1 /*
2 * hostapd / UNIX domain socket -based control interface
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #ifndef CONFIG_NATIVE_WINDOWS
12
13 #ifdef CONFIG_TESTING_OPTIONS
14 #ifdef __NetBSD__
15 #include <net/if_ether.h>
16 #else
17 #include <net/ethernet.h>
18 #endif
19 #include <netinet/ip.h>
20 #endif /* CONFIG_TESTING_OPTIONS */
21
22 #include <sys/un.h>
23 #include <sys/stat.h>
24 #include <stddef.h>
25
26 #ifdef CONFIG_CTRL_IFACE_UDP
27 #include <netdb.h>
28 #endif /* CONFIG_CTRL_IFACE_UDP */
29
30 #include "utils/common.h"
31 #include "utils/eloop.h"
32 #include "utils/module_tests.h"
33 #include "common/version.h"
34 #include "common/ieee802_11_defs.h"
35 #include "common/ctrl_iface_common.h"
36 #ifdef CONFIG_DPP
37 #include "common/dpp.h"
38 #endif /* CONFIG_DPP */
39 #include "common/wpa_ctrl.h"
40 #include "common/ptksa_cache.h"
41 #include "common/hw_features_common.h"
42 #include "common/nan_de.h"
43 #include "crypto/tls.h"
44 #include "drivers/driver.h"
45 #include "eapol_auth/eapol_auth_sm.h"
46 #include "radius/radius_client.h"
47 #include "radius/radius_server.h"
48 #include "l2_packet/l2_packet.h"
49 #include "ap/hostapd.h"
50 #include "ap/ap_config.h"
51 #include "ap/ieee802_1x.h"
52 #include "ap/wpa_auth.h"
53 #include "ap/pmksa_cache_auth.h"
54 #include "ap/ieee802_11.h"
55 #include "ap/sta_info.h"
56 #include "ap/wps_hostapd.h"
57 #include "ap/ctrl_iface_ap.h"
58 #include "ap/ap_drv_ops.h"
59 #include "ap/hs20.h"
60 #include "ap/wnm_ap.h"
61 #include "ap/wpa_auth.h"
62 #include "ap/beacon.h"
63 #include "ap/neighbor_db.h"
64 #include "ap/rrm.h"
65 #include "ap/dpp_hostapd.h"
66 #include "ap/dfs.h"
67 #include "ap/nan_usd_ap.h"
68 #include "wps/wps_defs.h"
69 #include "wps/wps.h"
70 #include "fst/fst_ctrl_iface.h"
71 #include "config_file.h"
72 #include "ctrl_iface.h"
73
74
75 #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
76
77 #ifdef CONFIG_CTRL_IFACE_UDP
78 #define HOSTAPD_CTRL_IFACE_PORT 9877
79 #define HOSTAPD_CTRL_IFACE_PORT_LIMIT 50
80 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT 8878
81 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT 50
82 #endif /* CONFIG_CTRL_IFACE_UDP */
83
84 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
85 enum wpa_msg_type type,
86 const char *buf, size_t len);
87
88
hostapd_ctrl_iface_attach(struct hostapd_data * hapd,struct sockaddr_storage * from,socklen_t fromlen,const char * input)89 static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
90 struct sockaddr_storage *from,
91 socklen_t fromlen, const char *input)
92 {
93 return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen, input);
94 }
95
96
hostapd_ctrl_iface_detach(struct hostapd_data * hapd,struct sockaddr_storage * from,socklen_t fromlen)97 static int hostapd_ctrl_iface_detach(struct hostapd_data *hapd,
98 struct sockaddr_storage *from,
99 socklen_t fromlen)
100 {
101 return ctrl_iface_detach(&hapd->ctrl_dst, from, fromlen);
102 }
103
104
hostapd_ctrl_iface_level(struct hostapd_data * hapd,struct sockaddr_storage * from,socklen_t fromlen,char * level)105 static int hostapd_ctrl_iface_level(struct hostapd_data *hapd,
106 struct sockaddr_storage *from,
107 socklen_t fromlen,
108 char *level)
109 {
110 return ctrl_iface_level(&hapd->ctrl_dst, from, fromlen, level);
111 }
112
113
hostapd_ctrl_iface_new_sta(struct hostapd_data * hapd,const char * txtaddr)114 static int hostapd_ctrl_iface_new_sta(struct hostapd_data *hapd,
115 const char *txtaddr)
116 {
117 u8 addr[ETH_ALEN];
118 struct sta_info *sta;
119
120 wpa_printf(MSG_DEBUG, "CTRL_IFACE NEW_STA %s", txtaddr);
121
122 if (hwaddr_aton(txtaddr, addr))
123 return -1;
124
125 sta = ap_get_sta(hapd, addr);
126 if (sta)
127 return 0;
128
129 wpa_printf(MSG_DEBUG, "Add new STA " MACSTR_SEC " based on ctrl_iface "
130 "notification", MAC2STR_SEC(addr));
131 sta = ap_sta_add(hapd, addr);
132 if (sta == NULL)
133 return -1;
134
135 hostapd_new_assoc_sta(hapd, sta, 0);
136 return 0;
137 }
138
139
140 #ifdef NEED_AP_MLME
hostapd_ctrl_iface_sa_query(struct hostapd_data * hapd,const char * txtaddr)141 static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd,
142 const char *txtaddr)
143 {
144 u8 addr[ETH_ALEN];
145 u8 trans_id[WLAN_SA_QUERY_TR_ID_LEN];
146
147 wpa_printf(MSG_DEBUG, "CTRL_IFACE SA_QUERY %s", txtaddr);
148
149 if (hwaddr_aton(txtaddr, addr) ||
150 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0)
151 return -1;
152
153 ieee802_11_send_sa_query_req(hapd, addr, trans_id);
154
155 return 0;
156 }
157 #endif /* NEED_AP_MLME */
158
159
160 #ifdef CONFIG_WPS
hostapd_ctrl_iface_wps_pin(struct hostapd_data * hapd,char * txt)161 static int hostapd_ctrl_iface_wps_pin(struct hostapd_data *hapd, char *txt)
162 {
163 char *pin = os_strchr(txt, ' ');
164 char *timeout_txt;
165 int timeout;
166 u8 addr_buf[ETH_ALEN], *addr = NULL;
167 char *pos;
168
169 if (pin == NULL)
170 return -1;
171 *pin++ = '\0';
172
173 timeout_txt = os_strchr(pin, ' ');
174 if (timeout_txt) {
175 *timeout_txt++ = '\0';
176 timeout = atoi(timeout_txt);
177 pos = os_strchr(timeout_txt, ' ');
178 if (pos) {
179 *pos++ = '\0';
180 if (hwaddr_aton(pos, addr_buf) == 0)
181 addr = addr_buf;
182 }
183 } else
184 timeout = 0;
185
186 return hostapd_wps_add_pin(hapd, addr, txt, pin, timeout);
187 }
188
189
hostapd_ctrl_iface_wps_check_pin(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)190 static int hostapd_ctrl_iface_wps_check_pin(
191 struct hostapd_data *hapd, char *cmd, char *buf, size_t buflen)
192 {
193 char pin[9];
194 size_t len;
195 char *pos;
196 int ret;
197
198 wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN",
199 (u8 *) cmd, os_strlen(cmd));
200 for (pos = cmd, len = 0; *pos != '\0'; pos++) {
201 if (*pos < '0' || *pos > '9')
202 continue;
203 pin[len++] = *pos;
204 if (len == 9) {
205 wpa_printf(MSG_DEBUG, "WPS: Too long PIN");
206 return -1;
207 }
208 }
209 if (len != 4 && len != 8) {
210 wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len);
211 return -1;
212 }
213 pin[len] = '\0';
214
215 if (len == 8) {
216 unsigned int pin_val;
217 pin_val = atoi(pin);
218 if (!wps_pin_valid(pin_val)) {
219 wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit");
220 ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n");
221 if (os_snprintf_error(buflen, ret))
222 return -1;
223 return ret;
224 }
225 }
226
227 ret = os_snprintf(buf, buflen, "%s", pin);
228 if (os_snprintf_error(buflen, ret))
229 return -1;
230
231 return ret;
232 }
233
234
235 #ifdef CONFIG_WPS_NFC
hostapd_ctrl_iface_wps_nfc_tag_read(struct hostapd_data * hapd,char * pos)236 static int hostapd_ctrl_iface_wps_nfc_tag_read(struct hostapd_data *hapd,
237 char *pos)
238 {
239 size_t len;
240 struct wpabuf *buf;
241 int ret;
242
243 len = os_strlen(pos);
244 if (len & 0x01)
245 return -1;
246 len /= 2;
247
248 buf = wpabuf_alloc(len);
249 if (buf == NULL)
250 return -1;
251 if (hexstr2bin(pos, wpabuf_put(buf, len), len) < 0) {
252 wpabuf_free(buf);
253 return -1;
254 }
255
256 ret = hostapd_wps_nfc_tag_read(hapd, buf);
257 wpabuf_free(buf);
258
259 return ret;
260 }
261
262
hostapd_ctrl_iface_wps_nfc_config_token(struct hostapd_data * hapd,char * cmd,char * reply,size_t max_len)263 static int hostapd_ctrl_iface_wps_nfc_config_token(struct hostapd_data *hapd,
264 char *cmd, char *reply,
265 size_t max_len)
266 {
267 int ndef;
268 struct wpabuf *buf;
269 int res;
270
271 if (os_strcmp(cmd, "WPS") == 0)
272 ndef = 0;
273 else if (os_strcmp(cmd, "NDEF") == 0)
274 ndef = 1;
275 else
276 return -1;
277
278 buf = hostapd_wps_nfc_config_token(hapd, ndef);
279 if (buf == NULL)
280 return -1;
281
282 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
283 wpabuf_len(buf));
284 reply[res++] = '\n';
285 reply[res] = '\0';
286
287 wpabuf_free(buf);
288
289 return res;
290 }
291
292
hostapd_ctrl_iface_wps_nfc_token_gen(struct hostapd_data * hapd,char * reply,size_t max_len,int ndef)293 static int hostapd_ctrl_iface_wps_nfc_token_gen(struct hostapd_data *hapd,
294 char *reply, size_t max_len,
295 int ndef)
296 {
297 struct wpabuf *buf;
298 int res;
299
300 buf = hostapd_wps_nfc_token_gen(hapd, ndef);
301 if (buf == NULL)
302 return -1;
303
304 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
305 wpabuf_len(buf));
306 reply[res++] = '\n';
307 reply[res] = '\0';
308
309 wpabuf_free(buf);
310
311 return res;
312 }
313
314
hostapd_ctrl_iface_wps_nfc_token(struct hostapd_data * hapd,char * cmd,char * reply,size_t max_len)315 static int hostapd_ctrl_iface_wps_nfc_token(struct hostapd_data *hapd,
316 char *cmd, char *reply,
317 size_t max_len)
318 {
319 if (os_strcmp(cmd, "WPS") == 0)
320 return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
321 max_len, 0);
322
323 if (os_strcmp(cmd, "NDEF") == 0)
324 return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
325 max_len, 1);
326
327 if (os_strcmp(cmd, "enable") == 0)
328 return hostapd_wps_nfc_token_enable(hapd);
329
330 if (os_strcmp(cmd, "disable") == 0) {
331 hostapd_wps_nfc_token_disable(hapd);
332 return 0;
333 }
334
335 return -1;
336 }
337
338
hostapd_ctrl_iface_nfc_get_handover_sel(struct hostapd_data * hapd,char * cmd,char * reply,size_t max_len)339 static int hostapd_ctrl_iface_nfc_get_handover_sel(struct hostapd_data *hapd,
340 char *cmd, char *reply,
341 size_t max_len)
342 {
343 struct wpabuf *buf;
344 int res;
345 char *pos;
346 int ndef;
347
348 pos = os_strchr(cmd, ' ');
349 if (pos == NULL)
350 return -1;
351 *pos++ = '\0';
352
353 if (os_strcmp(cmd, "WPS") == 0)
354 ndef = 0;
355 else if (os_strcmp(cmd, "NDEF") == 0)
356 ndef = 1;
357 else
358 return -1;
359
360 if (os_strcmp(pos, "WPS-CR") == 0)
361 buf = hostapd_wps_nfc_hs_cr(hapd, ndef);
362 else
363 buf = NULL;
364 if (buf == NULL)
365 return -1;
366
367 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
368 wpabuf_len(buf));
369 reply[res++] = '\n';
370 reply[res] = '\0';
371
372 wpabuf_free(buf);
373
374 return res;
375 }
376
377
hostapd_ctrl_iface_nfc_report_handover(struct hostapd_data * hapd,char * cmd)378 static int hostapd_ctrl_iface_nfc_report_handover(struct hostapd_data *hapd,
379 char *cmd)
380 {
381 size_t len;
382 struct wpabuf *req, *sel;
383 int ret;
384 char *pos, *role, *type, *pos2;
385
386 role = cmd;
387 pos = os_strchr(role, ' ');
388 if (pos == NULL)
389 return -1;
390 *pos++ = '\0';
391
392 type = pos;
393 pos = os_strchr(type, ' ');
394 if (pos == NULL)
395 return -1;
396 *pos++ = '\0';
397
398 pos2 = os_strchr(pos, ' ');
399 if (pos2 == NULL)
400 return -1;
401 *pos2++ = '\0';
402
403 len = os_strlen(pos);
404 if (len & 0x01)
405 return -1;
406 len /= 2;
407
408 req = wpabuf_alloc(len);
409 if (req == NULL)
410 return -1;
411 if (hexstr2bin(pos, wpabuf_put(req, len), len) < 0) {
412 wpabuf_free(req);
413 return -1;
414 }
415
416 len = os_strlen(pos2);
417 if (len & 0x01) {
418 wpabuf_free(req);
419 return -1;
420 }
421 len /= 2;
422
423 sel = wpabuf_alloc(len);
424 if (sel == NULL) {
425 wpabuf_free(req);
426 return -1;
427 }
428 if (hexstr2bin(pos2, wpabuf_put(sel, len), len) < 0) {
429 wpabuf_free(req);
430 wpabuf_free(sel);
431 return -1;
432 }
433
434 if (os_strcmp(role, "RESP") == 0 && os_strcmp(type, "WPS") == 0) {
435 ret = hostapd_wps_nfc_report_handover(hapd, req, sel);
436 } else {
437 wpa_printf(MSG_DEBUG, "NFC: Unsupported connection handover "
438 "reported: role=%s type=%s", role, type);
439 ret = -1;
440 }
441 wpabuf_free(req);
442 wpabuf_free(sel);
443
444 return ret;
445 }
446
447 #endif /* CONFIG_WPS_NFC */
448
449
hostapd_ctrl_iface_wps_ap_pin(struct hostapd_data * hapd,char * txt,char * buf,size_t buflen)450 static int hostapd_ctrl_iface_wps_ap_pin(struct hostapd_data *hapd, char *txt,
451 char *buf, size_t buflen)
452 {
453 int timeout = 300;
454 char *pos;
455 const char *pin_txt;
456
457 pos = os_strchr(txt, ' ');
458 if (pos)
459 *pos++ = '\0';
460
461 if (os_strcmp(txt, "disable") == 0) {
462 hostapd_wps_ap_pin_disable(hapd);
463 return os_snprintf(buf, buflen, "OK\n");
464 }
465
466 if (os_strcmp(txt, "random") == 0) {
467 if (pos)
468 timeout = atoi(pos);
469 pin_txt = hostapd_wps_ap_pin_random(hapd, timeout);
470 if (pin_txt == NULL)
471 return -1;
472 return os_snprintf(buf, buflen, "%s", pin_txt);
473 }
474
475 if (os_strcmp(txt, "get") == 0) {
476 pin_txt = hostapd_wps_ap_pin_get(hapd);
477 if (pin_txt == NULL)
478 return -1;
479 return os_snprintf(buf, buflen, "%s", pin_txt);
480 }
481
482 if (os_strcmp(txt, "set") == 0) {
483 char *pin;
484 if (pos == NULL)
485 return -1;
486 pin = pos;
487 pos = os_strchr(pos, ' ');
488 if (pos) {
489 *pos++ = '\0';
490 timeout = atoi(pos);
491 }
492 if (os_strlen(pin) > buflen)
493 return -1;
494 if (hostapd_wps_ap_pin_set(hapd, pin, timeout) < 0)
495 return -1;
496 return os_snprintf(buf, buflen, "%s", pin);
497 }
498
499 return -1;
500 }
501
502
hostapd_ctrl_iface_wps_config(struct hostapd_data * hapd,char * txt)503 static int hostapd_ctrl_iface_wps_config(struct hostapd_data *hapd, char *txt)
504 {
505 char *pos;
506 char *ssid, *auth, *encr = NULL, *key = NULL;
507
508 ssid = txt;
509 pos = os_strchr(txt, ' ');
510 if (!pos)
511 return -1;
512 *pos++ = '\0';
513
514 auth = pos;
515 pos = os_strchr(pos, ' ');
516 if (pos) {
517 *pos++ = '\0';
518 encr = pos;
519 pos = os_strchr(pos, ' ');
520 if (pos) {
521 *pos++ = '\0';
522 key = pos;
523 }
524 }
525
526 return hostapd_wps_config_ap(hapd, ssid, auth, encr, key);
527 }
528
529
pbc_status_str(enum pbc_status status)530 static const char * pbc_status_str(enum pbc_status status)
531 {
532 switch (status) {
533 case WPS_PBC_STATUS_DISABLE:
534 return "Disabled";
535 case WPS_PBC_STATUS_ACTIVE:
536 return "Active";
537 case WPS_PBC_STATUS_TIMEOUT:
538 return "Timed-out";
539 case WPS_PBC_STATUS_OVERLAP:
540 return "Overlap";
541 default:
542 return "Unknown";
543 }
544 }
545
546
hostapd_ctrl_iface_wps_get_status(struct hostapd_data * hapd,char * buf,size_t buflen)547 static int hostapd_ctrl_iface_wps_get_status(struct hostapd_data *hapd,
548 char *buf, size_t buflen)
549 {
550 int ret;
551 char *pos, *end;
552
553 pos = buf;
554 end = buf + buflen;
555
556 ret = os_snprintf(pos, end - pos, "PBC Status: %s\n",
557 pbc_status_str(hapd->wps_stats.pbc_status));
558
559 if (os_snprintf_error(end - pos, ret))
560 return pos - buf;
561 pos += ret;
562
563 ret = os_snprintf(pos, end - pos, "Last WPS result: %s\n",
564 (hapd->wps_stats.status == WPS_STATUS_SUCCESS ?
565 "Success":
566 (hapd->wps_stats.status == WPS_STATUS_FAILURE ?
567 "Failed" : "None")));
568
569 if (os_snprintf_error(end - pos, ret))
570 return pos - buf;
571 pos += ret;
572
573 /* If status == Failure - Add possible Reasons */
574 if(hapd->wps_stats.status == WPS_STATUS_FAILURE &&
575 hapd->wps_stats.failure_reason > 0) {
576 ret = os_snprintf(pos, end - pos,
577 "Failure Reason: %s\n",
578 wps_ei_str(hapd->wps_stats.failure_reason));
579
580 if (os_snprintf_error(end - pos, ret))
581 return pos - buf;
582 pos += ret;
583 }
584
585 if (hapd->wps_stats.status) {
586 ret = os_snprintf(pos, end - pos, "Peer Address: " MACSTR "\n",
587 MAC2STR(hapd->wps_stats.peer_addr));
588
589 if (os_snprintf_error(end - pos, ret))
590 return pos - buf;
591 pos += ret;
592 }
593
594 return pos - buf;
595 }
596
597 #endif /* CONFIG_WPS */
598
599 #ifdef CONFIG_HS20
600
hostapd_ctrl_iface_hs20_wnm_notif(struct hostapd_data * hapd,const char * cmd)601 static int hostapd_ctrl_iface_hs20_wnm_notif(struct hostapd_data *hapd,
602 const char *cmd)
603 {
604 u8 addr[ETH_ALEN];
605 const char *url;
606
607 if (hwaddr_aton(cmd, addr))
608 return -1;
609 url = cmd + 17;
610 if (*url == '\0') {
611 url = NULL;
612 } else {
613 if (*url != ' ')
614 return -1;
615 url++;
616 if (*url == '\0')
617 url = NULL;
618 }
619
620 return hs20_send_wnm_notification(hapd, addr, 1, url);
621 }
622
623
hostapd_ctrl_iface_hs20_deauth_req(struct hostapd_data * hapd,const char * cmd)624 static int hostapd_ctrl_iface_hs20_deauth_req(struct hostapd_data *hapd,
625 const char *cmd)
626 {
627 u8 addr[ETH_ALEN];
628 int code, reauth_delay, ret;
629 const char *pos;
630 size_t url_len;
631 struct wpabuf *req;
632
633 /* <STA MAC Addr> <Code(0/1)> <Re-auth-Delay(sec)> [URL] */
634 if (hwaddr_aton(cmd, addr))
635 return -1;
636
637 pos = os_strchr(cmd, ' ');
638 if (pos == NULL)
639 return -1;
640 pos++;
641 code = atoi(pos);
642
643 pos = os_strchr(pos, ' ');
644 if (pos == NULL)
645 return -1;
646 pos++;
647 reauth_delay = atoi(pos);
648
649 url_len = 0;
650 pos = os_strchr(pos, ' ');
651 if (pos) {
652 pos++;
653 url_len = os_strlen(pos);
654 }
655
656 req = wpabuf_alloc(4 + url_len);
657 if (req == NULL)
658 return -1;
659 wpabuf_put_u8(req, code);
660 wpabuf_put_le16(req, reauth_delay);
661 wpabuf_put_u8(req, url_len);
662 if (pos)
663 wpabuf_put_data(req, pos, url_len);
664
665 wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to " MACSTR_SEC
666 " to indicate imminent deauthentication (code=%d "
667 "reauth_delay=%d)", MAC2STR_SEC(addr), code, reauth_delay);
668 ret = hs20_send_wnm_notification_deauth_req(hapd, addr, req);
669 wpabuf_free(req);
670 return ret;
671 }
672
673 #endif /* CONFIG_HS20 */
674
675
676 #ifdef CONFIG_INTERWORKING
677
hostapd_ctrl_iface_set_qos_map_set(struct hostapd_data * hapd,const char * cmd)678 static int hostapd_ctrl_iface_set_qos_map_set(struct hostapd_data *hapd,
679 const char *cmd)
680 {
681 u8 qos_map_set[16 + 2 * 21], count = 0;
682 const char *pos = cmd;
683 int val, ret;
684
685 for (;;) {
686 if (count == sizeof(qos_map_set)) {
687 wpa_printf(MSG_ERROR, "Too many qos_map_set parameters");
688 return -1;
689 }
690
691 val = atoi(pos);
692 if (val < 0 || val > 255) {
693 wpa_printf(MSG_INFO, "Invalid QoS Map Set");
694 return -1;
695 }
696
697 qos_map_set[count++] = val;
698 pos = os_strchr(pos, ',');
699 if (!pos)
700 break;
701 pos++;
702 }
703
704 if (count < 16 || count & 1) {
705 wpa_printf(MSG_INFO, "Invalid QoS Map Set");
706 return -1;
707 }
708
709 ret = hostapd_drv_set_qos_map(hapd, qos_map_set, count);
710 if (ret) {
711 wpa_printf(MSG_INFO, "Failed to set QoS Map Set");
712 return -1;
713 }
714
715 os_memcpy(hapd->conf->qos_map_set, qos_map_set, count);
716 hapd->conf->qos_map_set_len = count;
717
718 return 0;
719 }
720
721
hostapd_ctrl_iface_send_qos_map_conf(struct hostapd_data * hapd,const char * cmd)722 static int hostapd_ctrl_iface_send_qos_map_conf(struct hostapd_data *hapd,
723 const char *cmd)
724 {
725 u8 addr[ETH_ALEN];
726 struct sta_info *sta;
727 struct wpabuf *buf;
728 u8 *qos_map_set = hapd->conf->qos_map_set;
729 u8 qos_map_set_len = hapd->conf->qos_map_set_len;
730 int ret;
731
732 if (!qos_map_set_len) {
733 wpa_printf(MSG_INFO, "QoS Map Set is not set");
734 return -1;
735 }
736
737 if (hwaddr_aton(cmd, addr))
738 return -1;
739
740 sta = ap_get_sta(hapd, addr);
741 if (sta == NULL) {
742 wpa_printf(MSG_DEBUG, "Station " MACSTR_SEC " not found "
743 "for QoS Map Configuration message",
744 MAC2STR_SEC(addr));
745 return -1;
746 }
747
748 if (!sta->qos_map_enabled) {
749 wpa_printf(MSG_DEBUG, "Station " MACSTR_SEC " did not indicate "
750 "support for QoS Map", MAC2STR_SEC(addr));
751 return -1;
752 }
753
754 buf = wpabuf_alloc(2 + 2 + qos_map_set_len);
755 if (buf == NULL)
756 return -1;
757
758 wpabuf_put_u8(buf, WLAN_ACTION_QOS);
759 wpabuf_put_u8(buf, QOS_QOS_MAP_CONFIG);
760
761 /* QoS Map Set Element */
762 wpabuf_put_u8(buf, WLAN_EID_QOS_MAP_SET);
763 wpabuf_put_u8(buf, qos_map_set_len);
764 wpabuf_put_data(buf, qos_map_set, qos_map_set_len);
765
766 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
767 wpabuf_head(buf), wpabuf_len(buf));
768 wpabuf_free(buf);
769
770 return ret;
771 }
772
773 #endif /* CONFIG_INTERWORKING */
774
775
776 #ifdef CONFIG_WNM_AP
777
hostapd_ctrl_iface_coloc_intf_req(struct hostapd_data * hapd,const char * cmd)778 static int hostapd_ctrl_iface_coloc_intf_req(struct hostapd_data *hapd,
779 const char *cmd)
780 {
781 u8 addr[ETH_ALEN];
782 struct sta_info *sta;
783 const char *pos;
784 unsigned int auto_report, timeout;
785
786 if (hwaddr_aton(cmd, addr)) {
787 wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
788 return -1;
789 }
790
791 sta = ap_get_sta(hapd, addr);
792 if (!sta) {
793 wpa_printf(MSG_DEBUG, "Station " MACSTR_SEC
794 " not found for Collocated Interference Request",
795 MAC2STR_SEC(addr));
796 return -1;
797 }
798
799 pos = cmd + 17;
800 if (*pos != ' ')
801 return -1;
802 pos++;
803 auto_report = atoi(pos);
804 pos = os_strchr(pos, ' ');
805 if (!pos)
806 return -1;
807 pos++;
808 timeout = atoi(pos);
809
810 return wnm_send_coloc_intf_req(hapd, sta, auto_report, timeout);
811 }
812
813 #endif /* CONFIG_WNM_AP */
814
815
hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data * hapd,char * buf,size_t buflen)816 static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
817 char *buf, size_t buflen)
818 {
819 int ret = 0;
820 char *pos, *end;
821
822 pos = buf;
823 end = buf + buflen;
824
825 WPA_ASSERT(hapd->conf->wpa_key_mgmt);
826
827 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
828 ret = os_snprintf(pos, end - pos, "WPA-PSK ");
829 if (os_snprintf_error(end - pos, ret))
830 return pos - buf;
831 pos += ret;
832 }
833 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
834 ret = os_snprintf(pos, end - pos, "WPA-EAP ");
835 if (os_snprintf_error(end - pos, ret))
836 return pos - buf;
837 pos += ret;
838 }
839 #ifdef CONFIG_IEEE80211R_AP
840 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
841 ret = os_snprintf(pos, end - pos, "FT-PSK ");
842 if (os_snprintf_error(end - pos, ret))
843 return pos - buf;
844 pos += ret;
845 }
846 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
847 ret = os_snprintf(pos, end - pos, "FT-EAP ");
848 if (os_snprintf_error(end - pos, ret))
849 return pos - buf;
850 pos += ret;
851 }
852 #ifdef CONFIG_SHA384
853 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
854 ret = os_snprintf(pos, end - pos, "FT-EAP-SHA384 ");
855 if (os_snprintf_error(end - pos, ret))
856 return pos - buf;
857 pos += ret;
858 }
859 #endif /* CONFIG_SHA384 */
860 #ifdef CONFIG_SAE
861 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
862 ret = os_snprintf(pos, end - pos, "FT-SAE ");
863 if (os_snprintf_error(end - pos, ret))
864 return pos - buf;
865 pos += ret;
866 }
867 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
868 ret = os_snprintf(pos, end - pos, "FT-SAE-EXT-KEY ");
869 if (os_snprintf_error(end - pos, ret))
870 return pos - buf;
871 pos += ret;
872 }
873 #endif /* CONFIG_SAE */
874 #ifdef CONFIG_FILS
875 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
876 ret = os_snprintf(pos, end - pos, "FT-FILS-SHA256 ");
877 if (os_snprintf_error(end - pos, ret))
878 return pos - buf;
879 pos += ret;
880 }
881 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
882 ret = os_snprintf(pos, end - pos, "FT-FILS-SHA384 ");
883 if (os_snprintf_error(end - pos, ret))
884 return pos - buf;
885 pos += ret;
886 }
887 #endif /* CONFIG_FILS */
888 #endif /* CONFIG_IEEE80211R_AP */
889 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
890 ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
891 if (os_snprintf_error(end - pos, ret))
892 return pos - buf;
893 pos += ret;
894 }
895 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
896 ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 ");
897 if (os_snprintf_error(end - pos, ret))
898 return pos - buf;
899 pos += ret;
900 }
901 #ifdef CONFIG_SAE
902 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
903 ret = os_snprintf(pos, end - pos, "SAE ");
