*/
#include "includes.h"
-#ifndef CONFIG_NATIVE_WINDOWS
-#include <syslog.h>
-#endif /* CONFIG_NATIVE_WINDOWS */
+#include "common.h"
#include "eloop.h"
+#include "crypto/tls.h"
+#include "common/ieee802_11_defs.h"
+#include "eapol_auth/eapol_auth_sm.h"
+#include "eapol_auth/eapol_auth_sm_i.h"
+#include "radius/radius_client.h"
+#include "radius/radius_server.h"
+#include "eap_server/eap_sim_db.h"
+#include "eap_server/eap.h"
+#include "eap_server/tncs.h"
+#include "l2_packet/l2_packet.h"
#include "hostapd.h"
#include "ieee802_1x.h"
#include "beacon.h"
#include "hw_features.h"
#include "accounting.h"
-#include "eapol_sm.h"
#include "iapp.h"
-#include "ap.h"
#include "ieee802_11_auth.h"
-#include "ap_list.h"
#include "sta_info.h"
+#include "ap_list.h"
#include "driver_i.h"
-#include "radius/radius_client.h"
-#include "radius/radius_server.h"
#include "wpa.h"
#include "preauth.h"
#include "vlan_init.h"
#include "ctrl_iface.h"
-#include "tls.h"
-#include "eap_server/eap_sim_db.h"
-#include "eap_server/eap.h"
-#include "eap_server/tncs.h"
-#include "version.h"
-#include "l2_packet/l2_packet.h"
#include "wps_hostapd.h"
#include "tkip_countermeasures.h"
-static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
- size_t identity_len, int phase2,
- struct eap_user *user);
static int hostapd_flush_old_stations(struct hostapd_data *hapd);
static int hostapd_setup_wpa(struct hostapd_data *hapd);
static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
-struct hapd_interfaces {
- size_t count;
- struct hostapd_iface **iface;
-};
-
-
extern int wpa_debug_level;
-extern int wpa_debug_show_keys;
-extern int wpa_debug_timestamp;
+#if defined(EAP_SERVER_SIM) || defined(EAP_SERVER_AKA)
+#define EAP_SIM_DB
+#endif /* EAP_SERVER_SIM || EAP_SERVER_AKA */
-int hostapd_for_each_interface(int (*cb)(struct hostapd_iface *iface,
- void *ctx), void *ctx)
-{
- struct hapd_interfaces *interfaces = eloop_get_user_data();
- size_t i;
- int ret;
- for (i = 0; i < interfaces->count; i++) {
- ret = cb(interfaces->iface[i], ctx);
- if (ret)
- return ret;
- }
-
- return 0;
-}
-
-
-static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module,
- int level, const char *txt, size_t len)
-{
- struct hostapd_data *hapd = ctx;
- char *format, *module_str;
- int maxlen;
- int conf_syslog_level, conf_stdout_level;
- unsigned int conf_syslog, conf_stdout;
-
- maxlen = len + 100;
- format = os_malloc(maxlen);
- if (!format)
- return;
-
- if (hapd && hapd->conf) {
- conf_syslog_level = hapd->conf->logger_syslog_level;
- conf_stdout_level = hapd->conf->logger_stdout_level;
- conf_syslog = hapd->conf->logger_syslog;
- conf_stdout = hapd->conf->logger_stdout;
- } else {
- conf_syslog_level = conf_stdout_level = 0;
- conf_syslog = conf_stdout = (unsigned int) -1;
- }
-
- switch (module) {
- case HOSTAPD_MODULE_IEEE80211:
- module_str = "IEEE 802.11";
- break;
- case HOSTAPD_MODULE_IEEE8021X:
- module_str = "IEEE 802.1X";
- break;
- case HOSTAPD_MODULE_RADIUS:
- module_str = "RADIUS";
- break;
- case HOSTAPD_MODULE_WPA:
- module_str = "WPA";
- break;
- case HOSTAPD_MODULE_DRIVER:
- module_str = "DRIVER";
- break;
- case HOSTAPD_MODULE_IAPP:
- module_str = "IAPP";
- break;
- case HOSTAPD_MODULE_MLME:
- module_str = "MLME";
- break;
- default:
- module_str = NULL;
- break;
- }
-
- if (hapd && hapd->conf && addr)
- os_snprintf(format, maxlen, "%s: STA " MACSTR "%s%s: %s",
- hapd->conf->iface, MAC2STR(addr),
- module_str ? " " : "", module_str, txt);
- else if (hapd && hapd->conf)
- os_snprintf(format, maxlen, "%s:%s%s %s",
- hapd->conf->iface, module_str ? " " : "",
- module_str, txt);
- else if (addr)
- os_snprintf(format, maxlen, "STA " MACSTR "%s%s: %s",
- MAC2STR(addr), module_str ? " " : "",
- module_str, txt);
- else
- os_snprintf(format, maxlen, "%s%s%s",
- module_str, module_str ? ": " : "", txt);
-
- if ((conf_stdout & module) && level >= conf_stdout_level) {
- wpa_debug_print_timestamp();
- printf("%s\n", format);
- }
-
-#ifndef CONFIG_NATIVE_WINDOWS
- if ((conf_syslog & module) && level >= conf_syslog_level) {
- int priority;
- switch (level) {
- case HOSTAPD_LEVEL_DEBUG_VERBOSE:
- case HOSTAPD_LEVEL_DEBUG:
- priority = LOG_DEBUG;
- break;
- case HOSTAPD_LEVEL_INFO:
- priority = LOG_INFO;
- break;
- case HOSTAPD_LEVEL_NOTICE:
- priority = LOG_NOTICE;
- break;
- case HOSTAPD_LEVEL_WARNING:
- priority = LOG_WARNING;
- break;
- default:
- priority = LOG_INFO;
- break;
- }
- syslog(priority, "%s", format);
- }
-#endif /* CONFIG_NATIVE_WINDOWS */
-
- os_free(format);
-}
-
-
-#ifdef EAP_SERVER
+#ifdef EAP_SIM_DB
static int hostapd_sim_db_cb_sta(struct hostapd_data *hapd,
struct sta_info *sta, void *ctx)
