1 /*
2 * wpa_supplicant - DPP
3 * Copyright (c) 2017, Qualcomm Atheros, Inc.
4 * Copyright (c) 2018-2020, The Linux Foundation
5 * Copyright (c) 2021-2022, Qualcomm Innovation Center, Inc.
6 *
7 * This software may be distributed under the terms of the BSD license.
8 * See README for more details.
9 */
10
11 #include "utils/includes.h"
12
13 #include "utils/common.h"
14 #include "utils/eloop.h"
15 #include "utils/ip_addr.h"
16 #include "utils/base64.h"
17 #include "common/dpp.h"
18 #include "common/gas.h"
19 #include "common/gas_server.h"
20 #include "crypto/random.h"
21 #include "rsn_supp/wpa.h"
22 #include "rsn_supp/pmksa_cache.h"
23 #include "wpa_supplicant_i.h"
24 #include "config.h"
25 #include "driver_i.h"
26 #include "offchannel.h"
27 #include "gas_query.h"
28 #include "bss.h"
29 #include "scan.h"
30 #include "notify.h"
31 #include "dpp_supplicant.h"
32
33
34 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
35 unsigned int freq);
36 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx);
37 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx);
38 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator);
39 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
40 unsigned int freq, const u8 *dst,
41 const u8 *src, const u8 *bssid,
42 const u8 *data, size_t data_len,
43 enum offchannel_send_action_result result);
44 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx);
45 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s);
46 static void
47 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
48 unsigned int freq, const u8 *dst,
49 const u8 *src, const u8 *bssid,
50 const u8 *data, size_t data_len,
51 enum offchannel_send_action_result result);
52 static void wpas_dpp_gas_client_timeout(void *eloop_ctx, void *timeout_ctx);
53 #ifdef CONFIG_DPP2
54 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
55 void *timeout_ctx);
56 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s);
57 static int wpas_dpp_process_conf_obj(void *ctx,
58 struct dpp_authentication *auth);
59 static bool wpas_dpp_tcp_msg_sent(void *ctx, struct dpp_authentication *auth);
60 #endif /* CONFIG_DPP2 */
61
62 static const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
63
64 /* Use a hardcoded Transaction ID 1 in Peer Discovery frames since there is only
65 * a single transaction in progress at any point in time. */
66 static const u8 TRANSACTION_ID = 1;
67
68
69 /**
70 * wpas_dpp_qr_code - Parse and add DPP bootstrapping info from a QR Code
71 * @wpa_s: Pointer to wpa_supplicant data
72 * @cmd: DPP URI read from a QR Code
73 * Returns: Identifier of the stored info or -1 on failure
74 */
wpas_dpp_qr_code(struct wpa_supplicant * wpa_s,const char * cmd)75 int wpas_dpp_qr_code(struct wpa_supplicant *wpa_s, const char *cmd)
76 {
77 struct dpp_bootstrap_info *bi;
78 struct dpp_authentication *auth = wpa_s->dpp_auth;
79
80 bi = dpp_add_qr_code(wpa_s->dpp, cmd);
81 if (!bi)
82 return -1;
83
84 if (auth && auth->response_pending &&
85 dpp_notify_new_qr_code(auth, bi) == 1) {
86 wpa_printf(MSG_DEBUG,
87 "DPP: Sending out pending authentication response");
88 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
89 " freq=%u type=%d",
90 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
91 DPP_PA_AUTHENTICATION_RESP);
92 offchannel_send_action(wpa_s, auth->curr_freq,
93 auth->peer_mac_addr, wpa_s->own_addr,
94 broadcast,
95 wpabuf_head(auth->resp_msg),
96 wpabuf_len(auth->resp_msg),
97 500, wpas_dpp_tx_status, 0);
98 }
99
100 #ifdef CONFIG_DPP2
101 dpp_controller_new_qr_code(wpa_s->dpp, bi);
102 #endif /* CONFIG_DPP2 */
103
104 return bi->id;
105 }
106
107
108 /**
109 * wpas_dpp_nfc_uri - Parse and add DPP bootstrapping info from NFC Tag (URI)
110 * @wpa_s: Pointer to wpa_supplicant data
111 * @cmd: DPP URI read from a NFC Tag (URI NDEF message)
112 * Returns: Identifier of the stored info or -1 on failure
113 */
wpas_dpp_nfc_uri(struct wpa_supplicant * wpa_s,const char * cmd)114 int wpas_dpp_nfc_uri(struct wpa_supplicant *wpa_s, const char *cmd)
115 {
116 struct dpp_bootstrap_info *bi;
117
118 bi = dpp_add_nfc_uri(wpa_s->dpp, cmd);
119 if (!bi)
120 return -1;
121
122 return bi->id;
123 }
124
125
wpas_dpp_nfc_handover_req(struct wpa_supplicant * wpa_s,const char * cmd)126 int wpas_dpp_nfc_handover_req(struct wpa_supplicant *wpa_s, const char *cmd)
127 {
128 const char *pos;
129 struct dpp_bootstrap_info *peer_bi, *own_bi;
130
131 pos = os_strstr(cmd, " own=");
132 if (!pos)
133 return -1;
134 pos += 5;
135 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
136 if (!own_bi)
137 return -1;
138 own_bi->nfc_negotiated = 1;
139
140 pos = os_strstr(cmd, " uri=");
141 if (!pos)
142 return -1;
143 pos += 5;
144 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
145 if (!peer_bi) {
146 wpa_printf(MSG_INFO,
147 "DPP: Failed to parse URI from NFC Handover Request");
148 return -1;
149 }
150
151 if (dpp_nfc_update_bi(own_bi, peer_bi) < 0)
152 return -1;
153
154 return peer_bi->id;
155 }
156
157
wpas_dpp_nfc_handover_sel(struct wpa_supplicant * wpa_s,const char * cmd)158 int wpas_dpp_nfc_handover_sel(struct wpa_supplicant *wpa_s, const char *cmd)
159 {
160 const char *pos;
161 struct dpp_bootstrap_info *peer_bi, *own_bi;
162
163 pos = os_strstr(cmd, " own=");
164 if (!pos)
165 return -1;
166 pos += 5;
167 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
168 if (!own_bi)
169 return -1;
170 own_bi->nfc_negotiated = 1;
171
172 pos = os_strstr(cmd, " uri=");
173 if (!pos)
174 return -1;
175 pos += 5;
176 peer_bi = dpp_add_nfc_uri(wpa_s->dpp, pos);
177 if (!peer_bi) {
178 wpa_printf(MSG_INFO,
179 "DPP: Failed to parse URI from NFC Handover Select");
180 return -1;
181 }
182
183 if (peer_bi->curve != own_bi->curve) {
184 wpa_printf(MSG_INFO,
185 "DPP: Peer (NFC Handover Selector) used different curve");
186 return -1;
187 }
188
189 return peer_bi->id;
190 }
191
192
wpas_dpp_auth_resp_retry_timeout(void * eloop_ctx,void * timeout_ctx)193 static void wpas_dpp_auth_resp_retry_timeout(void *eloop_ctx, void *timeout_ctx)
194 {
195 struct wpa_supplicant *wpa_s = eloop_ctx;
196 struct dpp_authentication *auth = wpa_s->dpp_auth;
197
198 if (!auth || !auth->resp_msg)
199 return;
200
201 wpa_printf(MSG_DEBUG,
202 "DPP: Retry Authentication Response after timeout");
203 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
204 " freq=%u type=%d",
205 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
206 DPP_PA_AUTHENTICATION_RESP);
207 offchannel_send_action(wpa_s, auth->curr_freq, auth->peer_mac_addr,
208 wpa_s->own_addr, broadcast,
209 wpabuf_head(auth->resp_msg),
210 wpabuf_len(auth->resp_msg),
211 500, wpas_dpp_tx_status, 0);
212 }
213
214
wpas_dpp_auth_resp_retry(struct wpa_supplicant * wpa_s)215 static void wpas_dpp_auth_resp_retry(struct wpa_supplicant *wpa_s)
216 {
217 struct dpp_authentication *auth = wpa_s->dpp_auth;
218 unsigned int wait_time, max_tries;
219
220 if (!auth || !auth->resp_msg)
221 return;
222
223 if (wpa_s->dpp_resp_max_tries)
224 max_tries = wpa_s->dpp_resp_max_tries;
225 else
226 max_tries = 5;
227 auth->auth_resp_tries++;
228 if (auth->auth_resp_tries >= max_tries) {
229 wpa_printf(MSG_INFO, "DPP: No confirm received from initiator - stopping exchange");
230 offchannel_send_action_done(wpa_s);
231 dpp_auth_deinit(wpa_s->dpp_auth);
232 wpa_s->dpp_auth = NULL;
233 return;
234 }
235
236 if (wpa_s->dpp_resp_retry_time)
237 wait_time = wpa_s->dpp_resp_retry_time;
238 else
239 wait_time = 1000;
240 if (wpa_s->dpp_tx_chan_change) {
241 wpa_s->dpp_tx_chan_change = false;
242 if (wait_time > 100)
243 wait_time = 100;
244 }
245
246 wpa_printf(MSG_DEBUG,
247 "DPP: Schedule retransmission of Authentication Response frame in %u ms",
248 wait_time);
249 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
250 eloop_register_timeout(wait_time / 1000,
251 (wait_time % 1000) * 1000,
252 wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
253 }
254
255
wpas_dpp_try_to_connect(struct wpa_supplicant * wpa_s)256 static void wpas_dpp_try_to_connect(struct wpa_supplicant *wpa_s)
257 {
258 wpa_printf(MSG_DEBUG, "DPP: Trying to connect to the new network");
259 wpa_s->suitable_network = 0;
260 wpa_s->no_suitable_network = 0;
261 wpa_s->disconnected = 0;
262 wpa_s->reassociate = 1;
263 wpa_s->scan_runs = 0;
264 wpa_s->normal_scans = 0;
265 wpa_supplicant_cancel_sched_scan(wpa_s);
266 wpa_supplicant_req_scan(wpa_s, 0, 0);
267 }
268
269
270 #ifdef CONFIG_DPP2
271
wpas_dpp_stop_listen_for_tx(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait_time)272 static void wpas_dpp_stop_listen_for_tx(struct wpa_supplicant *wpa_s,
273 unsigned int freq,
274 unsigned int wait_time)
275 {
276 struct os_reltime now, res;
277 unsigned int remaining;
278
279 if (!wpa_s->dpp_listen_freq)
280 return;
281
282 os_get_reltime(&now);
283 if (os_reltime_before(&now, &wpa_s->dpp_listen_end)) {
284 os_reltime_sub(&wpa_s->dpp_listen_end, &now, &res);
285 remaining = res.sec * 1000 + res.usec / 1000;
286 } else {
287 remaining = 0;
288 }
289 if (wpa_s->dpp_listen_freq == freq && remaining > wait_time)
290 return;
291
292 wpa_printf(MSG_DEBUG,
293 "DPP: Stop listen on %u MHz ending in %u ms to allow immediate TX on %u MHz for %u ms",
294 wpa_s->dpp_listen_freq, remaining, freq, wait_time);
295 wpas_dpp_listen_stop(wpa_s);
296
297 /* TODO: Restart listen in some cases after TX? */
298 }
299
300
wpas_dpp_conn_status_result_timeout(void * eloop_ctx,void * timeout_ctx)301 static void wpas_dpp_conn_status_result_timeout(void *eloop_ctx,
302 void *timeout_ctx)
303 {
304 struct wpa_supplicant *wpa_s = eloop_ctx;
305 struct dpp_authentication *auth = wpa_s->dpp_auth;
306 enum dpp_status_error result;
307
308 if ((!auth || !auth->conn_status_requested) &&
309 !dpp_tcp_conn_status_requested(wpa_s->dpp))
310 return;
311
312 wpa_printf(MSG_DEBUG,
313 "DPP: Connection timeout - report Connection Status Result");
314 if (wpa_s->suitable_network)
315 result = DPP_STATUS_AUTH_FAILURE;
316 else if (wpa_s->no_suitable_network)
317 result = DPP_STATUS_NO_AP;
318 else
319 result = 255; /* What to report here for unexpected state? */
320 if (wpa_s->wpa_state == WPA_SCANNING)
321 wpas_abort_ongoing_scan(wpa_s);
322 wpas_dpp_send_conn_status_result(wpa_s, result);
323 }
324
325
wpas_dpp_scan_channel_list(struct wpa_supplicant * wpa_s)326 static char * wpas_dpp_scan_channel_list(struct wpa_supplicant *wpa_s)
327 {
328 char *str, *end, *pos;
329 size_t len;
330 unsigned int i;
331 u8 last_op_class = 0;
332 int res;
333
334 if (!wpa_s->last_scan_freqs || !wpa_s->num_last_scan_freqs)
335 return NULL;
336
337 len = wpa_s->num_last_scan_freqs * 8;
338 str = os_zalloc(len);
339 if (!str)
340 return NULL;
341 end = str + len;
342 pos = str;
343
344 for (i = 0; i < wpa_s->num_last_scan_freqs; i++) {
345 enum hostapd_hw_mode mode;
346 u8 op_class, channel;
347
348 mode = ieee80211_freq_to_channel_ext(wpa_s->last_scan_freqs[i],
349 0, 0, &op_class, &channel);
350 if (mode == NUM_HOSTAPD_MODES)
351 continue;
352 if (op_class == last_op_class)
353 res = os_snprintf(pos, end - pos, ",%d", channel);
354 else
355 res = os_snprintf(pos, end - pos, "%s%d/%d",
356 pos == str ? "" : ",",
357 op_class, channel);
358 if (os_snprintf_error(end - pos, res)) {
359 *pos = '\0';
360 break;
361 }
362 pos += res;
363 last_op_class = op_class;
364 }
365
366 if (pos == str) {
367 os_free(str);
368 str = NULL;
369 }
370 return str;
371 }
372
373
wpas_dpp_send_conn_status_result(struct wpa_supplicant * wpa_s,enum dpp_status_error result)374 void wpas_dpp_send_conn_status_result(struct wpa_supplicant *wpa_s,
375 enum dpp_status_error result)
376 {
377 struct wpabuf *msg;
378 const char *channel_list = NULL;
379 char *channel_list_buf = NULL;
380 struct wpa_ssid *ssid = wpa_s->current_ssid;
381 struct dpp_authentication *auth = wpa_s->dpp_auth;
382
383 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
384
385 if ((!auth || !auth->conn_status_requested) &&
386 !dpp_tcp_conn_status_requested(wpa_s->dpp))
387 return;
388
389 wpa_printf(MSG_DEBUG, "DPP: Report connection status result %d",
390 result);
391
392 if (result == DPP_STATUS_NO_AP) {
393 channel_list_buf = wpas_dpp_scan_channel_list(wpa_s);
394 channel_list = channel_list_buf;
395 }
396
397 if (!auth || !auth->conn_status_requested) {
398 dpp_tcp_send_conn_status(wpa_s->dpp, result,
399 ssid ? ssid->ssid :
400 wpa_s->dpp_last_ssid,
401 ssid ? ssid->ssid_len :
402 wpa_s->dpp_last_ssid_len,
403 channel_list);
404 os_free(channel_list_buf);
405 return;
406 }
407
408 auth->conn_status_requested = 0;
409
410 msg = dpp_build_conn_status_result(auth, result,
411 ssid ? ssid->ssid :
412 wpa_s->dpp_last_ssid,
413 ssid ? ssid->ssid_len :
414 wpa_s->dpp_last_ssid_len,
415 channel_list);
416 os_free(channel_list_buf);
417 if (!msg) {
418 dpp_auth_deinit(wpa_s->dpp_auth);
419 wpa_s->dpp_auth = NULL;
420 return;
421 }
422
423 wpa_msg(wpa_s, MSG_INFO,
424 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
425 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
426 DPP_PA_CONNECTION_STATUS_RESULT);
427 offchannel_send_action(wpa_s, auth->curr_freq,
428 auth->peer_mac_addr, wpa_s->own_addr, broadcast,
429 wpabuf_head(msg), wpabuf_len(msg),
430 500, wpas_dpp_tx_status, 0);
431 wpabuf_free(msg);
432
433 /* This exchange will be terminated in the TX status handler */
434 auth->remove_on_tx_status = 1;
435
436 return;
437 }
438
439
wpas_dpp_connected_timeout(void * eloop_ctx,void * timeout_ctx)440 static void wpas_dpp_connected_timeout(void *eloop_ctx, void *timeout_ctx)
441 {
442 struct wpa_supplicant *wpa_s = eloop_ctx;
443 struct dpp_authentication *auth = wpa_s->dpp_auth;
444
445 if ((auth && auth->conn_status_requested) ||
446 dpp_tcp_conn_status_requested(wpa_s->dpp))
447 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_OK);
448 }
449
450
wpas_dpp_connected(struct wpa_supplicant * wpa_s)451 void wpas_dpp_connected(struct wpa_supplicant *wpa_s)
452 {
453 struct dpp_authentication *auth = wpa_s->dpp_auth;
454
455 if ((auth && auth->conn_status_requested) ||
456 dpp_tcp_conn_status_requested(wpa_s->dpp)) {
457 /* Report connection result from an eloop timeout to avoid delay
458 * to completing all connection completion steps since this
459 * function is called in a middle of the post 4-way handshake
460 * processing. */
461 eloop_register_timeout(0, 0, wpas_dpp_connected_timeout,
462 wpa_s, NULL);
463 }
464 }
465
466 #endif /* CONFIG_DPP2 */
467
468
wpas_dpp_drv_wait_timeout(void * eloop_ctx,void * timeout_ctx)469 static void wpas_dpp_drv_wait_timeout(void *eloop_ctx, void *timeout_ctx)
470 {
471 struct wpa_supplicant *wpa_s = eloop_ctx;
472 struct dpp_authentication *auth = wpa_s->dpp_auth;
473
474 if (auth && auth->waiting_auth_resp) {
475 wpa_printf(MSG_DEBUG,
476 "DPP: Call wpas_dpp_auth_init_next() from %s",
477 __func__);
478 wpas_dpp_auth_init_next(wpa_s);
479 } else {
480 wpa_printf(MSG_DEBUG, "DPP: %s, but no waiting_auth_resp",
481 __func__);
482 }
483 }
484
485
wpas_dpp_neg_freq_timeout(void * eloop_ctx,void * timeout_ctx)486 static void wpas_dpp_neg_freq_timeout(void *eloop_ctx, void *timeout_ctx)
487 {
488 struct wpa_supplicant *wpa_s = eloop_ctx;
489 struct dpp_authentication *auth = wpa_s->dpp_auth;
490
491 if (!wpa_s->dpp_listen_on_tx_expire || !auth || !auth->neg_freq)
492 return;
493
494 wpa_printf(MSG_DEBUG,
495 "DPP: Start listen on neg_freq %u MHz based on timeout for TX wait expiration",
496 auth->neg_freq);
497 wpas_dpp_listen_start(wpa_s, auth->neg_freq);
498 }
499
500
wpas_dpp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)501 static void wpas_dpp_tx_status(struct wpa_supplicant *wpa_s,
502 unsigned int freq, const u8 *dst,
503 const u8 *src, const u8 *bssid,
504 const u8 *data, size_t data_len,
505 enum offchannel_send_action_result result)
506 {
507 const char *res_txt;
508 struct dpp_authentication *auth = wpa_s->dpp_auth;
509
510 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
511 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
512 "FAILED");
513 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
514 " result=%s", freq, MAC2STR(dst), res_txt);
515 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
516 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
517
518 if (!wpa_s->dpp_auth) {
519 wpa_printf(MSG_DEBUG,
520 "DPP: Ignore TX status since there is no ongoing authentication exchange");
521 return;
522 }
523
524 #ifdef CONFIG_DPP2
525 if (auth->connect_on_tx_status) {
526 auth->connect_on_tx_status = 0;
527 wpa_printf(MSG_DEBUG,
528 "DPP: Try to connect after completed configuration result");
529 wpas_dpp_try_to_connect(wpa_s);
530 if (auth->conn_status_requested) {
531 wpa_printf(MSG_DEBUG,
532 "DPP: Start 15 second timeout for reporting connection status result");
533 eloop_cancel_timeout(
534 wpas_dpp_conn_status_result_timeout,
535 wpa_s, NULL);
536 eloop_register_timeout(
537 15, 0, wpas_dpp_conn_status_result_timeout,
538 wpa_s, NULL);
539 } else {
540 dpp_auth_deinit(wpa_s->dpp_auth);
541 wpa_s->dpp_auth = NULL;
542 }
543 return;
544 }
545 #endif /* CONFIG_DPP2 */
546
547 if (wpa_s->dpp_auth->remove_on_tx_status) {
548 wpa_printf(MSG_DEBUG,
549 "DPP: Terminate authentication exchange due to a request to do so on TX status");
550 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
551 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
552 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
553 NULL);
554 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
555 NULL);
556 #ifdef CONFIG_DPP2
557 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
558 wpa_s, NULL);
559 #endif /* CONFIG_DPP2 */
560 offchannel_send_action_done(wpa_s);
561 dpp_auth_deinit(wpa_s->dpp_auth);
562 wpa_s->dpp_auth = NULL;
563 return;
564 }
565
566 if (wpa_s->dpp_auth_ok_on_ack)
567 wpas_dpp_auth_success(wpa_s, 1);
568
569 if (!is_broadcast_ether_addr(dst) &&
570 result != OFFCHANNEL_SEND_ACTION_SUCCESS) {
571 wpa_printf(MSG_DEBUG,
572 "DPP: Unicast DPP Action frame was not ACKed");
573 if (auth->waiting_auth_resp) {
574 /* In case of DPP Authentication Request frame, move to
575 * the next channel immediately. */
576 offchannel_send_action_done(wpa_s);
577 /* Call wpas_dpp_auth_init_next(wpa_s) from driver event
578 * notifying frame wait was completed or from eloop
579 * timeout. */
580 eloop_register_timeout(0, 10000,
581 wpas_dpp_drv_wait_timeout,
582 wpa_s, NULL);
583 return;
584 }
585 if (auth->waiting_auth_conf) {
586 wpas_dpp_auth_resp_retry(wpa_s);
587 return;
588 }
589 }
590
591 if (auth->waiting_auth_conf &&
592 auth->auth_resp_status == DPP_STATUS_OK) {
593 /* Make sure we do not get stuck waiting for Auth Confirm
594 * indefinitely after successfully transmitted Auth Response to
595 * allow new authentication exchanges to be started. */
596 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
597 NULL);
598 #ifdef __ZEPHYR__
599 eloop_register_timeout(5, 0, wpas_dpp_auth_conf_wait_timeout,
600 wpa_s, NULL);
601 #else
602 eloop_register_timeout(1, 0, wpas_dpp_auth_conf_wait_timeout,
603 wpa_s, NULL);
604 #endif
605 }
606
607 if (!is_broadcast_ether_addr(dst) && auth->waiting_auth_resp &&
608 result == OFFCHANNEL_SEND_ACTION_SUCCESS) {
609 /* Allow timeout handling to stop iteration if no response is
610 * received from a peer that has ACKed a request. */
611 auth->auth_req_ack = 1;
612 }
613
614 if (!wpa_s->dpp_auth_ok_on_ack && wpa_s->dpp_auth->neg_freq > 0 &&
615 wpa_s->dpp_auth->curr_freq != wpa_s->dpp_auth->neg_freq) {
616 wpa_printf(MSG_DEBUG,
617 "DPP: Move from curr_freq %u MHz to neg_freq %u MHz for response",
618 wpa_s->dpp_auth->curr_freq,
619 wpa_s->dpp_auth->neg_freq);
620 offchannel_send_action_done(wpa_s);
621 wpa_s->dpp_listen_on_tx_expire = true;
622 eloop_register_timeout(0, 100000, wpas_dpp_neg_freq_timeout,
623 wpa_s, NULL);
624 }
625
626 if (wpa_s->dpp_auth_ok_on_ack)
627 wpa_s->dpp_auth_ok_on_ack = 0;
628 }
629
630
wpas_dpp_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)631 static void wpas_dpp_reply_wait_timeout(void *eloop_ctx, void *timeout_ctx)
632 {
633 struct wpa_supplicant *wpa_s = eloop_ctx;
634 struct dpp_authentication *auth = wpa_s->dpp_auth;
635 unsigned int freq;
636 struct os_reltime now, diff;
637 unsigned int wait_time, diff_ms;
638
639 if (!auth || !auth->waiting_auth_resp)
640 return;
641
642 wait_time = wpa_s->dpp_resp_wait_time ?
643 wpa_s->dpp_resp_wait_time : 2000;
644 os_get_reltime(&now);
645 os_reltime_sub(&now, &wpa_s->dpp_last_init, &diff);
646 diff_ms = diff.sec * 1000 + diff.usec / 1000;
647 wpa_printf(MSG_DEBUG,
648 "DPP: Reply wait timeout - wait_time=%u diff_ms=%u",
649 wait_time, diff_ms);
650
651 if (auth->auth_req_ack && diff_ms >= wait_time) {
652 /* Peer ACK'ed Authentication Request frame, but did not reply
653 * with Authentication Response frame within two seconds. */
654 wpa_printf(MSG_INFO,
655 "DPP: No response received from responder - stopping initiation attempt");
656 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
657 offchannel_send_action_done(wpa_s);
658 wpas_dpp_listen_stop(wpa_s);
659 dpp_auth_deinit(auth);
660 wpa_s->dpp_auth = NULL;
661 return;
662 }
663
664 if (diff_ms >= wait_time) {
665 /* Authentication Request frame was not ACK'ed and no reply
666 * was receiving within two seconds. */
667 wpa_printf(MSG_DEBUG,
668 "DPP: Continue Initiator channel iteration");
669 offchannel_send_action_done(wpa_s);
670 wpas_dpp_listen_stop(wpa_s);
671 wpas_dpp_auth_init_next(wpa_s);
672 return;
673 }
674
675 /* Driver did not support 2000 ms long wait_time with TX command, so
676 * schedule listen operation to continue waiting for the response.
677 *
678 * DPP listen operations continue until stopped, so simply schedule a
679 * new call to this function at the point when the two second reply
680 * wait has expired. */
681 wait_time -= diff_ms;
682
683 freq = auth->curr_freq;
684 if (auth->neg_freq > 0)
685 freq = auth->neg_freq;
686 wpa_printf(MSG_DEBUG,
687 "DPP: Continue reply wait on channel %u MHz for %u ms",
688 freq, wait_time);
689 wpa_s->dpp_in_response_listen = 1;
690 wpas_dpp_listen_start(wpa_s, freq);
691
692 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
693 wpas_dpp_reply_wait_timeout, wpa_s, NULL);
694 }
695
696
wpas_dpp_auth_conf_wait_timeout(void * eloop_ctx,void * timeout_ctx)697 static void wpas_dpp_auth_conf_wait_timeout(void *eloop_ctx, void *timeout_ctx)
698 {
699 struct wpa_supplicant *wpa_s = eloop_ctx;
700 struct dpp_authentication *auth = wpa_s->dpp_auth;
701
702 if (!auth || !auth->waiting_auth_conf)
703 return;
704
705 wpa_printf(MSG_DEBUG,
706 "DPP: Terminate authentication exchange due to Auth Confirm timeout");
707 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL "No Auth Confirm received");
708 offchannel_send_action_done(wpa_s);
709 dpp_auth_deinit(auth);
710 wpa_s->dpp_auth = NULL;
711 }
712
713
wpas_dpp_set_testing_options(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)714 static void wpas_dpp_set_testing_options(struct wpa_supplicant *wpa_s,
715 struct dpp_authentication *auth)
716 {
717 #ifdef CONFIG_TESTING_OPTIONS
718 if (wpa_s->dpp_config_obj_override)
719 auth->config_obj_override =
720 os_strdup(wpa_s->dpp_config_obj_override);
721 if (wpa_s->dpp_discovery_override)
722 auth->discovery_override =
723 os_strdup(wpa_s->dpp_discovery_override);
724 if (wpa_s->dpp_groups_override)
725 auth->groups_override =
726 os_strdup(wpa_s->dpp_groups_override);
727 auth->ignore_netaccesskey_mismatch =
728 wpa_s->dpp_ignore_netaccesskey_mismatch;
729 #endif /* CONFIG_TESTING_OPTIONS */
730 }
731
732
wpas_dpp_init_timeout(void * eloop_ctx,void * timeout_ctx)733 static void wpas_dpp_init_timeout(void *eloop_ctx, void *timeout_ctx)
734 {
735 struct wpa_supplicant *wpa_s = eloop_ctx;
736
737 if (!wpa_s->dpp_auth)
738 return;
739 wpa_printf(MSG_DEBUG, "DPP: Retry initiation after timeout");
740 wpas_dpp_auth_init_next(wpa_s);
741 }
742
743
wpas_dpp_auth_init_next(struct wpa_supplicant * wpa_s)744 static int wpas_dpp_auth_init_next(struct wpa_supplicant *wpa_s)
745 {
746 struct dpp_authentication *auth = wpa_s->dpp_auth;
747 const u8 *dst;
748 unsigned int wait_time, max_wait_time, freq, max_tries, used;
749 struct os_reltime now, diff;
750
751 eloop_cancel_timeout(wpas_dpp_drv_wait_timeout, wpa_s, NULL);
752
753 wpa_s->dpp_in_response_listen = 0;
754 if (!auth)
755 return -1;
756
757 if (auth->freq_idx == 0)
758 os_get_reltime(&wpa_s->dpp_init_iter_start);
759
760 if (auth->freq_idx >= auth->num_freq) {
761 auth->num_freq_iters++;
762 if (wpa_s->dpp_init_max_tries)
763 max_tries = wpa_s->dpp_init_max_tries;
764 else
765 max_tries = 5;
766 if (auth->num_freq_iters >= max_tries || auth->auth_req_ack) {
767 wpa_printf(MSG_INFO,
768 "DPP: No response received from responder - stopping initiation attempt");
769 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_AUTH_INIT_FAILED);
770 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout,
771 wpa_s, NULL);
772 offchannel_send_action_done(wpa_s);
773 dpp_auth_deinit(wpa_s->dpp_auth);
774 wpa_s->dpp_auth = NULL;
775 return -1;
776 }
777 auth->freq_idx = 0;
778 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
779 if (wpa_s->dpp_init_retry_time)
780 wait_time = wpa_s->dpp_init_retry_time;
781 else
782 wait_time = 10000;
783 os_get_reltime(&now);
784 os_reltime_sub(&now, &wpa_s->dpp_init_iter_start, &diff);
785 used = diff.sec * 1000 + diff.usec / 1000;
786 if (used > wait_time)
787 wait_time = 0;
788 else
789 wait_time -= used;
790 wpa_printf(MSG_DEBUG, "DPP: Next init attempt in %u ms",
791 wait_time);
792 eloop_register_timeout(wait_time / 1000,
793 (wait_time % 1000) * 1000,
794 wpas_dpp_init_timeout, wpa_s,
795 NULL);
796 return 0;
797 }
798 freq = auth->freq[auth->freq_idx++];
799 auth->curr_freq = freq;
800
801 if (!is_zero_ether_addr(auth->peer_mac_addr))
802 dst = auth->peer_mac_addr;
803 else if (is_zero_ether_addr(auth->peer_bi->mac_addr))
804 dst = broadcast;
805 else
806 dst = auth->peer_bi->mac_addr;
807 wpa_s->dpp_auth_ok_on_ack = 0;
808 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
809 wait_time = wpa_s->max_remain_on_chan;
810 max_wait_time = wpa_s->dpp_resp_wait_time ?