904 if (os_snprintf_error(end - pos, ret))
905 return pos - buf;
906 pos += ret;
907 }
908 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
909 ret = os_snprintf(pos, end - pos, "SAE-EXT-KEY ");
910 if (os_snprintf_error(end - pos, ret))
911 return pos - buf;
912 pos += ret;
913 }
914 #endif /* CONFIG_SAE */
915 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
916 ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B ");
917 if (os_snprintf_error(end - pos, ret))
918 return pos - buf;
919 pos += ret;
920 }
921 if (hapd->conf->wpa_key_mgmt &
922 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
923 ret = os_snprintf(pos, end - pos,
924 "WPA-EAP-SUITE-B-192 ");
925 if (os_snprintf_error(end - pos, ret))
926 return pos - buf;
927 pos += ret;
928 }
929 #ifdef CONFIG_FILS
930 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
931 ret = os_snprintf(pos, end - pos, "FILS-SHA256 ");
932 if (os_snprintf_error(end - pos, ret))
933 return pos - buf;
934 pos += ret;
935 }
936 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
937 ret = os_snprintf(pos, end - pos, "FILS-SHA384 ");
938 if (os_snprintf_error(end - pos, ret))
939 return pos - buf;
940 pos += ret;
941 }
942 #endif /* CONFIG_FILS */
943
944 #ifdef CONFIG_OWE
945 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) {
946 ret = os_snprintf(pos, end - pos, "OWE ");
947 if (os_snprintf_error(end - pos, ret))
948 return pos - buf;
949 pos += ret;
950 }
951 #endif /* CONFIG_OWE */
952
953 #ifdef CONFIG_DPP
954 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) {
955 ret = os_snprintf(pos, end - pos, "DPP ");
956 if (os_snprintf_error(end - pos, ret))
957 return pos - buf;
958 pos += ret;
959 }
960 #endif /* CONFIG_DPP */
961 #ifdef CONFIG_SHA384
962 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA384) {
963 ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA384 ");
964 if (os_snprintf_error(end - pos, ret))
965 return pos - buf;
966 pos += ret;
967 }
968 #endif /* CONFIG_SHA384 */
969
970 if (pos > buf && *(pos - 1) == ' ') {
971 *(pos - 1) = '\0';
972 pos--;
973 }
974
975 return pos - buf;
976 }
977
978
hostapd_ctrl_iface_get_config(struct hostapd_data * hapd,char * buf,size_t buflen)979 static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd,
980 char *buf, size_t buflen)
981 {
982 int ret;
983 char *pos, *end;
984
985 pos = buf;
986 end = buf + buflen;
987
988 ret = os_snprintf(pos, end - pos, "bssid=" MACSTR "\n"
989 "ssid=%s\n",
990 MAC2STR(hapd->own_addr),
991 wpa_ssid_txt(hapd->conf->ssid.ssid,
992 hapd->conf->ssid.ssid_len));
993 if (os_snprintf_error(end - pos, ret))
994 return pos - buf;
995 pos += ret;
996
997 if ((hapd->conf->config_id)) {
998 ret = os_snprintf(pos, end - pos, "config_id=%s\n",
999 hapd->conf->config_id);
1000 if (os_snprintf_error(end - pos, ret))
1001 return pos - buf;
1002 pos += ret;
1003 }
1004
1005 #ifdef CONFIG_WPS
1006 ret = os_snprintf(pos, end - pos, "wps_state=%s\n",
1007 hapd->conf->wps_state == 0 ? "disabled" :
1008 (hapd->conf->wps_state == 1 ? "not configured" :
1009 "configured"));
1010 if (os_snprintf_error(end - pos, ret))
1011 return pos - buf;
1012 pos += ret;
1013
1014 if (hapd->conf->wps_state && hapd->conf->wpa &&
1015 hapd->conf->ssid.wpa_passphrase) {
1016 ret = os_snprintf(pos, end - pos, "passphrase=%s\n",
1017 hapd->conf->ssid.wpa_passphrase);
1018 if (os_snprintf_error(end - pos, ret))
1019 return pos - buf;
1020 pos += ret;
1021 }
1022
1023 if (hapd->conf->wps_state && hapd->conf->wpa &&
1024 hapd->conf->ssid.wpa_psk &&
1025 hapd->conf->ssid.wpa_psk->group) {
1026 char hex[PMK_LEN * 2 + 1];
1027 wpa_snprintf_hex(hex, sizeof(hex),
1028 hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
1029 ret = os_snprintf(pos, end - pos, "psk=%s\n", hex);
1030 if (os_snprintf_error(end - pos, ret))
1031 return pos - buf;
1032 pos += ret;
1033 }
1034
1035 if (hapd->conf->multi_ap) {
1036 struct hostapd_ssid *ssid = &hapd->conf->multi_ap_backhaul_ssid;
1037
1038 ret = os_snprintf(pos, end - pos, "multi_ap=%d\n",
1039 hapd->conf->multi_ap);
1040 if (os_snprintf_error(end - pos, ret))
1041 return pos - buf;
1042 pos += ret;
1043
1044 if (ssid->ssid_len) {
1045 ret = os_snprintf(pos, end - pos,
1046 "multi_ap_backhaul_ssid=%s\n",
1047 wpa_ssid_txt(ssid->ssid,
1048 ssid->ssid_len));
1049 if (os_snprintf_error(end - pos, ret))
1050 return pos - buf;
1051 pos += ret;
1052 }
1053
1054 if (hapd->conf->wps_state && hapd->conf->wpa &&
1055 ssid->wpa_passphrase) {
1056 ret = os_snprintf(pos, end - pos,
1057 "multi_ap_backhaul_wpa_passphrase=%s\n",
1058 ssid->wpa_passphrase);
1059 if (os_snprintf_error(end - pos, ret))
1060 return pos - buf;
1061 pos += ret;
1062 }
1063
1064 if (hapd->conf->wps_state && hapd->conf->wpa &&
1065 ssid->wpa_psk &&
1066 ssid->wpa_psk->group) {
1067 char hex[PMK_LEN * 2 + 1];
1068
1069 wpa_snprintf_hex(hex, sizeof(hex), ssid->wpa_psk->psk,
1070 PMK_LEN);
1071 ret = os_snprintf(pos, end - pos,
1072 "multi_ap_backhaul_wpa_psk=%s\n",
1073 hex);
1074 forced_memzero(hex, sizeof(hex));
1075 if (os_snprintf_error(end - pos, ret))
1076 return pos - buf;
1077 pos += ret;
1078 }
1079 }
1080 #endif /* CONFIG_WPS */
1081
1082 if (hapd->conf->wpa) {
1083 ret = os_snprintf(pos, end - pos, "wpa=%d\n", hapd->conf->wpa);
1084 if (os_snprintf_error(end - pos, ret))
1085 return pos - buf;
1086 pos += ret;
1087 }
1088
1089 if (hapd->conf->wpa && hapd->conf->wpa_key_mgmt) {
1090 ret = os_snprintf(pos, end - pos, "key_mgmt=");
1091 if (os_snprintf_error(end - pos, ret))
1092 return pos - buf;
1093 pos += ret;
1094
1095 pos += hostapd_ctrl_iface_get_key_mgmt(hapd, pos, end - pos);
1096
1097 ret = os_snprintf(pos, end - pos, "\n");
1098 if (os_snprintf_error(end - pos, ret))
1099 return pos - buf;
1100 pos += ret;
1101 }
1102
1103 if (hapd->conf->wpa) {
1104 ret = os_snprintf(pos, end - pos, "group_cipher=%s\n",
1105 wpa_cipher_txt(hapd->conf->wpa_group));
1106 if (os_snprintf_error(end - pos, ret))
1107 return pos - buf;
1108 pos += ret;
1109 }
1110
1111 if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->rsn_pairwise) {
1112 ret = os_snprintf(pos, end - pos, "rsn_pairwise_cipher=");
1113 if (os_snprintf_error(end - pos, ret))
1114 return pos - buf;
1115 pos += ret;
1116
1117 ret = wpa_write_ciphers(pos, end, hapd->conf->rsn_pairwise,
1118 " ");
1119 if (ret < 0)
1120 return pos - buf;
1121 pos += ret;
1122
1123 ret = os_snprintf(pos, end - pos, "\n");
1124 if (os_snprintf_error(end - pos, ret))
1125 return pos - buf;
1126 pos += ret;
1127 }
1128
1129 if ((hapd->conf->wpa & WPA_PROTO_WPA) && hapd->conf->wpa_pairwise) {
1130 ret = os_snprintf(pos, end - pos, "wpa_pairwise_cipher=");
1131 if (os_snprintf_error(end - pos, ret))
1132 return pos - buf;
1133 pos += ret;
1134
1135 ret = wpa_write_ciphers(pos, end, hapd->conf->wpa_pairwise,
1136 " ");
1137 if (ret < 0)
1138 return pos - buf;
1139 pos += ret;
1140
1141 ret = os_snprintf(pos, end - pos, "\n");
1142 if (os_snprintf_error(end - pos, ret))
1143 return pos - buf;
1144 pos += ret;
1145 }
1146
1147 if (hapd->conf->wpa && hapd->conf->wpa_deny_ptk0_rekey) {
1148 ret = os_snprintf(pos, end - pos, "wpa_deny_ptk0_rekey=%d\n",
1149 hapd->conf->wpa_deny_ptk0_rekey);
1150 if (os_snprintf_error(end - pos, ret))
1151 return pos - buf;
1152 pos += ret;
1153 }
1154
1155 if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->extended_key_id) {
1156 ret = os_snprintf(pos, end - pos, "extended_key_id=%d\n",
1157 hapd->conf->extended_key_id);
1158 if (os_snprintf_error(end - pos, ret))
1159 return pos - buf;
1160 pos += ret;
1161 }
1162
1163 return pos - buf;
1164 }
1165
1166
hostapd_ctrl_iface_set_band(struct hostapd_data * hapd,const char * bands)1167 static int hostapd_ctrl_iface_set_band(struct hostapd_data *hapd,
1168 const char *bands)
1169 {
1170 union wpa_event_data event;
1171 u32 setband_mask = WPA_SETBAND_AUTO;
1172
1173 /*
1174 * For example:
1175 * SET setband 2G,6G
1176 * SET setband 5G
1177 * SET setband AUTO
1178 */
1179 if (!os_strstr(bands, "AUTO")) {
1180 if (os_strstr(bands, "5G"))
1181 setband_mask |= WPA_SETBAND_5G;
1182 if (os_strstr(bands, "6G"))
1183 setband_mask |= WPA_SETBAND_6G;
1184 if (os_strstr(bands, "2G"))
1185 setband_mask |= WPA_SETBAND_2G;
1186 if (setband_mask == WPA_SETBAND_AUTO)
1187 return -1;
1188 }
1189
1190 if (hostapd_drv_set_band(hapd, setband_mask) == 0) {
1191 os_memset(&event, 0, sizeof(event));
1192 event.channel_list_changed.initiator = REGDOM_SET_BY_USER;
1193 event.channel_list_changed.type = REGDOM_TYPE_UNKNOWN;
1194 wpa_supplicant_event(hapd, EVENT_CHANNEL_LIST_CHANGED, &event);
1195 }
1196
1197 return 0;
1198 }
1199
1200
hostapd_ctrl_iface_set(struct hostapd_data * hapd,char * cmd)1201 int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd)
1202 {
1203 char *value;
1204 int ret = 0;
1205 wpa_printf(MSG_DEBUG, "CTRL_IFACE SET %s", get_anonymized_result_for_set(cmd));
1206 value = os_strchr(cmd, ' ');
1207 if (value == NULL)
1208 return -1;
1209 *value++ = '\0';
1210
1211 if (0) {
1212 #ifdef CONFIG_WPS_TESTING
1213 } else if (os_strcasecmp(cmd, "wps_version_number") == 0) {
1214 long int val;
1215 val = strtol(value, NULL, 0);
1216 if (val < 0 || val > 0xff) {
1217 ret = -1;
1218 wpa_printf(MSG_DEBUG, "WPS: Invalid "
1219 "wps_version_number %ld", val);
1220 } else {
1221 wps_version_number = val;
1222 wpa_printf(MSG_DEBUG, "WPS: Testing - force WPS "
1223 "version %u.%u",
1224 (wps_version_number & 0xf0) >> 4,
1225 wps_version_number & 0x0f);
1226 hostapd_wps_update_ie(hapd);
1227 }
1228 } else if (os_strcasecmp(cmd, "wps_testing_stub_cred") == 0) {
1229 wps_testing_stub_cred = atoi(value);
1230 wpa_printf(MSG_DEBUG, "WPS: Testing - stub_cred=%d",
1231 wps_testing_stub_cred);
1232 } else if (os_strcasecmp(cmd, "wps_corrupt_pkhash") == 0) {
1233 wps_corrupt_pkhash = atoi(value);
1234 wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d",
1235 wps_corrupt_pkhash);
1236 #endif /* CONFIG_WPS_TESTING */
1237 #ifdef CONFIG_TESTING_OPTIONS
1238 } else if (os_strcasecmp(cmd, "ext_mgmt_frame_handling") == 0) {
1239 hapd->ext_mgmt_frame_handling = atoi(value);
1240 } else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) {
1241 hapd->ext_eapol_frame_io = atoi(value);
1242 } else if (os_strcasecmp(cmd, "force_backlog_bytes") == 0) {
1243 hapd->force_backlog_bytes = atoi(value);
1244 #ifdef CONFIG_DPP
1245 } else if (os_strcasecmp(cmd, "dpp_config_obj_override") == 0) {
1246 os_free(hapd->dpp_config_obj_override);
1247 hapd->dpp_config_obj_override = os_strdup(value);
1248 } else if (os_strcasecmp(cmd, "dpp_discovery_override") == 0) {
1249 os_free(hapd->dpp_discovery_override);
1250 hapd->dpp_discovery_override = os_strdup(value);
1251 } else if (os_strcasecmp(cmd, "dpp_groups_override") == 0) {
1252 os_free(hapd->dpp_groups_override);
1253 hapd->dpp_groups_override = os_strdup(value);
1254 } else if (os_strcasecmp(cmd,
1255 "dpp_ignore_netaccesskey_mismatch") == 0) {
1256 hapd->dpp_ignore_netaccesskey_mismatch = atoi(value);
1257 } else if (os_strcasecmp(cmd, "dpp_test") == 0) {
1258 dpp_test = atoi(value);
1259 } else if (os_strcasecmp(cmd, "dpp_version_override") == 0) {
1260 dpp_version_override = atoi(value);
1261 #endif /* CONFIG_DPP */
1262 #endif /* CONFIG_TESTING_OPTIONS */
1263 #ifdef CONFIG_MBO
1264 } else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) {
1265 int val;
1266
1267 if (!hapd->conf->mbo_enabled)
1268 return -1;
1269
1270 val = atoi(value);
1271 if (val < 0 || val > MBO_ASSOC_DISALLOW_REASON_LOW_RSSI)
1272 return -1;
1273
1274 hapd->mbo_assoc_disallow = val;
1275 ieee802_11_update_beacons(hapd->iface);
1276
1277 /*
1278 * TODO: Need to configure drivers that do AP MLME offload with
1279 * disallowing station logic.
1280 */
1281 #endif /* CONFIG_MBO */
1282 #ifdef CONFIG_DPP
1283 } else if (os_strcasecmp(cmd, "dpp_configurator_params") == 0) {
1284 os_free(hapd->dpp_configurator_params);
1285 hapd->dpp_configurator_params = os_strdup(value);
1286 #ifdef CONFIG_DPP2
1287 dpp_controller_set_params(hapd->iface->interfaces->dpp, value);
1288 #endif /* CONFIG_DPP2 */
1289 } else if (os_strcasecmp(cmd, "dpp_init_max_tries") == 0) {
1290 hapd->dpp_init_max_tries = atoi(value);
1291 } else if (os_strcasecmp(cmd, "dpp_init_retry_time") == 0) {
1292 hapd->dpp_init_retry_time = atoi(value);
1293 } else if (os_strcasecmp(cmd, "dpp_resp_wait_time") == 0) {
1294 hapd->dpp_resp_wait_time = atoi(value);
1295 } else if (os_strcasecmp(cmd, "dpp_resp_max_tries") == 0) {
1296 hapd->dpp_resp_max_tries = atoi(value);
1297 } else if (os_strcasecmp(cmd, "dpp_resp_retry_time") == 0) {
1298 hapd->dpp_resp_retry_time = atoi(value);
1299 #endif /* CONFIG_DPP */
1300 } else if (os_strcasecmp(cmd, "setband") == 0) {
1301 ret = hostapd_ctrl_iface_set_band(hapd, value);
1302 } else {
1303 ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value);
1304 if (ret)
1305 return ret;
1306
1307 if (os_strcasecmp(cmd, "deny_mac_file") == 0) {
1308 hostapd_disassoc_deny_mac(hapd);
1309 } else if (os_strcasecmp(cmd, "accept_mac_file") == 0) {
1310 hostapd_disassoc_accept_mac(hapd);
1311 } else if (os_strcasecmp(cmd, "ssid") == 0) {
1312 hostapd_neighbor_sync_own_report(hapd);
1313 } else if (os_strncmp(cmd, "wme_ac_", 7) == 0 ||
1314 os_strncmp(cmd, "wmm_ac_", 7) == 0) {
1315 hapd->parameter_set_count++;
1316 if (ieee802_11_update_beacons(hapd->iface))
1317 wpa_printf(MSG_DEBUG,
1318 "Failed to update beacons with WMM parameters");
1319 } else if (os_strcmp(cmd, "wpa_passphrase") == 0 ||
1320 os_strcmp(cmd, "sae_password") == 0 ||
1321 os_strcmp(cmd, "sae_pwe") == 0) {
1322 if (hapd->started)
1323 hostapd_setup_sae_pt(hapd->conf);
1324 } else if (os_strcasecmp(cmd, "transition_disable") == 0) {
1325 wpa_auth_set_transition_disable(hapd->wpa_auth,
1326 hapd->conf->transition_disable);
1327 }
1328
1329 #ifdef CONFIG_TESTING_OPTIONS
1330 if (os_strcmp(cmd, "ft_rsnxe_used") == 0)
1331 wpa_auth_set_ft_rsnxe_used(hapd->wpa_auth,
1332 hapd->conf->ft_rsnxe_used);
1333 else if (os_strcmp(cmd, "oci_freq_override_eapol_m3") == 0)
1334 wpa_auth_set_ocv_override_freq(
1335 hapd->wpa_auth, WPA_AUTH_OCV_OVERRIDE_EAPOL_M3,
1336 atoi(value));
1337 else if (os_strcmp(cmd, "oci_freq_override_eapol_g1") == 0)
1338 wpa_auth_set_ocv_override_freq(
1339 hapd->wpa_auth, WPA_AUTH_OCV_OVERRIDE_EAPOL_G1,
1340 atoi(value));
1341 else if (os_strcmp(cmd, "oci_freq_override_ft_assoc") == 0)
1342 wpa_auth_set_ocv_override_freq(
1343 hapd->wpa_auth, WPA_AUTH_OCV_OVERRIDE_FT_ASSOC,
1344 atoi(value));
1345 else if (os_strcmp(cmd, "oci_freq_override_fils_assoc") == 0)
1346 wpa_auth_set_ocv_override_freq(
1347 hapd->wpa_auth,
1348 WPA_AUTH_OCV_OVERRIDE_FILS_ASSOC, atoi(value));
1349 #endif /* CONFIG_TESTING_OPTIONS */
1350 }
1351
1352 return ret;
1353 }
1354
1355
hostapd_ctrl_iface_get(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)1356 static int hostapd_ctrl_iface_get(struct hostapd_data *hapd, char *cmd,
1357 char *buf, size_t buflen)
1358 {
1359 int res;
1360
1361 wpa_printf(MSG_DEBUG, "CTRL_IFACE GET '%s'", cmd);
1362
1363 if (os_strcmp(cmd, "version") == 0) {
1364 res = os_snprintf(buf, buflen, "%s", VERSION_STR);
1365 if (os_snprintf_error(buflen, res))
1366 return -1;
1367 return res;
1368 } else if (os_strcmp(cmd, "tls_library") == 0) {
1369 res = tls_get_library_version(buf, buflen);
1370 if (os_snprintf_error(buflen, res))
1371 return -1;
1372 return res;
1373 }
1374
1375 return -1;
1376 }
1377
1378
hostapd_ctrl_iface_enable(struct hostapd_iface * iface)1379 int hostapd_ctrl_iface_enable(struct hostapd_iface *iface)
1380 {
1381 if (hostapd_enable_iface(iface) < 0) {
1382 wpa_printf(MSG_ERROR, "Enabling of interface failed");
1383 return -1;
1384 }
1385 return 0;
1386 }
1387
1388
hostapd_ctrl_iface_reload(struct hostapd_iface * iface)1389 static int hostapd_ctrl_iface_reload(struct hostapd_iface *iface)
1390 {
1391 if (hostapd_reload_iface(iface) < 0) {
1392 wpa_printf(MSG_ERROR, "Reloading of interface failed");
1393 return -1;
1394 }
1395 return 0;
1396 }
1397
1398
hostapd_ctrl_iface_reload_bss(struct hostapd_data * bss)1399 static int hostapd_ctrl_iface_reload_bss(struct hostapd_data *bss)
1400 {
1401 if (hostapd_reload_bss_only(bss) < 0) {
1402 wpa_printf(MSG_ERROR, "Reloading of BSS failed");
1403 return -1;
1404 }
1405 return 0;
1406 }
1407
1408
hostapd_ctrl_iface_disable(struct hostapd_iface * iface)1409 int hostapd_ctrl_iface_disable(struct hostapd_iface *iface)
1410 {
1411 if (hostapd_disable_iface(iface) < 0) {
1412 wpa_printf(MSG_ERROR, "Disabling of interface failed");
1413 return -1;
1414 }
1415 return 0;
1416 }
1417
1418
1419 static int
hostapd_ctrl_iface_kick_mismatch_psk_sta_iter(struct hostapd_data * hapd,struct sta_info * sta,void * ctx)1420 hostapd_ctrl_iface_kick_mismatch_psk_sta_iter(struct hostapd_data *hapd,
1421 struct sta_info *sta, void *ctx)
1422 {
1423 struct hostapd_wpa_psk *psk;
1424 const u8 *pmk;
1425 int pmk_len;
1426 int pmk_match;
1427 int sta_match;
1428 int bss_match;
1429 int reason;
1430
1431 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
1432
1433 for (psk = hapd->conf->ssid.wpa_psk; pmk && psk; psk = psk->next) {
1434 pmk_match = PMK_LEN == pmk_len &&
1435 os_memcmp(psk->psk, pmk, pmk_len) == 0;
1436 sta_match = psk->group == 0 &&
1437 ether_addr_equal(sta->addr, psk->addr);
1438 bss_match = psk->group == 1;
1439
1440 if (pmk_match && (sta_match || bss_match))
1441 return 0;
1442 }
1443
1444 wpa_printf(MSG_INFO, "STA " MACSTR_SEC
1445 " PSK/passphrase no longer valid - disconnect",
1446 MAC2STR_SEC(sta->addr));
1447 reason = WLAN_REASON_PREV_AUTH_NOT_VALID;
1448 hostapd_drv_sta_deauth(hapd, sta->addr, reason);
1449 ap_sta_deauthenticate(hapd, sta, reason);
1450
1451 return 0;
1452 }
1453
1454
hostapd_ctrl_iface_reload_wpa_psk(struct hostapd_data * hapd)1455 static int hostapd_ctrl_iface_reload_wpa_psk(struct hostapd_data *hapd)
1456 {
1457 struct hostapd_bss_config *conf = hapd->conf;
1458 int err;
1459
1460 hostapd_config_clear_wpa_psk(&conf->ssid.wpa_psk);
1461
1462 err = hostapd_setup_wpa_psk(conf);
1463 if (err < 0) {
1464 wpa_printf(MSG_ERROR, "Reloading WPA-PSK passwords failed: %d",
1465 err);
1466 return -1;
1467 }
1468
1469 ap_for_each_sta(hapd, hostapd_ctrl_iface_kick_mismatch_psk_sta_iter,
1470 NULL);
1471
1472 return 0;
1473 }
1474
1475
1476 #ifdef CONFIG_IEEE80211R_AP
1477
hostapd_ctrl_iface_get_rxkhs(struct hostapd_data * hapd,char * buf,size_t buflen)1478 static int hostapd_ctrl_iface_get_rxkhs(struct hostapd_data *hapd,
1479 char *buf, size_t buflen)
1480 {
1481 int ret, start_pos;
1482 char *pos, *end;
1483 struct ft_remote_r0kh *r0kh;
1484 struct ft_remote_r1kh *r1kh;
1485 struct hostapd_bss_config *conf = hapd->conf;
1486
1487 pos = buf;
1488 end = buf + buflen;
1489
1490 for (r0kh = conf->r0kh_list; r0kh; r0kh=r0kh->next) {
1491 start_pos = pos - buf;
1492 ret = os_snprintf(pos, end - pos, "r0kh=" MACSTR " ",
1493 MAC2STR(r0kh->addr));
1494 if (os_snprintf_error(end - pos, ret))
1495 return start_pos;
1496 pos += ret;
1497 if (r0kh->id_len + 1 >= (size_t) (end - pos))
1498 return start_pos;
1499 os_memcpy(pos, r0kh->id, r0kh->id_len);
1500 pos += r0kh->id_len;
1501 *pos++ = ' ';
1502 pos += wpa_snprintf_hex(pos, end - pos, r0kh->key,
1503 sizeof(r0kh->key));
1504 ret = os_snprintf(pos, end - pos, "\n");
1505 if (os_snprintf_error(end - pos, ret))
1506 return start_pos;
1507 pos += ret;
1508 }
1509
1510 for (r1kh = conf->r1kh_list; r1kh; r1kh=r1kh->next) {
1511 start_pos = pos - buf;
1512 ret = os_snprintf(pos, end - pos, "r1kh=" MACSTR " " MACSTR " ",
1513 MAC2STR(r1kh->addr), MAC2STR(r1kh->id));
1514 if (os_snprintf_error(end - pos, ret))
1515 return start_pos;
1516 pos += ret;
1517 pos += wpa_snprintf_hex(pos, end - pos, r1kh->key,
1518 sizeof(r1kh->key));
1519 ret = os_snprintf(pos, end - pos, "\n");
1520 if (os_snprintf_error(end - pos, ret))
1521 return start_pos;
1522 pos += ret;
1523 }
1524
1525 return pos - buf;
1526 }
1527
1528
hostapd_ctrl_iface_reload_rxkhs(struct hostapd_data * hapd)1529 static int hostapd_ctrl_iface_reload_rxkhs(struct hostapd_data *hapd)
1530 {
1531 struct hostapd_bss_config *conf = hapd->conf;
1532 int err;
1533
1534 hostapd_config_clear_rxkhs(conf);
1535
1536 err = hostapd_config_read_rxkh_file(conf, conf->rxkh_file);
1537 if (err < 0) {
1538 wpa_printf(MSG_ERROR, "Reloading RxKHs failed: %d",
1539 err);
1540 return -1;
1541 }
1542
1543 return 0;
1544 }
1545
1546 #endif /* CONFIG_IEEE80211R_AP */
1547
1548
1549 #ifdef CONFIG_TESTING_OPTIONS
1550
hostapd_ctrl_iface_radar(struct hostapd_data * hapd,char * cmd)1551 static int hostapd_ctrl_iface_radar(struct hostapd_data *hapd, char *cmd)
1552 {
1553 union wpa_event_data data;
1554 char *pos, *param;
1555 enum wpa_event_type event;
1556
1557 wpa_printf(MSG_DEBUG, "RADAR TEST: %s", cmd);
1558
1559 os_memset(&data, 0, sizeof(data));
1560
1561 param = os_strchr(cmd, ' ');
1562 if (param == NULL)
1563 return -1;
1564 *param++ = '\0';
1565
1566 if (os_strcmp(cmd, "DETECTED") == 0)
1567 event = EVENT_DFS_RADAR_DETECTED;
1568 else if (os_strcmp(cmd, "CAC-FINISHED") == 0)
1569 event = EVENT_DFS_CAC_FINISHED;
1570 else if (os_strcmp(cmd, "CAC-ABORTED") == 0)
1571 event = EVENT_DFS_CAC_ABORTED;
1572 else if (os_strcmp(cmd, "NOP-FINISHED") == 0)
1573 event = EVENT_DFS_NOP_FINISHED;
1574 else {
1575 wpa_printf(MSG_DEBUG, "Unsupported RADAR test command: %s",
1576 cmd);
1577 return -1;
1578 }
1579
1580 pos = os_strstr(param, "freq=");
1581 if (pos)
1582 data.dfs_event.freq = atoi(pos + 5);
1583
1584 pos = os_strstr(param, "ht_enabled=1");
1585 if (pos)
1586 data.dfs_event.ht_enabled = 1;
1587
1588 pos = os_strstr(param, "chan_offset=");
1589 if (pos)
1590 data.dfs_event.chan_offset = atoi(pos + 12);
1591
1592 pos = os_strstr(param, "chan_width=");
1593 if (pos)
1594 data.dfs_event.chan_width = atoi(pos + 11);
1595
1596 pos = os_strstr(param, "cf1=");
1597 if (pos)
1598 data.dfs_event.cf1 = atoi(pos + 4);
1599
1600 pos = os_strstr(param, "cf2=");
1601 if (pos)
1602 data.dfs_event.cf2 = atoi(pos + 4);
1603
1604 wpa_supplicant_event(hapd, event, &data);
1605
1606 return 0;
1607 }
1608
1609
hostapd_ctrl_iface_mgmt_tx(struct hostapd_data * hapd,char * cmd)1610 static int hostapd_ctrl_iface_mgmt_tx(struct hostapd_data *hapd, char *cmd)
1611 {
1612 size_t len;
1613 u8 *buf;
1614 int res;
1615
1616 wpa_printf(MSG_DEBUG, "External MGMT TX: %s", cmd);
1617
1618 len = os_strlen(cmd);
1619 if (len & 1)
1620 return -1;
1621 len /= 2;
1622
1623 buf = os_malloc(len);
1624 if (buf == NULL)
1625 return -1;
1626
1627 if (hexstr2bin(cmd, buf, len) < 0) {
1628 os_free(buf);
1629 return -1;
1630 }
1631
1632 res = hostapd_drv_send_mlme(hapd, buf, len, 0, NULL, 0, 0);
1633 os_free(buf);
1634 return res;
1635 }
1636
1637
hostapd_ctrl_iface_mgmt_tx_status_process(struct hostapd_data * hapd,char * cmd)1638 static int hostapd_ctrl_iface_mgmt_tx_status_process(struct hostapd_data *hapd,
1639 char *cmd)
1640 {
1641 char *pos, *param;
1642 size_t len;
1643 u8 *buf;
1644 int stype = 0, ok = 0;
1645 union wpa_event_data event;
1646
1647 if (!hapd->ext_mgmt_frame_handling)
1648 return -1;
1649
1650 /* stype=<val> ok=<0/1> buf=<frame hexdump> */
1651
1652 wpa_printf(MSG_DEBUG, "External MGMT TX status process: %s", cmd);
1653
1654 pos = cmd;
1655 param = os_strstr(pos, "stype=");
1656 if (param) {
1657 param += 6;
1658 stype = atoi(param);
1659 }
1660
1661 param = os_strstr(pos, " ok=");
1662 if (param) {
1663 param += 4;
1664 ok = atoi(param);
1665 }
1666
1667 param = os_strstr(pos, " buf=");
1668 if (!param)
