2 * WPA Supplicant / Configuration backend: Windows registry
3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements a configuration backend for Windows registry.. All the
15 * configuration information is stored in the registry and the format for
16 * network configuration fields is same as described in the sample
17 * configuration file, wpa_supplicant.conf.
19 * Configuration data is in HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs
20 * key. Each configuration profile has its own key under this. In terms of text
21 * files, each profile would map to a separate text file with possibly multiple
22 * networks. Under each profile, there is a networks key that lists all
23 * networks as a subkey. Each network has set of values in the same way as
24 * network block in the configuration file. In addition, blobs subkey has
25 * possible blobs as values.
27 * HKEY_LOCAL_MACHINE\SOFTWARE\wpa_supplicant\configs\test\networks\0000
39 #define WPA_KEY_ROOT HKEY_LOCAL_MACHINE
41 #ifndef WPA_KEY_PREFIX
42 #define WPA_KEY_PREFIX TEXT("SOFTWARE\\wpa_supplicant")
52 static int wpa_config_read_blobs(struct wpa_config *config, HKEY hk)
54 struct wpa_config_blob *blob;
60 ret = RegOpenKeyEx(hk, TEXT("blobs"), 0, KEY_QUERY_VALUE, &bhk);
61 if (ret != ERROR_SUCCESS) {
62 wpa_printf(MSG_DEBUG, "Could not open wpa_supplicant config "
64 return 0; /* assume no blobs */
71 DWORD namelen, datalen, type;
74 datalen = sizeof(data);
75 ret = RegEnumValue(bhk, i, name, &namelen, NULL, &type,
76 (LPBYTE) data, &datalen);
78 if (ret == ERROR_NO_MORE_ITEMS)
81 if (ret != ERROR_SUCCESS) {
82 wpa_printf(MSG_DEBUG, "RegEnumValue failed: 0x%x",
87 if (namelen >= TNAMELEN)
88 namelen = TNAMELEN - 1;
89 name[namelen] = TEXT('\0');
90 wpa_unicode2ascii_inplace(name);
92 if (datalen >= sizeof(data))
93 datalen = sizeof(data) - 1;
95 wpa_printf(MSG_MSGDUMP, "blob %d: field='%s' len %d",
96 (int) i, name, (int) datalen);
98 blob = os_zalloc(sizeof(*blob));
103 blob->name = os_strdup((char *) name);
104 blob->data = os_malloc(datalen);
105 if (blob->name == NULL || blob->data == NULL) {
106 wpa_config_free_blob(blob);
110 os_memcpy(blob->data, data, datalen);
113 wpa_config_set_blob(config, blob);
118 return errors ? -1 : 0;
122 static int wpa_config_read_reg_dword(HKEY hk, const TCHAR *name, int *_val)
127 buflen = sizeof(val);
128 ret = RegQueryValueEx(hk, name, NULL, NULL, (LPBYTE) &val, &buflen);
129 if (ret == ERROR_SUCCESS && buflen == sizeof(val)) {
130 wpa_printf(MSG_DEBUG, TSTR "=%d", name, (int) val);
139 static char * wpa_config_read_reg_string(HKEY hk, const TCHAR *name)
146 ret = RegQueryValueEx(hk, name, NULL, NULL, NULL, &buflen);
147 if (ret != ERROR_SUCCESS)
149 val = os_malloc(buflen);
153 ret = RegQueryValueEx(hk, name, NULL, NULL, (LPBYTE) val, &buflen);
154 if (ret != ERROR_SUCCESS) {
159 wpa_unicode2ascii_inplace(val);
160 wpa_printf(MSG_DEBUG, TSTR "=%s", name, (char *) val);
166 static int wpa_config_read_global_uuid(struct wpa_config *config, HKEY hk)
171 str = wpa_config_read_reg_string(hk, TEXT("uuid"));
175 if (uuid_str2bin(str, config->uuid))
182 #endif /* CONFIG_WPS */
185 static int wpa_config_read_global(struct wpa_config *config, HKEY hk)
