2 * hostapd / VLAN initialization
3 * Copyright 2003, Instant802 Networks, Inc.
4 * Copyright 2005-2006, Devicescape Software, Inc.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * Alternatively, this software may be distributed under the terms of BSD
13 * See README and COPYING for more details.
21 #include "vlan_init.h"
24 #ifdef CONFIG_FULL_DYNAMIC_VLAN
27 #include <sys/ioctl.h>
28 #include <linux/sockios.h>
29 #include <linux/if_vlan.h>
30 #include <linux/if_bridge.h>
32 #include "drivers/priv_netlink.h"
36 struct full_dynamic_vlan {
37 int s; /* socket on which to listen for new/removed interfaces. */
41 static int ifconfig_helper(const char *if_name, int up)
46 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
47 perror("socket[AF_INET,SOCK_STREAM]");
51 os_memset(&ifr, 0, sizeof(ifr));
52 os_strlcpy(ifr.ifr_name, if_name, IFNAMSIZ);
54 if (ioctl(fd, SIOCGIFFLAGS, &ifr) != 0) {
55 perror("ioctl[SIOCGIFFLAGS]");
61 ifr.ifr_flags |= IFF_UP;
63 ifr.ifr_flags &= ~IFF_UP;
65 if (ioctl(fd, SIOCSIFFLAGS, &ifr) != 0) {
66 perror("ioctl[SIOCSIFFLAGS]");
76 static int ifconfig_up(const char *if_name)
78 return ifconfig_helper(if_name, 1);
82 static int ifconfig_down(const char *if_name)
84 return ifconfig_helper(if_name, 0);
89 * These are only available in recent linux headers (without the leading
92 #define _GET_VLAN_REALDEV_NAME_CMD 8
93 #define _GET_VLAN_VID_CMD 9
95 /* This value should be 256 ONLY. If it is something else, then hostapd
96 * might crash!, as this value has been hard-coded in 2.4.x kernel
99 #define MAX_BR_PORTS 256
101 static int br_delif(const char *br_name, const char *if_name)
105 unsigned long args[2];
108 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
109 perror("socket[AF_INET,SOCK_STREAM]");
113 if_index = if_nametoindex(if_name);
116 printf("Failure determining interface index for '%s'\n",
122 args[0] = BRCTL_DEL_IF;
125 os_strlcpy(ifr.ifr_name, br_name, sizeof(ifr.ifr_name));
126 ifr.ifr_data = (__caddr_t) args;
128 if (ioctl(fd, SIOCDEVPRIVATE, &ifr) < 0 && errno != EINVAL) {
129 /* No error if interface already removed. */
130 perror("ioctl[SIOCDEVPRIVATE,BRCTL_DEL_IF]");
141 Add interface 'if_name' to the bridge 'br_name'
144 returns 1 if the interface is already part of the bridge
147 static int br_addif(const char *br_name, const char *if_name)
151 unsigned long args[2];
154 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
155 perror("socket[AF_INET,SOCK_STREAM]");
159 if_index = if_nametoindex(if_name);
162 printf("Failure determining interface index for '%s'\n",
168 args[0] = BRCTL_ADD_IF;
171 os_strlcpy(ifr.ifr_name, br_name, sizeof(ifr.ifr_name));
172 ifr.ifr_data = (__caddr_t) args;
174 if (ioctl(fd, SIOCDEVPRIVATE, &ifr) < 0) {
175 if (errno == EBUSY) {
176 /* The interface is already added. */
181 perror("ioctl[SIOCDEVPRIVATE,BRCTL_ADD_IF]");
191 static int br_delbr(const char *br_name)
194 unsigned long arg[2];
196 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
197 perror("socket[AF_INET,SOCK_STREAM]");
201 arg[0] = BRCTL_DEL_BRIDGE;
202 arg[1] = (unsigned long) br_name;
204 if (ioctl(fd, SIOCGIFBR, arg) < 0 && errno != ENXIO) {
205 /* No error if bridge already removed. */
206 perror("ioctl[BRCTL_DEL_BRIDGE]");
