ctrl_iface.c 108 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508
  1. /*
  2. * hostapd / UNIX domain socket -based control interface
  3. * Copyright (c) 2017, Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
  4. * Copyright (c) 2004-2015, Jouni Malinen <j@w1.fi>
  5. *
  6. * This software may be distributed under the terms of the BSD license.
  7. * See README for more details.
  8. */
  9. #include "utils/includes.h"
  10. #ifndef CONFIG_NATIVE_WINDOWS
  11. #ifdef CONFIG_TESTING_OPTIONS
  12. #include <net/ethernet.h>
  13. #include <netinet/ip.h>
  14. #endif /* CONFIG_TESTING_OPTIONS */
  15. #include <sys/un.h>
  16. #include <sys/stat.h>
  17. #include <stddef.h>
  18. #ifdef CONFIG_CTRL_IFACE_UDP
  19. #include <netdb.h>
  20. #endif /* CONFIG_CTRL_IFACE_UDP */
  21. #include "utils/common.h"
  22. #include "utils/eloop.h"
  23. #include "utils/module_tests.h"
  24. #include "common/version.h"
  25. #include "common/ieee802_11_defs.h"
  26. #include "common/ctrl_iface_common.h"
  27. #ifdef CONFIG_DPP
  28. #include "common/dpp.h"
  29. #endif /* CONFIG_DPP */
  30. #include "common/wpa_ctrl.h"
  31. #include "crypto/tls.h"
  32. #include "drivers/driver.h"
  33. #include "eapol_auth/eapol_auth_sm.h"
  34. #include "radius/radius_client.h"
  35. #include "radius/radius_server.h"
  36. #include "l2_packet/l2_packet.h"
  37. #include "ap/hostapd.h"
  38. #include "ap/ap_config.h"
  39. #include "ap/ieee802_1x.h"
  40. #include "ap/wpa_auth.h"
  41. #include "ap/ieee802_11.h"
  42. #include "ap/sta_info.h"
  43. #include "ap/wps_hostapd.h"
  44. #include "ap/ctrl_iface_ap.h"
  45. #include "ap/ap_drv_ops.h"
  46. #include "ap/hs20.h"
  47. #include "ap/wnm_ap.h"
  48. #include "ap/wpa_auth.h"
  49. #include "ap/beacon.h"
  50. #include "ap/neighbor_db.h"
  51. #include "ap/rrm.h"
  52. #include "ap/dpp_hostapd.h"
  53. #include "wps/wps_defs.h"
  54. #include "wps/wps.h"
  55. #include "fst/fst_ctrl_iface.h"
  56. #include "config_file.h"
  57. #include "ctrl_iface.h"
  58. #include "common/attacks.h"
  59. #include "../src/ap/wpa_auth_i.h"
  60. #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
  61. #ifdef CONFIG_CTRL_IFACE_UDP
  62. #define COOKIE_LEN 8
  63. static unsigned char cookie[COOKIE_LEN];
  64. static unsigned char gcookie[COOKIE_LEN];
  65. #define HOSTAPD_CTRL_IFACE_PORT 8877
  66. #define HOSTAPD_CTRL_IFACE_PORT_LIMIT 50
  67. #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT 8878
  68. #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT 50
  69. #endif /* CONFIG_CTRL_IFACE_UDP */
  70. static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
  71. enum wpa_msg_type type,
  72. const char *buf, size_t len);
  73. static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
  74. struct sockaddr_storage *from,
  75. socklen_t fromlen, const char *input)
  76. {
  77. return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen, input);
  78. }
  79. static int hostapd_ctrl_iface_detach(struct hostapd_data *hapd,
  80. struct sockaddr_storage *from,
  81. socklen_t fromlen)
  82. {
  83. return ctrl_iface_detach(&hapd->ctrl_dst, from, fromlen);
  84. }
  85. static int hostapd_ctrl_iface_level(struct hostapd_data *hapd,
  86. struct sockaddr_storage *from,
  87. socklen_t fromlen,
  88. char *level)
  89. {
  90. return ctrl_iface_level(&hapd->ctrl_dst, from, fromlen, level);
  91. }
  92. static int hostapd_ctrl_iface_new_sta(struct hostapd_data *hapd,
  93. const char *txtaddr)
  94. {
  95. u8 addr[ETH_ALEN];
  96. struct sta_info *sta;
  97. wpa_printf(MSG_DEBUG, "CTRL_IFACE NEW_STA %s", txtaddr);
  98. if (hwaddr_aton(txtaddr, addr))
  99. return -1;
  100. sta = ap_get_sta(hapd, addr);
  101. if (sta)
  102. return 0;
  103. wpa_printf(MSG_DEBUG, "Add new STA " MACSTR " based on ctrl_iface "
  104. "notification", MAC2STR(addr));
  105. sta = ap_sta_add(hapd, addr);
  106. if (sta == NULL)
  107. return -1;
  108. hostapd_new_assoc_sta(hapd, sta, 0);
  109. return 0;
  110. }
  111. #ifdef CONFIG_IEEE80211W
  112. #ifdef NEED_AP_MLME
  113. static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd,
  114. const char *txtaddr)
  115. {
  116. u8 addr[ETH_ALEN];
  117. u8 trans_id[WLAN_SA_QUERY_TR_ID_LEN];
  118. wpa_printf(MSG_DEBUG, "CTRL_IFACE SA_QUERY %s", txtaddr);
  119. if (hwaddr_aton(txtaddr, addr) ||
  120. os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0)
  121. return -1;
  122. ieee802_11_send_sa_query_req(hapd, addr, trans_id);
  123. return 0;
  124. }
  125. #endif /* NEED_AP_MLME */
  126. #endif /* CONFIG_IEEE80211W */
  127. #ifdef CONFIG_WPS
  128. static int hostapd_ctrl_iface_wps_pin(struct hostapd_data *hapd, char *txt)
  129. {
  130. char *pin = os_strchr(txt, ' ');
  131. char *timeout_txt;
  132. int timeout;
  133. u8 addr_buf[ETH_ALEN], *addr = NULL;
  134. char *pos;
  135. if (pin == NULL)
  136. return -1;
  137. *pin++ = '\0';
  138. timeout_txt = os_strchr(pin, ' ');
  139. if (timeout_txt) {
  140. *timeout_txt++ = '\0';
  141. timeout = atoi(timeout_txt);
  142. pos = os_strchr(timeout_txt, ' ');
  143. if (pos) {
  144. *pos++ = '\0';
  145. if (hwaddr_aton(pos, addr_buf) == 0)
  146. addr = addr_buf;
  147. }
  148. } else
  149. timeout = 0;
  150. return hostapd_wps_add_pin(hapd, addr, txt, pin, timeout);
  151. }
  152. static int hostapd_ctrl_iface_wps_check_pin(
  153. struct hostapd_data *hapd, char *cmd, char *buf, size_t buflen)
  154. {
  155. char pin[9];
  156. size_t len;
  157. char *pos;
  158. int ret;
  159. wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN",
  160. (u8 *) cmd, os_strlen(cmd));
  161. for (pos = cmd, len = 0; *pos != '\0'; pos++) {
  162. if (*pos < '0' || *pos > '9')
  163. continue;
  164. pin[len++] = *pos;
  165. if (len == 9) {
  166. wpa_printf(MSG_DEBUG, "WPS: Too long PIN");
  167. return -1;
  168. }
  169. }
  170. if (len != 4 && len != 8) {
  171. wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len);
  172. return -1;
  173. }
  174. pin[len] = '\0';
  175. if (len == 8) {
  176. unsigned int pin_val;
  177. pin_val = atoi(pin);
  178. if (!wps_pin_valid(pin_val)) {
  179. wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit");
  180. ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n");
  181. if (os_snprintf_error(buflen, ret))
  182. return -1;
  183. return ret;
  184. }
  185. }
  186. ret = os_snprintf(buf, buflen, "%s", pin);
  187. if (os_snprintf_error(buflen, ret))
  188. return -1;
  189. return ret;
  190. }
  191. #ifdef CONFIG_WPS_NFC
  192. static int hostapd_ctrl_iface_wps_nfc_tag_read(struct hostapd_data *hapd,
  193. char *pos)
  194. {
  195. size_t len;
  196. struct wpabuf *buf;
  197. int ret;
  198. len = os_strlen(pos);
  199. if (len & 0x01)
  200. return -1;
  201. len /= 2;
  202. buf = wpabuf_alloc(len);
  203. if (buf == NULL)
  204. return -1;
  205. if (hexstr2bin(pos, wpabuf_put(buf, len), len) < 0) {
  206. wpabuf_free(buf);
  207. return -1;
  208. }
  209. ret = hostapd_wps_nfc_tag_read(hapd, buf);
  210. wpabuf_free(buf);
  211. return ret;
  212. }
  213. static int hostapd_ctrl_iface_wps_nfc_config_token(struct hostapd_data *hapd,
  214. char *cmd, char *reply,
  215. size_t max_len)
  216. {
  217. int ndef;
  218. struct wpabuf *buf;
  219. int res;
  220. if (os_strcmp(cmd, "WPS") == 0)
  221. ndef = 0;
  222. else if (os_strcmp(cmd, "NDEF") == 0)
  223. ndef = 1;
  224. else
  225. return -1;
  226. buf = hostapd_wps_nfc_config_token(hapd, ndef);
  227. if (buf == NULL)
  228. return -1;
  229. res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
  230. wpabuf_len(buf));
  231. reply[res++] = '\n';
  232. reply[res] = '\0';
  233. wpabuf_free(buf);
  234. return res;
  235. }
  236. static int hostapd_ctrl_iface_wps_nfc_token_gen(struct hostapd_data *hapd,
  237. char *reply, size_t max_len,
  238. int ndef)
  239. {
  240. struct wpabuf *buf;
  241. int res;
  242. buf = hostapd_wps_nfc_token_gen(hapd, ndef);
  243. if (buf == NULL)
  244. return -1;
  245. res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
  246. wpabuf_len(buf));
  247. reply[res++] = '\n';
  248. reply[res] = '\0';
  249. wpabuf_free(buf);
  250. return res;
  251. }
  252. static int hostapd_ctrl_iface_wps_nfc_token(struct hostapd_data *hapd,
  253. char *cmd, char *reply,
  254. size_t max_len)
  255. {
  256. if (os_strcmp(cmd, "WPS") == 0)
  257. return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
  258. max_len, 0);
  259. if (os_strcmp(cmd, "NDEF") == 0)
  260. return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
  261. max_len, 1);
  262. if (os_strcmp(cmd, "enable") == 0)
  263. return hostapd_wps_nfc_token_enable(hapd);
  264. if (os_strcmp(cmd, "disable") == 0) {
  265. hostapd_wps_nfc_token_disable(hapd);
  266. return 0;
  267. }
  268. return -1;
  269. }
  270. static int hostapd_ctrl_iface_nfc_get_handover_sel(struct hostapd_data *hapd,
  271. char *cmd, char *reply,
  272. size_t max_len)
  273. {
  274. struct wpabuf *buf;
  275. int res;
  276. char *pos;
  277. int ndef;
  278. pos = os_strchr(cmd, ' ');
  279. if (pos == NULL)
  280. return -1;
  281. *pos++ = '\0';
  282. if (os_strcmp(cmd, "WPS") == 0)
  283. ndef = 0;
  284. else if (os_strcmp(cmd, "NDEF") == 0)
  285. ndef = 1;
  286. else
  287. return -1;
  288. if (os_strcmp(pos, "WPS-CR") == 0)
  289. buf = hostapd_wps_nfc_hs_cr(hapd, ndef);
  290. else
  291. buf = NULL;
  292. if (buf == NULL)
  293. return -1;
  294. res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
  295. wpabuf_len(buf));
  296. reply[res++] = '\n';
  297. reply[res] = '\0';
  298. wpabuf_free(buf);
  299. return res;
  300. }
  301. static int hostapd_ctrl_iface_nfc_report_handover(struct hostapd_data *hapd,
  302. char *cmd)
  303. {
  304. size_t len;
  305. struct wpabuf *req, *sel;
  306. int ret;
  307. char *pos, *role, *type, *pos2;
  308. role = cmd;
  309. pos = os_strchr(role, ' ');
  310. if (pos == NULL)
  311. return -1;
  312. *pos++ = '\0';
  313. type = pos;
  314. pos = os_strchr(type, ' ');
  315. if (pos == NULL)
  316. return -1;
  317. *pos++ = '\0';
  318. pos2 = os_strchr(pos, ' ');
  319. if (pos2 == NULL)
  320. return -1;
  321. *pos2++ = '\0';
  322. len = os_strlen(pos);
  323. if (len & 0x01)
  324. return -1;
  325. len /= 2;
  326. req = wpabuf_alloc(len);
  327. if (req == NULL)
  328. return -1;
  329. if (hexstr2bin(pos, wpabuf_put(req, len), len) < 0) {
  330. wpabuf_free(req);
  331. return -1;
  332. }
  333. len = os_strlen(pos2);
  334. if (len & 0x01) {
  335. wpabuf_free(req);
  336. return -1;
  337. }
  338. len /= 2;
  339. sel = wpabuf_alloc(len);
  340. if (sel == NULL) {
  341. wpabuf_free(req);
  342. return -1;
  343. }
  344. if (hexstr2bin(pos2, wpabuf_put(sel, len), len) < 0) {
  345. wpabuf_free(req);
  346. wpabuf_free(sel);
  347. return -1;
  348. }
  349. if (os_strcmp(role, "RESP") == 0 && os_strcmp(type, "WPS") == 0) {
  350. ret = hostapd_wps_nfc_report_handover(hapd, req, sel);
  351. } else {
  352. wpa_printf(MSG_DEBUG, "NFC: Unsupported connection handover "
  353. "reported: role=%s type=%s", role, type);
  354. ret = -1;
  355. }
  356. wpabuf_free(req);
  357. wpabuf_free(sel);
  358. return ret;
  359. }
  360. #endif /* CONFIG_WPS_NFC */
  361. static int hostapd_ctrl_iface_wps_ap_pin(struct hostapd_data *hapd, char *txt,
  362. char *buf, size_t buflen)
  363. {
  364. int timeout = 300;
  365. char *pos;
  366. const char *pin_txt;
  367. pos = os_strchr(txt, ' ');
  368. if (pos)
  369. *pos++ = '\0';
  370. if (os_strcmp(txt, "disable") == 0) {
  371. hostapd_wps_ap_pin_disable(hapd);
  372. return os_snprintf(buf, buflen, "OK\n");
  373. }
  374. if (os_strcmp(txt, "random") == 0) {
  375. if (pos)
  376. timeout = atoi(pos);
  377. pin_txt = hostapd_wps_ap_pin_random(hapd, timeout);
  378. if (pin_txt == NULL)
  379. return -1;
  380. return os_snprintf(buf, buflen, "%s", pin_txt);
  381. }
  382. if (os_strcmp(txt, "get") == 0) {
  383. pin_txt = hostapd_wps_ap_pin_get(hapd);
  384. if (pin_txt == NULL)
  385. return -1;
  386. return os_snprintf(buf, buflen, "%s", pin_txt);
  387. }
  388. if (os_strcmp(txt, "set") == 0) {
  389. char *pin;
  390. if (pos == NULL)
  391. return -1;
  392. pin = pos;
  393. pos = os_strchr(pos, ' ');
  394. if (pos) {
  395. *pos++ = '\0';
  396. timeout = atoi(pos);
  397. }
  398. if (os_strlen(pin) > buflen)
  399. return -1;
  400. if (hostapd_wps_ap_pin_set(hapd, pin, timeout) < 0)
  401. return -1;
  402. return os_snprintf(buf, buflen, "%s", pin);
  403. }
  404. return -1;
  405. }
  406. static int hostapd_ctrl_iface_wps_config(struct hostapd_data *hapd, char *txt)
  407. {
  408. char *pos;
  409. char *ssid, *auth, *encr = NULL, *key = NULL;
  410. ssid = txt;
  411. pos = os_strchr(txt, ' ');
  412. if (!pos)
  413. return -1;
  414. *pos++ = '\0';
  415. auth = pos;
  416. pos = os_strchr(pos, ' ');
  417. if (pos) {
  418. *pos++ = '\0';
  419. encr = pos;
  420. pos = os_strchr(pos, ' ');
  421. if (pos) {
  422. *pos++ = '\0';
  423. key = pos;
  424. }
  425. }
  426. return hostapd_wps_config_ap(hapd, ssid, auth, encr, key);
  427. }
  428. static const char * pbc_status_str(enum pbc_status status)
  429. {
  430. switch (status) {
  431. case WPS_PBC_STATUS_DISABLE:
  432. return "Disabled";
  433. case WPS_PBC_STATUS_ACTIVE:
  434. return "Active";
  435. case WPS_PBC_STATUS_TIMEOUT:
  436. return "Timed-out";
  437. case WPS_PBC_STATUS_OVERLAP:
  438. return "Overlap";
  439. default:
  440. return "Unknown";
  441. }
  442. }
  443. static int hostapd_ctrl_iface_wps_get_status(struct hostapd_data *hapd,
  444. char *buf, size_t buflen)
  445. {
  446. int ret;
  447. char *pos, *end;
  448. pos = buf;
  449. end = buf + buflen;
  450. ret = os_snprintf(pos, end - pos, "PBC Status: %s\n",
  451. pbc_status_str(hapd->wps_stats.pbc_status));
  452. if (os_snprintf_error(end - pos, ret))
  453. return pos - buf;
  454. pos += ret;
  455. ret = os_snprintf(pos, end - pos, "Last WPS result: %s\n",
  456. (hapd->wps_stats.status == WPS_STATUS_SUCCESS ?
  457. "Success":
  458. (hapd->wps_stats.status == WPS_STATUS_FAILURE ?
