1 /* 2 * hostapd / Configuration file parser 3 * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 #ifndef CONFIG_NATIVE_WINDOWS 11 #include <grp.h> 12 #endif /* CONFIG_NATIVE_WINDOWS */ 13 14 #include "utils/common.h" 15 #include "utils/uuid.h" 16 #include "common/ieee802_11_defs.h" 17 #include "drivers/driver.h" 18 #include "eap_server/eap.h" 19 #include "radius/radius_client.h" 20 #include "ap/wpa_auth.h" 21 #include "ap/ap_config.h" 22 #include "config_file.h" 23 24 25 #ifndef CONFIG_NO_RADIUS 26 #ifdef EAP_SERVER 27 static struct hostapd_radius_attr * 28 hostapd_parse_radius_attr(const char *value); 29 #endif /* EAP_SERVER */ 30 #endif /* CONFIG_NO_RADIUS */ 31 32 33 #ifndef CONFIG_NO_VLAN 34 static int hostapd_config_read_vlan_file(struct hostapd_bss_config *bss, 35 const char *fname) 36 { 37 FILE *f; 38 char buf[128], *pos, *pos2; 39 int line = 0, vlan_id; 40 struct hostapd_vlan *vlan; 41 42 f = fopen(fname, "r"); 43 if (!f) { 44 wpa_printf(MSG_ERROR, "VLAN file '%s' not readable.", fname); 45 return -1; 46 } 47 48 while (fgets(buf, sizeof(buf), f)) { 49 line++; 50 51 if (buf[0] == '#') 52 continue; 53 pos = buf; 54 while (*pos != '\0') { 55 if (*pos == '\n') { 56 *pos = '\0'; 57 break; 58 } 59 pos++; 60 } 61 if (buf[0] == '\0') 62 continue; 63 64 if (buf[0] == '*') { 65 vlan_id = VLAN_ID_WILDCARD; 66 pos = buf + 1; 67 } else { 68 vlan_id = strtol(buf, &pos, 10); 69 if (buf == pos || vlan_id < 1 || 70 vlan_id > MAX_VLAN_ID) { 71 wpa_printf(MSG_ERROR, "Invalid VLAN ID at " 72 "line %d in '%s'", line, fname); 73 fclose(f); 74 return -1; 75 } 76 } 77 78 while (*pos == ' ' || *pos == '\t') 79 pos++; 80 pos2 = pos; 81 while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0') 82 pos2++; 83 *pos2 = '\0'; 84 if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) { 85 wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d " 86 "in '%s'", line, fname); 87 fclose(f); 88 return -1; 89 } 90 91 vlan = os_zalloc(sizeof(*vlan)); 92 if (vlan == NULL) { 93 wpa_printf(MSG_ERROR, "Out of memory while reading " 94 "VLAN interfaces from '%s'", fname); 95 fclose(f); 96 return -1; 97 } 98 99 vlan->vlan_id = vlan_id; 100 os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname)); 101 vlan->next = bss->vlan; 102 bss->vlan = vlan; 103 } 104 105 fclose(f); 106 107 return 0; 108 } 109 #endif /* CONFIG_NO_VLAN */ 110 111 112 static int hostapd_acl_comp(const void *a, const void *b) 113 { 114 const struct mac_acl_entry *aa = a; 115 const struct mac_acl_entry *bb = b; 116 return os_memcmp(aa->addr, bb->addr, sizeof(macaddr)); 117 } 118 119 120 static int hostapd_config_read_maclist(const char *fname, 121 struct mac_acl_entry **acl, int *num) 122 { 123 FILE *f; 124 char buf[128], *pos; 125 int line = 0; 126 u8 addr[ETH_ALEN]; 127 struct mac_acl_entry *newacl; 128 int vlan_id; 129 130 if (!fname) 131 return 0; 132 133 f = fopen(fname, "r"); 134 if (!f) { 135 wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname); 136 return -1; 137 } 138 139 while (fgets(buf, sizeof(buf), f)) { 140 int i, rem = 0; 141 142 line++; 143 144 if (buf[0] == '#') 145 continue; 146 pos = buf; 147 while (*pos != '\0') { 148 if (*pos == '\n') { 149 *pos = '\0'; 150 break; 151 } 152 pos++; 153 } 154 if (buf[0] == '\0') 155 continue; 156 pos = buf; 157 if (buf[0] == '-') { 158 rem = 1; 159 pos++; 160 } 161 162 if (hwaddr_aton(pos, addr)) { 163 wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at " 164 "line %d in '%s'", pos, line, fname); 165 fclose(f); 166 return -1; 167 } 168 169 if (rem) { 170 i = 0; 171 while (i < *num) { 172 if (os_memcmp((*acl)[i].addr, addr, ETH_ALEN) == 173 0) { 174 os_remove_in_array(*acl, *num, 175 sizeof(**acl), i); 176 (*num)--; 177 } else 178 i++; 179 } 180 continue; 181 } 182 vlan_id = 0; 183 pos = buf; 184 while (*pos != '\0' && *pos != ' ' && *pos != '\t') 185 pos++; 186 while (*pos == ' ' || *pos == '\t') 187 pos++; 188 if (*pos != '\0') 189 vlan_id = atoi(pos); 190 191 newacl = os_realloc_array(*acl, *num + 1, sizeof(**acl)); 192 if (newacl == NULL) { 193 wpa_printf(MSG_ERROR, "MAC list reallocation failed"); 194 fclose(f); 195 return -1; 196 } 197 198 *acl = newacl; 199 os_memcpy((*acl)[*num].addr, addr, ETH_ALEN); 200 (*acl)[*num].vlan_id = vlan_id; 201 (*num)++; 202 } 203 204 fclose(f); 205 206 qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp); 207 208 return 0; 209 } 210 211 212 #ifdef EAP_SERVER 213 static int hostapd_config_read_eap_user(const char *fname, 214 struct hostapd_bss_config *conf) 215 { 216 FILE *f; 217 char buf[512], *pos, *start, *pos2; 218 int line = 0, ret = 0, num_methods; 219 struct hostapd_eap_user *user = NULL, *tail = NULL, *new_user = NULL; 220 221 if (!fname) 222 return 0; 223 224 if (os_strncmp(fname, "sqlite:", 7) == 0) { 225 os_free(conf->eap_user_sqlite); 226 conf->eap_user_sqlite = os_strdup(fname + 7); 227 return 0; 228 } 229 230 f = fopen(fname, "r"); 231 if (!f) { 232 wpa_printf(MSG_ERROR, "EAP user file '%s' not found.", fname); 233 return -1; 234 } 235 236 /* Lines: "user" METHOD,METHOD2 "password" (password optional) */ 237 while (fgets(buf, sizeof(buf), f)) { 238 line++; 239 240 if (buf[0] == '#') 241 continue; 242 pos = buf; 243 while (*pos != '\0') { 244 if (*pos == '\n') { 245 *pos = '\0'; 246 break; 247 } 248 pos++; 249 } 250 if (buf[0] == '\0') 251 continue; 252 253 #ifndef CONFIG_NO_RADIUS 254 if (user && os_strncmp(buf, "radius_accept_attr=", 19) == 0) { 255 struct hostapd_radius_attr *attr, *a; 256 attr = hostapd_parse_radius_attr(buf + 19); 257 if (attr == NULL) { 258 wpa_printf(MSG_ERROR, "Invalid radius_auth_req_attr: %s", 259 buf + 19); 260 user = NULL; /* already in the BSS list */ 261 goto failed; 262 } 263 if (user->accept_attr == NULL) { 264 user->accept_attr = attr; 265 } else { 266 a = user->accept_attr; 267 while (a->next) 268 a = a->next; 269 a->next = attr; 270 } 271 continue; 272 } 273 #endif /* CONFIG_NO_RADIUS */ 274 275 user = NULL; 276 277 if (buf[0] != '"' && buf[0] != '*') { 278 wpa_printf(MSG_ERROR, "Invalid EAP identity (no \" in " 279 "start) on line %d in '%s'", line, fname); 280 goto failed; 281 } 282 283 user = os_zalloc(sizeof(*user)); 284 if (user == NULL) { 285 wpa_printf(MSG_ERROR, "EAP user allocation failed"); 286 goto failed; 287 } 288 user->force_version = -1; 289 290 if (buf[0] == '*') { 291 pos = buf; 292 } else { 293 pos = buf + 1; 294 start = pos; 295 while (*pos != '"' && *pos != '\0') 296 pos++; 297 if (*pos == '\0') { 298 wpa_printf(MSG_ERROR, "Invalid EAP identity " 299 "(no \" in end) on line %d in '%s'", 300 line, fname); 301 goto failed; 302 } 303 304 user->identity = os_malloc(pos - start); 305 if (user->identity == NULL) { 306 wpa_printf(MSG_ERROR, "Failed to allocate " 307 "memory for EAP identity"); 308 goto failed; 309 } 310 os_memcpy(user->identity, start, pos - start); 311 user->identity_len = pos - start; 312 313 if (pos[0] == '"' && pos[1] == '*') { 314 user->wildcard_prefix = 1; 315 pos++; 316 } 317 } 318 pos++; 319 while (*pos == ' ' || *pos == '\t') 320 pos++; 321 322 if (*pos == '\0') { 323 wpa_printf(MSG_ERROR, "No EAP method on line %d in " 324 "'%s'", line, fname); 325 goto failed; 326 } 327 328 start = pos; 329 while (*pos != ' ' && *pos != '\t' && *pos != '\0') 330 pos++; 331 if (*pos == '\0') { 332 pos = NULL; 333 } else { 334 *pos = '\0'; 335 pos++; 336 } 337 num_methods = 0; 338 while (*start) { 339 char *pos3 = os_strchr(start, ','); 340 if (pos3) { 341 *pos3++ = '\0'; 342 } 343 user->methods[num_methods].method = 344 eap_server_get_type( 345 start, 346 &user->methods[num_methods].vendor); 