config.h 33 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036
  1. /*
  2. * WPA Supplicant / Configuration file structures
  3. * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
  4. *
  5. * This software may be distributed under the terms of the BSD license.
  6. * See README for more details.
  7. */
  8. #ifndef CONFIG_H
  9. #define CONFIG_H
  10. #define DEFAULT_EAPOL_VERSION 1
  11. #ifdef CONFIG_NO_SCAN_PROCESSING
  12. #define DEFAULT_AP_SCAN 2
  13. #else /* CONFIG_NO_SCAN_PROCESSING */
  14. #define DEFAULT_AP_SCAN 1
  15. #endif /* CONFIG_NO_SCAN_PROCESSING */
  16. #define DEFAULT_FAST_REAUTH 1
  17. #define DEFAULT_P2P_GO_INTENT 7
  18. #define DEFAULT_P2P_INTRA_BSS 1
  19. #define DEFAULT_P2P_GO_MAX_INACTIVITY (5 * 60)
  20. #define DEFAULT_BSS_MAX_COUNT 200
  21. #define DEFAULT_BSS_EXPIRATION_AGE 180
  22. #define DEFAULT_BSS_EXPIRATION_SCAN_COUNT 2
  23. #define DEFAULT_MAX_NUM_STA 128
  24. #define DEFAULT_ACCESS_NETWORK_TYPE 15
  25. #define DEFAULT_SCAN_CUR_FREQ 0
  26. #include "config_ssid.h"
  27. #include "wps/wps.h"
  28. #include "common/ieee802_11_common.h"
  29. struct wpa_cred {
  30. /**
  31. * next - Next credential in the list
  32. *
  33. * This pointer can be used to iterate over all credentials. The head
  34. * of this list is stored in the cred field of struct wpa_config.
  35. */
  36. struct wpa_cred *next;
  37. /**
  38. * id - Unique id for the credential
  39. *
  40. * This identifier is used as a unique identifier for each credential
  41. * block when using the control interface. Each credential is allocated
  42. * an id when it is being created, either when reading the
  43. * configuration file or when a new credential is added through the
  44. * control interface.
  45. */
  46. int id;
  47. /**
  48. * temporary - Whether this credential is temporary and not to be saved
  49. */
  50. int temporary;
  51. /**
  52. * priority - Priority group
  53. *
  54. * By default, all networks and credentials get the same priority group
  55. * (0). This field can be used to give higher priority for credentials
  56. * (and similarly in struct wpa_ssid for network blocks) to change the
  57. * Interworking automatic networking selection behavior. The matching
  58. * network (based on either an enabled network block or a credential)
  59. * with the highest priority value will be selected.
  60. */
  61. int priority;
  62. /**
  63. * pcsc - Use PC/SC and SIM/USIM card
  64. */
  65. int pcsc;
  66. /**
  67. * realm - Home Realm for Interworking
  68. */
  69. char *realm;
  70. /**
  71. * username - Username for Interworking network selection
  72. */
  73. char *username;
  74. /**
  75. * password - Password for Interworking network selection
  76. */
  77. char *password;
  78. /**
  79. * ext_password - Whether password is a name for external storage
  80. */
  81. int ext_password;
  82. /**
  83. * ca_cert - CA certificate for Interworking network selection
  84. */
  85. char *ca_cert;
  86. /**
  87. * client_cert - File path to client certificate file (PEM/DER)
  88. *
  89. * This field is used with Interworking networking selection for a case
  90. * where client certificate/private key is used for authentication
  91. * (EAP-TLS). Full path to the file should be used since working
  92. * directory may change when wpa_supplicant is run in the background.
  93. *
  94. * Alternatively, a named configuration blob can be used by setting
  95. * this to blob://blob_name.
  96. */
  97. char *client_cert;
  98. /**
  99. * private_key - File path to client private key file (PEM/DER/PFX)
  100. *
  101. * When PKCS#12/PFX file (.p12/.pfx) is used, client_cert should be
  102. * commented out. Both the private key and certificate will be read
  103. * from the PKCS#12 file in this case. Full path to the file should be
  104. * used since working directory may change when wpa_supplicant is run
  105. * in the background.
  106. *
  107. * Windows certificate store can be used by leaving client_cert out and
  108. * configuring private_key in one of the following formats:
  109. *
  110. * cert://substring_to_match
  111. *
  112. * hash://certificate_thumbprint_in_hex
  113. *
  114. * For example: private_key="hash://63093aa9c47f56ae88334c7b65a4"
  115. *
  116. * Note that when running wpa_supplicant as an application, the user
  117. * certificate store (My user account) is used, whereas computer store
  118. * (Computer account) is used when running wpasvc as a service.
  119. *
  120. * Alternatively, a named configuration blob can be used by setting
  121. * this to blob://blob_name.
