2005-06-05 20:52:14 +00:00
|
|
|
/*
|
2006-03-07 05:26:33 +00:00
|
|
|
* WPA Supplicant / Configuration parser and common functions
|
2009-03-01 22:10:07 +00:00
|
|
|
* Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
|
2005-06-05 20:52:14 +00:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
|
|
* published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* Alternatively, this software may be distributed under the terms of BSD
|
|
|
|
* license.
|
|
|
|
*
|
|
|
|
* See README and COPYING for more details.
|
|
|
|
*/
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
#include "includes.h"
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
#include "common.h"
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
#include "crypto/sha1.h"
|
|
|
|
#include "rsn_supp/wpa.h"
|
2009-03-01 22:10:07 +00:00
|
|
|
#include "eap_peer/eap.h"
|
2005-06-05 20:52:14 +00:00
|
|
|
#include "config.h"
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#if !defined(CONFIG_CTRL_IFACE) && defined(CONFIG_NO_CONFIG_WRITE)
|
|
|
|
#define NO_CONFIG_WRITE
|
|
|
|
#endif
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/*
|
|
|
|
* Structure for network configuration parsing. This data is used to implement
|
|
|
|
* a generic parser for each network block variable. The table of configuration
|
|
|
|
* variables is defined below in this file (ssid_fields[]).
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
struct parse_data {
|
2006-03-07 05:26:33 +00:00
|
|
|
/* Configuration variable name */
|
2005-06-05 20:52:14 +00:00
|
|
|
char *name;
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/* Parser function for this variable */
|
|
|
|
int (*parser)(const struct parse_data *data, struct wpa_ssid *ssid,
|
|
|
|
int line, const char *value);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
/* Writer function (i.e., to get the variable in text format from
|
|
|
|
* internal presentation). */
|
|
|
|
char * (*writer)(const struct parse_data *data, struct wpa_ssid *ssid);
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/* Variable specific parameters for the parser. */
|
|
|
|
void *param1, *param2, *param3, *param4;
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
/* 0 = this variable can be included in debug output and ctrl_iface
|
2006-03-07 05:26:33 +00:00
|
|
|
* 1 = this variable contains key/private data and it must not be
|
2007-07-11 15:48:36 +00:00
|
|
|
* included in debug output unless explicitly requested. In
|
|
|
|
* addition, this variable will not be readable through the
|
|
|
|
* ctrl_iface.
|
2006-03-07 05:26:33 +00:00
|
|
|
*/
|
|
|
|
int key_data;
|
|
|
|
};
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_parse_string(const char *value, size_t *len)
|
|
|
|
{
|
|
|
|
if (*value == '"') {
|
2009-03-01 22:10:07 +00:00
|
|
|
const char *pos;
|
|
|
|
char *str;
|
2005-06-05 20:52:14 +00:00
|
|
|
value++;
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = os_strrchr(value, '"');
|
2005-06-05 20:52:14 +00:00
|
|
|
if (pos == NULL || pos[1] != '\0')
|
|
|
|
return NULL;
|
2009-03-01 22:10:07 +00:00
|
|
|
*len = pos - value;
|
|
|
|
str = os_malloc(*len + 1);
|
|
|
|
if (str == NULL)
|
|
|
|
return NULL;
|
|
|
|
os_memcpy(str, value, *len);
|
|
|
|
str[*len] = '\0';
|
|
|
|
return str;
|
2005-06-05 20:52:14 +00:00
|
|
|
} else {
|
|
|
|
u8 *str;
|
2008-03-24 19:46:53 +00:00
|
|
|
size_t tlen, hlen = os_strlen(value);
|
2007-07-11 15:48:36 +00:00
|
|
|
if (hlen & 1)
|
2005-06-05 20:52:14 +00:00
|
|
|
return NULL;
|
2008-03-24 19:46:53 +00:00
|
|
|
tlen = hlen / 2;
|
|
|
|
str = os_malloc(tlen + 1);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (str == NULL)
|
|
|
|
return NULL;
|
2008-03-24 19:46:53 +00:00
|
|
|
if (hexstr2bin(value, str, tlen)) {
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(str);
|
2005-06-05 20:52:14 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
2008-03-24 19:46:53 +00:00
|
|
|
str[tlen] = '\0';
|
|
|
|
*len = tlen;
|
2005-06-05 20:52:14 +00:00
|
|
|
return (char *) str;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
static int wpa_config_parse_str(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid,
|
2005-06-05 20:52:14 +00:00
|
|
|
int line, const char *value)
|
|
|
|
{
|
|
|
|
size_t res_len, *dst_len;
|
2007-07-11 15:48:36 +00:00
|
|
|
char **dst, *tmp;
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
if (os_strcmp(value, "NULL") == 0) {
|
|
|
|
wpa_printf(MSG_DEBUG, "Unset configuration string '%s'",
|
|
|
|
data->name);
|
|
|
|
tmp = NULL;
|
|
|
|
res_len = 0;
|
|
|
|
goto set;
|
|
|
|
}
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
tmp = wpa_config_parse_string(value, &res_len);
|
|
|
|
if (tmp == NULL) {
|
2005-06-05 20:52:14 +00:00
|
|
|
wpa_printf(MSG_ERROR, "Line %d: failed to parse %s '%s'.",
|
2007-07-11 15:48:36 +00:00
|
|
|
line, data->name,
|
|
|
|
data->key_data ? "[KEY DATA REMOVED]" : value);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (data->key_data) {
|
|
|
|
wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
|
2007-07-11 15:48:36 +00:00
|
|
|
(u8 *) tmp, res_len);
|
2005-06-05 20:52:14 +00:00
|
|
|
} else {
|
|
|
|
wpa_hexdump_ascii(MSG_MSGDUMP, data->name,
|
2007-07-11 15:48:36 +00:00
|
|
|
(u8 *) tmp, res_len);
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (data->param3 && res_len < (size_t) data->param3) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: too short %s (len=%lu "
|
|
|
|
"min_len=%ld)", line, data->name,
|
|
|
|
(unsigned long) res_len, (long) data->param3);
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(tmp);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (data->param4 && res_len > (size_t) data->param4) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: too long %s (len=%lu "
|
|
|
|
"max_len=%ld)", line, data->name,
|
|
|
|
(unsigned long) res_len, (long) data->param4);
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(tmp);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
set:
|
2007-07-11 15:48:36 +00:00
|
|
|
dst = (char **) (((u8 *) ssid) + (long) data->param1);
|
|
|
|
dst_len = (size_t *) (((u8 *) ssid) + (long) data->param2);
|
|
|
|
os_free(*dst);
|
|
|
|
*dst = tmp;
|
|
|
|
if (data->param2)
|
|
|
|
*dst_len = res_len;
|
|
|
|
|
2005-06-05 20:52:14 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static int is_hex(const u8 *data, size_t len)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
size_t i;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
for (i = 0; i < len; i++) {
|
|
|
|
if (data[i] < 32 || data[i] >= 127)
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_string_ascii(const u8 *value, size_t len)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
char *buf;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_malloc(len + 3);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
2007-07-11 15:48:36 +00:00
|
|
|
buf[0] = '"';
|
|
|
|
os_memcpy(buf + 1, value, len);
|
|
|
|
buf[len + 1] = '"';
|
|
|
|
buf[len + 2] = '\0';
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_string_hex(const u8 *value, size_t len)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
char *buf;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_zalloc(2 * len + 1);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
2007-07-11 15:48:36 +00:00
|
|
|
wpa_snprintf_hex(buf, 2 * len + 1, value, len);
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_string(const u8 *value, size_t len)
|
|
|
|
{
|
|
|
|
if (value == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
if (is_hex(value, len))
|
|
|
|
return wpa_config_write_string_hex(value, len);
|
|
|
|
else
|
|
|
|
return wpa_config_write_string_ascii(value, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_str(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
size_t len;
|
|
|
|
char **src;
|
|
|
|
|
|
|
|
src = (char **) (((u8 *) ssid) + (long) data->param1);
|
|
|
|
if (*src == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
if (data->param2)
|
|
|
|
len = *((size_t *) (((u8 *) ssid) + (long) data->param2));
|
|
|
|
else
|
2007-07-11 15:48:36 +00:00
|
|
|
len = os_strlen(*src);
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
return wpa_config_write_string((const u8 *) *src, len);
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_int(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid,
|
2005-06-05 20:52:14 +00:00
|
|
|
int line, const char *value)
|
|
|
|
{
|
|
|
|
int *dst;
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
dst = (int *) (((u8 *) ssid) + (long) data->param1);
|
2005-06-05 20:52:14 +00:00
|
|
|
*dst = atoi(value);
|
|
|
|
wpa_printf(MSG_MSGDUMP, "%s=%d (0x%x)", data->name, *dst, *dst);
|
|
|
|
|
|
|
|
if (data->param3 && *dst < (long) data->param3) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: too small %s (value=%d "
|
|
|
|
"min_value=%ld)", line, data->name, *dst,
|
|
|
|
(long) data->param3);
|
|
|
|
*dst = (long) data->param3;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (data->param4 && *dst > (long) data->param4) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: too large %s (value=%d "
|
|
|
|
"max_value=%ld)", line, data->name, *dst,
|
|
|
|
(long) data->param4);
|
|
|
|
*dst = (long) data->param4;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_int(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
2009-03-01 22:10:07 +00:00
|
|
|
int *src, res;
|
2006-03-07 05:26:33 +00:00
|
|
|
char *value;
|
|
|
|
|
|
|
|
src = (int *) (((u8 *) ssid) + (long) data->param1);
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
value = os_malloc(20);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (value == NULL)
|
|
|
|
return NULL;
|
2009-03-01 22:10:07 +00:00
|
|
|
res = os_snprintf(value, 20, "%d", *src);
|
|
|
|
if (res < 0 || res >= 20) {
|
|
|
|
os_free(value);
|
|
|
|
return NULL;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
value[20 - 1] = '\0';
|
2006-03-07 05:26:33 +00:00
|
|
|
return value;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_bssid(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
if (hwaddr_aton(value, ssid->bssid)) {
|
2005-06-05 20:52:14 +00:00
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Invalid BSSID '%s'.",
|
|
|
|
line, value);
|
|
|
|
return -1;
|
|
|
|
}
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->bssid_set = 1;
|
|
|
|
wpa_hexdump(MSG_MSGDUMP, "BSSID", ssid->bssid, ETH_ALEN);
|
2005-06-05 20:52:14 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_bssid(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
char *value;
|
2009-03-01 22:10:07 +00:00
|
|
|
int res;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
if (!ssid->bssid_set)
|
|
|
|
return NULL;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
value = os_malloc(20);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (value == NULL)
|
|
|
|
return NULL;
|
2009-03-01 22:10:07 +00:00
|
|
|
res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->bssid));
|
|
|
|
if (res < 0 || res >= 20) {
|
|
|
|
os_free(value);
|
|
|
|
return NULL;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
value[20 - 1] = '\0';
|
2006-03-07 05:26:33 +00:00