{
static void hostapd_sim_db_cb(void *ctx, void *session_ctx)
{
struct hostapd_data *hapd = ctx;
- if (ap_for_each_sta(hapd, hostapd_sim_db_cb_sta, session_ctx) == 0)
+ if (ap_for_each_sta(hapd, hostapd_sim_db_cb_sta, session_ctx) == 0) {
+#ifdef RADIUS_SERVER
radius_server_eap_pending_cb(hapd->radius_srv, session_ctx);
+#endif /* RADIUS_SERVER */
+ }
}
-#endif /* EAP_SERVER */
-
-
-/**
- * handle_term - SIGINT and SIGTERM handler to terminate hostapd process
- */
-static void handle_term(int sig, void *eloop_ctx, void *signal_ctx)
-{
- wpa_printf(MSG_DEBUG, "Signal %d received - terminating", sig);
- eloop_terminate();
-}
+#endif /* EAP_SIM_DB */
static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
wconf->rsn_preauth = conf->rsn_preauth;
wconf->eapol_version = conf->eapol_version;
wconf->peerkey = conf->peerkey;
- wconf->wme_enabled = conf->wme_enabled;
+ wconf->wmm_enabled = conf->wmm_enabled;
wconf->okc = conf->okc;
#ifdef CONFIG_IEEE80211W
wconf->ieee80211w = conf->ieee80211w;
struct hostapd_data *hapd = iface->bss[0];
struct hostapd_config *newconf, *oldconf;
struct wpa_auth_config wpa_auth_conf;
+ size_t j;
newconf = hostapd_config_read(iface->config_fname);
if (newconf == NULL)
* Deauthenticate all stations since the new configuration may not
* allow them to use the BSS anymore.
*/
- hostapd_flush_old_stations(hapd);
+ for (j = 0; j < iface->num_bss; j++)
+ hostapd_flush_old_stations(iface->bss[j]);
+#ifndef CONFIG_NO_RADIUS
/* TODO: update dynamic data based on changed configuration
* items (e.g., open/close sockets, etc.) */
radius_client_flush(hapd->radius, 0);
+#endif /* CONFIG_NO_RADIUS */
oldconf = hapd->iconf;
hapd->iconf = newconf;
ieee802_11_set_beacon(hapd);
+ if (hapd->conf->ssid.ssid_set &&
+ hostapd_set_ssid(hapd, (u8 *) hapd->conf->ssid.ssid,
+ hapd->conf->ssid.ssid_len)) {
+ wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver");
+ /* try to continue */
+ }
+
+ if (hapd->conf->ieee802_1x || hapd->conf->wpa)
+ hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 1);
+ else
+ hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 0);
+
hostapd_config_free(oldconf);
wpa_printf(MSG_DEBUG, "Reconfigured interface %s", hapd->conf->iface);
}
-#ifndef CONFIG_NATIVE_WINDOWS
-/**
- * handle_reload - SIGHUP handler to reload configuration
- */
-static void handle_reload(int sig, void *eloop_ctx, void *signal_ctx)
-{
- struct hapd_interfaces *hapds = (struct hapd_interfaces *) eloop_ctx;
- size_t i;
-
- wpa_printf(MSG_DEBUG, "Signal %d received - reloading configuration",
- sig);
-
- for (i = 0; i < hapds->count; i++) {
- if (hostapd_reload_config(hapds->iface[i]) < 0) {
- wpa_printf(MSG_WARNING, "Failed to read new "
- "configuration file - continuing with "
- "old.");
- continue;
- }
- }
-}
-
-
-#ifdef HOSTAPD_DUMP_STATE
-/**
- * hostapd_dump_state - SIGUSR1 handler to dump hostapd state to a text file
- */
-static void hostapd_dump_state(struct hostapd_data *hapd)
+int handle_reload_iface(struct hostapd_iface *iface, void *ctx)
{
- FILE *f;
- time_t now;
- struct sta_info *sta;
- int i;
- char *buf;
-
- if (!hapd->conf->dump_log_name) {
- wpa_printf(MSG_DEBUG, "Dump file not defined - ignoring dump "
- "request");
- return;
- }
-
- wpa_printf(MSG_DEBUG, "Dumping hostapd state to '%s'",
- hapd->conf->dump_log_name);
- f = fopen(hapd->conf->dump_log_name, "w");
- if (f == NULL) {
- wpa_printf(MSG_WARNING, "Could not open dump file '%s' for "
- "writing.", hapd->conf->dump_log_name);
- return;
+ if (hostapd_reload_config(iface) < 0) {
+ wpa_printf(MSG_WARNING, "Failed to read new configuration "
+ "file - continuing with old.");
}
-
- time(&now);
- fprintf(f, "hostapd state dump - %s", ctime(&now));
- fprintf(f, "num_sta=%d num_sta_non_erp=%d "
- "num_sta_no_short_slot_time=%d\n"
- "num_sta_no_short_preamble=%d\n",
- hapd->num_sta, hapd->iface->num_sta_non_erp,
- hapd->iface->num_sta_no_short_slot_time,
- hapd->iface->num_sta_no_short_preamble);
-
- for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
- fprintf(f, "\nSTA=" MACSTR "\n", MAC2STR(sta->addr));
-
- fprintf(f,
- " AID=%d flags=0x%x %s%s%s%s%s%s%s%s%s%s%s%s%s%s\n"
- " capability=0x%x listen_interval=%d\n",
- sta->aid,
- sta->flags,
- (sta->flags & WLAN_STA_AUTH ? "[AUTH]" : ""),
- (sta->flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""),
- (sta->flags & WLAN_STA_PS ? "[PS]" : ""),
- (sta->flags & WLAN_STA_TIM ? "[TIM]" : ""),
- (sta->flags & WLAN_STA_PERM ? "[PERM]" : ""),
- (sta->flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" :
- ""),
- (sta->flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" :
- ""),
- (sta->flags & WLAN_STA_SHORT_PREAMBLE ?