217 Add a bridge with the name 'br_name'.
220 returns 1 if the bridge already exists
223 static int br_addbr(const char *br_name)
226 unsigned long arg[2];
228 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
229 perror("socket[AF_INET,SOCK_STREAM]");
233 arg[0] = BRCTL_ADD_BRIDGE;
234 arg[1] = (unsigned long) br_name;
236 if (ioctl(fd, SIOCGIFBR, arg) < 0) {
237 if (errno == EEXIST) {
238 /* The bridge is already added. */
242 perror("ioctl[BRCTL_ADD_BRIDGE]");
253 static int br_getnumports(const char *br_name)
258 unsigned long arg[4];
259 int ifindices[MAX_BR_PORTS];
262 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
263 perror("socket[AF_INET,SOCK_STREAM]");
267 arg[0] = BRCTL_GET_PORT_LIST;
268 arg[1] = (unsigned long) ifindices;
269 arg[2] = MAX_BR_PORTS;
272 os_memset(ifindices, 0, sizeof(ifindices));
273 os_strlcpy(ifr.ifr_name, br_name, sizeof(ifr.ifr_name));
274 ifr.ifr_data = (__caddr_t) arg;
276 if (ioctl(fd, SIOCDEVPRIVATE, &ifr) < 0) {
277 perror("ioctl[SIOCDEVPRIVATE,BRCTL_GET_PORT_LIST]");
282 for (i = 1; i < MAX_BR_PORTS; i++) {
283 if (ifindices[i] > 0) {
293 static int vlan_rem(const char *if_name)
296 struct vlan_ioctl_args if_request;
298 if ((os_strlen(if_name) + 1) > sizeof(if_request.device1)) {
299 fprintf(stderr, "Interface name to long.\n");
303 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
304 perror("socket[AF_INET,SOCK_STREAM]");
308 os_memset(&if_request, 0, sizeof(if_request));
310 os_strlcpy(if_request.device1, if_name, sizeof(if_request.device1));
311 if_request.cmd = DEL_VLAN_CMD;
313 if (ioctl(fd, SIOCSIFVLAN, &if_request) < 0) {
314 perror("ioctl[SIOCSIFVLAN,DEL_VLAN_CMD]");
325 Add a vlan interface with VLAN ID 'vid' and tagged interface
329 returns 1 if the interface already exists
332 static int vlan_add(const char *if_name, int vid)
335 struct vlan_ioctl_args if_request;
337 ifconfig_up(if_name);
339 if ((os_strlen(if_name) + 1) > sizeof(if_request.device1)) {
340 fprintf(stderr, "Interface name to long.\n");
344 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
345 perror("socket[AF_INET,SOCK_STREAM]");
349 os_memset(&if_request, 0, sizeof(if_request));
351 /* Determine if a suitable vlan device already exists. */
353 os_snprintf(if_request.device1, sizeof(if_request.device1), "vlan%d",
356 if_request.cmd = _GET_VLAN_VID_CMD;
358 if (ioctl(fd, SIOCSIFVLAN, &if_request) == 0) {
360 if (if_request.u.VID == vid) {
361 if_request.cmd = _GET_VLAN_REALDEV_NAME_CMD;
363 if (ioctl(fd, SIOCSIFVLAN, &if_request) == 0 &&
364 os_strncmp(if_request.u.device2, if_name,
365 sizeof(if_request.u.device2)) == 0) {
372 /* A suitable vlan device does not already exist, add one. */
374 os_memset(&if_request, 0, sizeof(if_request));
375 os_strlcpy(if_request.device1, if_name, sizeof(if_request.device1));
376 if_request.u.VID = vid;
377 if_request.cmd = ADD_VLAN_CMD;
379 if (ioctl(fd, SIOCSIFVLAN, &if_request) < 0) {
380 perror("ioctl[SIOCSIFVLAN,ADD_VLAN_CMD]");
390 static int vlan_set_name_type(unsigned int name_type)
393 struct vlan_ioctl_args if_request;
395 if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
396 perror("socket[AF_INET,SOCK_STREAM]");
400 os_memset(&if_request, 0, sizeof(if_request));
402 if_request.u.name_type = name_type;
403 if_request.cmd = SET_VLAN_NAME_TYPE_CMD;