189 wpa_config_read_reg_dword(hk, TEXT("ap_scan"), &config->ap_scan);
190 wpa_config_read_reg_dword(hk, TEXT("fast_reauth"),
191 &config->fast_reauth);
192 wpa_config_read_reg_dword(hk, TEXT("dot11RSNAConfigPMKLifetime"),
193 &config->dot11RSNAConfigPMKLifetime);
194 wpa_config_read_reg_dword(hk,
195 TEXT("dot11RSNAConfigPMKReauthThreshold"),
196 &config->dot11RSNAConfigPMKReauthThreshold);
197 wpa_config_read_reg_dword(hk, TEXT("dot11RSNAConfigSATimeout"),
198 &config->dot11RSNAConfigSATimeout);
199 wpa_config_read_reg_dword(hk, TEXT("update_config"),
200 &config->update_config);
202 if (wpa_config_read_reg_dword(hk, TEXT("eapol_version"),
203 &config->eapol_version) == 0) {
204 if (config->eapol_version < 1 ||
205 config->eapol_version > 2) {
206 wpa_printf(MSG_ERROR, "Invalid EAPOL version (%d)",
207 config->eapol_version);
212 config->ctrl_interface = wpa_config_read_reg_string(
213 hk, TEXT("ctrl_interface"));
216 if (wpa_config_read_global_uuid(config, hk))
218 #endif /* CONFIG_WPS */
220 return errors ? -1 : 0;
224 static struct wpa_ssid * wpa_config_read_network(HKEY hk, const TCHAR *netw,
230 struct wpa_ssid *ssid;
233 ret = RegOpenKeyEx(hk, netw, 0, KEY_QUERY_VALUE, &nhk);
234 if (ret != ERROR_SUCCESS) {
235 wpa_printf(MSG_DEBUG, "Could not open wpa_supplicant config "
236 "network '" TSTR "'", netw);
240 wpa_printf(MSG_MSGDUMP, "Start of a new network '" TSTR "'", netw);
241 ssid = os_zalloc(sizeof(*ssid));
248 wpa_config_set_network_defaults(ssid);
251 TCHAR name[255], data[1024];
252 DWORD namelen, datalen, type;
255 datalen = sizeof(data);
256 ret = RegEnumValue(nhk, i, name, &namelen, NULL, &type,
257 (LPBYTE) data, &datalen);
259 if (ret == ERROR_NO_MORE_ITEMS)
262 if (ret != ERROR_SUCCESS) {
263 wpa_printf(MSG_ERROR, "RegEnumValue failed: 0x%x",
270 name[namelen] = TEXT('\0');
274 data[datalen] = TEXT('\0');
276 wpa_unicode2ascii_inplace(name);
277 wpa_unicode2ascii_inplace(data);
278 if (wpa_config_set(ssid, (char *) name, (char *) data, 0) < 0)
284 if (ssid->passphrase) {
286 wpa_printf(MSG_ERROR, "Both PSK and passphrase "
287 "configured for network '" TSTR "'.", netw);
290 wpa_config_update_psk(ssid);
293 if ((ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK |
294 WPA_KEY_MGMT_PSK_SHA256)) &&
296 wpa_printf(MSG_ERROR, "WPA-PSK accepted for key management, "
297 "but no PSK configured for network '" TSTR "'.",
302 if ((ssid->group_cipher & WPA_CIPHER_CCMP) &&
303 !(ssid->pairwise_cipher & WPA_CIPHER_CCMP) &&
304 !(ssid->pairwise_cipher & WPA_CIPHER_NONE)) {
305 /* Group cipher cannot be stronger than the pairwise cipher. */
306 wpa_printf(MSG_DEBUG, "Removed CCMP from group cipher "
307 "list since it was not allowed for pairwise "
308 "cipher for network '" TSTR "'.", netw);
309 ssid->group_cipher &= ~WPA_CIPHER_CCMP;
313 wpa_config_free_ssid(ssid);
321 static int wpa_config_read_networks(struct wpa_config *config, HKEY hk)
324 struct wpa_ssid *ssid, *tail = NULL, *head = NULL;
329 ret = RegOpenKeyEx(hk, TEXT("networks"), 0, KEY_ENUMERATE_SUB_KEYS,
331 if (ret != ERROR_SUCCESS) {
332 wpa_printf(MSG_ERROR, "Could not open wpa_supplicant networks "
342 ret = RegEnumKeyEx(nhk, i, name, &namelen, NULL, NULL, NULL,