- "[SHORT_PREAMBLE]" : ""),
- (sta->flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""),
- (sta->flags & WLAN_STA_WME ? "[WME]" : ""),
- (sta->flags & WLAN_STA_MFP ? "[MFP]" : ""),
- (sta->flags & WLAN_STA_WPS ? "[WPS]" : ""),
- (sta->flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""),
- (sta->flags & WLAN_STA_NONERP ? "[NonERP]" : ""),
- sta->capability,
- sta->listen_interval);
-
- fprintf(f, " supported_rates=");
- for (i = 0; i < sta->supported_rates_len; i++)
- fprintf(f, "%02x ", sta->supported_rates[i]);
- fprintf(f, "\n");
-
- fprintf(f,
- " timeout_next=%s\n",
- (sta->timeout_next == STA_NULLFUNC ? "NULLFUNC POLL" :
- (sta->timeout_next == STA_DISASSOC ? "DISASSOC" :
- "DEAUTH")));
-
- ieee802_1x_dump_state(f, " ", sta);
- }
-
- buf = os_malloc(4096);
- if (buf) {
- int count = radius_client_get_mib(hapd->radius, buf, 4096);
- if (count < 0)
- count = 0;
- else if (count > 4095)
- count = 4095;
- buf[count] = '\0';
- fprintf(f, "%s", buf);
-
- count = radius_server_get_mib(hapd->radius_srv, buf, 4096);
- if (count < 0)
- count = 0;
- else if (count > 4095)
- count = 4095;
- buf[count] = '\0';
- fprintf(f, "%s", buf);
- os_free(buf);
- }
- fclose(f);
+ return 0;
}
-#endif /* HOSTAPD_DUMP_STATE */
-
-static void handle_dump_state(int sig, void *eloop_ctx, void *signal_ctx)
-{
-#ifdef HOSTAPD_DUMP_STATE
- struct hapd_interfaces *hapds = (struct hapd_interfaces *) eloop_ctx;
- size_t i, j;
-
- for (i = 0; i < hapds->count; i++) {
- struct hostapd_iface *hapd_iface = hapds->iface[i];
- for (j = 0; j < hapd_iface->num_bss; j++)
- hostapd_dump_state(hapd_iface->bss[j]);
- }
-#endif /* HOSTAPD_DUMP_STATE */
-}
-#endif /* CONFIG_NATIVE_WINDOWS */
static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
char *ifname)
int i;
for (i = 0; i < NUM_WEP_KEYS; i++) {
- if (hostapd_set_encryption(ifname, hapd, "none", NULL, i, NULL,
- 0, i == 0 ? 1 : 0)) {
+ if (hostapd_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i,
+ i == 0 ? 1 : 0, NULL, 0, NULL, 0)) {
wpa_printf(MSG_DEBUG, "Failed to clear default "
"encryption keys (ifname=%s keyidx=%d)",
ifname, i);
#ifdef CONFIG_IEEE80211W
if (hapd->conf->ieee80211w) {
for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) {
- if (hostapd_set_encryption(ifname, hapd, "none", NULL,
- i, NULL, 0,
- i == 0 ? 1 : 0)) {
+ if (hostapd_set_key(ifname, hapd, WPA_ALG_NONE, NULL,
+ i, i == 0 ? 1 : 0, NULL, 0,
+ NULL, 0)) {
wpa_printf(MSG_DEBUG, "Failed to clear "
"default mgmt encryption keys "
"(ifname=%s keyidx=%d)", ifname, i);
idx = ssid->wep.idx;
if (ssid->wep.default_len &&
- hostapd_set_encryption(hapd->conf->iface,
- hapd, "WEP", NULL, idx,
- ssid->wep.key[idx],
- ssid->wep.len[idx],
- idx == ssid->wep.idx)) {
+ hostapd_set_key(hapd->conf->iface,
+ hapd, WPA_ALG_WEP, NULL, idx, idx == ssid->wep.idx,
+ NULL, 0, ssid->wep.key[idx], ssid->wep.len[idx])) {
wpa_printf(MSG_WARNING, "Could not set WEP encryption.");
errors++;
}
continue;
idx = key->idx;
- if (hostapd_set_encryption(ifname, hapd, "WEP", NULL,
- idx, key->key[idx],
- key->len[idx],
- idx == key->idx)) {
+ if (hostapd_set_key(ifname, hapd, WPA_ALG_WEP, NULL,
+ idx, idx == key->idx, NULL, 0,
+ key->key[idx], key->len[idx])) {
wpa_printf(MSG_WARNING, "Could not set "
"dynamic VLAN WEP encryption.");
errors++;
{
hostapd_ctrl_iface_deinit(hapd);
- os_free(hapd->default_wep_key);
- hapd->default_wep_key = NULL;
iapp_deinit(hapd->iapp);
hapd->iapp = NULL;
accounting_deinit(hapd);
ieee802_1x_deinit(hapd);
vlan_deinit(hapd);
hostapd_acl_deinit(hapd);
+#ifndef CONFIG_NO_RADIUS
radius_client_deinit(hapd->radius);
hapd->radius = NULL;
+#endif /* CONFIG_NO_RADIUS */
+#ifdef RADIUS_SERVER
radius_server_deinit(hapd->radius_srv);
hapd->radius_srv = NULL;
+#endif /* RADIUS_SERVER */
#ifdef CONFIG_IEEE80211R
l2_packet_deinit(hapd->l2);
hostapd_deinit_wps(hapd);
- hostapd_wireless_event_deinit(hapd);
-
#ifdef EAP_TLS_FUNCS
if (hapd->ssl_ctx) {
tls_deinit(hapd->ssl_ctx);
}
#endif /* EAP_TLS_FUNCS */
-#ifdef EAP_SERVER
+#if defined(EAP_SERVER_SIM) || defined(EAP_SERVER_AKA)
if (hapd->eap_sim_db_priv) {
eap_sim_db_deinit(hapd->eap_sim_db_priv);
hapd->eap_sim_db_priv = NULL;
}
-#endif /* EAP_SERVER */
+#endif /* EAP_SERVER_SIM || EAP_SERVER_AKA */
if (hapd->interface_added &&
- hostapd_bss_remove(hapd, hapd->conf->iface)) {
+ hostapd_if_remove(hapd, WPA_IF_AP_BSS, hapd->conf->iface)) {
