2 * WPA Supplicant / UDP socket -based control interface
3 * Copyright (c) 2004-2005, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
14 #include "eapol_supp/eapol_supp_sm.h"
15 #include "wpa_supplicant_i.h"
16 #include "ctrl_iface.h"
17 #include "common/wpa_ctrl.h"
22 /* Per-interface ctrl_iface */
25 * struct wpa_ctrl_dst - Internal data structure of control interface monitors
27 * This structure is used to store information about registered control
28 * interface monitors into struct wpa_supplicant. This data is private to
29 * ctrl_iface_udp.c and should not be touched directly from other files.
32 struct wpa_ctrl_dst *next;
33 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
34 struct sockaddr_in6 addr;
35 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
36 struct sockaddr_in addr;
37 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
44 struct ctrl_iface_priv {
45 struct wpa_supplicant *wpa_s;
47 struct wpa_ctrl_dst *ctrl_dst;
48 u8 cookie[COOKIE_LEN];
52 static void wpa_supplicant_ctrl_iface_send(struct ctrl_iface_priv *priv,
53 int level, const char *buf,
57 static int wpa_supplicant_ctrl_iface_attach(struct ctrl_iface_priv *priv,
58 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
59 struct sockaddr_in6 *from,
60 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
61 struct sockaddr_in *from,
62 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
65 struct wpa_ctrl_dst *dst;
66 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
67 char addr[INET6_ADDRSTRLEN];
68 #endif /* CONFIG_UDP_IPV6 */
70 dst = os_zalloc(sizeof(*dst));
73 os_memcpy(&dst->addr, from, sizeof(*from));
74 dst->addrlen = fromlen;
75 dst->debug_level = MSG_INFO;
76 dst->next = priv->ctrl_dst;
78 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
79 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor attached %s:%d",
80 inet_ntop(AF_INET6, &from->sin6_addr, addr, sizeof(*from)),
81 ntohs(from->sin6_port));
82 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
83 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor attached %s:%d",
84 inet_ntoa(from->sin_addr), ntohs(from->sin_port));
85 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
90 static int wpa_supplicant_ctrl_iface_detach(struct ctrl_iface_priv *priv,
91 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
92 struct sockaddr_in6 *from,
93 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
94 struct sockaddr_in *from,
95 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
98 struct wpa_ctrl_dst *dst, *prev = NULL;
99 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
100 char addr[INET6_ADDRSTRLEN];
101 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
103 dst = priv->ctrl_dst;
105 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
106 if (from->sin6_port == dst->addr.sin6_port &&
107 !os_memcmp(&from->sin6_addr, &dst->addr.sin6_addr,
108 sizeof(from->sin6_addr))) {
109 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor detached %s:%d",
110 inet_ntop(AF_INET6, &from->sin6_addr, addr,
112 ntohs(from->sin6_port));
113 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
114 if (from->sin_addr.s_addr == dst->addr.sin_addr.s_addr &&
115 from->sin_port == dst->addr.sin_port) {
116 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor detached "
117 "%s:%d", inet_ntoa(from->sin_addr),
118 ntohs(from->sin_port));
119 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
121 priv->ctrl_dst = dst->next;
123 prev->next = dst->next;
134 static int wpa_supplicant_ctrl_iface_level(struct ctrl_iface_priv *priv,
135 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
136 struct sockaddr_in6 *from,
137 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
138 struct sockaddr_in *from,
139 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
143 struct wpa_ctrl_dst *dst;
144 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
145 char addr[INET6_ADDRSTRLEN];
146 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
148 wpa_printf(MSG_DEBUG, "CTRL_IFACE LEVEL %s", level);
150 dst = priv->ctrl_dst;
152 #if CONFIG_CTRL_IFACE_UDP_IPV6