  122. */
  123. char *private_key;
  124. /**
  125. * private_key_passwd - Password for private key file
  126. */
  127. char *private_key_passwd;
  128. /**
  129. * imsi - IMSI in <MCC> | <MNC> | '-' | <MSIN> format
  130. */
  131. char *imsi;
  132. /**
  133. * milenage - Milenage parameters for SIM/USIM simulator in
  134. * <Ki>:<OPc>:<SQN> format
  135. */
  136. char *milenage;
  137. /**
  138. * domain_suffix_match - Constraint for server domain name
  139. *
  140. * If set, this FQDN is used as a suffix match requirement for the AAA
  141. * server certificate in SubjectAltName dNSName element(s). If a
  142. * matching dNSName is found, this constraint is met. If no dNSName
  143. * values are present, this constraint is matched against SubjetName CN
  144. * using same suffix match comparison. Suffix match here means that the
  145. * host/domain name is compared one label at a time starting from the
  146. * top-level domain and all the labels in @domain_suffix_match shall be
  147. * included in the certificate. The certificate may include additional
  148. * sub-level labels in addition to the required labels.
  149. *
  150. * For example, domain_suffix_match=example.com would match
  151. * test.example.com but would not match test-example.com.
  152. */
  153. char *domain_suffix_match;
  154. /**
  155. * domain - Home service provider FQDN(s)
  156. *
  157. * This is used to compare against the Domain Name List to figure out
  158. * whether the AP is operated by the Home SP. Multiple domain entries
  159. * can be used to configure alternative FQDNs that will be considered
  160. * home networks.
  161. */
  162. char **domain;
  163. /**
  164. * num_domain - Number of FQDNs in the domain array
  165. */
  166. size_t num_domain;
  167. /**
  168. * roaming_consortium - Roaming Consortium OI
  169. *
  170. * If roaming_consortium_len is non-zero, this field contains the
  171. * Roaming Consortium OI that can be used to determine which access
  172. * points support authentication with this credential. This is an
  173. * alternative to the use of the realm parameter. When using Roaming
  174. * Consortium to match the network, the EAP parameters need to be
  175. * pre-configured with the credential since the NAI Realm information
  176. * may not be available or fetched.
  177. */
  178. u8 roaming_consortium[15];
  179. /**
  180. * roaming_consortium_len - Length of roaming_consortium
  181. */
  182. size_t roaming_consortium_len;
  183. u8 required_roaming_consortium[15];
  184. size_t required_roaming_consortium_len;
  185. /**
  186. * eap_method - EAP method to use
  187. *
  188. * Pre-configured EAP method to use with this credential or %NULL to
  189. * indicate no EAP method is selected, i.e., the method will be
  190. * selected automatically based on ANQP information.
  191. */
  192. struct eap_method_type *eap_method;
  193. /**
  194. * phase1 - Phase 1 (outer authentication) parameters
  195. *
  196. * Pre-configured EAP parameters or %NULL.
  197. */
  198. char *phase1;
  199. /**
  200. * phase2 - Phase 2 (inner authentication) parameters
  201. *
  202. * Pre-configured EAP parameters or %NULL.
  203. */
  204. char *phase2;
  205. struct excluded_ssid {
  206. u8 ssid[MAX_SSID_LEN];
  207. size_t ssid_len;
  208. } *excluded_ssid;
  209. size_t num_excluded_ssid;
  210. };
  211. #define CFG_CHANGED_DEVICE_NAME BIT(0)
  212. #define CFG_CHANGED_CONFIG_METHODS BIT(1)
  213. #define CFG_CHANGED_DEVICE_TYPE BIT(2)
  214. #define CFG_CHANGED_OS_VERSION BIT(3)
  215. #define CFG_CHANGED_UUID BIT(4)
  216. #define CFG_CHANGED_COUNTRY BIT(5)
  217. #define CFG_CHANGED_SEC_DEVICE_TYPE BIT(6)
  218. #define CFG_CHANGED_P2P_SSID_POSTFIX BIT(7)
  219. #define CFG_CHANGED_WPS_STRING BIT(8)
  220. #define CFG_CHANGED_P2P_INTRA_BSS BIT(9)
  221. #define CFG_CHANGED_VENDOR_EXTENSION BIT(10)
  222. #define CFG_CHANGED_P2P_LISTEN_CHANNEL BIT(11)
  223. #define CFG_CHANGED_P2P_OPER_CHANNEL BIT(12)
  224. #define CFG_CHANGED_P2P_PREF_CHAN BIT(13)
  225. #define CFG_CHANGED_EXT_PW_BACKEND BIT(14)
  226. #define CFG_CHANGED_NFC_PASSWORD_TOKEN BIT(15)
  227. /**
  228. * struct wpa_config - wpa_supplicant configuration data
  229. *
  230. * This data structure is presents the per-interface (radio) configuration
  231. * data. In many cases, there is only one struct wpa_config instance, but if
  232. * more than one network interface is being controlled, one instance is used
  233. * for each.
