr, auth->peer_mac_addr, ETH_ALEN) != 0) {
1696 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
1697 return;
1698 }
1699 if (result != GAS_QUERY_SUCCESS ||
1700 !resp || status_code != WLAN_STATUS_SUCCESS) {
1701 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed");
1702 goto fail;
1703 }
1704
1705 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto",
1706 adv_proto);
1707 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)",
1708 resp);
1709
1710 if (wpabuf_len(adv_proto) != 10 ||
1711 !(pos = wpabuf_head(adv_proto)) ||
1712 pos[0] != WLAN_EID_ADV_PROTO ||
1713 pos[1] != 8 ||
1714 pos[3] != WLAN_EID_VENDOR_SPECIFIC ||
1715 pos[4] != 5 ||
1716 WPA_GET_BE24(&pos[5]) != OUI_WFA ||
1717 pos[8] != 0x1a ||
1718 pos[9] != 1) {
1719 wpa_printf(MSG_DEBUG,
1720 "DPP: Not a DPP Advertisement Protocol ID");
1721 goto fail;
1722 }
1723
1724 res = dpp_conf_resp_rx(auth, resp);
1725 #ifdef CONFIG_DPP2
1726 if (res == -2) {
1727 wpa_printf(MSG_DEBUG, "DPP: CSR needed");
1728 eloop_register_timeout(0, 0, wpas_dpp_build_csr, wpa_s, NULL);
1729 return;
1730 }
1731 #endif /* CONFIG_DPP2 */
1732 #ifdef CONFIG_DPP3
1733 if (res == -3) {
1734 wpa_printf(MSG_DEBUG, "DPP: New protocol key needed");
1735 eloop_register_timeout(0, 0, wpas_dpp_build_new_key, wpa_s,
1736 NULL);
1737 return;
1738 }
1739 #endif /* CONFIG_DPP3 */
1740 if (res < 0) {
1741 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed");
1742 goto fail;
1743 }
1744
1745 wpa_s->dpp_conf_backup_received = false;
1746 for (i = 0; i < auth->num_conf_obj; i++) {
1747 res = wpas_dpp_handle_config_obj(wpa_s, auth,
1748 &auth->conf_obj[i]);
1749 if (res < 0)
1750 goto fail;
1751 }
1752 if (auth->num_conf_obj)
1753 wpas_dpp_post_process_config(wpa_s, auth);
1754 if (wpas_dpp_handle_key_pkg(wpa_s, auth->conf_key_pkg) < 0)
1755 goto fail;
1756
1757 status = DPP_STATUS_OK;
1758 #ifdef CONFIG_TESTING_OPTIONS
1759 if (dpp_test == DPP_TEST_REJECT_CONFIG) {
1760 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object");
1761 status = DPP_STATUS_CONFIG_REJECTED;
1762 }
1763 #endif /* CONFIG_TESTING_OPTIONS */
1764 fail:
1765 if (status != DPP_STATUS_OK)
1766 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1767 #ifdef CONFIG_DPP2
1768 if (auth->peer_version >= 2 &&
1769 auth->conf_resp_status == DPP_STATUS_OK) {
1770 struct wpabuf *msg;
1771
1772 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result");
1773 msg = dpp_build_conf_result(auth, status);
1774 if (!msg)
1775 goto fail2;
1776
1777 wpa_msg(wpa_s, MSG_INFO,
1778 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1779 MAC2STR(addr), auth->curr_freq,
1780 DPP_PA_CONFIGURATION_RESULT);
1781 offchannel_send_action(wpa_s, auth->curr_freq,
1782 addr, wpa_s->own_addr, broadcast,
1783 wpabuf_head(msg),
1784 wpabuf_len(msg),
1785 500, wpas_dpp_tx_status, 0);
1786 wpabuf_free(msg);
1787
1788 /* This exchange will be terminated in the TX status handler */
1789 if (wpa_s->conf->dpp_config_processing < 2 ||
1790 wpa_s->dpp_conf_backup_received)
1791 auth->remove_on_tx_status = 1;
1792 return;
1793 }
1794 fail2:
1795 #endif /* CONFIG_DPP2 */
1796 dpp_auth_deinit(wpa_s->dpp_auth);
1797 wpa_s->dpp_auth = NULL;
1798 }
1799
1800
wpas_dpp_gas_client_timeout(void * eloop_ctx,void * timeout_ctx)1801 static void wpas_dpp_gas_client_timeout(void *eloop_ctx, void *timeout_ctx)
1802 {
1803 struct wpa_supplicant *wpa_s = eloop_ctx;
1804 struct dpp_authentication *auth = wpa_s->dpp_auth;
1805
1806 if (!wpa_s->dpp_gas_client || !auth ||
1807 (!auth->auth_success && !auth->reconfig_success))
1808 return;
1809
1810 wpa_printf(MSG_DEBUG, "DPP: Timeout while waiting for Config Response");
1811 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1812 dpp_auth_deinit(wpa_s->dpp_auth);
1813 wpa_s->dpp_auth = NULL;
1814 }
1815
1816
wpas_dpp_start_gas_client(struct wpa_supplicant * wpa_s)1817 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
1818 {
1819 struct dpp_authentication *auth = wpa_s->dpp_auth;
1820 struct wpabuf *buf;
1821 int res;
1822 int *supp_op_classes;
1823
1824 wpa_s->dpp_gas_client = 1;
1825 offchannel_send_action_done(wpa_s);
1826 wpas_dpp_listen_stop(wpa_s);
1827
1828 supp_op_classes = wpas_supp_op_classes(wpa_s);
1829 buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name,
1830 wpa_s->dpp_netrole,
1831 wpa_s->conf->dpp_mud_url,
1832 supp_op_classes);
1833 os_free(supp_op_classes);
1834 if (!buf) {
1835 wpa_printf(MSG_DEBUG,
1836 "DPP: No configuration request data available");
1837 return;
1838 }
1839
1840 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)",
1841 MAC2STR(auth->peer_mac_addr), auth->curr_freq);
1842
1843 /* Use a 120 second timeout since the gas_query_req() operation could
1844 * remain waiting indefinitely for the response if the Configurator
1845 * keeps sending out comeback responses with additional delay. The
1846 * DPP technical specification expects the Enrollee to continue sending
1847 * out new Config Requests for 60 seconds, so this gives an extra 60
1848 * second time after the last expected new Config Request for the
1849 * Configurator to determine what kind of configuration to provide. */
1850 eloop_register_timeout(120, 0, wpas_dpp_gas_client_timeout,
1851 wpa_s, NULL);
1852
1853 res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq,
1854 1, 1, buf, wpas_dpp_gas_resp_cb, wpa_s);
1855 if (res < 0) {
1856 wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request");
1857 wpabuf_free(buf);
1858 } else {
1859 wpa_printf(MSG_DEBUG,
1860 "DPP: GAS query started with dialog token %u", res);
1861 wpa_s->dpp_gas_dialog_token = res;
1862 }
1863 }
1864
1865
wpas_dpp_auth_success(struct wpa_supplicant * wpa_s,int initiator)1866 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator)
1867 {
1868 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
1869 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=%d", initiator);
1870 #ifdef CONFIG_TESTING_OPTIONS
1871 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) {
1872 wpa_printf(MSG_INFO,
1873 "DPP: TESTING - stop at Authentication Confirm");
1874 if (wpa_s->dpp_auth->configurator) {
1875 /* Prevent GAS response */
1876 wpa_s->dpp_auth->auth_success = 0;
1877 }
1878 return;
1879 }
1880 #endif /* CONFIG_TESTING_OPTIONS */
1881
1882 if (wpa_s->dpp_auth->configurator)
1883 wpas_dpp_start_gas_server(wpa_s);
1884 else
1885 wpas_dpp_start_gas_client(wpa_s);
1886 }
1887
1888
wpas_dpp_rx_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1889 static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
1890 const u8 *hdr, const u8 *buf, size_t len,
1891 unsigned int freq)
1892 {
1893 struct dpp_authentication *auth = wpa_s->dpp_auth;
1894 struct wpabuf *msg;
1895
1896 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR
1897 " (freq %u MHz)", MAC2STR(src), freq);
1898
1899 if (!auth) {
1900 wpa_printf(MSG_DEBUG,
1901 "DPP: No DPP Authentication in progress - drop");
1902 return;
1903 }
1904
1905 if (!is_zero_ether_addr(auth->peer_mac_addr) &&
1906 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1907 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1908 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1909 return;
1910 }
1911
1912 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
1913
1914 if (auth->curr_freq != freq && auth->neg_freq == freq) {
1915 wpa_printf(MSG_DEBUG,
1916 "DPP: Responder accepted request for different negotiation channel");
1917 auth->curr_freq = freq;
1918 }
1919
1920 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
1921 msg = dpp_auth_resp_rx(auth, hdr, buf, len);
1922 if (!msg) {
1923 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) {
1924 wpa_printf(MSG_DEBUG,
1925 "DPP: Start wait for full response");
1926 offchannel_send_action_done(wpa_s);
1927 wpas_dpp_listen_start(wpa_s, auth->curr_freq);
1928 return;
1929 }
1930 wpa_printf(MSG_DEBUG, "DPP: No confirm generated");
1931 return;
1932 }
1933 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
1934
1935 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1936 MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF);
1937 offchannel_send_action(wpa_s, auth->curr_freq,
1938 src, wpa_s->own_addr, broadcast,
1939 wpabuf_head(msg), wpabuf_len(msg),
1940 500, wpas_dpp_tx_status, 0);
1941 wpabuf_free(msg);
1942 wpa_s->dpp_auth_ok_on_ack = 1;
1943 }
1944
1945
wpas_dpp_rx_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)1946 static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
1947 const u8 *hdr, const u8 *buf, size_t len)
1948 {
1949 struct dpp_authentication *auth = wpa_s->dpp_auth;
1950
1951 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR,
1952 MAC2STR(src));
1953
1954 if (!auth) {
1955 wpa_printf(MSG_DEBUG,
1956 "DPP: No DPP Authentication in progress - drop");
1957 return;
1958 }
1959
1960 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
1961 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
1962 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
1963 return;
1964 }
1965
1966 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
1967
1968 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) {
1969 wpa_printf(MSG_DEBUG, "DPP: Authentication failed");
1970 return;
1971 }
1972
1973 wpas_dpp_auth_success(wpa_s, 0);
1974 }
1975
1976
1977 #ifdef CONFIG_DPP2
1978
wpas_dpp_config_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)1979 static void wpas_dpp_config_result_wait_timeout(void *eloop_ctx,
1980 void *timeout_ctx)
1981 {
1982 struct wpa_supplicant *wpa_s = eloop_ctx;
1983 struct dpp_authentication *auth = wpa_s->dpp_auth;
1984
1985 if (!auth || !auth->waiting_conf_result)
1986 return;
1987
1988 wpa_printf(MSG_DEBUG,
1989 "DPP: Timeout while waiting for Configuration Result");
1990 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1991 dpp_auth_deinit(auth);
1992 wpa_s->dpp_auth = NULL;
1993 }
1994
1995
wpas_dpp_conn_status_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)1996 static void wpas_dpp_conn_status_result_wait_timeout(void *eloop_ctx,
1997 void *timeout_ctx)
1998 {
1999 struct wpa_supplicant *wpa_s = eloop_ctx;
2000 struct dpp_authentication *auth = wpa_s->dpp_auth;
2001
2002 if (!auth || !auth->waiting_conn_status_result)
2003 return;
2004
2005 wpa_printf(MSG_DEBUG,
2006 "DPP: Timeout while waiting for Connection Status Result");
2007 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT "timeout");
2008 wpas_dpp_listen_stop(wpa_s);
2009 dpp_auth_deinit(auth);
2010 wpa_s->dpp_auth = NULL;
2011 }
2012
2013