153 if (from->sin6_port == dst->addr.sin6_port &&
154 !os_memcmp(&from->sin6_addr, &dst->addr.sin6_addr,
155 sizeof(from->sin6_addr))) {
156 wpa_printf(MSG_DEBUG, "CTRL_IFACE changed monitor level %s:%d",
157 inet_ntop(AF_INET6, &from->sin6_addr, addr,
159 ntohs(from->sin6_port));
160 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
161 if (from->sin_addr.s_addr == dst->addr.sin_addr.s_addr &&
162 from->sin_port == dst->addr.sin_port) {
163 wpa_printf(MSG_DEBUG, "CTRL_IFACE changed monitor "
164 "level %s:%d", inet_ntoa(from->sin_addr),
165 ntohs(from->sin_port));
166 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
167 dst->debug_level = atoi(level);
178 wpa_supplicant_ctrl_iface_get_cookie(struct ctrl_iface_priv *priv,
182 reply = os_malloc(7 + 2 * COOKIE_LEN + 1);
188 os_memcpy(reply, "COOKIE=", 7);
189 wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1,
190 priv->cookie, COOKIE_LEN);
192 *reply_len = 7 + 2 * COOKIE_LEN;
197 static void wpa_supplicant_ctrl_iface_receive(int sock, void *eloop_ctx,
200 struct wpa_supplicant *wpa_s = eloop_ctx;
201 struct ctrl_iface_priv *priv = sock_ctx;
204 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
205 struct sockaddr_in6 from;
206 #ifndef CONFIG_CTRL_IFACE_UDP_REMOTE
207 char addr[INET6_ADDRSTRLEN];
208 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
209 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
210 struct sockaddr_in from;
211 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
212 socklen_t fromlen = sizeof(from);
214 size_t reply_len = 0;
215 int new_attached = 0;
216 u8 cookie[COOKIE_LEN];
218 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
219 (struct sockaddr *) &from, &fromlen);
221 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
226 #ifndef CONFIG_CTRL_IFACE_UDP_REMOTE
227 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
228 inet_ntop(AF_INET6, &from.sin6_addr, addr, sizeof(from));
229 if (os_strcmp(addr, "::1")) {
230 wpa_printf(MSG_DEBUG, "CTRL: Drop packet from unexpected source %s",
233 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
234 if (from.sin_addr.s_addr != htonl((127 << 24) | 1)) {
236 * The OS networking stack is expected to drop this kind of
237 * frames since the socket is bound to only localhost address.
238 * Just in case, drop the frame if it is coming from any other
241 wpa_printf(MSG_DEBUG, "CTRL: Drop packet from unexpected "
242 "source %s", inet_ntoa(from.sin_addr));
245 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
246 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
250 if (os_strcmp(buf, "GET_COOKIE") == 0) {
251 reply = wpa_supplicant_ctrl_iface_get_cookie(priv, &reply_len);
256 * Require that the client includes a prefix with the 'cookie' value
257 * fetched with GET_COOKIE command. This is used to verify that the
258 * client has access to a bidirectional link over UDP in order to
259 * avoid attacks using forged localhost IP address even if the OS does
260 * not block such frames from remote destinations.
262 if (os_strncmp(buf, "COOKIE=", 7) != 0) {
263 wpa_printf(MSG_DEBUG, "CTLR: No cookie in the request - "
268 if (hexstr2bin(buf + 7, cookie, COOKIE_LEN) < 0) {
269 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie format in the "
270 "request - drop request");
274 if (os_memcmp(cookie, priv->cookie, COOKIE_LEN) != 0) {
275 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie in the request - "
280 pos = buf + 7 + 2 * COOKIE_LEN;
284 if (os_strcmp(pos, "ATTACH") == 0) {
285 if (wpa_supplicant_ctrl_iface_attach(priv, &from, fromlen))
291 } else if (os_strcmp(pos, "DETACH") == 0) {
292 if (wpa_supplicant_ctrl_iface_detach(priv, &from, fromlen))
296 } else if (os_strncmp(pos, "LEVEL ", 6) == 0) {
297 if (wpa_supplicant_ctrl_iface_level(priv, &from, fromlen,
303 reply = wpa_supplicant_ctrl_iface_process(wpa_s, pos,
309 sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
312 } else if (reply_len == 1) {
313 sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
315 } else if (reply_len == 2) {
316 sendto(sock, "OK\n", 3, 0, (struct sockaddr *) &from,