  234. */
  235. struct wpa_config {
  236. /**
  237. * ssid - Head of the global network list
  238. *
  239. * This is the head for the list of all the configured networks.
  240. */
  241. struct wpa_ssid *ssid;
  242. /**
  243. * pssid - Per-priority network lists (in priority order)
  244. */
  245. struct wpa_ssid **pssid;
  246. /**
  247. * num_prio - Number of different priorities used in the pssid lists
  248. *
  249. * This indicates how many per-priority network lists are included in
  250. * pssid.
  251. */
  252. int num_prio;
  253. /**
  254. * cred - Head of the credential list
  255. *
  256. * This is the head for the list of all the configured credentials.
  257. */
  258. struct wpa_cred *cred;
  259. /**
  260. * eapol_version - IEEE 802.1X/EAPOL version number
  261. *
  262. * wpa_supplicant is implemented based on IEEE Std 802.1X-2004 which
  263. * defines EAPOL version 2. However, there are many APs that do not
  264. * handle the new version number correctly (they seem to drop the
  265. * frames completely). In order to make wpa_supplicant interoperate
  266. * with these APs, the version number is set to 1 by default. This
  267. * configuration value can be used to set it to the new version (2).
  268. */
  269. int eapol_version;
  270. /**
  271. * ap_scan - AP scanning/selection
  272. *
  273. * By default, wpa_supplicant requests driver to perform AP
  274. * scanning and then uses the scan results to select a
  275. * suitable AP. Another alternative is to allow the driver to
  276. * take care of AP scanning and selection and use
  277. * wpa_supplicant just to process EAPOL frames based on IEEE
  278. * 802.11 association information from the driver.
  279. *
  280. * 1: wpa_supplicant initiates scanning and AP selection (default).
  281. *
  282. * 0: Driver takes care of scanning, AP selection, and IEEE 802.11
  283. * association parameters (e.g., WPA IE generation); this mode can
  284. * also be used with non-WPA drivers when using IEEE 802.1X mode;
  285. * do not try to associate with APs (i.e., external program needs
  286. * to control association). This mode must also be used when using
  287. * wired Ethernet drivers.
  288. *
  289. * 2: like 0, but associate with APs using security policy and SSID
  290. * (but not BSSID); this can be used, e.g., with ndiswrapper and NDIS
  291. * drivers to enable operation with hidden SSIDs and optimized roaming;
  292. * in this mode, the network blocks in the configuration are tried
  293. * one by one until the driver reports successful association; each
  294. * network block should have explicit security policy (i.e., only one
  295. * option in the lists) for key_mgmt, pairwise, group, proto variables.
  296. */
  297. int ap_scan;
  298. /**
  299. * bgscan - Background scan and roaming parameters or %NULL if none
  300. *
  301. * This is an optional set of parameters for background scanning and
  302. * roaming within a network (ESS). For more detailed information see
  303. * ssid block documentation.
  304. *
  305. * The variable defines default bgscan behavior for all BSS station
  306. * networks except for those which have their own bgscan configuration.
  307. */
  308. char *bgscan;
  309. /**
  310. * disable_scan_offload - Disable automatic offloading of scan requests
  311. *
  312. * By default, %wpa_supplicant tries to offload scanning if the driver
  313. * indicates support for this (sched_scan). This configuration
  314. * parameter can be used to disable this offloading mechanism.
  315. */
  316. int disable_scan_offload;
  317. /**
  318. * ctrl_interface - Parameters for the control interface
  319. *
  320. * If this is specified, %wpa_supplicant will open a control interface
  321. * that is available for external programs to manage %wpa_supplicant.
  322. * The meaning of this string depends on which control interface
  323. * mechanism is used. For all cases, the existence of this parameter
  324. * in configuration is used to determine whether the control interface
  325. * is enabled.
  326. *
  327. * For UNIX domain sockets (default on Linux and BSD): This is a
  328. * directory that will be created for UNIX domain sockets for listening
  329. * to requests from external programs (CLI/GUI, etc.) for status
  330. * information and configuration. The socket file will be named based
  331. * on the interface name, so multiple %wpa_supplicant processes can be
  332. * run at the same time if more than one interface is used.
  333. * /var/run/wpa_supplicant is the recommended directory for sockets and
  334. * by default, wpa_cli will use it when trying to connect with
  335. * %wpa_supplicant.
  336. *
  337. * Access control for the control interface can be configured
  338. * by setting the directory to allow only members of a group
  339. * to use sockets. This way, it is possible to run
  340. * %wpa_supplicant as root (since it needs to change network
  341. * configuration and open raw sockets) and still allow GUI/CLI
  342. * components to be run as non-root users. However, since the
  343. * control interface can be used to change the network
  344. * configuration, this access needs to be protected in many
  345. * cases. By default, %wpa_supplicant is configured to use gid
  346. * 0 (root). If you want to allow non-root users to use the
  347. * control interface, add a new group and change this value to
  348. * match with that group. Add users that should have control
  349. * interface access to this group.
