config_file.c 109 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026
  1. /*
  2. * hostapd / Configuration file parser
  3. * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
  4. *
  5. * This software may be distributed under the terms of the BSD license.
  6. * See README for more details.
  7. */
  8. #include "utils/includes.h"
  9. #ifndef CONFIG_NATIVE_WINDOWS
  10. #include <grp.h>
  11. #endif /* CONFIG_NATIVE_WINDOWS */
  12. #include "utils/common.h"
  13. #include "utils/uuid.h"
  14. #include "common/ieee802_11_defs.h"
  15. #include "crypto/sha256.h"
  16. #include "crypto/tls.h"
  17. #include "drivers/driver.h"
  18. #include "eap_server/eap.h"
  19. #include "radius/radius_client.h"
  20. #include "ap/wpa_auth.h"
  21. #include "ap/ap_config.h"
  22. #include "config_file.h"
  23. #ifndef CONFIG_NO_RADIUS
  24. #ifdef EAP_SERVER
  25. static struct hostapd_radius_attr *
  26. hostapd_parse_radius_attr(const char *value);
  27. #endif /* EAP_SERVER */
  28. #endif /* CONFIG_NO_RADIUS */
  29. #ifndef CONFIG_NO_VLAN
  30. static int hostapd_config_read_vlan_file(struct hostapd_bss_config *bss,
  31. const char *fname)
  32. {
  33. FILE *f;
  34. char buf[128], *pos, *pos2;
  35. int line = 0, vlan_id;
  36. struct hostapd_vlan *vlan;
  37. f = fopen(fname, "r");
  38. if (!f) {
  39. wpa_printf(MSG_ERROR, "VLAN file '%s' not readable.", fname);
  40. return -1;
  41. }
  42. while (fgets(buf, sizeof(buf), f)) {
  43. line++;
  44. if (buf[0] == '#')
  45. continue;
  46. pos = buf;
  47. while (*pos != '\0') {
  48. if (*pos == '\n') {
  49. *pos = '\0';
  50. break;
  51. }
  52. pos++;
  53. }
  54. if (buf[0] == '\0')
  55. continue;
  56. if (buf[0] == '*') {
  57. vlan_id = VLAN_ID_WILDCARD;
  58. pos = buf + 1;
  59. } else {
  60. vlan_id = strtol(buf, &pos, 10);
  61. if (buf == pos || vlan_id < 1 ||
  62. vlan_id > MAX_VLAN_ID) {
  63. wpa_printf(MSG_ERROR, "Invalid VLAN ID at "
  64. "line %d in '%s'", line, fname);
  65. fclose(f);
  66. return -1;
  67. }
  68. }
  69. while (*pos == ' ' || *pos == '\t')
  70. pos++;
  71. pos2 = pos;
  72. while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
  73. pos2++;
  74. *pos2 = '\0';
  75. if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
  76. wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
  77. "in '%s'", line, fname);
  78. fclose(f);
  79. return -1;
  80. }
  81. vlan = os_zalloc(sizeof(*vlan));
  82. if (vlan == NULL) {
  83. wpa_printf(MSG_ERROR, "Out of memory while reading "
  84. "VLAN interfaces from '%s'", fname);
  85. fclose(f);
  86. return -1;
  87. }
  88. vlan->vlan_id = vlan_id;
  89. vlan->vlan_desc.untagged = vlan_id;
  90. vlan->vlan_desc.notempty = !!vlan_id;
  91. os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
  92. vlan->next = bss->vlan;
  93. bss->vlan = vlan;
  94. }
  95. fclose(f);
  96. return 0;
  97. }
  98. #endif /* CONFIG_NO_VLAN */
  99. int hostapd_acl_comp(const void *a, const void *b)
  100. {
  101. const struct mac_acl_entry *aa = a;
  102. const struct mac_acl_entry *bb = b;
  103. return os_memcmp(aa->addr, bb->addr, sizeof(macaddr));
  104. }
  105. int hostapd_add_acl_maclist(struct mac_acl_entry **acl, int *num,
  106. int vlan_id, const u8 *addr)
  107. {
  108. struct mac_acl_entry *newacl;
  109. newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl));
  110. if (!newacl) {
  111. wpa_printf(MSG_ERROR, "MAC list reallocation failed");
  112. return -1;
  113. }
  114. *acl = newacl;
  115. os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
  116. os_memset(&(*acl)[*num].vlan_id, 0, sizeof((*acl)[*num].vlan_id));
  117. (*acl)[*num].vlan_id.untagged = vlan_id;
  118. (*acl)[*num].vlan_id.notempty = !!vlan_id;
  119. (*num)++;
  120. return 0;
  121. }
  122. void hostapd_remove_acl_mac(struct mac_acl_entry **acl, int *num,
  123. const u8 *addr)
  124. {
  125. int i = 0;
  126. while (i < *num) {
  127. if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == 0) {
  128. os_remove_in_array(*acl, *num, sizeof(**acl), i);
  129. (*num)--;
  130. } else {
  131. i++;
  132. }
  133. }
  134. }
  135. static int hostapd_config_read_maclist(const char *fname,
  136. struct mac_acl_entry **acl, int *num)
  137. {
  138. FILE *f;
  139. char buf[128], *pos;
  140. int line = 0;
  141. u8 addr[ETH_ALEN];
  142. int vlan_id;
  143. f = fopen(fname, "r");
  144. if (!f) {
  145. wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname);
  146. return -1;
  147. }
  148. while (fgets(buf, sizeof(buf), f)) {
  149. int rem = 0;
  150. line++;
  151. if (buf[0] == '#')
  152. continue;
  153. pos = buf;
  154. while (*pos != '\0') {
  155. if (*pos == '\n') {
  156. *pos = '\0';
  157. break;
  158. }
  159. pos++;
  160. }
  161. if (buf[0] == '\0')
  162. continue;
  163. pos = buf;
  164. if (buf[0] == '-') {
  165. rem = 1;
  166. pos++;
  167. }
  168. if (hwaddr_aton(pos, addr)) {
  169. wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at "
  170. "line %d in '%s'", pos, line, fname);
  171. fclose(f);
  172. return -1;
  173. }
  174. if (rem) {
  175. hostapd_remove_acl_mac(acl, num, addr);
  176. continue;
  177. }
  178. vlan_id = 0;
  179. pos = buf;
  180. while (*pos != '\0' && *pos != ' ' && *pos != '\t')
  181. pos++;
  182. while (*pos == ' ' || *pos == '\t')
  183. pos++;
  184. if (*pos != '\0')
  185. vlan_id = atoi(pos);
  186. if (hostapd_add_acl_maclist(acl, num, vlan_id, addr) < 0) {
  187. fclose(f);
  188. return -1;
  189. }
  190. }
  191. fclose(f);
  192. if (*acl)
  193. qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
  194. return 0;
  195. }
  196. #ifdef EAP_SERVER
  197. static int hostapd_config_read_eap_user(const char *fname,
  198. struct hostapd_bss_config *conf)
  199. {
  200. FILE *f;
  201. char buf[512], *pos, *start, *pos2;
  202. int line = 0, ret = 0, num_methods;
  203. struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL;
  204. if (os_strncmp(fname, "sqlite:", 7) == 0) {
  205. #ifdef CONFIG_SQLITE
  206. os_free(conf->eap_user_sqlite);
  207. conf->eap_user_sqlite = os_strdup(fname + 7);
  208. return 0;
  209. #else /* CONFIG_SQLITE */
  210. wpa_printf(MSG_ERROR,
  211. "EAP user file in SQLite DB, but CONFIG_SQLITE was not enabled in the build.");
  212. return -1;
  213. #endif /* CONFIG_SQLITE */
  214. }
  215. f = fopen(fname, "r");
  216. if (!f) {
  217. wpa_printf(MSG_ERROR, "EAP user file '%s' not found.", fname);
  218. return -1;
  219. }
  220. /* Lines: "user" METHOD,METHOD2 "password" (password optional) */
  221. while (fgets(buf, sizeof(buf), f)) {
  222. line++;
  223. if (buf[0] == '#')
  224. continue;
  225. pos = buf;
  226. while (*pos != '\0') {
  227. if (*pos == '\n') {
  228. *pos = '\0';
  229. break;
  230. }
  231. pos++;
  232. }
  233. if (buf[0] == '\0')
  234. continue;
  235. #ifndef CONFIG_NO_RADIUS
  236. if (user && os_strncmp(buf, "radius_accept_attr=", 19) == 0) {
  237. struct hostapd_radius_attr *attr, *a;
  238. attr = hostapd_parse_radius_attr(buf + 19);
  239. if (attr == NULL) {
  240. wpa_printf(MSG_ERROR, "Invalid radius_auth_req_attr: %s",
  241. buf + 19);
  242. user = NULL; /* already in the BSS list */
  243. goto failed;
  244. }
  245. if (user->accept_attr == NULL) {
  246. user->accept_attr = attr;
  247. } else {
  248. a = user->accept_attr;
  249. while (a->next)
  250. a = a->next;
  251. a->next = attr;
  252. }
  253. continue;
  254. }
  255. #endif /* CONFIG_NO_RADIUS */
  256. user = NULL;
  257. if (buf[0] != '"' && buf[0] != '*') {
  258. wpa_printf(MSG_ERROR, "Invalid EAP identity (no \" in "
  259. "start) on line %d in '%s'", line, fname);
  260. goto failed;
  261. }
  262. user = os_zalloc(sizeof(*user));
  263. if (user == NULL) {
  264. wpa_printf(MSG_ERROR, "EAP user allocation failed");
  265. goto failed;
  266. }
  267. user->force_version = -1;
  268. if (buf[0] == '*') {
  269. pos = buf;
  270. } else {
  271. pos = buf + 1;
  272. start = pos;
  273. while (*pos != '"' && *pos != '\0')
  274. pos++;
  275. if (*pos == '\0') {
  276. wpa_printf(MSG_ERROR, "Invalid EAP identity "
  277. "(no \" in end) on line %d in '%s'",
  278. line, fname);
  279. goto failed;
  280. }
  281. user->identity = os_memdup(start, pos - start);
  282. if (user->identity == NULL) {
  283. wpa_printf(MSG_ERROR, "Failed to allocate "
  284. "memory for EAP identity");
  285. goto failed;
  286. }
  287. user->identity_len = pos - start;
  288. if (pos[0] == '"' && pos[1] == '*') {
  289. user->wildcard_prefix = 1;
  290. pos++;
  291. }
  292. }
  293. pos++;
  294. while (*pos == ' ' || *pos == '\t')
  295. pos++;
  296. if (*pos == '\0') {
  297. wpa_printf(MSG_ERROR, "No EAP method on line %d in "
  298. "'%s'", line, fname);
  299. goto failed;
  300. }
  301. start = pos;
  302. while (*pos != ' ' && *pos != '\t' && *pos != '\0')
  303. pos++;
  304. if (*pos == '\0') {
  305. pos = NULL;
  306. } else {
  307. *pos = '\0';
  308. pos++;
  309. }
  310. num_methods = 0;
  311. while (*start) {
  312. char *pos3 = os_strchr(start, ',');
  313. if (pos3) {
  314. *pos3++ = '\0';
  315. }
  316. user->methods[num_methods].method =
  317. eap_server_get_type(
  318. start,
  319. &user->methods[num_methods].vendor);
  320. if (user->methods[num_methods].vendor ==
  321. EAP_VENDOR_IETF &&
  322. user->methods[num_methods].method == EAP_TYPE_NONE)
  323. {
  324. if (os_strcmp(start, "TTLS-PAP") == 0) {
  325. user->ttls_auth |= EAP_TTLS_AUTH_PAP;
  326. goto skip_eap;
  327. }
  328. if (os_strcmp(start, "TTLS-CHAP") == 0) {
  329. user->ttls_auth |= EAP_TTLS_AUTH_CHAP;
  330. goto skip_eap;
  331. }
  332. if (os_strcmp(start, "TTLS-MSCHAP") == 0) {
  333. user->ttls_auth |=
  334. EAP_TTLS_AUTH_MSCHAP;
  335. goto skip_eap;
  336. }
  337. if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) {
  338. user->ttls_auth |=
  339. EAP_TTLS_AUTH_MSCHAPV2;
  340. goto skip_eap;
  341. }
  342. if (os_strcmp(start, "MACACL") == 0) {
  343. user->macacl = 1;
  344. goto skip_eap;
  345. }
  346. wpa_printf(MSG_ERROR, "Unsupported EAP type "
  347. "'%s' on line %d in '%s'",
  348. start, line, fname);
  349. goto failed;
  350. }
  351. num_methods++;
  352. if (num_methods >= EAP_MAX_METHODS)
  353. break;
  354. skip_eap:
  355. if (pos3 == NULL)
  356. break;
  357. start = pos3;
  358. }
  359. if (num_methods == 0 && user->ttls_auth == 0 && !user->macacl) {
  360. wpa_printf(MSG_ERROR, "No EAP types configured on "
  361. "line %d in '%s'", line, fname);
  362. goto failed;
  363. }
  364. if (pos == NULL)
  365. goto done;
  366. while (*pos == ' ' || *pos == '\t')
  367. pos++;
  368. if (*pos == '\0')
  369. goto done;
  370. if (os_strncmp(pos, "[ver=0]", 7) == 0) {
  371. user->force_version = 0;
  372. goto done;
  373. }
  374. if (os_strncmp(pos, "[ver=1]", 7) == 0) {
  375. user->force_version = 1;
  376. goto done;
  377. }
  378. if (os_strncmp(pos, "[2]", 3) == 0) {
  379. user->phase2 = 1;
  380. goto done;
  381. }
  382. if (*pos == '"') {
  383. pos++;
  384. start = pos;
  385. while (*pos != '"' && *pos != '\0')
  386. pos++;
  387. if (*pos == '\0') {
  388. wpa_printf(MSG_ERROR, "Invalid EAP password "
  389. "(no \" in end) on line %d in '%s'",
  390. line, fname);
  391. goto failed;
  392. }
  393. user->password = os_memdup(start, pos - start);
  394. if (user->password == NULL) {
  395. wpa_printf(MSG_ERROR, "Failed to allocate "
  396. "memory for EAP password");
  397. goto failed;
  398. }
  399. user->password_len = pos - start;
  400. pos++;
  401. } else if (os_strncmp(pos, "hash:", 5) == 0) {
  402. pos += 5;
  403. pos2 = pos;
  404. while (*pos2 != '\0' && *pos2 != ' ' &&
  405. *pos2 != '\t' && *pos2 != '#')
  406. pos2++;
  407. if (pos2 - pos != 32) {
  408. wpa_printf(MSG_ERROR, "Invalid password hash "
  409. "on line %d in '%s'", line, fname);
  410. goto failed;
  411. }
  412. user->password = os_malloc(16);
  413. if (user->password == NULL) {
  414. wpa_printf(MSG_ERROR, "Failed to allocate "
  415. "memory for EAP password hash");
  416. goto failed;
  417. }
  418. if (hexstr2bin(pos, user->password, 16) < 0) {
  419. wpa_printf(MSG_ERROR, "Invalid hash password "
  420. "on line %d in '%s'", line, fname);
  421. goto failed;
  422. }
  423. user->password_len = 16;
  424. user->password_hash = 1;
  425. pos = pos2;
  426. } else {
  427. pos2 = pos;
  428. while (*pos2 != '\0' && *pos2 != ' ' &&
  429. *pos2 != '\t' && *pos2 != '#')
  430. pos2++;
  431. if ((pos2 - pos) & 1) {
  432. wpa_printf(MSG_ERROR, "Invalid hex password "
  433. "on line %d in '%s'", line, fname);
  434. goto failed;
  435. }
  436. user->password = os_malloc((pos2 - pos) / 2);
  437. if (user->password == NULL) {
  438. wpa_printf(MSG_ERROR, "Failed to allocate "
  439. "memory for EAP password");
  440. goto failed;
  441. }
  442. if (hexstr2bin(pos, user->password,
  443. (pos2 - pos) / 2) < 0) {
  444. wpa_printf(MSG_ERROR, "Invalid hex password "
  445. "on line %d in '%s'", line, fname);
  446. goto failed;
  447. }
  448. user->password_len = (pos2 - pos) / 2;
  449. pos = pos2;
  450. }
  451. while (*pos == ' ' || *pos == '\t')
  452. pos++;
  453. if (os_strncmp(pos, "[2]", 3) == 0) {
  454. user->phase2 = 1;
  455. }
  456. done:
  457. if (tail == NULL) {
  458. tail = new_user = user;
  459. } else {
  460. tail->next = user;
  461. tail = user;
  462. }
  463. continue;
  464. failed:
  465. if (user)
  466. hostapd_config_free_eap_user(user);
  467. ret = -1;
  468. break;
  469. }
  470. fclose(f);
  471. if (ret == 0) {
  472. hostapd_config_free_eap_users(conf->eap_user);
  473. conf->eap_user = new_user;
  474. } else {
  475. hostapd_config_free_eap_users(new_user);
  476. }
  477. return ret;
  478. }
  479. #endif /* EAP_SERVER */
  480. #ifndef CONFIG_NO_RADIUS
  481. static int
  482. hostapd_config_read_radius_addr(struct hostapd_radius_server **server,
  483. int *num_server, const char *val, int def_port,
  484. struct hostapd_radius_server **curr_serv)
  485. {
  486. struct hostapd_radius_server *nserv;
  487. int ret;
  488. static int server_index = 1;
  489. nserv = os_realloc_array(*server, *num_server + 1, sizeof(*nserv));
  490. if (nserv == NULL)
  491. return -1;
  492. *server = nserv;
  493. nserv = &nserv[*num_server];
  494. (*num_server)++;
  495. (*curr_serv) = nserv;
  496. os_memset(nserv, 0, sizeof(*nserv));
  497. nserv->port = def_port;
  498. ret = hostapd_parse_ip_addr(val, &nserv->addr);
  499. nserv->index = server_index++;
  500. return ret;
  501. }
  502. static struct hostapd_radius_attr *
  503. hostapd_parse_radius_attr(const char *value)
  504. {
  505. const char *pos;
  506. char syntax;
  507. struct hostapd_radius_attr *attr;
  508. size_t len;
  509. attr = os_zalloc(sizeof(*attr));
  510. if (attr == NULL)
  511. return NULL;
  512. attr->type = atoi(value);
  513. pos = os_strchr(value, ':');
  514. if (pos == NULL) {
  515. attr->val = wpabuf_alloc(1);
  516. if (attr->val == NULL) {
  517. os_free(attr);
  518. return NULL;
  519. }
  520. wpabuf_put_u8(attr->val, 0);
  521. return attr;
  522. }
  523. pos++;
  524. if (pos[0] == '\0' || pos[1] != ':') {
  525. os_free(attr);
  526. return NULL;
  527. }
  528. syntax = *pos++;
  529. pos++;
  530. switch (syntax) {
  531. case 's':
  532. attr->val = wpabuf_alloc_copy(pos, os_strlen(pos));
  533. break;
  534. case 'x':
  535. len = os_strlen(pos);
  536. if (len & 1)
  537. break;
  538. len /= 2;
  539. attr->val = wpabuf_alloc(len);
  540. if (attr->val == NULL)
  541. break;
  542. if (hexstr2bin(pos, wpabuf_put(attr->val, len), len) < 0) {
  543. wpabuf_free(attr->val);
  544. os_free(attr);
  545. return NULL;
  546. }
  547. break;
  548. case 'd':
  549. attr->val = wpabuf_alloc(4);
  550. if (attr->val)
  551. wpabuf_put_be32(attr->val, atoi(pos));
  552. break;
  553. default:
  554. os_free(attr);
  555. return NULL;
  556. }
  557. if (attr->val == NULL) {
  558. os_free(attr);
  559. return NULL;
  560. }
  561. return attr;
  562. }
  563. static int hostapd_parse_das_client(struct hostapd_bss_config *bss, char *val)
  564. {
  565. char *secret;
  566. secret = os_strchr(val, ' ');
  567. if (secret == NULL)
  568. return -1;
  569. *secret++ = '\0';
  570. if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr))
  571. return -1;
  572. os_free(bss->radius_das_shared_secret);
  573. bss->radius_das_shared_secret = (u8 *) os_strdup(secret);
  574. if (bss->radius_das_shared_secret == NULL)
  575. return -1;
  576. bss->radius_das_shared_secret_len = os_strlen(secret);
  577. return 0;
  578. }
  579. #endif /* CONFIG_NO_RADIUS */
  580. static int hostapd_config_parse_key_mgmt(int line, const char *value)
  581. {
  582. int val = 0, last;
  583. char *start, *end, *buf;
  584. buf = os_strdup(value);
  585. if (buf == NULL)
  586. return -1;
  587. start = buf;
  588. while (*start != '\0') {
  589. while (*start == ' ' || *start == '\t')
  590. start++;
  591. if (*start == '\0')
  592. break;
  593. end = start;
  594. while (*end != ' ' && *end != '\t' && *end != '\0')
  595. end++;
  596. last = *end == '\0';
  597. *end = '\0';
  598. if (os_strcmp(start, "WPA-PSK") == 0)
  599. val |= WPA_KEY_MGMT_PSK;
  600. else if (os_strcmp(start, "WPA-EAP") == 0)
  601. val |= WPA_KEY_MGMT_IEEE8021X;
  602. #ifdef CONFIG_IEEE80211R_AP
  603. else if (os_strcmp(start, "FT-PSK") == 0)
  604. val |= WPA_KEY_MGMT_FT_PSK;
  605. else if (os_strcmp(start, "FT-EAP") == 0)
  606. val |= WPA_KEY_MGMT_FT_IEEE8021X;
  607. #endif /* CONFIG_IEEE80211R_AP */
  608. #ifdef CONFIG_IEEE80211W
  609. else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