|
|
|
return value;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_psk(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
if (*value == '"') {
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef CONFIG_NO_PBKDF2
|
2007-07-11 15:48:36 +00:00
|
|
|
const char *pos;
|
2006-03-07 05:26:33 +00:00
|
|
|
size_t len;
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
value++;
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = os_strrchr(value, '"');
|
2005-06-05 20:52:14 +00:00
|
|
|
if (pos)
|
2007-07-11 15:48:36 +00:00
|
|
|
len = pos - value;
|
|
|
|
else
|
|
|
|
len = os_strlen(value);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (len < 8 || len > 63) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Invalid passphrase "
|
2006-03-07 05:26:33 +00:00
|
|
|
"length %lu (expected: 8..63) '%s'.",
|
|
|
|
line, (unsigned long) len, value);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)",
|
|
|
|
(u8 *) value, len);
|
2007-07-11 15:48:36 +00:00
|
|
|
if (ssid->passphrase && os_strlen(ssid->passphrase) == len &&
|
|
|
|
os_memcmp(ssid->passphrase, value, len) == 0)
|
|
|
|
return 0;
|
|
|
|
ssid->psk_set = 0;
|
|
|
|
os_free(ssid->passphrase);
|
|
|
|
ssid->passphrase = os_malloc(len + 1);
|
|
|
|
if (ssid->passphrase == NULL)
|
|
|
|
return -1;
|
|
|
|
os_memcpy(ssid->passphrase, value, len);
|
|
|
|
ssid->passphrase[len] = '\0';
|
|
|
|
return 0;
|
2009-03-01 22:10:07 +00:00
|
|
|
#else /* CONFIG_NO_PBKDF2 */
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: ASCII passphrase not "
|
|
|
|
"supported.", line);
|
|
|
|
return -1;
|
|
|
|
#endif /* CONFIG_NO_PBKDF2 */
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
if (hexstr2bin(value, ssid->psk, PMK_LEN) ||
|
2005-06-05 20:52:14 +00:00
|
|
|
value[PMK_LEN * 2] != '\0') {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Invalid PSK '%s'.",
|
|
|
|
line, value);
|
|
|
|
return -1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
|
|
|
|
os_free(ssid->passphrase);
|
|
|
|
ssid->passphrase = NULL;
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->psk_set = 1;
|
|
|
|
wpa_hexdump_key(MSG_MSGDUMP, "PSK", ssid->psk, PMK_LEN);
|
2005-06-05 20:52:14 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_psk(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
if (ssid->passphrase)
|
|
|
|
return wpa_config_write_string_ascii(
|
|
|
|
(const u8 *) ssid->passphrase,
|
2007-07-11 15:48:36 +00:00
|
|
|
os_strlen(ssid->passphrase));
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
if (ssid->psk_set)
|
|
|
|
return wpa_config_write_string_hex(ssid->psk, PMK_LEN);
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_proto(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int val = 0, last, errors = 0;
|
|
|
|
char *start, *end, *buf;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_strdup(value);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return -1;
|
|
|
|
start = buf;
|
|
|
|
|
2005-06-13 16:43:14 +00:00
|
|
|
while (*start != '\0') {
|
2005-06-05 20:52:14 +00:00
|
|
|
while (*start == ' ' || *start == '\t')
|
|
|
|
start++;
|
|
|
|
if (*start == '\0')
|
|
|
|
break;
|
|
|
|
end = start;
|
|
|
|
while (*end != ' ' && *end != '\t' && *end != '\0')
|
|
|
|
end++;
|
|
|
|
last = *end == '\0';
|
|
|
|
*end = '\0';
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(start, "WPA") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_PROTO_WPA;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "RSN") == 0 ||
|
|
|
|
os_strcmp(start, "WPA2") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_PROTO_RSN;
|
|
|
|
else {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: invalid proto '%s'",
|
|
|
|
line, start);
|
|
|
|
errors++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (last)
|
|
|
|
break;
|
|
|
|
start = end + 1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
if (val == 0) {
|
|
|
|
wpa_printf(MSG_ERROR,
|
|
|
|
"Line %d: no proto values configured.", line);
|
|
|
|
errors++;
|
|
|
|
}
|
|
|
|
|
|
|
|
wpa_printf(MSG_MSGDUMP, "proto: 0x%x", val);
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->proto = val;
|
2005-06-05 20:52:14 +00:00
|
|
|
return errors ? -1 : 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_proto(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
int first = 1, ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
char *buf, *pos, *end;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = buf = os_zalloc(10);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
end = buf + 10;
|
|
|
|
|
|
|
|
if (ssid->proto & WPA_PROTO_WPA) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sWPA", first ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos)
|
|
|
|
return buf;
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
first = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->proto & WPA_PROTO_RSN) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sRSN", first ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos)
|
|
|
|
return buf;
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
first = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_key_mgmt(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int val = 0, last, errors = 0;
|
|
|
|
char *start, *end, *buf;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_strdup(value);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return -1;
|
|
|
|
start = buf;
|
|
|
|
|
2005-06-13 16:43:14 +00:00
|
|
|
while (*start != '\0') {
|
2005-06-05 20:52:14 +00:00
|
|
|
while (*start == ' ' || *start == '\t')
|
|
|
|
start++;
|
|
|
|
if (*start == '\0')
|
|
|
|
break;
|
|
|
|
end = start;
|
|
|
|
while (*end != ' ' && *end != '\t' && *end != '\0')
|
|
|
|
end++;
|
|
|
|
last = *end == '\0';
|
|
|
|
*end = '\0';
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(start, "WPA-PSK") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_KEY_MGMT_PSK;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "WPA-EAP") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_KEY_MGMT_IEEE8021X;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "IEEE8021X") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_KEY_MGMT_IEEE8021X_NO_WPA;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "NONE") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_KEY_MGMT_NONE;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "WPA-NONE") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_KEY_MGMT_WPA_NONE;
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef CONFIG_IEEE80211R
|
|
|
|
else if (os_strcmp(start, "FT-PSK") == 0)
|
|
|
|
val |= WPA_KEY_MGMT_FT_PSK;
|
|
|
|
else if (os_strcmp(start, "FT-EAP") == 0)
|
|
|
|
val |= WPA_KEY_MGMT_FT_IEEE8021X;
|
|
|
|
#endif /* CONFIG_IEEE80211R */
|
|
|
|
#ifdef CONFIG_IEEE80211W
|
|
|
|
else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
|
|
|
|
val |= WPA_KEY_MGMT_PSK_SHA256;
|
|
|
|
else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
|
|
|
|
val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
|
|
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
#ifdef CONFIG_WPS
|
|
|
|
else if (os_strcmp(start, "WPS") == 0)
|
|
|
|
val |= WPA_KEY_MGMT_WPS;
|
|
|
|
#endif /* CONFIG_WPS */
|
2005-06-05 20:52:14 +00:00
|
|
|
else {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
|
|
|
|
line, start);
|
|
|
|
errors++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (last)
|
|
|
|
break;
|
|
|
|
start = end + 1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
if (val == 0) {
|
|
|
|
wpa_printf(MSG_ERROR,
|
|
|
|
"Line %d: no key_mgmt values configured.", line);
|
|
|
|
errors++;
|
|
|
|
}
|
|
|
|
|
|
|
|
wpa_printf(MSG_MSGDUMP, "key_mgmt: 0x%x", val);
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->key_mgmt = val;
|
2005-06-05 20:52:14 +00:00
|
|
|
return errors ? -1 : 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_key_mgmt(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
char *buf, *pos, *end;
|
2007-07-11 15:48:36 +00:00
|
|
|
int ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = buf = os_zalloc(50);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
end = buf + 50;
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sWPA-PSK",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sWPA-EAP",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sIEEE8021X",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_NONE) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sNONE",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_WPA_NONE) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sWPA-NONE",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef CONFIG_IEEE80211R
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_FT_PSK)
|
|
|
|
pos += os_snprintf(pos, end - pos, "%sFT-PSK",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X)
|
|
|
|
pos += os_snprintf(pos, end - pos, "%sFT-EAP",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
#endif /* CONFIG_IEEE80211R */
|
|
|
|
|
|
|
|
#ifdef CONFIG_IEEE80211W
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
|
|
|
|
pos += os_snprintf(pos, end - pos, "%sWPA-PSK-SHA256",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256)
|
|
|
|
pos += os_snprintf(pos, end - pos, "%sWPA-EAP-SHA256",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
|
|
|
|
#ifdef CONFIG_WPS
|
|
|
|
if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
|
|
|
|
pos += os_snprintf(pos, end - pos, "%sWPS",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
#endif /* CONFIG_WPS */
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
return buf;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
2005-06-05 20:52:14 +00:00
|
|
|
static int wpa_config_parse_cipher(int line, const char *value)
|
|
|
|
{
|
|
|
|
int val = 0, last;
|
|
|
|
char *start, *end, *buf;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_strdup(value);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return -1;
|
|
|
|
start = buf;
|
|
|
|
|
2005-06-13 16:43:14 +00:00
|
|
|
while (*start != '\0') {
|
2005-06-05 20:52:14 +00:00
|
|
|
while (*start == ' ' || *start == '\t')
|
|
|
|
start++;
|
|
|
|
if (*start == '\0')
|
|
|
|
break;
|
|
|
|
end = start;
|
|
|
|
while (*end != ' ' && *end != '\t' && *end != '\0')
|
|
|
|
end++;
|
|
|
|
last = *end == '\0';
|
|
|
|
*end = '\0';
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(start, "CCMP") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_CIPHER_CCMP;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "TKIP") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_CIPHER_TKIP;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "WEP104") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_CIPHER_WEP104;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "WEP40") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_CIPHER_WEP40;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "NONE") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_CIPHER_NONE;
|
|
|
|
else {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
|
|
|
|
line, start);
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (last)
|
|
|
|
break;
|
|
|
|
