[v3,1/2] wps: reconfigure credentials on reload

Message ID	20210204153613.10356-1-raphael.melotte@mind.be
State	Accepted
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be> To: hostap@lists.infradead.org Subject: [PATCH v3 1/2] wps: reconfigure credentials on reload Date: Thu, 4 Feb 2021 16:36:13 +0100 Message-Id: <20210204153613.10356-1-raphael.melotte@mind.be> In-Reply-To: <20210204150104.6847-1-raphael.melotte@mind.be> References: <20210204150104.6847-1-raphael.melotte@mind.be> MIME-Version: 1.0 summary: Content analysis details: (0.1 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:630 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid Precedence: list Cc: =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	[v3,1/2] wps: reconfigure credentials on reload \| expand [v3,1/2] wps: reconfigure credentials on reload

Message ID

20210204153613.10356-1-raphael.melotte@mind.be

State

Accepted

Headers

From: =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be>
To: hostap@lists.infradead.org
Subject: [PATCH v3 1/2] wps: reconfigure credentials on reload
Date: Thu,  4 Feb 2021 16:36:13 +0100
Message-Id: <20210204153613.10356-1-raphael.melotte@mind.be>
In-Reply-To: <20210204150104.6847-1-raphael.melotte@mind.be>
References: <20210204150104.6847-1-raphael.melotte@mind.be>
MIME-Version: 1.0
Precedence: list
Cc: =?utf-8?b?UmFwaGHDq2wgTcOpbG90dGU=?= <raphael.melotte@mind.be>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

[v3,1/2] wps: reconfigure credentials on reload | expand

Commit Message

Raphaël Mélotte Feb. 4, 2021, 3:36 p.m. UTC

When new credentials are configured and hostapd is reconfigured using
SIGHUP (or reload on the ctrl_iface), also update the wps credentials.

Before these changes, when WPS is triggered the registar always serves
the credentials that were configured when hostapd started.

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>

---
Changes v2 -> v3:
  - By mistake, v2 contained only the CONFIG_WEP change

Changes v1 -> v2:
  - add missing ifdef for CONFIG_WEP

Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
---
 src/ap/wps_hostapd.c    | 86 +++++++++++++++++++++++++++++++++++++++--
 src/wps/wps.h           |  6 +++
 src/wps/wps_registrar.c | 29 ++++++++++++++
 3 files changed, 118 insertions(+), 3 deletions(-)

diff --git a/src/ap/wps_hostapd.c b/src/ap/wps_hostapd.c
index dc8aa8f65..ff942a67b 100644
--- a/src/ap/wps_hostapd.c
+++ b/src/ap/wps_hostapd.c
@@ -1375,6 +1375,43 @@  static void hostapd_wps_nfc_clear(struct wps_context *wps)
 #endif /* CONFIG_WPS_NFC */
 }
 
+int hostapd_wps_update_multi_ap(struct hostapd_data *hapd,
+				struct wps_registrar *reg) {
+	struct hostapd_bss_config *conf = hapd->conf;
+	u8 *multi_ap_backhaul_network_key = NULL;
+	size_t multi_ap_backhaul_network_key_len = 0;
+	int ret = -1;
+
+	if ((conf->multi_ap & FRONTHAUL_BSS) &&
+	    conf->multi_ap_backhaul_ssid.ssid_len) {
+		if (conf->multi_ap_backhaul_ssid.wpa_passphrase) {
+			multi_ap_backhaul_network_key =
+				(u8 *) os_strdup(conf->multi_ap_backhaul_ssid.wpa_passphrase);
+			if (multi_ap_backhaul_network_key == NULL)
+				return -1;
+			multi_ap_backhaul_network_key_len =
+				os_strlen(conf->multi_ap_backhaul_ssid.wpa_passphrase);
+		} else if (conf->multi_ap_backhaul_ssid.wpa_psk) {
+			multi_ap_backhaul_network_key = os_malloc(2 * PMK_LEN + 1);
+			if (multi_ap_backhaul_network_key == NULL)
+				return -1;
+			wpa_snprintf_hex((char *) multi_ap_backhaul_network_key,
+					 2 * PMK_LEN + 1,
+					 conf->multi_ap_backhaul_ssid.wpa_psk->psk,
+					 PMK_LEN);
+			multi_ap_backhaul_network_key_len = 2 * PMK_LEN;
+		}
+		ret = wps_registrar_update_multi_ap(reg,
+						    conf->multi_ap_backhaul_ssid.ssid,
+						    conf->multi_ap_backhaul_ssid.ssid_len,
+						    multi_ap_backhaul_network_key,
+						    multi_ap_backhaul_network_key_len);
+		os_free(multi_ap_backhaul_network_key);
+	}
+	return ret;
+}
+
+
 
 void hostapd_deinit_wps(struct hostapd_data *hapd)
 {
@@ -1409,11 +1446,54 @@  void hostapd_update_wps(struct hostapd_data *hapd)
 	hapd->wps->upc = hapd->conf->upc;
 #endif /* CONFIG_WPS_UPNP */
 