  459. "Failed" : "None")));
  460. if (os_snprintf_error(end - pos, ret))
  461. return pos - buf;
  462. pos += ret;
  463. /* If status == Failure - Add possible Reasons */
  464. if(hapd->wps_stats.status == WPS_STATUS_FAILURE &&
  465. hapd->wps_stats.failure_reason > 0) {
  466. ret = os_snprintf(pos, end - pos,
  467. "Failure Reason: %s\n",
  468. wps_ei_str(hapd->wps_stats.failure_reason));
  469. if (os_snprintf_error(end - pos, ret))
  470. return pos - buf;
  471. pos += ret;
  472. }
  473. if (hapd->wps_stats.status) {
  474. ret = os_snprintf(pos, end - pos, "Peer Address: " MACSTR "\n",
  475. MAC2STR(hapd->wps_stats.peer_addr));
  476. if (os_snprintf_error(end - pos, ret))
  477. return pos - buf;
  478. pos += ret;
  479. }
  480. return pos - buf;
  481. }
  482. #endif /* CONFIG_WPS */
  483. #ifdef CONFIG_HS20
  484. static int hostapd_ctrl_iface_hs20_wnm_notif(struct hostapd_data *hapd,
  485. const char *cmd)
  486. {
  487. u8 addr[ETH_ALEN];
  488. const char *url;
  489. if (hwaddr_aton(cmd, addr))
  490. return -1;
  491. url = cmd + 17;
  492. if (*url == '\0') {
  493. url = NULL;
  494. } else {
  495. if (*url != ' ')
  496. return -1;
  497. url++;
  498. if (*url == '\0')
  499. url = NULL;
  500. }
  501. return hs20_send_wnm_notification(hapd, addr, 1, url);
  502. }
  503. static int hostapd_ctrl_iface_hs20_deauth_req(struct hostapd_data *hapd,
  504. const char *cmd)
  505. {
  506. u8 addr[ETH_ALEN];
  507. int code, reauth_delay, ret;
  508. const char *pos;
  509. size_t url_len;
  510. struct wpabuf *req;
  511. /* <STA MAC Addr> <Code(0/1)> <Re-auth-Delay(sec)> [URL] */
  512. if (hwaddr_aton(cmd, addr))
  513. return -1;
  514. pos = os_strchr(cmd, ' ');
  515. if (pos == NULL)
  516. return -1;
  517. pos++;
  518. code = atoi(pos);
  519. pos = os_strchr(pos, ' ');
  520. if (pos == NULL)
  521. return -1;
  522. pos++;
  523. reauth_delay = atoi(pos);
  524. url_len = 0;
  525. pos = os_strchr(pos, ' ');
  526. if (pos) {
  527. pos++;
  528. url_len = os_strlen(pos);
  529. }
  530. req = wpabuf_alloc(4 + url_len);
  531. if (req == NULL)
  532. return -1;
  533. wpabuf_put_u8(req, code);
  534. wpabuf_put_le16(req, reauth_delay);
  535. wpabuf_put_u8(req, url_len);
  536. if (pos)
  537. wpabuf_put_data(req, pos, url_len);
  538. wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to " MACSTR
  539. " to indicate imminent deauthentication (code=%d "
  540. "reauth_delay=%d)", MAC2STR(addr), code, reauth_delay);
  541. ret = hs20_send_wnm_notification_deauth_req(hapd, addr, req);
  542. wpabuf_free(req);
  543. return ret;
  544. }
  545. #endif /* CONFIG_HS20 */
  546. #ifdef CONFIG_INTERWORKING
  547. static int hostapd_ctrl_iface_set_qos_map_set(struct hostapd_data *hapd,
  548. const char *cmd)
  549. {
  550. u8 qos_map_set[16 + 2 * 21], count = 0;
  551. const char *pos = cmd;
  552. int val, ret;
  553. for (;;) {
  554. if (count == sizeof(qos_map_set)) {
  555. wpa_printf(MSG_ERROR, "Too many qos_map_set parameters");
  556. return -1;
  557. }
  558. val = atoi(pos);
  559. if (val < 0 || val > 255) {
  560. wpa_printf(MSG_INFO, "Invalid QoS Map Set");
  561. return -1;
  562. }
  563. qos_map_set[count++] = val;
  564. pos = os_strchr(pos, ',');
  565. if (!pos)
  566. break;
  567. pos++;
  568. }
  569. if (count < 16 || count & 1) {
  570. wpa_printf(MSG_INFO, "Invalid QoS Map Set");
  571. return -1;
  572. }
  573. ret = hostapd_drv_set_qos_map(hapd, qos_map_set, count);
  574. if (ret) {
  575. wpa_printf(MSG_INFO, "Failed to set QoS Map Set");
  576. return -1;
  577. }
  578. os_memcpy(hapd->conf->qos_map_set, qos_map_set, count);
  579. hapd->conf->qos_map_set_len = count;
  580. return 0;
  581. }
  582. static int hostapd_ctrl_iface_send_qos_map_conf(struct hostapd_data *hapd,
  583. const char *cmd)
  584. {
  585. u8 addr[ETH_ALEN];
  586. struct sta_info *sta;
  587. struct wpabuf *buf;
  588. u8 *qos_map_set = hapd->conf->qos_map_set;
  589. u8 qos_map_set_len = hapd->conf->qos_map_set_len;
  590. int ret;
  591. if (!qos_map_set_len) {
  592. wpa_printf(MSG_INFO, "QoS Map Set is not set");
  593. return -1;
  594. }
  595. if (hwaddr_aton(cmd, addr))
  596. return -1;
  597. sta = ap_get_sta(hapd, addr);
  598. if (sta == NULL) {
  599. wpa_printf(MSG_DEBUG, "Station " MACSTR " not found "
  600. "for QoS Map Configuration message",
  601. MAC2STR(addr));
  602. return -1;
  603. }
  604. if (!sta->qos_map_enabled) {
  605. wpa_printf(MSG_DEBUG, "Station " MACSTR " did not indicate "
  606. "support for QoS Map", MAC2STR(addr));
  607. return -1;
  608. }
  609. buf = wpabuf_alloc(2 + 2 + qos_map_set_len);
  610. if (buf == NULL)
  611. return -1;
  612. wpabuf_put_u8(buf, WLAN_ACTION_QOS);
  613. wpabuf_put_u8(buf, QOS_QOS_MAP_CONFIG);
  614. /* QoS Map Set Element */
  615. wpabuf_put_u8(buf, WLAN_EID_QOS_MAP_SET);
  616. wpabuf_put_u8(buf, qos_map_set_len);
  617. wpabuf_put_data(buf, qos_map_set, qos_map_set_len);
  618. ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
  619. wpabuf_head(buf), wpabuf_len(buf));
  620. wpabuf_free(buf);
  621. return ret;
  622. }
  623. #endif /* CONFIG_INTERWORKING */
  624. #ifdef CONFIG_WNM_AP
  625. static int hostapd_ctrl_iface_disassoc_imminent(struct hostapd_data *hapd,
  626. const char *cmd)
  627. {
  628. u8 addr[ETH_ALEN];
  629. int disassoc_timer;
  630. struct sta_info *sta;
  631. if (hwaddr_aton(cmd, addr))
  632. return -1;
  633. if (cmd[17] != ' ')
  634. return -1;
  635. disassoc_timer = atoi(cmd + 17);
  636. sta = ap_get_sta(hapd, addr);
  637. if (sta == NULL) {
  638. wpa_printf(MSG_DEBUG, "Station " MACSTR
  639. " not found for disassociation imminent message",
  640. MAC2STR(addr));
  641. return -1;
  642. }
  643. return wnm_send_disassoc_imminent(hapd, sta, disassoc_timer);
  644. }
  645. static int hostapd_ctrl_iface_ess_disassoc(struct hostapd_data *hapd,
  646. const char *cmd)
  647. {
  648. u8 addr[ETH_ALEN];
  649. const char *url, *timerstr;
  650. int disassoc_timer;
  651. struct sta_info *sta;
  652. if (hwaddr_aton(cmd, addr))
  653. return -1;
  654. sta = ap_get_sta(hapd, addr);
  655. if (sta == NULL) {
  656. wpa_printf(MSG_DEBUG, "Station " MACSTR
  657. " not found for ESS disassociation imminent message",
  658. MAC2STR(addr));
  659. return -1;
  660. }
  661. timerstr = cmd + 17;
  662. if (*timerstr != ' ')
  663. return -1;
  664. timerstr++;
  665. disassoc_timer = atoi(timerstr);
  666. if (disassoc_timer < 0 || disassoc_timer > 65535)
  667. return -1;
  668. url = os_strchr(timerstr, ' ');
  669. if (url == NULL)
  670. return -1;
  671. url++;
  672. return wnm_send_ess_disassoc_imminent(hapd, sta, url, disassoc_timer);
  673. }
  674. static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd,
  675. const char *cmd)
  676. {
  677. u8 addr[ETH_ALEN];
  678. const char *pos, *end;
  679. int disassoc_timer = 0;
  680. struct sta_info *sta;
  681. u8 req_mode = 0, valid_int = 0x01;
  682. u8 bss_term_dur[12];
  683. char *url = NULL;
  684. int ret;
  685. u8 nei_rep[1000];
  686. int nei_len;
  687. u8 mbo[10];
  688. size_t mbo_len = 0;
  689. if (hwaddr_aton(cmd, addr)) {
  690. wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
  691. return -1;
  692. }
  693. sta = ap_get_sta(hapd, addr);
  694. if (sta == NULL) {
  695. wpa_printf(MSG_DEBUG, "Station " MACSTR
  696. " not found for BSS TM Request message",
  697. MAC2STR(addr));
  698. return -1;
  699. }
  700. pos = os_strstr(cmd, " disassoc_timer=");
  701. if (pos) {
  702. pos += 16;
  703. disassoc_timer = atoi(pos);
  704. if (disassoc_timer < 0 || disassoc_timer > 65535) {
  705. wpa_printf(MSG_DEBUG, "Invalid disassoc_timer");
  706. return -1;
  707. }
  708. }
  709. pos = os_strstr(cmd, " valid_int=");
  710. if (pos) {
  711. pos += 11;
  712. valid_int = atoi(pos);
  713. }
  714. pos = os_strstr(cmd, " bss_term=");
  715. if (pos) {
  716. pos += 10;
  717. req_mode |= WNM_BSS_TM_REQ_BSS_TERMINATION_INCLUDED;
  718. /* TODO: TSF configurable/learnable */
  719. bss_term_dur[0] = 4; /* Subelement ID */
  720. bss_term_dur[1] = 10; /* Length */
  721. os_memset(bss_term_dur, 2, 8);
  722. end = os_strchr(pos, ',');
  723. if (end == NULL) {
  724. wpa_printf(MSG_DEBUG, "Invalid bss_term data");
  725. return -1;
  726. }
  727. end++;
  728. WPA_PUT_LE16(&bss_term_dur[10], atoi(end));
  729. }
  730. nei_len = ieee802_11_parse_candidate_list(cmd, nei_rep,
  731. sizeof(nei_rep));
  732. if (nei_len < 0)
  733. return -1;
  734. pos = os_strstr(cmd, " url=");
  735. if (pos) {
  736. size_t len;
  737. pos += 5;
  738. end = os_strchr(pos, ' ');
  739. if (end)
  740. len = end - pos;
  741. else
  742. len = os_strlen(pos);
  743. url = os_malloc(len + 1);
  744. if (url == NULL)
  745. return -1;
  746. os_memcpy(url, pos, len);
  747. url[len] = '\0';
  748. req_mode |= WNM_BSS_TM_REQ_ESS_DISASSOC_IMMINENT;
  749. }
  750. if (os_strstr(cmd, " pref=1"))
  751. req_mode |= WNM_BSS_TM_REQ_PREF_CAND_LIST_INCLUDED;
  752. if (os_strstr(cmd, " abridged=1"))
  753. req_mode |= WNM_BSS_TM_REQ_ABRIDGED;
  754. if (os_strstr(cmd, " disassoc_imminent=1"))
  755. req_mode |= WNM_BSS_TM_REQ_DISASSOC_IMMINENT;
  756. #ifdef CONFIG_MBO
  757. pos = os_strstr(cmd, "mbo=");
  758. if (pos) {
  759. unsigned int mbo_reason, cell_pref, reassoc_delay;
  760. u8 *mbo_pos = mbo;
  761. ret = sscanf(pos, "mbo=%u:%u:%u", &mbo_reason,
  762. &reassoc_delay, &cell_pref);
  763. if (ret != 3) {
  764. wpa_printf(MSG_DEBUG,
  765. "MBO requires three arguments: mbo=<reason>:<reassoc_delay>:<cell_pref>");
  766. ret = -1;
  767. goto fail;
  768. }
  769. if (mbo_reason > MBO_TRANSITION_REASON_PREMIUM_AP) {
  770. wpa_printf(MSG_DEBUG,
  771. "Invalid MBO transition reason code %u",
  772. mbo_reason);
  773. ret = -1;
  774. goto fail;
  775. }
  776. /* Valid values for Cellular preference are: 0, 1, 255 */
  777. if (cell_pref != 0 && cell_pref != 1 && cell_pref != 255) {
  778. wpa_printf(MSG_DEBUG,
  779. "Invalid MBO cellular capability %u",
  780. cell_pref);
  781. ret = -1;
  782. goto fail;
  783. }
  784. if (reassoc_delay > 65535 ||
  785. (reassoc_delay &&
  786. !(req_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT))) {
  787. wpa_printf(MSG_DEBUG,
  788. "MBO: Assoc retry delay is only valid in disassoc imminent mode");
  789. ret = -1;
  790. goto fail;
  791. }
  792. *mbo_pos++ = MBO_ATTR_ID_TRANSITION_REASON;
  793. *mbo_pos++ = 1;
  794. *mbo_pos++ = mbo_reason;
  795. *mbo_pos++ = MBO_ATTR_ID_CELL_DATA_PREF;
  796. *mbo_pos++ = 1;
  797. *mbo_pos++ = cell_pref;
  798. if (reassoc_delay) {
  799. *mbo_pos++ = MBO_ATTR_ID_ASSOC_RETRY_DELAY;
  800. *mbo_pos++ = 2;
  801. WPA_PUT_LE16(mbo_pos, reassoc_delay);
  802. mbo_pos += 2;
  803. }
  804. mbo_len = mbo_pos - mbo;
  805. }
  806. #endif /* CONFIG_MBO */
  807. ret = wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer,
  808. valid_int, bss_term_dur, url,
  809. nei_len ? nei_rep : NULL, nei_len,
  810. mbo_len ? mbo : NULL, mbo_len);
  811. #ifdef CONFIG_MBO
  812. fail:
  813. #endif /* CONFIG_MBO */
  814. os_free(url);
  815. return ret;
  816. }
  817. #endif /* CONFIG_WNM_AP */
  818. static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
  819. char *buf, size_t buflen)
  820. {
  821. int ret = 0;
  822. char *pos, *end;
  823. pos = buf;
  824. end = buf + buflen;
  825. WPA_ASSERT(hapd->conf->wpa_key_mgmt);
  826. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
  827. ret = os_snprintf(pos, end - pos, "WPA-PSK ");
  828. if (os_snprintf_error(end - pos, ret))
  829. return pos - buf;
  830. pos += ret;
  831. }
  832. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
  833. ret = os_snprintf(pos, end - pos, "WPA-EAP ");
  834. if (os_snprintf_error(end - pos, ret))
  835. return pos - buf;
  836. pos += ret;
  837. }
  838. #ifdef CONFIG_IEEE80211R_AP
  839. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
  840. ret = os_snprintf(pos, end - pos, "FT-PSK ");
  841. if (os_snprintf_error(end - pos, ret))
  842. return pos - buf;
  843. pos += ret;
  844. }
  845. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
  846. ret = os_snprintf(pos, end - pos, "FT-EAP ");
  847. if (os_snprintf_error(end - pos, ret))
  848. return pos - buf;
  849. pos += ret;
  850. }
  851. #ifdef CONFIG_SAE
  852. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
  853. ret = os_snprintf(pos, end - pos, "FT-SAE ");
  854. if (os_snprintf_error(end - pos, ret))
  855. return pos - buf;
  856. pos += ret;
  857. }
  858. #endif /* CONFIG_SAE */
  859. #ifdef CONFIG_FILS
  860. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
  861. ret = os_snprintf(pos, end - pos, "FT-FILS-SHA256 ");
  862. if (os_snprintf_error(end - pos, ret))
  863. return pos - buf;
  864. pos += ret;
  865. }
  866. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
  867. ret = os_snprintf(pos, end - pos, "FT-FILS-SHA384 ");
  868. if (os_snprintf_error(end - pos, ret))
  869. return pos - buf;
  870. pos += ret;
  871. }
  872. #endif /* CONFIG_FILS */
  873. #endif /* CONFIG_IEEE80211R_AP */
  874. #ifdef CONFIG_IEEE80211W
  875. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
  876. ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
  877. if (os_snprintf_error(end - pos, ret))
  878. return pos - buf;
  879. pos += ret;
  880. }
  881. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
  882. ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 ");
  883. if (os_snprintf_error(end - pos, ret))
  884. return pos - buf;
  885. pos += ret;
  886. }
  887. #endif /* CONFIG_IEEE80211W */
  888. #ifdef CONFIG_SAE
  889. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
  890. ret = os_snprintf(pos, end - pos, "SAE ");
  891. if (os_snprintf_error(end - pos, ret))
  892. return pos - buf;
  893. pos += ret;
  894. }
  895. #endif /* CONFIG_SAE */
  896. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
  897. ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B ");
  898. if (os_snprintf_error(end - pos, ret))
  899. return pos - buf;
  900. pos += ret;
  901. }
  902. if (hapd->conf->wpa_key_mgmt &
  903. WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
  904. ret = os_snprintf(pos, end - pos,
  905. "WPA-EAP-SUITE-B-192 ");
  906. if (os_snprintf_error(end - pos, ret))
  907. return pos - buf;
  908. pos += ret;
  909. }
  910. #ifdef CONFIG_FILS
  911. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
  912. ret = os_snprintf(pos, end - pos, "FILS-SHA256 ");
  913. if (os_snprintf_error(end - pos, ret))
  914. return pos - buf;
  915. pos += ret;
  916. }
  917. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
  918. ret = os_snprintf(pos, end - pos, "FILS-SHA384 ");
  919. if (os_snprintf_error(end - pos, ret))
  920. return pos - buf;
  921. pos += ret;
  922. }
  923. #endif /* CONFIG_FILS */
  924. #ifdef CONFIG_OWE
  925. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) {
  926. ret = os_snprintf(pos, end - pos, "OWE ");
  927. if (os_snprintf_error(end - pos, ret))
  928. return pos - buf;
  929. pos += ret;
  930. }
  931. #endif /* CONFIG_OWE */
  932. #ifdef CONFIG_DPP
  933. if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) {
  934. ret = os_snprintf(pos, end - pos, "DPP ");
  935. if (os_snprintf_error(end - pos, ret))
  936. return pos - buf;
  937. pos += ret;
  938. }
  939. #endif /* CONFIG_DPP */
  940. if (pos > buf && *(pos - 1) == ' ') {
  941. *(pos - 1) = '\0';
  942. pos--;
  943. }
  944. return pos - buf;
  945. }
  946. static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd,
  947. char *buf, size_t buflen)
  948. {
  949. int ret;
  950. char *pos, *end;
  951. pos = buf;
  952. end = buf + buflen;
  953. ret = os_snprintf(pos, end - pos, "bssid=" MACSTR "\n"
  954. "ssid=%s\n",
  955. MAC2STR(hapd->own_addr),
  956. wpa_ssid_txt(hapd->conf->ssid.ssid,
  957. hapd->conf->ssid.ssid_len));
  958. if (os_snprintf_error(end - pos, ret))
  959. return pos - buf;
  960. pos += ret;
  961. #ifdef CONFIG_WPS
  962. ret = os_snprintf(pos, end - pos, "wps_state=%s\n",
  963. hapd->conf->wps_state == 0 ? "disabled" :
  964. (hapd->conf->wps_state == 1 ? "not configured" :
  965. "configured"));
  966. if (os_snprintf_error(end - pos, ret))
  967. return pos - buf;
  968. pos += ret;
  969. if (hapd->conf->wps_state && hapd->conf->wpa &&
  970. hapd->conf->ssid.wpa_passphrase) {
  971. ret = os_snprintf(pos, end - pos, "passphrase=%s\n",
  972. hapd->conf->ssid.wpa_passphrase);
  973. if (os_snprintf_error(end - pos, ret))
  974. return pos - buf;
  975. pos += ret;
  976. }
  977. if (hapd->conf->wps_state && hapd->conf->wpa &&
  978. hapd->conf->ssid.wpa_psk &&
  979. hapd->conf->ssid.wpa_psk->group) {
  980. char hex[PMK_LEN * 2 + 1];
  981. wpa_snprintf_hex(hex, sizeof(hex),
  982. hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
  983. ret = os_snprintf(pos, end - pos, "psk=%s\n", hex);
  984. if (os_snprintf_error(end - pos, ret))
  985. return pos - buf;
  986. pos += ret;
  987. }
  988. #endif /* CONFIG_WPS */
  989. if (hapd->conf->wpa) {
  990. ret = os_snprintf(pos, end - pos, "wpa=%d\n", hapd->conf->wpa);
  991. if (os_snprintf_error(end - pos, ret))
  992. return pos - buf;
  993. pos += ret;
  994. }
  995. if (hapd->conf->wpa && hapd->conf->wpa_key_mgmt) {
  996. ret = os_snprintf(pos, end - pos, "key_mgmt=");
  997. if (os_snprintf_error(end - pos, ret))
  998. return pos - buf;
  999. pos += ret;
  1000. pos += hostapd_ctrl_iface_get_key_mgmt(hapd, pos, end - pos);
  1001. ret = os_snprintf(pos, end - pos, "\n");
  1002. if (os_snprintf_error(end - pos, ret))
  1003. return pos - buf;
  1004. pos += ret;
  1005. }
  1006. if (hapd->conf->wpa) {
  1007. ret = os_snprintf(pos, end - pos, "group_cipher=%s\n",
  1008. wpa_cipher_txt(hapd->conf->wpa_group));
  1009. if (os_snprintf_error(end - pos, ret))
  1010. return pos - buf;
  1011. pos += ret;
  1012. }
  1013. if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->rsn_pairwise) {
  1014. ret = os_snprintf(pos, end - pos, "rsn_pairwise_cipher=");
  1015. if (os_snprintf_error(end - pos, ret))
  1016. return pos - buf;
  1017. pos += ret;
  1018. ret = wpa_write_ciphers(pos, end, hapd->conf->rsn_pairwise,
  1019. " ");
  1020. if (ret < 0)
  1021. return pos - buf;
  1022. pos += ret;
  1023. ret = os_snprintf(pos, end - pos, "\n");
  1024. if (os_snprintf_error(end - pos, ret))
  1025. return pos - buf;
  1026. pos += ret;
  1027. }
  1028. if ((hapd->conf->wpa & WPA_PROTO_WPA) && hapd->conf->wpa_pairwise) {
  1029. ret = os_snprintf(pos, end - pos, "wpa_pairwise_cipher=");
  1030. if (os_snprintf_error(end - pos, ret))
  1031. return pos - buf;
  1032. pos += ret;
  1033. ret = wpa_write_ciphers(pos, end, hapd->conf->wpa_pairwise,
  1034. " ");
  1035. if (ret < 0)
  1036. return pos - buf;
  1037. pos += ret;
  1038. ret = os_snprintf(pos, end - pos, "\n");
  1039. if (os_snprintf_error(end - pos, ret))
  1040. return pos - buf;
  1041. pos += ret;
  1042. }
  1043. return pos - buf;
  1044. }
  1045. static void hostapd_disassoc_accept_mac(struct hostapd_data *hapd)
  1046. {
  1047. struct sta_info *sta;
  1048. struct vlan_description vlan_id;
  1049. if (hapd->conf->macaddr_acl != DENY_UNLESS_ACCEPTED)
  1050. return;
  1051. for (sta = hapd->sta_list; sta; sta = sta->next) {
  1052. if (!hostapd_maclist_found(hapd->conf->accept_mac,
  1053. hapd->conf->num_accept_mac,
  1054. sta->addr, &vlan_id) ||
  1055. (vlan_id.notempty &&
  1056. vlan_compare(&vlan_id, sta->vlan_desc)))
  1057. ap_sta_disconnect(hapd, sta, sta->addr,
  1058. WLAN_REASON_UNSPECIFIED);
  1059. }
  1060. }
  1061. static void hostapd_disassoc_deny_mac(struct hostapd_data *hapd)
  1062. {
  1063. struct sta_info *sta;
  1064. struct vlan_description vlan_id;
  1065. for (sta = hapd->sta_list; sta; sta = sta->next) {
  1066. if (hostapd_maclist_found(hapd->conf->deny_mac,
  1067. hapd->conf->num_deny_mac, sta->addr,
  1068. &vlan_id) &&
  1069. (!vlan_id.notempty ||
  1070. !vlan_compare(&vlan_id, sta->vlan_desc)))
  1071. ap_sta_disconnect(hapd, sta, sta->addr,
  1072. WLAN_REASON_UNSPECIFIED);
  1073. }
  1074. }
  1075. static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd)
  1076. {
  1077. char *value;
  1078. int ret = 0;
  1079. value = os_strchr(cmd, ' ');
  1080. if (value == NULL)
  1081. return -1;
  1082. *value++ = '\0';
  1083. wpa_printf(MSG_DEBUG, "CTRL_IFACE SET '%s'='%s'", cmd, value);
  1084. if (0) {
  1085. #ifdef CONFIG_WPS_TESTING
  1086. } else if (os_strcasecmp(cmd, "wps_version_number") == 0) {
  1087. long int val;
  1088. val = strtol(value, NULL, 0);
  1089. if (val < 0 || val > 0xff) {
  1090. ret = -1;
  1091. wpa_printf(MSG_DEBUG, "WPS: Invalid "
  1092. "wps_version_number %ld", val);
  1093. } else {
  1094. wps_version_number = val;
  1095. wpa_printf(MSG_DEBUG, "WPS: Testing - force WPS "
  1096. "version %u.%u",
  1097. (wps_version_number & 0xf0) >> 4,
  1098. wps_version_number & 0x0f);
  1099. hostapd_wps_update_ie(hapd);
  1100. }
  1101. } else if (os_strcasecmp(cmd, "wps_testing_dummy_cred") == 0) {
  1102. wps_testing_dummy_cred = atoi(value);
  1103. wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
  1104. wps_testing_dummy_cred);
  1105. } else if (os_strcasecmp(cmd, "wps_corrupt_pkhash") == 0) {
  1106. wps_corrupt_pkhash = atoi(value);
  1107. wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d",
  1108. wps_corrupt_pkhash);
  1109. #endif /* CONFIG_WPS_TESTING */
  1110. #ifdef CONFIG_TESTING_OPTIONS
  1111. } else if (os_strcasecmp(cmd, "ext_mgmt_frame_handling") == 0) {
  1112. hapd->ext_mgmt_frame_handling = atoi(value);
  1113. } else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) {
  1114. hapd->ext_eapol_frame_io = atoi(value);
  1115. #ifdef CONFIG_DPP
  1116. } else if (os_strcasecmp(cmd, "dpp_config_obj_override") == 0) {
  1117. os_free(hapd->dpp_config_obj_override);
  1118. hapd->dpp_config_obj_override = os_strdup(value);
  1119. } else if (os_strcasecmp(cmd, "dpp_discovery_override") == 0) {
  1120. os_free(hapd->dpp_discovery_override);
  1121. hapd->dpp_discovery_override = os_strdup(value);
  1122. } else if (os_strcasecmp(cmd, "dpp_groups_override") == 0) {
  1123. os_free(hapd->dpp_groups_override);
  1124. hapd->dpp_groups_override = os_strdup(value);
  1125. } else if (os_strcasecmp(cmd,
  1126. "dpp_ignore_netaccesskey_mismatch") == 0) {
  1127. hapd->dpp_ignore_netaccesskey_mismatch = atoi(value);
  1128. } else if (os_strcasecmp(cmd, "dpp_test") == 0) {
  1129. dpp_test = atoi(value);
  1130. #endif /* CONFIG_DPP */
  1131. #endif /* CONFIG_TESTING_OPTIONS */
  1132. #ifdef CONFIG_MBO
  1133. } else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) {
  1134. int val;
  1135. if (!hapd->conf->mbo_enabled)
  1136. return -1;
  1137. val = atoi(value);
  1138. if (val < 0 || val > 1)
  1139. return -1;
  1140. hapd->mbo_assoc_disallow = val;
  1141. ieee802_11_update_beacons(hapd->iface);
  1142. /*
  1143. * TODO: Need to configure drivers that do AP MLME offload with
  1144. * disallowing station logic.