wpa_printf(MSG_WARNING, "Failed to remove BSS interface %s",
hapd->conf->iface);
}
+
+ os_free(hapd->probereq_cb);
+ hapd->probereq_cb = NULL;
}
for (i = 0; i < 4; i++) {
if (hapd->conf->ssid.wep.key[i] &&
- hostapd_set_encryption(iface, hapd, "WEP", NULL,
- i, hapd->conf->ssid.wep.key[i],
- hapd->conf->ssid.wep.len[i],
- i == hapd->conf->ssid.wep.idx)) {
+ hostapd_set_key(iface, hapd, WPA_ALG_WEP, NULL, i,
+ i == hapd->conf->ssid.wep.idx, NULL, 0,
+ hapd->conf->ssid.wep.key[i],
+ hapd->conf->ssid.wep.len[i])) {
wpa_printf(MSG_WARNING, "Could not set WEP "
"encryption.");
return -1;
static void hostapd_wpa_auth_logger(void *ctx, const u8 *addr,
logger_level level, const char *txt)
{
+#ifndef CONFIG_NO_HOSTAPD_LOGGER
struct hostapd_data *hapd = ctx;
int hlevel;
}
hostapd_logger(hapd, addr, HOSTAPD_MODULE_WPA, hlevel, "%s", txt);
+#endif /* CONFIG_NO_HOSTAPD_LOGGER */
}
}
-static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, const char *alg,
+static int hostapd_wpa_auth_set_key(void *ctx, int vlan_id, wpa_alg alg,
const u8 *addr, int idx, u8 *key,
size_t key_len)
{
return -1;
}
- return hostapd_set_encryption(ifname, hapd, alg, addr, idx,
- key, key_len, 1);
+ return hostapd_set_key(ifname, hapd, alg, addr, idx, 1, NULL, 0,
+ key, key_len);
}
}
-static int hostapd_wpa_auth_get_seqnum_igtk(void *ctx, const u8 *addr, int idx,
- u8 *seq)
-{
- struct hostapd_data *hapd = ctx;
- return hostapd_get_seqnum_igtk(hapd->conf->iface, hapd, addr, idx,
- seq);
-}
-
-
static int hostapd_wpa_auth_send_eapol(void *ctx, const u8 *addr,
const u8 *data, size_t data_len,
int encrypt)
}
+struct wpa_auth_iface_iter_data {
+ int (*cb)(struct wpa_authenticator *sm, void *ctx);
+ void *cb_ctx;
+};
+
+static int wpa_auth_iface_iter(struct hostapd_iface *iface, void *ctx)
+{
+ struct wpa_auth_iface_iter_data *data = ctx;
+ size_t i;
+ for (i = 0; i < iface->num_bss; i++) {
+ if (data->cb(iface->bss[i]->wpa_auth, data->cb_ctx))
+ return 1;
+ }
+ return 0;
+}
+
+
static int hostapd_wpa_auth_for_each_auth(
void *ctx, int (*cb)(struct wpa_authenticator *sm, void *ctx),
void *cb_ctx)
{
- struct hostapd_data *ohapd;
- size_t i, j;
- struct hapd_interfaces *interfaces = eloop_get_user_data();
-
- for (i = 0; i < interfaces->count; i++) {
- for (j = 0; j < interfaces->iface[i]->num_bss; j++) {
- ohapd = interfaces->iface[i]->bss[j];
- if (cb(ohapd->wpa_auth, cb_ctx))
- return 1;
- }
- }
-
- return 0;
+ struct hostapd_data *hapd = ctx;
+ struct wpa_auth_iface_iter_data data;
+ data.cb = cb;
+ data.cb_ctx = cb_ctx;
+ return hostapd_for_each_interface(hapd->iface->interfaces,
+ wpa_auth_iface_iter, &data);
}
os_memcpy(m->bssid, hapd->own_addr, ETH_ALEN);
os_memcpy(&m->u, data, data_len);
- res = hostapd_send_mgmt_frame(hapd, (u8 *) m, mlen, 0);
+ res = hostapd_send_mgmt_frame(hapd, (u8 *) m, mlen);
os_free(m);
return res;
}
struct hostapd_data *hapd = iface->bss[0];
unsigned int i = iface->conf->num_bss, bits = 0, j;
int res;
+ int auto_addr = 0;
if (hostapd_drv_none(hapd))
return 0;
/* Determine the bits necessary to any configured BSSIDs,
if they are higher than the number of BSSIDs. */
for (j = 0; j < iface->conf->num_bss; j++) {
- if (hostapd_mac_comp_empty(iface->conf->bss[j].bssid) == 0)
+ if (hostapd_mac_comp_empty(iface->conf->bss[j].bssid) == 0) {
+ if (j)
+ auto_addr++;
continue;
+ }
for (i = 0; i < ETH_ALEN; i++) {
mask[i] |=
}
}
+ if (!auto_addr)
+ goto skip_mask_ext;
+
for (i = 0; i < ETH_ALEN && mask[i] == 0; i++)
;
j = 0;
if (bits < j)
bits = j;
- if (bits > 40)
+ if (bits > 40) {
+ wpa_printf(MSG_ERROR, "Too many bits in the BSSID mask (%u)",
+ bits);
return -1;
+ }
os_memset(mask, 0xff, ETH_ALEN);
j = bits / 8;
while (j--)
mask[i] <<= 1;
+skip_mask_ext:
wpa_printf(MSG_DEBUG, "BSS count %lu, BSSID mask " MACSTR " (%d bits)",
(unsigned long) iface->conf->num_bss, MAC2STR(mask), bits);
return -1;
}
+ if (!auto_addr)
+ return 0;
+
for (i = 0; i < ETH_ALEN; i++) {
if ((hapd->own_addr[i] & mask[i]) != hapd->own_addr[i]) {
wpa_printf(MSG_ERROR, "Invalid BSSID mask " MACSTR
cb.get_msk = hostapd_wpa_auth_get_msk;
cb.set_key = hostapd_wpa_auth_set_key;
cb.get_seqnum = hostapd_wpa_auth_get_seqnum;
- cb.get_seqnum_igtk = hostapd_wpa_auth_get_seqnum_igtk;
cb.send_eapol = hostapd_wpa_auth_send_eapol;
cb.for_each_sta = hostapd_wpa_auth_for_each_sta;
