1 /*
2 * hostapd / EAP user database
3 * Copyright (c) 2012, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10 #ifdef CONFIG_SQLITE
11 #include <sqlite3.h>
12 #endif /* CONFIG_SQLITE */
13
14 #include "common.h"
15 #include "eap_common/eap_wsc_common.h"
16 #include "eap_server/eap_methods.h"
17 #include "eap_server/eap.h"
18 #include "ap_config.h"
19 #include "hostapd.h"
20
21 #ifdef CONFIG_SQLITE
22
set_user_methods(struct hostapd_eap_user * user,const char * methods)23 static void set_user_methods(struct hostapd_eap_user *user, const char *methods)
24 {
25 char *buf, *start;
26 int num_methods;
27
28 buf = os_strdup(methods);
29 if (buf == NULL)
30 return;
31
32 os_memset(&user->methods, 0, sizeof(user->methods));
33 num_methods = 0;
34 start = buf;
35 while (*start) {
36 char *pos3 = os_strchr(start, ',');
37 if (pos3)
38 *pos3++ = '\0';
39 user->methods[num_methods].method =
40 eap_server_get_type(start,
41 &user->methods[num_methods].vendor);
42 if (user->methods[num_methods].vendor == EAP_VENDOR_IETF &&
43 user->methods[num_methods].method == EAP_TYPE_NONE) {
44 if (os_strcmp(start, "TTLS-PAP") == 0) {
45 user->ttls_auth |= EAP_TTLS_AUTH_PAP;
46 goto skip_eap;
47 }
48 if (os_strcmp(start, "TTLS-CHAP") == 0) {
49 user->ttls_auth |= EAP_TTLS_AUTH_CHAP;
50 goto skip_eap;
51 }
52 if (os_strcmp(start, "TTLS-MSCHAP") == 0) {
53 user->ttls_auth |= EAP_TTLS_AUTH_MSCHAP;
54 goto skip_eap;
55 }
56 if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) {
57 user->ttls_auth |= EAP_TTLS_AUTH_MSCHAPV2;
58 goto skip_eap;
59 }
60 wpa_warning_buf(MSG_INFO, "DB: Unsupported EAP type '%s'",
61 start, strlen(start));
62 os_free(buf);
63 return;
64 }
65
66 num_methods++;
67 if (num_methods >= EAP_MAX_METHODS)
68 break;
69 skip_eap:
70 if (pos3 == NULL)
71 break;
72 start = pos3;
73 }
74
75 os_free(buf);
76 }
77
78
get_user_cb(void * ctx,int argc,char * argv[],char * col[])79 static int get_user_cb(void *ctx, int argc, char *argv[], char *col[])
80 {
81 struct hostapd_eap_user *user = ctx;
82 int i;
83
84 for (i = 0; i < argc; i++) {
85 if (os_strcmp(col[i], "password") == 0 && argv[i]) {
86 bin_clear_free(user->password, user->password_len);
87 user->password_len = os_strlen(argv[i]);
88 user->password = (u8 *) os_strdup(argv[i]);
89 user->next = (void *) 1;
90 } else if (os_strcmp(col[i], "methods") == 0 && argv[i]) {
91 set_user_methods(user, argv[i]);
92 } else if (os_strcmp(col[i], "remediation") == 0 && argv[i]) {
93 user->remediation = strlen(argv[i]) > 0;
94 } else if (os_strcmp(col[i], "t_c_timestamp") == 0 && argv[i]) {
95 user->t_c_timestamp = strtol(argv[i], NULL, 10);
96 }
97 }
98
99 return 0;
100 }
101
102
get_wildcard_cb(void * ctx,int argc,char * argv[],char * col[])103 static int get_wildcard_cb(void *ctx, int argc, char *argv[], char *col[])
104 {
105 struct hostapd_eap_user *user = ctx;
106 int i, id = -1, methods = -1;
107 size_t len;
108
109 for (i = 0; i < argc; i++) {
110 if (os_strcmp(col[i], "identity") == 0 && argv[i])
111 id = i;
112 else if (os_strcmp(col[i], "methods") == 0 && argv[i])
113 methods = i;
114 }
115