start = end + 1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
if (val == 0) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
|
|
|
|
line);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return val;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_cipher(int cipher)
|
|
|
|
{
|
|
|
|
char *buf, *pos, *end;
|
2007-07-11 15:48:36 +00:00
|
|
|
int ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = buf = os_zalloc(50);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
end = buf + 50;
|
|
|
|
|
|
|
|
if (cipher & WPA_CIPHER_CCMP) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sCCMP",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (cipher & WPA_CIPHER_TKIP) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sTKIP",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (cipher & WPA_CIPHER_WEP104) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sWEP104",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (cipher & WPA_CIPHER_WEP40) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sWEP40",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (cipher & WPA_CIPHER_NONE) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sNONE",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_pairwise(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int val;
|
|
|
|
val = wpa_config_parse_cipher(line, value);
|
|
|
|
if (val == -1)
|
|
|
|
return -1;
|
|
|
|
if (val & ~(WPA_CIPHER_CCMP | WPA_CIPHER_TKIP | WPA_CIPHER_NONE)) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: not allowed pairwise cipher "
|
|
|
|
"(0x%x).", line, val);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
wpa_printf(MSG_MSGDUMP, "pairwise: 0x%x", val);
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->pairwise_cipher = val;
|
2005-06-05 20:52:14 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_pairwise(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_cipher(ssid->pairwise_cipher);
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_group(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int val;
|
|
|
|
val = wpa_config_parse_cipher(line, value);
|
|
|
|
if (val == -1)
|
|
|
|
return -1;
|
|
|
|
if (val & ~(WPA_CIPHER_CCMP | WPA_CIPHER_TKIP | WPA_CIPHER_WEP104 |
|
|
|
|
WPA_CIPHER_WEP40)) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: not allowed group cipher "
|
|
|
|
"(0x%x).", line, val);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
wpa_printf(MSG_MSGDUMP, "group: 0x%x", val);
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->group_cipher = val;
|
2005-06-05 20:52:14 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_group(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_cipher(ssid->group_cipher);
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_auth_alg(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int val = 0, last, errors = 0;
|
|
|
|
char *start, *end, *buf;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_strdup(value);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return -1;
|
|
|
|
start = buf;
|
|
|
|
|
2005-06-13 16:43:14 +00:00
|
|
|
while (*start != '\0') {
|
2005-06-05 20:52:14 +00:00
|
|
|
while (*start == ' ' || *start == '\t')
|
|
|
|
start++;
|
|
|
|
if (*start == '\0')
|
|
|
|
break;
|
|
|
|
end = start;
|
|
|
|
while (*end != ' ' && *end != '\t' && *end != '\0')
|
|
|
|
end++;
|
|
|
|
last = *end == '\0';
|
|
|
|
*end = '\0';
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(start, "OPEN") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_AUTH_ALG_OPEN;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "SHARED") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_AUTH_ALG_SHARED;
|
2007-07-11 15:48:36 +00:00
|
|
|
else if (os_strcmp(start, "LEAP") == 0)
|
2005-06-05 20:52:14 +00:00
|
|
|
val |= WPA_AUTH_ALG_LEAP;
|
|
|
|
else {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: invalid auth_alg '%s'",
|
|
|
|
line, start);
|
|
|
|
errors++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (last)
|
|
|
|
break;
|
|
|
|
start = end + 1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
if (val == 0) {
|
|
|
|
wpa_printf(MSG_ERROR,
|
|
|
|
"Line %d: no auth_alg values configured.", line);
|
|
|
|
errors++;
|
|
|
|
}
|
|
|
|
|
|
|
|
wpa_printf(MSG_MSGDUMP, "auth_alg: 0x%x", val);
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->auth_alg = val;
|
2005-06-05 20:52:14 +00:00
|
|
|
return errors ? -1 : 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_auth_alg(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
char *buf, *pos, *end;
|
2007-07-11 15:48:36 +00:00
|
|
|
int ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = buf = os_zalloc(30);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
end = buf + 30;
|
|
|
|
|
|
|
|
if (ssid->auth_alg & WPA_AUTH_ALG_OPEN) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sOPEN",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->auth_alg & WPA_AUTH_ALG_SHARED) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sSHARED",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid->auth_alg & WPA_AUTH_ALG_LEAP) {
|
2007-07-11 15:48:36 +00:00
|
|
|
ret = os_snprintf(pos, end - pos, "%sLEAP",
|
|
|
|
pos == buf ? "" : " ");
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
static int * wpa_config_parse_freqs(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int *freqs;
|
|
|
|
size_t used, len;
|
|
|
|
const char *pos;
|
|
|
|
|
|
|
|
used = 0;
|
|
|
|
len = 10;
|
|
|
|
freqs = os_zalloc((len + 1) * sizeof(int));
|
|
|
|
if (freqs == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
pos = value;
|
|
|
|
while (pos) {
|
|
|
|
while (*pos == ' ')
|
|
|
|
pos++;
|
|
|
|
if (used == len) {
|
|
|
|
int *n;
|
|
|
|
size_t i;
|
|
|
|
n = os_realloc(freqs, (len * 2 + 1) * sizeof(int));
|
|
|
|
if (n == NULL) {
|
|
|
|
os_free(freqs);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
for (i = len; i <= len * 2; i++)
|
|
|
|
n[i] = 0;
|
|
|
|
freqs = n;
|
|
|
|
len *= 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
freqs[used] = atoi(pos);
|
|
|
|
if (freqs[used] == 0)
|
|
|
|
break;
|
|
|
|
used++;
|
|
|
|
pos = os_strchr(pos + 1, ' ');
|
|
|
|
}
|
|
|
|
|
|
|
|
return freqs;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_scan_freq(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int *freqs;
|
|
|
|
|
|
|
|
freqs = wpa_config_parse_freqs(data, ssid, line, value);
|
|
|
|
if (freqs == NULL)
|
|
|
|
return -1;
|
|
|
|
os_free(ssid->scan_freq);
|
|
|
|
ssid->scan_freq = freqs;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_freq_list(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int *freqs;
|
|
|
|
|
|
|
|
freqs = wpa_config_parse_freqs(data, ssid, line, value);
|
|
|
|
if (freqs == NULL)
|
|
|
|
return -1;
|
|
|
|
os_free(ssid->freq_list);
|
|
|
|
ssid->freq_list = freqs;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
#ifndef NO_CONFIG_WRITE
|
|
|
|
static char * wpa_config_write_freqs(const struct parse_data *data,
|
|
|
|
const int *freqs)
|
|
|
|
{
|
|
|
|
char *buf, *pos, *end;
|
|
|
|
int i, ret;
|
|
|
|
size_t count;
|
|
|
|
|
|
|
|
if (freqs == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
count = 0;
|
|
|
|
for (i = 0; freqs[i]; i++)
|
|
|
|
count++;
|
|
|
|
|
|
|
|
pos = buf = os_zalloc(10 * count + 1);
|
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
end = buf + 10 * count + 1;
|
|
|
|
|
|
|
|
for (i = 0; freqs[i]; i++) {
|
|
|
|
ret = os_snprintf(pos, end - pos, "%s%u",
|
|
|
|
i == 0 ? "" : " ", freqs[i]);
|
|
|
|
if (ret < 0 || ret >= end - pos) {
|
|
|
|
end[-1] = '\0';
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
pos += ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_scan_freq(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_freqs(data, ssid->scan_freq);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_freq_list(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_freqs(data, ssid->freq_list);
|
|
|
|
}
|
|
|
|
#endif /* NO_CONFIG_WRITE */
|
|
|
|
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
#ifdef IEEE8021X_EAPOL
|
2006-03-07 05:26:33 +00:00
|
|
|
static int wpa_config_parse_eap(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
int last, errors = 0;
|
|
|
|
char *start, *end, *buf;
|
2007-07-11 15:48:36 +00:00
|
|
|
struct eap_method_type *methods = NULL, *tmp;
|
2005-06-05 20:52:14 +00:00
|
|
|
size_t num_methods = 0;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
buf = os_strdup(value);
|
2005-06-05 20:52:14 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return -1;
|
|
|
|
start = buf;
|
|
|
|
|
2005-06-13 16:43:14 +00:00
|
|
|
while (*start != '\0') {
|
2005-06-05 20:52:14 +00:00
|
|
|
while (*start == ' ' || *start == '\t')
|
|
|
|
start++;
|
|
|
|
if (*start == '\0')
|
|
|
|
break;
|
|
|
|
end = start;
|
|
|
|
while (*end != ' ' && *end != '\t' && *end != '\0')
|
|
|
|
end++;
|
|
|
|
last = *end == '\0';
|
|
|
|
*end = '\0';
|
|
|
|
tmp = methods;
|
2007-07-11 15:48:36 +00:00
|
|
|
methods = os_realloc(methods,
|
|
|
|
(num_methods + 1) * sizeof(*methods));
|
2005-06-05 20:52:14 +00:00
|
|
|
if (methods == NULL) {
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(tmp);
|
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
methods[num_methods].method = eap_peer_get_type(
|
2007-07-11 15:48:36 +00:00
|
|
|
start, &methods[num_methods].vendor);
|
|
|
|
if (methods[num_methods].vendor == EAP_VENDOR_IETF &&
|
|
|
|
methods[num_methods].method == EAP_TYPE_NONE) {
|
2005-06-05 20:52:14 +00:00
|
|
|
wpa_printf(MSG_ERROR, "Line %d: unknown EAP method "
|
|
|
|
"'%s'", line, start);
|
|
|
|
wpa_printf(MSG_ERROR, "You may need to add support for"
|
|
|
|
" this EAP method during wpa_supplicant\n"
|
|
|
|
"build time configuration.\n"
|
|
|
|
"See README for more information.");
|
|
|
|
errors++;
|
2007-07-11 15:48:36 +00:00
|
|
|
} else if (methods[num_methods].vendor == EAP_VENDOR_IETF &&
|
|
|
|
methods[num_methods].method == EAP_TYPE_LEAP)
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->leap++;
|
2005-06-05 20:52:14 +00:00
|
|
|
else
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->non_leap++;
|
2005-06-05 20:52:14 +00:00
|
|
|
num_methods++;
|
|
|
|
if (last)
|
|
|
|
break;
|
|
|
|
start = end + 1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
tmp = methods;
|
2007-07-11 15:48:36 +00:00
|
|
|
methods = os_realloc(methods, (num_methods + 1) * sizeof(*methods));
|
2005-06-05 20:52:14 +00:00
|
|
|
if (methods == NULL) {
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(tmp);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
methods[num_methods].vendor = EAP_VENDOR_IETF;
|
|
|
|
methods[num_methods].method = EAP_TYPE_NONE;
|
2005-06-05 20:52:14 +00:00
|
|
|
num_methods++;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
wpa_hexdump(MSG_MSGDUMP, "eap methods",
|
|
|
|
(u8 *) methods, num_methods * sizeof(*methods));
|
2009-03-01 22:10:07 +00:00
|
|
|
ssid->eap.eap_methods = methods;
|
2005-06-05 20:52:14 +00:00
|
|
|
return errors ? -1 : 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_eap(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
int i, ret;
|
2006-03-07 05:26:33 +00:00
|
|
|
char *buf, *pos, *end;
|