cb.for_each_auth = hostapd_wpa_auth_for_each_auth;
}
+#ifdef RADIUS_SERVER
+
+static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
+ size_t identity_len, int phase2,
+ struct eap_user *user)
+{
+ const struct hostapd_eap_user *eap_user;
+ int i, count;
+
+ eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2);
+ if (eap_user == NULL)
+ return -1;
+
+ if (user == NULL)
+ return 0;
+
+ os_memset(user, 0, sizeof(*user));
+ count = EAP_USER_MAX_METHODS;
+ if (count > EAP_MAX_METHODS)
+ count = EAP_MAX_METHODS;
+ for (i = 0; i < count; i++) {
+ user->methods[i].vendor = eap_user->methods[i].vendor;
+ user->methods[i].method = eap_user->methods[i].method;
+ }
+
+ if (eap_user->password) {
+ user->password = os_malloc(eap_user->password_len);
+ if (user->password == NULL)
+ return -1;
+ os_memcpy(user->password, eap_user->password,
+ eap_user->password_len);
+ user->password_len = eap_user->password_len;
+ user->password_hash = eap_user->password_hash;
+ }
+ user->force_version = eap_user->force_version;
+ user->ttls_auth = eap_user->ttls_auth;
+
+ return 0;
+}
+
+
static int hostapd_setup_radius_srv(struct hostapd_data *hapd,
struct hostapd_bss_config *conf)
{
return 0;
}
+#endif /* RADIUS_SERVER */
+
/**
* hostapd_setup_bss - Per-BSS setup (initialization)
}
hapd->interface_added = 1;
- if (hostapd_bss_add(hapd->iface->bss[0], hapd->conf->iface,
- hapd->own_addr)) {
+ if (hostapd_if_add(hapd->iface->bss[0], WPA_IF_AP_BSS,
+ hapd->conf->iface, hapd->own_addr, hapd)) {
wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID="
MACSTR ")", MAC2STR(hapd->own_addr));
return -1;
}
}
+ hostapd_flush_old_stations(hapd);
+ hostapd_set_privacy(hapd, 0);
+
+ hostapd_broadcast_wep_clear(hapd);
+ if (hostapd_setup_encryption(hapd->conf->iface, hapd))
+ return -1;
+
/*
* Fetch the SSID from the system and use it or,
* if one was specified in the config file, verify they
return -1;
}
- /* Set flag for whether SSID is broadcast in beacons */
- if (hostapd_set_broadcast_ssid(hapd,
- !!hapd->conf->ignore_broadcast_ssid)) {
- wpa_printf(MSG_ERROR, "Could not set broadcast SSID flag for "
- "kernel driver");
- return -1;
- }
-
- if (hostapd_set_dtim_period(hapd, hapd->conf->dtim_period)) {
- wpa_printf(MSG_ERROR, "Could not set DTIM period for kernel "
- "driver");
- return -1;
- }
-
/* Set SSID for the kernel driver (to be used in beacon and probe
* response frames) */
if (set_ssid && hostapd_set_ssid(hapd, (u8 *) conf->ssid.ssid,
if (wpa_debug_level == MSG_MSGDUMP)
conf->radius->msg_dumps = 1;
+#ifndef CONFIG_NO_RADIUS
hapd->radius = radius_client_init(hapd, conf->radius);
if (hapd->radius == NULL) {
wpa_printf(MSG_ERROR, "RADIUS client initialization failed.");
return -1;
}
+#endif /* CONFIG_NO_RADIUS */
if (hostapd_acl_init(hapd)) {
wpa_printf(MSG_ERROR, "ACL initialization failed.");
ieee802_11_set_beacon(hapd);
+#ifdef RADIUS_SERVER
if (conf->radius_server_clients &&
hostapd_setup_radius_srv(hapd, conf))
return -1;
+#endif /* RADIUS_SERVER */
return 0;
}
}
-static int hostapd_radius_get_eap_user(void *ctx, const u8 *identity,
- size_t identity_len, int phase2,
- struct eap_user *user)
-{
- const struct hostapd_eap_user *eap_user;
- int i, count;
-
- eap_user = hostapd_get_eap_user(ctx, identity, identity_len, phase2);
- if (eap_user == NULL)
- return -1;
-
- if (user == NULL)
- return 0;
-
- os_memset(user, 0, sizeof(*user));
- count = EAP_USER_MAX_METHODS;
- if (count > EAP_MAX_METHODS)
- count = EAP_MAX_METHODS;
- for (i = 0; i < count; i++) {
- user->methods[i].vendor = eap_user->methods[i].vendor;
- user->methods[i].method = eap_user->methods[i].method;
- }
-
- if (eap_user->password) {
- user->password = os_malloc(eap_user->password_len);
- if (user->password == NULL)
- return -1;
- os_memcpy(user->password, eap_user->password,
- eap_user->password_len);
- user->password_len = eap_user->password_len;
- user->password_hash = eap_user->password_hash;
- }
- user->force_version = eap_user->force_version;
- user->ttls_auth = eap_user->ttls_auth;
-
- return 0;
-}
-
-
static int setup_interface(struct hostapd_iface *iface)
{
struct hostapd_data *hapd = iface->bss[0];
size_t i;
char country[4];
u8 *b = conf->bssid;
- int freq;
- size_t j;
- int ret = 0;
- u8 *prev_addr;
/*
* Initialize the driver interface and make sure that all BSSes get
* configured with a pointer to this driver interface.