  610. val |= WPA_KEY_MGMT_PSK_SHA256;
  611. else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
  612. val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
  613. #endif /* CONFIG_IEEE80211W */
  614. #ifdef CONFIG_SAE
  615. else if (os_strcmp(start, "SAE") == 0)
  616. val |= WPA_KEY_MGMT_SAE;
  617. else if (os_strcmp(start, "FT-SAE") == 0)
  618. val |= WPA_KEY_MGMT_FT_SAE;
  619. #endif /* CONFIG_SAE */
  620. #ifdef CONFIG_SUITEB
  621. else if (os_strcmp(start, "WPA-EAP-SUITE-B") == 0)
  622. val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B;
  623. #endif /* CONFIG_SUITEB */
  624. #ifdef CONFIG_SUITEB192
  625. else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0)
  626. val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
  627. #endif /* CONFIG_SUITEB192 */
  628. #ifdef CONFIG_FILS
  629. else if (os_strcmp(start, "FILS-SHA256") == 0)
  630. val |= WPA_KEY_MGMT_FILS_SHA256;
  631. else if (os_strcmp(start, "FILS-SHA384") == 0)
  632. val |= WPA_KEY_MGMT_FILS_SHA384;
  633. #ifdef CONFIG_IEEE80211R_AP
  634. else if (os_strcmp(start, "FT-FILS-SHA256") == 0)
  635. val |= WPA_KEY_MGMT_FT_FILS_SHA256;
  636. else if (os_strcmp(start, "FT-FILS-SHA384") == 0)
  637. val |= WPA_KEY_MGMT_FT_FILS_SHA384;
  638. #endif /* CONFIG_IEEE80211R_AP */
  639. #endif /* CONFIG_FILS */
  640. #ifdef CONFIG_OWE
  641. else if (os_strcmp(start, "OWE") == 0)
  642. val |= WPA_KEY_MGMT_OWE;
  643. #endif /* CONFIG_OWE */
  644. #ifdef CONFIG_DPP
  645. else if (os_strcmp(start, "DPP") == 0)
  646. val |= WPA_KEY_MGMT_DPP;
  647. #endif /* CONFIG_DPP */
  648. else {
  649. wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
  650. line, start);
  651. os_free(buf);
  652. return -1;
  653. }
  654. if (last)
  655. break;
  656. start = end + 1;
  657. }
  658. os_free(buf);
  659. if (val == 0) {
  660. wpa_printf(MSG_ERROR, "Line %d: no key_mgmt values "
  661. "configured.", line);
  662. return -1;
  663. }
  664. return val;
  665. }
  666. static int hostapd_config_parse_cipher(int line, const char *value)
  667. {
  668. int val = wpa_parse_cipher(value);
  669. if (val < 0) {
  670. wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
  671. line, value);
  672. return -1;
  673. }
  674. if (val == 0) {
  675. wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
  676. line);
  677. return -1;
  678. }
  679. return val;
  680. }
  681. static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
  682. char *val)
  683. {
  684. size_t len = os_strlen(val);
  685. if (keyidx < 0 || keyidx > 3)
  686. return -1;
  687. if (len == 0) {
  688. int i, set = 0;
  689. bin_clear_free(wep->key[keyidx], wep->len[keyidx]);
  690. wep->key[keyidx] = NULL;
  691. wep->len[keyidx] = 0;
  692. for (i = 0; i < NUM_WEP_KEYS; i++) {
  693. if (wep->key[i])
  694. set++;
  695. }
  696. if (!set)
  697. wep->keys_set = 0;
  698. return 0;
  699. }
  700. if (wep->key[keyidx] != NULL)
  701. return -1;
  702. if (val[0] == '"') {
  703. if (len < 2 || val[len - 1] != '"')
  704. return -1;
  705. len -= 2;
  706. wep->key[keyidx] = os_memdup(val + 1, len);
  707. if (wep->key[keyidx] == NULL)
  708. return -1;
  709. wep->len[keyidx] = len;
  710. } else {
  711. if (len & 1)
  712. return -1;
  713. len /= 2;
  714. wep->key[keyidx] = os_malloc(len);
  715. if (wep->key[keyidx] == NULL)
  716. return -1;
  717. wep->len[keyidx] = len;
  718. if (hexstr2bin(val, wep->key[keyidx], len) < 0)
  719. return -1;
  720. }
  721. wep->keys_set++;
  722. return 0;
  723. }
  724. static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val)
  725. {
  726. char *pos;
  727. /* for backwards compatibility, translate ' ' in conf str to ',' */
  728. pos = val;
  729. while (pos) {
  730. pos = os_strchr(pos, ' ');
  731. if (pos)
  732. *pos++ = ',';
  733. }
  734. if (freq_range_list_parse(&conf->acs_ch_list, val))
  735. return -1;
  736. return 0;
  737. }
  738. static int hostapd_parse_intlist(int **int_list, char *val)
  739. {
  740. int *list;
  741. int count;
  742. char *pos, *end;
  743. os_free(*int_list);
  744. *int_list = NULL;
  745. pos = val;
  746. count = 0;
  747. while (*pos != '\0') {
  748. if (*pos == ' ')
  749. count++;
  750. pos++;
  751. }
  752. list = os_malloc(sizeof(int) * (count + 2));
  753. if (list == NULL)
  754. return -1;
  755. pos = val;
  756. count = 0;
  757. while (*pos != '\0') {
  758. end = os_strchr(pos, ' ');
  759. if (end)
  760. *end = '\0';
  761. list[count++] = atoi(pos);
  762. if (!end)
  763. break;
  764. pos = end + 1;
  765. }
  766. list[count] = -1;
  767. *int_list = list;
  768. return 0;
  769. }
  770. static int hostapd_config_bss(struct hostapd_config *conf, const char *ifname)
  771. {
  772. struct hostapd_bss_config **all, *bss;
  773. if (*ifname == '\0')
  774. return -1;
  775. all = os_realloc_array(conf->bss, conf->num_bss + 1,
  776. sizeof(struct hostapd_bss_config *));
  777. if (all == NULL) {
  778. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  779. "multi-BSS entry");
  780. return -1;
  781. }
  782. conf->bss = all;
  783. bss = os_zalloc(sizeof(*bss));
  784. if (bss == NULL)
  785. return -1;
  786. bss->radius = os_zalloc(sizeof(*bss->radius));
  787. if (bss->radius == NULL) {
  788. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  789. "multi-BSS RADIUS data");
  790. os_free(bss);
  791. return -1;
  792. }
  793. conf->bss[conf->num_bss++] = bss;
  794. conf->last_bss = bss;
  795. hostapd_config_defaults_bss(bss);
  796. os_strlcpy(bss->iface, ifname, sizeof(bss->iface));
  797. os_memcpy(bss->ssid.vlan, bss->iface, IFNAMSIZ + 1);
  798. return 0;
  799. }
  800. /* convert floats with one decimal place to value*10 int, i.e.,
  801. * "1.5" will return 15 */
  802. static int hostapd_config_read_int10(const char *value)
  803. {
  804. int i, d;
  805. char *pos;
  806. i = atoi(value);
  807. pos = os_strchr(value, '.');
  808. d = 0;
  809. if (pos) {
  810. pos++;
  811. if (*pos >= '0' && *pos <= '9')
  812. d = *pos - '0';
  813. }
  814. return i * 10 + d;
  815. }
  816. static int valid_cw(int cw)
  817. {
  818. return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 ||
  819. cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023 ||
  820. cw == 2047 || cw == 4095 || cw == 8191 || cw == 16383 ||
  821. cw == 32767);
  822. }
  823. enum {
  824. IEEE80211_TX_QUEUE_DATA0 = 0, /* used for EDCA AC_VO data */
  825. IEEE80211_TX_QUEUE_DATA1 = 1, /* used for EDCA AC_VI data */
  826. IEEE80211_TX_QUEUE_DATA2 = 2, /* used for EDCA AC_BE data */
  827. IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */
  828. };
  829. static int hostapd_config_tx_queue(struct hostapd_config *conf,
  830. const char *name, const char *val)
  831. {
  832. int num;
  833. const char *pos;
  834. struct hostapd_tx_queue_params *queue;
  835. /* skip 'tx_queue_' prefix */
  836. pos = name + 9;
  837. if (os_strncmp(pos, "data", 4) == 0 &&
  838. pos[4] >= '0' && pos[4] <= '9' && pos[5] == '_') {
  839. num = pos[4] - '0';
  840. pos += 6;
  841. } else if (os_strncmp(pos, "after_beacon_", 13) == 0 ||
  842. os_strncmp(pos, "beacon_", 7) == 0) {
  843. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  844. return 0;
  845. } else {
  846. wpa_printf(MSG_ERROR, "Unknown tx_queue name '%s'", pos);
  847. return -1;
  848. }
  849. if (num >= NUM_TX_QUEUES) {
  850. /* for backwards compatibility, do not trigger failure */
  851. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  852. return 0;
  853. }
  854. queue = &conf->tx_queue[num];
  855. if (os_strcmp(pos, "aifs") == 0) {
  856. queue->aifs = atoi(val);
  857. if (queue->aifs < 0 || queue->aifs > 255) {
  858. wpa_printf(MSG_ERROR, "Invalid AIFS value %d",
  859. queue->aifs);
  860. return -1;
  861. }
  862. } else if (os_strcmp(pos, "cwmin") == 0) {
  863. queue->cwmin = atoi(val);
  864. if (!valid_cw(queue->cwmin)) {
  865. wpa_printf(MSG_ERROR, "Invalid cwMin value %d",
  866. queue->cwmin);
  867. return -1;
  868. }
  869. } else if (os_strcmp(pos, "cwmax") == 0) {
  870. queue->cwmax = atoi(val);
  871. if (!valid_cw(queue->cwmax)) {
  872. wpa_printf(MSG_ERROR, "Invalid cwMax value %d",
  873. queue->cwmax);
  874. return -1;
  875. }
  876. } else if (os_strcmp(pos, "burst") == 0) {
  877. queue->burst = hostapd_config_read_int10(val);
  878. } else {
  879. wpa_printf(MSG_ERROR, "Unknown tx_queue field '%s'", pos);
  880. return -1;
  881. }
  882. return 0;
  883. }
  884. #ifdef CONFIG_IEEE80211R_AP
  885. static int rkh_derive_key(const char *pos, u8 *key, size_t key_len)
  886. {
  887. u8 oldkey[16];
  888. int ret;
  889. if (!hexstr2bin(pos, key, key_len))
  890. return 0;
  891. /* Try to use old short key for backwards compatibility */
  892. if (hexstr2bin(pos, oldkey, sizeof(oldkey)))
  893. return -1;
  894. ret = hmac_sha256_kdf(oldkey, sizeof(oldkey), "FT OLDKEY", NULL, 0,
  895. key, key_len);
  896. os_memset(oldkey, 0, sizeof(oldkey));
  897. return ret;
  898. }
  899. static int add_r0kh(struct hostapd_bss_config *bss, char *value)
  900. {
  901. struct ft_remote_r0kh *r0kh;
  902. char *pos, *next;
  903. r0kh = os_zalloc(sizeof(*r0kh));
  904. if (r0kh == NULL)
  905. return -1;
  906. /* 02:01:02:03:04:05 a.example.com 000102030405060708090a0b0c0d0e0f */
  907. pos = value;
  908. next = os_strchr(pos, ' ');
  909. if (next)
  910. *next++ = '\0';
  911. if (next == NULL || hwaddr_aton(pos, r0kh->addr)) {
  912. wpa_printf(MSG_ERROR, "Invalid R0KH MAC address: '%s'", pos);
  913. os_free(r0kh);
  914. return -1;
  915. }
  916. pos = next;
  917. next = os_strchr(pos, ' ');
  918. if (next)
  919. *next++ = '\0';
  920. if (next == NULL || next - pos > FT_R0KH_ID_MAX_LEN) {
  921. wpa_printf(MSG_ERROR, "Invalid R0KH-ID: '%s'", pos);
  922. os_free(r0kh);
  923. return -1;
  924. }
  925. r0kh->id_len = next - pos - 1;
  926. os_memcpy(r0kh->id, pos, r0kh->id_len);
  927. pos = next;
  928. if (rkh_derive_key(pos, r0kh->key, sizeof(r0kh->key)) < 0) {
  929. wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos);
  930. os_free(r0kh);
  931. return -1;
  932. }
  933. r0kh->next = bss->r0kh_list;
  934. bss->r0kh_list = r0kh;
  935. return 0;
  936. }
  937. static int add_r1kh(struct hostapd_bss_config *bss, char *value)
  938. {
  939. struct ft_remote_r1kh *r1kh;
  940. char *pos, *next;
  941. r1kh = os_zalloc(sizeof(*r1kh));
  942. if (r1kh == NULL)
  943. return -1;
  944. /* 02:01:02:03:04:05 02:01:02:03:04:05
  945. * 000102030405060708090a0b0c0d0e0f */
  946. pos = value;
  947. next = os_strchr(pos, ' ');
  948. if (next)
  949. *next++ = '\0';
  950. if (next == NULL || hwaddr_aton(pos, r1kh->addr)) {
  951. wpa_printf(MSG_ERROR, "Invalid R1KH MAC address: '%s'", pos);
  952. os_free(r1kh);
  953. return -1;
  954. }
  955. pos = next;
  956. next = os_strchr(pos, ' ');
  957. if (next)
  958. *next++ = '\0';
  959. if (next == NULL || hwaddr_aton(pos, r1kh->id)) {
  960. wpa_printf(MSG_ERROR, "Invalid R1KH-ID: '%s'", pos);
  961. os_free(r1kh);
  962. return -1;
  963. }
  964. pos = next;
  965. if (rkh_derive_key(pos, r1kh->key, sizeof(r1kh->key)) < 0) {
  966. wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos);
  967. os_free(r1kh);
  968. return -1;
  969. }
  970. r1kh->next = bss->r1kh_list;
  971. bss->r1kh_list = r1kh;
  972. return 0;
  973. }
  974. #endif /* CONFIG_IEEE80211R_AP */
  975. #ifdef CONFIG_IEEE80211N
  976. static int hostapd_config_ht_capab(struct hostapd_config *conf,
  977. const char *capab)
  978. {
  979. if (os_strstr(capab, "[LDPC]"))
  980. conf->ht_capab |= HT_CAP_INFO_LDPC_CODING_CAP;
  981. if (os_strstr(capab, "[HT40-]")) {
  982. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  983. conf->secondary_channel = -1;
  984. }
  985. if (os_strstr(capab, "[HT40+]")) {
  986. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  987. conf->secondary_channel = 1;
  988. }
  989. if (os_strstr(capab, "[HT40+]") && os_strstr(capab, "[HT40-]")) {
  990. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  991. conf->ht40_plus_minus_allowed = 1;
  992. }
  993. if (os_strstr(capab, "[SMPS-STATIC]")) {
  994. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  995. conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC;
  996. }
  997. if (os_strstr(capab, "[SMPS-DYNAMIC]")) {
  998. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  999. conf->ht_capab |= HT_CAP_INFO_SMPS_DYNAMIC;
  1000. }
  1001. if (os_strstr(capab, "[GF]"))
  1002. conf->ht_capab |= HT_CAP_INFO_GREEN_FIELD;
  1003. if (os_strstr(capab, "[SHORT-GI-20]"))
  1004. conf->ht_capab |= HT_CAP_INFO_SHORT_GI20MHZ;
  1005. if (os_strstr(capab, "[SHORT-GI-40]"))
  1006. conf->ht_capab |= HT_CAP_INFO_SHORT_GI40MHZ;
  1007. if (os_strstr(capab, "[TX-STBC]"))
  1008. conf->ht_capab |= HT_CAP_INFO_TX_STBC;
  1009. if (os_strstr(capab, "[RX-STBC1]")) {
  1010. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  1011. conf->ht_capab |= HT_CAP_INFO_RX_STBC_1;
  1012. }
  1013. if (os_strstr(capab, "[RX-STBC12]")) {
  1014. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  1015. conf->ht_capab |= HT_CAP_INFO_RX_STBC_12;
  1016. }
  1017. if (os_strstr(capab, "[RX-STBC123]")) {
  1018. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  1019. conf->ht_capab |= HT_CAP_INFO_RX_STBC_123;
  1020. }
  1021. if (os_strstr(capab, "[DELAYED-BA]"))
  1022. conf->ht_capab |= HT_CAP_INFO_DELAYED_BA;
  1023. if (os_strstr(capab, "[MAX-AMSDU-7935]"))
  1024. conf->ht_capab |= HT_CAP_INFO_MAX_AMSDU_SIZE;
  1025. if (os_strstr(capab, "[DSSS_CCK-40]"))
  1026. conf->ht_capab |= HT_CAP_INFO_DSSS_CCK40MHZ;
  1027. if (os_strstr(capab, "[40-INTOLERANT]"))
  1028. conf->ht_capab |= HT_CAP_INFO_40MHZ_INTOLERANT;
  1029. if (os_strstr(capab, "[LSIG-TXOP-PROT]"))
  1030. conf->ht_capab |= HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT;
  1031. return 0;
  1032. }
  1033. #endif /* CONFIG_IEEE80211N */
  1034. #ifdef CONFIG_IEEE80211AC
  1035. static int hostapd_config_vht_capab(struct hostapd_config *conf,
  1036. const char *capab)
  1037. {
  1038. if (os_strstr(capab, "[MAX-MPDU-7991]"))
  1039. conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_7991;
  1040. if (os_strstr(capab, "[MAX-MPDU-11454]"))
  1041. conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_11454;
  1042. if (os_strstr(capab, "[VHT160]"))
  1043. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
  1044. if (os_strstr(capab, "[VHT160-80PLUS80]"))
  1045. conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
  1046. if (os_strstr(capab, "[RXLDPC]"))
  1047. conf->vht_capab |= VHT_CAP_RXLDPC;
  1048. if (os_strstr(capab, "[SHORT-GI-80]"))
  1049. conf->vht_capab |= VHT_CAP_SHORT_GI_80;
  1050. if (os_strstr(capab, "[SHORT-GI-160]"))
  1051. conf->vht_capab |= VHT_CAP_SHORT_GI_160;
  1052. if (os_strstr(capab, "[TX-STBC-2BY1]"))
  1053. conf->vht_capab |= VHT_CAP_TXSTBC;
  1054. if (os_strstr(capab, "[RX-STBC-1]"))
  1055. conf->vht_capab |= VHT_CAP_RXSTBC_1;
  1056. if (os_strstr(capab, "[RX-STBC-12]"))
  1057. conf->vht_capab |= VHT_CAP_RXSTBC_2;
  1058. if (os_strstr(capab, "[RX-STBC-123]"))
  1059. conf->vht_capab |= VHT_CAP_RXSTBC_3;
  1060. if (os_strstr(capab, "[RX-STBC-1234]"))
  1061. conf->vht_capab |= VHT_CAP_RXSTBC_4;
  1062. if (os_strstr(capab, "[SU-BEAMFORMER]"))
  1063. conf->vht_capab |= VHT_CAP_SU_BEAMFORMER_CAPABLE;
  1064. if (os_strstr(capab, "[SU-BEAMFORMEE]"))
  1065. conf->vht_capab |= VHT_CAP_SU_BEAMFORMEE_CAPABLE;
  1066. if (os_strstr(capab, "[BF-ANTENNA-2]") &&
  1067. (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
  1068. conf->vht_capab |= (1 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
  1069. if (os_strstr(capab, "[BF-ANTENNA-3]") &&
  1070. (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
  1071. conf->vht_capab |= (2 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
  1072. if (os_strstr(capab, "[BF-ANTENNA-4]") &&
  1073. (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE))
  1074. conf->vht_capab |= (3 << VHT_CAP_BEAMFORMEE_STS_OFFSET);
  1075. if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") &&
  1076. (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
  1077. conf->vht_capab |= (1 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
  1078. if (os_strstr(capab, "[SOUNDING-DIMENSION-3]") &&
  1079. (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
  1080. conf->vht_capab |= (2 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
  1081. if (os_strstr(capab, "[SOUNDING-DIMENSION-4]") &&
  1082. (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE))
  1083. conf->vht_capab |= (3 << VHT_CAP_SOUNDING_DIMENSION_OFFSET);
  1084. if (os_strstr(capab, "[MU-BEAMFORMER]"))
  1085. conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE;
  1086. if (os_strstr(capab, "[VHT-TXOP-PS]"))
  1087. conf->vht_capab |= VHT_CAP_VHT_TXOP_PS;
  1088. if (os_strstr(capab, "[HTC-VHT]"))
  1089. conf->vht_capab |= VHT_CAP_HTC_VHT;
  1090. if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP7]"))
  1091. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
  1092. else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP6]"))
  1093. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_6;
  1094. else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP5]"))
  1095. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_5;
  1096. else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP4]"))
  1097. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_4;
  1098. else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP3]"))
  1099. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_3;
  1100. else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP2]"))
