config_file.c 83 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097
  1. /*
  2. * hostapd / Configuration file parser
  3. * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
  4. *
  5. * This software may be distributed under the terms of the BSD license.
  6. * See README for more details.
  7. */
  8. #include "utils/includes.h"
  9. #ifndef CONFIG_NATIVE_WINDOWS
  10. #include <grp.h>
  11. #endif /* CONFIG_NATIVE_WINDOWS */
  12. #include "utils/common.h"
  13. #include "utils/uuid.h"
  14. #include "common/ieee802_11_defs.h"
  15. #include "drivers/driver.h"
  16. #include "eap_server/eap.h"
  17. #include "radius/radius_client.h"
  18. #include "ap/wpa_auth.h"
  19. #include "ap/ap_config.h"
  20. #include "config_file.h"
  21. extern struct wpa_driver_ops *wpa_drivers[];
  22. #ifndef CONFIG_NO_VLAN
  23. static int hostapd_config_read_vlan_file(struct hostapd_bss_config *bss,
  24. const char *fname)
  25. {
  26. FILE *f;
  27. char buf[128], *pos, *pos2;
  28. int line = 0, vlan_id;
  29. struct hostapd_vlan *vlan;
  30. f = fopen(fname, "r");
  31. if (!f) {
  32. wpa_printf(MSG_ERROR, "VLAN file '%s' not readable.", fname);
  33. return -1;
  34. }
  35. while (fgets(buf, sizeof(buf), f)) {
  36. line++;
  37. if (buf[0] == '#')
  38. continue;
  39. pos = buf;
  40. while (*pos != '\0') {
  41. if (*pos == '\n') {
  42. *pos = '\0';
  43. break;
  44. }
  45. pos++;
  46. }
  47. if (buf[0] == '\0')
  48. continue;
  49. if (buf[0] == '*') {
  50. vlan_id = VLAN_ID_WILDCARD;
  51. pos = buf + 1;
  52. } else {
  53. vlan_id = strtol(buf, &pos, 10);
  54. if (buf == pos || vlan_id < 1 ||
  55. vlan_id > MAX_VLAN_ID) {
  56. wpa_printf(MSG_ERROR, "Invalid VLAN ID at "
  57. "line %d in '%s'", line, fname);
  58. fclose(f);
  59. return -1;
  60. }
  61. }
  62. while (*pos == ' ' || *pos == '\t')
  63. pos++;
  64. pos2 = pos;
  65. while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
  66. pos2++;
  67. *pos2 = '\0';
  68. if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
  69. wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
  70. "in '%s'", line, fname);
  71. fclose(f);
  72. return -1;
  73. }
  74. vlan = os_malloc(sizeof(*vlan));
  75. if (vlan == NULL) {
  76. wpa_printf(MSG_ERROR, "Out of memory while reading "
  77. "VLAN interfaces from '%s'", fname);
  78. fclose(f);
  79. return -1;
  80. }
  81. os_memset(vlan, 0, sizeof(*vlan));
  82. vlan->vlan_id = vlan_id;
  83. os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
  84. if (bss->vlan_tail)
  85. bss->vlan_tail->next = vlan;
  86. else
  87. bss->vlan = vlan;
  88. bss->vlan_tail = vlan;
  89. }
  90. fclose(f);
  91. return 0;
  92. }
  93. #endif /* CONFIG_NO_VLAN */
  94. static int hostapd_acl_comp(const void *a, const void *b)
  95. {
  96. const struct mac_acl_entry *aa = a;
  97. const struct mac_acl_entry *bb = b;
  98. return os_memcmp(aa->addr, bb->addr, sizeof(macaddr));
  99. }
  100. static int hostapd_config_read_maclist(const char *fname,
  101. struct mac_acl_entry **acl, int *num)
  102. {
  103. FILE *f;
  104. char buf[128], *pos;
  105. int line = 0;
  106. u8 addr[ETH_ALEN];
  107. struct mac_acl_entry *newacl;
  108. int vlan_id;
  109. if (!fname)
  110. return 0;
  111. f = fopen(fname, "r");
  112. if (!f) {
  113. wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname);
  114. return -1;
  115. }
  116. while (fgets(buf, sizeof(buf), f)) {
  117. line++;
  118. if (buf[0] == '#')
  119. continue;
  120. pos = buf;
  121. while (*pos != '\0') {
  122. if (*pos == '\n') {
  123. *pos = '\0';
  124. break;
  125. }
  126. pos++;
  127. }
  128. if (buf[0] == '\0')
  129. continue;
  130. if (hwaddr_aton(buf, addr)) {
  131. wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at "
  132. "line %d in '%s'", buf, line, fname);
  133. fclose(f);
  134. return -1;
  135. }
  136. vlan_id = 0;
  137. pos = buf;
  138. while (*pos != '\0' && *pos != ' ' && *pos != '\t')
  139. pos++;
  140. while (*pos == ' ' || *pos == '\t')
  141. pos++;
  142. if (*pos != '\0')
  143. vlan_id = atoi(pos);
  144. newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
  145. if (newacl == NULL) {
  146. wpa_printf(MSG_ERROR, "MAC list reallocation failed");
  147. fclose(f);
  148. return -1;
  149. }
  150. *acl = newacl;
  151. os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
  152. (*acl)[*num].vlan_id = vlan_id;
  153. (*num)++;
  154. }
  155. fclose(f);
  156. qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
  157. return 0;
  158. }
  159. #ifdef EAP_SERVER
  160. static int hostapd_config_read_eap_user(const char *fname,
  161. struct hostapd_bss_config *conf)
  162. {
  163. FILE *f;
  164. char buf[512], *pos, *start, *pos2;
  165. int line = 0, ret = 0, num_methods;
  166. struct hostapd_eap_user *user, *tail = NULL;
  167. if (!fname)
  168. return 0;
  169. f = fopen(fname, "r");
  170. if (!f) {
  171. wpa_printf(MSG_ERROR, "EAP user file '%s' not found.", fname);
  172. return -1;
  173. }
  174. /* Lines: "user" METHOD,METHOD2 "password" (password optional) */
  175. while (fgets(buf, sizeof(buf), f)) {
  176. line++;
  177. if (buf[0] == '#')
  178. continue;
  179. pos = buf;
  180. while (*pos != '\0') {
  181. if (*pos == '\n') {
  182. *pos = '\0';
  183. break;
  184. }
  185. pos++;
  186. }
  187. if (buf[0] == '\0')
  188. continue;
  189. user = NULL;
  190. if (buf[0] != '"' && buf[0] != '*') {
  191. wpa_printf(MSG_ERROR, "Invalid EAP identity (no \" in "
  192. "start) on line %d in '%s'", line, fname);
  193. goto failed;
  194. }
  195. user = os_zalloc(sizeof(*user));
  196. if (user == NULL) {
  197. wpa_printf(MSG_ERROR, "EAP user allocation failed");
  198. goto failed;
  199. }
  200. user->force_version = -1;
  201. if (buf[0] == '*') {
  202. pos = buf;
  203. } else {
  204. pos = buf + 1;
  205. start = pos;
  206. while (*pos != '"' && *pos != '\0')
  207. pos++;
  208. if (*pos == '\0') {
  209. wpa_printf(MSG_ERROR, "Invalid EAP identity "
  210. "(no \" in end) on line %d in '%s'",
  211. line, fname);
  212. goto failed;
  213. }
  214. user->identity = os_malloc(pos - start);
  215. if (user->identity == NULL) {
  216. wpa_printf(MSG_ERROR, "Failed to allocate "
  217. "memory for EAP identity");
  218. goto failed;
  219. }
  220. os_memcpy(user->identity, start, pos - start);
  221. user->identity_len = pos - start;
  222. if (pos[0] == '"' && pos[1] == '*') {
  223. user->wildcard_prefix = 1;
  224. pos++;
  225. }
  226. }
  227. pos++;
  228. while (*pos == ' ' || *pos == '\t')
  229. pos++;
  230. if (*pos == '\0') {
  231. wpa_printf(MSG_ERROR, "No EAP method on line %d in "
  232. "'%s'", line, fname);
  233. goto failed;
  234. }
  235. start = pos;
  236. while (*pos != ' ' && *pos != '\t' && *pos != '\0')
  237. pos++;
  238. if (*pos == '\0') {
  239. pos = NULL;
  240. } else {
  241. *pos = '\0';
  242. pos++;
  243. }
  244. num_methods = 0;
  245. while (*start) {
  246. char *pos3 = os_strchr(start, ',');
  247. if (pos3) {
  248. *pos3++ = '\0';
  249. }
  250. user->methods[num_methods].method =
  251. eap_server_get_type(
  252. start,
  253. &user->methods[num_methods].vendor);
  254. if (user->methods[num_methods].vendor ==
  255. EAP_VENDOR_IETF &&
  256. user->methods[num_methods].method == EAP_TYPE_NONE)
  257. {
  258. if (os_strcmp(start, "TTLS-PAP") == 0) {
  259. user->ttls_auth |= EAP_TTLS_AUTH_PAP;
  260. goto skip_eap;
  261. }
  262. if (os_strcmp(start, "TTLS-CHAP") == 0) {
  263. user->ttls_auth |= EAP_TTLS_AUTH_CHAP;
  264. goto skip_eap;
  265. }
  266. if (os_strcmp(start, "TTLS-MSCHAP") == 0) {
  267. user->ttls_auth |=
  268. EAP_TTLS_AUTH_MSCHAP;
  269. goto skip_eap;
  270. }
  271. if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) {
  272. user->ttls_auth |=
  273. EAP_TTLS_AUTH_MSCHAPV2;
  274. goto skip_eap;
  275. }
  276. wpa_printf(MSG_ERROR, "Unsupported EAP type "
  277. "'%s' on line %d in '%s'",
  278. start, line, fname);
  279. goto failed;
  280. }
  281. num_methods++;
  282. if (num_methods >= EAP_MAX_METHODS)
  283. break;
  284. skip_eap:
  285. if (pos3 == NULL)
  286. break;
  287. start = pos3;
  288. }
  289. if (num_methods == 0 && user->ttls_auth == 0) {
  290. wpa_printf(MSG_ERROR, "No EAP types configured on "
  291. "line %d in '%s'", line, fname);
  292. goto failed;
  293. }
  294. if (pos == NULL)
  295. goto done;
  296. while (*pos == ' ' || *pos == '\t')
  297. pos++;
  298. if (*pos == '\0')
  299. goto done;
  300. if (os_strncmp(pos, "[ver=0]", 7) == 0) {
  301. user->force_version = 0;
  302. goto done;
  303. }
  304. if (os_strncmp(pos, "[ver=1]", 7) == 0) {
  305. user->force_version = 1;
  306. goto done;
  307. }
  308. if (os_strncmp(pos, "[2]", 3) == 0) {
  309. user->phase2 = 1;
  310. goto done;
  311. }
  312. if (*pos == '"') {
  313. pos++;
  314. start = pos;
  315. while (*pos != '"' && *pos != '\0')
  316. pos++;
  317. if (*pos == '\0') {
  318. wpa_printf(MSG_ERROR, "Invalid EAP password "
  319. "(no \" in end) on line %d in '%s'",
  320. line, fname);
  321. goto failed;
  322. }
  323. user->password = os_malloc(pos - start);
  324. if (user->password == NULL) {
  325. wpa_printf(MSG_ERROR, "Failed to allocate "
  326. "memory for EAP password");
  327. goto failed;
  328. }
  329. os_memcpy(user->password, start, pos - start);
  330. user->password_len = pos - start;
  331. pos++;
  332. } else if (os_strncmp(pos, "hash:", 5) == 0) {
  333. pos += 5;
  334. pos2 = pos;
  335. while (*pos2 != '\0' && *pos2 != ' ' &&
  336. *pos2 != '\t' && *pos2 != '#')
  337. pos2++;
  338. if (pos2 - pos != 32) {
  339. wpa_printf(MSG_ERROR, "Invalid password hash "
  340. "on line %d in '%s'", line, fname);
  341. goto failed;
  342. }
  343. user->password = os_malloc(16);
  344. if (user->password == NULL) {
  345. wpa_printf(MSG_ERROR, "Failed to allocate "
  346. "memory for EAP password hash");
  347. goto failed;
  348. }
  349. if (hexstr2bin(pos, user->password, 16) < 0) {
  350. wpa_printf(MSG_ERROR, "Invalid hash password "
  351. "on line %d in '%s'", line, fname);
  352. goto failed;
  353. }
  354. user->password_len = 16;
  355. user->password_hash = 1;
  356. pos = pos2;
  357. } else {
  358. pos2 = pos;
  359. while (*pos2 != '\0' && *pos2 != ' ' &&
  360. *pos2 != '\t' && *pos2 != '#')
  361. pos2++;
  362. if ((pos2 - pos) & 1) {
  363. wpa_printf(MSG_ERROR, "Invalid hex password "
  364. "on line %d in '%s'", line, fname);
  365. goto failed;
  366. }
  367. user->password = os_malloc((pos2 - pos) / 2);
  368. if (user->password == NULL) {
  369. wpa_printf(MSG_ERROR, "Failed to allocate "
  370. "memory for EAP password");
  371. goto failed;
  372. }
  373. if (hexstr2bin(pos, user->password,
  374. (pos2 - pos) / 2) < 0) {
  375. wpa_printf(MSG_ERROR, "Invalid hex password "
  376. "on line %d in '%s'", line, fname);
  377. goto failed;
  378. }
  379. user->password_len = (pos2 - pos) / 2;
  380. pos = pos2;
  381. }
  382. while (*pos == ' ' || *pos == '\t')
  383. pos++;
  384. if (os_strncmp(pos, "[2]", 3) == 0) {
  385. user->phase2 = 1;
  386. }
  387. done:
  388. if (tail == NULL) {
  389. tail = conf->eap_user = user;
  390. } else {
  391. tail->next = user;
  392. tail = user;
  393. }
  394. continue;
  395. failed:
  396. if (user) {
  397. os_free(user->password);
  398. os_free(user->identity);
  399. os_free(user);
  400. }
  401. ret = -1;
  402. break;
  403. }
  404. fclose(f);
  405. return ret;
  406. }
  407. #endif /* EAP_SERVER */
  408. #ifndef CONFIG_NO_RADIUS
  409. static int
  410. hostapd_config_read_radius_addr(struct hostapd_radius_server **server,
  411. int *num_server, const char *val, int def_port,
  412. struct hostapd_radius_server **curr_serv)
  413. {
  414. struct hostapd_radius_server *nserv;
  415. int ret;
  416. static int server_index = 1;
  417. nserv = os_realloc_array(*server, *num_server + 1, sizeof(*nserv));
  418. if (nserv == NULL)
  419. return -1;
  420. *server = nserv;
  421. nserv = &nserv[*num_server];
  422. (*num_server)++;
  423. (*curr_serv) = nserv;
  424. os_memset(nserv, 0, sizeof(*nserv));
  425. nserv->port = def_port;
  426. ret = hostapd_parse_ip_addr(val, &nserv->addr);
  427. nserv->index = server_index++;
  428. return ret;
  429. }
  430. static struct hostapd_radius_attr *
  431. hostapd_parse_radius_attr(const char *value)
  432. {
  433. const char *pos;
  434. char syntax;
  435. struct hostapd_radius_attr *attr;
  436. size_t len;
  437. attr = os_zalloc(sizeof(*attr));
  438. if (attr == NULL)
  439. return NULL;
  440. attr->type = atoi(value);
  441. pos = os_strchr(value, ':');
  442. if (pos == NULL) {
  443. attr->val = wpabuf_alloc(1);
  444. if (attr->val == NULL) {
  445. os_free(attr);
  446. return NULL;
  447. }
  448. wpabuf_put_u8(attr->val, 0);
  449. return attr;
  450. }
  451. pos++;
  452. if (pos[0] == '\0' || pos[1] != ':') {
  453. os_free(attr);
  454. return NULL;
  455. }
  456. syntax = *pos++;
  457. pos++;
  458. switch (syntax) {
  459. case 's':
  460. attr->val = wpabuf_alloc_copy(pos, os_strlen(pos));
  461. break;
  462. case 'x':
  463. len = os_strlen(pos);
  464. if (len & 1)
  465. break;
  466. len /= 2;
  467. attr->val = wpabuf_alloc(len);