wpas_dpp_rx_conf_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2014 static void wpas_dpp_rx_conf_result(struct wpa_supplicant *wpa_s, const u8 *src,
2015 const u8 *hdr, const u8 *buf, size_t len)
2016 {
2017 struct dpp_authentication *auth = wpa_s->dpp_auth;
2018 enum dpp_status_error status;
2019
2020 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR,
2021 MAC2STR(src));
2022
2023 if (!auth || !auth->waiting_conf_result) {
2024 if (auth &&
2025 os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) == 0 &&
2026 gas_server_response_sent(wpa_s->gas_server,
2027 auth->gas_server_ctx)) {
2028 /* This could happen if the TX status event gets delayed
2029 * long enough for the Enrollee to have time to send
2030 * the next frame before the TX status gets processed
2031 * locally. */
2032 wpa_printf(MSG_DEBUG,
2033 "DPP: GAS response was sent but TX status not yet received - assume it was ACKed since the Enrollee sent the next frame in the sequence");
2034 auth->waiting_conf_result = 1;
2035 } else {
2036 wpa_printf(MSG_DEBUG,
2037 "DPP: No DPP Configuration waiting for result - drop");
2038 return;
2039 }
2040 }
2041
2042 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2043 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2044 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2045 return;
2046 }
2047
2048 status = dpp_conf_result_rx(auth, hdr, buf, len);
2049
2050 if (status == DPP_STATUS_OK && auth->send_conn_status) {
2051 int freq;
2052
2053 wpa_msg(wpa_s, MSG_INFO,
2054 DPP_EVENT_CONF_SENT "wait_conn_status=1");
2055 wpa_printf(MSG_DEBUG, "DPP: Wait for Connection Status Result");
2056 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
2057 wpa_s, NULL);
2058 auth->waiting_conn_status_result = 1;
2059 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2060 wpa_s, NULL);
2061 eloop_register_timeout(16, 0,
2062 wpas_dpp_conn_status_result_wait_timeout,
2063 wpa_s, NULL);
2064 offchannel_send_action_done(wpa_s);
2065 freq = auth->neg_freq ? auth->neg_freq : auth->curr_freq;
2066 if (!wpa_s->dpp_in_response_listen ||
2067 (int) wpa_s->dpp_listen_freq != freq)
2068 wpas_dpp_listen_start(wpa_s, freq);
2069 return;
2070 }
2071 offchannel_send_action_done(wpa_s);
2072 wpas_dpp_listen_stop(wpa_s);
2073 if (status == DPP_STATUS_OK)
2074 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
2075 else
2076 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
2077 dpp_auth_deinit(auth);
2078 wpa_s->dpp_auth = NULL;
2079 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
2080 }
2081
2082
wpas_dpp_rx_conn_status_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2083 static void wpas_dpp_rx_conn_status_result(struct wpa_supplicant *wpa_s,
2084 const u8 *src, const u8 *hdr,
2085 const u8 *buf, size_t len)
2086 {
2087 struct dpp_authentication *auth = wpa_s->dpp_auth;
2088 enum dpp_status_error status;
2089 u8 ssid[SSID_MAX_LEN];
2090 size_t ssid_len = 0;
2091 char *channel_list = NULL;
2092
2093 wpa_printf(MSG_DEBUG, "DPP: Connection Status Result");
2094
2095 if (!auth || !auth->waiting_conn_status_result) {
2096 wpa_printf(MSG_DEBUG,
2097 "DPP: No DPP Configuration waiting for connection status result - drop");
2098 return;
2099 }
2100
2101 status = dpp_conn_status_result_rx(auth, hdr, buf, len,
2102 ssid, &ssid_len, &channel_list);
2103 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT
2104 "result=%d ssid=%s channel_list=%s",
2105 status, wpa_ssid_txt(ssid, ssid_len),
2106 channel_list ? channel_list : "N/A");
2107 os_free(channel_list);
2108 offchannel_send_action_done(wpa_s);
2109 wpas_dpp_listen_stop(wpa_s);
2110 dpp_auth_deinit(auth);
2111 wpa_s->dpp_auth = NULL;
2112 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2113 wpa_s, NULL);
2114 }
2115
2116
wpas_dpp_process_conf_obj(void * ctx,struct dpp_authentication * auth)2117 static int wpas_dpp_process_conf_obj(void *ctx,
2118 struct dpp_authentication *auth)
2119 {
2120 struct wpa_supplicant *wpa_s = ctx;
2121 unsigned int i;
2122 int res = -1;
2123
2124 for (i = 0; i < auth->num_conf_obj; i++) {
2125 res = wpas_dpp_handle_config_obj(wpa_s, auth,
2126 &auth->conf_obj[i]);
2127 if (res)
2128 break;
2129 }
2130 if (!res)
2131 wpas_dpp_post_process_config(wpa_s, auth);
2132
2133 return res;
2134 }
2135
2136
wpas_dpp_tcp_msg_sent(void * ctx,struct dpp_authentication * auth)2137 static bool wpas_dpp_tcp_msg_sent(void *ctx, struct dpp_authentication *auth)
2138 {
2139 struct wpa_supplicant *wpa_s = ctx;
2140
2141 wpa_printf(MSG_DEBUG, "DPP: TCP message sent callback");
2142
2143 if (auth->connect_on_tx_status) {
2144 auth->connect_on_tx_status = 0;
2145 wpa_printf(MSG_DEBUG,
2146 "DPP: Try to connect after completed configuration result");
2147 wpas_dpp_try_to_connect(wpa_s);
2148 if (auth->conn_status_requested) {
2149 wpa_printf(MSG_DEBUG,
2150 "DPP: Start 15 second timeout for reporting connection status result");
2151 eloop_cancel_timeout(
2152 wpas_dpp_conn_status_result_timeout,
2153 wpa_s, NULL);
2154 eloop_register_timeout(
2155 15, 0, wpas_dpp_conn_status_result_timeout,
2156 wpa_s, NULL);
2157 return true;
2158 }
2159 }
2160
2161 return false;
2162 }
2163
2164
wpas_dpp_remove_bi(void * ctx,struct dpp_bootstrap_info * bi)2165 static void wpas_dpp_remove_bi(void *ctx, struct dpp_bootstrap_info *bi)
2166 {
2167 struct wpa_supplicant *wpa_s = ctx;
2168
2169 if (bi == wpa_s->dpp_chirp_bi)
2170 wpas_dpp_chirp_stop(wpa_s);
2171 }
2172
2173
2174 static void
wpas_dpp_rx_presence_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2175 wpas_dpp_rx_presence_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2176 const u8 *hdr, const u8 *buf, size_t len,
2177 unsigned int freq)
2178 {
2179 const u8 *r_bootstrap;
2180 u16 r_bootstrap_len;
2181 struct dpp_bootstrap_info *peer_bi;
2182 struct dpp_authentication *auth;
2183
2184 if (!wpa_s->dpp)
2185 return;
2186
2187 if (wpa_s->dpp_auth) {
2188 wpa_printf(MSG_DEBUG,
2189 "DPP: Ignore Presence Announcement during ongoing Authentication");
2190 return;
2191 }
2192
2193 wpa_printf(MSG_DEBUG, "DPP: Presence Announcement from " MACSTR,
2194 MAC2STR(src));
2195
2196 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
2197 &r_bootstrap_len);
2198 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
2199 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2200 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
2201 return;
2202 }
2203 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
2204 r_bootstrap, r_bootstrap_len);
2205 peer_bi = dpp_bootstrap_find_chirp(wpa_s->dpp, r_bootstrap);
2206 dpp_notify_chirp_received(wpa_s, peer_bi ? (int) peer_bi->id : -1, src,
2207 freq, r_bootstrap);
2208 if (!peer_bi) {
2209 wpa_printf(MSG_DEBUG,
2210 "DPP: No matching bootstrapping information found");
2211 return;
2212 }
2213
2214 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, NULL,
2215 DPP_CAPAB_CONFIGURATOR, freq, NULL, 0);
2216 if (!auth)
2217 return;
2218 wpas_dpp_set_testing_options(wpa_s, auth);
2219 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2220 dpp_auth_deinit(auth);
2221 return;
2222 }
2223
2224 auth->neg_freq = freq;
2225
2226 /* The source address of the Presence Announcement frame overrides any
2227 * MAC address information from the bootstrapping information. */
2228 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2229
2230 wpa_s->dpp_auth = auth;
2231 if (wpas_dpp_auth_init_next(wpa_s) < 0) {
2232 dpp_auth_deinit(wpa_s->dpp_auth);
2233 wpa_s->dpp_auth = NULL;
2234 }
2235 }
2236
2237
wpas_dpp_reconfig_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)2238 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
2239 void *timeout_ctx)
2240 {
2241 struct wpa_supplicant *wpa_s = eloop_ctx;
2242 struct dpp_authentication *auth = wpa_s->dpp_auth;
2243
2244 if (!auth)
2245 return;
2246
2247 wpa_printf(MSG_DEBUG, "DPP: Reconfig Reply wait timeout");
2248 offchannel_send_action_done(wpa_s);
2249 wpas_dpp_listen_stop(wpa_s);
2250 dpp_auth_deinit(auth);
2251 wpa_s->dpp_auth = NULL;
2252 }
2253
2254
2255 static void
wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2256 wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2257 const u8 *hdr, const u8 *buf, size_t len,
2258 unsigned int freq)
2259 {
2260 const u8 *csign_hash, *fcgroup, *a_nonce, *e_id;
2261 u16 csign_hash_len, fcgroup_len, a_nonce_len, e_id_len;
2262 struct dpp_configurator *conf;
2263 struct dpp_authentication *auth;
2264 unsigned int wait_time, max_wait_time;
2265 u16 group;
2266
2267 if (!wpa_s->dpp)
2268 return;
2269
2270 if (wpa_s->dpp_auth) {
2271 wpa_printf(MSG_DEBUG,
2272 "DPP: Ignore Reconfig Announcement during ongoing Authentication");
2273 return;
2274 }
2275
2276 wpa_printf(MSG_DEBUG, "DPP: Reconfig Announcement from " MACSTR,
2277 MAC2STR(src));
2278
2279 csign_hash = dpp_get_attr(buf, len, DPP_ATTR_C_SIGN_KEY_HASH,
2280 &csign_hash_len);
2281 if (!csign_hash || csign_hash_len != SHA256_MAC_LEN) {
2282 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2283 "Missing or invalid required Configurator C-sign key Hash attribute");
2284 return;
2285 }
2286 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator C-sign key Hash (kid)",
2287 csign_hash, csign_hash_len);
2288 conf = dpp_configurator_find_kid(wpa_s->dpp, csign_hash);
2289 if (!conf) {
2290 wpa_printf(MSG_DEBUG,
2291 "DPP: No matching Configurator information found");
2292 return;
2293 }
2294
2295 fcgroup = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP,
2296 &fcgroup_len);
2297 if (!fcgroup || fcgroup_len != 2) {
2298 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2299 "Missing or invalid required Finite Cyclic Group attribute");
2300 return;
2301 }
2302 group = WPA_GET_LE16(fcgroup);
2303 wpa_printf(MSG_DEBUG, "DPP: Enrollee finite cyclic group: %u", group);
2304
2305 a_nonce = dpp_get_attr(buf, len, DPP_ATTR_A_NONCE, &a_nonce_len);
2306 e_id = dpp_get_attr(buf, len, DPP_ATTR_E_PRIME_ID, &e_id_len);
2307
2308 auth = dpp_reconfig_init(wpa_s->dpp, wpa_s, conf, freq, group,
2309 a_nonce, a_nonce_len, e_id, e_id_len);
2310 if (!auth)
2311 return;
2312 wpas_dpp_set_testing_options(wpa_s, auth);
2313 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2314 dpp_auth_deinit(auth);
2315 return;
2316 }
2317
2318 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2319 wpa_s->dpp_auth = auth;
2320
2321 wpa_s->dpp_in_response_listen = 0;
2322 wpa_s->dpp_auth_ok_on_ack = 0;
2323 wait_time = wpa_s->max_remain_on_chan;
2324 max_wait_time = wpa_s->dpp_resp_wait_time ?