  1101. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_2;
  1102. else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP1]"))
  1103. conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_1;
  1104. if (os_strstr(capab, "[VHT-LINK-ADAPT2]") &&
  1105. (conf->vht_capab & VHT_CAP_HTC_VHT))
  1106. conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB;
  1107. if (os_strstr(capab, "[VHT-LINK-ADAPT3]") &&
  1108. (conf->vht_capab & VHT_CAP_HTC_VHT))
  1109. conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB;
  1110. if (os_strstr(capab, "[RX-ANTENNA-PATTERN]"))
  1111. conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN;
  1112. if (os_strstr(capab, "[TX-ANTENNA-PATTERN]"))
  1113. conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN;
  1114. return 0;
  1115. }
  1116. #endif /* CONFIG_IEEE80211AC */
  1117. #ifdef CONFIG_INTERWORKING
  1118. static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos,
  1119. int line)
  1120. {
  1121. size_t len = os_strlen(pos);
  1122. u8 oi[MAX_ROAMING_CONSORTIUM_LEN];
  1123. struct hostapd_roaming_consortium *rc;
  1124. if ((len & 1) || len < 2 * 3 || len / 2 > MAX_ROAMING_CONSORTIUM_LEN ||
  1125. hexstr2bin(pos, oi, len / 2)) {
  1126. wpa_printf(MSG_ERROR, "Line %d: invalid roaming_consortium "
  1127. "'%s'", line, pos);
  1128. return -1;
  1129. }
  1130. len /= 2;
  1131. rc = os_realloc_array(bss->roaming_consortium,
  1132. bss->roaming_consortium_count + 1,
  1133. sizeof(struct hostapd_roaming_consortium));
  1134. if (rc == NULL)
  1135. return -1;
  1136. os_memcpy(rc[bss->roaming_consortium_count].oi, oi, len);
  1137. rc[bss->roaming_consortium_count].len = len;
  1138. bss->roaming_consortium = rc;
  1139. bss->roaming_consortium_count++;
  1140. return 0;
  1141. }
  1142. static int parse_lang_string(struct hostapd_lang_string **array,
  1143. unsigned int *count, char *pos)
  1144. {
  1145. char *sep, *str = NULL;
  1146. size_t clen, nlen, slen;
  1147. struct hostapd_lang_string *ls;
  1148. int ret = -1;
  1149. if (*pos == '"' || (*pos == 'P' && pos[1] == '"')) {
  1150. str = wpa_config_parse_string(pos, &slen);
  1151. if (!str)
  1152. return -1;
  1153. pos = str;
  1154. }
  1155. sep = os_strchr(pos, ':');
  1156. if (sep == NULL)
  1157. goto fail;
  1158. *sep++ = '\0';
  1159. clen = os_strlen(pos);
  1160. if (clen < 2 || clen > sizeof(ls->lang))
  1161. goto fail;
  1162. nlen = os_strlen(sep);
  1163. if (nlen > 252)
  1164. goto fail;
  1165. ls = os_realloc_array(*array, *count + 1,
  1166. sizeof(struct hostapd_lang_string));
  1167. if (ls == NULL)
  1168. goto fail;
  1169. *array = ls;
  1170. ls = &(*array)[*count];
  1171. (*count)++;
  1172. os_memset(ls->lang, 0, sizeof(ls->lang));
  1173. os_memcpy(ls->lang, pos, clen);
  1174. ls->name_len = nlen;
  1175. os_memcpy(ls->name, sep, nlen);
  1176. ret = 0;
  1177. fail:
  1178. os_free(str);
  1179. return ret;
  1180. }
  1181. static int parse_venue_name(struct hostapd_bss_config *bss, char *pos,
  1182. int line)
  1183. {
  1184. if (parse_lang_string(&bss->venue_name, &bss->venue_name_count, pos)) {
  1185. wpa_printf(MSG_ERROR, "Line %d: Invalid venue_name '%s'",
  1186. line, pos);
  1187. return -1;
  1188. }
  1189. return 0;
  1190. }
  1191. static int parse_venue_url(struct hostapd_bss_config *bss, char *pos,
  1192. int line)
  1193. {
  1194. char *sep;
  1195. size_t nlen;
  1196. struct hostapd_venue_url *url;
  1197. int ret = -1;
  1198. sep = os_strchr(pos, ':');
  1199. if (!sep)
  1200. goto fail;
  1201. *sep++ = '\0';
  1202. nlen = os_strlen(sep);
  1203. if (nlen > 254)
  1204. goto fail;
  1205. url = os_realloc_array(bss->venue_url, bss->venue_url_count + 1,
  1206. sizeof(struct hostapd_venue_url));
  1207. if (!url)
  1208. goto fail;
  1209. bss->venue_url = url;
  1210. url = &bss->venue_url[bss->venue_url_count++];
  1211. url->venue_number = atoi(pos);
  1212. url->url_len = nlen;
  1213. os_memcpy(url->url, sep, nlen);
  1214. ret = 0;
  1215. fail:
  1216. if (ret)
  1217. wpa_printf(MSG_ERROR, "Line %d: Invalid venue_url '%s'",
  1218. line, pos);
  1219. return ret;
  1220. }
  1221. static int parse_3gpp_cell_net(struct hostapd_bss_config *bss, char *buf,
  1222. int line)
  1223. {
  1224. size_t count;
  1225. char *pos;
  1226. u8 *info = NULL, *ipos;
  1227. /* format: <MCC1,MNC1>[;<MCC2,MNC2>][;...] */
  1228. count = 1;
  1229. for (pos = buf; *pos; pos++) {
  1230. if ((*pos < '0' || *pos > '9') && *pos != ';' && *pos != ',')
  1231. goto fail;
  1232. if (*pos == ';')
  1233. count++;
  1234. }
  1235. if (1 + count * 3 > 0x7f)
  1236. goto fail;
  1237. info = os_zalloc(2 + 3 + count * 3);
  1238. if (info == NULL)
  1239. return -1;
  1240. ipos = info;
  1241. *ipos++ = 0; /* GUD - Version 1 */
  1242. *ipos++ = 3 + count * 3; /* User Data Header Length (UDHL) */
  1243. *ipos++ = 0; /* PLMN List IEI */
  1244. /* ext(b8) | Length of PLMN List value contents(b7..1) */
  1245. *ipos++ = 1 + count * 3;
  1246. *ipos++ = count; /* Number of PLMNs */
  1247. pos = buf;
  1248. while (pos && *pos) {
  1249. char *mcc, *mnc;
  1250. size_t mnc_len;
  1251. mcc = pos;
  1252. mnc = os_strchr(pos, ',');
  1253. if (mnc == NULL)
  1254. goto fail;
  1255. *mnc++ = '\0';
  1256. pos = os_strchr(mnc, ';');
  1257. if (pos)
  1258. *pos++ = '\0';
  1259. mnc_len = os_strlen(mnc);
  1260. if (os_strlen(mcc) != 3 || (mnc_len != 2 && mnc_len != 3))
  1261. goto fail;
  1262. /* BC coded MCC,MNC */
  1263. /* MCC digit 2 | MCC digit 1 */
  1264. *ipos++ = ((mcc[1] - '0') << 4) | (mcc[0] - '0');
  1265. /* MNC digit 3 | MCC digit 3 */
  1266. *ipos++ = (((mnc_len == 2) ? 0xf0 : ((mnc[2] - '0') << 4))) |
  1267. (mcc[2] - '0');
  1268. /* MNC digit 2 | MNC digit 1 */
  1269. *ipos++ = ((mnc[1] - '0') << 4) | (mnc[0] - '0');
  1270. }
  1271. os_free(bss->anqp_3gpp_cell_net);
  1272. bss->anqp_3gpp_cell_net = info;
  1273. bss->anqp_3gpp_cell_net_len = 2 + 3 + 3 * count;
  1274. wpa_hexdump(MSG_MSGDUMP, "3GPP Cellular Network information",
  1275. bss->anqp_3gpp_cell_net, bss->anqp_3gpp_cell_net_len);
  1276. return 0;
  1277. fail:
  1278. wpa_printf(MSG_ERROR, "Line %d: Invalid anqp_3gpp_cell_net: %s",
  1279. line, buf);
  1280. os_free(info);
  1281. return -1;
  1282. }
  1283. static int parse_nai_realm(struct hostapd_bss_config *bss, char *buf, int line)
  1284. {
  1285. struct hostapd_nai_realm_data *realm;
  1286. size_t i, j, len;
  1287. int *offsets;
  1288. char *pos, *end, *rpos;
  1289. offsets = os_calloc(bss->nai_realm_count * MAX_NAI_REALMS,
  1290. sizeof(int));
  1291. if (offsets == NULL)
  1292. return -1;
  1293. for (i = 0; i < bss->nai_realm_count; i++) {
  1294. realm = &bss->nai_realm_data[i];
  1295. for (j = 0; j < MAX_NAI_REALMS; j++) {
  1296. offsets[i * MAX_NAI_REALMS + j] =
  1297. realm->realm[j] ?
  1298. realm->realm[j] - realm->realm_buf : -1;
  1299. }
  1300. }
  1301. realm = os_realloc_array(bss->nai_realm_data, bss->nai_realm_count + 1,
  1302. sizeof(struct hostapd_nai_realm_data));
  1303. if (realm == NULL) {
  1304. os_free(offsets);
  1305. return -1;
  1306. }
  1307. bss->nai_realm_data = realm;
  1308. /* patch the pointers after realloc */
  1309. for (i = 0; i < bss->nai_realm_count; i++) {
  1310. realm = &bss->nai_realm_data[i];
  1311. for (j = 0; j < MAX_NAI_REALMS; j++) {
  1312. int offs = offsets[i * MAX_NAI_REALMS + j];
  1313. if (offs >= 0)
  1314. realm->realm[j] = realm->realm_buf + offs;
  1315. else
  1316. realm->realm[j] = NULL;
  1317. }
  1318. }
  1319. os_free(offsets);
  1320. realm = &bss->nai_realm_data[bss->nai_realm_count];
  1321. os_memset(realm, 0, sizeof(*realm));
  1322. pos = buf;
  1323. realm->encoding = atoi(pos);
  1324. pos = os_strchr(pos, ',');
  1325. if (pos == NULL)
  1326. goto fail;
  1327. pos++;
  1328. end = os_strchr(pos, ',');
  1329. if (end) {
  1330. len = end - pos;
  1331. *end = '\0';
  1332. } else {
  1333. len = os_strlen(pos);
  1334. }
  1335. if (len > MAX_NAI_REALMLEN) {
  1336. wpa_printf(MSG_ERROR, "Too long a realm string (%d > max %d "
  1337. "characters)", (int) len, MAX_NAI_REALMLEN);
  1338. goto fail;
  1339. }
  1340. os_memcpy(realm->realm_buf, pos, len);
  1341. if (end)
  1342. pos = end + 1;
  1343. else
  1344. pos = NULL;
  1345. while (pos && *pos) {
  1346. struct hostapd_nai_realm_eap *eap;
  1347. if (realm->eap_method_count >= MAX_NAI_EAP_METHODS) {
  1348. wpa_printf(MSG_ERROR, "Too many EAP methods");
  1349. goto fail;
  1350. }
  1351. eap = &realm->eap_method[realm->eap_method_count];
  1352. realm->eap_method_count++;
  1353. end = os_strchr(pos, ',');
  1354. if (end == NULL)
  1355. end = pos + os_strlen(pos);
  1356. eap->eap_method = atoi(pos);
  1357. for (;;) {
  1358. pos = os_strchr(pos, '[');
  1359. if (pos == NULL || pos > end)
  1360. break;
  1361. pos++;
  1362. if (eap->num_auths >= MAX_NAI_AUTH_TYPES) {
  1363. wpa_printf(MSG_ERROR, "Too many auth params");
  1364. goto fail;
  1365. }
  1366. eap->auth_id[eap->num_auths] = atoi(pos);
  1367. pos = os_strchr(pos, ':');
  1368. if (pos == NULL || pos > end)
  1369. goto fail;
  1370. pos++;
  1371. eap->auth_val[eap->num_auths] = atoi(pos);
  1372. pos = os_strchr(pos, ']');
  1373. if (pos == NULL || pos > end)
  1374. goto fail;
  1375. pos++;
  1376. eap->num_auths++;
  1377. }
  1378. if (*end != ',')
  1379. break;
  1380. pos = end + 1;
  1381. }
  1382. /* Split realm list into null terminated realms */
  1383. rpos = realm->realm_buf;
  1384. i = 0;
  1385. while (*rpos) {
  1386. if (i >= MAX_NAI_REALMS) {
  1387. wpa_printf(MSG_ERROR, "Too many realms");
  1388. goto fail;
  1389. }
  1390. realm->realm[i++] = rpos;
  1391. rpos = os_strchr(rpos, ';');
  1392. if (rpos == NULL)
  1393. break;
  1394. *rpos++ = '\0';
  1395. }
  1396. bss->nai_realm_count++;
  1397. return 0;
  1398. fail:
  1399. wpa_printf(MSG_ERROR, "Line %d: invalid nai_realm '%s'", line, buf);
  1400. return -1;
  1401. }
  1402. static int parse_anqp_elem(struct hostapd_bss_config *bss, char *buf, int line)
  1403. {
  1404. char *delim;
  1405. u16 infoid;
  1406. size_t len;
  1407. struct wpabuf *payload;
  1408. struct anqp_element *elem;
  1409. delim = os_strchr(buf, ':');
  1410. if (!delim)
  1411. return -1;
  1412. delim++;
  1413. infoid = atoi(buf);
  1414. len = os_strlen(delim);
  1415. if (len & 1)
  1416. return -1;
  1417. len /= 2;
  1418. payload = wpabuf_alloc(len);
  1419. if (!payload)
  1420. return -1;
  1421. if (hexstr2bin(delim, wpabuf_put(payload, len), len) < 0) {
  1422. wpabuf_free(payload);
  1423. return -1;
  1424. }
  1425. dl_list_for_each(elem, &bss->anqp_elem, struct anqp_element, list) {
  1426. if (elem->infoid == infoid) {
  1427. /* Update existing entry */
  1428. wpabuf_free(elem->payload);
  1429. elem->payload = payload;
  1430. return 0;
  1431. }
  1432. }
  1433. /* Add a new entry */
  1434. elem = os_zalloc(sizeof(*elem));
  1435. if (!elem) {
  1436. wpabuf_free(payload);
  1437. return -1;
  1438. }
  1439. elem->infoid = infoid;
  1440. elem->payload = payload;
  1441. dl_list_add(&bss->anqp_elem, &elem->list);
  1442. return 0;
  1443. }
  1444. static int parse_qos_map_set(struct hostapd_bss_config *bss,
  1445. char *buf, int line)
  1446. {
  1447. u8 qos_map_set[16 + 2 * 21], count = 0;
  1448. char *pos = buf;
  1449. int val;
  1450. for (;;) {
  1451. if (count == sizeof(qos_map_set)) {
  1452. wpa_printf(MSG_ERROR, "Line %d: Too many qos_map_set "
  1453. "parameters '%s'", line, buf);
  1454. return -1;
  1455. }
  1456. val = atoi(pos);
  1457. if (val > 255 || val < 0) {
  1458. wpa_printf(MSG_ERROR, "Line %d: Invalid qos_map_set "
  1459. "'%s'", line, buf);
  1460. return -1;
  1461. }
  1462. qos_map_set[count++] = val;
  1463. pos = os_strchr(pos, ',');
  1464. if (!pos)
  1465. break;
  1466. pos++;
  1467. }
  1468. if (count < 16 || count & 1) {
  1469. wpa_printf(MSG_ERROR, "Line %d: Invalid qos_map_set '%s'",
  1470. line, buf);
  1471. return -1;
  1472. }
  1473. os_memcpy(bss->qos_map_set, qos_map_set, count);
  1474. bss->qos_map_set_len = count;
  1475. return 0;
  1476. }
  1477. #endif /* CONFIG_INTERWORKING */
  1478. #ifdef CONFIG_HS20
  1479. static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf,
  1480. int line)
  1481. {
  1482. u8 *conn_cap;
  1483. char *pos;
  1484. if (bss->hs20_connection_capability_len >= 0xfff0)
  1485. return -1;
  1486. conn_cap = os_realloc(bss->hs20_connection_capability,
  1487. bss->hs20_connection_capability_len + 4);
  1488. if (conn_cap == NULL)
  1489. return -1;
  1490. bss->hs20_connection_capability = conn_cap;
  1491. conn_cap += bss->hs20_connection_capability_len;
  1492. pos = buf;
  1493. conn_cap[0] = atoi(pos);
  1494. pos = os_strchr(pos, ':');
  1495. if (pos == NULL)
  1496. return -1;
  1497. pos++;
  1498. WPA_PUT_LE16(conn_cap + 1, atoi(pos));
  1499. pos = os_strchr(pos, ':');
  1500. if (pos == NULL)
  1501. return -1;
  1502. pos++;
  1503. conn_cap[3] = atoi(pos);
  1504. bss->hs20_connection_capability_len += 4;
  1505. return 0;
  1506. }
  1507. static int hs20_parse_wan_metrics(struct hostapd_bss_config *bss, char *buf,
  1508. int line)
  1509. {
  1510. u8 *wan_metrics;
  1511. char *pos;
  1512. /* <WAN Info>:<DL Speed>:<UL Speed>:<DL Load>:<UL Load>:<LMD> */
  1513. wan_metrics = os_zalloc(13);
  1514. if (wan_metrics == NULL)
  1515. return -1;
  1516. pos = buf;
  1517. /* WAN Info */
  1518. if (hexstr2bin(pos, wan_metrics, 1) < 0)
  1519. goto fail;
  1520. pos += 2;
  1521. if (*pos != ':')
  1522. goto fail;
  1523. pos++;
  1524. /* Downlink Speed */
  1525. WPA_PUT_LE32(wan_metrics + 1, atoi(pos));
  1526. pos = os_strchr(pos, ':');
  1527. if (pos == NULL)
  1528. goto fail;
  1529. pos++;
  1530. /* Uplink Speed */
  1531. WPA_PUT_LE32(wan_metrics + 5, atoi(pos));
  1532. pos = os_strchr(pos, ':');
  1533. if (pos == NULL)
  1534. goto fail;
  1535. pos++;
  1536. /* Downlink Load */
  1537. wan_metrics[9] = atoi(pos);
  1538. pos = os_strchr(pos, ':');
  1539. if (pos == NULL)
  1540. goto fail;
  1541. pos++;
  1542. /* Uplink Load */
  1543. wan_metrics[10] = atoi(pos);
  1544. pos = os_strchr(pos, ':');
  1545. if (pos == NULL)
  1546. goto fail;
  1547. pos++;
  1548. /* LMD */
  1549. WPA_PUT_LE16(wan_metrics + 11, atoi(pos));
  1550. os_free(bss->hs20_wan_metrics);
  1551. bss->hs20_wan_metrics = wan_metrics;
  1552. return 0;
  1553. fail:
  1554. wpa_printf(MSG_ERROR, "Line %d: Invalid hs20_wan_metrics '%s'",
  1555. line, buf);
  1556. os_free(wan_metrics);
  1557. return -1;
  1558. }
  1559. static int hs20_parse_oper_friendly_name(struct hostapd_bss_config *bss,
  1560. char *pos, int line)
  1561. {
  1562. if (parse_lang_string(&bss->hs20_oper_friendly_name,
  1563. &bss->hs20_oper_friendly_name_count, pos)) {
  1564. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1565. "hs20_oper_friendly_name '%s'", line, pos);
  1566. return -1;
  1567. }
  1568. return 0;
  1569. }
  1570. static int hs20_parse_icon(struct hostapd_bss_config *bss, char *pos)
  1571. {
  1572. struct hs20_icon *icon;
  1573. char *end;
  1574. icon = os_realloc_array(bss->hs20_icons, bss->hs20_icons_count + 1,
  1575. sizeof(struct hs20_icon));
  1576. if (icon == NULL)
  1577. return -1;
  1578. bss->hs20_icons = icon;
  1579. icon = &bss->hs20_icons[bss->hs20_icons_count];
  1580. os_memset(icon, 0, sizeof(*icon));
  1581. icon->width = atoi(pos);
  1582. pos = os_strchr(pos, ':');
  1583. if (pos == NULL)
  1584. return -1;
  1585. pos++;
  1586. icon->height = atoi(pos);
  1587. pos = os_strchr(pos, ':');
  1588. if (pos == NULL)
  1589. return -1;
  1590. pos++;
  1591. end = os_strchr(pos, ':');
  1592. if (end == NULL || end - pos > 3)
  1593. return -1;
  1594. os_memcpy(icon->language, pos, end - pos);
  1595. pos = end + 1;
  1596. end = os_strchr(pos, ':');
  1597. if (end == NULL || end - pos > 255)
  1598. return -1;
  1599. os_memcpy(icon->type, pos, end - pos);
  1600. pos = end + 1;
  1601. end = os_strchr(pos, ':');
  1602. if (end == NULL || end - pos > 255)
  1603. return -1;
  1604. os_memcpy(icon->name, pos, end - pos);
  1605. pos = end + 1;
  1606. if (os_strlen(pos) > 255)
  1607. return -1;
  1608. os_memcpy(icon->file, pos, os_strlen(pos));
  1609. bss->hs20_icons_count++;
  1610. return 0;
  1611. }
  1612. static int hs20_parse_osu_ssid(struct hostapd_bss_config *bss,
  1613. char *pos, int line)
  1614. {
  1615. size_t slen;
  1616. char *str;
  1617. str = wpa_config_parse_string(pos, &slen);
  1618. if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
  1619. wpa_printf(MSG_ERROR, "Line %d: Invalid SSID '%s'", line, pos);
  1620. os_free(str);
  1621. return -1;
  1622. }
  1623. os_memcpy(bss->osu_ssid, str, slen);
  1624. bss->osu_ssid_len = slen;
  1625. os_free(str);
  1626. return 0;
  1627. }
  1628. static int hs20_parse_osu_server_uri(struct hostapd_bss_config *bss,
  1629. char *pos, int line)
  1630. {
  1631. struct hs20_osu_provider *p;
  1632. p = os_realloc_array(bss->hs20_osu_providers,
  1633. bss->hs20_osu_providers_count + 1, sizeof(*p));
  1634. if (p == NULL)
  1635. return -1;
  1636. bss->hs20_osu_providers = p;
  1637. bss->last_osu = &bss->hs20_osu_providers[bss->hs20_osu_providers_count];
  1638. bss->hs20_osu_providers_count++;
  1639. os_memset(bss->last_osu, 0, sizeof(*p));
  1640. bss->last_osu->server_uri = os_strdup(pos);
  1641. return 0;
  1642. }
  1643. static int hs20_parse_osu_friendly_name(struct hostapd_bss_config *bss,
  1644. char *pos, int line)
  1645. {
  1646. if (bss->last_osu == NULL) {
  1647. wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line);