  468. if (attr->val == NULL)
  469. break;
  470. if (hexstr2bin(pos, wpabuf_put(attr->val, len), len) < 0) {
  471. wpabuf_free(attr->val);
  472. os_free(attr);
  473. return NULL;
  474. }
  475. break;
  476. case 'd':
  477. attr->val = wpabuf_alloc(4);
  478. if (attr->val)
  479. wpabuf_put_be32(attr->val, atoi(pos));
  480. break;
  481. default:
  482. os_free(attr);
  483. return NULL;
  484. }
  485. if (attr->val == NULL) {
  486. os_free(attr);
  487. return NULL;
  488. }
  489. return attr;
  490. }
  491. static int hostapd_parse_das_client(struct hostapd_bss_config *bss,
  492. const char *val)
  493. {
  494. char *secret;
  495. secret = os_strchr(val, ' ');
  496. if (secret == NULL)
  497. return -1;
  498. secret++;
  499. if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr))
  500. return -1;
  501. os_free(bss->radius_das_shared_secret);
  502. bss->radius_das_shared_secret = (u8 *) os_strdup(secret);
  503. if (bss->radius_das_shared_secret == NULL)
  504. return -1;
  505. bss->radius_das_shared_secret_len = os_strlen(secret);
  506. return 0;
  507. }
  508. #endif /* CONFIG_NO_RADIUS */
  509. static int hostapd_config_parse_key_mgmt(int line, const char *value)
  510. {
  511. int val = 0, last;
  512. char *start, *end, *buf;
  513. buf = os_strdup(value);
  514. if (buf == NULL)
  515. return -1;
  516. start = buf;
  517. while (*start != '\0') {
  518. while (*start == ' ' || *start == '\t')
  519. start++;
  520. if (*start == '\0')
  521. break;
  522. end = start;
  523. while (*end != ' ' && *end != '\t' && *end != '\0')
  524. end++;
  525. last = *end == '\0';
  526. *end = '\0';
  527. if (os_strcmp(start, "WPA-PSK") == 0)
  528. val |= WPA_KEY_MGMT_PSK;
  529. else if (os_strcmp(start, "WPA-EAP") == 0)
  530. val |= WPA_KEY_MGMT_IEEE8021X;
  531. #ifdef CONFIG_IEEE80211R
  532. else if (os_strcmp(start, "FT-PSK") == 0)
  533. val |= WPA_KEY_MGMT_FT_PSK;
  534. else if (os_strcmp(start, "FT-EAP") == 0)
  535. val |= WPA_KEY_MGMT_FT_IEEE8021X;
  536. #endif /* CONFIG_IEEE80211R */
  537. #ifdef CONFIG_IEEE80211W
  538. else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
  539. val |= WPA_KEY_MGMT_PSK_SHA256;
  540. else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
  541. val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
  542. #endif /* CONFIG_IEEE80211W */
  543. else {
  544. wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
  545. line, start);
  546. os_free(buf);
  547. return -1;
  548. }
  549. if (last)
  550. break;
  551. start = end + 1;
  552. }
  553. os_free(buf);
  554. if (val == 0) {
  555. wpa_printf(MSG_ERROR, "Line %d: no key_mgmt values "
  556. "configured.", line);
  557. return -1;
  558. }
  559. return val;
  560. }
  561. static int hostapd_config_parse_cipher(int line, const char *value)
  562. {
  563. int val = 0, last;
  564. char *start, *end, *buf;
  565. buf = os_strdup(value);
  566. if (buf == NULL)
  567. return -1;
  568. start = buf;
  569. while (*start != '\0') {
  570. while (*start == ' ' || *start == '\t')
  571. start++;
  572. if (*start == '\0')
  573. break;
  574. end = start;
  575. while (*end != ' ' && *end != '\t' && *end != '\0')
  576. end++;
  577. last = *end == '\0';
  578. *end = '\0';
  579. if (os_strcmp(start, "CCMP") == 0)
  580. val |= WPA_CIPHER_CCMP;
  581. else if (os_strcmp(start, "GCMP") == 0)
  582. val |= WPA_CIPHER_GCMP;
  583. else if (os_strcmp(start, "TKIP") == 0)
  584. val |= WPA_CIPHER_TKIP;
  585. else if (os_strcmp(start, "WEP104") == 0)
  586. val |= WPA_CIPHER_WEP104;
  587. else if (os_strcmp(start, "WEP40") == 0)
  588. val |= WPA_CIPHER_WEP40;
  589. else if (os_strcmp(start, "NONE") == 0)
  590. val |= WPA_CIPHER_NONE;
  591. else {
  592. wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
  593. line, start);
  594. os_free(buf);
  595. return -1;
  596. }
  597. if (last)
  598. break;
  599. start = end + 1;
  600. }
  601. os_free(buf);
  602. if (val == 0) {
  603. wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
  604. line);
  605. return -1;
  606. }
  607. return val;
  608. }
  609. static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
  610. char *val)
  611. {
  612. size_t len = os_strlen(val);
  613. if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL)
  614. return -1;
  615. if (val[0] == '"') {
  616. if (len < 2 || val[len - 1] != '"')
  617. return -1;
  618. len -= 2;
  619. wep->key[keyidx] = os_malloc(len);
  620. if (wep->key[keyidx] == NULL)
  621. return -1;
  622. os_memcpy(wep->key[keyidx], val + 1, len);
  623. wep->len[keyidx] = len;
  624. } else {
  625. if (len & 1)
  626. return -1;
  627. len /= 2;
  628. wep->key[keyidx] = os_malloc(len);
  629. if (wep->key[keyidx] == NULL)
  630. return -1;
  631. wep->len[keyidx] = len;
  632. if (hexstr2bin(val, wep->key[keyidx], len) < 0)
  633. return -1;
  634. }
  635. wep->keys_set++;
  636. return 0;
  637. }
  638. static int hostapd_parse_rates(int **rate_list, char *val)
  639. {
  640. int *list;
  641. int count;
  642. char *pos, *end;
  643. os_free(*rate_list);
  644. *rate_list = NULL;
  645. pos = val;
  646. count = 0;
  647. while (*pos != '\0') {
  648. if (*pos == ' ')
  649. count++;
  650. pos++;
  651. }
  652. list = os_malloc(sizeof(int) * (count + 2));
  653. if (list == NULL)
  654. return -1;
  655. pos = val;
  656. count = 0;
  657. while (*pos != '\0') {
  658. end = os_strchr(pos, ' ');
  659. if (end)
  660. *end = '\0';
  661. list[count++] = atoi(pos);
  662. if (!end)
  663. break;
  664. pos = end + 1;
  665. }
  666. list[count] = -1;
  667. *rate_list = list;
  668. return 0;
  669. }
  670. static int hostapd_config_bss(struct hostapd_config *conf, const char *ifname)
  671. {
  672. struct hostapd_bss_config *bss;
  673. if (*ifname == '\0')
  674. return -1;
  675. bss = os_realloc_array(conf->bss, conf->num_bss + 1,
  676. sizeof(struct hostapd_bss_config));
  677. if (bss == NULL) {
  678. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  679. "multi-BSS entry");
  680. return -1;
  681. }
  682. conf->bss = bss;
  683. bss = &(conf->bss[conf->num_bss]);
  684. os_memset(bss, 0, sizeof(*bss));
  685. bss->radius = os_zalloc(sizeof(*bss->radius));
  686. if (bss->radius == NULL) {
  687. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  688. "multi-BSS RADIUS data");
  689. return -1;
  690. }
  691. conf->num_bss++;
  692. conf->last_bss = bss;
  693. hostapd_config_defaults_bss(bss);
  694. os_strlcpy(bss->iface, ifname, sizeof(bss->iface));
  695. os_memcpy(bss->ssid.vlan, bss->iface, IFNAMSIZ + 1);
  696. return 0;
  697. }
  698. /* convert floats with one decimal place to value*10 int, i.e.,
  699. * "1.5" will return 15 */
  700. static int hostapd_config_read_int10(const char *value)
  701. {
  702. int i, d;
  703. char *pos;
  704. i = atoi(value);
  705. pos = os_strchr(value, '.');
  706. d = 0;
  707. if (pos) {
  708. pos++;
  709. if (*pos >= '0' && *pos <= '9')
  710. d = *pos - '0';
  711. }
  712. return i * 10 + d;
  713. }
  714. static int valid_cw(int cw)
  715. {
  716. return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 ||
  717. cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023);
  718. }
  719. enum {
  720. IEEE80211_TX_QUEUE_DATA0 = 0, /* used for EDCA AC_VO data */
  721. IEEE80211_TX_QUEUE_DATA1 = 1, /* used for EDCA AC_VI data */
  722. IEEE80211_TX_QUEUE_DATA2 = 2, /* used for EDCA AC_BE data */
  723. IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */
  724. };
  725. static int hostapd_config_tx_queue(struct hostapd_config *conf, char *name,
  726. char *val)
  727. {
  728. int num;
  729. char *pos;
  730. struct hostapd_tx_queue_params *queue;
  731. /* skip 'tx_queue_' prefix */
  732. pos = name + 9;
  733. if (os_strncmp(pos, "data", 4) == 0 &&
  734. pos[4] >= '0' && pos[4] <= '9' && pos[5] == '_') {
  735. num = pos[4] - '0';
  736. pos += 6;
  737. } else if (os_strncmp(pos, "after_beacon_", 13) == 0 ||
  738. os_strncmp(pos, "beacon_", 7) == 0) {
  739. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  740. return 0;
  741. } else {
  742. wpa_printf(MSG_ERROR, "Unknown tx_queue name '%s'", pos);
  743. return -1;
  744. }
  745. if (num >= NUM_TX_QUEUES) {
  746. /* for backwards compatibility, do not trigger failure */
  747. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  748. return 0;
  749. }
  750. queue = &conf->tx_queue[num];
  751. if (os_strcmp(pos, "aifs") == 0) {
  752. queue->aifs = atoi(val);
  753. if (queue->aifs < 0 || queue->aifs > 255) {
  754. wpa_printf(MSG_ERROR, "Invalid AIFS value %d",
  755. queue->aifs);
  756. return -1;
  757. }
  758. } else if (os_strcmp(pos, "cwmin") == 0) {
  759. queue->cwmin = atoi(val);
  760. if (!valid_cw(queue->cwmin)) {
  761. wpa_printf(MSG_ERROR, "Invalid cwMin value %d",
  762. queue->cwmin);
  763. return -1;
  764. }
  765. } else if (os_strcmp(pos, "cwmax") == 0) {
  766. queue->cwmax = atoi(val);
  767. if (!valid_cw(queue->cwmax)) {
  768. wpa_printf(MSG_ERROR, "Invalid cwMax value %d",
  769. queue->cwmax);
  770. return -1;
  771. }
  772. } else if (os_strcmp(pos, "burst") == 0) {
  773. queue->burst = hostapd_config_read_int10(val);
  774. } else {
  775. wpa_printf(MSG_ERROR, "Unknown tx_queue field '%s'", pos);
  776. return -1;
  777. }
  778. return 0;
  779. }
  780. #ifdef CONFIG_IEEE80211R
  781. static int add_r0kh(struct hostapd_bss_config *bss, char *value)
  782. {
  783. struct ft_remote_r0kh *r0kh;
  784. char *pos, *next;
  785. r0kh = os_zalloc(sizeof(*r0kh));
  786. if (r0kh == NULL)
  787. return -1;
  788. /* 02:01:02:03:04:05 a.example.com 000102030405060708090a0b0c0d0e0f */
  789. pos = value;
  790. next = os_strchr(pos, ' ');
  791. if (next)
  792. *next++ = '\0';
  793. if (next == NULL || hwaddr_aton(pos, r0kh->addr)) {
  794. wpa_printf(MSG_ERROR, "Invalid R0KH MAC address: '%s'", pos);
  795. os_free(r0kh);
  796. return -1;
  797. }
  798. pos = next;
  799. next = os_strchr(pos, ' ');
  800. if (next)
  801. *next++ = '\0';
  802. if (next == NULL || next - pos > FT_R0KH_ID_MAX_LEN) {
  803. wpa_printf(MSG_ERROR, "Invalid R0KH-ID: '%s'", pos);
  804. os_free(r0kh);
  805. return -1;
  806. }
  807. r0kh->id_len = next - pos - 1;
  808. os_memcpy(r0kh->id, pos, r0kh->id_len);
  809. pos = next;
  810. if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) {
  811. wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos);
  812. os_free(r0kh);
  813. return -1;
  814. }
  815. r0kh->next = bss->r0kh_list;
  816. bss->r0kh_list = r0kh;
  817. return 0;
  818. }
  819. static int add_r1kh(struct hostapd_bss_config *bss, char *value)
  820. {
  821. struct ft_remote_r1kh *r1kh;
  822. char *pos, *next;
  823. r1kh = os_zalloc(sizeof(*r1kh));
  824. if (r1kh == NULL)
  825. return -1;
  826. /* 02:01:02:03:04:05 02:01:02:03:04:05
  827. * 000102030405060708090a0b0c0d0e0f */
  828. pos = value;
  829. next = os_strchr(pos, ' ');
  830. if (next)
  831. *next++ = '\0';
  832. if (next == NULL || hwaddr_aton(pos, r1kh->addr)) {
  833. wpa_printf(MSG_ERROR, "Invalid R1KH MAC address: '%s'", pos);
  834. os_free(r1kh);
  835. return -1;
  836. }
  837. pos = next;
  838. next = os_strchr(pos, ' ');
  839. if (next)
  840. *next++ = '\0';
  841. if (next == NULL || hwaddr_aton(pos, r1kh->id)) {
  842. wpa_printf(MSG_ERROR, "Invalid R1KH-ID: '%s'", pos);
  843. os_free(r1kh);
  844. return -1;
  845. }
  846. pos = next;
  847. if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) {
  848. wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos);
  849. os_free(r1kh);
  850. return -1;
  851. }
  852. r1kh->next = bss->r1kh_list;
  853. bss->r1kh_list = r1kh;
  854. return 0;
  855. }
  856. #endif /* CONFIG_IEEE80211R */
  857. #ifdef CONFIG_IEEE80211N
  858. static int hostapd_config_ht_capab(struct hostapd_config *conf,
  859. const char *capab)
  860. {
  861. if (os_strstr(capab, "[LDPC]"))
  862. conf->ht_capab |= HT_CAP_INFO_LDPC_CODING_CAP;
  863. if (os_strstr(capab, "[HT40-]")) {
  864. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  865. conf->secondary_channel = -1;
  866. }
  867. if (os_strstr(capab, "[HT40+]")) {
  868. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  869. conf->secondary_channel = 1;
  870. }
  871. if (os_strstr(capab, "[SMPS-STATIC]")) {
  872. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  873. conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC;
  874. }
  875. if (os_strstr(capab, "[SMPS-DYNAMIC]")) {
  876. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  877. conf->ht_capab |= HT_CAP_INFO_SMPS_DYNAMIC;
  878. }
  879. if (os_strstr(capab, "[GF]"))
  880. conf->ht_capab |= HT_CAP_INFO_GREEN_FIELD;
  881. if (os_strstr(capab, "[SHORT-GI-20]"))
  882. conf->ht_capab |= HT_CAP_INFO_SHORT_GI20MHZ;
  883. if (os_strstr(capab, "[SHORT-GI-40]"))
  884. conf->ht_capab |= HT_CAP_INFO_SHORT_GI40MHZ;
  885. if (os_strstr(capab, "[TX-STBC]"))
  886. conf->ht_capab |= HT_CAP_INFO_TX_STBC;
  887. if (os_strstr(capab, "[RX-STBC1]")) {
  888. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  889. conf->ht_capab |= HT_CAP_INFO_RX_STBC_1;
  890. }
  891. if (os_strstr(capab, "[RX-STBC12]")) {