116 if (id < 0 || methods < 0)
117 return 0;
118
119 len = os_strlen(argv[id]);
120 if (len <= user->identity_len &&
121 os_memcmp(argv[id], user->identity, len) == 0 &&
122 (user->password == NULL || len > user->password_len)) {
123 bin_clear_free(user->password, user->password_len);
124 user->password_len = os_strlen(argv[id]);
125 user->password = (u8 *) os_strdup(argv[id]);
126 user->next = (void *) 1;
127 set_user_methods(user, argv[methods]);
128 }
129
130 return 0;
131 }
132
133
134 static const struct hostapd_eap_user *
eap_user_sqlite_get(struct hostapd_data * hapd,const u8 * identity,size_t identity_len,int phase2)135 eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
136 size_t identity_len, int phase2)
137 {
138 sqlite3 *db;
139 struct hostapd_eap_user *user = NULL;
140 char id_str[256], cmd[300];
141 size_t i;
142 int res;
143
144 if (identity_len >= sizeof(id_str)) {
145 wpa_warning_log2(MSG_DEBUG, "identity len too big: %d >= %d",
146 (int) identity_len,
147 (int) (sizeof(id_str)));
148 return NULL;
149 }
150 os_memcpy(id_str, identity, identity_len);
151 id_str[identity_len] = '\0';
152 for (i = 0; i < identity_len; i++) {
153 if (id_str[i] >= 'a' && id_str[i] <= 'z')
154 continue;
155 if (id_str[i] >= 'A' && id_str[i] <= 'Z')
156 continue;
157 if (id_str[i] >= '0' && id_str[i] <= '9')
158 continue;
159 if (id_str[i] == '-' || id_str[i] == '_' || id_str[i] == '.' ||
160 id_str[i] == ',' || id_str[i] == '@' || id_str[i] == '\\' ||
161 id_str[i] == '!' || id_str[i] == '#' || id_str[i] == '%' ||
162 id_str[i] == '=' || id_str[i] == ' ')
163 continue;
164 wpa_warning_log0(MSG_INFO, "DB: Unsupported character in identity");
165 return NULL;
166 }
167
168 bin_clear_free(hapd->tmp_eap_user.identity,
169 hapd->tmp_eap_user.identity_len);
170 bin_clear_free(hapd->tmp_eap_user.password,
171 hapd->tmp_eap_user.password_len);
172 os_memset(&hapd->tmp_eap_user, 0, sizeof(hapd->tmp_eap_user));
173 hapd->tmp_eap_user.phase2 = phase2;
174 hapd->tmp_eap_user.identity = os_zalloc(identity_len + 1);
175 if (hapd->tmp_eap_user.identity == NULL)
176 return NULL;
177 os_memcpy(hapd->tmp_eap_user.identity, identity, identity_len);
178 hapd->tmp_eap_user.identity_len = identity_len;
179
180 if (sqlite3_open(hapd->conf->eap_user_sqlite, &db)) {
181 wpa_warning_two_buf(MSG_INFO, "DB: Failed to open database %s: %s",
182 hapd->conf->eap_user_sqlite, strlen(hapd->conf->eap_user_sqlite),
183 sqlite3_errmsg(db), strlen(sqlite3_errmsg(db)));
184 sqlite3_close(db);
185 return NULL;
186 }
187
188 res = os_snprintf(cmd, sizeof(cmd),
189 "SELECT * FROM users WHERE identity='%s' AND phase2=%d;",
190 id_str, phase2);
191 if (os_snprintf_error(sizeof(cmd), res))
192 goto fail;
193
194 wpa_printf(MSG_DEBUG, "DB: %s", cmd);
195 if (sqlite3_exec(db, cmd, get_user_cb, &hapd->tmp_eap_user, NULL) !=
196 SQLITE_OK) {
197 wpa_warning_two_buf(MSG_DEBUG,
198 "DB: Failed to complete SQL operation: %s db: %s",
199 sqlite3_errmsg(db), hapd->conf->eap_user_sqlite);
200 } else if (hapd->tmp_eap_user.next)
201 user = &hapd->tmp_eap_user;
202
203 if (user == NULL && !phase2) {