811 wpa_s->dpp_resp_wait_time : 2000;
812 if (wait_time > max_wait_time)
813 wait_time = max_wait_time;
814 wait_time += 10; /* give the driver some extra time to complete */
815 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
816 wpas_dpp_reply_wait_timeout,
817 wpa_s, NULL);
818 wait_time -= 10;
819 if (auth->neg_freq > 0 && freq != auth->neg_freq) {
820 wpa_printf(MSG_DEBUG,
821 "DPP: Initiate on %u MHz and move to neg_freq %u MHz for response",
822 freq, auth->neg_freq);
823 }
824 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
825 MAC2STR(dst), freq, DPP_PA_AUTHENTICATION_REQ);
826 auth->auth_req_ack = 0;
827 os_get_reltime(&wpa_s->dpp_last_init);
828 return offchannel_send_action(wpa_s, freq, dst,
829 wpa_s->own_addr, broadcast,
830 wpabuf_head(auth->req_msg),
831 wpabuf_len(auth->req_msg),
832 wait_time, wpas_dpp_tx_status, 0);
833 }
834
835
wpas_dpp_auth_init(struct wpa_supplicant * wpa_s,const char * cmd)836 int wpas_dpp_auth_init(struct wpa_supplicant *wpa_s, const char *cmd)
837 {
838 const char *pos;
839 struct dpp_bootstrap_info *peer_bi, *own_bi = NULL;
840 struct dpp_authentication *auth;
841 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
842 unsigned int neg_freq = 0;
843 int tcp = 0;
844 #ifdef CONFIG_DPP2
845 int tcp_port = DPP_TCP_PORT;
846 struct hostapd_ip_addr ipaddr;
847 char *addr;
848 #endif /* CONFIG_DPP2 */
849
850 wpa_s->dpp_gas_client = 0;
851 wpa_s->dpp_gas_server = 0;
852
853 pos = os_strstr(cmd, " peer=");
854 if (!pos)
855 return -1;
856 pos += 6;
857 peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
858 if (!peer_bi) {
859 wpa_printf(MSG_INFO,
860 "DPP: Could not find bootstrapping info for the identified peer");
861 return -1;
862 }
863
864 #ifdef CONFIG_DPP2
865 pos = os_strstr(cmd, " tcp_port=");
866 if (pos) {
867 pos += 10;
868 tcp_port = atoi(pos);
869 }
870
871 addr = get_param(cmd, " tcp_addr=");
872 if (addr && os_strcmp(addr, "from-uri") == 0) {
873 os_free(addr);
874 if (!peer_bi->host) {
875 wpa_printf(MSG_INFO,
876 "DPP: TCP address not available in peer URI");
877 return -1;
878 }
879 tcp = 1;
880 os_memcpy(&ipaddr, peer_bi->host, sizeof(ipaddr));
881 tcp_port = peer_bi->port;
882 } else if (addr) {
883 int res;
884
885 res = hostapd_parse_ip_addr(addr, &ipaddr);
886 os_free(addr);
887 if (res)
888 return -1;
889 tcp = 1;
890 }
891 #endif /* CONFIG_DPP2 */
892
893 pos = os_strstr(cmd, " own=");
894 if (pos) {
895 pos += 5;
896 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
897 if (!own_bi) {
898 wpa_printf(MSG_INFO,
899 "DPP: Could not find bootstrapping info for the identified local entry");
900 return -1;
901 }
902
903 if (peer_bi->curve != own_bi->curve) {
904 wpa_printf(MSG_INFO,
905 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
906 peer_bi->curve->name, own_bi->curve->name);
907 return -1;
908 }
909 }
910
911 pos = os_strstr(cmd, " role=");
912 if (pos) {
913 pos += 6;
914 if (os_strncmp(pos, "configurator", 12) == 0)
915 allowed_roles = DPP_CAPAB_CONFIGURATOR;
916 else if (os_strncmp(pos, "enrollee", 8) == 0)
917 allowed_roles = DPP_CAPAB_ENROLLEE;
918 else if (os_strncmp(pos, "either", 6) == 0)
919 allowed_roles = DPP_CAPAB_CONFIGURATOR |
920 DPP_CAPAB_ENROLLEE;
921 else
922 goto fail;
923 }
924
925 pos = os_strstr(cmd, " netrole=");
926 if (pos) {
927 pos += 9;
928 if (os_strncmp(pos, "ap", 2) == 0)
929 wpa_s->dpp_netrole = DPP_NETROLE_AP;
930 else if (os_strncmp(pos, "configurator", 12) == 0)
931 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
932 else
933 wpa_s->dpp_netrole = DPP_NETROLE_STA;
934 } else {
935 wpa_s->dpp_netrole = DPP_NETROLE_STA;
936 }
937
938 pos = os_strstr(cmd, " neg_freq=");
939 if (pos)
940 neg_freq = atoi(pos + 10);
941
942 if (!tcp && wpa_s->dpp_auth) {
943 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
944 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
945 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s,
946 NULL);
947 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s,
948 NULL);
949 #ifdef CONFIG_DPP2
950 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
951 wpa_s, NULL);
952 #endif /* CONFIG_DPP2 */
953 offchannel_send_action_done(wpa_s);
954 dpp_auth_deinit(wpa_s->dpp_auth);
955 wpa_s->dpp_auth = NULL;
956 }
957
958 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
959 neg_freq, wpa_s->hw.modes, wpa_s->hw.num_modes);
960 if (!auth)
961 goto fail;
962 wpas_dpp_set_testing_options(wpa_s, auth);
963 if (dpp_set_configurator(auth, cmd) < 0) {
964 dpp_auth_deinit(auth);
965 goto fail;
966 }
967
968 auth->neg_freq = neg_freq;
969
970 if (!is_zero_ether_addr(peer_bi->mac_addr))
971 os_memcpy(auth->peer_mac_addr, peer_bi->mac_addr, ETH_ALEN);
972
973 #ifdef CONFIG_DPP2
974 if (tcp)
975 return dpp_tcp_init(wpa_s->dpp, auth, &ipaddr, tcp_port,
976 wpa_s->conf->dpp_name, DPP_NETROLE_STA,
977 wpa_s->conf->dpp_mud_url,
978 wpa_s->conf->dpp_extra_conf_req_name,
979 wpa_s->conf->dpp_extra_conf_req_value,
980 wpa_s, wpa_s, wpas_dpp_process_conf_obj,
981 wpas_dpp_tcp_msg_sent);
982 #endif /* CONFIG_DPP2 */
983
984 wpa_s->dpp_auth = auth;
985 return wpas_dpp_auth_init_next(wpa_s);
986 fail:
987 return -1;
988 }
989
990
991 struct wpas_dpp_listen_work {
992 unsigned int freq;
993 unsigned int duration;
994 struct wpabuf *probe_resp_ie;
995 };
996
997
wpas_dpp_listen_work_free(struct wpas_dpp_listen_work * lwork)998 static void wpas_dpp_listen_work_free(struct wpas_dpp_listen_work *lwork)
999 {
1000 if (!lwork)
1001 return;
1002 os_free(lwork);
1003 }
1004
1005
wpas_dpp_listen_work_done(struct wpa_supplicant * wpa_s)1006 static void wpas_dpp_listen_work_done(struct wpa_supplicant *wpa_s)
1007 {
1008 struct wpas_dpp_listen_work *lwork;
1009
1010 if (!wpa_s->dpp_listen_work)
1011 return;
1012
1013 lwork = wpa_s->dpp_listen_work->ctx;
1014 wpas_dpp_listen_work_free(lwork);
1015 radio_work_done(wpa_s->dpp_listen_work);
1016 wpa_s->dpp_listen_work = NULL;
1017 }
1018
1019
dpp_start_listen_cb(struct wpa_radio_work * work,int deinit)1020 static void dpp_start_listen_cb(struct wpa_radio_work *work, int deinit)
1021 {
1022 struct wpa_supplicant *wpa_s = work->wpa_s;
1023 struct wpas_dpp_listen_work *lwork = work->ctx;
1024
1025 if (deinit) {
1026 if (work->started) {
1027 wpa_s->dpp_listen_work = NULL;
1028 wpas_dpp_listen_stop(wpa_s);
1029 }
1030 wpas_dpp_listen_work_free(lwork);
1031 return;
1032 }
1033
1034 wpa_s->dpp_listen_work = work;
1035
1036 wpa_s->dpp_pending_listen_freq = lwork->freq;
1037
1038 if (wpa_drv_remain_on_channel(wpa_s, lwork->freq,
1039 wpa_s->max_remain_on_chan) < 0) {
1040 wpa_printf(MSG_DEBUG,
1041 "DPP: Failed to request the driver to remain on channel (%u MHz) for listen",
1042 lwork->freq);
1043 wpa_s->dpp_listen_freq = 0;
1044 wpas_dpp_listen_work_done(wpa_s);
1045 wpa_s->dpp_pending_listen_freq = 0;
1046 return;
1047 }
1048 wpa_s->off_channel_freq = 0;
1049 wpa_s->roc_waiting_drv_freq = lwork->freq;
1050 wpa_drv_dpp_listen(wpa_s, true);
1051 wpa_s->dpp_tx_auth_resp_on_roc_stop = false;
1052 wpa_s->dpp_tx_chan_change = false;
1053 }
1054
1055
wpas_dpp_listen_start(struct wpa_supplicant * wpa_s,unsigned int freq)1056 static int wpas_dpp_listen_start(struct wpa_supplicant *wpa_s,
1057 unsigned int freq)
1058 {
1059 struct wpas_dpp_listen_work *lwork;
1060
1061 if (wpa_s->dpp_listen_work) {
1062 wpa_printf(MSG_DEBUG,
1063 "DPP: Reject start_listen since dpp_listen_work already exists");
1064 return -1;
1065 }
1066
1067 if (wpa_s->dpp_listen_freq)
1068 wpas_dpp_listen_stop(wpa_s);
1069 wpa_s->dpp_listen_freq = freq;
1070
1071 lwork = os_zalloc(sizeof(*lwork));
1072 if (!lwork)
1073 return -1;
1074 lwork->freq = freq;
1075
1076 if (radio_add_work(wpa_s, freq, "dpp-listen", 0, dpp_start_listen_cb,
1077 lwork) < 0) {
1078 wpas_dpp_listen_work_free(lwork);
1079 return -1;
1080 }
1081
1082 return 0;
1083 }
1084
1085
wpas_dpp_listen(struct wpa_supplicant * wpa_s,const char * cmd)1086 int wpas_dpp_listen(struct wpa_supplicant *wpa_s, const char *cmd)
1087 {
1088 int freq;
1089
1090 freq = atoi(cmd);
1091 if (freq <= 0)
1092 return -1;
1093
1094 if (os_strstr(cmd, " role=configurator"))
1095 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR;
1096 else if (os_strstr(cmd, " role=enrollee"))
1097 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
1098 else
1099 wpa_s->dpp_allowed_roles = DPP_CAPAB_CONFIGURATOR |
1100 DPP_CAPAB_ENROLLEE;
1101 wpa_s->dpp_qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
1102 if (os_strstr(cmd, " netrole=ap"))
1103 wpa_s->dpp_netrole = DPP_NETROLE_AP;
1104 else if (os_strstr(cmd, " netrole=configurator"))
1105 wpa_s->dpp_netrole = DPP_NETROLE_CONFIGURATOR;
1106 else
1107 wpa_s->dpp_netrole = DPP_NETROLE_STA;
1108 if (wpa_s->dpp_listen_freq == (unsigned int) freq) {
1109 wpa_printf(MSG_DEBUG, "DPP: Already listening on %u MHz",
1110 freq);
1111 return 0;
1112 }
1113
1114 return wpas_dpp_listen_start(wpa_s, freq);
1115 }
1116
1117
wpas_dpp_listen_stop(struct wpa_supplicant * wpa_s)1118 void wpas_dpp_listen_stop(struct wpa_supplicant *wpa_s)
1119 {
1120 wpa_s->dpp_in_response_listen = 0;
1121 if (!wpa_s->dpp_listen_freq)
1122 return;
1123
1124 wpa_printf(MSG_DEBUG, "DPP: Stop listen on %u MHz",
1125 wpa_s->dpp_listen_freq);
1126 wpa_drv_cancel_remain_on_channel(wpa_s);
1127 wpa_drv_dpp_listen(wpa_s, false);
1128 wpa_s->dpp_listen_freq = 0;
1129 wpas_dpp_listen_work_done(wpa_s);
1130 radio_remove_works(wpa_s, "dpp-listen", 0);
1131 }
1132
1133
wpas_dpp_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int duration)1134 void wpas_dpp_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1135 unsigned int freq, unsigned int duration)
1136 {
1137 if (wpa_s->dpp_listen_freq != freq)
1138 return;
1139
1140 wpa_printf(MSG_DEBUG,
1141 "DPP: Remain-on-channel started for listen on %u MHz for %u ms",
1142 freq, duration);
1143 os_get_reltime(&wpa_s->dpp_listen_end);
1144 wpa_s->dpp_listen_end.usec += duration * 1000;
1145 while (wpa_s->dpp_listen_end.usec >= 1000000) {
1146 wpa_s->dpp_listen_end.sec++;
1147 wpa_s->dpp_listen_end.usec -= 1000000;
1148 }
1149 }
1150
1151
wpas_dpp_tx_auth_resp(struct wpa_supplicant * wpa_s)1152 static void wpas_dpp_tx_auth_resp(struct wpa_supplicant *wpa_s)
1153 {
1154 struct dpp_authentication *auth = wpa_s->dpp_auth;
1155
1156 if (!auth)
1157 return;
1158
1159 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1160 MAC2STR(auth->peer_mac_addr), auth->curr_freq,
1161 DPP_PA_AUTHENTICATION_RESP);
1162 offchannel_send_action(wpa_s, auth->curr_freq,
1163 auth->peer_mac_addr, wpa_s->own_addr, broadcast,
1164 wpabuf_head(auth->resp_msg),
1165 wpabuf_len(auth->resp_msg),
1166 500, wpas_dpp_tx_status, 0);
1167 }
1168
1169
wpas_dpp_tx_auth_resp_roc_timeout(void * eloop_ctx,void * timeout_ctx)1170 static void wpas_dpp_tx_auth_resp_roc_timeout(void *eloop_ctx,
1171 void *timeout_ctx)
1172 {
1173 struct wpa_supplicant *wpa_s = eloop_ctx;
1174 struct dpp_authentication *auth = wpa_s->dpp_auth;
1175
1176 if (!auth || !wpa_s->dpp_tx_auth_resp_on_roc_stop)
1177 return;
1178
1179 wpa_s->dpp_tx_auth_resp_on_roc_stop = false;
1180 wpa_s->dpp_tx_chan_change = true;
1181 wpa_printf(MSG_DEBUG,
1182 "DPP: Send postponed Authentication Response on remain-on-channel termination timeout");
1183 wpas_dpp_tx_auth_resp(wpa_s);
1184 }
1185
1186
wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant * wpa_s,unsigned int freq)1187 void wpas_dpp_cancel_remain_on_channel_cb(struct wpa_supplicant *wpa_s,
1188 unsigned int freq)
1189 {
1190 wpa_printf(MSG_DEBUG, "DPP: Remain on channel cancel for %u MHz", freq);
1191 wpas_dpp_listen_work_done(wpa_s);
1192
1193 if (wpa_s->dpp_auth && wpa_s->dpp_tx_auth_resp_on_roc_stop) {
1194 eloop_cancel_timeout(wpas_dpp_tx_auth_resp_roc_timeout,
1195 wpa_s, NULL);
1196 wpa_s->dpp_tx_auth_resp_on_roc_stop = false;
1197 wpa_s->dpp_tx_chan_change = true;
1198 wpa_printf(MSG_DEBUG,
1199 "DPP: Send postponed Authentication Response on remain-on-channel termination");
1200 wpas_dpp_tx_auth_resp(wpa_s);
1201 return;
1202 }
1203
1204 if (wpa_s->dpp_auth && wpa_s->dpp_in_response_listen) {
1205 unsigned int new_freq;
1206
1207 /* Continue listen with a new remain-on-channel */
1208 if (wpa_s->dpp_auth->neg_freq > 0)
1209 new_freq = wpa_s->dpp_auth->neg_freq;
1210 else
1211 new_freq = wpa_s->dpp_auth->curr_freq;
1212 wpa_printf(MSG_DEBUG,
1213 "DPP: Continue wait on %u MHz for the ongoing DPP provisioning session",
1214 new_freq);
1215 wpas_dpp_listen_start(wpa_s, new_freq);
1216 return;
1217 }
1218
1219 if (wpa_s->dpp_listen_freq) {
1220 /* Continue listen with a new remain-on-channel */
1221 wpas_dpp_listen_start(wpa_s, wpa_s->dpp_listen_freq);
1222 }
1223 }
1224
1225
wpas_dpp_rx_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)1226 static void wpas_dpp_rx_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
1227 const u8 *hdr, const u8 *buf, size_t len,
1228 unsigned int freq)
1229 {
1230 const u8 *r_bootstrap, *i_bootstrap;
1231 u16 r_bootstrap_len, i_bootstrap_len;
1232 struct dpp_bootstrap_info *own_bi = NULL, *peer_bi = NULL;
1233
1234 if (!wpa_s->dpp)
1235 return;
1236
1237 wpa_printf(MSG_DEBUG, "DPP: Authentication Request from " MACSTR,
1238 MAC2STR(src));
1239
1240 #ifdef CONFIG_DPP2
1241 wpas_dpp_chirp_stop(wpa_s);
1242 #endif /* CONFIG_DPP2 */
1243
1244 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
1245 &r_bootstrap_len);
1246 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
1247 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1248 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
1249 return;
1250 }
1251 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
1252 r_bootstrap, r_bootstrap_len);
1253
1254 i_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
1255 &i_bootstrap_len);
1256 if (!i_bootstrap || i_bootstrap_len != SHA256_MAC_LEN) {
1257 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1258 "Missing or invalid required Initiator Bootstrapping Key Hash attribute");
1259 return;
1260 }
1261 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash",
1262 i_bootstrap, i_bootstrap_len);
1263
1264 /* Try to find own and peer bootstrapping key matches based on the
1265 * received hash values */
1266 dpp_bootstrap_find_pair(wpa_s->dpp, i_bootstrap, r_bootstrap,
1267 &own_bi, &peer_bi);
1268 if (!own_bi) {
1269 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1270 "No matching own bootstrapping key found - ignore message");
1271 return;
1272 }
1273
1274 if (own_bi->type == DPP_BOOTSTRAP_PKEX) {
1275 if (!peer_bi || peer_bi->type != DPP_BOOTSTRAP_PKEX) {
1276 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1277 "No matching peer bootstrapping key found for PKEX - ignore message");
1278 return;
1279 }
1280
1281 if (os_memcmp(peer_bi->pubkey_hash, own_bi->peer_pubkey_hash,
1282 SHA256_MAC_LEN) != 0) {
1283 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1284 "Mismatching peer PKEX bootstrapping key - ignore message");
1285 return;
1286 }
1287 }
1288
1289 if (wpa_s->dpp_auth) {
1290 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
1291 "Already in DPP authentication exchange - ignore new one");
1292 return;
1293 }
1294
1295 wpa_s->dpp_pkex_wait_auth_req = false;
1296 wpa_s->dpp_gas_client = 0;
1297 wpa_s->dpp_gas_server = 0;
1298 wpa_s->dpp_auth_ok_on_ack = 0;
1299 wpa_s->dpp_auth = dpp_auth_req_rx(wpa_s->dpp, wpa_s,
1300 wpa_s->dpp_allowed_roles,
1301 wpa_s->dpp_qr_mutual,
1302 peer_bi, own_bi, freq, hdr, buf, len);
1303 if (!wpa_s->dpp_auth) {
1304 wpa_printf(MSG_DEBUG, "DPP: No response generated");
1305 return;
1306 }
1307 wpas_dpp_set_testing_options(wpa_s, wpa_s->dpp_auth);
1308 if (dpp_set_configurator(wpa_s->dpp_auth,
1309 wpa_s->dpp_configurator_params) < 0) {
1310 dpp_auth_deinit(wpa_s->dpp_auth);
1311 wpa_s->dpp_auth = NULL;
1312 return;
1313 }
1314 os_memcpy(wpa_s->dpp_auth->peer_mac_addr, src, ETH_ALEN);
1315
1316 if (wpa_s->dpp_listen_freq &&
1317 wpa_s->dpp_listen_freq != wpa_s->dpp_auth->curr_freq) {
1318 wpa_printf(MSG_DEBUG,
1319 "DPP: Stop listen on %u MHz to allow response on the request %u MHz",
1320 wpa_s->dpp_listen_freq, wpa_s->dpp_auth->curr_freq);
1321 wpa_s->dpp_tx_auth_resp_on_roc_stop = true;
1322 eloop_register_timeout(0, 100000,
1323 wpas_dpp_tx_auth_resp_roc_timeout,
1324 wpa_s, NULL);
1325 wpas_dpp_listen_stop(wpa_s);
1326 return;
1327 }
1328 wpa_s->dpp_tx_auth_resp_on_roc_stop = false;
1329 wpa_s->dpp_tx_chan_change = false;
1330
1331 wpas_dpp_tx_auth_resp(wpa_s);
1332 }
1333
1334
wpas_dpp_tx_wait_expire(struct wpa_supplicant * wpa_s)1335 void wpas_dpp_tx_wait_expire(struct wpa_supplicant *wpa_s)
1336 {
1337 struct dpp_authentication *auth = wpa_s->dpp_auth;
1338 int freq;
1339
1340 if (wpa_s->dpp_listen_on_tx_expire && auth && auth->neg_freq) {
1341 wpa_printf(MSG_DEBUG,
1342 "DPP: Start listen on neg_freq %u MHz based on TX wait expiration on the previous channel",
1343 auth->neg_freq);
1344 eloop_cancel_timeout(wpas_dpp_neg_freq_timeout, wpa_s, NULL);
1345 wpas_dpp_listen_start(wpa_s, auth->neg_freq);
1346 return;
1347 }
1348
1349 if (!wpa_s->dpp_gas_server || !auth) {
1350 if (auth && auth->waiting_auth_resp &&
1351 eloop_is_timeout_registered(wpas_dpp_drv_wait_timeout,
1352 wpa_s, NULL)) {
1353 eloop_cancel_timeout(wpas_dpp_drv_wait_timeout,
1354 wpa_s, NULL);
1355 wpa_printf(MSG_DEBUG,
1356 "DPP: Call wpas_dpp_auth_init_next() from %s",
1357 __func__);
1358 wpas_dpp_auth_init_next(wpa_s);
1359 }
1360 return;
1361 }
1362
1363 freq = auth->neg_freq > 0 ? auth->neg_freq : auth->curr_freq;
1364 if (wpa_s->dpp_listen_work || (int) wpa_s->dpp_listen_freq == freq)
1365 return; /* listen state is already in progress */
1366
1367 wpa_printf(MSG_DEBUG, "DPP: Start listen on %u MHz for GAS", freq);
1368 wpa_s->dpp_in_response_listen = 1;
1369 wpas_dpp_listen_start(wpa_s, freq);
1370 }
1371
1372
wpas_dpp_start_gas_server(struct wpa_supplicant * wpa_s)1373 static void wpas_dpp_start_gas_server(struct wpa_supplicant *wpa_s)
1374 {
1375 struct dpp_authentication *auth = wpa_s->dpp_auth;
1376
1377 wpa_printf(MSG_DEBUG,
1378 "DPP: Starting GAS server (curr_freq=%d neg_freq=%d dpp_listen_freq=%d dpp_listen_work=%d)",
1379 auth->curr_freq, auth->neg_freq, wpa_s->dpp_listen_freq,
1380 !!wpa_s->dpp_listen_work);
1381 wpa_s->dpp_gas_server = 1;
1382 }
1383
1384
wpas_dpp_add_network(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1385 static struct wpa_ssid * wpas_dpp_add_network(struct wpa_supplicant *wpa_s,
1386 struct dpp_authentication *auth,
1387 struct dpp_config_obj *conf)
1388 {
1389 struct wpa_ssid *ssid;
1390
1391 #ifdef CONFIG_DPP2
1392 if (conf->akm == DPP_AKM_SAE) {
1393 #ifdef CONFIG_SAE
1394 struct wpa_driver_capa capa;
1395 int res;
1396
1397 res = wpa_drv_get_capa(wpa_s, &capa);
1398 if (res == 0 &&
1399 !(capa.key_mgmt_iftype[WPA_IF_STATION] &
1400 WPA_DRIVER_CAPA_KEY_MGMT_SAE) &&
1401 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) {
1402 wpa_printf(MSG_DEBUG,
1403 "DPP: SAE not supported by the driver");
1404 return NULL;
1405 }
1406 #else /* CONFIG_SAE */
1407 wpa_printf(MSG_DEBUG, "DPP: SAE not supported in the build");
1408 return NULL;
1409 #endif /* CONFIG_SAE */
1410 }
1411 #endif /* CONFIG_DPP2 */
1412
1413 ssid = wpa_config_add_network(wpa_s->conf);
1414 if (!ssid)
1415 return NULL;
1416 wpas_notify_network_added(wpa_s, ssid);
1417 wpa_config_set_network_defaults(ssid);
1418 ssid->disabled = 1;
1419
1420 ssid->ssid = os_malloc(conf->ssid_len);
1421 if (!ssid->ssid)
1422 goto fail;
1423 os_memcpy(ssid->ssid, conf->ssid, conf->ssid_len);
1424 ssid->ssid_len = conf->ssid_len;
1425
1426 if (conf->connector) {
1427 if (dpp_akm_dpp(conf->akm)) {
1428 ssid->key_mgmt = WPA_KEY_MGMT_DPP;
1429 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1430 }
1431 ssid->dpp_connector = os_strdup(conf->connector);
1432 if (!ssid->dpp_connector)
1433 goto fail;
1434
1435 ssid->dpp_connector_privacy =
1436 wpa_s->conf->dpp_connector_privacy_default;
1437 }
1438
1439 if (conf->c_sign_key) {
1440 ssid->dpp_csign = os_malloc(wpabuf_len(conf->c_sign_key));
1441 if (!ssid->dpp_csign)
1442 goto fail;
1443 os_memcpy(ssid->dpp_csign, wpabuf_head(conf->c_sign_key),
1444 wpabuf_len(conf->c_sign_key));
1445 ssid->dpp_csign_len = wpabuf_len(conf->c_sign_key);
1446 }
1447
1448 if (conf->pp_key) {
1449 ssid->dpp_pp_key = os_malloc(wpabuf_len(conf->pp_key));
1450 if (!ssid->dpp_pp_key)
1451 goto fail;
1452 os_memcpy(ssid->dpp_pp_key, wpabuf_head(conf->pp_key),
1453 wpabuf_len(conf->pp_key));
1454 ssid->dpp_pp_key_len = wpabuf_len(conf->pp_key);
1455 }
1456
1457 if (auth->net_access_key) {
1458 ssid->dpp_netaccesskey =
1459 os_malloc(wpabuf_len(auth->net_access_key));
1460 if (!ssid->dpp_netaccesskey)
1461 goto fail;
1462 os_memcpy(ssid->dpp_netaccesskey,
1463 wpabuf_head(auth->net_access_key),
1464 wpabuf_len(auth->net_access_key));
1465 ssid->dpp_netaccesskey_len = wpabuf_len(auth->net_access_key);
1466 ssid->dpp_netaccesskey_expiry = auth->net_access_key_expiry;
1467 }
1468
1469 if (!conf->connector || dpp_akm_psk(conf->akm) ||
1470 dpp_akm_sae(conf->akm)) {
1471 if (!conf->connector || !dpp_akm_dpp(conf->akm))
1472 ssid->key_mgmt = 0;
1473 if (dpp_akm_psk(conf->akm))
1474 ssid->key_mgmt |= WPA_KEY_MGMT_PSK |
1475 WPA_KEY_MGMT_PSK_SHA256 | WPA_KEY_MGMT_FT_PSK;
1476 if (dpp_akm_sae(conf->akm))
1477 ssid->key_mgmt |= WPA_KEY_MGMT_SAE |
1478 WPA_KEY_MGMT_FT_SAE;
1479 if (dpp_akm_psk(conf->akm))
1480 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1481 else
1482 ssid->ieee80211w = MGMT_FRAME_PROTECTION_REQUIRED;
1483 if (conf->passphrase[0]) {
1484 if (wpa_config_set_quoted(ssid, "psk",
1485 conf->passphrase) < 0)
1486 goto fail;
1487 wpa_config_update_psk(ssid);
1488 ssid->export_keys = 1;
1489 } else {
1490 ssid->psk_set = conf->psk_set;
1491 os_memcpy(ssid->psk, conf->psk, PMK_LEN);
1492 }
1493 }
1494
1495 #if defined(CONFIG_DPP2) && defined(IEEE8021X_EAPOL)
1496 if (conf->akm == DPP_AKM_DOT1X) {
1497 int i;
1498 char name[100], blobname[128];
1499 struct wpa_config_blob *blob;
1500
1501 ssid->key_mgmt = WPA_KEY_MGMT_IEEE8021X |
1502 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1503 WPA_KEY_MGMT_IEEE8021X_SHA384;
1504 ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
1505
1506 if (conf->cacert) {
1507 /* caCert is DER-encoded X.509v3 certificate for the
1508 * server certificate if that is different from the
1509 * trust root included in certBag. */
1510 /* TODO: ssid->eap.cert.ca_cert */
1511 }
1512
1513 if (conf->certs) {
1514 for (i = 0; ; i++) {
1515 os_snprintf(name, sizeof(name), "dpp-certs-%d",
1516 i);
1517 if (!wpa_config_get_blob(wpa_s->conf, name))
1518 break;
1519 }
1520
1521 blob = os_zalloc(sizeof(*blob));
1522 if (!blob)
1523 goto fail;
1524 blob->len = wpabuf_len(conf->certs);
1525 blob->name = os_strdup(name);
1526 blob->data = os_malloc(blob->len);
1527 if (!blob->name || !blob->data) {
1528 wpa_config_free_blob(blob);
1529 goto fail;
1530 }
1531 os_memcpy(blob->data, wpabuf_head(conf->certs),
1532 blob->len);
1533 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1534 name);
1535 wpa_config_set_blob(wpa_s->conf, blob);
1536 wpa_printf(MSG_DEBUG, "DPP: Added certificate blob %s",
1537 name);
1538 ssid->eap.cert.client_cert = os_strdup(blobname);
1539 if (!ssid->eap.cert.client_cert)
1540 goto fail;
1541
1542 /* TODO: ssid->eap.identity from own certificate */
1543 if (wpa_config_set(ssid, "identity", "\"dpp-ent\"",
1544 0) < 0)
1545 goto fail;
1546 }
1547
1548 if (auth->priv_key) {
1549 for (i = 0; ; i++) {
1550 os_snprintf(name, sizeof(name), "dpp-key-%d",
1551 i);
1552 if (!wpa_config_get_blob(wpa_s->conf, name))
1553 break;
1554 }
1555
1556 blob = os_zalloc(sizeof(*blob));
1557 if (!blob)
1558 goto fail;
1559 blob->len = wpabuf_len(auth->priv_key);
1560 blob->name = os_strdup(name);
1561 blob->data = os_malloc(blob->len);
1562 if (!blob->name || !blob->data) {
1563 wpa_config_free_blob(blob);
1564 goto fail;
1565 }
1566 os_memcpy(blob->data, wpabuf_head(auth->priv_key),
1567 blob->len);
1568 os_snprintf(blobname, sizeof(blobname), "blob://%s",
1569 name);
1570 wpa_config_set_blob(wpa_s->conf, blob);
1571 wpa_printf(MSG_DEBUG, "DPP: Added private key blob %s",
1572 name);
1573 ssid->eap.cert.private_key = os_strdup(blobname);
1574 if (!ssid->eap.cert.private_key)
1575 goto fail;
1576 }
1577
1578 if (conf->server_name) {
1579 ssid->eap.cert.domain_suffix_match =
1580 os_strdup(conf->server_name);
1581 if (!ssid->eap.cert.domain_suffix_match)
1582 goto fail;
1583 }
1584
1585 /* TODO: Use entCreds::eapMethods */
1586 if (wpa_config_set(ssid, "eap", "TLS", 0) < 0)
1587 goto fail;
1588 }
1589 #endif /* CONFIG_DPP2 && IEEE8021X_EAPOL */
1590
1591 os_memcpy(wpa_s->dpp_last_ssid, conf->ssid, conf->ssid_len);
1592 wpa_s->dpp_last_ssid_len = conf->ssid_len;
1593
1594 return ssid;
1595 fail:
1596 wpas_notify_network_removed(wpa_s, ssid);
1597 wpa_config_remove_network(wpa_s->conf, ssid->id);
1598 return NULL;
1599 }
1600
1601
wpas_dpp_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1602 static int wpas_dpp_process_config(struct wpa_supplicant *wpa_s,
1603 struct dpp_authentication *auth,
1604 struct dpp_config_obj *conf)
1605 {
1606 struct wpa_ssid *ssid;
1607
1608 if (wpa_s->conf->dpp_config_processing < 1)
1609 return 0;
1610
1611 ssid = wpas_dpp_add_network(wpa_s, auth, conf);
1612 if (!ssid)
1613 return -1;
1614
1615 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_NETWORK_ID "%d", ssid->id);
1616 if (wpa_s->conf->dpp_config_processing == 2)
1617 ssid->disabled = 0;
1618
1619 #ifndef CONFIG_NO_CONFIG_WRITE
1620 if (wpa_s->conf->update_config &&
1621 wpa_config_write(wpa_s->confname, wpa_s->conf))
1622 wpa_printf(MSG_DEBUG, "DPP: Failed to update configuration");
1623 #endif /* CONFIG_NO_CONFIG_WRITE */
1624
1625 return 0;
1626 }
1627
1628
wpas_dpp_post_process_config(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth)1629 static void wpas_dpp_post_process_config(struct wpa_supplicant *wpa_s,
1630 struct dpp_authentication *auth)
1631 {
1632 #ifdef CONFIG_DPP2
1633 if (auth->reconfig && wpa_s->dpp_reconfig_ssid &&
1634 wpa_config_get_network(wpa_s->conf, wpa_s->dpp_reconfig_ssid_id) ==
1635 wpa_s->dpp_reconfig_ssid) {
1636 wpa_printf(MSG_DEBUG,
1637 "DPP: Remove reconfigured network profile");
1638 wpas_notify_network_removed(wpa_s, wpa_s->dpp_reconfig_ssid);
1639 wpa_config_remove_network(wpa_s->conf,
1640 wpa_s->dpp_reconfig_ssid_id);
1641 wpa_s->dpp_reconfig_ssid = NULL;
1642 wpa_s->dpp_reconfig_ssid_id = -1;
1643 }
1644 #endif /* CONFIG_DPP2 */
1645
1646 if (wpa_s->conf->dpp_config_processing < 2)
1647 return;
1648
1649 #ifdef CONFIG_DPP2
1650 if (auth->peer_version >= 2) {
1651 wpa_printf(MSG_DEBUG,
1652 "DPP: Postpone connection attempt to wait for completion of DPP Configuration Result");
1653 auth->connect_on_tx_status = 1;
1654 return;
1655 }
1656 #endif /* CONFIG_DPP2 */
1657
1658 wpas_dpp_try_to_connect(wpa_s);
1659 }
1660
1661