404 if (ioctl(fd, SIOCSIFVLAN, &if_request) < 0) {
405 perror("ioctl[SIOCSIFVLAN,SET_VLAN_NAME_TYPE_CMD]");
415 static void vlan_newlink(char *ifname, struct hostapd_data *hapd)
417 char vlan_ifname[IFNAMSIZ];
418 char br_name[IFNAMSIZ];
419 struct hostapd_vlan *vlan = hapd->conf->vlan;
420 char *tagged_interface = hapd->conf->ssid.vlan_tagged_interface;
423 if (os_strcmp(ifname, vlan->ifname) == 0) {
425 os_snprintf(br_name, sizeof(br_name), "brvlan%d",
428 if (!br_addbr(br_name))
429 vlan->clean |= DVLAN_CLEAN_BR;
431 ifconfig_up(br_name);
433 if (tagged_interface) {
435 if (!vlan_add(tagged_interface, vlan->vlan_id))
436 vlan->clean |= DVLAN_CLEAN_VLAN;
438 os_snprintf(vlan_ifname, sizeof(vlan_ifname),
439 "vlan%d", vlan->vlan_id);
441 if (!br_addif(br_name, vlan_ifname))
442 vlan->clean |= DVLAN_CLEAN_VLAN_PORT;
444 ifconfig_up(vlan_ifname);
447 if (!br_addif(br_name, ifname))
448 vlan->clean |= DVLAN_CLEAN_WLAN_PORT;
459 static void vlan_dellink(char *ifname, struct hostapd_data *hapd)
461 char vlan_ifname[IFNAMSIZ];
462 char br_name[IFNAMSIZ];
463 struct hostapd_vlan *first, *prev, *vlan = hapd->conf->vlan;
464 char *tagged_interface = hapd->conf->ssid.vlan_tagged_interface;
470 if (os_strcmp(ifname, vlan->ifname) == 0) {
471 os_snprintf(br_name, sizeof(br_name), "brvlan%d",
474 if (tagged_interface) {
475 os_snprintf(vlan_ifname, sizeof(vlan_ifname),
476 "vlan%d", vlan->vlan_id);
478 numports = br_getnumports(br_name);
480 br_delif(br_name, vlan_ifname);
482 vlan_rem(vlan_ifname);
484 ifconfig_down(br_name);
490 hapd->conf->vlan = vlan->next;
492 prev->next = vlan->next;
505 vlan_read_ifnames(struct nlmsghdr *h, size_t len, int del,
506 struct hostapd_data *hapd)
508 struct ifinfomsg *ifi;
509 int attrlen, nlmsg_len, rta_len;
512 if (len < sizeof(*ifi))
517 nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
519 attrlen = h->nlmsg_len - nlmsg_len;
523 attr = (struct rtattr *) (((char *) ifi) + nlmsg_len);
525 rta_len = RTA_ALIGN(sizeof(struct rtattr));
526 while (RTA_OK(attr, attrlen)) {
527 char ifname[IFNAMSIZ + 1];
529 if (attr->rta_type == IFLA_IFNAME) {
530 int n = attr->rta_len - rta_len;
534 os_memset(ifname, 0, sizeof(ifname));
536 if ((size_t) n > sizeof(ifname))
538 os_memcpy(ifname, ((char *) attr) + rta_len, n);
541 vlan_dellink(ifname, hapd);
543 vlan_newlink(ifname, hapd);
546 attr = RTA_NEXT(attr, attrlen);
551 static void vlan_event_receive(int sock, void *eloop_ctx, void *sock_ctx)
555 struct sockaddr_nl from;
558 struct hostapd_data *hapd = eloop_ctx;
560 fromlen = sizeof(from);
561 left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT,
562 (struct sockaddr *) &from, &fromlen);
564 if (errno != EINTR && errno != EAGAIN)
565 perror("recvfrom(netlink)");
569 h = (struct nlmsghdr *) buf;
570 while (left >= (int) sizeof(*h)) {
574 plen = len - sizeof(*h);
575 if (len > left || plen < 0) {
576 printf("Malformed netlink message: "
577 "len=%d left=%d plen=%d", len, left, plen);
581 switch (h->nlmsg_type) {
583 vlan_read_ifnames(h, plen, 0, hapd);
586 vlan_read_ifnames(h, plen, 1, hapd);
590 len = NLMSG_ALIGN(len);
592 h = (struct nlmsghdr *) ((char *) h + len);
596 printf("%d extra bytes in the end of netlink message",
602 static struct full_dynamic_vlan *
603 full_dynamic_vlan_init(struct hostapd_data *hapd)
605 struct sockaddr_nl local;