2009-03-01 22:10:07 +00:00
|
|
|
const struct eap_method_type *eap_methods = ssid->eap.eap_methods;
|
2006-03-07 05:26:33 +00:00
|
|
|
const char *name;
|
|
|
|
|
|
|
|
if (eap_methods == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
pos = buf = os_zalloc(100);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
end = buf + 100;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
for (i = 0; eap_methods[i].vendor != EAP_VENDOR_IETF ||
|
|
|
|
eap_methods[i].method != EAP_TYPE_NONE; i++) {
|
|
|
|
name = eap_get_name(eap_methods[i].vendor,
|
|
|
|
eap_methods[i].method);
|
|
|
|
if (name) {
|
|
|
|
ret = os_snprintf(pos, end - pos, "%s%s",
|
|
|
|
pos == buf ? "" : " ", name);
|
|
|
|
if (ret < 0 || ret >= end - pos)
|
|
|
|
break;
|
|
|
|
pos += ret;
|
|
|
|
}
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
end[-1] = '\0';
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
return buf;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
static int wpa_config_parse_password(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
|
|
|
const char *value)
|
|
|
|
{
|
|
|
|
u8 *hash;
|
|
|
|
|
|
|
|
if (os_strcmp(value, "NULL") == 0) {
|
|
|
|
wpa_printf(MSG_DEBUG, "Unset configuration string 'password'");
|
|
|
|
os_free(ssid->eap.password);
|
|
|
|
ssid->eap.password = NULL;
|
|
|
|
ssid->eap.password_len = 0;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (os_strncmp(value, "hash:", 5) != 0) {
|
|
|
|
char *tmp;
|
|
|
|
size_t res_len;
|
|
|
|
|
|
|
|
tmp = wpa_config_parse_string(value, &res_len);
|
|
|
|
if (tmp == NULL) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: failed to parse "
|
|
|
|
"password.", line);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
|
|
|
|
(u8 *) tmp, res_len);
|
|
|
|
|
|
|
|
os_free(ssid->eap.password);
|
|
|
|
ssid->eap.password = (u8 *) tmp;
|
|
|
|
ssid->eap.password_len = res_len;
|
|
|
|
ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* NtPasswordHash: hash:<32 hex digits> */
|
|
|
|
if (os_strlen(value + 5) != 2 * 16) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Invalid password hash length "
|
|
|
|
"(expected 32 hex digits)", line);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
hash = os_malloc(16);
|
|
|
|
if (hash == NULL)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
if (hexstr2bin(value + 5, hash, 16)) {
|
|
|
|
os_free(hash);
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Invalid password hash", line);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
wpa_hexdump_key(MSG_MSGDUMP, data->name, hash, 16);
|
|
|
|
|
|
|
|
os_free(ssid->eap.password);
|
|
|
|
ssid->eap.password = hash;
|
|
|
|
ssid->eap.password_len = 16;
|
|
|
|
ssid->eap.flags |= EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_password(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
char *buf;
|
|
|
|
|
|
|
|
if (ssid->eap.password == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
if (!(ssid->eap.flags & EAP_CONFIG_FLAGS_PASSWORD_NTHASH)) {
|
|
|
|
return wpa_config_write_string(
|
|
|
|
ssid->eap.password, ssid->eap.password_len);
|
|
|
|
}
|
|
|
|
|
|
|
|
buf = os_malloc(5 + 32 + 1);
|
|
|
|
if (buf == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
os_memcpy(buf, "hash:", 5);
|
|
|
|
wpa_snprintf_hex(buf + 5, 32 + 1, ssid->eap.password, 16);
|
|
|
|
|
|
|
|
return buf;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
#endif /* IEEE8021X_EAPOL */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
2005-06-05 20:52:14 +00:00
|
|
|
static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line,
|
|
|
|
const char *value, int idx)
|
|
|
|
{
|
|
|
|
char *buf, title[20];
|
2009-03-01 22:10:07 +00:00
|
|
|
int res;
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
buf = wpa_config_parse_string(value, len);
|
|
|
|
if (buf == NULL) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Invalid WEP key %d '%s'.",
|
|
|
|
line, idx, value);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if (*len > MAX_WEP_KEY_LEN) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: Too long WEP key %d '%s'.",
|
|
|
|
line, idx, value);
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(buf);
|
2005-06-05 20:52:14 +00:00
|
|
|
return -1;
|
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
os_memcpy(key, buf, *len);
|
|
|
|
os_free(buf);
|
2009-03-01 22:10:07 +00:00
|
|
|
res = os_snprintf(title, sizeof(title), "wep_key%d", idx);
|
|
|
|
if (res >= 0 && (size_t) res < sizeof(title))
|
|
|
|
wpa_hexdump_key(MSG_MSGDUMP, title, key, *len);
|
2005-06-05 20:52:14 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
static int wpa_config_parse_wep_key0(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
return wpa_config_parse_wep_key(ssid->wep_key[0],
|
|
|
|
&ssid->wep_key_len[0], line,
|
2005-06-05 20:52:14 +00:00
|
|
|
value, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
static int wpa_config_parse_wep_key1(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
return wpa_config_parse_wep_key(ssid->wep_key[1],
|
|
|
|
&ssid->wep_key_len[1], line,
|
2005-06-05 20:52:14 +00:00
|
|
|
value, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
static int wpa_config_parse_wep_key2(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
return wpa_config_parse_wep_key(ssid->wep_key[2],
|
|
|
|
&ssid->wep_key_len[2], line,
|
2005-06-05 20:52:14 +00:00
|
|
|
value, 2);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
static int wpa_config_parse_wep_key3(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid, int line,
|
2005-06-05 20:52:14 +00:00
|
|
|
const char *value)
|
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
return wpa_config_parse_wep_key(ssid->wep_key[3],
|
|
|
|
&ssid->wep_key_len[3], line,
|
2005-06-05 20:52:14 +00:00
|
|
|
value, 3);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
static char * wpa_config_write_wep_key(struct wpa_ssid *ssid, int idx)
|
|
|
|
{
|
|
|
|
if (ssid->wep_key_len[idx] == 0)
|
|
|
|
return NULL;
|
|
|
|
return wpa_config_write_string(ssid->wep_key[idx],
|
|
|
|
ssid->wep_key_len[idx]);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_wep_key0(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_wep_key(ssid, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_wep_key1(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_wep_key(ssid, 1);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_wep_key2(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_wep_key(ssid, 2);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static char * wpa_config_write_wep_key3(const struct parse_data *data,
|
|
|
|
struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
return wpa_config_write_wep_key(ssid, 3);
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
/* Helper macros for network block parser */
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
#ifdef OFFSET
|
|
|
|
#undef OFFSET
|
|
|
|
#endif /* OFFSET */
|
2006-03-07 05:26:33 +00:00
|
|
|
/* OFFSET: Get offset of a variable within the wpa_ssid structure */
|
2005-06-05 20:52:14 +00:00
|
|
|
#define OFFSET(v) ((void *) &((struct wpa_ssid *) 0)->v)
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
/* STR: Define a string variable for an ASCII string; f = field name */
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef NO_CONFIG_WRITE
|
|
|
|
#define _STR(f) #f, wpa_config_parse_str, OFFSET(f)
|
|
|
|
#define _STRe(f) #f, wpa_config_parse_str, OFFSET(eap.f)
|
|
|
|
#else /* NO_CONFIG_WRITE */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define _STR(f) #f, wpa_config_parse_str, wpa_config_write_str, OFFSET(f)
|
2009-03-01 22:10:07 +00:00
|
|
|
#define _STRe(f) #f, wpa_config_parse_str, wpa_config_write_str, OFFSET(eap.f)
|
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define STR(f) _STR(f), NULL, NULL, NULL, 0
|
2009-03-01 22:10:07 +00:00
|
|
|
#define STRe(f) _STRe(f), NULL, NULL, NULL, 0
|
2007-07-11 15:48:36 +00:00
|
|
|
#define STR_KEY(f) _STR(f), NULL, NULL, NULL, 1
|
2009-03-01 22:10:07 +00:00
|
|
|
#define STR_KEYe(f) _STRe(f), NULL, NULL, NULL, 1
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
/* STR_LEN: Define a string variable with a separate variable for storing the
|
|
|
|
* data length. Unlike STR(), this can be used to store arbitrary binary data
|
|
|
|
* (i.e., even nul termination character). */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define _STR_LEN(f) _STR(f), OFFSET(f ## _len)
|
2009-03-01 22:10:07 +00:00
|
|
|
#define _STR_LENe(f) _STRe(f), OFFSET(eap.f ## _len)
|
2007-07-11 15:48:36 +00:00
|
|
|
#define STR_LEN(f) _STR_LEN(f), NULL, NULL, 0
|
2009-03-01 22:10:07 +00:00
|
|
|
#define STR_LENe(f) _STR_LENe(f), NULL, NULL, 0
|
2007-07-11 15:48:36 +00:00
|
|
|
#define STR_LEN_KEY(f) _STR_LEN(f), NULL, NULL, 1
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
/* STR_RANGE: Like STR_LEN(), but with minimum and maximum allowed length
|
|
|
|
* explicitly specified. */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define _STR_RANGE(f, min, max) _STR_LEN(f), (void *) (min), (void *) (max)
|
|
|
|
#define STR_RANGE(f, min, max) _STR_RANGE(f, min, max), 0
|
|
|
|
#define STR_RANGE_KEY(f, min, max) _STR_RANGE(f, min, max), 1
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef NO_CONFIG_WRITE
|
|
|
|
#define _INT(f) #f, wpa_config_parse_int, OFFSET(f), (void *) 0
|
|
|
|
#define _INTe(f) #f, wpa_config_parse_int, OFFSET(eap.f), (void *) 0
|
|
|
|
#else /* NO_CONFIG_WRITE */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define _INT(f) #f, wpa_config_parse_int, wpa_config_write_int, \
|
|
|
|
OFFSET(f), (void *) 0
|
2009-03-01 22:10:07 +00:00
|
|
|
#define _INTe(f) #f, wpa_config_parse_int, wpa_config_write_int, \
|
|
|
|
OFFSET(eap.f), (void *) 0
|
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
/* INT: Define an integer variable */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define INT(f) _INT(f), NULL, NULL, 0
|
2009-03-01 22:10:07 +00:00
|
|
|
#define INTe(f) _INTe(f), NULL, NULL, 0
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
/* INT_RANGE: Define an integer variable with allowed value range */
|
|
|
|
#define INT_RANGE(f, min, max) _INT(f), (void *) (min), (void *) (max), 0
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/* FUNC: Define a configuration variable that uses a custom function for
|
|
|
|
* parsing and writing the value. */
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef NO_CONFIG_WRITE
|
|
|
|
#define _FUNC(f) #f, wpa_config_parse_ ## f, NULL, NULL, NULL, NULL
|
|
|
|
#else /* NO_CONFIG_WRITE */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define _FUNC(f) #f, wpa_config_parse_ ## f, wpa_config_write_ ## f, \
|
|
|
|
NULL, NULL, NULL, NULL
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2007-07-11 15:48:36 +00:00
|
|
|
#define FUNC(f) _FUNC(f), 0
|
|
|
|
#define FUNC_KEY(f) _FUNC(f), 1
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Table of network configuration variables. This table is used to parse each
|
|
|
|
* network configuration variable, e.g., each line in wpa_supplicant.conf file
|
2007-07-11 15:48:36 +00:00
|
|
|
* that is inside a network block.