321 eapol_sm_notify_ctrl_attached(wpa_s->eapol);
325 static void wpa_supplicant_ctrl_iface_msg_cb(void *ctx, int level,
326 enum wpa_msg_type type,
327 const char *txt, size_t len)
329 struct wpa_supplicant *wpa_s = ctx;
330 if (wpa_s == NULL || wpa_s->ctrl_iface == NULL)
332 wpa_supplicant_ctrl_iface_send(wpa_s->ctrl_iface, level, txt, len);
336 struct ctrl_iface_priv *
337 wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s)
339 struct ctrl_iface_priv *priv;
340 int port = WPA_CTRL_IFACE_PORT;
341 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
342 struct sockaddr_in6 addr;
343 int domain = PF_INET6;
344 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
345 struct sockaddr_in addr;
346 int domain = PF_INET;
347 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
349 priv = os_zalloc(sizeof(*priv));
354 os_get_random(priv->cookie, COOKIE_LEN);
356 if (wpa_s->conf->ctrl_interface == NULL)
359 priv->sock = socket(domain, SOCK_DGRAM, 0);
360 if (priv->sock < 0) {
361 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
365 os_memset(&addr, 0, sizeof(addr));
366 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
367 addr.sin6_family = AF_INET6;
368 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
369 addr.sin6_addr = in6addr_any;
370 #else /* CONFIG_CTRL_IFACE_UDP_REMOTE */
371 inet_pton(AF_INET6, "::1", &addr.sin6_addr);
372 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
373 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
374 addr.sin_family = AF_INET;
375 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
376 addr.sin_addr.s_addr = INADDR_ANY;
377 #else /* CONFIG_CTRL_IFACE_UDP_REMOTE */
378 addr.sin_addr.s_addr = htonl((127 << 24) | 1);
379 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
380 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
382 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
383 addr.sin6_port = htons(port);
384 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
385 addr.sin_port = htons(port);
386 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
387 if (bind(priv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
389 if ((WPA_CTRL_IFACE_PORT - port) < WPA_CTRL_IFACE_PORT_LIMIT)
391 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
395 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
396 wpa_msg(wpa_s, MSG_DEBUG, "ctrl_iface_init UDP port: %d", port);
397 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
399 eloop_register_read_sock(priv->sock, wpa_supplicant_ctrl_iface_receive,
401 wpa_msg_register_cb(wpa_supplicant_ctrl_iface_msg_cb);
413 void wpa_supplicant_ctrl_iface_deinit(struct ctrl_iface_priv *priv)
415 struct wpa_ctrl_dst *dst, *prev;
417 if (priv->sock > -1) {
418 eloop_unregister_read_sock(priv->sock);
419 if (priv->ctrl_dst) {
421 * Wait before closing the control socket if
422 * there are any attached monitors in order to allow
423 * them to receive any pending messages.
425 wpa_printf(MSG_DEBUG, "CTRL_IFACE wait for attached "
426 "monitors to receive messages");
433 dst = priv->ctrl_dst;
443 static void wpa_supplicant_ctrl_iface_send(struct ctrl_iface_priv *priv,
444 int level, const char *buf,
447 struct wpa_ctrl_dst *dst, *next;
452 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
453 char addr[INET6_ADDRSTRLEN];
454 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
456 dst = priv->ctrl_dst;
457 if (priv->sock < 0 || dst == NULL)
460 os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
462 llen = os_strlen(levelstr);
463 sbuf = os_malloc(llen + len);
467 os_memcpy(sbuf, levelstr, llen);
468 os_memcpy(sbuf + llen, buf, len);
473 if (level >= dst->debug_level) {
474 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
475 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor send %s:%d",
476 inet_ntop(AF_INET6, &dst->addr.sin6_addr,
477 addr, sizeof(dst->addr)),
478 ntohs(dst->addr.sin6_port));
479 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
480 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor send %s:%d",
481 inet_ntoa(dst->addr.sin_addr),
482 ntohs(dst->addr.sin_port));
483 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