1669 return -1;
1670 param += 5;
1671
1672 len = os_strlen(param);
1673 if (len & 1)
1674 return -1;
1675 len /= 2;
1676
1677 buf = os_malloc(len);
1678 if (!buf || hexstr2bin(param, buf, len) < 0) {
1679 os_free(buf);
1680 return -1;
1681 }
1682
1683 os_memset(&event, 0, sizeof(event));
1684 event.tx_status.type = WLAN_FC_TYPE_MGMT;
1685 event.tx_status.data = buf;
1686 event.tx_status.data_len = len;
1687 event.tx_status.stype = stype;
1688 event.tx_status.ack = ok;
1689 hapd->ext_mgmt_frame_handling = 0;
1690 wpa_supplicant_event(hapd, EVENT_TX_STATUS, &event);
1691 hapd->ext_mgmt_frame_handling = 1;
1692
1693 os_free(buf);
1694
1695 return 0;
1696 }
1697
1698
hostapd_ctrl_iface_mgmt_rx_process(struct hostapd_data * hapd,char * cmd)1699 static int hostapd_ctrl_iface_mgmt_rx_process(struct hostapd_data *hapd,
1700 char *cmd)
1701 {
1702 char *pos, *param;
1703 size_t len;
1704 u8 *buf;
1705 int freq = 0, datarate = 0, ssi_signal = 0;
1706 union wpa_event_data event;
1707
1708 if (!hapd->ext_mgmt_frame_handling)
1709 return -1;
1710
1711 /* freq=<MHz> datarate=<val> ssi_signal=<val> frame=<frame hexdump> */
1712
1713 wpa_printf(MSG_DEBUG, "External MGMT RX process: %s", cmd);
1714
1715 pos = cmd;
1716 param = os_strstr(pos, "freq=");
1717 if (param) {
1718 param += 5;
1719 freq = atoi(param);
1720 }
1721
1722 param = os_strstr(pos, " datarate=");
1723 if (param) {
1724 param += 10;
1725 datarate = atoi(param);
1726 }
1727
1728 param = os_strstr(pos, " ssi_signal=");
1729 if (param) {
1730 param += 12;
1731 ssi_signal = atoi(param);
1732 }
1733
1734 param = os_strstr(pos, " frame=");
1735 if (param == NULL)
1736 return -1;
1737 param += 7;
1738
1739 len = os_strlen(param);
1740 if (len & 1)
1741 return -1;
1742 len /= 2;
1743
1744 buf = os_malloc(len);
1745 if (buf == NULL)
1746 return -1;
1747
1748 if (hexstr2bin(param, buf, len) < 0) {
1749 os_free(buf);
1750 return -1;
1751 }
1752
1753 os_memset(&event, 0, sizeof(event));
1754 event.rx_mgmt.freq = freq;
1755 event.rx_mgmt.frame = buf;
1756 event.rx_mgmt.frame_len = len;
1757 event.rx_mgmt.ssi_signal = ssi_signal;
1758 event.rx_mgmt.datarate = datarate;
1759 hapd->ext_mgmt_frame_handling = 0;
1760 wpa_supplicant_event(hapd, EVENT_RX_MGMT, &event);
1761 hapd->ext_mgmt_frame_handling = 1;
1762
1763 os_free(buf);
1764
1765 return 0;
1766 }
1767
1768
hostapd_ctrl_iface_eapol_rx(struct hostapd_data * hapd,char * cmd)1769 static int hostapd_ctrl_iface_eapol_rx(struct hostapd_data *hapd, char *cmd)
1770 {
1771 char *pos;
1772 u8 src[ETH_ALEN], *buf;
1773 int used;
1774 size_t len;
1775
1776 wpa_printf(MSG_DEBUG, "External EAPOL RX: %s", cmd);
1777
1778 pos = cmd;
1779 used = hwaddr_aton2(pos, src);
1780 if (used < 0)
1781 return -1;
1782 pos += used;
1783 while (*pos == ' ')
1784 pos++;
1785
1786 len = os_strlen(pos);
1787 if (len & 1)
1788 return -1;
1789 len /= 2;
1790
1791 buf = os_malloc(len);
1792 if (buf == NULL)
1793 return -1;
1794
1795 if (hexstr2bin(pos, buf, len) < 0) {
1796 os_free(buf);
1797 return -1;
1798 }
1799
1800 ieee802_1x_receive(hapd, src, buf, len, FRAME_ENCRYPTION_UNKNOWN);
1801 os_free(buf);
1802
1803 return 0;
1804 }
1805
1806
hostapd_ctrl_iface_eapol_tx(struct hostapd_data * hapd,char * cmd)1807 static int hostapd_ctrl_iface_eapol_tx(struct hostapd_data *hapd, char *cmd)
1808 {
1809 char *pos, *pos2;
1810 u8 dst[ETH_ALEN], *buf;
1811 int used, ret;
1812 size_t len;
1813 unsigned int prev;
1814 int encrypt = 0;
1815
1816 wpa_printf(MSG_DEBUG, "External EAPOL TX: %s", cmd);
1817
1818 pos = cmd;
1819 used = hwaddr_aton2(pos, dst);
1820 if (used < 0)
1821 return -1;
1822 pos += used;
1823 while (*pos == ' ')
1824 pos++;
1825
1826 pos2 = os_strchr(pos, ' ');
1827 if (pos2) {
1828 len = pos2 - pos;
1829 encrypt = os_strstr(pos2, "encrypt=1") != NULL;
1830 } else {
1831 len = os_strlen(pos);
1832 }
1833 if (len & 1)
1834 return -1;
1835 len /= 2;
1836
1837 buf = os_malloc(len);
1838 if (!buf || hexstr2bin(pos, buf, len) < 0) {
1839 os_free(buf);
1840 return -1;
1841 }
1842
1843 prev = hapd->ext_eapol_frame_io;
1844 hapd->ext_eapol_frame_io = 0;
1845 ret = hostapd_wpa_auth_send_eapol(hapd, dst, buf, len, encrypt);
1846 hapd->ext_eapol_frame_io = prev;
1847 os_free(buf);
1848
1849 return ret;
1850 }
1851
1852
ipv4_hdr_checksum(const void * buf,size_t len)1853 static u16 ipv4_hdr_checksum(const void *buf, size_t len)
1854 {
1855 size_t i;
1856 u32 sum = 0;
1857 const u16 *pos = buf;
1858
1859 for (i = 0; i < len / 2; i++)
1860 sum += *pos++;
1861
1862 while (sum >> 16)
1863 sum = (sum & 0xffff) + (sum >> 16);
1864
1865 return sum ^ 0xffff;
1866 }
1867
1868
1869 #define HWSIM_PACKETLEN 1500
1870 #define HWSIM_IP_LEN (HWSIM_PACKETLEN - sizeof(struct ether_header))
1871
hostapd_data_test_rx(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)1872 static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
1873 size_t len)
1874 {
1875 struct hostapd_data *hapd = ctx;
1876 const struct ether_header *eth;
1877 struct ip ip;
1878 const u8 *pos;
1879 unsigned int i;
1880 char extra[30];
1881
1882 if (len < sizeof(*eth) + sizeof(ip) || len > HWSIM_PACKETLEN) {
1883 wpa_printf(MSG_DEBUG,
1884 "test data: RX - ignore unexpected length %d",
1885 (int) len);
1886 return;
1887 }
1888
1889 eth = (const struct ether_header *) buf;
1890 os_memcpy(&ip, eth + 1, sizeof(ip));
1891 pos = &buf[sizeof(*eth) + sizeof(ip)];
1892
1893 if (ip.ip_hl != 5 || ip.ip_v != 4 ||
1894 ntohs(ip.ip_len) > HWSIM_IP_LEN) {
1895 wpa_printf(MSG_DEBUG,
1896 "test data: RX - ignore unexpected IP header");
1897 return;
1898 }
1899
1900 for (i = 0; i < ntohs(ip.ip_len) - sizeof(ip); i++) {
1901 if (*pos != (u8) i) {
1902 wpa_printf(MSG_DEBUG,
1903 "test data: RX - ignore mismatching payload");
1904 return;
1905 }
1906 pos++;
1907 }
1908
1909 extra[0] = '\0';
1910 if (ntohs(ip.ip_len) != HWSIM_IP_LEN)
1911 os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.ip_len));
1912 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_INFO, "DATA-TEST-RX " MACSTR " " MACSTR "%s",
1913 MAC2STR(eth->ether_dhost), MAC2STR(eth->ether_shost), extra);
1914 wpa_printf(MSG_INFO, "DATA-TEST-RX " MACSTR_SEC " " MACSTR_SEC "%s",
1915 MAC2STR_SEC(eth->ether_dhost), MAC2STR_SEC(eth->ether_shost), extra);
1916 }
1917
1918
hostapd_ctrl_iface_data_test_config(struct hostapd_data * hapd,char * cmd)1919 static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd,
1920 char *cmd)
1921 {
1922 int enabled = atoi(cmd);
1923 char *pos;
1924 const char *ifname;
1925 const u8 *addr = hapd->own_addr;
1926
1927 if (!enabled) {
1928 if (hapd->l2_test) {
1929 l2_packet_deinit(hapd->l2_test);
1930 hapd->l2_test = NULL;
1931 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
1932 "test data: Disabled");
1933 }
1934 return 0;
1935 }
1936
1937 if (hapd->l2_test)
1938 return 0;
1939
1940 pos = os_strstr(cmd, " ifname=");
1941 if (pos)
1942 ifname = pos + 8;
1943 else
1944 ifname = hapd->conf->iface;
1945
1946 #ifdef CONFIG_IEEE80211BE
1947 if (hapd->conf->mld_ap)
1948 addr = hapd->mld->mld_addr;
1949 #endif /* CONFIG_IEEE80211BE */
1950 hapd->l2_test = l2_packet_init(ifname, addr,
1951 ETHERTYPE_IP, hostapd_data_test_rx,
1952 hapd, 1);
1953 if (hapd->l2_test == NULL)
1954 return -1;
1955
1956 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: Enabled");
1957
1958 return 0;
1959 }
1960
1961
hostapd_ctrl_iface_data_test_tx(struct hostapd_data * hapd,char * cmd)1962 static int hostapd_ctrl_iface_data_test_tx(struct hostapd_data *hapd, char *cmd)
1963 {
1964 u8 dst[ETH_ALEN], src[ETH_ALEN];
1965 char *pos, *pos2;
1966 int used;
1967 long int val;
1968 u8 tos;
1969 u8 buf[2 + HWSIM_PACKETLEN];
1970 struct ether_header *eth;
1971 struct ip *ip;
1972 u8 *dpos;
1973 unsigned int i;
1974 size_t send_len = HWSIM_IP_LEN;
1975
1976 if (hapd->l2_test == NULL)
1977 return -1;
1978
1979 /* format: <dst> <src> <tos> [len=<length>] */
1980
1981 pos = cmd;
1982 used = hwaddr_aton2(pos, dst);
1983 if (used < 0)
1984 return -1;
1985 pos += used;
1986 while (*pos == ' ')
1987 pos++;
1988 used = hwaddr_aton2(pos, src);
1989 if (used < 0)
1990 return -1;
1991 pos += used;
1992
1993 val = strtol(pos, &pos2, 0);
1994 if (val < 0 || val > 0xff)
1995 return -1;
1996 tos = val;
1997
1998 pos = os_strstr(pos2, " len=");
1999 if (pos) {
2000 i = atoi(pos + 5);
2001 if (i < sizeof(*ip) || i > HWSIM_IP_LEN)
2002 return -1;
2003 send_len = i;
2004 }
2005
2006 eth = (struct ether_header *) &buf[2];
2007 os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
2008 os_memcpy(eth->ether_shost, src, ETH_ALEN);
2009 eth->ether_type = htons(ETHERTYPE_IP);
2010 ip = (struct ip *) (eth + 1);
2011 os_memset(ip, 0, sizeof(*ip));
2012 ip->ip_hl = 5;
2013 ip->ip_v = 4;
2014 ip->ip_ttl = 64;
2015 ip->ip_tos = tos;
2016 ip->ip_len = htons(send_len);
2017 ip->ip_p = 1;
2018 ip->ip_src.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
2019 ip->ip_dst.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
2020 ip->ip_sum = ipv4_hdr_checksum(ip, sizeof(*ip));
2021 dpos = (u8 *) (ip + 1);
2022 for (i = 0; i < send_len - sizeof(*ip); i++)
2023 *dpos++ = i;
2024
2025 if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, &buf[2],
2026 sizeof(struct ether_header) + send_len) < 0)
2027 return -1;
2028
2029 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_DEBUG, "test data: TX dst=" MACSTR
2030 " src=" MACSTR " tos=0x%x", MAC2STR(dst), MAC2STR(src), tos);
2031 wpa_printf(MSG_DEBUG, "test data: TX dst=" MACSTR_SEC
2032 " src=" MACSTR_SEC " tos=0x%x", MAC2STR_SEC(dst), MAC2STR_SEC(src), tos);
2033
2034 return 0;
2035 }
2036
2037
hostapd_ctrl_iface_data_test_frame(struct hostapd_data * hapd,char * cmd)2038 static int hostapd_ctrl_iface_data_test_frame(struct hostapd_data *hapd,
2039 char *cmd)
2040 {
2041 u8 *buf;
2042 struct ether_header *eth;
2043 struct l2_packet_data *l2 = NULL;
2044 size_t len;
2045 u16 ethertype;
2046 int res = -1;
2047 const char *ifname = hapd->conf->iface;
2048
2049 if (os_strncmp(cmd, "ifname=", 7) == 0) {
2050 cmd += 7;
2051 ifname = cmd;
2052 cmd = os_strchr(cmd, ' ');
2053 if (cmd == NULL)
2054 return -1;
2055 *cmd++ = '\0';
2056 }
2057
2058 len = os_strlen(cmd);
2059 if (len & 1 || len < ETH_HLEN * 2)
2060 return -1;
2061 len /= 2;
2062
2063 buf = os_malloc(len);
2064 if (buf == NULL)
2065 return -1;
2066
2067 if (hexstr2bin(cmd, buf, len) < 0)
2068 goto done;
2069
2070 eth = (struct ether_header *) buf;
2071 ethertype = ntohs(eth->ether_type);
2072
2073 l2 = l2_packet_init(ifname, hapd->own_addr, ethertype,
2074 hostapd_data_test_rx, hapd, 1);
2075 if (l2 == NULL)
2076 goto done;
2077
2078 res = l2_packet_send(l2, eth->ether_dhost, ethertype, buf, len);
2079 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX frame res=%d", res);
2080 done:
2081 if (l2)
2082 l2_packet_deinit(l2);
2083 os_free(buf);
2084
2085 return res < 0 ? -1 : 0;
2086 }
2087
2088
hostapd_ctrl_reset_pn(struct hostapd_data * hapd,const char * cmd)2089 static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
2090 {
2091 struct sta_info *sta;
2092 u8 addr[ETH_ALEN];
2093 u8 zero[WPA_TK_MAX_LEN];
2094
2095 os_memset(zero, 0, sizeof(zero));
2096
2097 if (hwaddr_aton(cmd, addr))
2098 return -1;
2099
2100 if (is_broadcast_ether_addr(addr) && os_strstr(cmd, " BIGTK")) {
2101 if (hapd->last_bigtk_alg == WPA_ALG_NONE)
2102 return -1;
2103
2104 wpa_printf(MSG_INFO, "TESTING: Reset BIPN for BIGTK");
2105
2106 /* First, use a zero key to avoid any possible duplicate key
2107 * avoidance in the driver. */
2108 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2109 hapd->last_bigtk_alg,
2110 broadcast_ether_addr,
2111 hapd->last_bigtk_key_idx, 0, 1, NULL, 0,
2112 zero, hapd->last_bigtk_len,
2113 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2114 return -1;
2115
2116 /* Set the previously configured key to reset its TSC */
2117 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2118 hapd->last_bigtk_alg,
2119 broadcast_ether_addr,
2120 hapd->last_bigtk_key_idx, 0, 1, NULL,
2121 0, hapd->last_bigtk,
2122 hapd->last_bigtk_len,
2123 KEY_FLAG_GROUP_TX_DEFAULT);
2124 }
2125
2126 if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) {
2127 if (hapd->last_igtk_alg == WPA_ALG_NONE)
2128 return -1;
2129
2130 wpa_printf(MSG_INFO, "TESTING: Reset IPN for IGTK");
2131
2132 /* First, use a zero key to avoid any possible duplicate key
2133 * avoidance in the driver. */
2134 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2135 hapd->last_igtk_alg,
2136 broadcast_ether_addr,
2137 hapd->last_igtk_key_idx, 0, 1, NULL, 0,
2138 zero, hapd->last_igtk_len,
2139 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2140 return -1;
2141
2142 /* Set the previously configured key to reset its TSC */
2143 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2144 hapd->last_igtk_alg,
2145 broadcast_ether_addr,
2146 hapd->last_igtk_key_idx, 0, 1, NULL,
2147 0, hapd->last_igtk,
2148 hapd->last_igtk_len,
2149 KEY_FLAG_GROUP_TX_DEFAULT);
2150 }
2151
2152 if (is_broadcast_ether_addr(addr)) {
2153 if (hapd->last_gtk_alg == WPA_ALG_NONE)
2154 return -1;
2155
2156 wpa_printf(MSG_INFO, "TESTING: Reset PN for GTK");
2157
2158 /* First, use a zero key to avoid any possible duplicate key
2159 * avoidance in the driver. */
2160 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2161 hapd->last_gtk_alg,
2162 broadcast_ether_addr,
2163 hapd->last_gtk_key_idx, 0, 1, NULL, 0,
2164 zero, hapd->last_gtk_len,
2165 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2166 return -1;
2167
2168 /* Set the previously configured key to reset its TSC */
2169 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2170 hapd->last_gtk_alg,
2171 broadcast_ether_addr,
2172 hapd->last_gtk_key_idx, 0, 1, NULL,
2173 0, hapd->last_gtk,
2174 hapd->last_gtk_len,
2175 KEY_FLAG_GROUP_TX_DEFAULT);
2176 }
2177
2178 sta = ap_get_sta(hapd, addr);
2179 if (!sta)
2180 return -1;
2181
2182 if (sta->last_tk_alg == WPA_ALG_NONE)
2183 return -1;
2184
2185 wpa_printf(MSG_INFO, "TESTING: Reset PN for " MACSTR_SEC,
2186 MAC2STR_SEC(sta->addr));
2187
2188 /* First, use a zero key to avoid any possible duplicate key avoidance
2189 * in the driver. */
2190 if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2191 sta->addr, sta->last_tk_key_idx, 0, 1, NULL, 0,
2192 zero, sta->last_tk_len,
2193 KEY_FLAG_PAIRWISE_RX_TX) < 0)
2194 return -1;
2195
2196 /* Set the previously configured key to reset its TSC/RSC */
2197 return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2198 sta->addr, sta->last_tk_key_idx, 0, 1, NULL,
2199 0, sta->last_tk, sta->last_tk_len,
2200 KEY_FLAG_PAIRWISE_RX_TX);
2201 }
2202
2203
hostapd_ctrl_set_key(struct hostapd_data * hapd,const char * cmd)2204 static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd)
2205 {
2206 u8 addr[ETH_ALEN];
2207 const char *pos = cmd;
2208 enum wpa_alg alg;
2209 enum key_flag key_flag;
2210 int idx, set_tx;
2211 u8 seq[6], key[WPA_TK_MAX_LEN];
2212 size_t key_len;
2213
2214 /* parameters: alg addr idx set_tx seq key key_flag */
2215
2216 alg = atoi(pos);
2217 pos = os_strchr(pos, ' ');
2218 if (!pos)
2219 return -1;
2220 pos++;
2221 if (hwaddr_aton(pos, addr))
2222 return -1;
2223 pos += 17;
2224 if (*pos != ' ')
2225 return -1;
2226 pos++;
2227 idx = atoi(pos);
2228 pos = os_strchr(pos, ' ');
2229 if (!pos)
2230 return -1;
2231 pos++;
2232 set_tx = atoi(pos);
2233 pos = os_strchr(pos, ' ');
2234 if (!pos)
2235 return -1;
2236 pos++;
2237 if (hexstr2bin(pos, seq, sizeof(seq)) < 0)
2238 return -1;
2239 pos += 2 * 6;
2240 if (*pos != ' ')
2241 return -1;
2242 pos++;
2243 if (!os_strchr(pos, ' '))
2244 return -1;
2245 key_len = (os_strchr(pos, ' ') - pos) / 2;
2246 if (hexstr2bin(pos, key, key_len) < 0)
2247 return -1;
2248 pos += 2 * key_len;
2249 if (*pos != ' ')
2250 return -1;
2251
2252 pos++;
2253 key_flag = atoi(pos);
2254 pos = os_strchr(pos, ' ');
2255 if (pos)
2256 return -1;
2257
2258 wpa_printf(MSG_INFO, "TESTING: Set key");
2259 return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx, 0,
2260 set_tx, seq, 6, key, key_len, key_flag);
2261 }
2262
2263
restore_tk(void * ctx1,void * ctx2)2264 static void restore_tk(void *ctx1, void *ctx2)
2265 {
2266 struct hostapd_data *hapd = ctx1;
2267 struct sta_info *sta = ctx2;
2268
2269 wpa_printf(MSG_INFO, "TESTING: Restore TK for " MACSTR_SEC,
2270 MAC2STR_SEC(sta->addr));
2271 /* This does not really restore the TSC properly, so this will result
2272 * in replay protection issues for now since there is no clean way of
2273 * preventing encryption of a single EAPOL frame. */
2274 hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2275 sta->addr, sta->last_tk_key_idx, 0, 1, NULL, 0,
2276 sta->last_tk, sta->last_tk_len,
2277 KEY_FLAG_PAIRWISE_RX_TX);
2278 }
2279
2280
hostapd_ctrl_resend_m1(struct hostapd_data * hapd,const char * cmd)2281 static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd)
2282 {
2283 struct sta_info *sta;
2284 u8 addr[ETH_ALEN];
2285 int plain = os_strstr(cmd, "plaintext") != NULL;
2286
2287 if (hwaddr_aton(cmd, addr))
2288 return -1;
2289
2290 sta = ap_get_sta(hapd, addr);
2291 if (!sta || !sta->wpa_sm)
2292 return -1;
2293
2294 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2295 plain = 0; /* no need for special processing */
2296 if (plain) {
2297 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR_SEC,
2298 MAC2STR_SEC(sta->addr));
2299 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2300 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2301 0, NULL, 0, KEY_FLAG_PAIRWISE);
2302 }
2303
2304 wpa_printf(MSG_INFO, "TESTING: Send M1 to " MACSTR_SEC, MAC2STR_SEC(sta->addr));
2305 return wpa_auth_resend_m1(sta->wpa_sm,
2306 os_strstr(cmd, "change-anonce") != NULL,
2307 plain ? restore_tk : NULL, hapd, sta);
2308 }
2309
2310
hostapd_ctrl_resend_m3(struct hostapd_data * hapd,const char * cmd)2311 static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd)
2312 {
2313 struct sta_info *sta;
2314 u8 addr[ETH_ALEN];
2315 int plain = os_strstr(cmd, "plaintext") != NULL;
2316
2317 if (hwaddr_aton(cmd, addr))
2318 return -1;
2319
2320 sta = ap_get_sta(hapd, addr);
2321 if (!sta || !sta->wpa_sm)
2322 return -1;
2323
2324 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2325 plain = 0; /* no need for special processing */
2326 if (plain) {
2327 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR_SEC,
2328 MAC2STR_SEC(sta->addr));
2329 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2330 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2331 0, NULL, 0, KEY_FLAG_PAIRWISE);
2332 }
2333
2334 wpa_printf(MSG_INFO, "TESTING: Send M3 to " MACSTR_SEC, MAC2STR_SEC(sta->addr));
2335 return wpa_auth_resend_m3(sta->wpa_sm,
2336 plain ? restore_tk : NULL, hapd, sta);
2337 }
2338
2339
hostapd_ctrl_resend_group_m1(struct hostapd_data * hapd,const char * cmd)2340 static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd,
2341 const char *cmd)
2342 {
2343 struct sta_info *sta;
2344 u8 addr[ETH_ALEN];
2345 int plain = os_strstr(cmd, "plaintext") != NULL;
2346
2347 if (hwaddr_aton(cmd, addr))
2348 return -1;
2349
2350 sta = ap_get_sta(hapd, addr);
2351 if (!sta || !sta->wpa_sm)
2352 return -1;
2353
2354 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2355 plain = 0; /* no need for special processing */
2356 if (plain) {
2357 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR_SEC,
2358 MAC2STR_SEC(sta->addr));
2359 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2360 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2361 0, NULL, 0, KEY_FLAG_PAIRWISE);
2362 }
2363
2364 wpa_printf(MSG_INFO,
2365 "TESTING: Send group M1 for the same GTK and zero RSC to "
2366 MACSTR_SEC, MAC2STR_SEC(sta->addr));
2367 return wpa_auth_resend_group_m1(sta->wpa_sm,
2368 plain ? restore_tk : NULL, hapd, sta);
2369 }
2370
2371
hostapd_ctrl_rekey_ptk(struct hostapd_data * hapd,const char * cmd)2372 static int hostapd_ctrl_rekey_ptk(struct hostapd_data *hapd, const char *cmd)
2373 {
2374 struct sta_info *sta;
2375 u8 addr[ETH_ALEN];
2376
2377 if (hwaddr_aton(cmd, addr))
2378 return -1;
2379
2380 sta = ap_get_sta(hapd, addr);
2381 if (!sta || !sta->wpa_sm)
2382 return -1;
2383
2384 return wpa_auth_rekey_ptk(hapd->wpa_auth, sta->wpa_sm);
2385 }
2386
2387
hostapd_ctrl_get_pmksa_pmk(struct hostapd_data * hapd,const u8 * addr,char * buf,size_t buflen)2388 static int hostapd_ctrl_get_pmksa_pmk(struct hostapd_data *hapd, const u8 *addr,
2389 char *buf, size_t buflen)
2390 {
2391 struct rsn_pmksa_cache_entry *pmksa;
2392
2393 pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, addr, NULL);
2394 if (!pmksa)
2395 return -1;
2396
2397 return wpa_snprintf_hex(buf, buflen, pmksa->pmk, pmksa->pmk_len);
2398 }
2399
2400
hostapd_ctrl_get_pmk(struct hostapd_data * hapd,const char * cmd,char * buf,size_t buflen)2401 static int hostapd_ctrl_get_pmk(struct hostapd_data *hapd, const char *cmd,
2402 char *buf, size_t buflen)
2403 {
2404 struct sta_info *sta;
2405 u8 addr[ETH_ALEN];
2406 const u8 *pmk;
2407 int pmk_len;
2408
2409 if (hwaddr_aton(cmd, addr))
2410 return -1;
2411
2412 sta = ap_get_sta(hapd, addr);
2413 if (!sta || !sta->wpa_sm) {
2414 wpa_printf(MSG_DEBUG, "No STA WPA state machine for " MACSTR_SEC,
2415 MAC2STR_SEC(addr));
2416 return hostapd_ctrl_get_pmksa_pmk(hapd, addr, buf, buflen);
2417 }
2418 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
2419 if (!pmk || !pmk_len) {
2420 wpa_printf(MSG_DEBUG, "No PMK stored for " MACSTR_SEC,
2421 MAC2STR_SEC(addr));
2422 return hostapd_ctrl_get_pmksa_pmk(hapd, addr, buf, buflen);
2423 }
2424
2425 return wpa_snprintf_hex(buf, buflen, pmk, pmk_len);
2426 }
2427
2428
hostapd_ctrl_register_frame(struct hostapd_data * hapd,const char * cmd)2429 static int hostapd_ctrl_register_frame(struct hostapd_data *hapd,
2430 const char *cmd)
2431 {
2432 u16 type;
2433 char *pos, *end;
2434 u8 match[10];
2435 size_t match_len;
2436 bool multicast = false;
2437
2438 type = strtol(cmd, &pos, 16);
2439 if (*pos != ' ')
2440 return -1;
2441 pos++;
2442 end = os_strchr(pos, ' ');
2443 if (end) {
2444 match_len = end - pos;
2445 multicast = os_strstr(end, "multicast") != NULL;
2446 } else {
2447 match_len = os_strlen(pos) / 2;
2448 }
2449 if (hexstr2bin(pos, match, match_len))
2450 return -1;
2451
2452 return hostapd_drv_register_frame(hapd, type, match, match_len,
2453 multicast);
2454 }
2455
2456 #endif /* CONFIG_TESTING_OPTIONS */
2457
2458
2459 #ifdef NEED_AP_MLME
hostapd_ctrl_check_freq_params(struct hostapd_freq_params * params,u16 punct_bitmap)2460 static int hostapd_ctrl_check_freq_params(struct hostapd_freq_params *params,
2461 u16 punct_bitmap)
2462 {
2463 u32 start_freq;
2464
2465 if (is_6ghz_freq(params->freq)) {
2466 const int bw_idx[] = { 20, 40, 80, 160, 320 };
2467 int idx, bw;
2468
2469 /* The 6 GHz band requires HE to be enabled. */
2470 params->he_enabled = 1;
2471
2472 if (params->center_freq1) {
2473 if (params->freq == 5935)
2474 idx = (params->center_freq1 - 5925) / 5;
2475 else
2476 idx = (params->center_freq1 - 5950) / 5;
2477
2478 bw = center_idx_to_bw_6ghz(idx);
2479 if (bw < 0 || bw > (int) ARRAY_SIZE(bw_idx) ||
2480 bw_idx[bw] != params->bandwidth)
2481 return -1;
2482 }
2483 } else { /* Non-6 GHz channel */
2484 /* An EHT STA is also an HE STA as defined in
2485 * IEEE P802.11be/D5.0, 4.3.16a. */
2486 if (params->he_enabled || params->eht_enabled) {
2487 params->he_enabled = 1;
2488 /* An HE STA is also a VHT STA if operating in the 5 GHz
2489 * band and an HE STA is also an HT STA in the 2.4 GHz
2490 * band as defined in IEEE Std 802.11ax-2021, 4.3.15a.