*/
- if (b[0] | b[1] | b[2] | b[3] | b[4] | b[5]) {
- hapd->drv_priv = hostapd_driver_init_bssid(hapd, b);
- } else {
- hapd->drv_priv = hostapd_driver_init(hapd);
- }
+ if (!(b[0] | b[1] | b[2] | b[3] | b[4] | b[5]))
+ b = NULL;
+ hapd->drv_priv = hostapd_driver_init(hapd, b);
if (hapd->drv_priv == NULL) {
wpa_printf(MSG_ERROR, "%s driver initialization failed.",
if (hostapd_validate_bssid_configuration(iface))
return -1;
-#ifdef CONFIG_IEEE80211N
- SET_2BIT_LE16(&iface->ht_op_mode,
- HT_INFO_OPERATION_MODE_OP_MODE_OFFSET,
- OP_MODE_PURE);
-#endif /* CONFIG_IEEE80211N */
-
- os_memcpy(country, hapd->iconf->country, 3);
- country[3] = '\0';
- if (hostapd_set_country(hapd, country) < 0) {
- wpa_printf(MSG_ERROR, "Failed to set country code");
- return -1;
- }
-
- if (hapd->iconf->ieee80211d &&
- hostapd_set_ieee80211d(hapd, 1) < 0) {
- wpa_printf(MSG_ERROR, "Failed to set ieee80211d (%d)",
- hapd->iconf->ieee80211d);
- return -1;
- }
-
- if (hapd->iconf->bridge_packets != INTERNAL_BRIDGE_DO_NOT_CONTROL &&
- hostapd_set_internal_bridge(hapd, hapd->iconf->bridge_packets)) {
- wpa_printf(MSG_ERROR, "Failed to set bridge_packets for "
- "kernel driver");
- return -1;
+ if (hapd->iconf->country[0] && hapd->iconf->country[1]) {
+ os_memcpy(country, hapd->iconf->country, 3);
+ country[3] = '\0';
+ if (hostapd_set_country(hapd, country) < 0) {
+ wpa_printf(MSG_ERROR, "Failed to set country code");
+ return -1;
+ }
}
- /* TODO: merge with hostapd_driver_init() ? */
- if (hostapd_wireless_event_init(hapd) < 0)
- return -1;
-
if (hostapd_get_hw_features(iface)) {
/* Not all drivers support this yet, so continue without hw
* feature data. */
"channel. (%d)", ret);
return -1;
}
+ ret = hostapd_check_ht_capab(iface);
+ if (ret < 0)
+ return -1;
+ if (ret == 1) {
+ wpa_printf(MSG_DEBUG, "Interface initialization will "
+ "be completed in a callback");
+ return 0;
+ }
}
+ return hostapd_setup_interface_complete(iface, 0);
+}
- hostapd_flush_old_stations(hapd);
- hostapd_set_privacy(hapd, 0);
+int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err)
+{
+ struct hostapd_data *hapd = iface->bss[0];
+ int freq;
+ size_t j;
+ u8 *prev_addr;
+
+ if (err) {
+ wpa_printf(MSG_ERROR, "Interface initialization failed");
+ eloop_terminate();
+ return -1;
+ }
+
+ wpa_printf(MSG_DEBUG, "Completing interface initialization");
if (hapd->iconf->channel) {
freq = hostapd_hw_get_freq(hapd, hapd->iconf->channel);
wpa_printf(MSG_DEBUG, "Mode: %s Channel: %d "
hapd->iconf->channel, freq);
if (hostapd_set_freq(hapd, hapd->iconf->hw_mode, freq,
+ hapd->iconf->channel,
hapd->iconf->ieee80211n,
hapd->iconf->secondary_channel)) {
wpa_printf(MSG_ERROR, "Could not set channel for "
}
}
- hostapd_broadcast_wep_clear(hapd);
- if (hostapd_setup_encryption(hapd->conf->iface, hapd))
- return -1;
-
- hostapd_set_beacon_int(hapd, hapd->iconf->beacon_int);
- ieee802_11_set_beacon(hapd);
-
if (hapd->iconf->rts_threshold > -1 &&
hostapd_set_rts(hapd, hapd->iconf->rts_threshold)) {
wpa_printf(MSG_ERROR, "Could not set RTS threshold for "
return -1;
}
- return ret;
+ wpa_printf(MSG_DEBUG, "%s: Setup of interface done.",
+ iface->bss[0]->conf->iface);
+
+ return 0;
}
* Flushes old stations, sets the channel, encryption,
* beacons, and WDS links based on the configuration.