wpas_dpp_handle_config_obj(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,struct dpp_config_obj * conf)1662 static int wpas_dpp_handle_config_obj(struct wpa_supplicant *wpa_s,
1663 struct dpp_authentication *auth,
1664 struct dpp_config_obj *conf)
1665 {
1666 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1667 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_AKM "%s",
1668 dpp_akm_str(conf->akm));
1669 if (conf->ssid_len)
1670 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID "%s",
1671 wpa_ssid_txt(conf->ssid, conf->ssid_len));
1672 if (conf->ssid_charset)
1673 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_SSID_CHARSET "%d",
1674 conf->ssid_charset);
1675 if (conf->connector) {
1676 /* TODO: Save the Connector and consider using a command
1677 * to fetch the value instead of sending an event with
1678 * it. The Connector could end up being larger than what
1679 * most clients are ready to receive as an event
1680 * message. */
1681 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONNECTOR "%s",
1682 conf->connector);
1683 }
1684 if (conf->passphrase[0]) {
1685 char hex[64 * 2 + 1];
1686
1687 wpa_snprintf_hex(hex, sizeof(hex),
1688 (const u8 *) conf->passphrase,
1689 os_strlen(conf->passphrase));
1690 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PASS "%s",
1691 hex);
1692 } else if (conf->psk_set) {
1693 char hex[PMK_LEN * 2 + 1];
1694
1695 wpa_snprintf_hex(hex, sizeof(hex), conf->psk, PMK_LEN);
1696 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFOBJ_PSK "%s",
1697 hex);
1698 }
1699 if (conf->c_sign_key) {
1700 char *hex;
1701 size_t hexlen;
1702
1703 hexlen = 2 * wpabuf_len(conf->c_sign_key) + 1;
1704 hex = os_malloc(hexlen);
1705 if (hex) {
1706 wpa_snprintf_hex(hex, hexlen,
1707 wpabuf_head(conf->c_sign_key),
1708 wpabuf_len(conf->c_sign_key));
1709 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_C_SIGN_KEY "%s",
1710 hex);
1711 os_free(hex);
1712 }
1713 }
1714 if (conf->pp_key) {
1715 char *hex;
1716 size_t hexlen;
1717
1718 hexlen = 2 * wpabuf_len(conf->pp_key) + 1;
1719 hex = os_malloc(hexlen);
1720 if (hex) {
1721 wpa_snprintf_hex(hex, hexlen,
1722 wpabuf_head(conf->pp_key),
1723 wpabuf_len(conf->pp_key));
1724 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PP_KEY "%s", hex);
1725 os_free(hex);
1726 }
1727 }
1728 if (auth->net_access_key) {
1729 char *hex;
1730 size_t hexlen;
1731
1732 hexlen = 2 * wpabuf_len(auth->net_access_key) + 1;
1733 hex = os_malloc(hexlen);
1734 if (hex) {
1735 wpa_snprintf_hex(hex, hexlen,
1736 wpabuf_head(auth->net_access_key),
1737 wpabuf_len(auth->net_access_key));
1738 if (auth->net_access_key_expiry)
1739 wpa_msg(wpa_s, MSG_INFO,
1740 DPP_EVENT_NET_ACCESS_KEY "%s %lu", hex,
1741 (long unsigned)
1742 auth->net_access_key_expiry);
1743 else
1744 wpa_msg(wpa_s, MSG_INFO,
1745 DPP_EVENT_NET_ACCESS_KEY "%s", hex);
1746 os_free(hex);
1747 }
1748 }
1749
1750 #ifdef CONFIG_DPP2
1751 if (conf->certbag) {
1752 char *b64;
1753
1754 b64 = base64_encode_no_lf(wpabuf_head(conf->certbag),
1755 wpabuf_len(conf->certbag), NULL);
1756 if (b64)
1757 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CERTBAG "%s", b64);
1758 os_free(b64);
1759 }
1760
1761 if (conf->cacert) {
1762 char *b64;
1763
1764 b64 = base64_encode_no_lf(wpabuf_head(conf->cacert),
1765 wpabuf_len(conf->cacert), NULL);
1766 if (b64)
1767 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CACERT "%s", b64);
1768 os_free(b64);
1769 }
1770
1771 if (conf->server_name)
1772 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_SERVER_NAME "%s",
1773 conf->server_name);
1774 #endif /* CONFIG_DPP2 */
1775
1776 #ifdef CONFIG_DPP3
1777 if (!wpa_s->dpp_pb_result_indicated) {
1778 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT "success");
1779 wpa_s->dpp_pb_result_indicated = true;
1780 }
1781
1782 #endif /* CONFIG_DPP3 */
1783
1784 return wpas_dpp_process_config(wpa_s, auth, conf);
1785 }
1786
1787
wpas_dpp_handle_key_pkg(struct wpa_supplicant * wpa_s,struct dpp_asymmetric_key * key)1788 static int wpas_dpp_handle_key_pkg(struct wpa_supplicant *wpa_s,
1789 struct dpp_asymmetric_key *key)
1790 {
1791 #ifdef CONFIG_DPP2
1792 int res;
1793
1794 if (!key)
1795 return 0;
1796
1797 wpa_printf(MSG_DEBUG, "DPP: Received Configurator backup");
1798 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_RECEIVED);
1799 wpa_s->dpp_conf_backup_received = true;
1800
1801 while (key) {
1802 res = dpp_configurator_from_backup(wpa_s->dpp, key);
1803 if (res < 0)
1804 return -1;
1805 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONFIGURATOR_ID "%d",
1806 res);
1807 key = key->next;
1808 }
1809 #endif /* CONFIG_DPP2 */
1810
1811 return 0;
1812 }
1813
1814
1815 #ifdef CONFIG_DPP2
wpas_dpp_build_csr(void * eloop_ctx,void * timeout_ctx)1816 static void wpas_dpp_build_csr(void *eloop_ctx, void *timeout_ctx)
1817 {
1818 struct wpa_supplicant *wpa_s = eloop_ctx;
1819 struct dpp_authentication *auth = wpa_s->dpp_auth;
1820
1821 if (!auth || !auth->csrattrs)
1822 return;
1823
1824 wpa_printf(MSG_DEBUG, "DPP: Build CSR");
1825 wpabuf_free(auth->csr);
1826 /* TODO: Additional information needed for CSR based on csrAttrs */
1827 auth->csr = dpp_build_csr(auth, wpa_s->conf->dpp_name ?
1828 wpa_s->conf->dpp_name : "Test");
1829 if (!auth->csr) {
1830 dpp_auth_deinit(wpa_s->dpp_auth);
1831 wpa_s->dpp_auth = NULL;
1832 return;
1833 }
1834
1835 wpas_dpp_start_gas_client(wpa_s);
1836 }
1837 #endif /* CONFIG_DPP2 */
1838
1839
1840 #ifdef CONFIG_DPP3
wpas_dpp_build_new_key(void * eloop_ctx,void * timeout_ctx)1841 static void wpas_dpp_build_new_key(void *eloop_ctx, void *timeout_ctx)
1842 {
1843 struct wpa_supplicant *wpa_s = eloop_ctx;
1844 struct dpp_authentication *auth = wpa_s->dpp_auth;
1845
1846 if (!auth || !auth->waiting_new_key)
1847 return;
1848
1849 wpa_printf(MSG_DEBUG, "DPP: Build config request with a new key");
1850 wpas_dpp_start_gas_client(wpa_s);
1851 }
1852 #endif /* CONFIG_DPP3 */
1853
1854
wpas_dpp_gas_resp_cb(void * ctx,const u8 * addr,u8 dialog_token,enum gas_query_result result,const struct wpabuf * adv_proto,const struct wpabuf * resp,u16 status_code)1855 static void wpas_dpp_gas_resp_cb(void *ctx, const u8 *addr, u8 dialog_token,
1856 enum gas_query_result result,
1857 const struct wpabuf *adv_proto,
1858 const struct wpabuf *resp, u16 status_code)
1859 {
1860 struct wpa_supplicant *wpa_s = ctx;
1861 const u8 *pos;
1862 struct dpp_authentication *auth = wpa_s->dpp_auth;
1863 int res;
1864 enum dpp_status_error status = DPP_STATUS_CONFIG_REJECTED;
1865 unsigned int i;
1866
1867 eloop_cancel_timeout(wpas_dpp_gas_client_timeout, wpa_s, NULL);
1868 wpa_s->dpp_gas_dialog_token = -1;
1869
1870 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
1871 !ether_addr_equal(addr, auth->peer_mac_addr)) {
1872 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
1873 return;
1874 }
1875 if (result != GAS_QUERY_SUCCESS ||
1876 !resp || status_code != WLAN_STATUS_SUCCESS) {
1877 wpa_printf(MSG_DEBUG, "DPP: GAS query did not succeed");
1878 goto fail;
1879 }
1880
1881 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response adv_proto",
1882 adv_proto);
1883 wpa_hexdump_buf(MSG_DEBUG, "DPP: Configuration Response (GAS response)",
1884 resp);
1885
1886 if (wpabuf_len(adv_proto) != 10 ||
1887 !(pos = wpabuf_head(adv_proto)) ||
1888 pos[0] != WLAN_EID_ADV_PROTO ||
1889 pos[1] != 8 ||
1890 pos[3] != WLAN_EID_VENDOR_SPECIFIC ||
1891 pos[4] != 5 ||
1892 WPA_GET_BE24(&pos[5]) != OUI_WFA ||
1893 pos[8] != 0x1a ||
1894 pos[9] != 1) {
1895 wpa_printf(MSG_DEBUG,
1896 "DPP: Not a DPP Advertisement Protocol ID");
1897 goto fail;
1898 }
1899
1900 res = dpp_conf_resp_rx(auth, resp);
1901 #ifdef CONFIG_DPP2
1902 if (res == -2) {
1903 wpa_printf(MSG_DEBUG, "DPP: CSR needed");
1904 eloop_register_timeout(0, 0, wpas_dpp_build_csr, wpa_s, NULL);
1905 return;
1906 }
1907 #endif /* CONFIG_DPP2 */
1908 #ifdef CONFIG_DPP3
1909 if (res == -3) {
1910 wpa_printf(MSG_DEBUG, "DPP: New protocol key needed");
1911 eloop_register_timeout(0, 0, wpas_dpp_build_new_key, wpa_s,
1912 NULL);
1913 return;
1914 }
1915 #endif /* CONFIG_DPP3 */
1916 if (res < 0) {
1917 wpa_printf(MSG_DEBUG, "DPP: Configuration attempt failed");
1918 goto fail;
1919 }
1920
1921 wpa_s->dpp_conf_backup_received = false;
1922 for (i = 0; i < auth->num_conf_obj; i++) {
1923 res = wpas_dpp_handle_config_obj(wpa_s, auth,
1924 &auth->conf_obj[i]);
1925 if (res < 0)
1926 goto fail;
1927 }
1928 if (auth->num_conf_obj)
1929 wpas_dpp_post_process_config(wpa_s, auth);
1930 if (wpas_dpp_handle_key_pkg(wpa_s, auth->conf_key_pkg) < 0)
1931 goto fail;
1932
1933 status = DPP_STATUS_OK;
1934 #ifdef CONFIG_TESTING_OPTIONS
1935 if (dpp_test == DPP_TEST_REJECT_CONFIG) {
1936 wpa_printf(MSG_INFO, "DPP: TESTING - Reject Config Object");
1937 status = DPP_STATUS_CONFIG_REJECTED;
1938 }
1939 #endif /* CONFIG_TESTING_OPTIONS */
1940 fail:
1941 if (status != DPP_STATUS_OK)
1942 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1943 #ifdef CONFIG_DPP2
1944 if (auth->peer_version >= 2 &&
1945 auth->conf_resp_status == DPP_STATUS_OK) {
1946 struct wpabuf *msg;
1947
1948 wpa_printf(MSG_DEBUG, "DPP: Send DPP Configuration Result");
1949 msg = dpp_build_conf_result(auth, status);
1950 if (!msg)
1951 goto fail2;
1952
1953 wpa_msg(wpa_s, MSG_INFO,
1954 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
1955 MAC2STR(addr), auth->curr_freq,
1956 DPP_PA_CONFIGURATION_RESULT);
1957 offchannel_send_action(wpa_s, auth->curr_freq,
1958 addr, wpa_s->own_addr, broadcast,
1959 wpabuf_head(msg),
1960 wpabuf_len(msg),
1961 500, wpas_dpp_tx_status, 0);
1962 wpabuf_free(msg);
1963
1964 /* This exchange will be terminated in the TX status handler */
1965 if (wpa_s->conf->dpp_config_processing < 2 ||
1966 wpa_s->dpp_conf_backup_received)
1967 auth->remove_on_tx_status = 1;
1968 return;
1969 }
1970 fail2:
1971 #endif /* CONFIG_DPP2 */
1972 dpp_auth_deinit(wpa_s->dpp_auth);
1973 wpa_s->dpp_auth = NULL;
1974 }
1975
1976
wpas_dpp_gas_client_timeout(void * eloop_ctx,void * timeout_ctx)1977 static void wpas_dpp_gas_client_timeout(void *eloop_ctx, void *timeout_ctx)
1978 {
1979 struct wpa_supplicant *wpa_s = eloop_ctx;
1980 struct dpp_authentication *auth = wpa_s->dpp_auth;
1981
1982 if (!wpa_s->dpp_gas_client || !auth ||
1983 (!auth->auth_success && !auth->reconfig_success))
1984 return;
1985
1986 wpa_printf(MSG_DEBUG, "DPP: Timeout while waiting for Config Response");
1987 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
1988 dpp_auth_deinit(wpa_s->dpp_auth);
1989 wpa_s->dpp_auth = NULL;
1990 }
1991
1992
wpas_dpp_start_gas_client(struct wpa_supplicant * wpa_s)1993 static void wpas_dpp_start_gas_client(struct wpa_supplicant *wpa_s)
1994 {
1995 struct dpp_authentication *auth = wpa_s->dpp_auth;
1996 struct wpabuf *buf;
1997 int res;
1998 int *supp_op_classes;
1999
2000 wpa_s->dpp_gas_client = 1;
2001 offchannel_send_action_done(wpa_s);
2002 wpas_dpp_listen_stop(wpa_s);
2003
2004 #ifdef CONFIG_NO_RRM
2005 supp_op_classes = NULL;
2006 #else /* CONFIG_NO_RRM */
2007 supp_op_classes = wpas_supp_op_classes(wpa_s);
2008 #endif /* CONFIG_NO_RRM */
2009 buf = dpp_build_conf_req_helper(auth, wpa_s->conf->dpp_name,
2010 wpa_s->dpp_netrole,
2011 wpa_s->conf->dpp_mud_url,
2012 supp_op_classes,
2013 wpa_s->conf->dpp_extra_conf_req_name,
2014 wpa_s->conf->dpp_extra_conf_req_value);
2015 os_free(supp_op_classes);
2016 if (!buf) {
2017 wpa_printf(MSG_DEBUG,
2018 "DPP: No configuration request data available");
2019 return;
2020 }
2021
2022 wpa_printf(MSG_DEBUG, "DPP: GAS request to " MACSTR " (freq %u MHz)",
2023 MAC2STR(auth->peer_mac_addr), auth->curr_freq);
2024
2025 /* Use a 120 second timeout since the gas_query_req() operation could
2026 * remain waiting indefinitely for the response if the Configurator
2027 * keeps sending out comeback responses with additional delay. The
2028 * DPP technical specification expects the Enrollee to continue sending
2029 * out new Config Requests for 60 seconds, so this gives an extra 60
2030 * second time after the last expected new Config Request for the
2031 * Configurator to determine what kind of configuration to provide. */
2032 eloop_register_timeout(120, 0, wpas_dpp_gas_client_timeout,
2033 wpa_s, NULL);
2034
2035 res = gas_query_req(wpa_s->gas, auth->peer_mac_addr, auth->curr_freq,
2036 1, 1, buf, wpas_dpp_gas_resp_cb, wpa_s);
2037 if (res < 0) {
2038 wpa_msg(wpa_s, MSG_DEBUG, "GAS: Failed to send Query Request");
2039 wpabuf_free(buf);
2040 } else {
2041 wpa_printf(MSG_DEBUG,
2042 "DPP: GAS query started with dialog token %u", res);
2043 wpa_s->dpp_gas_dialog_token = res;
2044 }
2045 }
2046
2047
wpas_dpp_auth_success(struct wpa_supplicant * wpa_s,int initiator)2048 static void wpas_dpp_auth_success(struct wpa_supplicant *wpa_s, int initiator)
2049 {
2050 wpa_printf(MSG_DEBUG, "DPP: Authentication succeeded");
2051 dpp_notify_auth_success(wpa_s->dpp_auth, initiator);
2052 #ifdef CONFIG_TESTING_OPTIONS
2053 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) {
2054 wpa_printf(MSG_INFO,
2055 "DPP: TESTING - stop at Authentication Confirm");
2056 if (wpa_s->dpp_auth->configurator) {
2057 /* Prevent GAS response */
2058 wpa_s->dpp_auth->auth_success = 0;
2059 }
2060 return;
2061 }
2062 #endif /* CONFIG_TESTING_OPTIONS */
2063
2064 if (wpa_s->dpp_auth->configurator)
2065 wpas_dpp_start_gas_server(wpa_s);
2066 else
2067 wpas_dpp_start_gas_client(wpa_s);
2068 }
2069
2070
wpas_dpp_rx_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2071 static void wpas_dpp_rx_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2072 const u8 *hdr, const u8 *buf, size_t len,
2073 unsigned int freq)
2074 {
2075 struct dpp_authentication *auth = wpa_s->dpp_auth;
2076 struct wpabuf *msg;
2077
2078 wpa_printf(MSG_DEBUG, "DPP: Authentication Response from " MACSTR
2079 " (freq %u MHz)", MAC2STR(src), freq);
2080
2081 if (!auth) {
2082 wpa_printf(MSG_DEBUG,
2083 "DPP: No DPP Authentication in progress - drop");
2084 return;
2085 }
2086
2087 if (!is_zero_ether_addr(auth->peer_mac_addr) &&
2088 !ether_addr_equal(src, auth->peer_mac_addr)) {
2089 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2090 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2091 return;
2092 }
2093
2094 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
2095
2096 if (auth->curr_freq != freq && auth->neg_freq == freq) {
2097 wpa_printf(MSG_DEBUG,
2098 "DPP: Responder accepted request for different negotiation channel");
2099 auth->curr_freq = freq;
2100 }
2101
2102 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
2103 msg = dpp_auth_resp_rx(auth, hdr, buf, len);
2104 if (!msg) {
2105 if (auth->auth_resp_status == DPP_STATUS_RESPONSE_PENDING) {
2106 wpa_printf(MSG_DEBUG,
2107 "DPP: Start wait for full response");
2108 offchannel_send_action_done(wpa_s);
2109 wpas_dpp_listen_start(wpa_s, auth->curr_freq);
2110 return;
2111 }
2112 wpa_printf(MSG_DEBUG, "DPP: No confirm generated");
2113 return;
2114 }
2115 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2116
2117 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2118 MAC2STR(src), auth->curr_freq, DPP_PA_AUTHENTICATION_CONF);
2119 offchannel_send_action(wpa_s, auth->curr_freq,
2120 src, wpa_s->own_addr, broadcast,
2121 wpabuf_head(msg), wpabuf_len(msg),
2122 500, wpas_dpp_tx_status, 0);
2123 wpabuf_free(msg);
2124 wpa_s->dpp_auth_ok_on_ack = 1;
2125 }
2126
2127
wpas_dpp_rx_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2128 static void wpas_dpp_rx_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
2129 const u8 *hdr, const u8 *buf, size_t len)
2130 {
2131 struct dpp_authentication *auth = wpa_s->dpp_auth;
2132
2133 wpa_printf(MSG_DEBUG, "DPP: Authentication Confirmation from " MACSTR,
2134 MAC2STR(src));
2135
2136 if (!auth) {
2137 wpa_printf(MSG_DEBUG,
2138 "DPP: No DPP Authentication in progress - drop");
2139 return;
2140 }
2141
2142 if (!ether_addr_equal(src, auth->peer_mac_addr)) {
2143 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2144 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2145 return;
2146 }
2147
2148 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
2149
2150 if (dpp_auth_conf_rx(auth, hdr, buf, len) < 0) {
2151 wpa_printf(MSG_DEBUG, "DPP: Authentication failed");
2152 return;
2153 }
2154
2155 wpas_dpp_auth_success(wpa_s, 0);
2156 }
2157
2158
2159 #ifdef CONFIG_DPP2
2160
wpas_dpp_config_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)2161 static void wpas_dpp_config_result_wait_timeout(void *eloop_ctx,
2162 void *timeout_ctx)
2163 {
2164 struct wpa_supplicant *wpa_s = eloop_ctx;
2165 struct dpp_authentication *auth = wpa_s->dpp_auth;
2166
2167 if (!auth || !auth->waiting_conf_result)
2168 return;
2169
2170 wpa_printf(MSG_DEBUG,
2171 "DPP: Timeout while waiting for Configuration Result");
2172 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
2173 dpp_auth_deinit(auth);
2174 wpa_s->dpp_auth = NULL;
2175 }
2176
2177
wpas_dpp_conn_status_result_wait_timeout(void * eloop_ctx,void * timeout_ctx)2178 static void wpas_dpp_conn_status_result_wait_timeout(void *eloop_ctx,
2179 void *timeout_ctx)
2180 {
2181 struct wpa_supplicant *wpa_s = eloop_ctx;
2182 struct dpp_authentication *auth = wpa_s->dpp_auth;
2183
2184 if (!auth || !auth->waiting_conn_status_result)
2185 return;
2186
2187 wpa_printf(MSG_DEBUG,
2188 "DPP: Timeout while waiting for Connection Status Result");
2189 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT "timeout");
2190 wpas_dpp_listen_stop(wpa_s);
2191 dpp_auth_deinit(auth);
2192 wpa_s->dpp_auth = NULL;
2193 }
2194
2195
2196 #ifdef CONFIG_DPP3
2197
wpas_dpp_pb_active(struct wpa_supplicant * wpa_s)2198 static bool wpas_dpp_pb_active(struct wpa_supplicant *wpa_s)
2199 {
2200 return (wpa_s->dpp_pb_time.sec || wpa_s->dpp_pb_time.usec) &&
2201 wpa_s->dpp_pb_configurator;
2202 }
2203
2204
wpas_dpp_remove_pb_hash(struct wpa_supplicant * wpa_s)2205 static void wpas_dpp_remove_pb_hash(struct wpa_supplicant *wpa_s)
2206 {
2207 int i;
2208
2209 if (!wpa_s->dpp_pb_bi)
2210 return;
2211 for (i = 0; i < DPP_PB_INFO_COUNT; i++) {
2212 struct dpp_pb_info *info = &wpa_s->dpp_pb[i];
2213
2214 if (info->rx_time.sec == 0 && info->rx_time.usec == 0)
2215 continue;
2216 if (os_memcmp(info->hash, wpa_s->dpp_pb_resp_hash,
2217 SHA256_MAC_LEN) == 0) {
2218 /* Allow a new push button session to be established
2219 * immediately without the successfully completed
2220 * session triggering session overlap. */
2221 info->rx_time.sec = 0;
2222 info->rx_time.usec = 0;
2223 wpa_printf(MSG_DEBUG,
2224 "DPP: Removed PB hash from session overlap detection due to successfully completed provisioning");
2225 }
2226 }
2227 }
2228
2229 #endif /* CONFIG_DPP3 */
2230
2231
wpas_dpp_rx_conf_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2232 static void wpas_dpp_rx_conf_result(struct wpa_supplicant *wpa_s, const u8 *src,
2233 const u8 *hdr, const u8 *buf, size_t len)
2234 {
2235 struct dpp_authentication *auth = wpa_s->dpp_auth;
2236 enum dpp_status_error status;
2237
2238 wpa_printf(MSG_DEBUG, "DPP: Configuration Result from " MACSTR,
2239 MAC2STR(src));
2240
2241 if (!auth || !auth->waiting_conf_result) {
2242 if (auth &&
2243 ether_addr_equal(src, auth->peer_mac_addr) &&
2244 gas_server_response_sent(wpa_s->gas_server,
2245 auth->gas_server_ctx)) {
2246 /* This could happen if the TX status event gets delayed
2247 * long enough for the Enrollee to have time to send
2248 * the next frame before the TX status gets processed
2249 * locally. */
2250 wpa_printf(MSG_DEBUG,
2251 "DPP: GAS response was sent but TX status not yet received - assume it was ACKed since the Enrollee sent the next frame in the sequence");
2252 auth->waiting_conf_result = 1;
2253 } else {
2254 wpa_printf(MSG_DEBUG,
2255 "DPP: No DPP Configuration waiting for result - drop");
2256 return;
2257 }
2258 }
2259
2260 if (!ether_addr_equal(src, auth->peer_mac_addr)) {
2261 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2262 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2263 return;
2264 }
2265
2266 status = dpp_conf_result_rx(auth, hdr, buf, len);
2267
2268 if (status == DPP_STATUS_OK && auth->send_conn_status) {
2269 int freq;
2270
2271 wpa_msg(wpa_s, MSG_INFO,
2272 DPP_EVENT_CONF_SENT "wait_conn_status=1 conf_status=%d",
2273 auth->conf_resp_status);
2274 wpa_printf(MSG_DEBUG, "DPP: Wait for Connection Status Result");
2275 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
2276 wpa_s, NULL);
2277 auth->waiting_conn_status_result = 1;
2278 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2279 wpa_s, NULL);
2280 eloop_register_timeout(16, 0,
2281 wpas_dpp_conn_status_result_wait_timeout,
2282 wpa_s, NULL);
2283 offchannel_send_action_done(wpa_s);
2284 freq = auth->neg_freq ? auth->neg_freq : auth->curr_freq;
2285 if (!wpa_s->dpp_in_response_listen ||
2286 (int) wpa_s->dpp_listen_freq != freq)
2287 wpas_dpp_listen_start(wpa_s, freq);
2288 return;
2289 }
2290 offchannel_send_action_done(wpa_s);
2291 wpas_dpp_listen_stop(wpa_s);
2292 if (status == DPP_STATUS_OK)
2293 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT "conf_status=%d",
2294 auth->conf_resp_status);
2295 else
2296 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
2297 dpp_auth_deinit(auth);
2298 wpa_s->dpp_auth = NULL;
2299 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
2300 #ifdef CONFIG_DPP3
2301 if (!wpa_s->dpp_pb_result_indicated && wpas_dpp_pb_active(wpa_s)) {
2302 if (status == DPP_STATUS_OK)
2303 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT
2304 "success");
2305 else
2306 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT
2307 "no-configuration-available");
2308 wpa_s->dpp_pb_result_indicated = true;
2309 if (status == DPP_STATUS_OK)
2310 wpas_dpp_remove_pb_hash(wpa_s);
2311 wpas_dpp_push_button_stop(wpa_s);
2312 }
2313 #endif /* CONFIG_DPP3 */
2314 }
2315
2316
wpas_dpp_rx_conn_status_result(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len)2317 static void wpas_dpp_rx_conn_status_result(struct wpa_supplicant *wpa_s,
2318 const u8 *src, const u8 *hdr,
2319 const u8 *buf, size_t len)
2320 {
2321 struct dpp_authentication *auth = wpa_s->dpp_auth;
2322 enum dpp_status_error status;
2323 u8 ssid[SSID_MAX_LEN];
2324 size_t ssid_len = 0;
2325 char *channel_list = NULL;
2326
2327 wpa_printf(MSG_DEBUG, "DPP: Connection Status Result");
2328
2329 if (!auth || !auth->waiting_conn_status_result) {
2330 wpa_printf(MSG_DEBUG,
2331 "DPP: No DPP Configuration waiting for connection status result - drop");
2332 return;
2333 }
2334
2335 status = dpp_conn_status_result_rx(auth, hdr, buf, len,
2336 ssid, &ssid_len, &channel_list);
2337 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONN_STATUS_RESULT
2338 "result=%d ssid=%s channel_list=%s",
2339 status, wpa_ssid_txt(ssid, ssid_len),
2340 channel_list ? channel_list : "N/A");
2341 os_free(channel_list);
2342 offchannel_send_action_done(wpa_s);
2343 wpas_dpp_listen_stop(wpa_s);
2344 dpp_auth_deinit(auth);
2345 wpa_s->dpp_auth = NULL;
2346 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
2347 wpa_s, NULL);
2348 }
2349
2350
wpas_dpp_process_conf_obj(void * ctx,struct dpp_authentication * auth)2351 static int wpas_dpp_process_conf_obj(void *ctx,
2352 struct dpp_authentication *auth)
2353 {
2354 struct wpa_supplicant *wpa_s = ctx;
2355 unsigned int i;
2356 int res = -1;
2357
2358 for (i = 0; i < auth->num_conf_obj; i++) {
2359 res = wpas_dpp_handle_config_obj(wpa_s, auth,
2360 &auth->conf_obj[i]);
2361 if (res)
2362 break;
2363 }
2364 if (!res)
2365 wpas_dpp_post_process_config(wpa_s, auth);
2366
2367 return res;
2368 }
2369
2370
wpas_dpp_tcp_msg_sent(void * ctx,struct dpp_authentication * auth)2371 static bool wpas_dpp_tcp_msg_sent(void *ctx, struct dpp_authentication *auth)
2372 {
2373 struct wpa_supplicant *wpa_s = ctx;
2374
2375 wpa_printf(MSG_DEBUG, "DPP: TCP message sent callback");
2376
2377 if (auth->connect_on_tx_status) {
2378 auth->connect_on_tx_status = 0;
2379 wpa_printf(MSG_DEBUG,
2380 "DPP: Try to connect after completed configuration result");
2381 wpas_dpp_try_to_connect(wpa_s);
2382 if (auth->conn_status_requested) {
2383 wpa_printf(MSG_DEBUG,
2384 "DPP: Start 15 second timeout for reporting connection status result");
2385 eloop_cancel_timeout(
2386 wpas_dpp_conn_status_result_timeout,
2387 wpa_s, NULL);
2388 eloop_register_timeout(
2389 15, 0, wpas_dpp_conn_status_result_timeout,
2390 wpa_s, NULL);
2391 return true;
2392 }
2393 }
2394
2395 return false;
2396 }
2397
2398
wpas_dpp_remove_bi(void * ctx,struct dpp_bootstrap_info * bi)2399 static void wpas_dpp_remove_bi(void *ctx, struct dpp_bootstrap_info *bi)
2400 {
2401 struct wpa_supplicant *wpa_s = ctx;
2402
2403 if (bi == wpa_s->dpp_chirp_bi)
2404 wpas_dpp_chirp_stop(wpa_s);
2405 }
2406
2407
2408 static void
wpas_dpp_rx_presence_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2409 wpas_dpp_rx_presence_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2410 const u8 *hdr, const u8 *buf, size_t len,
2411 unsigned int freq)
2412 {
2413 const u8 *r_bootstrap;
2414 u16 r_bootstrap_len;
2415 struct dpp_bootstrap_info *peer_bi;
2416 struct dpp_authentication *auth;
2417 unsigned int wait_time, max_wait_time;
2418
2419 if (!wpa_s->dpp)
2420 return;
2421
2422 if (wpa_s->dpp_auth) {
2423 wpa_printf(MSG_DEBUG,
2424 "DPP: Ignore Presence Announcement during ongoing Authentication");
2425 return;
2426 }
2427
2428 wpa_printf(MSG_DEBUG, "DPP: Presence Announcement from " MACSTR,
2429 MAC2STR(src));
2430
2431 r_bootstrap = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
2432 &r_bootstrap_len);
2433 if (!r_bootstrap || r_bootstrap_len != SHA256_MAC_LEN) {
2434 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2435 "Missing or invalid required Responder Bootstrapping Key Hash attribute");
2436 return;
2437 }
2438 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
2439 r_bootstrap, r_bootstrap_len);
2440 peer_bi = dpp_bootstrap_find_chirp(wpa_s->dpp, r_bootstrap);
2441 dpp_notify_chirp_received(wpa_s, peer_bi ? (int) peer_bi->id : -1, src,
2442 freq, r_bootstrap);
2443 if (!peer_bi) {
2444 wpa_printf(MSG_DEBUG,
2445 "DPP: No matching bootstrapping information found");
2446 return;
2447 }
2448
2449 wpa_printf(MSG_DEBUG, "DPP: Start Authentication exchange with " MACSTR
2450 " based on the received Presence Announcement",
2451 MAC2STR(src));
2452 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, NULL,
2453 DPP_CAPAB_CONFIGURATOR, freq, NULL, 0);
2454 if (!auth)
2455 return;
2456 wpas_dpp_set_testing_options(wpa_s, auth);
2457 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2458 dpp_auth_deinit(auth);
2459 return;
2460 }
2461
2462 auth->neg_freq = freq;
2463
2464 /* The source address of the Presence Announcement frame overrides any
2465 * MAC address information from the bootstrapping information. */
2466 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2467
2468 wait_time = wpa_s->max_remain_on_chan;
2469 max_wait_time = wpa_s->dpp_resp_wait_time ?