2491 * A VHT STA is an HT STA as defined in IEEE
2492 * Std 802.11, 4.3.15. */
2493 if (IS_5GHZ(params->freq))
2494 params->vht_enabled = 1;
2495
2496 params->ht_enabled = 1;
2497 }
2498 }
2499
2500 switch (params->bandwidth) {
2501 case 0:
2502 /* bandwidth not specified: use 20 MHz by default */
2503 /* fall-through */
2504 case 20:
2505 if (params->center_freq1 &&
2506 params->center_freq1 != params->freq)
2507 return -1;
2508
2509 if (params->center_freq2 || params->sec_channel_offset)
2510 return -1;
2511
2512 if (punct_bitmap)
2513 return -1;
2514 break;
2515 case 40:
2516 if (params->center_freq2 || !params->sec_channel_offset)
2517 return -1;
2518
2519 if (punct_bitmap)
2520 return -1;
2521
2522 if (!params->center_freq1)
2523 break;
2524 switch (params->sec_channel_offset) {
2525 case 1:
2526 if (params->freq + 10 != params->center_freq1)
2527 return -1;
2528 break;
2529 case -1:
2530 if (params->freq - 10 != params->center_freq1)
2531 return -1;
2532 break;
2533 default:
2534 return -1;
2535 }
2536 break;
2537 case 80:
2538 if (!params->center_freq1 || !params->sec_channel_offset)
2539 return 1;
2540
2541 switch (params->sec_channel_offset) {
2542 case 1:
2543 if (params->freq - 10 != params->center_freq1 &&
2544 params->freq + 30 != params->center_freq1)
2545 return 1;
2546 break;
2547 case -1:
2548 if (params->freq + 10 != params->center_freq1 &&
2549 params->freq - 30 != params->center_freq1)
2550 return -1;
2551 break;
2552 default:
2553 return -1;
2554 }
2555
2556 if (params->center_freq2 && punct_bitmap)
2557 return -1;
2558
2559 /* Adjacent and overlapped are not allowed for 80+80 */
2560 if (params->center_freq2 &&
2561 params->center_freq1 - params->center_freq2 <= 80 &&
2562 params->center_freq2 - params->center_freq1 <= 80)
2563 return 1;
2564 break;
2565 case 160:
2566 if (!params->center_freq1 || params->center_freq2 ||
2567 !params->sec_channel_offset)
2568 return -1;
2569
2570 switch (params->sec_channel_offset) {
2571 case 1:
2572 if (params->freq + 70 != params->center_freq1 &&
2573 params->freq + 30 != params->center_freq1 &&
2574 params->freq - 10 != params->center_freq1 &&
2575 params->freq - 50 != params->center_freq1)
2576 return -1;
2577 break;
2578 case -1:
2579 if (params->freq + 50 != params->center_freq1 &&
2580 params->freq + 10 != params->center_freq1 &&
2581 params->freq - 30 != params->center_freq1 &&
2582 params->freq - 70 != params->center_freq1)
2583 return -1;
2584 break;
2585 default:
2586 return -1;
2587 }
2588 break;
2589 case 320:
2590 if (!params->center_freq1 || params->center_freq2 ||
2591 !params->sec_channel_offset)
2592 return -1;
2593
2594 switch (params->sec_channel_offset) {
2595 case 1:
2596 if (params->freq + 150 != params->center_freq1 &&
2597 params->freq + 110 != params->center_freq1 &&
2598 params->freq + 70 != params->center_freq1 &&
2599 params->freq + 30 != params->center_freq1 &&
2600 params->freq - 10 != params->center_freq1 &&
2601 params->freq - 50 != params->center_freq1 &&
2602 params->freq - 90 != params->center_freq1 &&
2603 params->freq - 130 != params->center_freq1)
2604 return -1;
2605 break;
2606 case -1:
2607 if (params->freq + 130 != params->center_freq1 &&
2608 params->freq + 90 != params->center_freq1 &&
2609 params->freq + 50 != params->center_freq1 &&
2610 params->freq + 10 != params->center_freq1 &&
2611 params->freq - 30 != params->center_freq1 &&
2612 params->freq - 70 != params->center_freq1 &&
2613 params->freq - 110 != params->center_freq1 &&
2614 params->freq - 150 != params->center_freq1)
2615 return -1;
2616 break;
2617 }
2618 break;
2619 default:
2620 return -1;
2621 }
2622
2623 if (!punct_bitmap)
2624 return 0;
2625
2626 if (!params->eht_enabled) {
2627 wpa_printf(MSG_ERROR,
2628 "Preamble puncturing supported only in EHT");
2629 return -1;
2630 }
2631
2632 if (params->freq >= 2412 && params->freq <= 2484) {
2633 wpa_printf(MSG_ERROR,
2634 "Preamble puncturing is not supported in 2.4 GHz");
2635 return -1;
2636 }
2637
2638 start_freq = params->center_freq1 - (params->bandwidth / 2);
2639 if (!is_punct_bitmap_valid(params->bandwidth,
2640 (params->freq - start_freq) / 20,
2641 punct_bitmap)) {
2642 wpa_printf(MSG_ERROR, "Invalid preamble puncturing bitmap");
2643 return -1;
2644 }
2645
2646 return 0;
2647 }
2648 #endif /* NEED_AP_MLME */
2649
2650
hostapd_ctrl_iface_chan_switch(struct hostapd_iface * iface,char * pos)2651 static int hostapd_ctrl_iface_chan_switch(struct hostapd_iface *iface,
2652 char *pos)
2653 {
2654 #ifdef NEED_AP_MLME
2655 struct csa_settings settings;
2656 int ret;
2657 int dfs_range = 0;
2658 unsigned int i;
2659 int bandwidth;
2660 u8 chan;
2661 unsigned int num_err = 0;
2662 int err = 0;
2663
2664 ret = hostapd_parse_csa_settings(pos, &settings);
2665 if (ret)
2666 return ret;
2667
2668 settings.link_id = -1;
2669 #ifdef CONFIG_IEEE80211BE
2670 if (iface->num_bss && iface->bss[0]->conf->mld_ap)
2671 settings.link_id = iface->bss[0]->mld_link_id;
2672 #endif /* CONFIG_IEEE80211BE */
2673
2674 ret = hostapd_ctrl_check_freq_params(&settings.freq_params,
2675 settings.punct_bitmap);
2676 if (ret) {
2677 wpa_printf(MSG_INFO,
2678 "chanswitch: invalid frequency settings provided");
2679 return ret;
2680 }
2681
2682 switch (settings.freq_params.bandwidth) {
2683 case 40:
2684 bandwidth = CHAN_WIDTH_40;
2685 break;
2686 case 80:
2687 if (settings.freq_params.center_freq2)
2688 bandwidth = CHAN_WIDTH_80P80;
2689 else
2690 bandwidth = CHAN_WIDTH_80;
2691 break;
2692 case 160:
2693 bandwidth = CHAN_WIDTH_160;
2694 break;
2695 case 320:
2696 bandwidth = CHAN_WIDTH_320;
2697 break;
2698 default:
2699 bandwidth = CHAN_WIDTH_20;
2700 break;
2701 }
2702
2703 if (settings.freq_params.center_freq1)
2704 dfs_range += hostapd_is_dfs_overlap(
2705 iface, bandwidth, settings.freq_params.center_freq1);
2706 else
2707 dfs_range += hostapd_is_dfs_overlap(
2708 iface, bandwidth, settings.freq_params.freq);
2709
2710 if (settings.freq_params.center_freq2)
2711 dfs_range += hostapd_is_dfs_overlap(
2712 iface, bandwidth, settings.freq_params.center_freq2);
2713
2714 if (dfs_range) {
2715 ret = ieee80211_freq_to_chan(settings.freq_params.freq, &chan);
2716 if (ret == NUM_HOSTAPD_MODES) {
2717 wpa_printf(MSG_ERROR,
2718 "Failed to get channel for (freq=%d, sec_channel_offset=%d, bw=%d)",
2719 settings.freq_params.freq,
2720 settings.freq_params.sec_channel_offset,
2721 settings.freq_params.bandwidth);
2722 return -1;
2723 }
2724
2725 settings.freq_params.channel = chan;
2726
2727 wpa_printf(MSG_DEBUG,
2728 "DFS/CAC to (channel=%u, freq=%d, sec_channel_offset=%d, bw=%d, center_freq1=%d)",
2729 settings.freq_params.channel,
2730 settings.freq_params.freq,
2731 settings.freq_params.sec_channel_offset,
2732 settings.freq_params.bandwidth,
2733 settings.freq_params.center_freq1);
2734
2735 /* Perform CAC and switch channel */
2736 iface->is_ch_switch_dfs = true;
2737 hostapd_switch_channel_fallback(iface, &settings.freq_params);
2738 return 0;
2739 }
2740
2741 for (i = 0; i < iface->num_bss; i++) {
2742
2743 /* Save CHAN_SWITCH VHT, HE, and EHT config */
2744 hostapd_chan_switch_config(iface->bss[i],
2745 &settings.freq_params);
2746
2747 err = hostapd_switch_channel(iface->bss[i], &settings);
2748 if (err) {
2749 ret = err;
2750 num_err++;
2751 }
2752 }
2753
2754 return (iface->num_bss == num_err) ? ret : 0;
2755 #else /* NEED_AP_MLME */
2756 return -1;
2757 #endif /* NEED_AP_MLME */
2758 }
2759
2760
2761 #ifdef CONFIG_IEEE80211AX
hostapd_ctrl_iface_color_change(struct hostapd_iface * iface,const char * pos)2762 static int hostapd_ctrl_iface_color_change(struct hostapd_iface *iface,
2763 const char *pos)
2764 {
2765 #ifdef NEED_AP_MLME
2766 struct cca_settings settings;
2767 struct hostapd_data *hapd = iface->bss[0];
2768 int ret, color;
2769 unsigned int i;
2770 char *end;
2771
2772 os_memset(&settings, 0, sizeof(settings));
2773
2774 color = strtol(pos, &end, 10);
2775 if (pos == end || color < 0 || color > 63) {
2776 wpa_printf(MSG_ERROR, "color_change: Invalid color provided");
2777 return -1;
2778 }
2779
2780 /* Color value is expected to be [1-63]. If 0 comes, assumption is this
2781 * is to disable the color. In this case no need to do CCA, just
2782 * changing Beacon frames is sufficient. */
2783 if (color == 0) {
2784 if (iface->conf->he_op.he_bss_color_disabled) {
2785 wpa_printf(MSG_ERROR,
2786 "color_change: Color is already disabled");
2787 return -1;
2788 }
2789
2790 iface->conf->he_op.he_bss_color_disabled = 1;
2791
2792 for (i = 0; i < iface->num_bss; i++)
2793 ieee802_11_set_beacon(iface->bss[i]);
2794
2795 return 0;
2796 }
2797
2798 if (color == iface->conf->he_op.he_bss_color) {
2799 if (!iface->conf->he_op.he_bss_color_disabled) {
2800 wpa_printf(MSG_ERROR,
2801 "color_change: Provided color is already set");
2802 return -1;
2803 }
2804
2805 iface->conf->he_op.he_bss_color_disabled = 0;
2806
2807 for (i = 0; i < iface->num_bss; i++)
2808 ieee802_11_set_beacon(iface->bss[i]);
2809
2810 return 0;
2811 }
2812
2813 if (hapd->cca_in_progress) {
2814 wpa_printf(MSG_ERROR,
2815 "color_change: CCA is already in progress");
2816 return -1;
2817 }
2818
2819 iface->conf->he_op.he_bss_color_disabled = 0;
2820
2821 for (i = 0; i < iface->num_bss; i++) {
2822 struct hostapd_data *bss = iface->bss[i];
2823
2824 hostapd_cleanup_cca_params(bss);
2825
2826 bss->cca_color = color;
2827 bss->cca_count = 10;
2828
2829 if (hostapd_fill_cca_settings(bss, &settings)) {
2830 wpa_printf(MSG_DEBUG,
2831 "color_change: Filling CCA settings failed for color: %d\n",
2832 color);
2833 hostapd_cleanup_cca_params(bss);
2834 continue;
2835 }
2836
2837 wpa_printf(MSG_DEBUG, "Setting user selected color: %d", color);
2838 ret = hostapd_drv_switch_color(bss, &settings);
2839 if (ret)
2840 hostapd_cleanup_cca_params(bss);
2841
2842 free_beacon_data(&settings.beacon_cca);
2843 free_beacon_data(&settings.beacon_after);
2844 }
2845
2846 return 0;
2847 #else /* NEED_AP_MLME */
2848 return -1;
2849 #endif /* NEED_AP_MLME */
2850 }
2851 #endif /* CONFIG_IEEE80211AX */
2852
2853
hostapd_maxnss(struct hostapd_data * hapd,struct sta_info * sta)2854 static u8 hostapd_maxnss(struct hostapd_data *hapd, struct sta_info *sta)
2855 {
2856 u8 *mcs_set = NULL;
2857 u16 mcs_map;
2858 u8 ht_rx_nss = 0;
2859 u8 vht_rx_nss = 1;
2860 u8 mcs;
2861 bool ht_supported = false;
2862 bool vht_supported = false;
2863 int i;
2864
2865 if (sta->ht_capabilities && (sta->flags & WLAN_STA_HT)) {
2866 mcs_set = sta->ht_capabilities->supported_mcs_set;
2867 ht_supported = true;
2868 }
2869
2870 if (sta->vht_capabilities && (sta->flags & WLAN_STA_VHT)) {
2871 mcs_map = le_to_host16(
2872 sta->vht_capabilities->vht_supported_mcs_set.rx_map);
2873 vht_supported = true;
2874 }
2875
2876 if (ht_supported && mcs_set) {
2877 if (mcs_set[0])
2878 ht_rx_nss++;
2879 if (mcs_set[1])
2880 ht_rx_nss++;
2881 if (mcs_set[2])
2882 ht_rx_nss++;
2883 if (mcs_set[3])
2884 ht_rx_nss++;
2885 }
2886 if (vht_supported) {
2887 for (i = 7; i >= 0; i--) {
2888 mcs = (mcs_map >> (2 * i)) & 0x03;
2889 if (mcs != 0x03) {
2890 vht_rx_nss = i + 1;
2891 break;
2892 }
2893 }
2894 }
2895
2896 return ht_rx_nss > vht_rx_nss ? ht_rx_nss : vht_rx_nss;
2897 }
2898
2899
hostapd_ctrl_iface_notify_cw_htaction(struct hostapd_data * hapd,const u8 * addr,u8 width)2900 static char hostapd_ctrl_iface_notify_cw_htaction(struct hostapd_data *hapd,
2901 const u8 *addr, u8 width)
2902 {
2903 u8 buf[3];
2904 char ret;
2905
2906 width = width >= 1 ? 1 : 0;
2907
2908 buf[0] = WLAN_ACTION_HT;
2909 buf[1] = WLAN_HT_ACTION_NOTIFY_CHANWIDTH;
2910 buf[2] = width;
2911
2912 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
2913 buf, sizeof(buf));
2914 if (ret)
2915 wpa_printf(MSG_DEBUG,
2916 "Failed to send Notify Channel Width frame to "
2917 MACSTR, MAC2STR(addr));
2918
2919 return ret;
2920 }
2921
2922
hostapd_ctrl_iface_notify_cw_vhtaction(struct hostapd_data * hapd,const u8 * addr,u8 width)2923 static char hostapd_ctrl_iface_notify_cw_vhtaction(struct hostapd_data *hapd,
2924 const u8 *addr, u8 width)
2925 {
2926 u8 buf[3];
2927 char ret;
2928
2929 buf[0] = WLAN_ACTION_VHT;
2930 buf[1] = WLAN_VHT_ACTION_OPMODE_NOTIF;
2931 buf[2] = width;
2932
2933 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
2934 buf, sizeof(buf));
2935 if (ret)
2936 wpa_printf(MSG_DEBUG,
2937 "Failed to send Opeating Mode Notification frame to "
2938 MACSTR, MAC2STR(addr));
2939
2940 return ret;
2941 }
2942
2943
hostapd_ctrl_iface_notify_cw_change(struct hostapd_data * hapd,const char * cmd)2944 static char hostapd_ctrl_iface_notify_cw_change(struct hostapd_data *hapd,
2945 const char *cmd)
2946 {
2947 u8 cw, operating_mode = 0, nss;
2948 struct sta_info *sta;
2949 enum hostapd_hw_mode hw_mode;
2950
2951 if (is_6ghz_freq(hapd->iface->freq)) {
2952 wpa_printf(MSG_ERROR, "20/40 BSS coex not supported in 6 GHz");
2953 return -1;
2954 }
2955
2956 cw = atoi(cmd);
2957 hw_mode = hapd->iface->current_mode->mode;
2958 if ((hw_mode == HOSTAPD_MODE_IEEE80211G ||
2959 hw_mode == HOSTAPD_MODE_IEEE80211B) &&
2960 !(cw == 0 || cw == 1)) {
2961 wpa_printf(MSG_ERROR,
2962 "Channel width should be either 20 MHz or 40 MHz for 2.4 GHz band");
2963 return -1;
2964 }
2965
2966 switch (cw) {
2967 case 0:
2968 operating_mode = 0;
2969 break;
2970 case 1:
2971 operating_mode = VHT_OPMODE_CHANNEL_40MHZ;
2972 break;
2973 case 2:
2974 operating_mode = VHT_OPMODE_CHANNEL_80MHZ;
2975 break;
2976 case 3:
2977 operating_mode = VHT_OPMODE_CHANNEL_160MHZ;
2978 break;
2979 default:
2980 wpa_printf(MSG_ERROR, "Channel width should be between 0 to 3");
2981 return -1;
2982 }
2983
2984 for (sta = hapd->sta_list; sta; sta = sta->next) {
2985 if ((sta->flags & WLAN_STA_VHT) && sta->vht_capabilities) {
2986 nss = hostapd_maxnss(hapd, sta) - 1;
2987 hostapd_ctrl_iface_notify_cw_vhtaction(hapd, sta->addr,
2988 operating_mode |
2989 (u8) (nss << 4));
2990 continue;
2991 }
2992
2993 if ((sta->flags & (WLAN_STA_HT | WLAN_STA_VHT)) ==
2994 WLAN_STA_HT && sta->ht_capabilities)
2995 hostapd_ctrl_iface_notify_cw_htaction(hapd, sta->addr,
2996 cw);
2997 }
2998
2999 return 0;
3000 }
3001
3002
hostapd_ctrl_iface_mib(struct hostapd_data * hapd,char * reply,int reply_size,const char * param)3003 static int hostapd_ctrl_iface_mib(struct hostapd_data *hapd, char *reply,
3004 int reply_size, const char *param)
3005 {
3006 #ifdef RADIUS_SERVER
3007 if (os_strcmp(param, "radius_server") == 0) {
3008 return radius_server_get_mib(hapd->radius_srv, reply,
3009 reply_size);
3010 }
3011 #endif /* RADIUS_SERVER */
3012 return -1;
3013 }
3014
3015
hostapd_ctrl_iface_vendor(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)3016 static int hostapd_ctrl_iface_vendor(struct hostapd_data *hapd, char *cmd,
3017 char *buf, size_t buflen)
3018 {
3019 int ret;
3020 char *pos, *temp = NULL;
3021 u8 *data = NULL;
3022 unsigned int vendor_id, subcmd;
3023 enum nested_attr nested_attr_flag = NESTED_ATTR_UNSPECIFIED;
3024 struct wpabuf *reply;
3025 size_t data_len = 0;
3026
3027 /**
3028 * cmd: <vendor id> <subcommand id> [<hex formatted data>]
3029 * [nested=<0|1>]
3030 */
3031 vendor_id = strtoul(cmd, &pos, 16);
3032 if (!isblank((unsigned char) *pos))
3033 return -EINVAL;
3034
3035 subcmd = strtoul(pos, &pos, 10);
3036
3037 if (*pos != '\0') {
3038 if (!isblank((unsigned char) *pos++))
3039 return -EINVAL;
3040
3041 temp = os_strchr(pos, ' ');
3042 data_len = temp ? (size_t) (temp - pos) : os_strlen(pos);
3043 }
3044
3045 if (data_len) {
3046 data_len /= 2;
3047 data = os_malloc(data_len);
3048 if (!data)
3049 return -ENOBUFS;
3050
3051 if (hexstr2bin(pos, data, data_len)) {
3052 wpa_printf(MSG_DEBUG,
3053 "Vendor command: wrong parameter format");
3054 os_free(data);
3055 return -EINVAL;
3056 }
3057 }
3058
3059 pos = os_strstr(cmd, "nested=");
3060 if (pos)
3061 nested_attr_flag = atoi(pos + 7) ? NESTED_ATTR_USED :
3062 NESTED_ATTR_NOT_USED;
3063
3064 reply = wpabuf_alloc((buflen - 1) / 2);
3065 if (!reply) {
3066 os_free(data);
3067 return -ENOBUFS;
3068 }
3069
3070 ret = hostapd_drv_vendor_cmd(hapd, vendor_id, subcmd, data, data_len,
3071 nested_attr_flag, reply);
3072
3073 if (ret == 0)
3074 ret = wpa_snprintf_hex(buf, buflen, wpabuf_head_u8(reply),
3075 wpabuf_len(reply));
3076
3077 wpabuf_free(reply);
3078 os_free(data);
3079
3080 return ret;
3081 }
3082
3083
hostapd_ctrl_iface_eapol_reauth(struct hostapd_data * hapd,const char * cmd)3084 static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd,
3085 const char *cmd)
3086 {
3087 u8 addr[ETH_ALEN];
3088 struct sta_info *sta;
3089
3090 if (hwaddr_aton(cmd, addr))
3091 return -1;
3092
3093 sta = ap_get_sta(hapd, addr);
3094 if (!sta || !sta->eapol_sm)
3095 return -1;
3096
3097 eapol_auth_reauthenticate(sta->eapol_sm);
3098 return 0;
3099 }
3100
3101
hostapd_ctrl_iface_eapol_set(struct hostapd_data * hapd,char * cmd)3102 static int hostapd_ctrl_iface_eapol_set(struct hostapd_data *hapd, char *cmd)
3103 {
3104 u8 addr[ETH_ALEN];
3105 struct sta_info *sta;
3106 char *pos = cmd, *param;
3107
3108 if (hwaddr_aton(pos, addr) || pos[17] != ' ')
3109 return -1;
3110 pos += 18;
3111 param = pos;
3112 pos = os_strchr(pos, ' ');
3113 if (!pos)
3114 return -1;
3115 *pos++ = '\0';
3116
3117 sta = ap_get_sta(hapd, addr);
3118 if (!sta || !sta->eapol_sm)
3119 return -1;
3120
3121 return eapol_auth_set_conf(sta->eapol_sm, param, pos);
3122 }
3123
3124
hostapd_ctrl_iface_log_level(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)3125 static int hostapd_ctrl_iface_log_level(struct hostapd_data *hapd, char *cmd,
3126 char *buf, size_t buflen)
3127 {
3128 char *pos, *end, *stamp;
3129 int ret;
3130
3131 /* cmd: "LOG_LEVEL [<level>]" */
3132 if (*cmd == '\0') {
3133 pos = buf;
3134 end = buf + buflen;
3135 ret = os_snprintf(pos, end - pos, "Current level: %s\n"
3136 "Timestamp: %d\n",
3137 debug_level_str(wpa_debug_level),
3138 wpa_debug_timestamp);
3139 if (os_snprintf_error(end - pos, ret))
3140 ret = 0;
3141
3142 return ret;
3143 }
3144
3145 while (*cmd == ' ')
3146 cmd++;
3147
3148 stamp = os_strchr(cmd, ' ');
3149 if (stamp) {
3150 *stamp++ = '\0';
3151 while (*stamp == ' ') {
3152 stamp++;
3153 }
3154 }
3155
3156 if (os_strlen(cmd)) {
3157 int level = str_to_debug_level(cmd);
3158 if (level < 0)
3159 return -1;
3160 wpa_debug_level = level;
3161 }
3162
3163 if (stamp && os_strlen(stamp))
3164 wpa_debug_timestamp = atoi(stamp);
3165
3166 os_memcpy(buf, "OK\n", 3);
3167 return 3;
3168 }
3169
3170
3171 #ifdef NEED_AP_MLME
hostapd_ctrl_iface_track_sta_list(struct hostapd_data * hapd,char * buf,size_t buflen)3172 static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd,
3173 char *buf, size_t buflen)
3174 {
3175 struct hostapd_iface *iface = hapd->iface;
3176 char *pos, *end;
3177 struct hostapd_sta_info *info;
3178 struct os_reltime now;
3179
3180 if (!iface->num_sta_seen)
3181 return 0;
3182
3183 sta_track_expire(iface, 0);
3184
3185 pos = buf;
3186 end = buf + buflen;
3187
3188 os_get_reltime(&now);
3189 dl_list_for_each_reverse(info, &iface->sta_seen,
3190 struct hostapd_sta_info, list) {
3191 struct os_reltime age;
3192 int ret;
3193
3194 os_reltime_sub(&now, &info->last_seen, &age);
3195 ret = os_snprintf(pos, end - pos, MACSTR " %u %d\n",
3196 MAC2STR(info->addr), (unsigned int) age.sec,
3197 info->ssi_signal);
3198 if (os_snprintf_error(end - pos, ret))
3199 break;
3200 pos += ret;
3201 }
3202
3203 return pos - buf;
3204 }
3205 #endif /* NEED_AP_MLME */
3206
3207
hostapd_ctrl_iface_req_lci(struct hostapd_data * hapd,const char * cmd)3208 static int hostapd_ctrl_iface_req_lci(struct hostapd_data *hapd,
3209 const char *cmd)
3210 {
3211 u8 addr[ETH_ALEN];
3212
3213 if (hwaddr_aton(cmd, addr)) {
3214 wpa_printf(MSG_INFO, "CTRL: REQ_LCI: Invalid MAC address");
3215 return -1;
3216 }
3217
3218 return hostapd_send_lci_req(hapd, addr);
3219 }
3220
3221
hostapd_ctrl_iface_req_range(struct hostapd_data * hapd,char * cmd)3222 static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd)
3223 {
3224 u8 addr[ETH_ALEN];
3225 char *token, *context = NULL;
3226 int random_interval, min_ap;
3227 u8 responders[ETH_ALEN * RRM_RANGE_REQ_MAX_RESPONDERS];
3228 unsigned int n_responders;
3229
3230 token = str_token(cmd, " ", &context);
3231 if (!token || hwaddr_aton(token, addr)) {
3232 wpa_printf(MSG_INFO,
3233 "CTRL: REQ_RANGE - Bad destination address");
3234 return -1;
3235 }
3236
3237 token = str_token(cmd, " ", &context);
3238 if (!token)
3239 return -1;
3240
3241 random_interval = atoi(token);
3242 if (random_interval < 0 || random_interval > 0xffff)
3243 return -1;
3244
3245 token = str_token(cmd, " ", &context);
3246 if (!token)
3247 return -1;
3248
3249 min_ap = atoi(token);
3250 if (min_ap <= 0 || min_ap > WLAN_RRM_RANGE_REQ_MAX_MIN_AP)
3251 return -1;
3252
3253 n_responders = 0;
3254 while ((token = str_token(cmd, " ", &context))) {
3255 if (n_responders == RRM_RANGE_REQ_MAX_RESPONDERS) {
3256 wpa_printf(MSG_INFO,
3257 "CTRL: REQ_RANGE: Too many responders");
3258 return -1;
3259 }
3260
3261 if (hwaddr_aton(token, responders + n_responders * ETH_ALEN)) {
3262 wpa_printf(MSG_INFO,
3263 "CTRL: REQ_RANGE: Bad responder address");
3264 return -1;
3265 }
3266
3267 n_responders++;
3268 }
3269
3270 if (!n_responders) {
3271 wpa_printf(MSG_INFO,
3272 "CTRL: REQ_RANGE - No FTM responder address");
3273 return -1;
3274 }
3275
3276 return hostapd_send_range_req(hapd, addr, random_interval, min_ap,
3277 responders, n_responders);