-	hostapd_wps_set_vendor_ext(hapd, hapd->wps);
-	hostapd_wps_set_application_ext(hapd, hapd->wps);
+	struct wps_context *wps = hapd->wps;
+	struct hostapd_bss_config *conf = hapd->conf;
+
+	os_memcpy(wps->ssid, conf->ssid.ssid, conf->ssid.ssid_len);
+	wps->ssid_len = conf->ssid.ssid_len;
+
+	/* Clear wps settings, then fill them again */
+	os_free(wps->network_key);
+	wps->network_key = NULL;
+	wps->network_key_len = 0;
+	wps->psk_set = 0;
+	if (conf->ssid.wpa_psk_file) {
+		/* Use per-device PSKs */
+	} else if (conf->ssid.wpa_passphrase) {
+		wps->network_key = (u8 *) os_strdup(conf->ssid.wpa_passphrase);
+		if (wps->network_key == NULL)
+			return;
+		wps->network_key_len = os_strlen(conf->ssid.wpa_passphrase);
+	} else if (conf->ssid.wpa_psk) {
+		wps->network_key = os_malloc(2 * PMK_LEN + 1);
+		if (wps->network_key == NULL)
+			return;
+		wpa_snprintf_hex((char *) wps->network_key, 2 * PMK_LEN + 1,
+				 conf->ssid.wpa_psk->psk, PMK_LEN);
+		wps->network_key_len = 2 * PMK_LEN;
+#ifdef CONFIG_WEP
+	} else if (conf->ssid.wep.keys_set && conf->ssid.wep.key[0]) {
+		wps->network_key = os_malloc(conf->ssid.wep.len[0]);
+		if (wps->network_key == NULL)
+			return;
+		os_memcpy(wps->network_key, conf->ssid.wep.key[0],
+			  conf->ssid.wep.len[0]);
+		wps->network_key_len = conf->ssid.wep.len[0];
+#endif /* CONFIG_WEP */
+	}
+
+	if (conf->ssid.wpa_psk) {
+		os_memcpy(wps->psk, conf->ssid.wpa_psk->psk, PMK_LEN);
+		wps->psk_set = 1;
+	}
+
+	hostapd_wps_update_multi_ap(hapd, wps->registrar);
+
+	hostapd_wps_set_vendor_ext(hapd, wps);
+	hostapd_wps_set_application_ext(hapd, wps);
 
 	if (hapd->conf->wps_state)
-		wps_registrar_update_ie(hapd->wps->registrar);
+		wps_registrar_update_ie(wps->registrar);
 	else
 		hostapd_deinit_wps(hapd);
 }
diff --git a/src/wps/wps.h b/src/wps/wps.h
index 93888b011..110e3ea52 100644
--- a/src/wps/wps.h
+++ b/src/wps/wps.h
@@ -938,6 +938,12 @@  struct wpabuf * wps_build_nfc_handover_sel_p2p(struct wps_context *ctx,
 					       struct wpabuf *nfc_dh_pubkey,
 					       struct wpabuf *nfc_dev_pw);
 
+int wps_registrar_update_multi_ap(struct wps_registrar *reg,
+				  const u8 *multi_ap_backhaul_ssid,
+				  size_t multi_ap_backhaul_ssid_len,
+				  const u8 *multi_ap_backhaul_network_key,
+				  size_t multi_ap_backhaul_network_key_len);
+
 /* ndef.c */
 struct wpabuf * ndef_parse_wifi(const struct wpabuf *buf);
 struct wpabuf * ndef_build_wifi(const struct wpabuf *buf);
diff --git a/src/wps/wps_registrar.c b/src/wps/wps_registrar.c
index 9e1ee36da..d6b27be28 100644
--- a/src/wps/wps_registrar.c
+++ b/src/wps/wps_registrar.c
@@ -3669,6 +3669,35 @@  int wps_registrar_config_ap(struct wps_registrar *reg,
 }
 
 
+int wps_registrar_update_multi_ap(struct wps_registrar *reg,
+				  const u8 *multi_ap_backhaul_ssid,
+				  size_t multi_ap_backhaul_ssid_len,
+				  const u8 *multi_ap_backhaul_network_key,
+				  size_t multi_ap_backhaul_network_key_len)
+{
+	if (multi_ap_backhaul_ssid != NULL) {
+		os_memcpy(reg->multi_ap_backhaul_ssid,
+			  multi_ap_backhaul_ssid,
+			  multi_ap_backhaul_ssid_len);
+		reg->multi_ap_backhaul_ssid_len =
+			multi_ap_backhaul_ssid_len;
+	}
+	os_free(reg->multi_ap_backhaul_network_key);
+	reg->multi_ap_backhaul_network_key = NULL;
+	reg->multi_ap_backhaul_network_key_len = 0;
+
+	if (multi_ap_backhaul_network_key != NULL) {
+		reg->multi_ap_backhaul_network_key =
+			os_memdup(multi_ap_backhaul_network_key,
+				  multi_ap_backhaul_network_key_len);
+		if (reg->multi_ap_backhaul_network_key == NULL)
+			return -1;
+		reg->multi_ap_backhaul_network_key_len =
+			multi_ap_backhaul_network_key_len;
+	}
+	return 0;
+}
+
 #ifdef CONFIG_WPS_NFC
 
 int wps_registrar_add_nfc_pw_token(struct wps_registrar *reg,

[v3,1/2] wps: reconfigure credentials on reload

Commit Message

Patch