2470 wpa_s->dpp_resp_wait_time : 2000;
2471 if (wait_time > max_wait_time)
2472 wait_time = max_wait_time;
2473 wpas_dpp_stop_listen_for_tx(wpa_s, freq, wait_time);
2474
2475 wpa_s->dpp_auth = auth;
2476 if (wpas_dpp_auth_init_next(wpa_s) < 0) {
2477 dpp_auth_deinit(wpa_s->dpp_auth);
2478 wpa_s->dpp_auth = NULL;
2479 }
2480 }
2481
2482
wpas_dpp_reconfig_reply_wait_timeout(void * eloop_ctx,void * timeout_ctx)2483 static void wpas_dpp_reconfig_reply_wait_timeout(void *eloop_ctx,
2484 void *timeout_ctx)
2485 {
2486 struct wpa_supplicant *wpa_s = eloop_ctx;
2487 struct dpp_authentication *auth = wpa_s->dpp_auth;
2488
2489 if (!auth)
2490 return;
2491
2492 wpa_printf(MSG_DEBUG, "DPP: Reconfig Reply wait timeout");
2493 offchannel_send_action_done(wpa_s);
2494 wpas_dpp_listen_stop(wpa_s);
2495 dpp_auth_deinit(auth);
2496 wpa_s->dpp_auth = NULL;
2497 }
2498
2499
2500 static void
wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2501 wpas_dpp_rx_reconfig_announcement(struct wpa_supplicant *wpa_s, const u8 *src,
2502 const u8 *hdr, const u8 *buf, size_t len,
2503 unsigned int freq)
2504 {
2505 const u8 *csign_hash, *fcgroup, *a_nonce, *e_id;
2506 u16 csign_hash_len, fcgroup_len, a_nonce_len, e_id_len;
2507 struct dpp_configurator *conf;
2508 struct dpp_authentication *auth;
2509 unsigned int wait_time, max_wait_time;
2510 u16 group;
2511
2512 if (!wpa_s->dpp)
2513 return;
2514
2515 if (wpa_s->dpp_auth) {
2516 wpa_printf(MSG_DEBUG,
2517 "DPP: Ignore Reconfig Announcement during ongoing Authentication");
2518 return;
2519 }
2520
2521 wpa_printf(MSG_DEBUG, "DPP: Reconfig Announcement from " MACSTR,
2522 MAC2STR(src));
2523
2524 csign_hash = dpp_get_attr(buf, len, DPP_ATTR_C_SIGN_KEY_HASH,
2525 &csign_hash_len);
2526 if (!csign_hash || csign_hash_len != SHA256_MAC_LEN) {
2527 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2528 "Missing or invalid required Configurator C-sign key Hash attribute");
2529 return;
2530 }
2531 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator C-sign key Hash (kid)",
2532 csign_hash, csign_hash_len);
2533 conf = dpp_configurator_find_kid(wpa_s->dpp, csign_hash);
2534 if (!conf) {
2535 wpa_printf(MSG_DEBUG,
2536 "DPP: No matching Configurator information found");
2537 return;
2538 }
2539
2540 fcgroup = dpp_get_attr(buf, len, DPP_ATTR_FINITE_CYCLIC_GROUP,
2541 &fcgroup_len);
2542 if (!fcgroup || fcgroup_len != 2) {
2543 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
2544 "Missing or invalid required Finite Cyclic Group attribute");
2545 return;
2546 }
2547 group = WPA_GET_LE16(fcgroup);
2548 wpa_printf(MSG_DEBUG, "DPP: Enrollee finite cyclic group: %u", group);
2549
2550 a_nonce = dpp_get_attr(buf, len, DPP_ATTR_A_NONCE, &a_nonce_len);
2551 e_id = dpp_get_attr(buf, len, DPP_ATTR_E_PRIME_ID, &e_id_len);
2552
2553 auth = dpp_reconfig_init(wpa_s->dpp, wpa_s, conf, freq, group,
2554 a_nonce, a_nonce_len, e_id, e_id_len);
2555 if (!auth)
2556 return;
2557 wpas_dpp_set_testing_options(wpa_s, auth);
2558 if (dpp_set_configurator(auth, wpa_s->dpp_configurator_params) < 0) {
2559 dpp_auth_deinit(auth);
2560 return;
2561 }
2562
2563 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2564 wpa_s->dpp_auth = auth;
2565
2566 wpa_s->dpp_in_response_listen = 0;
2567 wpa_s->dpp_auth_ok_on_ack = 0;
2568 wait_time = wpa_s->max_remain_on_chan;
2569 max_wait_time = wpa_s->dpp_resp_wait_time ?
2570 wpa_s->dpp_resp_wait_time : 2000;
2571 if (wait_time > max_wait_time)
2572 wait_time = max_wait_time;
2573 wait_time += 10; /* give the driver some extra time to complete */
2574 eloop_register_timeout(wait_time / 1000, (wait_time % 1000) * 1000,
2575 wpas_dpp_reconfig_reply_wait_timeout,
2576 wpa_s, NULL);
2577 wait_time -= 10;
2578
2579 wpas_dpp_stop_listen_for_tx(wpa_s, freq, wait_time);
2580
2581 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2582 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_REQ);
2583 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2584 wpabuf_head(auth->reconfig_req_msg),
2585 wpabuf_len(auth->reconfig_req_msg),
2586 wait_time, wpas_dpp_tx_status, 0) < 0) {
2587 dpp_auth_deinit(wpa_s->dpp_auth);
2588 wpa_s->dpp_auth = NULL;
2589 }
2590 }
2591
2592
2593 static void
wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2594 wpas_dpp_rx_reconfig_auth_req(struct wpa_supplicant *wpa_s, const u8 *src,
2595 const u8 *hdr, const u8 *buf, size_t len,
2596 unsigned int freq)
2597 {
2598 struct wpa_ssid *ssid;
2599 struct dpp_authentication *auth;
2600
2601 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Request from "
2602 MACSTR, MAC2STR(src));
2603
2604 if (!wpa_s->dpp)
2605 return;
2606 if (wpa_s->dpp_auth) {
2607 wpa_printf(MSG_DEBUG,
2608 "DPP: Not ready for reconfiguration - pending authentication exchange in progress");
2609 return;
2610 }
2611 if (!wpa_s->dpp_reconfig_ssid) {
2612 wpa_printf(MSG_DEBUG,
2613 "DPP: Not ready for reconfiguration - not requested");
2614 return;
2615 }
2616 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2617 if (ssid == wpa_s->dpp_reconfig_ssid &&
2618 ssid->id == wpa_s->dpp_reconfig_ssid_id)
2619 break;
2620 }
2621 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2622 !ssid->dpp_csign) {
2623 wpa_printf(MSG_DEBUG,
2624 "DPP: Not ready for reconfiguration - no matching network profile with Connector found");
2625 return;
2626 }
2627
2628 auth = dpp_reconfig_auth_req_rx(wpa_s->dpp, wpa_s, ssid->dpp_connector,
2629 ssid->dpp_netaccesskey,
2630 ssid->dpp_netaccesskey_len,
2631 ssid->dpp_csign, ssid->dpp_csign_len,
2632 freq, hdr, buf, len);
2633 if (!auth)
2634 return;
2635 os_memcpy(auth->peer_mac_addr, src, ETH_ALEN);
2636 wpa_s->dpp_auth = auth;
2637
2638 wpas_dpp_chirp_stop(wpa_s);
2639
2640 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2641 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_RESP);
2642 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2643 wpabuf_head(auth->reconfig_resp_msg),
2644 wpabuf_len(auth->reconfig_resp_msg),
2645 500, wpas_dpp_tx_status, 0) < 0) {
2646 dpp_auth_deinit(wpa_s->dpp_auth);
2647 wpa_s->dpp_auth = NULL;
2648 }
2649 }
2650
2651
2652 static void
wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2653 wpas_dpp_rx_reconfig_auth_resp(struct wpa_supplicant *wpa_s, const u8 *src,
2654 const u8 *hdr, const u8 *buf, size_t len,
2655 unsigned int freq)
2656 {
2657 struct dpp_authentication *auth = wpa_s->dpp_auth;
2658 struct wpabuf *conf;
2659
2660 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Response from "
2661 MACSTR, MAC2STR(src));
2662
2663 if (!auth || !auth->reconfig || !auth->configurator) {
2664 wpa_printf(MSG_DEBUG,
2665 "DPP: No DPP Reconfig Authentication in progress - drop");
2666 return;
2667 }
2668
2669 if (!ether_addr_equal(src, auth->peer_mac_addr)) {
2670 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2671 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2672 return;
2673 }
2674
2675 conf = dpp_reconfig_auth_resp_rx(auth, hdr, buf, len);
2676 if (!conf)
2677 return;
2678
2679 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout, wpa_s, NULL);
2680
2681 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
2682 MAC2STR(src), freq, DPP_PA_RECONFIG_AUTH_CONF);
2683 if (offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
2684 wpabuf_head(conf), wpabuf_len(conf),
2685 500, wpas_dpp_tx_status, 0) < 0) {
2686 wpabuf_free(conf);
2687 dpp_auth_deinit(wpa_s->dpp_auth);
2688 wpa_s->dpp_auth = NULL;
2689 return;
2690 }
2691 wpabuf_free(conf);
2692
2693 wpas_dpp_start_gas_server(wpa_s);
2694 }
2695
2696
2697 static void
wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)2698 wpas_dpp_rx_reconfig_auth_conf(struct wpa_supplicant *wpa_s, const u8 *src,
2699 const u8 *hdr, const u8 *buf, size_t len,
2700 unsigned int freq)
2701 {
2702 struct dpp_authentication *auth = wpa_s->dpp_auth;
2703
2704 wpa_printf(MSG_DEBUG, "DPP: Reconfig Authentication Confirm from "
2705 MACSTR, MAC2STR(src));
2706
2707 if (!auth || !auth->reconfig || auth->configurator) {
2708 wpa_printf(MSG_DEBUG,
2709 "DPP: No DPP Reconfig Authentication in progress - drop");
2710 return;
2711 }
2712
2713 if (!ether_addr_equal(src, auth->peer_mac_addr)) {
2714 wpa_printf(MSG_DEBUG, "DPP: MAC address mismatch (expected "
2715 MACSTR ") - drop", MAC2STR(auth->peer_mac_addr));
2716 return;
2717 }
2718
2719 if (dpp_reconfig_auth_conf_rx(auth, hdr, buf, len) < 0)
2720 return;
2721
2722 wpas_dpp_start_gas_client(wpa_s);
2723 }
2724
2725 #endif /* CONFIG_DPP2 */
2726
2727
wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len)2728 static void wpas_dpp_rx_peer_disc_resp(struct wpa_supplicant *wpa_s,
2729 const u8 *src,
2730 const u8 *buf, size_t len)
2731 {
2732 struct wpa_ssid *ssid;
2733 const u8 *connector, *trans_id, *status;
2734 u16 connector_len, trans_id_len, status_len;
2735 #ifdef CONFIG_DPP2
2736 const u8 *version;
2737 u16 version_len;
2738 #endif /* CONFIG_DPP2 */
2739 u8 peer_version = 1;
2740 struct dpp_introduction intro;
2741 struct rsn_pmksa_cache_entry *entry;
2742 struct os_time now;
2743 struct os_reltime rnow;
2744 os_time_t expiry;
2745 unsigned int seconds;
2746 enum dpp_status_error res;
2747
2748 wpa_printf(MSG_DEBUG, "DPP: Peer Discovery Response from " MACSTR,
2749 MAC2STR(src));
2750 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) ||
2751 !ether_addr_equal(src, wpa_s->dpp_intro_bssid)) {
2752 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from "
2753 MACSTR " - drop", MAC2STR(src));
2754 return;
2755 }
2756 offchannel_send_action_done(wpa_s);
2757
2758 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2759 if (ssid == wpa_s->dpp_intro_network)
2760 break;
2761 }
2762 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
2763 !ssid->dpp_csign) {
2764 wpa_printf(MSG_DEBUG,
2765 "DPP: Profile not found for network introduction");
2766 return;
2767 }
2768
2769 os_memset(&intro, 0, sizeof(intro));
2770
2771 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID,
2772 &trans_id_len);
2773 if (!trans_id || trans_id_len != 1) {
2774 wpa_printf(MSG_DEBUG,
2775 "DPP: Peer did not include Transaction ID");
2776 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2777 " fail=missing_transaction_id", MAC2STR(src));
2778 goto fail;
2779 }
2780 if (trans_id[0] != TRANSACTION_ID) {
2781 wpa_printf(MSG_DEBUG,
2782 "DPP: Ignore frame with unexpected Transaction ID %u",
2783 trans_id[0]);
2784 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2785 " fail=transaction_id_mismatch", MAC2STR(src));
2786 goto fail;
2787 }
2788
2789 status = dpp_get_attr(buf, len, DPP_ATTR_STATUS, &status_len);
2790 if (!status || status_len != 1) {
2791 wpa_printf(MSG_DEBUG, "DPP: Peer did not include Status");
2792 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2793 " fail=missing_status", MAC2STR(src));
2794 goto fail;
2795 }
2796 if (status[0] != DPP_STATUS_OK) {
2797 wpa_printf(MSG_DEBUG,
2798 "DPP: Peer rejected network introduction: Status %u",
2799 status[0]);
2800 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2801 " status=%u", MAC2STR(src), status[0]);
2802 #ifdef CONFIG_DPP2
2803 wpas_dpp_send_conn_status_result(wpa_s, status[0]);
2804 #endif /* CONFIG_DPP2 */
2805 goto fail;
2806 }
2807
2808 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len);
2809 if (!connector) {
2810 wpa_printf(MSG_DEBUG,
2811 "DPP: Peer did not include its Connector");
2812 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2813 " fail=missing_connector", MAC2STR(src));
2814 goto fail;
2815 }
2816
2817 res = dpp_peer_intro(&intro, ssid->dpp_connector,
2818 ssid->dpp_netaccesskey,
2819 ssid->dpp_netaccesskey_len,
2820 ssid->dpp_csign,
2821 ssid->dpp_csign_len,
2822 connector, connector_len, &expiry, NULL);
2823 if (res != DPP_STATUS_OK) {
2824 wpa_printf(MSG_INFO,
2825 "DPP: Network Introduction protocol resulted in failure");
2826 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2827 " fail=peer_connector_validation_failed", MAC2STR(src));
2828 #ifdef CONFIG_DPP2
2829 wpas_dpp_send_conn_status_result(wpa_s, res);
2830 #endif /* CONFIG_DPP2 */
2831 goto fail;
2832 }
2833
2834 entry = os_zalloc(sizeof(*entry));
2835 if (!entry)
2836 goto fail;
2837 os_memcpy(entry->aa, src, ETH_ALEN);
2838 os_memcpy(entry->spa, wpa_s->own_addr, ETH_ALEN);
2839 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN);
2840 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len);
2841 entry->pmk_len = intro.pmk_len;
2842 entry->akmp = WPA_KEY_MGMT_DPP;
2843 #ifdef CONFIG_DPP2
2844 version = dpp_get_attr(buf, len, DPP_ATTR_PROTOCOL_VERSION,
2845 &version_len);
2846 if (version && version_len >= 1)
2847 peer_version = version[0];
2848 #ifdef CONFIG_DPP3
2849 if (intro.peer_version && intro.peer_version >= 2 &&
2850 peer_version != intro.peer_version) {
2851 wpa_printf(MSG_INFO,
2852 "DPP: Protocol version mismatch (Connector: %d Attribute: %d",
2853 intro.peer_version, peer_version);
2854 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_NO_MATCH);
2855 goto fail;
2856 }
2857 #endif /* CONFIG_DPP3 */
2858 entry->dpp_pfs = peer_version >= 2;
2859 #endif /* CONFIG_DPP2 */
2860 if (expiry) {
2861 os_get_time(&now);
2862 seconds = expiry - now.sec;
2863 } else {
2864 seconds = 86400 * 7;
2865 }
2866 os_get_reltime(&rnow);
2867 entry->expiration = rnow.sec + seconds;
2868 entry->reauth_time = rnow.sec + seconds;
2869 entry->network_ctx = ssid;
2870 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry);
2871
2872 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
2873 " status=%u version=%u", MAC2STR(src), status[0], peer_version);
2874
2875 wpa_printf(MSG_DEBUG,
2876 "DPP: Try connection again after successful network introduction");
2877 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2878 wpa_supplicant_cancel_sched_scan(wpa_s);
2879 wpa_supplicant_req_scan(wpa_s, 0, 0);
2880 }
2881 fail:
2882 dpp_peer_intro_deinit(&intro);
2883 }
2884
2885
wpas_dpp_allow_ir(struct wpa_supplicant * wpa_s,unsigned int freq)2886 static int wpas_dpp_allow_ir(struct wpa_supplicant *wpa_s, unsigned int freq)
2887 {
2888 int i, j;
2889
2890 if (!wpa_s->hw.modes)
2891 return -1;
2892
2893 for (i = 0; i < wpa_s->hw.num_modes; i++) {
2894 struct hostapd_hw_modes *mode = &wpa_s->hw.modes[i];
2895
2896 for (j = 0; j < mode->num_channels; j++) {
2897 struct hostapd_channel_data *chan = &mode->channels[j];
2898
2899 if (chan->freq != (int) freq)
2900 continue;
2901
2902 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2903 HOSTAPD_CHAN_NO_IR |
2904 HOSTAPD_CHAN_RADAR))
2905 continue;
2906
2907 return 1;
2908 }
2909 }
2910
2911 wpa_printf(MSG_DEBUG,
2912 "DPP: Frequency %u MHz not supported or does not allow PKEX initiation in the current channel list",
2913 freq);
2914
2915 return 0;
2916 }
2917
2918
wpas_dpp_pkex_next_channel(struct wpa_supplicant * wpa_s,struct dpp_pkex * pkex)2919 static int wpas_dpp_pkex_next_channel(struct wpa_supplicant *wpa_s,
2920 struct dpp_pkex *pkex)
2921 {
2922 if (pkex->freq == 2437)
2923 pkex->freq = 5745;
2924 else if (pkex->freq == 5745)
2925 pkex->freq = 5220;
2926 else if (pkex->freq == 5220)
2927 pkex->freq = 60480;
2928 else
2929 return -1; /* no more channels to try */
2930
2931 if (wpas_dpp_allow_ir(wpa_s, pkex->freq) == 1) {
2932 wpa_printf(MSG_DEBUG, "DPP: Try to initiate on %u MHz",
2933 pkex->freq);
2934 return 0;
2935 }
2936
2937 /* Could not use this channel - try the next one */
2938 return wpas_dpp_pkex_next_channel(wpa_s, pkex);
2939 }
2940
2941
wpas_dpp_pkex_clear_code(struct wpa_supplicant * wpa_s)2942 static void wpas_dpp_pkex_clear_code(struct wpa_supplicant *wpa_s)
2943 {
2944 if (!wpa_s->dpp_pkex_code && !wpa_s->dpp_pkex_identifier)
2945 return;
2946
2947 /* Delete PKEX code and identifier on successful completion of
2948 * PKEX. We are not supposed to reuse these without being
2949 * explicitly requested to perform PKEX again. */
2950 wpa_printf(MSG_DEBUG, "DPP: Delete PKEX code/identifier");
2951 os_free(wpa_s->dpp_pkex_code);
2952 wpa_s->dpp_pkex_code = NULL;
2953 os_free(wpa_s->dpp_pkex_identifier);
2954 wpa_s->dpp_pkex_identifier = NULL;
2955
2956 }
2957
2958
2959 #ifdef CONFIG_DPP2
wpas_dpp_pkex_done(void * ctx,void * conn,struct dpp_bootstrap_info * peer_bi)2960 static int wpas_dpp_pkex_done(void *ctx, void *conn,
2961 struct dpp_bootstrap_info *peer_bi)
2962 {
2963 struct wpa_supplicant *wpa_s = ctx;
2964 char cmd[500];
2965 const char *pos;
2966 u8 allowed_roles = DPP_CAPAB_CONFIGURATOR;
2967 struct dpp_bootstrap_info *own_bi = NULL;
2968 struct dpp_authentication *auth;
2969
2970 wpas_dpp_pkex_clear_code(wpa_s);
2971
2972 os_snprintf(cmd, sizeof(cmd), " peer=%u %s", peer_bi->id,
2973 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : "");
2974 wpa_printf(MSG_DEBUG, "DPP: Start authentication after PKEX (cmd: %s)",
2975 cmd);
2976
2977 pos = os_strstr(cmd, " own=");
2978 if (pos) {
2979 pos += 5;
2980 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
2981 if (!own_bi) {
2982 wpa_printf(MSG_INFO,
2983 "DPP: Could not find bootstrapping info for the identified local entry");
2984 return -1;
2985 }
2986
2987 if (peer_bi->curve != own_bi->curve) {
2988 wpa_printf(MSG_INFO,
2989 "DPP: Mismatching curves in bootstrapping info (peer=%s own=%s)",
2990 peer_bi->curve->name, own_bi->curve->name);
2991 return -1;
2992 }
2993 }
2994
2995 pos = os_strstr(cmd, " role=");
2996 if (pos) {
2997 pos += 6;
2998 if (os_strncmp(pos, "configurator", 12) == 0)
2999 allowed_roles = DPP_CAPAB_CONFIGURATOR;
3000 else if (os_strncmp(pos, "enrollee", 8) == 0)
3001 allowed_roles = DPP_CAPAB_ENROLLEE;
3002 else if (os_strncmp(pos, "either", 6) == 0)
3003 allowed_roles = DPP_CAPAB_CONFIGURATOR |
3004 DPP_CAPAB_ENROLLEE;
3005 else
3006 return -1;
3007 }
3008
3009 auth = dpp_auth_init(wpa_s->dpp, wpa_s, peer_bi, own_bi, allowed_roles,
3010 0, wpa_s->hw.modes, wpa_s->hw.num_modes);
3011 if (!auth)
3012 return -1;
3013
3014 wpas_dpp_set_testing_options(wpa_s, auth);
3015 if (dpp_set_configurator(auth, cmd) < 0) {
3016 dpp_auth_deinit(auth);
3017 return -1;
3018 }
3019
3020 return dpp_tcp_auth(wpa_s->dpp, conn, auth, wpa_s->conf->dpp_name,
3021 DPP_NETROLE_STA,
3022 wpa_s->conf->dpp_mud_url,
3023 wpa_s->conf->dpp_extra_conf_req_name,
3024 wpa_s->conf->dpp_extra_conf_req_value,
3025 wpas_dpp_process_conf_obj,
3026 wpas_dpp_tcp_msg_sent);
3027 }
3028 #endif /* CONFIG_DPP2 */
3029
3030
wpas_dpp_pkex_init(struct wpa_supplicant * wpa_s,enum dpp_pkex_ver ver,const struct hostapd_ip_addr * ipaddr,int tcp_port)3031 static int wpas_dpp_pkex_init(struct wpa_supplicant *wpa_s,
3032 enum dpp_pkex_ver ver,
3033 const struct hostapd_ip_addr *ipaddr,
3034 int tcp_port)
3035 {
3036 struct dpp_pkex *pkex;
3037 struct wpabuf *msg;
3038 unsigned int wait_time;
3039 bool v2 = ver != PKEX_VER_ONLY_1;
3040
3041 wpa_printf(MSG_DEBUG, "DPP: Initiating PKEXv%d", v2 ? 2 : 1);
3042 dpp_pkex_free(wpa_s->dpp_pkex);
3043 wpa_s->dpp_pkex = NULL;
3044 pkex = dpp_pkex_init(wpa_s, wpa_s->dpp_pkex_bi, wpa_s->own_addr,
3045 wpa_s->dpp_pkex_identifier,
3046 wpa_s->dpp_pkex_code, wpa_s->dpp_pkex_code_len,
3047 v2);
3048 if (!pkex)