2325 wpa_s->dpp_resp_wait_time : 2000;
2326 if (wait_time > max_wait_time)
2327 wait_time = max_wait_time;
2328 wait_time += 10; /* give the driver some extra time to complete */
2329 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
2330 wpas_dpp_reconfig_reply_wait_timeout,
2331 wpa_s, NULL);
2332 wait_time -= 10;
2333
2334 wpas_dpp_stop_listen_for_tx(wpa_s, freq, wait_time);
2335
2336 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2337 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_REQ);
2338 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2339 wpabuf_head(auth->reconfig_req_msg),
2340 wpabuf_len(auth->reconfig_req_msg),
2341 wait_time, wpas_dpp_tx_status, 0) < 0) {
2342 dpp_auth_deinit(wpa_s->dpp_auth);
2343 wpa_s->dpp_auth = NULL;
2344 }
2345 }
2346
2347
2348 static void
wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2349 wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
2350 const u8 *hdr, const u8 *buf, size_t len,
2351 unsigned int freq)
2352 {
2353 struct wpa_ssid *ssid;
2354 struct dpp_authentication *auth;
2355
2356 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Request from "
2357 MACSTR, MAC2STR(src));
2358
2359 if (!wpa_s->dpp)
2360 return;
2361 if (wpa_s->dpp_auth) {
2362 wpa_printf(MSG_DEBUG,
2363 "DPP: Not ready for reconfiguration - pending authentication exchange in progress");
2364 return;
2365 }
2366 if (!wpa_s->dpp_reconfig_ssid) {
2367 wpa_printf(MSG_DEBUG,
2368 "DPP: Not ready for reconfiguration - not requested");
2369 return;
2370 }
2371 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2372 if (ssid == wpa_s->dpp_reconfig_ssid &&
2373 ssid->id == wpa_s->dpp_reconfig_ssid_id)
2374 break;
2375 }
2376 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2377 !ssid->dpp_csign) {
2378 wpa_printf(MSG_DEBUG,
2379 "DPP: Not ready for reconfiguration - no matching network profile with Connector found");
2380 return;
2381 }
2382
2383 auth = dpp_reconfig_auth_req_rx(wpa_s->dpp, wpa_s, ssid->dpp_connector,
2384 ssid->dpp_netaccesskey,
2385 ssid->dpp_netaccesskey_len,
2386 ssid->dpp_csign, ssid->dpp_csign_len,
2387 freq, hdr, buf, len);
2388 if (!auth)
2389 return;
2390 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2391 wpa_s->dpp_auth = auth;
2392
2393 wpas_dpp_chirp_stop(wpa_s);
2394
2395 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2396 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_RESP);
2397 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2398 wpabuf_head(auth->reconfig_resp_msg),
2399 wpabuf_len(auth->reconfig_resp_msg),
2400 500, wpas_dpp_tx_status, 0) < 0) {
2401 dpp_auth_deinit(wpa_s->dpp_auth);
2402 wpa_s->dpp_auth = NULL;
2403 }
2404 }
2405
2406
2407 static void
wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2408 wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2409 const u8 *hdr, const u8 *buf, size_t len,
2410 unsigned int freq)
2411 {
2412 struct dpp_authentication *auth = wpa_s->dpp_auth;
2413 struct wpabuf *conf;
2414
2415 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Response from "
2416 MACSTR, MAC2STR(src));
2417
2418 if (!auth || !auth->reconfig || !auth->configurator) {
2419 wpa_printf(MSG_DEBUG,
2420 "DPP: No DPP Reconfig Authentication in progress - drop");
2421 return;
2422 }
2423
2424 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2425 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2426 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2427 return;
2428 }
2429
2430 conf = dpp_reconfig_auth_resp_rx(auth, hdr, buf, len);
2431 if (!conf)
2432 return;
2433
2434 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, wpa_s, NULL);
2435
2436 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2437 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_CONF);
2438 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2439 wpabuf_head(conf), wpabuf_len(conf),
2440 500, wpas_dpp_tx_status, 0) < 0) {
2441 wpabuf_free(conf);
2442 dpp_auth_deinit(wpa_s->dpp_auth);
2443 wpa_s->dpp_auth = NULL;
2444 return;
2445 }
2446 wpabuf_free(conf);
2447
2448 wpas_dpp_start_gas_server(wpa_s);
2449 }
2450
2451
2452 static void
wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2453 wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
2454 const u8 *hdr, const u8 *buf, size_t len,
2455 unsigned int freq)
2456 {
2457 struct dpp_authentication *auth = wpa_s->dpp_auth;
2458
2459 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Confirm from "
2460 MACSTR, MAC2STR(src));
2461
2462 if (!auth || !auth->reconfig || auth->configurator) {
2463 wpa_printf(MSG_DEBUG,
2464 "DPP: No DPP Reconfig Authentication in progress - drop");
2465 return;
2466 }
2467
2468 if (os_memcmp(src, auth->peer_mac_addr, ETH_ALEN) != 0) {
2469 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2470 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2471 return;
2472 }
2473
2474 if (dpp_reconfig_auth_conf_rx(auth, hdr, buf, len) < 0)
2475 return;
2476
2477 wpas_dpp_start_gas_client(wpa_s);
2478 }
2479
2480 #endif /* CONFIG_DPP2 */
2481
2482
wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len)2483 static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s,
2484 const u8 *src,
2485 const u8 *buf, size_t len)
2486 {
2487 struct wpa_ssid *ssid;
2488 const u8 *connector, *trans_id, *status;
2489 u16 connector_len, trans_id_len, status_len;
2490 #ifdef CONFIG_DPP2
2491 const u8 *version;
2492 u16 version_len;
2493 #endif /* CONFIG_DPP2 */
2494 u8 peer_version = 1;
2495 struct dpp_introduction intro;
2496 struct rsn_pmksa_cache_entry *entry;
2497 struct os_time now;
2498 struct os_reltime rnow;
2499 os_time_t expiry;
2500 unsigned int seconds;
2501 enum dpp_status_error res;
2502
2503 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR,
2504 MAC2STR(src));
2505 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) ||
2506 os_memcmp(src, wpa_s->dpp_intro_bssid, ETH_ALEN) != 0) {
2507 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from "
2508 MACSTR " - drop", MAC2STR(src));
2509 return;
2510 }
2511 offchannel_send_action_done(wpa_s);
2512
2513 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2514 if (ssid == wpa_s->dpp_intro_network)
2515 break;
2516 }
2517 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2518 !ssid->dpp_csign) {
2519 wpa_printf(MSG_DEBUG,
2520 "DPP: Profile not found for network introduction");
2521 return;
2522 }
2523
2524 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID,
2525 &trans_id_len);
2526 if (!trans_id || trans_id_len != 1) {
2527 wpa_printf(MSG_DEBUG,
2528 "DPP: Peer did not include Transaction ID");
2529 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2530 " fail=missing_transaction_id", MAC2STR(src));
2531 goto fail;
2532 }
2533 if (trans_id[0] != TRANSACTION_ID) {
2534 wpa_printf(MSG_DEBUG,
2535 "DPP: Ignore frame with unexpected Transaction ID %u",
2536 trans_id[0]);
2537 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2538 " fail=transaction_id_mismatch", MAC2STR(src));
2539 goto fail;
2540 }
2541
2542 status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len);
2543 if (!status || status_len != 1) {
2544 wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status");
2545 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2546 " fail=missing_status", MAC2STR(src));
2547 goto fail;
2548 }
2549 if (status[0] != DPP_STATUS_OK) {
2550 wpa_printf(MSG_DEBUG,
2551 "DPP: Peer rejected network introduction: Status %u",
2552 status[0]);
2553 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2554 " status=%u", MAC2STR(src), status[0]);
2555 #ifdef CONFIG_DPP2
2556 wpas_dpp_send_conn_status_result(wpa_s, status[0]);
2557 #endif /* CONFIG_DPP2 */
2558 goto fail;
2559 }
2560
2561 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len);
2562 if (!connector) {
2563 wpa_printf(MSG_DEBUG,
2564 "DPP: Peer did not include its Connector");
2565 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2566 " fail=missing_connector", MAC2STR(src));
2567 goto fail;
2568 }
2569
2570 res = dpp_peer_intro(&intro, ssid->dpp_connector,
2571 ssid->dpp_netaccesskey,
2572 ssid->dpp_netaccesskey_len,
2573 ssid->dpp_csign,
2574 ssid->dpp_csign_len,
2575 connector, connector_len, &expiry);
2576 if (res != DPP_STATUS_OK) {
2577 wpa_printf(MSG_INFO,
2578 "DPP: Network Introduction protocol resulted in failure");
2579 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2580 " fail=peer_connector_validation_failed", MAC2STR(src));
2581 #ifdef CONFIG_DPP2
2582 wpas_dpp_send_conn_status_result(wpa_s, res);
2583 #endif /* CONFIG_DPP2 */
2584 goto fail;
2585 }
2586
2587 entry = os_zalloc(sizeof(*entry));
2588 if (!entry)
2589 goto fail;
2590 os_memcpy(entry->aa, src, ETH_ALEN);
2591 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN);
2592 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len);
2593 entry->pmk_len = intro.pmk_len;
2594 entry->akmp = WPA_KEY_MGMT_DPP;
2595 #ifdef CONFIG_DPP2
2596 version = dpp_get_attr(buf, len, DPP_ATTR_PROTOCOL_VERSION,
2597 &version_len);
2598 if (version && version_len >= 1)
2599 peer_version = version[0];
2600 #ifdef CONFIG_DPP3
2601 if (intro.peer_version && intro.peer_version >= 2 &&
2602 peer_version != intro.peer_version) {
2603 wpa_printf(MSG_INFO,
2604 "DPP: Protocol version mismatch (Connector: %d Attribute: %d",
2605 intro.peer_version, peer_version);
2606 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_NO_MATCH);
2607 goto fail;
2608 }
2609 #endif /* CONFIG_DPP3 */
2610 entry->dpp_pfs = peer_version >= 2;
2611 #endif /* CONFIG_DPP2 */
2612 if (expiry) {
2613 os_get_time(&now);
2614 seconds = expiry - now.sec;
2615 } else {
2616 seconds = 86400 * 7;
2617 }
2618 os_get_reltime(&rnow);
2619 entry->expiration = rnow.sec + seconds;
2620 entry->reauth_time = rnow.sec + seconds;
2621 entry->network_ctx = ssid;
2622 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry);
2623
2624 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2625 " status=%u version=%u", MAC2STR(src), status[0], peer_version);
2626
2627 wpa_printf(MSG_DEBUG,
2628 "DPP: Try connection again after successful network introduction");
2629 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2630 wpa_supplicant_cancel_sched_scan(wpa_s);
2631 wpa_supplicant_req_scan(wpa_s, 0, 0);
2632 }
2633 fail:
2634 os_memset(&intro, 0, sizeof(intro));
2635 }
2636
2637
wpas_dpp_allow_ir(struct wpa_supplicant * wpa_s,unsigned int freq)2638 static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq)
2639 {
2640 int i, j;
2641
2642 if (!wpa_s->hw.modes)
2643 return -1;
2644
2645 for (i = 0; i < wpa_s->hw.num_modes; i++) {
2646 struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i];
2647
2648 for (j = 0; j < mode->num_channels; j++) {
2649 struct hostapd_channel_data *chan = &mode->channels[j];
2650
2651 if (chan->freq != (int) freq)
2652 continue;
2653
2654 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2655 HOSTAPD_CHAN_NO_IR |
2656 HOSTAPD_CHAN_RADAR))
2657 continue;
2658
2659 return 1;
2660 }
2661 }
2662
2663 wpa_printf(MSG_DEBUG,
2664 "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list",
2665 freq);
2666
2667 return 0;
2668 }
2669
2670
wpas_dpp_pkex_next_channel(struct wpa_supplicant * wpa_s,struct dpp_pkex * pkex)2671 static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s,
