config_file.c 83 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122
  1. /*
  2. * hostapd / Configuration file parser
  3. * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
  4. *
  5. * This software may be distributed under the terms of the BSD license.
  6. * See README for more details.
  7. */
  8. #include "utils/includes.h"
  9. #ifndef CONFIG_NATIVE_WINDOWS
  10. #include <grp.h>
  11. #endif /* CONFIG_NATIVE_WINDOWS */
  12. #include "utils/common.h"
  13. #include "utils/uuid.h"
  14. #include "common/ieee802_11_defs.h"
  15. #include "drivers/driver.h"
  16. #include "eap_server/eap.h"
  17. #include "radius/radius_client.h"
  18. #include "ap/wpa_auth.h"
  19. #include "ap/ap_config.h"
  20. #include "config_file.h"
  21. extern struct wpa_driver_ops *wpa_drivers[];
  22. #ifndef CONFIG_NO_VLAN
  23. static int hostapd_config_read_vlan_file(struct hostapd_bss_config *bss,
  24. const char *fname)
  25. {
  26. FILE *f;
  27. char buf[128], *pos, *pos2;
  28. int line = 0, vlan_id;
  29. struct hostapd_vlan *vlan;
  30. f = fopen(fname, "r");
  31. if (!f) {
  32. wpa_printf(MSG_ERROR, "VLAN file '%s' not readable.", fname);
  33. return -1;
  34. }
  35. while (fgets(buf, sizeof(buf), f)) {
  36. line++;
  37. if (buf[0] == '#')
  38. continue;
  39. pos = buf;
  40. while (*pos != '\0') {
  41. if (*pos == '\n') {
  42. *pos = '\0';
  43. break;
  44. }
  45. pos++;
  46. }
  47. if (buf[0] == '\0')
  48. continue;
  49. if (buf[0] == '*') {
  50. vlan_id = VLAN_ID_WILDCARD;
  51. pos = buf + 1;
  52. } else {
  53. vlan_id = strtol(buf, &pos, 10);
  54. if (buf == pos || vlan_id < 1 ||
  55. vlan_id > MAX_VLAN_ID) {
  56. wpa_printf(MSG_ERROR, "Invalid VLAN ID at "
  57. "line %d in '%s'", line, fname);
  58. fclose(f);
  59. return -1;
  60. }
  61. }
  62. while (*pos == ' ' || *pos == '\t')
  63. pos++;
  64. pos2 = pos;
  65. while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
  66. pos2++;
  67. *pos2 = '\0';
  68. if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
  69. wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
  70. "in '%s'", line, fname);
  71. fclose(f);
  72. return -1;
  73. }
  74. vlan = os_malloc(sizeof(*vlan));
  75. if (vlan == NULL) {
  76. wpa_printf(MSG_ERROR, "Out of memory while reading "
  77. "VLAN interfaces from '%s'", fname);
  78. fclose(f);
  79. return -1;
  80. }
  81. os_memset(vlan, 0, sizeof(*vlan));
  82. vlan->vlan_id = vlan_id;
  83. os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
  84. if (bss->vlan_tail)
  85. bss->vlan_tail->next = vlan;
  86. else
  87. bss->vlan = vlan;
  88. bss->vlan_tail = vlan;
  89. }
  90. fclose(f);
  91. return 0;
  92. }
  93. #endif /* CONFIG_NO_VLAN */
  94. static int hostapd_acl_comp(const void *a, const void *b)
  95. {
  96. const struct mac_acl_entry *aa = a;
  97. const struct mac_acl_entry *bb = b;
  98. return os_memcmp(aa->addr, bb->addr, sizeof(macaddr));
  99. }
  100. static int hostapd_config_read_maclist(const char *fname,
  101. struct mac_acl_entry **acl, int *num)
  102. {
  103. FILE *f;
  104. char buf[128], *pos;
  105. int line = 0;
  106. u8 addr[ETH_ALEN];
  107. struct mac_acl_entry *newacl;
  108. int vlan_id;
  109. if (!fname)
  110. return 0;
  111. f = fopen(fname, "r");
  112. if (!f) {
  113. wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname);
  114. return -1;
  115. }
  116. while (fgets(buf, sizeof(buf), f)) {
  117. line++;
  118. if (buf[0] == '#')
  119. continue;
  120. pos = buf;
  121. while (*pos != '\0') {
  122. if (*pos == '\n') {
  123. *pos = '\0';
  124. break;
  125. }
  126. pos++;
  127. }
  128. if (buf[0] == '\0')
  129. continue;
  130. if (hwaddr_aton(buf, addr)) {
  131. wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at "
  132. "line %d in '%s'", buf, line, fname);
  133. fclose(f);
  134. return -1;
  135. }
  136. vlan_id = 0;
  137. pos = buf;
  138. while (*pos != '\0' && *pos != ' ' && *pos != '\t')
  139. pos++;
  140. while (*pos == ' ' || *pos == '\t')
  141. pos++;
  142. if (*pos != '\0')
  143. vlan_id = atoi(pos);
  144. newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
  145. if (newacl == NULL) {
  146. wpa_printf(MSG_ERROR, "MAC list reallocation failed");
  147. fclose(f);
  148. return -1;
  149. }
  150. *acl = newacl;
  151. os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
  152. (*acl)[*num].vlan_id = vlan_id;
  153. (*num)++;
  154. }
  155. fclose(f);
  156. qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
  157. return 0;
  158. }
  159. #ifdef EAP_SERVER
  160. static int hostapd_config_read_eap_user(const char *fname,
  161. struct hostapd_bss_config *conf)
  162. {
  163. FILE *f;
  164. char buf[512], *pos, *start, *pos2;
  165. int line = 0, ret = 0, num_methods;
  166. struct hostapd_eap_user *user, *tail = NULL;
  167. if (!fname)
  168. return 0;
  169. if (os_strncmp(fname, "sqlite:", 7) == 0) {
  170. os_free(conf->eap_user_sqlite);
  171. conf->eap_user_sqlite = os_strdup(fname + 7);
  172. return 0;
  173. }
  174. f = fopen(fname, "r");
  175. if (!f) {
  176. wpa_printf(MSG_ERROR, "EAP user file '%s' not found.", fname);
  177. return -1;
  178. }
  179. /* Lines: "user" METHOD,METHOD2 "password" (password optional) */
  180. while (fgets(buf, sizeof(buf), f)) {
  181. line++;
  182. if (buf[0] == '#')
  183. continue;
  184. pos = buf;
  185. while (*pos != '\0') {
  186. if (*pos == '\n') {
  187. *pos = '\0';
  188. break;
  189. }
  190. pos++;
  191. }
  192. if (buf[0] == '\0')
  193. continue;
  194. user = NULL;
  195. if (buf[0] != '"' && buf[0] != '*') {
  196. wpa_printf(MSG_ERROR, "Invalid EAP identity (no \" in "
  197. "start) on line %d in '%s'", line, fname);
  198. goto failed;
  199. }
  200. user = os_zalloc(sizeof(*user));
  201. if (user == NULL) {
  202. wpa_printf(MSG_ERROR, "EAP user allocation failed");
  203. goto failed;
  204. }
  205. user->force_version = -1;
  206. if (buf[0] == '*') {
  207. pos = buf;
  208. } else {
  209. pos = buf + 1;
  210. start = pos;
  211. while (*pos != '"' && *pos != '\0')
  212. pos++;
  213. if (*pos == '\0') {
  214. wpa_printf(MSG_ERROR, "Invalid EAP identity "
  215. "(no \" in end) on line %d in '%s'",
  216. line, fname);
  217. goto failed;
  218. }
  219. user->identity = os_malloc(pos - start);
  220. if (user->identity == NULL) {
  221. wpa_printf(MSG_ERROR, "Failed to allocate "
  222. "memory for EAP identity");
  223. goto failed;
  224. }
  225. os_memcpy(user->identity, start, pos - start);
  226. user->identity_len = pos - start;
  227. if (pos[0] == '"' && pos[1] == '*') {
  228. user->wildcard_prefix = 1;
  229. pos++;
  230. }
  231. }
  232. pos++;
  233. while (*pos == ' ' || *pos == '\t')
  234. pos++;
  235. if (*pos == '\0') {
  236. wpa_printf(MSG_ERROR, "No EAP method on line %d in "
  237. "'%s'", line, fname);
  238. goto failed;
  239. }
  240. start = pos;
  241. while (*pos != ' ' && *pos != '\t' && *pos != '\0')
  242. pos++;
  243. if (*pos == '\0') {
  244. pos = NULL;
  245. } else {
  246. *pos = '\0';
  247. pos++;
  248. }
  249. num_methods = 0;
  250. while (*start) {
  251. char *pos3 = os_strchr(start, ',');
  252. if (pos3) {
  253. *pos3++ = '\0';
  254. }
  255. user->methods[num_methods].method =
  256. eap_server_get_type(
  257. start,
  258. &user->methods[num_methods].vendor);
  259. if (user->methods[num_methods].vendor ==
  260. EAP_VENDOR_IETF &&
  261. user->methods[num_methods].method == EAP_TYPE_NONE)
  262. {
  263. if (os_strcmp(start, "TTLS-PAP") == 0) {
  264. user->ttls_auth |= EAP_TTLS_AUTH_PAP;
  265. goto skip_eap;
  266. }
  267. if (os_strcmp(start, "TTLS-CHAP") == 0) {
  268. user->ttls_auth |= EAP_TTLS_AUTH_CHAP;
  269. goto skip_eap;
  270. }
  271. if (os_strcmp(start, "TTLS-MSCHAP") == 0) {
  272. user->ttls_auth |=
  273. EAP_TTLS_AUTH_MSCHAP;
  274. goto skip_eap;
  275. }
  276. if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) {
  277. user->ttls_auth |=
  278. EAP_TTLS_AUTH_MSCHAPV2;
  279. goto skip_eap;
  280. }
  281. wpa_printf(MSG_ERROR, "Unsupported EAP type "
  282. "'%s' on line %d in '%s'",
  283. start, line, fname);
  284. goto failed;
  285. }
  286. num_methods++;
  287. if (num_methods >= EAP_MAX_METHODS)
  288. break;
  289. skip_eap:
  290. if (pos3 == NULL)
  291. break;
  292. start = pos3;
  293. }
  294. if (num_methods == 0 && user->ttls_auth == 0) {
  295. wpa_printf(MSG_ERROR, "No EAP types configured on "
  296. "line %d in '%s'", line, fname);
  297. goto failed;
  298. }
  299. if (pos == NULL)
  300. goto done;
  301. while (*pos == ' ' || *pos == '\t')
  302. pos++;
  303. if (*pos == '\0')
  304. goto done;
  305. if (os_strncmp(pos, "[ver=0]", 7) == 0) {
  306. user->force_version = 0;
  307. goto done;
  308. }
  309. if (os_strncmp(pos, "[ver=1]", 7) == 0) {
  310. user->force_version = 1;
  311. goto done;
  312. }
  313. if (os_strncmp(pos, "[2]", 3) == 0) {
  314. user->phase2 = 1;
  315. goto done;
  316. }
  317. if (*pos == '"') {
  318. pos++;
  319. start = pos;
  320. while (*pos != '"' && *pos != '\0')
  321. pos++;
  322. if (*pos == '\0') {
  323. wpa_printf(MSG_ERROR, "Invalid EAP password "
  324. "(no \" in end) on line %d in '%s'",
  325. line, fname);
  326. goto failed;
  327. }
  328. user->password = os_malloc(pos - start);
  329. if (user->password == NULL) {
  330. wpa_printf(MSG_ERROR, "Failed to allocate "
  331. "memory for EAP password");
  332. goto failed;
  333. }
  334. os_memcpy(user->password, start, pos - start);
  335. user->password_len = pos - start;
  336. pos++;
  337. } else if (os_strncmp(pos, "hash:", 5) == 0) {
  338. pos += 5;
  339. pos2 = pos;
  340. while (*pos2 != '\0' && *pos2 != ' ' &&
  341. *pos2 != '\t' && *pos2 != '#')
  342. pos2++;
  343. if (pos2 - pos != 32) {
  344. wpa_printf(MSG_ERROR, "Invalid password hash "
  345. "on line %d in '%s'", line, fname);
  346. goto failed;
  347. }
  348. user->password = os_malloc(16);
  349. if (user->password == NULL) {
  350. wpa_printf(MSG_ERROR, "Failed to allocate "
  351. "memory for EAP password hash");
  352. goto failed;
  353. }
  354. if (hexstr2bin(pos, user->password, 16) < 0) {
  355. wpa_printf(MSG_ERROR, "Invalid hash password "
  356. "on line %d in '%s'", line, fname);
  357. goto failed;
  358. }
  359. user->password_len = 16;
  360. user->password_hash = 1;
  361. pos = pos2;
  362. } else {
  363. pos2 = pos;
  364. while (*pos2 != '\0' && *pos2 != ' ' &&
  365. *pos2 != '\t' && *pos2 != '#')
  366. pos2++;
  367. if ((pos2 - pos) & 1) {
  368. wpa_printf(MSG_ERROR, "Invalid hex password "
  369. "on line %d in '%s'", line, fname);
  370. goto failed;
  371. }
  372. user->password = os_malloc((pos2 - pos) / 2);
  373. if (user->password == NULL) {
  374. wpa_printf(MSG_ERROR, "Failed to allocate "
  375. "memory for EAP password");
  376. goto failed;
  377. }
  378. if (hexstr2bin(pos, user->password,
  379. (pos2 - pos) / 2) < 0) {
  380. wpa_printf(MSG_ERROR, "Invalid hex password "
  381. "on line %d in '%s'", line, fname);
  382. goto failed;
  383. }
  384. user->password_len = (pos2 - pos) / 2;
  385. pos = pos2;
  386. }
  387. while (*pos == ' ' || *pos == '\t')
  388. pos++;
  389. if (os_strncmp(pos, "[2]", 3) == 0) {
  390. user->phase2 = 1;
  391. }
  392. done:
  393. if (tail == NULL) {
  394. tail = conf->eap_user = user;
  395. } else {
  396. tail->next = user;
  397. tail = user;
  398. }
  399. continue;
  400. failed:
  401. if (user) {
  402. os_free(user->password);
  403. os_free(user->identity);
  404. os_free(user);
  405. }
  406. ret = -1;
  407. break;
  408. }
  409. fclose(f);
  410. return ret;
  411. }
  412. #endif /* EAP_SERVER */
  413. #ifndef CONFIG_NO_RADIUS
  414. static int
  415. hostapd_config_read_radius_addr(struct hostapd_radius_server **server,
  416. int *num_server, const char *val, int def_port,
  417. struct hostapd_radius_server **curr_serv)
  418. {
  419. struct hostapd_radius_server *nserv;
  420. int ret;
  421. static int server_index = 1;
  422. nserv = os_realloc_array(*server, *num_server + 1, sizeof(*nserv));
  423. if (nserv == NULL)
  424. return -1;
  425. *server = nserv;
  426. nserv = &nserv[*num_server];
  427. (*num_server)++;
  428. (*curr_serv) = nserv;
  429. os_memset(nserv, 0, sizeof(*nserv));
  430. nserv->port = def_port;
  431. ret = hostapd_parse_ip_addr(val, &nserv->addr);
  432. nserv->index = server_index++;
  433. return ret;
  434. }
  435. static struct hostapd_radius_attr *
  436. hostapd_parse_radius_attr(const char *value)
  437. {
  438. const char *pos;
  439. char syntax;
  440. struct hostapd_radius_attr *attr;
  441. size_t len;
  442. attr = os_zalloc(sizeof(*attr));
  443. if (attr == NULL)
  444. return NULL;
  445. attr->type = atoi(value);
  446. pos = os_strchr(value, ':');
  447. if (pos == NULL) {
  448. attr->val = wpabuf_alloc(1);
  449. if (attr->val == NULL) {
  450. os_free(attr);
  451. return NULL;
  452. }
  453. wpabuf_put_u8(attr->val, 0);
  454. return attr;
  455. }
  456. pos++;
  457. if (pos[0] == '\0' || pos[1] != ':') {
  458. os_free(attr);
  459. return NULL;
  460. }
  461. syntax = *pos++;
  462. pos++;
  463. switch (syntax) {
  464. case 's':
  465. attr->val = wpabuf_alloc_copy(pos, os_strlen(pos));
  466. break;
  467. case 'x':
  468. len = os_strlen(pos);
  469. if (len & 1)
  470. break;
  471. len /= 2;
