3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 13:02:44 +01:00

p2p: WSC client provisioning and connection

Add the final two steps of the connection setup, and corresponding
disconnect logic:

* the WSC connection to the GO to do the client provisioning,
* the netdev_connect call to use the provisioned credentials for the
  final WPA2 connection.
This commit is contained in:
Andrew Zaborowski 2020-04-25 11:09:33 +02:00 committed by Denis Kenzior
parent 85f09d9318
commit 7a38085bf8

319
src/p2p.c
View File

@ -91,6 +91,7 @@ struct p2p_device {
struct netdev *conn_netdev;
uint32_t conn_netdev_watch_id;
uint32_t conn_new_intf_cmd_id;
struct wsc_enrollee *conn_enrollee;
struct l_timeout *config_timeout;
unsigned long go_config_delay;
@ -103,6 +104,14 @@ struct p2p_device {
bool enabled : 1;
bool have_roc_cookie : 1;
/*
* We need to track @disconnecting because while a connect action is
* always triggered by a DBus message, meaning that @pending_message
* is going to be non-NULL, a disconnect may also be a result of an
* error at a layer higher than netdev and may last until
* netdev_disconnect, or similar, finishes.
*/
bool disconnecting : 1;
};
struct p2p_discovery_user {
@ -173,6 +182,12 @@ static void p2p_discovery_user_free(void *data)
l_free(user);
}
static inline bool p2p_peer_operational(struct p2p_peer *peer)
{
return peer && peer->dev->conn_netdev && !peer->dev->conn_wsc_bss &&
!peer->wsc.pending_connect && !peer->dev->disconnecting;
}
static bool p2p_peer_match(const void *a, const void *b)
{
const struct p2p_peer *peer = a;
@ -296,6 +311,7 @@ static void p2p_connection_reset(struct p2p_device *dev)
* age will be checked on the next scan.
*/
dev->conn_peer = NULL;
dev->disconnecting = false;
dev->connections_left++;
if (dev->conn_pin) {
@ -320,6 +336,9 @@ static void p2p_connection_reset(struct p2p_device *dev)
*/
l_genl_family_cancel(dev->nl80211, dev->conn_new_intf_cmd_id);
if (dev->conn_enrollee)
wsc_enrollee_cancel(dev->conn_enrollee, false);
if (dev->conn_netdev) {
struct l_genl_msg *msg;
uint64_t wdev_id = netdev_get_wdev_id(dev->conn_netdev);
@ -471,9 +490,254 @@ static const struct frame_xchg_prefix p2p_frame_pd_resp = {
.len = 7,
};
static void p2p_netdev_connect_cb(struct netdev *netdev,
enum netdev_result result,
void *event_data, void *user_data)
{
struct p2p_device *dev = user_data;
struct p2p_peer *peer = dev->conn_peer;
l_debug("result: %i", result);
if (!peer->wsc.pending_connect || dev->disconnecting) {
/* Shouldn't happen except maybe in the ABORTED case */
return;
}
switch (result) {
case NETDEV_RESULT_OK:
dbus_pending_reply(&peer->wsc.pending_connect,
l_dbus_message_new_method_return(
peer->wsc.pending_connect));
l_dbus_property_changed(dbus_get_bus(),
p2p_peer_get_path(dev->conn_peer),
IWD_P2P_PEER_INTERFACE, "Connected");
break;
case NETDEV_RESULT_AUTHENTICATION_FAILED:
case NETDEV_RESULT_ASSOCIATION_FAILED:
case NETDEV_RESULT_HANDSHAKE_FAILED:
case NETDEV_RESULT_KEY_SETTING_FAILED:
/*
* In the AUTHENTICATION_FAILED and ASSOCIATION_FAILED
* cases there's nothing to disconnect. In the
* HANDSHAKE_FAILED and KEY_SETTINGS failed cases
* netdev disconnects from the GO automatically and we are
* called already from within the disconnect callback,
* so we can directly free the netdev.
*/
p2p_connect_failed(dev);
break;
case NETDEV_RESULT_ABORTED:
/*
* This case can only be triggered by netdev_disconnect so
* we'll wait for its callback before freeing the netdev.
* We will also have already replied to
* @peer->wsc.pending_connect so we have nothing to do here.
*/
break;
}
}
static void p2p_netdev_event(struct netdev *netdev, enum netdev_event event,
void *event_data, void *user_data)
{