345 if (ret == ERROR_NO_MORE_ITEMS)
348 if (ret != ERROR_SUCCESS) {
349 wpa_printf(MSG_DEBUG, "RegEnumKeyEx failed: 0x%x",
356 name[namelen] = '\0';
358 ssid = wpa_config_read_network(nhk, name, i);
360 wpa_printf(MSG_ERROR, "Failed to parse network "
361 "profile '%s'.", name);
371 if (wpa_config_add_prio_network(config, ssid)) {
372 wpa_printf(MSG_ERROR, "Failed to add network profile "
373 "'%s' to priority list.", name);
383 return errors ? -1 : 0;
387 struct wpa_config * wpa_config_read(const char *name)
391 struct wpa_config *config;
395 config = wpa_config_alloc_empty(NULL, NULL);
398 wpa_printf(MSG_DEBUG, "Reading configuration profile '%s'", name);
401 _snwprintf(buf, 256, WPA_KEY_PREFIX TEXT("\\configs\\%S"), name);
403 os_snprintf(buf, 256, WPA_KEY_PREFIX TEXT("\\configs\\%s"), name);
406 ret = RegOpenKeyEx(WPA_KEY_ROOT, buf, 0, KEY_QUERY_VALUE, &hk);
407 if (ret != ERROR_SUCCESS) {
408 wpa_printf(MSG_ERROR, "Could not open wpa_supplicant "
409 "configuration registry HKLM\\" TSTR, buf);
414 if (wpa_config_read_global(config, hk))
417 if (wpa_config_read_networks(config, hk))
420 if (wpa_config_read_blobs(config, hk))
423 wpa_config_debug_dump_networks(config);
428 wpa_config_free(config);
436 static int wpa_config_write_reg_dword(HKEY hk, const TCHAR *name, int val,
443 RegDeleteValue(hk, name);
447 ret = RegSetValueEx(hk, name, 0, REG_DWORD, (LPBYTE) &_val,
449 if (ret != ERROR_SUCCESS) {
450 wpa_printf(MSG_ERROR, "WINREG: Failed to set %s=%d: error %d",
451 name, val, (int) GetLastError());
459 static int wpa_config_write_reg_string(HKEY hk, const char *name,
465 _name = wpa_strdup_tchar(name);
470 RegDeleteValue(hk, _name);
475 _val = wpa_strdup_tchar(val);
480 ret = RegSetValueEx(hk, _name, 0, REG_SZ, (BYTE *) _val,
481 (os_strlen(val) + 1) * sizeof(TCHAR));
482 if (ret != ERROR_SUCCESS) {
483 wpa_printf(MSG_ERROR, "WINREG: Failed to set %s='%s': "
484 "error %d", name, val, (int) GetLastError());
496 static int wpa_config_write_global(struct wpa_config *config, HKEY hk)
498 #ifdef CONFIG_CTRL_IFACE
499 wpa_config_write_reg_string(hk, "ctrl_interface",
500 config->ctrl_interface);
501 #endif /* CONFIG_CTRL_IFACE */
503 wpa_config_write_reg_dword(hk, TEXT("eapol_version"),
504 config->eapol_version,
505 DEFAULT_EAPOL_VERSION);
506 wpa_config_write_reg_dword(hk, TEXT("ap_scan"), config->ap_scan,
508 wpa_config_write_reg_dword(hk, TEXT("fast_reauth"),
509 config->fast_reauth, DEFAULT_FAST_REAUTH);
510 wpa_config_write_reg_dword(hk, TEXT("dot11RSNAConfigPMKLifetime"),
511 config->dot11RSNAConfigPMKLifetime, 0);
512 wpa_config_write_reg_dword(hk,
513 TEXT("dot11RSNAConfigPMKReauthThreshold"),
514 config->dot11RSNAConfigPMKReauthThreshold,
516 wpa_config_write_reg_dword(hk, TEXT("dot11RSNAConfigSATimeout"),
517 config->dot11RSNAConfigSATimeout, 0);
518 wpa_config_write_reg_dword(hk, TEXT("update_config"),
519 config->update_config,
522 if (is_nil_uuid(config->uuid)) {
524 uuid_bin2str(config->uuid, buf, sizeof(buf));
525 wpa_config_write_reg_string(hk, "uuid", buf);
527 #endif /* CONFIG_WPS */
533 static int wpa_config_delete_subkeys(HKEY hk, const TCHAR *key)
539 ret = RegOpenKeyEx(hk, key, 0, KEY_ENUMERATE_SUB_KEYS | DELETE, &nhk);
