2 * WPA Supplicant - privilege separated driver interface
3 * Copyright (c) 2007-2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
21 #include "common/privsep_commands.h"
24 struct wpa_driver_privsep_data {
26 u8 own_addr[ETH_ALEN];
28 char *own_socket_path;
31 struct sockaddr_un priv_addr;
36 static int wpa_priv_reg_cmd(struct wpa_driver_privsep_data *drv, int cmd)
40 res = sendto(drv->priv_socket, &cmd, sizeof(cmd), 0,
41 (struct sockaddr *) &drv->priv_addr,
42 sizeof(drv->priv_addr));
45 return res < 0 ? -1 : 0;
49 static int wpa_priv_cmd(struct wpa_driver_privsep_data *drv, int cmd,
50 const void *data, size_t data_len,
51 void *reply, size_t *reply_len)
56 io[0].iov_base = &cmd;
57 io[0].iov_len = sizeof(cmd);
58 io[1].iov_base = (u8 *) data;
59 io[1].iov_len = data_len;
61 os_memset(&msg, 0, sizeof(msg));
63 msg.msg_iovlen = data ? 2 : 1;
64 msg.msg_name = &drv->priv_addr;
65 msg.msg_namelen = sizeof(drv->priv_addr);
67 if (sendmsg(drv->cmd_socket, &msg, 0) < 0) {
68 perror("sendmsg(cmd_socket)");
78 FD_SET(drv->cmd_socket, &rfds);
81 res = select(drv->cmd_socket + 1, &rfds, NULL, NULL, &tv);
82 if (res < 0 && errno != EINTR) {
87 if (FD_ISSET(drv->cmd_socket, &rfds)) {
88 res = recv(drv->cmd_socket, reply, *reply_len, 0);
95 wpa_printf(MSG_DEBUG, "PRIVSEP: Timeout while waiting "
96 "for reply (cmd=%d)", cmd);
105 static int wpa_driver_privsep_scan(void *priv,
106 struct wpa_driver_scan_params *params)
108 struct wpa_driver_privsep_data *drv = priv;
109 const u8 *ssid = params->ssids[0].ssid;
110 size_t ssid_len = params->ssids[0].ssid_len;
111 wpa_printf(MSG_DEBUG, "%s: priv=%p", __func__, priv);
112 return wpa_priv_cmd(drv, PRIVSEP_CMD_SCAN, ssid, ssid_len,
117 static struct wpa_scan_results *
118 wpa_driver_privsep_get_scan_results2(void *priv)
120 struct wpa_driver_privsep_data *drv = priv;
123 size_t reply_len = 60000;
124 struct wpa_scan_results *results;
125 struct wpa_scan_res *r;
127 buf = os_malloc(reply_len);
130 res = wpa_priv_cmd(drv, PRIVSEP_CMD_GET_SCAN_RESULTS,
131 NULL, 0, buf, &reply_len);
137 wpa_printf(MSG_DEBUG, "privsep: Received %lu bytes of scan results",
138 (unsigned long) reply_len);
139 if (reply_len < sizeof(int)) {
140 wpa_printf(MSG_DEBUG, "privsep: Invalid scan result len %lu",
141 (unsigned long) reply_len);
147 end = buf + reply_len;
148 os_memcpy(&num, pos, sizeof(int));
149 if (num < 0 || num > 1000) {
155 results = os_zalloc(sizeof(*results));
156 if (results == NULL) {
161 results->res = os_zalloc(num * sizeof(struct wpa_scan_res *));
162 if (results->res == NULL) {
168 while (results->num < (size_t) num && pos + sizeof(int) < end) {
170 os_memcpy(&len, pos, sizeof(int));
172 if (len < 0 || len > 10000 || pos + len > end)
178 os_memcpy(r, pos, len);
180 if (sizeof(*r) + r->ie_len > (size_t) len) {
185 results->res[results->num++] = r;
193 static int wpa_driver_privsep_set_key(const char *ifname, void *priv,
194 enum wpa_alg alg, const u8 *addr,
195 int key_idx, int set_tx,
196 const u8 *seq, size_t seq_len,
197 const u8 *key, size_t key_len)
199 struct wpa_driver_privsep_data *drv = priv;