347 if (user->methods[num_methods].vendor == 348 EAP_VENDOR_IETF && 349 user->methods[num_methods].method == EAP_TYPE_NONE) 350 { 351 if (os_strcmp(start, "TTLS-PAP") == 0) { 352 user->ttls_auth |= EAP_TTLS_AUTH_PAP; 353 goto skip_eap; 354 } 355 if (os_strcmp(start, "TTLS-CHAP") == 0) { 356 user->ttls_auth |= EAP_TTLS_AUTH_CHAP; 357 goto skip_eap; 358 } 359 if (os_strcmp(start, "TTLS-MSCHAP") == 0) { 360 user->ttls_auth |= 361 EAP_TTLS_AUTH_MSCHAP; 362 goto skip_eap; 363 } 364 if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) { 365 user->ttls_auth |= 366 EAP_TTLS_AUTH_MSCHAPV2; 367 goto skip_eap; 368 } 369 if (os_strcmp(start, "MACACL") == 0) { 370 user->macacl = 1; 371 goto skip_eap; 372 } 373 wpa_printf(MSG_ERROR, "Unsupported EAP type " 374 "'%s' on line %d in '%s'", 375 start, line, fname); 376 goto failed; 377 } 378 379 num_methods++; 380 if (num_methods >= EAP_MAX_METHODS) 381 break; 382 skip_eap: 383 if (pos3 == NULL) 384 break; 385 start = pos3; 386 } 387 if (num_methods == 0 && user->ttls_auth == 0 && !user->macacl) { 388 wpa_printf(MSG_ERROR, "No EAP types configured on " 389 "line %d in '%s'", line, fname); 390 goto failed; 391 } 392 393 if (pos == NULL) 394 goto done; 395 396 while (*pos == ' ' || *pos == '\t') 397 pos++; 398 if (*pos == '\0') 399 goto done; 400 401 if (os_strncmp(pos, "[ver=0]", 7) == 0) { 402 user->force_version = 0; 403 goto done; 404 } 405 406 if (os_strncmp(pos, "[ver=1]", 7) == 0) { 407 user->force_version = 1; 408 goto done; 409 } 410 411 if (os_strncmp(pos, "[2]", 3) == 0) { 412 user->phase2 = 1; 413 goto done; 414 } 415 416 if (*pos == '"') { 417 pos++; 418 start = pos; 419 while (*pos != '"' && *pos != '\0') 420 pos++; 421 if (*pos == '\0') { 422 wpa_printf(MSG_ERROR, "Invalid EAP password " 423 "(no \" in end) on line %d in '%s'", 424 line, fname); 425 goto failed; 426 } 427 428 user->password = os_malloc(pos - start); 429 if (user->password == NULL) { 430 wpa_printf(MSG_ERROR, "Failed to allocate " 431 "memory for EAP password"); 432 goto failed; 433 } 434 os_memcpy(user->password, start, pos - start); 435 user->password_len = pos - start; 436 437 pos++; 438 } else if (os_strncmp(pos, "hash:", 5) == 0) { 439 pos += 5; 440 pos2 = pos; 441 while (*pos2 != '\0' && *pos2 != ' ' && 442 *pos2 != '\t' && *pos2 != '#') 443 pos2++; 444 if (pos2 - pos != 32) { 445 wpa_printf(MSG_ERROR, "Invalid password hash " 446 "on line %d in '%s'", line, fname); 447 goto failed; 448 } 449 user->password = os_malloc(16); 450 if (user->password == NULL) { 451 wpa_printf(MSG_ERROR, "Failed to allocate " 452 "memory for EAP password hash"); 453 goto failed; 454 } 455 if (hexstr2bin(pos, user->password, 16) < 0) { 456 wpa_printf(MSG_ERROR, "Invalid hash password " 457 "on line %d in '%s'", line, fname); 458 goto failed; 459 } 460 user->password_len = 16; 461 user->password_hash = 1; 462 pos = pos2; 463 } else { 464 pos2 = pos; 465 while (*pos2 != '\0' && *pos2 != ' ' && 466 *pos2 != '\t' && *pos2 != '#') 467 pos2++; 468 if ((pos2 - pos) & 1) { 469 wpa_printf(MSG_ERROR, "Invalid hex password " 470 "on line %d in '%s'", line, fname); 471 goto failed; 472 } 473 user->password = os_malloc((pos2 - pos) / 2); 474 if (user->password == NULL) { 475 wpa_printf(MSG_ERROR, "Failed to allocate " 476 "memory for EAP password"); 477 goto failed; 478 } 479 if (hexstr2bin(pos, user->password, 480 (pos2 - pos) / 2) < 0) { 481 wpa_printf(MSG_ERROR, "Invalid hex password " 482 "on line %d in '%s'", line, fname); 483 goto failed; 484 } 485 user->password_len = (pos2 - pos) / 2; 486 pos = pos2; 487 } 488 489 while (*pos == ' ' || *pos == '\t') 490 pos++; 491 if (os_strncmp(pos, "[2]", 3) == 0) { 492 user->phase2 = 1; 493 } 494 495 done: 496 if (tail == NULL) { 497 tail = new_user = user; 498 } else { 499 tail->next = user; 500 tail = user; 501 } 502 continue; 503 504 failed: 505 if (user) 506 hostapd_config_free_eap_user(user); 507 ret = -1; 508 break; 509 } 510 511 fclose(f); 512 513 if (ret == 0) { 514 user = conf->eap_user; 515 while (user) { 516 struct hostapd_eap_user *prev; 517 518 prev = user; 519 user = user->next; 520 hostapd_config_free_eap_user(prev); 521 } 522 conf->eap_user = new_user; 523 } 524 525 return ret; 526 } 527 #endif /* EAP_SERVER */ 528 529 530 #ifndef CONFIG_NO_RADIUS 531 static int 532 hostapd_config_read_radius_addr(struct hostapd_radius_server **server, 533 int *num_server, const char *val, int def_port, 534 struct hostapd_radius_server **curr_serv) 535 { 536 struct hostapd_radius_server *nserv; 537 int ret; 538 static int server_index = 1; 539 540 nserv = os_realloc_array(*server, *num_server + 1, sizeof(*nserv)); 541 if (nserv == NULL) 542 return -1; 543 544 *server = nserv; 545 nserv = &nserv[*num_server]; 546 (*num_server)++; 547 (*curr_serv) = nserv; 548 549 os_memset(nserv, 0, sizeof(*nserv)); 550 nserv->port = def_port; 551 ret = hostapd_parse_ip_addr(val, &nserv->addr); 552 nserv->index = server_index++; 553 554 return ret; 555 } 556 557 558 static struct hostapd_radius_attr * 559 hostapd_parse_radius_attr(const char *value) 560 { 561 const char *pos; 562 char syntax; 563 struct hostapd_radius_attr *attr; 564 size_t len; 565 566 attr = os_zalloc(sizeof(*attr)); 567 if (attr == NULL) 568 return NULL; 569 570 attr->type = atoi(value); 571 572 pos = os_strchr(value, ':'); 573 if (pos == NULL) { 574 attr->val = wpabuf_alloc(1); 575 if (attr->val == NULL) { 576 os_free(attr); 577 return NULL; 578 } 579 wpabuf_put_u8(attr->val, 0); 580 return attr; 581 } 582 583 pos++; 584 if (pos[0] == '\0' || pos[1] != ':') { 585 os_free(attr); 586 return NULL; 587 } 588 syntax = *pos++; 589 pos++; 590 591 switch (syntax) { 592 case 's': 593 attr->val = wpabuf_alloc_copy(pos, os_strlen(pos)); 594 break; 595 case 'x': 596 len = os_strlen(pos); 597 if (len & 1) 598 break; 599 len /= 2; 600 attr->val = wpabuf_alloc(len); 601 if (attr->val == NULL) 602 break; 603 if (hexstr2bin(pos, wpabuf_put(attr->val, len), len) < 0) { 604 wpabuf_free(attr->val); 605 os_free(attr); 606 return NULL; 607 } 608 break; 609 case 'd': 610 attr->val = wpabuf_alloc(4); 611 if (attr->val) 612 wpabuf_put_be32(attr->val, atoi(pos)); 613 break; 614 default: 615 os_free(attr); 616 return NULL; 617 } 618 619 if (attr->val == NULL) { 620 os_free(attr); 621 return NULL; 622 } 623 624 return attr; 625 } 626 627 628 static int hostapd_parse_das_client(struct hostapd_bss_config *bss, 629 const char *val) 630 { 631 char *secret; 632 633 secret = os_strchr(val, ' '); 634 if (secret == NULL) 635 return -1; 636 637 secret++; 638 639 if (hostapd_parse_ip_addr(val, &bss->radius_das_client_addr)) 640 return -1; 641 642 os_free(bss->radius_das_shared_secret); 643 bss->radius_das_shared_secret = (u8 *) os_strdup(secret); 644 if (bss->radius_das_shared_secret == NULL) 645 return -1; 646 bss->radius_das_shared_secret_len = os_strlen(secret); 647 648 return 0; 649 } 650 #endif /* CONFIG_NO_RADIUS */ 651 652 653 static int hostapd_config_parse_key_mgmt(int line, const char *value) 654 { 655 int val = 0, last; 656 char *start, *end, *buf; 657 658 buf = os_strdup(value); 659 if (buf == NULL) 660 return -1; 661 start = buf; 662 663 while (*start != '\0') { 664 while (*start == ' ' || *start == '\t') 665 start++; 666 if (*start == '\0') 667 break; 668 end = start; 669 while (*end != ' ' && *end != '\t' && *end != '\0') 670 end++; 671 last = *end == '\0'; 672 *end = '\0'; 673 if (os_strcmp(start, "WPA-PSK") == 0) 674 val |= WPA_KEY_MGMT_PSK; 675 else if (os_strcmp(start, "WPA-EAP") == 0) 676 val |= WPA_KEY_MGMT_IEEE8021X; 677 #ifdef