540 if (ret != ERROR_SUCCESS) {
541 wpa_printf(MSG_DEBUG, "WINREG: Could not open key '" TSTR
542 "' for subkey deletion: error 0x%x (%d)", key,
543 (unsigned int) ret, (int) GetLastError());
552 ret = RegEnumKeyEx(nhk, i, name, &namelen, NULL, NULL, NULL,
555 if (ret == ERROR_NO_MORE_ITEMS)
558 if (ret != ERROR_SUCCESS) {
559 wpa_printf(MSG_DEBUG, "RegEnumKeyEx failed: 0x%x (%d)",
560 (unsigned int) ret, (int) GetLastError());
566 name[namelen] = TEXT('\0');
568 ret = RegDeleteKey(nhk, name);
569 if (ret != ERROR_SUCCESS) {
570 wpa_printf(MSG_DEBUG, "RegDeleteKey failed: 0x%x (%d)",
571 (unsigned int) ret, (int) GetLastError());
578 return errors ? -1 : 0;
582 static void write_str(HKEY hk, const char *field, struct wpa_ssid *ssid)
584 char *value = wpa_config_get(ssid, field);
587 wpa_config_write_reg_string(hk, field, value);
592 static void write_int(HKEY hk, const char *field, int value, int def)
597 os_snprintf(val, sizeof(val), "%d", value);
598 wpa_config_write_reg_string(hk, field, val);
602 static void write_bssid(HKEY hk, struct wpa_ssid *ssid)
604 char *value = wpa_config_get(ssid, "bssid");
607 wpa_config_write_reg_string(hk, "bssid", value);
612 static void write_psk(HKEY hk, struct wpa_ssid *ssid)
614 char *value = wpa_config_get(ssid, "psk");
617 wpa_config_write_reg_string(hk, "psk", value);
622 static void write_proto(HKEY hk, struct wpa_ssid *ssid)
626 if (ssid->proto == DEFAULT_PROTO)
629 value = wpa_config_get(ssid, "proto");
633 wpa_config_write_reg_string(hk, "proto", value);
638 static void write_key_mgmt(HKEY hk, struct wpa_ssid *ssid)
642 if (ssid->key_mgmt == DEFAULT_KEY_MGMT)
645 value = wpa_config_get(ssid, "key_mgmt");
649 wpa_config_write_reg_string(hk, "key_mgmt", value);
654 static void write_pairwise(HKEY hk, struct wpa_ssid *ssid)
658 if (ssid->pairwise_cipher == DEFAULT_PAIRWISE)
661 value = wpa_config_get(ssid, "pairwise");
665 wpa_config_write_reg_string(hk, "pairwise", value);
670 static void write_group(HKEY hk, struct wpa_ssid *ssid)
674 if (ssid->group_cipher == DEFAULT_GROUP)
677 value = wpa_config_get(ssid, "group");
681 wpa_config_write_reg_string(hk, "group", value);
686 static void write_auth_alg(HKEY hk, struct wpa_ssid *ssid)
690 if (ssid->auth_alg == 0)
693 value = wpa_config_get(ssid, "auth_alg");
697 wpa_config_write_reg_string(hk, "auth_alg", value);
702 #ifdef IEEE8021X_EAPOL
703 static void write_eap(HKEY hk, struct wpa_ssid *ssid)
707 value = wpa_config_get(ssid, "eap");
712 wpa_config_write_reg_string(hk, "eap", value);
715 #endif /* IEEE8021X_EAPOL */
718 static void write_wep_key(HKEY hk, int idx, struct wpa_ssid *ssid)
720 char field[20], *value;
722 os_snprintf(field, sizeof(field), "wep_key%d", idx);
723 value = wpa_config_get(ssid, field);
725 wpa_config_write_reg_string(hk, field, value);
731 static int wpa_config_write_network(HKEY hk, struct wpa_ssid *ssid, int id)
738 ret = RegOpenKeyEx(hk, TEXT("networks"), 0, KEY_CREATE_SUB_KEY, &nhk);
739 if (ret != ERROR_SUCCESS) {
740 wpa_printf(MSG_DEBUG, "WINREG: Could not open networks key "
741 "for subkey addition: error 0x%x (%d)",
742 (unsigned int) ret, (int) GetLastError());
747 wsprintf(name, L"%04d", id);