3278 }
3279
3280
hostapd_ctrl_iface_req_beacon(struct hostapd_data * hapd,const char * cmd,char * reply,size_t reply_size)3281 static int hostapd_ctrl_iface_req_beacon(struct hostapd_data *hapd,
3282 const char *cmd, char *reply,
3283 size_t reply_size)
3284 {
3285 u8 addr[ETH_ALEN];
3286 const char *pos;
3287 struct wpabuf *req;
3288 int ret;
3289 u8 req_mode = 0;
3290
3291 if (hwaddr_aton(cmd, addr))
3292 return -1;
3293 pos = os_strchr(cmd, ' ');
3294 if (!pos)
3295 return -1;
3296 pos++;
3297 if (os_strncmp(pos, "req_mode=", 9) == 0) {
3298 int val = hex2byte(pos + 9);
3299
3300 if (val < 0)
3301 return -1;
3302 req_mode = val;
3303 pos += 11;
3304 pos = os_strchr(pos, ' ');
3305 if (!pos)
3306 return -1;
3307 pos++;
3308 }
3309 req = wpabuf_parse_bin(pos);
3310 if (!req)
3311 return -1;
3312
3313 ret = hostapd_send_beacon_req(hapd, addr, req_mode, req);
3314 wpabuf_free(req);
3315 if (ret >= 0)
3316 ret = os_snprintf(reply, reply_size, "%d", ret);
3317 return ret;
3318 }
3319
3320
hostapd_ctrl_iface_req_link_measurement(struct hostapd_data * hapd,const char * cmd,char * reply,size_t reply_size)3321 static int hostapd_ctrl_iface_req_link_measurement(struct hostapd_data *hapd,
3322 const char *cmd, char *reply,
3323 size_t reply_size)
3324 {
3325 u8 addr[ETH_ALEN];
3326 int ret;
3327
3328 if (hwaddr_aton(cmd, addr)) {
3329 wpa_printf(MSG_ERROR,
3330 "CTRL: REQ_LINK_MEASUREMENT: Invalid MAC address");
3331 return -1;
3332 }
3333
3334 ret = hostapd_send_link_measurement_req(hapd, addr);
3335 if (ret >= 0)
3336 ret = os_snprintf(reply, reply_size, "%d", ret);
3337 return ret;
3338 }
3339
3340
hostapd_ctrl_iface_show_neighbor(struct hostapd_data * hapd,char * buf,size_t buflen)3341 static int hostapd_ctrl_iface_show_neighbor(struct hostapd_data *hapd,
3342 char *buf, size_t buflen)
3343 {
3344 if (!(hapd->conf->radio_measurements[0] &
3345 WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
3346 wpa_printf(MSG_ERROR,
3347 "CTRL: SHOW_NEIGHBOR: Neighbor report is not enabled");
3348 return -1;
3349 }
3350
3351 return hostapd_neighbor_show(hapd, buf, buflen);
3352 }
3353
3354
hostapd_ctrl_iface_set_neighbor(struct hostapd_data * hapd,char * buf)3355 static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf)
3356 {
3357 struct wpa_ssid_value ssid;
3358 u8 bssid[ETH_ALEN];
3359 struct wpabuf *nr, *lci = NULL, *civic = NULL;
3360 int stationary = 0;
3361 int bss_parameters = 0;
3362 char *tmp;
3363 int ret = -1;
3364
3365 if (!(hapd->conf->radio_measurements[0] &
3366 WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
3367 wpa_printf(MSG_ERROR,
3368 "CTRL: SET_NEIGHBOR: Neighbor report is not enabled");
3369 return -1;
3370 }
3371
3372 if (hwaddr_aton(buf, bssid)) {
3373 wpa_printf(MSG_ERROR, "CTRL: SET_NEIGHBOR: Bad BSSID");
3374 return -1;
3375 }
3376
3377 tmp = os_strstr(buf, "ssid=");
3378 if (!tmp || ssid_parse(tmp + 5, &ssid)) {
3379 wpa_printf(MSG_ERROR,
3380 "CTRL: SET_NEIGHBOR: Bad or missing SSID");
3381 return -1;
3382 }
3383 buf = os_strchr(tmp + 6, tmp[5] == '"' ? '"' : ' ');
3384 if (!buf)
3385 return -1;
3386
3387 tmp = os_strstr(buf, "nr=");
3388 if (!tmp) {
3389 wpa_printf(MSG_ERROR,
3390 "CTRL: SET_NEIGHBOR: Missing Neighbor Report element");
3391 return -1;
3392 }
3393
3394 buf = os_strchr(tmp, ' ');
3395 if (buf)
3396 *buf++ = '\0';
3397
3398 nr = wpabuf_parse_bin(tmp + 3);
3399 if (!nr) {
3400 wpa_printf(MSG_ERROR,
3401 "CTRL: SET_NEIGHBOR: Bad Neighbor Report element");
3402 return -1;
3403 }
3404
3405 if (!buf)
3406 goto set;
3407
3408 tmp = os_strstr(buf, "lci=");
3409 if (tmp) {
3410 buf = os_strchr(tmp, ' ');
3411 if (buf)
3412 *buf++ = '\0';
3413 lci = wpabuf_parse_bin(tmp + 4);
3414 if (!lci) {
3415 wpa_printf(MSG_ERROR,
3416 "CTRL: SET_NEIGHBOR: Bad LCI subelement");
3417 goto fail;
3418 }
3419 }
3420
3421 if (!buf)
3422 goto set;
3423
3424 tmp = os_strstr(buf, "civic=");
3425 if (tmp) {
3426 buf = os_strchr(tmp, ' ');
3427 if (buf)
3428 *buf++ = '\0';
3429 civic = wpabuf_parse_bin(tmp + 6);
3430 if (!civic) {
3431 wpa_printf(MSG_ERROR,
3432 "CTRL: SET_NEIGHBOR: Bad civic subelement");
3433 goto fail;
3434 }
3435 }
3436
3437 if (!buf)
3438 goto set;
3439
3440 if (os_strstr(buf, "stat"))
3441 stationary = 1;
3442
3443 tmp = os_strstr(buf, "bss_parameter=");
3444 if (tmp) {
3445 bss_parameters = atoi(tmp + 14);
3446 if (bss_parameters < 0 || bss_parameters > 0xff) {
3447 wpa_printf(MSG_ERROR,
3448 "CTRL: SET_NEIGHBOR: Bad bss_parameters subelement");
3449 goto fail;
3450 }
3451 }
3452
3453 set:
3454 ret = hostapd_neighbor_set(hapd, bssid, &ssid, nr, lci, civic,
3455 stationary, bss_parameters);
3456
3457 fail:
3458 wpabuf_free(nr);
3459 wpabuf_free(lci);
3460 wpabuf_free(civic);
3461
3462 return ret;
3463 }
3464
3465
hostapd_ctrl_iface_remove_neighbor(struct hostapd_data * hapd,char * buf)3466 static int hostapd_ctrl_iface_remove_neighbor(struct hostapd_data *hapd,
3467 char *buf)
3468 {
3469 struct wpa_ssid_value ssid;
3470 struct wpa_ssid_value *ssidp = NULL;
3471 u8 bssid[ETH_ALEN];
3472 char *tmp;
3473
3474 if (hwaddr_aton(buf, bssid)) {
3475 wpa_printf(MSG_ERROR, "CTRL: REMOVE_NEIGHBOR: Bad BSSID");
3476 return -1;
3477 }
3478
3479 tmp = os_strstr(buf, "ssid=");
3480 if (tmp) {
3481 ssidp = &ssid;
3482 if (ssid_parse(tmp + 5, &ssid)) {
3483 wpa_printf(MSG_ERROR,
3484 "CTRL: REMOVE_NEIGHBOR: Bad SSID");
3485 return -1;
3486 }
3487 }
3488
3489 return hostapd_neighbor_remove(hapd, bssid, ssidp);
3490 }
3491
3492
hostapd_ctrl_driver_flags(struct hostapd_iface * iface,char * buf,size_t buflen)3493 static int hostapd_ctrl_driver_flags(struct hostapd_iface *iface, char *buf,
3494 size_t buflen)
3495 {
3496 int ret, i;
3497 char *pos, *end;
3498
3499 ret = os_snprintf(buf, buflen, "%016llX:\n",
3500 (long long unsigned) iface->drv_flags);
3501 if (os_snprintf_error(buflen, ret))
3502 return -1;
3503
3504 pos = buf + ret;
3505 end = buf + buflen;
3506
3507 for (i = 0; i < 64; i++) {
3508 if (iface->drv_flags & (1LLU << i)) {
3509 ret = os_snprintf(pos, end - pos, "%s\n",
3510 driver_flag_to_string(1LLU << i));
3511 if (os_snprintf_error(end - pos, ret))
3512 return -1;
3513 pos += ret;
3514 }
3515 }
3516
3517 return pos - buf;
3518 }
3519
3520
hostapd_ctrl_driver_flags2(struct hostapd_iface * iface,char * buf,size_t buflen)3521 static int hostapd_ctrl_driver_flags2(struct hostapd_iface *iface, char *buf,
3522 size_t buflen)
3523 {
3524 int ret, i;
3525 char *pos, *end;
3526
3527 ret = os_snprintf(buf, buflen, "%016llX:\n",
3528 (long long unsigned) iface->drv_flags2);
3529 if (os_snprintf_error(buflen, ret))
3530 return -1;
3531
3532 pos = buf + ret;
3533 end = buf + buflen;
3534
3535 for (i = 0; i < 64; i++) {
3536 if (iface->drv_flags2 & (1LLU << i)) {
3537 ret = os_snprintf(pos, end - pos, "%s\n",
3538 driver_flag2_to_string(1LLU << i));
3539 if (os_snprintf_error(end - pos, ret))
3540 return -1;
3541 pos += ret;
3542 }
3543 }
3544
3545 return pos - buf;
3546 }
3547
3548
hostapd_ctrl_iface_get_capability(struct hostapd_data * hapd,const char * field,char * buf,size_t buflen)3549 static int hostapd_ctrl_iface_get_capability(struct hostapd_data *hapd,
3550 const char *field, char *buf,
3551 size_t buflen)
3552 {
3553 wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_CAPABILITY '%s'", field);
3554
3555 #ifdef CONFIG_DPP
3556 if (os_strcmp(field, "dpp") == 0) {
3557 int res;
3558
3559 #ifdef CONFIG_DPP3
3560 res = os_snprintf(buf, buflen, "DPP=3");
3561 #elif defined(CONFIG_DPP2)
3562 res = os_snprintf(buf, buflen, "DPP=2");
3563 #else /* CONFIG_DPP2 */
3564 res = os_snprintf(buf, buflen, "DPP=1");
3565 #endif /* CONFIG_DPP2 */
3566 if (os_snprintf_error(buflen, res))
3567 return -1;
3568 return res;
3569 }
3570 #endif /* CONFIG_DPP */
3571
3572 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown GET_CAPABILITY field '%s'",
3573 field);
3574
3575 return -1;
3576 }
3577
3578
3579 #ifdef ANDROID
hostapd_ctrl_iface_driver_cmd(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)3580 static int hostapd_ctrl_iface_driver_cmd(struct hostapd_data *hapd, char *cmd,
3581 char *buf, size_t buflen)
3582 {
3583 int ret;
3584
3585 ret = hostapd_drv_driver_cmd(hapd, cmd, buf, buflen);
3586 if (ret == 0) {
3587 ret = os_snprintf(buf, buflen, "%s\n", "OK");
3588 if (os_snprintf_error(buflen, ret))
3589 ret = -1;
3590 }
3591 return ret;
3592 }
3593 #endif /* ANDROID */
3594
3595
3596 #ifdef CONFIG_IEEE80211BE
3597
hostapd_ctrl_iface_enable_mld(struct hostapd_iface * iface)3598 static int hostapd_ctrl_iface_enable_mld(struct hostapd_iface *iface)
3599 {
3600 unsigned int i;
3601
3602 if (!iface || !iface->bss[0]->conf->mld_ap) {
3603 wpa_printf(MSG_ERROR,
3604 "Trying to enable AP MLD on an interface that is not affiliated with an AP MLD");
3605 return -1;
3606 }
3607
3608 for (i = 0; i < iface->interfaces->count; ++i) {
3609 struct hostapd_iface *h_iface = iface->interfaces->iface[i];
3610 struct hostapd_data *h_hapd = h_iface->bss[0];
3611
3612 if (!hostapd_is_ml_partner(h_hapd, iface->bss[0]))
3613 continue;
3614
3615 if (hostapd_enable_iface(h_iface)) {
3616 wpa_printf(MSG_ERROR, "Enabling of AP MLD failed");
3617 return -1;
3618 }
3619 }
3620 return 0;
3621 }
3622
3623
hostapd_disable_iface_bss(struct hostapd_iface * iface)3624 static void hostapd_disable_iface_bss(struct hostapd_iface *iface)
3625 {
3626 unsigned int i;
3627
3628 for (i = 0; i < iface->num_bss; i++)
3629 hostapd_bss_deinit_no_free(iface->bss[i]);
3630 }
3631
3632
hostapd_ctrl_iface_disable_mld(struct hostapd_iface * iface)3633 static int hostapd_ctrl_iface_disable_mld(struct hostapd_iface *iface)
3634 {
3635 unsigned int i;
3636
3637 if (!iface || !iface->bss[0]->conf->mld_ap) {
3638 wpa_printf(MSG_ERROR,
3639 "Trying to disable AP MLD on an interface that is not affiliated with an AP MLD.");
3640 return -1;
3641 }
3642
3643 /* First, disable BSSs before stopping beaconing and doing driver
3644 * deinit so that the broadcast Deauthentication frames go out. */
3645
3646 for (i = 0; i < iface->interfaces->count; ++i) {
3647 struct hostapd_iface *h_iface = iface->interfaces->iface[i];
3648 struct hostapd_data *h_hapd = h_iface->bss[0];
3649
3650 if (!hostapd_is_ml_partner(h_hapd, iface->bss[0]))
3651 continue;
3652
3653 hostapd_disable_iface_bss(iface);
3654 }
3655
3656 /* Then, fully disable interfaces */
3657 for (i = 0; i < iface->interfaces->count; ++i) {
3658 struct hostapd_iface *h_iface = iface->interfaces->iface[i];
3659 struct hostapd_data *h_hapd = h_iface->bss[0];
3660
3661 if (!hostapd_is_ml_partner(h_hapd, iface->bss[0]))
3662 continue;
3663
3664 if (hostapd_disable_iface(h_iface)) {
3665 wpa_printf(MSG_ERROR, "Disabling AP MLD failed");
3666 return -1;
3667 }
3668 }
3669
3670 return 0;
3671 }
3672
3673
3674 #ifdef CONFIG_TESTING_OPTIONS
hostapd_ctrl_iface_link_remove(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)3675 static int hostapd_ctrl_iface_link_remove(struct hostapd_data *hapd, char *cmd,
3676 char *buf, size_t buflen)
3677 {
3678 int ret;
3679 u32 count = atoi(cmd);
3680
3681 if (!count)
3682 count = 1;
3683
3684 ret = hostapd_link_remove(hapd, count);
3685 if (ret == 0) {
3686 ret = os_snprintf(buf, buflen, "%s\n", "OK");
3687 if (os_snprintf_error(buflen, ret))
3688 ret = -1;
3689 else
3690 ret = 0;
3691 }
3692
3693 return ret;
3694 }
3695 #endif /* CONFIG_TESTING_OPTIONS */
3696 #endif /* CONFIG_IEEE80211BE */
3697
3698
3699 #ifdef CONFIG_NAN_USD
3700
hostapd_ctrl_nan_publish(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)3701 static int hostapd_ctrl_nan_publish(struct hostapd_data *hapd, char *cmd,
3702 char *buf, size_t buflen)
3703 {
3704 char *token, *context = NULL;
3705 int publish_id;
3706 struct nan_publish_params params;
3707 const char *service_name = NULL;
3708 struct wpabuf *ssi = NULL;
3709 int ret = -1;
3710 enum nan_service_protocol_type srv_proto_type = 0;
3711
3712 os_memset(¶ms, 0, sizeof(params));
3713 /* USD shall use both solicited and unsolicited transmissions */
3714 params.unsolicited = true;
3715 params.solicited = true;
3716 /* USD shall require FSD without GAS */
3717 params.fsd = true;
3718
3719 while ((token = str_token(cmd, " ", &context))) {
3720 if (os_strncmp(token, "service_name=", 13) == 0) {
3721 service_name = token + 13;
3722 continue;
3723 }
3724
3725 if (os_strncmp(token, "ttl=", 4) == 0) {
3726 params.ttl = atoi(token + 4);
3727 continue;
3728 }
3729
3730 if (os_strncmp(token, "srv_proto_type=", 15) == 0) {
3731 srv_proto_type = atoi(token + 15);
3732 continue;
3733 }
3734
3735 if (os_strncmp(token, "ssi=", 4) == 0) {
3736 if (ssi)
3737 goto fail;
3738 ssi = wpabuf_parse_bin(token + 4);
3739 if (!ssi)
3740 goto fail;
3741 continue;
3742 }
3743
3744 if (os_strcmp(token, "solicited=0") == 0) {
3745 params.solicited = false;
3746 continue;
3747 }
3748
3749 if (os_strcmp(token, "unsolicited=0") == 0) {
3750 params.unsolicited = false;
3751 continue;
3752 }
3753
3754 if (os_strcmp(token, "fsd=0") == 0) {
3755 params.fsd = false;
3756 continue;
3757 }
3758
3759 wpa_printf(MSG_INFO, "CTRL: Invalid NAN_PUBLISH parameter: %s",
3760 token);
3761 goto fail;
3762 }
3763
3764 publish_id = hostapd_nan_usd_publish(hapd, service_name, srv_proto_type,
3765 ssi, ¶ms);
3766 if (publish_id > 0)
3767 ret = os_snprintf(buf, buflen, "%d", publish_id);
3768 fail:
3769 wpabuf_free(ssi);
3770 return ret;
3771 }
3772
3773
hostapd_ctrl_nan_cancel_publish(struct hostapd_data * hapd,char * cmd)3774 static int hostapd_ctrl_nan_cancel_publish(struct hostapd_data *hapd,
3775 char *cmd)
3776 {
3777 char *token, *context = NULL;
3778 int publish_id = 0;
3779
3780 while ((token = str_token(cmd, " ", &context))) {
3781 if (sscanf(token, "publish_id=%i", &publish_id) == 1)
3782 continue;
3783 wpa_printf(MSG_INFO,
3784 "CTRL: Invalid NAN_CANCEL_PUBLISH parameter: %s",
3785 token);
3786 return -1;
3787 }
3788
3789 if (publish_id <= 0) {
3790 wpa_printf(MSG_INFO,
3791 "CTRL: Invalid or missing NAN_CANCEL_PUBLISH publish_id");
3792 return -1;
3793 }
3794
3795 hostapd_nan_usd_cancel_publish(hapd, publish_id);
3796 return 0;
3797 }
3798
3799
hostapd_ctrl_nan_update_publish(struct hostapd_data * hapd,char * cmd)3800 static int hostapd_ctrl_nan_update_publish(struct hostapd_data *hapd,
3801 char *cmd)
3802 {
3803 char *token, *context = NULL;
3804 int publish_id = 0;
3805 struct wpabuf *ssi = NULL;
3806 int ret = -1;
3807
3808 while ((token = str_token(cmd, " ", &context))) {
3809 if (sscanf(token, "publish_id=%i", &publish_id) == 1)
3810 continue;
3811 if (os_strncmp(token, "ssi=", 4) == 0) {
3812 if (ssi)
3813 goto fail;
3814 ssi = wpabuf_parse_bin(token + 4);
3815 if (!ssi)
3816 goto fail;
3817 continue;
3818 }
3819 wpa_printf(MSG_INFO,
3820 "CTRL: Invalid NAN_UPDATE_PUBLISH parameter: %s",
3821 token);
3822 goto fail;
3823 }
3824
3825 if (publish_id <= 0) {
3826 wpa_printf(MSG_INFO,
3827 "CTRL: Invalid or missing NAN_UPDATE_PUBLISH publish_id");
3828 goto fail;
3829 }
3830
3831 ret = hostapd_nan_usd_update_publish(hapd, publish_id, ssi);
3832 fail:
3833 wpabuf_free(ssi);
3834 return ret;
3835 }
3836
3837
hostapd_ctrl_nan_subscribe(struct hostapd_data * hapd,char * cmd,char * buf,size_t buflen)3838 static int hostapd_ctrl_nan_subscribe(struct hostapd_data *hapd, char *cmd,
3839 char *buf, size_t buflen)
3840 {
3841 char *token, *context = NULL;
3842 int subscribe_id;
3843 struct nan_subscribe_params params;
3844 const char *service_name = NULL;
3845 struct wpabuf *ssi = NULL;
3846 int ret = -1;
3847 enum nan_service_protocol_type srv_proto_type = 0;
3848
3849 os_memset(¶ms, 0, sizeof(params));
3850
3851 while ((token = str_token(cmd, " ", &context))) {
3852 if (os_strncmp(token, "service_name=", 13) == 0) {
3853 service_name = token + 13;
3854 continue;
3855 }
3856
3857 if (os_strcmp(token, "active=1") == 0) {
3858 params.active = true;
3859 continue;
3860 }
3861
3862 if (os_strncmp(token, "ttl=", 4) == 0) {
3863 params.ttl = atoi(token + 4);
3864 continue;
3865 }
3866
3867 if (os_strncmp(token, "srv_proto_type=", 15) == 0) {
3868 srv_proto_type = atoi(token + 15);
3869 continue;
3870 }
3871
3872 if (os_strncmp(token, "ssi=", 4) == 0) {
3873 if (ssi)
3874 goto fail;
3875 ssi = wpabuf_parse_bin(token + 4);
3876 if (!ssi)
3877 goto fail;
3878 continue;
3879 }
3880
3881 wpa_printf(MSG_INFO,
3882 "CTRL: Invalid NAN_SUBSCRIBE parameter: %s",
3883 token);
3884 goto fail;
3885 }
3886
3887 subscribe_id = hostapd_nan_usd_subscribe(hapd, service_name,
3888 srv_proto_type, ssi,
3889 ¶ms);
3890 if (subscribe_id > 0)
3891 ret = os_snprintf(buf, buflen, "%d", subscribe_id);
3892 fail:
3893 wpabuf_free(ssi);
3894 return ret;
3895 }
3896
3897
hostapd_ctrl_nan_cancel_subscribe(struct hostapd_data * hapd,char * cmd)3898 static int hostapd_ctrl_nan_cancel_subscribe(struct hostapd_data *hapd,
3899 char *cmd)
3900 {
3901 char *token, *context = NULL;
3902 int subscribe_id = 0;
3903
3904 while ((token = str_token(cmd, " ", &context))) {
3905 if (sscanf(token, "subscribe_id=%i", &subscribe_id) == 1)
3906 continue;
3907 wpa_printf(MSG_INFO,
3908 "CTRL: Invalid NAN_CANCEL_SUBSCRIBE parameter: %s",
3909 token);
3910 return -1;
3911 }
3912
3913 if (subscribe_id <= 0) {
3914 wpa_printf(MSG_INFO,
3915 "CTRL: Invalid or missing NAN_CANCEL_SUBSCRIBE subscribe_id");
3916 return -1;
3917 }
3918
3919 hostapd_nan_usd_cancel_subscribe(hapd, subscribe_id);
3920 return 0;
3921 }
3922
3923
hostapd_ctrl_nan_transmit(struct hostapd_data * hapd,char * cmd)3924 static int hostapd_ctrl_nan_transmit(struct hostapd_data *hapd, char *cmd)
3925 {
3926 char *token, *context = NULL;
3927 int handle = 0;
3928 int req_instance_id = 0;
3929 struct wpabuf *ssi = NULL;
3930 u8 peer_addr[ETH_ALEN];
3931 int ret = -1;
3932
3933 os_memset(peer_addr, 0, ETH_ALEN);
3934
3935 while ((token = str_token(cmd, " ", &context))) {
3936 if (sscanf(token, "handle=%i", &handle) == 1)
3937 continue;
3938
3939 if (sscanf(token, "req_instance_id=%i", &req_instance_id) == 1)
3940 continue;
3941
3942 if (os_strncmp(token, "address=", 8) == 0) {
3943 if (hwaddr_aton(token + 8, peer_addr) < 0)
3944 return -1;
3945 continue;
3946 }
3947
3948 if (os_strncmp(token, "ssi=", 4) == 0) {
3949 if (ssi)
3950 goto fail;
3951 ssi = wpabuf_parse_bin(token + 4);
3952 if (!ssi)
3953 goto fail;
3954 continue;
3955 }
3956
3957 wpa_printf(MSG_INFO,
3958 "CTRL: Invalid NAN_TRANSMIT parameter: %s",
3959 token);
3960 goto fail;
3961 }
3962
3963 if (handle <= 0) {
3964 wpa_printf(MSG_INFO,
3965 "CTRL: Invalid or missing NAN_TRANSMIT handle");
3966 goto fail;
3967 }
3968
3969 if (is_zero_ether_addr(peer_addr)) {
3970 wpa_printf(MSG_INFO,
3971 "CTRL: Invalid or missing NAN_TRANSMIT address");
3972 goto fail;
3973 }
3974
3975 ret = hostapd_nan_usd_transmit(hapd, handle, ssi, NULL, peer_addr,
3976 req_instance_id);
3977 fail:
3978 wpabuf_free(ssi);
3979 return ret;
3980 }
3981
3982 #endif /* CONFIG_NAN_USD */
3983
3984
hostapd_ctrl_iface_receive_process(struct hostapd_data * hapd,char * buf,char * reply,int reply_size,struct sockaddr_storage * from,socklen_t fromlen)3985 static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd,
3986 char *buf, char *reply,
3987 int reply_size,
3988 struct sockaddr_storage *from,
3989 socklen_t fromlen)
3990 {
3991 int reply_len, res;
3992
3993 os_memcpy(reply, "OK\n", 3);
3994 reply_len = 3;
3995
3996 if (os_strcmp(buf, "PING") == 0) {
3997 os_memcpy(reply, "PONG\n", 5);
3998 reply_len = 5;
3999 } else if (os_strncmp(buf, "RELOG", 5) == 0) {
4000 if (wpa_debug_reopen_file() < 0)
4001 reply_len = -1;
4002 } else if (os_strcmp(buf, "CLOSE_LOG") == 0) {
4003 wpa_debug_stop_log();
4004 } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
4005 wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
4006 } else if (os_strcmp(buf, "STATUS") == 0) {
4007 reply_len = hostapd_ctrl_iface_status(hapd, reply,
4008 reply_size);
4009 } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
4010 reply_len = hostapd_drv_status(hapd, reply, reply_size);
4011 } else if (os_strcmp(buf, "MIB") == 0) {
4012 reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
4013 if (reply_len >= 0) {
4014 res = wpa_get_mib(hapd->wpa_auth, reply + reply_len,
4015 reply_size - reply_len);
4016 if (res < 0)
4017 reply_len = -1;
4018 else
4019 reply_len += res;
4020 }
4021 if (reply_len >= 0) {
4022 res = ieee802_1x_get_mib(hapd, reply + reply_len,
4023 reply_size - reply_len);
4024 if (res < 0)
4025 reply_len = -1;
4026 else
4027 reply_len += res;
4028 }
4029 #ifndef CONFIG_NO_RADIUS
4030 if (reply_len >= 0) {
4031 res = radius_client_get_mib(hapd->radius,
4032 reply + reply_len,
4033 reply_size - reply_len);
4034 if (res < 0)
4035 reply_len = -1;
4036 else
4037 reply_len += res;
4038 }
4039 #endif /* CONFIG_NO_RADIUS */
4040 } else if (os_strncmp(buf, "MIB ", 4) == 0) {
4041 reply_len = hostapd_ctrl_iface_mib(hapd, reply, reply_size,
4042 buf + 4);
4043 } else if (os_strcmp(buf, "STA-FIRST") == 0) {
4044 reply_len = hostapd_ctrl_iface_sta_first(hapd, reply,
4045 reply_size);
4046 } else if (os_strncmp(buf, "STA ", 4) == 0) {
4047 reply_len = hostapd_ctrl_iface_sta(hapd, buf + 4, reply,
4048 reply_size);
4049 } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
4050 reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
4051 reply_size);
4052 } else if (os_strcmp(buf, "ATTACH") == 0) {
4053 if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
4054 reply_len = -1;