  892. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  893. conf->ht_capab |= HT_CAP_INFO_RX_STBC_12;
  894. }
  895. if (os_strstr(capab, "[RX-STBC123]")) {
  896. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  897. conf->ht_capab |= HT_CAP_INFO_RX_STBC_123;
  898. }
  899. if (os_strstr(capab, "[DELAYED-BA]"))
  900. conf->ht_capab |= HT_CAP_INFO_DELAYED_BA;
  901. if (os_strstr(capab, "[MAX-AMSDU-7935]"))
  902. conf->ht_capab |= HT_CAP_INFO_MAX_AMSDU_SIZE;
  903. if (os_strstr(capab, "[DSSS_CCK-40]"))
  904. conf->ht_capab |= HT_CAP_INFO_DSSS_CCK40MHZ;
  905. if (os_strstr(capab, "[PSMP]"))
  906. conf->ht_capab |= HT_CAP_INFO_PSMP_SUPP;
  907. if (os_strstr(capab, "[LSIG-TXOP-PROT]"))
  908. conf->ht_capab |= HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT;
  909. return 0;
  910. }
  911. #endif /* CONFIG_IEEE80211N */
  912. #ifdef CONFIG_IEEE80211AC
  913. static int hostapd_config_vht_capab(struct hostapd_config *conf,
  914. const char *capab)
  915. {
  916. if (os_strstr(capab, "[MAX-MPDU-7991]"))
  917. conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_7991;
  918. if (os_strstr(capab, "[MAX-MPDU-11454]"))
  919. conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_11454;
  920. if (os_strstr(capab, "[VHT160]"))
  921. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
  922. if (os_strstr(capab, "[VHT160-80PLUS80]"))
  923. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
  924. if (os_strstr(capab, "[VHT160-80PLUS80]"))
  925. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
  926. if (os_strstr(capab, "[RXLDPC]"))
  927. conf->vht_capab |= VHT_CAP_RXLDPC;
  928. if (os_strstr(capab, "[SHORT-GI-80]"))
  929. conf->vht_capab |= VHT_CAP_SHORT_GI_80;
  930. if (os_strstr(capab, "[SHORT-GI-160]"))
  931. conf->vht_capab |= VHT_CAP_SHORT_GI_160;
  932. if (os_strstr(capab, "[TX-STBC-2BY1]"))
  933. conf->vht_capab |= VHT_CAP_TXSTBC;
  934. if (os_strstr(capab, "[RX-STBC-1]"))
  935. conf->vht_capab |= VHT_CAP_RXSTBC_1;
  936. if (os_strstr(capab, "[RX-STBC-12]"))
  937. conf->vht_capab |= VHT_CAP_RXSTBC_2;
  938. if (os_strstr(capab, "[RX-STBC-123]"))
  939. conf->vht_capab |= VHT_CAP_RXSTBC_3;
  940. if (os_strstr(capab, "[RX-STBC-1234]"))
  941. conf->vht_capab |= VHT_CAP_RXSTBC_4;
  942. if (os_strstr(capab, "[SU-BEAMFORMER]"))
  943. conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
  944. if (os_strstr(capab, "[SU-BEAMFORMEE]"))
  945. conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE;
  946. if (os_strstr(capab, "[BF-ANTENNA-2]") &&
  947. (conf->vht_capab & VHT_CAP_MU_BEAMFORMER_CAPABLE))
  948. conf->vht_capab |= VHT_CAP_BEAMFORMER_ANTENNAS_MAX;
  949. if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") &&
  950. (conf->vht_capab & VHT_CAP_MU_BEAMFORMER_CAPABLE))
  951. conf->vht_capab |= VHT_CAP_SOUNDING_DIMENTION_MAX;
  952. if (os_strstr(capab, "[MU-BEAMFORMER]"))
  953. conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
  954. if (os_strstr(capab, "[MU-BEAMFORMEE]"))
  955. conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE;
  956. if (os_strstr(capab, "[VHT-TXOP-PS]"))
  957. conf->vht_capab |= VHT_CAP_VHT_TXOP_PS;
  958. if (os_strstr(capab, "[HTC-VHT]"))
  959. conf->vht_capab |= VHT_CAP_HTC_VHT;
  960. if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP0]"))
  961. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT;
  962. if (os_strstr(capab, "[VHT-LINK-ADAPT2]") &&
  963. (conf->vht_capab & VHT_CAP_HTC_VHT))
  964. conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB;
  965. if (os_strstr(capab, "[VHT-LINK-ADAPT3]") &&
  966. (conf->vht_capab & VHT_CAP_HTC_VHT))
  967. conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
  968. if (os_strstr(capab, "[RX-ANTENNA-PATTERN]"))
  969. conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
  970. if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
  971. conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
  972. return 0;
  973. }
  974. #endif /* CONFIG_IEEE80211AC */
  975. static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
  976. struct hostapd_config *conf)
  977. {
  978. if (bss->ieee802_1x && !bss->eap_server &&
  979. !bss->radius->auth_servers) {
  980. wpa_printf(MSG_ERROR, "Invalid IEEE 802.1X configuration (no "
  981. "EAP authenticator configured).");
  982. return -1;
  983. }
  984. if (bss->wpa && bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
  985. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
  986. wpa_printf(MSG_ERROR, "WPA-PSK using RADIUS enabled, but no "
  987. "RADIUS checking (macaddr_acl=2) enabled.");
  988. return -1;
  989. }
  990. if (bss->wpa && (bss->wpa_key_mgmt & WPA_KEY_MGMT_PSK) &&
  991. bss->ssid.wpa_psk == NULL && bss->ssid.wpa_passphrase == NULL &&
  992. bss->ssid.wpa_psk_file == NULL &&
  993. (bss->wpa_psk_radius != PSK_RADIUS_REQUIRED ||
  994. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH)) {
  995. wpa_printf(MSG_ERROR, "WPA-PSK enabled, but PSK or passphrase "
  996. "is not configured.");
  997. return -1;
  998. }
  999. if (hostapd_mac_comp_empty(bss->bssid) != 0) {
  1000. size_t i;
  1001. for (i = 0; i < conf->num_bss; i++) {
  1002. if ((&conf->bss[i] != bss) &&
  1003. (hostapd_mac_comp(conf->bss[i].bssid,
  1004. bss->bssid) == 0)) {
  1005. wpa_printf(MSG_ERROR, "Duplicate BSSID " MACSTR
  1006. " on interface '%s' and '%s'.",
  1007. MAC2STR(bss->bssid),
  1008. conf->bss[i].iface, bss->iface);
  1009. return -1;
  1010. }
  1011. }
  1012. }
  1013. #ifdef CONFIG_IEEE80211R
  1014. if (wpa_key_mgmt_ft(bss->wpa_key_mgmt) &&
  1015. (bss->nas_identifier == NULL ||
  1016. os_strlen(bss->nas_identifier) < 1 ||
  1017. os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
  1018. wpa_printf(MSG_ERROR, "FT (IEEE 802.11r) requires "
  1019. "nas_identifier to be configured as a 1..48 octet "
  1020. "string");
  1021. return -1;
  1022. }
  1023. #endif /* CONFIG_IEEE80211R */
  1024. #ifdef CONFIG_IEEE80211N
  1025. if (conf->ieee80211n && conf->hw_mode == HOSTAPD_MODE_IEEE80211B) {
  1026. bss->disable_11n = 1;
  1027. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) in 11b mode is not "
  1028. "allowed, disabling HT capabilites");
  1029. }
  1030. if (conf->ieee80211n &&
  1031. bss->ssid.security_policy == SECURITY_STATIC_WEP) {
  1032. bss->disable_11n = 1;
  1033. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
  1034. "allowed, disabling HT capabilities");
  1035. }
  1036. if (conf->ieee80211n && bss->wpa &&
  1037. !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
  1038. !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP))) {
  1039. bss->disable_11n = 1;
  1040. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
  1041. "requires CCMP/GCMP to be enabled, disabling HT "
  1042. "capabilities");
  1043. }
  1044. #endif /* CONFIG_IEEE80211N */
  1045. #ifdef CONFIG_WPS2
  1046. if (bss->wps_state && bss->ignore_broadcast_ssid) {
  1047. wpa_printf(MSG_INFO, "WPS: ignore_broadcast_ssid "
  1048. "configuration forced WPS to be disabled");
  1049. bss->wps_state = 0;
  1050. }
  1051. if (bss->wps_state && bss->ssid.wep.keys_set && bss->wpa == 0) {
  1052. wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
  1053. "disabled");
  1054. bss->wps_state = 0;
  1055. }
  1056. if (bss->wps_state && bss->wpa &&
  1057. (!(bss->wpa & 2) ||
  1058. !(bss->rsn_pairwise & WPA_CIPHER_CCMP))) {
  1059. wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
  1060. "WPA2/CCMP forced WPS to be disabled");
  1061. bss->wps_state = 0;
  1062. }
  1063. #endif /* CONFIG_WPS2 */
  1064. #ifdef CONFIG_HS20
  1065. if (bss->hs20 &&
  1066. (!(bss->wpa & 2) ||
  1067. !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) {
  1068. wpa_printf(MSG_ERROR, "HS 2.0: WPA2-Enterprise/CCMP "
  1069. "configuration is required for Hotspot 2.0 "
  1070. "functionality");
  1071. return -1;
  1072. }
  1073. #endif /* CONFIG_HS20 */
  1074. return 0;
  1075. }
  1076. static int hostapd_config_check(struct hostapd_config *conf)
  1077. {
  1078. size_t i;
  1079. if (conf->ieee80211d && (!conf->country[0] || !conf->country[1])) {
  1080. wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11d without "
  1081. "setting the country_code");
  1082. return -1;
  1083. }
  1084. for (i = 0; i < conf->num_bss; i++) {
  1085. if (hostapd_config_check_bss(&conf->bss[i], conf))
  1086. return -1;
  1087. }
  1088. return 0;
  1089. }
  1090. #ifdef CONFIG_INTERWORKING
  1091. static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos,
  1092. int line)
  1093. {
  1094. size_t len = os_strlen(pos);
  1095. u8 oi[MAX_ROAMING_CONSORTIUM_LEN];
  1096. struct hostapd_roaming_consortium *rc;
  1097. if ((len & 1) || len < 2 * 3 || len / 2 > MAX_ROAMING_CONSORTIUM_LEN ||
  1098. hexstr2bin(pos, oi, len / 2)) {
  1099. wpa_printf(MSG_ERROR, "Line %d: invalid roaming_consortium "
  1100. "'%s'", line, pos);
  1101. return -1;
  1102. }
  1103. len /= 2;
  1104. rc = os_realloc_array(bss->roaming_consortium,
  1105. bss->roaming_consortium_count + 1,
  1106. sizeof(struct hostapd_roaming_consortium));
  1107. if (rc == NULL)
  1108. return -1;
  1109. os_memcpy(rc[bss->roaming_consortium_count].oi, oi, len);
  1110. rc[bss->roaming_consortium_count].len = len;
  1111. bss->roaming_consortium = rc;
  1112. bss->roaming_consortium_count++;
  1113. return 0;
  1114. }
  1115. static int parse_lang_string(struct hostapd_lang_string **array,
  1116. unsigned int *count, char *pos)
  1117. {
  1118. char *sep;
  1119. size_t clen, nlen;
  1120. struct hostapd_lang_string *ls;
  1121. sep = os_strchr(pos, ':');
  1122. if (sep == NULL)
  1123. return -1;
  1124. *sep++ = '\0';
  1125. clen = os_strlen(pos);
  1126. if (clen < 2)
  1127. return -1;
  1128. nlen = os_strlen(sep);
  1129. if (nlen > 252)
  1130. return -1;
  1131. ls = os_realloc_array(*array, *count + 1,
  1132. sizeof(struct hostapd_lang_string));
  1133. if (ls == NULL)
  1134. return -1;
  1135. *array = ls;
  1136. ls = &(*array)[*count];
  1137. (*count)++;
  1138. os_memset(ls->lang, 0, sizeof(ls->lang));
  1139. os_memcpy(ls->lang, pos, clen);
  1140. ls->name_len = nlen;
  1141. os_memcpy(ls->name, sep, nlen);
  1142. return 0;
  1143. }
  1144. static int parse_venue_name(struct hostapd_bss_config *bss, char *pos,
  1145. int line)
  1146. {
  1147. if (parse_lang_string(&bss->venue_name, &bss->venue_name_count, pos)) {
  1148. wpa_printf(MSG_ERROR, "Line %d: Invalid venue_name '%s'",
  1149. line, pos);
  1150. return -1;
  1151. }
  1152. return 0;
  1153. }
  1154. static int parse_3gpp_cell_net(struct hostapd_bss_config *bss, char *buf,
  1155. int line)
  1156. {
  1157. size_t count;
  1158. char *pos;
  1159. u8 *info = NULL, *ipos;
  1160. /* format: <MCC1,MNC1>[;<MCC2,MNC2>][;...] */
  1161. count = 1;
  1162. for (pos = buf; *pos; pos++) {
  1163. if ((*pos < '0' && *pos > '9') && *pos != ';' && *pos != ',')
  1164. goto fail;
  1165. if (*pos == ';')
  1166. count++;
  1167. }
  1168. if (1 + count * 3 > 0x7f)
  1169. goto fail;
  1170. info = os_zalloc(2 + 3 + count * 3);
  1171. if (info == NULL)
  1172. return -1;
  1173. ipos = info;
  1174. *ipos++ = 0; /* GUD - Version 1 */
  1175. *ipos++ = 3 + count * 3; /* User Data Header Length (UDHL) */
  1176. *ipos++ = 0; /* PLMN List IEI */
  1177. /* ext(b8) | Length of PLMN List value contents(b7..1) */
  1178. *ipos++ = 1 + count * 3;
  1179. *ipos++ = count; /* Number of PLMNs */
  1180. pos = buf;
  1181. while (pos && *pos) {
  1182. char *mcc, *mnc;
  1183. size_t mnc_len;
  1184. mcc = pos;
  1185. mnc = os_strchr(pos, ',');
  1186. if (mnc == NULL)
  1187. goto fail;
  1188. *mnc++ = '\0';
  1189. pos = os_strchr(mnc, ';');
  1190. if (pos)
  1191. *pos++ = '\0';
  1192. mnc_len = os_strlen(mnc);
  1193. if (os_strlen(mcc) != 3 || (mnc_len != 2 && mnc_len != 3))
  1194. goto fail;
  1195. /* BC coded MCC,MNC */
  1196. /* MCC digit 2 | MCC digit 1 */
  1197. *ipos++ = ((mcc[1] - '0') << 4) | (mcc[0] - '0');
  1198. /* MNC digit 3 | MCC digit 3 */
  1199. *ipos++ = (((mnc_len == 2) ? 0xf0 : ((mnc[2] - '0') << 4))) |
  1200. (mcc[2] - '0');
  1201. /* MNC digit 2 | MNC digit 1 */
  1202. *ipos++ = ((mnc[1] - '0') << 4) | (mnc[0] - '0');
  1203. }
  1204. os_free(bss->anqp_3gpp_cell_net);
  1205. bss->anqp_3gpp_cell_net = info;
  1206. bss->anqp_3gpp_cell_net_len = 2 + 3 + 3 * count;
  1207. wpa_hexdump(MSG_MSGDUMP, "3GPP Cellular Network information",
  1208. bss->anqp_3gpp_cell_net, bss->anqp_3gpp_cell_net_len);
  1209. return 0;
  1210. fail:
  1211. wpa_printf(MSG_ERROR, "Line %d: Invalid anqp_3gpp_cell_net: %s",
  1212. line, buf);
  1213. os_free(info);
  1214. return -1;
  1215. }
  1216. static int parse_nai_realm(struct hostapd_bss_config *bss, char *buf, int line)
  1217. {
  1218. struct hostapd_nai_realm_data *realm;
  1219. size_t i, j, len;
  1220. int *offsets;
  1221. char *pos, *end, *rpos;
  1222. offsets = os_calloc(bss->nai_realm_count * MAX_NAI_REALMS,
  1223. sizeof(int));
  1224. if (offsets == NULL)
  1225. return -1;
  1226. for (i = 0; i < bss->nai_realm_count; i++) {
  1227. realm = &bss->nai_realm_data[i];
  1228. for (j = 0; j < MAX_NAI_REALMS; j++) {
  1229. offsets[i * MAX_NAI_REALMS + j] =
  1230. realm->realm[j] ?