  472. attr->val = wpabuf_alloc(len);
  473. if (attr->val == NULL)
  474. break;
  475. if (hexstr2bin(pos, wpabuf_put(attr->val, len), len) < 0) {
  476. wpabuf_free(attr->val);
  477. os_free(attr);
  478. return NULL;
  479. }
  480. break;
  481. case 'd':
  482. attr->val = wpabuf_alloc(4);
  483. if (attr->val)
  484. wpabuf_put_be32(attr->val, atoi(pos));
  485. break;
  486. default:
  487. os_free(attr);
  488. return NULL;
  489. }
  490. if (attr->val == NULL) {
  491. os_free(attr);
  492. return NULL;
  493. }
  494. return attr;
  495. }
  496. static int hostapd_parse_das_client(struct hostapd_bss_config *bss,
  497. const char *val)
  498. {
  499. char *secret;
  500. secret = os_strchr(val, ' ');
  501. if (secret == NULL)
  502. return -1;
  503. secret++;
  504. if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr))
  505. return -1;
  506. os_free(bss->radius_das_shared_secret);
  507. bss->radius_das_shared_secret = (u8 *) os_strdup(secret);
  508. if (bss->radius_das_shared_secret == NULL)
  509. return -1;
  510. bss->radius_das_shared_secret_len = os_strlen(secret);
  511. return 0;
  512. }
  513. #endif /* CONFIG_NO_RADIUS */
  514. static int hostapd_config_parse_key_mgmt(int line, const char *value)
  515. {
  516. int val = 0, last;
  517. char *start, *end, *buf;
  518. buf = os_strdup(value);
  519. if (buf == NULL)
  520. return -1;
  521. start = buf;
  522. while (*start != '\0') {
  523. while (*start == ' ' || *start == '\t')
  524. start++;
  525. if (*start == '\0')
  526. break;
  527. end = start;
  528. while (*end != ' ' && *end != '\t' && *end != '\0')
  529. end++;
  530. last = *end == '\0';
  531. *end = '\0';
  532. if (os_strcmp(start, "WPA-PSK") == 0)
  533. val |= WPA_KEY_MGMT_PSK;
  534. else if (os_strcmp(start, "WPA-EAP") == 0)
  535. val |= WPA_KEY_MGMT_IEEE8021X;
  536. #ifdef CONFIG_IEEE80211R
  537. else if (os_strcmp(start, "FT-PSK") == 0)
  538. val |= WPA_KEY_MGMT_FT_PSK;
  539. else if (os_strcmp(start, "FT-EAP") == 0)
  540. val |= WPA_KEY_MGMT_FT_IEEE8021X;
  541. #endif /* CONFIG_IEEE80211R */
  542. #ifdef CONFIG_IEEE80211W
  543. else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
  544. val |= WPA_KEY_MGMT_PSK_SHA256;
  545. else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
  546. val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
  547. #endif /* CONFIG_IEEE80211W */
  548. #ifdef CONFIG_SAE
  549. else if (os_strcmp(start, "SAE") == 0)
  550. val |= WPA_KEY_MGMT_SAE;
  551. else if (os_strcmp(start, "FT-SAE") == 0)
  552. val |= WPA_KEY_MGMT_FT_SAE;
  553. #endif /* CONFIG_SAE */
  554. else {
  555. wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
  556. line, start);
  557. os_free(buf);
  558. return -1;
  559. }
  560. if (last)
  561. break;
  562. start = end + 1;
  563. }
  564. os_free(buf);
  565. if (val == 0) {
  566. wpa_printf(MSG_ERROR, "Line %d: no key_mgmt values "
  567. "configured.", line);
  568. return -1;
  569. }
  570. return val;
  571. }
  572. static int hostapd_config_parse_cipher(int line, const char *value)
  573. {
  574. int val = 0, last;
  575. char *start, *end, *buf;
  576. buf = os_strdup(value);
  577. if (buf == NULL)
  578. return -1;
  579. start = buf;
  580. while (*start != '\0') {
  581. while (*start == ' ' || *start == '\t')
  582. start++;
  583. if (*start == '\0')
  584. break;
  585. end = start;
  586. while (*end != ' ' && *end != '\t' && *end != '\0')
  587. end++;
  588. last = *end == '\0';
  589. *end = '\0';
  590. if (os_strcmp(start, "CCMP") == 0)
  591. val |= WPA_CIPHER_CCMP;
  592. else if (os_strcmp(start, "GCMP") == 0)
  593. val |= WPA_CIPHER_GCMP;
  594. else if (os_strcmp(start, "TKIP") == 0)
  595. val |= WPA_CIPHER_TKIP;
  596. else if (os_strcmp(start, "WEP104") == 0)
  597. val |= WPA_CIPHER_WEP104;
  598. else if (os_strcmp(start, "WEP40") == 0)
  599. val |= WPA_CIPHER_WEP40;
  600. else if (os_strcmp(start, "NONE") == 0)
  601. val |= WPA_CIPHER_NONE;
  602. else {
  603. wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
  604. line, start);
  605. os_free(buf);
  606. return -1;
  607. }
  608. if (last)
  609. break;
  610. start = end + 1;
  611. }
  612. os_free(buf);
  613. if (val == 0) {
  614. wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
  615. line);
  616. return -1;
  617. }
  618. return val;
  619. }
  620. static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
  621. char *val)
  622. {
  623. size_t len = os_strlen(val);
  624. if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL)
  625. return -1;
  626. if (val[0] == '"') {
  627. if (len < 2 || val[len - 1] != '"')
  628. return -1;
  629. len -= 2;
  630. wep->key[keyidx] = os_malloc(len);
  631. if (wep->key[keyidx] == NULL)
  632. return -1;
  633. os_memcpy(wep->key[keyidx], val + 1, len);
  634. wep->len[keyidx] = len;
  635. } else {
  636. if (len & 1)
  637. return -1;
  638. len /= 2;
  639. wep->key[keyidx] = os_malloc(len);
  640. if (wep->key[keyidx] == NULL)
  641. return -1;
  642. wep->len[keyidx] = len;
  643. if (hexstr2bin(val, wep->key[keyidx], len) < 0)
  644. return -1;
  645. }
  646. wep->keys_set++;
  647. return 0;
  648. }
  649. static int hostapd_parse_rates(int **rate_list, char *val)
  650. {
  651. int *list;
  652. int count;
  653. char *pos, *end;
  654. os_free(*rate_list);
  655. *rate_list = NULL;
  656. pos = val;
  657. count = 0;
  658. while (*pos != '\0') {
  659. if (*pos == ' ')
  660. count++;
  661. pos++;
  662. }
  663. list = os_malloc(sizeof(int) * (count + 2));
  664. if (list == NULL)
  665. return -1;
  666. pos = val;
  667. count = 0;
  668. while (*pos != '\0') {
  669. end = os_strchr(pos, ' ');
  670. if (end)
  671. *end = '\0';
  672. list[count++] = atoi(pos);
  673. if (!end)
  674. break;
  675. pos = end + 1;
  676. }
  677. list[count] = -1;
  678. *rate_list = list;
  679. return 0;
  680. }
  681. static int hostapd_config_bss(struct hostapd_config *conf, const char *ifname)
  682. {
  683. struct hostapd_bss_config *bss;
  684. if (*ifname == '\0')
  685. return -1;
  686. bss = os_realloc_array(conf->bss, conf->num_bss + 1,
  687. sizeof(struct hostapd_bss_config));
  688. if (bss == NULL) {
  689. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  690. "multi-BSS entry");
  691. return -1;
  692. }
  693. conf->bss = bss;
  694. bss = &(conf->bss[conf->num_bss]);
  695. os_memset(bss, 0, sizeof(*bss));
  696. bss->radius = os_zalloc(sizeof(*bss->radius));
  697. if (bss->radius == NULL) {
  698. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  699. "multi-BSS RADIUS data");
  700. return -1;
  701. }
  702. conf->num_bss++;
  703. conf->last_bss = bss;
  704. hostapd_config_defaults_bss(bss);
  705. os_strlcpy(bss->iface, ifname, sizeof(bss->iface));
  706. os_memcpy(bss->ssid.vlan, bss->iface, IFNAMSIZ + 1);
  707. return 0;
  708. }
  709. /* convert floats with one decimal place to value*10 int, i.e.,
  710. * "1.5" will return 15 */
  711. static int hostapd_config_read_int10(const char *value)
  712. {
  713. int i, d;
  714. char *pos;
  715. i = atoi(value);
  716. pos = os_strchr(value, '.');
  717. d = 0;
  718. if (pos) {
  719. pos++;
  720. if (*pos >= '0' && *pos <= '9')
  721. d = *pos - '0';
  722. }
  723. return i * 10 + d;
  724. }
  725. static int valid_cw(int cw)
  726. {
  727. return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 ||
  728. cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023);
  729. }
  730. enum {
  731. IEEE80211_TX_QUEUE_DATA0 = 0, /* used for EDCA AC_VO data */
  732. IEEE80211_TX_QUEUE_DATA1 = 1, /* used for EDCA AC_VI data */
  733. IEEE80211_TX_QUEUE_DATA2 = 2, /* used for EDCA AC_BE data */
  734. IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */
  735. };
  736. static int hostapd_config_tx_queue(struct hostapd_config *conf, char *name,
  737. char *val)
  738. {
  739. int num;
  740. char *pos;
  741. struct hostapd_tx_queue_params *queue;
  742. /* skip 'tx_queue_' prefix */
  743. pos = name + 9;
  744. if (os_strncmp(pos, "data", 4) == 0 &&
  745. pos[4] >= '0' && pos[4] <= '9' && pos[5] == '_') {
  746. num = pos[4] - '0';
  747. pos += 6;
  748. } else if (os_strncmp(pos, "after_beacon_", 13) == 0 ||
  749. os_strncmp(pos, "beacon_", 7) == 0) {
  750. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  751. return 0;
  752. } else {
  753. wpa_printf(MSG_ERROR, "Unknown tx_queue name '%s'", pos);
  754. return -1;
  755. }
  756. if (num >= NUM_TX_QUEUES) {
  757. /* for backwards compatibility, do not trigger failure */
  758. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  759. return 0;
  760. }
  761. queue = &conf->tx_queue[num];
  762. if (os_strcmp(pos, "aifs") == 0) {
  763. queue->aifs = atoi(val);
  764. if (queue->aifs < 0 || queue->aifs > 255) {
  765. wpa_printf(MSG_ERROR, "Invalid AIFS value %d",
  766. queue->aifs);
  767. return -1;
  768. }
  769. } else if (os_strcmp(pos, "cwmin") == 0) {
  770. queue->cwmin = atoi(val);
  771. if (!valid_cw(queue->cwmin)) {
  772. wpa_printf(MSG_ERROR, "Invalid cwMin value %d",
  773. queue->cwmin);
  774. return -1;
  775. }
  776. } else if (os_strcmp(pos, "cwmax") == 0) {
  777. queue->cwmax = atoi(val);
  778. if (!valid_cw(queue->cwmax)) {
  779. wpa_printf(MSG_ERROR, "Invalid cwMax value %d",
  780. queue->cwmax);
  781. return -1;
  782. }
  783. } else if (os_strcmp(pos, "burst") == 0) {
  784. queue->burst = hostapd_config_read_int10(val);
  785. } else {
  786. wpa_printf(MSG_ERROR, "Unknown tx_queue field '%s'", pos);
  787. return -1;
  788. }
  789. return 0;
  790. }
  791. #ifdef CONFIG_IEEE80211R
  792. static int add_r0kh(struct hostapd_bss_config *bss, char *value)
  793. {
  794. struct ft_remote_r0kh *r0kh;
  795. char *pos, *next;
  796. r0kh = os_zalloc(sizeof(*r0kh));
  797. if (r0kh == NULL)
  798. return -1;
  799. /* 02:01:02:03:04:05 a.example.com 000102030405060708090a0b0c0d0e0f */
  800. pos = value;
  801. next = os_strchr(pos, ' ');
  802. if (next)
  803. *next++ = '\0';
  804. if (next == NULL || hwaddr_aton(pos, r0kh->addr)) {
  805. wpa_printf(MSG_ERROR, "Invalid R0KH MAC address: '%s'", pos);
  806. os_free(r0kh);
  807. return -1;
  808. }
  809. pos = next;
  810. next = os_strchr(pos, ' ');
  811. if (next)
  812. *next++ = '\0';
  813. if (next == NULL || next - pos > FT_R0KH_ID_MAX_LEN) {
  814. wpa_printf(MSG_ERROR, "Invalid R0KH-ID: '%s'", pos);
  815. os_free(r0kh);
  816. return -1;
  817. }
  818. r0kh->id_len = next - pos - 1;
  819. os_memcpy(r0kh->id, pos, r0kh->id_len);
  820. pos = next;
  821. if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) {
  822. wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos);
  823. os_free(r0kh);
  824. return -1;
  825. }
  826. r0kh->next = bss->r0kh_list;
  827. bss->r0kh_list = r0kh;
  828. return 0;
  829. }
  830. static int add_r1kh(struct hostapd_bss_config *bss, char *value)
  831. {
  832. struct ft_remote_r1kh *r1kh;
  833. char *pos, *next;
  834. r1kh = os_zalloc(sizeof(*r1kh));
  835. if (r1kh == NULL)
  836. return -1;
  837. /* 02:01:02:03:04:05 02:01:02:03:04:05
  838. * 000102030405060708090a0b0c0d0e0f */
  839. pos = value;
  840. next = os_strchr(pos, ' ');
  841. if (next)
  842. *next++ = '\0';
  843. if (next == NULL || hwaddr_aton(pos, r1kh->addr)) {
  844. wpa_printf(MSG_ERROR, "Invalid R1KH MAC address: '%s'", pos);
  845. os_free(r1kh);
  846. return -1;
  847. }
  848. pos = next;
  849. next = os_strchr(pos, ' ');
  850. if (next)
  851. *next++ = '\0';
  852. if (next == NULL || hwaddr_aton(pos, r1kh->id)) {
  853. wpa_printf(MSG_ERROR, "Invalid R1KH-ID: '%s'", pos);
  854. os_free(r1kh);
  855. return -1;
  856. }
  857. pos = next;
  858. if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) {
  859. wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos);
  860. os_free(r1kh);
  861. return -1;
  862. }
  863. r1kh->next = bss->r1kh_list;
  864. bss->r1kh_list = r1kh;
  865. return 0;
  866. }
  867. #endif /* CONFIG_IEEE80211R */
  868. #ifdef CONFIG_IEEE80211N
  869. static int hostapd_config_ht_capab(struct hostapd_config *conf,
  870. const char *capab)
  871. {
  872. if (os_strstr(capab, "[LDPC]"))
  873. conf->ht_capab |= HT_CAP_INFO_LDPC_CODING_CAP;
  874. if (os_strstr(capab, "[HT40-]")) {
  875. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  876. conf->secondary_channel = -1;
  877. }
  878. if (os_strstr(capab, "[HT40+]")) {
  879. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  880. conf->secondary_channel = 1;
  881. }
  882. if (os_strstr(capab, "[SMPS-STATIC]")) {
  883. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  884. conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC;
  885. }
  886. if (os_strstr(capab, "[SMPS-DYNAMIC]")) {
  887. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  888. conf->ht_capab |= HT_CAP_INFO_SMPS_DYNAMIC;
  889. }
  890. if (os_strstr(capab, "[GF]"))
  891. conf->ht_capab |= HT_CAP_INFO_GREEN_FIELD;
  892. if (os_strstr(capab, "[SHORT-GI-20]"))
  893. conf->ht_capab |= HT_CAP_INFO_SHORT_GI20MHZ;
  894. if (os_strstr(capab, "[SHORT-GI-40]"))
  895. conf->ht_capab |= HT_CAP_INFO_SHORT_GI40MHZ;
  896. if (os_strstr(capab, "[TX-STBC]"))
  897. conf->ht_capab |= HT_CAP_INFO_TX_STBC;
  898. if (os_strstr(capab, "[RX-STBC1]")) {
  899. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  900. conf->ht_capab |= HT_CAP_INFO_RX_STBC_1;