2672 struct dpp_pkex *pkex)
2673 {
2674 if (pkex->freq == 2437)
2675 pkex->freq = 5745;
2676 else if (pkex->freq == 5745)
2677 pkex->freq = 5220;
2678 else if (pkex->freq == 5220)
2679 pkex->freq = 60480;
2680 else
2681 return -1; /* no more channels to try */
2682
2683 if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) {
2684 wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz",
2685 pkex->freq);
2686 return 0;
2687 }
2688
2689 /* Could not use this channel - try the next one */
2690 return wpas_dpp_pkex_next_channel(wpa_s, pkex);
2691 }
2692
2693
2694 #ifdef CONFIG_DPP2
wpas_dpp_pkex_done(void * ctx,void * conn,struct dpp_bootstrap_info * peer_bi)2695 static int wpas_dpp_pkex_done(void *ctx, void *conn,
2696 struct dpp_bootstrap_info *peer_bi)
2697 {
2698 struct wpa_supplicant *wpa_s = ctx;
2699 const char *cmd = wpa_s->dpp_pkex_auth_cmd;
2700 const char *pos;
2701 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
2702 struct dpp_bootstrap_info *own_bi = NULL;
2703 struct dpp_authentication *auth;
2704
2705 if (!cmd)
2706 cmd = "";
2707 wpa_printf(MSG_DEBUG, "DPP: Start authentication after PKEX (cmd: %s)",
2708 cmd);
2709
2710 pos = os_strstr(cmd, " own=");
2711 if (pos) {
2712 pos += 5;
2713 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
2714 if (!own_bi) {
2715 wpa_printf(MSG_INFO,
2716 "DPP: Could not find bootstrapping info for the identified local entry");
2717 return -1;
2718 }
2719
2720 if (peer_bi->curve != own_bi->curve) {
2721 wpa_printf(MSG_INFO,
2722 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
2723 peer_bi->curve->name, own_bi->curve->name);
2724 return -1;
2725 }
2726 }
2727
2728 pos = os_strstr(cmd, " role=");
2729 if (pos) {
2730 pos += 6;
2731 if (os_strncmp(pos, "configurator", 12) == 0)
2732 allowed_roles = DPP_CAPAB_CONFIGURATOR;
2733 else if (os_strncmp(pos, "enrollee", 8) == 0)
2734 allowed_roles = DPP_CAPAB_ENROLLEE;
2735 else if (os_strncmp(pos, "either", 6) == 0)
2736 allowed_roles = DPP_CAPAB_CONFIGURATOR |
2737 DPP_CAPAB_ENROLLEE;
2738 else
2739 return -1;
2740 }
2741
2742 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
2743 0, wpa_s->hw.modes, wpa_s->hw.num_modes);
2744 if (!auth)
2745 return -1;
2746
2747 wpas_dpp_set_testing_options(wpa_s, auth);
2748 if (dpp_set_configurator(auth, cmd) < 0) {
2749 dpp_auth_deinit(auth);
2750 return -1;
2751 }
2752
2753 return dpp_tcp_auth(wpa_s->dpp, conn, auth, wpa_s->conf->dpp_name,
2754 DPP_NETROLE_STA, wpas_dpp_process_conf_obj,
2755 wpas_dpp_tcp_msg_sent);
2756 }
2757 #endif /* CONFIG_DPP2 */
2758
2759
wpas_dpp_pkex_init(struct wpa_supplicant * wpa_s,enum dpp_pkex_ver ver,const struct hostapd_ip_addr * ipaddr,int tcp_port)2760 static int wpas_dpp_pkex_init(struct wpa_supplicant *wpa_s,
2761 enum dpp_pkex_ver ver,
2762 const struct hostapd_ip_addr *ipaddr,
2763 int tcp_port)
2764 {
2765 struct dpp_pkex *pkex;
2766 struct wpabuf *msg;
2767 unsigned int wait_time;
2768 bool v2 = ver != PKEX_VER_ONLY_1;
2769
2770 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEXv%d", v2 ? 2 : 1);
2771 dpp_pkex_free(wpa_s->dpp_pkex);
2772 wpa_s->dpp_pkex = NULL;
2773 pkex = dpp_pkex_init(wpa_s, wpa_s->dpp_pkex_bi, wpa_s->own_addr,
2774 wpa_s->dpp_pkex_identifier,
2775 wpa_s->dpp_pkex_code, v2);
2776 if (!pkex)
2777 return -1;
2778 pkex->forced_ver = ver != PKEX_VER_AUTO;
2779
2780 if (ipaddr) {
2781 #ifdef CONFIG_DPP2
2782 return dpp_tcp_pkex_init(wpa_s->dpp, pkex, ipaddr, tcp_port,
2783 wpa_s, wpa_s, wpas_dpp_pkex_done);
2784 #else /* CONFIG_DPP2 */
2785 return -1;
2786 #endif /* CONFIG_DPP2 */
2787 }
2788
2789 wpa_s->dpp_pkex = pkex;
2790 msg = pkex->exchange_req;
2791 wait_time = wpa_s->max_remain_on_chan;
2792 if (wait_time > 2000)
2793 wait_time = 2000;
2794 pkex->freq = 2437;
2795 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
2796 " freq=%u type=%d",
2797 MAC2STR(broadcast), pkex->freq,
2798 v2 ? DPP_PA_PKEX_EXCHANGE_REQ :
2799 DPP_PA_PKEX_V1_EXCHANGE_REQ);
2800 offchannel_send_action(wpa_s, pkex->freq, broadcast,
2801 wpa_s->own_addr, broadcast,
2802 wpabuf_head(msg), wpabuf_len(msg),
2803 wait_time, wpas_dpp_tx_pkex_status, 0);
2804 if (wait_time == 0)
2805 wait_time = 2000;
2806 pkex->exch_req_wait_time = wait_time;
2807 pkex->exch_req_tries = 1;
2808
2809 return 0;
2810 }
2811
2812
wpas_dpp_pkex_retry_timeout(void * eloop_ctx,void * timeout_ctx)2813 static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx)
2814 {
2815 struct wpa_supplicant *wpa_s = eloop_ctx;
2816 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2817
2818 if (!pkex || !pkex->exchange_req)
2819 return;
2820 if (pkex->exch_req_tries >= 5) {
2821 if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) {
2822 #ifdef CONFIG_DPP3
2823 if (pkex->v2 && !pkex->forced_ver) {
2824 wpa_printf(MSG_DEBUG,
2825 "DPP: Fall back to PKEXv1");
2826 wpas_dpp_pkex_init(wpa_s, PKEX_VER_ONLY_1,
2827 NULL, 0);
2828 return;
2829 }
2830 #endif /* CONFIG_DPP3 */
2831 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2832 "No response from PKEX peer");
2833 dpp_pkex_free(pkex);
2834 wpa_s->dpp_pkex = NULL;
2835 return;
2836 }
2837 pkex->exch_req_tries = 0;
2838 }
2839
2840 pkex->exch_req_tries++;
2841 wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)",
2842 pkex->exch_req_tries);
2843 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2844 MAC2STR(broadcast), pkex->freq,
2845 pkex->v2 ? DPP_PA_PKEX_EXCHANGE_REQ :
2846 DPP_PA_PKEX_V1_EXCHANGE_REQ);
2847 offchannel_send_action(wpa_s, pkex->freq, broadcast,
2848 wpa_s->own_addr, broadcast,
2849 wpabuf_head(pkex->exchange_req),
2850 wpabuf_len(pkex->exchange_req),
2851 pkex->exch_req_wait_time,
2852 wpas_dpp_tx_pkex_status, 0);
2853 }
2854
2855
2856 static void
wpas_dpp_tx_pkex_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)2857 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
2858 unsigned int freq, const u8 *dst,
2859 const u8 *src, const u8 *bssid,
2860 const u8 *data, size_t data_len,
2861 enum offchannel_send_action_result result)
2862 {
2863 const char *res_txt;
2864 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
2865
2866 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
2867 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
2868 "FAILED");
2869 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
2870 " result=%s (PKEX)",
2871 freq, MAC2STR(dst), res_txt);
2872 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
2873 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
2874
2875 if (!pkex) {
2876 wpa_printf(MSG_DEBUG,
2877 "DPP: Ignore TX status since there is no ongoing PKEX exchange");
2878 return;
2879 }
2880
2881 if (pkex->failed) {
2882 wpa_printf(MSG_DEBUG,
2883 "DPP: Terminate PKEX exchange due to an earlier error");
2884 if (pkex->t > pkex->own_bi->pkex_t)
2885 pkex->own_bi->pkex_t = pkex->t;
2886 dpp_pkex_free(pkex);
2887 wpa_s->dpp_pkex = NULL;
2888 return;
2889 }
2890
2891 if (pkex->exch_req_wait_time && pkex->exchange_req) {
2892 /* Wait for PKEX Exchange Response frame and retry request if
2893 * no response is seen. */
2894 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
2895 eloop_register_timeout(pkex->exch_req_wait_time / 1000,
2896 (pkex->exch_req_wait_time % 1000) * 1000,
2897 wpas_dpp_pkex_retry_timeout, wpa_s,
2898 NULL);
2899 }
2900 }
2901
2902
2903 static void
wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq,bool v2)2904 wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src,
2905 const u8 *buf, size_t len, unsigned int freq,
2906 bool v2)
2907 {
2908 struct wpabuf *msg;
2909 unsigned int wait_time;
2910
2911 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR,
2912 MAC2STR(src));
2913
2914 if (wpa_s->dpp_pkex_ver == PKEX_VER_ONLY_1 && v2) {
2915 wpa_printf(MSG_DEBUG,
2916 "DPP: Ignore PKEXv2 Exchange Request when configured to be PKEX v1 only");
2917 return;
2918 }
2919 if (wpa_s->dpp_pkex_ver == PKEX_VER_ONLY_2 && !v2) {
2920 wpa_printf(MSG_DEBUG,
2921 "DPP: Ignore PKEXv1 Exchange Request when configured to be PKEX v2 only");
2922 return;
2923 }
2924
2925 /* TODO: Support multiple PKEX codes by iterating over all the enabled
2926 * values here */
2927
2928 if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) {
2929 wpa_printf(MSG_DEBUG,
2930 "DPP: No PKEX code configured - ignore request");
2931 return;
2932 }
2933
2934 if (wpa_s->dpp_pkex) {
2935 /* TODO: Support parallel operations */
2936 wpa_printf(MSG_DEBUG,
2937 "DPP: Already in PKEX session - ignore new request");
2938 return;
2939 }
2940
2941 wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi,
2942 wpa_s->own_addr, src,
2943 wpa_s->dpp_pkex_identifier,
2944 wpa_s->dpp_pkex_code,
2945 buf, len, v2);
2946 if (!wpa_s->dpp_pkex) {
2947 wpa_printf(MSG_DEBUG,
2948 "DPP: Failed to process the request - ignore it");
2949 return;
2950 }
2951
2952 wpa_s->dpp_pkex_wait_auth_req = false;
2953 msg = wpa_s->dpp_pkex->exchange_resp;
2954 wait_time = wpa_s->max_remain_on_chan;
2955 if (wait_time > 2000)
2956 wait_time = 2000;
2957 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2958 MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP);
2959 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
2960 broadcast,
2961 wpabuf_head(msg), wpabuf_len(msg),
2962 wait_time, wpas_dpp_tx_pkex_status, 0);
2963 }
2964
2965
2966 static void
wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)2967 wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2968 const u8 *buf, size_t len, unsigned int freq)
2969 {
2970 struct wpabuf *msg;
2971 unsigned int wait_time;
2972
2973 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR,
2974 MAC2STR(src));
2975
2976 /* TODO: Support multiple PKEX codes by iterating over all the enabled
2977 * values here */
2978
2979 if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator ||
2980 wpa_s->dpp_pkex->exchange_done) {
2981 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
2982 return;
2983 }
2984
2985 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
2986 wpa_s->dpp_pkex->exch_req_wait_time = 0;
2987
2988 msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len);
2989 if (!msg) {
2990 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
2991 return;
2992 }
2993
2994 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR,
2995 MAC2STR(src));
2996
2997 wait_time = wpa_s->max_remain_on_chan;
2998 if (wait_time > 2000)
2999 wait_time = 2000;
3000 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3001 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ);
3002 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
3003 broadcast,
3004 wpabuf_head(msg), wpabuf_len(msg),
3005 wait_time, wpas_dpp_tx_pkex_status, 0);
3006 wpabuf_free(msg);
3007 }
3008
3009
3010 static struct dpp_bootstrap_info *
wpas_dpp_pkex_finish(struct wpa_supplicant * wpa_s,const u8 * peer,unsigned int freq)3011 wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer,
3012 unsigned int freq)
3013 {
3014 struct dpp_bootstrap_info *bi;
3015
3016 bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq);
3017 if (!bi)
3018 return NULL;
3019 wpa_s->dpp_pkex = NULL;
3020 return bi;
3021 }
3022
3023
3024 static void
wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3025 wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