  350. *
  351. * When configuring both the directory and group, use following format:
  352. * DIR=/var/run/wpa_supplicant GROUP=wheel
  353. * DIR=/var/run/wpa_supplicant GROUP=0
  354. * (group can be either group name or gid)
  355. *
  356. * For UDP connections (default on Windows): The value will be ignored.
  357. * This variable is just used to select that the control interface is
  358. * to be created. The value can be set to, e.g., udp
  359. * (ctrl_interface=udp).
  360. *
  361. * For Windows Named Pipe: This value can be used to set the security
  362. * descriptor for controlling access to the control interface. Security
  363. * descriptor can be set using Security Descriptor String Format (see
  364. * http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/security_descriptor_string_format.asp).
  365. * The descriptor string needs to be prefixed with SDDL=. For example,
  366. * ctrl_interface=SDDL=D: would set an empty DACL (which will reject
  367. * all connections).
  368. */
  369. char *ctrl_interface;
  370. /**
  371. * ctrl_interface_group - Control interface group (DEPRECATED)
  372. *
  373. * This variable is only used for backwards compatibility. Group for
  374. * UNIX domain sockets should now be specified using GROUP=group in
  375. * ctrl_interface variable.
  376. */
  377. char *ctrl_interface_group;
  378. /**
  379. * fast_reauth - EAP fast re-authentication (session resumption)
  380. *
  381. * By default, fast re-authentication is enabled for all EAP methods
  382. * that support it. This variable can be used to disable fast
  383. * re-authentication (by setting fast_reauth=0). Normally, there is no
  384. * need to disable fast re-authentication.
  385. */
  386. int fast_reauth;
  387. /**
  388. * opensc_engine_path - Path to the OpenSSL engine for opensc
  389. *
  390. * This is an OpenSSL specific configuration option for loading OpenSC
  391. * engine (engine_opensc.so); if %NULL, this engine is not loaded.
  392. */
  393. char *opensc_engine_path;
  394. /**
  395. * pkcs11_engine_path - Path to the OpenSSL engine for PKCS#11
  396. *
  397. * This is an OpenSSL specific configuration option for loading PKCS#11
  398. * engine (engine_pkcs11.so); if %NULL, this engine is not loaded.
  399. */
  400. char *pkcs11_engine_path;
  401. /**
  402. * pkcs11_module_path - Path to the OpenSSL OpenSC/PKCS#11 module
  403. *
  404. * This is an OpenSSL specific configuration option for configuring
  405. * path to OpenSC/PKCS#11 engine (opensc-pkcs11.so); if %NULL, this
  406. * module is not loaded.
  407. */
  408. char *pkcs11_module_path;
  409. /**
  410. * pcsc_reader - PC/SC reader name prefix
  411. *
  412. * If not %NULL, PC/SC reader with a name that matches this prefix is
  413. * initialized for SIM/USIM access. Empty string can be used to match
  414. * the first available reader.
  415. */
  416. char *pcsc_reader;
  417. /**
  418. * pcsc_pin - PIN for USIM, GSM SIM, and smartcards
  419. *
  420. * This field is used to configure PIN for SIM/USIM for EAP-SIM and
  421. * EAP-AKA. If left out, this will be asked through control interface.
  422. */
  423. char *pcsc_pin;
  424. /**
  425. * external_sim - Use external processing for SIM/USIM operations
  426. */
  427. int external_sim;
  428. /**
  429. * driver_param - Driver interface parameters
  430. *
  431. * This text string is passed to the selected driver interface with the
  432. * optional struct wpa_driver_ops::set_param() handler. This can be
  433. * used to configure driver specific options without having to add new
  434. * driver interface functionality.
  435. */
  436. char *driver_param;
  437. /**
  438. * dot11RSNAConfigPMKLifetime - Maximum lifetime of a PMK
  439. *
  440. * dot11 MIB variable for the maximum lifetime of a PMK in the PMK
  441. * cache (unit: seconds).
  442. */
  443. unsigned int dot11RSNAConfigPMKLifetime;
  444. /**
  445. * dot11RSNAConfigPMKReauthThreshold - PMK re-authentication threshold
  446. *
  447. * dot11 MIB variable for the percentage of the PMK lifetime
  448. * that should expire before an IEEE 802.1X reauthentication occurs.
  449. */
  450. unsigned int dot11RSNAConfigPMKReauthThreshold;
  451. /**
  452. * dot11RSNAConfigSATimeout - Security association timeout
  453. *
  454. * dot11 MIB variable for the maximum time a security association
  455. * shall take to set up (unit: seconds).