4055 } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
4056 if (hostapd_ctrl_iface_attach(hapd, from, fromlen, buf + 7))
4057 reply_len = -1;
4058 } else if (os_strcmp(buf, "DETACH") == 0) {
4059 if (hostapd_ctrl_iface_detach(hapd, from, fromlen))
4060 reply_len = -1;
4061 } else if (os_strncmp(buf, "LEVEL ", 6) == 0) {
4062 if (hostapd_ctrl_iface_level(hapd, from, fromlen,
4063 buf + 6))
4064 reply_len = -1;
4065 } else if (os_strncmp(buf, "NEW_STA ", 8) == 0) {
4066 if (hostapd_ctrl_iface_new_sta(hapd, buf + 8))
4067 reply_len = -1;
4068 } else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
4069 if (hostapd_ctrl_iface_deauthenticate(hapd, buf + 15))
4070 reply_len = -1;
4071 } else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
4072 if (hostapd_ctrl_iface_disassociate(hapd, buf + 13))
4073 reply_len = -1;
4074 #ifdef CONFIG_TAXONOMY
4075 } else if (os_strncmp(buf, "SIGNATURE ", 10) == 0) {
4076 reply_len = hostapd_ctrl_iface_signature(hapd, buf + 10,
4077 reply, reply_size);
4078 #endif /* CONFIG_TAXONOMY */
4079 } else if (os_strncmp(buf, "POLL_STA ", 9) == 0) {
4080 if (hostapd_ctrl_iface_poll_sta(hapd, buf + 9))
4081 reply_len = -1;
4082 } else if (os_strcmp(buf, "STOP_AP") == 0) {
4083 if (hostapd_ctrl_iface_stop_ap(hapd))
4084 reply_len = -1;
4085 #ifdef NEED_AP_MLME
4086 } else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) {
4087 if (hostapd_ctrl_iface_sa_query(hapd, buf + 9))
4088 reply_len = -1;
4089 #endif /* NEED_AP_MLME */
4090 #ifdef CONFIG_WPS
4091 } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
4092 if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8))
4093 reply_len = -1;
4094 } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) {
4095 reply_len = hostapd_ctrl_iface_wps_check_pin(
4096 hapd, buf + 14, reply, reply_size);
4097 } else if (os_strcmp(buf, "WPS_PBC") == 0) {
4098 if (hostapd_wps_button_pushed(hapd, NULL))
4099 reply_len = -1;
4100 } else if (os_strcmp(buf, "WPS_CANCEL") == 0) {
4101 if (hostapd_wps_cancel(hapd))
4102 reply_len = -1;
4103 } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
4104 reply_len = hostapd_ctrl_iface_wps_ap_pin(hapd, buf + 11,
4105 reply, reply_size);
4106 } else if (os_strncmp(buf, "WPS_CONFIG ", 11) == 0) {
4107 if (hostapd_ctrl_iface_wps_config(hapd, buf + 11) < 0)
4108 reply_len = -1;
4109 } else if (os_strncmp(buf, "WPS_GET_STATUS", 13) == 0) {
4110 reply_len = hostapd_ctrl_iface_wps_get_status(hapd, reply,
4111 reply_size);
4112 #ifdef CONFIG_WPS_NFC
4113 } else if (os_strncmp(buf, "WPS_NFC_TAG_READ ", 17) == 0) {
4114 if (hostapd_ctrl_iface_wps_nfc_tag_read(hapd, buf + 17))
4115 reply_len = -1;
4116 } else if (os_strncmp(buf, "WPS_NFC_CONFIG_TOKEN ", 21) == 0) {
4117 reply_len = hostapd_ctrl_iface_wps_nfc_config_token(
4118 hapd, buf + 21, reply, reply_size);
4119 } else if (os_strncmp(buf, "WPS_NFC_TOKEN ", 14) == 0) {
4120 reply_len = hostapd_ctrl_iface_wps_nfc_token(
4121 hapd, buf + 14, reply, reply_size);
4122 } else if (os_strncmp(buf, "NFC_GET_HANDOVER_SEL ", 21) == 0) {
4123 reply_len = hostapd_ctrl_iface_nfc_get_handover_sel(
4124 hapd, buf + 21, reply, reply_size);
4125 } else if (os_strncmp(buf, "NFC_REPORT_HANDOVER ", 20) == 0) {
4126 if (hostapd_ctrl_iface_nfc_report_handover(hapd, buf + 20))
4127 reply_len = -1;
4128 #endif /* CONFIG_WPS_NFC */
4129 #endif /* CONFIG_WPS */
4130 #ifdef CONFIG_INTERWORKING
4131 } else if (os_strncmp(buf, "SET_QOS_MAP_SET ", 16) == 0) {
4132 if (hostapd_ctrl_iface_set_qos_map_set(hapd, buf + 16))
4133 reply_len = -1;
4134 } else if (os_strncmp(buf, "SEND_QOS_MAP_CONF ", 18) == 0) {
4135 if (hostapd_ctrl_iface_send_qos_map_conf(hapd, buf + 18))
4136 reply_len = -1;
4137 #endif /* CONFIG_INTERWORKING */
4138 #ifdef CONFIG_HS20
4139 } else if (os_strncmp(buf, "HS20_WNM_NOTIF ", 15) == 0) {
4140 if (hostapd_ctrl_iface_hs20_wnm_notif(hapd, buf + 15))
4141 reply_len = -1;
4142 } else if (os_strncmp(buf, "HS20_DEAUTH_REQ ", 16) == 0) {
4143 if (hostapd_ctrl_iface_hs20_deauth_req(hapd, buf + 16))
4144 reply_len = -1;
4145 #endif /* CONFIG_HS20 */
4146 #ifdef CONFIG_WNM_AP
4147 } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
4148 if (hostapd_ctrl_iface_disassoc_imminent(hapd, buf + 18))
4149 reply_len = -1;
4150 } else if (os_strncmp(buf, "ESS_DISASSOC ", 13) == 0) {
4151 if (hostapd_ctrl_iface_ess_disassoc(hapd, buf + 13))
4152 reply_len = -1;
4153 } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
4154 if (hostapd_ctrl_iface_bss_tm_req(hapd, buf + 11))
4155 reply_len = -1;
4156 } else if (os_strncmp(buf, "COLOC_INTF_REQ ", 15) == 0) {
4157 if (hostapd_ctrl_iface_coloc_intf_req(hapd, buf + 15))
4158 reply_len = -1;
4159 #endif /* CONFIG_WNM_AP */
4160 } else if (os_strcmp(buf, "GET_CONFIG") == 0) {
4161 reply_len = hostapd_ctrl_iface_get_config(hapd, reply,
4162 reply_size);
4163 } else if (os_strncmp(buf, "SET ", 4) == 0) {
4164 if (hostapd_ctrl_iface_set(hapd, buf + 4))
4165 reply_len = -1;
4166 } else if (os_strncmp(buf, "GET ", 4) == 0) {
4167 reply_len = hostapd_ctrl_iface_get(hapd, buf + 4, reply,
4168 reply_size);
4169 } else if (os_strcmp(buf, "ENABLE") == 0) {
4170 if (hostapd_ctrl_iface_enable(hapd->iface))
4171 reply_len = -1;
4172 } else if (os_strcmp(buf, "RELOAD_WPA_PSK") == 0) {
4173 if (hostapd_ctrl_iface_reload_wpa_psk(hapd))
4174 reply_len = -1;
4175 #ifdef CONFIG_IEEE80211R_AP
4176 } else if (os_strcmp(buf, "GET_RXKHS") == 0) {
4177 reply_len = hostapd_ctrl_iface_get_rxkhs(hapd, reply,
4178 reply_size);
4179 } else if (os_strcmp(buf, "RELOAD_RXKHS") == 0) {
4180 if (hostapd_ctrl_iface_reload_rxkhs(hapd))
4181 reply_len = -1;
4182 #endif /* CONFIG_IEEE80211R_AP */
4183 } else if (os_strcmp(buf, "RELOAD_BSS") == 0) {
4184 if (hostapd_ctrl_iface_reload_bss(hapd))
4185 reply_len = -1;
4186 } else if (os_strcmp(buf, "RELOAD_CONFIG") == 0) {
4187 if (hostapd_reload_config(hapd->iface))
4188 reply_len = -1;
4189 } else if (os_strcmp(buf, "RELOAD") == 0) {
4190 if (hostapd_ctrl_iface_reload(hapd->iface))
4191 reply_len = -1;
4192 } else if (os_strcmp(buf, "DISABLE") == 0) {
4193 if (hostapd_ctrl_iface_disable(hapd->iface))
4194 reply_len = -1;
4195 } else if (os_strcmp(buf, "UPDATE_BEACON") == 0) {
4196 if (ieee802_11_set_beacon(hapd))
4197 reply_len = -1;
4198 #ifdef CONFIG_TESTING_OPTIONS
4199 } else if (os_strncmp(buf, "RADAR ", 6) == 0) {
4200 if (hostapd_ctrl_iface_radar(hapd, buf + 6))
4201 reply_len = -1;
4202 } else if (os_strncmp(buf, "MGMT_TX ", 8) == 0) {
4203 if (hostapd_ctrl_iface_mgmt_tx(hapd, buf + 8))
4204 reply_len = -1;
4205 } else if (os_strncmp(buf, "MGMT_TX_STATUS_PROCESS ", 23) == 0) {
4206 if (hostapd_ctrl_iface_mgmt_tx_status_process(hapd,
4207 buf + 23) < 0)
4208 reply_len = -1;
4209 } else if (os_strncmp(buf, "MGMT_RX_PROCESS ", 16) == 0) {
4210 if (hostapd_ctrl_iface_mgmt_rx_process(hapd, buf + 16) < 0)
4211 reply_len = -1;
4212 } else if (os_strncmp(buf, "EAPOL_RX ", 9) == 0) {
4213 if (hostapd_ctrl_iface_eapol_rx(hapd, buf + 9) < 0)
4214 reply_len = -1;
4215 } else if (os_strncmp(buf, "EAPOL_TX ", 9) == 0) {
4216 if (hostapd_ctrl_iface_eapol_tx(hapd, buf + 9) < 0)
4217 reply_len = -1;
4218 } else if (os_strncmp(buf, "DATA_TEST_CONFIG ", 17) == 0) {
4219 if (hostapd_ctrl_iface_data_test_config(hapd, buf + 17) < 0)
4220 reply_len = -1;
4221 } else if (os_strncmp(buf, "DATA_TEST_TX ", 13) == 0) {
4222 if (hostapd_ctrl_iface_data_test_tx(hapd, buf + 13) < 0)
4223 reply_len = -1;
4224 } else if (os_strncmp(buf, "DATA_TEST_FRAME ", 16) == 0) {
4225 if (hostapd_ctrl_iface_data_test_frame(hapd, buf + 16) < 0)
4226 reply_len = -1;
4227 } else if (os_strncmp(buf, "TEST_ALLOC_FAIL ", 16) == 0) {
4228 if (testing_set_fail_pattern(true, buf + 16) < 0)
4229 reply_len = -1;
4230 } else if (os_strcmp(buf, "GET_ALLOC_FAIL") == 0) {
4231 reply_len = testing_get_fail_pattern(true, reply, reply_size);
4232 } else if (os_strncmp(buf, "TEST_FAIL ", 10) == 0) {
4233 if (testing_set_fail_pattern(false, buf + 10) < 0)
4234 reply_len = -1;
4235 } else if (os_strcmp(buf, "GET_FAIL") == 0) {
4236 reply_len = testing_get_fail_pattern(false, reply, reply_size);
4237 } else if (os_strncmp(buf, "RESET_PN ", 9) == 0) {
4238 if (hostapd_ctrl_reset_pn(hapd, buf + 9) < 0)
4239 reply_len = -1;
4240 } else if (os_strncmp(buf, "SET_KEY ", 8) == 0) {
4241 if (hostapd_ctrl_set_key(hapd, buf + 8) < 0)
4242 reply_len = -1;
4243 } else if (os_strncmp(buf, "RESEND_M1 ", 10) == 0) {
4244 if (hostapd_ctrl_resend_m1(hapd, buf + 10) < 0)
4245 reply_len = -1;
4246 } else if (os_strncmp(buf, "RESEND_M3 ", 10) == 0) {
4247 if (hostapd_ctrl_resend_m3(hapd, buf + 10) < 0)
4248 reply_len = -1;
4249 } else if (os_strncmp(buf, "RESEND_GROUP_M1 ", 16) == 0) {
4250 if (hostapd_ctrl_resend_group_m1(hapd, buf + 16) < 0)
4251 reply_len = -1;
4252 } else if (os_strncmp(buf, "REKEY_PTK ", 10) == 0) {
4253 if (hostapd_ctrl_rekey_ptk(hapd, buf + 10) < 0)
4254 reply_len = -1;
4255 } else if (os_strcmp(buf, "REKEY_GTK") == 0) {
4256 if (wpa_auth_rekey_gtk(hapd->wpa_auth) < 0)
4257 reply_len = -1;
4258 } else if (os_strncmp(buf, "GET_PMK ", 8) == 0) {
4259 reply_len = hostapd_ctrl_get_pmk(hapd, buf + 8, reply,
4260 reply_size);
4261 } else if (os_strncmp(buf, "REGISTER_FRAME ", 15) == 0) {
4262 if (hostapd_ctrl_register_frame(hapd, buf + 16) < 0)
4263 reply_len = -1;
4264 #endif /* CONFIG_TESTING_OPTIONS */
4265 } else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) {
4266 if (hostapd_ctrl_iface_chan_switch(hapd->iface, buf + 12))
4267 reply_len = -1;
4268 #ifdef CONFIG_IEEE80211AX
4269 } else if (os_strncmp(buf, "COLOR_CHANGE ", 13) == 0) {
4270 if (hostapd_ctrl_iface_color_change(hapd->iface, buf + 13))
4271 reply_len = -1;
4272 #endif /* CONFIG_IEEE80211AX */
4273 } else if (os_strncmp(buf, "NOTIFY_CW_CHANGE ", 17) == 0) {
4274 if (hostapd_ctrl_iface_notify_cw_change(hapd, buf + 17))
4275 reply_len = -1;
4276 } else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
4277 reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
4278 reply_size);
4279 } else if (os_strcmp(buf, "ERP_FLUSH") == 0) {
4280 ieee802_1x_erp_flush(hapd);
4281 #ifdef RADIUS_SERVER
4282 radius_server_erp_flush(hapd->radius_srv);
4283 #endif /* RADIUS_SERVER */
4284 } else if (os_strncmp(buf, "EAPOL_REAUTH ", 13) == 0) {
4285 if (hostapd_ctrl_iface_eapol_reauth(hapd, buf + 13))
4286 reply_len = -1;
4287 } else if (os_strncmp(buf, "EAPOL_SET ", 10) == 0) {
4288 if (hostapd_ctrl_iface_eapol_set(hapd, buf + 10))
4289 reply_len = -1;
4290 } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) {
4291 reply_len = hostapd_ctrl_iface_log_level(
4292 hapd, buf + 9, reply, reply_size);
4293 #ifdef NEED_AP_MLME
4294 } else if (os_strcmp(buf, "TRACK_STA_LIST") == 0) {
4295 reply_len = hostapd_ctrl_iface_track_sta_list(
4296 hapd, reply, reply_size);
4297 #endif /* NEED_AP_MLME */
4298 } else if (os_strcmp(buf, "PMKSA") == 0) {
4299 reply_len = hostapd_ctrl_iface_pmksa_list(hapd, reply,
4300 reply_size);
4301 } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) {
4302 hostapd_ctrl_iface_pmksa_flush(hapd);
4303 } else if (os_strncmp(buf, "PMKSA_ADD ", 10) == 0) {
4304 if (hostapd_ctrl_iface_pmksa_add(hapd, buf + 10) < 0)
4305 reply_len = -1;
4306 } else if (os_strncmp(buf, "SET_NEIGHBOR ", 13) == 0) {
4307 if (hostapd_ctrl_iface_set_neighbor(hapd, buf + 13))
4308 reply_len = -1;
4309 } else if (os_strcmp(buf, "SHOW_NEIGHBOR") == 0) {
4310 reply_len = hostapd_ctrl_iface_show_neighbor(hapd, reply,
4311 reply_size);
4312 } else if (os_strncmp(buf, "REMOVE_NEIGHBOR ", 16) == 0) {
4313 if (hostapd_ctrl_iface_remove_neighbor(hapd, buf + 16))
4314 reply_len = -1;
4315 } else if (os_strncmp(buf, "REQ_LCI ", 8) == 0) {
4316 if (hostapd_ctrl_iface_req_lci(hapd, buf + 8))
4317 reply_len = -1;
4318 } else if (os_strncmp(buf, "REQ_RANGE ", 10) == 0) {
4319 if (hostapd_ctrl_iface_req_range(hapd, buf + 10))
4320 reply_len = -1;
4321 } else if (os_strncmp(buf, "REQ_BEACON ", 11) == 0) {
4322 reply_len = hostapd_ctrl_iface_req_beacon(hapd, buf + 11,
4323 reply, reply_size);
4324 } else if (os_strncmp(buf, "REQ_LINK_MEASUREMENT ", 21) == 0) {
4325 reply_len = hostapd_ctrl_iface_req_link_measurement(
4326 hapd, buf + 21, reply, reply_size);
4327 } else if (os_strcmp(buf, "DRIVER_FLAGS") == 0) {
4328 reply_len = hostapd_ctrl_driver_flags(hapd->iface, reply,
4329 reply_size);
4330 } else if (os_strcmp(buf, "DRIVER_FLAGS2") == 0) {
4331 reply_len = hostapd_ctrl_driver_flags2(hapd->iface, reply,
4332 reply_size);
4333 } else if (os_strcmp(buf, "TERMINATE") == 0) {
4334 eloop_terminate();
4335 } else if (os_strncmp(buf, "ACCEPT_ACL ", 11) == 0) {
4336 if (os_strncmp(buf + 11, "ADD_MAC ", 8) == 0) {
4337 if (hostapd_ctrl_iface_acl_add_mac(
4338 &hapd->conf->accept_mac,
4339 &hapd->conf->num_accept_mac, buf + 19) ||
4340 hostapd_set_acl(hapd))
4341 reply_len = -1;
4342 } else if (os_strncmp((buf + 11), "DEL_MAC ", 8) == 0) {
4343 if (hostapd_ctrl_iface_acl_del_mac(
4344 &hapd->conf->accept_mac,
4345 &hapd->conf->num_accept_mac, buf + 19) ||
4346 hostapd_set_acl(hapd) ||
4347 hostapd_disassoc_accept_mac(hapd))
4348 reply_len = -1;
4349 } else if (os_strcmp(buf + 11, "SHOW") == 0) {
4350 reply_len = hostapd_ctrl_iface_acl_show_mac(
4351 hapd->conf->accept_mac,
4352 hapd->conf->num_accept_mac, reply, reply_size);
4353 } else if (os_strcmp(buf + 11, "CLEAR") == 0) {
4354 hostapd_ctrl_iface_acl_clear_list(
4355 &hapd->conf->accept_mac,
4356 &hapd->conf->num_accept_mac);
4357 if (hostapd_set_acl(hapd) ||
4358 hostapd_disassoc_accept_mac(hapd))
4359 reply_len = -1;
4360 } else {
4361 reply_len = -1;
4362 }
4363 } else if (os_strncmp(buf, "DENY_ACL ", 9) == 0) {
4364 if (os_strncmp(buf + 9, "ADD_MAC ", 8) == 0) {
4365 if (hostapd_ctrl_iface_acl_add_mac(
4366 &hapd->conf->deny_mac,
4367 &hapd->conf->num_deny_mac, buf + 17) ||
4368 hostapd_set_acl(hapd) ||
4369 hostapd_disassoc_deny_mac(hapd))
4370 reply_len = -1;
4371 } else if (os_strncmp(buf + 9, "DEL_MAC ", 8) == 0) {
4372 if (hostapd_ctrl_iface_acl_del_mac(
4373 &hapd->conf->deny_mac,
4374 &hapd->conf->num_deny_mac, buf + 17) ||
4375 hostapd_set_acl(hapd))
4376 reply_len = -1;
4377 } else if (os_strcmp(buf + 9, "SHOW") == 0) {
4378 reply_len = hostapd_ctrl_iface_acl_show_mac(
4379 hapd->conf->deny_mac,
4380 hapd->conf->num_deny_mac, reply, reply_size);
4381 } else if (os_strcmp(buf + 9, "CLEAR") == 0) {
4382 hostapd_ctrl_iface_acl_clear_list(
4383 &hapd->conf->deny_mac,
4384 &hapd->conf->num_deny_mac);
4385 if (hostapd_set_acl(hapd))
4386 reply_len = -1;
4387 } else {
4388 reply_len = -1;
4389 }
4390 #ifdef CONFIG_DPP
4391 } else if (os_strncmp(buf, "DPP_QR_CODE ", 12) == 0) {
4392 res = hostapd_dpp_qr_code(hapd, buf + 12);
4393 if (res < 0) {
4394 reply_len = -1;
4395 } else {
4396 reply_len = os_snprintf(reply, reply_size, "%d", res);
4397 if (os_snprintf_error(reply_size, reply_len))
4398 reply_len = -1;
4399 }
4400 } else if (os_strncmp(buf, "DPP_NFC_URI ", 12) == 0) {
4401 res = hostapd_dpp_nfc_uri(hapd, buf + 12);
4402 if (res < 0) {
4403 reply_len = -1;
4404 } else {
4405 reply_len = os_snprintf(reply, reply_size, "%d", res);
4406 if (os_snprintf_error(reply_size, reply_len))
4407 reply_len = -1;
4408 }
4409 } else if (os_strncmp(buf, "DPP_NFC_HANDOVER_REQ ", 21) == 0) {
4410 res = hostapd_dpp_nfc_handover_req(hapd, buf + 20);
4411 if (res < 0) {
4412 reply_len = -1;
4413 } else {
4414 reply_len = os_snprintf(reply, reply_size, "%d", res);
4415 if (os_snprintf_error(reply_size, reply_len))
4416 reply_len = -1;
4417 }
4418 } else if (os_strncmp(buf, "DPP_NFC_HANDOVER_SEL ", 21) == 0) {
4419 res = hostapd_dpp_nfc_handover_sel(hapd, buf + 20);
4420 if (res < 0) {
4421 reply_len = -1;
4422 } else {
4423 reply_len = os_snprintf(reply, reply_size, "%d", res);
4424 if (os_snprintf_error(reply_size, reply_len))
4425 reply_len = -1;
4426 }
4427 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GEN ", 18) == 0) {
4428 res = dpp_bootstrap_gen(hapd->iface->interfaces->dpp, buf + 18);
4429 if (res < 0) {
4430 reply_len = -1;
4431 } else {
4432 reply_len = os_snprintf(reply, reply_size, "%d", res);
4433 if (os_snprintf_error(reply_size, reply_len))
4434 reply_len = -1;
4435 }
4436 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_REMOVE ", 21) == 0) {
4437 if (dpp_bootstrap_remove(hapd->iface->interfaces->dpp,
4438 buf + 21) < 0)
4439 reply_len = -1;
4440 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GET_URI ", 22) == 0) {
4441 const char *uri;
4442
4443 uri = dpp_bootstrap_get_uri(hapd->iface->interfaces->dpp,
4444 atoi(buf + 22));
4445 if (!uri) {
4446 reply_len = -1;
4447 } else {
4448 reply_len = os_snprintf(reply, reply_size, "%s", uri);
4449 if (os_snprintf_error(reply_size, reply_len))
4450 reply_len = -1;
4451 }
4452 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_INFO ", 19) == 0) {
4453 reply_len = dpp_bootstrap_info(hapd->iface->interfaces->dpp,
4454 atoi(buf + 19),
4455 reply, reply_size);
4456 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_SET ", 18) == 0) {
4457 if (dpp_bootstrap_set(hapd->iface->interfaces->dpp,
4458 atoi(buf + 18),
4459 os_strchr(buf + 18, ' ')) < 0)
4460 reply_len = -1;
4461 } else if (os_strncmp(buf, "DPP_AUTH_INIT ", 14) == 0) {
4462 if (hostapd_dpp_auth_init(hapd, buf + 13) < 0)
4463 reply_len = -1;
4464 } else if (os_strncmp(buf, "DPP_LISTEN ", 11) == 0) {
4465 if (hostapd_dpp_listen(hapd, buf + 11) < 0)
4466 reply_len = -1;
4467 } else if (os_strcmp(buf, "DPP_STOP_LISTEN") == 0) {
4468 hostapd_dpp_stop(hapd);
4469 hostapd_dpp_listen_stop(hapd);
4470 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_ADD", 20) == 0) {
4471 res = dpp_configurator_add(hapd->iface->interfaces->dpp,
4472 buf + 20);
4473 if (res < 0) {
4474 reply_len = -1;
4475 } else {
4476 reply_len = os_snprintf(reply, reply_size, "%d", res);
4477 if (os_snprintf_error(reply_size, reply_len))
4478 reply_len = -1;
4479 }
4480 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SET ", 21) == 0) {
4481 if (dpp_configurator_set(hapd->iface->interfaces->dpp,
4482 buf + 20) < 0)
4483 reply_len = -1;
4484 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_REMOVE ", 24) == 0) {
4485 if (dpp_configurator_remove(hapd->iface->interfaces->dpp,
4486 buf + 24) < 0)
4487 reply_len = -1;
4488 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) {
4489 if (hostapd_dpp_configurator_sign(hapd, buf + 21) < 0)
4490 reply_len = -1;
4491 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) {
4492 reply_len = dpp_configurator_get_key_id(
4493 hapd->iface->interfaces->dpp,
4494 atoi(buf + 25),
4495 reply, reply_size);
4496 } else if (os_strncmp(buf, "DPP_PKEX_ADD ", 13) == 0) {
4497 res = hostapd_dpp_pkex_add(hapd, buf + 12);
4498 if (res < 0) {
4499 reply_len = -1;
4500 } else {
4501 reply_len = os_snprintf(reply, reply_size, "%d", res);
4502 if (os_snprintf_error(reply_size, reply_len))
4503 reply_len = -1;
4504 }
4505 } else if (os_strncmp(buf, "DPP_PKEX_REMOVE ", 16) == 0) {
4506 if (hostapd_dpp_pkex_remove(hapd, buf + 16) < 0)
4507 reply_len = -1;
4508 #ifdef CONFIG_DPP2
4509 } else if (os_strncmp(buf, "DPP_CONTROLLER_START ", 21) == 0) {
4510 if (hostapd_dpp_controller_start(hapd, buf + 20) < 0)
4511 reply_len = -1;
4512 } else if (os_strcmp(buf, "DPP_CONTROLLER_START") == 0) {
4513 if (hostapd_dpp_controller_start(hapd, NULL) < 0)
4514 reply_len = -1;
4515 } else if (os_strcmp(buf, "DPP_CONTROLLER_STOP") == 0) {
4516 dpp_controller_stop(hapd->iface->interfaces->dpp);
4517 } else if (os_strncmp(buf, "DPP_CHIRP ", 10) == 0) {
4518 if (hostapd_dpp_chirp(hapd, buf + 9) < 0)
4519 reply_len = -1;
4520 } else if (os_strcmp(buf, "DPP_STOP_CHIRP") == 0) {
4521 hostapd_dpp_chirp_stop(hapd);
4522 } else if (os_strncmp(buf, "DPP_RELAY_ADD_CONTROLLER ", 25) == 0) {
4523 if (hostapd_dpp_add_controller(hapd, buf + 25) < 0)
4524 reply_len = -1;
4525 } else if (os_strncmp(buf, "DPP_RELAY_REMOVE_CONTROLLER ", 28) == 0) {
4526 hostapd_dpp_remove_controller(hapd, buf + 28);
4527 #endif /* CONFIG_DPP2 */
4528 #ifdef CONFIG_DPP3
4529 } else if (os_strcmp(buf, "DPP_PUSH_BUTTON") == 0) {
4530 if (hostapd_dpp_push_button(hapd, NULL) < 0)
4531 reply_len = -1;
4532 } else if (os_strncmp(buf, "DPP_PUSH_BUTTON ", 16) == 0) {
4533 if (hostapd_dpp_push_button(hapd, buf + 15) < 0)
4534 reply_len = -1;
4535 #endif /* CONFIG_DPP3 */
4536 #endif /* CONFIG_DPP */
4537 #ifdef CONFIG_NAN_USD
4538 } else if (os_strncmp(buf, "NAN_PUBLISH ", 12) == 0) {
4539 reply_len = hostapd_ctrl_nan_publish(hapd, buf + 12, reply,
4540 reply_size);
4541 } else if (os_strncmp(buf, "NAN_CANCEL_PUBLISH ", 19) == 0) {
4542 if (hostapd_ctrl_nan_cancel_publish(hapd, buf + 19) < 0)
4543 reply_len = -1;
4544 } else if (os_strncmp(buf, "NAN_UPDATE_PUBLISH ", 19) == 0) {
4545 if (hostapd_ctrl_nan_update_publish(hapd, buf + 19) < 0)
4546 reply_len = -1;
4547 } else if (os_strncmp(buf, "NAN_SUBSCRIBE ", 14) == 0) {
4548 reply_len = hostapd_ctrl_nan_subscribe(hapd, buf + 14, reply,
4549 reply_size);
4550 } else if (os_strncmp(buf, "NAN_CANCEL_SUBSCRIBE ", 21) == 0) {
4551 if (hostapd_ctrl_nan_cancel_subscribe(hapd, buf + 21) < 0)
4552 reply_len = -1;
4553 } else if (os_strncmp(buf, "NAN_TRANSMIT ", 13) == 0) {
4554 if (hostapd_ctrl_nan_transmit(hapd, buf + 13) < 0)
4555 reply_len = -1;
4556 #endif /* CONFIG_NAN_USD */
4557 #ifdef RADIUS_SERVER
4558 } else if (os_strncmp(buf, "DAC_REQUEST ", 12) == 0) {
4559 if (radius_server_dac_request(hapd->radius_srv, buf + 12) < 0)
4560 reply_len = -1;
4561 #endif /* RADIUS_SERVER */