3049 return -1;
3050 pkex->forced_ver = ver != PKEX_VER_AUTO;
3051
3052 if (ipaddr) {
3053 #ifdef CONFIG_DPP2
3054 return dpp_tcp_pkex_init(wpa_s->dpp, pkex, ipaddr, tcp_port,
3055 wpa_s, wpa_s, wpas_dpp_pkex_done);
3056 #else /* CONFIG_DPP2 */
3057 return -1;
3058 #endif /* CONFIG_DPP2 */
3059 }
3060
3061 wpa_s->dpp_pkex = pkex;
3062 msg = pkex->exchange_req;
3063 wait_time = wpa_s->max_remain_on_chan;
3064 if (wait_time > 2000)
3065 wait_time = 2000;
3066 pkex->freq = 2437;
3067 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
3068 " freq=%u type=%d",
3069 MAC2STR(broadcast), pkex->freq,
3070 v2 ? DPP_PA_PKEX_EXCHANGE_REQ :
3071 DPP_PA_PKEX_V1_EXCHANGE_REQ);
3072 offchannel_send_action(wpa_s, pkex->freq, broadcast,
3073 wpa_s->own_addr, broadcast,
3074 wpabuf_head(msg), wpabuf_len(msg),
3075 wait_time, wpas_dpp_tx_pkex_status, 0);
3076 if (wait_time == 0)
3077 wait_time = 2000;
3078 pkex->exch_req_wait_time = wait_time;
3079 pkex->exch_req_tries = 1;
3080
3081 return 0;
3082 }
3083
3084
wpas_dpp_pkex_retry_timeout(void * eloop_ctx,void * timeout_ctx)3085 static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx)
3086 {
3087 struct wpa_supplicant *wpa_s = eloop_ctx;
3088 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3089
3090 if (!pkex || !pkex->exchange_req)
3091 return;
3092 if (pkex->exch_req_tries >= 5) {
3093 if (wpas_dpp_pkex_next_channel(wpa_s, pkex) < 0) {
3094 #ifdef CONFIG_DPP3
3095 if (pkex->v2 && !pkex->forced_ver) {
3096 wpa_printf(MSG_DEBUG,
3097 "DPP: Fall back to PKEXv1");
3098 wpas_dpp_pkex_init(wpa_s, PKEX_VER_ONLY_1,
3099 NULL, 0);
3100 return;
3101 }
3102 #endif /* CONFIG_DPP3 */
3103 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_FAIL
3104 "No response from PKEX peer");
3105 dpp_pkex_free(pkex);
3106 wpa_s->dpp_pkex = NULL;
3107 return;
3108 }
3109 pkex->exch_req_tries = 0;
3110 }
3111
3112 pkex->exch_req_tries++;
3113 wpa_printf(MSG_DEBUG, "DPP: Retransmit PKEX Exchange Request (try %u)",
3114 pkex->exch_req_tries);
3115 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3116 MAC2STR(broadcast), pkex->freq,
3117 pkex->v2 ? DPP_PA_PKEX_EXCHANGE_REQ :
3118 DPP_PA_PKEX_V1_EXCHANGE_REQ);
3119 offchannel_send_action(wpa_s, pkex->freq, broadcast,
3120 wpa_s->own_addr, broadcast,
3121 wpabuf_head(pkex->exchange_req),
3122 wpabuf_len(pkex->exchange_req),
3123 pkex->exch_req_wait_time,
3124 wpas_dpp_tx_pkex_status, 0);
3125 }
3126
3127
3128 static void
wpas_dpp_tx_pkex_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3129 wpas_dpp_tx_pkex_status(struct wpa_supplicant *wpa_s,
3130 unsigned int freq, const u8 *dst,
3131 const u8 *src, const u8 *bssid,
3132 const u8 *data, size_t data_len,
3133 enum offchannel_send_action_result result)
3134 {
3135 const char *res_txt;
3136 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3137
3138 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
3139 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
3140 "FAILED");
3141 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
3142 " result=%s (PKEX)",
3143 freq, MAC2STR(dst), res_txt);
3144 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
3145 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
3146
3147 if (!pkex) {
3148 wpa_printf(MSG_DEBUG,
3149 "DPP: Ignore TX status since there is no ongoing PKEX exchange");
3150 return;
3151 }
3152
3153 if (pkex->failed) {
3154 wpa_printf(MSG_DEBUG,
3155 "DPP: Terminate PKEX exchange due to an earlier error");
3156 if (pkex->t > pkex->own_bi->pkex_t)
3157 pkex->own_bi->pkex_t = pkex->t;
3158 dpp_pkex_free(pkex);
3159 wpa_s->dpp_pkex = NULL;
3160 return;
3161 }
3162
3163 if (pkex->exch_req_wait_time && pkex->exchange_req) {
3164 /* Wait for PKEX Exchange Response frame and retry request if
3165 * no response is seen. */
3166 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
3167 eloop_register_timeout(pkex->exch_req_wait_time / 1000,
3168 (pkex->exch_req_wait_time % 1000) * 1000,
3169 wpas_dpp_pkex_retry_timeout, wpa_s,
3170 NULL);
3171 }
3172 }
3173
3174
3175 static void
wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq,bool v2)3176 wpas_dpp_rx_pkex_exchange_req(struct wpa_supplicant *wpa_s, const u8 *src,
3177 const u8 *buf, size_t len, unsigned int freq,
3178 bool v2)
3179 {
3180 struct wpabuf *msg;
3181 unsigned int wait_time;
3182
3183 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Request from " MACSTR,
3184 MAC2STR(src));
3185
3186 if (wpa_s->dpp_pkex_ver == PKEX_VER_ONLY_1 && v2) {
3187 wpa_printf(MSG_DEBUG,
3188 "DPP: Ignore PKEXv2 Exchange Request when configured to be PKEX v1 only");
3189 return;
3190 }
3191 if (wpa_s->dpp_pkex_ver == PKEX_VER_ONLY_2 && !v2) {
3192 wpa_printf(MSG_DEBUG,
3193 "DPP: Ignore PKEXv1 Exchange Request when configured to be PKEX v2 only");
3194 return;
3195 }
3196
3197 /* TODO: Support multiple PKEX codes by iterating over all the enabled
3198 * values here */
3199
3200 if (!wpa_s->dpp_pkex_code || !wpa_s->dpp_pkex_bi) {
3201 wpa_printf(MSG_DEBUG,
3202 "DPP: No PKEX code configured - ignore request");
3203 return;
3204 }
3205
3206 #ifdef CONFIG_DPP2
3207 if (dpp_controller_is_own_pkex_req(wpa_s->dpp, buf, len)) {
3208 wpa_printf(MSG_DEBUG,
3209 "DPP: PKEX Exchange Request is from local Controller - ignore request");
3210 return;
3211 }
3212 #endif /* CONFIG_DPP2 */
3213
3214 if (wpa_s->dpp_pkex) {
3215 /* TODO: Support parallel operations */
3216 wpa_printf(MSG_DEBUG,
3217 "DPP: Already in PKEX session - ignore new request");
3218 return;
3219 }
3220
3221 wpa_s->dpp_pkex = dpp_pkex_rx_exchange_req(wpa_s, wpa_s->dpp_pkex_bi,
3222 wpa_s->own_addr, src,
3223 wpa_s->dpp_pkex_identifier,
3224 wpa_s->dpp_pkex_code,
3225 wpa_s->dpp_pkex_code_len,
3226 buf, len, v2);
3227 if (!wpa_s->dpp_pkex) {
3228 wpa_printf(MSG_DEBUG,
3229 "DPP: Failed to process the request - ignore it");
3230 return;
3231 }
3232
3233 #ifdef CONFIG_DPP3
3234 if (wpa_s->dpp_pb_bi && wpa_s->dpp_pb_announcement) {
3235 wpa_printf(MSG_DEBUG,
3236 "DPP: Started PB PKEX (no more PB announcements)");
3237 wpabuf_free(wpa_s->dpp_pb_announcement);
3238 wpa_s->dpp_pb_announcement = NULL;
3239 }
3240 #endif /* CONFIG_DPP3 */
3241 wpa_s->dpp_pkex_wait_auth_req = false;
3242 msg = wpa_s->dpp_pkex->exchange_resp;
3243 wait_time = wpa_s->max_remain_on_chan;
3244 if (wait_time > 2000)
3245 wait_time = 2000;
3246 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3247 MAC2STR(src), freq, DPP_PA_PKEX_EXCHANGE_RESP);
3248 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
3249 broadcast,
3250 wpabuf_head(msg), wpabuf_len(msg),
3251 wait_time, wpas_dpp_tx_pkex_status, 0);
3252 }
3253
3254
3255 static void
wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)3256 wpas_dpp_rx_pkex_exchange_resp(struct wpa_supplicant *wpa_s, const u8 *src,
3257 const u8 *buf, size_t len, unsigned int freq)
3258 {
3259 struct wpabuf *msg;
3260 unsigned int wait_time;
3261
3262 wpa_printf(MSG_DEBUG, "DPP: PKEX Exchange Response from " MACSTR,
3263 MAC2STR(src));
3264
3265 /* TODO: Support multiple PKEX codes by iterating over all the enabled
3266 * values here */
3267
3268 if (!wpa_s->dpp_pkex || !wpa_s->dpp_pkex->initiator ||
3269 wpa_s->dpp_pkex->exchange_done) {
3270 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3271 return;
3272 }
3273
3274 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
3275 wpa_s->dpp_pkex->exch_req_wait_time = 0;
3276
3277 msg = dpp_pkex_rx_exchange_resp(wpa_s->dpp_pkex, src, buf, len);
3278 if (!msg) {
3279 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
3280 return;
3281 }
3282
3283 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Request to " MACSTR,
3284 MAC2STR(src));
3285
3286 wait_time = wpa_s->max_remain_on_chan;
3287 if (wait_time > 2000)
3288 wait_time = 2000;
3289 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3290 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_REQ);
3291 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
3292 broadcast,
3293 wpabuf_head(msg), wpabuf_len(msg),
3294 wait_time, wpas_dpp_tx_pkex_status, 0);
3295 wpabuf_free(msg);
3296 }
3297
3298
3299 static struct dpp_bootstrap_info *
wpas_dpp_pkex_finish(struct wpa_supplicant * wpa_s,const u8 * peer,unsigned int freq)3300 wpas_dpp_pkex_finish(struct wpa_supplicant *wpa_s, const u8 *peer,
3301 unsigned int freq)
3302 {
3303 struct dpp_bootstrap_info *bi;
3304
3305 wpas_dpp_pkex_clear_code(wpa_s);
3306 bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq);
3307 if (!bi)
3308 return NULL;
3309
3310 wpa_s->dpp_pkex = NULL;
3311
3312 #ifdef CONFIG_DPP3
3313 if (wpa_s->dpp_pb_bi && !wpa_s->dpp_pb_configurator &&
3314 os_memcmp(bi->pubkey_hash_chirp, wpa_s->dpp_pb_init_hash,
3315 SHA256_MAC_LEN) != 0) {
3316 char id[20];
3317
3318 wpa_printf(MSG_INFO,
3319 "DPP: Peer bootstrap key from PKEX does not match PB announcement response hash");
3320 wpa_hexdump(MSG_DEBUG,
3321 "DPP: Peer provided bootstrap key hash(chirp) from PB PKEX",
3322 bi->pubkey_hash_chirp, SHA256_MAC_LEN);
3323 wpa_hexdump(MSG_DEBUG,
3324 "DPP: Peer provided bootstrap key hash(chirp) from PB announcement response",
3325 wpa_s->dpp_pb_init_hash, SHA256_MAC_LEN);
3326
3327 os_snprintf(id, sizeof(id), "%u", bi->id);
3328 dpp_bootstrap_remove(wpa_s->dpp, id);
3329 wpas_dpp_push_button_stop(wpa_s);
3330 return NULL;
3331 }
3332 #endif /* CONFIG_DPP3 */
3333
3334 return bi;
3335 }
3336
3337
3338 static void
wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3339 wpas_dpp_rx_pkex_commit_reveal_req(struct wpa_supplicant *wpa_s, const u8 *src,
3340 const u8 *hdr, const u8 *buf, size_t len,
3341 unsigned int freq)
3342 {
3343 struct wpabuf *msg;
3344 unsigned int wait_time;
3345 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3346
3347 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Request from " MACSTR,
3348 MAC2STR(src));
3349
3350 if (!pkex || pkex->initiator || !pkex->exchange_done) {
3351 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3352 return;
3353 }
3354
3355 msg = dpp_pkex_rx_commit_reveal_req(pkex, hdr, buf, len);
3356 if (!msg) {
3357 wpa_printf(MSG_DEBUG, "DPP: Failed to process the request");
3358 if (pkex->failed) {
3359 wpa_printf(MSG_DEBUG, "DPP: Terminate PKEX exchange");
3360 if (pkex->t > pkex->own_bi->pkex_t)
3361 pkex->own_bi->pkex_t = pkex->t;
3362 dpp_pkex_free(wpa_s->dpp_pkex);
3363 wpa_s->dpp_pkex = NULL;
3364 }
3365 return;
3366 }
3367
3368 wpa_printf(MSG_DEBUG, "DPP: Send PKEX Commit-Reveal Response to "
3369 MACSTR, MAC2STR(src));
3370
3371 wait_time = wpa_s->max_remain_on_chan;
3372 if (wait_time > 2000)
3373 wait_time = 2000;
3374 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3375 MAC2STR(src), freq, DPP_PA_PKEX_COMMIT_REVEAL_RESP);
3376 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr,
3377 broadcast,
3378 wpabuf_head(msg), wpabuf_len(msg),
3379 wait_time, wpas_dpp_tx_pkex_status, 0);
3380 wpabuf_free(msg);
3381
3382 wpas_dpp_pkex_finish(wpa_s, src, freq);
3383 wpa_s->dpp_pkex_wait_auth_req = true;
3384 }
3385
3386
3387 static void
wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3388 wpas_dpp_rx_pkex_commit_reveal_resp(struct wpa_supplicant *wpa_s, const u8 *src,
3389 const u8 *hdr, const u8 *buf, size_t len,
3390 unsigned int freq)
3391 {
3392 int res;
3393 struct dpp_bootstrap_info *bi;
3394 struct dpp_pkex *pkex = wpa_s->dpp_pkex;
3395 char cmd[500];
3396
3397 wpa_printf(MSG_DEBUG, "DPP: PKEX Commit-Reveal Response from " MACSTR,
3398 MAC2STR(src));
3399
3400 if (!pkex || !pkex->initiator || !pkex->exchange_done) {
3401 wpa_printf(MSG_DEBUG, "DPP: No matching PKEX session");
3402 return;
3403 }
3404
3405 res = dpp_pkex_rx_commit_reveal_resp(pkex, hdr, buf, len);
3406 if (res < 0) {
3407 wpa_printf(MSG_DEBUG, "DPP: Failed to process the response");
3408 return;
3409 }
3410
3411 bi = wpas_dpp_pkex_finish(wpa_s, src, freq);
3412 if (!bi)
3413 return;
3414
3415 #ifdef CONFIG_DPP3
3416 if (wpa_s->dpp_pb_bi && wpa_s->dpp_pb_configurator &&
3417 os_memcmp(bi->pubkey_hash_chirp, wpa_s->dpp_pb_resp_hash,
3418 SHA256_MAC_LEN) != 0) {
3419 char id[20];
3420
3421 wpa_printf(MSG_INFO,
3422 "DPP: Peer bootstrap key from PKEX does not match PB announcement hash");
3423 wpa_hexdump(MSG_DEBUG,
3424 "DPP: Peer provided bootstrap key hash(chirp) from PB PKEX",
3425 bi->pubkey_hash_chirp, SHA256_MAC_LEN);
3426 wpa_hexdump(MSG_DEBUG,
3427 "DPP: Peer provided bootstrap key hash(chirp) from PB announcement",
3428 wpa_s->dpp_pb_resp_hash, SHA256_MAC_LEN);
3429
3430 os_snprintf(id, sizeof(id), "%u", bi->id);
3431 dpp_bootstrap_remove(wpa_s->dpp, id);
3432 wpas_dpp_push_button_stop(wpa_s);
3433 return;
3434 }
3435 #endif /* CONFIG_DPP3 */
3436
3437 os_snprintf(cmd, sizeof(cmd), " peer=%u %s",
3438 bi->id,
3439 wpa_s->dpp_pkex_auth_cmd ? wpa_s->dpp_pkex_auth_cmd : "");
3440 wpa_printf(MSG_DEBUG,
3441 "DPP: Start authentication after PKEX with parameters: %s",
3442 cmd);
3443 if (wpas_dpp_auth_init(wpa_s, cmd) < 0) {
3444 wpa_printf(MSG_DEBUG,
3445 "DPP: Authentication initialization failed");
3446 offchannel_send_action_done(wpa_s);
3447 return;
3448 }
3449 }
3450
3451
3452 #ifdef CONFIG_DPP3
3453
wpas_dpp_pb_pkex_init(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * src,const u8 * r_hash)3454 static void wpas_dpp_pb_pkex_init(struct wpa_supplicant *wpa_s,
3455 unsigned int freq, const u8 *src,
3456 const u8 *r_hash)
3457 {
3458 struct dpp_pkex *pkex;
3459 struct wpabuf *msg;
3460 unsigned int wait_time;
3461 size_t len;
3462
3463 if (wpa_s->dpp_pkex) {
3464 wpa_printf(MSG_DEBUG,
3465 "DPP: Sending previously generated PKEX Exchange Request to "
3466 MACSTR, MAC2STR(src));
3467 msg = wpa_s->dpp_pkex->exchange_req;
3468 wait_time = wpa_s->max_remain_on_chan;
3469 if (wait_time > 2000)
3470 wait_time = 2000;
3471 offchannel_send_action(wpa_s, freq, src,
3472 wpa_s->own_addr, broadcast,
3473 wpabuf_head(msg), wpabuf_len(msg),
3474 wait_time, wpas_dpp_tx_pkex_status, 0);
3475 return;
3476 }
3477
3478 wpa_printf(MSG_DEBUG, "DPP: Initiate PKEX for push button with "
3479 MACSTR, MAC2STR(src));
3480
3481 if (!wpa_s->dpp_pb_cmd) {
3482 wpa_printf(MSG_INFO,
3483 "DPP: No configuration to provision as push button Configurator");
3484 wpas_dpp_push_button_stop(wpa_s);
3485 return;
3486 }
3487
3488 wpa_s->dpp_pkex_bi = wpa_s->dpp_pb_bi;
3489 os_memcpy(wpa_s->dpp_pb_resp_hash, r_hash, SHA256_MAC_LEN);
3490
3491 pkex = dpp_pkex_init(wpa_s, wpa_s->dpp_pkex_bi, wpa_s->own_addr,
3492 "PBPKEX", (const char *) wpa_s->dpp_pb_c_nonce,
3493 wpa_s->dpp_pb_bi->curve->nonce_len,
3494 true);
3495 if (!pkex) {
3496 wpas_dpp_push_button_stop(wpa_s);
3497 return;
3498 }
3499 pkex->freq = freq;
3500
3501 wpa_s->dpp_pkex = pkex;
3502 msg = wpa_s->dpp_pkex->exchange_req;
3503 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR
3504 " freq=%u type=%d", MAC2STR(src), freq,
3505 DPP_PA_PKEX_EXCHANGE_REQ);
3506 wait_time = wpa_s->max_remain_on_chan;
3507 if (wait_time > 2000)
3508 wait_time = 2000;
3509 offchannel_send_action(wpa_s, pkex->freq, src,
3510 wpa_s->own_addr, broadcast,
3511 wpabuf_head(msg), wpabuf_len(msg),
3512 wait_time, wpas_dpp_tx_pkex_status, 0);
3513 pkex->exch_req_wait_time = 2000;
3514 pkex->exch_req_tries = 1;
3515
3516 /* Use the externally provided configuration */
3517 os_free(wpa_s->dpp_pkex_auth_cmd);
3518 len = 30 + os_strlen(wpa_s->dpp_pb_cmd);
3519 wpa_s->dpp_pkex_auth_cmd = os_malloc(len);
3520 if (wpa_s->dpp_pkex_auth_cmd)
3521 os_snprintf(wpa_s->dpp_pkex_auth_cmd, len, " own=%d %s",
3522 wpa_s->dpp_pkex_bi->id, wpa_s->dpp_pb_cmd);
3523 else
3524 wpas_dpp_push_button_stop(wpa_s);
3525 }
3526
3527
3528 static void
wpas_dpp_rx_pb_presence_announcement(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3529 wpas_dpp_rx_pb_presence_announcement(struct wpa_supplicant *wpa_s,
3530 const u8 *src, const u8 *hdr,
3531 const u8 *buf, size_t len,
3532 unsigned int freq)
3533 {
3534 const u8 *r_hash;
3535 u16 r_hash_len;
3536 unsigned int i;
3537 bool found = false;
3538 struct dpp_pb_info *info, *tmp;
3539 struct os_reltime now, age;
3540 struct wpabuf *msg;
3541
3542 os_get_reltime(&now);
3543 wpa_printf(MSG_DEBUG, "DPP: Push Button Presence Announcement from "
3544 MACSTR, MAC2STR(src));
3545
3546 r_hash = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
3547 &r_hash_len);
3548 if (!r_hash || r_hash_len != SHA256_MAC_LEN) {
3549 wpa_printf(MSG_DEBUG,
3550 "DPP: Missing or invalid required Responder Bootstrapping Key Hash attribute");
3551 return;
3552 }
3553 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
3554 r_hash, r_hash_len);
3555
3556 for (i = 0; i < DPP_PB_INFO_COUNT; i++) {
3557 info = &wpa_s->dpp_pb[i];
3558 if ((info->rx_time.sec == 0 && info->rx_time.usec == 0) ||
3559 os_memcmp(r_hash, info->hash, SHA256_MAC_LEN) != 0)
3560 continue;
3561 wpa_printf(MSG_DEBUG,
3562 "DPP: Active push button Enrollee already known");
3563 found = true;
3564 info->rx_time = now;
3565 }
3566
3567 if (!found) {
3568 for (i = 0; i < DPP_PB_INFO_COUNT; i++) {
3569 tmp = &wpa_s->dpp_pb[i];
3570 if (tmp->rx_time.sec == 0 && tmp->rx_time.usec == 0)
3571 continue;
3572
3573 if (os_reltime_expired(&now, &tmp->rx_time, 120)) {
3574 wpa_hexdump(MSG_DEBUG,
3575 "DPP: Push button Enrollee hash expired",
3576 tmp->hash, SHA256_MAC_LEN);
3577 tmp->rx_time.sec = 0;
3578 tmp->rx_time.usec = 0;
3579 continue;
3580 }
3581
3582 wpa_hexdump(MSG_DEBUG,
3583 "DPP: Push button session overlap with hash",
3584 tmp->hash, SHA256_MAC_LEN);
3585 if (!wpa_s->dpp_pb_result_indicated &&
3586 wpas_dpp_pb_active(wpa_s)) {
3587 wpa_msg(wpa_s, MSG_INFO,
3588 DPP_EVENT_PB_RESULT "session-overlap");
3589 wpa_s->dpp_pb_result_indicated = true;
3590 }
3591 wpas_dpp_push_button_stop(wpa_s);
3592 return;
3593 }
3594
3595 /* Replace the oldest entry */
3596 info = &wpa_s->dpp_pb[0];
3597 for (i = 1; i < DPP_PB_INFO_COUNT; i++) {
3598 tmp = &wpa_s->dpp_pb[i];
3599 if (os_reltime_before(&tmp->rx_time, &info->rx_time))
3600 info = tmp;
3601 }
3602 wpa_printf(MSG_DEBUG, "DPP: New active push button Enrollee");
3603 os_memcpy(info->hash, r_hash, SHA256_MAC_LEN);
3604 info->rx_time = now;
3605 }
3606
3607 if (!wpas_dpp_pb_active(wpa_s)) {
3608 wpa_printf(MSG_DEBUG,
3609 "DPP: Discard message since own push button has not been pressed");
3610 return;
3611 }
3612
3613 if (wpa_s->dpp_pb_announce_time.sec == 0 &&
3614 wpa_s->dpp_pb_announce_time.usec == 0) {
3615 /* Start a wait before allowing PKEX to be initiated */
3616 wpa_s->dpp_pb_announce_time = now;
3617 }
3618
3619 if (!wpa_s->dpp_pb_bi) {
3620 int res;
3621
3622 res = dpp_bootstrap_gen(wpa_s->dpp, "type=pkex");
3623 if (res < 0)
3624 return;
3625 wpa_s->dpp_pb_bi = dpp_bootstrap_get_id(wpa_s->dpp, res);
3626 if (!wpa_s->dpp_pb_bi)
3627 return;
3628
3629 if (random_get_bytes(wpa_s->dpp_pb_c_nonce,
3630 wpa_s->dpp_pb_bi->curve->nonce_len)) {
3631 wpa_printf(MSG_ERROR,
3632 "DPP: Failed to generate C-nonce");
3633 wpas_dpp_push_button_stop(wpa_s);
3634 return;
3635 }
3636 }
3637
3638 /* Skip the response if one was sent within last 50 ms since the
3639 * Enrollee is going to send out at least three announcement messages.