  1231. realm->realm[j] - realm->realm_buf : -1;
  1232. }
  1233. }
  1234. realm = os_realloc_array(bss->nai_realm_data, bss->nai_realm_count + 1,
  1235. sizeof(struct hostapd_nai_realm_data));
  1236. if (realm == NULL) {
  1237. os_free(offsets);
  1238. return -1;
  1239. }
  1240. bss->nai_realm_data = realm;
  1241. /* patch the pointers after realloc */
  1242. for (i = 0; i < bss->nai_realm_count; i++) {
  1243. realm = &bss->nai_realm_data[i];
  1244. for (j = 0; j < MAX_NAI_REALMS; j++) {
  1245. int offs = offsets[i * MAX_NAI_REALMS + j];
  1246. if (offs >= 0)
  1247. realm->realm[j] = realm->realm_buf + offs;
  1248. else
  1249. realm->realm[j] = NULL;
  1250. }
  1251. }
  1252. os_free(offsets);
  1253. realm = &bss->nai_realm_data[bss->nai_realm_count];
  1254. os_memset(realm, 0, sizeof(*realm));
  1255. pos = buf;
  1256. realm->encoding = atoi(pos);
  1257. pos = os_strchr(pos, ',');
  1258. if (pos == NULL)
  1259. goto fail;
  1260. pos++;
  1261. end = os_strchr(pos, ',');
  1262. if (end) {
  1263. len = end - pos;
  1264. *end = '\0';
  1265. } else {
  1266. len = os_strlen(pos);
  1267. }
  1268. if (len > MAX_NAI_REALMLEN) {
  1269. wpa_printf(MSG_ERROR, "Too long a realm string (%d > max %d "
  1270. "characters)", (int) len, MAX_NAI_REALMLEN);
  1271. goto fail;
  1272. }
  1273. os_memcpy(realm->realm_buf, pos, len);
  1274. if (end)
  1275. pos = end + 1;
  1276. else
  1277. pos = NULL;
  1278. while (pos && *pos) {
  1279. struct hostapd_nai_realm_eap *eap;
  1280. if (realm->eap_method_count >= MAX_NAI_EAP_METHODS) {
  1281. wpa_printf(MSG_ERROR, "Too many EAP methods");
  1282. goto fail;
  1283. }
  1284. eap = &realm->eap_method[realm->eap_method_count];
  1285. realm->eap_method_count++;
  1286. end = os_strchr(pos, ',');
  1287. if (end == NULL)
  1288. end = pos + os_strlen(pos);
  1289. eap->eap_method = atoi(pos);
  1290. for (;;) {
  1291. pos = os_strchr(pos, '[');
  1292. if (pos == NULL || pos > end)
  1293. break;
  1294. pos++;
  1295. if (eap->num_auths >= MAX_NAI_AUTH_TYPES) {
  1296. wpa_printf(MSG_ERROR, "Too many auth params");
  1297. goto fail;
  1298. }
  1299. eap->auth_id[eap->num_auths] = atoi(pos);
  1300. pos = os_strchr(pos, ':');
  1301. if (pos == NULL || pos > end)
  1302. goto fail;
  1303. pos++;
  1304. eap->auth_val[eap->num_auths] = atoi(pos);
  1305. pos = os_strchr(pos, ']');
  1306. if (pos == NULL || pos > end)
  1307. goto fail;
  1308. pos++;
  1309. eap->num_auths++;
  1310. }
  1311. if (*end != ',')
  1312. break;
  1313. pos = end + 1;
  1314. }
  1315. /* Split realm list into null terminated realms */
  1316. rpos = realm->realm_buf;
  1317. i = 0;
  1318. while (*rpos) {
  1319. if (i >= MAX_NAI_REALMS) {
  1320. wpa_printf(MSG_ERROR, "Too many realms");
  1321. goto fail;
  1322. }
  1323. realm->realm[i++] = rpos;
  1324. rpos = os_strchr(rpos, ';');
  1325. if (rpos == NULL)
  1326. break;
  1327. *rpos++ = '\0';
  1328. }
  1329. bss->nai_realm_count++;
  1330. return 0;
  1331. fail:
  1332. wpa_printf(MSG_ERROR, "Line %d: invalid nai_realm '%s'", line, buf);
  1333. return -1;
  1334. }
  1335. #endif /* CONFIG_INTERWORKING */
  1336. #ifdef CONFIG_HS20
  1337. static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf,
  1338. int line)
  1339. {
  1340. u8 *conn_cap;
  1341. char *pos;
  1342. if (bss->hs20_connection_capability_len >= 0xfff0)
  1343. return -1;
  1344. conn_cap = os_realloc(bss->hs20_connection_capability,
  1345. bss->hs20_connection_capability_len + 4);
  1346. if (conn_cap == NULL)
  1347. return -1;
  1348. bss->hs20_connection_capability = conn_cap;
  1349. conn_cap += bss->hs20_connection_capability_len;
  1350. pos = buf;
  1351. conn_cap[0] = atoi(pos);
  1352. pos = os_strchr(pos, ':');
  1353. if (pos == NULL)
  1354. return -1;
  1355. pos++;
  1356. WPA_PUT_LE16(conn_cap + 1, atoi(pos));
  1357. pos = os_strchr(pos, ':');
  1358. if (pos == NULL)
  1359. return -1;
  1360. pos++;
  1361. conn_cap[3] = atoi(pos);
  1362. bss->hs20_connection_capability_len += 4;
  1363. return 0;
  1364. }
  1365. static int hs20_parse_wan_metrics(struct hostapd_bss_config *bss, char *buf,
  1366. int line)
  1367. {
  1368. u8 *wan_metrics;
  1369. char *pos;
  1370. /* <WAN Info>:<DL Speed>:<UL Speed>:<DL Load>:<UL Load>:<LMD> */
  1371. wan_metrics = os_zalloc(13);
  1372. if (wan_metrics == NULL)
  1373. return -1;
  1374. pos = buf;
  1375. /* WAN Info */
  1376. if (hexstr2bin(pos, wan_metrics, 1) < 0)
  1377. goto fail;
  1378. pos += 2;
  1379. if (*pos != ':')
  1380. goto fail;
  1381. pos++;
  1382. /* Downlink Speed */
  1383. WPA_PUT_LE32(wan_metrics + 1, atoi(pos));
  1384. pos = os_strchr(pos, ':');
  1385. if (pos == NULL)
  1386. goto fail;
  1387. pos++;
  1388. /* Uplink Speed */
  1389. WPA_PUT_LE32(wan_metrics + 5, atoi(pos));
  1390. pos = os_strchr(pos, ':');
  1391. if (pos == NULL)
  1392. goto fail;
  1393. pos++;
  1394. /* Downlink Load */
  1395. wan_metrics[9] = atoi(pos);
  1396. pos = os_strchr(pos, ':');
  1397. if (pos == NULL)
  1398. goto fail;
  1399. pos++;
  1400. /* Uplink Load */
  1401. wan_metrics[10] = atoi(pos);
  1402. pos = os_strchr(pos, ':');
  1403. if (pos == NULL)
  1404. goto fail;
  1405. pos++;
  1406. /* LMD */
  1407. WPA_PUT_LE16(wan_metrics + 11, atoi(pos));
  1408. os_free(bss->hs20_wan_metrics);
  1409. bss->hs20_wan_metrics = wan_metrics;
  1410. return 0;
  1411. fail:
  1412. wpa_printf(MSG_ERROR, "Line %d: Invalid hs20_wan_metrics '%s'",
  1413. line, pos);
  1414. os_free(wan_metrics);
  1415. return -1;
  1416. }
  1417. static int hs20_parse_oper_friendly_name(struct hostapd_bss_config *bss,
  1418. char *pos, int line)
  1419. {
  1420. if (parse_lang_string(&bss->hs20_oper_friendly_name,
  1421. &bss->hs20_oper_friendly_name_count, pos)) {
  1422. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1423. "hs20_oper_friendly_name '%s'", line, pos);
  1424. return -1;
  1425. }
  1426. return 0;
  1427. }
  1428. #endif /* CONFIG_HS20 */
  1429. #ifdef CONFIG_WPS_NFC
  1430. static struct wpabuf * hostapd_parse_bin(const char *buf)
  1431. {
  1432. size_t len;
  1433. struct wpabuf *ret;
  1434. len = os_strlen(buf);
  1435. if (len & 0x01)
  1436. return NULL;
  1437. len /= 2;
  1438. ret = wpabuf_alloc(len);
  1439. if (ret == NULL)
  1440. return NULL;
  1441. if (hexstr2bin(buf, wpabuf_put(ret, len), len)) {
  1442. wpabuf_free(ret);
  1443. return NULL;
  1444. }
  1445. return ret;
  1446. }
  1447. #endif /* CONFIG_WPS_NFC */
  1448. static int hostapd_config_fill(struct hostapd_config *conf,
  1449. struct hostapd_bss_config *bss,
  1450. char *buf, char *pos, int line)
  1451. {
  1452. int errors = 0;
  1453. {
  1454. if (os_strcmp(buf, "interface") == 0) {
  1455. os_strlcpy(conf->bss[0].iface, pos,
  1456. sizeof(conf->bss[0].iface));
  1457. } else if (os_strcmp(buf, "bridge") == 0) {
  1458. os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
  1459. } else if (os_strcmp(buf, "wds_bridge") == 0) {
  1460. os_strlcpy(bss->wds_bridge, pos,
  1461. sizeof(bss->wds_bridge));
  1462. } else if (os_strcmp(buf, "driver") == 0) {
  1463. int j;
  1464. /* clear to get error below if setting is invalid */
  1465. conf->driver = NULL;
  1466. for (j = 0; wpa_drivers[j]; j++) {
  1467. if (os_strcmp(pos, wpa_drivers[j]->name) == 0)
  1468. {
  1469. conf->driver = wpa_drivers[j];
  1470. break;
  1471. }
  1472. }
  1473. if (conf->driver == NULL) {
  1474. wpa_printf(MSG_ERROR, "Line %d: invalid/"
  1475. "unknown driver '%s'", line, pos);
  1476. errors++;
  1477. }
  1478. } else if (os_strcmp(buf, "debug") == 0) {
  1479. wpa_printf(MSG_DEBUG, "Line %d: DEPRECATED: 'debug' "
  1480. "configuration variable is not used "
  1481. "anymore", line);
  1482. } else if (os_strcmp(buf, "logger_syslog_level") == 0) {
  1483. bss->logger_syslog_level = atoi(pos);
  1484. } else if (os_strcmp(buf, "logger_stdout_level") == 0) {
  1485. bss->logger_stdout_level = atoi(pos);
  1486. } else if (os_strcmp(buf, "logger_syslog") == 0) {
  1487. bss->logger_syslog = atoi(pos);
  1488. } else if (os_strcmp(buf, "logger_stdout") == 0) {
  1489. bss->logger_stdout = atoi(pos);
  1490. } else if (os_strcmp(buf, "dump_file") == 0) {
  1491. bss->dump_log_name = os_strdup(pos);
  1492. } else if (os_strcmp(buf, "ssid") == 0) {
  1493. bss->ssid.ssid_len = os_strlen(pos);
  1494. if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN ||
  1495. bss->ssid.ssid_len < 1) {
  1496. wpa_printf(MSG_ERROR, "Line %d: invalid SSID "
  1497. "'%s'", line, pos);
  1498. errors++;
  1499. } else {
  1500. os_memcpy(bss->ssid.ssid, pos,
  1501. bss->ssid.ssid_len);
  1502. bss->ssid.ssid_set = 1;
  1503. }
  1504. } else if (os_strcmp(buf, "ssid2") == 0) {
  1505. size_t slen;
  1506. char *str = wpa_config_parse_string(pos, &slen);
  1507. if (str == NULL || slen < 1 ||
  1508. slen > HOSTAPD_MAX_SSID_LEN) {
  1509. wpa_printf(MSG_ERROR, "Line %d: invalid SSID "
  1510. "'%s'", line, pos);
  1511. errors++;
  1512. } else {
  1513. os_memcpy(bss->ssid.ssid, str, slen);
  1514. bss->ssid.ssid_len = slen;
  1515. bss->ssid.ssid_set = 1;
  1516. }
  1517. os_free(str);
  1518. } else if (os_strcmp(buf, "macaddr_acl") == 0) {
  1519. bss->macaddr_acl = atoi(pos);
  1520. if (bss->macaddr_acl != ACCEPT_UNLESS_DENIED &&
  1521. bss->macaddr_acl != DENY_UNLESS_ACCEPTED &&
  1522. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
  1523. wpa_printf(MSG_ERROR, "Line %d: unknown "
  1524. "macaddr_acl %d",
  1525. line, bss->macaddr_acl);
  1526. }
  1527. } else if (os_strcmp(buf, "accept_mac_file") == 0) {
  1528. if (hostapd_config_read_maclist(pos, &bss->accept_mac,
  1529. &bss->num_accept_mac))
  1530. {
  1531. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1532. "read accept_mac_file '%s'",
  1533. line, pos);
  1534. errors++;
  1535. }
  1536. } else if (os_strcmp(buf, "deny_mac_file") == 0) {
  1537. if (hostapd_config_read_maclist(pos, &bss->deny_mac,
  1538. &bss->num_deny_mac)) {
  1539. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1540. "read deny_mac_file '%s'",
  1541. line, pos);
  1542. errors++;
  1543. }
  1544. } else if (os_strcmp(buf, "wds_sta") == 0) {
  1545. bss->wds_sta = atoi(pos);
  1546. } else if (os_strcmp(buf, "ap_isolate") == 0) {
  1547. bss->isolate = atoi(pos);
  1548. } else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