*/
-static int hostapd_setup_interface(struct hostapd_iface *iface)
+int hostapd_setup_interface(struct hostapd_iface *iface)
{
int ret;
iface->bss[0]->conf->iface);
eloop_terminate();
return -1;
- } else if (!hostapd_drv_none(iface->bss[0])) {
- wpa_printf(MSG_DEBUG, "%s: Setup of interface done.",
- iface->bss[0]->conf->iface);
}
return 0;
}
-static void show_version(void)
-{
- fprintf(stderr,
- "hostapd v" VERSION_STR "\n"
- "User space daemon for IEEE 802.11 AP management,\n"
- "IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
- "Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi> "
- "and contributors\n");
-}
-
-
-static void usage(void)
-{
- show_version();
- fprintf(stderr,
- "\n"
- "usage: hostapd [-hdBKtv] [-P <PID file>] "
- "<configuration file(s)>\n"
- "\n"
- "options:\n"
- " -h show this usage\n"
- " -d show more debug messages (-dd for even more)\n"
- " -B run daemon in the background\n"
- " -P PID file\n"
- " -K include key data in debug messages\n"
- " -t include timestamps in some debug messages\n"
- " -v show hostapd version\n");
-
- exit(1);
-}
-
-
/**
* hostapd_alloc_bss_data - Allocate and initialize per-BSS data
* @hapd_iface: Pointer to interface data
* freed after hostapd_cleanup() is called for it during interface
* deinitialization.
*/
-static struct hostapd_data *
+struct hostapd_data *
hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface,
struct hostapd_config *conf,
struct hostapd_bss_config *bss)
if (hapd == NULL)
return NULL;
+ hostapd_set_driver_ops(&hapd->drv);
hapd->iconf = conf;
hapd->conf = bss;
hapd->iface = hapd_iface;
- if (hapd->conf->individual_wep_key_len > 0) {
- /* use key0 in individual key and key1 in broadcast key */
- hapd->default_wep_key_idx = 1;
- }
-
#ifdef EAP_TLS_FUNCS
if (hapd->conf->eap_server &&
(hapd->conf->ca_cert || hapd->conf->server_cert ||
}
#endif /* EAP_TLS_FUNCS */
-#ifdef EAP_SERVER
+#ifdef EAP_SIM_DB
if (hapd->conf->eap_sim_db) {
hapd->eap_sim_db_priv =
eap_sim_db_init(hapd->conf->eap_sim_db,
goto fail;
}
}
-#endif /* EAP_SERVER */
+#endif /* EAP_SIM_DB */
hapd->driver = hapd->iconf->driver;
return hapd;
-#if defined(EAP_TLS_FUNCS) || defined(EAP_SERVER)
+#if defined(EAP_TLS_FUNCS) || defined(EAP_SIM_DB)
fail:
#endif
/* TODO: cleanup allocated resources(?) */
}
-/**
- * hostapd_init - Allocate and initialize per-interface data
- * @config_file: Path to the configuration file
- * Returns: Pointer to the allocated interface data or %NULL on failure
- *
- * This function is used to allocate main data structures for per-interface
- * data. The allocated data buffer will be freed by calling
- * hostapd_cleanup_iface().
- */
-static struct hostapd_iface * hostapd_init(const char *config_file)
-{
- struct hostapd_iface *hapd_iface = NULL;
- struct hostapd_config *conf = NULL;
- struct hostapd_data *hapd;
- size_t i;
-
- hapd_iface = os_zalloc(sizeof(*hapd_iface));
- if (hapd_iface == NULL)
- goto fail;
-
- hapd_iface->config_fname = os_strdup(config_file);
- if (hapd_iface->config_fname == NULL)
- goto fail;
-
- conf = hostapd_config_read(hapd_iface->config_fname);
- if (conf == NULL)
- goto fail;
- hapd_iface->conf = conf;
-
- hapd_iface->num_bss = conf->num_bss;
- hapd_iface->bss = os_zalloc(conf->num_bss *
- sizeof(struct hostapd_data *));
- if (hapd_iface->bss == NULL)
- goto fail;
-
- for (i = 0; i < conf->num_bss; i++) {
- hapd = hapd_iface->bss[i] =
- hostapd_alloc_bss_data(hapd_iface, conf,
- &conf->bss[i]);
- if (hapd == NULL)
- goto fail;
- }
-
- return hapd_iface;
-
-fail:
- if (conf)
- hostapd_config_free(conf);
- if (hapd_iface) {
- for (i = 0; hapd_iface->bss && i < hapd_iface->num_bss; i++) {
- hapd = hapd_iface->bss[i];
- if (hapd && hapd->ssl_ctx)
- tls_deinit(hapd->ssl_ctx);
- }
-
- os_free(hapd_iface->config_fname);
- os_free(hapd_iface->bss);
- os_free(hapd_iface);
- }
- return NULL;
-}
-
-
-static int hostapd_global_init(struct hapd_interfaces *interfaces)
-{
- hostapd_logger_register_cb(hostapd_logger_cb);
-
- if (eap_server_register_methods()) {
- wpa_printf(MSG_ERROR, "Failed to register EAP methods");
- return -1;
- }
-
- if (eloop_init(interfaces)) {
- wpa_printf(MSG_ERROR, "Failed to initialize event loop");
- return -1;
- }
-
-#ifndef CONFIG_NATIVE_WINDOWS
- eloop_register_signal(SIGHUP, handle_reload, NULL);
- eloop_register_signal(SIGUSR1, handle_dump_state, NULL);
-#endif /* CONFIG_NATIVE_WINDOWS */
- eloop_register_signal_terminate(handle_term, NULL);