  1648. return -1;
  1649. }
  1650. if (parse_lang_string(&bss->last_osu->friendly_name,
  1651. &bss->last_osu->friendly_name_count, pos)) {
  1652. wpa_printf(MSG_ERROR, "Line %d: Invalid osu_friendly_name '%s'",
  1653. line, pos);
  1654. return -1;
  1655. }
  1656. return 0;
  1657. }
  1658. static int hs20_parse_osu_nai(struct hostapd_bss_config *bss,
  1659. char *pos, int line)
  1660. {
  1661. if (bss->last_osu == NULL) {
  1662. wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line);
  1663. return -1;
  1664. }
  1665. os_free(bss->last_osu->osu_nai);
  1666. bss->last_osu->osu_nai = os_strdup(pos);
  1667. if (bss->last_osu->osu_nai == NULL)
  1668. return -1;
  1669. return 0;
  1670. }
  1671. static int hs20_parse_osu_method_list(struct hostapd_bss_config *bss, char *pos,
  1672. int line)
  1673. {
  1674. if (bss->last_osu == NULL) {
  1675. wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line);
  1676. return -1;
  1677. }
  1678. if (hostapd_parse_intlist(&bss->last_osu->method_list, pos)) {
  1679. wpa_printf(MSG_ERROR, "Line %d: Invalid osu_method_list", line);
  1680. return -1;
  1681. }
  1682. return 0;
  1683. }
  1684. static int hs20_parse_osu_icon(struct hostapd_bss_config *bss, char *pos,
  1685. int line)
  1686. {
  1687. char **n;
  1688. struct hs20_osu_provider *p = bss->last_osu;
  1689. if (p == NULL) {
  1690. wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line);
  1691. return -1;
  1692. }
  1693. n = os_realloc_array(p->icons, p->icons_count + 1, sizeof(char *));
  1694. if (n == NULL)
  1695. return -1;
  1696. p->icons = n;
  1697. p->icons[p->icons_count] = os_strdup(pos);
  1698. if (p->icons[p->icons_count] == NULL)
  1699. return -1;
  1700. p->icons_count++;
  1701. return 0;
  1702. }
  1703. static int hs20_parse_osu_service_desc(struct hostapd_bss_config *bss,
  1704. char *pos, int line)
  1705. {
  1706. if (bss->last_osu == NULL) {
  1707. wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line);
  1708. return -1;
  1709. }
  1710. if (parse_lang_string(&bss->last_osu->service_desc,
  1711. &bss->last_osu->service_desc_count, pos)) {
  1712. wpa_printf(MSG_ERROR, "Line %d: Invalid osu_service_desc '%s'",
  1713. line, pos);
  1714. return -1;
  1715. }
  1716. return 0;
  1717. }
  1718. #endif /* CONFIG_HS20 */
  1719. #ifdef CONFIG_ACS
  1720. static int hostapd_config_parse_acs_chan_bias(struct hostapd_config *conf,
  1721. char *pos)
  1722. {
  1723. struct acs_bias *bias = NULL, *tmp;
  1724. unsigned int num = 0;
  1725. char *end;
  1726. while (*pos) {
  1727. tmp = os_realloc_array(bias, num + 1, sizeof(*bias));
  1728. if (!tmp)
  1729. goto fail;
  1730. bias = tmp;
  1731. bias[num].channel = atoi(pos);
  1732. if (bias[num].channel <= 0)
  1733. goto fail;
  1734. pos = os_strchr(pos, ':');
  1735. if (!pos)
  1736. goto fail;
  1737. pos++;
  1738. bias[num].bias = strtod(pos, &end);
  1739. if (end == pos || bias[num].bias < 0.0)
  1740. goto fail;
  1741. pos = end;
  1742. if (*pos != ' ' && *pos != '\0')
  1743. goto fail;
  1744. num++;
  1745. }
  1746. os_free(conf->acs_chan_bias);
  1747. conf->acs_chan_bias = bias;
  1748. conf->num_acs_chan_bias = num;
  1749. return 0;
  1750. fail:
  1751. os_free(bias);
  1752. return -1;
  1753. }
  1754. #endif /* CONFIG_ACS */
  1755. static int parse_wpabuf_hex(int line, const char *name, struct wpabuf **buf,
  1756. const char *val)
  1757. {
  1758. struct wpabuf *elems;
  1759. if (val[0] == '\0') {
  1760. wpabuf_free(*buf);
  1761. *buf = NULL;
  1762. return 0;
  1763. }
  1764. elems = wpabuf_parse_bin(val);
  1765. if (!elems) {
  1766. wpa_printf(MSG_ERROR, "Line %d: Invalid %s '%s'",
  1767. line, name, val);
  1768. return -1;
  1769. }
  1770. wpabuf_free(*buf);
  1771. *buf = elems;
  1772. return 0;
  1773. }
  1774. #ifdef CONFIG_FILS
  1775. static int parse_fils_realm(struct hostapd_bss_config *bss, const char *val)
  1776. {
  1777. struct fils_realm *realm;
  1778. size_t len;
  1779. len = os_strlen(val);
  1780. realm = os_zalloc(sizeof(*realm) + len + 1);
  1781. if (!realm)
  1782. return -1;
  1783. os_memcpy(realm->realm, val, len);
  1784. if (fils_domain_name_hash(val, realm->hash) < 0) {
  1785. os_free(realm);
  1786. return -1;
  1787. }
  1788. dl_list_add_tail(&bss->fils_realms, &realm->list);
  1789. return 0;
  1790. }
  1791. #endif /* CONFIG_FILS */
  1792. #ifdef EAP_SERVER
  1793. static unsigned int parse_tls_flags(const char *val)
  1794. {
  1795. unsigned int flags = 0;
  1796. if (os_strstr(val, "[ALLOW-SIGN-RSA-MD5]"))
  1797. flags |= TLS_CONN_ALLOW_SIGN_RSA_MD5;
  1798. if (os_strstr(val, "[DISABLE-TIME-CHECKS]"))
  1799. flags |= TLS_CONN_DISABLE_TIME_CHECKS;
  1800. if (os_strstr(val, "[DISABLE-TLSv1.0]"))
  1801. flags |= TLS_CONN_DISABLE_TLSv1_0;
  1802. if (os_strstr(val, "[DISABLE-TLSv1.1]"))
  1803. flags |= TLS_CONN_DISABLE_TLSv1_1;
  1804. if (os_strstr(val, "[DISABLE-TLSv1.2]"))
  1805. flags |= TLS_CONN_DISABLE_TLSv1_2;
  1806. if (os_strstr(val, "[SUITEB]"))
  1807. flags |= TLS_CONN_SUITEB;
  1808. if (os_strstr(val, "[SUITEB-NO-ECDH]"))
  1809. flags |= TLS_CONN_SUITEB_NO_ECDH | TLS_CONN_SUITEB;
  1810. return flags;
  1811. }
  1812. #endif /* EAP_SERVER */
  1813. static int hostapd_config_fill(struct hostapd_config *conf,
  1814. struct hostapd_bss_config *bss,
  1815. const char *buf, char *pos, int line)
  1816. {
  1817. if (os_strcmp(buf, "interface") == 0) {
  1818. os_strlcpy(conf->bss[0]->iface, pos,
  1819. sizeof(conf->bss[0]->iface));
  1820. } else if (os_strcmp(buf, "bridge") == 0) {
  1821. os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
  1822. } else if (os_strcmp(buf, "vlan_bridge") == 0) {
  1823. os_strlcpy(bss->vlan_bridge, pos, sizeof(bss->vlan_bridge));
  1824. } else if (os_strcmp(buf, "wds_bridge") == 0) {
  1825. os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge));
  1826. } else if (os_strcmp(buf, "driver") == 0) {
  1827. int j;
  1828. const struct wpa_driver_ops *driver = NULL;
  1829. for (j = 0; wpa_drivers[j]; j++) {
  1830. if (os_strcmp(pos, wpa_drivers[j]->name) == 0) {
  1831. driver = wpa_drivers[j];
  1832. break;
  1833. }
  1834. }
  1835. if (!driver) {
  1836. wpa_printf(MSG_ERROR,
  1837. "Line %d: invalid/unknown driver '%s'",
  1838. line, pos);
  1839. return 1;
  1840. }
  1841. conf->driver = driver;
  1842. } else if (os_strcmp(buf, "driver_params") == 0) {
  1843. os_free(conf->driver_params);
  1844. conf->driver_params = os_strdup(pos);
  1845. } else if (os_strcmp(buf, "debug") == 0) {
  1846. wpa_printf(MSG_DEBUG, "Line %d: DEPRECATED: 'debug' configuration variable is not used anymore",
  1847. line);
  1848. } else if (os_strcmp(buf, "logger_syslog_level") == 0) {
  1849. bss->logger_syslog_level = atoi(pos);
  1850. } else if (os_strcmp(buf, "logger_stdout_level") == 0) {
  1851. bss->logger_stdout_level = atoi(pos);
  1852. } else if (os_strcmp(buf, "logger_syslog") == 0) {
  1853. bss->logger_syslog = atoi(pos);
  1854. } else if (os_strcmp(buf, "logger_stdout") == 0) {
  1855. bss->logger_stdout = atoi(pos);
  1856. } else if (os_strcmp(buf, "dump_file") == 0) {
  1857. wpa_printf(MSG_INFO, "Line %d: DEPRECATED: 'dump_file' configuration variable is not used anymore",
  1858. line);
  1859. } else if (os_strcmp(buf, "ssid") == 0) {
  1860. bss->ssid.ssid_len = os_strlen(pos);
  1861. if (bss->ssid.ssid_len > SSID_MAX_LEN ||
  1862. bss->ssid.ssid_len < 1) {
  1863. wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
  1864. line, pos);
  1865. return 1;
  1866. }
  1867. os_memcpy(bss->ssid.ssid, pos, bss->ssid.ssid_len);
  1868. bss->ssid.ssid_set = 1;
  1869. } else if (os_strcmp(buf, "ssid2") == 0) {
  1870. size_t slen;
  1871. char *str = wpa_config_parse_string(pos, &slen);
  1872. if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) {
  1873. wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
  1874. line, pos);
  1875. os_free(str);
  1876. return 1;
  1877. }
  1878. os_memcpy(bss->ssid.ssid, str, slen);
  1879. bss->ssid.ssid_len = slen;
  1880. bss->ssid.ssid_set = 1;
  1881. os_free(str);
  1882. } else if (os_strcmp(buf, "utf8_ssid") == 0) {
  1883. bss->ssid.utf8_ssid = atoi(pos) > 0;
  1884. } else if (os_strcmp(buf, "macaddr_acl") == 0) {
  1885. enum macaddr_acl acl = atoi(pos);
  1886. if (acl != ACCEPT_UNLESS_DENIED &&
  1887. acl != DENY_UNLESS_ACCEPTED &&
  1888. acl != USE_EXTERNAL_RADIUS_AUTH) {
  1889. wpa_printf(MSG_ERROR, "Line %d: unknown macaddr_acl %d",
  1890. line, acl);
  1891. return 1;
  1892. }
  1893. bss->macaddr_acl = acl;
  1894. } else if (os_strcmp(buf, "accept_mac_file") == 0) {
  1895. if (hostapd_config_read_maclist(pos, &bss->accept_mac,
  1896. &bss->num_accept_mac)) {
  1897. wpa_printf(MSG_ERROR, "Line %d: Failed to read accept_mac_file '%s'",
  1898. line, pos);
  1899. return 1;
  1900. }
  1901. } else if (os_strcmp(buf, "deny_mac_file") == 0) {
  1902. if (hostapd_config_read_maclist(pos, &bss->deny_mac,
  1903. &bss->num_deny_mac)) {
  1904. wpa_printf(MSG_ERROR, "Line %d: Failed to read deny_mac_file '%s'",
  1905. line, pos);
  1906. return 1;
  1907. }
  1908. } else if (os_strcmp(buf, "wds_sta") == 0) {
  1909. bss->wds_sta = atoi(pos);
  1910. } else if (os_strcmp(buf, "start_disabled") == 0) {
  1911. bss->start_disabled = atoi(pos);
  1912. } else if (os_strcmp(buf, "ap_isolate") == 0) {
  1913. bss->isolate = atoi(pos);
  1914. } else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
  1915. bss->ap_max_inactivity = atoi(pos);
  1916. } else if (os_strcmp(buf, "skip_inactivity_poll") == 0) {
  1917. bss->skip_inactivity_poll = atoi(pos);
  1918. } else if (os_strcmp(buf, "country_code") == 0) {
  1919. os_memcpy(conf->country, pos, 2);
  1920. } else if (os_strcmp(buf, "country3") == 0) {
  1921. conf->country[2] = strtol(pos, NULL, 16);
  1922. } else if (os_strcmp(buf, "ieee80211d") == 0) {
  1923. conf->ieee80211d = atoi(pos);
  1924. } else if (os_strcmp(buf, "ieee80211h") == 0) {
  1925. conf->ieee80211h = atoi(pos);
  1926. } else if (os_strcmp(buf, "ieee8021x") == 0) {
  1927. bss->ieee802_1x = atoi(pos);
  1928. } else if (os_strcmp(buf, "eapol_version") == 0) {
  1929. int eapol_version = atoi(pos);
  1930. if (eapol_version < 1 || eapol_version > 2) {
  1931. wpa_printf(MSG_ERROR,
  1932. "Line %d: invalid EAPOL version (%d): '%s'.",
  1933. line, eapol_version, pos);
  1934. return 1;
  1935. }
  1936. bss->eapol_version = eapol_version;
  1937. wpa_printf(MSG_DEBUG, "eapol_version=%d", bss->eapol_version);
  1938. #ifdef EAP_SERVER
  1939. } else if (os_strcmp(buf, "eap_authenticator") == 0) {
  1940. bss->eap_server = atoi(pos);
  1941. wpa_printf(MSG_ERROR, "Line %d: obsolete eap_authenticator used; this has been renamed to eap_server", line);
  1942. } else if (os_strcmp(buf, "eap_server") == 0) {
  1943. bss->eap_server = atoi(pos);
  1944. } else if (os_strcmp(buf, "eap_user_file") == 0) {
  1945. if (hostapd_config_read_eap_user(pos, bss))
  1946. return 1;
  1947. } else if (os_strcmp(buf, "ca_cert") == 0) {
  1948. os_free(bss->ca_cert);
  1949. bss->ca_cert = os_strdup(pos);
  1950. } else if (os_strcmp(buf, "server_cert") == 0) {
  1951. os_free(bss->server_cert);
  1952. bss->server_cert = os_strdup(pos);
  1953. } else if (os_strcmp(buf, "private_key") == 0) {
  1954. os_free(bss->private_key);
  1955. bss->private_key = os_strdup(pos);
  1956. } else if (os_strcmp(buf, "private_key_passwd") == 0) {
  1957. os_free(bss->private_key_passwd);
  1958. bss->private_key_passwd = os_strdup(pos);
  1959. } else if (os_strcmp(buf, "check_crl") == 0) {
  1960. bss->check_crl = atoi(pos);
  1961. } else if (os_strcmp(buf, "tls_session_lifetime") == 0) {
  1962. bss->tls_session_lifetime = atoi(pos);
  1963. } else if (os_strcmp(buf, "tls_flags") == 0) {
  1964. bss->tls_flags = parse_tls_flags(pos);
  1965. } else if (os_strcmp(buf, "ocsp_stapling_response") == 0) {
  1966. os_free(bss->ocsp_stapling_response);
  1967. bss->ocsp_stapling_response = os_strdup(pos);
  1968. } else if (os_strcmp(buf, "ocsp_stapling_response_multi") == 0) {
  1969. os_free(bss->ocsp_stapling_response_multi);
  1970. bss->ocsp_stapling_response_multi = os_strdup(pos);
  1971. } else if (os_strcmp(buf, "dh_file") == 0) {
  1972. os_free(bss->dh_file);
  1973. bss->dh_file = os_strdup(pos);
  1974. } else if (os_strcmp(buf, "openssl_ciphers") == 0) {
  1975. os_free(bss->openssl_ciphers);
  1976. bss->openssl_ciphers = os_strdup(pos);
  1977. } else if (os_strcmp(buf, "fragment_size") == 0) {
  1978. bss->fragment_size = atoi(pos);
  1979. #ifdef EAP_SERVER_FAST
  1980. } else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
  1981. os_free(bss->pac_opaque_encr_key);
  1982. bss->pac_opaque_encr_key = os_malloc(16);
  1983. if (bss->pac_opaque_encr_key == NULL) {
  1984. wpa_printf(MSG_ERROR,
  1985. "Line %d: No memory for pac_opaque_encr_key",
  1986. line);
  1987. return 1;
  1988. } else if (hexstr2bin(pos, bss->pac_opaque_encr_key, 16)) {
  1989. wpa_printf(MSG_ERROR, "Line %d: Invalid pac_opaque_encr_key",
  1990. line);
  1991. return 1;
  1992. }
  1993. } else if (os_strcmp(buf, "eap_fast_a_id") == 0) {
  1994. size_t idlen = os_strlen(pos);
  1995. if (idlen & 1) {
  1996. wpa_printf(MSG_ERROR, "Line %d: Invalid eap_fast_a_id",
  1997. line);
  1998. return 1;
  1999. }
  2000. os_free(bss->eap_fast_a_id);
  2001. bss->eap_fast_a_id = os_malloc(idlen / 2);
  2002. if (bss->eap_fast_a_id == NULL ||
  2003. hexstr2bin(pos, bss->eap_fast_a_id, idlen / 2)) {
  2004. wpa_printf(MSG_ERROR, "Line %d: Failed to parse eap_fast_a_id",
  2005. line);
  2006. os_free(bss->eap_fast_a_id);
  2007. bss->eap_fast_a_id = NULL;
  2008. return 1;
  2009. } else {
  2010. bss->eap_fast_a_id_len = idlen / 2;
  2011. }
  2012. } else if (os_strcmp(buf, "eap_fast_a_id_info") == 0) {
  2013. os_free(bss->eap_fast_a_id_info);
  2014. bss->eap_fast_a_id_info = os_strdup(pos);
  2015. } else if (os_strcmp(buf, "eap_fast_prov") == 0) {
  2016. bss->eap_fast_prov = atoi(pos);
  2017. } else if (os_strcmp(buf, "pac_key_lifetime") == 0) {
  2018. bss->pac_key_lifetime = atoi(pos);
  2019. } else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
  2020. bss->pac_key_refresh_time = atoi(pos);
  2021. #endif /* EAP_SERVER_FAST */
  2022. #ifdef EAP_SERVER_SIM
  2023. } else if (os_strcmp(buf, "eap_sim_db") == 0) {
  2024. os_free(bss->eap_sim_db);
  2025. bss->eap_sim_db = os_strdup(pos);
  2026. } else if (os_strcmp(buf, "eap_sim_db_timeout") == 0) {
  2027. bss->eap_sim_db_timeout = atoi(pos);
  2028. } else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
  2029. bss->eap_sim_aka_result_ind = atoi(pos);
  2030. #endif /* EAP_SERVER_SIM */
  2031. #ifdef EAP_SERVER_TNC
  2032. } else if (os_strcmp(buf, "tnc") == 0) {
  2033. bss->tnc = atoi(pos);
  2034. #endif /* EAP_SERVER_TNC */
  2035. #ifdef EAP_SERVER_PWD
  2036. } else if (os_strcmp(buf, "pwd_group") == 0) {
  2037. bss->pwd_group = atoi(pos);
  2038. #endif /* EAP_SERVER_PWD */
  2039. #ifdef CONFIG_ERP
  2040. } else if (os_strcmp(buf, "eap_server_erp") == 0) {
  2041. bss->eap_server_erp = atoi(pos);
  2042. #endif /* CONFIG_ERP */
  2043. #endif /* EAP_SERVER */
  2044. } else if (os_strcmp(buf, "eap_message") == 0) {
  2045. char *term;
  2046. os_free(bss->eap_req_id_text);
  2047. bss->eap_req_id_text = os_strdup(pos);
  2048. if (bss->eap_req_id_text == NULL) {
  2049. wpa_printf(MSG_ERROR, "Line %d: Failed to allocate memory for eap_req_id_text",
  2050. line);
  2051. return 1;
  2052. }
  2053. bss->eap_req_id_text_len = os_strlen(bss->eap_req_id_text);
  2054. term = os_strstr(bss->eap_req_id_text, "\\0");
  2055. if (term) {
  2056. *term++ = '\0';
  2057. os_memmove(term, term + 1,
  2058. bss->eap_req_id_text_len -
  2059. (term - bss->eap_req_id_text) - 1);
  2060. bss->eap_req_id_text_len--;
  2061. }
  2062. } else if (os_strcmp(buf, "erp_send_reauth_start") == 0) {
  2063. bss->erp_send_reauth_start = atoi(pos);
  2064. } else if (os_strcmp(buf, "erp_domain") == 0) {
  2065. os_free(bss->erp_domain);
  2066. bss->erp_domain = os_strdup(pos);
  2067. } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
  2068. int val = atoi(pos);
  2069. if (val < 0 || val > 13) {
  2070. wpa_printf(MSG_ERROR,
  2071. "Line %d: invalid WEP key len %d (= %d bits)",
  2072. line, val, val * 8);
  2073. return 1;
  2074. }
  2075. bss->default_wep_key_len = val;
  2076. } else if (os_strcmp(buf, "wep_key_len_unicast") == 0) {
  2077. int val = atoi(pos);
  2078. if (val < 0 || val > 13) {
  2079. wpa_printf(MSG_ERROR,
  2080. "Line %d: invalid WEP key len %d (= %d bits)",
  2081. line, val, val * 8);
  2082. return 1;
  2083. }
  2084. bss->individual_wep_key_len = val;
  2085. } else if (os_strcmp(buf, "wep_rekey_period") == 0) {
  2086. bss->wep_rekeying_period = atoi(pos);
  2087. if (bss->wep_rekeying_period < 0) {
  2088. wpa_printf(MSG_ERROR, "Line %d: invalid period %d",
  2089. line, bss->wep_rekeying_period);
  2090. return 1;
  2091. }
  2092. } else if (os_strcmp(buf, "eap_reauth_period") == 0) {
  2093. bss->eap_reauth_period = atoi(pos);
  2094. if (bss->eap_reauth_period < 0) {
  2095. wpa_printf(MSG_ERROR, "Line %d: invalid period %d",
  2096. line, bss->eap_reauth_period);
  2097. return 1;
  2098. }
  2099. } else if (os_strcmp(buf, "eapol_key_index_workaround") == 0) {
  2100. bss->eapol_key_index_workaround = atoi(pos);
  2101. #ifdef CONFIG_IAPP
  2102. } else if (os_strcmp(buf, "iapp_interface") == 0) {
  2103. bss->ieee802_11f = 1;
  2104. os_strlcpy(bss->iapp_iface, pos, sizeof(bss->iapp_iface));
  2105. #endif /* CONFIG_IAPP */
  2106. } else if (os_strcmp(buf, "own_ip_addr") == 0) {