4562 } else if (os_strncmp(buf, "GET_CAPABILITY ", 15) == 0) {
4563 reply_len = hostapd_ctrl_iface_get_capability(
4564 hapd, buf + 15, reply, reply_size);
4565 #ifdef CONFIG_PASN
4566 } else if (os_strcmp(buf, "PTKSA_CACHE_LIST") == 0) {
4567 reply_len = ptksa_cache_list(hapd->ptksa, reply, reply_size);
4568 #endif /* CONFIG_PASN */
4569 #ifdef ANDROID
4570 } else if (os_strncmp(buf, "DRIVER ", 7) == 0) {
4571 reply_len = hostapd_ctrl_iface_driver_cmd(hapd, buf + 7, reply,
4572 reply_size);
4573 #endif /* ANDROID */
4574 #ifdef CONFIG_IEEE80211BE
4575 } else if (os_strcmp(buf, "ENABLE_MLD") == 0) {
4576 if (hostapd_ctrl_iface_enable_mld(hapd->iface))
4577 reply_len = -1;
4578 } else if (os_strcmp(buf, "DISABLE_MLD") == 0) {
4579 if (hostapd_ctrl_iface_disable_mld(hapd->iface))
4580 reply_len = -1;
4581 #ifdef CONFIG_TESTING_OPTIONS
4582 } else if (os_strncmp(buf, "LINK_REMOVE ", 12) == 0) {
4583 if (hostapd_ctrl_iface_link_remove(hapd, buf + 12,
4584 reply, reply_size))
4585 reply_len = -1;
4586 #endif /* CONFIG_TESTING_OPTIONS */
4587 #endif /* CONFIG_IEEE80211BE */
4588 } else {
4589 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
4590 reply_len = 16;
4591 }
4592
4593 if (reply_len < 0) {
4594 os_memcpy(reply, "FAIL\n", 5);
4595 reply_len = 5;
4596 }
4597
4598 return reply_len;
4599 }
4600
4601
hostapd_ctrl_iface_receive(int sock,void * eloop_ctx,void * sock_ctx)4602 static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
4603 void *sock_ctx)
4604 {
4605 struct hostapd_data *hapd = eloop_ctx;
4606 char buf[4096];
4607 int res;
4608 struct sockaddr_storage from;
4609 socklen_t fromlen = sizeof(from);
4610 char *reply, *pos = buf;
4611 const int reply_size = 4096;
4612 int reply_len;
4613 int level = MSG_DEBUG;
4614 #ifdef CONFIG_CTRL_IFACE_UDP
4615 unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
4616 #endif /* CONFIG_CTRL_IFACE_UDP */
4617
4618 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
4619 (struct sockaddr *) &from, &fromlen);
4620 if (res < 0) {
4621 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
4622 strerror(errno));
4623 return;
4624 }
4625 buf[res] = '\0';
4626
4627 reply = os_malloc(reply_size);
4628 if (reply == NULL) {
4629 if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
4630 fromlen) < 0) {
4631 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
4632 strerror(errno));
4633 }
4634 return;
4635 }
4636
4637 #ifdef CONFIG_CTRL_IFACE_UDP
4638 if (os_strcmp(buf, "GET_COOKIE") == 0) {
4639 os_memcpy(reply, "COOKIE=", 7);
4640 wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1,
4641 hapd->ctrl_iface_cookie,
4642 CTRL_IFACE_COOKIE_LEN);
4643 reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN;
4644 goto done;
4645 }
4646
4647 if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
4648 hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) {
4649 wpa_printf(MSG_DEBUG,
4650 "CTRL: No cookie in the request - drop request");
4651 os_free(reply);
4652 return;
4653 }
4654
4655 if (os_memcmp(hapd->ctrl_iface_cookie, lcookie,
4656 CTRL_IFACE_COOKIE_LEN) != 0) {
4657 wpa_printf(MSG_DEBUG,
4658 "CTRL: Invalid cookie in the request - drop request");
4659 os_free(reply);
4660 return;
4661 }
4662
4663 pos = buf + 7 + 2 * CTRL_IFACE_COOKIE_LEN;
4664 while (*pos == ' ')
4665 pos++;
4666 #endif /* CONFIG_CTRL_IFACE_UDP */
4667
4668 if (os_strcmp(pos, "PING") == 0)
4669 level = MSG_EXCESSIVE;
4670 wpa_hexdump_ascii(level, "RX ctrl_iface", pos, res);
4671
4672 reply_len = hostapd_ctrl_iface_receive_process(hapd, pos,
4673 reply, reply_size,
4674 &from, fromlen);
4675
4676 #ifdef CONFIG_CTRL_IFACE_UDP
4677 done:
4678 #endif /* CONFIG_CTRL_IFACE_UDP */
4679 if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
4680 fromlen) < 0) {
4681 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
4682 strerror(errno));
4683 }
4684 os_free(reply);
4685 }
4686
4687
4688 #ifndef CONFIG_CTRL_IFACE_UDP
hostapd_ctrl_iface_path(struct hostapd_data * hapd)4689 static char * hostapd_ctrl_iface_path(struct hostapd_data *hapd)
4690 {
4691 char *buf;
4692 size_t len;
4693
4694 if (hapd->conf->ctrl_interface == NULL)
4695 return NULL;
4696
4697 len = os_strlen(hapd->conf->ctrl_interface) +
4698 os_strlen(hapd->conf->iface) + 2;
4699 buf = os_malloc(len);
4700 if (buf == NULL)
4701 return NULL;
4702
4703 os_snprintf(buf, len, "%s/%s",
4704 hapd->conf->ctrl_interface, hapd->conf->iface);
4705 buf[len - 1] = '\0';
4706 return buf;
4707 }
4708 #endif /* CONFIG_CTRL_IFACE_UDP */
4709
4710
hostapd_ctrl_iface_msg_cb(void * ctx,int level,enum wpa_msg_type type,const char * txt,size_t len)4711 static void hostapd_ctrl_iface_msg_cb(void *ctx, int level,
4712 enum wpa_msg_type type,
4713 const char *txt, size_t len)
4714 {
4715 #ifdef CONFIG_LIBWPA_VENDOR
4716 return;
4717 #endif
4718 struct hostapd_data *hapd = ctx;
4719 if (hapd == NULL)
4720 return;
4721 hostapd_ctrl_iface_send(hapd, level, type, txt, len);
4722 }
4723
4724
hostapd_ctrl_iface_init(struct hostapd_data * hapd)4725 int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
4726 {
4727 #ifdef CONFIG_CTRL_IFACE_UDP
4728 int port = HOSTAPD_CTRL_IFACE_PORT;
4729 char p[32] = { 0 };
4730 char port_str[40], *tmp;
4731 char *pos;
4732 struct addrinfo hints = { 0 }, *res, *saveres;
4733 int n;
4734
4735 if (hapd->ctrl_sock > -1) {
4736 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
4737 return 0;
4738 }
4739
4740 if (hapd->conf->ctrl_interface == NULL)
4741 return 0;
4742
4743 pos = os_strstr(hapd->conf->ctrl_interface, "udp:");
4744 if (pos) {
4745 pos += 4;
4746 port = atoi(pos);
4747 if (port <= 0) {
4748 wpa_printf(MSG_ERROR, "Invalid ctrl_iface UDP port");
4749 goto fail;
4750 }
4751 }
4752
4753 dl_list_init(&hapd->ctrl_dst);
4754 hapd->ctrl_sock = -1;
4755 os_get_random(hapd->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN);
4756
4757 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
4758 hints.ai_flags = AI_PASSIVE;
4759 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
4760
4761 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
4762 hints.ai_family = AF_INET6;
4763 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
4764 hints.ai_family = AF_INET;
4765 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
4766 hints.ai_socktype = SOCK_DGRAM;
4767
4768 try_again:
4769 os_snprintf(p, sizeof(p), "%d", port);
4770 n = getaddrinfo(NULL, p, &hints, &res);
4771 if (n) {
4772 wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
4773 goto fail;
4774 }
4775
4776 saveres = res;
4777 hapd->ctrl_sock = socket(res->ai_family, res->ai_socktype,
4778 res->ai_protocol);
4779 if (hapd->ctrl_sock < 0) {
4780 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
4781 goto fail;
4782 }
4783
4784 if (bind(hapd->ctrl_sock, res->ai_addr, res->ai_addrlen) < 0) {
4785 port--;
4786 if ((HOSTAPD_CTRL_IFACE_PORT - port) <
4787 HOSTAPD_CTRL_IFACE_PORT_LIMIT && !pos)
4788 goto try_again;
4789 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
4790 goto fail;
4791 }
4792
4793 freeaddrinfo(saveres);
4794
4795 os_snprintf(port_str, sizeof(port_str), "udp:%d", port);
4796 tmp = os_strdup(port_str);
4797 if (tmp) {
4798 os_free(hapd->conf->ctrl_interface);
4799 hapd->conf->ctrl_interface = tmp;
4800 }
4801 wpa_printf(MSG_DEBUG, "ctrl_iface_init UDP port: %d", port);
4802
4803 if (eloop_register_read_sock(hapd->ctrl_sock,
4804 hostapd_ctrl_iface_receive, hapd, NULL) <
4805 0) {
4806 hostapd_ctrl_iface_deinit(hapd);
4807 return -1;
4808 }
4809
4810 hapd->msg_ctx = hapd;
4811 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4812
4813 return 0;
4814
4815 fail:
4816 if (hapd->ctrl_sock >= 0)
4817 close(hapd->ctrl_sock);
4818 return -1;
4819 #else /* CONFIG_CTRL_IFACE_UDP */
4820 struct sockaddr_un addr;
4821 int s = -1;
4822 char *fname = NULL;
4823
4824 if (hapd->ctrl_sock > -1) {
4825 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
4826 return 0;
4827 }
4828
4829 dl_list_init(&hapd->ctrl_dst);
4830
4831 if (hapd->conf->ctrl_interface == NULL)
4832 return 0;
4833
4834 if (mkdir(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
4835 if (errno == EEXIST) {
4836 wpa_printf(MSG_DEBUG, "Using existing control "
4837 "interface directory.");
4838 } else {
4839 wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
4840 strerror(errno));
4841 goto fail;
4842 }
4843 }
4844
4845 if (hapd->conf->ctrl_interface_gid_set &&
4846 lchown(hapd->conf->ctrl_interface, -1,
4847 hapd->conf->ctrl_interface_gid) < 0) {
4848 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
4849 strerror(errno));
4850 return -1;
4851 }
4852
4853 if (!hapd->conf->ctrl_interface_gid_set &&
4854 hapd->iface->interfaces->ctrl_iface_group &&
4855 lchown(hapd->conf->ctrl_interface, -1,
4856 hapd->iface->interfaces->ctrl_iface_group) < 0) {
4857 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
4858 strerror(errno));
4859 return -1;
4860 }
4861
4862 #ifdef ANDROID
4863 /*
4864 * Android is using umask 0077 which would leave the control interface
4865 * directory without group access. This breaks things since Wi-Fi
4866 * framework assumes that this directory can be accessed by other
4867 * applications in the wifi group. Fix this by adding group access even
4868 * if umask value would prevent this.
4869 */
4870 if (chmod(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
4871 wpa_printf(MSG_ERROR, "CTRL: Could not chmod directory: %s",
4872 strerror(errno));
4873 /* Try to continue anyway */
4874 }
4875 #endif /* ANDROID */
4876
4877 if (os_strlen(hapd->conf->ctrl_interface) + 1 +
4878 os_strlen(hapd->conf->iface) >= sizeof(addr.sun_path))
4879 goto fail;
4880
4881 s = socket(PF_UNIX, SOCK_DGRAM, 0);
4882 if (s < 0) {
4883 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
4884 goto fail;
4885 }
4886
4887 os_memset(&addr, 0, sizeof(addr));
4888 #ifdef __FreeBSD__
4889 addr.sun_len = sizeof(addr);
4890 #endif /* __FreeBSD__ */
4891 addr.sun_family = AF_UNIX;
4892 fname = hostapd_ctrl_iface_path(hapd);
4893 if (fname == NULL)
4894 goto fail;
4895 os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
4896 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
4897 wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
4898 strerror(errno));
4899 if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
4900 wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
4901 " allow connections - assuming it was left"
4902 "over from forced program termination");
4903 if (unlink(fname) < 0) {
4904 wpa_printf(MSG_ERROR,
4905 "Could not unlink existing ctrl_iface socket '%s': %s",
4906 fname, strerror(errno));
4907 goto fail;
4908 }
4909 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
4910 0) {
4911 wpa_printf(MSG_ERROR,
4912 "hostapd-ctrl-iface: bind(PF_UNIX): %s",
4913 strerror(errno));
4914 goto fail;
4915 }
4916 wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
4917 "ctrl_iface socket '%s'", fname);
4918 } else {
4919 wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
4920 "be in use - cannot override it");
4921 wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
4922 "not used anymore", fname);
4923 os_free(fname);
4924 fname = NULL;
4925 goto fail;
4926 }
4927 }
4928
4929 if (hapd->conf->ctrl_interface_gid_set &&
4930 lchown(fname, -1, hapd->conf->ctrl_interface_gid) < 0) {
4931 wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
4932 strerror(errno));
4933 goto fail;
4934 }
4935
4936 if (!hapd->conf->ctrl_interface_gid_set &&
4937 hapd->iface->interfaces->ctrl_iface_group &&
4938 lchown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
4939 wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
4940 strerror(errno));
4941 goto fail;
4942 }
4943
4944 if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
4945 wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
4946 strerror(errno));
4947 goto fail;
4948 }
4949 os_free(fname);
4950
4951 hapd->ctrl_sock = s;
4952 if (eloop_register_read_sock(s, hostapd_ctrl_iface_receive, hapd,
4953 NULL) < 0) {
4954 hostapd_ctrl_iface_deinit(hapd);
4955 return -1;
4956 }
4957 hapd->msg_ctx = hapd;
4958 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4959
4960 return 0;
4961
4962 fail:
4963 if (s >= 0)
4964 close(s);
4965 if (fname) {
4966 unlink(fname);
4967 os_free(fname);
4968 }
4969 return -1;
4970 #endif /* CONFIG_CTRL_IFACE_UDP */
4971 }
4972
4973
hostapd_ctrl_iface_deinit(struct hostapd_data * hapd)4974 void hostapd_ctrl_iface_deinit(struct hostapd_data *hapd)
4975 {
4976 struct wpa_ctrl_dst *dst, *prev;
4977
4978 if (hapd->ctrl_sock > -1) {
4979 #ifndef CONFIG_CTRL_IFACE_UDP
4980 char *fname;
4981 #endif /* !CONFIG_CTRL_IFACE_UDP */
4982
4983 eloop_unregister_read_sock(hapd->ctrl_sock);
4984 close(hapd->ctrl_sock);
4985 hapd->ctrl_sock = -1;
4986 #ifndef CONFIG_CTRL_IFACE_UDP
4987 fname = hostapd_ctrl_iface_path(hapd);
4988 if (fname)
4989 unlink(fname);
4990 os_free(fname);
4991
4992 if (hapd->conf->ctrl_interface &&
4993 rmdir(hapd->conf->ctrl_interface) < 0) {
4994 if (errno == ENOTEMPTY) {
4995 wpa_printf(MSG_DEBUG, "Control interface "
4996 "directory not empty - leaving it "
4997 "behind");
4998 } else {
4999 wpa_printf(MSG_ERROR,
5000 "rmdir[ctrl_interface=%s]: %s",
5001 hapd->conf->ctrl_interface,
5002 strerror(errno));
5003 }
5004 }
5005 #endif /* !CONFIG_CTRL_IFACE_UDP */
5006 }
5007
5008 dl_list_for_each_safe(dst, prev, &hapd->ctrl_dst, struct wpa_ctrl_dst,
5009 list)
5010 os_free(dst);
5011
5012 #ifdef CONFIG_TESTING_OPTIONS
5013 l2_packet_deinit(hapd->l2_test);
5014 hapd->l2_test = NULL;
5015 #endif /* CONFIG_TESTING_OPTIONS */
5016 }
5017
5018
hostapd_ctrl_iface_add(struct hapd_interfaces * interfaces,char * buf)5019 static int hostapd_ctrl_iface_add(struct hapd_interfaces *interfaces,
5020 char *buf)
5021 {
5022 if (hostapd_add_iface(interfaces, buf) < 0) {
5023 wpa_printf(MSG_ERROR, "Adding interface %s failed", buf);
5024 return -1;
5025 }
5026 return 0;
5027 }
5028
5029
hostapd_ctrl_iface_remove(struct hapd_interfaces * interfaces,char * buf)5030 static int hostapd_ctrl_iface_remove(struct hapd_interfaces *interfaces,
5031 char *buf)
5032 {
5033 if (hostapd_remove_iface(interfaces, buf) < 0) {
5034 wpa_printf(MSG_ERROR, "Removing interface %s failed", buf);
5035 return -1;
5036 }
5037 return 0;
5038 }
5039
5040
hostapd_global_ctrl_iface_attach(struct hapd_interfaces * interfaces,struct sockaddr_storage * from,socklen_t fromlen,char * input)5041 static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces,
5042 struct sockaddr_storage *from,
5043 socklen_t fromlen, char *input)
5044 {
5045 return ctrl_iface_attach(&interfaces->global_ctrl_dst, from, fromlen,
5046 input);
5047 }
5048
5049
hostapd_global_ctrl_iface_detach(struct hapd_interfaces * interfaces,struct sockaddr_storage * from,socklen_t fromlen)5050 static int hostapd_global_ctrl_iface_detach(struct hapd_interfaces *interfaces,
5051 struct sockaddr_storage *from,
5052 socklen_t fromlen)
5053 {
5054 return ctrl_iface_detach(&interfaces->global_ctrl_dst, from, fromlen);
5055 }
5056
5057
hostapd_ctrl_iface_flush(struct hapd_interfaces * interfaces)5058 static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces)
5059 {
5060 #ifdef CONFIG_WPS_TESTING
5061 wps_version_number = 0x20;
5062 wps_testing_stub_cred = 0;
5063 wps_corrupt_pkhash = 0;
5064 #endif /* CONFIG_WPS_TESTING */
5065
5066 #ifdef CONFIG_TESTING_OPTIONS
5067 #ifdef CONFIG_DPP
5068 dpp_test = DPP_TEST_DISABLED;
5069 #ifdef CONFIG_DPP3
5070 dpp_version_override = 3;
5071 #elif defined(CONFIG_DPP2)
5072 dpp_version_override = 2;
5073 #else /* CONFIG_DPP2 */
5074 dpp_version_override = 1;
5075 #endif /* CONFIG_DPP2 */
5076 #endif /* CONFIG_DPP */
5077 #endif /* CONFIG_TESTING_OPTIONS */
5078
5079 #ifdef CONFIG_DPP
5080 dpp_global_clear(interfaces->dpp);
5081 #ifdef CONFIG_DPP3
5082 interfaces->dpp_pb_bi = NULL;
5083 {
5084 int i;
5085
5086 for (i = 0; i < DPP_PB_INFO_COUNT; i++) {
5087 struct dpp_pb_info *info;
5088
5089 info = &interfaces->dpp_pb[i];
5090 info->rx_time.sec = 0;
5091 info->rx_time.usec = 0;
5092 }
5093 }
5094 #endif /* CONFIG_DPP3 */
5095 #endif /* CONFIG_DPP */
5096 }
5097
5098
5099 #ifdef CONFIG_FST
5100
5101 static int
hostapd_global_ctrl_iface_fst_attach(struct hapd_interfaces * interfaces,const char * cmd)5102 hostapd_global_ctrl_iface_fst_attach(struct hapd_interfaces *interfaces,
5103 const char *cmd)
5104 {
5105 char ifname[IFNAMSIZ + 1];
5106 struct fst_iface_cfg cfg;
5107 struct hostapd_data *hapd;
5108 struct fst_wpa_obj iface_obj;
5109
5110 if (!fst_parse_attach_command(cmd, ifname, sizeof(ifname), &cfg)) {
5111 hapd = hostapd_get_iface(interfaces, ifname);
5112 if (hapd) {
5113 if (hapd->iface->fst) {
5114 wpa_printf(MSG_INFO, "FST: Already attached");
5115 return -1;
5116 }
5117 fst_hostapd_fill_iface_obj(hapd, &iface_obj);
5118 hapd->iface->fst = fst_attach(ifname, hapd->own_addr,
5119 &iface_obj, &cfg);
5120 if (hapd->iface->fst)
5121 return 0;
5122 }
5123 }
5124
5125 return -EINVAL;
5126 }
5127
5128
5129 static int
hostapd_global_ctrl_iface_fst_detach(struct hapd_interfaces * interfaces,const char * cmd)5130 hostapd_global_ctrl_iface_fst_detach(struct hapd_interfaces *interfaces,
5131 const char *cmd)
5132 {
5133 char ifname[IFNAMSIZ + 1];
5134 struct hostapd_data * hapd;
5135
5136 if (!fst_parse_detach_command(cmd, ifname, sizeof(ifname))) {
5137 hapd = hostapd_get_iface(interfaces, ifname);
5138 if (hapd) {
5139 if (!fst_iface_detach(ifname)) {
5140 hapd->iface->fst = NULL;
5141 hapd->iface->fst_ies = NULL;
5142 return 0;
5143 }
5144 }
5145 }
5146
5147 return -EINVAL;
5148 }
5149
5150 #endif /* CONFIG_FST */
5151
5152
5153 static struct hostapd_data *
hostapd_interfaces_get_hapd(struct hapd_interfaces * interfaces,const char * ifname)5154 hostapd_interfaces_get_hapd(struct hapd_interfaces *interfaces,
5155 const char *ifname)
5156 {
5157 size_t i, j;
5158
5159 for (i = 0; i < interfaces->count; i++) {
5160 struct hostapd_iface *iface = interfaces->iface[i];
5161
5162 for (j = 0; j < iface->num_bss; j++) {
5163 struct hostapd_data *hapd;
5164
5165 hapd = iface->bss[j];
5166 if (os_strcmp(ifname, hapd->conf->iface) == 0)
5167 return hapd;
5168 }
5169 }
5170
5171 return NULL;
5172 }
5173
5174
hostapd_ctrl_iface_dup_param(struct hostapd_data * src_hapd,struct hostapd_data * dst_hapd,const char * param)5175 static int hostapd_ctrl_iface_dup_param(struct hostapd_data *src_hapd,
5176 struct hostapd_data *dst_hapd,
5177 const char *param)
5178 {
5179 int res;
5180 char *value;
5181
5182 value = os_zalloc(HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
5183 if (!value) {
5184 wpa_printf(MSG_ERROR,
5185 "DUP: cannot allocate buffer to stringify %s",
5186 param);
5187 goto error_return;
5188 }
5189
5190 if (os_strcmp(param, "wpa") == 0) {
5191 os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%d",
5192 src_hapd->conf->wpa);
5193 } else if (os_strcmp(param, "wpa_key_mgmt") == 0 &&
5194 src_hapd->conf->wpa_key_mgmt) {
5195 res = hostapd_ctrl_iface_get_key_mgmt(
5196 src_hapd, value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
5197 if (os_snprintf_error(HOSTAPD_CLI_DUP_VALUE_MAX_LEN, res))
5198 goto error_stringify;
5199 } else if (os_strcmp(param, "wpa_pairwise") == 0 &&
5200 src_hapd->conf->wpa_pairwise) {
5201 res = wpa_write_ciphers(value,
5202 value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
5203 src_hapd->conf->wpa_pairwise, " ");
5204 if (res < 0)
5205 goto error_stringify;
5206 } else if (os_strcmp(param, "rsn_pairwise") == 0 &&
5207 src_hapd->conf->rsn_pairwise) {
5208 res = wpa_write_ciphers(value,
5209 value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
5210 src_hapd->conf->rsn_pairwise, " ");
5211 if (res < 0)
5212 goto error_stringify;
5213 } else if (os_strcmp(param, "wpa_passphrase") == 0 &&
5214 src_hapd->conf->ssid.wpa_passphrase) {
5215 os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%s",
5216 src_hapd->conf->ssid.wpa_passphrase);
5217 } else if (os_strcmp(param, "wpa_psk") == 0 &&
5218 src_hapd->conf->ssid.wpa_psk_set) {
5219 wpa_snprintf_hex(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
5220 src_hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
5221 } else {
5222 wpa_printf(MSG_WARNING, "DUP: %s cannot be duplicated", param);
5223 goto error_return;
5224 }
5225
5226 res = hostapd_set_iface(dst_hapd->iconf, dst_hapd->conf, param, value);
5227 os_free(value);
5228 return res;
5229
5230 error_stringify:
5231 wpa_printf(MSG_ERROR, "DUP: cannot stringify %s", param);
5232 error_return:
5233 os_free(value);
5234 return -1;
5235 }
5236
5237
5238 static int
hostapd_global_ctrl_iface_interfaces(struct hapd_interfaces * interfaces,const char * input,char * reply,int reply_size)5239 hostapd_global_ctrl_iface_interfaces(struct hapd_interfaces *interfaces,
5240 const char *input,
5241 char *reply, int reply_size)
5242 {
5243 size_t i, j;
5244 int res;
5245 char *pos, *end;
5246 struct hostapd_iface *iface;
5247 int show_ctrl = 0;
5248
5249 if (input)
5250 show_ctrl = !!os_strstr(input, "ctrl");
5251
5252 pos = reply;
5253 end = reply + reply_size;
5254
5255 for (i = 0; i < interfaces->count; i++) {
5256 iface = interfaces->iface[i];
5257
5258 for (j = 0; j < iface->num_bss; j++) {
5259 struct hostapd_bss_config *conf;
5260
5261 conf = iface->conf->bss[j];
5262 if (show_ctrl)
5263 res = os_snprintf(pos, end - pos,
5264 "%s ctrl_iface=%s\n",
5265 conf->iface,
5266 conf->ctrl_interface ?