  901. }
  902. if (os_strstr(capab, "[RX-STBC12]")) {
  903. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  904. conf->ht_capab |= HT_CAP_INFO_RX_STBC_12;
  905. }
  906. if (os_strstr(capab, "[RX-STBC123]")) {
  907. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  908. conf->ht_capab |= HT_CAP_INFO_RX_STBC_123;
  909. }
  910. if (os_strstr(capab, "[DELAYED-BA]"))
  911. conf->ht_capab |= HT_CAP_INFO_DELAYED_BA;
  912. if (os_strstr(capab, "[MAX-AMSDU-7935]"))
  913. conf->ht_capab |= HT_CAP_INFO_MAX_AMSDU_SIZE;
  914. if (os_strstr(capab, "[DSSS_CCK-40]"))
  915. conf->ht_capab |= HT_CAP_INFO_DSSS_CCK40MHZ;
  916. if (os_strstr(capab, "[PSMP]"))
  917. conf->ht_capab |= HT_CAP_INFO_PSMP_SUPP;
  918. if (os_strstr(capab, "[LSIG-TXOP-PROT]"))
  919. conf->ht_capab |= HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT;
  920. return 0;
  921. }
  922. #endif /* CONFIG_IEEE80211N */
  923. #ifdef CONFIG_IEEE80211AC
  924. static int hostapd_config_vht_capab(struct hostapd_config *conf,
  925. const char *capab)
  926. {
  927. if (os_strstr(capab, "[MAX-MPDU-7991]"))
  928. conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_7991;
  929. if (os_strstr(capab, "[MAX-MPDU-11454]"))
  930. conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_11454;
  931. if (os_strstr(capab, "[VHT160]"))
  932. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
  933. if (os_strstr(capab, "[VHT160-80PLUS80]"))
  934. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
  935. if (os_strstr(capab, "[VHT160-80PLUS80]"))
  936. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
  937. if (os_strstr(capab, "[RXLDPC]"))
  938. conf->vht_capab |= VHT_CAP_RXLDPC;
  939. if (os_strstr(capab, "[SHORT-GI-80]"))
  940. conf->vht_capab |= VHT_CAP_SHORT_GI_80;
  941. if (os_strstr(capab, "[SHORT-GI-160]"))
  942. conf->vht_capab |= VHT_CAP_SHORT_GI_160;
  943. if (os_strstr(capab, "[TX-STBC-2BY1]"))
  944. conf->vht_capab |= VHT_CAP_TXSTBC;
  945. if (os_strstr(capab, "[RX-STBC-1]"))
  946. conf->vht_capab |= VHT_CAP_RXSTBC_1;
  947. if (os_strstr(capab, "[RX-STBC-12]"))
  948. conf->vht_capab |= VHT_CAP_RXSTBC_2;
  949. if (os_strstr(capab, "[RX-STBC-123]"))
  950. conf->vht_capab |= VHT_CAP_RXSTBC_3;
  951. if (os_strstr(capab, "[RX-STBC-1234]"))
  952. conf->vht_capab |= VHT_CAP_RXSTBC_4;
  953. if (os_strstr(capab, "[SU-BEAMFORMER]"))
  954. conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
  955. if (os_strstr(capab, "[SU-BEAMFORMEE]"))
  956. conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE;
  957. if (os_strstr(capab, "[BF-ANTENNA-2]") &&
  958. (conf->vht_capab & VHT_CAP_MU_BEAMFORMER_CAPABLE))
  959. conf->vht_capab |= VHT_CAP_BEAMFORMER_ANTENNAS_MAX;
  960. if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") &&
  961. (conf->vht_capab & VHT_CAP_MU_BEAMFORMER_CAPABLE))
  962. conf->vht_capab |= VHT_CAP_SOUNDING_DIMENTION_MAX;
  963. if (os_strstr(capab, "[MU-BEAMFORMER]"))
  964. conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
  965. if (os_strstr(capab, "[MU-BEAMFORMEE]"))
  966. conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE;
  967. if (os_strstr(capab, "[VHT-TXOP-PS]"))
  968. conf->vht_capab |= VHT_CAP_VHT_TXOP_PS;
  969. if (os_strstr(capab, "[HTC-VHT]"))
  970. conf->vht_capab |= VHT_CAP_HTC_VHT;
  971. if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP0]"))
  972. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT;
  973. if (os_strstr(capab, "[VHT-LINK-ADAPT2]") &&
  974. (conf->vht_capab & VHT_CAP_HTC_VHT))
  975. conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB;
  976. if (os_strstr(capab, "[VHT-LINK-ADAPT3]") &&
  977. (conf->vht_capab & VHT_CAP_HTC_VHT))
  978. conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
  979. if (os_strstr(capab, "[RX-ANTENNA-PATTERN]"))
  980. conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
  981. if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
  982. conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
  983. return 0;
  984. }
  985. #endif /* CONFIG_IEEE80211AC */
  986. static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
  987. struct hostapd_config *conf)
  988. {
  989. if (bss->ieee802_1x && !bss->eap_server &&
  990. !bss->radius->auth_servers) {
  991. wpa_printf(MSG_ERROR, "Invalid IEEE 802.1X configuration (no "
  992. "EAP authenticator configured).");
  993. return -1;
  994. }
  995. if (bss->wpa && bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
  996. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
  997. wpa_printf(MSG_ERROR, "WPA-PSK using RADIUS enabled, but no "
  998. "RADIUS checking (macaddr_acl=2) enabled.");
  999. return -1;
  1000. }
  1001. if (bss->wpa && (bss->wpa_key_mgmt & WPA_KEY_MGMT_PSK) &&
  1002. bss->ssid.wpa_psk == NULL && bss->ssid.wpa_passphrase == NULL &&
  1003. bss->ssid.wpa_psk_file == NULL &&
  1004. (bss->wpa_psk_radius != PSK_RADIUS_REQUIRED ||
  1005. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH)) {
  1006. wpa_printf(MSG_ERROR, "WPA-PSK enabled, but PSK or passphrase "
  1007. "is not configured.");
  1008. return -1;
  1009. }
  1010. if (hostapd_mac_comp_empty(bss->bssid) != 0) {
  1011. size_t i;
  1012. for (i = 0; i < conf->num_bss; i++) {
  1013. if ((&conf->bss[i] != bss) &&
  1014. (hostapd_mac_comp(conf->bss[i].bssid,
  1015. bss->bssid) == 0)) {
  1016. wpa_printf(MSG_ERROR, "Duplicate BSSID " MACSTR
  1017. " on interface '%s' and '%s'.",
  1018. MAC2STR(bss->bssid),
  1019. conf->bss[i].iface, bss->iface);
  1020. return -1;
  1021. }
  1022. }
  1023. }
  1024. #ifdef CONFIG_IEEE80211R
  1025. if (wpa_key_mgmt_ft(bss->wpa_key_mgmt) &&
  1026. (bss->nas_identifier == NULL ||
  1027. os_strlen(bss->nas_identifier) < 1 ||
  1028. os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
  1029. wpa_printf(MSG_ERROR, "FT (IEEE 802.11r) requires "
  1030. "nas_identifier to be configured as a 1..48 octet "
  1031. "string");
  1032. return -1;
  1033. }
  1034. #endif /* CONFIG_IEEE80211R */
  1035. #ifdef CONFIG_IEEE80211N
  1036. if (conf->ieee80211n && conf->hw_mode == HOSTAPD_MODE_IEEE80211B) {
  1037. bss->disable_11n = 1;
  1038. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) in 11b mode is not "
  1039. "allowed, disabling HT capabilites");
  1040. }
  1041. if (conf->ieee80211n &&
  1042. bss->ssid.security_policy == SECURITY_STATIC_WEP) {
  1043. bss->disable_11n = 1;
  1044. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
  1045. "allowed, disabling HT capabilities");
  1046. }
  1047. if (conf->ieee80211n && bss->wpa &&
  1048. !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
  1049. !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP))) {
  1050. bss->disable_11n = 1;
  1051. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
  1052. "requires CCMP/GCMP to be enabled, disabling HT "
  1053. "capabilities");
  1054. }
  1055. #endif /* CONFIG_IEEE80211N */
  1056. #ifdef CONFIG_WPS2
  1057. if (bss->wps_state && bss->ignore_broadcast_ssid) {
  1058. wpa_printf(MSG_INFO, "WPS: ignore_broadcast_ssid "
  1059. "configuration forced WPS to be disabled");
  1060. bss->wps_state = 0;
  1061. }
  1062. if (bss->wps_state && bss->ssid.wep.keys_set && bss->wpa == 0) {
  1063. wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
  1064. "disabled");
  1065. bss->wps_state = 0;
  1066. }
  1067. if (bss->wps_state && bss->wpa &&
  1068. (!(bss->wpa & 2) ||
  1069. !(bss->rsn_pairwise & WPA_CIPHER_CCMP))) {
  1070. wpa_printf(MSG_INFO, "WPS: WPA/TKIP configuration without "
  1071. "WPA2/CCMP forced WPS to be disabled");
  1072. bss->wps_state = 0;
  1073. }
  1074. #endif /* CONFIG_WPS2 */
  1075. #ifdef CONFIG_HS20
  1076. if (bss->hs20 &&
  1077. (!(bss->wpa & 2) ||
  1078. !(bss->rsn_pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)))) {
  1079. wpa_printf(MSG_ERROR, "HS 2.0: WPA2-Enterprise/CCMP "
  1080. "configuration is required for Hotspot 2.0 "
  1081. "functionality");
  1082. return -1;
  1083. }
  1084. #endif /* CONFIG_HS20 */
  1085. return 0;
  1086. }
  1087. static int hostapd_config_check(struct hostapd_config *conf)
  1088. {
  1089. size_t i;
  1090. if (conf->ieee80211d && (!conf->country[0] || !conf->country[1])) {
  1091. wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11d without "
  1092. "setting the country_code");
  1093. return -1;
  1094. }
  1095. for (i = 0; i < conf->num_bss; i++) {
  1096. if (hostapd_config_check_bss(&conf->bss[i], conf))
  1097. return -1;
  1098. }
  1099. return 0;
  1100. }
  1101. #ifdef CONFIG_INTERWORKING
  1102. static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos,
  1103. int line)
  1104. {
  1105. size_t len = os_strlen(pos);
  1106. u8 oi[MAX_ROAMING_CONSORTIUM_LEN];
  1107. struct hostapd_roaming_consortium *rc;
  1108. if ((len & 1) || len < 2 * 3 || len / 2 > MAX_ROAMING_CONSORTIUM_LEN ||
  1109. hexstr2bin(pos, oi, len / 2)) {
  1110. wpa_printf(MSG_ERROR, "Line %d: invalid roaming_consortium "
  1111. "'%s'", line, pos);
  1112. return -1;
  1113. }
  1114. len /= 2;
  1115. rc = os_realloc_array(bss->roaming_consortium,
  1116. bss->roaming_consortium_count + 1,
  1117. sizeof(struct hostapd_roaming_consortium));
  1118. if (rc == NULL)
  1119. return -1;
  1120. os_memcpy(rc[bss->roaming_consortium_count].oi, oi, len);
  1121. rc[bss->roaming_consortium_count].len = len;
  1122. bss->roaming_consortium = rc;
  1123. bss->roaming_consortium_count++;
  1124. return 0;
  1125. }
  1126. static int parse_lang_string(struct hostapd_lang_string **array,
  1127. unsigned int *count, char *pos)
  1128. {
  1129. char *sep;
  1130. size_t clen, nlen;
  1131. struct hostapd_lang_string *ls;
  1132. sep = os_strchr(pos, ':');
  1133. if (sep == NULL)
  1134. return -1;
  1135. *sep++ = '\0';
  1136. clen = os_strlen(pos);
  1137. if (clen < 2)
  1138. return -1;
  1139. nlen = os_strlen(sep);
  1140. if (nlen > 252)
  1141. return -1;
  1142. ls = os_realloc_array(*array, *count + 1,
  1143. sizeof(struct hostapd_lang_string));
  1144. if (ls == NULL)
  1145. return -1;
  1146. *array = ls;
  1147. ls = &(*array)[*count];
  1148. (*count)++;
  1149. os_memset(ls->lang, 0, sizeof(ls->lang));
  1150. os_memcpy(ls->lang, pos, clen);
  1151. ls->name_len = nlen;
  1152. os_memcpy(ls->name, sep, nlen);
  1153. return 0;
  1154. }
  1155. static int parse_venue_name(struct hostapd_bss_config *bss, char *pos,
  1156. int line)
  1157. {
  1158. if (parse_lang_string(&bss->venue_name, &bss->venue_name_count, pos)) {
  1159. wpa_printf(MSG_ERROR, "Line %d: Invalid venue_name '%s'",
  1160. line, pos);
  1161. return -1;
  1162. }
  1163. return 0;
  1164. }
  1165. static int parse_3gpp_cell_net(struct hostapd_bss_config *bss, char *buf,
  1166. int line)
  1167. {
  1168. size_t count;
  1169. char *pos;
  1170. u8 *info = NULL, *ipos;
  1171. /* format: <MCC1,MNC1>[;<MCC2,MNC2>][;...] */
  1172. count = 1;
  1173. for (pos = buf; *pos; pos++) {
  1174. if ((*pos < '0' && *pos > '9') && *pos != ';' && *pos != ',')
  1175. goto fail;
  1176. if (*pos == ';')
  1177. count++;
  1178. }
  1179. if (1 + count * 3 > 0x7f)
  1180. goto fail;
  1181. info = os_zalloc(2 + 3 + count * 3);
  1182. if (info == NULL)
  1183. return -1;
  1184. ipos = info;
  1185. *ipos++ = 0; /* GUD - Version 1 */
  1186. *ipos++ = 3 + count * 3; /* User Data Header Length (UDHL) */
  1187. *ipos++ = 0; /* PLMN List IEI */
  1188. /* ext(b8) | Length of PLMN List value contents(b7..1) */
  1189. *ipos++ = 1 + count * 3;
  1190. *ipos++ = count; /* Number of PLMNs */
  1191. pos = buf;
  1192. while (pos && *pos) {
  1193. char *mcc, *mnc;
  1194. size_t mnc_len;
  1195. mcc = pos;
  1196. mnc = os_strchr(pos, ',');
  1197. if (mnc == NULL)
  1198. goto fail;
  1199. *mnc++ = '\0';
  1200. pos = os_strchr(mnc, ';');
  1201. if (pos)
  1202. *pos++ = '\0';
  1203. mnc_len = os_strlen(mnc);
  1204. if (os_strlen(mcc) != 3 || (mnc_len != 2 && mnc_len != 3))
  1205. goto fail;
  1206. /* BC coded MCC,MNC */
  1207. /* MCC digit 2 | MCC digit 1 */
  1208. *ipos++ = ((mcc[1] - '0') << 4) | (mcc[0] - '0');
  1209. /* MNC digit 3 | MCC digit 3 */
  1210. *ipos++ = (((mnc_len == 2) ? 0xf0 : ((mnc[2] - '0') << 4))) |
  1211. (mcc[2] - '0');
  1212. /* MNC digit 2 | MNC digit 1 */
  1213. *ipos++ = ((mnc[1] - '0') << 4) | (mnc[0] - '0');
  1214. }
  1215. os_free(bss->anqp_3gpp_cell_net);
  1216. bss->anqp_3gpp_cell_net = info;
  1217. bss->anqp_3gpp_cell_net_len = 2 + 3 + 3 * count;
  1218. wpa_hexdump(MSG_MSGDUMP, "3GPP Cellular Network information",
  1219. bss->anqp_3gpp_cell_net, bss->anqp_3gpp_cell_net_len);
  1220. return 0;
  1221. fail:
  1222. wpa_printf(MSG_ERROR, "Line %d: Invalid anqp_3gpp_cell_net: %s",
  1223. line, buf);
  1224. os_free(info);
  1225. return -1;
  1226. }
  1227. static int parse_nai_realm(struct hostapd_bss_config *bss, char *buf, int line)
  1228. {
  1229. struct hostapd_nai_realm_data *realm;
  1230. size_t i, j, len;
  1231. int *offsets;
  1232. char *pos, *end, *rpos;
  1233. offsets = os_calloc(bss->nai_realm_count * MAX_NAI_REALMS,
  1234. sizeof(int));
  1235. if (offsets == NULL)
  1236. return -1;
  1237. for (i = 0; i < bss->nai_realm_count; i++) {
  1238. realm = &bss->nai_realm_data[i];
  1239. for (j = 0; j < MAX_NAI_REALMS; j++) {
  1240. offsets[i * MAX_NAI_REALMS + j] =
  1241. realm->realm[j] ?