  2107. if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
  2108. wpa_printf(MSG_ERROR,
  2109. "Line %d: invalid IP address '%s'",
  2110. line, pos);
  2111. return 1;
  2112. }
  2113. } else if (os_strcmp(buf, "nas_identifier") == 0) {
  2114. os_free(bss->nas_identifier);
  2115. bss->nas_identifier = os_strdup(pos);
  2116. #ifndef CONFIG_NO_RADIUS
  2117. } else if (os_strcmp(buf, "radius_client_addr") == 0) {
  2118. if (hostapd_parse_ip_addr(pos, &bss->radius->client_addr)) {
  2119. wpa_printf(MSG_ERROR,
  2120. "Line %d: invalid IP address '%s'",
  2121. line, pos);
  2122. return 1;
  2123. }
  2124. bss->radius->force_client_addr = 1;
  2125. } else if (os_strcmp(buf, "auth_server_addr") == 0) {
  2126. if (hostapd_config_read_radius_addr(
  2127. &bss->radius->auth_servers,
  2128. &bss->radius->num_auth_servers, pos, 1812,
  2129. &bss->radius->auth_server)) {
  2130. wpa_printf(MSG_ERROR,
  2131. "Line %d: invalid IP address '%s'",
  2132. line, pos);
  2133. return 1;
  2134. }
  2135. } else if (bss->radius->auth_server &&
  2136. os_strcmp(buf, "auth_server_addr_replace") == 0) {
  2137. if (hostapd_parse_ip_addr(pos,
  2138. &bss->radius->auth_server->addr)) {
  2139. wpa_printf(MSG_ERROR,
  2140. "Line %d: invalid IP address '%s'",
  2141. line, pos);
  2142. return 1;
  2143. }
  2144. } else if (bss->radius->auth_server &&
  2145. os_strcmp(buf, "auth_server_port") == 0) {
  2146. bss->radius->auth_server->port = atoi(pos);
  2147. } else if (bss->radius->auth_server &&
  2148. os_strcmp(buf, "auth_server_shared_secret") == 0) {
  2149. int len = os_strlen(pos);
  2150. if (len == 0) {
  2151. /* RFC 2865, Ch. 3 */
  2152. wpa_printf(MSG_ERROR, "Line %d: empty shared secret is not allowed",
  2153. line);
  2154. return 1;
  2155. }
  2156. os_free(bss->radius->auth_server->shared_secret);
  2157. bss->radius->auth_server->shared_secret = (u8 *) os_strdup(pos);
  2158. bss->radius->auth_server->shared_secret_len = len;
  2159. } else if (os_strcmp(buf, "acct_server_addr") == 0) {
  2160. if (hostapd_config_read_radius_addr(
  2161. &bss->radius->acct_servers,
  2162. &bss->radius->num_acct_servers, pos, 1813,
  2163. &bss->radius->acct_server)) {
  2164. wpa_printf(MSG_ERROR,
  2165. "Line %d: invalid IP address '%s'",
  2166. line, pos);
  2167. return 1;
  2168. }
  2169. } else if (bss->radius->acct_server &&
  2170. os_strcmp(buf, "acct_server_addr_replace") == 0) {
  2171. if (hostapd_parse_ip_addr(pos,
  2172. &bss->radius->acct_server->addr)) {
  2173. wpa_printf(MSG_ERROR,
  2174. "Line %d: invalid IP address '%s'",
  2175. line, pos);
  2176. return 1;
  2177. }
  2178. } else if (bss->radius->acct_server &&
  2179. os_strcmp(buf, "acct_server_port") == 0) {
  2180. bss->radius->acct_server->port = atoi(pos);
  2181. } else if (bss->radius->acct_server &&
  2182. os_strcmp(buf, "acct_server_shared_secret") == 0) {
  2183. int len = os_strlen(pos);
  2184. if (len == 0) {
  2185. /* RFC 2865, Ch. 3 */
  2186. wpa_printf(MSG_ERROR, "Line %d: empty shared secret is not allowed",
  2187. line);
  2188. return 1;
  2189. }
  2190. os_free(bss->radius->acct_server->shared_secret);
  2191. bss->radius->acct_server->shared_secret = (u8 *) os_strdup(pos);
  2192. bss->radius->acct_server->shared_secret_len = len;
  2193. } else if (os_strcmp(buf, "radius_retry_primary_interval") == 0) {
  2194. bss->radius->retry_primary_interval = atoi(pos);
  2195. } else if (os_strcmp(buf, "radius_acct_interim_interval") == 0) {
  2196. bss->acct_interim_interval = atoi(pos);
  2197. } else if (os_strcmp(buf, "radius_request_cui") == 0) {
  2198. bss->radius_request_cui = atoi(pos);
  2199. } else if (os_strcmp(buf, "radius_auth_req_attr") == 0) {
  2200. struct hostapd_radius_attr *attr, *a;
  2201. attr = hostapd_parse_radius_attr(pos);
  2202. if (attr == NULL) {
  2203. wpa_printf(MSG_ERROR,
  2204. "Line %d: invalid radius_auth_req_attr",
  2205. line);
  2206. return 1;
  2207. } else if (bss->radius_auth_req_attr == NULL) {
  2208. bss->radius_auth_req_attr = attr;
  2209. } else {
  2210. a = bss->radius_auth_req_attr;
  2211. while (a->next)
  2212. a = a->next;
  2213. a->next = attr;
  2214. }
  2215. } else if (os_strcmp(buf, "radius_acct_req_attr") == 0) {
  2216. struct hostapd_radius_attr *attr, *a;
  2217. attr = hostapd_parse_radius_attr(pos);
  2218. if (attr == NULL) {
  2219. wpa_printf(MSG_ERROR,
  2220. "Line %d: invalid radius_acct_req_attr",
  2221. line);
  2222. return 1;
  2223. } else if (bss->radius_acct_req_attr == NULL) {
  2224. bss->radius_acct_req_attr = attr;
  2225. } else {
  2226. a = bss->radius_acct_req_attr;
  2227. while (a->next)
  2228. a = a->next;
  2229. a->next = attr;
  2230. }
  2231. } else if (os_strcmp(buf, "radius_das_port") == 0) {
  2232. bss->radius_das_port = atoi(pos);
  2233. } else if (os_strcmp(buf, "radius_das_client") == 0) {
  2234. if (hostapd_parse_das_client(bss, pos) < 0) {
  2235. wpa_printf(MSG_ERROR, "Line %d: invalid DAS client",
  2236. line);
  2237. return 1;
  2238. }
  2239. } else if (os_strcmp(buf, "radius_das_time_window") == 0) {
  2240. bss->radius_das_time_window = atoi(pos);
  2241. } else if (os_strcmp(buf, "radius_das_require_event_timestamp") == 0) {
  2242. bss->radius_das_require_event_timestamp = atoi(pos);
  2243. } else if (os_strcmp(buf, "radius_das_require_message_authenticator") ==
  2244. 0) {
  2245. bss->radius_das_require_message_authenticator = atoi(pos);
  2246. #endif /* CONFIG_NO_RADIUS */
  2247. } else if (os_strcmp(buf, "auth_algs") == 0) {
  2248. bss->auth_algs = atoi(pos);
  2249. if (bss->auth_algs == 0) {
  2250. wpa_printf(MSG_ERROR, "Line %d: no authentication algorithms allowed",
  2251. line);
  2252. return 1;
  2253. }
  2254. } else if (os_strcmp(buf, "max_num_sta") == 0) {
  2255. bss->max_num_sta = atoi(pos);
  2256. if (bss->max_num_sta < 0 ||
  2257. bss->max_num_sta > MAX_STA_COUNT) {
  2258. wpa_printf(MSG_ERROR, "Line %d: Invalid max_num_sta=%d; allowed range 0..%d",
  2259. line, bss->max_num_sta, MAX_STA_COUNT);
  2260. return 1;
  2261. }
  2262. } else if (os_strcmp(buf, "wpa") == 0) {
  2263. bss->wpa = atoi(pos);
  2264. } else if (os_strcmp(buf, "wpa_group_rekey") == 0) {
  2265. bss->wpa_group_rekey = atoi(pos);
  2266. bss->wpa_group_rekey_set = 1;
  2267. } else if (os_strcmp(buf, "wpa_strict_rekey") == 0) {
  2268. bss->wpa_strict_rekey = atoi(pos);
  2269. } else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) {
  2270. bss->wpa_gmk_rekey = atoi(pos);
  2271. } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) {
  2272. bss->wpa_ptk_rekey = atoi(pos);
  2273. } else if (os_strcmp(buf, "wpa_group_update_count") == 0) {
  2274. char *endp;
  2275. unsigned long val = strtoul(pos, &endp, 0);
  2276. if (*endp || val < 1 || val > (u32) -1) {
  2277. wpa_printf(MSG_ERROR,
  2278. "Line %d: Invalid wpa_group_update_count=%lu; allowed range 1..4294967295",
  2279. line, val);
  2280. return 1;
  2281. }
  2282. bss->wpa_group_update_count = (u32) val;
  2283. } else if (os_strcmp(buf, "wpa_pairwise_update_count") == 0) {
  2284. char *endp;
  2285. unsigned long val = strtoul(pos, &endp, 0);
  2286. if (*endp || val < 1 || val > (u32) -1) {
  2287. wpa_printf(MSG_ERROR,
  2288. "Line %d: Invalid wpa_pairwise_update_count=%lu; allowed range 1..4294967295",
  2289. line, val);
  2290. return 1;
  2291. }
  2292. bss->wpa_pairwise_update_count = (u32) val;
  2293. } else if (os_strcmp(buf, "wpa_disable_eapol_key_retries") == 0) {
  2294. bss->wpa_disable_eapol_key_retries = atoi(pos);
  2295. } else if (os_strcmp(buf, "wpa_passphrase") == 0) {
  2296. int len = os_strlen(pos);
  2297. if (len < 8 || len > 63) {
  2298. wpa_printf(MSG_ERROR, "Line %d: invalid WPA passphrase length %d (expected 8..63)",
  2299. line, len);
  2300. return 1;
  2301. }
  2302. os_free(bss->ssid.wpa_passphrase);
  2303. bss->ssid.wpa_passphrase = os_strdup(pos);
  2304. if (bss->ssid.wpa_passphrase) {
  2305. hostapd_config_clear_wpa_psk(&bss->ssid.wpa_psk);
  2306. bss->ssid.wpa_passphrase_set = 1;
  2307. }
  2308. } else if (os_strcmp(buf, "wpa_psk") == 0) {
  2309. hostapd_config_clear_wpa_psk(&bss->ssid.wpa_psk);
  2310. bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk));
  2311. if (bss->ssid.wpa_psk == NULL)
  2312. return 1;
  2313. if (hexstr2bin(pos, bss->ssid.wpa_psk->psk, PMK_LEN) ||
  2314. pos[PMK_LEN * 2] != '\0') {
  2315. wpa_printf(MSG_ERROR, "Line %d: Invalid PSK '%s'.",
  2316. line, pos);
  2317. hostapd_config_clear_wpa_psk(&bss->ssid.wpa_psk);
  2318. return 1;
  2319. }
  2320. bss->ssid.wpa_psk->group = 1;
  2321. os_free(bss->ssid.wpa_passphrase);
  2322. bss->ssid.wpa_passphrase = NULL;
  2323. bss->ssid.wpa_psk_set = 1;
  2324. } else if (os_strcmp(buf, "wpa_psk_file") == 0) {
  2325. os_free(bss->ssid.wpa_psk_file);
  2326. bss->ssid.wpa_psk_file = os_strdup(pos);
  2327. if (!bss->ssid.wpa_psk_file) {
  2328. wpa_printf(MSG_ERROR, "Line %d: allocation failed",
  2329. line);
  2330. return 1;
  2331. }
  2332. } else if (os_strcmp(buf, "wpa_key_mgmt") == 0) {
  2333. bss->wpa_key_mgmt = hostapd_config_parse_key_mgmt(line, pos);
  2334. if (bss->wpa_key_mgmt == -1)
  2335. return 1;
  2336. } else if (os_strcmp(buf, "wpa_psk_radius") == 0) {
  2337. bss->wpa_psk_radius = atoi(pos);
  2338. if (bss->wpa_psk_radius != PSK_RADIUS_IGNORED &&
  2339. bss->wpa_psk_radius != PSK_RADIUS_ACCEPTED &&
  2340. bss->wpa_psk_radius != PSK_RADIUS_REQUIRED) {
  2341. wpa_printf(MSG_ERROR,
  2342. "Line %d: unknown wpa_psk_radius %d",
  2343. line, bss->wpa_psk_radius);
  2344. return 1;
  2345. }
  2346. } else if (os_strcmp(buf, "wpa_pairwise") == 0) {
  2347. bss->wpa_pairwise = hostapd_config_parse_cipher(line, pos);
  2348. if (bss->wpa_pairwise == -1 || bss->wpa_pairwise == 0)
  2349. return 1;
  2350. if (bss->wpa_pairwise &
  2351. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)) {
  2352. wpa_printf(MSG_ERROR, "Line %d: unsupported pairwise cipher suite '%s'",
  2353. line, pos);
  2354. return 1;
  2355. }
  2356. } else if (os_strcmp(buf, "rsn_pairwise") == 0) {
  2357. bss->rsn_pairwise = hostapd_config_parse_cipher(line, pos);
  2358. if (bss->rsn_pairwise == -1 || bss->rsn_pairwise == 0)
  2359. return 1;
  2360. if (bss->rsn_pairwise &
  2361. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)) {
  2362. wpa_printf(MSG_ERROR, "Line %d: unsupported pairwise cipher suite '%s'",
  2363. line, pos);
  2364. return 1;
  2365. }
  2366. } else if (os_strcmp(buf, "group_cipher") == 0) {
  2367. bss->group_cipher = hostapd_config_parse_cipher(line, pos);
  2368. if (bss->group_cipher == -1 || bss->group_cipher == 0)
  2369. return 1;
  2370. if (bss->group_cipher != WPA_CIPHER_TKIP &&
  2371. bss->group_cipher != WPA_CIPHER_CCMP &&
  2372. bss->group_cipher != WPA_CIPHER_GCMP &&
  2373. bss->group_cipher != WPA_CIPHER_GCMP_256 &&
  2374. bss->group_cipher != WPA_CIPHER_CCMP_256) {
  2375. wpa_printf(MSG_ERROR,
  2376. "Line %d: unsupported group cipher suite '%s'",
  2377. line, pos);
  2378. return 1;
  2379. }
  2380. #ifdef CONFIG_RSN_PREAUTH
  2381. } else if (os_strcmp(buf, "rsn_preauth") == 0) {
  2382. bss->rsn_preauth = atoi(pos);
  2383. } else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) {
  2384. os_free(bss->rsn_preauth_interfaces);
  2385. bss->rsn_preauth_interfaces = os_strdup(pos);
  2386. #endif /* CONFIG_RSN_PREAUTH */
  2387. } else if (os_strcmp(buf, "peerkey") == 0) {
  2388. wpa_printf(MSG_INFO,
  2389. "Line %d: Obsolete peerkey parameter ignored", line);
  2390. #ifdef CONFIG_IEEE80211R_AP
  2391. } else if (os_strcmp(buf, "mobility_domain") == 0) {
  2392. if (os_strlen(pos) != 2 * MOBILITY_DOMAIN_ID_LEN ||
  2393. hexstr2bin(pos, bss->mobility_domain,
  2394. MOBILITY_DOMAIN_ID_LEN) != 0) {
  2395. wpa_printf(MSG_ERROR,
  2396. "Line %d: Invalid mobility_domain '%s'",
  2397. line, pos);
  2398. return 1;
  2399. }
  2400. } else if (os_strcmp(buf, "r1_key_holder") == 0) {
  2401. if (os_strlen(pos) != 2 * FT_R1KH_ID_LEN ||
  2402. hexstr2bin(pos, bss->r1_key_holder, FT_R1KH_ID_LEN) != 0) {
  2403. wpa_printf(MSG_ERROR,
  2404. "Line %d: Invalid r1_key_holder '%s'",
  2405. line, pos);
  2406. return 1;
  2407. }
  2408. } else if (os_strcmp(buf, "r0_key_lifetime") == 0) {
  2409. bss->r0_key_lifetime = atoi(pos);
  2410. } else if (os_strcmp(buf, "reassociation_deadline") == 0) {
  2411. bss->reassociation_deadline = atoi(pos);
  2412. } else if (os_strcmp(buf, "rkh_pos_timeout") == 0) {
  2413. bss->rkh_pos_timeout = atoi(pos);
  2414. } else if (os_strcmp(buf, "rkh_neg_timeout") == 0) {
  2415. bss->rkh_neg_timeout = atoi(pos);
  2416. } else if (os_strcmp(buf, "rkh_pull_timeout") == 0) {
  2417. bss->rkh_pull_timeout = atoi(pos);
  2418. } else if (os_strcmp(buf, "rkh_pull_retries") == 0) {
  2419. bss->rkh_pull_retries = atoi(pos);
  2420. } else if (os_strcmp(buf, "r0kh") == 0) {
  2421. if (add_r0kh(bss, pos) < 0) {
  2422. wpa_printf(MSG_DEBUG, "Line %d: Invalid r0kh '%s'",
  2423. line, pos);
  2424. return 1;
  2425. }
  2426. } else if (os_strcmp(buf, "r1kh") == 0) {
  2427. if (add_r1kh(bss, pos) < 0) {
  2428. wpa_printf(MSG_DEBUG, "Line %d: Invalid r1kh '%s'",
  2429. line, pos);
  2430. return 1;
  2431. }
  2432. } else if (os_strcmp(buf, "pmk_r1_push") == 0) {
  2433. bss->pmk_r1_push = atoi(pos);
  2434. } else if (os_strcmp(buf, "ft_over_ds") == 0) {
  2435. bss->ft_over_ds = atoi(pos);
  2436. } else if (os_strcmp(buf, "ft_psk_generate_local") == 0) {
  2437. bss->ft_psk_generate_local = atoi(pos);
  2438. #endif /* CONFIG_IEEE80211R_AP */
  2439. #ifndef CONFIG_NO_CTRL_IFACE
  2440. } else if (os_strcmp(buf, "ctrl_interface") == 0) {
  2441. os_free(bss->ctrl_interface);
  2442. bss->ctrl_interface = os_strdup(pos);
  2443. } else if (os_strcmp(buf, "ctrl_interface_group") == 0) {
  2444. #ifndef CONFIG_NATIVE_WINDOWS
  2445. struct group *grp;
  2446. char *endp;
  2447. const char *group = pos;
  2448. grp = getgrnam(group);
  2449. if (grp) {
  2450. bss->ctrl_interface_gid = grp->gr_gid;
  2451. bss->ctrl_interface_gid_set = 1;
  2452. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d (from group name '%s')",
  2453. bss->ctrl_interface_gid, group);
  2454. return 0;
  2455. }
  2456. /* Group name not found - try to parse this as gid */
  2457. bss->ctrl_interface_gid = strtol(group, &endp, 10);
  2458. if (*group == '\0' || *endp != '\0') {
  2459. wpa_printf(MSG_DEBUG, "Line %d: Invalid group '%s'",
  2460. line, group);
  2461. return 1;
  2462. }
  2463. bss->ctrl_interface_gid_set = 1;
  2464. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d",
  2465. bss->ctrl_interface_gid);
  2466. #endif /* CONFIG_NATIVE_WINDOWS */
  2467. #endif /* CONFIG_NO_CTRL_IFACE */
  2468. #ifdef RADIUS_SERVER
  2469. } else if (os_strcmp(buf, "radius_server_clients") == 0) {
  2470. os_free(bss->radius_server_clients);
  2471. bss->radius_server_clients = os_strdup(pos);
  2472. } else if (os_strcmp(buf, "radius_server_auth_port") == 0) {
  2473. bss->radius_server_auth_port = atoi(pos);
  2474. } else if (os_strcmp(buf, "radius_server_acct_port") == 0) {
  2475. bss->radius_server_acct_port = atoi(pos);
  2476. } else if (os_strcmp(buf, "radius_server_ipv6") == 0) {
  2477. bss->radius_server_ipv6 = atoi(pos);
  2478. #endif /* RADIUS_SERVER */
  2479. } else if (os_strcmp(buf, "use_pae_group_addr") == 0) {
  2480. bss->use_pae_group_addr = atoi(pos);
  2481. } else if (os_strcmp(buf, "hw_mode") == 0) {
  2482. if (os_strcmp(pos, "a") == 0)
  2483. conf->hw_mode = HOSTAPD_MODE_IEEE80211A;
  2484. else if (os_strcmp(pos, "b") == 0)
  2485. conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
  2486. else if (os_strcmp(pos, "g") == 0)
  2487. conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
  2488. else if (os_strcmp(pos, "ad") == 0)
  2489. conf->hw_mode = HOSTAPD_MODE_IEEE80211AD;
  2490. else if (os_strcmp(pos, "any") == 0)
  2491. conf->hw_mode = HOSTAPD_MODE_IEEE80211ANY;
  2492. else {
  2493. wpa_printf(MSG_ERROR, "Line %d: unknown hw_mode '%s'",
  2494. line, pos);
  2495. return 1;
  2496. }
  2497. } else if (os_strcmp(buf, "wps_rf_bands") == 0) {
  2498. if (os_strcmp(pos, "ad") == 0)
  2499. bss->wps_rf_bands = WPS_RF_60GHZ;
  2500. else if (os_strcmp(pos, "a") == 0)
  2501. bss->wps_rf_bands = WPS_RF_50GHZ;
  2502. else if (os_strcmp(pos, "g") == 0 ||
  2503. os_strcmp(pos, "b") == 0)
  2504. bss->wps_rf_bands = WPS_RF_24GHZ;
  2505. else if (os_strcmp(pos, "ag") == 0 ||
  2506. os_strcmp(pos, "ga") == 0)
  2507. bss->wps_rf_bands = WPS_RF_24GHZ | WPS_RF_50GHZ;
  2508. else {
  2509. wpa_printf(MSG_ERROR,
  2510. "Line %d: unknown wps_rf_band '%s'",
  2511. line, pos);
  2512. return 1;
  2513. }
  2514. } else if (os_strcmp(buf, "acs_exclude_dfs") == 0) {
  2515. conf->acs_exclude_dfs = atoi(pos);
  2516. } else if (os_strcmp(buf, "channel") == 0) {
  2517. if (os_strcmp(pos, "acs_survey") == 0) {
  2518. #ifndef CONFIG_ACS
  2519. wpa_printf(MSG_ERROR, "Line %d: tries to enable ACS but CONFIG_ACS disabled",
  2520. line);
  2521. return 1;
  2522. #else /* CONFIG_ACS */
  2523. conf->acs = 1;
  2524. conf->channel = 0;
  2525. #endif /* CONFIG_ACS */
  2526. } else {
  2527. conf->channel = atoi(pos);
  2528. conf->acs = conf->channel == 0;
  2529. }
  2530. } else if (os_strcmp(buf, "chanlist") == 0) {
  2531. if (hostapd_parse_chanlist(conf, pos)) {
  2532. wpa_printf(MSG_ERROR, "Line %d: invalid channel list",
  2533. line);
  2534. return 1;
  2535. }
  2536. } else if (os_strcmp(buf, "beacon_int") == 0) {
  2537. int val = atoi(pos);
  2538. /* MIB defines range as 1..65535, but very small values
  2539. * cause problems with the current implementation.