5267 conf->ctrl_interface : "N/A");
5268 else
5269 res = os_snprintf(pos, end - pos, "%s\n",
5270 conf->iface);
5271 if (os_snprintf_error(end - pos, res)) {
5272 *pos = '\0';
5273 return pos - reply;
5274 }
5275 pos += res;
5276 }
5277 }
5278
5279 return pos - reply;
5280 }
5281
5282
5283 static int
hostapd_global_ctrl_iface_dup_network(struct hapd_interfaces * interfaces,char * cmd)5284 hostapd_global_ctrl_iface_dup_network(struct hapd_interfaces *interfaces,
5285 char *cmd)
5286 {
5287 char *p_start = cmd, *p_end;
5288 struct hostapd_data *src_hapd, *dst_hapd;
5289
5290 /* cmd: "<src ifname> <dst ifname> <variable name> */
5291
5292 p_end = os_strchr(p_start, ' ');
5293 if (!p_end) {
5294 wpa_printf(MSG_ERROR, "DUP: no src ifname found in cmd: '%s'",
5295 cmd);
5296 return -1;
5297 }
5298
5299 *p_end = '\0';
5300 src_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
5301 if (!src_hapd) {
5302 wpa_printf(MSG_ERROR, "DUP: no src ifname found: '%s'",
5303 p_start);
5304 return -1;
5305 }
5306
5307 p_start = p_end + 1;
5308 p_end = os_strchr(p_start, ' ');
5309 if (!p_end) {
5310 wpa_printf(MSG_ERROR, "DUP: no dst ifname found in cmd: '%s'",
5311 cmd);
5312 return -1;
5313 }
5314
5315 *p_end = '\0';
5316 dst_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
5317 if (!dst_hapd) {
5318 wpa_printf(MSG_ERROR, "DUP: no dst ifname found: '%s'",
5319 p_start);
5320 return -1;
5321 }
5322
5323 p_start = p_end + 1;
5324 return hostapd_ctrl_iface_dup_param(src_hapd, dst_hapd, p_start);
5325 }
5326
5327
hostapd_global_ctrl_iface_ifname(struct hapd_interfaces * interfaces,const char * ifname,char * buf,char * reply,int reply_size,struct sockaddr_storage * from,socklen_t fromlen)5328 static int hostapd_global_ctrl_iface_ifname(struct hapd_interfaces *interfaces,
5329 const char *ifname,
5330 char *buf, char *reply,
5331 int reply_size,
5332 struct sockaddr_storage *from,
5333 socklen_t fromlen)
5334 {
5335 struct hostapd_data *hapd;
5336
5337 hapd = hostapd_interfaces_get_hapd(interfaces, ifname);
5338 if (hapd == NULL) {
5339 int res;
5340
5341 res = os_snprintf(reply, reply_size, "FAIL-NO-IFNAME-MATCH\n");
5342 if (os_snprintf_error(reply_size, res))
5343 return -1;
5344 return res;
5345 }
5346
5347 return hostapd_ctrl_iface_receive_process(hapd, buf, reply,reply_size,
5348 from, fromlen);
5349 }
5350
5351
hostapd_global_ctrl_iface_receive(int sock,void * eloop_ctx,void * sock_ctx)5352 static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
5353 void *sock_ctx)
5354 {
5355 struct hapd_interfaces *interfaces = eloop_ctx;
5356 char buffer[256], *buf = buffer;
5357 int res;
5358 struct sockaddr_storage from;
5359 socklen_t fromlen = sizeof(from);
5360 char *reply;
5361 int reply_len;
5362 const int reply_size = 4096;
5363 #ifdef CONFIG_CTRL_IFACE_UDP
5364 unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
5365 #endif /* CONFIG_CTRL_IFACE_UDP */
5366
5367 res = recvfrom(sock, buffer, sizeof(buffer) - 1, 0,
5368 (struct sockaddr *) &from, &fromlen);
5369 if (res < 0) {
5370 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
5371 strerror(errno));
5372 return;
5373 }
5374 buf[res] = '\0';
5375 wpa_printf(MSG_EXCESSIVE, "Global ctrl_iface command: %s", buf);
5376
5377 reply = os_malloc(reply_size);
5378 if (reply == NULL) {
5379 if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
5380 fromlen) < 0) {
5381 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
5382 strerror(errno));
5383 }
5384 return;
5385 }
5386
5387 os_memcpy(reply, "OK\n", 3);
5388 reply_len = 3;
5389
5390 #ifdef CONFIG_CTRL_IFACE_UDP
5391 if (os_strcmp(buf, "GET_COOKIE") == 0) {
5392 os_memcpy(reply, "COOKIE=", 7);
5393 wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1,
5394 interfaces->ctrl_iface_cookie,
5395 CTRL_IFACE_COOKIE_LEN);
5396 reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN;
5397 goto send_reply;
5398 }
5399
5400 if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
5401 hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) {
5402 #ifdef CONFIG_OPEN_HARMONY_PATCH
5403 wpa_printf(MSG_WARNING,
5404 "CTRL: No cookie in the request - reply failed!");
5405 reply_len = -1;
5406 goto send_reply;
5407 #else
5408 wpa_printf(MSG_DEBUG,
5409 "CTRL: No cookie in the request - drop request");
5410 os_free(reply);
5411 #endif
5412 return;
5413 }
5414
5415 if (os_memcmp(interfaces->ctrl_iface_cookie, lcookie,
5416 CTRL_IFACE_COOKIE_LEN) != 0) {
5417 #ifdef CONFIG_OPEN_HARMONY_PATCH
5418 wpa_printf(MSG_WARNING,
5419 "CTRL: Invalid cookie in the request - reply failed!");
5420 reply_len = -1;
5421 goto send_reply;
5422 #else
5423 wpa_printf(MSG_DEBUG,
5424 "CTRL: Invalid cookie in the request - drop request");
5425 os_free(reply);
5426 return;
5427 #endif
5428 }
5429
5430 buf += 7 + 2 * CTRL_IFACE_COOKIE_LEN;
5431 while (*buf == ' ')
5432 buf++;
5433 #endif /* CONFIG_CTRL_IFACE_UDP */
5434
5435 if (os_strncmp(buf, "IFNAME=", 7) == 0) {
5436 char *pos = os_strchr(buf + 7, ' ');
5437
5438 if (pos) {
5439 *pos++ = '\0';
5440 reply_len = hostapd_global_ctrl_iface_ifname(
5441 interfaces, buf + 7, pos, reply, reply_size,
5442 &from, fromlen);
5443 goto send_reply;
5444 }
5445 }
5446
5447 if (os_strcmp(buf, "PING") == 0) {
5448 os_memcpy(reply, "PONG\n", 5);
5449 reply_len = 5;
5450 } else if (os_strncmp(buf, "RELOG", 5) == 0) {
5451 if (wpa_debug_reopen_file() < 0)
5452 reply_len = -1;
5453 } else if (os_strcmp(buf, "FLUSH") == 0) {
5454 hostapd_ctrl_iface_flush(interfaces);
5455 } else if (os_strncmp(buf, "ADD ", 4) == 0) {
5456 if (hostapd_ctrl_iface_add(interfaces, buf + 4) < 0)
5457 reply_len = -1;
5458 } else if (os_strncmp(buf, "REMOVE ", 7) == 0) {
5459 if (hostapd_ctrl_iface_remove(interfaces, buf + 7) < 0)
5460 reply_len = -1;
5461 } else if (os_strcmp(buf, "ATTACH") == 0) {
5462 if (hostapd_global_ctrl_iface_attach(interfaces, &from,
5463 fromlen, NULL))
5464 reply_len = -1;
5465 } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
5466 if (hostapd_global_ctrl_iface_attach(interfaces, &from,
5467 fromlen, buf + 7))
5468 reply_len = -1;
5469 } else if (os_strcmp(buf, "DETACH") == 0) {
5470 if (hostapd_global_ctrl_iface_detach(interfaces, &from,
5471 fromlen))
5472 reply_len = -1;
5473 #ifdef CONFIG_MODULE_TESTS
5474 } else if (os_strcmp(buf, "MODULE_TESTS") == 0) {
5475 if (hapd_module_tests() < 0)
5476 reply_len = -1;
5477 #endif /* CONFIG_MODULE_TESTS */
5478 #ifdef CONFIG_FST
5479 } else if (os_strncmp(buf, "FST-ATTACH ", 11) == 0) {
5480 if (!hostapd_global_ctrl_iface_fst_attach(interfaces, buf + 11))
5481 reply_len = os_snprintf(reply, reply_size, "OK\n");
5482 else
5483 reply_len = -1;
5484 } else if (os_strncmp(buf, "FST-DETACH ", 11) == 0) {
5485 if (!hostapd_global_ctrl_iface_fst_detach(interfaces, buf + 11))
5486 reply_len = os_snprintf(reply, reply_size, "OK\n");
5487 else
5488 reply_len = -1;
5489 } else if (os_strncmp(buf, "FST-MANAGER ", 12) == 0) {
5490 reply_len = fst_ctrl_iface_receive(buf + 12, reply, reply_size);
5491 #endif /* CONFIG_FST */
5492 } else if (os_strncmp(buf, "DUP_NETWORK ", 12) == 0) {
5493 if (!hostapd_global_ctrl_iface_dup_network(interfaces,
5494 buf + 12))
5495 reply_len = os_snprintf(reply, reply_size, "OK\n");
5496 else
5497 reply_len = -1;
5498 } else if (os_strncmp(buf, "INTERFACES", 10) == 0) {
5499 reply_len = hostapd_global_ctrl_iface_interfaces(
5500 interfaces, buf + 10, reply, reply_size);
5501 } else if (os_strcmp(buf, "TERMINATE") == 0) {
5502 eloop_terminate();
5503 } else {
5504 wpa_printf(MSG_DEBUG, "Unrecognized global ctrl_iface command "
5505 "ignored");
5506 reply_len = -1;
5507 }
5508
5509 send_reply:
5510 if (reply_len < 0) {
5511 os_memcpy(reply, "FAIL\n", 5);
5512 reply_len = 5;
5513 }
5514
5515 if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
5516 fromlen) < 0) {
5517 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
5518 strerror(errno));
5519 }
5520 os_free(reply);
5521 }
5522
5523
5524 #ifndef CONFIG_CTRL_IFACE_UDP
hostapd_global_ctrl_iface_path(struct hapd_interfaces * interface)5525 static char * hostapd_global_ctrl_iface_path(struct hapd_interfaces *interface)
5526 {
5527 char *buf;
5528 size_t len;
5529
5530 if (interface->global_iface_path == NULL)
5531 return NULL;
5532
5533 len = os_strlen(interface->global_iface_path) +
5534 os_strlen(interface->global_iface_name) + 2;
5535 buf = os_malloc(len);
5536 if (buf == NULL)
5537 return NULL;
5538
5539 os_snprintf(buf, len, "%s/%s", interface->global_iface_path,
5540 interface->global_iface_name);
5541 buf[len - 1] = '\0';
5542 return buf;
5543 }
5544 #endif /* CONFIG_CTRL_IFACE_UDP */
5545
5546
hostapd_global_ctrl_iface_init(struct hapd_interfaces * interface)5547 int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
5548 {
5549 #ifdef CONFIG_CTRL_IFACE_UDP
5550 int port = HOSTAPD_GLOBAL_CTRL_IFACE_PORT;
5551 char p[32] = { 0 };
5552 char *pos;
5553 struct addrinfo hints = { 0 }, *res, *saveres;
5554 int n;
5555
5556 if (interface->global_ctrl_sock > -1) {
5557 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
5558 return 0;
5559 }
5560
5561 if (interface->global_iface_path == NULL)
5562 return 0;
5563
5564 pos = os_strstr(interface->global_iface_path, "udp:");
5565 if (pos) {
5566 pos += 4;
5567 port = atoi(pos);
5568 if (port <= 0) {
5569 wpa_printf(MSG_ERROR, "Invalid global ctrl UDP port");
5570 goto fail;
5571 }
5572 }
5573
5574 os_get_random(interface->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN);
5575
5576 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
5577 hints.ai_flags = AI_PASSIVE;
5578 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
5579
5580 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
5581 hints.ai_family = AF_INET6;
5582 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
5583 hints.ai_family = AF_INET;
5584 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
5585 hints.ai_socktype = SOCK_DGRAM;
5586
5587 try_again:
5588 os_snprintf(p, sizeof(p), "%d", port);
5589 n = getaddrinfo(NULL, p, &hints, &res);
5590 if (n) {
5591 wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
5592 goto fail;
5593 }
5594
5595 saveres = res;
5596 interface->global_ctrl_sock = socket(res->ai_family, res->ai_socktype,
5597 res->ai_protocol);
5598 if (interface->global_ctrl_sock < 0) {
5599 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
5600 goto fail;
5601 }
5602
5603 if (bind(interface->global_ctrl_sock, res->ai_addr, res->ai_addrlen) <
5604 0) {
5605 port++;
5606 if ((port - HOSTAPD_GLOBAL_CTRL_IFACE_PORT) <
5607 HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT && !pos)
5608 goto try_again;
5609 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
5610 goto fail;
5611 }
5612
5613 freeaddrinfo(saveres);
5614
5615 wpa_printf(MSG_DEBUG, "global ctrl_iface_init UDP port: %d", port);
5616
5617 if (eloop_register_read_sock(interface->global_ctrl_sock,
5618 hostapd_global_ctrl_iface_receive,
5619 interface, NULL) < 0) {
5620 hostapd_global_ctrl_iface_deinit(interface);
5621 return -1;
5622 }
5623
5624 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
5625
5626 return 0;
5627
5628 fail:
5629 if (interface->global_ctrl_sock >= 0)
5630 close(interface->global_ctrl_sock);
5631 return -1;
5632 #else /* CONFIG_CTRL_IFACE_UDP */
5633 struct sockaddr_un addr;
5634 int s = -1;
5635 char *fname = NULL;
5636
5637 if (interface->global_iface_path == NULL) {
5638 wpa_printf(MSG_DEBUG, "ctrl_iface not configured!");
5639 return 0;
5640 }
5641
5642 if (mkdir(interface->global_iface_path, S_IRWXU | S_IRWXG) < 0) {
5643 if (errno == EEXIST) {
5644 wpa_printf(MSG_DEBUG, "Using existing control "
5645 "interface directory.");
5646 } else {
5647 wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
5648 strerror(errno));
5649 goto fail;
5650 }
5651 } else if (interface->ctrl_iface_group &&
5652 lchown(interface->global_iface_path, -1,
5653 interface->ctrl_iface_group) < 0) {
5654 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
5655 strerror(errno));
5656 goto fail;
5657 }
5658
5659 if (os_strlen(interface->global_iface_path) + 1 +
5660 os_strlen(interface->global_iface_name) >= sizeof(addr.sun_path))
5661 goto fail;
5662
5663 s = socket(PF_UNIX, SOCK_DGRAM, 0);
5664 if (s < 0) {
5665 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
5666 goto fail;
5667 }
5668
5669 os_memset(&addr, 0, sizeof(addr));
5670 #ifdef __FreeBSD__
5671 addr.sun_len = sizeof(addr);
5672 #endif /* __FreeBSD__ */
5673 addr.sun_family = AF_UNIX;
5674 fname = hostapd_global_ctrl_iface_path(interface);
5675 if (fname == NULL)
5676 goto fail;
5677 os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
5678 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
5679 wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
5680 strerror(errno));
5681 if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
5682 wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
5683 " allow connections - assuming it was left"
5684 "over from forced program termination");
5685 if (unlink(fname) < 0) {
5686 wpa_printf(MSG_ERROR,
5687 "Could not unlink existing ctrl_iface socket '%s': %s",
5688 fname, strerror(errno));
5689 goto fail;
5690 }
5691 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
5692 0) {
5693 wpa_printf(MSG_ERROR, "bind(PF_UNIX): %s",
5694 strerror(errno));
5695 goto fail;
5696 }
5697 wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
5698 "ctrl_iface socket '%s'", fname);
5699 } else {
5700 wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
5701 "be in use - cannot override it");
5702 wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
5703 "not used anymore", fname);
5704 os_free(fname);
5705 fname = NULL;
5706 goto fail;
5707 }
5708 }
5709
5710 if (interface->ctrl_iface_group &&
5711 lchown(fname, -1, interface->ctrl_iface_group) < 0) {
5712 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
5713 strerror(errno));
5714 goto fail;
5715 }
5716
5717 if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
5718 wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
5719 strerror(errno));
5720 goto fail;
5721 }
5722 os_free(fname);
5723
5724 interface->global_ctrl_sock = s;
5725 eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
5726 interface, NULL);
5727
5728 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
5729
5730 return 0;
5731
5732 fail:
5733 if (s >= 0)
5734 close(s);
5735 if (fname) {
5736 unlink(fname);
5737 os_free(fname);
5738 }
5739 return -1;
5740 #endif /* CONFIG_CTRL_IFACE_UDP */
5741 }
5742
5743
hostapd_global_ctrl_iface_deinit(struct hapd_interfaces * interfaces)5744 void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interfaces)
5745 {
5746 #ifndef CONFIG_CTRL_IFACE_UDP
5747 char *fname = NULL;
5748 #endif /* CONFIG_CTRL_IFACE_UDP */
5749 struct wpa_ctrl_dst *dst, *prev;
5750
5751 if (interfaces->global_ctrl_sock > -1) {
5752 eloop_unregister_read_sock(interfaces->global_ctrl_sock);
5753 close(interfaces->global_ctrl_sock);
5754 interfaces->global_ctrl_sock = -1;
5755 #ifndef CONFIG_CTRL_IFACE_UDP
5756 fname = hostapd_global_ctrl_iface_path(interfaces);
5757 if (fname) {
5758 unlink(fname);
5759 os_free(fname);
5760 }
5761
5762 if (interfaces->global_iface_path &&
5763 rmdir(interfaces->global_iface_path) < 0) {
5764 if (errno == ENOTEMPTY) {
5765 wpa_printf(MSG_DEBUG, "Control interface "
5766 "directory not empty - leaving it "
5767 "behind");
5768 } else {
5769 wpa_printf(MSG_ERROR,
5770 "rmdir[ctrl_interface=%s]: %s",
5771 interfaces->global_iface_path,
5772 strerror(errno));
5773 }
5774 }
5775 #endif /* CONFIG_CTRL_IFACE_UDP */
5776 }
5777
5778 os_free(interfaces->global_iface_path);
5779 interfaces->global_iface_path = NULL;
5780
5781 dl_list_for_each_safe(dst, prev, &interfaces->global_ctrl_dst,
5782 struct wpa_ctrl_dst, list)
5783 os_free(dst);
5784 }
5785
5786
hostapd_ctrl_check_event_enabled(struct wpa_ctrl_dst * dst,const char * buf)5787 static int hostapd_ctrl_check_event_enabled(struct wpa_ctrl_dst *dst,
5788 const char *buf)
5789 {
5790 /* Enable Probe Request events based on explicit request.
5791 * Other events are enabled by default.
5792 */
5793 if (str_starts(buf, RX_PROBE_REQUEST))
5794 return !!(dst->events & WPA_EVENT_RX_PROBE_REQUEST);
5795 return 1;
5796 }
5797
5798
hostapd_ctrl_iface_send_internal(int sock,struct dl_list * ctrl_dst,const char * ifname,int level,const char * buf,size_t len)5799 static void hostapd_ctrl_iface_send_internal(int sock, struct dl_list *ctrl_dst,
5800 const char *ifname, int level,
5801 const char *buf, size_t len)
5802 {
5803 struct wpa_ctrl_dst *dst, *next;
5804 struct msghdr msg;
5805 int idx, res;
5806 struct iovec io[5];
5807 char levelstr[10];
5808
5809 if (sock < 0 || dl_list_empty(ctrl_dst))
5810 return;
5811
5812 res = os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
5813 if (os_snprintf_error(sizeof(levelstr), res))
5814 return;
5815 idx = 0;
5816 if (ifname) {
5817 io[idx].iov_base = "IFNAME=";
5818 io[idx].iov_len = 7;
5819 idx++;
5820 io[idx].iov_base = (char *) ifname;
5821 io[idx].iov_len = os_strlen(ifname);
5822 idx++;
5823 io[idx].iov_base = " ";
5824 io[idx].iov_len = 1;
5825 idx++;
5826 }
5827 io[idx].iov_base = levelstr;
5828 io[idx].iov_len = os_strlen(levelstr);
5829 idx++;
5830 io[idx].iov_base = (char *) buf;
5831 io[idx].iov_len = len;
5832 idx++;
5833 os_memset(&msg, 0, sizeof(msg));
5834 msg.msg_iov = io;
5835 msg.msg_iovlen = idx;
5836
5837 idx = 0;
5838 dl_list_for_each_safe(dst, next, ctrl_dst, struct wpa_ctrl_dst, list) {
5839 if ((level >= dst->debug_level) &&
5840 hostapd_ctrl_check_event_enabled(dst, buf)) {
5841 sockaddr_print(MSG_DEBUG, "CTRL_IFACE monitor send",
5842 &dst->addr, dst->addrlen);
5843 msg.msg_name = &dst->addr;
5844 msg.msg_namelen = dst->addrlen;
5845 if (sendmsg(sock, &msg, 0) < 0) {
5846 int _errno = errno;
5847 wpa_printf(MSG_INFO, "CTRL_IFACE monitor[%d]: "
5848 "%d - %s",
5849 idx, errno, strerror(errno));
5850 dst->errors++;
5851 if (dst->errors > 10 || _errno == ENOENT) {
5852 ctrl_iface_detach(ctrl_dst,
5853 &dst->addr,
5854 dst->addrlen);
5855 }
5856 } else
5857 dst->errors = 0;
5858 }
5859 idx++;
5860 }
5861 }
5862
5863
hostapd_ctrl_iface_send(struct hostapd_data * hapd,int level,enum wpa_msg_type type,const char * buf,size_t len)5864 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
5865 enum wpa_msg_type type,
5866 const char *buf, size_t len)
5867 {
5868 if (type != WPA_MSG_NO_GLOBAL) {
5869 hostapd_ctrl_iface_send_internal(
5870 hapd->iface->interfaces->global_ctrl_sock,
5871 &hapd->iface->interfaces->global_ctrl_dst,
5872 type != WPA_MSG_PER_INTERFACE ?
5873 NULL : hapd->conf->iface,
5874 level, buf, len);
5875 }
5876
5877 if (type != WPA_MSG_ONLY_GLOBAL) {
5878 hostapd_ctrl_iface_send_internal(
5879 hapd->ctrl_sock, &hapd->ctrl_dst,
5880 NULL, level, buf, len);
5881 }
5882 }
5883
5884 #endif /* CONFIG_NATIVE_WINDOWS */
5885