  1242. realm->realm[j] - realm->realm_buf : -1;
  1243. }
  1244. }
  1245. realm = os_realloc_array(bss->nai_realm_data, bss->nai_realm_count + 1,
  1246. sizeof(struct hostapd_nai_realm_data));
  1247. if (realm == NULL) {
  1248. os_free(offsets);
  1249. return -1;
  1250. }
  1251. bss->nai_realm_data = realm;
  1252. /* patch the pointers after realloc */
  1253. for (i = 0; i < bss->nai_realm_count; i++) {
  1254. realm = &bss->nai_realm_data[i];
  1255. for (j = 0; j < MAX_NAI_REALMS; j++) {
  1256. int offs = offsets[i * MAX_NAI_REALMS + j];
  1257. if (offs >= 0)
  1258. realm->realm[j] = realm->realm_buf + offs;
  1259. else
  1260. realm->realm[j] = NULL;
  1261. }
  1262. }
  1263. os_free(offsets);
  1264. realm = &bss->nai_realm_data[bss->nai_realm_count];
  1265. os_memset(realm, 0, sizeof(*realm));
  1266. pos = buf;
  1267. realm->encoding = atoi(pos);
  1268. pos = os_strchr(pos, ',');
  1269. if (pos == NULL)
  1270. goto fail;
  1271. pos++;
  1272. end = os_strchr(pos, ',');
  1273. if (end) {
  1274. len = end - pos;
  1275. *end = '\0';
  1276. } else {
  1277. len = os_strlen(pos);
  1278. }
  1279. if (len > MAX_NAI_REALMLEN) {
  1280. wpa_printf(MSG_ERROR, "Too long a realm string (%d > max %d "
  1281. "characters)", (int) len, MAX_NAI_REALMLEN);
  1282. goto fail;
  1283. }
  1284. os_memcpy(realm->realm_buf, pos, len);
  1285. if (end)
  1286. pos = end + 1;
  1287. else
  1288. pos = NULL;
  1289. while (pos && *pos) {
  1290. struct hostapd_nai_realm_eap *eap;
  1291. if (realm->eap_method_count >= MAX_NAI_EAP_METHODS) {
  1292. wpa_printf(MSG_ERROR, "Too many EAP methods");
  1293. goto fail;
  1294. }
  1295. eap = &realm->eap_method[realm->eap_method_count];
  1296. realm->eap_method_count++;
  1297. end = os_strchr(pos, ',');
  1298. if (end == NULL)
  1299. end = pos + os_strlen(pos);
  1300. eap->eap_method = atoi(pos);
  1301. for (;;) {
  1302. pos = os_strchr(pos, '[');
  1303. if (pos == NULL || pos > end)
  1304. break;
  1305. pos++;
  1306. if (eap->num_auths >= MAX_NAI_AUTH_TYPES) {
  1307. wpa_printf(MSG_ERROR, "Too many auth params");
  1308. goto fail;
  1309. }
  1310. eap->auth_id[eap->num_auths] = atoi(pos);
  1311. pos = os_strchr(pos, ':');
  1312. if (pos == NULL || pos > end)
  1313. goto fail;
  1314. pos++;
  1315. eap->auth_val[eap->num_auths] = atoi(pos);
  1316. pos = os_strchr(pos, ']');
  1317. if (pos == NULL || pos > end)
  1318. goto fail;
  1319. pos++;
  1320. eap->num_auths++;
  1321. }
  1322. if (*end != ',')
  1323. break;
  1324. pos = end + 1;
  1325. }
  1326. /* Split realm list into null terminated realms */
  1327. rpos = realm->realm_buf;
  1328. i = 0;
  1329. while (*rpos) {
  1330. if (i >= MAX_NAI_REALMS) {
  1331. wpa_printf(MSG_ERROR, "Too many realms");
  1332. goto fail;
  1333. }
  1334. realm->realm[i++] = rpos;
  1335. rpos = os_strchr(rpos, ';');
  1336. if (rpos == NULL)
  1337. break;
  1338. *rpos++ = '\0';
  1339. }
  1340. bss->nai_realm_count++;
  1341. return 0;
  1342. fail:
  1343. wpa_printf(MSG_ERROR, "Line %d: invalid nai_realm '%s'", line, buf);
  1344. return -1;
  1345. }
  1346. #endif /* CONFIG_INTERWORKING */
  1347. #ifdef CONFIG_HS20
  1348. static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf,
  1349. int line)
  1350. {
  1351. u8 *conn_cap;
  1352. char *pos;
  1353. if (bss->hs20_connection_capability_len >= 0xfff0)
  1354. return -1;
  1355. conn_cap = os_realloc(bss->hs20_connection_capability,
  1356. bss->hs20_connection_capability_len + 4);
  1357. if (conn_cap == NULL)
  1358. return -1;
  1359. bss->hs20_connection_capability = conn_cap;
  1360. conn_cap += bss->hs20_connection_capability_len;
  1361. pos = buf;
  1362. conn_cap[0] = atoi(pos);
  1363. pos = os_strchr(pos, ':');
  1364. if (pos == NULL)
  1365. return -1;
  1366. pos++;
  1367. WPA_PUT_LE16(conn_cap + 1, atoi(pos));
  1368. pos = os_strchr(pos, ':');
  1369. if (pos == NULL)
  1370. return -1;
  1371. pos++;
  1372. conn_cap[3] = atoi(pos);
  1373. bss->hs20_connection_capability_len += 4;
  1374. return 0;
  1375. }
  1376. static int hs20_parse_wan_metrics(struct hostapd_bss_config *bss, char *buf,
  1377. int line)
  1378. {
  1379. u8 *wan_metrics;
  1380. char *pos;
  1381. /* <WAN Info>:<DL Speed>:<UL Speed>:<DL Load>:<UL Load>:<LMD> */
  1382. wan_metrics = os_zalloc(13);
  1383. if (wan_metrics == NULL)
  1384. return -1;
  1385. pos = buf;
  1386. /* WAN Info */
  1387. if (hexstr2bin(pos, wan_metrics, 1) < 0)
  1388. goto fail;
  1389. pos += 2;
  1390. if (*pos != ':')
  1391. goto fail;
  1392. pos++;
  1393. /* Downlink Speed */
  1394. WPA_PUT_LE32(wan_metrics + 1, atoi(pos));
  1395. pos = os_strchr(pos, ':');
  1396. if (pos == NULL)
  1397. goto fail;
  1398. pos++;
  1399. /* Uplink Speed */
  1400. WPA_PUT_LE32(wan_metrics + 5, atoi(pos));
  1401. pos = os_strchr(pos, ':');
  1402. if (pos == NULL)
  1403. goto fail;
  1404. pos++;
  1405. /* Downlink Load */
  1406. wan_metrics[9] = atoi(pos);
  1407. pos = os_strchr(pos, ':');
  1408. if (pos == NULL)
  1409. goto fail;
  1410. pos++;
  1411. /* Uplink Load */
  1412. wan_metrics[10] = atoi(pos);
  1413. pos = os_strchr(pos, ':');
  1414. if (pos == NULL)
  1415. goto fail;
  1416. pos++;
  1417. /* LMD */
  1418. WPA_PUT_LE16(wan_metrics + 11, atoi(pos));
  1419. os_free(bss->hs20_wan_metrics);
  1420. bss->hs20_wan_metrics = wan_metrics;
  1421. return 0;
  1422. fail:
  1423. wpa_printf(MSG_ERROR, "Line %d: Invalid hs20_wan_metrics '%s'",
  1424. line, pos);
  1425. os_free(wan_metrics);
  1426. return -1;
  1427. }
  1428. static int hs20_parse_oper_friendly_name(struct hostapd_bss_config *bss,
  1429. char *pos, int line)
  1430. {
  1431. if (parse_lang_string(&bss->hs20_oper_friendly_name,
  1432. &bss->hs20_oper_friendly_name_count, pos)) {
  1433. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1434. "hs20_oper_friendly_name '%s'", line, pos);
  1435. return -1;
  1436. }
  1437. return 0;
  1438. }
  1439. #endif /* CONFIG_HS20 */
  1440. #ifdef CONFIG_WPS_NFC
  1441. static struct wpabuf * hostapd_parse_bin(const char *buf)
  1442. {
  1443. size_t len;
  1444. struct wpabuf *ret;
  1445. len = os_strlen(buf);
  1446. if (len & 0x01)
  1447. return NULL;
  1448. len /= 2;
  1449. ret = wpabuf_alloc(len);
  1450. if (ret == NULL)
  1451. return NULL;
  1452. if (hexstr2bin(buf, wpabuf_put(ret, len), len)) {
  1453. wpabuf_free(ret);
  1454. return NULL;
  1455. }
  1456. return ret;
  1457. }
  1458. #endif /* CONFIG_WPS_NFC */
  1459. static int hostapd_config_fill(struct hostapd_config *conf,
  1460. struct hostapd_bss_config *bss,
  1461. char *buf, char *pos, int line)
  1462. {
  1463. int errors = 0;
  1464. {
  1465. if (os_strcmp(buf, "interface") == 0) {
  1466. os_strlcpy(conf->bss[0].iface, pos,
  1467. sizeof(conf->bss[0].iface));
  1468. } else if (os_strcmp(buf, "bridge") == 0) {
  1469. os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
  1470. } else if (os_strcmp(buf, "wds_bridge") == 0) {
  1471. os_strlcpy(bss->wds_bridge, pos,
  1472. sizeof(bss->wds_bridge));
  1473. } else if (os_strcmp(buf, "driver") == 0) {
  1474. int j;
  1475. /* clear to get error below if setting is invalid */
  1476. conf->driver = NULL;
  1477. for (j = 0; wpa_drivers[j]; j++) {
  1478. if (os_strcmp(pos, wpa_drivers[j]->name) == 0)
  1479. {
  1480. conf->driver = wpa_drivers[j];
  1481. break;
  1482. }
  1483. }
  1484. if (conf->driver == NULL) {
  1485. wpa_printf(MSG_ERROR, "Line %d: invalid/"
  1486. "unknown driver '%s'", line, pos);
  1487. errors++;
  1488. }
  1489. } else if (os_strcmp(buf, "debug") == 0) {
  1490. wpa_printf(MSG_DEBUG, "Line %d: DEPRECATED: 'debug' "
  1491. "configuration variable is not used "
  1492. "anymore", line);
  1493. } else if (os_strcmp(buf, "logger_syslog_level") == 0) {
  1494. bss->logger_syslog_level = atoi(pos);
  1495. } else if (os_strcmp(buf, "logger_stdout_level") == 0) {
  1496. bss->logger_stdout_level = atoi(pos);
  1497. } else if (os_strcmp(buf, "logger_syslog") == 0) {
  1498. bss->logger_syslog = atoi(pos);
  1499. } else if (os_strcmp(buf, "logger_stdout") == 0) {
  1500. bss->logger_stdout = atoi(pos);
  1501. } else if (os_strcmp(buf, "dump_file") == 0) {
  1502. bss->dump_log_name = os_strdup(pos);
  1503. } else if (os_strcmp(buf, "ssid") == 0) {
  1504. bss->ssid.ssid_len = os_strlen(pos);
  1505. if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN ||
  1506. bss->ssid.ssid_len < 1) {
  1507. wpa_printf(MSG_ERROR, "Line %d: invalid SSID "
  1508. "'%s'", line, pos);
  1509. errors++;
  1510. } else {
  1511. os_memcpy(bss->ssid.ssid, pos,
  1512. bss->ssid.ssid_len);
  1513. bss->ssid.ssid_set = 1;
  1514. }
  1515. } else if (os_strcmp(buf, "ssid2") == 0) {
  1516. size_t slen;
  1517. char *str = wpa_config_parse_string(pos, &slen);
  1518. if (str == NULL || slen < 1 ||
  1519. slen > HOSTAPD_MAX_SSID_LEN) {
  1520. wpa_printf(MSG_ERROR, "Line %d: invalid SSID "
  1521. "'%s'", line, pos);
  1522. errors++;
  1523. } else {
  1524. os_memcpy(bss->ssid.ssid, str, slen);
  1525. bss->ssid.ssid_len = slen;
  1526. bss->ssid.ssid_set = 1;
  1527. }
  1528. os_free(str);
  1529. } else if (os_strcmp(buf, "utf8_ssid") == 0) {
  1530. bss->ssid.utf8_ssid = atoi(pos) > 0;
  1531. } else if (os_strcmp(buf, "macaddr_acl") == 0) {
  1532. bss->macaddr_acl = atoi(pos);
  1533. if (bss->macaddr_acl != ACCEPT_UNLESS_DENIED &&
  1534. bss->macaddr_acl != DENY_UNLESS_ACCEPTED &&
  1535. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
  1536. wpa_printf(MSG_ERROR, "Line %d: unknown "
  1537. "macaddr_acl %d",
  1538. line, bss->macaddr_acl);
  1539. }
  1540. } else if (os_strcmp(buf, "accept_mac_file") == 0) {
  1541. if (hostapd_config_read_maclist(pos, &bss->accept_mac,
  1542. &bss->num_accept_mac))
  1543. {
  1544. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1545. "read accept_mac_file '%s'",
  1546. line, pos);
  1547. errors++;
  1548. }
  1549. } else if (os_strcmp(buf, "deny_mac_file") == 0) {
  1550. if (hostapd_config_read_maclist(pos, &bss->deny_mac,
  1551. &bss->num_deny_mac)) {
  1552. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1553. "read deny_mac_file '%s'",
  1554. line, pos);
  1555. errors++;
  1556. }
  1557. } else if (os_strcmp(buf, "wds_sta") == 0) {
  1558. bss->wds_sta = atoi(pos);
  1559. } else if (os_strcmp(buf, "ap_isolate") == 0) {
  1560. bss->isolate = atoi(pos);
  1561. } else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