200 struct privsep_cmd_set_key cmd;
202 wpa_printf(MSG_DEBUG, "%s: priv=%p alg=%d key_idx=%d set_tx=%d",
203 __func__, priv, alg, key_idx, set_tx);
205 os_memset(&cmd, 0, sizeof(cmd));
208 os_memcpy(cmd.addr, addr, ETH_ALEN);
210 os_memset(cmd.addr, 0xff, ETH_ALEN);
211 cmd.key_idx = key_idx;
213 if (seq && seq_len > 0 && seq_len < sizeof(cmd.seq)) {
214 os_memcpy(cmd.seq, seq, seq_len);
215 cmd.seq_len = seq_len;
217 if (key && key_len > 0 && key_len < sizeof(cmd.key)) {
218 os_memcpy(cmd.key, key, key_len);
219 cmd.key_len = key_len;
222 return wpa_priv_cmd(drv, PRIVSEP_CMD_SET_KEY, &cmd, sizeof(cmd),
227 static int wpa_driver_privsep_associate(
228 void *priv, struct wpa_driver_associate_params *params)
230 struct wpa_driver_privsep_data *drv = priv;
231 struct privsep_cmd_associate *data;
235 wpa_printf(MSG_DEBUG, "%s: priv=%p freq=%d pairwise_suite=%d "
236 "group_suite=%d key_mgmt_suite=%d auth_alg=%d mode=%d",
237 __func__, priv, params->freq, params->pairwise_suite,
238 params->group_suite, params->key_mgmt_suite,
239 params->auth_alg, params->mode);
241 buflen = sizeof(*data) + params->wpa_ie_len;
242 data = os_zalloc(buflen);
247 os_memcpy(data->bssid, params->bssid, ETH_ALEN);
248 os_memcpy(data->ssid, params->ssid, params->ssid_len);
249 data->ssid_len = params->ssid_len;
250 data->freq = params->freq;
251 data->pairwise_suite = params->pairwise_suite;
252 data->group_suite = params->group_suite;
253 data->key_mgmt_suite = params->key_mgmt_suite;
254 data->auth_alg = params->auth_alg;
255 data->mode = params->mode;
256 data->wpa_ie_len = params->wpa_ie_len;
258 os_memcpy(data + 1, params->wpa_ie, params->wpa_ie_len);
259 /* TODO: add support for other assoc parameters */
261 res = wpa_priv_cmd(drv, PRIVSEP_CMD_ASSOCIATE, data, buflen,
269 static int wpa_driver_privsep_get_bssid(void *priv, u8 *bssid)
271 struct wpa_driver_privsep_data *drv = priv;
273 size_t len = ETH_ALEN;
275 res = wpa_priv_cmd(drv, PRIVSEP_CMD_GET_BSSID, NULL, 0, bssid, &len);
276 if (res < 0 || len != ETH_ALEN)
282 static int wpa_driver_privsep_get_ssid(void *priv, u8 *ssid)
284 struct wpa_driver_privsep_data *drv = priv;
286 u8 reply[sizeof(int) + 32];
287 size_t len = sizeof(reply);
289 res = wpa_priv_cmd(drv, PRIVSEP_CMD_GET_SSID, NULL, 0, reply, &len);
290 if (res < 0 || len < sizeof(int))
292 os_memcpy(&ssid_len, reply, sizeof(int));
293 if (ssid_len < 0 || ssid_len > 32 || sizeof(int) + ssid_len > len) {
294 wpa_printf(MSG_DEBUG, "privsep: Invalid get SSID reply");
297 os_memcpy(ssid, &reply[sizeof(int)], ssid_len);
302 static int wpa_driver_privsep_deauthenticate(void *priv, const u8 *addr,
305 //struct wpa_driver_privsep_data *drv = priv;
306 wpa_printf(MSG_DEBUG, "%s addr=" MACSTR " reason_code=%d",
307 __func__, MAC2STR(addr), reason_code);
308 wpa_printf(MSG_DEBUG, "%s - TODO", __func__);
313 static int wpa_driver_privsep_disassociate(void *priv, const u8 *addr,
316 //struct wpa_driver_privsep_data *drv = priv;
317 wpa_printf(MSG_DEBUG, "%s addr=" MACSTR " reason_code=%d",
318 __func__, MAC2STR(addr), reason_code);
319 wpa_printf(MSG_DEBUG, "%s - TODO", __func__);