204 os_snprintf(cmd, sizeof(cmd),
205 "SELECT identity,methods FROM wildcards;");
206 wpa_warning_buf(MSG_DEBUG, "DB: %s", cmd, strlen(cmd));
207 if (sqlite3_exec(db, cmd, get_wildcard_cb, &hapd->tmp_eap_user,
208 NULL) != SQLITE_OK) {
209 wpa_warning_two_buf(MSG_DEBUG,
210 "DB: Failed to complete SQL operation: %s db: %s",
211 sqlite3_errmsg(db), strlen(sqlite3_errmsg(db)),
212 hapd->conf->eap_user_sqlite, strlen(hapd->conf->eap_user_sqlite));
213 } else if (hapd->tmp_eap_user.next) {
214 user = &hapd->tmp_eap_user;
215 os_free(user->identity);
216 user->identity = user->password;
217 user->identity_len = user->password_len;
218 user->password = NULL;
219 user->password_len = 0;
220 }
221 }
222
223 fail:
224 sqlite3_close(db);
225
226 return user;
227 }
228
229 #endif /* CONFIG_SQLITE */
230
231
232 const struct hostapd_eap_user *
hostapd_get_eap_user(struct hostapd_data * hapd,const u8 * identity,size_t identity_len,int phase2)233 hostapd_get_eap_user(struct hostapd_data *hapd, const u8 *identity,
234 size_t identity_len, int phase2)
235 {
236 #ifdef CONFIG_WPS_AP
237 const struct hostapd_bss_config *conf = hapd->conf;
238 #endif /* CONFIG_WPS_AP */
239 #ifndef EXT_CODE_CROP
240 struct hostapd_eap_user *user = conf->eap_user;
241 #endif /* EXT_CODE_CROP */
242 (void)hapd;
243 (void)identity;
244 (void)identity_len;
245 (void)phase2;
246
247 #ifdef CONFIG_WPS_AP
248 if (conf->wps_state && identity_len == WSC_ID_ENROLLEE_LEN &&
249 os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0) {
250 static struct hostapd_eap_user wsc_enrollee;
251 os_memset(&wsc_enrollee, 0, sizeof(wsc_enrollee));
252 wsc_enrollee.methods[0].method = eap_server_get_type(
253 "WSC", &wsc_enrollee.methods[0].vendor);
254 return &wsc_enrollee;
255 }
256
257 if (conf->wps_state && identity_len == WSC_ID_REGISTRAR_LEN &&
258 os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) {
259 static struct hostapd_eap_user wsc_registrar;
260 os_memset(&wsc_registrar, 0, sizeof(wsc_registrar));
261 wsc_registrar.methods[0].method = eap_server_get_type(
262 "WSC", &wsc_registrar.methods[0].vendor);
263 wsc_registrar.password = (u8 *) conf->ap_pin;
264 wsc_registrar.password_len = conf->ap_pin ?
265 os_strlen(conf->ap_pin) : 0;
266 return &wsc_registrar;
267 }
268 #endif /* CONFIG_WPS_AP */
269 #ifndef EXT_CODE_CROP
270 while (user) {
271 if (!phase2 && user->identity == NULL) {
272 /* Wildcard match */
273 break;
274 }
275
276 if (user->phase2 == !!phase2 && user->wildcard_prefix &&
277 identity_len >= user->identity_len &&
278 os_memcmp(user->identity, identity, user->identity_len) ==
279 0) {
280 /* Wildcard prefix match */
281 break;
282 }
283
284 if (user->phase2 == !!phase2 &&
285 user->identity_len == identity_len &&
286 os_memcmp(user->identity, identity, identity_len) == 0)
287 break;
288 user = user->next;
289 }
290
291 #ifdef CONFIG_SQLITE
292 if (user == NULL && conf->eap_user_sqlite) {
293 return eap_user_sqlite_get(hapd, identity, identity_len,
294 phase2);
295 }
296 #endif /* CONFIG_SQLITE */
297
298 return user;
299 #else
300 return NULL;
301 #endif /* EXT_CODE_CROP */
302 }
303