749 os_snprintf(name, sizeof(name), "%04d", id);
751 ret = RegCreateKeyEx(nhk, name, 0, NULL, 0, KEY_WRITE, NULL, &netw,
754 if (ret != ERROR_SUCCESS) {
755 wpa_printf(MSG_DEBUG, "WINREG: Could not add network key '%s':"
757 name, (unsigned int) ret, (int) GetLastError());
761 #define STR(t) write_str(netw, #t, ssid)
762 #define INT(t) write_int(netw, #t, ssid->t, 0)
763 #define INTe(t) write_int(netw, #t, ssid->eap.t, 0)
764 #define INT_DEF(t, def) write_int(netw, #t, ssid->t, def)
765 #define INT_DEFe(t, def) write_int(netw, #t, ssid->eap.t, def)
769 write_bssid(netw, ssid);
770 write_psk(netw, ssid);
771 write_proto(netw, ssid);
772 write_key_mgmt(netw, ssid);
773 write_pairwise(netw, ssid);
774 write_group(netw, ssid);
775 write_auth_alg(netw, ssid);
776 #ifdef IEEE8021X_EAPOL
777 write_eap(netw, ssid);
779 STR(anonymous_identity);
785 STR(private_key_passwd);
788 STR(altsubject_match);
793 STR(private_key2_passwd);
796 STR(altsubject_match2);
812 INT_DEF(eapol_flags, DEFAULT_EAPOL_FLAGS);
813 #endif /* IEEE8021X_EAPOL */
814 for (i = 0; i < 4; i++)
815 write_wep_key(netw, i, ssid);
818 #ifdef IEEE8021X_EAPOL
819 INT_DEF(eap_workaround, DEFAULT_EAP_WORKAROUND);
821 INT_DEFe(fragment_size, DEFAULT_FRAGMENT_SIZE);
822 #endif /* IEEE8021X_EAPOL */
824 INT(proactive_key_caching);
827 #ifdef CONFIG_IEEE80211W
829 #endif /* CONFIG_IEEE80211W */
838 return errors ? -1 : 0;
842 static int wpa_config_write_blob(HKEY hk, struct wpa_config_blob *blob)
848 ret = RegCreateKeyEx(hk, TEXT("blobs"), 0, NULL, 0, KEY_WRITE, NULL,
850 if (ret != ERROR_SUCCESS) {
851 wpa_printf(MSG_DEBUG, "WINREG: Could not add blobs key: "
853 (unsigned int) ret, (int) GetLastError());
857 name = wpa_strdup_tchar(blob->name);
858 ret = RegSetValueEx(bhk, name, 0, REG_BINARY, blob->data,
860 if (ret != ERROR_SUCCESS) {
861 wpa_printf(MSG_ERROR, "WINREG: Failed to set blob %s': "
862 "error 0x%x (%d)", blob->name, (unsigned int) ret,
863 (int) GetLastError());
876 int wpa_config_write(const char *name, struct wpa_config *config)
882 struct wpa_ssid *ssid;
883 struct wpa_config_blob *blob;
886 wpa_printf(MSG_DEBUG, "Writing configuration file '%s'", name);
889 _snwprintf(buf, 256, WPA_KEY_PREFIX TEXT("\\configs\\%S"), name);
891 os_snprintf(buf, 256, WPA_KEY_PREFIX TEXT("\\configs\\%s"), name);
894 ret = RegOpenKeyEx(WPA_KEY_ROOT, buf, 0, KEY_SET_VALUE | DELETE, &hk);
895 if (ret != ERROR_SUCCESS) {
896 wpa_printf(MSG_ERROR, "Could not open wpa_supplicant "
897 "configuration registry %s: error %d", buf,
898 (int) GetLastError());
902 if (wpa_config_write_global(config, hk)) {
903 wpa_printf(MSG_ERROR, "Failed to write global configuration "
908 wpa_config_delete_subkeys(hk, TEXT("networks"));
909 for (ssid = config->ssid, id = 0; ssid; ssid = ssid->next, id++) {
910 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
911 continue; /* do not save temporary WPS networks */
912 if (wpa_config_write_network(hk, ssid, id))
916 RegDeleteKey(hk, TEXT("blobs"));
917 for (blob = config->blobs; blob; blob = blob->next) {
918 if (wpa_config_write_blob(hk, blob))
924 wpa_printf(MSG_DEBUG, "Configuration '%s' written %ssuccessfully",
925 name, errors ? "un" : "");
926 return errors ? -1 : 0;