  1549. bss->ap_max_inactivity = atoi(pos);
  1550. } else if (os_strcmp(buf, "skip_inactivity_poll") == 0) {
  1551. bss->skip_inactivity_poll = atoi(pos);
  1552. } else if (os_strcmp(buf, "country_code") == 0) {
  1553. os_memcpy(conf->country, pos, 2);
  1554. /* FIX: make this configurable */
  1555. conf->country[2] = ' ';
  1556. } else if (os_strcmp(buf, "ieee80211d") == 0) {
  1557. conf->ieee80211d = atoi(pos);
  1558. } else if (os_strcmp(buf, "ieee8021x") == 0) {
  1559. bss->ieee802_1x = atoi(pos);
  1560. } else if (os_strcmp(buf, "eapol_version") == 0) {
  1561. bss->eapol_version = atoi(pos);
  1562. if (bss->eapol_version < 1 ||
  1563. bss->eapol_version > 2) {
  1564. wpa_printf(MSG_ERROR, "Line %d: invalid EAPOL "
  1565. "version (%d): '%s'.",
  1566. line, bss->eapol_version, pos);
  1567. errors++;
  1568. } else
  1569. wpa_printf(MSG_DEBUG, "eapol_version=%d",
  1570. bss->eapol_version);
  1571. #ifdef EAP_SERVER
  1572. } else if (os_strcmp(buf, "eap_authenticator") == 0) {
  1573. bss->eap_server = atoi(pos);
  1574. wpa_printf(MSG_ERROR, "Line %d: obsolete "
  1575. "eap_authenticator used; this has been "
  1576. "renamed to eap_server", line);
  1577. } else if (os_strcmp(buf, "eap_server") == 0) {
  1578. bss->eap_server = atoi(pos);
  1579. } else if (os_strcmp(buf, "eap_user_file") == 0) {
  1580. if (hostapd_config_read_eap_user(pos, bss))
  1581. errors++;
  1582. } else if (os_strcmp(buf, "ca_cert") == 0) {
  1583. os_free(bss->ca_cert);
  1584. bss->ca_cert = os_strdup(pos);
  1585. } else if (os_strcmp(buf, "server_cert") == 0) {
  1586. os_free(bss->server_cert);
  1587. bss->server_cert = os_strdup(pos);
  1588. } else if (os_strcmp(buf, "private_key") == 0) {
  1589. os_free(bss->private_key);
  1590. bss->private_key = os_strdup(pos);
  1591. } else if (os_strcmp(buf, "private_key_passwd") == 0) {
  1592. os_free(bss->private_key_passwd);
  1593. bss->private_key_passwd = os_strdup(pos);
  1594. } else if (os_strcmp(buf, "check_crl") == 0) {
  1595. bss->check_crl = atoi(pos);
  1596. } else if (os_strcmp(buf, "dh_file") == 0) {
  1597. os_free(bss->dh_file);
  1598. bss->dh_file = os_strdup(pos);
  1599. } else if (os_strcmp(buf, "fragment_size") == 0) {
  1600. bss->fragment_size = atoi(pos);
  1601. #ifdef EAP_SERVER_FAST
  1602. } else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
  1603. os_free(bss->pac_opaque_encr_key);
  1604. bss->pac_opaque_encr_key = os_malloc(16);
  1605. if (bss->pac_opaque_encr_key == NULL) {
  1606. wpa_printf(MSG_ERROR, "Line %d: No memory for "
  1607. "pac_opaque_encr_key", line);
  1608. errors++;
  1609. } else if (hexstr2bin(pos, bss->pac_opaque_encr_key,
  1610. 16)) {
  1611. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1612. "pac_opaque_encr_key", line);
  1613. errors++;
  1614. }
  1615. } else if (os_strcmp(buf, "eap_fast_a_id") == 0) {
  1616. size_t idlen = os_strlen(pos);
  1617. if (idlen & 1) {
  1618. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1619. "eap_fast_a_id", line);
  1620. errors++;
  1621. } else {
  1622. os_free(bss->eap_fast_a_id);
  1623. bss->eap_fast_a_id = os_malloc(idlen / 2);
  1624. if (bss->eap_fast_a_id == NULL ||
  1625. hexstr2bin(pos, bss->eap_fast_a_id,
  1626. idlen / 2)) {
  1627. wpa_printf(MSG_ERROR, "Line %d: "
  1628. "Failed to parse "
  1629. "eap_fast_a_id", line);
  1630. errors++;
  1631. } else
  1632. bss->eap_fast_a_id_len = idlen / 2;
  1633. }
  1634. } else if (os_strcmp(buf, "eap_fast_a_id_info") == 0) {
  1635. os_free(bss->eap_fast_a_id_info);
  1636. bss->eap_fast_a_id_info = os_strdup(pos);
  1637. } else if (os_strcmp(buf, "eap_fast_prov") == 0) {
  1638. bss->eap_fast_prov = atoi(pos);
  1639. } else if (os_strcmp(buf, "pac_key_lifetime") == 0) {
  1640. bss->pac_key_lifetime = atoi(pos);
  1641. } else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
  1642. bss->pac_key_refresh_time = atoi(pos);
  1643. #endif /* EAP_SERVER_FAST */
  1644. #ifdef EAP_SERVER_SIM
  1645. } else if (os_strcmp(buf, "eap_sim_db") == 0) {
  1646. os_free(bss->eap_sim_db);
  1647. bss->eap_sim_db = os_strdup(pos);
  1648. } else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
  1649. bss->eap_sim_aka_result_ind = atoi(pos);
  1650. #endif /* EAP_SERVER_SIM */
  1651. #ifdef EAP_SERVER_TNC
  1652. } else if (os_strcmp(buf, "tnc") == 0) {
  1653. bss->tnc = atoi(pos);
  1654. #endif /* EAP_SERVER_TNC */
  1655. #ifdef EAP_SERVER_PWD
  1656. } else if (os_strcmp(buf, "pwd_group") == 0) {
  1657. bss->pwd_group = atoi(pos);
  1658. #endif /* EAP_SERVER_PWD */
  1659. #endif /* EAP_SERVER */
  1660. } else if (os_strcmp(buf, "eap_message") == 0) {
  1661. char *term;
  1662. bss->eap_req_id_text = os_strdup(pos);
  1663. if (bss->eap_req_id_text == NULL) {
  1664. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1665. "allocate memory for "
  1666. "eap_req_id_text", line);
  1667. errors++;
  1668. return errors;
  1669. }
  1670. bss->eap_req_id_text_len =
  1671. os_strlen(bss->eap_req_id_text);
  1672. term = os_strstr(bss->eap_req_id_text, "\\0");
  1673. if (term) {
  1674. *term++ = '\0';
  1675. os_memmove(term, term + 1,
  1676. bss->eap_req_id_text_len -
  1677. (term - bss->eap_req_id_text) - 1);
  1678. bss->eap_req_id_text_len--;
  1679. }
  1680. } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
  1681. bss->default_wep_key_len = atoi(pos);
  1682. if (bss->default_wep_key_len > 13) {
  1683. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1684. "key len %lu (= %lu bits)", line,
  1685. (unsigned long)
  1686. bss->default_wep_key_len,
  1687. (unsigned long)
  1688. bss->default_wep_key_len * 8);
  1689. errors++;
  1690. }
  1691. } else if (os_strcmp(buf, "wep_key_len_unicast") == 0) {
  1692. bss->individual_wep_key_len = atoi(pos);
  1693. if (bss->individual_wep_key_len < 0 ||
  1694. bss->individual_wep_key_len > 13) {
  1695. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1696. "key len %d (= %d bits)", line,
  1697. bss->individual_wep_key_len,
  1698. bss->individual_wep_key_len * 8);
  1699. errors++;
  1700. }
  1701. } else if (os_strcmp(buf, "wep_rekey_period") == 0) {
  1702. bss->wep_rekeying_period = atoi(pos);
  1703. if (bss->wep_rekeying_period < 0) {
  1704. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1705. "period %d",
  1706. line, bss->wep_rekeying_period);
  1707. errors++;
  1708. }
  1709. } else if (os_strcmp(buf, "eap_reauth_period") == 0) {
  1710. bss->eap_reauth_period = atoi(pos);
  1711. if (bss->eap_reauth_period < 0) {
  1712. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1713. "period %d",
  1714. line, bss->eap_reauth_period);
  1715. errors++;
  1716. }
  1717. } else if (os_strcmp(buf, "eapol_key_index_workaround") == 0) {
  1718. bss->eapol_key_index_workaround = atoi(pos);
  1719. #ifdef CONFIG_IAPP
  1720. } else if (os_strcmp(buf, "iapp_interface") == 0) {
  1721. bss->ieee802_11f = 1;
  1722. os_strlcpy(bss->iapp_iface, pos,
  1723. sizeof(bss->iapp_iface));
  1724. #endif /* CONFIG_IAPP */
  1725. } else if (os_strcmp(buf, "own_ip_addr") == 0) {
  1726. if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
  1727. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1728. "address '%s'", line, pos);
  1729. errors++;
  1730. }
  1731. } else if (os_strcmp(buf, "nas_identifier") == 0) {
  1732. bss->nas_identifier = os_strdup(pos);
  1733. #ifndef CONFIG_NO_RADIUS
  1734. } else if (os_strcmp(buf, "auth_server_addr") == 0) {
  1735. if (hostapd_config_read_radius_addr(
  1736. &bss->radius->auth_servers,
  1737. &bss->radius->num_auth_servers, pos, 1812,
  1738. &bss->radius->auth_server)) {
  1739. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1740. "address '%s'", line, pos);
  1741. errors++;
  1742. }
  1743. } else if (bss->radius->auth_server &&
  1744. os_strcmp(buf, "auth_server_port") == 0) {
  1745. bss->radius->auth_server->port = atoi(pos);
  1746. } else if (bss->radius->auth_server &&
  1747. os_strcmp(buf, "auth_server_shared_secret") == 0) {
  1748. int len = os_strlen(pos);
  1749. if (len == 0) {
  1750. /* RFC 2865, Ch. 3 */
  1751. wpa_printf(MSG_ERROR, "Line %d: empty shared "
  1752. "secret is not allowed.", line);
  1753. errors++;
  1754. }
  1755. bss->radius->auth_server->shared_secret =
  1756. (u8 *) os_strdup(pos);
  1757. bss->radius->auth_server->shared_secret_len = len;
  1758. } else if (os_strcmp(buf, "acct_server_addr") == 0) {
  1759. if (hostapd_config_read_radius_addr(
  1760. &bss->radius->acct_servers,
  1761. &bss->radius->num_acct_servers, pos, 1813,
  1762. &bss->radius->acct_server)) {
  1763. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1764. "address '%s'", line, pos);
  1765. errors++;
  1766. }
  1767. } else if (bss->radius->acct_server &&
  1768. os_strcmp(buf, "acct_server_port") == 0) {
  1769. bss->radius->acct_server->port = atoi(pos);
  1770. } else if (bss->radius->acct_server &&
  1771. os_strcmp(buf, "acct_server_shared_secret") == 0) {
  1772. int len = os_strlen(pos);
  1773. if (len == 0) {
  1774. /* RFC 2865, Ch. 3 */
  1775. wpa_printf(MSG_ERROR, "Line %d: empty shared "
  1776. "secret is not allowed.", line);
  1777. errors++;
  1778. }
  1779. bss->radius->acct_server->shared_secret =
  1780. (u8 *) os_strdup(pos);
  1781. bss->radius->acct_server->shared_secret_len = len;
  1782. } else if (os_strcmp(buf, "radius_retry_primary_interval") ==
  1783. 0) {
  1784. bss->radius->retry_primary_interval = atoi(pos);
  1785. } else if (os_strcmp(buf, "radius_acct_interim_interval") == 0)
  1786. {
  1787. bss->acct_interim_interval = atoi(pos);
  1788. } else if (os_strcmp(buf, "radius_request_cui") == 0) {
  1789. bss->radius_request_cui = atoi(pos);
  1790. } else if (os_strcmp(buf, "radius_auth_req_attr") == 0) {
  1791. struct hostapd_radius_attr *attr, *a;
  1792. attr = hostapd_parse_radius_attr(pos);
  1793. if (attr == NULL) {
  1794. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1795. "radius_auth_req_attr", line);
  1796. errors++;
  1797. } else if (bss->radius_auth_req_attr == NULL) {
  1798. bss->radius_auth_req_attr = attr;
  1799. } else {
  1800. a = bss->radius_auth_req_attr;
  1801. while (a->next)
  1802. a = a->next;
  1803. a->next = attr;
  1804. }
  1805. } else if (os_strcmp(buf, "radius_acct_req_attr") == 0) {
  1806. struct hostapd_radius_attr *attr, *a;
  1807. attr = hostapd_parse_radius_attr(pos);