  1145. */
  1146. #endif /* CONFIG_MBO */
  1147. #ifdef CONFIG_DPP
  1148. } else if (os_strcasecmp(cmd, "dpp_configurator_params") == 0) {
  1149. os_free(hapd->dpp_configurator_params);
  1150. hapd->dpp_configurator_params = os_strdup(value);
  1151. #endif /* CONFIG_DPP */
  1152. } else {
  1153. ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value);
  1154. if (ret)
  1155. return ret;
  1156. if (os_strcasecmp(cmd, "deny_mac_file") == 0) {
  1157. hostapd_disassoc_deny_mac(hapd);
  1158. } else if (os_strcasecmp(cmd, "accept_mac_file") == 0) {
  1159. hostapd_disassoc_accept_mac(hapd);
  1160. }
  1161. }
  1162. return ret;
  1163. }
  1164. static int hostapd_ctrl_iface_get(struct hostapd_data *hapd, char *cmd,
  1165. char *buf, size_t buflen)
  1166. {
  1167. int res;
  1168. wpa_printf(MSG_DEBUG, "CTRL_IFACE GET '%s'", cmd);
  1169. if (os_strcmp(cmd, "version") == 0) {
  1170. res = os_snprintf(buf, buflen, "%s", VERSION_STR);
  1171. if (os_snprintf_error(buflen, res))
  1172. return -1;
  1173. return res;
  1174. } else if (os_strcmp(cmd, "tls_library") == 0) {
  1175. res = tls_get_library_version(buf, buflen);
  1176. if (os_snprintf_error(buflen, res))
  1177. return -1;
  1178. return res;
  1179. }
  1180. return -1;
  1181. }
  1182. static int hostapd_ctrl_iface_enable(struct hostapd_iface *iface)
  1183. {
  1184. if (hostapd_enable_iface(iface) < 0) {
  1185. wpa_printf(MSG_ERROR, "Enabling of interface failed");
  1186. return -1;
  1187. }
  1188. return 0;
  1189. }
  1190. static int hostapd_ctrl_iface_reload(struct hostapd_iface *iface)
  1191. {
  1192. if (hostapd_reload_iface(iface) < 0) {
  1193. wpa_printf(MSG_ERROR, "Reloading of interface failed");
  1194. return -1;
  1195. }
  1196. return 0;
  1197. }
  1198. static int hostapd_ctrl_iface_disable(struct hostapd_iface *iface)
  1199. {
  1200. if (hostapd_disable_iface(iface) < 0) {
  1201. wpa_printf(MSG_ERROR, "Disabling of interface failed");
  1202. return -1;
  1203. }
  1204. return 0;
  1205. }
  1206. #ifdef CONFIG_TESTING_OPTIONS
  1207. static int hostapd_ctrl_iface_radar(struct hostapd_data *hapd, char *cmd)
  1208. {
  1209. union wpa_event_data data;
  1210. char *pos, *param;
  1211. enum wpa_event_type event;
  1212. wpa_printf(MSG_DEBUG, "RADAR TEST: %s", cmd);
  1213. os_memset(&data, 0, sizeof(data));
  1214. param = os_strchr(cmd, ' ');
  1215. if (param == NULL)
  1216. return -1;
  1217. *param++ = '\0';
  1218. if (os_strcmp(cmd, "DETECTED") == 0)
  1219. event = EVENT_DFS_RADAR_DETECTED;
  1220. else if (os_strcmp(cmd, "CAC-FINISHED") == 0)
  1221. event = EVENT_DFS_CAC_FINISHED;
  1222. else if (os_strcmp(cmd, "CAC-ABORTED") == 0)
  1223. event = EVENT_DFS_CAC_ABORTED;
  1224. else if (os_strcmp(cmd, "NOP-FINISHED") == 0)
  1225. event = EVENT_DFS_NOP_FINISHED;
  1226. else {
  1227. wpa_printf(MSG_DEBUG, "Unsupported RADAR test command: %s",
  1228. cmd);
  1229. return -1;
  1230. }
  1231. pos = os_strstr(param, "freq=");
  1232. if (pos)
  1233. data.dfs_event.freq = atoi(pos + 5);
  1234. pos = os_strstr(param, "ht_enabled=1");
  1235. if (pos)
  1236. data.dfs_event.ht_enabled = 1;
  1237. pos = os_strstr(param, "chan_offset=");
  1238. if (pos)
  1239. data.dfs_event.chan_offset = atoi(pos + 12);
  1240. pos = os_strstr(param, "chan_width=");
  1241. if (pos)
  1242. data.dfs_event.chan_width = atoi(pos + 11);
  1243. pos = os_strstr(param, "cf1=");
  1244. if (pos)
  1245. data.dfs_event.cf1 = atoi(pos + 4);
  1246. pos = os_strstr(param, "cf2=");
  1247. if (pos)
  1248. data.dfs_event.cf2 = atoi(pos + 4);
  1249. wpa_supplicant_event(hapd, event, &data);
  1250. return 0;
  1251. }
  1252. static int hostapd_ctrl_iface_mgmt_tx(struct hostapd_data *hapd, char *cmd)
  1253. {
  1254. size_t len;
  1255. u8 *buf;
  1256. int res;
  1257. wpa_printf(MSG_DEBUG, "External MGMT TX: %s", cmd);
  1258. len = os_strlen(cmd);
  1259. if (len & 1)
  1260. return -1;
  1261. len /= 2;
  1262. buf = os_malloc(len);
  1263. if (buf == NULL)
  1264. return -1;
  1265. if (hexstr2bin(cmd, buf, len) < 0) {
  1266. os_free(buf);
  1267. return -1;
  1268. }
  1269. res = hostapd_drv_send_mlme(hapd, buf, len, 0);
  1270. os_free(buf);
  1271. return res;
  1272. }
  1273. static int hostapd_ctrl_iface_mgmt_tx_status_process(struct hostapd_data *hapd,
  1274. char *cmd)
  1275. {
  1276. char *pos, *param;
  1277. size_t len;
  1278. u8 *buf;
  1279. int stype = 0, ok = 0;
  1280. union wpa_event_data event;
  1281. if (!hapd->ext_mgmt_frame_handling)
  1282. return -1;
  1283. /* stype=<val> ok=<0/1> buf=<frame hexdump> */
  1284. wpa_printf(MSG_DEBUG, "External MGMT TX status process: %s", cmd);
  1285. pos = cmd;
  1286. param = os_strstr(pos, "stype=");
  1287. if (param) {
  1288. param += 6;
  1289. stype = atoi(param);
  1290. }
  1291. param = os_strstr(pos, " ok=");
  1292. if (param) {
  1293. param += 4;
  1294. ok = atoi(param);
  1295. }
  1296. param = os_strstr(pos, " buf=");
  1297. if (!param)
  1298. return -1;
  1299. param += 5;
  1300. len = os_strlen(param);
  1301. if (len & 1)
  1302. return -1;
  1303. len /= 2;
  1304. buf = os_malloc(len);
  1305. if (!buf || hexstr2bin(param, buf, len) < 0) {
  1306. os_free(buf);
  1307. return -1;
  1308. }
  1309. os_memset(&event, 0, sizeof(event));
  1310. event.tx_status.type = WLAN_FC_TYPE_MGMT;
  1311. event.tx_status.data = buf;
  1312. event.tx_status.data_len = len;
  1313. event.tx_status.stype = stype;
  1314. event.tx_status.ack = ok;
  1315. hapd->ext_mgmt_frame_handling = 0;
  1316. wpa_supplicant_event(hapd, EVENT_TX_STATUS, &event);
  1317. hapd->ext_mgmt_frame_handling = 1;
  1318. os_free(buf);
  1319. return 0;
  1320. }
  1321. static int hostapd_ctrl_iface_mgmt_rx_process(struct hostapd_data *hapd,
  1322. char *cmd)
  1323. {
  1324. char *pos, *param;
  1325. size_t len;
  1326. u8 *buf;
  1327. int freq = 0, datarate = 0, ssi_signal = 0;
  1328. union wpa_event_data event;
  1329. if (!hapd->ext_mgmt_frame_handling)
  1330. return -1;
  1331. /* freq=<MHz> datarate=<val> ssi_signal=<val> frame=<frame hexdump> */
  1332. wpa_printf(MSG_DEBUG, "External MGMT RX process: %s", cmd);
  1333. pos = cmd;
  1334. param = os_strstr(pos, "freq=");
  1335. if (param) {
  1336. param += 5;
  1337. freq = atoi(param);
  1338. }
  1339. param = os_strstr(pos, " datarate=");
  1340. if (param) {
  1341. param += 10;
  1342. datarate = atoi(param);
  1343. }
  1344. param = os_strstr(pos, " ssi_signal=");
  1345. if (param) {
  1346. param += 12;
  1347. ssi_signal = atoi(param);
  1348. }
  1349. param = os_strstr(pos, " frame=");
  1350. if (param == NULL)
  1351. return -1;
  1352. param += 7;
  1353. len = os_strlen(param);
  1354. if (len & 1)
  1355. return -1;
  1356. len /= 2;
  1357. buf = os_malloc(len);
  1358. if (buf == NULL)
  1359. return -1;
  1360. if (hexstr2bin(param, buf, len) < 0) {
  1361. os_free(buf);
  1362. return -1;
  1363. }
  1364. os_memset(&event, 0, sizeof(event));
  1365. event.rx_mgmt.freq = freq;
  1366. event.rx_mgmt.frame = buf;
  1367. event.rx_mgmt.frame_len = len;
  1368. event.rx_mgmt.ssi_signal = ssi_signal;
  1369. event.rx_mgmt.datarate = datarate;
  1370. hapd->ext_mgmt_frame_handling = 0;
  1371. wpa_supplicant_event(hapd, EVENT_RX_MGMT, &event);
  1372. hapd->ext_mgmt_frame_handling = 1;
  1373. os_free(buf);
  1374. return 0;
  1375. }
  1376. static int hostapd_ctrl_iface_eapol_rx(struct hostapd_data *hapd, char *cmd)
  1377. {
  1378. char *pos;
  1379. u8 src[ETH_ALEN], *buf;
  1380. int used;
  1381. size_t len;
  1382. wpa_printf(MSG_DEBUG, "External EAPOL RX: %s", cmd);
  1383. pos = cmd;
  1384. used = hwaddr_aton2(pos, src);
  1385. if (used < 0)
  1386. return -1;
  1387. pos += used;
  1388. while (*pos == ' ')
  1389. pos++;
  1390. len = os_strlen(pos);
  1391. if (len & 1)
  1392. return -1;
  1393. len /= 2;
  1394. buf = os_malloc(len);
  1395. if (buf == NULL)
  1396. return -1;
  1397. if (hexstr2bin(pos, buf, len) < 0) {
  1398. os_free(buf);
  1399. return -1;
  1400. }
  1401. ieee802_1x_receive(hapd, src, buf, len);
  1402. os_free(buf);
  1403. return 0;
  1404. }
  1405. static u16 ipv4_hdr_checksum(const void *buf, size_t len)
  1406. {
  1407. size_t i;
  1408. u32 sum = 0;
  1409. const u16 *pos = buf;
  1410. for (i = 0; i < len / 2; i++)
  1411. sum += *pos++;
  1412. while (sum >> 16)
  1413. sum = (sum & 0xffff) + (sum >> 16);
  1414. return sum ^ 0xffff;
  1415. }
  1416. #define HWSIM_PACKETLEN 1500
  1417. #define HWSIM_IP_LEN (HWSIM_PACKETLEN - sizeof(struct ether_header))
  1418. static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
  1419. size_t len)
  1420. {
  1421. struct hostapd_data *hapd = ctx;
  1422. const struct ether_header *eth;
  1423. struct iphdr ip;
  1424. const u8 *pos;
  1425. unsigned int i;
  1426. if (len != HWSIM_PACKETLEN)
  1427. return;
  1428. eth = (const struct ether_header *) buf;
  1429. os_memcpy(&ip, eth + 1, sizeof(ip));
  1430. pos = &buf[sizeof(*eth) + sizeof(ip)];
  1431. if (ip.ihl != 5 || ip.version != 4 ||
  1432. ntohs(ip.tot_len) != HWSIM_IP_LEN)
  1433. return;
  1434. for (i = 0; i < HWSIM_IP_LEN - sizeof(ip); i++) {
  1435. if (*pos != (u8) i)
  1436. return;
  1437. pos++;
  1438. }
  1439. wpa_msg(hapd->msg_ctx, MSG_INFO, "DATA-TEST-RX " MACSTR " " MACSTR,
  1440. MAC2STR(eth->ether_dhost), MAC2STR(eth->ether_shost));
  1441. }
  1442. static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd,
  1443. char *cmd)
  1444. {
  1445. int enabled = atoi(cmd);
  1446. char *pos;
  1447. const char *ifname;
  1448. if (!enabled) {
  1449. if (hapd->l2_test) {
  1450. l2_packet_deinit(hapd->l2_test);
  1451. hapd->l2_test = NULL;
  1452. wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
  1453. "test data: Disabled");
  1454. }
  1455. return 0;
  1456. }
  1457. if (hapd->l2_test)
  1458. return 0;
  1459. pos = os_strstr(cmd, " ifname=");
  1460. if (pos)
  1461. ifname = pos + 8;
  1462. else
  1463. ifname = hapd->conf->iface;
  1464. hapd->l2_test = l2_packet_init(ifname, hapd->own_addr,
  1465. ETHERTYPE_IP, hostapd_data_test_rx,
  1466. hapd, 1);
  1467. if (hapd->l2_test == NULL)
  1468. return -1;
  1469. wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: Enabled");
  1470. return 0;
  1471. }
  1472. static int hostapd_ctrl_iface_data_test_tx(struct hostapd_data *hapd, char *cmd)
  1473. {
  1474. u8 dst[ETH_ALEN], src[ETH_ALEN];
  1475. char *pos;
  1476. int used;
  1477. long int val;
  1478. u8 tos;
  1479. u8 buf[2 + HWSIM_PACKETLEN];
  1480. struct ether_header *eth;
  1481. struct iphdr *ip;
  1482. u8 *dpos;
  1483. unsigned int i;
  1484. if (hapd->l2_test == NULL)
  1485. return -1;
  1486. /* format: <dst> <src> <tos> */
  1487. pos = cmd;
  1488. used = hwaddr_aton2(pos, dst);
  1489. if (used < 0)
  1490. return -1;
  1491. pos += used;
  1492. while (*pos == ' ')
  1493. pos++;
  1494. used = hwaddr_aton2(pos, src);
  1495. if (used < 0)
  1496. return -1;
  1497. pos += used;
  1498. val = strtol(pos, NULL, 0);
  1499. if (val < 0 || val > 0xff)
  1500. return -1;
  1501. tos = val;
  1502. eth = (struct ether_header *) &buf[2];
  1503. os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
  1504. os_memcpy(eth->ether_shost, src, ETH_ALEN);
  1505. eth->ether_type = htons(ETHERTYPE_IP);
  1506. ip = (struct iphdr *) (eth + 1);
  1507. os_memset(ip, 0, sizeof(*ip));
  1508. ip->ihl = 5;
  1509. ip->version = 4;
  1510. ip->ttl = 64;
  1511. ip->tos = tos;
  1512. ip->tot_len = htons(HWSIM_IP_LEN);
  1513. ip->protocol = 1;
  1514. ip->saddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
  1515. ip->daddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
  1516. ip->check = ipv4_hdr_checksum(ip, sizeof(*ip));
  1517. dpos = (u8 *) (ip + 1);
  1518. for (i = 0; i < HWSIM_IP_LEN - sizeof(*ip); i++)
  1519. *dpos++ = i;
  1520. if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, &buf[2],
  1521. HWSIM_PACKETLEN) < 0)
  1522. return -1;
  1523. wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX dst=" MACSTR
  1524. " src=" MACSTR " tos=0x%x", MAC2STR(dst), MAC2STR(src), tos);
  1525. return 0;
  1526. }
  1527. static int hostapd_ctrl_iface_data_test_frame(struct hostapd_data *hapd,
  1528. char *cmd)
  1529. {
  1530. u8 *buf;
  1531. struct ether_header *eth;
  1532. struct l2_packet_data *l2 = NULL;
  1533. size_t len;
  1534. u16 ethertype;
  1535. int res = -1;
  1536. const char *ifname = hapd->conf->iface;
  1537. if (os_strncmp(cmd, "ifname=", 7) == 0) {
  1538. cmd += 7;
  1539. ifname = cmd;
  1540. cmd = os_strchr(cmd, ' ');
  1541. if (cmd == NULL)
  1542. return -1;
  1543. *cmd++ = '\0';
  1544. }
  1545. len = os_strlen(cmd);
  1546. if (len & 1 || len < ETH_HLEN * 2)
  1547. return -1;
  1548. len /= 2;
  1549. buf = os_malloc(len);
  1550. if (buf == NULL)
  1551. return -1;
  1552. if (hexstr2bin(cmd, buf, len) < 0)
  1553. goto done;
  1554. eth = (struct ether_header *) buf;
  1555. ethertype = ntohs(eth->ether_type);
  1556. l2 = l2_packet_init(ifname, hapd->own_addr, ethertype,
  1557. hostapd_data_test_rx, hapd, 1);
  1558. if (l2 == NULL)
  1559. goto done;
  1560. res = l2_packet_send(l2, eth->ether_dhost, ethertype, buf, len);
  1561. wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX frame res=%d", res);
  1562. done:
  1563. if (l2)
  1564. l2_packet_deinit(l2);
  1565. os_free(buf);
  1566. return res < 0 ? -1 : 0;
  1567. }
  1568. static int hostapd_ctrl_test_alloc_fail(struct hostapd_data *hapd, char *cmd)
  1569. {
  1570. #ifdef WPA_TRACE_BFD
  1571. char *pos;
  1572. wpa_trace_fail_after = atoi(cmd);
  1573. pos = os_strchr(cmd, ':');
  1574. if (pos) {
  1575. pos++;
  1576. os_strlcpy(wpa_trace_fail_func, pos,
  1577. sizeof(wpa_trace_fail_func));
  1578. } else {
  1579. wpa_trace_fail_after = 0;
  1580. }
  1581. return 0;
  1582. #else /* WPA_TRACE_BFD */
  1583. return -1;
  1584. #endif /* WPA_TRACE_BFD */
  1585. }
  1586. static int hostapd_ctrl_get_alloc_fail(struct hostapd_data *hapd,
  1587. char *buf, size_t buflen)
  1588. {
  1589. #ifdef WPA_TRACE_BFD
  1590. return os_snprintf(buf, buflen, "%u:%s", wpa_trace_fail_after,
  1591. wpa_trace_fail_func);
  1592. #else /* WPA_TRACE_BFD */
  1593. return -1;
  1594. #endif /* WPA_TRACE_BFD */
  1595. }
  1596. static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd)
  1597. {
  1598. #ifdef WPA_TRACE_BFD
  1599. char *pos;
  1600. wpa_trace_test_fail_after = atoi(cmd);
  1601. pos = os_strchr(cmd, ':');
  1602. if (pos) {
  1603. pos++;
  1604. os_strlcpy(wpa_trace_test_fail_func, pos,
  1605. sizeof(wpa_trace_test_fail_func));
  1606. } else {
  1607. wpa_trace_test_fail_after = 0;
  1608. }
  1609. return 0;
  1610. #else /* WPA_TRACE_BFD */
  1611. return -1;
  1612. #endif /* WPA_TRACE_BFD */
  1613. }
  1614. static int hostapd_ctrl_get_fail(struct hostapd_data *hapd,
  1615. char *buf, size_t buflen)
  1616. {
  1617. #ifdef WPA_TRACE_BFD
  1618. return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after,
  1619. wpa_trace_test_fail_func);
  1620. #else /* WPA_TRACE_BFD */
  1621. return -1;
  1622. #endif /* WPA_TRACE_BFD */
  1623. }
  1624. static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
  1625. {
  1626. struct sta_info *sta;
  1627. u8 addr[ETH_ALEN];
  1628. u8 zero[WPA_TK_MAX_LEN];
  1629. os_memset(zero, 0, sizeof(zero));