CONFIG_IEEE80211R 678 else if (os_strcmp(start, "FT-PSK") == 0) 679 val |= WPA_KEY_MGMT_FT_PSK; 680 else if (os_strcmp(start, "FT-EAP") == 0) 681 val |= WPA_KEY_MGMT_FT_IEEE8021X; 682 #endif /* CONFIG_IEEE80211R */ 683 #ifdef CONFIG_IEEE80211W 684 else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) 685 val |= WPA_KEY_MGMT_PSK_SHA256; 686 else if (os_strcmp(start, "WPA-EAP-SHA256") == 0) 687 val |= WPA_KEY_MGMT_IEEE8021X_SHA256; 688 #endif /* CONFIG_IEEE80211W */ 689 #ifdef CONFIG_SAE 690 else if (os_strcmp(start, "SAE") == 0) 691 val |= WPA_KEY_MGMT_SAE; 692 else if (os_strcmp(start, "FT-SAE") == 0) 693 val |= WPA_KEY_MGMT_FT_SAE; 694 #endif /* CONFIG_SAE */ 695 #ifdef CONFIG_SUITEB 696 else if (os_strcmp(start, "WPA-EAP-SUITE-B") == 0) 697 val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B; 698 #endif /* CONFIG_SUITEB */ 699 #ifdef CONFIG_SUITEB192 700 else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0) 701 val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; 702 #endif /* CONFIG_SUITEB192 */ 703 else { 704 wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'", 705 line, start); 706 os_free(buf); 707 return -1; 708 } 709 710 if (last) 711 break; 712 start = end + 1; 713 } 714 715 os_free(buf); 716 if (val == 0) { 717 wpa_printf(MSG_ERROR, "Line %d: no key_mgmt values " 718 "configured.", line); 719 return -1; 720 } 721 722 return val; 723 } 724 725 726 static int hostapd_config_parse_cipher(int line, const char *value) 727 { 728 int val = wpa_parse_cipher(value); 729 if (val < 0) { 730 wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.", 731 line, value); 732 return -1; 733 } 734 if (val == 0) { 735 wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.", 736 line); 737 return -1; 738 } 739 return val; 740 } 741 742 743 static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx, 744 char *val) 745 { 746 size_t len = os_strlen(val); 747 748 if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL) 749 return -1; 750 751 if (val[0] == '"') { 752 if (len < 2 || val[len - 1] != '"') 753 return -1; 754 len -= 2; 755 wep->key[keyidx] = os_malloc(len); 756 if (wep->key[keyidx] == NULL) 757 return -1; 758 os_memcpy(wep->key[keyidx], val + 1, len); 759 wep->len[keyidx] = len; 760 } else { 761 if (len & 1) 762 return -1; 763 len /= 2; 764 wep->key[keyidx] = os_malloc(len); 765 if (wep->key[keyidx] == NULL) 766 return -1; 767 wep->len[keyidx] = len; 768 if (hexstr2bin(val, wep->key[keyidx], len) < 0) 769 return -1; 770 } 771 772 wep->keys_set++; 773 774 return 0; 775 } 776 777 778 static int hostapd_parse_intlist(int **int_list, char *val) 779 { 780 int *list; 781 int count; 782 char *pos, *end; 783 784 os_free(*int_list); 785 *int_list = NULL; 786 787 pos = val; 788 count = 0; 789 while (*pos != '\0') { 790 if (*pos == ' ') 791 count++; 792 pos++; 793 } 794 795 list = os_malloc(sizeof(int) * (count + 2)); 796 if (list == NULL) 797 return -1; 798 pos = val; 799 count = 0; 800 while (*pos != '\0') { 801 end = os_strchr(pos, ' '); 802 if (end) 803 *end = '\0'; 804 805 list[count++] = atoi(pos); 806 if (!end) 807 break; 808 pos = end + 1; 809 } 810 list[count] = -1; 811 812 *int_list = list; 813 return 0; 814 } 815 816 817 static int hostapd_config_bss(struct hostapd_config *conf, const char *ifname) 818 { 819 struct hostapd_bss_config **all, *bss; 820 821 if (*ifname == '\0') 822 return -1; 823 824 all = os_realloc_array(conf->bss, conf->num_bss + 1, 825 sizeof(struct hostapd_bss_config *)); 826 if (all == NULL) { 827 wpa_printf(MSG_ERROR, "Failed to allocate memory for " 828 "multi-BSS entry"); 829 return -1; 830 } 831 conf->bss = all; 832 833 bss = os_zalloc(sizeof(*bss)); 834 if (bss == NULL) 835 return -1; 836 bss->radius = os_zalloc(sizeof(*bss->radius)); 837 if (bss->radius == NULL) { 838 wpa_printf(MSG_ERROR, "Failed to allocate memory for " 839 "multi-BSS RADIUS data"); 840 os_free(bss); 841 return -1; 842 } 843 844 conf->bss[conf->num_bss++] = bss; 845 conf->last_bss = bss; 846 847 hostapd_config_defaults_bss(bss); 848 os_strlcpy(bss->iface, ifname, sizeof(bss->iface)); 849 os_memcpy(bss->ssid.vlan, bss->iface, IFNAMSIZ + 1); 850 851 return 0; 852 } 853 854 855 /* convert floats with one decimal place to value*10 int, i.e., 856 * "1.5" will return 15 */ 857 static int hostapd_config_read_int10(const char *value) 858 { 859 int i, d; 860 char *pos; 861 862 i = atoi(value); 863 pos = os_strchr(value, '.'); 864 d = 0; 865 if (pos) { 866 pos++; 867 if (*pos >= '0' && *pos <= '9') 868 d = *pos - '0'; 869 } 870 871 return i * 10 + d; 872 } 873 874 875 static int valid_cw(int cw) 876 { 877 return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 || 878 cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023); 879 } 880 881 882 enum { 883 IEEE80211_TX_QUEUE_DATA0 = 0, /* used for EDCA AC_VO data */ 884 IEEE80211_TX_QUEUE_DATA1 = 1, /* used for EDCA AC_VI data */ 885 IEEE80211_TX_QUEUE_DATA2 = 2, /* used for EDCA AC_BE data */ 886 IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */ 887 }; 888 889 static int hostapd_config_tx_queue(struct hostapd_config *conf, char *name, 890 char *val) 891 { 892 int num; 893 char *pos; 894 struct hostapd_tx_queue_params *queue; 895 896 /* skip 'tx_queue_' prefix */ 897 pos = name + 9; 898 if (os_strncmp(pos, "data", 4) == 0 && 899 pos[4] >= '0' && pos[4] <= '9' && pos[5] == '_') { 900 num = pos[4] - '0'; 901 pos += 6; 902 } else if (os_strncmp(pos, "after_beacon_", 13) == 0 || 903 os_strncmp(pos, "beacon_", 7) == 0) { 904 wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name); 905 return 0; 906 } else { 907 wpa_printf(MSG_ERROR, "Unknown tx_queue name '%s'", pos); 908 return -1; 909 } 910 911 if (num >= NUM_TX_QUEUES) { 912 /* for backwards compatibility, do not trigger failure */ 913 wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name); 914 return 0; 915 } 916 917 queue = &conf->tx_queue[num]; 918 919 if (os_strcmp(pos, "aifs") == 0) { 920 queue->aifs = atoi(val); 921 if (queue->aifs < 0 || queue->aifs > 255) { 922 wpa_printf(MSG_ERROR, "Invalid AIFS value %d", 923 queue->aifs); 924 return -1; 925 } 926 } else if (os_strcmp(pos, "cwmin") == 0) { 927 queue->cwmin = atoi(val); 928 if (!valid_cw(queue->cwmin)) { 929 wpa_printf(MSG_ERROR, "Invalid cwMin value %d", 930 queue->cwmin); 931 return -1; 932 } 933 } else if (os_strcmp(pos, "cwmax") == 0) { 934 queue->cwmax = atoi(val); 935 if (!valid_cw(queue->cwmax)) { 936 wpa_printf(MSG_ERROR, "Invalid cwMax value %d", 937 queue->cwmax); 938 return -1; 939 } 940 } else if (os_strcmp(pos, "burst") == 0) { 941 queue->burst = hostapd_config_read_int10(val); 942 } else { 943 wpa_printf(MSG_ERROR, "Unknown tx_queue field '%s'", pos); 944 return -1; 945 } 946 947 return 0; 948 } 949 950 951 #ifdef CONFIG_IEEE80211R 952 static int add_r0kh(struct hostapd_bss_config *bss, char *value) 953 { 954 struct ft_remote_r0kh *r0kh; 955 char *pos, *next; 956 957 r0kh = os_zalloc(sizeof(*r0kh)); 958 if (r0kh == NULL) 959 return -1; 960 961 /* 02:01:02:03:04:05 a.example.com 000102030405060708090a0b0c0d0e0f */ 962 pos = value; 963 next = os_strchr(pos, ' '); 964 if (next) 965 *next++ = '\0'; 966 if (next == NULL || hwaddr_aton(pos, r0kh->addr)) { 967 wpa_printf(MSG_ERROR, "Invalid R0KH MAC address: '%s'", pos); 968 os_free(r0kh); 969 return -1; 970 } 971 972 pos = next; 973 next = os_strchr(pos, ' '); 974 if (next) 975 *next++ = '\0'; 976 if (next == NULL || next - pos > FT_R0KH_ID_MAX_LEN) { 977 wpa_printf(MSG_ERROR, "Invalid R0KH-ID: '%s'", pos); 978 os_free(r0kh); 979 return -1; 980 } 981 r0kh->id_len = next - pos - 1; 982 os_memcpy(r0kh->id, pos, r0kh->id_len); 983 984 pos = next; 985 if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) { 986 wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos); 987 os_free(r0kh); 988 return -1; 989 } 990 991 r0kh->next = bss->r0kh_list; 992 bss->r0kh_list = r0kh; 993 994 return 0; 995 } 996 997 998 static int add_r1kh(struct hostapd_bss_config *bss, char *value) 999 { 1000 struct ft_remote_r1kh *r1kh; 1001 char *pos, *next; 1002 1003 r1kh = os_zalloc(sizeof(*r1kh)); 1004 if (r1kh == NULL) 1005 return -1; 1006 1007 /* 02:01:02:03:04:05 02:01:02:03:04:05 1008 * 000102030405060708090a0b0c0d0e0f */ 1009 pos = value; 1010 next = os_strchr(pos, ' '); 1011 if (next) 1012 *next++ = '\0'; 1013 if (next == NULL || hwaddr_aton(pos, r1kh->addr)) { 1014 wpa_printf(MSG_ERROR, "Invalid R1KH MAC address: '%s'", pos); 1015 os_free(r1kh); 1016 return -1; 1017 } 1018 1019 pos = next; 1020 next = os_strchr(pos, ' '); 1021 if (next) 1022 *next++ = '\0'; 1023 if (next == NULL || hwaddr_aton(pos, r1kh->id)) { 1024 wpa_printf(MSG_ERROR, "Invalid R1KH-ID: '%s'", pos); 1025 os_free(r1kh); 1026 return -1; 1027 } 1028 1029 pos = next; 1030 if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) { 1031 wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos); 1032 os_free(r1kh); 1033 return -1; 1034 } 1035 1036 r1kh->next = bss->r1kh_list; 1037 bss->r1kh_list = r1kh; 1038 1039 return 0; 1040 } 1041 #endif /* CONFIG_IEEE80211R */ 1042 1043 1044 #ifdef CONFIG_IEEE80211N 1045 static int hostapd_config_ht_capab(struct hostapd_config *conf, 1046 const char *capab) 1047 { 1048 if (os_strstr(capab, "[LDPC]")) 1049 conf->ht_capab |= HT_CAP_INFO_LDPC_CODING_CAP; 1050 if (os_strstr(capab, "[HT40-]")) { 1051 conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 1052 conf->secondary_channel = -1; 1053 } 1054 if (os_strstr(capab, "[HT40+]")) { 1055 conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 1056 conf->secondary_channel = 1; 1057 } 1058 if (os_strstr(capab, "[SMPS-STATIC]")) { 1059 conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK; 1060 conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC; 1061 } 1062 if (os_strstr(capab, "[SMPS-DYNAMIC]")) { 1063 conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK; 1064 conf->ht_capab |= HT_CAP_INFO_SMPS_DYNAMIC; 1065 } 1066 if (os_strstr(capab, "[GF]")) 1067 conf->ht_capab |= HT_CAP_INFO_GREEN_FIELD; 1068 if (os_strstr(capab, "[SHORT-GI-20]")) 1069 conf->ht_capab |= HT_CAP_INFO_SHORT_GI20MHZ; 1070 if (os_strstr(capab, "[SHORT-GI-40]")) 1071 conf->ht_capab |= HT_CAP_INFO_SHORT_GI40MHZ; 1072 if (os_strstr(capab, "[TX-STBC]")) 1073 conf->ht_capab |= HT_CAP_INFO_TX_STBC; 1074 if (os_strstr(capab, "[RX-STBC1]")) { 1075 conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK; 1076 conf->ht_capab |= HT_CAP_INFO_RX_STBC_1; 1077 } 1078 if (os_strstr(capab, "[RX-STBC12]")) { 1079 conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK; 1080 conf->ht_capab |= HT_CAP_INFO_RX_STBC_12; 1081 } 1082 if (os_strstr(capab, "[RX-STBC123]")) { 1083 conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK; 1084 conf->ht_capab |= HT_CAP_INFO_RX_STBC_123; 1085 } 1086 if (os_strstr(capab, "[DELAYED-BA]")) 1087 conf->ht_capab |= HT_CAP_INFO_DELAYED_BA; 1088 if (os_strstr(capab, "[MAX-AMSDU-7935]")) 1089 conf->ht_capab |= HT_CAP_INFO_MAX_AMSDU_SIZE; 1090 if (os_strstr(capab, "[DSSS_CCK-40]")) 1091 conf->ht_capab |= HT_CAP_INFO_DSSS_CCK40MHZ; 1092 if (os_strstr(capab, "[40-INTOLERANT]")) 1093 conf->ht_capab |= HT_CAP_INFO_40MHZ_INTOLERANT; 1094 if (os_strstr(capab, "[LSIG-TXOP-PROT]")) 1095 conf->ht_capab |= HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT; 1096 1097 return 0; 1098 } 1099 #endif /* CONFIG_IEEE80211N */ 1100 1101 1102 #ifdef CONFIG_IEEE80211AC 1103 static int hostapd_config_vht_capab(struct hostapd_config *conf, 1104 const char *capab) 1105 { 1106 if (os_strstr(capab, "[MAX-MPDU-7991]")) 1107 conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_7991; 1108 if (os_strstr(capab, "[MAX-MPDU-11454]")) 1109 conf->vht_capab |= VHT_CAP_MAX_MPDU_LENGTH_11454; 1110 if (os_strstr(capab, "[VHT160]")) 1111 conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 1112 if (os_strstr(capab, "[VHT160-80PLUS80]")) 1113 conf->vht_capab |= VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 1114 if (os_strstr(capab, "[RXLDPC]")) 1115 conf->vht_capab |= VHT_CAP_RXLDPC; 1116 if (os_strstr(capab, "[SHORT-GI-80]")) 1117 conf->vht_capab |= VHT_CAP_SHORT_GI_80; 1118 if (os_strstr(capab, "[SHORT-GI-160]")) 1119 conf->vht_capab |= VHT_CAP_SHORT_GI_160; 1120 if (os_strstr(capab, "[TX-STBC-2BY1]")) 1121 conf->vht_capab |= VHT_CAP_TXSTBC; 1122 if (os_strstr(capab, "[RX-STBC-1]")) 1123 conf->vht_capab |= VHT_CAP_RXSTBC_1; 1124 if (os_strstr(capab, "[RX-STBC-12]")) 1125 conf->vht_capab |= VHT_CAP_RXSTBC_2; 1126 if (os_strstr(capab, "[RX-STBC-123]")) 1127 conf->vht_capab |= VHT_CAP_RXSTBC_3; 1128 if (os_strstr(capab, "[RX-STBC-1234]")) 1129 conf->vht_capab |= VHT_CAP_RXSTBC_4; 1130 if (os_strstr(capab, "[SU-BEAMFORMER]")) 1131 conf->vht_capab |= VHT_CAP_SU_BEAMFORMER_CAPABLE; 1132 if (os_strstr(capab, "[SU-BEAMFORMEE]")) 1133 conf->vht_capab |= VHT_CAP_SU_BEAMFORMEE_CAPABLE; 1134 if (os_strstr(capab, "[BF-ANTENNA-2]") && 1135 (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE)) 1136 conf->vht_capab |= (1 << VHT_CAP_BEAMFORMEE_STS_OFFSET); 1137 if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") && 1138 (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE)) 1139 conf->vht_capab |= (1 << VHT_CAP_SOUNDING_DIMENSION_OFFSET); 1140 if (os_strstr(capab, "[MU-BEAMFORMER]")) 1141 conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE; 1142 if (os_strstr(capab, "[MU-BEAMFORMEE]")) 1143 conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE; 1144 if (os_strstr(capab, "[VHT-TXOP-PS]")) 1145 conf->vht_capab |= VHT_CAP_VHT_TXOP_PS; 1146 if (os_strstr(capab, "[HTC-VHT]")) 1147 conf->vht_capab |= VHT_CAP_HTC_VHT; 1148 if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP7]")) 1149 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX; 1150 else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP6]")) 1151 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_6; 1152 else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP5]")) 1153 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_5; 1154 else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP4]")) 1155 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_4; 1156 else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP3]")) 1157 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_3; 1158 else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP2]")) 1159 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_2; 1160 else if (os_strstr(capab, "[MAX-A-MPDU-LEN-EXP1]")) 1161 conf->vht_capab |= VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_1; 1162 if (os_strstr(capab, "[VHT-LINK-ADAPT2]") && 1163 (conf->vht_capab & VHT_CAP_HTC_VHT)) 1164 conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_UNSOL_MFB; 1165 if (os_strstr(capab, "[VHT-LINK-ADAPT3]") && 1166 (conf->vht_capab & VHT_CAP_HTC_VHT)) 1167 conf->vht_capab |= VHT_CAP_VHT_LINK_ADAPTATION_VHT_MRQ_MFB; 1168 if (os_strstr(capab, "[RX-ANTENNA-PATTERN]")) 1169 conf->vht_capab |= VHT_CAP_RX_ANTENNA_PATTERN; 1170 if (os_strstr(capab, "[TX-ANTENNA-PATTERN]")) 1171 conf->vht_capab |= VHT_CAP_TX_ANTENNA_PATTERN; 1172 return 0; 1173 } 1174 #endif /* CONFIG_IEEE80211AC */ 1175 1176 1177 #ifdef CONFIG_INTERWORKING 1178 static int