  1562. bss->ap_max_inactivity = atoi(pos);
  1563. } else if (os_strcmp(buf, "skip_inactivity_poll") == 0) {
  1564. bss->skip_inactivity_poll = atoi(pos);
  1565. } else if (os_strcmp(buf, "country_code") == 0) {
  1566. os_memcpy(conf->country, pos, 2);
  1567. /* FIX: make this configurable */
  1568. conf->country[2] = ' ';
  1569. } else if (os_strcmp(buf, "ieee80211d") == 0) {
  1570. conf->ieee80211d = atoi(pos);
  1571. } else if (os_strcmp(buf, "ieee8021x") == 0) {
  1572. bss->ieee802_1x = atoi(pos);
  1573. } else if (os_strcmp(buf, "eapol_version") == 0) {
  1574. bss->eapol_version = atoi(pos);
  1575. if (bss->eapol_version < 1 ||
  1576. bss->eapol_version > 2) {
  1577. wpa_printf(MSG_ERROR, "Line %d: invalid EAPOL "
  1578. "version (%d): '%s'.",
  1579. line, bss->eapol_version, pos);
  1580. errors++;
  1581. } else
  1582. wpa_printf(MSG_DEBUG, "eapol_version=%d",
  1583. bss->eapol_version);
  1584. #ifdef EAP_SERVER
  1585. } else if (os_strcmp(buf, "eap_authenticator") == 0) {
  1586. bss->eap_server = atoi(pos);
  1587. wpa_printf(MSG_ERROR, "Line %d: obsolete "
  1588. "eap_authenticator used; this has been "
  1589. "renamed to eap_server", line);
  1590. } else if (os_strcmp(buf, "eap_server") == 0) {
  1591. bss->eap_server = atoi(pos);
  1592. } else if (os_strcmp(buf, "eap_user_file") == 0) {
  1593. if (hostapd_config_read_eap_user(pos, bss))
  1594. errors++;
  1595. } else if (os_strcmp(buf, "ca_cert") == 0) {
  1596. os_free(bss->ca_cert);
  1597. bss->ca_cert = os_strdup(pos);
  1598. } else if (os_strcmp(buf, "server_cert") == 0) {
  1599. os_free(bss->server_cert);
  1600. bss->server_cert = os_strdup(pos);
  1601. } else if (os_strcmp(buf, "private_key") == 0) {
  1602. os_free(bss->private_key);
  1603. bss->private_key = os_strdup(pos);
  1604. } else if (os_strcmp(buf, "private_key_passwd") == 0) {
  1605. os_free(bss->private_key_passwd);
  1606. bss->private_key_passwd = os_strdup(pos);
  1607. } else if (os_strcmp(buf, "check_crl") == 0) {
  1608. bss->check_crl = atoi(pos);
  1609. } else if (os_strcmp(buf, "dh_file") == 0) {
  1610. os_free(bss->dh_file);
  1611. bss->dh_file = os_strdup(pos);
  1612. } else if (os_strcmp(buf, "fragment_size") == 0) {
  1613. bss->fragment_size = atoi(pos);
  1614. #ifdef EAP_SERVER_FAST
  1615. } else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
  1616. os_free(bss->pac_opaque_encr_key);
  1617. bss->pac_opaque_encr_key = os_malloc(16);
  1618. if (bss->pac_opaque_encr_key == NULL) {
  1619. wpa_printf(MSG_ERROR, "Line %d: No memory for "
  1620. "pac_opaque_encr_key", line);
  1621. errors++;
  1622. } else if (hexstr2bin(pos, bss->pac_opaque_encr_key,
  1623. 16)) {
  1624. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1625. "pac_opaque_encr_key", line);
  1626. errors++;
  1627. }
  1628. } else if (os_strcmp(buf, "eap_fast_a_id") == 0) {
  1629. size_t idlen = os_strlen(pos);
  1630. if (idlen & 1) {
  1631. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1632. "eap_fast_a_id", line);
  1633. errors++;
  1634. } else {
  1635. os_free(bss->eap_fast_a_id);
  1636. bss->eap_fast_a_id = os_malloc(idlen / 2);
  1637. if (bss->eap_fast_a_id == NULL ||
  1638. hexstr2bin(pos, bss->eap_fast_a_id,
  1639. idlen / 2)) {
  1640. wpa_printf(MSG_ERROR, "Line %d: "
  1641. "Failed to parse "
  1642. "eap_fast_a_id", line);
  1643. errors++;
  1644. } else
  1645. bss->eap_fast_a_id_len = idlen / 2;
  1646. }
  1647. } else if (os_strcmp(buf, "eap_fast_a_id_info") == 0) {
  1648. os_free(bss->eap_fast_a_id_info);
  1649. bss->eap_fast_a_id_info = os_strdup(pos);
  1650. } else if (os_strcmp(buf, "eap_fast_prov") == 0) {
  1651. bss->eap_fast_prov = atoi(pos);
  1652. } else if (os_strcmp(buf, "pac_key_lifetime") == 0) {
  1653. bss->pac_key_lifetime = atoi(pos);
  1654. } else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
  1655. bss->pac_key_refresh_time = atoi(pos);
  1656. #endif /* EAP_SERVER_FAST */
  1657. #ifdef EAP_SERVER_SIM
  1658. } else if (os_strcmp(buf, "eap_sim_db") == 0) {
  1659. os_free(bss->eap_sim_db);
  1660. bss->eap_sim_db = os_strdup(pos);
  1661. } else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
  1662. bss->eap_sim_aka_result_ind = atoi(pos);
  1663. #endif /* EAP_SERVER_SIM */
  1664. #ifdef EAP_SERVER_TNC
  1665. } else if (os_strcmp(buf, "tnc") == 0) {
  1666. bss->tnc = atoi(pos);
  1667. #endif /* EAP_SERVER_TNC */
  1668. #ifdef EAP_SERVER_PWD
  1669. } else if (os_strcmp(buf, "pwd_group") == 0) {
  1670. bss->pwd_group = atoi(pos);
  1671. #endif /* EAP_SERVER_PWD */
  1672. #endif /* EAP_SERVER */
  1673. } else if (os_strcmp(buf, "eap_message") == 0) {
  1674. char *term;
  1675. bss->eap_req_id_text = os_strdup(pos);
  1676. if (bss->eap_req_id_text == NULL) {
  1677. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1678. "allocate memory for "
  1679. "eap_req_id_text", line);
  1680. errors++;
  1681. return errors;
  1682. }
  1683. bss->eap_req_id_text_len =
  1684. os_strlen(bss->eap_req_id_text);
  1685. term = os_strstr(bss->eap_req_id_text, "\\0");
  1686. if (term) {
  1687. *term++ = '\0';
  1688. os_memmove(term, term + 1,
  1689. bss->eap_req_id_text_len -
  1690. (term - bss->eap_req_id_text) - 1);
  1691. bss->eap_req_id_text_len--;
  1692. }
  1693. } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
  1694. bss->default_wep_key_len = atoi(pos);
  1695. if (bss->default_wep_key_len > 13) {
  1696. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1697. "key len %lu (= %lu bits)", line,
  1698. (unsigned long)
  1699. bss->default_wep_key_len,
  1700. (unsigned long)
  1701. bss->default_wep_key_len * 8);
  1702. errors++;
  1703. }
  1704. } else if (os_strcmp(buf, "wep_key_len_unicast") == 0) {
  1705. bss->individual_wep_key_len = atoi(pos);
  1706. if (bss->individual_wep_key_len < 0 ||
  1707. bss->individual_wep_key_len > 13) {
  1708. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1709. "key len %d (= %d bits)", line,
  1710. bss->individual_wep_key_len,
  1711. bss->individual_wep_key_len * 8);
  1712. errors++;
  1713. }
  1714. } else if (os_strcmp(buf, "wep_rekey_period") == 0) {
  1715. bss->wep_rekeying_period = atoi(pos);
  1716. if (bss->wep_rekeying_period < 0) {
  1717. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1718. "period %d",
  1719. line, bss->wep_rekeying_period);
  1720. errors++;
  1721. }
  1722. } else if (os_strcmp(buf, "eap_reauth_period") == 0) {
  1723. bss->eap_reauth_period = atoi(pos);
  1724. if (bss->eap_reauth_period < 0) {
  1725. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1726. "period %d",
  1727. line, bss->eap_reauth_period);
  1728. errors++;
  1729. }
  1730. } else if (os_strcmp(buf, "eapol_key_index_workaround") == 0) {
  1731. bss->eapol_key_index_workaround = atoi(pos);
  1732. #ifdef CONFIG_IAPP
  1733. } else if (os_strcmp(buf, "iapp_interface") == 0) {
  1734. bss->ieee802_11f = 1;
  1735. os_strlcpy(bss->iapp_iface, pos,
  1736. sizeof(bss->iapp_iface));
  1737. #endif /* CONFIG_IAPP */
  1738. } else if (os_strcmp(buf, "own_ip_addr") == 0) {
  1739. if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
  1740. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1741. "address '%s'", line, pos);
  1742. errors++;
  1743. }
  1744. } else if (os_strcmp(buf, "nas_identifier") == 0) {
  1745. bss->nas_identifier = os_strdup(pos);
  1746. #ifndef CONFIG_NO_RADIUS
  1747. } else if (os_strcmp(buf, "auth_server_addr") == 0) {
  1748. if (hostapd_config_read_radius_addr(
  1749. &bss->radius->auth_servers,
  1750. &bss->radius->num_auth_servers, pos, 1812,
  1751. &bss->radius->auth_server)) {
  1752. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1753. "address '%s'", line, pos);
  1754. errors++;
  1755. }
  1756. } else if (bss->radius->auth_server &&
  1757. os_strcmp(buf, "auth_server_port") == 0) {
  1758. bss->radius->auth_server->port = atoi(pos);
  1759. } else if (bss->radius->auth_server &&
  1760. os_strcmp(buf, "auth_server_shared_secret") == 0) {
  1761. int len = os_strlen(pos);
  1762. if (len == 0) {
  1763. /* RFC 2865, Ch. 3 */
  1764. wpa_printf(MSG_ERROR, "Line %d: empty shared "
  1765. "secret is not allowed.", line);
  1766. errors++;
  1767. }
  1768. bss->radius->auth_server->shared_secret =
  1769. (u8 *) os_strdup(pos);
  1770. bss->radius->auth_server->shared_secret_len = len;
  1771. } else if (os_strcmp(buf, "acct_server_addr") == 0) {
  1772. if (hostapd_config_read_radius_addr(
  1773. &bss->radius->acct_servers,
  1774. &bss->radius->num_acct_servers, pos, 1813,
  1775. &bss->radius->acct_server)) {
  1776. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1777. "address '%s'", line, pos);
  1778. errors++;
  1779. }
  1780. } else if (bss->radius->acct_server &&
  1781. os_strcmp(buf, "acct_server_port") == 0) {
  1782. bss->radius->acct_server->port = atoi(pos);
  1783. } else if (bss->radius->acct_server &&
  1784. os_strcmp(buf, "acct_server_shared_secret") == 0) {
  1785. int len = os_strlen(pos);
  1786. if (len == 0) {
  1787. /* RFC 2865, Ch. 3 */
  1788. wpa_printf(MSG_ERROR, "Line %d: empty shared "
  1789. "secret is not allowed.", line);
  1790. errors++;
  1791. }
  1792. bss->radius->acct_server->shared_secret =
  1793. (u8 *) os_strdup(pos);
  1794. bss->radius->acct_server->shared_secret_len = len;
  1795. } else if (os_strcmp(buf, "radius_retry_primary_interval") ==
  1796. 0) {
  1797. bss->radius->retry_primary_interval = atoi(pos);
  1798. } else if (os_strcmp(buf, "radius_acct_interim_interval") == 0)
  1799. {
  1800. bss->acct_interim_interval = atoi(pos);
  1801. } else if (os_strcmp(buf, "radius_request_cui") == 0) {
  1802. bss->radius_request_cui = atoi(pos);
  1803. } else if (os_strcmp(buf, "radius_auth_req_attr") == 0) {
  1804. struct hostapd_radius_attr *attr, *a;
  1805. attr = hostapd_parse_radius_attr(pos);
  1806. if (attr == NULL) {
  1807. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1808. "radius_auth_req_attr", line);
  1809. errors++;
  1810. } else if (bss->radius_auth_req_attr == NULL) {
  1811. bss->radius_auth_req_attr = attr;
  1812. } else {
  1813. a = bss->radius_auth_req_attr;
  1814. while (a->next)
  1815. a = a->next;
  1816. a->next = attr;
  1817. }
  1818. } else if (os_strcmp(buf, "radius_acct_req_attr") == 0) {
  1819. struct hostapd_radius_attr *attr, *a;
  1820. attr = hostapd_parse_radius_attr(pos);
  1821. if (attr == NULL) {