  1630. if (hwaddr_aton(cmd, addr))
  1631. return -1;
  1632. #ifdef CONFIG_IEEE80211W
  1633. if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) {
  1634. if (hapd->last_igtk_alg == WPA_ALG_NONE)
  1635. return -1;
  1636. wpa_printf(MSG_INFO, "TESTING: Reset IPN for IGTK");
  1637. /* First, use a zero key to avoid any possible duplicate key
  1638. * avoidance in the driver. */
  1639. if (hostapd_drv_set_key(hapd->conf->iface, hapd,
  1640. hapd->last_igtk_alg,
  1641. broadcast_ether_addr,
  1642. hapd->last_igtk_key_idx, 1, NULL, 0,
  1643. zero, hapd->last_igtk_len) < 0)
  1644. return -1;
  1645. /* Set the previously configured key to reset its TSC */
  1646. return hostapd_drv_set_key(hapd->conf->iface, hapd,
  1647. hapd->last_igtk_alg,
  1648. broadcast_ether_addr,
  1649. hapd->last_igtk_key_idx, 1, NULL, 0,
  1650. hapd->last_igtk,
  1651. hapd->last_igtk_len);
  1652. }
  1653. #endif /* CONFIG_IEEE80211W */
  1654. if (is_broadcast_ether_addr(addr)) {
  1655. if (hapd->last_gtk_alg == WPA_ALG_NONE)
  1656. return -1;
  1657. #ifdef KRACK_TEST_CLIENT
  1658. poc_log(NULL, "Reset PN for GTK\n");
  1659. #else
  1660. wpa_printf(MSG_INFO, "TESTING: Reset PN for GTK");
  1661. #endif
  1662. /* First, use a zero key to avoid any possible duplicate key
  1663. * avoidance in the driver. */
  1664. if (hostapd_drv_set_key(hapd->conf->iface, hapd,
  1665. hapd->last_gtk_alg,
  1666. broadcast_ether_addr,
  1667. hapd->last_gtk_key_idx, 1, NULL, 0,
  1668. zero, hapd->last_gtk_len) < 0)
  1669. return -1;
  1670. /* Set the previously configured key to reset its TSC */
  1671. return hostapd_drv_set_key(hapd->conf->iface, hapd,
  1672. hapd->last_gtk_alg,
  1673. broadcast_ether_addr,
  1674. hapd->last_gtk_key_idx, 1, NULL, 0,
  1675. hapd->last_gtk, hapd->last_gtk_len);
  1676. }
  1677. sta = ap_get_sta(hapd, addr);
  1678. if (!sta)
  1679. return -1;
  1680. if (sta->last_tk_alg == WPA_ALG_NONE)
  1681. return -1;
  1682. #ifdef KRACK_TEST_CLIENT
  1683. poc_log(sta->addr, "Reset PN\n");
  1684. #else
  1685. wpa_printf(MSG_INFO, "TESTING: Reset PN for " MACSTR,
  1686. MAC2STR(sta->addr));
  1687. #endif
  1688. /* First, use a zero key to avoid any possible duplicate key avoidance
  1689. * in the driver. */
  1690. if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
  1691. sta->addr, sta->last_tk_key_idx, 1, NULL, 0,
  1692. zero, sta->last_tk_len) < 0)
  1693. return -1;
  1694. /* Set the previously configured key to reset its TSC/RSC */
  1695. return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
  1696. sta->addr, sta->last_tk_key_idx, 1, NULL, 0,
  1697. sta->last_tk, sta->last_tk_len);
  1698. }
  1699. static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd)
  1700. {
  1701. u8 addr[ETH_ALEN];
  1702. const char *pos = cmd;
  1703. enum wpa_alg alg;
  1704. int idx, set_tx;
  1705. u8 seq[6], key[WPA_TK_MAX_LEN];
  1706. size_t key_len;
  1707. /* parameters: alg addr idx set_tx seq key */
  1708. alg = atoi(pos);
  1709. pos = os_strchr(pos, ' ');
  1710. if (!pos)
  1711. return -1;
  1712. pos++;
  1713. if (hwaddr_aton(pos, addr))
  1714. return -1;
  1715. pos += 17;
  1716. if (*pos != ' ')
  1717. return -1;
  1718. pos++;
  1719. idx = atoi(pos);
  1720. pos = os_strchr(pos, ' ');
  1721. if (!pos)
  1722. return -1;
  1723. pos++;
  1724. set_tx = atoi(pos);
  1725. pos = os_strchr(pos, ' ');
  1726. if (!pos)
  1727. return -1;
  1728. pos++;
  1729. if (hexstr2bin(pos, seq, sizeof(6)) < 0)
  1730. return -1;
  1731. pos += 2 * 6;
  1732. if (*pos != ' ')
  1733. return -1;
  1734. pos++;
  1735. key_len = os_strlen(pos) / 2;
  1736. if (hexstr2bin(pos, key, key_len) < 0)
  1737. return -1;
  1738. wpa_printf(MSG_INFO, "TESTING: Set key");
  1739. return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx,
  1740. set_tx, seq, 6, key, key_len);
  1741. }
  1742. static void restore_tk(void *ctx1, void *ctx2)
  1743. {
  1744. struct hostapd_data *hapd = ctx1;
  1745. struct sta_info *sta = ctx2;
  1746. wpa_printf(MSG_INFO, "TESTING: Restore TK for " MACSTR,
  1747. MAC2STR(sta->addr));
  1748. /* This does not really restore the TSC properly, so this will result
  1749. * in replay protection issues for now since there is no clean way of
  1750. * preventing encryption of a single EAPOL frame. */
  1751. hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
  1752. sta->addr, sta->last_tk_key_idx, 1, NULL, 0,
  1753. sta->last_tk, sta->last_tk_len);
  1754. }
  1755. static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd)
  1756. {
  1757. struct sta_info *sta;
  1758. u8 addr[ETH_ALEN];
  1759. int plain = os_strstr(cmd, "plaintext") != NULL;
  1760. if (hwaddr_aton(cmd, addr))
  1761. return -1;
  1762. sta = ap_get_sta(hapd, addr);
  1763. if (!sta || !sta->wpa_sm)
  1764. return -1;
  1765. if (plain && sta->last_tk_alg == WPA_ALG_NONE)
  1766. plain = 0; /* no need for special processing */
  1767. if (plain) {
  1768. wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
  1769. MAC2STR(sta->addr));
  1770. hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
  1771. sta->addr, sta->last_tk_key_idx, 0, NULL, 0,
  1772. NULL, 0);
  1773. }
  1774. #ifdef KRACK_TEST_CLIENT
  1775. poc_log(sta->addr, "sending a new 4-way message 1 (%s)\n",
  1776. os_strstr(cmd, "change-anonce") != NULL ? "with random ANonce" : "with same ANonce");
  1777. #else
  1778. wpa_printf(MSG_INFO, "TESTING: Send M1 to " MACSTR, MAC2STR(sta->addr));
  1779. #endif
  1780. return wpa_auth_resend_m1(sta->wpa_sm,
  1781. os_strstr(cmd, "change-anonce") != NULL,
  1782. plain ? restore_tk : NULL, hapd, sta);
  1783. }
  1784. static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd)
  1785. {
  1786. struct sta_info *sta;
  1787. u8 addr[ETH_ALEN];
  1788. int plain = os_strstr(cmd, "plaintext") != NULL;
  1789. int maxrsc = os_strstr(cmd, "maxrsc") != NULL;
  1790. if (hwaddr_aton(cmd, addr))
  1791. return -1;
  1792. sta = ap_get_sta(hapd, addr);
  1793. if (!sta || !sta->wpa_sm)
  1794. return -1;
  1795. if (plain && sta->last_tk_alg == WPA_ALG_NONE)
  1796. plain = 0; /* no need for special processing */
  1797. if (plain) {
  1798. wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
  1799. MAC2STR(sta->addr));
  1800. hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
  1801. sta->addr, sta->last_tk_key_idx, 0, NULL, 0,
  1802. NULL, 0);
  1803. }
  1804. #ifdef KRACK_TEST_CLIENT
  1805. poc_log(sta->addr, "sending a new 4-way message 3 where the GTK has a %s RSC\n", maxrsc ? "max" : "zero");
  1806. #else
  1807. wpa_printf(MSG_INFO, "TESTING: Send M3 to " MACSTR, MAC2STR(sta->addr));
  1808. #endif
  1809. return wpa_auth_resend_m3(sta->wpa_sm,
  1810. plain ? restore_tk : NULL, hapd, sta, maxrsc);
  1811. }
  1812. static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd,
  1813. const char *cmd)
  1814. {
  1815. struct sta_info *sta;
  1816. u8 addr[ETH_ALEN];
  1817. int plain = os_strstr(cmd, "plaintext") != NULL;
  1818. int maxrsc = os_strstr(cmd, "maxrsc") != NULL;
  1819. if (hwaddr_aton(cmd, addr))
  1820. return -1;
  1821. sta = ap_get_sta(hapd, addr);
  1822. if (!sta || !sta->wpa_sm)
  1823. return -1;
  1824. if (plain && sta->last_tk_alg == WPA_ALG_NONE)
  1825. plain = 0; /* no need for special processing */
  1826. if (plain) {
  1827. wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
  1828. MAC2STR(sta->addr));
  1829. hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
  1830. sta->addr, sta->last_tk_key_idx, 0, NULL, 0,
  1831. NULL, 0);
  1832. }
  1833. #ifdef KRACK_TEST_CLIENT
  1834. poc_log(sta->addr, "Send group message 1 for the same GTK and %s RSC\n", maxrsc ? "max" : "zero");
  1835. #else
  1836. wpa_printf(MSG_INFO,
  1837. "TESTING: Send group M1 for the same GTK and %s RSC to "
  1838. MACSTR, maxrsc ? "max" : "zero", MAC2STR(sta->addr));
  1839. #endif
  1840. return wpa_auth_resend_group_m1(sta->wpa_sm,
  1841. plain ? restore_tk : NULL, hapd, sta, maxrsc);
  1842. }
  1843. #endif /* CONFIG_TESTING_OPTIONS */
  1844. static int hostapd_ctrl_iface_chan_switch(struct hostapd_iface *iface,
  1845. char *pos)
  1846. {
  1847. #ifdef NEED_AP_MLME
  1848. struct csa_settings settings;
  1849. int ret;
  1850. unsigned int i;
  1851. ret = hostapd_parse_csa_settings(pos, &settings);
  1852. if (ret)
  1853. return ret;
  1854. for (i = 0; i < iface->num_bss; i++) {
  1855. ret = hostapd_switch_channel(iface->bss[i], &settings);
  1856. if (ret) {
  1857. /* FIX: What do we do if CSA fails in the middle of
  1858. * submitting multi-BSS CSA requests? */
  1859. return ret;
  1860. }
  1861. }
  1862. return 0;
  1863. #else /* NEED_AP_MLME */
  1864. return -1;
  1865. #endif /* NEED_AP_MLME */
  1866. }
  1867. static int hostapd_ctrl_iface_mib(struct hostapd_data *hapd, char *reply,
  1868. int reply_size, const char *param)
  1869. {
  1870. #ifdef RADIUS_SERVER
  1871. if (os_strcmp(param, "radius_server") == 0) {
  1872. return radius_server_get_mib(hapd->radius_srv, reply,
  1873. reply_size);
  1874. }
  1875. #endif /* RADIUS_SERVER */
  1876. return -1;
  1877. }
  1878. static int hostapd_ctrl_iface_vendor(struct hostapd_data *hapd, char *cmd,
  1879. char *buf, size_t buflen)
  1880. {
  1881. int ret;
  1882. char *pos;
  1883. u8 *data = NULL;
  1884. unsigned int vendor_id, subcmd;
  1885. struct wpabuf *reply;
  1886. size_t data_len = 0;
  1887. /* cmd: <vendor id> <subcommand id> [<hex formatted data>] */
  1888. vendor_id = strtoul(cmd, &pos, 16);
  1889. if (!isblank((unsigned char) *pos))
  1890. return -EINVAL;
  1891. subcmd = strtoul(pos, &pos, 10);
  1892. if (*pos != '\0') {
  1893. if (!isblank((unsigned char) *pos++))
  1894. return -EINVAL;
  1895. data_len = os_strlen(pos);
  1896. }
  1897. if (data_len) {
  1898. data_len /= 2;
  1899. data = os_malloc(data_len);
  1900. if (!data)
  1901. return -ENOBUFS;
  1902. if (hexstr2bin(pos, data, data_len)) {
  1903. wpa_printf(MSG_DEBUG,
  1904. "Vendor command: wrong parameter format");
  1905. os_free(data);
  1906. return -EINVAL;
  1907. }
  1908. }
  1909. reply = wpabuf_alloc((buflen - 1) / 2);
  1910. if (!reply) {
  1911. os_free(data);
  1912. return -ENOBUFS;
  1913. }
  1914. ret = hostapd_drv_vendor_cmd(hapd, vendor_id, subcmd, data, data_len,
  1915. reply);
  1916. if (ret == 0)
  1917. ret = wpa_snprintf_hex(buf, buflen, wpabuf_head_u8(reply),
  1918. wpabuf_len(reply));
  1919. wpabuf_free(reply);
  1920. os_free(data);
  1921. return ret;
  1922. }
  1923. static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd,
  1924. const char *cmd)
  1925. {
  1926. u8 addr[ETH_ALEN];
  1927. struct sta_info *sta;
  1928. if (hwaddr_aton(cmd, addr))
  1929. return -1;
  1930. sta = ap_get_sta(hapd, addr);
  1931. if (!sta || !sta->eapol_sm)
  1932. return -1;
  1933. eapol_auth_reauthenticate(sta->eapol_sm);
  1934. return 0;
  1935. }
  1936. static int hostapd_ctrl_iface_eapol_set(struct hostapd_data *hapd, char *cmd)
  1937. {
  1938. u8 addr[ETH_ALEN];
  1939. struct sta_info *sta;
  1940. char *pos = cmd, *param;
  1941. if (hwaddr_aton(pos, addr) || pos[17] != ' ')
  1942. return -1;
  1943. pos += 18;
  1944. param = pos;
  1945. pos = os_strchr(pos, ' ');
  1946. if (!pos)
  1947. return -1;
  1948. *pos++ = '\0';
  1949. sta = ap_get_sta(hapd, addr);
  1950. if (!sta || !sta->eapol_sm)
  1951. return -1;
  1952. return eapol_auth_set_conf(sta->eapol_sm, param, pos);
  1953. }
  1954. static int hostapd_ctrl_iface_log_level(struct hostapd_data *hapd, char *cmd,
  1955. char *buf, size_t buflen)
  1956. {
  1957. char *pos, *end, *stamp;
  1958. int ret;
  1959. /* cmd: "LOG_LEVEL [<level>]" */
  1960. if (*cmd == '\0') {
  1961. pos = buf;
  1962. end = buf + buflen;
  1963. ret = os_snprintf(pos, end - pos, "Current level: %s\n"
  1964. "Timestamp: %d\n",
  1965. debug_level_str(wpa_debug_level),
  1966. wpa_debug_timestamp);
  1967. if (os_snprintf_error(end - pos, ret))
  1968. ret = 0;
  1969. return ret;
  1970. }
  1971. while (*cmd == ' ')
  1972. cmd++;
  1973. stamp = os_strchr(cmd, ' ');
  1974. if (stamp) {
  1975. *stamp++ = '\0';
  1976. while (*stamp == ' ') {
  1977. stamp++;
  1978. }
  1979. }
  1980. if (os_strlen(cmd)) {
  1981. int level = str_to_debug_level(cmd);
  1982. if (level < 0)
  1983. return -1;
  1984. wpa_debug_level = level;
  1985. }
  1986. if (stamp && os_strlen(stamp))
  1987. wpa_debug_timestamp = atoi(stamp);
  1988. os_memcpy(buf, "OK\n", 3);
  1989. return 3;
  1990. }
  1991. #ifdef NEED_AP_MLME
  1992. static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd,
  1993. char *buf, size_t buflen)
  1994. {
  1995. struct hostapd_iface *iface = hapd->iface;
  1996. char *pos, *end;
  1997. struct hostapd_sta_info *info;
  1998. struct os_reltime now;
  1999. if (!iface->num_sta_seen)
  2000. return 0;
  2001. sta_track_expire(iface, 0);
  2002. pos = buf;
  2003. end = buf + buflen;
  2004. os_get_reltime(&now);
  2005. dl_list_for_each_reverse(info, &iface->sta_seen,
  2006. struct hostapd_sta_info, list) {
  2007. struct os_reltime age;
  2008. int ret;
  2009. os_reltime_sub(&now, &info->last_seen, &age);
  2010. ret = os_snprintf(pos, end - pos, MACSTR " %u %d\n",
  2011. MAC2STR(info->addr), (unsigned int) age.sec,
  2012. info->ssi_signal);
  2013. if (os_snprintf_error(end - pos, ret))
  2014. break;
  2015. pos += ret;
  2016. }
  2017. return pos - buf;
  2018. }
  2019. #endif /* NEED_AP_MLME */
  2020. static int hostapd_ctrl_iface_req_lci(struct hostapd_data *hapd,
  2021. const char *cmd)
  2022. {
  2023. u8 addr[ETH_ALEN];
  2024. if (hwaddr_aton(cmd, addr)) {
  2025. wpa_printf(MSG_INFO, "CTRL: REQ_LCI: Invalid MAC address");
  2026. return -1;
  2027. }
  2028. return hostapd_send_lci_req(hapd, addr);
  2029. }
  2030. static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd)
  2031. {
  2032. u8 addr[ETH_ALEN];
  2033. char *token, *context = NULL;
  2034. int random_interval, min_ap;
  2035. u8 responders[ETH_ALEN * RRM_RANGE_REQ_MAX_RESPONDERS];
  2036. unsigned int n_responders;
  2037. token = str_token(cmd, " ", &context);
  2038. if (!token || hwaddr_aton(token, addr)) {
  2039. wpa_printf(MSG_INFO,
  2040. "CTRL: REQ_RANGE - Bad destination address");
  2041. return -1;
  2042. }
  2043. token = str_token(cmd, " ", &context);
  2044. if (!token)
  2045. return -1;
  2046. random_interval = atoi(token);
  2047. if (random_interval < 0 || random_interval > 0xffff)
  2048. return -1;
  2049. token = str_token(cmd, " ", &context);
  2050. if (!token)
  2051. return -1;
  2052. min_ap = atoi(token);
  2053. if (min_ap <= 0 || min_ap > WLAN_RRM_RANGE_REQ_MAX_MIN_AP)
  2054. return -1;
  2055. n_responders = 0;
  2056. while ((token = str_token(cmd, " ", &context))) {
  2057. if (n_responders == RRM_RANGE_REQ_MAX_RESPONDERS) {
  2058. wpa_printf(MSG_INFO,
  2059. "CTRL: REQ_RANGE: Too many responders");
  2060. return -1;
  2061. }
  2062. if (hwaddr_aton(token, responders + n_responders * ETH_ALEN)) {
  2063. wpa_printf(MSG_INFO,
  2064. "CTRL: REQ_RANGE: Bad responder address");
  2065. return -1;
  2066. }
  2067. n_responders++;
  2068. }
  2069. if (!n_responders) {
  2070. wpa_printf(MSG_INFO,
  2071. "CTRL: REQ_RANGE - No FTM responder address");
  2072. return -1;
  2073. }
  2074. return hostapd_send_range_req(hapd, addr, random_interval, min_ap,