324 static void wpa_driver_privsep_event_assoc(void *ctx,
325 enum wpa_event_type event,
328 union wpa_event_data data;
333 os_memset(&data, 0, sizeof(data));
338 if (end - pos < (int) sizeof(int))
340 os_memcpy(&ie_len, pos, sizeof(int));
342 if (ie_len < 0 || ie_len > end - pos)
345 data.assoc_info.req_ies = pos;
346 data.assoc_info.req_ies_len = ie_len;
351 wpa_supplicant_event(ctx, event, inc_data ? &data : NULL);
355 static void wpa_driver_privsep_event_interface_status(void *ctx, u8 *buf,
358 union wpa_event_data data;
361 if (len < sizeof(int) ||
362 len - sizeof(int) > sizeof(data.interface_status.ifname))
365 os_memcpy(&ievent, buf, sizeof(int));
367 os_memset(&data, 0, sizeof(data));
368 data.interface_status.ievent = ievent;
369 os_memcpy(data.interface_status.ifname, buf + sizeof(int),
371 wpa_supplicant_event(ctx, EVENT_INTERFACE_STATUS, &data);
375 static void wpa_driver_privsep_event_michael_mic_failure(
376 void *ctx, u8 *buf, size_t len)
378 union wpa_event_data data;
380 if (len != sizeof(int))
383 os_memset(&data, 0, sizeof(data));
384 os_memcpy(&data.michael_mic_failure.unicast, buf, sizeof(int));
385 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
389 static void wpa_driver_privsep_event_pmkid_candidate(void *ctx, u8 *buf,
392 union wpa_event_data data;
394 if (len != sizeof(struct pmkid_candidate))
397 os_memset(&data, 0, sizeof(data));
398 os_memcpy(&data.pmkid_candidate, buf, len);
399 wpa_supplicant_event(ctx, EVENT_PMKID_CANDIDATE, &data);
403 static void wpa_driver_privsep_event_stkstart(void *ctx, u8 *buf, size_t len)
405 union wpa_event_data data;
410 os_memset(&data, 0, sizeof(data));
411 os_memcpy(data.stkstart.peer, buf, ETH_ALEN);
412 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
416 static void wpa_driver_privsep_event_ft_response(void *ctx, u8 *buf,
419 union wpa_event_data data;
421 if (len < sizeof(int) + ETH_ALEN)
424 os_memset(&data, 0, sizeof(data));
425 os_memcpy(&data.ft_ies.ft_action, buf, sizeof(int));
426 os_memcpy(data.ft_ies.target_ap, buf + sizeof(int), ETH_ALEN);
427 data.ft_ies.ies = buf + sizeof(int) + ETH_ALEN;
428 data.ft_ies.ies_len = len - sizeof(int) - ETH_ALEN;
429 wpa_supplicant_event(ctx, EVENT_FT_RESPONSE, &data);
433 static void wpa_driver_privsep_event_rx_eapol(void *ctx, u8 *buf, size_t len)
437 drv_event_eapol_rx(ctx, buf, buf + ETH_ALEN, len - ETH_ALEN);
441 static void wpa_driver_privsep_receive(int sock, void *eloop_ctx,
444 struct wpa_driver_privsep_data *drv = eloop_ctx;
448 enum privsep_event e;
449 struct sockaddr_un from;
450 socklen_t fromlen = sizeof(from);
451 const size_t buflen = 2000;
453 buf = os_malloc(buflen);
456 res = recvfrom(sock, buf, buflen, 0,
457 (struct sockaddr *) &from, &fromlen);
459 perror("recvfrom(priv_socket)");
464 wpa_printf(MSG_DEBUG, "privsep_driver: received %u bytes", res);
466 if (res < (int) sizeof(int)) {
467 wpa_printf(MSG_DEBUG, "Too short event message (len=%d)", res);
471 os_memcpy(&event, buf, sizeof(int));
472 event_buf = &buf[sizeof(int)];
473 event_len = res - sizeof(int);
474 wpa_printf(MSG_DEBUG, "privsep: Event %d received (len=%lu)",