606 struct full_dynamic_vlan *priv;
608 priv = os_zalloc(sizeof(*priv));
612 vlan_set_name_type(VLAN_NAME_TYPE_PLUS_VID_NO_PAD);
614 priv->s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
616 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
621 os_memset(&local, 0, sizeof(local));
622 local.nl_family = AF_NETLINK;
623 local.nl_groups = RTMGRP_LINK;
624 if (bind(priv->s, (struct sockaddr *) &local, sizeof(local)) < 0) {
625 perror("bind(netlink)");
631 if (eloop_register_read_sock(priv->s, vlan_event_receive, hapd, NULL))
642 static void full_dynamic_vlan_deinit(struct full_dynamic_vlan *priv)
646 eloop_unregister_read_sock(priv->s);
650 #endif /* CONFIG_FULL_DYNAMIC_VLAN */
653 int vlan_setup_encryption_dyn(struct hostapd_data *hapd,
654 struct hostapd_ssid *mssid, const char *dyn_vlan)
658 if (dyn_vlan == NULL)
661 /* Static WEP keys are set here; IEEE 802.1X and WPA uses their own
662 * functions for setting up dynamic broadcast keys. */
663 for (i = 0; i < 4; i++) {
664 if (mssid->wep.key[i] &&
665 hostapd_set_key(dyn_vlan, hapd, WPA_ALG_WEP, NULL, i,
666 i == mssid->wep.idx, NULL, 0,
667 mssid->wep.key[i], mssid->wep.len[i])) {
668 printf("VLAN: Could not set WEP encryption for "
678 static int vlan_dynamic_add(struct hostapd_data *hapd,
679 struct hostapd_vlan *vlan)
682 if (vlan->vlan_id != VLAN_ID_WILDCARD &&
683 hostapd_if_add(hapd, WPA_IF_AP_VLAN, vlan->ifname, NULL,
685 if (errno != EEXIST) {
686 printf("Could not add VLAN iface: %s: %s\n",
687 vlan->ifname, strerror(errno));
699 static void vlan_dynamic_remove(struct hostapd_data *hapd,
700 struct hostapd_vlan *vlan)
702 struct hostapd_vlan *next;
707 if (vlan->vlan_id != VLAN_ID_WILDCARD &&
708 hostapd_if_remove(hapd, WPA_IF_AP_VLAN, vlan->ifname)) {
709 printf("Could not remove VLAN iface: %s: %s\n",
710 vlan->ifname, strerror(errno));
712 #ifdef CONFIG_FULL_DYNAMIC_VLAN
714 vlan_dellink(vlan->ifname, hapd);
715 #endif /* CONFIG_FULL_DYNAMIC_VLAN */
722 int vlan_init(struct hostapd_data *hapd)
724 if (vlan_dynamic_add(hapd, hapd->conf->vlan))
727 #ifdef CONFIG_FULL_DYNAMIC_VLAN
728 hapd->full_dynamic_vlan = full_dynamic_vlan_init(hapd);
729 #endif /* CONFIG_FULL_DYNAMIC_VLAN */
735 void vlan_deinit(struct hostapd_data *hapd)
737 vlan_dynamic_remove(hapd, hapd->conf->vlan);
739 #ifdef CONFIG_FULL_DYNAMIC_VLAN
740 full_dynamic_vlan_deinit(hapd->full_dynamic_vlan);
741 #endif /* CONFIG_FULL_DYNAMIC_VLAN */
745 struct hostapd_vlan * vlan_add_dynamic(struct hostapd_data *hapd,
746 struct hostapd_vlan *vlan,
749 struct hostapd_vlan *n;
752 if (vlan == NULL || vlan_id <= 0 || vlan_id > MAX_VLAN_ID ||
753 vlan->vlan_id != VLAN_ID_WILDCARD)
756 ifname = os_strdup(vlan->ifname);
759 pos = os_strchr(ifname, '#');
766 n = os_zalloc(sizeof(*n));
772 n->vlan_id = vlan_id;
775 os_snprintf(n->ifname, sizeof(n->ifname), "%s%d%s", ifname, vlan_id,
779 if (hostapd_if_add(hapd, WPA_IF_AP_VLAN, n->ifname, NULL, NULL)) {
784 n->next = hapd->conf->vlan;
785 hapd->conf->vlan = n;
791 int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id)
793 struct hostapd_vlan *vlan;
795 if (vlan_id <= 0 || vlan_id > MAX_VLAN_ID)
798 vlan = hapd->conf->vlan;
800 if (vlan->vlan_id == vlan_id && vlan->dynamic_vlan > 0) {
801 vlan->dynamic_vlan--;
810 if (vlan->dynamic_vlan == 0)
811 hostapd_if_remove(hapd, WPA_IF_AP_VLAN, vlan->ifname);