  2540. * Since it is unlikely that this small numbers are
  2541. * useful in real life scenarios, do not allow beacon
  2542. * period to be set below 15 TU. */
  2543. if (val < 15 || val > 65535) {
  2544. wpa_printf(MSG_ERROR, "Line %d: invalid beacon_int %d (expected 15..65535)",
  2545. line, val);
  2546. return 1;
  2547. }
  2548. conf->beacon_int = val;
  2549. #ifdef CONFIG_ACS
  2550. } else if (os_strcmp(buf, "acs_num_scans") == 0) {
  2551. int val = atoi(pos);
  2552. if (val <= 0 || val > 100) {
  2553. wpa_printf(MSG_ERROR, "Line %d: invalid acs_num_scans %d (expected 1..100)",
  2554. line, val);
  2555. return 1;
  2556. }
  2557. conf->acs_num_scans = val;
  2558. } else if (os_strcmp(buf, "acs_chan_bias") == 0) {
  2559. if (hostapd_config_parse_acs_chan_bias(conf, pos)) {
  2560. wpa_printf(MSG_ERROR, "Line %d: invalid acs_chan_bias",
  2561. line);
  2562. return -1;
  2563. }
  2564. #endif /* CONFIG_ACS */
  2565. } else if (os_strcmp(buf, "dtim_period") == 0) {
  2566. int val = atoi(pos);
  2567. if (val < 1 || val > 255) {
  2568. wpa_printf(MSG_ERROR, "Line %d: invalid dtim_period %d",
  2569. line, val);
  2570. return 1;
  2571. }
  2572. bss->dtim_period = val;
  2573. } else if (os_strcmp(buf, "bss_load_update_period") == 0) {
  2574. int val = atoi(pos);
  2575. if (val < 0 || val > 100) {
  2576. wpa_printf(MSG_ERROR,
  2577. "Line %d: invalid bss_load_update_period %d",
  2578. line, val);
  2579. return 1;
  2580. }
  2581. bss->bss_load_update_period = val;
  2582. } else if (os_strcmp(buf, "chan_util_avg_period") == 0) {
  2583. int val = atoi(pos);
  2584. if (val < 0) {
  2585. wpa_printf(MSG_ERROR,
  2586. "Line %d: invalid chan_util_avg_period",
  2587. line);
  2588. return 1;
  2589. }
  2590. bss->chan_util_avg_period = val;
  2591. } else if (os_strcmp(buf, "rts_threshold") == 0) {
  2592. conf->rts_threshold = atoi(pos);
  2593. if (conf->rts_threshold < -1 || conf->rts_threshold > 65535) {
  2594. wpa_printf(MSG_ERROR,
  2595. "Line %d: invalid rts_threshold %d",
  2596. line, conf->rts_threshold);
  2597. return 1;
  2598. }
  2599. } else if (os_strcmp(buf, "fragm_threshold") == 0) {
  2600. conf->fragm_threshold = atoi(pos);
  2601. if (conf->fragm_threshold == -1) {
  2602. /* allow a value of -1 */
  2603. } else if (conf->fragm_threshold < 256 ||
  2604. conf->fragm_threshold > 2346) {
  2605. wpa_printf(MSG_ERROR,
  2606. "Line %d: invalid fragm_threshold %d",
  2607. line, conf->fragm_threshold);
  2608. return 1;
  2609. }
  2610. } else if (os_strcmp(buf, "send_probe_response") == 0) {
  2611. int val = atoi(pos);
  2612. if (val != 0 && val != 1) {
  2613. wpa_printf(MSG_ERROR, "Line %d: invalid send_probe_response %d (expected 0 or 1)",
  2614. line, val);
  2615. return 1;
  2616. }
  2617. conf->send_probe_response = val;
  2618. } else if (os_strcmp(buf, "supported_rates") == 0) {
  2619. if (hostapd_parse_intlist(&conf->supported_rates, pos)) {
  2620. wpa_printf(MSG_ERROR, "Line %d: invalid rate list",
  2621. line);
  2622. return 1;
  2623. }
  2624. } else if (os_strcmp(buf, "basic_rates") == 0) {
  2625. if (hostapd_parse_intlist(&conf->basic_rates, pos)) {
  2626. wpa_printf(MSG_ERROR, "Line %d: invalid rate list",
  2627. line);
  2628. return 1;
  2629. }
  2630. } else if (os_strcmp(buf, "beacon_rate") == 0) {
  2631. int val;
  2632. if (os_strncmp(pos, "ht:", 3) == 0) {
  2633. val = atoi(pos + 3);
  2634. if (val < 0 || val > 31) {
  2635. wpa_printf(MSG_ERROR,
  2636. "Line %d: invalid beacon_rate HT-MCS %d",
  2637. line, val);
  2638. return 1;
  2639. }
  2640. conf->rate_type = BEACON_RATE_HT;
  2641. conf->beacon_rate = val;
  2642. } else if (os_strncmp(pos, "vht:", 4) == 0) {
  2643. val = atoi(pos + 4);
  2644. if (val < 0 || val > 9) {
  2645. wpa_printf(MSG_ERROR,
  2646. "Line %d: invalid beacon_rate VHT-MCS %d",
  2647. line, val);
  2648. return 1;
  2649. }
  2650. conf->rate_type = BEACON_RATE_VHT;
  2651. conf->beacon_rate = val;
  2652. } else {
  2653. val = atoi(pos);
  2654. if (val < 10 || val > 10000) {
  2655. wpa_printf(MSG_ERROR,
  2656. "Line %d: invalid legacy beacon_rate %d",
  2657. line, val);
  2658. return 1;
  2659. }
  2660. conf->rate_type = BEACON_RATE_LEGACY;
  2661. conf->beacon_rate = val;
  2662. }
  2663. } else if (os_strcmp(buf, "preamble") == 0) {
  2664. if (atoi(pos))
  2665. conf->preamble = SHORT_PREAMBLE;
  2666. else
  2667. conf->preamble = LONG_PREAMBLE;
  2668. } else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) {
  2669. bss->ignore_broadcast_ssid = atoi(pos);
  2670. } else if (os_strcmp(buf, "no_probe_resp_if_max_sta") == 0) {
  2671. bss->no_probe_resp_if_max_sta = atoi(pos);
  2672. } else if (os_strcmp(buf, "wep_default_key") == 0) {
  2673. bss->ssid.wep.idx = atoi(pos);
  2674. if (bss->ssid.wep.idx > 3) {
  2675. wpa_printf(MSG_ERROR,
  2676. "Invalid wep_default_key index %d",
  2677. bss->ssid.wep.idx);
  2678. return 1;
  2679. }
  2680. } else if (os_strcmp(buf, "wep_key0") == 0 ||
  2681. os_strcmp(buf, "wep_key1") == 0 ||
  2682. os_strcmp(buf, "wep_key2") == 0 ||
  2683. os_strcmp(buf, "wep_key3") == 0) {
  2684. if (hostapd_config_read_wep(&bss->ssid.wep,
  2685. buf[7] - '0', pos)) {
  2686. wpa_printf(MSG_ERROR, "Line %d: invalid WEP key '%s'",
  2687. line, buf);
  2688. return 1;
  2689. }
  2690. #ifndef CONFIG_NO_VLAN
  2691. } else if (os_strcmp(buf, "dynamic_vlan") == 0) {
  2692. bss->ssid.dynamic_vlan = atoi(pos);
  2693. } else if (os_strcmp(buf, "per_sta_vif") == 0) {
  2694. bss->ssid.per_sta_vif = atoi(pos);
  2695. } else if (os_strcmp(buf, "vlan_file") == 0) {
  2696. if (hostapd_config_read_vlan_file(bss, pos)) {
  2697. wpa_printf(MSG_ERROR, "Line %d: failed to read VLAN file '%s'",
  2698. line, pos);
  2699. return 1;
  2700. }
  2701. } else if (os_strcmp(buf, "vlan_naming") == 0) {
  2702. bss->ssid.vlan_naming = atoi(pos);
  2703. if (bss->ssid.vlan_naming >= DYNAMIC_VLAN_NAMING_END ||
  2704. bss->ssid.vlan_naming < 0) {
  2705. wpa_printf(MSG_ERROR,
  2706. "Line %d: invalid naming scheme %d",
  2707. line, bss->ssid.vlan_naming);
  2708. return 1;
  2709. }
  2710. #ifdef CONFIG_FULL_DYNAMIC_VLAN
  2711. } else if (os_strcmp(buf, "vlan_tagged_interface") == 0) {
  2712. os_free(bss->ssid.vlan_tagged_interface);
  2713. bss->ssid.vlan_tagged_interface = os_strdup(pos);
  2714. #endif /* CONFIG_FULL_DYNAMIC_VLAN */
  2715. #endif /* CONFIG_NO_VLAN */
  2716. } else if (os_strcmp(buf, "ap_table_max_size") == 0) {
  2717. conf->ap_table_max_size = atoi(pos);
  2718. } else if (os_strcmp(buf, "ap_table_expiration_time") == 0) {
  2719. conf->ap_table_expiration_time = atoi(pos);
  2720. } else if (os_strncmp(buf, "tx_queue_", 9) == 0) {
  2721. if (hostapd_config_tx_queue(conf, buf, pos)) {
  2722. wpa_printf(MSG_ERROR, "Line %d: invalid TX queue item",
  2723. line);
  2724. return 1;
  2725. }
  2726. } else if (os_strcmp(buf, "wme_enabled") == 0 ||
  2727. os_strcmp(buf, "wmm_enabled") == 0) {
  2728. bss->wmm_enabled = atoi(pos);
  2729. } else if (os_strcmp(buf, "uapsd_advertisement_enabled") == 0) {
  2730. bss->wmm_uapsd = atoi(pos);
  2731. } else if (os_strncmp(buf, "wme_ac_", 7) == 0 ||
  2732. os_strncmp(buf, "wmm_ac_", 7) == 0) {
  2733. if (hostapd_config_wmm_ac(conf->wmm_ac_params, buf, pos)) {
  2734. wpa_printf(MSG_ERROR, "Line %d: invalid WMM ac item",
  2735. line);
  2736. return 1;
  2737. }
  2738. } else if (os_strcmp(buf, "bss") == 0) {
  2739. if (hostapd_config_bss(conf, pos)) {
  2740. wpa_printf(MSG_ERROR, "Line %d: invalid bss item",
  2741. line);
  2742. return 1;
  2743. }
  2744. } else if (os_strcmp(buf, "bssid") == 0) {
  2745. if (hwaddr_aton(pos, bss->bssid)) {
  2746. wpa_printf(MSG_ERROR, "Line %d: invalid bssid item",
  2747. line);
  2748. return 1;
  2749. }
  2750. } else if (os_strcmp(buf, "use_driver_iface_addr") == 0) {
  2751. conf->use_driver_iface_addr = atoi(pos);
  2752. #ifdef CONFIG_IEEE80211W
  2753. } else if (os_strcmp(buf, "ieee80211w") == 0) {
  2754. bss->ieee80211w = atoi(pos);
  2755. } else if (os_strcmp(buf, "group_mgmt_cipher") == 0) {
  2756. if (os_strcmp(pos, "AES-128-CMAC") == 0) {
  2757. bss->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC;
  2758. } else if (os_strcmp(pos, "BIP-GMAC-128") == 0) {
  2759. bss->group_mgmt_cipher = WPA_CIPHER_BIP_GMAC_128;
  2760. } else if (os_strcmp(pos, "BIP-GMAC-256") == 0) {
  2761. bss->group_mgmt_cipher = WPA_CIPHER_BIP_GMAC_256;
  2762. } else if (os_strcmp(pos, "BIP-CMAC-256") == 0) {
  2763. bss->group_mgmt_cipher = WPA_CIPHER_BIP_CMAC_256;
  2764. } else {
  2765. wpa_printf(MSG_ERROR, "Line %d: invalid group_mgmt_cipher: %s",
  2766. line, pos);
  2767. return 1;
  2768. }
  2769. } else if (os_strcmp(buf, "assoc_sa_query_max_timeout") == 0) {
  2770. bss->assoc_sa_query_max_timeout = atoi(pos);
  2771. if (bss->assoc_sa_query_max_timeout == 0) {
  2772. wpa_printf(MSG_ERROR, "Line %d: invalid assoc_sa_query_max_timeout",
  2773. line);
  2774. return 1;
  2775. }
  2776. } else if (os_strcmp(buf, "assoc_sa_query_retry_timeout") == 0) {
  2777. bss->assoc_sa_query_retry_timeout = atoi(pos);
  2778. if (bss->assoc_sa_query_retry_timeout == 0) {
  2779. wpa_printf(MSG_ERROR, "Line %d: invalid assoc_sa_query_retry_timeout",
  2780. line);
  2781. return 1;
  2782. }
  2783. #endif /* CONFIG_IEEE80211W */
  2784. #ifdef CONFIG_IEEE80211N
  2785. } else if (os_strcmp(buf, "ieee80211n") == 0) {
  2786. conf->ieee80211n = atoi(pos);
  2787. } else if (os_strcmp(buf, "ht_capab") == 0) {
  2788. if (hostapd_config_ht_capab(conf, pos) < 0) {
  2789. wpa_printf(MSG_ERROR, "Line %d: invalid ht_capab",
  2790. line);
  2791. return 1;
  2792. }
  2793. } else if (os_strcmp(buf, "require_ht") == 0) {
  2794. conf->require_ht = atoi(pos);
  2795. } else if (os_strcmp(buf, "obss_interval") == 0) {
  2796. conf->obss_interval = atoi(pos);
  2797. #endif /* CONFIG_IEEE80211N */
  2798. #ifdef CONFIG_IEEE80211AC
  2799. } else if (os_strcmp(buf, "ieee80211ac") == 0) {
  2800. conf->ieee80211ac = atoi(pos);
  2801. } else if (os_strcmp(buf, "vht_capab") == 0) {
  2802. if (hostapd_config_vht_capab(conf, pos) < 0) {
  2803. wpa_printf(MSG_ERROR, "Line %d: invalid vht_capab",
  2804. line);
  2805. return 1;
  2806. }
  2807. } else if (os_strcmp(buf, "require_vht") == 0) {
  2808. conf->require_vht = atoi(pos);
  2809. } else if (os_strcmp(buf, "vht_oper_chwidth") == 0) {
  2810. conf->vht_oper_chwidth = atoi(pos);
  2811. } else if (os_strcmp(buf, "vht_oper_centr_freq_seg0_idx") == 0) {
  2812. conf->vht_oper_centr_freq_seg0_idx = atoi(pos);
  2813. } else if (os_strcmp(buf, "vht_oper_centr_freq_seg1_idx") == 0) {
  2814. conf->vht_oper_centr_freq_seg1_idx = atoi(pos);
  2815. } else if (os_strcmp(buf, "vendor_vht") == 0) {
  2816. bss->vendor_vht = atoi(pos);
  2817. } else if (os_strcmp(buf, "use_sta_nsts") == 0) {
  2818. bss->use_sta_nsts = atoi(pos);
  2819. #endif /* CONFIG_IEEE80211AC */
  2820. #ifdef CONFIG_IEEE80211AX
  2821. } else if (os_strcmp(buf, "ieee80211ax") == 0) {
  2822. conf->ieee80211ax = atoi(pos);
  2823. } else if (os_strcmp(buf, "he_su_beamformer") == 0) {
  2824. conf->he_phy_capab.he_su_beamformer = atoi(pos);
  2825. } else if (os_strcmp(buf, "he_su_beamformee") == 0) {
  2826. conf->he_phy_capab.he_su_beamformee = atoi(pos);
  2827. } else if (os_strcmp(buf, "he_mu_beamformer") == 0) {
  2828. conf->he_phy_capab.he_mu_beamformer = atoi(pos);
  2829. } else if (os_strcmp(buf, "he_bss_color") == 0) {
  2830. conf->he_op.he_bss_color = atoi(pos);
  2831. } else if (os_strcmp(buf, "he_default_pe_duration") == 0) {
  2832. conf->he_op.he_default_pe_duration = atoi(pos);
  2833. } else if (os_strcmp(buf, "he_twt_required") == 0) {
  2834. conf->he_op.he_twt_required = atoi(pos);
  2835. } else if (os_strcmp(buf, "he_rts_threshold") == 0) {
  2836. conf->he_op.he_rts_threshold = atoi(pos);
  2837. #endif /* CONFIG_IEEE80211AX */
  2838. } else if (os_strcmp(buf, "max_listen_interval") == 0) {
  2839. bss->max_listen_interval = atoi(pos);
  2840. } else if (os_strcmp(buf, "disable_pmksa_caching") == 0) {
  2841. bss->disable_pmksa_caching = atoi(pos);
  2842. } else if (os_strcmp(buf, "okc") == 0) {
  2843. bss->okc = atoi(pos);
  2844. #ifdef CONFIG_WPS
  2845. } else if (os_strcmp(buf, "wps_state") == 0) {
  2846. bss->wps_state = atoi(pos);
  2847. if (bss->wps_state < 0 || bss->wps_state > 2) {
  2848. wpa_printf(MSG_ERROR, "Line %d: invalid wps_state",
  2849. line);
  2850. return 1;
  2851. }
  2852. } else if (os_strcmp(buf, "wps_independent") == 0) {
  2853. bss->wps_independent = atoi(pos);
  2854. } else if (os_strcmp(buf, "ap_setup_locked") == 0) {
  2855. bss->ap_setup_locked = atoi(pos);
  2856. } else if (os_strcmp(buf, "uuid") == 0) {
  2857. if (uuid_str2bin(pos, bss->uuid)) {
  2858. wpa_printf(MSG_ERROR, "Line %d: invalid UUID", line);
  2859. return 1;
  2860. }
  2861. } else if (os_strcmp(buf, "wps_pin_requests") == 0) {
  2862. os_free(bss->wps_pin_requests);
  2863. bss->wps_pin_requests = os_strdup(pos);
  2864. } else if (os_strcmp(buf, "device_name") == 0) {
  2865. if (os_strlen(pos) > WPS_DEV_NAME_MAX_LEN) {
  2866. wpa_printf(MSG_ERROR, "Line %d: Too long "
  2867. "device_name", line);
  2868. return 1;
  2869. }
  2870. os_free(bss->device_name);
  2871. bss->device_name = os_strdup(pos);
  2872. } else if (os_strcmp(buf, "manufacturer") == 0) {
  2873. if (os_strlen(pos) > 64) {
  2874. wpa_printf(MSG_ERROR, "Line %d: Too long manufacturer",
  2875. line);
  2876. return 1;
  2877. }
  2878. os_free(bss->manufacturer);
  2879. bss->manufacturer = os_strdup(pos);
  2880. } else if (os_strcmp(buf, "model_name") == 0) {
  2881. if (os_strlen(pos) > 32) {
  2882. wpa_printf(MSG_ERROR, "Line %d: Too long model_name",
  2883. line);
  2884. return 1;
  2885. }
  2886. os_free(bss->model_name);
  2887. bss->model_name = os_strdup(pos);
  2888. } else if (os_strcmp(buf, "model_number") == 0) {
  2889. if (os_strlen(pos) > 32) {
  2890. wpa_printf(MSG_ERROR, "Line %d: Too long model_number",
  2891. line);
  2892. return 1;
  2893. }
  2894. os_free(bss->model_number);
  2895. bss->model_number = os_strdup(pos);
  2896. } else if (os_strcmp(buf, "serial_number") == 0) {
  2897. if (os_strlen(pos) > 32) {
  2898. wpa_printf(MSG_ERROR, "Line %d: Too long serial_number",
  2899. line);
  2900. return 1;
  2901. }
  2902. os_free(bss->serial_number);
  2903. bss->serial_number = os_strdup(pos);
  2904. } else if (os_strcmp(buf, "device_type") == 0) {
  2905. if (wps_dev_type_str2bin(pos, bss->device_type))
  2906. return 1;
  2907. } else if (os_strcmp(buf, "config_methods") == 0) {
  2908. os_free(bss->config_methods);
  2909. bss->config_methods = os_strdup(pos);
  2910. } else if (os_strcmp(buf, "os_version") == 0) {
  2911. if (hexstr2bin(pos, bss->os_version, 4)) {
  2912. wpa_printf(MSG_ERROR, "Line %d: invalid os_version",
  2913. line);
  2914. return 1;
  2915. }
  2916. } else if (os_strcmp(buf, "ap_pin") == 0) {
  2917. os_free(bss->ap_pin);
  2918. if (*pos == '\0')
  2919. bss->ap_pin = NULL;
  2920. else
  2921. bss->ap_pin = os_strdup(pos);
  2922. } else if (os_strcmp(buf, "skip_cred_build") == 0) {
  2923. bss->skip_cred_build = atoi(pos);
  2924. } else if (os_strcmp(buf, "extra_cred") == 0) {
  2925. os_free(bss->extra_cred);