475 event, (unsigned long) event_len);
479 case PRIVSEP_EVENT_SCAN_RESULTS:
480 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
482 case PRIVSEP_EVENT_ASSOC:
483 wpa_driver_privsep_event_assoc(drv->ctx, EVENT_ASSOC,
484 event_buf, event_len);
486 case PRIVSEP_EVENT_DISASSOC:
487 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL);
489 case PRIVSEP_EVENT_ASSOCINFO:
490 wpa_driver_privsep_event_assoc(drv->ctx, EVENT_ASSOCINFO,
491 event_buf, event_len);
493 case PRIVSEP_EVENT_MICHAEL_MIC_FAILURE:
494 wpa_driver_privsep_event_michael_mic_failure(
495 drv->ctx, event_buf, event_len);
497 case PRIVSEP_EVENT_INTERFACE_STATUS:
498 wpa_driver_privsep_event_interface_status(drv->ctx, event_buf,
501 case PRIVSEP_EVENT_PMKID_CANDIDATE:
502 wpa_driver_privsep_event_pmkid_candidate(drv->ctx, event_buf,
505 case PRIVSEP_EVENT_STKSTART:
506 wpa_driver_privsep_event_stkstart(drv->ctx, event_buf,
509 case PRIVSEP_EVENT_FT_RESPONSE:
510 wpa_driver_privsep_event_ft_response(drv->ctx, event_buf,
513 case PRIVSEP_EVENT_RX_EAPOL:
514 wpa_driver_privsep_event_rx_eapol(drv->ctx, event_buf,
523 static void * wpa_driver_privsep_init(void *ctx, const char *ifname)
525 struct wpa_driver_privsep_data *drv;
527 drv = os_zalloc(sizeof(*drv));
531 drv->priv_socket = -1;
532 drv->cmd_socket = -1;
533 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
539 static void wpa_driver_privsep_deinit(void *priv)
541 struct wpa_driver_privsep_data *drv = priv;
543 if (drv->priv_socket >= 0) {
544 wpa_priv_reg_cmd(drv, PRIVSEP_CMD_UNREGISTER);
545 eloop_unregister_read_sock(drv->priv_socket);
546 close(drv->priv_socket);
549 if (drv->own_socket_path) {
550 unlink(drv->own_socket_path);
551 os_free(drv->own_socket_path);
554 if (drv->cmd_socket >= 0) {
555 eloop_unregister_read_sock(drv->cmd_socket);
556 close(drv->cmd_socket);
559 if (drv->own_cmd_path) {
560 unlink(drv->own_cmd_path);
561 os_free(drv->own_cmd_path);
568 static int wpa_driver_privsep_set_param(void *priv, const char *param)
570 struct wpa_driver_privsep_data *drv = priv;
572 char *own_dir, *priv_dir;
573 static unsigned int counter = 0;
575 struct sockaddr_un addr;
577 wpa_printf(MSG_DEBUG, "%s: param='%s'", __func__, param);
581 pos = os_strstr(param, "own_dir=");
584 own_dir = os_strdup(pos + 8);
587 end = os_strchr(own_dir, ' ');
591 own_dir = os_strdup("/tmp");
599 pos = os_strstr(param, "priv_dir=");
602 priv_dir = os_strdup(pos + 9);
603 if (priv_dir == NULL) {
607 end = os_strchr(priv_dir, ' ');
611 priv_dir = os_strdup("/var/run/wpa_priv");
612 if (priv_dir == NULL) {
618 len = os_strlen(own_dir) + 50;
619 drv->own_socket_path = os_malloc(len);
620 if (drv->own_socket_path == NULL) {
625 os_snprintf(drv->own_socket_path, len, "%s/wpa_privsep-%d-%d",
626 own_dir, getpid(), counter++);
628 len = os_strlen(own_dir) + 50;
629 drv->own_cmd_path = os_malloc(len);
630 if (drv->own_cmd_path == NULL) {
631 os_free(drv->own_socket_path);
632 drv->own_socket_path = NULL;
637 os_snprintf(drv->own_cmd_path, len, "%s/wpa_privsep-%d-%d",
638 own_dir, getpid(), counter++);
642 drv->priv_addr.sun_family = AF_UNIX;