  1808. if (attr == NULL) {
  1809. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1810. "radius_acct_req_attr", line);
  1811. errors++;
  1812. } else if (bss->radius_acct_req_attr == NULL) {
  1813. bss->radius_acct_req_attr = attr;
  1814. } else {
  1815. a = bss->radius_acct_req_attr;
  1816. while (a->next)
  1817. a = a->next;
  1818. a->next = attr;
  1819. }
  1820. } else if (os_strcmp(buf, "radius_das_port") == 0) {
  1821. bss->radius_das_port = atoi(pos);
  1822. } else if (os_strcmp(buf, "radius_das_client") == 0) {
  1823. if (hostapd_parse_das_client(bss, pos) < 0) {
  1824. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1825. "DAS client", line);
  1826. errors++;
  1827. }
  1828. } else if (os_strcmp(buf, "radius_das_time_window") == 0) {
  1829. bss->radius_das_time_window = atoi(pos);
  1830. } else if (os_strcmp(buf, "radius_das_require_event_timestamp")
  1831. == 0) {
  1832. bss->radius_das_require_event_timestamp = atoi(pos);
  1833. #endif /* CONFIG_NO_RADIUS */
  1834. } else if (os_strcmp(buf, "auth_algs") == 0) {
  1835. bss->auth_algs = atoi(pos);
  1836. if (bss->auth_algs == 0) {
  1837. wpa_printf(MSG_ERROR, "Line %d: no "
  1838. "authentication algorithms allowed",
  1839. line);
  1840. errors++;
  1841. }
  1842. } else if (os_strcmp(buf, "max_num_sta") == 0) {
  1843. bss->max_num_sta = atoi(pos);
  1844. if (bss->max_num_sta < 0 ||
  1845. bss->max_num_sta > MAX_STA_COUNT) {
  1846. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1847. "max_num_sta=%d; allowed range "
  1848. "0..%d", line, bss->max_num_sta,
  1849. MAX_STA_COUNT);
  1850. errors++;
  1851. }
  1852. } else if (os_strcmp(buf, "wpa") == 0) {
  1853. bss->wpa = atoi(pos);
  1854. } else if (os_strcmp(buf, "wpa_group_rekey") == 0) {
  1855. bss->wpa_group_rekey = atoi(pos);
  1856. } else if (os_strcmp(buf, "wpa_strict_rekey") == 0) {
  1857. bss->wpa_strict_rekey = atoi(pos);
  1858. } else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) {
  1859. bss->wpa_gmk_rekey = atoi(pos);
  1860. } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) {
  1861. bss->wpa_ptk_rekey = atoi(pos);
  1862. } else if (os_strcmp(buf, "wpa_passphrase") == 0) {
  1863. int len = os_strlen(pos);
  1864. if (len < 8 || len > 63) {
  1865. wpa_printf(MSG_ERROR, "Line %d: invalid WPA "
  1866. "passphrase length %d (expected "
  1867. "8..63)", line, len);
  1868. errors++;
  1869. } else {
  1870. os_free(bss->ssid.wpa_passphrase);
  1871. bss->ssid.wpa_passphrase = os_strdup(pos);
  1872. os_free(bss->ssid.wpa_psk);
  1873. bss->ssid.wpa_psk = NULL;
  1874. }
  1875. } else if (os_strcmp(buf, "wpa_psk") == 0) {
  1876. os_free(bss->ssid.wpa_psk);
  1877. bss->ssid.wpa_psk =
  1878. os_zalloc(sizeof(struct hostapd_wpa_psk));
  1879. if (bss->ssid.wpa_psk == NULL)
  1880. errors++;
  1881. else if (hexstr2bin(pos, bss->ssid.wpa_psk->psk,
  1882. PMK_LEN) ||
  1883. pos[PMK_LEN * 2] != '\0') {
  1884. wpa_printf(MSG_ERROR, "Line %d: Invalid PSK "
  1885. "'%s'.", line, pos);
  1886. errors++;
  1887. } else {
  1888. bss->ssid.wpa_psk->group = 1;
  1889. os_free(bss->ssid.wpa_passphrase);
  1890. bss->ssid.wpa_passphrase = NULL;
  1891. }
  1892. } else if (os_strcmp(buf, "wpa_psk_file") == 0) {
  1893. os_free(bss->ssid.wpa_psk_file);
  1894. bss->ssid.wpa_psk_file = os_strdup(pos);
  1895. if (!bss->ssid.wpa_psk_file) {
  1896. wpa_printf(MSG_ERROR, "Line %d: allocation "
  1897. "failed", line);
  1898. errors++;
  1899. }
  1900. } else if (os_strcmp(buf, "wpa_key_mgmt") == 0) {
  1901. bss->wpa_key_mgmt =
  1902. hostapd_config_parse_key_mgmt(line, pos);
  1903. if (bss->wpa_key_mgmt == -1)
  1904. errors++;
  1905. } else if (os_strcmp(buf, "wpa_psk_radius") == 0) {
  1906. bss->wpa_psk_radius = atoi(pos);
  1907. if (bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
  1908. bss->wpa_psk_radius != PSK_RADIUS_ACCEPTED &&
  1909. bss->wpa_psk_radius != PSK_RADIUS_REQUIRED) {
  1910. wpa_printf(MSG_ERROR, "Line %d: unknown "
  1911. "wpa_psk_radius %d",
  1912. line, bss->wpa_psk_radius);
  1913. errors++;
  1914. }
  1915. } else if (os_strcmp(buf, "wpa_pairwise") == 0) {
  1916. bss->wpa_pairwise =
  1917. hostapd_config_parse_cipher(line, pos);
  1918. if (bss->wpa_pairwise == -1 ||
  1919. bss->wpa_pairwise == 0)
  1920. errors++;
  1921. else if (bss->wpa_pairwise &
  1922. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 |
  1923. WPA_CIPHER_WEP104)) {
  1924. wpa_printf(MSG_ERROR, "Line %d: unsupported "
  1925. "pairwise cipher suite '%s'",
  1926. bss->wpa_pairwise, pos);
  1927. errors++;
  1928. }
  1929. } else if (os_strcmp(buf, "rsn_pairwise") == 0) {
  1930. bss->rsn_pairwise =
  1931. hostapd_config_parse_cipher(line, pos);
  1932. if (bss->rsn_pairwise == -1 ||
  1933. bss->rsn_pairwise == 0)
  1934. errors++;
  1935. else if (bss->rsn_pairwise &
  1936. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 |
  1937. WPA_CIPHER_WEP104)) {
  1938. wpa_printf(MSG_ERROR, "Line %d: unsupported "
  1939. "pairwise cipher suite '%s'",
  1940. bss->rsn_pairwise, pos);
  1941. errors++;
  1942. }
  1943. #ifdef CONFIG_RSN_PREAUTH
  1944. } else if (os_strcmp(buf, "rsn_preauth") == 0) {
  1945. bss->rsn_preauth = atoi(pos);
  1946. } else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) {
  1947. bss->rsn_preauth_interfaces = os_strdup(pos);
  1948. #endif /* CONFIG_RSN_PREAUTH */
  1949. #ifdef CONFIG_PEERKEY
  1950. } else if (os_strcmp(buf, "peerkey") == 0) {
  1951. bss->peerkey = atoi(pos);
  1952. #endif /* CONFIG_PEERKEY */
  1953. #ifdef CONFIG_IEEE80211R
  1954. } else if (os_strcmp(buf, "mobility_domain") == 0) {
  1955. if (os_strlen(pos) != 2 * MOBILITY_DOMAIN_ID_LEN ||
  1956. hexstr2bin(pos, bss->mobility_domain,
  1957. MOBILITY_DOMAIN_ID_LEN) != 0) {
  1958. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1959. "mobility_domain '%s'", line, pos);
  1960. errors++;
  1961. return errors;
  1962. }
  1963. } else if (os_strcmp(buf, "r1_key_holder") == 0) {
  1964. if (os_strlen(pos) != 2 * FT_R1KH_ID_LEN ||
  1965. hexstr2bin(pos, bss->r1_key_holder,
  1966. FT_R1KH_ID_LEN) != 0) {
  1967. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1968. "r1_key_holder '%s'", line, pos);
  1969. errors++;
  1970. return errors;
  1971. }
  1972. } else if (os_strcmp(buf, "r0_key_lifetime") == 0) {
  1973. bss->r0_key_lifetime = atoi(pos);
  1974. } else if (os_strcmp(buf, "reassociation_deadline") == 0) {
  1975. bss->reassociation_deadline = atoi(pos);
  1976. } else if (os_strcmp(buf, "r0kh") == 0) {
  1977. if (add_r0kh(bss, pos) < 0) {
  1978. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1979. "r0kh '%s'", line, pos);
  1980. errors++;
  1981. return errors;
  1982. }
  1983. } else if (os_strcmp(buf, "r1kh") == 0) {
  1984. if (add_r1kh(bss, pos) < 0) {
  1985. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1986. "r1kh '%s'", line, pos);
  1987. errors++;
  1988. return errors;
  1989. }
  1990. } else if (os_strcmp(buf, "pmk_r1_push") == 0) {
  1991. bss->pmk_r1_push = atoi(pos);
  1992. } else if (os_strcmp(buf, "ft_over_ds") == 0) {
  1993. bss->ft_over_ds = atoi(pos);
  1994. #endif /* CONFIG_IEEE80211R */
  1995. #ifndef CONFIG_NO_CTRL_IFACE
  1996. } else if (os_strcmp(buf, "ctrl_interface") == 0) {
  1997. os_free(bss->ctrl_interface);
  1998. bss->ctrl_interface = os_strdup(pos);
  1999. } else if (os_strcmp(buf, "ctrl_interface_group") == 0) {
  2000. #ifndef CONFIG_NATIVE_WINDOWS
  2001. struct group *grp;
  2002. char *endp;
  2003. const char *group = pos;
  2004. grp = getgrnam(group);
  2005. if (grp) {
  2006. bss->ctrl_interface_gid = grp->gr_gid;
  2007. bss->ctrl_interface_gid_set = 1;
  2008. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d"
  2009. " (from group name '%s')",
  2010. bss->ctrl_interface_gid, group);
  2011. return errors;
  2012. }
  2013. /* Group name not found - try to parse this as gid */
  2014. bss->ctrl_interface_gid = strtol(group, &endp, 10);
  2015. if (*group == '\0' || *endp != '\0') {
  2016. wpa_printf(MSG_DEBUG, "Line %d: Invalid group "
  2017. "'%s'", line, group);
  2018. errors++;
  2019. return errors;
  2020. }
  2021. bss->ctrl_interface_gid_set = 1;
  2022. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d",
  2023. bss->ctrl_interface_gid);
  2024. #endif /* CONFIG_NATIVE_WINDOWS */
  2025. #endif /* CONFIG_NO_CTRL_IFACE */
  2026. #ifdef RADIUS_SERVER
  2027. } else if (os_strcmp(buf, "radius_server_clients") == 0) {
  2028. os_free(bss->radius_server_clients);
  2029. bss->radius_server_clients = os_strdup(pos);
  2030. } else if (os_strcmp(buf, "radius_server_auth_port") == 0) {
  2031. bss->radius_server_auth_port = atoi(pos);
  2032. } else if (os_strcmp(buf, "radius_server_ipv6") == 0) {
  2033. bss->radius_server_ipv6 = atoi(pos);
  2034. #endif /* RADIUS_SERVER */
  2035. } else if (os_strcmp(buf, "test_socket") == 0) {
  2036. os_free(bss->test_socket);
  2037. bss->test_socket = os_strdup(pos);
  2038. } else if (os_strcmp(buf, "use_pae_group_addr") == 0) {
  2039. bss->use_pae_group_addr = atoi(pos);
  2040. } else if (os_strcmp(buf, "hw_mode") == 0) {
  2041. if (os_strcmp(pos, "a") == 0)
  2042. conf->hw_mode = HOSTAPD_MODE_IEEE80211A;
  2043. else if (os_strcmp(pos, "b") == 0)
  2044. conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
  2045. else if (os_strcmp(pos, "g") == 0)
  2046. conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
  2047. else {
  2048. wpa_printf(MSG_ERROR, "Line %d: unknown "
  2049. "hw_mode '%s'", line, pos);
  2050. errors++;
  2051. }
  2052. } else if (os_strcmp(buf, "wps_rf_bands") == 0) {
  2053. if (os_strcmp(pos, "a") == 0)
  2054. bss->wps_rf_bands = WPS_RF_50GHZ;
  2055. else if (os_strcmp(pos, "g") == 0 ||
  2056. os_strcmp(pos, "b") == 0)
  2057. bss->wps_rf_bands = WPS_RF_24GHZ;
  2058. else if (os_strcmp(pos, "ag") == 0 ||
  2059. os_strcmp(pos, "ga") == 0)
  2060. bss->wps_rf_bands =
  2061. WPS_RF_24GHZ | WPS_RF_50GHZ;
  2062. else {
  2063. wpa_printf(MSG_ERROR, "Line %d: unknown "
  2064. "wps_rf_band '%s'", line, pos);
  2065. errors++;
  2066. }
  2067. } else if (os_strcmp(buf, "channel") == 0) {
  2068. conf->channel = atoi(pos);
  2069. } else if (os_strcmp(buf, "beacon_int") == 0) {
  2070. int val = atoi(pos);
  2071. /* MIB defines range as 1..65535, but very small values
  2072. * cause problems with the current implementation.