  456. */
  457. unsigned int dot11RSNAConfigSATimeout;
  458. /**
  459. * update_config - Is wpa_supplicant allowed to update configuration
  460. *
  461. * This variable control whether wpa_supplicant is allow to re-write
  462. * its configuration with wpa_config_write(). If this is zero,
  463. * configuration data is only changed in memory and the external data
  464. * is not overriden. If this is non-zero, wpa_supplicant will update
  465. * the configuration data (e.g., a file) whenever configuration is
  466. * changed. This update may replace the old configuration which can
  467. * remove comments from it in case of a text file configuration.
  468. */
  469. int update_config;
  470. /**
  471. * blobs - Configuration blobs
  472. */
  473. struct wpa_config_blob *blobs;
  474. /**
  475. * uuid - Universally Unique IDentifier (UUID; see RFC 4122) for WPS
  476. */
  477. u8 uuid[16];
  478. /**
  479. * device_name - Device Name (WPS)
  480. * User-friendly description of device; up to 32 octets encoded in
  481. * UTF-8
  482. */
  483. char *device_name;
  484. /**
  485. * manufacturer - Manufacturer (WPS)
  486. * The manufacturer of the device (up to 64 ASCII characters)
  487. */
  488. char *manufacturer;
  489. /**
  490. * model_name - Model Name (WPS)
  491. * Model of the device (up to 32 ASCII characters)
  492. */
  493. char *model_name;
  494. /**
  495. * model_number - Model Number (WPS)
  496. * Additional device description (up to 32 ASCII characters)
  497. */
  498. char *model_number;
  499. /**
  500. * serial_number - Serial Number (WPS)
  501. * Serial number of the device (up to 32 characters)
  502. */
  503. char *serial_number;
  504. /**
  505. * device_type - Primary Device Type (WPS)
  506. */
  507. u8 device_type[WPS_DEV_TYPE_LEN];
  508. /**
  509. * config_methods - Config Methods
  510. *
  511. * This is a space-separated list of supported WPS configuration
  512. * methods. For example, "label virtual_display virtual_push_button
  513. * keypad".
  514. * Available methods: usba ethernet label display ext_nfc_token
  515. * int_nfc_token nfc_interface push_button keypad
  516. * virtual_display physical_display
  517. * virtual_push_button physical_push_button.
  518. */
  519. char *config_methods;
  520. /**
  521. * os_version - OS Version (WPS)
  522. * 4-octet operating system version number
  523. */
  524. u8 os_version[4];
  525. /**
  526. * country - Country code
  527. *
  528. * This is the ISO/IEC alpha2 country code for which we are operating
  529. * in
  530. */
  531. char country[2];
  532. /**
  533. * wps_cred_processing - Credential processing
  534. *
  535. * 0 = process received credentials internally
  536. * 1 = do not process received credentials; just pass them over
  537. * ctrl_iface to external program(s)
  538. * 2 = process received credentials internally and pass them over
  539. * ctrl_iface to external program(s)
  540. */
  541. int wps_cred_processing;
  542. #define MAX_SEC_DEVICE_TYPES 5
  543. /**
  544. * sec_device_types - Secondary Device Types (P2P)
  545. */
  546. u8 sec_device_type[MAX_SEC_DEVICE_TYPES][WPS_DEV_TYPE_LEN];
  547. int num_sec_device_types;
  548. int p2p_listen_reg_class;
  549. int p2p_listen_channel;
  550. int p2p_oper_reg_class;
  551. int p2p_oper_channel;
  552. int p2p_go_intent;
  553. char *p2p_ssid_postfix;
  554. int persistent_reconnect;
  555. int p2p_intra_bss;
  556. unsigned int num_p2p_pref_chan;
  557. struct p2p_channel *p2p_pref_chan;
  558. struct wpa_freq_range_list p2p_no_go_freq;
  559. int p2p_add_cli_chan;
  560. int p2p_ignore_shared_freq;
  561. struct wpabuf *wps_vendor_ext_m1;
  562. #define MAX_WPS_VENDOR_EXT 10
  563. /**
  564. * wps_vendor_ext - Vendor extension attributes in WPS
  565. */
  566. struct wpabuf *wps_vendor_ext[MAX_WPS_VENDOR_EXT];
  567. /**
  568. * p2p_group_idle - Maximum idle time in seconds for P2P group
  569. *
  570. * This value controls how long a P2P group is maintained after there
  571. * is no other members in the group. As a GO, this means no associated
  572. * stations in the group. As a P2P client, this means no GO seen in
  573. * scan results. The maximum idle time is specified in seconds with 0
  574. * indicating no time limit, i.e., the P2P group remains in active
  575. * state indefinitely until explicitly removed. As a P2P client, the
  576. * maximum idle time of P2P_MAX_CLIENT_IDLE seconds is enforced, i.e.,
  577. * this parameter is mainly meant for GO use and for P2P client, it can
  578. * only be used to reduce the default timeout to smaller value. A
  579. * special value -1 can be used to configure immediate removal of the
  580. * group for P2P client role on any disconnection after the data
  581. * connection has been established.