  2926. bss->extra_cred = (u8 *) os_readfile(pos, &bss->extra_cred_len);
  2927. if (bss->extra_cred == NULL) {
  2928. wpa_printf(MSG_ERROR, "Line %d: could not read Credentials from '%s'",
  2929. line, pos);
  2930. return 1;
  2931. }
  2932. } else if (os_strcmp(buf, "wps_cred_processing") == 0) {
  2933. bss->wps_cred_processing = atoi(pos);
  2934. } else if (os_strcmp(buf, "ap_settings") == 0) {
  2935. os_free(bss->ap_settings);
  2936. bss->ap_settings =
  2937. (u8 *) os_readfile(pos, &bss->ap_settings_len);
  2938. if (bss->ap_settings == NULL) {
  2939. wpa_printf(MSG_ERROR, "Line %d: could not read AP Settings from '%s'",
  2940. line, pos);
  2941. return 1;
  2942. }
  2943. } else if (os_strcmp(buf, "upnp_iface") == 0) {
  2944. os_free(bss->upnp_iface);
  2945. bss->upnp_iface = os_strdup(pos);
  2946. } else if (os_strcmp(buf, "friendly_name") == 0) {
  2947. os_free(bss->friendly_name);
  2948. bss->friendly_name = os_strdup(pos);
  2949. } else if (os_strcmp(buf, "manufacturer_url") == 0) {
  2950. os_free(bss->manufacturer_url);
  2951. bss->manufacturer_url = os_strdup(pos);
  2952. } else if (os_strcmp(buf, "model_description") == 0) {
  2953. os_free(bss->model_description);
  2954. bss->model_description = os_strdup(pos);
  2955. } else if (os_strcmp(buf, "model_url") == 0) {
  2956. os_free(bss->model_url);
  2957. bss->model_url = os_strdup(pos);
  2958. } else if (os_strcmp(buf, "upc") == 0) {
  2959. os_free(bss->upc);
  2960. bss->upc = os_strdup(pos);
  2961. } else if (os_strcmp(buf, "pbc_in_m1") == 0) {
  2962. bss->pbc_in_m1 = atoi(pos);
  2963. } else if (os_strcmp(buf, "server_id") == 0) {
  2964. os_free(bss->server_id);
  2965. bss->server_id = os_strdup(pos);
  2966. #ifdef CONFIG_WPS_NFC
  2967. } else if (os_strcmp(buf, "wps_nfc_dev_pw_id") == 0) {
  2968. bss->wps_nfc_dev_pw_id = atoi(pos);
  2969. if (bss->wps_nfc_dev_pw_id < 0x10 ||
  2970. bss->wps_nfc_dev_pw_id > 0xffff) {
  2971. wpa_printf(MSG_ERROR, "Line %d: Invalid wps_nfc_dev_pw_id value",
  2972. line);
  2973. return 1;
  2974. }
  2975. bss->wps_nfc_pw_from_config = 1;
  2976. } else if (os_strcmp(buf, "wps_nfc_dh_pubkey") == 0) {
  2977. wpabuf_free(bss->wps_nfc_dh_pubkey);
  2978. bss->wps_nfc_dh_pubkey = wpabuf_parse_bin(pos);
  2979. bss->wps_nfc_pw_from_config = 1;
  2980. } else if (os_strcmp(buf, "wps_nfc_dh_privkey") == 0) {
  2981. wpabuf_free(bss->wps_nfc_dh_privkey);
  2982. bss->wps_nfc_dh_privkey = wpabuf_parse_bin(pos);
  2983. bss->wps_nfc_pw_from_config = 1;
  2984. } else if (os_strcmp(buf, "wps_nfc_dev_pw") == 0) {
  2985. wpabuf_free(bss->wps_nfc_dev_pw);
  2986. bss->wps_nfc_dev_pw = wpabuf_parse_bin(pos);
  2987. bss->wps_nfc_pw_from_config = 1;
  2988. #endif /* CONFIG_WPS_NFC */
  2989. #endif /* CONFIG_WPS */
  2990. #ifdef CONFIG_P2P_MANAGER
  2991. } else if (os_strcmp(buf, "manage_p2p") == 0) {
  2992. if (atoi(pos))
  2993. bss->p2p |= P2P_MANAGE;
  2994. else
  2995. bss->p2p &= ~P2P_MANAGE;
  2996. } else if (os_strcmp(buf, "allow_cross_connection") == 0) {
  2997. if (atoi(pos))
  2998. bss->p2p |= P2P_ALLOW_CROSS_CONNECTION;
  2999. else
  3000. bss->p2p &= ~P2P_ALLOW_CROSS_CONNECTION;
  3001. #endif /* CONFIG_P2P_MANAGER */
  3002. } else if (os_strcmp(buf, "disassoc_low_ack") == 0) {
  3003. bss->disassoc_low_ack = atoi(pos);
  3004. } else if (os_strcmp(buf, "tdls_prohibit") == 0) {
  3005. if (atoi(pos))
  3006. bss->tdls |= TDLS_PROHIBIT;
  3007. else
  3008. bss->tdls &= ~TDLS_PROHIBIT;
  3009. } else if (os_strcmp(buf, "tdls_prohibit_chan_switch") == 0) {
  3010. if (atoi(pos))
  3011. bss->tdls |= TDLS_PROHIBIT_CHAN_SWITCH;
  3012. else
  3013. bss->tdls &= ~TDLS_PROHIBIT_CHAN_SWITCH;
  3014. #ifdef CONFIG_RSN_TESTING
  3015. } else if (os_strcmp(buf, "rsn_testing") == 0) {
  3016. extern int rsn_testing;
  3017. rsn_testing = atoi(pos);
  3018. #endif /* CONFIG_RSN_TESTING */
  3019. } else if (os_strcmp(buf, "time_advertisement") == 0) {
  3020. bss->time_advertisement = atoi(pos);
  3021. } else if (os_strcmp(buf, "time_zone") == 0) {
  3022. size_t tz_len = os_strlen(pos);
  3023. if (tz_len < 4 || tz_len > 255) {
  3024. wpa_printf(MSG_DEBUG, "Line %d: invalid time_zone",
  3025. line);
  3026. return 1;
  3027. }
  3028. os_free(bss->time_zone);
  3029. bss->time_zone = os_strdup(pos);
  3030. if (bss->time_zone == NULL)
  3031. return 1;
  3032. #ifdef CONFIG_WNM_AP
  3033. } else if (os_strcmp(buf, "wnm_sleep_mode") == 0) {
  3034. bss->wnm_sleep_mode = atoi(pos);
  3035. } else if (os_strcmp(buf, "wnm_sleep_mode_no_keys") == 0) {
  3036. bss->wnm_sleep_mode_no_keys = atoi(pos);
  3037. } else if (os_strcmp(buf, "bss_transition") == 0) {
  3038. bss->bss_transition = atoi(pos);
  3039. #endif /* CONFIG_WNM_AP */
  3040. #ifdef CONFIG_INTERWORKING
  3041. } else if (os_strcmp(buf, "interworking") == 0) {
  3042. bss->interworking = atoi(pos);
  3043. } else if (os_strcmp(buf, "access_network_type") == 0) {
  3044. bss->access_network_type = atoi(pos);
  3045. if (bss->access_network_type < 0 ||
  3046. bss->access_network_type > 15) {
  3047. wpa_printf(MSG_ERROR,
  3048. "Line %d: invalid access_network_type",
  3049. line);
  3050. return 1;
  3051. }
  3052. } else if (os_strcmp(buf, "internet") == 0) {
  3053. bss->internet = atoi(pos);
  3054. } else if (os_strcmp(buf, "asra") == 0) {
  3055. bss->asra = atoi(pos);
  3056. } else if (os_strcmp(buf, "esr") == 0) {
  3057. bss->esr = atoi(pos);
  3058. } else if (os_strcmp(buf, "uesa") == 0) {
  3059. bss->uesa = atoi(pos);
  3060. } else if (os_strcmp(buf, "venue_group") == 0) {
  3061. bss->venue_group = atoi(pos);
  3062. bss->venue_info_set = 1;
  3063. } else if (os_strcmp(buf, "venue_type") == 0) {
  3064. bss->venue_type = atoi(pos);
  3065. bss->venue_info_set = 1;
  3066. } else if (os_strcmp(buf, "hessid") == 0) {
  3067. if (hwaddr_aton(pos, bss->hessid)) {
  3068. wpa_printf(MSG_ERROR, "Line %d: invalid hessid", line);
  3069. return 1;
  3070. }
  3071. } else if (os_strcmp(buf, "roaming_consortium") == 0) {
  3072. if (parse_roaming_consortium(bss, pos, line) < 0)
  3073. return 1;
  3074. } else if (os_strcmp(buf, "venue_name") == 0) {
  3075. if (parse_venue_name(bss, pos, line) < 0)
  3076. return 1;
  3077. } else if (os_strcmp(buf, "venue_url") == 0) {
  3078. if (parse_venue_url(bss, pos, line) < 0)
  3079. return 1;
  3080. } else if (os_strcmp(buf, "network_auth_type") == 0) {
  3081. u8 auth_type;
  3082. u16 redirect_url_len;
  3083. if (hexstr2bin(pos, &auth_type, 1)) {
  3084. wpa_printf(MSG_ERROR,
  3085. "Line %d: Invalid network_auth_type '%s'",
  3086. line, pos);
  3087. return 1;
  3088. }
  3089. if (auth_type == 0 || auth_type == 2)
  3090. redirect_url_len = os_strlen(pos + 2);
  3091. else
  3092. redirect_url_len = 0;
  3093. os_free(bss->network_auth_type);
  3094. bss->network_auth_type = os_malloc(redirect_url_len + 3 + 1);
  3095. if (bss->network_auth_type == NULL)
  3096. return 1;
  3097. *bss->network_auth_type = auth_type;
  3098. WPA_PUT_LE16(bss->network_auth_type + 1, redirect_url_len);
  3099. if (redirect_url_len)
  3100. os_memcpy(bss->network_auth_type + 3, pos + 2,
  3101. redirect_url_len);
  3102. bss->network_auth_type_len = 3 + redirect_url_len;
  3103. } else if (os_strcmp(buf, "ipaddr_type_availability") == 0) {
  3104. if (hexstr2bin(pos, &bss->ipaddr_type_availability, 1)) {
  3105. wpa_printf(MSG_ERROR, "Line %d: Invalid ipaddr_type_availability '%s'",
  3106. line, pos);
  3107. bss->ipaddr_type_configured = 0;
  3108. return 1;
  3109. }
  3110. bss->ipaddr_type_configured = 1;
  3111. } else if (os_strcmp(buf, "domain_name") == 0) {
  3112. int j, num_domains, domain_len, domain_list_len = 0;
  3113. char *tok_start, *tok_prev;
  3114. u8 *domain_list, *domain_ptr;
  3115. domain_list_len = os_strlen(pos) + 1;
  3116. domain_list = os_malloc(domain_list_len);
  3117. if (domain_list == NULL)
  3118. return 1;
  3119. domain_ptr = domain_list;
  3120. tok_prev = pos;
  3121. num_domains = 1;
  3122. while ((tok_prev = os_strchr(tok_prev, ','))) {
  3123. num_domains++;
  3124. tok_prev++;
  3125. }
  3126. tok_prev = pos;
  3127. for (j = 0; j < num_domains; j++) {
  3128. tok_start = os_strchr(tok_prev, ',');
  3129. if (tok_start) {
  3130. domain_len = tok_start - tok_prev;
  3131. *domain_ptr = domain_len;
  3132. os_memcpy(domain_ptr + 1, tok_prev, domain_len);
  3133. domain_ptr += domain_len + 1;
  3134. tok_prev = ++tok_start;
  3135. } else {
  3136. domain_len = os_strlen(tok_prev);
  3137. *domain_ptr = domain_len;
  3138. os_memcpy(domain_ptr + 1, tok_prev, domain_len);
  3139. domain_ptr += domain_len + 1;
  3140. }
  3141. }
  3142. os_free(bss->domain_name);
  3143. bss->domain_name = domain_list;
  3144. bss->domain_name_len = domain_list_len;
  3145. } else if (os_strcmp(buf, "anqp_3gpp_cell_net") == 0) {
  3146. if (parse_3gpp_cell_net(bss, pos, line) < 0)
  3147. return 1;
  3148. } else if (os_strcmp(buf, "nai_realm") == 0) {
  3149. if (parse_nai_realm(bss, pos, line) < 0)
  3150. return 1;
  3151. } else if (os_strcmp(buf, "anqp_elem") == 0) {
  3152. if (parse_anqp_elem(bss, pos, line) < 0)
  3153. return 1;
  3154. } else if (os_strcmp(buf, "gas_frag_limit") == 0) {
  3155. int val = atoi(pos);
  3156. if (val <= 0) {
  3157. wpa_printf(MSG_ERROR,
  3158. "Line %d: Invalid gas_frag_limit '%s'",
  3159. line, pos);
  3160. return 1;
  3161. }
  3162. bss->gas_frag_limit = val;
  3163. } else if (os_strcmp(buf, "gas_comeback_delay") == 0) {
  3164. bss->gas_comeback_delay = atoi(pos);
  3165. } else if (os_strcmp(buf, "qos_map_set") == 0) {
  3166. if (parse_qos_map_set(bss, pos, line) < 0)
  3167. return 1;
  3168. #endif /* CONFIG_INTERWORKING */
  3169. #ifdef CONFIG_RADIUS_TEST
  3170. } else if (os_strcmp(buf, "dump_msk_file") == 0) {
  3171. os_free(bss->dump_msk_file);
  3172. bss->dump_msk_file = os_strdup(pos);
  3173. #endif /* CONFIG_RADIUS_TEST */
  3174. #ifdef CONFIG_PROXYARP
  3175. } else if (os_strcmp(buf, "proxy_arp") == 0) {
  3176. bss->proxy_arp = atoi(pos);
  3177. #endif /* CONFIG_PROXYARP */
  3178. #ifdef CONFIG_HS20
  3179. } else if (os_strcmp(buf, "hs20") == 0) {
  3180. bss->hs20 = atoi(pos);
  3181. } else if (os_strcmp(buf, "disable_dgaf") == 0) {
  3182. bss->disable_dgaf = atoi(pos);
  3183. } else if (os_strcmp(buf, "na_mcast_to_ucast") == 0) {
  3184. bss->na_mcast_to_ucast = atoi(pos);
  3185. } else if (os_strcmp(buf, "osen") == 0) {
  3186. bss->osen = atoi(pos);
  3187. } else if (os_strcmp(buf, "anqp_domain_id") == 0) {
  3188. bss->anqp_domain_id = atoi(pos);
  3189. } else if (os_strcmp(buf, "hs20_deauth_req_timeout") == 0) {
  3190. bss->hs20_deauth_req_timeout = atoi(pos);
  3191. } else if (os_strcmp(buf, "hs20_oper_friendly_name") == 0) {
  3192. if (hs20_parse_oper_friendly_name(bss, pos, line) < 0)
  3193. return 1;
  3194. } else if (os_strcmp(buf, "hs20_wan_metrics") == 0) {
  3195. if (hs20_parse_wan_metrics(bss, pos, line) < 0)
  3196. return 1;
  3197. } else if (os_strcmp(buf, "hs20_conn_capab") == 0) {
  3198. if (hs20_parse_conn_capab(bss, pos, line) < 0) {
  3199. return 1;
  3200. }
  3201. } else if (os_strcmp(buf, "hs20_operating_class") == 0) {
  3202. u8 *oper_class;
  3203. size_t oper_class_len;
  3204. oper_class_len = os_strlen(pos);
  3205. if (oper_class_len < 2 || (oper_class_len & 0x01)) {
  3206. wpa_printf(MSG_ERROR,
  3207. "Line %d: Invalid hs20_operating_class '%s'",
  3208. line, pos);
  3209. return 1;
  3210. }
  3211. oper_class_len /= 2;
  3212. oper_class = os_malloc(oper_class_len);
  3213. if (oper_class == NULL)
  3214. return 1;
  3215. if (hexstr2bin(pos, oper_class, oper_class_len)) {
  3216. wpa_printf(MSG_ERROR,
  3217. "Line %d: Invalid hs20_operating_class '%s'",
  3218. line, pos);
  3219. os_free(oper_class);
  3220. return 1;
  3221. }
  3222. os_free(bss->hs20_operating_class);
  3223. bss->hs20_operating_class = oper_class;
  3224. bss->hs20_operating_class_len = oper_class_len;
  3225. } else if (os_strcmp(buf, "hs20_icon") == 0) {
  3226. if (hs20_parse_icon(bss, pos) < 0) {
  3227. wpa_printf(MSG_ERROR, "Line %d: Invalid hs20_icon '%s'",
  3228. line, pos);
  3229. return 1;
  3230. }
  3231. } else if (os_strcmp(buf, "osu_ssid") == 0) {
  3232. if (hs20_parse_osu_ssid(bss, pos, line) < 0)
  3233. return 1;
  3234. } else if (os_strcmp(buf, "osu_server_uri") == 0) {
  3235. if (hs20_parse_osu_server_uri(bss, pos, line) < 0)
  3236. return 1;
  3237. } else if (os_strcmp(buf, "osu_friendly_name") == 0) {
  3238. if (hs20_parse_osu_friendly_name(bss, pos, line) < 0)
  3239. return 1;
  3240. } else if (os_strcmp(buf, "osu_nai") == 0) {
  3241. if (hs20_parse_osu_nai(bss, pos, line) < 0)
  3242. return 1;
  3243. } else if (os_strcmp(buf, "osu_method_list") == 0) {
  3244. if (hs20_parse_osu_method_list(bss, pos, line) < 0)
  3245. return 1;
  3246. } else if (os_strcmp(buf, "osu_icon") == 0) {
  3247. if (hs20_parse_osu_icon(bss, pos, line) < 0)
  3248. return 1;
  3249. } else if (os_strcmp(buf, "osu_service_desc") == 0) {
  3250. if (hs20_parse_osu_service_desc(bss, pos, line) < 0)
  3251. return 1;
  3252. } else if (os_strcmp(buf, "subscr_remediation_url") == 0) {
  3253. os_free(bss->subscr_remediation_url);
  3254. bss->subscr_remediation_url = os_strdup(pos);
  3255. } else if (os_strcmp(buf, "subscr_remediation_method") == 0) {
  3256. bss->subscr_remediation_method = atoi(pos);
  3257. #endif /* CONFIG_HS20 */
  3258. #ifdef CONFIG_MBO
  3259. } else if (os_strcmp(buf, "mbo") == 0) {
  3260. bss->mbo_enabled = atoi(pos);
  3261. } else if (os_strcmp(buf, "mbo_cell_data_conn_pref") == 0) {
  3262. bss->mbo_cell_data_conn_pref = atoi(pos);
  3263. } else if (os_strcmp(buf, "oce") == 0) {
  3264. bss->oce = atoi(pos);
  3265. #endif /* CONFIG_MBO */
  3266. #ifdef CONFIG_TESTING_OPTIONS
  3267. #define PARSE_TEST_PROBABILITY(_val) \
  3268. } else if (os_strcmp(buf, #_val) == 0) { \
  3269. char *end; \
  3270. \
  3271. conf->_val = strtod(pos, &end); \
  3272. if (*end || conf->_val < 0.0 || \
  3273. conf->_val > 1.0) { \
  3274. wpa_printf(MSG_ERROR, \
  3275. "Line %d: Invalid value '%s'", \
  3276. line, pos); \
  3277. return 1; \
  3278. }
  3279. PARSE_TEST_PROBABILITY(ignore_probe_probability)
  3280. PARSE_TEST_PROBABILITY(ignore_auth_probability)
  3281. PARSE_TEST_PROBABILITY(ignore_assoc_probability)
  3282. PARSE_TEST_PROBABILITY(ignore_reassoc_probability)
  3283. PARSE_TEST_PROBABILITY(corrupt_gtk_rekey_mic_probability)
  3284. } else if (os_strcmp(buf, "ecsa_ie_only") == 0) {
  3285. conf->ecsa_ie_only = atoi(pos);
  3286. } else if (os_strcmp(buf, "bss_load_test") == 0) {
  3287. WPA_PUT_LE16(bss->bss_load_test, atoi(pos));
  3288. pos = os_strchr(pos, ':');
  3289. if (pos == NULL) {
  3290. wpa_printf(MSG_ERROR, "Line %d: Invalid bss_load_test",
  3291. line);
  3292. return 1;
  3293. }
  3294. pos++;
  3295. bss->bss_load_test[2] = atoi(pos);
  3296. pos = os_strchr(pos, ':');
  3297. if (pos == NULL) {
  3298. wpa_printf(MSG_ERROR, "Line %d: Invalid bss_load_test",
  3299. line);
  3300. return 1;
  3301. }
  3302. pos++;
  3303. WPA_PUT_LE16(&bss->bss_load_test[3], atoi(pos));
  3304. bss->bss_load_test_set = 1;
  3305. } else if (os_strcmp(buf, "radio_measurements") == 0) {
  3306. /*
  3307. * DEPRECATED: This parameter will be removed in the future.