parse_roaming_consortium(struct hostapd_bss_config *bss, char *pos, 1179 int line) 1180 { 1181 size_t len = os_strlen(pos); 1182 u8 oi[MAX_ROAMING_CONSORTIUM_LEN]; 1183 1184 struct hostapd_roaming_consortium *rc; 1185 1186 if ((len & 1) || len < 2 * 3 || len / 2 > MAX_ROAMING_CONSORTIUM_LEN || 1187 hexstr2bin(pos, oi, len / 2)) { 1188 wpa_printf(MSG_ERROR, "Line %d: invalid roaming_consortium " 1189 "'%s'", line, pos); 1190 return -1; 1191 } 1192 len /= 2; 1193 1194 rc = os_realloc_array(bss->roaming_consortium, 1195 bss->roaming_consortium_count + 1, 1196 sizeof(struct hostapd_roaming_consortium)); 1197 if (rc == NULL) 1198 return -1; 1199 1200 os_memcpy(rc[bss->roaming_consortium_count].oi, oi, len); 1201 rc[bss->roaming_consortium_count].len = len; 1202 1203 bss->roaming_consortium = rc; 1204 bss->roaming_consortium_count++; 1205 1206 return 0; 1207 } 1208 1209 1210 static int parse_lang_string(struct hostapd_lang_string **array, 1211 unsigned int *count, char *pos) 1212 { 1213 char *sep, *str = NULL; 1214 size_t clen, nlen, slen; 1215 struct hostapd_lang_string *ls; 1216 int ret = -1; 1217 1218 if (*pos == '"' || (*pos == 'P' && pos[1] == '"')) { 1219 str = wpa_config_parse_string(pos, &slen); 1220 if (!str) 1221 return -1; 1222 pos = str; 1223 } 1224 1225 sep = os_strchr(pos, ':'); 1226 if (sep == NULL) 1227 goto fail; 1228 *sep++ = '\0'; 1229 1230 clen = os_strlen(pos); 1231 if (clen < 2 || clen > sizeof(ls->lang)) 1232 goto fail; 1233 nlen = os_strlen(sep); 1234 if (nlen > 252) 1235 goto fail; 1236 1237 ls = os_realloc_array(*array, *count + 1, 1238 sizeof(struct hostapd_lang_string)); 1239 if (ls == NULL) 1240 goto fail; 1241 1242 *array = ls; 1243 ls = &(*array)[*count]; 1244 (*count)++; 1245 1246 os_memset(ls->lang, 0, sizeof(ls->lang)); 1247 os_memcpy(ls->lang, pos, clen); 1248 ls->name_len = nlen; 1249 os_memcpy(ls->name, sep, nlen); 1250 1251 ret = 0; 1252 fail: 1253 os_free(str); 1254 return ret; 1255 } 1256 1257 1258 static int parse_venue_name(struct hostapd_bss_config *bss, char *pos, 1259 int line) 1260 { 1261 if (parse_lang_string(&bss->venue_name, &bss->venue_name_count, pos)) { 1262 wpa_printf(MSG_ERROR, "Line %d: Invalid venue_name '%s'", 1263 line, pos); 1264 return -1; 1265 } 1266 return 0; 1267 } 1268 1269 1270 static int parse_3gpp_cell_net(struct hostapd_bss_config *bss, char *buf, 1271 int line) 1272 { 1273 size_t count; 1274 char *pos; 1275 u8 *info = NULL, *ipos; 1276 1277 /* format: <MCC1,MNC1>[;<MCC2,MNC2>][;...] */ 1278 1279 count = 1; 1280 for (pos = buf; *pos; pos++) { 1281 if ((*pos < '0' || *pos > '9') && *pos != ';' && *pos != ',') 1282 goto fail; 1283 if (*pos == ';') 1284 count++; 1285 } 1286 if (1 + count * 3 > 0x7f) 1287 goto fail; 1288 1289 info = os_zalloc(2 + 3 + count * 3); 1290 if (info == NULL) 1291 return -1; 1292 1293 ipos = info; 1294 *ipos++ = 0; /* GUD - Version 1 */ 1295 *ipos++ = 3 + count * 3; /* User Data Header Length (UDHL) */ 1296 *ipos++ = 0; /* PLMN List IEI */ 1297 /* ext(b8) | Length of PLMN List value contents(b7..1) */ 1298 *ipos++ = 1 + count * 3; 1299 *ipos++ = count; /* Number of PLMNs */ 1300 1301 pos = buf; 1302 while (pos && *pos) { 1303 char *mcc, *mnc; 1304 size_t mnc_len; 1305 1306 mcc = pos; 1307 mnc = os_strchr(pos, ','); 1308 if (mnc == NULL) 1309 goto fail; 1310 *mnc++ = '\0'; 1311 pos = os_strchr(mnc, ';'); 1312 if (pos) 1313 *pos++ = '\0'; 1314 1315 mnc_len = os_strlen(mnc); 1316 if (os_strlen(mcc) != 3 || (mnc_len != 2 && mnc_len != 3)) 1317 goto fail; 1318 1319 /* BC coded MCC,MNC */ 1320 /* MCC digit 2 | MCC digit 1 */ 1321 *ipos++ = ((mcc[1] - '0') << 4) | (mcc[0] - '0'); 1322 /* MNC digit 3 | MCC digit 3 */ 1323 *ipos++ = (((mnc_len == 2) ? 0xf0 : ((mnc[2] - '0') << 4))) | 1324 (mcc[2] - '0'); 1325 /* MNC digit 2 | MNC digit 1 */ 1326 *ipos++ = ((mnc[1] - '0') << 4) | (mnc[0] - '0'); 1327 } 1328 1329 os_free(bss->anqp_3gpp_cell_net); 1330 bss->anqp_3gpp_cell_net = info; 1331 bss->anqp_3gpp_cell_net_len = 2 + 3 + 3 * count; 1332 wpa_hexdump(MSG_MSGDUMP, "3GPP Cellular Network information", 1333 bss->anqp_3gpp_cell_net, bss->anqp_3gpp_cell_net_len); 1334 1335 return 0; 1336 1337 fail: 1338 wpa_printf(MSG_ERROR, "Line %d: Invalid anqp_3gpp_cell_net: %s", 1339 line, buf); 1340 os_free(info); 1341 return -1; 1342 } 1343 1344 1345 static int parse_nai_realm(struct hostapd_bss_config *bss, char *buf, int line) 1346 { 1347 struct hostapd_nai_realm_data *realm; 1348 size_t i, j, len; 1349 int *offsets; 1350 char *pos, *end, *rpos; 1351 1352 offsets = os_calloc(bss->nai_realm_count * MAX_NAI_REALMS, 1353 sizeof(int)); 1354 if (offsets == NULL) 1355 return -1; 1356 1357 for (i = 0; i < bss->nai_realm_count; i++) { 1358 realm = &bss->nai_realm_data[i]; 1359 for (j = 0; j < MAX_NAI_REALMS; j++) { 1360 offsets[i * MAX_NAI_REALMS + j] = 1361 realm->realm[j] ? 1362 realm->realm[j] - realm->realm_buf : -1; 1363 } 1364 } 1365 1366 realm = os_realloc_array(bss->nai_realm_data, bss->nai_realm_count + 1, 1367 sizeof(struct hostapd_nai_realm_data)); 1368 if (realm == NULL) { 1369 os_free(offsets); 1370 return -1; 1371 } 1372 bss->nai_realm_data = realm; 1373 1374 /* patch the pointers after realloc */ 1375 for (i = 0; i < bss->nai_realm_count; i++) { 1376 realm = &bss->nai_realm_data[i]; 1377 for (j = 0; j < MAX_NAI_REALMS; j++) { 1378 int offs = offsets[i * MAX_NAI_REALMS + j]; 1379 if (offs >= 0) 1380 realm->realm[j] = realm->realm_buf + offs; 1381 else 1382 realm->realm[j] = NULL; 1383 } 1384 } 1385 os_free(offsets); 1386 1387 realm = &bss->nai_realm_data[bss->nai_realm_count]; 1388 os_memset(realm, 0, sizeof(*realm)); 1389 1390 pos = buf; 1391 realm->encoding = atoi(pos); 1392 pos = os_strchr(pos, ','); 1393 if (pos == NULL) 1394 goto fail; 1395 pos++; 1396 1397 end = os_strchr(pos, ','); 1398 if (end) { 1399 len = end - pos; 1400 *end = '\0'; 1401 } else { 1402 len = os_strlen(pos); 1403 } 1404 1405 if (len > MAX_NAI_REALMLEN) { 1406 wpa_printf(MSG_ERROR, "Too long a realm string (%d > max %d " 1407 "characters)", (int) len, MAX_NAI_REALMLEN); 1408 goto fail; 1409 } 1410 os_memcpy(realm->realm_buf, pos, len); 1411 1412 if (end) 1413 pos = end + 1; 1414 else 1415 pos = NULL; 1416 1417 while (pos && *pos) { 1418 struct hostapd_nai_realm_eap *eap; 1419 1420 if (realm->eap_method_count >= MAX_NAI_EAP_METHODS) { 1421 wpa_printf(MSG_ERROR, "Too many EAP methods"); 1422 goto fail; 1423 } 1424 1425 eap = &realm->eap_method[realm->eap_method_count]; 1426 realm->eap_method_count++; 1427 1428 end = os_strchr(pos, ','); 1429 if (end == NULL) 1430 end = pos + os_strlen(pos); 1431 1432 eap->eap_method = atoi(pos); 1433 for (;;) { 1434 pos = os_strchr(pos, '['); 1435 if (pos == NULL || pos > end) 1436 break; 1437 pos++; 1438 if (eap->num_auths >= MAX_NAI_AUTH_TYPES) { 1439 wpa_printf(MSG_ERROR, "Too many auth params"); 1440 goto fail; 1441 } 1442 eap->auth_id[eap->num_auths] = atoi(pos); 1443 pos = os_strchr(pos, ':'); 1444 if (pos == NULL || pos > end) 1445 goto fail; 1446 pos++; 1447 eap->auth_val[eap->num_auths] = atoi(pos); 1448 pos = os_strchr(pos, ']'); 1449 if (pos == NULL || pos > end) 1450 goto fail; 1451 pos++; 1452 eap->num_auths++; 1453 } 1454 1455 if (*end != ',') 1456 break; 1457 1458 pos = end + 1; 1459 } 1460 1461 /* Split realm list into null terminated realms */ 1462 rpos = realm->realm_buf; 1463 i = 0; 1464 while (*rpos) { 1465 if (i >= MAX_NAI_REALMS) { 1466 wpa_printf(MSG_ERROR, "Too many realms"); 1467 goto fail; 1468 } 1469 realm->realm[i++] = rpos; 1470 rpos = os_strchr(rpos, ';'); 1471 if (rpos == NULL) 1472 break; 1473 *rpos++ = '\0'; 1474 } 1475 1476 bss->nai_realm_count++; 1477 1478 return 0; 1479 1480 fail: 1481 wpa_printf(MSG_ERROR, "Line %d: invalid nai_realm '%s'", line, buf); 1482 return -1; 1483 } 1484 1485 1486 static int parse_qos_map_set(struct hostapd_bss_config *bss, 1487 char *buf, int line) 1488 { 1489 u8 qos_map_set[16 + 2 * 21], count = 0; 1490 char *pos = buf; 1491 int val; 1492 1493 for (;;) { 1494 if (count == sizeof(qos_map_set)) { 1495 wpa_printf(MSG_ERROR, "Line %d: Too many qos_map_set " 1496 "parameters '%s'", line, buf); 1497 return -1; 1498 } 1499 1500 val = atoi(pos); 1501 if (val > 255 || val < 0) { 1502 wpa_printf(MSG_ERROR, "Line %d: Invalid qos_map_set " 1503 "'%s'", line, buf); 1504 return -1; 1505 } 1506 1507 qos_map_set[count++] = val; 1508 pos = os_strchr(pos, ','); 1509 if (!pos) 1510 break; 1511 pos++; 1512 } 1513 1514 if (count < 16 || count & 1) { 1515 wpa_printf(MSG_ERROR, "Line %d: Invalid qos_map_set '%s'", 1516 line, buf); 1517 return -1; 1518 } 1519 1520 os_memcpy(bss->qos_map_set, qos_map_set, count); 1521 bss->qos_map_set_len = count; 1522 1523 return 0; 1524 } 1525 1526 #endif /* CONFIG_INTERWORKING */ 1527 1528 1529 #ifdef CONFIG_HS20 1530 static int hs20_parse_conn_capab(struct hostapd_bss_config *bss, char *buf, 1531 int line) 1532 { 1533 u8 *conn_cap; 1534 char *pos; 1535 1536 if (bss->hs20_connection_capability_len >= 0xfff0) 1537 return -1; 1538 1539 conn_cap = os_realloc(bss->hs20_connection_capability, 1540 bss->hs20_connection_capability_len + 4); 1541 if (conn_cap == NULL) 1542 return -1; 1543 1544 bss->hs20_connection_capability = conn_cap; 1545 conn_cap += bss->hs20_connection_capability_len; 1546 pos = buf; 1547 conn_cap[0] = atoi(pos); 1548 pos = os_strchr(pos, ':'); 1549 if (pos == NULL) 1550 return -1; 1551 pos++; 1552 WPA_PUT_LE16(conn_cap + 1, atoi(pos)); 1553 pos = os_strchr(pos, ':'); 1554 if (pos == NULL) 1555 return -1; 1556 pos++; 1557 conn_cap[3] = atoi(pos); 1558 bss->hs20_connection_capability_len += 4; 1559 1560 return 0; 1561 } 1562 1563 1564 static int hs20_parse_wan_metrics(struct hostapd_bss_config *bss, char *buf, 1565 int line) 1566 { 1567 u8 *wan_metrics; 1568 char *pos; 1569 1570 /* <WAN Info>:<DL Speed>:<UL Speed>:<DL Load>:<UL Load>:<LMD> */ 1571 1572 wan_metrics = os_zalloc(13); 1573 if (wan_metrics == NULL) 1574 return -1; 1575 1576 pos = buf; 1577 /* WAN Info */ 1578 if (hexstr2bin(pos, wan_metrics, 1) < 0) 1579 goto fail; 1580 pos += 2; 1581 if (*pos != ':') 1582 goto fail; 1583 pos++; 1584 1585 /* Downlink Speed */ 1586 WPA_PUT_LE32(wan_metrics + 1, atoi(pos)); 1587 pos = os_strchr(pos, ':'); 1588 if (pos == NULL) 1589 goto fail; 1590 pos++; 1591 1592 /* Uplink Speed */ 1593 WPA_PUT_LE32(wan_metrics + 5, atoi(pos)); 1594 pos = os_strchr(pos, ':'); 1595 if (pos == NULL) 1596 goto fail; 1597 pos++; 1598 1599 /* Downlink Load */ 1600 wan_metrics[9] = atoi(pos); 1601 pos = os_strchr(pos, ':'); 1602 if (pos == NULL) 1603 goto fail; 1604 pos++; 1605 1606 /* Uplink Load */ 1607 wan_metrics[10] = atoi(pos); 1608 pos = os_strchr(pos, ':'); 1609 if (pos == NULL) 1610 goto fail; 1611 pos++; 1612 1613 /* LMD */ 1614 WPA_PUT_LE16(wan_metrics + 11, atoi(pos)); 1615 1616 os_free(bss->hs20_wan_metrics); 1617 bss->hs20_wan_metrics = wan_metrics; 1618 1619 return 0; 1620 1621 fail: 1622 wpa_printf(MSG_ERROR, "Line %d: Invalid hs20_wan_metrics '%s'", 1623 line, buf); 1624 os_free(wan_metrics); 1625 return -1; 1626 } 1627 1628 1629 static int hs20_parse_oper_friendly_name(struct hostapd_bss_config *bss, 1630 char *pos, int line) 1631 { 1632 if (parse_lang_string(&bss->hs20_oper_friendly_name, 1633 &bss->hs20_oper_friendly_name_count, pos)) { 1634 wpa_printf(MSG_ERROR, "Line %d: Invalid " 1635 "hs20_oper_friendly_name '%s'", line, pos); 1636 return -1; 1637 } 1638 return 0; 1639 } 1640 1641 1642 static int hs20_parse_icon(struct hostapd_bss_config *bss, char *pos) 1643 { 1644 struct hs20_icon *icon; 1645 char *end; 1646 1647 icon = os_realloc_array(bss->hs20_icons, bss->hs20_icons_count + 1, 1648 sizeof(struct hs20_icon)); 1649 if (icon == NULL) 1650 return -1; 1651 bss->hs20_icons = icon; 1652 icon = &bss->hs20_icons[bss->hs20_icons_count]; 1653 os_memset(icon, 0, sizeof(*icon)); 1654 1655 icon->width = atoi(pos); 1656 pos = os_strchr(pos, ':'); 1657 if (pos == NULL) 1658 return -1; 1659 pos++; 1660 1661 icon->height = atoi(pos); 1662 pos = os_strchr(pos, ':'); 1663 if (pos == NULL) 1664 return -1; 1665 pos++; 1666 1667 end = os_strchr(pos, ':'); 1668 if (end == NULL || end - pos > 3) 1669 return -1; 1670 os_memcpy(icon->language, pos, end - pos); 1671 pos = end + 1; 1672 1673 end = os_strchr(pos, ':'); 1674 if (end == NULL || end - pos > 255) 1675 return -1; 1676 os_memcpy(icon->type, pos, end - pos); 1677 pos = end + 1; 1678 1679 end = os_strchr(pos, ':'); 1680 if (end == NULL || end - pos > 255) 1681 return -1; 1682 os_memcpy(icon->name, pos, end - pos); 1683 pos = end + 1; 1684 1685 if (os_strlen(pos) > 255) 1686 return -1; 1687 os_memcpy(icon->file, pos, os_strlen(pos)); 1688 1689 bss->hs20_icons_count++; 1690 1691 return 0; 1692 } 1693 1694 1695 static int hs20_parse_osu_ssid(struct hostapd_bss_config *bss, 1696 char *pos, int line) 1697 { 1698 size_t slen; 1699 char *str; 1700 1701 str = wpa_config_parse_string(pos, &slen); 1702 if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) { 1703 wpa_printf(MSG_ERROR, "Line %d: Invalid SSID '%s'", line, pos); 1704 os_free(str); 1705 return -1; 1706 } 1707 1708 os_memcpy(bss->osu_ssid, str, slen); 1709 bss->osu_ssid_len = slen; 1710 os_free(str); 1711 1712 return 0; 1713 } 1714 1715 1716 static int hs20_parse_osu_server_uri(struct hostapd_bss_config *bss, 1717 char *pos, int line) 1718 { 1719 struct hs20_osu_provider *p; 1720 1721 p = os_realloc_array(bss->hs20_osu_providers, 1722 bss->hs20_osu_providers_count + 1, sizeof(*p)); 1723 if (p == NULL) 1724 return -1; 1725 1726 bss->hs20_osu_providers = p; 1727 bss->last_osu = &bss->hs20_osu_providers[bss->hs20_osu_providers_count]; 1728 bss->hs20_osu_providers_count++; 1729 os_memset(bss->last_osu, 0, sizeof(*p)); 1730 bss->last_osu->server_uri = os_strdup(pos); 1731 1732 return 0; 1733 } 1734 1735 1736 static int hs20_parse_osu_friendly_name(struct hostapd_bss_config *bss, 1737 char *pos, int line) 1738 { 1739 if (bss->last_osu == NULL) { 1740 wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line); 1741 return -1; 1742 } 1743 1744 if (parse_lang_string(&bss->last_osu->friendly_name, 1745 &bss->last_osu->friendly_name_count, pos)) { 1746 wpa_printf(MSG_ERROR, "Line %d: Invalid osu_friendly_name '%s'", 1747 line, pos); 1748 return -1; 1749 } 1750 1751 return 0; 1752 } 1753 1754 1755 static int hs20_parse_osu_nai(struct hostapd_bss_config *bss, 1756 char *pos, int line) 1757 { 1758 if (bss->last_osu == NULL) { 1759 wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line); 1760 return -1; 1761 } 1762 1763 os_free(bss->last_osu->osu_nai); 1764 bss->last_osu->osu_nai = os_strdup(pos); 1765 if (bss->last_osu->osu_nai == NULL) 1766 return -1; 1767 1768 return 0; 1769 } 1770 1771 1772 static int hs20_parse_osu_method_list(struct hostapd_bss_config *bss, char *pos, 1773 int line) 1774 { 1775 if (bss->last_osu == NULL) { 1776 wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line); 1777 return -1; 1778 } 1779 1780 if (hostapd_parse_intlist(&bss->last_osu->method_list, pos)) { 1781 wpa_printf(MSG_ERROR, "Line %d: Invalid osu_method_list", line); 1782 return -1; 1783 } 1784 1785 return 0; 1786 } 1787 1788 1789 static int hs20_parse_osu_icon(struct hostapd_bss_config *bss, char *pos, 1790 int line) 1791 { 1792 char **n; 1793 struct hs20_osu_provider *p = bss->last_osu; 1794 1795 if (p == NULL) { 1796 wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line); 1797 return -1; 1798 } 1799 1800 n = os_realloc_array(p->icons, p->icons_count + 1, sizeof(char *)); 1801 if (n == NULL) 1802 return -1; 1803 p->icons = n; 1804 p->icons[p->icons_count] = os_strdup(pos); 1805 if (p->icons[p->icons_count] == NULL) 1806 return -1; 1807 p->icons_count++; 1808 1809 return 0; 1810 } 1811 1812 1813 static int hs20_parse_osu_service_desc(struct hostapd_bss_config *bss, 1814 char *pos, int line) 1815 { 1816 if (bss->last_osu == NULL) { 1817 wpa_printf(MSG_ERROR, "Line %d: Unexpected OSU field", line); 1818 return -1; 1819 } 1820 1821 if (parse_lang_string(&bss->last_osu->service_desc, 1822 &bss->last_osu->service_desc_count, pos)) { 1823 wpa_printf(MSG_ERROR, "Line %d: Invalid osu_service_desc '%s'", 1824 line, pos); 1825 return -1; 1826 } 1827 1828 return 0; 1829 } 1830 1831 #endif /* CONFIG_HS20 */ 1832 1833 1834 #ifdef CONFIG_WPS_NFC 1835 static struct wpabuf * hostapd_parse_bin(const char *buf) 1836 { 1837 size_t len; 1838 struct wpabuf *ret; 1839 1840 len = os_strlen(buf); 1841 if (len & 0x01) 1842 return NULL; 1843 len /= 2; 1844 1845 ret = wpabuf_alloc(len); 1846 if (ret == NULL) 1847 return NULL; 1848 1849 if (hexstr2bin(buf, wpabuf_put(ret, len), len)) { 1850 wpabuf_free(ret); 1851 return NULL; 1852 } 1853 1854 return ret; 1855 } 1856 #endif /* CONFIG_WPS_NFC */ 1857 1858 1859 #ifdef CONFIG_ACS 1860 static int hostapd_config_parse_acs_chan_bias(struct hostapd_config *conf, 1861 char *pos) 1862 { 1863 struct acs_bias *bias = NULL, *tmp; 1864 unsigned int num = 0; 1865 char *end; 1866 1867 while (*pos) { 1868 tmp = os_realloc_array(bias, num + 1, sizeof(*bias)); 1869 if (!tmp) 1870 goto fail; 1871 bias = tmp; 1872 1873 bias[num].channel = atoi(pos); 1874 if (bias[num].channel <= 0) 1875 goto fail; 1876 pos = os_strchr(pos, ':'); 1877 if (!pos) 1878 goto fail; 1879 pos++; 1880 bias[num].bias = strtod(pos, &end); 1881 if (end == pos || bias[num].bias < 0.0) 1882 goto fail; 1883 pos = end; 1884 if (*pos != ' ' && *pos != '\0') 1885 goto fail; 1886 num++; 1887 } 1888 1889 os_free(conf->acs_chan_bias); 1890 conf->acs_chan_bias = bias; 1891 conf->num_acs_chan_bias = num; 1892 1893 return 0; 1894 fail: 1895 os_free(bias); 1896 return -1; 1897 } 1898 #endif /* CONFIG_ACS */ 1899 1900 1901 static int hostapd_config_fill(struct hostapd_config *conf, 1902 struct hostapd_bss_config *bss, 1903 char *buf, char *pos, int line) 1904 { 1905 if (os_strcmp(buf, "interface") == 0) { 1906 os_strlcpy(conf->bss[0]->iface, pos, 1907 sizeof(conf->bss[0]->iface)); 1908 } else if (os_strcmp(buf, "bridge") == 0) { 1909 os_strlcpy(bss->bridge, pos, sizeof(bss->bridge)); 1910 } else if (os_strcmp(buf, "vlan_bridge") == 0) { 1911 os_strlcpy(bss->vlan_bridge, pos, sizeof(bss->vlan_bridge)); 1912 } else if (os_strcmp(buf, "wds_bridge") == 0) { 1913 os_strlcpy(bss->wds_bridge, pos, sizeof(bss->wds_bridge)); 1914 } else if (os_strcmp(buf, "driver") == 0) { 1915 int j; 1916 /* clear to get error below if setting is invalid */ 1917 conf->driver = NULL; 1918 for (j = 0; wpa_drivers[j]; j++) { 1919 if (os_strcmp(pos, wpa_drivers[j]->name) == 0) { 1920 conf->driver = wpa_drivers[j]; 1921 break; 1922 } 1923 } 1924 if (conf->driver == NULL) { 1925 wpa_printf(MSG_ERROR, 1926 "Line %d: invalid/unknown driver '%s'", 1927 line, pos); 1928 return 1; 1929 } 1930 } else if (os_strcmp(buf, "driver_params") == 0) { 1931 os_free(conf->driver_params); 1932 conf->driver_params = os_strdup(pos); 1933 } else if (os_strcmp(buf, "debug") == 0) { 1934 wpa_printf(MSG_DEBUG, "Line %d: DEPRECATED: 'debug' configuration variable is not used anymore", 1935 line); 1936 } else if (os_strcmp(buf, "logger_syslog_level") == 0) { 1937 bss->logger_syslog_level = atoi(pos); 1938 } else if (os_strcmp(buf, "logger_stdout_level") == 0) { 1939 bss->logger_stdout_level = atoi(pos); 1940 } else if (os_strcmp(buf, "logger_syslog") == 0) { 1941 bss->logger_syslog = atoi(pos); 1942 } else if (os_strcmp(buf, "logger_stdout") == 0) { 1943 bss->logger_stdout = atoi(pos); 1944 } else if (os_strcmp(buf, "dump_file") == 0) { 1945 wpa_printf(MSG_INFO, "Line %d: DEPRECATED: 'dump_file' configuration variable is not used anymore", 1946 line); 1947 } else if (os_strcmp(buf, "ssid") == 0) { 1948 bss->ssid.ssid_len = os_strlen(pos); 1949 if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN || 1950 bss->ssid.ssid_len < 1) { 1951 wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'", 1952 line, pos); 1953 return 1; 1954 } 1955 os_memcpy(bss->ssid.ssid, pos, bss->ssid.ssid_len); 1956 bss->ssid.ssid_set = 1; 1957 } else if (os_strcmp(buf, "ssid2") == 0) { 1958 size_t slen; 1959 char *str = wpa_config_parse_string(pos, &slen); 1960 if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) { 1961 wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'", 1962 line, pos); 1963 os_free(str); 1964 return 1; 1965 } 1966 os_memcpy(bss->ssid.ssid, str, slen); 1967 bss->ssid.ssid_len = slen; 1968 bss->ssid.ssid_set = 1; 1969 os_free(str); 1970 } else if (os_strcmp(buf, "utf8_ssid") == 0) { 1971 bss->ssid.utf8_ssid = atoi(pos) > 0; 1972 } else if (os_strcmp(buf, "macaddr_acl") == 0) { 1973 bss->macaddr_acl = atoi(pos); 1974 if (bss->macaddr_acl != ACCEPT_UNLESS_DENIED && 1975 bss->macaddr_acl != DENY_UNLESS_ACCEPTED && 1976 bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) { 1977 wpa_printf(MSG_ERROR, "Line %d: unknown macaddr_acl %d", 1978 line, bss->macaddr_acl); 1979 } 1980 } else if (os_strcmp(buf, "accept_mac_file") == 0) { 1981 if (hostapd_config_read_maclist(pos, &bss->accept_mac, 1982 &bss->num_accept_mac)) { 1983 wpa_printf(MSG_ERROR, "Line %d: Failed to read accept_mac_file '%s'", 1984 line, pos); 1985 return 1; 1986 } 1987 } else if (os_strcmp(buf, "deny_mac_file") == 0) { 1988 if (hostapd_config_read_maclist(pos, &bss->deny_mac, 1989 &bss->num_deny_mac)) { 1990 wpa_printf(MSG_ERROR, "Line %d: Failed to read deny_mac_file '%s'", 1991 line, pos); 1992 return 1; 1993 } 1994 } else if (os_strcmp(buf, "wds_sta") == 0) { 1995 bss->wds_sta = atoi(pos); 1996 } else if (os_strcmp(buf, "start_disabled") == 0) { 1997 bss->start_disabled = atoi(pos); 1998 } else if (os_strcmp(buf, "ap_isolate") == 0) { 1999 bss->isolate = atoi(pos); 2000 } else if (os_strcmp(buf, "ap_max_inactivity") == 0) { 2001 bss->ap_max_inactivity = atoi(pos); 2002 } else if (os_strcmp(buf, "skip_inactivity_poll") == 0) { 2003 bss->skip_inactivity_poll = atoi(pos); 2004 } else if (os_strcmp(buf, "country_code") == 0) { 2005 os_memcpy(conf->country, pos, 2); 2006 /* FIX: make this configurable */ 2007 conf->country[2] = ' '; 2008 } else if (os_strcmp(buf, "ieee80211d") == 0) { 2009 conf->ieee80211d = atoi(pos); 2010 } else if (os_strcmp(buf, "ieee80211h") == 0) { 2011 conf->ieee80211h = atoi(pos); 2012 } else if (os_strcmp(buf, "ieee8021x") == 0) { 2013 bss->ieee802_1x = atoi(pos); 2014 } else if (os_strcmp(buf, "eapol_version") == 0) { 2015 bss->eapol_version = atoi(pos); 2016 if (bss->eapol_version < 1 || bss->eapol_version > 2) { 2017 wpa_printf(MSG_ERROR, 2018 "Line %d: invalid EAPOL version (%d): '%s'.", 2019 line, bss->eapol_version, pos); 2020 return 1; 2021 } 2022 wpa_printf(MSG_DEBUG, "eapol_version=%d", bss->eapol_version); 2023 #ifdef EAP_SERVER 2024 } else if (os_strcmp(buf, "eap_authenticator") == 0) { 2025 bss->eap_server = atoi(pos); 2026 wpa_printf(MSG_ERROR, "Line %d: obsolete eap_authenticator