3640 */
3641 os_reltime_sub(&now, &wpa_s->dpp_pb_last_resp, &age);
3642 if (age.sec == 0 && age.usec < 50000) {
3643 wpa_printf(MSG_DEBUG,
3644 "DPP: Skip Push Button Presence Announcement Response frame immediately after having sent one");
3645 return;
3646 }
3647
3648 msg = dpp_build_pb_announcement_resp(
3649 wpa_s->dpp_pb_bi, r_hash, wpa_s->dpp_pb_c_nonce,
3650 wpa_s->dpp_pb_bi->curve->nonce_len);
3651 if (!msg) {
3652 wpas_dpp_push_button_stop(wpa_s);
3653 return;
3654 }
3655
3656 wpa_printf(MSG_DEBUG,
3657 "DPP: Send Push Button Presence Announcement Response to "
3658 MACSTR, MAC2STR(src));
3659 wpa_s->dpp_pb_last_resp = now;
3660
3661 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3662 MAC2STR(src), freq, DPP_PA_PB_PRESENCE_ANNOUNCEMENT_RESP);
3663 offchannel_send_action(wpa_s, freq, src, wpa_s->own_addr, broadcast,
3664 wpabuf_head(msg), wpabuf_len(msg),
3665 0, NULL, 0);
3666 wpabuf_free(msg);
3667
3668 if (os_reltime_expired(&now, &wpa_s->dpp_pb_announce_time, 15))
3669 wpas_dpp_pb_pkex_init(wpa_s, freq, src, r_hash);
3670 }
3671
3672
3673 static void
wpas_dpp_rx_pb_presence_announcement_resp(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3674 wpas_dpp_rx_pb_presence_announcement_resp(struct wpa_supplicant *wpa_s,
3675 const u8 *src, const u8 *hdr,
3676 const u8 *buf, size_t len,
3677 unsigned int freq)
3678 {
3679 const u8 *i_hash, *r_hash, *c_nonce;
3680 u16 i_hash_len, r_hash_len, c_nonce_len;
3681 bool overlap = false;
3682
3683 if (!wpa_s->dpp_pb_announcement || !wpa_s->dpp_pb_bi ||
3684 wpa_s->dpp_pb_configurator) {
3685 wpa_printf(MSG_INFO,
3686 "DPP: Not in active push button Enrollee mode - discard Push Button Presence Announcement Response from "
3687 MACSTR, MAC2STR(src));
3688 return;
3689 }
3690
3691 wpa_printf(MSG_DEBUG,
3692 "DPP: Push Button Presence Announcement Response from "
3693 MACSTR, MAC2STR(src));
3694
3695 i_hash = dpp_get_attr(buf, len, DPP_ATTR_I_BOOTSTRAP_KEY_HASH,
3696 &i_hash_len);
3697 r_hash = dpp_get_attr(buf, len, DPP_ATTR_R_BOOTSTRAP_KEY_HASH,
3698 &r_hash_len);
3699 c_nonce = dpp_get_attr(buf, len, DPP_ATTR_CONFIGURATOR_NONCE,
3700 &c_nonce_len);
3701 if (!i_hash || i_hash_len != SHA256_MAC_LEN ||
3702 !r_hash || r_hash_len != SHA256_MAC_LEN ||
3703 !c_nonce || c_nonce_len > DPP_MAX_NONCE_LEN) {
3704 wpa_printf(MSG_DEBUG,
3705 "DPP: Missing or invalid required attribute");
3706 return;
3707 }
3708 wpa_hexdump(MSG_MSGDUMP, "DPP: Initiator Bootstrapping Key Hash",
3709 i_hash, i_hash_len);
3710 wpa_hexdump(MSG_MSGDUMP, "DPP: Responder Bootstrapping Key Hash",
3711 r_hash, r_hash_len);
3712 wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator Nonce",
3713 c_nonce, c_nonce_len);
3714
3715 #ifdef CONFIG_TESTING_OPTIONS
3716 if (dpp_test == DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_PB_REQ &&
3717 os_memcmp(r_hash, wpa_s->dpp_pb_bi->pubkey_hash_chirp,
3718 SHA256_MAC_LEN - 1) == 0)
3719 goto skip_hash_check;
3720 #endif /* CONFIG_TESTING_OPTIONS */
3721 if (os_memcmp(r_hash, wpa_s->dpp_pb_bi->pubkey_hash_chirp,
3722 SHA256_MAC_LEN) != 0) {
3723 wpa_printf(MSG_INFO,
3724 "DPP: Unexpected push button Responder hash - abort");
3725 overlap = true;
3726 }
3727 #ifdef CONFIG_TESTING_OPTIONS
3728 skip_hash_check:
3729 #endif /* CONFIG_TESTING_OPTIONS */
3730
3731 if (wpa_s->dpp_pb_resp_freq &&
3732 os_memcmp(i_hash, wpa_s->dpp_pb_init_hash, SHA256_MAC_LEN) != 0) {
3733 wpa_printf(MSG_INFO,
3734 "DPP: Push button session overlap detected - abort");
3735 overlap = true;
3736 }
3737
3738 if (overlap) {
3739 if (!wpa_s->dpp_pb_result_indicated) {
3740 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT
3741 "session-overlap");
3742 wpa_s->dpp_pb_result_indicated = true;
3743 }
3744 wpas_dpp_push_button_stop(wpa_s);
3745 return;
3746 }
3747
3748 if (!wpa_s->dpp_pb_resp_freq) {
3749 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_STATUS
3750 "discovered push button AP/Configurator " MACSTR,
3751 MAC2STR(src));
3752 wpa_s->dpp_pb_resp_freq = freq;
3753 os_memcpy(wpa_s->dpp_pb_init_hash, i_hash, SHA256_MAC_LEN);
3754 os_memcpy(wpa_s->dpp_pb_c_nonce, c_nonce, c_nonce_len);
3755 wpa_s->dpp_pb_c_nonce_len = c_nonce_len;
3756 /* Stop announcement iterations after at least one more full
3757 * round and one extra round for postponed session overlap
3758 * detection. */
3759 wpa_s->dpp_pb_stop_iter = 3;
3760 }
3761 }
3762
3763
3764 static void
wpas_dpp_tx_priv_intro_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)3765 wpas_dpp_tx_priv_intro_status(struct wpa_supplicant *wpa_s,
3766 unsigned int freq, const u8 *dst,
3767 const u8 *src, const u8 *bssid,
3768 const u8 *data, size_t data_len,
3769 enum offchannel_send_action_result result)
3770 {
3771 const char *res_txt;
3772
3773 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
3774 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
3775 "FAILED");
3776 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
3777 " result=%s (DPP Private Peer Introduction Update)",
3778 freq, MAC2STR(dst), res_txt);
3779 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
3780 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
3781
3782 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR " version=%u",
3783 MAC2STR(src), wpa_s->dpp_intro_peer_version);
3784
3785 wpa_printf(MSG_DEBUG,
3786 "DPP: Try connection again after successful network introduction");
3787 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3788 wpa_supplicant_cancel_sched_scan(wpa_s);
3789 wpa_supplicant_req_scan(wpa_s, 0, 0);
3790 }
3791 }
3792
3793
3794 static int
wpas_dpp_send_private_peer_intro_update(struct wpa_supplicant * wpa_s,struct dpp_introduction * intro,struct wpa_ssid * ssid,const u8 * dst,unsigned int freq)3795 wpas_dpp_send_private_peer_intro_update(struct wpa_supplicant *wpa_s,
3796 struct dpp_introduction *intro,
3797 struct wpa_ssid *ssid,
3798 const u8 *dst, unsigned int freq)
3799 {
3800 struct wpabuf *pt, *msg, *enc_ct;
3801 size_t len;
3802 u8 ver = DPP_VERSION;
3803 int conn_ver;
3804 const u8 *aad;
3805 size_t aad_len;
3806 unsigned int wait_time;
3807
3808 wpa_printf(MSG_DEBUG, "HPKE(kem_id=%u kdf_id=%u aead_id=%u)",
3809 intro->kem_id, intro->kdf_id, intro->aead_id);
3810
3811 /* Plaintext for HPKE */
3812 len = 5 + 4 + os_strlen(ssid->dpp_connector);
3813 pt = wpabuf_alloc(len);
3814 if (!pt)
3815 return -1;
3816
3817 /* Protocol Version */
3818 conn_ver = dpp_get_connector_version(ssid->dpp_connector);
3819 if (conn_ver > 0 && ver != conn_ver) {
3820 wpa_printf(MSG_DEBUG,
3821 "DPP: Use Connector version %d instead of current protocol version %d",
3822 conn_ver, ver);
3823 ver = conn_ver;
3824 }
3825 wpabuf_put_le16(pt, DPP_ATTR_PROTOCOL_VERSION);
3826 wpabuf_put_le16(pt, 1);
3827 wpabuf_put_u8(pt, ver);
3828
3829 /* Connector */
3830 wpabuf_put_le16(pt, DPP_ATTR_CONNECTOR);
3831 wpabuf_put_le16(pt, os_strlen(ssid->dpp_connector));
3832 wpabuf_put_str(pt, ssid->dpp_connector);
3833 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Plaintext for HPKE", pt);
3834
3835 /* HPKE(pt) using AP's public key (from its Connector) */
3836 msg = dpp_alloc_msg(DPP_PA_PRIV_PEER_INTRO_UPDATE, 0);
3837 if (!msg) {
3838 wpabuf_free(pt);
3839 return -1;
3840 }
3841 aad = wpabuf_head_u8(msg) + 2; /* from the OUI field (inclusive) */
3842 aad_len = DPP_HDR_LEN; /* to the DPP Frame Type field (inclusive) */
3843 wpa_hexdump(MSG_MSGDUMP, "DPP: AAD for HPKE", aad, aad_len);
3844
3845 enc_ct = hpke_base_seal(intro->kem_id, intro->kdf_id, intro->aead_id,
3846 intro->peer_key, NULL, 0, aad, aad_len,
3847 wpabuf_head(pt), wpabuf_len(pt));
3848 wpabuf_free(pt);
3849 wpabuf_free(msg);
3850 if (!enc_ct) {
3851 wpa_printf(MSG_INFO, "DPP: HPKE Seal(Connector) failed");
3852 return -1;
3853 }
3854 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: HPKE enc|ct", enc_ct);
3855
3856 /* HPKE(pt) to generate payload for Wrapped Data */
3857 len = 5 + 4 + wpabuf_len(enc_ct);
3858 msg = dpp_alloc_msg(DPP_PA_PRIV_PEER_INTRO_UPDATE, len);
3859 if (!msg) {
3860 wpabuf_free(enc_ct);
3861 return -1;
3862 }
3863
3864 /* Transaction ID */
3865 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
3866 wpabuf_put_le16(msg, 1);
3867 wpabuf_put_u8(msg, TRANSACTION_ID);
3868
3869 /* Wrapped Data */
3870 wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
3871 wpabuf_put_le16(msg, wpabuf_len(enc_ct));
3872 wpabuf_put_buf(msg, enc_ct);
3873 wpabuf_free(enc_ct);
3874
3875 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Private Peer Intro Update", msg);
3876
3877 /* TODO: Timeout on AP response */
3878 wait_time = wpa_s->max_remain_on_chan;
3879 if (wait_time > 2000)
3880 wait_time = 2000;
3881 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
3882 MAC2STR(dst), freq, DPP_PA_PRIV_PEER_INTRO_QUERY);
3883 offchannel_send_action(wpa_s, freq, dst, wpa_s->own_addr, broadcast,
3884 wpabuf_head(msg), wpabuf_len(msg),
3885 wait_time, wpas_dpp_tx_priv_intro_status, 0);
3886 wpabuf_free(msg);
3887
3888 return 0;
3889 }
3890
3891
3892 static void
wpas_dpp_rx_priv_peer_intro_notify(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * hdr,const u8 * buf,size_t len,unsigned int freq)3893 wpas_dpp_rx_priv_peer_intro_notify(struct wpa_supplicant *wpa_s,
3894 const u8 *src, const u8 *hdr,
3895 const u8 *buf, size_t len,
3896 unsigned int freq)
3897 {
3898 struct wpa_ssid *ssid;
3899 const u8 *connector, *trans_id, *version;
3900 u16 connector_len, trans_id_len, version_len;
3901 u8 peer_version = 1;
3902 struct dpp_introduction intro;
3903 struct rsn_pmksa_cache_entry *entry;
3904 struct os_time now;
3905 struct os_reltime rnow;
3906 os_time_t expiry;
3907 unsigned int seconds;
3908 enum dpp_status_error res;
3909
3910 os_memset(&intro, 0, sizeof(intro));
3911
3912 wpa_printf(MSG_DEBUG, "DPP: Private Peer Introduction Notify from "
3913 MACSTR, MAC2STR(src));
3914 if (is_zero_ether_addr(wpa_s->dpp_intro_bssid) ||
3915 !ether_addr_equal(src, wpa_s->dpp_intro_bssid)) {
3916 wpa_printf(MSG_DEBUG, "DPP: Not waiting for response from "
3917 MACSTR " - drop", MAC2STR(src));
3918 return;
3919 }
3920 offchannel_send_action_done(wpa_s);
3921
3922 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
3923 if (ssid == wpa_s->dpp_intro_network)
3924 break;
3925 }
3926 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
3927 !ssid->dpp_csign) {
3928 wpa_printf(MSG_DEBUG,
3929 "DPP: Profile not found for network introduction");
3930 return;
3931 }
3932
3933 trans_id = dpp_get_attr(buf, len, DPP_ATTR_TRANSACTION_ID,
3934 &trans_id_len);
3935 if (!trans_id || trans_id_len != 1) {
3936 wpa_printf(MSG_DEBUG,
3937 "DPP: Peer did not include Transaction ID");
3938 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
3939 " fail=missing_transaction_id", MAC2STR(src));
3940 goto fail;
3941 }
3942 if (trans_id[0] != TRANSACTION_ID) {
3943 wpa_printf(MSG_DEBUG,
3944 "DPP: Ignore frame with unexpected Transaction ID %u",
3945 trans_id[0]);
3946 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
3947 " fail=transaction_id_mismatch", MAC2STR(src));
3948 goto fail;
3949 }
3950
3951 connector = dpp_get_attr(buf, len, DPP_ATTR_CONNECTOR, &connector_len);
3952 if (!connector) {
3953 wpa_printf(MSG_DEBUG,
3954 "DPP: Peer did not include its Connector");
3955 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
3956 " fail=missing_connector", MAC2STR(src));
3957 goto fail;
3958 }
3959
3960 version = dpp_get_attr(buf, len, DPP_ATTR_PROTOCOL_VERSION,
3961 &version_len);
3962 if (!version || version_len < 1) {
3963 wpa_printf(MSG_DEBUG,
3964 "DPP: Peer did not include valid Version");
3965 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
3966 " fail=missing_version", MAC2STR(src));
3967 goto fail;
3968 }
3969
3970 res = dpp_peer_intro(&intro, ssid->dpp_connector,
3971 ssid->dpp_netaccesskey,
3972 ssid->dpp_netaccesskey_len,
3973 ssid->dpp_csign,
3974 ssid->dpp_csign_len,
3975 connector, connector_len, &expiry, NULL);
3976 if (res != DPP_STATUS_OK) {
3977 wpa_printf(MSG_INFO,
3978 "DPP: Network Introduction protocol resulted in failure");
3979 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_INTRO "peer=" MACSTR
3980 " fail=peer_connector_validation_failed", MAC2STR(src));
3981 wpas_dpp_send_conn_status_result(wpa_s, res);
3982 goto fail;
3983 }
3984
3985 peer_version = version[0];
3986 if (intro.peer_version && intro.peer_version >= 2 &&
3987 peer_version != intro.peer_version) {
3988 wpa_printf(MSG_INFO,
3989 "DPP: Protocol version mismatch (Connector: %d Attribute: %d",
3990 intro.peer_version, peer_version);
3991 wpas_dpp_send_conn_status_result(wpa_s, DPP_STATUS_NO_MATCH);
3992 goto fail;
3993 }
3994 wpa_s->dpp_intro_peer_version = peer_version;
3995
3996 entry = os_zalloc(sizeof(*entry));
3997 if (!entry)
3998 goto fail;
3999 entry->dpp_pfs = peer_version >= 2;
4000 os_memcpy(entry->aa, src, ETH_ALEN);
4001 os_memcpy(entry->spa, wpa_s->own_addr, ETH_ALEN);
4002 os_memcpy(entry->pmkid, intro.pmkid, PMKID_LEN);
4003 os_memcpy(entry->pmk, intro.pmk, intro.pmk_len);
4004 entry->pmk_len = intro.pmk_len;
4005 entry->akmp = WPA_KEY_MGMT_DPP;
4006 if (expiry) {
4007 os_get_time(&now);
4008 seconds = expiry - now.sec;
4009 } else {
4010 seconds = 86400 * 7;
4011 }
4012
4013 if (wpas_dpp_send_private_peer_intro_update(wpa_s, &intro, ssid, src,
4014 freq) < 0) {
4015 os_free(entry);
4016 goto fail;
4017 }
4018
4019 os_get_reltime(&rnow);
4020 entry->expiration = rnow.sec + seconds;
4021 entry->reauth_time = rnow.sec + seconds;
4022 entry->network_ctx = ssid;
4023 wpa_sm_pmksa_cache_add_entry(wpa_s->wpa, entry);
4024
4025 /* Association will be initiated from TX status handler for the Private
4026 * Peer Intro Update: wpas_dpp_tx_priv_intro_status() */
4027
4028 fail:
4029 dpp_peer_intro_deinit(&intro);
4030 }
4031
4032 #endif /* CONFIG_DPP3 */
4033
4034
wpas_dpp_rx_action(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * buf,size_t len,unsigned int freq)4035 void wpas_dpp_rx_action(struct wpa_supplicant *wpa_s, const u8 *src,
4036 const u8 *buf, size_t len, unsigned int freq)
4037 {
4038 u8 crypto_suite;
4039 enum dpp_public_action_frame_type type;
4040 const u8 *hdr;
4041 unsigned int pkex_t;
4042
4043 if (len < DPP_HDR_LEN)
4044 return;
4045 if (WPA_GET_BE24(buf) != OUI_WFA || buf[3] != DPP_OUI_TYPE)
4046 return;
4047 hdr = buf;
4048 buf += 4;
4049 len -= 4;
4050 crypto_suite = *buf++;
4051 type = *buf++;
4052 len -= 2;
4053
4054 wpa_printf(MSG_DEBUG,
4055 "DPP: Received DPP Public Action frame crypto suite %u type %d from "
4056 MACSTR " freq=%u",
4057 crypto_suite, type, MAC2STR(src), freq);
4058 #ifdef CONFIG_TESTING_OPTIONS
4059 if (wpa_s->dpp_discard_public_action &&
4060 type != DPP_PA_PEER_DISCOVERY_RESP &&
4061 type != DPP_PA_PRIV_PEER_INTRO_NOTIFY) {
4062 wpa_printf(MSG_DEBUG,
4063 "TESTING: Discard received DPP Public Action frame");
4064 return;
4065 }
4066 #endif /* CONFIG_TESTING_OPTIONS */
4067 if (crypto_suite != 1) {
4068 wpa_printf(MSG_DEBUG, "DPP: Unsupported crypto suite %u",
4069 crypto_suite);
4070 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
4071 " freq=%u type=%d ignore=unsupported-crypto-suite",
4072 MAC2STR(src), freq, type);
4073 return;
4074 }
4075 wpa_hexdump(MSG_MSGDUMP, "DPP: Received message attributes", buf, len);
4076 if (dpp_check_attrs(buf, len) < 0) {
4077 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR
4078 " freq=%u type=%d ignore=invalid-attributes",
4079 MAC2STR(src), freq, type);
4080 return;
4081 }
4082 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_RX "src=" MACSTR " freq=%u type=%d",
4083 MAC2STR(src), freq, type);
4084
4085 switch (type) {
4086 case DPP_PA_AUTHENTICATION_REQ:
4087 wpas_dpp_rx_auth_req(wpa_s, src, hdr, buf, len, freq);
4088 break;
4089 case DPP_PA_AUTHENTICATION_RESP:
4090 wpas_dpp_rx_auth_resp(wpa_s, src, hdr, buf, len, freq);
4091 break;
4092 case DPP_PA_AUTHENTICATION_CONF:
4093 wpas_dpp_rx_auth_conf(wpa_s, src, hdr, buf, len);
4094 break;
4095 case DPP_PA_PEER_DISCOVERY_RESP:
4096 wpas_dpp_rx_peer_disc_resp(wpa_s, src, buf, len);
4097 break;
4098 #ifdef CONFIG_DPP3
4099 case DPP_PA_PKEX_EXCHANGE_REQ:
4100 /* This is for PKEXv2, but for now, process only with
4101 * CONFIG_DPP3 to avoid issues with a capability that has not
4102 * been tested with other implementations. */
4103 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq, true);
4104 break;
4105 #endif /* CONFIG_DPP3 */
4106 case DPP_PA_PKEX_V1_EXCHANGE_REQ:
4107 wpas_dpp_rx_pkex_exchange_req(wpa_s, src, buf, len, freq,
4108 false);
4109 break;
4110 case DPP_PA_PKEX_EXCHANGE_RESP:
4111 wpas_dpp_rx_pkex_exchange_resp(wpa_s, src, buf, len, freq);
4112 break;
4113 case DPP_PA_PKEX_COMMIT_REVEAL_REQ:
4114 wpas_dpp_rx_pkex_commit_reveal_req(wpa_s, src, hdr, buf, len,
4115 freq);
4116 break;
4117 case DPP_PA_PKEX_COMMIT_REVEAL_RESP:
4118 wpas_dpp_rx_pkex_commit_reveal_resp(wpa_s, src, hdr, buf, len,
4119 freq);
4120 break;
4121 #ifdef CONFIG_DPP2
4122 case DPP_PA_CONFIGURATION_RESULT:
4123 wpas_dpp_rx_conf_result(wpa_s, src, hdr, buf, len);
4124 break;
4125 case DPP_PA_CONNECTION_STATUS_RESULT:
4126 wpas_dpp_rx_conn_status_result(wpa_s, src, hdr, buf, len);
4127 break;
4128 case DPP_PA_PRESENCE_ANNOUNCEMENT:
4129 wpas_dpp_rx_presence_announcement(wpa_s, src, hdr, buf, len,
4130 freq);
4131 break;
4132 case DPP_PA_RECONFIG_ANNOUNCEMENT:
4133 wpas_dpp_rx_reconfig_announcement(wpa_s, src, hdr, buf, len,
4134 freq);
4135 break;
4136 case DPP_PA_RECONFIG_AUTH_REQ:
4137 wpas_dpp_rx_reconfig_auth_req(wpa_s, src, hdr, buf, len, freq);
4138 break;
4139 case DPP_PA_RECONFIG_AUTH_RESP:
4140 wpas_dpp_rx_reconfig_auth_resp(wpa_s, src, hdr, buf, len, freq);
4141 break;
4142 case DPP_PA_RECONFIG_AUTH_CONF:
4143 wpas_dpp_rx_reconfig_auth_conf(wpa_s, src, hdr, buf, len, freq);
4144 break;
4145 #endif /* CONFIG_DPP2 */
4146 #ifdef CONFIG_DPP3
4147 case DPP_PA_PB_PRESENCE_ANNOUNCEMENT:
4148 wpas_dpp_rx_pb_presence_announcement(wpa_s, src, hdr,
4149 buf, len, freq);
4150 break;
4151 case DPP_PA_PB_PRESENCE_ANNOUNCEMENT_RESP:
4152 wpas_dpp_rx_pb_presence_announcement_resp(wpa_s, src, hdr,
4153 buf, len, freq);
4154 break;
4155 case DPP_PA_PRIV_PEER_INTRO_NOTIFY:
4156 wpas_dpp_rx_priv_peer_intro_notify(wpa_s, src, hdr,
4157 buf, len, freq);
4158 break;
4159 #endif /* CONFIG_DPP3 */
4160 default:
4161 wpa_printf(MSG_DEBUG,
4162 "DPP: Ignored unsupported frame subtype %d", type);
4163 break;
4164 }
4165
4166 if (wpa_s->dpp_pkex)
4167 pkex_t = wpa_s->dpp_pkex->t;
4168 else if (wpa_s->dpp_pkex_bi)
4169 pkex_t = wpa_s->dpp_pkex_bi->pkex_t;
4170 else
4171 pkex_t = 0;
4172 if (pkex_t >= PKEX_COUNTER_T_LIMIT) {
4173 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PKEX_T_LIMIT "id=0");
4174 wpas_dpp_pkex_remove(wpa_s, "*");
4175 }
4176 }
4177
4178
wpas_dpp_gas_initial_resp_timeout(void * eloop_ctx,void * timeout_ctx)4179 static void wpas_dpp_gas_initial_resp_timeout(void *eloop_ctx,
4180 void *timeout_ctx)
4181 {
4182 struct wpa_supplicant *wpa_s = eloop_ctx;
4183 struct dpp_authentication *auth = wpa_s->dpp_auth;
4184
4185 if (!auth || !auth->waiting_config || !auth->config_resp_ctx)
4186 return;
4187
4188 wpa_printf(MSG_DEBUG,
4189 "DPP: No configuration available from upper layers - send initial response with comeback delay");
4190 gas_server_set_comeback_delay(wpa_s->gas_server, auth->config_resp_ctx,
4191 500);
4192 }
4193
4194
4195 static struct wpabuf *
wpas_dpp_gas_req_handler(void * ctx,void * resp_ctx,const u8 * sa,const u8 * query,size_t query_len,int * comeback_delay)4196 wpas_dpp_gas_req_handler(void *ctx, void *resp_ctx, const u8 *sa,
4197 const u8 *query, size_t query_len, int *comeback_delay)
4198 {
4199 struct wpa_supplicant *wpa_s = ctx;
4200 struct dpp_authentication *auth = wpa_s->dpp_auth;
4201 struct wpabuf *resp;
4202
4203 wpa_printf(MSG_DEBUG, "DPP: GAS request from " MACSTR,
4204 MAC2STR(sa));
4205 if (!auth || (!auth->auth_success && !auth->reconfig_success) ||
4206 !ether_addr_equal(sa, auth->peer_mac_addr)) {
4207 wpa_printf(MSG_DEBUG, "DPP: No matching exchange in progress");
4208 return NULL;
4209 }
4210
4211 if (wpa_s->dpp_auth_ok_on_ack && auth->configurator) {
4212 wpa_printf(MSG_DEBUG,
4213 "DPP: Have not received ACK for Auth Confirm yet - assume it was received based on this GAS request");
4214 /* wpas_dpp_auth_success() would normally have been called from
4215 * TX status handler, but since there was no such handler call
4216 * yet, simply send out the event message and proceed with
4217 * exchange. */
4218 dpp_notify_auth_success(auth, 1);
4219 wpa_s->dpp_auth_ok_on_ack = 0;
4220 #ifdef CONFIG_TESTING_OPTIONS
4221 if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) {
4222 wpa_printf(MSG_INFO,
4223 "DPP: TESTING - stop at Authentication Confirm");
4224 return NULL;
4225 }
4226 #endif /* CONFIG_TESTING_OPTIONS */
4227 }
4228
4229 wpa_hexdump(MSG_DEBUG,
4230 "DPP: Received Configuration Request (GAS Query Request)",
4231 query, query_len);
4232 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_REQ_RX "src=" MACSTR,
4233 MAC2STR(sa));
4234 resp = dpp_conf_req_rx(auth, query, query_len);
4235
4236 auth->gas_server_ctx = resp_ctx;
4237
4238 #ifdef CONFIG_DPP2
4239 if (!resp && auth->waiting_cert) {
4240 wpa_printf(MSG_DEBUG, "DPP: Certificate not yet ready");
4241 auth->config_resp_ctx = resp_ctx;
4242 *comeback_delay = 500;
4243 return NULL;
4244 }
4245 #endif /* CONFIG_DPP2 */
4246
4247 if (!resp && auth->waiting_config &&
4248 (auth->peer_bi || auth->tmp_peer_bi)) {
4249 char *buf = NULL, *name = "";
4250 char band[200], *pos, *end;
4251 int i, res, *opclass = auth->e_band_support;
4252 char *mud_url = "N/A";
4253
4254 wpa_printf(MSG_DEBUG, "DPP: Configuration not yet ready");
4255 auth->config_resp_ctx = resp_ctx;
4256 *comeback_delay = -1;
4257 if (auth->e_name) {
4258 size_t len = os_strlen(auth->e_name);
4259
4260 buf = os_malloc(len * 4 + 1);
4261 if (buf) {
4262 printf_encode(buf, len * 4 + 1,
4263 (const u8 *) auth->e_name, len);
4264 name = buf;
4265 }
4266 }
4267 band[0] = '\0';
4268 pos = band;
4269 end = band + sizeof(band);
4270 for (i = 0; opclass && opclass[i]; i++) {
4271 res = os_snprintf(pos, end - pos, "%s%d",
4272 pos == band ? "" : ",", opclass[i]);
4273 if (os_snprintf_error(end - pos, res)) {
4274 *pos = '\0';
4275 break;
4276 }
4277 pos += res;
4278 }
4279 if (auth->e_mud_url) {
4280 size_t len = os_strlen(auth->e_mud_url);
4281
4282 if (!has_ctrl_char((const u8 *) auth->e_mud_url, len))
4283 mud_url = auth->e_mud_url;
4284 }
4285 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_NEEDED "peer=%d src="
4286 MACSTR " net_role=%s name=\"%s\" opclass=%s mud_url=%s",
4287 auth->peer_bi ? auth->peer_bi->id :
4288 auth->tmp_peer_bi->id, MAC2STR(sa),
4289 dpp_netrole_str(auth->e_netrole), name, band, mud_url);
4290 os_free(buf);
4291
4292 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s,
4293 NULL);
4294 eloop_register_timeout(0, 50000,
4295 wpas_dpp_gas_initial_resp_timeout, wpa_s,
4296 NULL);
4297 return NULL;
4298 }
4299
4300 auth->conf_resp = resp;
4301 if (!resp) {
4302 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
4303 dpp_auth_deinit(wpa_s->dpp_auth);
4304 wpa_s->dpp_auth = NULL;
4305 }
4306 return resp;
4307 }
4308
4309
4310 static void
wpas_dpp_gas_status_handler(void * ctx,struct wpabuf * resp,int ok)4311 wpas_dpp_gas_status_handler(void *ctx, struct wpabuf *resp, int ok)
4312 {
4313 struct wpa_supplicant *wpa_s = ctx;
4314 struct dpp_authentication *auth = wpa_s->dpp_auth;
4315
4316 if (!auth) {
4317 wpabuf_free(resp);
4318 return;
4319 }
4320 if (auth->conf_resp != resp) {
4321 wpa_printf(MSG_DEBUG,