|
2006-03-07 05:26:33 +00:00
|
|
|
*
|
|
|
|
* This table is generated using the helper macros defined above and with
|
|
|
|
* generous help from the C pre-processor. The field name is stored as a string
|
|
|
|
* into .name and for STR and INT types, the offset of the target buffer within
|
|
|
|
* struct wpa_ssid is stored in .param1. .param2 (if not NULL) is similar
|
|
|
|
* offset to the field containing the length of the configuration variable.
|
|
|
|
* .param3 and .param4 can be used to mark the allowed range (length for STR
|
|
|
|
* and value for INT).
|
|
|
|
*
|
|
|
|
* For each configuration line in wpa_supplicant.conf, the parser goes through
|
|
|
|
* this table and select the entry that matches with the field name. The parser
|
|
|
|
* function (.parser) is then called to parse the actual value of the field.
|
|
|
|
*
|
|
|
|
* This kind of mechanism makes it easy to add new configuration parameters,
|
2007-07-11 15:48:36 +00:00
|
|
|
* since only one line needs to be added into this table and into the
|
|
|
|
* struct wpa_ssid definition if the new variable is either a string or
|
|
|
|
* integer. More complex types will need to use their own parser and writer
|
|
|
|
* functions.
|
2006-03-07 05:26:33 +00:00
|
|
|
*/
|
|
|
|
static const struct parse_data ssid_fields[] = {
|
2005-06-05 20:52:14 +00:00
|
|
|
{ STR_RANGE(ssid, 0, MAX_SSID_LEN) },
|
|
|
|
{ INT_RANGE(scan_ssid, 0, 1) },
|
|
|
|
{ FUNC(bssid) },
|
2007-07-11 15:48:36 +00:00
|
|
|
{ FUNC_KEY(psk) },
|
2005-06-05 20:52:14 +00:00
|
|
|
{ FUNC(proto) },
|
|
|
|
{ FUNC(key_mgmt) },
|
|
|
|
{ FUNC(pairwise) },
|
|
|
|
{ FUNC(group) },
|
|
|
|
{ FUNC(auth_alg) },
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
{ FUNC(scan_freq) },
|
|
|
|
{ FUNC(freq_list) },
|
2007-07-11 15:48:36 +00:00
|
|
|
#ifdef IEEE8021X_EAPOL
|
2005-06-05 20:52:14 +00:00
|
|
|
{ FUNC(eap) },
|
2009-03-01 22:10:07 +00:00
|
|
|
{ STR_LENe(identity) },
|
|
|
|
{ STR_LENe(anonymous_identity) },
|
|
|
|
{ FUNC_KEY(password) },
|
|
|
|
{ STRe(ca_cert) },
|
|
|
|
{ STRe(ca_path) },
|
|
|
|
{ STRe(client_cert) },
|
|
|
|
{ STRe(private_key) },
|
|
|
|
{ STR_KEYe(private_key_passwd) },
|
|
|
|
{ STRe(dh_file) },
|
|
|
|
{ STRe(subject_match) },
|
|
|
|
{ STRe(altsubject_match) },
|
|
|
|
{ STRe(ca_cert2) },
|
|
|
|
{ STRe(ca_path2) },
|
|
|
|
{ STRe(client_cert2) },
|
|
|
|
{ STRe(private_key2) },
|
|
|
|
{ STR_KEYe(private_key2_passwd) },
|
|
|
|
{ STRe(dh_file2) },
|
|
|
|
{ STRe(subject_match2) },
|
|
|
|
{ STRe(altsubject_match2) },
|
|
|
|
{ STRe(phase1) },
|
|
|
|
{ STRe(phase2) },
|
|
|
|
{ STRe(pcsc) },
|
|
|
|
{ STR_KEYe(pin) },
|
|
|
|
{ STRe(engine_id) },
|
|
|
|
{ STRe(key_id) },
|
|
|
|
{ STRe(cert_id) },
|
|
|
|
{ STRe(ca_cert_id) },
|
|
|
|
{ STR_KEYe(pin2) },
|
|
|
|
{ STRe(engine2_id) },
|
|
|
|
{ STRe(key2_id) },
|
|
|
|
{ STRe(cert2_id) },
|
|
|
|
{ STRe(ca_cert2_id) },
|
|
|
|
{ INTe(engine) },
|
|
|
|
{ INTe(engine2) },
|
2005-06-05 20:52:14 +00:00
|
|
|
{ INT(eapol_flags) },
|
2007-07-11 15:48:36 +00:00
|
|
|
#endif /* IEEE8021X_EAPOL */
|
|
|
|
{ FUNC_KEY(wep_key0) },
|
|
|
|
{ FUNC_KEY(wep_key1) },
|
|
|
|
{ FUNC_KEY(wep_key2) },
|
|
|
|
{ FUNC_KEY(wep_key3) },
|
2005-06-05 20:52:14 +00:00
|
|
|
{ INT(wep_tx_keyidx) },
|
|
|
|
{ INT(priority) },
|
2007-07-11 15:48:36 +00:00
|
|
|
#ifdef IEEE8021X_EAPOL
|
2005-06-05 20:52:14 +00:00
|
|
|
{ INT(eap_workaround) },
|
2009-03-01 22:10:07 +00:00
|
|
|
{ STRe(pac_file) },
|
|
|
|
{ INTe(fragment_size) },
|
2007-07-11 15:48:36 +00:00
|
|
|
#endif /* IEEE8021X_EAPOL */
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
{ INT_RANGE(mode, 0, 2) },
|
2006-03-07 05:26:33 +00:00
|
|
|
{ INT_RANGE(proactive_key_caching, 0, 1) },
|
|
|
|
{ INT_RANGE(disabled, 0, 1) },
|
2007-07-11 15:48:36 +00:00
|
|
|
{ STR(id_str) },
|
|
|
|
#ifdef CONFIG_IEEE80211W
|
|
|
|
{ INT_RANGE(ieee80211w, 0, 2) },
|
|
|
|
#endif /* CONFIG_IEEE80211W */
|
|
|
|
{ INT_RANGE(peerkey, 0, 1) },
|
2008-03-24 19:46:53 +00:00
|
|
|
{ INT_RANGE(mixed_cell, 0, 1) },
|
2009-03-01 22:10:07 +00:00
|
|
|
{ INT_RANGE(frequency, 0, 10000) },
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
{ INT(wpa_ptk_rekey) },
|
|
|
|
{ STR(bgscan) },
|
2005-06-05 20:52:14 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
#undef OFFSET
|
2007-07-11 15:48:36 +00:00
|
|
|
#undef _STR
|
2005-06-05 20:52:14 +00:00
|
|
|
#undef STR
|
2007-07-11 15:48:36 +00:00
|
|
|
#undef STR_KEY
|
|
|
|
#undef _STR_LEN
|
2005-06-05 20:52:14 +00:00
|
|
|
#undef STR_LEN
|
2007-07-11 15:48:36 +00:00
|
|
|
#undef STR_LEN_KEY
|
|
|
|
#undef _STR_RANGE
|
2005-06-05 20:52:14 +00:00
|
|
|
#undef STR_RANGE
|
2007-07-11 15:48:36 +00:00
|
|
|
#undef STR_RANGE_KEY
|
|
|
|
#undef _INT
|
2005-06-05 20:52:14 +00:00
|
|
|
#undef INT
|
|
|
|
#undef INT_RANGE
|
2007-07-11 15:48:36 +00:00
|
|
|
#undef _FUNC
|
2005-06-05 20:52:14 +00:00
|
|
|
#undef FUNC
|
2007-07-11 15:48:36 +00:00
|
|
|
#undef FUNC_KEY
|
2005-06-05 20:52:14 +00:00
|
|
|
#define NUM_SSID_FIELDS (sizeof(ssid_fields) / sizeof(ssid_fields[0]))
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_add_prio_network - Add a network to priority lists
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
2007-07-11 15:48:36 +00:00
|
|
|
* @ssid: Pointer to the network configuration to be added to the list
|
2006-03-07 05:26:33 +00:00
|
|
|
* Returns: 0 on success, -1 on failure
|
|
|
|
*
|
|
|
|
* This function is used to add a network block to the priority list of
|
|
|
|
* networks. This must be called for each network when reading in the full
|
|
|
|
* configuration. In addition, this can be used indirectly when updating
|
|
|
|
* priorities by calling wpa_config_update_prio_list().
|
|
|
|
*/
|
|
|
|
int wpa_config_add_prio_network(struct wpa_config *config,
|
|
|
|
struct wpa_ssid *ssid)
|
2005-06-05 20:52:14 +00:00
|
|
|
{
|
|
|
|
int prio;
|
|
|
|
struct wpa_ssid *prev, **nlist;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
/*
|
|
|
|
* Add to an existing priority list if one is available for the
|
|
|
|
* configured priority level for this network.