3026 const u8 *hdr, const u8 *buf, size_t len,
3027 unsigned int freq)
3028 {
3029 struct wpabuf *msg;
3030 unsigned int wait_time;
3031 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3032
3033 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR,
3034 MAC2STR(src));
3035
3036 if (!pkex || pkex->initiator || !pkex->exchange_done) {
3037 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3038 return;
3039 }
3040
3041 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len);
3042 if (!msg) {
3043 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request");
3044 if (pkex->failed) {
3045 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange");
3046 if (pkex->t > pkex->own_bi->pkex_t)
3047 pkex->own_bi->pkex_t = pkex->t;
3048 dpp_pkex_free(wpa_s->dpp_pkex);
3049 wpa_s->dpp_pkex = NULL;
3050 }
3051 return;
3052 }
3053
3054 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to "
3055 MACSTR, MAC2STR(src));
3056
3057 wait_time = wpa_s->max_remain_on_chan;
3058 if (wait_time > 2000)
3059 wait_time = 2000;
3060 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3061 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP);
3062 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
3063 broadcast,
3064 wpabuf_head(msg), wpabuf_len(msg),
3065 wait_time, wpas_dpp_tx_pkex_status, 0);
3066 wpabuf_free(msg);
3067
3068 wpas_dpp_pkex_finish(wpa_s, src, freq);
3069 wpa_s->dpp_pkex_wait_auth_req = true;
3070 }
3071
3072
3073 static void
wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3074 wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
3075 const u8 *hdr, const u8 *buf, size_t len,
3076 unsigned int freq)
3077 {
3078 int res;
3079 struct dpp_bootstrap_info *bi;
3080 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3081 char cmd[500];
3082
3083 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR,
3084 MAC2STR(src));
3085
3086 if (!pkex || !pkex->initiator || !pkex->exchange_done) {
3087 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3088 return;
3089 }
3090
3091 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len);
3092 if (res < 0) {
3093 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
3094 return;
3095 }
3096
3097 bi = wpas_dpp_pkex_finish(wpa_s, src, freq);
3098 if (!bi)
3099 return;
3100
3101 os_snprintf(cmd, sizeof(cmd), " peer=%u %s",
3102 bi->id,
3103 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : "");
3104 wpa_printf(MSG_DEBUG,
3105 "DPP: Start authentication after PKEX with parameters: %s",
3106 cmd);
3107 if (wpas_dpp_auth_init(wpa_s, cmd) < 0) {
3108 wpa_printf(MSG_DEBUG,
3109 "DPP: Authentication initialization failed");
3110 offchannel_send_action_done(wpa_s);
3111 return;
3112 }
3113 }
3114
3115
wpas_dpp_rx_action(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)3116 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src,
3117 const u8 *buf, size_t len, unsigned int freq)
3118 {
3119 u8 crypto_suite;
3120 enum dpp_public_action_frame_type type;
3121 const u8 *hdr;
3122 unsigned int pkex_t;
3123
3124 if (len < DPP_HDR_LEN)
3125 return;
3126 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE)
3127 return;
3128 hdr = buf;
3129 buf += 4;
3130 len -= 4;
3131 crypto_suite = *buf++;
3132 type = *buf++;
3133 len -= 2;
3134
3135 wpa_printf(MSG_DEBUG,
3136 "DPP: Received DPP Public Action frame crypto suite %u type %d from "
3137 MACSTR " freq=%u",
3138 crypto_suite, type, MAC2STR(src), freq);
3139 if (crypto_suite != 1) {
3140 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u",
3141 crypto_suite);
3142 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
3143 " freq=%u type=%d ignore=unsupported-crypto-suite",
3144 MAC2STR(src), freq, type);
3145 return;
3146 }
3147 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len);
3148 if (dpp_check_attrs(buf, len) < 0) {
3149 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
3150 " freq=%u type=%d ignore=invalid-attributes",
3151 MAC2STR(src), freq, type);
3152 return;
3153 }
3154 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d",
3155 MAC2STR(src), freq, type);
3156
3157 switch (type) {
3158 case DPP_PA_AUTHENTICATION_REQ:
3159 wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq);
3160 break;
3161 case DPP_PA_AUTHENTICATION_RESP:
3162 wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq);
3163 break;
3164 case DPP_PA_AUTHENTICATION_CONF:
3165 wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len);
3166 break;
3167 case DPP_PA_PEER_DISCOVERY_RESP:
3168 wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len);
3169 break;
3170 #ifdef CONFIG_DPP3
3171 case DPP_PA_PKEX_EXCHANGE_REQ:
3172 /* This is for PKEXv2, but for now, process only with
3173 * CONFIG_DPP3 to avoid issues with a capability that has not
3174 * been tested with other implementations. */
3175 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq, true);
3176 break;
3177 #endif /* CONFIG_DPP3 */
3178 case DPP_PA_PKEX_V1_EXCHANGE_REQ:
3179 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq,
3180 false);
3181 break;
3182 case DPP_PA_PKEX_EXCHANGE_RESP:
3183 wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq);
3184 break;
3185 case DPP_PA_PKEX_COMMIT_REVEAL_REQ:
3186 wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len,
3187 freq);
3188 break;
3189 case DPP_PA_PKEX_COMMIT_REVEAL_RESP:
3190 wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len,
3191 freq);
3192 break;
3193 #ifdef CONFIG_DPP2
3194 case DPP_PA_CONFIGURATION_RESULT:
3195 wpas_dpp_rx_conf_result(wpa_s, src, hdr, buf, len);
3196 break;
3197 case DPP_PA_CONNECTION_STATUS_RESULT:
3198 wpas_dpp_rx_conn_status_result(wpa_s, src, hdr, buf, len);
3199 break;
3200 case DPP_PA_PRESENCE_ANNOUNCEMENT:
3201 wpas_dpp_rx_presence_announcement(wpa_s, src, hdr, buf, len,
3202 freq);
3203 break;
3204 case DPP_PA_RECONFIG_ANNOUNCEMENT:
3205 wpas_dpp_rx_reconfig_announcement(wpa_s, src, hdr, buf, len,
3206 freq);
3207 break;
3208 case DPP_PA_RECONFIG_AUTH_REQ:
3209 wpas_dpp_rx_reconfig_auth_req(wpa_s, src, hdr, buf, len, freq);
3210 break;
3211 case DPP_PA_RECONFIG_AUTH_RESP:
3212 wpas_dpp_rx_reconfig_auth_resp(wpa_s, src, hdr, buf, len, freq);
3213 break;
3214 case DPP_PA_RECONFIG_AUTH_CONF:
3215 wpas_dpp_rx_reconfig_auth_conf(wpa_s, src, hdr, buf, len, freq);
3216 break;
3217 #endif /* CONFIG_DPP2 */
3218 default:
3219 wpa_printf(MSG_DEBUG,
3220 "DPP: Ignored unsupported frame subtype %d", type);
3221 break;
3222 }
3223
3224 if (wpa_s->dpp_pkex)
3225 pkex_t = wpa_s->dpp_pkex->t;
3226 else if (wpa_s->dpp_pkex_bi)
3227 pkex_t = wpa_s->dpp_pkex_bi->pkex_t;
3228 else
3229 pkex_t = 0;
3230 if (pkex_t >= PKEX_COUNTER_T_LIMIT) {
3231 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0");
3232 wpas_dpp_pkex_remove(wpa_s, "*");
3233 }
3234 }
3235
3236
wpas_dpp_gas_initial_resp_timeout(void * eloop_ctx,void * timeout_ctx)3237 static void wpas_dpp_gas_initial_resp_timeout(void *eloop_ctx,
3238 void *timeout_ctx)
3239 {
3240 struct wpa_supplicant *wpa_s = eloop_ctx;
3241 struct dpp_authentication *auth = wpa_s->dpp_auth;
3242
3243 if (!auth || !auth->waiting_config || !auth->config_resp_ctx)
3244 return;
3245
3246 wpa_printf(MSG_DEBUG,
3247 "DPP: No configuration available from upper layers - send initial response with comeback delay");
3248 gas_server_set_comeback_delay(wpa_s->gas_server, auth->config_resp_ctx,
3249 500);
3250 }
3251
3252
3253 static struct wpabuf *
wpas_dpp_gas_req_handler(void * ctx,void * resp_ctx,const u8 * sa,const u8 * query,size_t query_len,int * comeback_delay)3254 wpas_dpp_gas_req_handler(void *ctx, void *resp_ctx, const u8 *sa,
3255 const u8 *query, size_t query_len, int *comeback_delay)
3256 {
3257 struct wpa_supplicant *wpa_s = ctx;
3258 struct dpp_authentication *auth = wpa_s->dpp_auth;
3259 struct wpabuf *resp;
3260
3261 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR,
3262 MAC2STR(sa));
3263 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
3264 os_memcmp(sa, auth->peer_mac_addr, ETH_ALEN) != 0) {
3265 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
3266 return NULL;
3267 }
3268
3269 if (wpa_s->dpp_auth_ok_on_ack && auth->configurator) {
3270 wpa_printf(MSG_DEBUG,
3271 "DPP: Have not received ACK for Auth Confirm yet - assume it was received based on this GAS request");
3272 /* wpas_dpp_auth_success() would normally have been called from
3273 * TX status handler, but since there was no such handler call
3274 * yet, simply send out the event message and proceed with
3275 * exchange. */
3276 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_SUCCESS "init=1");
3277 wpa_s->dpp_auth_ok_on_ack = 0;
3278 }
3279
3280 wpa_hexdump(MSG_DEBUG,
3281 "DPP: Received Configuration Request (GAS Query Request)",
3282 query, query_len);
3283 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR,
3284 MAC2STR(sa));
3285 resp = dpp_conf_req_rx(auth, query, query_len);
3286
3287 auth->gas_server_ctx = resp_ctx;
3288
3289 #ifdef CONFIG_DPP2
3290 if (!resp && auth->waiting_cert) {
3291 wpa_printf(MSG_DEBUG, "DPP: Certificate not yet ready");
3292 auth->config_resp_ctx = resp_ctx;
3293 *comeback_delay = 500;
3294 return NULL;
3295 }
3296 #endif /* CONFIG_DPP2 */
3297
3298 if (!resp && auth->waiting_config &&
3299 (auth->peer_bi || auth->tmp_peer_bi)) {
3300 char *buf = NULL, *name = "";
3301 char band[200], *pos, *end;
3302 int i, res, *opclass = auth->e_band_support;
3303 char *mud_url = "N/A";
3304
3305 wpa_printf(MSG_DEBUG, "DPP: Configuration not yet ready");
3306 auth->config_resp_ctx = resp_ctx;
3307 *comeback_delay = -1;
3308 if (auth->e_name) {
3309 size_t len = os_strlen(auth->e_name);
3310
3311 buf = os_malloc(len * 4 + 1);
3312 if (buf) {
3313 printf_encode(buf, len * 4 + 1,
3314 (const u8 *) auth->e_name, len);
3315 name = buf;
3316 }
3317 }
3318 band[0] = '\0';
3319 pos = band;
3320 end = band + sizeof(band);
3321 for (i = 0; opclass && opclass[i]; i++) {
3322 res = os_snprintf(pos, end - pos, "%s%d",
3323 pos == band ? "" : ",", opclass[i]);
3324 if (os_snprintf_error(end - pos, res)) {
3325 *pos = '\0';
3326 break;
3327 }
3328 pos += res;
3329 }
3330 if (auth->e_mud_url) {
3331 size_t len = os_strlen(auth->e_mud_url);
3332
3333 if (!has_ctrl_char((const u8 *) auth->e_mud_url, len))
3334 mud_url = auth->e_mud_url;
3335 }
3336 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_NEEDED "peer=%d src="
3337 MACSTR " net_role=%s name=\"%s\" opclass=%s mud_url=%s",
3338 auth->peer_bi ? auth->peer_bi->id :
3339 auth->tmp_peer_bi->id, MAC2STR(sa),
3340 dpp_netrole_str(auth->e_netrole), name, band, mud_url);
3341 os_free(buf);
3342
3343 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s,
3344 NULL);
3345 eloop_register_timeout(0, 50000,
3346 wpas_dpp_gas_initial_resp_timeout, wpa_s,
3347 NULL);
3348 return NULL;
3349 }
3350
3351 auth->conf_resp = resp;
3352 if (!resp) {
3353 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
3354 dpp_auth_deinit(wpa_s->dpp_auth);
3355 wpa_s->dpp_auth = NULL;
3356 }
3357 return resp;
3358 }
3359
3360
3361 static void
wpas_dpp_gas_status_handler(void * ctx,struct wpabuf * resp,int ok)3362 wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok)
3363 {
3364 struct wpa_supplicant *wpa_s = ctx;
3365 struct dpp_authentication *auth = wpa_s->dpp_auth;
3366
3367 if (!auth) {