  2075. responders, n_responders);
  2076. }
  2077. static int hostapd_ctrl_iface_req_beacon(struct hostapd_data *hapd,
  2078. const char *cmd, char *reply,
  2079. size_t reply_size)
  2080. {
  2081. u8 addr[ETH_ALEN];
  2082. const char *pos;
  2083. struct wpabuf *req;
  2084. int ret;
  2085. u8 req_mode = 0;
  2086. if (hwaddr_aton(cmd, addr))
  2087. return -1;
  2088. pos = os_strchr(cmd, ' ');
  2089. if (!pos)
  2090. return -1;
  2091. pos++;
  2092. if (os_strncmp(pos, "req_mode=", 9) == 0) {
  2093. int val = hex2byte(pos + 9);
  2094. if (val < 0)
  2095. return -1;
  2096. req_mode = val;
  2097. pos += 11;
  2098. pos = os_strchr(pos, ' ');
  2099. if (!pos)
  2100. return -1;
  2101. pos++;
  2102. }
  2103. req = wpabuf_parse_bin(pos);
  2104. if (!req)
  2105. return -1;
  2106. ret = hostapd_send_beacon_req(hapd, addr, req_mode, req);
  2107. wpabuf_free(req);
  2108. if (ret >= 0)
  2109. ret = os_snprintf(reply, reply_size, "%d", ret);
  2110. return ret;
  2111. }
  2112. static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf)
  2113. {
  2114. struct wpa_ssid_value ssid;
  2115. u8 bssid[ETH_ALEN];
  2116. struct wpabuf *nr, *lci = NULL, *civic = NULL;
  2117. int stationary = 0;
  2118. char *tmp;
  2119. int ret;
  2120. if (!(hapd->conf->radio_measurements[0] &
  2121. WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
  2122. wpa_printf(MSG_ERROR,
  2123. "CTRL: SET_NEIGHBOR: Neighbor report is not enabled");
  2124. return -1;
  2125. }
  2126. if (hwaddr_aton(buf, bssid)) {
  2127. wpa_printf(MSG_ERROR, "CTRL: SET_NEIGHBOR: Bad BSSID");
  2128. return -1;
  2129. }
  2130. tmp = os_strstr(buf, "ssid=");
  2131. if (!tmp || ssid_parse(tmp + 5, &ssid)) {
  2132. wpa_printf(MSG_ERROR,
  2133. "CTRL: SET_NEIGHBOR: Bad or missing SSID");
  2134. return -1;
  2135. }
  2136. buf = os_strchr(tmp + 6, tmp[5] == '"' ? '"' : ' ');
  2137. if (!buf)
  2138. return -1;
  2139. tmp = os_strstr(buf, "nr=");
  2140. if (!tmp) {
  2141. wpa_printf(MSG_ERROR,
  2142. "CTRL: SET_NEIGHBOR: Missing Neighbor Report element");
  2143. return -1;
  2144. }
  2145. buf = os_strchr(tmp, ' ');
  2146. if (buf)
  2147. *buf++ = '\0';
  2148. nr = wpabuf_parse_bin(tmp + 3);
  2149. if (!nr) {
  2150. wpa_printf(MSG_ERROR,
  2151. "CTRL: SET_NEIGHBOR: Bad Neighbor Report element");
  2152. return -1;
  2153. }
  2154. if (!buf)
  2155. goto set;
  2156. tmp = os_strstr(buf, "lci=");
  2157. if (tmp) {
  2158. buf = os_strchr(tmp, ' ');
  2159. if (buf)
  2160. *buf++ = '\0';
  2161. lci = wpabuf_parse_bin(tmp + 4);
  2162. if (!lci) {
  2163. wpa_printf(MSG_ERROR,
  2164. "CTRL: SET_NEIGHBOR: Bad LCI subelement");
  2165. wpabuf_free(nr);
  2166. return -1;
  2167. }
  2168. }
  2169. if (!buf)
  2170. goto set;
  2171. tmp = os_strstr(buf, "civic=");
  2172. if (tmp) {
  2173. buf = os_strchr(tmp, ' ');
  2174. if (buf)
  2175. *buf++ = '\0';
  2176. civic = wpabuf_parse_bin(tmp + 6);
  2177. if (!civic) {
  2178. wpa_printf(MSG_ERROR,
  2179. "CTRL: SET_NEIGHBOR: Bad civic subelement");
  2180. wpabuf_free(nr);
  2181. wpabuf_free(lci);
  2182. return -1;
  2183. }
  2184. }
  2185. if (!buf)
  2186. goto set;
  2187. if (os_strstr(buf, "stat"))
  2188. stationary = 1;
  2189. set:
  2190. ret = hostapd_neighbor_set(hapd, bssid, &ssid, nr, lci, civic,
  2191. stationary);
  2192. wpabuf_free(nr);
  2193. wpabuf_free(lci);
  2194. wpabuf_free(civic);
  2195. return ret;
  2196. }
  2197. static int hostapd_ctrl_iface_remove_neighbor(struct hostapd_data *hapd,
  2198. char *buf)
  2199. {
  2200. struct wpa_ssid_value ssid;
  2201. u8 bssid[ETH_ALEN];
  2202. char *tmp;
  2203. if (hwaddr_aton(buf, bssid)) {
  2204. wpa_printf(MSG_ERROR, "CTRL: REMOVE_NEIGHBOR: Bad BSSID");
  2205. return -1;
  2206. }
  2207. tmp = os_strstr(buf, "ssid=");
  2208. if (!tmp || ssid_parse(tmp + 5, &ssid)) {
  2209. wpa_printf(MSG_ERROR,
  2210. "CTRL: REMOVE_NEIGHBORr: Bad or missing SSID");
  2211. return -1;
  2212. }
  2213. return hostapd_neighbor_remove(hapd, bssid, &ssid);
  2214. }
  2215. static int hostapd_ctrl_driver_flags(struct hostapd_iface *iface, char *buf,
  2216. size_t buflen)
  2217. {
  2218. int ret, i;
  2219. char *pos, *end;
  2220. ret = os_snprintf(buf, buflen, "%016llX:\n",
  2221. (long long unsigned) iface->drv_flags);
  2222. if (os_snprintf_error(buflen, ret))
  2223. return -1;
  2224. pos = buf + ret;
  2225. end = buf + buflen;
  2226. for (i = 0; i < 64; i++) {
  2227. if (iface->drv_flags & (1LLU << i)) {
  2228. ret = os_snprintf(pos, end - pos, "%s\n",
  2229. driver_flag_to_string(1LLU << i));
  2230. if (os_snprintf_error(end - pos, ret))
  2231. return -1;
  2232. pos += ret;
  2233. }
  2234. }
  2235. return pos - buf;
  2236. }
  2237. #ifdef KRACK_TEST_CLIENT
  2238. static int hostapd_get_tk(struct hostapd_data *hapd, const char *txtaddr, char *buf, size_t buflen)
  2239. {
  2240. u8 addr[ETH_ALEN];
  2241. struct sta_info *sta;
  2242. int klen;
  2243. int res;
  2244. wpa_printf(MSG_DEBUG, "CTRL_IFACE GET_TK %s", txtaddr);
  2245. if (hwaddr_aton(txtaddr, addr)) return -1;
  2246. sta = ap_get_sta(hapd, addr);
  2247. if (!sta) return -1;
  2248. if (sta->wpa_sm == NULL) return -1;
  2249. klen = wpa_cipher_key_len(sta->wpa_sm->pairwise);
  2250. if (klen <= 0) return -1;
  2251. res = wpa_snprintf_hex(buf, buflen, sta->wpa_sm->PTK.tk, klen);
  2252. buf[res++] = '\n';
  2253. buf[res] = '\0';
  2254. return res;
  2255. }
  2256. static int hostapd_renew_gtk(struct hostapd_data *hapd)
  2257. {
  2258. wpa_gtk_rekey(hapd->wpa_auth);
  2259. poc_log(NULL, "Renewed the group key\n");
  2260. return 0;
  2261. }
  2262. static int hostapd_renew_ptk(struct hostapd_data *hapd, const char *txtaddr)
  2263. {
  2264. struct sta_info *sta;
  2265. u8 addr[ETH_ALEN];
  2266. if (hwaddr_aton(txtaddr, addr)) return -1;
  2267. sta = ap_get_sta(hapd, addr);
  2268. if (!sta || !sta->wpa_sm) return -1;
  2269. poc_log(sta->addr, "Executing a new four-way handshake\n");
  2270. wpa_rekey_ptk(hapd->wpa_auth, sta->wpa_sm);
  2271. return 0;
  2272. }
  2273. #endif
  2274. static int hostapd_ctrl_iface_acl_del_mac(struct mac_acl_entry **acl, int *num,
  2275. const char *txtaddr)
  2276. {
  2277. u8 addr[ETH_ALEN];
  2278. struct vlan_description vlan_id;
  2279. if (!(*num))
  2280. return 0;
  2281. if (hwaddr_aton(txtaddr, addr))
  2282. return -1;
  2283. if (hostapd_maclist_found(*acl, *num, addr, &vlan_id))
  2284. hostapd_remove_acl_mac(acl, num, addr);
  2285. return 0;
  2286. }
  2287. static void hostapd_ctrl_iface_acl_clear_list(struct mac_acl_entry **acl,
  2288. int *num)
  2289. {
  2290. while (*num)
  2291. hostapd_remove_acl_mac(acl, num, (*acl)[0].addr);
  2292. }
  2293. static int hostapd_ctrl_iface_acl_show_mac(struct mac_acl_entry *acl, int num,
  2294. char *buf, size_t buflen)
  2295. {
  2296. int i = 0, len = 0, ret = 0;
  2297. if (!acl)
  2298. return 0;
  2299. while (i < num) {
  2300. ret = os_snprintf(buf + len, buflen - len,
  2301. MACSTR " VLAN_ID=%d\n",
  2302. MAC2STR(acl[i].addr),
  2303. acl[i].vlan_id.untagged);
  2304. if (ret < 0 || (size_t) ret >= buflen - len)
  2305. return len;
  2306. i++;
  2307. len += ret;
  2308. }
  2309. return len;
  2310. }
  2311. static int hostapd_ctrl_iface_acl_add_mac(struct mac_acl_entry **acl, int *num,
  2312. const char *cmd)
  2313. {
  2314. u8 addr[ETH_ALEN];
  2315. struct vlan_description vlan_id;
  2316. int ret = 0, vlanid = 0;
  2317. const char *pos;
  2318. if (hwaddr_aton(cmd, addr))
  2319. return -1;
  2320. pos = os_strstr(cmd, "VLAN_ID=");
  2321. if (pos)
  2322. vlanid = atoi(pos + 8);
  2323. if (!hostapd_maclist_found(*acl, *num, addr, &vlan_id)) {
  2324. ret = hostapd_add_acl_maclist(acl, num, vlanid, addr);
  2325. if (ret != -1 && *acl)
  2326. qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
  2327. }
  2328. return ret < 0 ? -1 : 0;
  2329. }
  2330. static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd,
  2331. char *buf, char *reply,
  2332. int reply_size,
  2333. struct sockaddr_storage *from,
  2334. socklen_t fromlen)
  2335. {
  2336. int reply_len, res;
  2337. os_memcpy(reply, "OK\n", 3);
  2338. reply_len = 3;
  2339. if (os_strcmp(buf, "PING") == 0) {
  2340. os_memcpy(reply, "PONG\n", 5);
  2341. reply_len = 5;
  2342. } else if (os_strncmp(buf, "RELOG", 5) == 0) {
  2343. if (wpa_debug_reopen_file() < 0)
  2344. reply_len = -1;
  2345. } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
  2346. wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
  2347. } else if (os_strcmp(buf, "STATUS") == 0) {
  2348. reply_len = hostapd_ctrl_iface_status(hapd, reply,
  2349. reply_size);
  2350. } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
  2351. reply_len = hostapd_drv_status(hapd, reply, reply_size);
  2352. } else if (os_strcmp(buf, "MIB") == 0) {
  2353. reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
  2354. if (reply_len >= 0) {
  2355. res = wpa_get_mib(hapd->wpa_auth, reply + reply_len,
  2356. reply_size - reply_len);
  2357. if (res < 0)
  2358. reply_len = -1;
  2359. else
  2360. reply_len += res;
  2361. }
  2362. if (reply_len >= 0) {
  2363. res = ieee802_1x_get_mib(hapd, reply + reply_len,
  2364. reply_size - reply_len);
  2365. if (res < 0)
  2366. reply_len = -1;
  2367. else
  2368. reply_len += res;
  2369. }
  2370. #ifndef CONFIG_NO_RADIUS
  2371. if (reply_len >= 0) {
  2372. res = radius_client_get_mib(hapd->radius,
  2373. reply + reply_len,
  2374. reply_size - reply_len);
  2375. if (res < 0)
  2376. reply_len = -1;
  2377. else
  2378. reply_len += res;
  2379. }
  2380. #endif /* CONFIG_NO_RADIUS */
  2381. } else if (os_strncmp(buf, "MIB ", 4) == 0) {
  2382. reply_len = hostapd_ctrl_iface_mib(hapd, reply, reply_size,
  2383. buf + 4);
  2384. } else if (os_strcmp(buf, "STA-FIRST") == 0) {
  2385. reply_len = hostapd_ctrl_iface_sta_first(hapd, reply,
  2386. reply_size);
  2387. } else if (os_strncmp(buf, "STA ", 4) == 0) {
  2388. reply_len = hostapd_ctrl_iface_sta(hapd, buf + 4, reply,
  2389. reply_size);
  2390. } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
  2391. reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
  2392. reply_size);
  2393. } else if (os_strcmp(buf, "ATTACH") == 0) {
  2394. if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
  2395. reply_len = -1;
  2396. } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
  2397. if (hostapd_ctrl_iface_attach(hapd, from, fromlen, buf + 7))
  2398. reply_len = -1;
  2399. } else if (os_strcmp(buf, "DETACH") == 0) {
  2400. if (hostapd_ctrl_iface_detach(hapd, from, fromlen))
  2401. reply_len = -1;
  2402. } else if (os_strncmp(buf, "LEVEL ", 6) == 0) {
  2403. if (hostapd_ctrl_iface_level(hapd, from, fromlen,
  2404. buf + 6))
  2405. reply_len = -1;
  2406. } else if (os_strncmp(buf, "NEW_STA ", 8) == 0) {
  2407. if (hostapd_ctrl_iface_new_sta(hapd, buf + 8))
  2408. reply_len = -1;
  2409. } else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
  2410. if (hostapd_ctrl_iface_deauthenticate(hapd, buf + 15))
  2411. reply_len = -1;
  2412. } else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
  2413. if (hostapd_ctrl_iface_disassociate(hapd, buf + 13))
  2414. reply_len = -1;
  2415. #ifdef CONFIG_TAXONOMY
  2416. } else if (os_strncmp(buf, "SIGNATURE ", 10) == 0) {
  2417. reply_len = hostapd_ctrl_iface_signature(hapd, buf + 10,
  2418. reply, reply_size);
  2419. #endif /* CONFIG_TAXONOMY */
  2420. } else if (os_strncmp(buf, "POLL_STA ", 9) == 0) {
  2421. if (hostapd_ctrl_iface_poll_sta(hapd, buf + 9))
  2422. reply_len = -1;
  2423. } else if (os_strcmp(buf, "STOP_AP") == 0) {
  2424. if (hostapd_ctrl_iface_stop_ap(hapd))
  2425. reply_len = -1;
  2426. #ifdef CONFIG_IEEE80211W
  2427. #ifdef NEED_AP_MLME
  2428. } else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) {
  2429. if (hostapd_ctrl_iface_sa_query(hapd, buf + 9))
  2430. reply_len = -1;
  2431. #endif /* NEED_AP_MLME */
  2432. #endif /* CONFIG_IEEE80211W */
  2433. #ifdef CONFIG_WPS
  2434. } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
  2435. if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8))
  2436. reply_len = -1;
  2437. } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) {
  2438. reply_len = hostapd_ctrl_iface_wps_check_pin(
  2439. hapd, buf + 14, reply, reply_size);
  2440. } else if (os_strcmp(buf, "WPS_PBC") == 0) {
  2441. if (hostapd_wps_button_pushed(hapd, NULL))
  2442. reply_len = -1;
  2443. } else if (os_strcmp(buf, "WPS_CANCEL") == 0) {
  2444. if (hostapd_wps_cancel(hapd))
  2445. reply_len = -1;
  2446. } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
  2447. reply_len = hostapd_ctrl_iface_wps_ap_pin(hapd, buf + 11,
  2448. reply, reply_size);
  2449. } else if (os_strncmp(buf, "WPS_CONFIG ", 11) == 0) {
  2450. if (hostapd_ctrl_iface_wps_config(hapd, buf + 11) < 0)
  2451. reply_len = -1;
  2452. } else if (os_strncmp(buf, "WPS_GET_STATUS", 13) == 0) {
  2453. reply_len = hostapd_ctrl_iface_wps_get_status(hapd, reply,
  2454. reply_size);
  2455. #ifdef CONFIG_WPS_NFC
  2456. } else if (os_strncmp(buf, "WPS_NFC_TAG_READ ", 17) == 0) {
  2457. if (hostapd_ctrl_iface_wps_nfc_tag_read(hapd, buf + 17))
  2458. reply_len = -1;
  2459. } else if (os_strncmp(buf, "WPS_NFC_CONFIG_TOKEN ", 21) == 0) {
  2460. reply_len = hostapd_ctrl_iface_wps_nfc_config_token(
  2461. hapd, buf + 21, reply, reply_size);
  2462. } else if (os_strncmp(buf, "WPS_NFC_TOKEN ", 14) == 0) {
  2463. reply_len = hostapd_ctrl_iface_wps_nfc_token(
  2464. hapd, buf + 14, reply, reply_size);
  2465. } else if (os_strncmp(buf, "NFC_GET_HANDOVER_SEL ", 21) == 0) {
  2466. reply_len = hostapd_ctrl_iface_nfc_get_handover_sel(
  2467. hapd, buf + 21, reply, reply_size);
  2468. } else if (os_strncmp(buf, "NFC_REPORT_HANDOVER ", 20) == 0) {
  2469. if (hostapd_ctrl_iface_nfc_report_handover(hapd, buf + 20))
  2470. reply_len = -1;
  2471. #endif /* CONFIG_WPS_NFC */
  2472. #endif /* CONFIG_WPS */
  2473. #ifdef CONFIG_INTERWORKING
  2474. } else if (os_strncmp(buf, "SET_QOS_MAP_SET ", 16) == 0) {
  2475. if (hostapd_ctrl_iface_set_qos_map_set(hapd, buf + 16))
  2476. reply_len = -1;
  2477. } else if (os_strncmp(buf, "SEND_QOS_MAP_CONF ", 18) == 0) {
  2478. if (hostapd_ctrl_iface_send_qos_map_conf(hapd, buf + 18))
  2479. reply_len = -1;
  2480. #endif /* CONFIG_INTERWORKING */
  2481. #ifdef CONFIG_HS20
  2482. } else if (os_strncmp(buf, "HS20_WNM_NOTIF ", 15) == 0) {
  2483. if (hostapd_ctrl_iface_hs20_wnm_notif(hapd, buf + 15))
  2484. reply_len = -1;
  2485. } else if (os_strncmp(buf, "HS20_DEAUTH_REQ ", 16) == 0) {
  2486. if (hostapd_ctrl_iface_hs20_deauth_req(hapd, buf + 16))
  2487. reply_len = -1;
  2488. #endif /* CONFIG_HS20 */
  2489. #ifdef CONFIG_WNM_AP
  2490. } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
  2491. if (hostapd_ctrl_iface_disassoc_imminent(hapd, buf + 18))
  2492. reply_len = -1;
  2493. } else if (os_strncmp(buf, "ESS_DISASSOC ", 13) == 0) {
  2494. if (hostapd_ctrl_iface_ess_disassoc(hapd, buf + 13))
  2495. reply_len = -1;
  2496. } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
  2497. if (hostapd_ctrl_iface_bss_tm_req(hapd, buf + 11))
  2498. reply_len = -1;
  2499. #endif /* CONFIG_WNM_AP */
  2500. } else if (os_strcmp(buf, "GET_CONFIG") == 0) {
  2501. reply_len = hostapd_ctrl_iface_get_config(hapd, reply,