  582. */
  583. int p2p_group_idle;
  584. /**
  585. * bss_max_count - Maximum number of BSS entries to keep in memory
  586. */
  587. unsigned int bss_max_count;
  588. /**
  589. * bss_expiration_age - BSS entry age after which it can be expired
  590. *
  591. * This value controls the time in seconds after which a BSS entry
  592. * gets removed if it has not been updated or is not in use.
  593. */
  594. unsigned int bss_expiration_age;
  595. /**
  596. * bss_expiration_scan_count - Expire BSS after number of scans
  597. *
  598. * If the BSS entry has not been seen in this many scans, it will be
  599. * removed. A value of 1 means that entry is removed after the first
  600. * scan in which the BSSID is not seen. Larger values can be used
  601. * to avoid BSS entries disappearing if they are not visible in
  602. * every scan (e.g., low signal quality or interference).
  603. */
  604. unsigned int bss_expiration_scan_count;
  605. /**
  606. * filter_ssids - SSID-based scan result filtering
  607. *
  608. * 0 = do not filter scan results
  609. * 1 = only include configured SSIDs in scan results/BSS table
  610. */
  611. int filter_ssids;
  612. /**
  613. * filter_rssi - RSSI-based scan result filtering
  614. *
  615. * 0 = do not filter scan results
  616. * -n = filter scan results below -n dBm
  617. */
  618. int filter_rssi;
  619. /**
  620. * max_num_sta - Maximum number of STAs in an AP/P2P GO
  621. */
  622. unsigned int max_num_sta;
  623. /**
  624. * freq_list - Array of allowed scan frequencies or %NULL for all
  625. *
  626. * This is an optional zero-terminated array of frequencies in
  627. * megahertz (MHz) to allow for narrowing scanning range.
  628. */
  629. int *freq_list;
  630. /**
  631. * scan_cur_freq - Whether to scan only the current channel
  632. *
  633. * If true, attempt to scan only the current channel if any other
  634. * VIFs on this radio are already associated on a particular channel.
  635. */
  636. int scan_cur_freq;
  637. /**
  638. * changed_parameters - Bitmap of changed parameters since last update
  639. */
  640. unsigned int changed_parameters;
  641. /**
  642. * disassoc_low_ack - Disassocicate stations with massive packet loss
  643. */
  644. int disassoc_low_ack;
  645. /**
  646. * interworking - Whether Interworking (IEEE 802.11u) is enabled
  647. */
  648. int interworking;
  649. /**
  650. * access_network_type - Access Network Type
  651. *
  652. * When Interworking is enabled, scans will be limited to APs that
  653. * advertise the specified Access Network Type (0..15; with 15
  654. * indicating wildcard match).
  655. */
  656. int access_network_type;
  657. /**
  658. * hessid - Homogenous ESS identifier
  659. *
  660. * If this is set (any octet is non-zero), scans will be used to
  661. * request response only from BSSes belonging to the specified
  662. * Homogeneous ESS. This is used only if interworking is enabled.
  663. */
  664. u8 hessid[ETH_ALEN];
  665. /**
  666. * hs20 - Hotspot 2.0
  667. */
  668. int hs20;
  669. /**
  670. * pbc_in_m1 - AP mode WPS probing workaround for PBC with Windows 7
  671. *
  672. * Windows 7 uses incorrect way of figuring out AP's WPS capabilities
  673. * by acting as a Registrar and using M1 from the AP. The config
  674. * methods attribute in that message is supposed to indicate only the
  675. * configuration method supported by the AP in Enrollee role, i.e., to
  676. * add an external Registrar. For that case, PBC shall not be used and
  677. * as such, the PushButton config method is removed from M1 by default.
  678. * If pbc_in_m1=1 is included in the configuration file, the PushButton
  679. * config method is left in M1 (if included in config_methods
  680. * parameter) to allow Windows 7 to use PBC instead of PIN (e.g., from
  681. * a label in the AP).
  682. */
  683. int pbc_in_m1;
  684. /**
  685. * autoscan - Automatic scan parameters or %NULL if none
  686. *
  687. * This is an optional set of parameters for automatic scanning
  688. * within an interface in following format:
  689. * <autoscan module name>:<module parameters>
  690. */
  691. char *autoscan;
  692. /**
  693. * wps_nfc_pw_from_config - NFC Device Password was read from config
  694. *
  695. * This parameter can be determined whether the NFC Device Password was
  696. * included in the configuration (1) or generated dynamically (0). Only
  697. * the former case is re-written back to the configuration file.