4322 "DPP: Ignore GAS status report (ok=%d) for unknown response",
4323 ok);
4324 wpabuf_free(resp);
4325 return;
4326 }
4327
4328 #ifdef CONFIG_DPP2
4329 if (auth->waiting_csr && ok) {
4330 wpa_printf(MSG_DEBUG, "DPP: Waiting for CSR");
4331 wpabuf_free(resp);
4332 return;
4333 }
4334 #endif /* CONFIG_DPP2 */
4335
4336 #ifdef CONFIG_DPP3
4337 if (auth->waiting_new_key && ok) {
4338 wpa_printf(MSG_DEBUG, "DPP: Waiting for a new key");
4339 wpabuf_free(resp);
4340 return;
4341 }
4342 #endif /* CONFIG_DPP3 */
4343
4344 wpa_printf(MSG_DEBUG, "DPP: Configuration exchange completed (ok=%d)",
4345 ok);
4346 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
4347 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
4348 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
4349 #ifdef CONFIG_DPP2
4350 if (ok && auth->peer_version >= 2 &&
4351 auth->conf_resp_status == DPP_STATUS_OK &&
4352 !auth->waiting_conf_result) {
4353 wpa_printf(MSG_DEBUG, "DPP: Wait for Configuration Result");
4354 auth->waiting_conf_result = 1;
4355 auth->conf_resp = NULL;
4356 wpabuf_free(resp);
4357 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout,
4358 wpa_s, NULL);
4359 eloop_register_timeout(2, 0,
4360 wpas_dpp_config_result_wait_timeout,
4361 wpa_s, NULL);
4362 return;
4363 }
4364 #endif /* CONFIG_DPP2 */
4365 offchannel_send_action_done(wpa_s);
4366 wpas_dpp_listen_stop(wpa_s);
4367 if (ok)
4368 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_SENT "conf_status=%d",
4369 auth->conf_resp_status);
4370 else
4371 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CONF_FAILED);
4372 dpp_auth_deinit(wpa_s->dpp_auth);
4373 wpa_s->dpp_auth = NULL;
4374 wpabuf_free(resp);
4375 #ifdef CONFIG_DPP3
4376 if (!wpa_s->dpp_pb_result_indicated && wpas_dpp_pb_active(wpa_s)) {
4377 if (ok)
4378 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT
4379 "success");
4380 else
4381 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT
4382 "could-not-connect");
4383 wpa_s->dpp_pb_result_indicated = true;
4384 if (ok)
4385 wpas_dpp_remove_pb_hash(wpa_s);
4386 wpas_dpp_push_button_stop(wpa_s);
4387 }
4388 #endif /* CONFIG_DPP3 */
4389 }
4390
4391
wpas_dpp_configurator_sign(struct wpa_supplicant * wpa_s,const char * cmd)4392 int wpas_dpp_configurator_sign(struct wpa_supplicant *wpa_s, const char *cmd)
4393 {
4394 struct dpp_authentication *auth;
4395 int ret = -1;
4396 char *curve = NULL;
4397
4398 auth = dpp_alloc_auth(wpa_s->dpp, wpa_s);
4399 if (!auth)
4400 return -1;
4401
4402 curve = get_param(cmd, " curve=");
4403 wpas_dpp_set_testing_options(wpa_s, auth);
4404 if (dpp_set_configurator(auth, cmd) == 0 &&
4405 dpp_configurator_own_config(auth, curve, 0) == 0)
4406 ret = wpas_dpp_handle_config_obj(wpa_s, auth,
4407 &auth->conf_obj[0]);
4408 if (!ret)
4409 wpas_dpp_post_process_config(wpa_s, auth);
4410
4411 dpp_auth_deinit(auth);
4412 os_free(curve);
4413
4414 return ret;
4415 }
4416
4417
4418 static void
wpas_dpp_tx_introduction_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)4419 wpas_dpp_tx_introduction_status(struct wpa_supplicant *wpa_s,
4420 unsigned int freq, const u8 *dst,
4421 const u8 *src, const u8 *bssid,
4422 const u8 *data, size_t data_len,
4423 enum offchannel_send_action_result result)
4424 {
4425 const char *res_txt;
4426
4427 res_txt = result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
4428 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
4429 "FAILED");
4430 wpa_printf(MSG_DEBUG, "DPP: TX status: freq=%u dst=" MACSTR
4431 " result=%s (DPP Peer Discovery Request)",
4432 freq, MAC2STR(dst), res_txt);
4433 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX_STATUS "dst=" MACSTR
4434 " freq=%u result=%s", MAC2STR(dst), freq, res_txt);
4435 /* TODO: Time out wait for response more quickly in error cases? */
4436 }
4437
4438
4439 #ifdef CONFIG_DPP3
wpas_dpp_start_private_peer_intro(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_bss * bss)4440 static int wpas_dpp_start_private_peer_intro(struct wpa_supplicant *wpa_s,
4441 struct wpa_ssid *ssid,
4442 struct wpa_bss *bss)
4443 {
4444 struct wpabuf *msg;
4445 unsigned int wait_time;
4446 size_t len;
4447 u8 ver = DPP_VERSION;
4448 int conn_ver;
4449
4450 len = 5 + 5;
4451 msg = dpp_alloc_msg(DPP_PA_PRIV_PEER_INTRO_QUERY, len);
4452 if (!msg)
4453 return -1;
4454
4455 /* Transaction ID */
4456 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
4457 wpabuf_put_le16(msg, 1);
4458 wpabuf_put_u8(msg, TRANSACTION_ID);
4459
4460 conn_ver = dpp_get_connector_version(ssid->dpp_connector);
4461 if (conn_ver > 0 && ver != conn_ver) {
4462 wpa_printf(MSG_DEBUG,
4463 "DPP: Use Connector version %d instead of current protocol version %d",
4464 conn_ver, ver);
4465 ver = conn_ver;
4466 }
4467
4468 /* Protocol Version */
4469 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
4470 wpabuf_put_le16(msg, 1);
4471 wpabuf_put_u8(msg, ver);
4472
4473 wpa_hexdump_buf(MSG_MSGDUMP, "DPP: Private Peer Intro Query", msg);
4474
4475 /* TODO: Timeout on AP response */
4476 wait_time = wpa_s->max_remain_on_chan;
4477 if (wait_time > 2000)
4478 wait_time = 2000;
4479 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
4480 MAC2STR(bss->bssid), bss->freq, DPP_PA_PRIV_PEER_INTRO_QUERY);
4481 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr,
4482 broadcast,
4483 wpabuf_head(msg), wpabuf_len(msg),
4484 wait_time, wpas_dpp_tx_introduction_status, 0);
4485 wpabuf_free(msg);
4486
4487 /* Request this connection attempt to terminate - new one will be
4488 * started when network introduction protocol completes */
4489 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN);
4490 wpa_s->dpp_intro_network = ssid;
4491 return 1;
4492 }
4493 #endif /* CONFIG_DPP3 */
4494
4495
wpas_dpp_check_connect(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_bss * bss)4496 int wpas_dpp_check_connect(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4497 struct wpa_bss *bss)
4498 {
4499 struct os_time now;
4500 struct wpabuf *msg;
4501 unsigned int wait_time;
4502 const u8 *rsn;
4503 struct wpa_ie_data ied;
4504 size_t len;
4505
4506 if (!(ssid->key_mgmt & WPA_KEY_MGMT_DPP) || !bss)
4507 return 0; /* Not using DPP AKM - continue */
4508 rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
4509 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ied) == 0 &&
4510 !(ied.key_mgmt & WPA_KEY_MGMT_DPP))
4511 return 0; /* AP does not support DPP AKM - continue */
4512 if (wpa_sm_pmksa_exists(wpa_s->wpa, bss->bssid, wpa_s->own_addr, ssid))
4513 return 0; /* PMKSA exists for DPP AKM - continue */
4514
4515 if (!ssid->dpp_connector || !ssid->dpp_netaccesskey ||
4516 !ssid->dpp_csign) {
4517 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
4518 "missing %s",
4519 !ssid->dpp_connector ? "Connector" :
4520 (!ssid->dpp_netaccesskey ? "netAccessKey" :
4521 "C-sign-key"));
4522 return -1;
4523 }
4524
4525 os_get_time(&now);
4526
4527 if (ssid->dpp_netaccesskey_expiry &&
4528 (os_time_t) ssid->dpp_netaccesskey_expiry < now.sec) {
4529 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_MISSING_CONNECTOR
4530 "netAccessKey expired");
4531 return -1;
4532 }
4533
4534 wpa_printf(MSG_DEBUG,
4535 "DPP: Starting %snetwork introduction protocol to derive PMKSA for "
4536 MACSTR,
4537 ssid->dpp_connector_privacy ? "private " : "",
4538 MAC2STR(bss->bssid));
4539 if (wpa_s->wpa_state == WPA_SCANNING)
4540 wpa_supplicant_set_state(wpa_s, wpa_s->scan_prev_wpa_state);
4541
4542 #ifdef CONFIG_DPP3
4543 if (ssid->dpp_connector_privacy)
4544 return wpas_dpp_start_private_peer_intro(wpa_s, ssid, bss);
4545 #endif /* CONFIG_DPP3 */
4546
4547 len = 5 + 4 + os_strlen(ssid->dpp_connector);
4548 #ifdef CONFIG_DPP2
4549 len += 5;
4550 #endif /* CONFIG_DPP2 */
4551 msg = dpp_alloc_msg(DPP_PA_PEER_DISCOVERY_REQ, len);
4552 if (!msg)
4553 return -1;
4554
4555 #ifdef CONFIG_TESTING_OPTIONS
4556 if (dpp_test == DPP_TEST_NO_TRANSACTION_ID_PEER_DISC_REQ) {
4557 wpa_printf(MSG_INFO, "DPP: TESTING - no Transaction ID");
4558 goto skip_trans_id;
4559 }
4560 if (dpp_test == DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ) {
4561 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Transaction ID");
4562 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
4563 wpabuf_put_le16(msg, 0);
4564 goto skip_trans_id;
4565 }
4566 #endif /* CONFIG_TESTING_OPTIONS */
4567
4568 /* Transaction ID */
4569 wpabuf_put_le16(msg, DPP_ATTR_TRANSACTION_ID);
4570 wpabuf_put_le16(msg, 1);
4571 wpabuf_put_u8(msg, TRANSACTION_ID);
4572
4573 #ifdef CONFIG_TESTING_OPTIONS
4574 skip_trans_id:
4575 if (dpp_test == DPP_TEST_NO_CONNECTOR_PEER_DISC_REQ) {
4576 wpa_printf(MSG_INFO, "DPP: TESTING - no Connector");
4577 goto skip_connector;
4578 }
4579 if (dpp_test == DPP_TEST_INVALID_CONNECTOR_PEER_DISC_REQ) {
4580 char *connector;
4581
4582 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Connector");
4583 connector = dpp_corrupt_connector_signature(
4584 ssid->dpp_connector);
4585 if (!connector) {
4586 wpabuf_free(msg);
4587 return -1;
4588 }
4589 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
4590 wpabuf_put_le16(msg, os_strlen(connector));
4591 wpabuf_put_str(msg, connector);
4592 os_free(connector);
4593 goto skip_connector;
4594 }
4595 #endif /* CONFIG_TESTING_OPTIONS */
4596
4597 /* DPP Connector */
4598 wpabuf_put_le16(msg, DPP_ATTR_CONNECTOR);
4599 wpabuf_put_le16(msg, os_strlen(ssid->dpp_connector));
4600 wpabuf_put_str(msg, ssid->dpp_connector);
4601
4602 #ifdef CONFIG_TESTING_OPTIONS
4603 skip_connector:
4604 if (dpp_test == DPP_TEST_NO_PROTOCOL_VERSION_PEER_DISC_REQ) {
4605 wpa_printf(MSG_INFO, "DPP: TESTING - no Protocol Version");
4606 goto skip_proto_ver;
4607 }
4608 #endif /* CONFIG_TESTING_OPTIONS */
4609
4610 #ifdef CONFIG_DPP2
4611 if (DPP_VERSION > 1) {
4612 u8 ver = DPP_VERSION;
4613 #ifdef CONFIG_DPP3
4614 int conn_ver;
4615
4616 conn_ver = dpp_get_connector_version(ssid->dpp_connector);
4617 if (conn_ver > 0 && ver != conn_ver) {
4618 wpa_printf(MSG_DEBUG,
4619 "DPP: Use Connector version %d instead of current protocol version %d",
4620 conn_ver, ver);
4621 ver = conn_ver;
4622 }
4623 #endif /* CONFIG_DPP3 */
4624
4625 #ifdef CONFIG_TESTING_OPTIONS
4626 if (dpp_test == DPP_TEST_INVALID_PROTOCOL_VERSION_PEER_DISC_REQ) {
4627 wpa_printf(MSG_INFO, "DPP: TESTING - invalid Protocol Version");
4628 ver = 1;
4629 }
4630 #endif /* CONFIG_TESTING_OPTIONS */
4631
4632 /* Protocol Version */
4633 wpabuf_put_le16(msg, DPP_ATTR_PROTOCOL_VERSION);
4634 wpabuf_put_le16(msg, 1);
4635 wpabuf_put_u8(msg, ver);
4636 }
4637 #endif /* CONFIG_DPP2 */
4638
4639 #ifdef CONFIG_TESTING_OPTIONS
4640 skip_proto_ver:
4641 #endif /* CONFIG_TESTING_OPTIONS */
4642
4643 /* TODO: Timeout on AP response */
4644 wait_time = wpa_s->max_remain_on_chan;
4645 if (wait_time > 2000)
4646 wait_time = 2000;
4647 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
4648 MAC2STR(bss->bssid), bss->freq, DPP_PA_PEER_DISCOVERY_REQ);
4649 offchannel_send_action(wpa_s, bss->freq, bss->bssid, wpa_s->own_addr,
4650 broadcast,
4651 wpabuf_head(msg), wpabuf_len(msg),
4652 wait_time, wpas_dpp_tx_introduction_status, 0);
4653 wpabuf_free(msg);
4654
4655 /* Request this connection attempt to terminate - new one will be
4656 * started when network introduction protocol completes */
4657 os_memcpy(wpa_s->dpp_intro_bssid, bss->bssid, ETH_ALEN);
4658 wpa_s->dpp_intro_network = ssid;
4659 return 1;
4660 }
4661
4662
wpas_dpp_pkex_add(struct wpa_supplicant * wpa_s,const char * cmd)4663 int wpas_dpp_pkex_add(struct wpa_supplicant *wpa_s, const char *cmd)
4664 {
4665 struct dpp_bootstrap_info *own_bi;
4666 const char *pos, *end;
4667 #ifdef CONFIG_DPP3
4668 enum dpp_pkex_ver ver = PKEX_VER_AUTO;
4669 #else /* CONFIG_DPP3 */
4670 enum dpp_pkex_ver ver = PKEX_VER_ONLY_1;
4671 #endif /* CONFIG_DPP3 */
4672 int tcp_port = DPP_TCP_PORT;
4673 struct hostapd_ip_addr *ipaddr = NULL;
4674 #ifdef CONFIG_DPP2
4675 struct hostapd_ip_addr ipaddr_buf;
4676 char *addr;
4677
4678 pos = os_strstr(cmd, " tcp_port=");
4679 if (pos) {
4680 pos += 10;
4681 tcp_port = atoi(pos);
4682 }
4683
4684 addr = get_param(cmd, " tcp_addr=");
4685 if (addr) {
4686 int res;
4687
4688 res = hostapd_parse_ip_addr(addr, &ipaddr_buf);
4689 os_free(addr);
4690 if (res)
4691 return -1;
4692 ipaddr = &ipaddr_buf;
4693 }
4694 #endif /* CONFIG_DPP2 */
4695
4696 pos = os_strstr(cmd, " own=");
4697 if (!pos)
4698 return -1;
4699 pos += 5;
4700 own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
4701 if (!own_bi) {
4702 wpa_printf(MSG_DEBUG,
4703 "DPP: Identified bootstrap info not found");
4704 return -1;
4705 }
4706 if (own_bi->type != DPP_BOOTSTRAP_PKEX) {
4707 wpa_printf(MSG_DEBUG,
4708 "DPP: Identified bootstrap info not for PKEX");
4709 return -1;
4710 }
4711 wpa_s->dpp_pkex_bi = own_bi;
4712 own_bi->pkex_t = 0; /* clear pending errors on new code */
4713
4714 os_free(wpa_s->dpp_pkex_identifier);
4715 wpa_s->dpp_pkex_identifier = NULL;
4716 pos = os_strstr(cmd, " identifier=");
4717 if (pos) {
4718 pos += 12;
4719 end = os_strchr(pos, ' ');
4720 if (!end)
4721 return -1;
4722 wpa_s->dpp_pkex_identifier = os_malloc(end - pos + 1);
4723 if (!wpa_s->dpp_pkex_identifier)
4724 return -1;
4725 os_memcpy(wpa_s->dpp_pkex_identifier, pos, end - pos);
4726 wpa_s->dpp_pkex_identifier[end - pos] = '\0';
4727 }
4728
4729 pos = os_strstr(cmd, " code=");
4730 if (!pos)
4731 return -1;
4732 os_free(wpa_s->dpp_pkex_code);
4733 wpa_s->dpp_pkex_code = os_strdup(pos + 6);
4734 if (!wpa_s->dpp_pkex_code)
4735 return -1;
4736 wpa_s->dpp_pkex_code_len = os_strlen(wpa_s->dpp_pkex_code);
4737
4738 pos = os_strstr(cmd, " ver=");
4739 if (pos) {
4740 int v;
4741
4742 pos += 5;
4743 v = atoi(pos);
4744 if (v == 1)
4745 ver = PKEX_VER_ONLY_1;
4746 else if (v == 2)
4747 ver = PKEX_VER_ONLY_2;
4748 else
4749 return -1;
4750 }
4751 wpa_s->dpp_pkex_ver = ver;
4752
4753 if (os_strstr(cmd, " init=1")) {
4754 if (wpas_dpp_pkex_init(wpa_s, ver, ipaddr, tcp_port) < 0)
4755 return -1;
4756 } else {
4757 #ifdef CONFIG_DPP2
4758 dpp_controller_pkex_add(wpa_s->dpp, own_bi,
4759 wpa_s->dpp_pkex_code,
4760 wpa_s->dpp_pkex_identifier);
4761 #endif /* CONFIG_DPP2 */
4762 }
4763
4764 /* TODO: Support multiple PKEX info entries */
4765
4766 os_free(wpa_s->dpp_pkex_auth_cmd);
4767 wpa_s->dpp_pkex_auth_cmd = os_strdup(cmd);
4768
4769 return 1;
4770 }
4771
4772
wpas_dpp_pkex_remove(struct wpa_supplicant * wpa_s,const char * id)4773 int wpas_dpp_pkex_remove(struct wpa_supplicant *wpa_s, const char *id)
4774 {
4775 unsigned int id_val;
4776
4777 if (os_strcmp(id, "*") == 0) {
4778 id_val = 0;
4779 } else {
4780 id_val = atoi(id);
4781 if (id_val == 0)
4782 return -1;
4783 }
4784
4785 if ((id_val != 0 && id_val != 1))
4786 return -1;
4787
4788 /* TODO: Support multiple PKEX entries */
4789 os_free(wpa_s->dpp_pkex_code);
4790 wpa_s->dpp_pkex_code = NULL;
4791 os_free(wpa_s->dpp_pkex_identifier);
4792 wpa_s->dpp_pkex_identifier = NULL;
4793 os_free(wpa_s->dpp_pkex_auth_cmd);
4794 wpa_s->dpp_pkex_auth_cmd = NULL;
4795 wpa_s->dpp_pkex_bi = NULL;
4796 /* TODO: Remove dpp_pkex only if it is for the identified PKEX code */
4797 dpp_pkex_free(wpa_s->dpp_pkex);
4798 wpa_s->dpp_pkex = NULL;
4799 return 0;
4800 }
4801
4802
wpas_dpp_stop(struct wpa_supplicant * wpa_s)4803 void wpas_dpp_stop(struct wpa_supplicant *wpa_s)
4804 {
4805 if (wpa_s->dpp_auth || wpa_s->dpp_pkex || wpa_s->dpp_pkex_wait_auth_req)
4806 offchannel_send_action_done(wpa_s);
4807 dpp_auth_deinit(wpa_s->dpp_auth);
4808 wpa_s->dpp_auth = NULL;
4809 dpp_pkex_free(wpa_s->dpp_pkex);
4810 wpa_s->dpp_pkex = NULL;
4811 wpa_s->dpp_pkex_wait_auth_req = false;
4812 if (wpa_s->dpp_gas_client && wpa_s->dpp_gas_dialog_token >= 0)
4813 gas_query_stop(wpa_s->gas, wpa_s->dpp_gas_dialog_token);
4814 #ifdef CONFIG_DPP3
4815 wpas_dpp_push_button_stop(wpa_s);
4816 #endif /* CONFIG_DPP3 */
4817 }
4818
4819
wpas_dpp_init(struct wpa_supplicant * wpa_s)4820 int wpas_dpp_init(struct wpa_supplicant *wpa_s)
4821 {
4822 struct dpp_global_config config;
4823 u8 adv_proto_id[7];
4824
4825 adv_proto_id[0] = WLAN_EID_VENDOR_SPECIFIC;
4826 adv_proto_id[1] = 5;
4827 WPA_PUT_BE24(&adv_proto_id[2], OUI_WFA);
4828 adv_proto_id[5] = DPP_OUI_TYPE;
4829 adv_proto_id[6] = 0x01;
4830
4831 if (gas_server_register(wpa_s->gas_server, adv_proto_id,
4832 sizeof(adv_proto_id), wpas_dpp_gas_req_handler,
4833 wpas_dpp_gas_status_handler, wpa_s) < 0)
4834 return -1;
4835
4836 os_memset(&config, 0, sizeof(config));
4837 config.cb_ctx = wpa_s;
4838 #ifdef CONFIG_DPP2
4839 config.remove_bi = wpas_dpp_remove_bi;
4840 #endif /* CONFIG_DPP2 */
4841 wpa_s->dpp = dpp_global_init(&config);
4842 return wpa_s->dpp ? 0 : -1;
4843 }
4844
4845
wpas_dpp_deinit(struct wpa_supplicant * wpa_s)4846 void wpas_dpp_deinit(struct wpa_supplicant *wpa_s)
4847 {
4848 #ifdef CONFIG_TESTING_OPTIONS
4849 os_free(wpa_s->dpp_config_obj_override);
4850 wpa_s->dpp_config_obj_override = NULL;
4851 os_free(wpa_s->dpp_discovery_override);
4852 wpa_s->dpp_discovery_override = NULL;
4853 os_free(wpa_s->dpp_groups_override);
4854 wpa_s->dpp_groups_override = NULL;
4855 wpa_s->dpp_ignore_netaccesskey_mismatch = 0;
4856 #endif /* CONFIG_TESTING_OPTIONS */
4857 if (!wpa_s->dpp)
4858 return;
4859 eloop_cancel_timeout(wpas_dpp_pkex_retry_timeout, wpa_s, NULL);
4860 eloop_cancel_timeout(wpas_dpp_reply_wait_timeout, wpa_s, NULL);
4861 eloop_cancel_timeout(wpas_dpp_auth_conf_wait_timeout, wpa_s, NULL);
4862 eloop_cancel_timeout(wpas_dpp_init_timeout, wpa_s, NULL);
4863 eloop_cancel_timeout(wpas_dpp_auth_resp_retry_timeout, wpa_s, NULL);
4864 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s, NULL);
4865 eloop_cancel_timeout(wpas_dpp_gas_client_timeout, wpa_s, NULL);
4866 eloop_cancel_timeout(wpas_dpp_drv_wait_timeout, wpa_s, NULL);
4867 eloop_cancel_timeout(wpas_dpp_tx_auth_resp_roc_timeout, wpa_s, NULL);
4868 eloop_cancel_timeout(wpas_dpp_neg_freq_timeout, wpa_s, NULL);
4869 #ifdef CONFIG_DPP2
4870 eloop_cancel_timeout(wpas_dpp_config_result_wait_timeout, wpa_s, NULL);
4871 eloop_cancel_timeout(wpas_dpp_conn_status_result_wait_timeout,
4872 wpa_s, NULL);
4873 eloop_cancel_timeout(wpas_dpp_conn_status_result_timeout, wpa_s, NULL);
4874 eloop_cancel_timeout(wpas_dpp_reconfig_reply_wait_timeout,
4875 wpa_s, NULL);
4876 eloop_cancel_timeout(wpas_dpp_build_csr, wpa_s, NULL);
4877 eloop_cancel_timeout(wpas_dpp_connected_timeout, wpa_s, NULL);
4878 dpp_pfs_free(wpa_s->dpp_pfs);
4879 wpa_s->dpp_pfs = NULL;
4880 wpas_dpp_chirp_stop(wpa_s);
4881 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
4882 wpa_s->dpp_reconfig_id = NULL;
4883 #endif /* CONFIG_DPP2 */
4884 #ifdef CONFIG_DPP3
4885 eloop_cancel_timeout(wpas_dpp_build_new_key, wpa_s, NULL);
4886 #endif /* CONFIG_DPP3 */
4887 offchannel_send_action_done(wpa_s);
4888 wpas_dpp_listen_stop(wpa_s);
4889 wpas_dpp_stop(wpa_s);
4890 wpas_dpp_pkex_remove(wpa_s, "*");
4891 os_memset(wpa_s->dpp_intro_bssid, 0, ETH_ALEN);
4892 os_free(wpa_s->dpp_configurator_params);
4893 wpa_s->dpp_configurator_params = NULL;
4894 dpp_global_clear(wpa_s->dpp);
4895 }
4896
4897
wpas_dpp_build_conf_resp(struct wpa_supplicant * wpa_s,struct dpp_authentication * auth,bool tcp)4898 static int wpas_dpp_build_conf_resp(struct wpa_supplicant *wpa_s,
4899 struct dpp_authentication *auth, bool tcp)
4900 {
4901 struct wpabuf *resp;
4902
4903 resp = dpp_build_conf_resp(auth, auth->e_nonce, auth->curve->nonce_len,
4904 auth->e_netrole, true);
4905 if (!resp)
4906 return -1;
4907
4908 if (tcp) {
4909 auth->conf_resp_tcp = resp;
4910 return 0;
4911 }
4912
4913 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s, NULL);
4914 if (gas_server_set_resp(wpa_s->gas_server, auth->config_resp_ctx,
4915 resp) < 0) {
4916 wpa_printf(MSG_DEBUG,
4917 "DPP: Could not find pending GAS response");
4918 wpabuf_free(resp);
4919 return -1;
4920 }
4921 auth->conf_resp = resp;
4922 return 0;
4923 }
4924
4925
wpas_dpp_conf_set(struct wpa_supplicant * wpa_s,const char * cmd)4926 int wpas_dpp_conf_set(struct wpa_supplicant *wpa_s, const char *cmd)
4927 {
4928 int peer;
4929 const char *pos;
4930 struct dpp_authentication *auth = wpa_s->dpp_auth;
4931 bool tcp = false;
4932
4933 pos = os_strstr(cmd, " peer=");
4934 if (!pos)
4935 return -1;
4936 peer = atoi(pos + 6);
4937 #ifdef CONFIG_DPP2
4938 if (!auth || !auth->waiting_config ||
4939 (auth->peer_bi &&
4940 (unsigned int) peer != auth->peer_bi->id)) {
4941 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
4942 tcp = true;
4943 }
4944 #endif /* CONFIG_DPP2 */
4945
4946 if (!auth || !auth->waiting_config) {
4947 wpa_printf(MSG_DEBUG,
4948 "DPP: No authentication exchange waiting for configuration information");
4949 return -1;
4950 }
4951
4952 if ((!auth->peer_bi ||
4953 (unsigned int) peer != auth->peer_bi->id) &&
4954 (!auth->tmp_peer_bi ||
4955 (unsigned int) peer != auth->tmp_peer_bi->id)) {
4956 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
4957 return -1;
4958 }
4959
4960 pos = os_strstr(cmd, " comeback=");
4961 if (pos) {
4962 eloop_cancel_timeout(wpas_dpp_gas_initial_resp_timeout, wpa_s,
4963 NULL);
4964 gas_server_set_comeback_delay(wpa_s->gas_server,
4965 auth->config_resp_ctx,
4966 atoi(pos + 10));
4967 return 0;
4968 }
4969
4970 if (dpp_set_configurator(auth, cmd) < 0)
4971 return -1;
4972
4973 auth->use_config_query = false;
4974 auth->waiting_config = false;
4975 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
4976 }
4977
4978
4979 #ifdef CONFIG_DPP2
4980
wpas_dpp_controller_start(struct wpa_supplicant * wpa_s,const char * cmd)4981 int wpas_dpp_controller_start(struct wpa_supplicant *wpa_s, const char *cmd)
4982 {
4983 struct dpp_controller_config config;
4984 const char *pos;
4985
4986 os_memset(&config, 0, sizeof(config));
4987 config.allowed_roles = DPP_CAPAB_ENROLLEE | DPP_CAPAB_CONFIGURATOR;
4988 config.netrole = DPP_NETROLE_STA;
4989 config.msg_ctx = wpa_s;
4990 config.cb_ctx = wpa_s;
4991 config.process_conf_obj = wpas_dpp_process_conf_obj;
4992 config.tcp_msg_sent = wpas_dpp_tcp_msg_sent;
4993 if (cmd) {
4994 pos = os_strstr(cmd, " tcp_port=");
4995 if (pos) {
4996 pos += 10;
4997 config.tcp_port = atoi(pos);
4998 }
4999
5000 pos = os_strstr(cmd, " role=");
5001 if (pos) {
5002 pos += 6;
5003 if (os_strncmp(pos, "configurator", 12) == 0)
5004 config.allowed_roles = DPP_CAPAB_CONFIGURATOR;
5005 else if (os_strncmp(pos, "enrollee", 8) == 0)
5006 config.allowed_roles = DPP_CAPAB_ENROLLEE;
5007 else if (os_strncmp(pos, "either", 6) == 0)
5008 config.allowed_roles = DPP_CAPAB_CONFIGURATOR |
5009 DPP_CAPAB_ENROLLEE;
5010 else
5011 return -1;
5012 }
5013
5014 config.qr_mutual = os_strstr(cmd, " qr=mutual") != NULL;
5015 }
5016 config.configurator_params = wpa_s->dpp_configurator_params;
5017 return dpp_controller_start(wpa_s->dpp, &config);
5018 }
5019
5020
5021 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx);
5022
wpas_dpp_chirp_timeout(void * eloop_ctx,void * timeout_ctx)5023 static void wpas_dpp_chirp_timeout(void *eloop_ctx, void *timeout_ctx)
5024 {
5025 struct wpa_supplicant *wpa_s = eloop_ctx;
5026
5027 wpa_printf(MSG_DEBUG, "DPP: No chirp response received");
5028 offchannel_send_action_done(wpa_s);
5029 wpas_dpp_chirp_next(wpa_s, NULL);
5030 }
5031
5032
wpas_dpp_chirp_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)5033 static void wpas_dpp_chirp_tx_status(struct wpa_supplicant *wpa_s,
5034 unsigned int freq, const u8 *dst,
5035 const u8 *src, const u8 *bssid,
5036 const u8 *data, size_t data_len,
5037 enum offchannel_send_action_result result)
5038 {
5039 if (result == OFFCHANNEL_SEND_ACTION_FAILED) {
5040 wpa_printf(MSG_DEBUG, "DPP: Failed to send chirp on %d MHz",