struct p2p_device *dev = user_data;
switch (event) {
case NETDEV_EVENT_DISCONNECT_BY_AP:
case NETDEV_EVENT_DISCONNECT_BY_SME:
/*
* We may get a DISCONNECT_BY_SME as a result of a
* netdev_disconnect(). In that case let the callback handle
* that.
*/
if (dev->disconnecting)
break;
/* If we're not connected, .Connected is already False */
if (!p2p_peer_operational(dev->conn_peer)) {
p2p_connect_failed(dev);
break;
}
l_dbus_property_changed(dbus_get_bus(),
p2p_peer_get_path(dev->conn_peer),
IWD_P2P_PEER_INTERFACE, "Connected");
p2p_connection_reset(dev);
break;
default:
break;
};
}
static void p2p_handshake_event(struct handshake_state *hs,
enum handshake_event event, void *user_data,
...)
{
va_list args;
va_start(args, user_data);
switch (event) {
case HANDSHAKE_EVENT_FAILED:
netdev_handshake_failed(hs, va_arg(args, int));
break;
default:
break;
}
va_end(args);
}
static void p2p_peer_provision_done(int err, struct wsc_credentials_info *creds,
unsigned int n_creds, void *user_data)
{
struct p2p_peer *peer = user_data;
struct p2p_device *dev = peer->dev;
struct scan_bss *bss = dev->conn_wsc_bss;
struct handshake_state *hs = NULL;
struct iovec ie_iov = {};
int r = -EOPNOTSUPP;
struct p2p_association_req info = {};
struct ie_rsn_info bss_info = {};
struct ie_rsn_info rsn_info = {};
uint8_t rsne_buf[256];
l_debug("err=%i n_creds=%u", err, n_creds);
dev->conn_wsc_bss = NULL;
dev->conn_enrollee = NULL;
l_timeout_remove(dev->config_timeout);
l_timeout_remove(dev->go_neg_req_timeout);
if (err < 0) {
if (err == -ECANCELED && peer->wsc.pending_cancel) {
dbus_pending_reply(&peer->wsc.pending_cancel,
l_dbus_message_new_method_return(
peer->wsc.pending_cancel));
p2p_connection_reset(dev);
} else
p2p_connect_failed(dev);
goto done;
}
if (strlen(creds[0].ssid) != bss->ssid_len ||
memcmp(creds[0].ssid, bss->ssid, bss->ssid_len)) {
l_error("Unsupported: the SSID from the P2P peer's WSC "
"credentials doesn't match the SSID from the "
"Probe Response IEs");
goto not_supported;
}
/*
* Apparently some implementations send the intended client's address
* here (i.e. our), and some send the target BSS's (their own).
*/
if (memcmp(creds[0].addr, netdev_get_address(dev->conn_netdev), 6) &&
memcmp(creds[0].addr, bss->addr, 6)) {
char addr1[32], addr2[32];
l_strlcpy(addr1, util_address_to_string(creds[0].addr),
sizeof(addr1));
l_strlcpy(addr2, util_address_to_string(
netdev_get_address(dev->conn_netdev)),
sizeof(addr2));
l_error("Error: WSC credentials are not for our client "
"interface (%s vs. %s)", addr1, addr2);
goto error;
}
if (!bss->rsne || creds[0].security != SECURITY_PSK)
goto not_supported;
info.capability = dev->capability;
info.device_info = dev->device_info;
ie_iov.iov_base = p2p_build_association_req(&info, &ie_iov.iov_len);
L_WARN_ON(!ie_iov.iov_base);
scan_bss_get_rsn_info(bss, &bss_info);
rsn_info.akm_suites = wiphy_select_akm(dev->wiphy, bss, false);
if (!rsn_info.akm_suites)
goto not_supported;
rsn_info.pairwise_ciphers = wiphy_select_cipher(dev->wiphy,
bss_info.pairwise_ciphers);
rsn_info.group_cipher = wiphy_select_cipher(dev->wiphy,
bss_info.group_cipher);
if (!rsn_info.pairwise_ciphers || !rsn_info.group_cipher)
goto not_supported;
rsn_info.group_management_cipher = wiphy_select_cipher(dev->wiphy,
bss_info.group_management_cipher);
rsn_info.mfpc = rsn_info.group_management_cipher != 0;
ie_build_rsne(&rsn_info, rsne_buf);
hs = netdev_handshake_state_new(dev->conn_netdev);
if (!handshake_state_set_authenticator_ie(hs, bss->rsne))
goto not_supported;
if (!handshake_state_set_supplicant_ie(hs, rsne_buf))
goto not_supported;
handshake_state_set_event_func(hs, p2p_handshake_event, dev);
handshake_state_set_ssid(hs, bss->ssid, bss->ssid_len);