  2073. * Since it is unlikely that this small numbers are
  2074. * useful in real life scenarios, do not allow beacon
  2075. * period to be set below 15 TU. */
  2076. if (val < 15 || val > 65535) {
  2077. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2078. "beacon_int %d (expected "
  2079. "15..65535)", line, val);
  2080. errors++;
  2081. } else
  2082. conf->beacon_int = val;
  2083. } else if (os_strcmp(buf, "dtim_period") == 0) {
  2084. bss->dtim_period = atoi(pos);
  2085. if (bss->dtim_period < 1 || bss->dtim_period > 255) {
  2086. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2087. "dtim_period %d",
  2088. line, bss->dtim_period);
  2089. errors++;
  2090. }
  2091. } else if (os_strcmp(buf, "rts_threshold") == 0) {
  2092. conf->rts_threshold = atoi(pos);
  2093. if (conf->rts_threshold < 0 ||
  2094. conf->rts_threshold > 2347) {
  2095. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2096. "rts_threshold %d",
  2097. line, conf->rts_threshold);
  2098. errors++;
  2099. }
  2100. } else if (os_strcmp(buf, "fragm_threshold") == 0) {
  2101. conf->fragm_threshold = atoi(pos);
  2102. if (conf->fragm_threshold < 256 ||
  2103. conf->fragm_threshold > 2346) {
  2104. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2105. "fragm_threshold %d",
  2106. line, conf->fragm_threshold);
  2107. errors++;
  2108. }
  2109. } else if (os_strcmp(buf, "send_probe_response") == 0) {
  2110. int val = atoi(pos);
  2111. if (val != 0 && val != 1) {
  2112. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2113. "send_probe_response %d (expected "
  2114. "0 or 1)", line, val);
  2115. } else
  2116. conf->send_probe_response = val;
  2117. } else if (os_strcmp(buf, "supported_rates") == 0) {
  2118. if (hostapd_parse_rates(&conf->supported_rates, pos)) {
  2119. wpa_printf(MSG_ERROR, "Line %d: invalid rate "
  2120. "list", line);
  2121. errors++;
  2122. }
  2123. } else if (os_strcmp(buf, "basic_rates") == 0) {
  2124. if (hostapd_parse_rates(&conf->basic_rates, pos)) {
  2125. wpa_printf(MSG_ERROR, "Line %d: invalid rate "
  2126. "list", line);
  2127. errors++;
  2128. }
  2129. } else if (os_strcmp(buf, "preamble") == 0) {
  2130. if (atoi(pos))
  2131. conf->preamble = SHORT_PREAMBLE;
  2132. else
  2133. conf->preamble = LONG_PREAMBLE;
  2134. } else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) {
  2135. bss->ignore_broadcast_ssid = atoi(pos);
  2136. } else if (os_strcmp(buf, "wep_default_key") == 0) {
  2137. bss->ssid.wep.idx = atoi(pos);
  2138. if (bss->ssid.wep.idx > 3) {
  2139. wpa_printf(MSG_ERROR, "Invalid "
  2140. "wep_default_key index %d",
  2141. bss->ssid.wep.idx);
  2142. errors++;
  2143. }
  2144. } else if (os_strcmp(buf, "wep_key0") == 0 ||
  2145. os_strcmp(buf, "wep_key1") == 0 ||
  2146. os_strcmp(buf, "wep_key2") == 0 ||
  2147. os_strcmp(buf, "wep_key3") == 0) {
  2148. if (hostapd_config_read_wep(&bss->ssid.wep,
  2149. buf[7] - '0', pos)) {
  2150. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  2151. "key '%s'", line, buf);
  2152. errors++;
  2153. }
  2154. #ifndef CONFIG_NO_VLAN
  2155. } else if (os_strcmp(buf, "dynamic_vlan") == 0) {
  2156. bss->ssid.dynamic_vlan = atoi(pos);
  2157. } else if (os_strcmp(buf, "vlan_file") == 0) {
  2158. if (hostapd_config_read_vlan_file(bss, pos)) {
  2159. wpa_printf(MSG_ERROR, "Line %d: failed to "
  2160. "read VLAN file '%s'", line, pos);
  2161. errors++;
  2162. }
  2163. } else if (os_strcmp(buf, "vlan_naming") == 0) {
  2164. bss->ssid.vlan_naming = atoi(pos);
  2165. if (bss->ssid.vlan_naming >= DYNAMIC_VLAN_NAMING_END ||
  2166. bss->ssid.vlan_naming < 0) {
  2167. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2168. "naming scheme %d", line,
  2169. bss->ssid.vlan_naming);
  2170. errors++;
  2171. }
  2172. #ifdef CONFIG_FULL_DYNAMIC_VLAN
  2173. } else if (os_strcmp(buf, "vlan_tagged_interface") == 0) {
  2174. bss->ssid.vlan_tagged_interface = os_strdup(pos);
  2175. #endif /* CONFIG_FULL_DYNAMIC_VLAN */
  2176. #endif /* CONFIG_NO_VLAN */
  2177. } else if (os_strcmp(buf, "ap_table_max_size") == 0) {
  2178. conf->ap_table_max_size = atoi(pos);
  2179. } else if (os_strcmp(buf, "ap_table_expiration_time") == 0) {
  2180. conf->ap_table_expiration_time = atoi(pos);
  2181. } else if (os_strncmp(buf, "tx_queue_", 9) == 0) {
  2182. if (hostapd_config_tx_queue(conf, buf, pos)) {
  2183. wpa_printf(MSG_ERROR, "Line %d: invalid TX "
  2184. "queue item", line);
  2185. errors++;
  2186. }
  2187. } else if (os_strcmp(buf, "wme_enabled") == 0 ||
  2188. os_strcmp(buf, "wmm_enabled") == 0) {
  2189. bss->wmm_enabled = atoi(pos);
  2190. } else if (os_strcmp(buf, "uapsd_advertisement_enabled") == 0) {
  2191. bss->wmm_uapsd = atoi(pos);
  2192. } else if (os_strncmp(buf, "wme_ac_", 7) == 0 ||
  2193. os_strncmp(buf, "wmm_ac_", 7) == 0) {
  2194. if (hostapd_config_wmm_ac(conf->wmm_ac_params, buf,
  2195. pos)) {
  2196. wpa_printf(MSG_ERROR, "Line %d: invalid WMM "
  2197. "ac item", line);
  2198. errors++;
  2199. }
  2200. } else if (os_strcmp(buf, "bss") == 0) {
  2201. if (hostapd_config_bss(conf, pos)) {
  2202. wpa_printf(MSG_ERROR, "Line %d: invalid bss "
  2203. "item", line);
  2204. errors++;
  2205. }
  2206. } else if (os_strcmp(buf, "bssid") == 0) {
  2207. if (hwaddr_aton(pos, bss->bssid)) {
  2208. wpa_printf(MSG_ERROR, "Line %d: invalid bssid "
  2209. "item", line);
  2210. errors++;
  2211. }
  2212. #ifdef CONFIG_IEEE80211W
  2213. } else if (os_strcmp(buf, "ieee80211w") == 0) {
  2214. bss->ieee80211w = atoi(pos);
  2215. } else if (os_strcmp(buf, "assoc_sa_query_max_timeout") == 0) {
  2216. bss->assoc_sa_query_max_timeout = atoi(pos);
  2217. if (bss->assoc_sa_query_max_timeout == 0) {
  2218. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2219. "assoc_sa_query_max_timeout", line);
  2220. errors++;
  2221. }
  2222. } else if (os_strcmp(buf, "assoc_sa_query_retry_timeout") == 0)
  2223. {
  2224. bss->assoc_sa_query_retry_timeout = atoi(pos);
  2225. if (bss->assoc_sa_query_retry_timeout == 0) {
  2226. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2227. "assoc_sa_query_retry_timeout",
  2228. line);
  2229. errors++;
  2230. }
  2231. #endif /* CONFIG_IEEE80211W */
  2232. #ifdef CONFIG_IEEE80211N
  2233. } else if (os_strcmp(buf, "ieee80211n") == 0) {
  2234. conf->ieee80211n = atoi(pos);
  2235. } else if (os_strcmp(buf, "ht_capab") == 0) {
  2236. if (hostapd_config_ht_capab(conf, pos) < 0) {
  2237. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2238. "ht_capab", line);
  2239. errors++;
  2240. }
  2241. } else if (os_strcmp(buf, "require_ht") == 0) {
  2242. conf->require_ht = atoi(pos);
  2243. #endif /* CONFIG_IEEE80211N */
  2244. #ifdef CONFIG_IEEE80211AC
  2245. } else if (os_strcmp(buf, "ieee80211ac") == 0) {
  2246. conf->ieee80211ac = atoi(pos);
  2247. } else if (os_strcmp(buf, "vht_capab") == 0) {
  2248. if (hostapd_config_vht_capab(conf, pos) < 0) {
  2249. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2250. "vht_capab", line);
  2251. errors++;
  2252. }
  2253. } else if (os_strcmp(buf, "require_vht") == 0) {
  2254. conf->require_vht = atoi(pos);
  2255. } else if (os_strcmp(buf, "vht_oper_chwidth") == 0) {
  2256. conf->vht_oper_chwidth = atoi(pos);
  2257. } else if (os_strcmp(buf, "vht_oper_centr_freq_seg0_idx") == 0)
  2258. {
  2259. conf->vht_oper_centr_freq_seg0_idx = atoi(pos);
  2260. #endif /* CONFIG_IEEE80211AC */
  2261. } else if (os_strcmp(buf, "max_listen_interval") == 0) {
  2262. bss->max_listen_interval = atoi(pos);
  2263. } else if (os_strcmp(buf, "disable_pmksa_caching") == 0) {
  2264. bss->disable_pmksa_caching = atoi(pos);
  2265. } else if (os_strcmp(buf, "okc") == 0) {
  2266. bss->okc = atoi(pos);
  2267. #ifdef CONFIG_WPS
  2268. } else if (os_strcmp(buf, "wps_state") == 0) {
  2269. bss->wps_state = atoi(pos);
  2270. if (bss->wps_state < 0 || bss->wps_state > 2) {
  2271. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2272. "wps_state", line);
  2273. errors++;
  2274. }
  2275. } else if (os_strcmp(buf, "ap_setup_locked") == 0) {
  2276. bss->ap_setup_locked = atoi(pos);
  2277. } else if (os_strcmp(buf, "uuid") == 0) {
  2278. if (uuid_str2bin(pos, bss->uuid)) {
  2279. wpa_printf(MSG_ERROR, "Line %d: invalid UUID",
  2280. line);
  2281. errors++;
  2282. }
  2283. } else if (os_strcmp(buf, "wps_pin_requests") == 0) {
  2284. os_free(bss->wps_pin_requests);
  2285. bss->wps_pin_requests = os_strdup(pos);
  2286. } else if (os_strcmp(buf, "device_name") == 0) {
  2287. if (os_strlen(pos) > 32) {
  2288. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2289. "device_name", line);
  2290. errors++;
  2291. }
  2292. os_free(bss->device_name);
  2293. bss->device_name = os_strdup(pos);
  2294. } else if (os_strcmp(buf, "manufacturer") == 0) {
  2295. if (os_strlen(pos) > 64) {
  2296. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2297. "manufacturer", line);
  2298. errors++;
  2299. }
  2300. os_free(bss->manufacturer);
  2301. bss->manufacturer = os_strdup(pos);
  2302. } else if (os_strcmp(buf, "model_name") == 0) {
  2303. if (os_strlen(pos) > 32) {
  2304. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2305. "model_name", line);
  2306. errors++;
  2307. }
  2308. os_free(bss->model_name);
  2309. bss->model_name = os_strdup(pos);
  2310. } else if (os_strcmp(buf, "model_number") == 0) {
  2311. if (os_strlen(pos) > 32) {
  2312. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2313. "model_number", line);
  2314. errors++;
  2315. }
  2316. os_free(bss->model_number);
  2317. bss->model_number = os_strdup(pos);
  2318. } else if (os_strcmp(buf, "serial_number") == 0) {
  2319. if (os_strlen(pos) > 32) {
  2320. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2321. "serial_number", line);
  2322. errors++;
  2323. }
  2324. os_free(bss->serial_number);
  2325. bss->serial_number = os_strdup(pos);
  2326. } else if (os_strcmp(buf, "device_type") == 0) {
  2327. if (wps_dev_type_str2bin(pos, bss->device_type))
  2328. errors++;
  2329. } else if (os_strcmp(buf, "config_methods") == 0) {
  2330. os_free(bss->config_methods);
  2331. bss->config_methods = os_strdup(pos);
  2332. } else if (os_strcmp(buf, "os_version") == 0) {
  2333. if (hexstr2bin(pos, bss->os_version, 4)) {
  2334. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2335. "os_version", line);
  2336. errors++;
  2337. }
  2338. } else if (os_strcmp(buf, "ap_pin") == 0) {
  2339. os_free(bss->ap_pin);
  2340. bss->ap_pin = os_strdup(pos);
  2341. } else if (os_strcmp(buf, "skip_cred_build") == 0) {
  2342. bss->skip_cred_build = atoi(pos);
  2343. } else if (os_strcmp(buf, "extra_cred") == 0) {
  2344. os_free(bss->extra_cred);
  2345. bss->extra_cred =
  2346. (u8 *) os_readfile(pos, &bss->extra_cred_len);
  2347. if (bss->extra_cred == NULL) {
  2348. wpa_printf(MSG_ERROR, "Line %d: could not "
  2349. "read Credentials from '%s'",
  2350. line, pos);
  2351. errors++;
  2352. }
  2353. } else if (os_strcmp(buf, "wps_cred_processing") == 0) {
  2354. bss->wps_cred_processing = atoi(pos);
  2355. } else if (os_strcmp(buf, "ap_settings") == 0) {
  2356. os_free(bss->ap_settings);
  2357. bss->ap_settings =
  2358. (u8 *) os_readfile(pos, &bss->ap_settings_len);
  2359. if (bss->ap_settings == NULL) {
  2360. wpa_printf(MSG_ERROR, "Line %d: could not "
  2361. "read AP Settings from '%s'",
  2362. line, pos);
  2363. errors++;
  2364. }
  2365. } else if (os_strcmp(buf, "upnp_iface") == 0) {
  2366. bss->upnp_iface = os_strdup(pos);
  2367. } else if (os_strcmp(buf, "friendly_name") == 0) {
  2368. os_free(bss->friendly_name);
  2369. bss->friendly_name = os_strdup(pos);
  2370. } else if (os_strcmp(buf, "manufacturer_url") == 0) {
  2371. os_free(bss->manufacturer_url);
  2372. bss->manufacturer_url = os_strdup(pos);
  2373. } else if (os_strcmp(buf, "model_description") == 0) {
  2374. os_free(bss->model_description);
  2375. bss->model_description = os_strdup(pos);
  2376. } else if (os_strcmp(buf, "model_url") == 0) {
  2377. os_free(bss->model_url);
  2378. bss->model_url = os_strdup(pos);
  2379. } else if (os_strcmp(buf, "upc") == 0) {
  2380. os_free(bss->upc);
  2381. bss->upc = os_strdup(pos);
  2382. } else if (os_strcmp(buf, "pbc_in_m1") == 0) {
  2383. bss->pbc_in_m1 = atoi(pos);
  2384. #ifdef CONFIG_WPS_NFC
  2385. } else if (os_strcmp(buf, "wps_nfc_dev_pw_id") == 0) {
  2386. bss->wps_nfc_dev_pw_id = atoi(pos);
  2387. if (bss->wps_nfc_dev_pw_id < 0x10 ||
  2388. bss->wps_nfc_dev_pw_id > 0xffff) {
  2389. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2390. "wps_nfc_dev_pw_id value", line);
  2391. errors++;
  2392. }
  2393. } else if (os_strcmp(buf, "wps_nfc_dh_pubkey") == 0) {
  2394. wpabuf_free(bss->wps_nfc_dh_pubkey);
  2395. bss->wps_nfc_dh_pubkey = hostapd_parse_bin(pos);
  2396. } else if (os_strcmp(buf, "wps_nfc_dh_privkey") == 0) {
  2397. wpabuf_free(bss->wps_nfc_dh_privkey);
  2398. bss->wps_nfc_dh_privkey = hostapd_parse_bin(pos);
  2399. } else if (os_strcmp(buf, "wps_nfc_dev_pw") == 0) {
  2400. wpabuf_free(bss->wps_nfc_dev_pw);
  2401. bss->wps_nfc_dev_pw = hostapd_parse_bin(pos);
  2402. #endif /* CONFIG_WPS_NFC */
  2403. #endif /* CONFIG_WPS */
  2404. #ifdef CONFIG_P2P_MANAGER
  2405. } else if (os_strcmp(buf, "manage_p2p") == 0) {
  2406. int manage = atoi(pos);
  2407. if (manage)
  2408. bss->p2p |= P2P_MANAGE;
  2409. else
  2410. bss->p2p &= ~P2P_MANAGE;
  2411. } else if (os_strcmp(buf, "allow_cross_connection") == 0) {
  2412. if (atoi(pos))
  2413. bss->p2p |= P2P_ALLOW_CROSS_CONNECTION;
  2414. else
  2415. bss->p2p &= ~P2P_ALLOW_CROSS_CONNECTION;
  2416. #endif /* CONFIG_P2P_MANAGER */
  2417. } else if (os_strcmp(buf, "disassoc_low_ack") == 0) {