484 if (sendto(priv->sock, sbuf, llen + len, 0,
485 (struct sockaddr *) &dst->addr,
486 sizeof(dst->addr)) < 0) {
487 wpa_printf(MSG_ERROR,
488 "sendto(CTRL_IFACE monitor): %s",
491 if (dst->errors > 10) {
492 wpa_supplicant_ctrl_iface_detach(
506 void wpa_supplicant_ctrl_iface_wait(struct ctrl_iface_priv *priv)
508 wpa_printf(MSG_DEBUG, "CTRL_IFACE - %s - wait for monitor",
509 priv->wpa_s->ifname);
510 eloop_wait_for_read_sock(priv->sock);
514 /* Global ctrl_iface */
516 struct ctrl_iface_global_priv {
518 u8 cookie[COOKIE_LEN];
523 wpa_supplicant_global_get_cookie(struct ctrl_iface_global_priv *priv,
527 reply = os_malloc(7 + 2 * COOKIE_LEN + 1);
533 os_memcpy(reply, "COOKIE=", 7);
534 wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1,
535 priv->cookie, COOKIE_LEN);
537 *reply_len = 7 + 2 * COOKIE_LEN;
542 static void wpa_supplicant_global_ctrl_iface_receive(int sock, void *eloop_ctx,
545 struct wpa_global *global = eloop_ctx;
546 struct ctrl_iface_global_priv *priv = sock_ctx;
549 struct sockaddr_in from;
550 socklen_t fromlen = sizeof(from);
553 u8 cookie[COOKIE_LEN];
555 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
556 (struct sockaddr *) &from, &fromlen);
558 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
563 #ifndef CONFIG_CTRL_IFACE_UDP_REMOTE
564 if (from.sin_addr.s_addr != htonl((127 << 24) | 1)) {
566 * The OS networking stack is expected to drop this kind of
567 * frames since the socket is bound to only localhost address.
568 * Just in case, drop the frame if it is coming from any other
571 wpa_printf(MSG_DEBUG, "CTRL: Drop packet from unexpected "
572 "source %s", inet_ntoa(from.sin_addr));
575 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
579 if (os_strcmp(buf, "GET_COOKIE") == 0) {
580 reply = wpa_supplicant_global_get_cookie(priv, &reply_len);
584 if (os_strncmp(buf, "COOKIE=", 7) != 0) {
585 wpa_printf(MSG_DEBUG, "CTLR: No cookie in the request - "
590 if (hexstr2bin(buf + 7, cookie, COOKIE_LEN) < 0) {
591 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie format in the "
592 "request - drop request");
596 if (os_memcmp(cookie, priv->cookie, COOKIE_LEN) != 0) {
597 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie in the request - "
602 pos = buf + 7 + 2 * COOKIE_LEN;
606 reply = wpa_supplicant_global_ctrl_iface_process(global, pos,
611 sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
614 } else if (reply_len) {
615 sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
621 struct ctrl_iface_global_priv *
622 wpa_supplicant_global_ctrl_iface_init(struct wpa_global *global)
624 struct ctrl_iface_global_priv *priv;
625 struct sockaddr_in addr;
626 int port = WPA_GLOBAL_CTRL_IFACE_PORT;
628 priv = os_zalloc(sizeof(*priv));
632 os_get_random(priv->cookie, COOKIE_LEN);
634 if (global->params.ctrl_interface == NULL)
637 wpa_printf(MSG_DEBUG, "Global control interface '%s'",
638 global->params.ctrl_interface);
640 priv->sock = socket(PF_INET, SOCK_DGRAM, 0);
641 if (priv->sock < 0) {
642 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
646 os_memset(&addr, 0, sizeof(addr));
647 addr.sin_family = AF_INET;
648 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
649 addr.sin_addr.s_addr = INADDR_ANY;
650 #else /* CONFIG_CTRL_IFACE_UDP_REMOTE */
651 addr.sin_addr.s_addr = htonl((127 << 24) | 1);
652 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
654 addr.sin_port = htons(port);
655 if (bind(priv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
657 if ((port - WPA_GLOBAL_CTRL_IFACE_PORT) <
658 WPA_GLOBAL_CTRL_IFACE_PORT_LIMIT)
660 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
664 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
665 wpa_printf(MSG_DEBUG, "global_ctrl_iface_init UDP port: %d", port);
666 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
668 eloop_register_read_sock(priv->sock,
669 wpa_supplicant_global_ctrl_iface_receive,
683 wpa_supplicant_global_ctrl_iface_deinit(struct ctrl_iface_global_priv *priv)
685 if (priv->sock >= 0) {
686 eloop_unregister_read_sock(priv->sock);
projects / mech_eap.git / blob