  698. */
  699. int wps_nfc_pw_from_config;
  700. /**
  701. * wps_nfc_dev_pw_id - NFC Device Password ID for password token
  702. */
  703. int wps_nfc_dev_pw_id;
  704. /**
  705. * wps_nfc_dh_pubkey - NFC DH Public Key for password token
  706. */
  707. struct wpabuf *wps_nfc_dh_pubkey;
  708. /**
  709. * wps_nfc_dh_privkey - NFC DH Private Key for password token
  710. */
  711. struct wpabuf *wps_nfc_dh_privkey;
  712. /**
  713. * wps_nfc_dev_pw - NFC Device Password for password token
  714. */
  715. struct wpabuf *wps_nfc_dev_pw;
  716. /**
  717. * ext_password_backend - External password backend or %NULL if none
  718. *
  719. * format: <backend name>[:<optional backend parameters>]
  720. */
  721. char *ext_password_backend;
  722. /*
  723. * p2p_go_max_inactivity - Timeout in seconds to detect STA inactivity
  724. *
  725. * This timeout value is used in P2P GO mode to clean up
  726. * inactive stations.
  727. * By default: 300 seconds.
  728. */
  729. int p2p_go_max_inactivity;
  730. struct hostapd_wmm_ac_params wmm_ac_params[4];
  731. /**
  732. * auto_interworking - Whether to use network selection automatically
  733. *
  734. * 0 = do not automatically go through Interworking network selection
  735. * (i.e., require explicit interworking_select command for this)
  736. * 1 = perform Interworking network selection if one or more
  737. * credentials have been configured and scan did not find a
  738. * matching network block
  739. */
  740. int auto_interworking;
  741. /**
  742. * p2p_go_ht40 - Default mode for HT40 enable when operating as GO.
  743. *
  744. * This will take effect for p2p_group_add, p2p_connect, and p2p_invite.
  745. * Note that regulatory constraints and driver capabilities are
  746. * consulted anyway, so setting it to 1 can't do real harm.
  747. * By default: 0 (disabled)
  748. */
  749. int p2p_go_ht40;
  750. /**
  751. * p2p_go_vht - Default mode for VHT enable when operating as GO
  752. *
  753. * This will take effect for p2p_group_add, p2p_connect, and p2p_invite.
  754. * Note that regulatory constraints and driver capabilities are
  755. * consulted anyway, so setting it to 1 can't do real harm.
  756. * By default: 0 (disabled)
  757. */
  758. int p2p_go_vht;
  759. /**
  760. * p2p_disabled - Whether P2P operations are disabled for this interface
  761. */
  762. int p2p_disabled;
  763. /**
  764. * p2p_no_group_iface - Whether group interfaces can be used
  765. *
  766. * By default, wpa_supplicant will create a separate interface for P2P
  767. * group operations if the driver supports this. This functionality can
  768. * be disabled by setting this parameter to 1. In that case, the same
  769. * interface that was used for the P2P management operations is used
  770. * also for the group operation.
  771. */
  772. int p2p_no_group_iface;
  773. /**
  774. * okc - Whether to enable opportunistic key caching by default
  775. *
  776. * By default, OKC is disabled unless enabled by the per-network
  777. * proactive_key_caching=1 parameter. okc=1 can be used to change this
  778. * default behavior.
  779. */
  780. int okc;
  781. /**
  782. * pmf - Whether to enable/require PMF by default
  783. *
  784. * By default, PMF is disabled unless enabled by the per-network
  785. * ieee80211w=1 or ieee80211w=2 parameter. pmf=1/2 can be used to change
  786. * this default behavior.
  787. */
  788. enum mfp_options pmf;
  789. /**
  790. * sae_groups - Preference list of enabled groups for SAE
  791. *
  792. * By default (if this parameter is not set), the mandatory group 19
  793. * (ECC group defined over a 256-bit prime order field) is preferred,
  794. * but other groups are also enabled. If this parameter is set, the
  795. * groups will be tried in the indicated order.
  796. */
  797. int *sae_groups;
  798. /**
  799. * dtim_period - Default DTIM period in Beacon intervals
  800. *
  801. * This parameter can be used to set the default value for network
  802. * blocks that do not specify dtim_period.
  803. */
  804. int dtim_period;
  805. /**
  806. * beacon_int - Default Beacon interval in TU
  807. *
  808. * This parameter can be used to set the default value for network
  809. * blocks that do not specify beacon_int.
  810. */
  811. int beacon_int;
  812. /**
  813. * ap_vendor_elements: Vendor specific elements for Beacon/ProbeResp
  814. *
  815. * This parameter can be used to define additional vendor specific
  816. * elements for Beacon and Probe Response frames in AP/P2P GO mode. The
  817. * format for these element(s) is a hexdump of the raw information
  818. * elements (id+len+payload for one or more elements).