  1822. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1823. "radius_acct_req_attr", line);
  1824. errors++;
  1825. } else if (bss->radius_acct_req_attr == NULL) {
  1826. bss->radius_acct_req_attr = attr;
  1827. } else {
  1828. a = bss->radius_acct_req_attr;
  1829. while (a->next)
  1830. a = a->next;
  1831. a->next = attr;
  1832. }
  1833. } else if (os_strcmp(buf, "radius_das_port") == 0) {
  1834. bss->radius_das_port = atoi(pos);
  1835. } else if (os_strcmp(buf, "radius_das_client") == 0) {
  1836. if (hostapd_parse_das_client(bss, pos) < 0) {
  1837. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1838. "DAS client", line);
  1839. errors++;
  1840. }
  1841. } else if (os_strcmp(buf, "radius_das_time_window") == 0) {
  1842. bss->radius_das_time_window = atoi(pos);
  1843. } else if (os_strcmp(buf, "radius_das_require_event_timestamp")
  1844. == 0) {
  1845. bss->radius_das_require_event_timestamp = atoi(pos);
  1846. #endif /* CONFIG_NO_RADIUS */
  1847. } else if (os_strcmp(buf, "auth_algs") == 0) {
  1848. bss->auth_algs = atoi(pos);
  1849. if (bss->auth_algs == 0) {
  1850. wpa_printf(MSG_ERROR, "Line %d: no "
  1851. "authentication algorithms allowed",
  1852. line);
  1853. errors++;
  1854. }
  1855. } else if (os_strcmp(buf, "max_num_sta") == 0) {
  1856. bss->max_num_sta = atoi(pos);
  1857. if (bss->max_num_sta < 0 ||
  1858. bss->max_num_sta > MAX_STA_COUNT) {
  1859. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1860. "max_num_sta=%d; allowed range "
  1861. "0..%d", line, bss->max_num_sta,
  1862. MAX_STA_COUNT);
  1863. errors++;
  1864. }
  1865. } else if (os_strcmp(buf, "wpa") == 0) {
  1866. bss->wpa = atoi(pos);
  1867. } else if (os_strcmp(buf, "wpa_group_rekey") == 0) {
  1868. bss->wpa_group_rekey = atoi(pos);
  1869. } else if (os_strcmp(buf, "wpa_strict_rekey") == 0) {
  1870. bss->wpa_strict_rekey = atoi(pos);
  1871. } else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) {
  1872. bss->wpa_gmk_rekey = atoi(pos);
  1873. } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) {
  1874. bss->wpa_ptk_rekey = atoi(pos);
  1875. } else if (os_strcmp(buf, "wpa_passphrase") == 0) {
  1876. int len = os_strlen(pos);
  1877. if (len < 8 || len > 63) {
  1878. wpa_printf(MSG_ERROR, "Line %d: invalid WPA "
  1879. "passphrase length %d (expected "
  1880. "8..63)", line, len);
  1881. errors++;
  1882. } else {
  1883. os_free(bss->ssid.wpa_passphrase);
  1884. bss->ssid.wpa_passphrase = os_strdup(pos);
  1885. os_free(bss->ssid.wpa_psk);
  1886. bss->ssid.wpa_psk = NULL;
  1887. }
  1888. } else if (os_strcmp(buf, "wpa_psk") == 0) {
  1889. os_free(bss->ssid.wpa_psk);
  1890. bss->ssid.wpa_psk =
  1891. os_zalloc(sizeof(struct hostapd_wpa_psk));
  1892. if (bss->ssid.wpa_psk == NULL)
  1893. errors++;
  1894. else if (hexstr2bin(pos, bss->ssid.wpa_psk->psk,
  1895. PMK_LEN) ||
  1896. pos[PMK_LEN * 2] != '\0') {
  1897. wpa_printf(MSG_ERROR, "Line %d: Invalid PSK "
  1898. "'%s'.", line, pos);
  1899. errors++;
  1900. } else {
  1901. bss->ssid.wpa_psk->group = 1;
  1902. os_free(bss->ssid.wpa_passphrase);
  1903. bss->ssid.wpa_passphrase = NULL;
  1904. }
  1905. } else if (os_strcmp(buf, "wpa_psk_file") == 0) {
  1906. os_free(bss->ssid.wpa_psk_file);
  1907. bss->ssid.wpa_psk_file = os_strdup(pos);
  1908. if (!bss->ssid.wpa_psk_file) {
  1909. wpa_printf(MSG_ERROR, "Line %d: allocation "
  1910. "failed", line);
  1911. errors++;
  1912. }
  1913. } else if (os_strcmp(buf, "wpa_key_mgmt") == 0) {
  1914. bss->wpa_key_mgmt =
  1915. hostapd_config_parse_key_mgmt(line, pos);
  1916. if (bss->wpa_key_mgmt == -1)
  1917. errors++;
  1918. } else if (os_strcmp(buf, "wpa_psk_radius") == 0) {
  1919. bss->wpa_psk_radius = atoi(pos);
  1920. if (bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
  1921. bss->wpa_psk_radius != PSK_RADIUS_ACCEPTED &&
  1922. bss->wpa_psk_radius != PSK_RADIUS_REQUIRED) {
  1923. wpa_printf(MSG_ERROR, "Line %d: unknown "
  1924. "wpa_psk_radius %d",
  1925. line, bss->wpa_psk_radius);
  1926. errors++;
  1927. }
  1928. } else if (os_strcmp(buf, "wpa_pairwise") == 0) {
  1929. bss->wpa_pairwise =
  1930. hostapd_config_parse_cipher(line, pos);
  1931. if (bss->wpa_pairwise == -1 ||
  1932. bss->wpa_pairwise == 0)
  1933. errors++;
  1934. else if (bss->wpa_pairwise &
  1935. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 |
  1936. WPA_CIPHER_WEP104)) {
  1937. wpa_printf(MSG_ERROR, "Line %d: unsupported "
  1938. "pairwise cipher suite '%s'",
  1939. bss->wpa_pairwise, pos);
  1940. errors++;
  1941. }
  1942. } else if (os_strcmp(buf, "rsn_pairwise") == 0) {
  1943. bss->rsn_pairwise =
  1944. hostapd_config_parse_cipher(line, pos);
  1945. if (bss->rsn_pairwise == -1 ||
  1946. bss->rsn_pairwise == 0)
  1947. errors++;
  1948. else if (bss->rsn_pairwise &
  1949. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 |
  1950. WPA_CIPHER_WEP104)) {
  1951. wpa_printf(MSG_ERROR, "Line %d: unsupported "
  1952. "pairwise cipher suite '%s'",
  1953. bss->rsn_pairwise, pos);
  1954. errors++;
  1955. }
  1956. #ifdef CONFIG_RSN_PREAUTH
  1957. } else if (os_strcmp(buf, "rsn_preauth") == 0) {
  1958. bss->rsn_preauth = atoi(pos);
  1959. } else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) {
  1960. bss->rsn_preauth_interfaces = os_strdup(pos);
  1961. #endif /* CONFIG_RSN_PREAUTH */
  1962. #ifdef CONFIG_PEERKEY
  1963. } else if (os_strcmp(buf, "peerkey") == 0) {
  1964. bss->peerkey = atoi(pos);
  1965. #endif /* CONFIG_PEERKEY */
  1966. #ifdef CONFIG_IEEE80211R
  1967. } else if (os_strcmp(buf, "mobility_domain") == 0) {
  1968. if (os_strlen(pos) != 2 * MOBILITY_DOMAIN_ID_LEN ||
  1969. hexstr2bin(pos, bss->mobility_domain,
  1970. MOBILITY_DOMAIN_ID_LEN) != 0) {
  1971. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1972. "mobility_domain '%s'", line, pos);
  1973. errors++;
  1974. return errors;
  1975. }
  1976. } else if (os_strcmp(buf, "r1_key_holder") == 0) {
  1977. if (os_strlen(pos) != 2 * FT_R1KH_ID_LEN ||
  1978. hexstr2bin(pos, bss->r1_key_holder,
  1979. FT_R1KH_ID_LEN) != 0) {
  1980. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1981. "r1_key_holder '%s'", line, pos);
  1982. errors++;
  1983. return errors;
  1984. }
  1985. } else if (os_strcmp(buf, "r0_key_lifetime") == 0) {
  1986. bss->r0_key_lifetime = atoi(pos);
  1987. } else if (os_strcmp(buf, "reassociation_deadline") == 0) {
  1988. bss->reassociation_deadline = atoi(pos);
  1989. } else if (os_strcmp(buf, "r0kh") == 0) {
  1990. if (add_r0kh(bss, pos) < 0) {
  1991. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1992. "r0kh '%s'", line, pos);
  1993. errors++;
  1994. return errors;
  1995. }
  1996. } else if (os_strcmp(buf, "r1kh") == 0) {
  1997. if (add_r1kh(bss, pos) < 0) {
  1998. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1999. "r1kh '%s'", line, pos);
  2000. errors++;
  2001. return errors;
  2002. }
  2003. } else if (os_strcmp(buf, "pmk_r1_push") == 0) {
  2004. bss->pmk_r1_push = atoi(pos);
  2005. } else if (os_strcmp(buf, "ft_over_ds") == 0) {
  2006. bss->ft_over_ds = atoi(pos);
  2007. #endif /* CONFIG_IEEE80211R */
  2008. #ifndef CONFIG_NO_CTRL_IFACE
  2009. } else if (os_strcmp(buf, "ctrl_interface") == 0) {
  2010. os_free(bss->ctrl_interface);
  2011. bss->ctrl_interface = os_strdup(pos);
  2012. } else if (os_strcmp(buf, "ctrl_interface_group") == 0) {
  2013. #ifndef CONFIG_NATIVE_WINDOWS
  2014. struct group *grp;
  2015. char *endp;
  2016. const char *group = pos;
  2017. grp = getgrnam(group);
  2018. if (grp) {
  2019. bss->ctrl_interface_gid = grp->gr_gid;
  2020. bss->ctrl_interface_gid_set = 1;
  2021. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d"
  2022. " (from group name '%s')",
  2023. bss->ctrl_interface_gid, group);
  2024. return errors;
  2025. }
  2026. /* Group name not found - try to parse this as gid */
  2027. bss->ctrl_interface_gid = strtol(group, &endp, 10);
  2028. if (*group == '\0' || *endp != '\0') {
  2029. wpa_printf(MSG_DEBUG, "Line %d: Invalid group "
  2030. "'%s'", line, group);
  2031. errors++;
  2032. return errors;
  2033. }
  2034. bss->ctrl_interface_gid_set = 1;
  2035. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d",
  2036. bss->ctrl_interface_gid);
  2037. #endif /* CONFIG_NATIVE_WINDOWS */
  2038. #endif /* CONFIG_NO_CTRL_IFACE */
  2039. #ifdef RADIUS_SERVER
  2040. } else if (os_strcmp(buf, "radius_server_clients") == 0) {
  2041. os_free(bss->radius_server_clients);
  2042. bss->radius_server_clients = os_strdup(pos);
  2043. } else if (os_strcmp(buf, "radius_server_auth_port") == 0) {
  2044. bss->radius_server_auth_port = atoi(pos);
  2045. } else if (os_strcmp(buf, "radius_server_ipv6") == 0) {
  2046. bss->radius_server_ipv6 = atoi(pos);
  2047. #endif /* RADIUS_SERVER */
  2048. } else if (os_strcmp(buf, "test_socket") == 0) {
  2049. os_free(bss->test_socket);
  2050. bss->test_socket = os_strdup(pos);
  2051. } else if (os_strcmp(buf, "use_pae_group_addr") == 0) {
  2052. bss->use_pae_group_addr = atoi(pos);
  2053. } else if (os_strcmp(buf, "hw_mode") == 0) {
  2054. if (os_strcmp(pos, "a") == 0)
  2055. conf->hw_mode = HOSTAPD_MODE_IEEE80211A;
  2056. else if (os_strcmp(pos, "b") == 0)
  2057. conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
  2058. else if (os_strcmp(pos, "g") == 0)
  2059. conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
  2060. else if (os_strcmp(pos, "ad") == 0)
  2061. conf->hw_mode = HOSTAPD_MODE_IEEE80211AD;
  2062. else {
  2063. wpa_printf(MSG_ERROR, "Line %d: unknown "
  2064. "hw_mode '%s'", line, pos);
  2065. errors++;
  2066. }
  2067. } else if (os_strcmp(buf, "wps_rf_bands") == 0) {
  2068. if (os_strcmp(pos, "a") == 0)
  2069. bss->wps_rf_bands = WPS_RF_50GHZ;
  2070. else if (os_strcmp(pos, "g") == 0 ||
  2071. os_strcmp(pos, "b") == 0)
  2072. bss->wps_rf_bands = WPS_RF_24GHZ;
  2073. else if (os_strcmp(pos, "ag") == 0 ||
  2074. os_strcmp(pos, "ga") == 0)
  2075. bss->wps_rf_bands =
  2076. WPS_RF_24GHZ | WPS_RF_50GHZ;
  2077. else {
  2078. wpa_printf(MSG_ERROR, "Line %d: unknown "
  2079. "wps_rf_band '%s'", line, pos);
  2080. errors++;
  2081. }
  2082. } else if (os_strcmp(buf, "channel") == 0) {
  2083. conf->channel = atoi(pos);
  2084. } else if (os_strcmp(buf, "beacon_int") == 0) {
  2085. int val = atoi(pos);
  2086. /* MIB defines range as 1..65535, but very small values
  2087. * cause problems with the current implementation.