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
for (prio = 0; prio < config->num_prio; prio++) {
|
|
|
|
prev = config->pssid[prio];
|
|
|
|
if (prev->priority == ssid->priority) {
|
|
|
|
while (prev->pnext)
|
|
|
|
prev = prev->pnext;
|
|
|
|
prev->pnext = ssid;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
/* First network for this priority - add a new priority list */
|
|
|
|
nlist = os_realloc(config->pssid,
|
|
|
|
(config->num_prio + 1) * sizeof(struct wpa_ssid *));
|
2005-06-05 20:52:14 +00:00
|
|
|
if (nlist == NULL)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
for (prio = 0; prio < config->num_prio; prio++) {
|
|
|
|
if (nlist[prio]->priority < ssid->priority)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
os_memmove(&nlist[prio + 1], &nlist[prio],
|
|
|
|
(config->num_prio - prio) * sizeof(struct wpa_ssid *));
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
nlist[prio] = ssid;
|
|
|
|
config->num_prio++;
|
|
|
|
config->pssid = nlist;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_update_prio_list - Update network priority list
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* Returns: 0 on success, -1 on failure
|
|
|
|
*
|
|
|
|
* This function is called to update the priority list of networks in the
|
|
|
|
* configuration when a network is being added or removed. This is also called
|
|
|
|
* if a priority for a network is changed.
|
|
|
|
*/
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
int wpa_config_update_prio_list(struct wpa_config *config)
|
2005-06-05 20:52:14 +00:00
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
struct wpa_ssid *ssid;
|
|
|
|
int ret = 0;
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(config->pssid);
|
2006-03-07 05:26:33 +00:00
|
|
|
config->pssid = NULL;
|
|
|
|
config->num_prio = 0;
|
2005-06-05 20:52:14 +00:00
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid = config->ssid;
|
|
|
|
while (ssid) {
|
|
|
|
ssid->pnext = NULL;
|
|
|
|
if (wpa_config_add_prio_network(config, ssid) < 0)
|
|
|
|
ret = -1;
|
|
|
|
ssid = ssid->next;
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
return ret;
|
|
|
|
}
|
2005-06-05 20:52:14 +00:00
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifdef IEEE8021X_EAPOL
|
|
|
|
static void eap_peer_config_free(struct eap_peer_config *eap)
|
|
|
|
{
|
|
|
|
os_free(eap->eap_methods);
|
|
|
|
os_free(eap->identity);
|
|
|
|
os_free(eap->anonymous_identity);
|
|
|
|
os_free(eap->password);
|
|
|
|
os_free(eap->ca_cert);
|
|
|
|
os_free(eap->ca_path);
|
|
|
|
os_free(eap->client_cert);
|
|
|
|
os_free(eap->private_key);
|
|
|
|
os_free(eap->private_key_passwd);
|
|
|
|
os_free(eap->dh_file);
|
|
|
|
os_free(eap->subject_match);
|
|
|
|
os_free(eap->altsubject_match);
|
|
|
|
os_free(eap->ca_cert2);
|
|
|
|
os_free(eap->ca_path2);
|
|
|
|
os_free(eap->client_cert2);
|
|
|
|
os_free(eap->private_key2);
|
|
|
|
os_free(eap->private_key2_passwd);
|
|
|
|
os_free(eap->dh_file2);
|
|
|
|
os_free(eap->subject_match2);
|
|
|
|
os_free(eap->altsubject_match2);
|
|
|
|
os_free(eap->phase1);
|
|
|
|
os_free(eap->phase2);
|
|
|
|
os_free(eap->pcsc);
|
|
|
|
os_free(eap->pin);
|
|
|
|
os_free(eap->engine_id);
|
|
|
|
os_free(eap->key_id);
|
|
|
|
os_free(eap->cert_id);
|
|
|
|
os_free(eap->ca_cert_id);
|
|
|
|
os_free(eap->key2_id);
|
|
|
|
os_free(eap->cert2_id);
|
|
|
|
os_free(eap->ca_cert2_id);
|
|
|
|
os_free(eap->pin2);
|
|
|
|
os_free(eap->engine2_id);
|
|
|
|
os_free(eap->otp);
|
|
|
|
os_free(eap->pending_req_otp);
|
|
|
|
os_free(eap->pac_file);
|
|
|
|
os_free(eap->new_password);
|
|
|
|
}
|
|
|
|
#endif /* IEEE8021X_EAPOL */
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_free_ssid - Free network/ssid configuration data
|
|
|
|
* @ssid: Configuration data for the network
|
|
|
|
*
|
2007-07-11 15:48:36 +00:00
|
|
|
* This function frees all resources allocated for the network configuration
|
2006-03-07 05:26:33 +00:00
|
|
|
* data.
|
|
|
|
*/
|
|
|
|
void wpa_config_free_ssid(struct wpa_ssid *ssid)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(ssid->ssid);
|
|
|
|
os_free(ssid->passphrase);
|
|
|
|
#ifdef IEEE8021X_EAPOL
|
2009-03-01 22:10:07 +00:00
|
|
|
eap_peer_config_free(&ssid->eap);
|
2007-07-11 15:48:36 +00:00
|
|
|
#endif /* IEEE8021X_EAPOL */
|
|
|
|
os_free(ssid->id_str);
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
os_free(ssid->scan_freq);
|
|
|
|
os_free(ssid->freq_list);
|
|
|
|
os_free(ssid->bgscan);
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(ssid);
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_free - Free configuration data
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
*
|
|
|
|
* This function frees all resources allocated for the configuration data by
|
|
|
|
* wpa_config_read().
|
|
|
|
*/
|
2005-06-05 20:52:14 +00:00
|
|
|
void wpa_config_free(struct wpa_config *config)
|
|
|
|
{
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef CONFIG_NO_CONFIG_BLOBS
|
2006-03-07 05:26:33 +00:00
|
|
|
struct wpa_config_blob *blob, *prevblob;
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* CONFIG_NO_CONFIG_BLOBS */
|
2005-06-05 20:52:14 +00:00
|
|
|
struct wpa_ssid *ssid, *prev = NULL;
|
|
|
|
ssid = config->ssid;
|
|
|
|
while (ssid) {
|
|
|
|
prev = ssid;
|
|
|
|
ssid = ssid->next;
|
2006-03-07 05:26:33 +00:00
|
|
|
wpa_config_free_ssid(prev);
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef CONFIG_NO_CONFIG_BLOBS
|
2006-03-07 05:26:33 +00:00
|
|
|
blob = config->blobs;
|
|
|
|
prevblob = NULL;
|
|
|
|
while (blob) {
|
|
|
|
prevblob = blob;
|
|
|
|
blob = blob->next;
|
|
|
|
wpa_config_free_blob(prevblob);
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* CONFIG_NO_CONFIG_BLOBS */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(config->ctrl_interface);
|
|
|
|
os_free(config->ctrl_interface_group);
|
|
|
|
os_free(config->opensc_engine_path);
|
|
|
|
os_free(config->pkcs11_engine_path);
|
|
|
|
os_free(config->pkcs11_module_path);
|
|
|
|
os_free(config->driver_param);
|
2009-03-01 22:10:07 +00:00
|
|
|
os_free(config->device_name);
|
|
|
|
os_free(config->manufacturer);
|
|
|
|
os_free(config->model_name);
|
|
|
|
os_free(config->model_number);
|
|
|
|
os_free(config->serial_number);
|
|
|
|
os_free(config->device_type);
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
os_free(config->config_methods);
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(config->pssid);
|
|
|
|
os_free(config);
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_get_network - Get configured network based on id
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* @id: Unique network id to search for
|
|
|
|
* Returns: Network configuration or %NULL if not found
|
|
|
|
*/
|
|
|
|
struct wpa_ssid * wpa_config_get_network(struct wpa_config *config, int id)
|
2005-06-05 20:52:14 +00:00
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
struct wpa_ssid *ssid;
|
|
|
|
|
|
|
|
ssid = config->ssid;
|
|
|
|
while (ssid) {
|
|
|
|
if (id == ssid->id)
|
|
|
|
break;
|
|
|
|
ssid = ssid->next;
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
return ssid;
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_add_network - Add a new network with empty configuration
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* Returns: The new network configuration or %NULL if operation failed
|
|
|
|
*/
|
|
|
|
struct wpa_ssid * wpa_config_add_network(struct wpa_config *config)
|
2005-06-05 20:52:14 +00:00
|
|
|
{
|
2006-03-07 05:26:33 +00:00
|
|
|
int id;
|
|
|
|
struct wpa_ssid *ssid, *last = NULL;
|
|
|
|
|
|
|
|
id = -1;
|
|
|
|
ssid = config->ssid;
|
|
|
|
while (ssid) {
|
|
|
|
if (ssid->id > id)
|
|
|
|
id = ssid->id;
|
|
|
|
last = ssid;
|
|
|
|
ssid = ssid->next;
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
2006-03-07 05:26:33 +00:00
|
|
|
id++;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
ssid = os_zalloc(sizeof(*ssid));
|
2006-03-07 05:26:33 +00:00
|
|
|
if (ssid == NULL)
|
|
|
|
return NULL;
|
|
|
|
ssid->id = id;
|
|
|
|
if (last)
|
|
|
|
last->next = ssid;
|
|
|
|
else
|
|
|
|
config->ssid = ssid;
|
|
|
|
|
|
|
|
wpa_config_update_prio_list(config);
|
|
|
|
|
|
|
|
return ssid;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_remove_network - Remove a configured network based on id
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* @id: Unique network id to search for
|
|
|
|
* Returns: 0 on success, or -1 if the network was not found
|
|
|
|
*/
|
|
|
|
int wpa_config_remove_network(struct wpa_config *config, int id)
|
|
|
|
{
|
|
|
|
struct wpa_ssid *ssid, *prev = NULL;
|
|
|
|
|
|
|
|
ssid = config->ssid;
|
|
|
|
while (ssid) {
|
|
|
|
if (id == ssid->id)
|
|
|
|
break;
|
|
|
|
prev = ssid;
|
|
|
|
ssid = ssid->next;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ssid == NULL)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
if (prev)
|
|
|
|
prev->next = ssid->next;
|
|
|
|
else
|
|
|
|
config->ssid = ssid->next;
|
|
|
|
|
|
|
|
wpa_config_update_prio_list(config);
|
|
|
|
wpa_config_free_ssid(ssid);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_set_network_defaults - Set network default values
|
2007-07-11 15:48:36 +00:00
|
|
|
* @ssid: Pointer to network configuration data
|
2006-03-07 05:26:33 +00:00
|
|
|
*/
|
|
|
|
void wpa_config_set_network_defaults(struct wpa_ssid *ssid)
|
|
|
|
{
|
|
|
|
ssid->proto = DEFAULT_PROTO;
|
|
|
|
ssid->pairwise_cipher = DEFAULT_PAIRWISE;
|
|
|
|
ssid->group_cipher = DEFAULT_GROUP;
|
|
|
|
ssid->key_mgmt = DEFAULT_KEY_MGMT;
|
2007-07-11 15:48:36 +00:00
|
|
|
#ifdef IEEE8021X_EAPOL
|
2006-03-07 05:26:33 +00:00
|
|
|
ssid->eapol_flags = DEFAULT_EAPOL_FLAGS;
|
|
|
|
ssid->eap_workaround = DEFAULT_EAP_WORKAROUND;
|
2009-03-01 22:10:07 +00:00
|
|
|
ssid->eap.fragment_size = DEFAULT_FRAGMENT_SIZE;
|
2007-07-11 15:48:36 +00:00
|
|
|
#endif /* IEEE8021X_EAPOL */
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_set - Set a variable in network configuration
|
2007-07-11 15:48:36 +00:00
|
|
|
* @ssid: Pointer to network configuration data
|
2006-03-07 05:26:33 +00:00
|
|
|
* @var: Variable name, e.g., "ssid"
|
|
|
|
* @value: Variable value
|
|
|
|
* @line: Line number in configuration file or 0 if not used
|
|
|
|
* Returns: 0 on success, -1 on failure
|
|
|
|
*
|
|
|
|
* This function can be used to set network configuration variables based on
|
|
|
|
* both the configuration file and management interface input. The value
|
|
|
|
* parameter must be in the same format as the text-based configuration file is
|
|
|
|
* using. For example, strings are using double quotation marks.