3368 wpabuf_free(resp);
3369 return;
3370 }
3371 if (auth->conf_resp != resp) {
3372 wpa_printf(MSG_DEBUG,
3373 "DPP: Ignore GAS status report (ok=%d) for unknown response",
3374 ok);
3375 wpabuf_free(resp);
3376 return;
3377 }
3378
3379 #ifdef CONFIG_DPP2
3380 if (auth->waiting_csr && ok) {
3381 wpa_printf(MSG_DEBUG, "DPP: Waiting for CSR");
3382 wpabuf_free(resp);
3383 return;
3384 }
3385 #endif /* CONFIG_DPP2 */
3386
3387 #ifdef CONFIG_DPP3
3388 if (auth->waiting_new_key && ok) {
3389 wpa_printf(MSG_DEBUG, "DPP: Waiting for a new key");
3390 wpabuf_free(resp);
3391 return;
3392 }
3393 #endif /* CONFIG_DPP3 */
3394
3395 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)",
3396 ok);
3397 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
3398 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
3399 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
3400 #ifdef CONFIG_DPP2
3401 if (ok && auth->peer_version >= 2 &&
3402 auth->conf_resp_status == DPP_STATUS_OK &&
3403 !auth->waiting_conf_result) {
3404 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result");
3405 auth->waiting_conf_result = 1;
3406 auth->conf_resp = NULL;
3407 wpabuf_free(resp);
3408 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
3409 wpa_s, NULL);
3410 eloop_register_timeout(2, 0,
3411 wpas_dpp_config_result_wait_timeout,
3412 wpa_s, NULL);
3413 return;
3414 }
3415 #endif /* CONFIG_DPP2 */
3416 offchannel_send_action_done(wpa_s);
3417 wpas_dpp_listen_stop(wpa_s);
3418 if (ok)
3419 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT);
3420 else
3421 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
3422 dpp_auth_deinit(wpa_s->dpp_auth);
3423 wpa_s->dpp_auth = NULL;
3424 wpabuf_free(resp);
3425 }
3426
3427
wpas_dpp_configurator_sign(struct wpa_supplicant * wpa_s,const char * cmd)3428 int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd)
3429 {
3430 struct dpp_authentication *auth;
3431 int ret = -1;
3432 char *curve = NULL;
3433
3434 auth = dpp_alloc_auth(wpa_s->dpp, wpa_s);
3435 if (!auth)
3436 return -1;
3437
3438 curve = get_param(cmd, " curve=");
3439 wpas_dpp_set_testing_options(wpa_s, auth);
3440 if (dpp_set_configurator(auth, cmd) == 0 &&
3441 dpp_configurator_own_config(auth, curve, 0) == 0)
3442 ret = wpas_dpp_handle_config_obj(wpa_s, auth,
3443 &auth->conf_obj[0]);
3444 if (!ret)
3445 wpas_dpp_post_process_config(wpa_s, auth);
3446
3447 dpp_auth_deinit(auth);
3448 os_free(curve);
3449
3450 return ret;
3451 }
3452
3453
3454 static void
wpas_dpp_tx_introduction_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3455 wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s,
3456 unsigned int freq, const u8 *dst,
3457 const u8 *src, const u8 *bssid,
3458 const u8 *data, size_t data_len,
3459 enum offchannel_send_action_result result)
3460 {
3461 const char *res_txt;
3462
3463 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
3464 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
3465 "FAILED");
3466 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
3467 " result=%s (DPP Peer Discovery Request)",
3468 freq, MAC2STR(dst), res_txt);
3469 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
3470 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
3471 /* TODO: Time out wait for response more quickly in error cases? */
3472 }
3473
3474
wpas_dpp_check_connect(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_bss * bss)3475 int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3476 struct wpa_bss *bss)
3477 {
3478 struct os_time now;
3479 struct wpabuf *msg;
3480 unsigned int wait_time;
3481 const u8 *rsn;
3482 struct wpa_ie_data ied;
3483 size_t len;
3484
3485 if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss)
3486 return 0; /* Not using DPP AKM - continue */
3487 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3488 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
3489 !(ied.key_mgmt & WPA_KEY_MGMT_DPP))
3490 return 0; /* AP does not support DPP AKM - continue */
3491 if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, ssid))
3492 return 0; /* PMKSA exists for DPP AKM - continue */
3493
3494 if (!ssid->dpp_connector || !ssid->dpp_netaccesskey ||
3495 !ssid->dpp_csign) {
3496 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
3497 "missing %s",
3498 !ssid->dpp_connector ? "Connector" :
3499 (!ssid->dpp_netaccesskey ? "netAccessKey" :
3500 "C-sign-key"));
3501 return -1;
3502 }
3503
3504 os_get_time(&now);
3505
3506 if (ssid->dpp_netaccesskey_expiry &&
3507 (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) {
3508 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
3509 "netAccessKey expired");
3510 return -1;
3511 }
3512
3513 wpa_printf(MSG_DEBUG,
3514 "DPP: Starting network introduction protocol to derive PMKSA for "
3515 MACSTR, MAC2STR(bss->bssid));
3516 if (wpa_s->wpa_state == WPA_SCANNING)
3517 wpa_supplicant_set_state(wpa_s, wpa_s->scan_prev_wpa_state);
3518
3519 len = 5 + 4 + os_strlen(ssid->dpp_connector);
3520 #ifdef CONFIG_DPP2
3521 len += 5;
3522 #endif /* CONFIG_DPP2 */
3523 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, len);
3524 if (!msg)
3525 return -1;
3526
3527 #ifdef CONFIG_TESTING_OPTIONS
3528 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) {
3529 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID");
3530 goto skip_trans_id;
3531 }
3532 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) {
3533 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID");
3534 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3535 wpabuf_put_le16(msg, 0);
3536 goto skip_trans_id;
3537 }
3538 #endif /* CONFIG_TESTING_OPTIONS */
3539
3540 /* Transaction ID */
3541 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3542 wpabuf_put_le16(msg, 1);
3543 wpabuf_put_u8(msg, TRANSACTION_ID);
3544
3545 #ifdef CONFIG_TESTING_OPTIONS
3546 skip_trans_id:
3547 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) {
3548 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector");
3549 goto skip_connector;
3550 }
3551 if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) {
3552 char *connector;
3553
3554 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector");
3555 connector = dpp_corrupt_connector_signature(
3556 ssid->dpp_connector);
3557 if (!connector) {
3558 wpabuf_free(msg);
3559 return -1;
3560 }
3561 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
3562 wpabuf_put_le16(msg, os_strlen(connector));
3563 wpabuf_put_str(msg, connector);
3564 os_free(connector);
3565 goto skip_connector;
3566 }
3567 #endif /* CONFIG_TESTING_OPTIONS */
3568
3569 /* DPP Connector */
3570 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
3571 wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector));
3572 wpabuf_put_str(msg, ssid->dpp_connector);
3573
3574 #ifdef CONFIG_TESTING_OPTIONS
3575 skip_connector:
3576 if (dpp_test == DPP_TEST_NO_PROTOCOL_VERSION_PEER_DISC_REQ) {
3577 wpa_printf(MSG_INFO, "DPP: TESTING - no Protocol Version");
3578 goto skip_proto_ver;
3579 }
3580 #endif /* CONFIG_TESTING_OPTIONS */
3581
3582 #ifdef CONFIG_DPP2
3583 if (DPP_VERSION > 1) {
3584 u8 ver = DPP_VERSION;
3585 #ifdef CONFIG_DPP3
3586 int conn_ver;
3587
3588 conn_ver = dpp_get_connector_version(ssid->dpp_connector);
3589 if (conn_ver > 0 && ver != conn_ver) {
3590 wpa_printf(MSG_DEBUG,
3591 "DPP: Use Connector version %d instead of current protocol version %d",
3592 conn_ver, ver);
3593 ver = conn_ver;
3594 }
3595 #endif /* CONFIG_DPP3 */
3596
3597 #ifdef CONFIG_TESTING_OPTIONS
3598 if (dpp_test == DPP_TEST_INVALID_PROTOCOL_VERSION_PEER_DISC_REQ) {
3599 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Protocol Version");
3600 ver = 1;
3601 }
3602 #endif /* CONFIG_TESTING_OPTIONS */
3603
3604 /* Protocol Version */
3605 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
3606 wpabuf_put_le16(msg, 1);
3607 wpabuf_put_u8(msg, ver);
3608 }
3609 #endif /* CONFIG_DPP2 */
3610
3611 #ifdef CONFIG_TESTING_OPTIONS
3612 skip_proto_ver:
3613 #endif /* CONFIG_TESTING_OPTIONS */
3614
3615 /* TODO: Timeout on AP response */
3616 wait_time = wpa_s->max_remain_on_chan;
3617 if (wait_time > 2000)
3618 wait_time = 2000;
3619 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3620 MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ);
3621 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr,
3622 broadcast,
3623 wpabuf_head(msg), wpabuf_len(msg),
3624 wait_time, wpas_dpp_tx_introduction_status, 0);
3625 wpabuf_free(msg);
3626
3627 /* Request this connection attempt to terminate - new one will be
3628 * started when network introduction protocol completes */
3629 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN);
3630 wpa_s->dpp_intro_network = ssid;
3631 return 1;
3632 }
3633
3634
wpas_dpp_pkex_add(struct wpa_supplicant * wpa_s,const char * cmd)3635 int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd)
3636 {
3637 struct dpp_bootstrap_info *own_bi;
3638 const char *pos, *end;
3639 #ifdef CONFIG_DPP3
3640 enum dpp_pkex_ver ver = PKEX_VER_AUTO;
3641 #else /* CONFIG_DPP3 */
3642 enum dpp_pkex_ver ver = PKEX_VER_ONLY_1;
3643 #endif /* CONFIG_DPP3 */
3644 int tcp_port = DPP_TCP_PORT;
3645 struct hostapd_ip_addr *ipaddr = NULL;
3646 #ifdef CONFIG_DPP2
3647 struct hostapd_ip_addr ipaddr_buf;
3648 char *addr;
3649
3650 pos = os_strstr(cmd, " tcp_port=");
3651 if (pos) {
3652 pos += 10;
3653 tcp_port = atoi(pos);
3654 }
3655
3656 addr = get_param(cmd, " tcp_addr=");
3657 if (addr) {
3658 int res;
3659
3660 res = hostapd_parse_ip_addr(addr, &ipaddr_buf);
3661 os_free(addr);
3662 if (res)
3663 return -1;
3664 ipaddr = &ipaddr_buf;
3665 }
3666 #endif /* CONFIG_DPP2 */
3667
3668 pos = os_strstr(cmd, " own=");
3669 if (!pos)
3670 return -1;
3671 pos += 5;
3672 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
3673 if (!own_bi) {
3674 wpa_printf(MSG_DEBUG,
3675 "DPP: Identified bootstrap info not found");
3676 return -1;
3677 }
3678 if (own_bi->type != DPP_BOOTSTRAP_PKEX) {
3679 wpa_printf(MSG_DEBUG,
3680 "DPP: Identified bootstrap info not for PKEX");
3681 return -1;
3682 }
3683 wpa_s->dpp_pkex_bi = own_bi;
3684 own_bi->pkex_t = 0; /* clear pending errors on new code */
3685
3686 os_free(wpa_s->dpp_pkex_identifier);
3687 wpa_s->dpp_pkex_identifier = NULL;
3688 pos = os_strstr(cmd, " identifier=");
3689 if (pos) {
3690 pos += 12;
3691 end = os_strchr(pos, ' ');
3692 if (!end)
3693 return -1;
3694 wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1);
3695 if (!wpa_s->dpp_pkex_identifier)
3696 return -1;
3697 os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos);
3698 wpa_s->dpp_pkex_identifier[end - pos] = '\0';
3699 }
3700
3701 pos = os_strstr(cmd, " code=");
3702 if (!pos)
3703 return -1;
3704 os_free(wpa_s->dpp_pkex_code);
3705 wpa_s->dpp_pkex_code = os_strdup(pos + 6);
3706 if (!wpa_s->dpp_pkex_code)
3707 return -1;
3708
3709 pos = os_strstr(cmd, " ver=");
3710 if (pos) {
3711 int v;
3712
3713 pos += 5;
3714 v = atoi(pos);
3715 if (v == 1)
3716 ver = PKEX_VER_ONLY_1;
3717 else if (v == 2)
3718 ver = PKEX_VER_ONLY_2;
3719 else
3720 return -1;
3721 }
3722 wpa_s->dpp_pkex_ver = ver;
3723
3724 if (os_strstr(cmd, " init=1")) {
3725 if (wpas_dpp_pkex_init(wpa_s, ver, ipaddr, tcp_port) < 0)
3726 return -1;
3727 } else {
3728 #ifdef CONFIG_DPP2