5041 wpa_s->dpp_chirp_freq);
5042 if (eloop_register_timeout(0, 0, wpas_dpp_chirp_next,
5043 wpa_s, NULL) < 0)
5044 wpas_dpp_chirp_stop(wpa_s);
5045 return;
5046 }
5047
5048 wpa_printf(MSG_DEBUG, "DPP: Chirp send completed - wait for response");
5049 #ifdef __ZEPHYR__
5050 if (eloop_register_timeout(5, 0, wpas_dpp_chirp_timeout,
5051 wpa_s, NULL) < 0)
5052 #else
5053 if (eloop_register_timeout(2, 0, wpas_dpp_chirp_timeout,
5054 wpa_s, NULL) < 0)
5055 #endif
5056 wpas_dpp_chirp_stop(wpa_s);
5057 }
5058
5059
wpas_dpp_chirp_start(struct wpa_supplicant * wpa_s)5060 static void wpas_dpp_chirp_start(struct wpa_supplicant *wpa_s)
5061 {
5062 struct wpabuf *msg, *announce = NULL;
5063 int type;
5064
5065 msg = wpa_s->dpp_presence_announcement;
5066 type = DPP_PA_PRESENCE_ANNOUNCEMENT;
5067 if (!msg) {
5068 struct wpa_ssid *ssid = wpa_s->dpp_reconfig_ssid;
5069
5070 if (ssid && wpa_s->dpp_reconfig_id &&
5071 wpa_config_get_network(wpa_s->conf,
5072 wpa_s->dpp_reconfig_ssid_id) ==
5073 ssid) {
5074 announce = dpp_build_reconfig_announcement(
5075 ssid->dpp_csign,
5076 ssid->dpp_csign_len,
5077 ssid->dpp_netaccesskey,
5078 ssid->dpp_netaccesskey_len,
5079 wpa_s->dpp_reconfig_id);
5080 msg = announce;
5081 }
5082 if (!msg)
5083 return;
5084 type = DPP_PA_RECONFIG_ANNOUNCEMENT;
5085 }
5086 wpa_printf(MSG_DEBUG, "DPP: Chirp on %d MHz", wpa_s->dpp_chirp_freq);
5087 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
5088 MAC2STR(broadcast), wpa_s->dpp_chirp_freq, type);
5089 if (offchannel_send_action(
5090 wpa_s, wpa_s->dpp_chirp_freq, broadcast,
5091 wpa_s->own_addr, broadcast,
5092 wpabuf_head(msg), wpabuf_len(msg),
5093 2000, wpas_dpp_chirp_tx_status, 0) < 0)
5094 wpas_dpp_chirp_stop(wpa_s);
5095
5096 wpabuf_free(announce);
5097 }
5098
5099
wpas_dpp_presence_ann_channels(struct wpa_supplicant * wpa_s,struct dpp_bootstrap_info * bi)5100 static int * wpas_dpp_presence_ann_channels(struct wpa_supplicant *wpa_s,
5101 struct dpp_bootstrap_info *bi)
5102 {
5103 unsigned int i;
5104 struct hostapd_hw_modes *mode;
5105 int c;
5106 struct wpa_bss *bss;
5107 bool chan6 = wpa_s->hw.modes == NULL;
5108 int *freqs = NULL;
5109
5110 /* Channels from own bootstrapping info */
5111 if (bi) {
5112 for (i = 0; i < bi->num_freq; i++)
5113 int_array_add_unique(&freqs, bi->freq[i]);
5114 }
5115
5116 /* Preferred chirping channels */
5117 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
5118 HOSTAPD_MODE_IEEE80211G, false);
5119 if (mode) {
5120 for (c = 0; c < mode->num_channels; c++) {
5121 struct hostapd_channel_data *chan = &mode->channels[c];
5122
5123 if ((chan->flag & HOSTAPD_CHAN_DISABLED) ||
5124 chan->freq != 2437)
5125 continue;
5126 chan6 = true;
5127 break;
5128 }
5129 }
5130 if (chan6)
5131 int_array_add_unique(&freqs, 2437);
5132
5133 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
5134 HOSTAPD_MODE_IEEE80211A, false);
5135 if (mode) {
5136 int chan44 = 0, chan149 = 0;
5137
5138 for (c = 0; c < mode->num_channels; c++) {
5139 struct hostapd_channel_data *chan = &mode->channels[c];
5140
5141 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
5142 HOSTAPD_CHAN_RADAR))
5143 continue;
5144 if (chan->freq == 5220)
5145 chan44 = 1;
5146 if (chan->freq == 5745)
5147 chan149 = 1;
5148 }
5149 if (chan149)
5150 int_array_add_unique(&freqs, 5745);
5151 else if (chan44)
5152 int_array_add_unique(&freqs, 5220);
5153 }
5154
5155 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
5156 HOSTAPD_MODE_IEEE80211AD, false);
5157 if (mode) {
5158 for (c = 0; c < mode->num_channels; c++) {
5159 struct hostapd_channel_data *chan = &mode->channels[c];
5160
5161 if ((chan->flag & (HOSTAPD_CHAN_DISABLED |
5162 HOSTAPD_CHAN_RADAR)) ||
5163 chan->freq != 60480)
5164 continue;
5165 int_array_add_unique(&freqs, 60480);
5166 break;
5167 }
5168 }
5169
5170 /* Add channels from scan results for APs that advertise Configurator
5171 * Connectivity element */
5172 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5173 if (wpa_bss_get_vendor_ie(bss, DPP_CC_IE_VENDOR_TYPE))
5174 int_array_add_unique(&freqs, bss->freq);
5175 }
5176
5177 return freqs;
5178 }
5179
5180
wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant * wpa_s,struct wpa_scan_results * scan_res)5181 static void wpas_dpp_chirp_scan_res_handler(struct wpa_supplicant *wpa_s,
5182 struct wpa_scan_results *scan_res)
5183 {
5184 struct dpp_bootstrap_info *bi = wpa_s->dpp_chirp_bi;
5185
5186 if (!bi && !wpa_s->dpp_reconfig_ssid)
5187 return;
5188
5189 wpa_s->dpp_chirp_scan_done = 1;
5190
5191 os_free(wpa_s->dpp_chirp_freqs);
5192 wpa_s->dpp_chirp_freqs = wpas_dpp_presence_ann_channels(wpa_s, bi);
5193
5194 if (!wpa_s->dpp_chirp_freqs ||
5195 eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL) < 0)
5196 wpas_dpp_chirp_stop(wpa_s);
5197 }
5198
5199
wpas_dpp_chirp_next(void * eloop_ctx,void * timeout_ctx)5200 static void wpas_dpp_chirp_next(void *eloop_ctx, void *timeout_ctx)
5201 {
5202 struct wpa_supplicant *wpa_s = eloop_ctx;
5203 int i;
5204
5205 if (wpa_s->dpp_chirp_listen)
5206 wpas_dpp_listen_stop(wpa_s);
5207
5208 if (wpa_s->dpp_chirp_freq == 0) {
5209 if (wpa_s->dpp_chirp_round % 4 == 0 &&
5210 !wpa_s->dpp_chirp_scan_done) {
5211 if (wpas_scan_scheduled(wpa_s)) {
5212 wpa_printf(MSG_DEBUG,
5213 "DPP: Deferring chirp scan because another scan is planned already");
5214 if (eloop_register_timeout(1, 0,
5215 wpas_dpp_chirp_next,
5216 wpa_s, NULL) < 0) {
5217 wpas_dpp_chirp_stop(wpa_s);
5218 return;
5219 }
5220 return;
5221 }
5222 wpa_printf(MSG_DEBUG,
5223 "DPP: Update channel list for chirping");
5224 wpa_s->scan_req = MANUAL_SCAN_REQ;
5225 wpa_s->scan_res_handler =
5226 wpas_dpp_chirp_scan_res_handler;
5227 wpa_supplicant_req_scan(wpa_s, 0, 0);
5228 return;
5229 }
5230 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[0];
5231 wpa_s->dpp_chirp_round++;
5232 wpa_printf(MSG_DEBUG, "DPP: Start chirping round %d",
5233 wpa_s->dpp_chirp_round);
5234 } else {
5235 for (i = 0; wpa_s->dpp_chirp_freqs[i]; i++)
5236 if (wpa_s->dpp_chirp_freqs[i] == wpa_s->dpp_chirp_freq)
5237 break;
5238 if (!wpa_s->dpp_chirp_freqs[i]) {
5239 wpa_printf(MSG_DEBUG,
5240 "DPP: Previous chirp freq %d not found",
5241 wpa_s->dpp_chirp_freq);
5242 return;
5243 }
5244 i++;
5245 if (wpa_s->dpp_chirp_freqs[i]) {
5246 wpa_s->dpp_chirp_freq = wpa_s->dpp_chirp_freqs[i];
5247 } else {
5248 wpa_s->dpp_chirp_iter--;
5249 if (wpa_s->dpp_chirp_iter <= 0) {
5250 wpa_printf(MSG_DEBUG,
5251 "DPP: Chirping iterations completed");
5252 wpas_dpp_chirp_stop(wpa_s);
5253 return;
5254 }
5255 wpa_s->dpp_chirp_freq = 0;
5256 wpa_s->dpp_chirp_scan_done = 0;
5257 if (eloop_register_timeout(30, 0, wpas_dpp_chirp_next,
5258 wpa_s, NULL) < 0) {
5259 wpas_dpp_chirp_stop(wpa_s);
5260 return;
5261 }
5262 if (wpa_s->dpp_chirp_listen) {
5263 wpa_printf(MSG_DEBUG,
5264 "DPP: Listen on %d MHz during chirp 30 second wait",
5265 wpa_s->dpp_chirp_listen);
5266 wpas_dpp_listen_start(wpa_s,
5267 wpa_s->dpp_chirp_listen);
5268 } else {
5269 wpa_printf(MSG_DEBUG,
5270 "DPP: Wait 30 seconds before starting the next chirping round");
5271 }
5272 return;
5273 }
5274 }
5275
5276 wpas_dpp_chirp_start(wpa_s);
5277 }
5278
5279
wpas_dpp_chirp(struct wpa_supplicant * wpa_s,const char * cmd)5280 int wpas_dpp_chirp(struct wpa_supplicant *wpa_s, const char *cmd)
5281 {
5282 const char *pos;
5283 int iter = 1, listen_freq = 0;
5284 struct dpp_bootstrap_info *bi;
5285
5286 pos = os_strstr(cmd, " own=");
5287 if (!pos)
5288 return -1;
5289 pos += 5;
5290 bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
5291 if (!bi) {
5292 wpa_printf(MSG_DEBUG,
5293 "DPP: Identified bootstrap info not found");
5294 return -1;
5295 }
5296
5297 pos = os_strstr(cmd, " iter=");
5298 if (pos) {
5299 iter = atoi(pos + 6);
5300 if (iter <= 0)
5301 return -1;
5302 }
5303
5304 pos = os_strstr(cmd, " listen=");
5305 if (pos) {
5306 listen_freq = atoi(pos + 8);
5307 if (listen_freq <= 0)
5308 return -1;
5309 }
5310
5311 wpas_dpp_chirp_stop(wpa_s);
5312 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
5313 wpa_s->dpp_netrole = DPP_NETROLE_STA;
5314 wpa_s->dpp_qr_mutual = 0;
5315 wpa_s->dpp_chirp_bi = bi;
5316 wpa_s->dpp_presence_announcement = dpp_build_presence_announcement(bi);
5317 if (!wpa_s->dpp_presence_announcement)
5318 return -1;
5319 wpa_s->dpp_chirp_iter = iter;
5320 wpa_s->dpp_chirp_round = 0;
5321 wpa_s->dpp_chirp_scan_done = 0;
5322 wpa_s->dpp_chirp_listen = listen_freq;
5323
5324 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
5325 }
5326
5327
wpas_dpp_chirp_stop(struct wpa_supplicant * wpa_s)5328 void wpas_dpp_chirp_stop(struct wpa_supplicant *wpa_s)
5329 {
5330 if (wpa_s->dpp_presence_announcement ||
5331 wpa_s->dpp_reconfig_ssid) {
5332 offchannel_send_action_done(wpa_s);
5333 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_CHIRP_STOPPED);
5334 }
5335 wpa_s->dpp_chirp_bi = NULL;
5336 wpabuf_free(wpa_s->dpp_presence_announcement);
5337 wpa_s->dpp_presence_announcement = NULL;
5338 if (wpa_s->dpp_chirp_listen)
5339 wpas_dpp_listen_stop(wpa_s);
5340 wpa_s->dpp_chirp_listen = 0;
5341 wpa_s->dpp_chirp_freq = 0;
5342 os_free(wpa_s->dpp_chirp_freqs);
5343 wpa_s->dpp_chirp_freqs = NULL;
5344 eloop_cancel_timeout(wpas_dpp_chirp_next, wpa_s, NULL);
5345 eloop_cancel_timeout(wpas_dpp_chirp_timeout, wpa_s, NULL);
5346 if (wpa_s->scan_res_handler == wpas_dpp_chirp_scan_res_handler) {
5347 wpas_abort_ongoing_scan(wpa_s);
5348 wpa_s->scan_res_handler = NULL;
5349 }
5350 }
5351
5352
wpas_dpp_reconfig(struct wpa_supplicant * wpa_s,const char * cmd)5353 int wpas_dpp_reconfig(struct wpa_supplicant *wpa_s, const char *cmd)
5354 {
5355 struct wpa_ssid *ssid;
5356 int iter = 1;
5357 const char *pos;
5358
5359 ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd));
5360 if (!ssid || !ssid->dpp_connector || !ssid->dpp_netaccesskey ||
5361 !ssid->dpp_csign) {
5362 wpa_printf(MSG_DEBUG,
5363 "DPP: Not a valid network profile for reconfiguration");
5364 return -1;
5365 }
5366
5367 pos = os_strstr(cmd, " iter=");
5368 if (pos) {
5369 iter = atoi(pos + 6);
5370 if (iter <= 0)
5371 return -1;
5372 }
5373
5374 if (wpa_s->dpp_auth) {
5375 wpa_printf(MSG_DEBUG,
5376 "DPP: Not ready to start reconfiguration - pending authentication exchange in progress");
5377 return -1;
5378 }
5379
5380 dpp_free_reconfig_id(wpa_s->dpp_reconfig_id);
5381 wpa_s->dpp_reconfig_id = dpp_gen_reconfig_id(ssid->dpp_csign,
5382 ssid->dpp_csign_len,
5383 ssid->dpp_pp_key,
5384 ssid->dpp_pp_key_len);
5385 if (!wpa_s->dpp_reconfig_id) {
5386 wpa_printf(MSG_DEBUG,
5387 "DPP: Failed to generate E-id for reconfiguration");
5388 return -1;
5389 }
5390 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) {
5391 wpa_printf(MSG_DEBUG, "DPP: Disconnect for reconfiguration");
5392 wpa_s->own_disconnect_req = 1;
5393 wpa_supplicant_deauthenticate(
5394 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5395 }
5396 wpas_dpp_chirp_stop(wpa_s);
5397 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
5398 wpa_s->dpp_netrole = DPP_NETROLE_STA;
5399 wpa_s->dpp_qr_mutual = 0;
5400 wpa_s->dpp_reconfig_ssid = ssid;
5401 wpa_s->dpp_reconfig_ssid_id = ssid->id;
5402 wpa_s->dpp_chirp_iter = iter;
5403 wpa_s->dpp_chirp_round = 0;
5404 wpa_s->dpp_chirp_scan_done = 0;
5405 wpa_s->dpp_chirp_listen = 0;
5406
5407 return eloop_register_timeout(0, 0, wpas_dpp_chirp_next, wpa_s, NULL);
5408 }
5409
5410
wpas_dpp_ca_set(struct wpa_supplicant * wpa_s,const char * cmd)5411 int wpas_dpp_ca_set(struct wpa_supplicant *wpa_s, const char *cmd)
5412 {
5413 int peer = -1;
5414 const char *pos, *value;
5415 struct dpp_authentication *auth = wpa_s->dpp_auth;
5416 u8 *bin;
5417 size_t bin_len;
5418 struct wpabuf *buf;
5419 bool tcp = false;
5420
5421 pos = os_strstr(cmd, " peer=");
5422 if (pos) {
5423 peer = atoi(pos + 6);
5424 if (!auth || !auth->waiting_cert ||
5425 (auth->peer_bi &&
5426 (unsigned int) peer != auth->peer_bi->id)) {
5427 auth = dpp_controller_get_auth(wpa_s->dpp, peer);
5428 tcp = true;
5429 }
5430 }
5431
5432 if (!auth || !auth->waiting_cert) {
5433 wpa_printf(MSG_DEBUG,
5434 "DPP: No authentication exchange waiting for certificate information");
5435 return -1;
5436 }
5437
5438 if (peer >= 0 &&
5439 (!auth->peer_bi ||
5440 (unsigned int) peer != auth->peer_bi->id) &&
5441 (!auth->tmp_peer_bi ||
5442 (unsigned int) peer != auth->tmp_peer_bi->id)) {
5443 wpa_printf(MSG_DEBUG, "DPP: Peer mismatch");
5444 return -1;
5445 }
5446
5447 pos = os_strstr(cmd, " value=");
5448 if (!pos)
5449 return -1;
5450 value = pos + 7;
5451
5452 pos = os_strstr(cmd, " name=");
5453 if (!pos)
5454 return -1;
5455 pos += 6;
5456
5457 if (os_strncmp(pos, "status ", 7) == 0) {
5458 auth->force_conf_resp_status = atoi(value);
5459 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
5460 }
5461
5462 if (os_strncmp(pos, "trustedEapServerName ", 21) == 0) {
5463 os_free(auth->trusted_eap_server_name);
5464 auth->trusted_eap_server_name = os_strdup(value);
5465 return auth->trusted_eap_server_name ? 0 : -1;
5466 }
5467
5468 bin = hostap_base64_decode(value, os_strlen(value), &bin_len);
5469 if (!bin)
5470 return -1;
5471 buf = wpabuf_alloc_copy(bin, bin_len);
5472 os_free(bin);
5473
5474 if (os_strncmp(pos, "caCert ", 7) == 0) {
5475 wpabuf_free(auth->cacert);
5476 auth->cacert = buf;
5477 return 0;
5478 }
5479
5480 if (os_strncmp(pos, "certBag ", 8) == 0) {
5481 wpabuf_free(auth->certbag);
5482 auth->certbag = buf;
5483 return wpas_dpp_build_conf_resp(wpa_s, auth, tcp);
5484 }
5485
5486 wpabuf_free(buf);
5487 return -1;
5488 }
5489
5490 #endif /* CONFIG_DPP2 */
5491
5492
5493 #ifdef CONFIG_DPP3
5494
5495 #define DPP_PB_ANNOUNCE_PER_CHAN 3
5496
5497 static int wpas_dpp_pb_announce(struct wpa_supplicant *wpa_s, int freq);
5498 static void wpas_dpp_pb_next(void *eloop_ctx, void *timeout_ctx);
5499
5500
wpas_dpp_pb_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)5501 static void wpas_dpp_pb_tx_status(struct wpa_supplicant *wpa_s,
5502 unsigned int freq, const u8 *dst,
5503 const u8 *src, const u8 *bssid,
5504 const u8 *data, size_t data_len,
5505 enum offchannel_send_action_result result)
5506 {
5507 if (result == OFFCHANNEL_SEND_ACTION_FAILED) {
5508 wpa_printf(MSG_DEBUG,
5509 "DPP: Failed to send push button announcement on %d MHz",
5510 freq);
5511 if (eloop_register_timeout(0, 0, wpas_dpp_pb_next,
5512 wpa_s, NULL) < 0)
5513 wpas_dpp_push_button_stop(wpa_s);
5514 return;
5515 }
5516
5517 wpa_printf(MSG_DEBUG, "DPP: Push button announcement on %d MHz sent",
5518 freq);
5519 if (wpa_s->dpp_pb_discovery_done) {
5520 wpa_s->dpp_pb_announce_count = 0;
5521 wpa_printf(MSG_DEBUG,
5522 "DPP: Wait for push button announcement response and PKEX on %d MHz",
5523 freq);
5524 if (eloop_register_timeout(0, 500000, wpas_dpp_pb_next,
5525 wpa_s, NULL) < 0)
5526 wpas_dpp_push_button_stop(wpa_s);
5527 return;
5528 } else if (wpa_s->dpp_pb_announce_count >= DPP_PB_ANNOUNCE_PER_CHAN) {
5529 wpa_printf(MSG_DEBUG,
5530 "DPP: Wait for push button announcement response on %d MHz",
5531 freq);
5532 if (eloop_register_timeout(0, 50000, wpas_dpp_pb_next,
5533 wpa_s, NULL) < 0)
5534 wpas_dpp_push_button_stop(wpa_s);
5535 return;
5536 }
5537
5538 if (wpas_dpp_pb_announce(wpa_s, freq) < 0)
5539 wpas_dpp_push_button_stop(wpa_s);
5540 }
5541
5542
wpas_dpp_pb_announce(struct wpa_supplicant * wpa_s,int freq)5543 static int wpas_dpp_pb_announce(struct wpa_supplicant *wpa_s, int freq)
5544 {
5545 struct wpabuf *msg;
5546 int type;
5547
5548 msg = wpa_s->dpp_pb_announcement;
5549 if (!msg)
5550 return -1;
5551
5552 wpa_s->dpp_pb_announce_count++;
5553 wpa_printf(MSG_DEBUG,
5554 "DPP: Send push button announcement %d/%d (%d MHz)",
5555 wpa_s->dpp_pb_announce_count, DPP_PB_ANNOUNCE_PER_CHAN,
5556 freq);
5557
5558 type = DPP_PA_PB_PRESENCE_ANNOUNCEMENT;
5559 if (wpa_s->dpp_pb_announce_count == 1)
5560 wpa_msg(wpa_s, MSG_INFO,
5561 DPP_EVENT_TX "dst=" MACSTR " freq=%u type=%d",
5562 MAC2STR(broadcast), freq, type);
5563 if (offchannel_send_action(
5564 wpa_s, freq, broadcast, wpa_s->own_addr, broadcast,
5565 wpabuf_head(msg), wpabuf_len(msg),
5566 1000, wpas_dpp_pb_tx_status, 0) < 0)
5567 return -1;
5568
5569 return 0;
5570 }
5571
5572
wpas_dpp_pb_next(void * eloop_ctx,void * timeout_ctx)5573 static void wpas_dpp_pb_next(void *eloop_ctx, void *timeout_ctx)
5574 {
5575 struct wpa_supplicant *wpa_s = eloop_ctx;
5576 struct os_reltime now;
5577 int freq;
5578
5579 if (!wpa_s->dpp_pb_freqs)
5580 return;
5581
5582 os_get_reltime(&now);
5583 offchannel_send_action_done(wpa_s);
5584
5585 if (os_reltime_expired(&now, &wpa_s->dpp_pb_time, 100)) {
5586 wpa_printf(MSG_DEBUG, "DPP: Push button wait time expired");
5587 wpas_dpp_push_button_stop(wpa_s);
5588 return;
5589 }
5590
5591 if (wpa_s->dpp_pb_freq_idx >= int_array_len(wpa_s->dpp_pb_freqs)) {
5592 wpa_printf(MSG_DEBUG,
5593 "DPP: Completed push button announcement round");
5594 wpa_s->dpp_pb_freq_idx = 0;
5595 if (wpa_s->dpp_pb_stop_iter > 0) {
5596 wpa_s->dpp_pb_stop_iter--;
5597
5598 if (wpa_s->dpp_pb_stop_iter == 1) {
5599 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_STATUS
5600 "wait for AP/Configurator to allow PKEX to be initiated");
5601 if (eloop_register_timeout(10, 0,
5602 wpas_dpp_pb_next,
5603 wpa_s, NULL) < 0) {
5604 wpas_dpp_push_button_stop(wpa_s);
5605 return;
5606 }
5607 return;
5608 }
5609
5610 if (wpa_s->dpp_pb_stop_iter == 0) {
5611 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_STATUS
5612 "start push button PKEX responder on the discovered channel (%d MHz)",
5613 wpa_s->dpp_pb_resp_freq);
5614 wpa_s->dpp_pb_discovery_done = true;
5615
5616 wpa_s->dpp_pkex_bi = wpa_s->dpp_pb_bi;
5617
5618 os_free(wpa_s->dpp_pkex_code);
5619 wpa_s->dpp_pkex_code = os_memdup(
5620 wpa_s->dpp_pb_c_nonce,
5621 wpa_s->dpp_pb_c_nonce_len);
5622 wpa_s->dpp_pkex_code_len =
5623 wpa_s->dpp_pb_c_nonce_len;
5624
5625 os_free(wpa_s->dpp_pkex_identifier);
5626 wpa_s->dpp_pkex_identifier =
5627 os_strdup("PBPKEX");
5628
5629 if (!wpa_s->dpp_pkex_code ||
5630 !wpa_s->dpp_pkex_identifier) {
5631 wpas_dpp_push_button_stop(wpa_s);
5632 return;
5633 }
5634
5635 wpa_s->dpp_pkex_ver = PKEX_VER_ONLY_2;
5636
5637 os_free(wpa_s->dpp_pkex_auth_cmd);
5638 wpa_s->dpp_pkex_auth_cmd = NULL;
5639 }
5640 }
5641 }
5642
5643 if (wpa_s->dpp_pb_discovery_done)
5644 freq = wpa_s->dpp_pb_resp_freq;
5645 else
5646 freq = wpa_s->dpp_pb_freqs[wpa_s->dpp_pb_freq_idx++];
5647 wpa_s->dpp_pb_announce_count = 0;
5648 if (!wpa_s->dpp_pb_announcement) {
5649 wpa_printf(MSG_DEBUG, "DPP: Push button announcements stopped");
5650 return;
5651 }
5652 if (wpas_dpp_pb_announce(wpa_s, freq) < 0) {
5653 wpas_dpp_push_button_stop(wpa_s);
5654 return;
5655 }
5656 }
5657
5658
wpas_dpp_push_button_expire(void * eloop_ctx,void * timeout_ctx)5659 static void wpas_dpp_push_button_expire(void *eloop_ctx, void *timeout_ctx)
5660 {
5661 struct wpa_supplicant *wpa_s = eloop_ctx;
5662
5663 wpa_printf(MSG_DEBUG,
5664 "DPP: Active push button Configurator mode expired");
5665 wpas_dpp_push_button_stop(wpa_s);
5666 }
5667
5668
wpas_dpp_push_button_configurator(struct wpa_supplicant * wpa_s,const char * cmd)5669 static int wpas_dpp_push_button_configurator(struct wpa_supplicant *wpa_s,
5670 const char *cmd)
5671 {
5672 wpa_s->dpp_pb_configurator = true;
5673 wpa_s->dpp_pb_announce_time.sec = 0;
5674 wpa_s->dpp_pb_announce_time.usec = 0;
5675 str_clear_free(wpa_s->dpp_pb_cmd);
5676 wpa_s->dpp_pb_cmd = NULL;
5677 if (cmd) {
5678 wpa_s->dpp_pb_cmd = os_strdup(cmd);
5679 if (!wpa_s->dpp_pb_cmd)
5680 return -1;
5681 }
5682 eloop_register_timeout(100, 0, wpas_dpp_push_button_expire,
5683 wpa_s, NULL);
5684
5685 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_STATUS "started");
5686 return 0;
5687 }
5688
5689
wpas_dpp_pb_scan_res_handler(struct wpa_supplicant * wpa_s,struct wpa_scan_results * scan_res)5690 static void wpas_dpp_pb_scan_res_handler(struct wpa_supplicant *wpa_s,
5691 struct wpa_scan_results *scan_res)
5692 {
5693 if (!wpa_s->dpp_pb_time.sec && !wpa_s->dpp_pb_time.usec)
5694 return;
5695
5696 os_free(wpa_s->dpp_pb_freqs);
5697 wpa_s->dpp_pb_freqs = wpas_dpp_presence_ann_channels(wpa_s, NULL);
5698
5699 wpa_printf(MSG_DEBUG, "DPP: Scan completed for PB discovery");
5700 if (!wpa_s->dpp_pb_freqs ||
5701 eloop_register_timeout(0, 0, wpas_dpp_pb_next, wpa_s, NULL) < 0)
5702 wpas_dpp_push_button_stop(wpa_s);
5703 }
5704
5705
wpas_dpp_push_button(struct wpa_supplicant * wpa_s,const char * cmd)5706 int wpas_dpp_push_button(struct wpa_supplicant *wpa_s, const char *cmd)
5707 {
5708 int res;
5709
5710 if (!wpa_s->dpp)
5711 return -1;
5712 wpas_dpp_push_button_stop(wpa_s);
5713 wpas_dpp_stop(wpa_s);
5714 wpas_dpp_chirp_stop(wpa_s);
5715
5716 os_get_reltime(&wpa_s->dpp_pb_time);
5717
5718 if (cmd &&
5719 (os_strstr(cmd, " role=configurator") ||
5720 os_strstr(cmd, " conf=")))
5721 return wpas_dpp_push_button_configurator(wpa_s, cmd);
5722
5723 wpa_s->dpp_pb_configurator = false;
5724
5725 wpa_s->dpp_pb_freq_idx = 0;
5726
5727 res = dpp_bootstrap_gen(wpa_s->dpp, "type=pkex");
5728 if (res < 0)
5729 return -1;
5730 wpa_s->dpp_pb_bi = dpp_bootstrap_get_id(wpa_s->dpp, res);
5731 if (!wpa_s->dpp_pb_bi)
5732 return -1;
5733
5734 wpa_s->dpp_allowed_roles = DPP_CAPAB_ENROLLEE;
5735 wpa_s->dpp_netrole = DPP_NETROLE_STA;
5736 wpa_s->dpp_qr_mutual = 0;
5737 wpa_s->dpp_pb_announcement =
5738 dpp_build_pb_announcement(wpa_s->dpp_pb_bi);
5739 if (!wpa_s->dpp_pb_announcement)
5740 return -1;
5741
5742 wpa_printf(MSG_DEBUG,
5743 "DPP: Scan to create channel list for PB discovery");
5744 wpa_s->scan_req = MANUAL_SCAN_REQ;
5745 wpa_s->scan_res_handler = wpas_dpp_pb_scan_res_handler;
5746 wpa_supplicant_req_scan(wpa_s, 0, 0);
5747 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_STATUS "started");
5748 return 0;
5749 }
5750
5751
wpas_dpp_push_button_stop(struct wpa_supplicant * wpa_s)5752 void wpas_dpp_push_button_stop(struct wpa_supplicant *wpa_s)
5753 {
5754 if (!wpa_s->dpp)
5755 return;
5756 os_free(wpa_s->dpp_pb_freqs);
5757 wpa_s->dpp_pb_freqs = NULL;
5758 wpabuf_free(wpa_s->dpp_pb_announcement);
5759 wpa_s->dpp_pb_announcement = NULL;
5760 if (wpa_s->dpp_pb_bi) {
5761 char id[20];
5762
5763 if (wpa_s->dpp_pb_bi == wpa_s->dpp_pkex_bi)
5764 wpa_s->dpp_pkex_bi = NULL;
5765 os_snprintf(id, sizeof(id), "%u", wpa_s->dpp_pb_bi->id);
5766 dpp_bootstrap_remove(wpa_s->dpp, id);
5767 wpa_s->dpp_pb_bi = NULL;
5768 if (!wpa_s->dpp_pb_result_indicated) {
5769 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT "failed");
5770 wpa_s->dpp_pb_result_indicated = true;
5771 }
5772 }
5773
5774 wpa_s->dpp_pb_resp_freq = 0;
5775 wpa_s->dpp_pb_stop_iter = 0;
5776 wpa_s->dpp_pb_discovery_done = false;
5777 os_free(wpa_s->dpp_pb_cmd);
5778 wpa_s->dpp_pb_cmd = NULL;
5779
5780 eloop_cancel_timeout(wpas_dpp_pb_next, wpa_s, NULL);
5781 eloop_cancel_timeout(wpas_dpp_push_button_expire, wpa_s, NULL);
5782 if (wpas_dpp_pb_active(wpa_s)) {
5783 wpa_printf(MSG_DEBUG, "DPP: Stop active push button mode");
5784 if (!wpa_s->dpp_pb_result_indicated)
5785 wpa_msg(wpa_s, MSG_INFO, DPP_EVENT_PB_RESULT "failed");
5786 }
5787 wpa_s->dpp_pb_time.sec = 0;
5788 wpa_s->dpp_pb_time.usec = 0;
5789 dpp_pkex_free(wpa_s->dpp_pkex);
5790 wpa_s->dpp_pkex = NULL;
5791 os_free(wpa_s->dpp_pkex_auth_cmd);
5792 wpa_s->dpp_pkex_auth_cmd = NULL;
5793
5794 wpa_s->dpp_pb_result_indicated = false;
5795
5796 str_clear_free(wpa_s->dpp_pb_cmd);
5797 wpa_s->dpp_pb_cmd = NULL;
5798
5799 if (wpa_s->scan_res_handler == wpas_dpp_pb_scan_res_handler) {
5800 wpas_abort_ongoing_scan(wpa_s);
5801 wpa_s->scan_res_handler = NULL;
5802 }
5803 }
5804
5805 #endif /* CONFIG_DPP3 */
5806