  819. */
  820. struct wpabuf *ap_vendor_elements;
  821. /**
  822. * ignore_old_scan_res - Ignore scan results older than request
  823. *
  824. * The driver may have a cache of scan results that makes it return
  825. * information that is older than our scan trigger. This parameter can
  826. * be used to configure such old information to be ignored instead of
  827. * allowing it to update the internal BSS table.
  828. */
  829. int ignore_old_scan_res;
  830. /**
  831. * sched_scan_interval - schedule scan interval
  832. */
  833. unsigned int sched_scan_interval;
  834. /**
  835. * tdls_external_control - External control for TDLS setup requests
  836. *
  837. * Enable TDLS mode where external programs are given the control
  838. * to specify the TDLS link to get established to the driver. The
  839. * driver requests the TDLS setup to the supplicant only for the
  840. * specified TDLS peers.
  841. */
  842. int tdls_external_control;
  843. };
  844. /* Prototypes for common functions from config.c */
  845. void wpa_config_free(struct wpa_config *ssid);
  846. void wpa_config_free_ssid(struct wpa_ssid *ssid);
  847. void wpa_config_foreach_network(struct wpa_config *config,
  848. void (*func)(void *, struct wpa_ssid *),
  849. void *arg);
  850. struct wpa_ssid * wpa_config_get_network(struct wpa_config *config, int id);
  851. struct wpa_ssid * wpa_config_add_network(struct wpa_config *config);
  852. int wpa_config_remove_network(struct wpa_config *config, int id);
  853. void wpa_config_set_network_defaults(struct wpa_ssid *ssid);
  854. int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
  855. int line);
  856. int wpa_config_set_quoted(struct wpa_ssid *ssid, const char *var,
  857. const char *value);
  858. char ** wpa_config_get_all(struct wpa_ssid *ssid, int get_keys);
  859. char * wpa_config_get(struct wpa_ssid *ssid, const char *var);
  860. char * wpa_config_get_no_key(struct wpa_ssid *ssid, const char *var);
  861. void wpa_config_update_psk(struct wpa_ssid *ssid);
  862. int wpa_config_add_prio_network(struct wpa_config *config,
  863. struct wpa_ssid *ssid);
  864. int wpa_config_update_prio_list(struct wpa_config *config);
  865. const struct wpa_config_blob * wpa_config_get_blob(struct wpa_config *config,
  866. const char *name);
  867. void wpa_config_set_blob(struct wpa_config *config,
  868. struct wpa_config_blob *blob);
  869. void wpa_config_free_blob(struct wpa_config_blob *blob);
  870. int wpa_config_remove_blob(struct wpa_config *config, const char *name);
  871. struct wpa_cred * wpa_config_get_cred(struct wpa_config *config, int id);
  872. struct wpa_cred * wpa_config_add_cred(struct wpa_config *config);
  873. int wpa_config_remove_cred(struct wpa_config *config, int id);
  874. void wpa_config_free_cred(struct wpa_cred *cred);
  875. int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
  876. const char *value, int line);
  877. struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
  878. const char *driver_param);
  879. #ifndef CONFIG_NO_STDOUT_DEBUG
  880. void wpa_config_debug_dump_networks(struct wpa_config *config);
  881. #else /* CONFIG_NO_STDOUT_DEBUG */
  882. #define wpa_config_debug_dump_networks(c) do { } while (0)
  883. #endif /* CONFIG_NO_STDOUT_DEBUG */
  884. /* Prototypes for common functions from config.c */
  885. int wpa_config_process_global(struct wpa_config *config, char *pos, int line);
  886. /* Prototypes for backend specific functions from the selected config_*.c */
  887. /**
  888. * wpa_config_read - Read and parse configuration database
  889. * @name: Name of the configuration (e.g., path and file name for the
  890. * configuration file)
  891. * @cfgp: Pointer to previously allocated configuration data or %NULL if none
  892. * Returns: Pointer to allocated configuration data or %NULL on failure
  893. *
  894. * This function reads configuration data, parses its contents, and allocates
  895. * data structures needed for storing configuration information. The allocated
  896. * data can be freed with wpa_config_free().
  897. *
  898. * Each configuration backend needs to implement this function.
  899. */
  900. struct wpa_config * wpa_config_read(const char *name, struct wpa_config *cfgp);
  901. /**
  902. * wpa_config_write - Write or update configuration data
  903. * @name: Name of the configuration (e.g., path and file name for the
  904. * configuration file)
  905. * @config: Configuration data from wpa_config_read()
  906. * Returns: 0 on success, -1 on failure
  907. *
  908. * This function write all configuration data into an external database (e.g.,
  909. * a text file) in a format that can be read with wpa_config_read(). This can
  910. * be used to allow wpa_supplicant to update its configuration, e.g., when a
  911. * new network is added or a password is changed.
  912. *
  913. * Each configuration backend needs to implement this function.
  914. */
  915. int wpa_config_write(const char *name, struct wpa_config *config);
  916. #endif /* CONFIG_H */