  2502. reply_size);
  2503. } else if (os_strncmp(buf, "SET ", 4) == 0) {
  2504. if (hostapd_ctrl_iface_set(hapd, buf + 4))
  2505. reply_len = -1;
  2506. } else if (os_strncmp(buf, "GET ", 4) == 0) {
  2507. reply_len = hostapd_ctrl_iface_get(hapd, buf + 4, reply,
  2508. reply_size);
  2509. } else if (os_strncmp(buf, "ENABLE", 6) == 0) {
  2510. if (hostapd_ctrl_iface_enable(hapd->iface))
  2511. reply_len = -1;
  2512. } else if (os_strncmp(buf, "RELOAD", 6) == 0) {
  2513. if (hostapd_ctrl_iface_reload(hapd->iface))
  2514. reply_len = -1;
  2515. } else if (os_strncmp(buf, "DISABLE", 7) == 0) {
  2516. if (hostapd_ctrl_iface_disable(hapd->iface))
  2517. reply_len = -1;
  2518. } else if (os_strcmp(buf, "UPDATE_BEACON") == 0) {
  2519. if (ieee802_11_set_beacon(hapd))
  2520. reply_len = -1;
  2521. #ifdef CONFIG_TESTING_OPTIONS
  2522. } else if (os_strncmp(buf, "RADAR ", 6) == 0) {
  2523. if (hostapd_ctrl_iface_radar(hapd, buf + 6))
  2524. reply_len = -1;
  2525. } else if (os_strncmp(buf, "MGMT_TX ", 8) == 0) {
  2526. if (hostapd_ctrl_iface_mgmt_tx(hapd, buf + 8))
  2527. reply_len = -1;
  2528. } else if (os_strncmp(buf, "MGMT_TX_STATUS_PROCESS ", 23) == 0) {
  2529. if (hostapd_ctrl_iface_mgmt_tx_status_process(hapd,
  2530. buf + 23) < 0)
  2531. reply_len = -1;
  2532. } else if (os_strncmp(buf, "MGMT_RX_PROCESS ", 16) == 0) {
  2533. if (hostapd_ctrl_iface_mgmt_rx_process(hapd, buf + 16) < 0)
  2534. reply_len = -1;
  2535. } else if (os_strncmp(buf, "EAPOL_RX ", 9) == 0) {
  2536. if (hostapd_ctrl_iface_eapol_rx(hapd, buf + 9) < 0)
  2537. reply_len = -1;
  2538. } else if (os_strncmp(buf, "DATA_TEST_CONFIG ", 17) == 0) {
  2539. if (hostapd_ctrl_iface_data_test_config(hapd, buf + 17) < 0)
  2540. reply_len = -1;
  2541. } else if (os_strncmp(buf, "DATA_TEST_TX ", 13) == 0) {
  2542. if (hostapd_ctrl_iface_data_test_tx(hapd, buf + 13) < 0)
  2543. reply_len = -1;
  2544. } else if (os_strncmp(buf, "DATA_TEST_FRAME ", 16) == 0) {
  2545. if (hostapd_ctrl_iface_data_test_frame(hapd, buf + 16) < 0)
  2546. reply_len = -1;
  2547. } else if (os_strncmp(buf, "TEST_ALLOC_FAIL ", 16) == 0) {
  2548. if (hostapd_ctrl_test_alloc_fail(hapd, buf + 16) < 0)
  2549. reply_len = -1;
  2550. } else if (os_strcmp(buf, "GET_ALLOC_FAIL") == 0) {
  2551. reply_len = hostapd_ctrl_get_alloc_fail(hapd, reply,
  2552. reply_size);
  2553. } else if (os_strncmp(buf, "TEST_FAIL ", 10) == 0) {
  2554. if (hostapd_ctrl_test_fail(hapd, buf + 10) < 0)
  2555. reply_len = -1;
  2556. } else if (os_strcmp(buf, "GET_FAIL") == 0) {
  2557. reply_len = hostapd_ctrl_get_fail(hapd, reply, reply_size);
  2558. } else if (os_strncmp(buf, "RESET_PN ", 9) == 0) {
  2559. if (hostapd_ctrl_reset_pn(hapd, buf + 9) < 0)
  2560. reply_len = -1;
  2561. } else if (os_strncmp(buf, "SET_KEY ", 8) == 0) {
  2562. if (hostapd_ctrl_set_key(hapd, buf + 8) < 0)
  2563. reply_len = -1;
  2564. } else if (os_strncmp(buf, "RESEND_M1 ", 10) == 0) {
  2565. if (hostapd_ctrl_resend_m1(hapd, buf + 10) < 0)
  2566. reply_len = -1;
  2567. } else if (os_strncmp(buf, "RESEND_M3 ", 10) == 0) {
  2568. if (hostapd_ctrl_resend_m3(hapd, buf + 10) < 0)
  2569. reply_len = -1;
  2570. } else if (os_strncmp(buf, "RESEND_GROUP_M1 ", 16) == 0) {
  2571. if (hostapd_ctrl_resend_group_m1(hapd, buf + 16) < 0)
  2572. reply_len = -1;
  2573. } else if (os_strcmp(buf, "REKEY_GTK") == 0) {
  2574. if (wpa_auth_rekey_gtk(hapd->wpa_auth) < 0)
  2575. reply_len = -1;
  2576. #endif /* CONFIG_TESTING_OPTIONS */
  2577. } else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) {
  2578. if (hostapd_ctrl_iface_chan_switch(hapd->iface, buf + 12))
  2579. reply_len = -1;
  2580. } else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
  2581. reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
  2582. reply_size);
  2583. } else if (os_strcmp(buf, "ERP_FLUSH") == 0) {
  2584. ieee802_1x_erp_flush(hapd);
  2585. #ifdef RADIUS_SERVER
  2586. radius_server_erp_flush(hapd->radius_srv);
  2587. #endif /* RADIUS_SERVER */
  2588. } else if (os_strncmp(buf, "EAPOL_REAUTH ", 13) == 0) {
  2589. if (hostapd_ctrl_iface_eapol_reauth(hapd, buf + 13))
  2590. reply_len = -1;
  2591. } else if (os_strncmp(buf, "EAPOL_SET ", 10) == 0) {
  2592. if (hostapd_ctrl_iface_eapol_set(hapd, buf + 10))
  2593. reply_len = -1;
  2594. } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) {
  2595. reply_len = hostapd_ctrl_iface_log_level(
  2596. hapd, buf + 9, reply, reply_size);
  2597. #ifdef NEED_AP_MLME
  2598. } else if (os_strcmp(buf, "TRACK_STA_LIST") == 0) {
  2599. reply_len = hostapd_ctrl_iface_track_sta_list(
  2600. hapd, reply, reply_size);
  2601. #endif /* NEED_AP_MLME */
  2602. } else if (os_strcmp(buf, "PMKSA") == 0) {
  2603. reply_len = hostapd_ctrl_iface_pmksa_list(hapd, reply,
  2604. reply_size);
  2605. } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) {
  2606. hostapd_ctrl_iface_pmksa_flush(hapd);
  2607. } else if (os_strncmp(buf, "PMKSA_ADD ", 10) == 0) {
  2608. if (hostapd_ctrl_iface_pmksa_add(hapd, buf + 10) < 0)
  2609. reply_len = -1;
  2610. } else if (os_strncmp(buf, "SET_NEIGHBOR ", 13) == 0) {
  2611. if (hostapd_ctrl_iface_set_neighbor(hapd, buf + 13))
  2612. reply_len = -1;
  2613. } else if (os_strncmp(buf, "REMOVE_NEIGHBOR ", 16) == 0) {
  2614. if (hostapd_ctrl_iface_remove_neighbor(hapd, buf + 16))
  2615. reply_len = -1;
  2616. } else if (os_strncmp(buf, "REQ_LCI ", 8) == 0) {
  2617. if (hostapd_ctrl_iface_req_lci(hapd, buf + 8))
  2618. reply_len = -1;
  2619. } else if (os_strncmp(buf, "REQ_RANGE ", 10) == 0) {
  2620. if (hostapd_ctrl_iface_req_range(hapd, buf + 10))
  2621. reply_len = -1;
  2622. } else if (os_strncmp(buf, "REQ_BEACON ", 11) == 0) {
  2623. reply_len = hostapd_ctrl_iface_req_beacon(hapd, buf + 11,
  2624. reply, reply_size);
  2625. } else if (os_strcmp(buf, "DRIVER_FLAGS") == 0) {
  2626. reply_len = hostapd_ctrl_driver_flags(hapd->iface, reply,
  2627. reply_size);
  2628. #ifdef KRACK_TEST_CLIENT
  2629. } else if (os_strncmp(buf, "GET_TK ", 7) == 0) {
  2630. reply_len = hostapd_get_tk(hapd, buf + 7, reply, reply_size);
  2631. } else if (os_strcmp(buf, "RENEW_GTK") == 0) {
  2632. if (hostapd_renew_gtk(hapd))
  2633. reply_len = -1;
  2634. } else if (os_strncmp(buf, "RENEW_PTK ", 10) == 0) {
  2635. if (hostapd_renew_ptk(hapd, buf + 10))
  2636. reply_len = -1;
  2637. #endif
  2638. } else if (os_strcmp(buf, "TERMINATE") == 0) {
  2639. eloop_terminate();
  2640. } else if (os_strncmp(buf, "ACCEPT_ACL ", 11) == 0) {
  2641. if (os_strncmp(buf + 11, "ADD_MAC ", 8) == 0) {
  2642. if (!hostapd_ctrl_iface_acl_add_mac(
  2643. &hapd->conf->accept_mac,
  2644. &hapd->conf->num_accept_mac, buf + 19))
  2645. hostapd_disassoc_accept_mac(hapd);
  2646. else
  2647. reply_len = -1;
  2648. } else if (os_strncmp((buf + 11), "DEL_MAC ", 8) == 0) {
  2649. hostapd_ctrl_iface_acl_del_mac(
  2650. &hapd->conf->accept_mac,
  2651. &hapd->conf->num_accept_mac, buf + 19);
  2652. } else if (os_strcmp(buf + 11, "SHOW") == 0) {
  2653. reply_len = hostapd_ctrl_iface_acl_show_mac(
  2654. hapd->conf->accept_mac,
  2655. hapd->conf->num_accept_mac, reply, reply_size);
  2656. } else if (os_strcmp(buf + 11, "CLEAR") == 0) {
  2657. hostapd_ctrl_iface_acl_clear_list(
  2658. &hapd->conf->accept_mac,
  2659. &hapd->conf->num_accept_mac);
  2660. }
  2661. } else if (os_strncmp(buf, "DENY_ACL ", 9) == 0) {
  2662. if (os_strncmp(buf + 9, "ADD_MAC ", 8) == 0) {
  2663. if (!hostapd_ctrl_iface_acl_add_mac(
  2664. &hapd->conf->deny_mac,
  2665. &hapd->conf->num_deny_mac, buf + 17))
  2666. hostapd_disassoc_deny_mac(hapd);
  2667. } else if (os_strncmp(buf + 9, "DEL_MAC ", 8) == 0) {
  2668. hostapd_ctrl_iface_acl_del_mac(
  2669. &hapd->conf->deny_mac,
  2670. &hapd->conf->num_deny_mac, buf + 17);
  2671. } else if (os_strcmp(buf + 9, "SHOW") == 0) {
  2672. reply_len = hostapd_ctrl_iface_acl_show_mac(
  2673. hapd->conf->deny_mac,
  2674. hapd->conf->num_deny_mac, reply, reply_size);
  2675. } else if (os_strcmp(buf + 9, "CLEAR") == 0) {
  2676. hostapd_ctrl_iface_acl_clear_list(
  2677. &hapd->conf->deny_mac,
  2678. &hapd->conf->num_deny_mac);
  2679. }
  2680. #ifdef CONFIG_DPP
  2681. } else if (os_strncmp(buf, "DPP_QR_CODE ", 12) == 0) {
  2682. res = hostapd_dpp_qr_code(hapd, buf + 12);
  2683. if (res < 0) {
  2684. reply_len = -1;
  2685. } else {
  2686. reply_len = os_snprintf(reply, reply_size, "%d", res);
  2687. if (os_snprintf_error(reply_size, reply_len))
  2688. reply_len = -1;
  2689. }
  2690. } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GEN ", 18) == 0) {
  2691. res = hostapd_dpp_bootstrap_gen(hapd, buf + 18);
  2692. if (res < 0) {
  2693. reply_len = -1;
  2694. } else {
  2695. reply_len = os_snprintf(reply, reply_size, "%d", res);
  2696. if (os_snprintf_error(reply_size, reply_len))
  2697. reply_len = -1;
  2698. }
  2699. } else if (os_strncmp(buf, "DPP_BOOTSTRAP_REMOVE ", 21) == 0) {
  2700. if (hostapd_dpp_bootstrap_remove(hapd, buf + 21) < 0)
  2701. reply_len = -1;
  2702. } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GET_URI ", 22) == 0) {
  2703. const char *uri;
  2704. uri = hostapd_dpp_bootstrap_get_uri(hapd, atoi(buf + 22));
  2705. if (!uri) {
  2706. reply_len = -1;
  2707. } else {
  2708. reply_len = os_snprintf(reply, reply_size, "%s", uri);
  2709. if (os_snprintf_error(reply_size, reply_len))
  2710. reply_len = -1;
  2711. }
  2712. } else if (os_strncmp(buf, "DPP_BOOTSTRAP_INFO ", 19) == 0) {
  2713. reply_len = hostapd_dpp_bootstrap_info(hapd, atoi(buf + 19),
  2714. reply, reply_size);
  2715. } else if (os_strncmp(buf, "DPP_AUTH_INIT ", 14) == 0) {
  2716. if (hostapd_dpp_auth_init(hapd, buf + 13) < 0)
  2717. reply_len = -1;
  2718. } else if (os_strncmp(buf, "DPP_LISTEN ", 11) == 0) {
  2719. if (hostapd_dpp_listen(hapd, buf + 11) < 0)
  2720. reply_len = -1;
  2721. } else if (os_strcmp(buf, "DPP_STOP_LISTEN") == 0) {
  2722. hostapd_dpp_stop(hapd);
  2723. hostapd_dpp_listen_stop(hapd);
  2724. } else if (os_strncmp(buf, "DPP_CONFIGURATOR_ADD", 20) == 0) {
  2725. res = hostapd_dpp_configurator_add(hapd, buf + 20);
  2726. if (res < 0) {
  2727. reply_len = -1;
  2728. } else {
  2729. reply_len = os_snprintf(reply, reply_size, "%d", res);
  2730. if (os_snprintf_error(reply_size, reply_len))
  2731. reply_len = -1;
  2732. }
  2733. } else if (os_strncmp(buf, "DPP_CONFIGURATOR_REMOVE ", 24) == 0) {
  2734. if (hostapd_dpp_configurator_remove(hapd, buf + 24) < 0)
  2735. reply_len = -1;
  2736. } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) {
  2737. if (hostapd_dpp_configurator_sign(hapd, buf + 22) < 0)
  2738. reply_len = -1;
  2739. } else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) {
  2740. reply_len = hostapd_dpp_configurator_get_key(hapd,
  2741. atoi(buf + 25),
  2742. reply, reply_size);
  2743. } else if (os_strncmp(buf, "DPP_PKEX_ADD ", 13) == 0) {
  2744. res = hostapd_dpp_pkex_add(hapd, buf + 12);
  2745. if (res < 0) {
  2746. reply_len = -1;
  2747. } else {
  2748. reply_len = os_snprintf(reply, reply_size, "%d", res);
  2749. if (os_snprintf_error(reply_size, reply_len))
  2750. reply_len = -1;
  2751. }
  2752. } else if (os_strncmp(buf, "DPP_PKEX_REMOVE ", 16) == 0) {
  2753. if (hostapd_dpp_pkex_remove(hapd, buf + 16) < 0)
  2754. reply_len = -1;
  2755. #endif /* CONFIG_DPP */
  2756. } else {
  2757. os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
  2758. reply_len = 16;
  2759. }
  2760. if (reply_len < 0) {
  2761. os_memcpy(reply, "FAIL\n", 5);
  2762. reply_len = 5;
  2763. }
  2764. return reply_len;
  2765. }
  2766. static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
  2767. void *sock_ctx)
  2768. {
  2769. struct hostapd_data *hapd = eloop_ctx;
  2770. char buf[4096];
  2771. int res;
  2772. struct sockaddr_storage from;
  2773. socklen_t fromlen = sizeof(from);
  2774. char *reply, *pos = buf;
  2775. const int reply_size = 4096;
  2776. int reply_len;
  2777. int level = MSG_DEBUG;
  2778. #ifdef CONFIG_CTRL_IFACE_UDP
  2779. unsigned char lcookie[COOKIE_LEN];
  2780. #endif /* CONFIG_CTRL_IFACE_UDP */
  2781. res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
  2782. (struct sockaddr *) &from, &fromlen);
  2783. if (res < 0) {
  2784. wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
  2785. strerror(errno));
  2786. return;
  2787. }
  2788. buf[res] = '\0';
  2789. reply = os_malloc(reply_size);
  2790. if (reply == NULL) {
  2791. if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
  2792. fromlen) < 0) {
  2793. wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
  2794. strerror(errno));
  2795. }
  2796. return;
  2797. }
  2798. #ifdef CONFIG_CTRL_IFACE_UDP
  2799. if (os_strcmp(buf, "GET_COOKIE") == 0) {
  2800. os_memcpy(reply, "COOKIE=", 7);
  2801. wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1,
  2802. cookie, COOKIE_LEN);
  2803. reply_len = 7 + 2 * COOKIE_LEN;
  2804. goto done;
  2805. }
  2806. if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
  2807. hexstr2bin(buf + 7, lcookie, COOKIE_LEN) < 0) {
  2808. wpa_printf(MSG_DEBUG,
  2809. "CTRL: No cookie in the request - drop request");
  2810. os_free(reply);
  2811. return;
  2812. }
  2813. if (os_memcmp(cookie, lcookie, COOKIE_LEN) != 0) {
  2814. wpa_printf(MSG_DEBUG,
  2815. "CTRL: Invalid cookie in the request - drop request");
  2816. os_free(reply);
  2817. return;
  2818. }
  2819. pos = buf + 7 + 2 * COOKIE_LEN;
  2820. while (*pos == ' ')
  2821. pos++;
  2822. #endif /* CONFIG_CTRL_IFACE_UDP */
  2823. if (os_strcmp(pos, "PING") == 0)
  2824. level = MSG_EXCESSIVE;
  2825. wpa_hexdump_ascii(level, "RX ctrl_iface", pos, res);
  2826. reply_len = hostapd_ctrl_iface_receive_process(hapd, pos,
  2827. reply, reply_size,
  2828. &from, fromlen);
  2829. #ifdef CONFIG_CTRL_IFACE_UDP
  2830. done:
  2831. #endif /* CONFIG_CTRL_IFACE_UDP */
  2832. if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
  2833. fromlen) < 0) {
  2834. wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
  2835. strerror(errno));
  2836. }
  2837. os_free(reply);
  2838. }
  2839. #ifndef CONFIG_CTRL_IFACE_UDP
  2840. static char * hostapd_ctrl_iface_path(struct hostapd_data *hapd)
  2841. {
  2842. char *buf;
  2843. size_t len;
  2844. if (hapd->conf->ctrl_interface == NULL)
  2845. return NULL;
  2846. len = os_strlen(hapd->conf->ctrl_interface) +
  2847. os_strlen(hapd->conf->iface) + 2;
  2848. buf = os_malloc(len);
  2849. if (buf == NULL)
  2850. return NULL;
  2851. os_snprintf(buf, len, "%s/%s",
  2852. hapd->conf->ctrl_interface, hapd->conf->iface);
  2853. buf[len - 1] = '\0';
  2854. return buf;
  2855. }
  2856. #endif /* CONFIG_CTRL_IFACE_UDP */
  2857. static void hostapd_ctrl_iface_msg_cb(void *ctx, int level,
  2858. enum wpa_msg_type type,
  2859. const char *txt, size_t len)
  2860. {
  2861. struct hostapd_data *hapd = ctx;
  2862. if (hapd == NULL)
  2863. return;
  2864. hostapd_ctrl_iface_send(hapd, level, type, txt, len);
  2865. }
  2866. int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
  2867. {
  2868. #ifdef CONFIG_CTRL_IFACE_UDP
  2869. int port = HOSTAPD_CTRL_IFACE_PORT;
  2870. char p[32] = { 0 };
  2871. char port_str[40], *tmp;
  2872. char *pos;
  2873. struct addrinfo hints = { 0 }, *res, *saveres;
  2874. int n;
  2875. if (hapd->ctrl_sock > -1) {