if (creds[0].has_passphrase) {
uint8_t psk[32];
if (crypto_psk_from_passphrase(creds[0].passphrase, bss->ssid,
bss->ssid_len, psk) < 0)
goto error;
handshake_state_set_pmk(hs, psk, 32);
} else
handshake_state_set_pmk(hs, creds[0].psk, 32);
r = netdev_connect(dev->conn_netdev, bss, hs, &ie_iov, 1,
p2p_netdev_event, p2p_netdev_connect_cb, dev);
if (r == 0)
goto done;
l_error("netdev_connect error: %s (%i)", strerror(-err), -err);
error:
not_supported:
if (r < 0) {
if (hs)
handshake_state_free(hs);
p2p_connect_failed(dev);
}
done:
l_free(ie_iov.iov_base);
scan_bss_free(bss);
}
static void p2p_provision_connect(struct p2p_device *dev)
{
/* TODO */
struct iovec iov;
struct p2p_association_req info = {};
/* Ready to start the provisioning */
info.capability = dev->capability;
info.device_info = dev->device_info;
iov.iov_base = p2p_build_association_req(&info, &iov.iov_len);
L_WARN_ON(!iov.iov_base);
dev->conn_enrollee = wsc_enrollee_new(dev->conn_netdev,
dev->conn_wsc_bss,
dev->conn_pin, &iov, 1,
p2p_peer_provision_done,
dev->conn_peer);
l_free(iov.iov_base);
}
static void p2p_device_netdev_watch_destroy(void *user_data)
@ -495,7 +759,8 @@ static void p2p_device_netdev_notify(struct netdev *netdev,
switch (event) {
case NETDEV_WATCH_EVENT_UP:
case NETDEV_WATCH_EVENT_NEW:
if (!dev->conn_wsc_bss || !netdev_get_is_up(netdev))
if (!dev->conn_wsc_bss || dev->conn_enrollee ||
!netdev_get_is_up(netdev))
break;
p2p_provision_connect(dev);
@ -1669,6 +1934,23 @@ send_error:
dbus_pending_reply(&peer->wsc.pending_connect, reply);
}
static void p2p_peer_disconnect_cb(struct netdev *netdev, bool result,
void *user_data)
{
struct p2p_peer *peer = user_data;
struct p2p_device *dev = peer->dev;
if (!peer->wsc.pending_cancel || !dev->disconnecting)
return;
dbus_pending_reply(&peer->wsc.pending_cancel,
l_dbus_message_new_method_return(
peer->wsc.pending_cancel));
/* Independent of the result this will just drop the whole netdev */
p2p_connection_reset(dev);
}
static void p2p_peer_disconnect(struct p2p_peer *peer)
{
struct p2p_device *dev = peer->dev;
@ -1680,10 +1962,35 @@ static void p2p_peer_disconnect(struct p2p_peer *peer)
goto send_reply;
}
if (dev->disconnecting) {
reply = dbus_error_busy(message);
goto send_reply;
}
if (peer->wsc.pending_connect)
dbus_pending_reply(&peer->wsc.pending_connect,
dbus_error_aborted(peer->wsc.pending_connect));
if (p2p_peer_operational(peer))
l_dbus_property_changed(dbus_get_bus(), p2p_peer_get_path(peer),
IWD_P2P_PEER_INTERFACE, "Connected");
dev->disconnecting = true;
if (dev->conn_enrollee) {
wsc_enrollee_cancel(dev->conn_enrollee, true);
return;
}
if (dev->conn_netdev && !dev->conn_wsc_bss) {
/* Note: in theory we need to add the P2P IEs here too */
if (netdev_disconnect(dev->conn_netdev, p2p_peer_disconnect_cb,
peer) == 0)
return;
l_error("netdev_disconnect failed");
}
p2p_connection_reset(dev);
reply = l_dbus_message_new_method_return(message);
@ -1994,6 +2301,10 @@ static bool p2p_peer_update_existing(struct scan_bss *bss,
/*
* We've seen this peer already, only update the scan_bss object.
* We can do this even if peer == peer->dev->conn_peer because
* its .bss is not used by .conn_netdev or .conn_enrollee.
* .conn_wsc_bss is used for both connections and it doesn't come
* from the discovery scan results.
* Do we need to update DBus properties?
*/
scan_bss_free(peer->bss);
@ -3117,7 +3428,9 @@ static bool p2p_peer_get_connected(struct l_dbus *dbus,
struct l_dbus_message_builder *builder,
void *user_data)
{
bool connected = false;
struct p2p_peer *peer = user_data;
bool connected = p2p_peer_operational(peer) &&
peer->dev->conn_peer == peer;
l_dbus_message_builder_append_basic(builder, 'b', &connected);
return true;