  2088. * Since it is unlikely that this small numbers are
  2089. * useful in real life scenarios, do not allow beacon
  2090. * period to be set below 15 TU. */
  2091. if (val < 15 || val > 65535) {
  2092. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2093. "beacon_int %d (expected "
  2094. "15..65535)", line, val);
  2095. errors++;
  2096. } else
  2097. conf->beacon_int = val;
  2098. } else if (os_strcmp(buf, "dtim_period") == 0) {
  2099. bss->dtim_period = atoi(pos);
  2100. if (bss->dtim_period < 1 || bss->dtim_period > 255) {
  2101. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2102. "dtim_period %d",
  2103. line, bss->dtim_period);
  2104. errors++;
  2105. }
  2106. } else if (os_strcmp(buf, "rts_threshold") == 0) {
  2107. conf->rts_threshold = atoi(pos);
  2108. if (conf->rts_threshold < 0 ||
  2109. conf->rts_threshold > 2347) {
  2110. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2111. "rts_threshold %d",
  2112. line, conf->rts_threshold);
  2113. errors++;
  2114. }
  2115. } else if (os_strcmp(buf, "fragm_threshold") == 0) {
  2116. conf->fragm_threshold = atoi(pos);
  2117. if (conf->fragm_threshold < 256 ||
  2118. conf->fragm_threshold > 2346) {
  2119. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2120. "fragm_threshold %d",
  2121. line, conf->fragm_threshold);
  2122. errors++;
  2123. }
  2124. } else if (os_strcmp(buf, "send_probe_response") == 0) {
  2125. int val = atoi(pos);
  2126. if (val != 0 && val != 1) {
  2127. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2128. "send_probe_response %d (expected "
  2129. "0 or 1)", line, val);
  2130. } else
  2131. conf->send_probe_response = val;
  2132. } else if (os_strcmp(buf, "supported_rates") == 0) {
  2133. if (hostapd_parse_rates(&conf->supported_rates, pos)) {
  2134. wpa_printf(MSG_ERROR, "Line %d: invalid rate "
  2135. "list", line);
  2136. errors++;
  2137. }
  2138. } else if (os_strcmp(buf, "basic_rates") == 0) {
  2139. if (hostapd_parse_rates(&conf->basic_rates, pos)) {
  2140. wpa_printf(MSG_ERROR, "Line %d: invalid rate "
  2141. "list", line);
  2142. errors++;
  2143. }
  2144. } else if (os_strcmp(buf, "preamble") == 0) {
  2145. if (atoi(pos))
  2146. conf->preamble = SHORT_PREAMBLE;
  2147. else
  2148. conf->preamble = LONG_PREAMBLE;
  2149. } else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) {
  2150. bss->ignore_broadcast_ssid = atoi(pos);
  2151. } else if (os_strcmp(buf, "wep_default_key") == 0) {
  2152. bss->ssid.wep.idx = atoi(pos);
  2153. if (bss->ssid.wep.idx > 3) {
  2154. wpa_printf(MSG_ERROR, "Invalid "
  2155. "wep_default_key index %d",
  2156. bss->ssid.wep.idx);
  2157. errors++;
  2158. }
  2159. } else if (os_strcmp(buf, "wep_key0") == 0 ||
  2160. os_strcmp(buf, "wep_key1") == 0 ||
  2161. os_strcmp(buf, "wep_key2") == 0 ||
  2162. os_strcmp(buf, "wep_key3") == 0) {
  2163. if (hostapd_config_read_wep(&bss->ssid.wep,
  2164. buf[7] - '0', pos)) {
  2165. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  2166. "key '%s'", line, buf);
  2167. errors++;
  2168. }
  2169. #ifndef CONFIG_NO_VLAN
  2170. } else if (os_strcmp(buf, "dynamic_vlan") == 0) {
  2171. bss->ssid.dynamic_vlan = atoi(pos);
  2172. } else if (os_strcmp(buf, "vlan_file") == 0) {
  2173. if (hostapd_config_read_vlan_file(bss, pos)) {
  2174. wpa_printf(MSG_ERROR, "Line %d: failed to "
  2175. "read VLAN file '%s'", line, pos);
  2176. errors++;
  2177. }
  2178. } else if (os_strcmp(buf, "vlan_naming") == 0) {
  2179. bss->ssid.vlan_naming = atoi(pos);
  2180. if (bss->ssid.vlan_naming >= DYNAMIC_VLAN_NAMING_END ||
  2181. bss->ssid.vlan_naming < 0) {
  2182. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2183. "naming scheme %d", line,
  2184. bss->ssid.vlan_naming);
  2185. errors++;
  2186. }
  2187. #ifdef CONFIG_FULL_DYNAMIC_VLAN
  2188. } else if (os_strcmp(buf, "vlan_tagged_interface") == 0) {
  2189. bss->ssid.vlan_tagged_interface = os_strdup(pos);
  2190. #endif /* CONFIG_FULL_DYNAMIC_VLAN */
  2191. #endif /* CONFIG_NO_VLAN */
  2192. } else if (os_strcmp(buf, "ap_table_max_size") == 0) {
  2193. conf->ap_table_max_size = atoi(pos);
  2194. } else if (os_strcmp(buf, "ap_table_expiration_time") == 0) {
  2195. conf->ap_table_expiration_time = atoi(pos);
  2196. } else if (os_strncmp(buf, "tx_queue_", 9) == 0) {
  2197. if (hostapd_config_tx_queue(conf, buf, pos)) {
  2198. wpa_printf(MSG_ERROR, "Line %d: invalid TX "
  2199. "queue item", line);
  2200. errors++;
  2201. }
  2202. } else if (os_strcmp(buf, "wme_enabled") == 0 ||
  2203. os_strcmp(buf, "wmm_enabled") == 0) {
  2204. bss->wmm_enabled = atoi(pos);
  2205. } else if (os_strcmp(buf, "uapsd_advertisement_enabled") == 0) {
  2206. bss->wmm_uapsd = atoi(pos);
  2207. } else if (os_strncmp(buf, "wme_ac_", 7) == 0 ||
  2208. os_strncmp(buf, "wmm_ac_", 7) == 0) {
  2209. if (hostapd_config_wmm_ac(conf->wmm_ac_params, buf,
  2210. pos)) {
  2211. wpa_printf(MSG_ERROR, "Line %d: invalid WMM "
  2212. "ac item", line);
  2213. errors++;
  2214. }
  2215. } else if (os_strcmp(buf, "bss") == 0) {
  2216. if (hostapd_config_bss(conf, pos)) {
  2217. wpa_printf(MSG_ERROR, "Line %d: invalid bss "
  2218. "item", line);
  2219. errors++;
  2220. }
  2221. } else if (os_strcmp(buf, "bssid") == 0) {
  2222. if (hwaddr_aton(pos, bss->bssid)) {
  2223. wpa_printf(MSG_ERROR, "Line %d: invalid bssid "
  2224. "item", line);
  2225. errors++;
  2226. }
  2227. #ifdef CONFIG_IEEE80211W
  2228. } else if (os_strcmp(buf, "ieee80211w") == 0) {
  2229. bss->ieee80211w = atoi(pos);
  2230. } else if (os_strcmp(buf, "assoc_sa_query_max_timeout") == 0) {
  2231. bss->assoc_sa_query_max_timeout = atoi(pos);
  2232. if (bss->assoc_sa_query_max_timeout == 0) {
  2233. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2234. "assoc_sa_query_max_timeout", line);
  2235. errors++;
  2236. }
  2237. } else if (os_strcmp(buf, "assoc_sa_query_retry_timeout") == 0)
  2238. {
  2239. bss->assoc_sa_query_retry_timeout = atoi(pos);
  2240. if (bss->assoc_sa_query_retry_timeout == 0) {
  2241. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2242. "assoc_sa_query_retry_timeout",
  2243. line);
  2244. errors++;
  2245. }
  2246. #endif /* CONFIG_IEEE80211W */
  2247. #ifdef CONFIG_IEEE80211N
  2248. } else if (os_strcmp(buf, "ieee80211n") == 0) {
  2249. conf->ieee80211n = atoi(pos);
  2250. } else if (os_strcmp(buf, "ht_capab") == 0) {
  2251. if (hostapd_config_ht_capab(conf, pos) < 0) {
  2252. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2253. "ht_capab", line);
  2254. errors++;
  2255. }
  2256. } else if (os_strcmp(buf, "require_ht") == 0) {
  2257. conf->require_ht = atoi(pos);
  2258. #endif /* CONFIG_IEEE80211N */
  2259. #ifdef CONFIG_IEEE80211AC
  2260. } else if (os_strcmp(buf, "ieee80211ac") == 0) {
  2261. conf->ieee80211ac = atoi(pos);
  2262. } else if (os_strcmp(buf, "vht_capab") == 0) {
  2263. if (hostapd_config_vht_capab(conf, pos) < 0) {
  2264. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2265. "vht_capab", line);
  2266. errors++;
  2267. }
  2268. } else if (os_strcmp(buf, "require_vht") == 0) {
  2269. conf->require_vht = atoi(pos);
  2270. } else if (os_strcmp(buf, "vht_oper_chwidth") == 0) {
  2271. conf->vht_oper_chwidth = atoi(pos);
  2272. } else if (os_strcmp(buf, "vht_oper_centr_freq_seg0_idx") == 0)
  2273. {
  2274. conf->vht_oper_centr_freq_seg0_idx = atoi(pos);
  2275. } else if (os_strcmp(buf, "vht_oper_centr_freq_seg1_idx") == 0)
  2276. {
  2277. conf->vht_oper_centr_freq_seg1_idx = atoi(pos);
  2278. #endif /* CONFIG_IEEE80211AC */
  2279. } else if (os_strcmp(buf, "max_listen_interval") == 0) {
  2280. bss->max_listen_interval = atoi(pos);
  2281. } else if (os_strcmp(buf, "disable_pmksa_caching") == 0) {
  2282. bss->disable_pmksa_caching = atoi(pos);
  2283. } else if (os_strcmp(buf, "okc") == 0) {
  2284. bss->okc = atoi(pos);
  2285. #ifdef CONFIG_WPS
  2286. } else if (os_strcmp(buf, "wps_state") == 0) {
  2287. bss->wps_state = atoi(pos);
  2288. if (bss->wps_state < 0 || bss->wps_state > 2) {
  2289. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2290. "wps_state", line);
  2291. errors++;
  2292. }
  2293. } else if (os_strcmp(buf, "ap_setup_locked") == 0) {
  2294. bss->ap_setup_locked = atoi(pos);
  2295. } else if (os_strcmp(buf, "uuid") == 0) {
  2296. if (uuid_str2bin(pos, bss->uuid)) {
  2297. wpa_printf(MSG_ERROR, "Line %d: invalid UUID",
  2298. line);
  2299. errors++;
  2300. }
  2301. } else if (os_strcmp(buf, "wps_pin_requests") == 0) {
  2302. os_free(bss->wps_pin_requests);
  2303. bss->wps_pin_requests = os_strdup(pos);
  2304. } else if (os_strcmp(buf, "device_name") == 0) {
  2305. if (os_strlen(pos) > 32) {
  2306. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2307. "device_name", line);
  2308. errors++;
  2309. }
  2310. os_free(bss->device_name);
  2311. bss->device_name = os_strdup(pos);
  2312. } else if (os_strcmp(buf, "manufacturer") == 0) {
  2313. if (os_strlen(pos) > 64) {
  2314. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2315. "manufacturer", line);
  2316. errors++;
  2317. }
  2318. os_free(bss->manufacturer);
  2319. bss->manufacturer = os_strdup(pos);
  2320. } else if (os_strcmp(buf, "model_name") == 0) {
  2321. if (os_strlen(pos) > 32) {
  2322. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2323. "model_name", line);
  2324. errors++;
  2325. }
  2326. os_free(bss->model_name);
  2327. bss->model_name = os_strdup(pos);
  2328. } else if (os_strcmp(buf, "model_number") == 0) {
  2329. if (os_strlen(pos) > 32) {
  2330. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2331. "model_number", line);
  2332. errors++;
  2333. }
  2334. os_free(bss->model_number);
  2335. bss->model_number = os_strdup(pos);
  2336. } else if (os_strcmp(buf, "serial_number") == 0) {
  2337. if (os_strlen(pos) > 32) {
  2338. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2339. "serial_number", line);
  2340. errors++;
  2341. }
  2342. os_free(bss->serial_number);
  2343. bss->serial_number = os_strdup(pos);
  2344. } else if (os_strcmp(buf, "device_type") == 0) {
  2345. if (wps_dev_type_str2bin(pos, bss->device_type))
  2346. errors++;
  2347. } else if (os_strcmp(buf, "config_methods") == 0) {
  2348. os_free(bss->config_methods);
  2349. bss->config_methods = os_strdup(pos);
  2350. } else if (os_strcmp(buf, "os_version") == 0) {
  2351. if (hexstr2bin(pos, bss->os_version, 4)) {
  2352. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2353. "os_version", line);
  2354. errors++;
  2355. }
  2356. } else if (os_strcmp(buf, "ap_pin") == 0) {
  2357. os_free(bss->ap_pin);
  2358. bss->ap_pin = os_strdup(pos);
  2359. } else if (os_strcmp(buf, "skip_cred_build") == 0) {
  2360. bss->skip_cred_build = atoi(pos);
  2361. } else if (os_strcmp(buf, "extra_cred") == 0) {
  2362. os_free(bss->extra_cred);
  2363. bss->extra_cred =
  2364. (u8 *) os_readfile(pos, &bss->extra_cred_len);
  2365. if (bss->extra_cred == NULL) {
  2366. wpa_printf(MSG_ERROR, "Line %d: could not "
  2367. "read Credentials from '%s'",
  2368. line, pos);
  2369. errors++;
  2370. }
  2371. } else if (os_strcmp(buf, "wps_cred_processing") == 0) {
  2372. bss->wps_cred_processing = atoi(pos);
  2373. } else if (os_strcmp(buf, "ap_settings") == 0) {
  2374. os_free(bss->ap_settings);
  2375. bss->ap_settings =
  2376. (u8 *) os_readfile(pos, &bss->ap_settings_len);
  2377. if (bss->ap_settings == NULL) {
  2378. wpa_printf(MSG_ERROR, "Line %d: could not "
  2379. "read AP Settings from '%s'",
  2380. line, pos);
  2381. errors++;
  2382. }
  2383. } else if (os_strcmp(buf, "upnp_iface") == 0) {
  2384. bss->upnp_iface = os_strdup(pos);
  2385. } else if (os_strcmp(buf, "friendly_name") == 0) {
  2386. os_free(bss->friendly_name);
  2387. bss->friendly_name = os_strdup(pos);
  2388. } else if (os_strcmp(buf, "manufacturer_url") == 0) {
  2389. os_free(bss->manufacturer_url);
  2390. bss->manufacturer_url = os_strdup(pos);
  2391. } else if (os_strcmp(buf, "model_description") == 0) {
  2392. os_free(bss->model_description);
  2393. bss->model_description = os_strdup(pos);
  2394. } else if (os_strcmp(buf, "model_url") == 0) {
  2395. os_free(bss->model_url);
  2396. bss->model_url = os_strdup(pos);
  2397. } else if (os_strcmp(buf, "upc") == 0) {
  2398. os_free(bss->upc);
  2399. bss->upc = os_strdup(pos);
  2400. } else if (os_strcmp(buf, "pbc_in_m1") == 0) {
  2401. bss->pbc_in_m1 = atoi(pos);
  2402. #ifdef CONFIG_WPS_NFC
  2403. } else if (os_strcmp(buf, "wps_nfc_dev_pw_id") == 0) {
  2404. bss->wps_nfc_dev_pw_id = atoi(pos);
  2405. if (bss->wps_nfc_dev_pw_id < 0x10 ||
  2406. bss->wps_nfc_dev_pw_id > 0xffff) {
  2407. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2408. "wps_nfc_dev_pw_id value", line);
  2409. errors++;
  2410. }
  2411. } else if (os_strcmp(buf, "wps_nfc_dh_pubkey") == 0) {
  2412. wpabuf_free(bss->wps_nfc_dh_pubkey);
  2413. bss->wps_nfc_dh_pubkey = hostapd_parse_bin(pos);
  2414. } else if (os_strcmp(buf, "wps_nfc_dh_privkey") == 0) {
  2415. wpabuf_free(bss->wps_nfc_dh_privkey);
  2416. bss->wps_nfc_dh_privkey = hostapd_parse_bin(pos);
  2417. } else if (os_strcmp(buf, "wps_nfc_dev_pw") == 0) {
  2418. wpabuf_free(bss->wps_nfc_dev_pw);
  2419. bss->wps_nfc_dev_pw = hostapd_parse_bin(pos);
  2420. #endif /* CONFIG_WPS_NFC */
  2421. #endif /* CONFIG_WPS */
  2422. #ifdef CONFIG_P2P_MANAGER
  2423. } else if (os_strcmp(buf, "manage_p2p") == 0) {
  2424. int manage = atoi(pos);
  2425. if (manage)
  2426. bss->p2p |= P2P_MANAGE;
  2427. else
  2428. bss->p2p &= ~P2P_MANAGE;
  2429. } else if (os_strcmp(buf, "allow_cross_connection") == 0) {
  2430. if (atoi(pos))
  2431. bss->p2p |= P2P_ALLOW_CROSS_CONNECTION;
  2432. else
  2433. bss->p2p &= ~P2P_ALLOW_CROSS_CONNECTION;
  2434. #endif /* CONFIG_P2P_MANAGER */
  2435. } else if (os_strcmp(buf, "disassoc_low_ack") == 0) {
  2436. bss->disassoc_low_ack = atoi(pos);