  2876. wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
  2877. return 0;
  2878. }
  2879. if (hapd->conf->ctrl_interface == NULL)
  2880. return 0;
  2881. pos = os_strstr(hapd->conf->ctrl_interface, "udp:");
  2882. if (pos) {
  2883. pos += 4;
  2884. port = atoi(pos);
  2885. if (port <= 0) {
  2886. wpa_printf(MSG_ERROR, "Invalid ctrl_iface UDP port");
  2887. goto fail;
  2888. }
  2889. }
  2890. dl_list_init(&hapd->ctrl_dst);
  2891. hapd->ctrl_sock = -1;
  2892. os_get_random(cookie, COOKIE_LEN);
  2893. #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
  2894. hints.ai_flags = AI_PASSIVE;
  2895. #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
  2896. #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
  2897. hints.ai_family = AF_INET6;
  2898. #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
  2899. hints.ai_family = AF_INET;
  2900. #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
  2901. hints.ai_socktype = SOCK_DGRAM;
  2902. try_again:
  2903. os_snprintf(p, sizeof(p), "%d", port);
  2904. n = getaddrinfo(NULL, p, &hints, &res);
  2905. if (n) {
  2906. wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
  2907. goto fail;
  2908. }
  2909. saveres = res;
  2910. hapd->ctrl_sock = socket(res->ai_family, res->ai_socktype,
  2911. res->ai_protocol);
  2912. if (hapd->ctrl_sock < 0) {
  2913. wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
  2914. goto fail;
  2915. }
  2916. if (bind(hapd->ctrl_sock, res->ai_addr, res->ai_addrlen) < 0) {
  2917. port--;
  2918. if ((HOSTAPD_CTRL_IFACE_PORT - port) <
  2919. HOSTAPD_CTRL_IFACE_PORT_LIMIT && !pos)
  2920. goto try_again;
  2921. wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
  2922. goto fail;
  2923. }
  2924. freeaddrinfo(saveres);
  2925. os_snprintf(port_str, sizeof(port_str), "udp:%d", port);
  2926. tmp = os_strdup(port_str);
  2927. if (tmp) {
  2928. os_free(hapd->conf->ctrl_interface);
  2929. hapd->conf->ctrl_interface = tmp;
  2930. }
  2931. wpa_printf(MSG_DEBUG, "ctrl_iface_init UDP port: %d", port);
  2932. if (eloop_register_read_sock(hapd->ctrl_sock,
  2933. hostapd_ctrl_iface_receive, hapd, NULL) <
  2934. 0) {
  2935. hostapd_ctrl_iface_deinit(hapd);
  2936. return -1;
  2937. }
  2938. hapd->msg_ctx = hapd;
  2939. wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
  2940. return 0;
  2941. fail:
  2942. if (hapd->ctrl_sock >= 0)
  2943. close(hapd->ctrl_sock);
  2944. return -1;
  2945. #else /* CONFIG_CTRL_IFACE_UDP */
  2946. struct sockaddr_un addr;
  2947. int s = -1;
  2948. char *fname = NULL;
  2949. if (hapd->ctrl_sock > -1) {
  2950. wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
  2951. return 0;
  2952. }
  2953. dl_list_init(&hapd->ctrl_dst);
  2954. if (hapd->conf->ctrl_interface == NULL)
  2955. return 0;
  2956. if (mkdir(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
  2957. if (errno == EEXIST) {
  2958. wpa_printf(MSG_DEBUG, "Using existing control "
  2959. "interface directory.");
  2960. } else {
  2961. wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
  2962. strerror(errno));
  2963. goto fail;
  2964. }
  2965. }
  2966. if (hapd->conf->ctrl_interface_gid_set &&
  2967. chown(hapd->conf->ctrl_interface, -1,
  2968. hapd->conf->ctrl_interface_gid) < 0) {
  2969. wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
  2970. strerror(errno));
  2971. return -1;
  2972. }
  2973. if (!hapd->conf->ctrl_interface_gid_set &&
  2974. hapd->iface->interfaces->ctrl_iface_group &&
  2975. chown(hapd->conf->ctrl_interface, -1,
  2976. hapd->iface->interfaces->ctrl_iface_group) < 0) {
  2977. wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
  2978. strerror(errno));
  2979. return -1;
  2980. }
  2981. #ifdef ANDROID
  2982. /*
  2983. * Android is using umask 0077 which would leave the control interface
  2984. * directory without group access. This breaks things since Wi-Fi
  2985. * framework assumes that this directory can be accessed by other
  2986. * applications in the wifi group. Fix this by adding group access even
  2987. * if umask value would prevent this.
  2988. */
  2989. if (chmod(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
  2990. wpa_printf(MSG_ERROR, "CTRL: Could not chmod directory: %s",
  2991. strerror(errno));
  2992. /* Try to continue anyway */
  2993. }
  2994. #endif /* ANDROID */
  2995. if (os_strlen(hapd->conf->ctrl_interface) + 1 +
  2996. os_strlen(hapd->conf->iface) >= sizeof(addr.sun_path))
  2997. goto fail;
  2998. s = socket(PF_UNIX, SOCK_DGRAM, 0);
  2999. if (s < 0) {
  3000. wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
  3001. goto fail;
  3002. }
  3003. os_memset(&addr, 0, sizeof(addr));
  3004. #ifdef __FreeBSD__
  3005. addr.sun_len = sizeof(addr);
  3006. #endif /* __FreeBSD__ */
  3007. addr.sun_family = AF_UNIX;
  3008. fname = hostapd_ctrl_iface_path(hapd);
  3009. if (fname == NULL)
  3010. goto fail;
  3011. os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
  3012. if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
  3013. wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
  3014. strerror(errno));
  3015. if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
  3016. wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
  3017. " allow connections - assuming it was left"
  3018. "over from forced program termination");
  3019. if (unlink(fname) < 0) {
  3020. wpa_printf(MSG_ERROR,
  3021. "Could not unlink existing ctrl_iface socket '%s': %s",
  3022. fname, strerror(errno));
  3023. goto fail;
  3024. }
  3025. if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
  3026. 0) {
  3027. wpa_printf(MSG_ERROR,
  3028. "hostapd-ctrl-iface: bind(PF_UNIX): %s",
  3029. strerror(errno));
  3030. goto fail;
  3031. }
  3032. wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
  3033. "ctrl_iface socket '%s'", fname);
  3034. } else {
  3035. wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
  3036. "be in use - cannot override it");
  3037. wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
  3038. "not used anymore", fname);
  3039. os_free(fname);
  3040. fname = NULL;
  3041. goto fail;
  3042. }
  3043. }
  3044. if (hapd->conf->ctrl_interface_gid_set &&
  3045. chown(fname, -1, hapd->conf->ctrl_interface_gid) < 0) {
  3046. wpa_printf(MSG_ERROR, "chown[ctrl_interface/ifname]: %s",
  3047. strerror(errno));
  3048. goto fail;
  3049. }
  3050. if (!hapd->conf->ctrl_interface_gid_set &&
  3051. hapd->iface->interfaces->ctrl_iface_group &&
  3052. chown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
  3053. wpa_printf(MSG_ERROR, "chown[ctrl_interface/ifname]: %s",
  3054. strerror(errno));
  3055. goto fail;
  3056. }
  3057. if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
  3058. wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
  3059. strerror(errno));
  3060. goto fail;
  3061. }
  3062. os_free(fname);
  3063. hapd->ctrl_sock = s;
  3064. if (eloop_register_read_sock(s, hostapd_ctrl_iface_receive, hapd,
  3065. NULL) < 0) {
  3066. hostapd_ctrl_iface_deinit(hapd);
  3067. return -1;
  3068. }
  3069. hapd->msg_ctx = hapd;
  3070. wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
  3071. return 0;
  3072. fail:
  3073. if (s >= 0)
  3074. close(s);
  3075. if (fname) {
  3076. unlink(fname);
  3077. os_free(fname);
  3078. }
  3079. return -1;
  3080. #endif /* CONFIG_CTRL_IFACE_UDP */
  3081. }
  3082. void hostapd_ctrl_iface_deinit(struct hostapd_data *hapd)
  3083. {
  3084. struct wpa_ctrl_dst *dst, *prev;
  3085. if (hapd->ctrl_sock > -1) {
  3086. #ifndef CONFIG_CTRL_IFACE_UDP
  3087. char *fname;
  3088. #endif /* !CONFIG_CTRL_IFACE_UDP */
  3089. eloop_unregister_read_sock(hapd->ctrl_sock);
  3090. close(hapd->ctrl_sock);
  3091. hapd->ctrl_sock = -1;
  3092. #ifndef CONFIG_CTRL_IFACE_UDP
  3093. fname = hostapd_ctrl_iface_path(hapd);
  3094. if (fname)
  3095. unlink(fname);
  3096. os_free(fname);
  3097. if (hapd->conf->ctrl_interface &&
  3098. rmdir(hapd->conf->ctrl_interface) < 0) {
  3099. if (errno == ENOTEMPTY) {
  3100. wpa_printf(MSG_DEBUG, "Control interface "
  3101. "directory not empty - leaving it "
  3102. "behind");
  3103. } else {
  3104. wpa_printf(MSG_ERROR,
  3105. "rmdir[ctrl_interface=%s]: %s",
  3106. hapd->conf->ctrl_interface,
  3107. strerror(errno));
  3108. }
  3109. }
  3110. #endif /* !CONFIG_CTRL_IFACE_UDP */
  3111. }
  3112. dl_list_for_each_safe(dst, prev, &hapd->ctrl_dst, struct wpa_ctrl_dst,
  3113. list)
  3114. os_free(dst);
  3115. #ifdef CONFIG_TESTING_OPTIONS
  3116. l2_packet_deinit(hapd->l2_test);
  3117. hapd->l2_test = NULL;
  3118. #endif /* CONFIG_TESTING_OPTIONS */
  3119. }
  3120. static int hostapd_ctrl_iface_add(struct hapd_interfaces *interfaces,
  3121. char *buf)
  3122. {
  3123. if (hostapd_add_iface(interfaces, buf) < 0) {
  3124. wpa_printf(MSG_ERROR, "Adding interface %s failed", buf);
  3125. return -1;
  3126. }
  3127. return 0;
  3128. }
  3129. static int hostapd_ctrl_iface_remove(struct hapd_interfaces *interfaces,
  3130. char *buf)
  3131. {
  3132. if (hostapd_remove_iface(interfaces, buf) < 0) {
  3133. wpa_printf(MSG_ERROR, "Removing interface %s failed", buf);
  3134. return -1;
  3135. }
  3136. return 0;
  3137. }
  3138. static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces,
  3139. struct sockaddr_storage *from,
  3140. socklen_t fromlen, char *input)
  3141. {
  3142. return ctrl_iface_attach(&interfaces->global_ctrl_dst, from, fromlen,
  3143. input);
  3144. }
  3145. static int hostapd_global_ctrl_iface_detach(struct hapd_interfaces *interfaces,
  3146. struct sockaddr_storage *from,
  3147. socklen_t fromlen)
  3148. {
  3149. return ctrl_iface_detach(&interfaces->global_ctrl_dst, from, fromlen);
  3150. }
  3151. static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces)
  3152. {
  3153. #ifdef CONFIG_WPS_TESTING
  3154. wps_version_number = 0x20;
  3155. wps_testing_dummy_cred = 0;
  3156. wps_corrupt_pkhash = 0;
  3157. #endif /* CONFIG_WPS_TESTING */
  3158. #ifdef CONFIG_TESTING_OPTIONS
  3159. #ifdef CONFIG_DPP
  3160. dpp_test = DPP_TEST_DISABLED;
  3161. #endif /* CONFIG_DPP */
  3162. #endif /* CONFIG_TESTING_OPTIONS */
  3163. #ifdef CONFIG_DPP
  3164. hostapd_dpp_deinit_global(interfaces);
  3165. #endif /* CONFIG_DPP */
  3166. }
  3167. #ifdef CONFIG_FST
  3168. static int
  3169. hostapd_global_ctrl_iface_fst_attach(struct hapd_interfaces *interfaces,
  3170. const char *cmd)
  3171. {
  3172. char ifname[IFNAMSIZ + 1];
  3173. struct fst_iface_cfg cfg;
  3174. struct hostapd_data *hapd;
  3175. struct fst_wpa_obj iface_obj;
  3176. if (!fst_parse_attach_command(cmd, ifname, sizeof(ifname), &cfg)) {
  3177. hapd = hostapd_get_iface(interfaces, ifname);
  3178. if (hapd) {
  3179. if (hapd->iface->fst) {
  3180. wpa_printf(MSG_INFO, "FST: Already attached");
  3181. return -1;
  3182. }
  3183. fst_hostapd_fill_iface_obj(hapd, &iface_obj);
  3184. hapd->iface->fst = fst_attach(ifname, hapd->own_addr,
  3185. &iface_obj, &cfg);
  3186. if (hapd->iface->fst)
  3187. return 0;
  3188. }
  3189. }
  3190. return -EINVAL;
  3191. }
  3192. static int
  3193. hostapd_global_ctrl_iface_fst_detach(struct hapd_interfaces *interfaces,
  3194. const char *cmd)
  3195. {
  3196. char ifname[IFNAMSIZ + 1];
  3197. struct hostapd_data * hapd;
  3198. if (!fst_parse_detach_command(cmd, ifname, sizeof(ifname))) {
  3199. hapd = hostapd_get_iface(interfaces, ifname);
  3200. if (hapd) {
  3201. if (!fst_iface_detach(ifname)) {
  3202. hapd->iface->fst = NULL;
  3203. hapd->iface->fst_ies = NULL;
  3204. return 0;
  3205. }
  3206. }
  3207. }
  3208. return -EINVAL;
  3209. }
  3210. #endif /* CONFIG_FST */
  3211. static struct hostapd_data *
  3212. hostapd_interfaces_get_hapd(struct hapd_interfaces *interfaces,
  3213. const char *ifname)
  3214. {
  3215. size_t i, j;
  3216. for (i = 0; i < interfaces->count; i++) {
  3217. struct hostapd_iface *iface = interfaces->iface[i];
  3218. for (j = 0; j < iface->num_bss; j++) {
  3219. struct hostapd_data *hapd;
  3220. hapd = iface->bss[j];
  3221. if (os_strcmp(ifname, hapd->conf->iface) == 0)
  3222. return hapd;
  3223. }
  3224. }
  3225. return NULL;
  3226. }
  3227. static int hostapd_ctrl_iface_dup_param(struct hostapd_data *src_hapd,
  3228. struct hostapd_data *dst_hapd,
  3229. const char *param)
  3230. {
  3231. int res;
  3232. char *value;
  3233. value = os_zalloc(HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
  3234. if (!value) {
  3235. wpa_printf(MSG_ERROR,
  3236. "DUP: cannot allocate buffer to stringify %s",
  3237. param);
  3238. goto error_return;
  3239. }
  3240. if (os_strcmp(param, "wpa") == 0) {
  3241. os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%d",
  3242. src_hapd->conf->wpa);
  3243. } else if (os_strcmp(param, "wpa_key_mgmt") == 0 &&
  3244. src_hapd->conf->wpa_key_mgmt) {
  3245. res = hostapd_ctrl_iface_get_key_mgmt(
  3246. src_hapd, value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
  3247. if (os_snprintf_error(HOSTAPD_CLI_DUP_VALUE_MAX_LEN, res))
  3248. goto error_stringify;
  3249. } else if (os_strcmp(param, "wpa_pairwise") == 0 &&
  3250. src_hapd->conf->wpa_pairwise) {
  3251. res = wpa_write_ciphers(value,
  3252. value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
  3253. src_hapd->conf->wpa_pairwise, " ");
  3254. if (res < 0)
  3255. goto error_stringify;
  3256. } else if (os_strcmp(param, "rsn_pairwise") == 0 &&
  3257. src_hapd->conf->rsn_pairwise) {
  3258. res = wpa_write_ciphers(value,
  3259. value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
  3260. src_hapd->conf->rsn_pairwise, " ");
  3261. if (res < 0)
  3262. goto error_stringify;
  3263. } else if (os_strcmp(param, "wpa_passphrase") == 0 &&
  3264. src_hapd->conf->ssid.wpa_passphrase) {
  3265. os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%s",
  3266. src_hapd->conf->ssid.wpa_passphrase);
  3267. } else if (os_strcmp(param, "wpa_psk") == 0 &&
  3268. src_hapd->conf->ssid.wpa_psk_set) {
  3269. wpa_snprintf_hex(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
  3270. src_hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
  3271. } else {
  3272. wpa_printf(MSG_WARNING, "DUP: %s cannot be duplicated", param);
  3273. goto error_return;
  3274. }
  3275. res = hostapd_set_iface(dst_hapd->iconf, dst_hapd->conf, param, value);
  3276. os_free(value);
  3277. return res;
  3278. error_stringify:
  3279. wpa_printf(MSG_ERROR, "DUP: cannot stringify %s", param);
  3280. error_return:
  3281. os_free(value);
  3282. return -1;
  3283. }
  3284. static int
  3285. hostapd_global_ctrl_iface_interfaces(struct hapd_interfaces *interfaces,
  3286. const char *input,
  3287. char *reply, int reply_size)
  3288. {
  3289. size_t i, j;
  3290. int res;
  3291. char *pos, *end;
  3292. struct hostapd_iface *iface;
  3293. int show_ctrl = 0;
  3294. if (input)
  3295. show_ctrl = !!os_strstr(input, "ctrl");
  3296. pos = reply;
  3297. end = reply + reply_size;
  3298. for (i = 0; i < interfaces->count; i++) {
  3299. iface = interfaces->iface[i];
  3300. for (j = 0; j < iface->num_bss; j++) {
  3301. struct hostapd_bss_config *conf;
  3302. conf = iface->conf->bss[j];
  3303. if (show_ctrl)
  3304. res = os_snprintf(pos, end - pos,
  3305. "%s ctrl_iface=%s\n",
  3306. conf->iface,
  3307. conf->ctrl_interface ?