-
-#ifndef CONFIG_NATIVE_WINDOWS
- openlog("hostapd", 0, LOG_DAEMON);
-#endif /* CONFIG_NATIVE_WINDOWS */
-
- return 0;
-}
-
-
-static void hostapd_global_deinit(const char *pid_file)
-{
-#ifdef EAP_TNC
- tncs_global_deinit();
-#endif /* EAP_TNC */
-
- eloop_destroy();
-
-#ifndef CONFIG_NATIVE_WINDOWS
- closelog();
-#endif /* CONFIG_NATIVE_WINDOWS */
-
- eap_server_unregister_methods();
-
- os_daemonize_terminate(pid_file);
-}
-
-
-static void hostapd_interface_deinit(struct hostapd_iface *iface)
+void hostapd_interface_deinit(struct hostapd_iface *iface)
{
size_t j;
}
-static struct hostapd_iface * hostapd_interface_init(const char *config_fname,
- int debug)
-{
- struct hostapd_iface *iface;
- int k;
-
- wpa_printf(MSG_ERROR, "Configuration file: %s", config_fname);
- iface = hostapd_init(config_fname);
- if (!iface)
- return NULL;
-
- for (k = 0; k < debug; k++) {
- if (iface->bss[0]->conf->logger_stdout_level > 0)
- iface->bss[0]->conf->logger_stdout_level--;
- }
-
- if (hostapd_setup_interface(iface)) {
- hostapd_interface_deinit(iface);
- return NULL;
- }
-
- return iface;
-}
-
-
-static int hostapd_global_run(struct hapd_interfaces *ifaces, int daemonize,
- const char *pid_file)
+int hostapd_register_probereq_cb(struct hostapd_data *hapd,
+ void (*cb)(void *ctx, const u8 *sa,
+ const u8 *ie, size_t ie_len),
+ void *ctx)
{
-#ifdef EAP_TNC
- int tnc = 0;
- size_t i, k;
-
- for (i = 0; !tnc && i < ifaces->count; i++) {
- for (k = 0; k < ifaces->iface[i]->num_bss; k++) {
- if (ifaces->iface[i]->bss[0]->conf->tnc) {
- tnc++;
- break;
- }
- }
- }
+ struct hostapd_probereq_cb *n;
- if (tnc && tncs_global_init() < 0) {
- wpa_printf(MSG_ERROR, "Failed to initialize TNCS");
+ n = os_realloc(hapd->probereq_cb, (hapd->num_probereq_cb + 1) *
+ sizeof(struct hostapd_probereq_cb));
+ if (n == NULL)
return -1;
- }
-#endif /* EAP_TNC */
- if (daemonize && os_daemonize(pid_file)) {
- perror("daemon");
- return -1;
- }
+ hapd->probereq_cb = n;
+ n = &hapd->probereq_cb[hapd->num_probereq_cb];
+ hapd->num_probereq_cb++;
- eloop_run();
+ n->cb = cb;
+ n->ctx = ctx;
return 0;
}
-int main(int argc, char *argv[])
+int hostapd_set_drv_ieee8021x(struct hostapd_data *hapd, const char *ifname,
+ int enabled)
{
- struct hapd_interfaces interfaces;
- int ret = 1;
- size_t i;
- int c, debug = 0, daemonize = 0;
- const char *pid_file = NULL;
-
- for (;;) {
- c = getopt(argc, argv, "BdhKP:tv");
- if (c < 0)
- break;
- switch (c) {
- case 'h':
- usage();
- break;
- case 'd':
- debug++;
- if (wpa_debug_level > 0)
- wpa_debug_level--;
- break;
- case 'B':
- daemonize++;
- break;
- case 'K':
- wpa_debug_show_keys++;
- break;
- case 'P':
- pid_file = optarg;
- break;
- case 't':
- wpa_debug_timestamp++;
- break;
- case 'v':
- show_version();
- exit(1);
- break;
-
- default:
- usage();
- break;
- }
- }
-
- if (optind == argc)
- usage();
-
- interfaces.count = argc - optind;
- interfaces.iface = os_malloc(interfaces.count *
- sizeof(struct hostapd_iface *));
- if (interfaces.iface == NULL) {
- wpa_printf(MSG_ERROR, "malloc failed\n");
- return -1;
- }
-
- if (hostapd_global_init(&interfaces))
- return -1;
-
- /* Initialize interfaces */
- for (i = 0; i < interfaces.count; i++) {
- interfaces.iface[i] = hostapd_interface_init(argv[optind + i],
- debug);
- if (!interfaces.iface[i])
- goto out;
- }
-
- if (hostapd_global_run(&interfaces, daemonize, pid_file))
- goto out;
-
- ret = 0;
-
- out:
- /* Deinitialize all interfaces */
- for (i = 0; i < interfaces.count; i++)
- hostapd_interface_deinit(interfaces.iface[i]);
- os_free(interfaces.iface);
+ struct wpa_bss_params params;
+ os_memset(¶ms, 0, sizeof(params));
+ params.ifname = ifname;
+ params.enabled = enabled;
+ if (enabled) {
+ params.wpa = hapd->conf->wpa;
+ params.ieee802_1x = hapd->conf->ieee802_1x;
+ params.wpa_group = hapd->conf->wpa_group;
+ params.wpa_pairwise = hapd->conf->wpa_pairwise;
+ params.wpa_key_mgmt = hapd->conf->wpa_key_mgmt;
+ params.rsn_preauth = hapd->conf->rsn_preauth;
+ }
+ return hostapd_set_ieee8021x(hapd, ¶ms);
+}
- hostapd_global_deinit(pid_file);
- return ret;
+int hostapd_sta_flags_to_drv(int flags)
+{
+ int res = 0;
+ if (flags & WLAN_STA_AUTHORIZED)
+ res |= WPA_STA_AUTHORIZED;
+ if (flags & WLAN_STA_WMM)
+ res |= WPA_STA_WMM;
+ if (flags & WLAN_STA_SHORT_PREAMBLE)
+ res |= WPA_STA_SHORT_PREAMBLE;
+ if (flags & WLAN_STA_MFP)
+ res |= WPA_STA_MFP;
+ return res;
}