|
|
|
|
*/
|
|
|
|
int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
|
|
|
|
int line)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
size_t i;
|
|
|
|
int ret = 0;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
if (ssid == NULL || var == NULL || value == NULL)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
for (i = 0; i < NUM_SSID_FIELDS; i++) {
|
|
|
|
const struct parse_data *field = &ssid_fields[i];
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(var, field->name) != 0)
|
2006-03-07 05:26:33 +00:00
|
|
|
continue;
|
|
|
|
|
|
|
|
if (field->parser(field, ssid, line, value)) {
|
|
|
|
if (line) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: failed to "
|
|
|
|
"parse %s '%s'.", line, var, value);
|
|
|
|
}
|
|
|
|
ret = -1;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (i == NUM_SSID_FIELDS) {
|
|
|
|
if (line) {
|
|
|
|
wpa_printf(MSG_ERROR, "Line %d: unknown network field "
|
|
|
|
"'%s'.", line, var);
|
|
|
|
}
|
|
|
|
ret = -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_get_all - Get all options from network configuration
|
|
|
|
* @ssid: Pointer to network configuration data
|
|
|
|
* @get_keys: Determines if keys/passwords will be included in returned list
|
|
|
|
* Returns: %NULL terminated list of all set keys and their values in the form
|
|
|
|
* of [key1, val1, key2, val2, ... , NULL]
|
|
|
|
*
|
|
|
|
* This function can be used to get list of all configured network properties.
|
|
|
|
* The caller is responsible for freeing the returned list and all its
|
|
|
|
* elements.
|
|
|
|
*/
|
|
|
|
char ** wpa_config_get_all(struct wpa_ssid *ssid, int get_keys)
|
|
|
|
{
|
|
|
|
const struct parse_data *field;
|
|
|
|
char *key, *value;
|
|
|
|
size_t i;
|
|
|
|
char **props;
|
|
|
|
int fields_num;
|
|
|
|
|
|
|
|
props = os_zalloc(sizeof(char *) * ((2 * NUM_SSID_FIELDS) + 1));
|
|
|
|
if (!props)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
fields_num = 0;
|
|
|
|
for (i = 0; i < NUM_SSID_FIELDS; i++) {
|
|
|
|
field = &ssid_fields[i];
|
|
|
|
if (field->key_data && !get_keys)
|
|
|
|
continue;
|
|
|
|
value = field->writer(field, ssid);
|
|
|
|
if (value == NULL)
|
|
|
|
continue;
|
|
|
|
if (os_strlen(value) == 0) {
|
|
|
|
os_free(value);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
key = os_strdup(field->name);
|
|
|
|
if (key == NULL) {
|
|
|
|
os_free(value);
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
props[fields_num * 2] = key;
|
|
|
|
props[fields_num * 2 + 1] = value;
|
|
|
|
|
|
|
|
fields_num++;
|
|
|
|
}
|
|
|
|
|
|
|
|
return props;
|
|
|
|
|
|
|
|
err:
|
|
|
|
value = *props;
|
|
|
|
while (value)
|
|
|
|
os_free(value++);
|
|
|
|
os_free(props);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef NO_CONFIG_WRITE
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_get - Get a variable in network configuration
|
2007-07-11 15:48:36 +00:00
|
|
|
* @ssid: Pointer to network configuration data
|
2006-03-07 05:26:33 +00:00
|
|
|
* @var: Variable name, e.g., "ssid"
|
|
|
|
* Returns: Value of the variable or %NULL on failure
|
|
|
|
*
|
|
|
|
* This function can be used to get network configuration variables. The
|
|
|
|
* returned value is a copy of the configuration variable in text format, i.e,.
|
|
|
|
* the same format that the text-based configuration file and wpa_config_set()
|
|
|
|
* are using for the value. The caller is responsible for freeing the returned
|
|
|
|
* value.
|
|
|
|
*/
|
|
|
|
char * wpa_config_get(struct wpa_ssid *ssid, const char *var)
|
|
|
|
{
|
2007-07-11 15:48:36 +00:00
|
|
|
size_t i;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
if (ssid == NULL || var == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
for (i = 0; i < NUM_SSID_FIELDS; i++) {
|
|
|
|
const struct parse_data *field = &ssid_fields[i];
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(var, field->name) == 0)
|
2006-03-07 05:26:33 +00:00
|
|
|
return field->writer(field, ssid);
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_get_no_key - Get a variable in network configuration (no keys)
|
|
|
|
* @ssid: Pointer to network configuration data
|
|
|
|
* @var: Variable name, e.g., "ssid"
|
|
|
|
* Returns: Value of the variable or %NULL on failure
|
|
|
|
*
|
|
|
|
* This function can be used to get network configuration variable like
|
|
|
|
* wpa_config_get(). The only difference is that this functions does not expose
|
|
|
|
* key/password material from the configuration. In case a key/password field
|
|
|
|
* is requested, the returned value is an empty string or %NULL if the variable
|
|
|
|
* is not set or "*" if the variable is set (regardless of its value). The
|
|
|
|
* returned value is a copy of the configuration variable in text format, i.e,.
|
|
|
|
* the same format that the text-based configuration file and wpa_config_set()
|
|
|
|
* are using for the value. The caller is responsible for freeing the returned
|
|
|
|
* value.
|
|
|
|
*/
|
|
|
|
char * wpa_config_get_no_key(struct wpa_ssid *ssid, const char *var)
|
|
|
|
{
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
if (ssid == NULL || var == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
for (i = 0; i < NUM_SSID_FIELDS; i++) {
|
|
|
|
const struct parse_data *field = &ssid_fields[i];
|
|
|
|
if (os_strcmp(var, field->name) == 0) {
|
|
|
|
char *res = field->writer(field, ssid);
|
|
|
|
if (field->key_data) {
|
|
|
|
if (res && res[0]) {
|
|
|
|
wpa_printf(MSG_DEBUG, "Do not allow "
|
|
|
|
"key_data field to be "
|
|
|
|
"exposed");
|
|
|
|
os_free(res);
|
|
|
|
return os_strdup("*");
|
|
|
|
}
|
|
|
|
|
|
|
|
os_free(res);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* NO_CONFIG_WRITE */
|
2007-07-11 15:48:36 +00:00
|
|
|
|
|
|
|
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_update_psk - Update WPA PSK based on passphrase and SSID
|
2007-07-11 15:48:36 +00:00
|
|
|
* @ssid: Pointer to network configuration data
|
2006-03-07 05:26:33 +00:00
|
|
|
*
|
|
|
|
* This function must be called to update WPA PSK when either SSID or the
|
|
|
|
* passphrase has changed for the network configuration.
|
|
|
|
*/
|
|
|
|
void wpa_config_update_psk(struct wpa_ssid *ssid)
|
|
|
|
{
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef CONFIG_NO_PBKDF2
|
2006-03-07 05:26:33 +00:00
|
|
|
pbkdf2_sha1(ssid->passphrase,
|
|
|
|
(char *) ssid->ssid, ssid->ssid_len, 4096,
|
|
|
|
ssid->psk, PMK_LEN);
|
|
|
|
wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
|
|
|
|
ssid->psk, PMK_LEN);
|
|
|
|
ssid->psk_set = 1;
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* CONFIG_NO_PBKDF2 */
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2009-03-01 22:10:07 +00:00
|
|
|
#ifndef CONFIG_NO_CONFIG_BLOBS
|
2006-03-07 05:26:33 +00:00
|
|
|
/**
|
|
|
|
* wpa_config_get_blob - Get a named configuration blob
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* @name: Name of the blob
|
|
|
|
* Returns: Pointer to blob data or %NULL if not found
|
|
|
|
*/
|
|
|
|
const struct wpa_config_blob * wpa_config_get_blob(struct wpa_config *config,
|
|
|
|
const char *name)
|
|
|
|
{
|
|
|
|
struct wpa_config_blob *blob = config->blobs;
|
|
|
|
|
|
|
|
while (blob) {
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(blob->name, name) == 0)
|
2006-03-07 05:26:33 +00:00
|
|
|
return blob;
|
|
|
|
blob = blob->next;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_set_blob - Set or add a named configuration blob
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* @blob: New value for the blob
|
|
|
|
*
|
|
|
|
* Adds a new configuration blob or replaces the current value of an existing
|
|
|
|
* blob.