  3308. conf->ctrl_interface : "N/A");
  3309. else
  3310. res = os_snprintf(pos, end - pos, "%s\n",
  3311. conf->iface);
  3312. if (os_snprintf_error(end - pos, res)) {
  3313. *pos = '\0';
  3314. return pos - reply;
  3315. }
  3316. pos += res;
  3317. }
  3318. }
  3319. return pos - reply;
  3320. }
  3321. static int
  3322. hostapd_global_ctrl_iface_dup_network(struct hapd_interfaces *interfaces,
  3323. char *cmd)
  3324. {
  3325. char *p_start = cmd, *p_end;
  3326. struct hostapd_data *src_hapd, *dst_hapd;
  3327. /* cmd: "<src ifname> <dst ifname> <variable name> */
  3328. p_end = os_strchr(p_start, ' ');
  3329. if (!p_end) {
  3330. wpa_printf(MSG_ERROR, "DUP: no src ifname found in cmd: '%s'",
  3331. cmd);
  3332. return -1;
  3333. }
  3334. *p_end = '\0';
  3335. src_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
  3336. if (!src_hapd) {
  3337. wpa_printf(MSG_ERROR, "DUP: no src ifname found: '%s'",
  3338. p_start);
  3339. return -1;
  3340. }
  3341. p_start = p_end + 1;
  3342. p_end = os_strchr(p_start, ' ');
  3343. if (!p_end) {
  3344. wpa_printf(MSG_ERROR, "DUP: no dst ifname found in cmd: '%s'",
  3345. cmd);
  3346. return -1;
  3347. }
  3348. *p_end = '\0';
  3349. dst_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
  3350. if (!dst_hapd) {
  3351. wpa_printf(MSG_ERROR, "DUP: no dst ifname found: '%s'",
  3352. p_start);
  3353. return -1;
  3354. }
  3355. p_start = p_end + 1;
  3356. return hostapd_ctrl_iface_dup_param(src_hapd, dst_hapd, p_start);
  3357. }
  3358. static int hostapd_global_ctrl_iface_ifname(struct hapd_interfaces *interfaces,
  3359. const char *ifname,
  3360. char *buf, char *reply,
  3361. int reply_size,
  3362. struct sockaddr_storage *from,
  3363. socklen_t fromlen)
  3364. {
  3365. struct hostapd_data *hapd;
  3366. hapd = hostapd_interfaces_get_hapd(interfaces, ifname);
  3367. if (hapd == NULL) {
  3368. int res;
  3369. res = os_snprintf(reply, reply_size, "FAIL-NO-IFNAME-MATCH\n");
  3370. if (os_snprintf_error(reply_size, res))
  3371. return -1;
  3372. return res;
  3373. }
  3374. return hostapd_ctrl_iface_receive_process(hapd, buf, reply,reply_size,
  3375. from, fromlen);
  3376. }
  3377. static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
  3378. void *sock_ctx)
  3379. {
  3380. void *interfaces = eloop_ctx;
  3381. char buffer[256], *buf = buffer;
  3382. int res;
  3383. struct sockaddr_storage from;
  3384. socklen_t fromlen = sizeof(from);
  3385. char *reply;
  3386. int reply_len;
  3387. const int reply_size = 4096;
  3388. #ifdef CONFIG_CTRL_IFACE_UDP
  3389. unsigned char lcookie[COOKIE_LEN];
  3390. #endif /* CONFIG_CTRL_IFACE_UDP */
  3391. res = recvfrom(sock, buffer, sizeof(buffer) - 1, 0,
  3392. (struct sockaddr *) &from, &fromlen);
  3393. if (res < 0) {
  3394. wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
  3395. strerror(errno));
  3396. return;
  3397. }
  3398. buf[res] = '\0';
  3399. wpa_printf(MSG_DEBUG, "Global ctrl_iface command: %s", buf);
  3400. reply = os_malloc(reply_size);
  3401. if (reply == NULL) {
  3402. if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
  3403. fromlen) < 0) {
  3404. wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
  3405. strerror(errno));
  3406. }
  3407. return;
  3408. }
  3409. os_memcpy(reply, "OK\n", 3);
  3410. reply_len = 3;
  3411. #ifdef CONFIG_CTRL_IFACE_UDP
  3412. if (os_strcmp(buf, "GET_COOKIE") == 0) {
  3413. os_memcpy(reply, "COOKIE=", 7);
  3414. wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1,
  3415. gcookie, COOKIE_LEN);
  3416. reply_len = 7 + 2 * COOKIE_LEN;
  3417. goto send_reply;
  3418. }
  3419. if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
  3420. hexstr2bin(buf + 7, lcookie, COOKIE_LEN) < 0) {
  3421. wpa_printf(MSG_DEBUG,
  3422. "CTRL: No cookie in the request - drop request");
  3423. os_free(reply);
  3424. return;
  3425. }
  3426. if (os_memcmp(gcookie, lcookie, COOKIE_LEN) != 0) {
  3427. wpa_printf(MSG_DEBUG,
  3428. "CTRL: Invalid cookie in the request - drop request");
  3429. os_free(reply);
  3430. return;
  3431. }
  3432. buf += 7 + 2 * COOKIE_LEN;
  3433. while (*buf == ' ')
  3434. buf++;
  3435. #endif /* CONFIG_CTRL_IFACE_UDP */
  3436. if (os_strncmp(buf, "IFNAME=", 7) == 0) {
  3437. char *pos = os_strchr(buf + 7, ' ');
  3438. if (pos) {
  3439. *pos++ = '\0';
  3440. reply_len = hostapd_global_ctrl_iface_ifname(
  3441. interfaces, buf + 7, pos, reply, reply_size,
  3442. &from, fromlen);
  3443. goto send_reply;
  3444. }
  3445. }
  3446. if (os_strcmp(buf, "PING") == 0) {
  3447. os_memcpy(reply, "PONG\n", 5);
  3448. reply_len = 5;
  3449. } else if (os_strncmp(buf, "RELOG", 5) == 0) {
  3450. if (wpa_debug_reopen_file() < 0)
  3451. reply_len = -1;
  3452. } else if (os_strcmp(buf, "FLUSH") == 0) {
  3453. hostapd_ctrl_iface_flush(interfaces);
  3454. } else if (os_strncmp(buf, "ADD ", 4) == 0) {
  3455. if (hostapd_ctrl_iface_add(interfaces, buf + 4) < 0)
  3456. reply_len = -1;
  3457. } else if (os_strncmp(buf, "REMOVE ", 7) == 0) {
  3458. if (hostapd_ctrl_iface_remove(interfaces, buf + 7) < 0)
  3459. reply_len = -1;
  3460. } else if (os_strcmp(buf, "ATTACH") == 0) {
  3461. if (hostapd_global_ctrl_iface_attach(interfaces, &from,
  3462. fromlen, NULL))
  3463. reply_len = -1;
  3464. } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
  3465. if (hostapd_global_ctrl_iface_attach(interfaces, &from,
  3466. fromlen, buf + 7))
  3467. reply_len = -1;
  3468. } else if (os_strcmp(buf, "DETACH") == 0) {
  3469. if (hostapd_global_ctrl_iface_detach(interfaces, &from,
  3470. fromlen))
  3471. reply_len = -1;
  3472. #ifdef CONFIG_MODULE_TESTS
  3473. } else if (os_strcmp(buf, "MODULE_TESTS") == 0) {
  3474. if (hapd_module_tests() < 0)
  3475. reply_len = -1;
  3476. #endif /* CONFIG_MODULE_TESTS */
  3477. #ifdef CONFIG_FST
  3478. } else if (os_strncmp(buf, "FST-ATTACH ", 11) == 0) {
  3479. if (!hostapd_global_ctrl_iface_fst_attach(interfaces, buf + 11))
  3480. reply_len = os_snprintf(reply, reply_size, "OK\n");
  3481. else
  3482. reply_len = -1;
  3483. } else if (os_strncmp(buf, "FST-DETACH ", 11) == 0) {
  3484. if (!hostapd_global_ctrl_iface_fst_detach(interfaces, buf + 11))
  3485. reply_len = os_snprintf(reply, reply_size, "OK\n");
  3486. else
  3487. reply_len = -1;
  3488. } else if (os_strncmp(buf, "FST-MANAGER ", 12) == 0) {
  3489. reply_len = fst_ctrl_iface_receive(buf + 12, reply, reply_size);
  3490. #endif /* CONFIG_FST */
  3491. } else if (os_strncmp(buf, "DUP_NETWORK ", 12) == 0) {
  3492. if (!hostapd_global_ctrl_iface_dup_network(interfaces,
  3493. buf + 12))
  3494. reply_len = os_snprintf(reply, reply_size, "OK\n");
  3495. else
  3496. reply_len = -1;
  3497. } else if (os_strncmp(buf, "INTERFACES", 10) == 0) {
  3498. reply_len = hostapd_global_ctrl_iface_interfaces(
  3499. interfaces, buf + 10, reply, sizeof(buffer));
  3500. } else if (os_strcmp(buf, "TERMINATE") == 0) {
  3501. eloop_terminate();
  3502. } else {
  3503. wpa_printf(MSG_DEBUG, "Unrecognized global ctrl_iface command "
  3504. "ignored");
  3505. reply_len = -1;
  3506. }
  3507. send_reply:
  3508. if (reply_len < 0) {
  3509. os_memcpy(reply, "FAIL\n", 5);
  3510. reply_len = 5;
  3511. }
  3512. if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
  3513. fromlen) < 0) {
  3514. wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
  3515. strerror(errno));
  3516. }
  3517. os_free(reply);
  3518. }
  3519. #ifndef CONFIG_CTRL_IFACE_UDP
  3520. static char * hostapd_global_ctrl_iface_path(struct hapd_interfaces *interface)
  3521. {
  3522. char *buf;
  3523. size_t len;
  3524. if (interface->global_iface_path == NULL)
  3525. return NULL;
  3526. len = os_strlen(interface->global_iface_path) +
  3527. os_strlen(interface->global_iface_name) + 2;
  3528. buf = os_malloc(len);
  3529. if (buf == NULL)
  3530. return NULL;
  3531. os_snprintf(buf, len, "%s/%s", interface->global_iface_path,
  3532. interface->global_iface_name);
  3533. buf[len - 1] = '\0';
  3534. return buf;
  3535. }
  3536. #endif /* CONFIG_CTRL_IFACE_UDP */
  3537. int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
  3538. {
  3539. #ifdef CONFIG_CTRL_IFACE_UDP
  3540. int port = HOSTAPD_GLOBAL_CTRL_IFACE_PORT;
  3541. char p[32] = { 0 };
  3542. char *pos;
  3543. struct addrinfo hints = { 0 }, *res, *saveres;
  3544. int n;
  3545. if (interface->global_ctrl_sock > -1) {
  3546. wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
  3547. return 0;
  3548. }
  3549. if (interface->global_iface_path == NULL)
  3550. return 0;
  3551. pos = os_strstr(interface->global_iface_path, "udp:");
  3552. if (pos) {
  3553. pos += 4;
  3554. port = atoi(pos);
  3555. if (port <= 0) {
  3556. wpa_printf(MSG_ERROR, "Invalid global ctrl UDP port");
  3557. goto fail;
  3558. }
  3559. }
  3560. os_get_random(gcookie, COOKIE_LEN);
  3561. #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
  3562. hints.ai_flags = AI_PASSIVE;
  3563. #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
  3564. #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
  3565. hints.ai_family = AF_INET6;
  3566. #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
  3567. hints.ai_family = AF_INET;
  3568. #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
  3569. hints.ai_socktype = SOCK_DGRAM;
  3570. try_again:
  3571. os_snprintf(p, sizeof(p), "%d", port);
  3572. n = getaddrinfo(NULL, p, &hints, &res);
  3573. if (n) {
  3574. wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
  3575. goto fail;
  3576. }
  3577. saveres = res;
  3578. interface->global_ctrl_sock = socket(res->ai_family, res->ai_socktype,
  3579. res->ai_protocol);
  3580. if (interface->global_ctrl_sock < 0) {
  3581. wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
  3582. goto fail;
  3583. }
  3584. if (bind(interface->global_ctrl_sock, res->ai_addr, res->ai_addrlen) <
  3585. 0) {
  3586. port++;
  3587. if ((port - HOSTAPD_GLOBAL_CTRL_IFACE_PORT) <
  3588. HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT && !pos)
  3589. goto try_again;
  3590. wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
  3591. goto fail;
  3592. }
  3593. freeaddrinfo(saveres);
  3594. wpa_printf(MSG_DEBUG, "global ctrl_iface_init UDP port: %d", port);
  3595. if (eloop_register_read_sock(interface->global_ctrl_sock,
  3596. hostapd_global_ctrl_iface_receive,
  3597. interface, NULL) < 0) {
  3598. hostapd_global_ctrl_iface_deinit(interface);
  3599. return -1;
  3600. }
  3601. return 0;
  3602. fail:
  3603. if (interface->global_ctrl_sock >= 0)
  3604. close(interface->global_ctrl_sock);
  3605. return -1;
  3606. #else /* CONFIG_CTRL_IFACE_UDP */
  3607. struct sockaddr_un addr;
  3608. int s = -1;
  3609. char *fname = NULL;
  3610. if (interface->global_iface_path == NULL) {
  3611. wpa_printf(MSG_DEBUG, "ctrl_iface not configured!");
  3612. return 0;
  3613. }
  3614. if (mkdir(interface->global_iface_path, S_IRWXU | S_IRWXG) < 0) {
  3615. if (errno == EEXIST) {
  3616. wpa_printf(MSG_DEBUG, "Using existing control "
  3617. "interface directory.");
  3618. } else {
  3619. wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
  3620. strerror(errno));
  3621. goto fail;
  3622. }
  3623. } else if (interface->ctrl_iface_group &&
  3624. chown(interface->global_iface_path, -1,
  3625. interface->ctrl_iface_group) < 0) {
  3626. wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
  3627. strerror(errno));
  3628. goto fail;
  3629. }
  3630. if (os_strlen(interface->global_iface_path) + 1 +
  3631. os_strlen(interface->global_iface_name) >= sizeof(addr.sun_path))
  3632. goto fail;
  3633. s = socket(PF_UNIX, SOCK_DGRAM, 0);
  3634. if (s < 0) {
  3635. wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
  3636. goto fail;
  3637. }
  3638. os_memset(&addr, 0, sizeof(addr));
  3639. #ifdef __FreeBSD__
  3640. addr.sun_len = sizeof(addr);
  3641. #endif /* __FreeBSD__ */
  3642. addr.sun_family = AF_UNIX;
  3643. fname = hostapd_global_ctrl_iface_path(interface);
  3644. if (fname == NULL)
  3645. goto fail;
  3646. os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
  3647. if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
  3648. wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
  3649. strerror(errno));
  3650. if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
  3651. wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
  3652. " allow connections - assuming it was left"
  3653. "over from forced program termination");
  3654. if (unlink(fname) < 0) {
  3655. wpa_printf(MSG_ERROR,
  3656. "Could not unlink existing ctrl_iface socket '%s': %s",
  3657. fname, strerror(errno));
  3658. goto fail;
  3659. }
  3660. if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
  3661. 0) {
  3662. wpa_printf(MSG_ERROR, "bind(PF_UNIX): %s",
  3663. strerror(errno));
  3664. goto fail;
  3665. }
  3666. wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
  3667. "ctrl_iface socket '%s'", fname);
  3668. } else {
  3669. wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
  3670. "be in use - cannot override it");
  3671. wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
  3672. "not used anymore", fname);
  3673. os_free(fname);
  3674. fname = NULL;
  3675. goto fail;
  3676. }
  3677. }
  3678. if (interface->ctrl_iface_group &&
  3679. chown(fname, -1, interface->ctrl_iface_group) < 0) {
  3680. wpa_printf(MSG_ERROR, "chown[ctrl_interface]: %s",
  3681. strerror(errno));
  3682. goto fail;
  3683. }
  3684. if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
  3685. wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
  3686. strerror(errno));
  3687. goto fail;
  3688. }
  3689. os_free(fname);
  3690. interface->global_ctrl_sock = s;
  3691. eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
  3692. interface, NULL);
  3693. return 0;
  3694. fail:
  3695. if (s >= 0)
  3696. close(s);
  3697. if (fname) {
  3698. unlink(fname);
  3699. os_free(fname);
  3700. }
  3701. return -1;
  3702. #endif /* CONFIG_CTRL_IFACE_UDP */
  3703. }
  3704. void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interfaces)
  3705. {
  3706. #ifndef CONFIG_CTRL_IFACE_UDP
  3707. char *fname = NULL;
  3708. #endif /* CONFIG_CTRL_IFACE_UDP */
  3709. struct wpa_ctrl_dst *dst, *prev;
  3710. if (interfaces->global_ctrl_sock > -1) {
  3711. eloop_unregister_read_sock(interfaces->global_ctrl_sock);
  3712. close(interfaces->global_ctrl_sock);
  3713. interfaces->global_ctrl_sock = -1;
  3714. #ifndef CONFIG_CTRL_IFACE_UDP
  3715. fname = hostapd_global_ctrl_iface_path(interfaces);
  3716. if (fname) {
  3717. unlink(fname);
  3718. os_free(fname);
  3719. }
  3720. if (interfaces->global_iface_path &&
  3721. rmdir(interfaces->global_iface_path) < 0) {
  3722. if (errno == ENOTEMPTY) {
  3723. wpa_printf(MSG_DEBUG, "Control interface "
  3724. "directory not empty - leaving it "
  3725. "behind");
  3726. } else {
  3727. wpa_printf(MSG_ERROR,
  3728. "rmdir[ctrl_interface=%s]: %s",
  3729. interfaces->global_iface_path,
  3730. strerror(errno));
  3731. }
  3732. }
  3733. #endif /* CONFIG_CTRL_IFACE_UDP */
  3734. }
  3735. os_free(interfaces->global_iface_path);
  3736. interfaces->global_iface_path = NULL;
  3737. dl_list_for_each_safe(dst, prev, &interfaces->global_ctrl_dst,
  3738. struct wpa_ctrl_dst, list)
  3739. os_free(dst);
  3740. }
  3741. static int hostapd_ctrl_check_event_enabled(struct wpa_ctrl_dst *dst,
  3742. const char *buf)
  3743. {
  3744. /* Enable Probe Request events based on explicit request.
  3745. * Other events are enabled by default.
  3746. */
  3747. if (str_starts(buf, RX_PROBE_REQUEST))
  3748. return !!(dst->events & WPA_EVENT_RX_PROBE_REQUEST);
  3749. return 1;
  3750. }
  3751. static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
  3752. enum wpa_msg_type type,
  3753. const char *buf, size_t len)
  3754. {
  3755. struct wpa_ctrl_dst *dst, *next;
  3756. struct dl_list *ctrl_dst;
  3757. struct msghdr msg;
  3758. int idx;
  3759. struct iovec io[2];
  3760. char levelstr[10];
  3761. int s;
  3762. if (type != WPA_MSG_ONLY_GLOBAL) {
  3763. s = hapd->ctrl_sock;
  3764. ctrl_dst = &hapd->ctrl_dst;
  3765. } else {
  3766. s = hapd->iface->interfaces->global_ctrl_sock;
  3767. ctrl_dst = &hapd->iface->interfaces->global_ctrl_dst;
  3768. }
  3769. if (s < 0 || dl_list_empty(ctrl_dst))
  3770. return;
  3771. os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
  3772. io[0].iov_base = levelstr;
  3773. io[0].iov_len = os_strlen(levelstr);
  3774. io[1].iov_base = (char *) buf;
  3775. io[1].iov_len = len;
  3776. os_memset(&msg, 0, sizeof(msg));
  3777. msg.msg_iov = io;
  3778. msg.msg_iovlen = 2;
  3779. idx = 0;
  3780. dl_list_for_each_safe(dst, next, ctrl_dst, struct wpa_ctrl_dst, list) {
  3781. if ((level >= dst->debug_level) &&
  3782. hostapd_ctrl_check_event_enabled(dst, buf)) {
  3783. sockaddr_print(MSG_DEBUG, "CTRL_IFACE monitor send",
  3784. &dst->addr, dst->addrlen);
  3785. msg.msg_name = &dst->addr;
  3786. msg.msg_namelen = dst->addrlen;
  3787. if (sendmsg(s, &msg, 0) < 0) {
  3788. int _errno = errno;
  3789. wpa_printf(MSG_INFO, "CTRL_IFACE monitor[%d]: "
  3790. "%d - %s",
  3791. idx, errno, strerror(errno));
  3792. dst->errors++;
  3793. if (dst->errors > 10 || _errno == ENOENT) {
  3794. if (type != WPA_MSG_ONLY_GLOBAL)
  3795. hostapd_ctrl_iface_detach(
  3796. hapd, &dst->addr,
  3797. dst->addrlen);
  3798. else
  3799. hostapd_global_ctrl_iface_detach(
  3800. hapd->iface->interfaces,
  3801. &dst->addr,
  3802. dst->addrlen);
  3803. }
  3804. } else
  3805. dst->errors = 0;
  3806. }
  3807. idx++;
  3808. }
  3809. }
  3810. #endif /* CONFIG_NATIVE_WINDOWS */