  2418. bss->disassoc_low_ack = atoi(pos);
  2419. } else if (os_strcmp(buf, "tdls_prohibit") == 0) {
  2420. int val = atoi(pos);
  2421. if (val)
  2422. bss->tdls |= TDLS_PROHIBIT;
  2423. else
  2424. bss->tdls &= ~TDLS_PROHIBIT;
  2425. } else if (os_strcmp(buf, "tdls_prohibit_chan_switch") == 0) {
  2426. int val = atoi(pos);
  2427. if (val)
  2428. bss->tdls |= TDLS_PROHIBIT_CHAN_SWITCH;
  2429. else
  2430. bss->tdls &= ~TDLS_PROHIBIT_CHAN_SWITCH;
  2431. #ifdef CONFIG_RSN_TESTING
  2432. } else if (os_strcmp(buf, "rsn_testing") == 0) {
  2433. extern int rsn_testing;
  2434. rsn_testing = atoi(pos);
  2435. #endif /* CONFIG_RSN_TESTING */
  2436. } else if (os_strcmp(buf, "time_advertisement") == 0) {
  2437. bss->time_advertisement = atoi(pos);
  2438. } else if (os_strcmp(buf, "time_zone") == 0) {
  2439. size_t tz_len = os_strlen(pos);
  2440. if (tz_len < 4 || tz_len > 255) {
  2441. wpa_printf(MSG_DEBUG, "Line %d: invalid "
  2442. "time_zone", line);
  2443. errors++;
  2444. return errors;
  2445. }
  2446. os_free(bss->time_zone);
  2447. bss->time_zone = os_strdup(pos);
  2448. if (bss->time_zone == NULL)
  2449. errors++;
  2450. #ifdef CONFIG_INTERWORKING
  2451. } else if (os_strcmp(buf, "interworking") == 0) {
  2452. bss->interworking = atoi(pos);
  2453. } else if (os_strcmp(buf, "access_network_type") == 0) {
  2454. bss->access_network_type = atoi(pos);
  2455. if (bss->access_network_type < 0 ||
  2456. bss->access_network_type > 15) {
  2457. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2458. "access_network_type", line);
  2459. errors++;
  2460. }
  2461. } else if (os_strcmp(buf, "internet") == 0) {
  2462. bss->internet = atoi(pos);
  2463. } else if (os_strcmp(buf, "asra") == 0) {
  2464. bss->asra = atoi(pos);
  2465. } else if (os_strcmp(buf, "esr") == 0) {
  2466. bss->esr = atoi(pos);
  2467. } else if (os_strcmp(buf, "uesa") == 0) {
  2468. bss->uesa = atoi(pos);
  2469. } else if (os_strcmp(buf, "venue_group") == 0) {
  2470. bss->venue_group = atoi(pos);
  2471. bss->venue_info_set = 1;
  2472. } else if (os_strcmp(buf, "venue_type") == 0) {
  2473. bss->venue_type = atoi(pos);
  2474. bss->venue_info_set = 1;
  2475. } else if (os_strcmp(buf, "hessid") == 0) {
  2476. if (hwaddr_aton(pos, bss->hessid)) {
  2477. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2478. "hessid", line);
  2479. errors++;
  2480. }
  2481. } else if (os_strcmp(buf, "roaming_consortium") == 0) {
  2482. if (parse_roaming_consortium(bss, pos, line) < 0)
  2483. errors++;
  2484. } else if (os_strcmp(buf, "venue_name") == 0) {
  2485. if (parse_venue_name(bss, pos, line) < 0)
  2486. errors++;
  2487. } else if (os_strcmp(buf, "network_auth_type") == 0) {
  2488. u8 auth_type;
  2489. u16 redirect_url_len;
  2490. if (hexstr2bin(pos, &auth_type, 1)) {
  2491. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2492. "network_auth_type '%s'",
  2493. line, pos);
  2494. errors++;
  2495. return errors;
  2496. }
  2497. if (auth_type == 0 || auth_type == 2)
  2498. redirect_url_len = os_strlen(pos + 2);
  2499. else
  2500. redirect_url_len = 0;
  2501. os_free(bss->network_auth_type);
  2502. bss->network_auth_type =
  2503. os_malloc(redirect_url_len + 3 + 1);
  2504. if (bss->network_auth_type == NULL) {
  2505. errors++;
  2506. return errors;
  2507. }
  2508. *bss->network_auth_type = auth_type;
  2509. WPA_PUT_LE16(bss->network_auth_type + 1,
  2510. redirect_url_len);
  2511. if (redirect_url_len)
  2512. os_memcpy(bss->network_auth_type + 3,
  2513. pos + 2, redirect_url_len);
  2514. bss->network_auth_type_len = 3 + redirect_url_len;
  2515. } else if (os_strcmp(buf, "ipaddr_type_availability") == 0) {
  2516. if (hexstr2bin(pos, &bss->ipaddr_type_availability, 1))
  2517. {
  2518. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2519. "ipaddr_type_availability '%s'",
  2520. line, pos);
  2521. bss->ipaddr_type_configured = 0;
  2522. errors++;
  2523. return errors;
  2524. }
  2525. bss->ipaddr_type_configured = 1;
  2526. } else if (os_strcmp(buf, "domain_name") == 0) {
  2527. int j, num_domains, domain_len, domain_list_len = 0;
  2528. char *tok_start, *tok_prev;
  2529. u8 *domain_list, *domain_ptr;
  2530. domain_list_len = os_strlen(pos) + 1;
  2531. domain_list = os_malloc(domain_list_len);
  2532. if (domain_list == NULL) {
  2533. errors++;
  2534. return errors;
  2535. }
  2536. domain_ptr = domain_list;
  2537. tok_prev = pos;
  2538. num_domains = 1;
  2539. while ((tok_prev = os_strchr(tok_prev, ','))) {
  2540. num_domains++;
  2541. tok_prev++;
  2542. }
  2543. tok_prev = pos;
  2544. for (j = 0; j < num_domains; j++) {
  2545. tok_start = os_strchr(tok_prev, ',');
  2546. if (tok_start) {
  2547. domain_len = tok_start - tok_prev;
  2548. *domain_ptr = domain_len;
  2549. os_memcpy(domain_ptr + 1, tok_prev,
  2550. domain_len);
  2551. domain_ptr += domain_len + 1;
  2552. tok_prev = ++tok_start;
  2553. } else {
  2554. domain_len = os_strlen(tok_prev);
  2555. *domain_ptr = domain_len;
  2556. os_memcpy(domain_ptr + 1, tok_prev,
  2557. domain_len);
  2558. domain_ptr += domain_len + 1;
  2559. }
  2560. }
  2561. os_free(bss->domain_name);
  2562. bss->domain_name = domain_list;
  2563. bss->domain_name_len = domain_list_len;
  2564. } else if (os_strcmp(buf, "anqp_3gpp_cell_net") == 0) {
  2565. if (parse_3gpp_cell_net(bss, pos, line) < 0)
  2566. errors++;
  2567. } else if (os_strcmp(buf, "nai_realm") == 0) {
  2568. if (parse_nai_realm(bss, pos, line) < 0)
  2569. errors++;
  2570. } else if (os_strcmp(buf, "gas_frag_limit") == 0) {
  2571. bss->gas_frag_limit = atoi(pos);
  2572. } else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
  2573. bss->gas_comeback_delay = atoi(pos);
  2574. #endif /* CONFIG_INTERWORKING */
  2575. #ifdef CONFIG_RADIUS_TEST
  2576. } else if (os_strcmp(buf, "dump_msk_file") == 0) {
  2577. os_free(bss->dump_msk_file);
  2578. bss->dump_msk_file = os_strdup(pos);
  2579. #endif /* CONFIG_RADIUS_TEST */
  2580. #ifdef CONFIG_HS20
  2581. } else if (os_strcmp(buf, "hs20") == 0) {
  2582. bss->hs20 = atoi(pos);
  2583. } else if (os_strcmp(buf, "disable_dgaf") == 0) {
  2584. bss->disable_dgaf = atoi(pos);
  2585. } else if (os_strcmp(buf, "hs20_oper_friendly_name") == 0) {
  2586. if (hs20_parse_oper_friendly_name(bss, pos, line) < 0)
  2587. errors++;
  2588. } else if (os_strcmp(buf, "hs20_wan_metrics") == 0) {
  2589. if (hs20_parse_wan_metrics(bss, pos, line) < 0) {
  2590. errors++;
  2591. return errors;
  2592. }
  2593. } else if (os_strcmp(buf, "hs20_conn_capab") == 0) {
  2594. if (hs20_parse_conn_capab(bss, pos, line) < 0) {
  2595. errors++;
  2596. return errors;
  2597. }
  2598. } else if (os_strcmp(buf, "hs20_operating_class") == 0) {
  2599. u8 *oper_class;
  2600. size_t oper_class_len;
  2601. oper_class_len = os_strlen(pos);
  2602. if (oper_class_len < 2 || (oper_class_len & 0x01)) {
  2603. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2604. "hs20_operating_class '%s'",
  2605. line, pos);
  2606. errors++;
  2607. return errors;
  2608. }
  2609. oper_class_len /= 2;
  2610. oper_class = os_malloc(oper_class_len);
  2611. if (oper_class == NULL) {
  2612. errors++;
  2613. return errors;
  2614. }
  2615. if (hexstr2bin(pos, oper_class, oper_class_len)) {
  2616. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2617. "hs20_operating_class '%s'",
  2618. line, pos);
  2619. os_free(oper_class);
  2620. errors++;
  2621. return errors;
  2622. }
  2623. os_free(bss->hs20_operating_class);
  2624. bss->hs20_operating_class = oper_class;
  2625. bss->hs20_operating_class_len = oper_class_len;
  2626. #endif /* CONFIG_HS20 */
  2627. } else if (os_strcmp(buf, "vendor_elements") == 0) {
  2628. struct wpabuf *elems;
  2629. size_t len = os_strlen(pos);
  2630. if (len & 0x01) {
  2631. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2632. "vendor_elements '%s'", line, pos);
  2633. return 1;
  2634. }
  2635. len /= 2;
  2636. if (len == 0) {
  2637. wpabuf_free(bss->vendor_elements);
  2638. bss->vendor_elements = NULL;
  2639. return 0;
  2640. }
  2641. elems = wpabuf_alloc(len);
  2642. if (elems == NULL)
  2643. return 1;
  2644. if (hexstr2bin(pos, wpabuf_put(elems, len), len)) {
  2645. wpabuf_free(elems);
  2646. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2647. "vendor_elements '%s'", line, pos);
  2648. return 1;
  2649. }
  2650. wpabuf_free(bss->vendor_elements);
  2651. bss->vendor_elements = elems;
  2652. } else {
  2653. wpa_printf(MSG_ERROR, "Line %d: unknown configuration "
  2654. "item '%s'", line, buf);
  2655. errors++;
  2656. }
  2657. }
  2658. return errors;
  2659. }
  2660. static void hostapd_set_security_params(struct hostapd_bss_config *bss)
  2661. {
  2662. int pairwise;
  2663. if (bss->individual_wep_key_len == 0) {
  2664. /* individual keys are not use; can use key idx0 for
  2665. * broadcast keys */
  2666. bss->broadcast_key_idx_min = 0;
  2667. }
  2668. /* Select group cipher based on the enabled pairwise cipher
  2669. * suites */
  2670. pairwise = 0;
  2671. if (bss->wpa & 1)
  2672. pairwise |= bss->wpa_pairwise;
  2673. if (bss->wpa & 2) {
  2674. if (bss->rsn_pairwise == 0)
  2675. bss->rsn_pairwise = bss->wpa_pairwise;
  2676. pairwise |= bss->rsn_pairwise;
  2677. }
  2678. if (pairwise & WPA_CIPHER_TKIP)
  2679. bss->wpa_group = WPA_CIPHER_TKIP;
  2680. else if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ==
  2681. WPA_CIPHER_GCMP)
  2682. bss->wpa_group = WPA_CIPHER_GCMP;
  2683. else
  2684. bss->wpa_group = WPA_CIPHER_CCMP;
  2685. bss->radius->auth_server = bss->radius->auth_servers;
  2686. bss->radius->acct_server = bss->radius->acct_servers;
  2687. if (bss->wpa && bss->ieee802_1x) {
  2688. bss->ssid.security_policy = SECURITY_WPA;
  2689. } else if (bss->wpa) {
  2690. bss->ssid.security_policy = SECURITY_WPA_PSK;
  2691. } else if (bss->ieee802_1x) {
  2692. int cipher = WPA_CIPHER_NONE;
  2693. bss->ssid.security_policy = SECURITY_IEEE_802_1X;
  2694. bss->ssid.wep.default_len = bss->default_wep_key_len;
  2695. if (bss->default_wep_key_len)
  2696. cipher = bss->default_wep_key_len >= 13 ?
  2697. WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
  2698. bss->wpa_group = cipher;
  2699. bss->wpa_pairwise = cipher;
  2700. bss->rsn_pairwise = cipher;
  2701. } else if (bss->ssid.wep.keys_set) {
  2702. int cipher = WPA_CIPHER_WEP40;
  2703. if (bss->ssid.wep.len[0] >= 13)
  2704. cipher = WPA_CIPHER_WEP104;
  2705. bss->ssid.security_policy = SECURITY_STATIC_WEP;
  2706. bss->wpa_group = cipher;
  2707. bss->wpa_pairwise = cipher;
  2708. bss->rsn_pairwise = cipher;
  2709. } else {
  2710. bss->ssid.security_policy = SECURITY_PLAINTEXT;
  2711. bss->wpa_group = WPA_CIPHER_NONE;
  2712. bss->wpa_pairwise = WPA_CIPHER_NONE;
  2713. bss->rsn_pairwise = WPA_CIPHER_NONE;
  2714. }
  2715. }
  2716. /**
  2717. * hostapd_config_read - Read and parse a configuration file
  2718. * @fname: Configuration file name (including path, if needed)
  2719. * Returns: Allocated configuration data structure
  2720. */
  2721. struct hostapd_config * hostapd_config_read(const char *fname)
  2722. {
  2723. struct hostapd_config *conf;
  2724. struct hostapd_bss_config *bss;
  2725. FILE *f;
  2726. char buf[512], *pos;
  2727. int line = 0;
  2728. int errors = 0;
  2729. size_t i;
  2730. f = fopen(fname, "r");
  2731. if (f == NULL) {
  2732. wpa_printf(MSG_ERROR, "Could not open configuration file '%s' "
  2733. "for reading.", fname);
  2734. return NULL;
  2735. }
  2736. conf = hostapd_config_defaults();
  2737. if (conf == NULL) {
  2738. fclose(f);
  2739. return NULL;
  2740. }
  2741. /* set default driver based on configuration */
  2742. conf->driver = wpa_drivers[0];
  2743. if (conf->driver == NULL) {
  2744. wpa_printf(MSG_ERROR, "No driver wrappers registered!");
  2745. hostapd_config_free(conf);
  2746. fclose(f);
  2747. return NULL;
  2748. }
  2749. bss = conf->last_bss = conf->bss;
  2750. while (fgets(buf, sizeof(buf), f)) {
  2751. bss = conf->last_bss;
  2752. line++;
  2753. if (buf[0] == '#')
  2754. continue;
  2755. pos = buf;
  2756. while (*pos != '\0') {
  2757. if (*pos == '\n') {
  2758. *pos = '\0';
  2759. break;
  2760. }
  2761. pos++;
  2762. }
  2763. if (buf[0] == '\0')
  2764. continue;
  2765. pos = os_strchr(buf, '=');
  2766. if (pos == NULL) {
  2767. wpa_printf(MSG_ERROR, "Line %d: invalid line '%s'",
  2768. line, buf);
  2769. errors++;
  2770. continue;
  2771. }
  2772. *pos = '\0';
  2773. pos++;
  2774. errors += hostapd_config_fill(conf, bss, buf, pos, line);
  2775. }
  2776. fclose(f);
  2777. for (i = 0; i < conf->num_bss; i++)
  2778. hostapd_set_security_params(&conf->bss[i]);
  2779. if (hostapd_config_check(conf))
  2780. errors++;
  2781. #ifndef WPA_IGNORE_CONFIG_ERRORS
  2782. if (errors) {
  2783. wpa_printf(MSG_ERROR, "%d errors found in configuration file "
  2784. "'%s'", errors, fname);
  2785. hostapd_config_free(conf);
  2786. conf = NULL;
  2787. }
  2788. #endif /* WPA_IGNORE_CONFIG_ERRORS */
  2789. return conf;
  2790. }
  2791. int hostapd_set_iface(struct hostapd_config *conf,
  2792. struct hostapd_bss_config *bss, char *field, char *value)
  2793. {
  2794. int errors;
  2795. size_t i;
  2796. errors = hostapd_config_fill(conf, bss, field, value, 0);
  2797. if (errors) {
  2798. wpa_printf(MSG_INFO, "Failed to set configuration field '%s' "
  2799. "to value '%s'", field, value);
  2800. return -1;
  2801. }
  2802. for (i = 0; i < conf->num_bss; i++)
  2803. hostapd_set_security_params(&conf->bss[i]);
  2804. if (hostapd_config_check(conf)) {
  2805. wpa_printf(MSG_ERROR, "Configuration check failed");
  2806. return -1;
  2807. }
  2808. return 0;
  2809. }