3729 dpp_controller_pkex_add(wpa_s->dpp, own_bi,
3730 wpa_s->dpp_pkex_code,
3731 wpa_s->dpp_pkex_identifier);
3732 #endif /* CONFIG_DPP2 */
3733 }
3734
3735 /* TODO: Support multiple PKEX info entries */
3736
3737 os_free(wpa_s->dpp_pkex_auth_cmd);
3738 wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd);
3739
3740 return 1;
3741 }
3742
3743
wpas_dpp_pkex_remove(struct wpa_supplicant * wpa_s,const char * id)3744 int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id)
3745 {
3746 unsigned int id_val;
3747
3748 if (os_strcmp(id, "*") == 0) {
3749 id_val = 0;
3750 } else {
3751 id_val = atoi(id);
3752 if (id_val == 0)
3753 return -1;
3754 }
3755
3756 if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code)
3757 return -1;
3758
3759 /* TODO: Support multiple PKEX entries */
3760 os_free(wpa_s->dpp_pkex_code);
3761 wpa_s->dpp_pkex_code = NULL;
3762 os_free(wpa_s->dpp_pkex_identifier);
3763 wpa_s->dpp_pkex_identifier = NULL;
3764 os_free(wpa_s->dpp_pkex_auth_cmd);
3765 wpa_s->dpp_pkex_auth_cmd = NULL;
3766 wpa_s->dpp_pkex_bi = NULL;
3767 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */
3768 dpp_pkex_free(wpa_s->dpp_pkex);
3769 wpa_s->dpp_pkex = NULL;
3770 return 0;
3771 }
3772
3773
wpas_dpp_stop(struct wpa_supplicant * wpa_s)3774 void wpas_dpp_stop(struct wpa_supplicant *wpa_s)
3775 {
3776 if (wpa_s->dpp_auth || wpa_s->dpp_pkex || wpa_s->dpp_pkex_wait_auth_req)
3777 offchannel_send_action_done(wpa_s);
3778 dpp_auth_deinit(wpa_s->dpp_auth);
3779 wpa_s->dpp_auth = NULL;
3780 dpp_pkex_free(wpa_s->dpp_pkex);
3781 wpa_s->dpp_pkex = NULL;
3782 wpa_s->dpp_pkex_wait_auth_req = false;
3783 if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0)
3784 gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token);
3785 }
3786
3787
wpas_dpp_init(struct wpa_supplicant * wpa_s)3788 int wpas_dpp_init(struct wpa_supplicant *wpa_s)
3789 {
3790 struct dpp_global_config config;
3791 u8 adv_proto_id[7];
3792
3793 adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC;
3794 adv_proto_id[1] = 5;
3795 WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA);
3796 adv_proto_id[5] = DPP_OUI_TYPE;
3797 adv_proto_id[6] = 0x01;
3798
3799 if (gas_server_register(wpa_s->gas_server, adv_proto_id,
3800 sizeof(adv_proto_id), wpas_dpp_gas_req_handler,
3801 wpas_dpp_gas_status_handler, wpa_s) < 0)
3802 return -1;
3803
3804 os_memset(&config, 0, sizeof(config));
3805 config.cb_ctx = wpa_s;
3806 #ifdef CONFIG_DPP2
3807 config.remove_bi = wpas_dpp_remove_bi;
3808 #endif /* CONFIG_DPP2 */
3809 wpa_s->dpp = dpp_global_init(&config);
3810 return wpa_s->dpp ? 0 : -1;
3811 }
3812
3813
wpas_dpp_deinit(struct wpa_supplicant * wpa_s)3814 void wpas_dpp_deinit(struct wpa_supplicant *wpa_s)
3815 {
3816 #ifdef CONFIG_TESTING_OPTIONS
3817 os_free(wpa_s->dpp_config_obj_override);
3818 wpa_s->dpp_config_obj_override = NULL;
3819 os_free(wpa_s->dpp_discovery_override);
3820 wpa_s->dpp_discovery_override = NULL;
3821 os_free(wpa_s->dpp_groups_override);
3822 wpa_s->dpp_groups_override = NULL;
3823 wpa_s->dpp_ignore_netaccesskey_mismatch = 0;
3824 #endif /* CONFIG_TESTING_OPTIONS */
3825 if (!wpa_s->dpp)
3826 return;
3827 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
3828 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
3829 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
3830 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
3831 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
3832 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s, NULL);
3833 eloop_cancel_timeout(wpas_dpp_gas_client_timeout, wpa_s, NULL);
3834 #ifdef CONFIG_DPP2
3835 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
3836 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
3837 wpa_s, NULL);
3838 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
3839 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
3840 wpa_s, NULL);
3841 eloop_cancel_timeout(wpas_dpp_build_csr, wpa_s, NULL);
3842 dpp_pfs_free(wpa_s->dpp_pfs);
3843 wpa_s->dpp_pfs = NULL;
3844 wpas_dpp_chirp_stop(wpa_s);
3845 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
3846 wpa_s->dpp_reconfig_id = NULL;
3847 #endif /* CONFIG_DPP2 */
3848 #ifdef CONFIG_DPP3
3849 eloop_cancel_timeout(wpas_dpp_build_new_key, wpa_s, NULL);
3850 #endif /* CONFIG_DPP3 */
3851 offchannel_send_action_done(wpa_s);
3852 wpas_dpp_listen_stop(wpa_s);
3853 wpas_dpp_stop(wpa_s);
3854 wpas_dpp_pkex_remove(wpa_s, "*");
3855 os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN);
3856 os_free(wpa_s->dpp_configurator_params);
3857 wpa_s->dpp_configurator_params = NULL;
3858 dpp_global_clear(wpa_s->dpp);
3859 }
3860
3861
wpas_dpp_build_conf_resp(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,bool tcp)3862 static int wpas_dpp_build_conf_resp(struct wpa_supplicant *wpa_s,
3863 struct dpp_authentication *auth, bool tcp)
3864 {
3865 struct wpabuf *resp;
3866
3867 resp = dpp_build_conf_resp(auth, auth->e_nonce, auth->curve->nonce_len,
3868 auth->e_netrole, true);
3869 if (!resp)
3870 return -1;
3871
3872 if (tcp) {
3873 auth->conf_resp_tcp = resp;
3874 return 0;
3875 }
3876
3877 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s, NULL);
3878 if (gas_server_set_resp(wpa_s->gas_server, auth->config_resp_ctx,
3879 resp) < 0) {
3880 wpa_printf(MSG_DEBUG,
3881 "DPP: Could not find pending GAS response");
3882 wpabuf_free(resp);
3883 return -1;
3884 }
3885 auth->conf_resp = resp;
3886 return 0;
3887 }
3888
3889
wpas_dpp_conf_set(struct wpa_supplicant * wpa_s,const char * cmd)3890 int wpas_dpp_conf_set(struct wpa_supplicant *wpa_s, const char *cmd)
3891 {
3892 int peer;
3893 const char *pos;
3894 struct dpp_authentication *auth = wpa_s->dpp_auth;
3895 bool tcp = false;
3896
3897 pos = os_strstr(cmd, " peer=");
3898 if (!pos)
3899 return -1;
3900 peer = atoi(pos + 6);
3901 #ifdef CONFIG_DPP2
3902 if (!auth || !auth->waiting_config ||
3903 (auth->peer_bi &&
3904 (unsigned int) peer != auth->peer_bi->id)) {
3905 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
3906 tcp = true;
3907 }
3908 #endif /* CONFIG_DPP2 */
3909
3910 if (!auth || !auth->waiting_config) {
3911 wpa_printf(MSG_DEBUG,
3912 "DPP: No authentication exchange waiting for configuration information");
3913 return -1;
3914 }
3915
3916 if ((!auth->peer_bi ||
3917 (unsigned int) peer != auth->peer_bi->id) &&
3918 (!auth->tmp_peer_bi ||
3919 (unsigned int) peer != auth->tmp_peer_bi->id)) {
3920 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
3921 return -1;
3922 }
3923
3924 pos = os_strstr(cmd, " comeback=");
3925 if (pos) {
3926 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s,
3927 NULL);
3928 gas_server_set_comeback_delay(wpa_s->gas_server,
3929 auth->config_resp_ctx,
3930 atoi(pos + 10));
3931 return 0;
3932 }
3933
3934 if (dpp_set_configurator(auth, cmd) < 0)
3935 return -1;
3936
3937 auth->use_config_query = false;
3938 auth->waiting_config = false;
3939 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
3940 }
3941
3942
3943 #ifdef CONFIG_DPP2
3944
wpas_dpp_controller_start(struct wpa_supplicant * wpa_s,const char * cmd)3945 int wpas_dpp_controller_start(struct wpa_supplicant *wpa_s, const char *cmd)
3946 {
3947 struct dpp_controller_config config;
3948 const char *pos;
3949
3950 os_memset(&config, 0, sizeof(config));
3951 config.allowed_roles = DPP_CAPAB_ENROLLEE | DPP_CAPAB_CONFIGURATOR;
3952 config.netrole = DPP_NETROLE_STA;
3953 config.msg_ctx = wpa_s;
3954 config.cb_ctx = wpa_s;
3955 config.process_conf_obj = wpas_dpp_process_conf_obj;
3956 config.tcp_msg_sent = wpas_dpp_tcp_msg_sent;
3957 if (cmd) {
3958 pos = os_strstr(cmd, " tcp_port=");
3959 if (pos) {
3960 pos += 10;
3961 config.tcp_port = atoi(pos);
3962 }
3963
3964 pos = os_strstr(cmd, " role=");
3965 if (pos) {
3966 pos += 6;
3967 if (os_strncmp(pos, "configurator", 12) == 0)
3968 config.allowed_roles = DPP_CAPAB_CONFIGURATOR;
3969 else if (os_strncmp(pos, "enrollee", 8) == 0)
3970 config.allowed_roles = DPP_CAPAB_ENROLLEE;
3971 else if (os_strncmp(pos, "either", 6) == 0)
3972 config.allowed_roles = DPP_CAPAB_CONFIGURATOR |
3973 DPP_CAPAB_ENROLLEE;
3974 else
3975 return -1;
3976 }
3977
3978 config.qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
3979 }
3980 config.configurator_params = wpa_s->dpp_configurator_params;
3981 return dpp_controller_start(wpa_s->dpp, &config);
3982 }
3983
3984
3985 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx);
3986
wpas_dpp_chirp_timeout(void * eloop_ctx,void * timeout_ctx)3987 static void wpas_dpp_chirp_timeout(void *eloop_ctx, void *timeout_ctx)
3988 {
3989 struct wpa_supplicant *wpa_s = eloop_ctx;
3990
3991 wpa_printf(MSG_DEBUG, "DPP: No chirp response received");
3992 offchannel_send_action_done(wpa_s);
3993 wpas_dpp_chirp_next(wpa_s, NULL);
3994 }
3995
3996
wpas_dpp_chirp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3997 static void wpas_dpp_chirp_tx_status(struct wpa_supplicant *wpa_s,
3998 unsigned int freq, const u8 *dst,
3999 const u8 *src, const u8 *bssid,
4000 const u8 *data, size_t data_len,
4001 enum offchannel_send_action_result result)
4002 {
4003 if (result == OFFCHANNEL_SEND_ACTION_FAILED) {
4004 wpa_printf(MSG_DEBUG, "DPP: Failed to send chirp on %d MHz",
4005 wpa_s->dpp_chirp_freq);
4006 if (eloop_register_timeout(0, 0, wpas_dpp_chirp_next,
4007 wpa_s, NULL) < 0)
4008 wpas_dpp_chirp_stop(wpa_s);
4009 return;
4010 }
4011
4012 wpa_printf(MSG_DEBUG, "DPP: Chirp send completed - wait for response");
4013 #ifdef __ZEPHYR__
4014 if (eloop_register_timeout(5, 0, wpas_dpp_chirp_timeout,
4015 wpa_s, NULL) < 0)
4016 #else
4017 if (eloop_register_timeout(2, 0, wpas_dpp_chirp_timeout,
4018 wpa_s, NULL) < 0)
4019 #endif
4020 wpas_dpp_chirp_stop(wpa_s);
4021 }
4022
4023
wpas_dpp_chirp_start(struct wpa_supplicant * wpa_s)4024 static void wpas_dpp_chirp_start(struct wpa_supplicant *wpa_s)
4025 {
4026 struct wpabuf *msg, *announce = NULL;
4027 int type;
4028
4029 msg = wpa_s->dpp_presence_announcement;
4030 type = DPP_PA_PRESENCE_ANNOUNCEMENT;
4031 if (!msg) {
4032 struct wpa_ssid *ssid = wpa_s->dpp_reconfig_ssid;
4033
4034 if (ssid && wpa_s->dpp_reconfig_id &&
4035 wpa_config_get_network(wpa_s->conf,
4036 wpa_s->dpp_reconfig_ssid_id) ==
4037 ssid) {
4038 announce = dpp_build_reconfig_announcement(
4039 ssid->dpp_csign,
4040 ssid->dpp_csign_len,
4041 ssid->dpp_netaccesskey,
4042 ssid->dpp_netaccesskey_len,
4043 wpa_s->dpp_reconfig_id);
4044 msg = announce;
4045 }
4046 if (!msg)
4047 return;
4048 type = DPP_PA_RECONFIG_ANNOUNCEMENT;
4049 }
4050 wpa_printf(MSG_DEBUG, "DPP: Chirp on %d MHz", wpa_s->dpp_chirp_freq);
4051 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
4052 MAC2STR(broadcast), wpa_s->dpp_chirp_freq, type);
4053 if (offchannel_send_action(
4054 wpa_s, wpa_s->dpp_chirp_freq, broadcast,
4055 wpa_s->own_addr, broadcast,
4056 wpabuf_head(msg), wpabuf_len(msg),
4057 2000, wpas_dpp_chirp_tx_status, 0) < 0)
4058 wpas_dpp_chirp_stop(wpa_s);
4059
4060 wpabuf_free(announce);
4061 }
4062
4063
wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant * wpa_s,struct wpa_scan_results * scan_res)4064 static void wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant *wpa_s,
4065 struct wpa_scan_results *scan_res)
4066 {
4067 struct dpp_bootstrap_info *bi = wpa_s->dpp_chirp_bi;
4068 unsigned int i;