  2437. } else if (os_strcmp(buf, "tdls_prohibit") == 0) {
  2438. int val = atoi(pos);
  2439. if (val)
  2440. bss->tdls |= TDLS_PROHIBIT;
  2441. else
  2442. bss->tdls &= ~TDLS_PROHIBIT;
  2443. } else if (os_strcmp(buf, "tdls_prohibit_chan_switch") == 0) {
  2444. int val = atoi(pos);
  2445. if (val)
  2446. bss->tdls |= TDLS_PROHIBIT_CHAN_SWITCH;
  2447. else
  2448. bss->tdls &= ~TDLS_PROHIBIT_CHAN_SWITCH;
  2449. #ifdef CONFIG_RSN_TESTING
  2450. } else if (os_strcmp(buf, "rsn_testing") == 0) {
  2451. extern int rsn_testing;
  2452. rsn_testing = atoi(pos);
  2453. #endif /* CONFIG_RSN_TESTING */
  2454. } else if (os_strcmp(buf, "time_advertisement") == 0) {
  2455. bss->time_advertisement = atoi(pos);
  2456. } else if (os_strcmp(buf, "time_zone") == 0) {
  2457. size_t tz_len = os_strlen(pos);
  2458. if (tz_len < 4 || tz_len > 255) {
  2459. wpa_printf(MSG_DEBUG, "Line %d: invalid "
  2460. "time_zone", line);
  2461. errors++;
  2462. return errors;
  2463. }
  2464. os_free(bss->time_zone);
  2465. bss->time_zone = os_strdup(pos);
  2466. if (bss->time_zone == NULL)
  2467. errors++;
  2468. #ifdef CONFIG_WNM
  2469. } else if (os_strcmp(buf, "wnm_sleep_mode") == 0) {
  2470. bss->wnm_sleep_mode = atoi(pos);
  2471. } else if (os_strcmp(buf, "bss_transition") == 0) {
  2472. bss->bss_transition = atoi(pos);
  2473. #endif /* CONFIG_WNM */
  2474. #ifdef CONFIG_INTERWORKING
  2475. } else if (os_strcmp(buf, "interworking") == 0) {
  2476. bss->interworking = atoi(pos);
  2477. } else if (os_strcmp(buf, "access_network_type") == 0) {
  2478. bss->access_network_type = atoi(pos);
  2479. if (bss->access_network_type < 0 ||
  2480. bss->access_network_type > 15) {
  2481. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2482. "access_network_type", line);
  2483. errors++;
  2484. }
  2485. } else if (os_strcmp(buf, "internet") == 0) {
  2486. bss->internet = atoi(pos);
  2487. } else if (os_strcmp(buf, "asra") == 0) {
  2488. bss->asra = atoi(pos);
  2489. } else if (os_strcmp(buf, "esr") == 0) {
  2490. bss->esr = atoi(pos);
  2491. } else if (os_strcmp(buf, "uesa") == 0) {
  2492. bss->uesa = atoi(pos);
  2493. } else if (os_strcmp(buf, "venue_group") == 0) {
  2494. bss->venue_group = atoi(pos);
  2495. bss->venue_info_set = 1;
  2496. } else if (os_strcmp(buf, "venue_type") == 0) {
  2497. bss->venue_type = atoi(pos);
  2498. bss->venue_info_set = 1;
  2499. } else if (os_strcmp(buf, "hessid") == 0) {
  2500. if (hwaddr_aton(pos, bss->hessid)) {
  2501. wpa_printf(MSG_ERROR, "Line %d: invalid "
  2502. "hessid", line);
  2503. errors++;
  2504. }
  2505. } else if (os_strcmp(buf, "roaming_consortium") == 0) {
  2506. if (parse_roaming_consortium(bss, pos, line) < 0)
  2507. errors++;
  2508. } else if (os_strcmp(buf, "venue_name") == 0) {
  2509. if (parse_venue_name(bss, pos, line) < 0)
  2510. errors++;
  2511. } else if (os_strcmp(buf, "network_auth_type") == 0) {
  2512. u8 auth_type;
  2513. u16 redirect_url_len;
  2514. if (hexstr2bin(pos, &auth_type, 1)) {
  2515. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2516. "network_auth_type '%s'",
  2517. line, pos);
  2518. errors++;
  2519. return errors;
  2520. }
  2521. if (auth_type == 0 || auth_type == 2)
  2522. redirect_url_len = os_strlen(pos + 2);
  2523. else
  2524. redirect_url_len = 0;
  2525. os_free(bss->network_auth_type);
  2526. bss->network_auth_type =
  2527. os_malloc(redirect_url_len + 3 + 1);
  2528. if (bss->network_auth_type == NULL) {
  2529. errors++;
  2530. return errors;
  2531. }
  2532. *bss->network_auth_type = auth_type;
  2533. WPA_PUT_LE16(bss->network_auth_type + 1,
  2534. redirect_url_len);
  2535. if (redirect_url_len)
  2536. os_memcpy(bss->network_auth_type + 3,
  2537. pos + 2, redirect_url_len);
  2538. bss->network_auth_type_len = 3 + redirect_url_len;
  2539. } else if (os_strcmp(buf, "ipaddr_type_availability") == 0) {
  2540. if (hexstr2bin(pos, &bss->ipaddr_type_availability, 1))
  2541. {
  2542. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2543. "ipaddr_type_availability '%s'",
  2544. line, pos);
  2545. bss->ipaddr_type_configured = 0;
  2546. errors++;
  2547. return errors;
  2548. }
  2549. bss->ipaddr_type_configured = 1;
  2550. } else if (os_strcmp(buf, "domain_name") == 0) {
  2551. int j, num_domains, domain_len, domain_list_len = 0;
  2552. char *tok_start, *tok_prev;
  2553. u8 *domain_list, *domain_ptr;
  2554. domain_list_len = os_strlen(pos) + 1;
  2555. domain_list = os_malloc(domain_list_len);
  2556. if (domain_list == NULL) {
  2557. errors++;
  2558. return errors;
  2559. }
  2560. domain_ptr = domain_list;
  2561. tok_prev = pos;
  2562. num_domains = 1;
  2563. while ((tok_prev = os_strchr(tok_prev, ','))) {
  2564. num_domains++;
  2565. tok_prev++;
  2566. }
  2567. tok_prev = pos;
  2568. for (j = 0; j < num_domains; j++) {
  2569. tok_start = os_strchr(tok_prev, ',');
  2570. if (tok_start) {
  2571. domain_len = tok_start - tok_prev;
  2572. *domain_ptr = domain_len;
  2573. os_memcpy(domain_ptr + 1, tok_prev,
  2574. domain_len);
  2575. domain_ptr += domain_len + 1;
  2576. tok_prev = ++tok_start;
  2577. } else {
  2578. domain_len = os_strlen(tok_prev);
  2579. *domain_ptr = domain_len;
  2580. os_memcpy(domain_ptr + 1, tok_prev,
  2581. domain_len);
  2582. domain_ptr += domain_len + 1;
  2583. }
  2584. }
  2585. os_free(bss->domain_name);
  2586. bss->domain_name = domain_list;
  2587. bss->domain_name_len = domain_list_len;
  2588. } else if (os_strcmp(buf, "anqp_3gpp_cell_net") == 0) {
  2589. if (parse_3gpp_cell_net(bss, pos, line) < 0)
  2590. errors++;
  2591. } else if (os_strcmp(buf, "nai_realm") == 0) {
  2592. if (parse_nai_realm(bss, pos, line) < 0)
  2593. errors++;
  2594. } else if (os_strcmp(buf, "gas_frag_limit") == 0) {
  2595. bss->gas_frag_limit = atoi(pos);
  2596. } else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
  2597. bss->gas_comeback_delay = atoi(pos);
  2598. #endif /* CONFIG_INTERWORKING */
  2599. #ifdef CONFIG_RADIUS_TEST
  2600. } else if (os_strcmp(buf, "dump_msk_file") == 0) {
  2601. os_free(bss->dump_msk_file);
  2602. bss->dump_msk_file = os_strdup(pos);
  2603. #endif /* CONFIG_RADIUS_TEST */
  2604. #ifdef CONFIG_HS20
  2605. } else if (os_strcmp(buf, "hs20") == 0) {
  2606. bss->hs20 = atoi(pos);
  2607. } else if (os_strcmp(buf, "disable_dgaf") == 0) {
  2608. bss->disable_dgaf = atoi(pos);
  2609. } else if (os_strcmp(buf, "hs20_oper_friendly_name") == 0) {
  2610. if (hs20_parse_oper_friendly_name(bss, pos, line) < 0)
  2611. errors++;
  2612. } else if (os_strcmp(buf, "hs20_wan_metrics") == 0) {
  2613. if (hs20_parse_wan_metrics(bss, pos, line) < 0) {
  2614. errors++;
  2615. return errors;
  2616. }
  2617. } else if (os_strcmp(buf, "hs20_conn_capab") == 0) {
  2618. if (hs20_parse_conn_capab(bss, pos, line) < 0) {
  2619. errors++;
  2620. return errors;
  2621. }
  2622. } else if (os_strcmp(buf, "hs20_operating_class") == 0) {
  2623. u8 *oper_class;
  2624. size_t oper_class_len;
  2625. oper_class_len = os_strlen(pos);
  2626. if (oper_class_len < 2 || (oper_class_len & 0x01)) {
  2627. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2628. "hs20_operating_class '%s'",
  2629. line, pos);
  2630. errors++;
  2631. return errors;
  2632. }
  2633. oper_class_len /= 2;
  2634. oper_class = os_malloc(oper_class_len);
  2635. if (oper_class == NULL) {
  2636. errors++;
  2637. return errors;
  2638. }
  2639. if (hexstr2bin(pos, oper_class, oper_class_len)) {
  2640. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2641. "hs20_operating_class '%s'",
  2642. line, pos);
  2643. os_free(oper_class);
  2644. errors++;
  2645. return errors;
  2646. }
  2647. os_free(bss->hs20_operating_class);
  2648. bss->hs20_operating_class = oper_class;
  2649. bss->hs20_operating_class_len = oper_class_len;
  2650. #endif /* CONFIG_HS20 */
  2651. } else if (os_strcmp(buf, "vendor_elements") == 0) {
  2652. struct wpabuf *elems;
  2653. size_t len = os_strlen(pos);
  2654. if (len & 0x01) {
  2655. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2656. "vendor_elements '%s'", line, pos);
  2657. return 1;
  2658. }
  2659. len /= 2;
  2660. if (len == 0) {
  2661. wpabuf_free(bss->vendor_elements);
  2662. bss->vendor_elements = NULL;
  2663. return 0;
  2664. }
  2665. elems = wpabuf_alloc(len);
  2666. if (elems == NULL)
  2667. return 1;
  2668. if (hexstr2bin(pos, wpabuf_put(elems, len), len)) {
  2669. wpabuf_free(elems);
  2670. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  2671. "vendor_elements '%s'", line, pos);
  2672. return 1;
  2673. }
  2674. wpabuf_free(bss->vendor_elements);
  2675. bss->vendor_elements = elems;
  2676. } else {
  2677. wpa_printf(MSG_ERROR, "Line %d: unknown configuration "
  2678. "item '%s'", line, buf);
  2679. errors++;
  2680. }
  2681. }
  2682. return errors;
  2683. }
  2684. static void hostapd_set_security_params(struct hostapd_bss_config *bss)
  2685. {
  2686. int pairwise;
  2687. if (bss->individual_wep_key_len == 0) {
  2688. /* individual keys are not use; can use key idx0 for
  2689. * broadcast keys */
  2690. bss->broadcast_key_idx_min = 0;
  2691. }
  2692. /* Select group cipher based on the enabled pairwise cipher
  2693. * suites */
  2694. pairwise = 0;
  2695. if (bss->wpa & 1)
  2696. pairwise |= bss->wpa_pairwise;
  2697. if (bss->wpa & 2) {
  2698. if (bss->rsn_pairwise == 0)
  2699. bss->rsn_pairwise = bss->wpa_pairwise;
  2700. pairwise |= bss->rsn_pairwise;
  2701. }
  2702. if (pairwise & WPA_CIPHER_TKIP)
  2703. bss->wpa_group = WPA_CIPHER_TKIP;
  2704. else if ((pairwise & (WPA_CIPHER_CCMP | WPA_CIPHER_GCMP)) ==
  2705. WPA_CIPHER_GCMP)
  2706. bss->wpa_group = WPA_CIPHER_GCMP;
  2707. else
  2708. bss->wpa_group = WPA_CIPHER_CCMP;
  2709. bss->radius->auth_server = bss->radius->auth_servers;
  2710. bss->radius->acct_server = bss->radius->acct_servers;
  2711. if (bss->wpa && bss->ieee802_1x) {
  2712. bss->ssid.security_policy = SECURITY_WPA;
  2713. } else if (bss->wpa) {
  2714. bss->ssid.security_policy = SECURITY_WPA_PSK;
  2715. } else if (bss->ieee802_1x) {
  2716. int cipher = WPA_CIPHER_NONE;
  2717. bss->ssid.security_policy = SECURITY_IEEE_802_1X;
  2718. bss->ssid.wep.default_len = bss->default_wep_key_len;
  2719. if (bss->default_wep_key_len)
  2720. cipher = bss->default_wep_key_len >= 13 ?
  2721. WPA_CIPHER_WEP104 : WPA_CIPHER_WEP40;
  2722. bss->wpa_group = cipher;
  2723. bss->wpa_pairwise = cipher;
  2724. bss->rsn_pairwise = cipher;
  2725. } else if (bss->ssid.wep.keys_set) {
  2726. int cipher = WPA_CIPHER_WEP40;
  2727. if (bss->ssid.wep.len[0] >= 13)
  2728. cipher = WPA_CIPHER_WEP104;
  2729. bss->ssid.security_policy = SECURITY_STATIC_WEP;
  2730. bss->wpa_group = cipher;
  2731. bss->wpa_pairwise = cipher;
  2732. bss->rsn_pairwise = cipher;
  2733. } else {
  2734. bss->ssid.security_policy = SECURITY_PLAINTEXT;
  2735. bss->wpa_group = WPA_CIPHER_NONE;
  2736. bss->wpa_pairwise = WPA_CIPHER_NONE;
  2737. bss->rsn_pairwise = WPA_CIPHER_NONE;
  2738. }
  2739. }
  2740. /**
  2741. * hostapd_config_read - Read and parse a configuration file
  2742. * @fname: Configuration file name (including path, if needed)
  2743. * Returns: Allocated configuration data structure
  2744. */
  2745. struct hostapd_config * hostapd_config_read(const char *fname)
  2746. {
  2747. struct hostapd_config *conf;
  2748. struct hostapd_bss_config *bss;
  2749. FILE *f;
  2750. char buf[512], *pos;
  2751. int line = 0;
  2752. int errors = 0;
  2753. size_t i;
  2754. f = fopen(fname, "r");
  2755. if (f == NULL) {
  2756. wpa_printf(MSG_ERROR, "Could not open configuration file '%s' "
  2757. "for reading.", fname);
  2758. return NULL;
  2759. }
  2760. conf = hostapd_config_defaults();
  2761. if (conf == NULL) {
  2762. fclose(f);
  2763. return NULL;
  2764. }
  2765. /* set default driver based on configuration */
  2766. conf->driver = wpa_drivers[0];
  2767. if (conf->driver == NULL) {
  2768. wpa_printf(MSG_ERROR, "No driver wrappers registered!");
  2769. hostapd_config_free(conf);
  2770. fclose(f);
  2771. return NULL;
  2772. }
  2773. bss = conf->last_bss = conf->bss;
  2774. while (fgets(buf, sizeof(buf), f)) {
  2775. bss = conf->last_bss;
  2776. line++;
  2777. if (buf[0] == '#')
  2778. continue;
  2779. pos = buf;
  2780. while (*pos != '\0') {
  2781. if (*pos == '\n') {
  2782. *pos = '\0';
  2783. break;
  2784. }
  2785. pos++;
  2786. }
  2787. if (buf[0] == '\0')
  2788. continue;
  2789. pos = os_strchr(buf, '=');
  2790. if (pos == NULL) {
  2791. wpa_printf(MSG_ERROR, "Line %d: invalid line '%s'",
  2792. line, buf);
  2793. errors++;
  2794. continue;
  2795. }
  2796. *pos = '\0';
  2797. pos++;
  2798. errors += hostapd_config_fill(conf, bss, buf, pos, line);
  2799. }
  2800. fclose(f);
  2801. for (i = 0; i < conf->num_bss; i++)
  2802. hostapd_set_security_params(&conf->bss[i]);
  2803. if (hostapd_config_check(conf))
  2804. errors++;
  2805. #ifndef WPA_IGNORE_CONFIG_ERRORS
  2806. if (errors) {
  2807. wpa_printf(MSG_ERROR, "%d errors found in configuration file "
  2808. "'%s'", errors, fname);
  2809. hostapd_config_free(conf);
  2810. conf = NULL;
  2811. }
  2812. #endif /* WPA_IGNORE_CONFIG_ERRORS */
  2813. return conf;
  2814. }
  2815. int hostapd_set_iface(struct hostapd_config *conf,
  2816. struct hostapd_bss_config *bss, char *field, char *value)
  2817. {
  2818. int errors;
  2819. size_t i;
  2820. errors = hostapd_config_fill(conf, bss, field, value, 0);
  2821. if (errors) {
  2822. wpa_printf(MSG_INFO, "Failed to set configuration field '%s' "
  2823. "to value '%s'", field, value);
  2824. return -1;
  2825. }
  2826. for (i = 0; i < conf->num_bss; i++)
  2827. hostapd_set_security_params(&conf->bss[i]);
  2828. if (hostapd_config_check(conf)) {
  2829. wpa_printf(MSG_ERROR, "Configuration check failed");
  2830. return -1;
  2831. }
  2832. return 0;
  2833. }