|
|
|
|
*/
|
|
|
|
void wpa_config_set_blob(struct wpa_config *config,
|
|
|
|
struct wpa_config_blob *blob)
|
|
|
|
{
|
|
|
|
wpa_config_remove_blob(config, blob->name);
|
|
|
|
blob->next = config->blobs;
|
|
|
|
config->blobs = blob;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_free_blob - Free blob data
|
|
|
|
* @blob: Pointer to blob to be freed
|
|
|
|
*/
|
|
|
|
void wpa_config_free_blob(struct wpa_config_blob *blob)
|
|
|
|
{
|
|
|
|
if (blob) {
|
2007-07-11 15:48:36 +00:00
|
|
|
os_free(blob->name);
|
|
|
|
os_free(blob->data);
|
|
|
|
os_free(blob);
|
2006-03-07 05:26:33 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_remove_blob - Remove a named configuration blob
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
* @name: Name of the blob to remove
|
|
|
|
* Returns: 0 if blob was removed or -1 if blob was not found
|
|
|
|
*/
|
|
|
|
int wpa_config_remove_blob(struct wpa_config *config, const char *name)
|
|
|
|
{
|
|
|
|
struct wpa_config_blob *pos = config->blobs, *prev = NULL;
|
|
|
|
|
|
|
|
while (pos) {
|
2007-07-11 15:48:36 +00:00
|
|
|
if (os_strcmp(pos->name, name) == 0) {
|
2006-03-07 05:26:33 +00:00
|
|
|
if (prev)
|
|
|
|
prev->next = pos->next;
|
|
|
|
else
|
|
|
|
config->blobs = pos->next;
|
|
|
|
wpa_config_free_blob(pos);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
prev = pos;
|
|
|
|
pos = pos->next;
|
|
|
|
}
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
}
|
2009-03-01 22:10:07 +00:00
|
|
|
#endif /* CONFIG_NO_CONFIG_BLOBS */
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* wpa_config_alloc_empty - Allocate an empty configuration
|
|
|
|
* @ctrl_interface: Control interface parameters, e.g., path to UNIX domain
|
|
|
|
* socket
|
|
|
|
* @driver_param: Driver parameters
|
|
|
|
* Returns: Pointer to allocated configuration data or %NULL on failure
|
|
|
|
*/
|
|
|
|
struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
|
|
|
|
const char *driver_param)
|
|
|
|
{
|
|
|
|
struct wpa_config *config;
|
|
|
|
|
2007-07-11 15:48:36 +00:00
|
|
|
config = os_zalloc(sizeof(*config));
|
2006-03-07 05:26:33 +00:00
|
|
|
if (config == NULL)
|
|
|
|
return NULL;
|
|
|
|
config->eapol_version = DEFAULT_EAPOL_VERSION;
|
|
|
|
config->ap_scan = DEFAULT_AP_SCAN;
|
|
|
|
config->fast_reauth = DEFAULT_FAST_REAUTH;
|
Import wpa_supplicant / hostapd 0.7.3.
Changes:
2010-09-07 - v0.7.3
* fixed fallback from failed PMKSA caching into full EAP authentication
[Bug 355]
* fixed issue with early D-Bus signals during initialization
* fixed X.509 name handling in internal TLS
* fixed WPS ER to use corrent Enrollee MAC Address in Credential
* fixed scanning routines ot improve AP selection for WPS
* added WPS workaround for open networks
* fixed WPS Diffie-Hellman derivation to use correct public key length
* fixed wpa_supplicant AP mode operations to ignore Supplicant and
scan result events
* improved SME operations with nl80211
* fixed WPS ER event_id handling in some cases
* fixed some issues with bgscan simple to avoid unnecessary scans
* fixed issue with l2_packet_ndis overlapped writes corrupting stack
[Bug 328]
* updated WinPcap to the latest stable version 4.1.2 in Windows
installer
2010-04-18 - v0.7.2
* nl80211: fixed number of issues with roaming
* avoid unnecessary roaming if multiple APs with similar signal
strength are present in scan results
* add TLS client events and server probing to ease design of
automatic detection of EAP parameters
* add option for server certificate matching (SHA256 hash of the
certificate) instead of trusted CA certificate configuration
* bsd: Cleaned up driver wrapper and added various low-level
configuration options
* wpa_gui-qt4: do not show too frequent WPS AP available events as
tray messages
* TNC: fixed issues with fragmentation
* EAP-TNC: add Flags field into fragment acknowledgement (needed to
interoperate with other implementations; may potentially breaks
compatibility with older wpa_supplicant/hostapd versions)
* wpa_cli: added option for using a separate process to receive event
messages to reduce latency in showing these
(CFLAGS += -DCONFIG_WPA_CLI_FORK=y in .config to enable this)
* maximum BSS table size can now be configured (bss_max_count)
* BSSes to be included in the BSS table can be filtered based on
configured SSIDs to save memory (filter_ssids)
* fix number of issues with IEEE 802.11r/FT; this version is not
backwards compatible with old versions
* nl80211: add support for IEEE 802.11r/FT protocol (both over-the-air
and over-the-DS)
* add freq_list network configuration parameter to allow the AP
selection to filter out entries based on the operating channel
* add signal strength change events for bgscan; this allows more
dynamic changes to background scanning interval based on changes in
the signal strength with the current AP; this improves roaming within
ESS quite a bit, e.g., with bgscan="simple:30:-45:300" in the network
configuration block to request background scans less frequently when
signal strength remains good and to automatically trigger background
scans whenever signal strength drops noticeably
(this is currently only available with nl80211)
* add BSSID and reason code (if available) to disconnect event messages
* wpa_gui-qt4: more complete support for translating the GUI with
linguist and add German translation
* fix DH padding with internal crypto code (mainly, for WPS)
* do not trigger initial scan automatically anymore if there are no
enabled networks
2010-01-16 - v0.7.1
* cleaned up driver wrapper API (struct wpa_driver_ops); the new API
is not fully backwards compatible, so out-of-tree driver wrappers
will need modifications
* cleaned up various module interfaces
* merge hostapd and wpa_supplicant developers' documentation into a
single document
* nl80211: use explicit deauthentication to clear cfg80211 state to
avoid issues when roaming between APs
* dbus: major design changes in the new D-Bus API
(fi.w1.wpa_supplicant1)
* nl80211: added support for IBSS networks
* added internal debugging mechanism with backtrace support and memory
allocation/freeing validation, etc. tests (CONFIG_WPA_TRACE=y)
* added WPS ER unsubscription command to more cleanly unregister from
receiving UPnP events when ER is terminated
* cleaned up AP mode operations to avoid need for virtual driver_ops
wrapper
* added BSS table to maintain more complete scan result information
over multiple scans (that may include only partial results)
* wpa_gui-qt4: update Peers dialog information more dynamically while
the dialog is kept open
* fixed PKCS#12 use with OpenSSL 1.0.0
* driver_wext: Added cfg80211-specific optimization to avoid some
unnecessary scans and to speed up association
2009-11-21 - v0.7.0
* increased wpa_cli ping interval to 5 seconds and made this
configurable with a new command line options (-G<seconds>)
* fixed scan buffer processing with WEXT to handle up to 65535
byte result buffer (previously, limited to 32768 bytes)
* allow multiple driver wrappers to be specified on command line
(e.g., -Dnl80211,wext); the first one that is able to initialize the
interface will be used
* added support for multiple SSIDs per scan request to optimize
scan_ssid=1 operations in ap_scan=1 mode (i.e., search for hidden
SSIDs); this requires driver support and can currently be used only
with nl80211
* added support for WPS USBA out-of-band mechanism with USB Flash
Drives (UFD) (CONFIG_WPS_UFD=y)
* driver_ndis: add PAE group address to the multicast address list to
fix wired IEEE 802.1X authentication
* fixed IEEE 802.11r key derivation function to match with the standard
(note: this breaks interoperability with previous version) [Bug 303]
* added better support for drivers that allow separate authentication
and association commands (e.g., mac80211-based Linux drivers with
nl80211; SME in wpa_supplicant); this allows over-the-air FT protocol
to be used (IEEE 802.11r)
* fixed SHA-256 based key derivation function to match with the
standard when using CCMP (for IEEE 802.11r and IEEE 802.11w)
(note: this breaks interoperability with previous version) [Bug 307]
* use shared driver wrapper files with hostapd
* added AP mode functionality (CONFIG_AP=y) with mode=2 in the network
block; this can be used for open and WPA2-Personal networks
(optionally, with WPS); this links in parts of hostapd functionality
into wpa_supplicant
* wpa_gui-qt4: added new Peers dialog to show information about peers
(other devices, including APs and stations, etc. in the neighborhood)
* added support for WPS External Registrar functionality (configure APs
and enroll new devices); can be used with wpa_gui-qt4 Peers dialog
and wpa_cli commands wps_er_start, wps_er_stop, wps_er_pin,
wps_er_pbc, wps_er_learn
(this can also be used with a new 'none' driver wrapper if no
wireless device or IEEE 802.1X on wired is needed)
* driver_nl80211: multiple updates to provide support for new Linux
nl80211/mac80211 functionality
* updated management frame protection to use IEEE Std 802.11w-2009
* fixed number of small WPS issues and added workarounds to
interoperate with common deployed broken implementations
* added support for NFC out-of-band mechanism with WPS
* driver_ndis: fixed wired IEEE 802.1X authentication with PAE group
address frames
* added preliminary support for IEEE 802.11r RIC processing
* added support for specifying subset of enabled frequencies to scan
(scan_freq option in the network configuration block); this can speed
up scanning process considerably if it is known that only a small
subset of channels is actually used in the network (this is currently
supported only with -Dnl80211)
* added a workaround for race condition between receiving the
association event and the following EAPOL-Key
* added background scan and roaming infrastructure to allow
network-specific optimizations to be used to improve roaming within
an ESS (same SSID)
* added new DBus interface (fi.w1.wpa_supplicant1)
2010-10-29 08:01:21 +00:00
|
|
|
config->bss_max_count = DEFAULT_BSS_MAX_COUNT;
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
if (ctrl_interface)
|
2007-07-11 15:48:36 +00:00
|
|
|
config->ctrl_interface = os_strdup(ctrl_interface);
|
2006-03-07 05:26:33 +00:00
|
|
|
if (driver_param)
|
2007-07-11 15:48:36 +00:00
|
|
|
config->driver_param = os_strdup(driver_param);
|
2006-03-07 05:26:33 +00:00
|
|
|
|
|
|
|
return config;
|
2005-06-05 20:52:14 +00:00
|
|
|
}
|
2007-07-11 15:48:36 +00:00
|
|
|
|
|
|
|
|
|
|
|
#ifndef CONFIG_NO_STDOUT_DEBUG
|
|
|
|
/**
|
|
|
|
* wpa_config_debug_dump_networks - Debug dump of configured networks
|
|
|
|
* @config: Configuration data from wpa_config_read()
|
|
|
|
*/
|
|
|
|
void wpa_config_debug_dump_networks(struct wpa_config *config)
|
|
|
|
{
|
|
|
|
int prio;
|
|
|
|
struct wpa_ssid *ssid;
|
|
|
|
|
|
|
|
for (prio = 0; prio < config->num_prio; prio++) {
|
|
|
|
ssid = config->pssid[prio];
|
|
|
|
wpa_printf(MSG_DEBUG, "Priority group %d",
|
|
|
|
ssid->priority);
|
|
|
|
while (ssid) {
|
|
|
|
wpa_printf(MSG_DEBUG, " id=%d ssid='%s'",
|
|
|
|
ssid->id,
|
|
|
|
wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
|
|
|
|
ssid = ssid->pnext;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif /* CONFIG_NO_STDOUT_DEBUG */
|