4069 struct hostapd_hw_modes *mode;
4070 int c;
4071 struct wpa_bss *bss;
4072 bool chan6 = wpa_s->hw.modes == NULL;
4073
4074 if (!bi && !wpa_s->dpp_reconfig_ssid)
4075 return;
4076
4077 wpa_s->dpp_chirp_scan_done = 1;
4078
4079 os_free(wpa_s->dpp_chirp_freqs);
4080 wpa_s->dpp_chirp_freqs = NULL;
4081
4082 /* Channels from own bootstrapping info */
4083 if (bi) {
4084 for (i = 0; i < bi->num_freq; i++)
4085 int_array_add_unique(&wpa_s->dpp_chirp_freqs,
4086 bi->freq[i]);
4087 }
4088
4089 /* Preferred chirping channels */
4090 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
4091 HOSTAPD_MODE_IEEE80211G, false);
4092 if (mode) {
4093 for (c = 0; c < mode->num_channels; c++) {
4094 struct hostapd_channel_data *chan = &mode->channels[c];
4095
4096 if ((chan->flag & HOSTAPD_CHAN_DISABLED) ||
4097 chan->freq != 2437)
4098 continue;
4099 chan6 = true;
4100 break;
4101 }
4102 }
4103 if (chan6)
4104 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 2437);
4105
4106 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
4107 HOSTAPD_MODE_IEEE80211A, false);
4108 if (mode) {
4109 int chan44 = 0, chan149 = 0;
4110
4111 for (c = 0; c < mode->num_channels; c++) {
4112 struct hostapd_channel_data *chan = &mode->channels[c];
4113
4114 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
4115 HOSTAPD_CHAN_RADAR))
4116 continue;
4117 if (chan->freq == 5220)
4118 chan44 = 1;
4119 if (chan->freq == 5745)
4120 chan149 = 1;
4121 }
4122 if (chan149)
4123 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5745);
4124 else if (chan44)
4125 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 5220);
4126 }
4127
4128 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
4129 HOSTAPD_MODE_IEEE80211AD, false);
4130 if (mode) {
4131 for (c = 0; c < mode->num_channels; c++) {
4132 struct hostapd_channel_data *chan = &mode->channels[c];
4133
4134 if ((chan->flag & (HOSTAPD_CHAN_DISABLED |
4135 HOSTAPD_CHAN_RADAR)) ||
4136 chan->freq != 60480)
4137 continue;
4138 int_array_add_unique(&wpa_s->dpp_chirp_freqs, 60480);
4139 break;
4140 }
4141 }
4142
4143 /* Add channels from scan results for APs that advertise Configurator
4144 * Connectivity element */
4145 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4146 if (wpa_bss_get_vendor_ie(bss, DPP_CC_IE_VENDOR_TYPE))
4147 int_array_add_unique(&wpa_s->dpp_chirp_freqs,
4148 bss->freq);
4149 }
4150
4151 if (!wpa_s->dpp_chirp_freqs ||
4152 eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL) < 0)
4153 wpas_dpp_chirp_stop(wpa_s);
4154 }
4155
4156
wpas_dpp_chirp_next(void * eloop_ctx,void * timeout_ctx)4157 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx)
4158 {
4159 struct wpa_supplicant *wpa_s = eloop_ctx;
4160 int i;
4161
4162 if (wpa_s->dpp_chirp_listen)
4163 wpas_dpp_listen_stop(wpa_s);
4164
4165 if (wpa_s->dpp_chirp_freq == 0) {
4166 if (wpa_s->dpp_chirp_round % 4 == 0 &&
4167 !wpa_s->dpp_chirp_scan_done) {
4168 if (wpas_scan_scheduled(wpa_s)) {
4169 wpa_printf(MSG_DEBUG,
4170 "DPP: Deferring chirp scan because another scan is planned already");
4171 if (eloop_register_timeout(1, 0,
4172 wpas_dpp_chirp_next,
4173 wpa_s, NULL) < 0) {
4174 wpas_dpp_chirp_stop(wpa_s);
4175 return;
4176 }
4177 return;
4178 }
4179 wpa_printf(MSG_DEBUG,
4180 "DPP: Update channel list for chirping");
4181 wpa_s->scan_req = MANUAL_SCAN_REQ;
4182 wpa_s->scan_res_handler =
4183 wpas_dpp_chirp_scan_res_handler;
4184 wpa_supplicant_req_scan(wpa_s, 0, 0);
4185 return;
4186 }
4187 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[0];
4188 wpa_s->dpp_chirp_round++;
4189 wpa_printf(MSG_DEBUG, "DPP: Start chirping round %d",
4190 wpa_s->dpp_chirp_round);
4191 } else {
4192 for (i = 0; wpa_s->dpp_chirp_freqs[i]; i++)
4193 if (wpa_s->dpp_chirp_freqs[i] == wpa_s->dpp_chirp_freq)
4194 break;
4195 if (!wpa_s->dpp_chirp_freqs[i]) {
4196 wpa_printf(MSG_DEBUG,
4197 "DPP: Previous chirp freq %d not found",
4198 wpa_s->dpp_chirp_freq);
4199 return;
4200 }
4201 i++;
4202 if (wpa_s->dpp_chirp_freqs[i]) {
4203 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[i];
4204 } else {
4205 wpa_s->dpp_chirp_iter--;
4206 if (wpa_s->dpp_chirp_iter <= 0) {
4207 wpa_printf(MSG_DEBUG,
4208 "DPP: Chirping iterations completed");
4209 wpas_dpp_chirp_stop(wpa_s);
4210 return;
4211 }
4212 wpa_s->dpp_chirp_freq = 0;
4213 wpa_s->dpp_chirp_scan_done = 0;
4214 if (eloop_register_timeout(30, 0, wpas_dpp_chirp_next,
4215 wpa_s, NULL) < 0) {
4216 wpas_dpp_chirp_stop(wpa_s);
4217 return;
4218 }
4219 if (wpa_s->dpp_chirp_listen) {
4220 wpa_printf(MSG_DEBUG,
4221 "DPP: Listen on %d MHz during chirp 30 second wait",
4222 wpa_s->dpp_chirp_listen);
4223 wpas_dpp_listen_start(wpa_s,
4224 wpa_s->dpp_chirp_listen);
4225 } else {
4226 wpa_printf(MSG_DEBUG,
4227 "DPP: Wait 30 seconds before starting the next chirping round");
4228 }
4229 return;
4230 }
4231 }
4232
4233 wpas_dpp_chirp_start(wpa_s);
4234 }
4235
4236
wpas_dpp_chirp(struct wpa_supplicant * wpa_s,const char * cmd)4237 int wpas_dpp_chirp(struct wpa_supplicant *wpa_s, const char *cmd)
4238 {
4239 const char *pos;
4240 int iter = 1, listen_freq = 0;
4241 struct dpp_bootstrap_info *bi;
4242
4243 pos = os_strstr(cmd, " own=");
4244 if (!pos)
4245 return -1;
4246 pos += 5;
4247 bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
4248 if (!bi) {
4249 wpa_printf(MSG_DEBUG,
4250 "DPP: Identified bootstrap info not found");
4251 return -1;
4252 }
4253
4254 pos = os_strstr(cmd, " iter=");
4255 if (pos) {
4256 iter = atoi(pos + 6);
4257 if (iter <= 0)
4258 return -1;
4259 }
4260
4261 pos = os_strstr(cmd, " listen=");
4262 if (pos) {
4263 listen_freq = atoi(pos + 8);
4264 if (listen_freq <= 0)
4265 return -1;
4266 }
4267
4268 wpas_dpp_chirp_stop(wpa_s);
4269 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
4270 wpa_s->dpp_netrole = DPP_NETROLE_STA;
4271 wpa_s->dpp_qr_mutual = 0;
4272 wpa_s->dpp_chirp_bi = bi;
4273 wpa_s->dpp_presence_announcement = dpp_build_presence_announcement(bi);
4274 if (!wpa_s->dpp_presence_announcement)
4275 return -1;
4276 wpa_s->dpp_chirp_iter = iter;
4277 wpa_s->dpp_chirp_round = 0;
4278 wpa_s->dpp_chirp_scan_done = 0;
4279 wpa_s->dpp_chirp_listen = listen_freq;
4280
4281 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
4282 }
4283
4284
wpas_dpp_chirp_stop(struct wpa_supplicant * wpa_s)4285 void wpas_dpp_chirp_stop(struct wpa_supplicant *wpa_s)
4286 {
4287 if (wpa_s->dpp_presence_announcement ||
4288 wpa_s->dpp_reconfig_ssid) {
4289 offchannel_send_action_done(wpa_s);
4290 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CHIRP_STOPPED);
4291 }
4292 wpa_s->dpp_chirp_bi = NULL;
4293 wpabuf_free(wpa_s->dpp_presence_announcement);
4294 wpa_s->dpp_presence_announcement = NULL;
4295 if (wpa_s->dpp_chirp_listen)
4296 wpas_dpp_listen_stop(wpa_s);
4297 wpa_s->dpp_chirp_listen = 0;
4298 wpa_s->dpp_chirp_freq = 0;
4299 os_free(wpa_s->dpp_chirp_freqs);
4300 wpa_s->dpp_chirp_freqs = NULL;
4301 eloop_cancel_timeout(wpas_dpp_chirp_next, wpa_s, NULL);
4302 eloop_cancel_timeout(wpas_dpp_chirp_timeout, wpa_s, NULL);
4303 if (wpa_s->scan_res_handler == wpas_dpp_chirp_scan_res_handler) {
4304 wpas_abort_ongoing_scan(wpa_s);
4305 wpa_s->scan_res_handler = NULL;
4306 }
4307 }
4308
4309
wpas_dpp_reconfig(struct wpa_supplicant * wpa_s,const char * cmd)4310 int wpas_dpp_reconfig(struct wpa_supplicant *wpa_s, const char *cmd)
4311 {
4312 struct wpa_ssid *ssid;
4313 int iter = 1;
4314 const char *pos;
4315
4316 ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd));
4317 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
4318 !ssid->dpp_csign) {
4319 wpa_printf(MSG_DEBUG,
4320 "DPP: Not a valid network profile for reconfiguration");
4321 return -1;
4322 }
4323
4324 pos = os_strstr(cmd, " iter=");
4325 if (pos) {
4326 iter = atoi(pos + 6);
4327 if (iter <= 0)
4328 return -1;
4329 }
4330
4331 if (wpa_s->dpp_auth) {
4332 wpa_printf(MSG_DEBUG,
4333 "DPP: Not ready to start reconfiguration - pending authentication exchange in progress");
4334 return -1;
4335 }
4336
4337 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
4338 wpa_s->dpp_reconfig_id = dpp_gen_reconfig_id(ssid->dpp_csign,
4339 ssid->dpp_csign_len,
4340 ssid->dpp_pp_key,
4341 ssid->dpp_pp_key_len);
4342 if (!wpa_s->dpp_reconfig_id) {
4343 wpa_printf(MSG_DEBUG,
4344 "DPP: Failed to generate E-id for reconfiguration");
4345 return -1;
4346 }
4347 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4348 wpa_printf(MSG_DEBUG, "DPP: Disconnect for reconfiguration");
4349 wpa_s->own_disconnect_req = 1;
4350 wpa_supplicant_deauthenticate(
4351 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4352 }
4353 wpas_dpp_chirp_stop(wpa_s);
4354 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
4355 wpa_s->dpp_netrole = DPP_NETROLE_STA;
4356 wpa_s->dpp_qr_mutual = 0;
4357 wpa_s->dpp_reconfig_ssid = ssid;
4358 wpa_s->dpp_reconfig_ssid_id = ssid->id;
4359 wpa_s->dpp_chirp_iter = iter;
4360 wpa_s->dpp_chirp_round = 0;
4361 wpa_s->dpp_chirp_scan_done = 0;
4362 wpa_s->dpp_chirp_listen = 0;
4363
4364 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
4365 }
4366
4367
wpas_dpp_ca_set(struct wpa_supplicant * wpa_s,const char * cmd)4368 int wpas_dpp_ca_set(struct wpa_supplicant *wpa_s, const char *cmd)
4369 {
4370 int peer = -1;
4371 const char *pos, *value;
4372 struct dpp_authentication *auth = wpa_s->dpp_auth;
4373 u8 *bin;
4374 size_t bin_len;
4375 struct wpabuf *buf;
4376 bool tcp = false;
4377
4378 pos = os_strstr(cmd, " peer=");
4379 if (pos) {
4380 peer = atoi(pos + 6);
4381 if (!auth || !auth->waiting_cert ||
4382 (auth->peer_bi &&
4383 (unsigned int) peer != auth->peer_bi->id)) {
4384 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
4385 tcp = true;
4386 }
4387 }
4388
4389 if (!auth || !auth->waiting_cert) {
4390 wpa_printf(MSG_DEBUG,
4391 "DPP: No authentication exchange waiting for certificate information");
4392 return -1;
4393 }
4394
4395 if (peer >= 0 &&
4396 (!auth->peer_bi ||
4397 (unsigned int) peer != auth->peer_bi->id) &&
4398 (!auth->tmp_peer_bi ||
4399 (unsigned int) peer != auth->tmp_peer_bi->id)) {
4400 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
4401 return -1;
4402 }
4403
4404 pos = os_strstr(cmd, " value=");
4405 if (!pos)
4406 return -1;
4407 value = pos + 7;
4408
4409 pos = os_strstr(cmd, " name=");
4410 if (!pos)
4411 return -1;
4412 pos += 6;
4413
4414 if (os_strncmp(pos, "status ", 7) == 0) {
4415 auth->force_conf_resp_status = atoi(value);
4416 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
4417 }
4418
4419 if (os_strncmp(pos, "trustedEapServerName ", 21) == 0) {
4420 os_free(auth->trusted_eap_server_name);
4421 auth->trusted_eap_server_name = os_strdup(value);
4422 return auth->trusted_eap_server_name ? 0 : -1;
4423 }
4424
4425 bin = base64_decode(value, os_strlen(value), &bin_len);
4426 if (!bin)
4427 return -1;
4428 buf = wpabuf_alloc_copy(bin, bin_len);
4429 os_free(bin);
4430
4431 if (os_strncmp(pos, "caCert ", 7) == 0) {
4432 wpabuf_free(auth->cacert);
4433 auth->cacert = buf;
4434 return 0;
4435 }
4436
4437 if (os_strncmp(pos, "certBag ", 8) == 0) {
4438 wpabuf_free(auth->certbag);
4439 auth->certbag = buf;
4440 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
4441 }
4442
4443 wpabuf_free(buf);
4444 return -1;
4445 }
4446
4447 #endif /* CONFIG_DPP2 */
4448