643 os_snprintf(drv->priv_addr.sun_path, sizeof(drv->priv_addr.sun_path),
644 "%s/%s", priv_dir, drv->ifname);
647 drv->priv_socket = socket(PF_UNIX, SOCK_DGRAM, 0);
648 if (drv->priv_socket < 0) {
649 perror("socket(PF_UNIX)");
650 os_free(drv->own_socket_path);
651 drv->own_socket_path = NULL;
655 os_memset(&addr, 0, sizeof(addr));
656 addr.sun_family = AF_UNIX;
657 os_strlcpy(addr.sun_path, drv->own_socket_path, sizeof(addr.sun_path));
658 if (bind(drv->priv_socket, (struct sockaddr *) &addr, sizeof(addr)) <
660 perror("bind(PF_UNIX)");
661 close(drv->priv_socket);
662 drv->priv_socket = -1;
663 unlink(drv->own_socket_path);
664 os_free(drv->own_socket_path);
665 drv->own_socket_path = NULL;
669 eloop_register_read_sock(drv->priv_socket, wpa_driver_privsep_receive,
672 drv->cmd_socket = socket(PF_UNIX, SOCK_DGRAM, 0);
673 if (drv->cmd_socket < 0) {
674 perror("socket(PF_UNIX)");
675 os_free(drv->own_cmd_path);
676 drv->own_cmd_path = NULL;
680 os_memset(&addr, 0, sizeof(addr));
681 addr.sun_family = AF_UNIX;
682 os_strlcpy(addr.sun_path, drv->own_cmd_path, sizeof(addr.sun_path));
683 if (bind(drv->cmd_socket, (struct sockaddr *) &addr, sizeof(addr)) < 0)
685 perror("bind(PF_UNIX)");
686 close(drv->cmd_socket);
687 drv->cmd_socket = -1;
688 unlink(drv->own_cmd_path);
689 os_free(drv->own_cmd_path);
690 drv->own_cmd_path = NULL;
694 if (wpa_priv_reg_cmd(drv, PRIVSEP_CMD_REGISTER) < 0) {
695 wpa_printf(MSG_ERROR, "Failed to register with wpa_priv");
703 static int wpa_driver_privsep_get_capa(void *priv,
704 struct wpa_driver_capa *capa)
706 struct wpa_driver_privsep_data *drv = priv;
708 size_t len = sizeof(*capa);
710 res = wpa_priv_cmd(drv, PRIVSEP_CMD_GET_CAPA, NULL, 0, capa, &len);
711 if (res < 0 || len != sizeof(*capa))
717 static const u8 * wpa_driver_privsep_get_mac_addr(void *priv)
719 struct wpa_driver_privsep_data *drv = priv;
720 wpa_printf(MSG_DEBUG, "%s", __func__);
721 return drv->own_addr;
725 static int wpa_driver_privsep_set_country(void *priv, const char *alpha2)
727 struct wpa_driver_privsep_data *drv = priv;
728 wpa_printf(MSG_DEBUG, "%s country='%s'", __func__, alpha2);
729 return wpa_priv_cmd(drv, PRIVSEP_CMD_SET_COUNTRY, alpha2,
730 os_strlen(alpha2), NULL, NULL);
734 struct wpa_driver_ops wpa_driver_privsep_ops = {
736 "wpa_supplicant privilege separated driver",
737 .get_bssid = wpa_driver_privsep_get_bssid,
738 .get_ssid = wpa_driver_privsep_get_ssid,
739 .set_key = wpa_driver_privsep_set_key,
740 .init = wpa_driver_privsep_init,
741 .deinit = wpa_driver_privsep_deinit,
742 .set_param = wpa_driver_privsep_set_param,
743 .scan2 = wpa_driver_privsep_scan,
744 .deauthenticate = wpa_driver_privsep_deauthenticate,
745 .disassociate = wpa_driver_privsep_disassociate,
746 .associate = wpa_driver_privsep_associate,
747 .get_capa = wpa_driver_privsep_get_capa,
748 .get_mac_addr = wpa_driver_privsep_get_mac_addr,
749 .get_scan_results2 = wpa_driver_privsep_get_scan_results2,
750 .set_country = wpa_driver_privsep_set_country,
754 struct wpa_driver_ops *wpa_drivers[] =
756 &wpa_driver_privsep_ops,
projects / mech_eap.orig / blob