  3308. * Use rrm_neighbor_report instead.
  3309. */
  3310. int val = atoi(pos);
  3311. if (val & BIT(0))
  3312. bss->radio_measurements[0] |=
  3313. WLAN_RRM_CAPS_NEIGHBOR_REPORT;
  3314. } else if (os_strcmp(buf, "own_ie_override") == 0) {
  3315. struct wpabuf *tmp;
  3316. size_t len = os_strlen(pos) / 2;
  3317. tmp = wpabuf_alloc(len);
  3318. if (!tmp)
  3319. return 1;
  3320. if (hexstr2bin(pos, wpabuf_put(tmp, len), len)) {
  3321. wpabuf_free(tmp);
  3322. wpa_printf(MSG_ERROR,
  3323. "Line %d: Invalid own_ie_override '%s'",
  3324. line, pos);
  3325. return 1;
  3326. }
  3327. wpabuf_free(bss->own_ie_override);
  3328. bss->own_ie_override = tmp;
  3329. } else if (os_strcmp(buf, "sae_reflection_attack") == 0) {
  3330. bss->sae_reflection_attack = atoi(pos);
  3331. } else if (os_strcmp(buf, "sae_commit_override") == 0) {
  3332. wpabuf_free(bss->sae_commit_override);
  3333. bss->sae_commit_override = wpabuf_parse_bin(pos);
  3334. } else if (os_strcmp(buf, "sae_password") == 0) {
  3335. os_free(bss->sae_password);
  3336. bss->sae_password = os_strdup(pos);
  3337. #endif /* CONFIG_TESTING_OPTIONS */
  3338. } else if (os_strcmp(buf, "vendor_elements") == 0) {
  3339. if (parse_wpabuf_hex(line, buf, &bss->vendor_elements, pos))
  3340. return 1;
  3341. } else if (os_strcmp(buf, "assocresp_elements") == 0) {
  3342. if (parse_wpabuf_hex(line, buf, &bss->assocresp_elements, pos))
  3343. return 1;
  3344. } else if (os_strcmp(buf, "sae_anti_clogging_threshold") == 0) {
  3345. bss->sae_anti_clogging_threshold = atoi(pos);
  3346. } else if (os_strcmp(buf, "sae_sync") == 0) {
  3347. bss->sae_sync = atoi(pos);
  3348. } else if (os_strcmp(buf, "sae_groups") == 0) {
  3349. if (hostapd_parse_intlist(&bss->sae_groups, pos)) {
  3350. wpa_printf(MSG_ERROR,
  3351. "Line %d: Invalid sae_groups value '%s'",
  3352. line, pos);
  3353. return 1;
  3354. }
  3355. } else if (os_strcmp(buf, "sae_require_mfp") == 0) {
  3356. bss->sae_require_mfp = atoi(pos);
  3357. } else if (os_strcmp(buf, "local_pwr_constraint") == 0) {
  3358. int val = atoi(pos);
  3359. if (val < 0 || val > 255) {
  3360. wpa_printf(MSG_ERROR, "Line %d: Invalid local_pwr_constraint %d (expected 0..255)",
  3361. line, val);
  3362. return 1;
  3363. }
  3364. conf->local_pwr_constraint = val;
  3365. } else if (os_strcmp(buf, "spectrum_mgmt_required") == 0) {
  3366. conf->spectrum_mgmt_required = atoi(pos);
  3367. } else if (os_strcmp(buf, "wowlan_triggers") == 0) {
  3368. os_free(bss->wowlan_triggers);
  3369. bss->wowlan_triggers = os_strdup(pos);
  3370. #ifdef CONFIG_FST
  3371. } else if (os_strcmp(buf, "fst_group_id") == 0) {
  3372. size_t len = os_strlen(pos);
  3373. if (!len || len >= sizeof(conf->fst_cfg.group_id)) {
  3374. wpa_printf(MSG_ERROR,
  3375. "Line %d: Invalid fst_group_id value '%s'",
  3376. line, pos);
  3377. return 1;
  3378. }
  3379. if (conf->fst_cfg.group_id[0]) {
  3380. wpa_printf(MSG_ERROR,
  3381. "Line %d: Duplicate fst_group value '%s'",
  3382. line, pos);
  3383. return 1;
  3384. }
  3385. os_strlcpy(conf->fst_cfg.group_id, pos,
  3386. sizeof(conf->fst_cfg.group_id));
  3387. } else if (os_strcmp(buf, "fst_priority") == 0) {
  3388. char *endp;
  3389. long int val;
  3390. if (!*pos) {
  3391. wpa_printf(MSG_ERROR,
  3392. "Line %d: fst_priority value not supplied (expected 1..%u)",
  3393. line, FST_MAX_PRIO_VALUE);
  3394. return -1;
  3395. }
  3396. val = strtol(pos, &endp, 0);
  3397. if (*endp || val < 1 || val > FST_MAX_PRIO_VALUE) {
  3398. wpa_printf(MSG_ERROR,
  3399. "Line %d: Invalid fst_priority %ld (%s) (expected 1..%u)",
  3400. line, val, pos, FST_MAX_PRIO_VALUE);
  3401. return 1;
  3402. }
  3403. conf->fst_cfg.priority = (u8) val;
  3404. } else if (os_strcmp(buf, "fst_llt") == 0) {
  3405. char *endp;
  3406. long int val;
  3407. if (!*pos) {
  3408. wpa_printf(MSG_ERROR,
  3409. "Line %d: fst_llt value not supplied (expected 1..%u)",
  3410. line, FST_MAX_LLT_MS);
  3411. return -1;
  3412. }
  3413. val = strtol(pos, &endp, 0);
  3414. if (*endp || val < 1 ||
  3415. (unsigned long int) val > FST_MAX_LLT_MS) {
  3416. wpa_printf(MSG_ERROR,
  3417. "Line %d: Invalid fst_llt %ld (%s) (expected 1..%u)",
  3418. line, val, pos, FST_MAX_LLT_MS);
  3419. return 1;
  3420. }
  3421. conf->fst_cfg.llt = (u32) val;
  3422. #endif /* CONFIG_FST */
  3423. } else if (os_strcmp(buf, "track_sta_max_num") == 0) {
  3424. conf->track_sta_max_num = atoi(pos);
  3425. } else if (os_strcmp(buf, "track_sta_max_age") == 0) {
  3426. conf->track_sta_max_age = atoi(pos);
  3427. } else if (os_strcmp(buf, "no_probe_resp_if_seen_on") == 0) {
  3428. os_free(bss->no_probe_resp_if_seen_on);
  3429. bss->no_probe_resp_if_seen_on = os_strdup(pos);
  3430. } else if (os_strcmp(buf, "no_auth_if_seen_on") == 0) {
  3431. os_free(bss->no_auth_if_seen_on);
  3432. bss->no_auth_if_seen_on = os_strdup(pos);
  3433. } else if (os_strcmp(buf, "lci") == 0) {
  3434. wpabuf_free(conf->lci);
  3435. conf->lci = wpabuf_parse_bin(pos);
  3436. if (conf->lci && wpabuf_len(conf->lci) == 0) {
  3437. wpabuf_free(conf->lci);
  3438. conf->lci = NULL;
  3439. }
  3440. } else if (os_strcmp(buf, "civic") == 0) {
  3441. wpabuf_free(conf->civic);
  3442. conf->civic = wpabuf_parse_bin(pos);
  3443. if (conf->civic && wpabuf_len(conf->civic) == 0) {
  3444. wpabuf_free(conf->civic);
  3445. conf->civic = NULL;
  3446. }
  3447. } else if (os_strcmp(buf, "rrm_neighbor_report") == 0) {
  3448. if (atoi(pos))
  3449. bss->radio_measurements[0] |=
  3450. WLAN_RRM_CAPS_NEIGHBOR_REPORT;
  3451. } else if (os_strcmp(buf, "rrm_beacon_report") == 0) {
  3452. if (atoi(pos))
  3453. bss->radio_measurements[0] |=
  3454. WLAN_RRM_CAPS_BEACON_REPORT_PASSIVE |
  3455. WLAN_RRM_CAPS_BEACON_REPORT_ACTIVE |
  3456. WLAN_RRM_CAPS_BEACON_REPORT_TABLE;
  3457. } else if (os_strcmp(buf, "gas_address3") == 0) {
  3458. bss->gas_address3 = atoi(pos);
  3459. } else if (os_strcmp(buf, "stationary_ap") == 0) {
  3460. conf->stationary_ap = atoi(pos);
  3461. } else if (os_strcmp(buf, "ftm_responder") == 0) {
  3462. bss->ftm_responder = atoi(pos);
  3463. } else if (os_strcmp(buf, "ftm_initiator") == 0) {
  3464. bss->ftm_initiator = atoi(pos);
  3465. #ifdef CONFIG_FILS
  3466. } else if (os_strcmp(buf, "fils_cache_id") == 0) {
  3467. if (hexstr2bin(pos, bss->fils_cache_id, FILS_CACHE_ID_LEN)) {
  3468. wpa_printf(MSG_ERROR,
  3469. "Line %d: Invalid fils_cache_id '%s'",
  3470. line, pos);
  3471. return 1;
  3472. }
  3473. bss->fils_cache_id_set = 1;
  3474. } else if (os_strcmp(buf, "fils_realm") == 0) {
  3475. if (parse_fils_realm(bss, pos) < 0)
  3476. return 1;
  3477. } else if (os_strcmp(buf, "fils_dh_group") == 0) {
  3478. bss->fils_dh_group = atoi(pos);
  3479. } else if (os_strcmp(buf, "dhcp_server") == 0) {
  3480. if (hostapd_parse_ip_addr(pos, &bss->dhcp_server)) {
  3481. wpa_printf(MSG_ERROR,
  3482. "Line %d: invalid IP address '%s'",
  3483. line, pos);
  3484. return 1;
  3485. }
  3486. } else if (os_strcmp(buf, "dhcp_rapid_commit_proxy") == 0) {
  3487. bss->dhcp_rapid_commit_proxy = atoi(pos);
  3488. } else if (os_strcmp(buf, "fils_hlp_wait_time") == 0) {
  3489. bss->fils_hlp_wait_time = atoi(pos);
  3490. } else if (os_strcmp(buf, "dhcp_server_port") == 0) {
  3491. bss->dhcp_server_port = atoi(pos);
  3492. } else if (os_strcmp(buf, "dhcp_relay_port") == 0) {
  3493. bss->dhcp_relay_port = atoi(pos);
  3494. #endif /* CONFIG_FILS */
  3495. } else if (os_strcmp(buf, "multicast_to_unicast") == 0) {
  3496. bss->multicast_to_unicast = atoi(pos);
  3497. } else if (os_strcmp(buf, "broadcast_deauth") == 0) {
  3498. bss->broadcast_deauth = atoi(pos);
  3499. #ifdef CONFIG_DPP
  3500. } else if (os_strcmp(buf, "dpp_connector") == 0) {
  3501. os_free(bss->dpp_connector);
  3502. bss->dpp_connector = os_strdup(pos);
  3503. } else if (os_strcmp(buf, "dpp_netaccesskey") == 0) {
  3504. if (parse_wpabuf_hex(line, buf, &bss->dpp_netaccesskey, pos))
  3505. return 1;
  3506. } else if (os_strcmp(buf, "dpp_netaccesskey_expiry") == 0) {
  3507. bss->dpp_netaccesskey_expiry = strtol(pos, NULL, 0);
  3508. } else if (os_strcmp(buf, "dpp_csign") == 0) {
  3509. if (parse_wpabuf_hex(line, buf, &bss->dpp_csign, pos))
  3510. return 1;
  3511. #endif /* CONFIG_DPP */
  3512. #ifdef CONFIG_OWE
  3513. } else if (os_strcmp(buf, "owe_transition_bssid") == 0) {
  3514. if (hwaddr_aton(pos, bss->owe_transition_bssid)) {
  3515. wpa_printf(MSG_ERROR,
  3516. "Line %d: invalid owe_transition_bssid",
  3517. line);
  3518. return 1;
  3519. }
  3520. } else if (os_strcmp(buf, "owe_transition_ssid") == 0) {
  3521. size_t slen;
  3522. char *str = wpa_config_parse_string(pos, &slen);
  3523. if (!str || slen < 1 || slen > SSID_MAX_LEN) {
  3524. wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'",
  3525. line, pos);
  3526. os_free(str);
  3527. return 1;
  3528. }
  3529. os_memcpy(bss->owe_transition_ssid, str, slen);
  3530. bss->owe_transition_ssid_len = slen;
  3531. os_free(str);
  3532. } else if (os_strcmp(buf, "owe_transition_ifname") == 0) {
  3533. os_strlcpy(bss->owe_transition_ifname, pos,
  3534. sizeof(bss->owe_transition_ifname));
  3535. } else if (os_strcmp(buf, "owe_groups") == 0) {
  3536. if (hostapd_parse_intlist(&bss->owe_groups, pos)) {
  3537. wpa_printf(MSG_ERROR,
  3538. "Line %d: Invalid owe_groups value '%s'",
  3539. line, pos);
  3540. return 1;
  3541. }
  3542. #endif /* CONFIG_OWE */
  3543. } else {
  3544. wpa_printf(MSG_ERROR,
  3545. "Line %d: unknown configuration item '%s'",
  3546. line, buf);
  3547. return 1;
  3548. }
  3549. return 0;
  3550. }
  3551. /**
  3552. * hostapd_config_read - Read and parse a configuration file
  3553. * @fname: Configuration file name (including path, if needed)
  3554. * Returns: Allocated configuration data structure
  3555. */
  3556. struct hostapd_config * hostapd_config_read(const char *fname)
  3557. {
  3558. struct hostapd_config *conf;
  3559. FILE *f;
  3560. char buf[4096], *pos;
  3561. int line = 0;
  3562. int errors = 0;
  3563. size_t i;
  3564. f = fopen(fname, "r");
  3565. if (f == NULL) {
  3566. wpa_printf(MSG_ERROR, "Could not open configuration file '%s' "
  3567. "for reading.", fname);
  3568. return NULL;
  3569. }
  3570. conf = hostapd_config_defaults();
  3571. if (conf == NULL) {
  3572. fclose(f);
  3573. return NULL;
  3574. }
  3575. /* set default driver based on configuration */
  3576. conf->driver = wpa_drivers[0];
  3577. if (conf->driver == NULL) {
  3578. wpa_printf(MSG_ERROR, "No driver wrappers registered!");
  3579. hostapd_config_free(conf);
  3580. fclose(f);
  3581. return NULL;
  3582. }
  3583. conf->last_bss = conf->bss[0];
  3584. while (fgets(buf, sizeof(buf), f)) {
  3585. struct hostapd_bss_config *bss;
  3586. bss = conf->last_bss;
  3587. line++;
  3588. if (buf[0] == '#')
  3589. continue;
  3590. pos = buf;
  3591. while (*pos != '\0') {
  3592. if (*pos == '\n') {
  3593. *pos = '\0';
  3594. break;
  3595. }
  3596. pos++;
  3597. }
  3598. if (buf[0] == '\0')
  3599. continue;
  3600. pos = os_strchr(buf, '=');
  3601. if (pos == NULL) {
  3602. wpa_printf(MSG_ERROR, "Line %d: invalid line '%s'",
  3603. line, buf);
  3604. errors++;
  3605. continue;
  3606. }
  3607. *pos = '\0';
  3608. pos++;
  3609. errors += hostapd_config_fill(conf, bss, buf, pos, line);
  3610. }
  3611. fclose(f);
  3612. for (i = 0; i < conf->num_bss; i++)
  3613. hostapd_set_security_params(conf->bss[i], 1);
  3614. if (hostapd_config_check(conf, 1))
  3615. errors++;
  3616. #ifndef WPA_IGNORE_CONFIG_ERRORS
  3617. if (errors) {
  3618. wpa_printf(MSG_ERROR, "%d errors found in configuration file "
  3619. "'%s'", errors, fname);
  3620. hostapd_config_free(conf);
  3621. conf = NULL;
  3622. }
  3623. #endif /* WPA_IGNORE_CONFIG_ERRORS */
  3624. return conf;
  3625. }
  3626. int hostapd_set_iface(struct hostapd_config *conf,
  3627. struct hostapd_bss_config *bss, const char *field,
  3628. char *value)
  3629. {
  3630. int errors;
  3631. size_t i;
  3632. errors = hostapd_config_fill(conf, bss, field, value, 0);
  3633. if (errors) {
  3634. wpa_printf(MSG_INFO, "Failed to set configuration field '%s' "
  3635. "to value '%s'", field, value);
  3636. return -1;
  3637. }
  3638. for (i = 0; i < conf->num_bss; i++)
  3639. hostapd_set_security_params(conf->bss[i], 0);
  3640. if (hostapd_config_check(conf, 0)) {
  3641. wpa_printf(MSG_ERROR, "Configuration check failed");
  3642. return -1;
  3643. }
  3644. return 0;
  3645. }