used; this has been renamed to eap_server", line); 2027 } else if (os_strcmp(buf, "eap_server") == 0) { 2028 bss->eap_server = atoi(pos); 2029 } else if (os_strcmp(buf, "eap_user_file") == 0) { 2030 if (hostapd_config_read_eap_user(pos, bss)) 2031 return 1; 2032 } else if (os_strcmp(buf, "ca_cert") == 0) { 2033 os_free(bss->ca_cert); 2034 bss->ca_cert = os_strdup(pos); 2035 } else if (os_strcmp(buf, "server_cert") == 0) { 2036 os_free(bss->server_cert); 2037 bss->server_cert = os_strdup(pos); 2038 } else if (os_strcmp(buf, "private_key") == 0) { 2039 os_free(bss->private_key); 2040 bss->private_key = os_strdup(pos); 2041 } else if (os_strcmp(buf, "private_key_passwd") == 0) { 2042 os_free(bss->private_key_passwd); 2043 bss->private_key_passwd = os_strdup(pos); 2044 } else if (os_strcmp(buf, "check_crl") == 0) { 2045 bss->check_crl = atoi(pos); 2046 } else if (os_strcmp(buf, "ocsp_stapling_response") == 0) { 2047 os_free(bss->ocsp_stapling_response); 2048 bss->ocsp_stapling_response = os_strdup(pos); 2049 } else if (os_strcmp(buf, "dh_file") == 0) { 2050 os_free(bss->dh_file); 2051 bss->dh_file = os_strdup(pos); 2052 } else if (os_strcmp(buf, "openssl_ciphers") == 0) { 2053 os_free(bss->openssl_ciphers); 2054 bss->openssl_ciphers = os_strdup(pos); 2055 } else if (os_strcmp(buf, "fragment_size") == 0) { 2056 bss->fragment_size = atoi(pos); 2057 #ifdef EAP_SERVER_FAST 2058 } else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) { 2059 os_free(bss->pac_opaque_encr_key); 2060 bss->pac_opaque_encr_key = os_malloc(16); 2061 if (bss->pac_opaque_encr_key == NULL) { 2062 wpa_printf(MSG_ERROR, 2063 "Line %d: No memory for pac_opaque_encr_key", 2064 line); 2065 return 1; 2066 } else if (hexstr2bin(pos, bss->pac_opaque_encr_key, 16)) { 2067 wpa_printf(MSG_ERROR, "Line %d: Invalid pac_opaque_encr_key", 2068 line); 2069 return 1; 2070 } 2071 } else if (os_strcmp(buf, "eap_fast_a_id") == 0) { 2072 size_t idlen = os_strlen(pos); 2073 if (idlen & 1) { 2074 wpa_printf(MSG_ERROR, "Line %d: Invalid eap_fast_a_id", 2075 line); 2076 return 1; 2077 } 2078 os_free(bss->eap_fast_a_id); 2079 bss->eap_fast_a_id = os_malloc(idlen / 2); 2080 if (bss->eap_fast_a_id == NULL || 2081 hexstr2bin(pos, bss->eap_fast_a_id, idlen / 2)) { 2082 wpa_printf(MSG_ERROR, "Line %d: Failed to parse eap_fast_a_id", 2083 line); 2084 os_free(bss->eap_fast_a_id); 2085 bss->eap_fast_a_id = NULL; 2086 return 1; 2087 } else { 2088 bss->eap_fast_a_id_len = idlen / 2; 2089 } 2090 } else if (os_strcmp(buf, "eap_fast_a_id_info") == 0) { 2091 os_free(bss->eap_fast_a_id_info); 2092 bss->eap_fast_a_id_info = os_strdup(pos); 2093 } else if (os_strcmp(buf, "eap_fast_prov") == 0) { 2094 bss->eap_fast_prov = atoi(pos); 2095 } else if (os_strcmp(buf, "pac_key_lifetime") == 0) { 2096 bss->pac_key_lifetime = atoi(pos); 2097 } else if (os_strcmp(buf, "pac_key_refresh_time") == 0) { 2098 bss->pac_key_refresh_time = atoi(pos); 2099 #endif /* EAP_SERVER_FAST */ 2100 #ifdef EAP_SERVER_SIM 2101 } else if (os_strcmp(buf, "eap_sim_db") == 0) { 2102 os_free(bss->eap_sim_db); 2103 bss->eap_sim_db = os_strdup(pos); 2104 } else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) { 2105 bss->eap_sim_aka_result_ind = atoi(pos); 2106 #endif /* EAP_SERVER_SIM */ 2107 #ifdef EAP_SERVER_TNC 2108 } else if (os_strcmp(buf, "tnc") == 0) { 2109 bss->tnc = atoi(pos); 2110 #endif /* EAP_SERVER_TNC */ 2111 #ifdef EAP_SERVER_PWD 2112 } else if (os_strcmp(buf, "pwd_group") == 0) { 2113 bss->pwd_group = atoi(pos); 2114 #endif /* EAP_SERVER_PWD */ 2115 } else if (os_strcmp(buf, "eap_server_erp") == 0) { 2116 bss->eap_server_erp = atoi(pos); 2117 #endif /* EAP_SERVER */ 2118 } else if (os_strcmp(buf, "eap_message") == 0) { 2119 char *term; 2120 os_free(bss->eap_req_id_text); 2121 bss->eap_req_id_text = os_strdup(pos); 2122 if (bss->eap_req_id_text == NULL) { 2123 wpa_printf(MSG_ERROR, "Line %d: Failed to allocate memory for eap_req_id_text", 2124 line); 2125 return 1; 2126 } 2127 bss->eap_req_id_text_len = os_strlen(bss->eap_req_id_text); 2128 term = os_strstr(bss->eap_req_id_text, "\\0"); 2129 if (term) { 2130 *term++ = '\0'; 2131 os_memmove(term, term + 1, 2132 bss->eap_req_id_text_len - 2133 (term - bss->eap_req_id_text) - 1); 2134 bss->eap_req_id_text_len--; 2135 } 2136 } else if (os_strcmp(buf, "erp_send_reauth_start") == 0) { 2137 bss->erp_send_reauth_start = atoi(pos); 2138 } else if (os_strcmp(buf, "erp_domain") == 0) { 2139 os_free(bss->erp_domain); 2140 bss->erp_domain = os_strdup(pos); 2141 } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) { 2142 bss->default_wep_key_len = atoi(pos); 2143 if (bss->default_wep_key_len > 13) { 2144 wpa_printf(MSG_ERROR, "Line %d: invalid WEP key len %lu (= %lu bits)", 2145 line, 2146 (unsigned long) bss->default_wep_key_len, 2147 (unsigned long) 2148 bss->default_wep_key_len * 8); 2149 return 1; 2150 } 2151 } else if (os_strcmp(buf, "wep_key_len_unicast") == 0) { 2152 bss->individual_wep_key_len = atoi(pos); 2153 if (bss->individual_wep_key_len < 0 || 2154 bss->individual_wep_key_len > 13) { 2155 wpa_printf(MSG_ERROR, "Line %d: invalid WEP key len %d (= %d bits)", 2156 line, bss->individual_wep_key_len, 2157 bss->individual_wep_key_len * 8); 2158 return 1; 2159 } 2160 } else if (os_strcmp(buf, "wep_rekey_period") == 0) { 2161 bss->wep_rekeying_period = atoi(pos); 2162 if (bss->wep_rekeying_period < 0) { 2163 wpa_printf(MSG_ERROR, "Line %d: invalid period %d", 2164 line, bss->wep_rekeying_period); 2165 return 1; 2166 } 2167 } else if (os_strcmp(buf, "eap_reauth_period") == 0) { 2168 bss->eap_reauth_period = atoi(pos); 2169 if (bss->eap_reauth_period < 0) { 2170 wpa_printf(MSG_ERROR, "Line %d: invalid period %d", 2171 line, bss->eap_reauth_period); 2172 return 1; 2173 } 2174 } else if (os_strcmp(buf, "eapol_key_index_workaround") == 0) { 2175 bss->eapol_key_index_workaround = atoi(pos); 2176 #ifdef CONFIG_IAPP 2177 } else if (os_strcmp(buf, "iapp_interface") == 0) { 2178 bss->ieee802_11f = 1; 2179 os_strlcpy(bss->iapp_iface, pos, sizeof(bss->iapp_iface)); 2180 #endif /* CONFIG_IAPP */ 2181 } else if (os_strcmp(buf, "own_ip_addr") == 0) { 2182 if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) { 2183 wpa_printf(MSG_ERROR, 2184 "Line %d: invalid IP address '%s'", 2185 line, pos); 2186 return 1; 2187 } 2188 } else if (os_strcmp(buf, "nas_identifier") == 0) { 2189 os_free(bss->nas_identifier); 2190 bss->nas_identifier = os_strdup(pos); 2191 #ifndef CONFIG_NO_RADIUS 2192 } else if (os_strcmp(buf, "radius_client_addr") == 0) { 2193 if (hostapd_parse_ip_addr(pos, &bss->radius->client_addr)) { 2194 wpa_printf(MSG_ERROR, 2195 "Line %d: invalid IP address '%s'", 2196 line, pos); 2197 return 1; 2198 } 2199 bss->radius->force_client_addr = 1; 2200 } else if (os_strcmp(buf, "auth_server_addr") == 0) { 2201 if (hostapd_config_read_radius_addr( 2202 &bss->radius->auth_servers, 2203 &bss->radius->num_auth_servers, pos, 1812, 2204 &bss->radius->auth_server)) { 2205 wpa_printf(MSG_ERROR, 2206 "Line %d: invalid IP address '%s'", 2207 line, pos); 2208 return 1; 2209 } 2210 } else if (bss->radius->auth_server && 2211 os_strcmp(buf, "auth_server_addr_replace") == 0) { 2212 if (hostapd_parse_ip_addr(pos, 2213 &bss->radius->auth_server->addr)) { 2214 wpa_printf(MSG_ERROR, 2215 "Line %d: invalid IP address '%s'", 2216 line, pos); 2217 return 1; 2218 } 2219 } else if (bss->radius->auth_server && 2220 os_strcmp(buf, "auth_server_port") == 0) { 2221 bss->radius->auth_server->port = atoi(pos); 2222 } else if (bss->radius->auth_server && 2223 os_strcmp(buf, "auth_server_shared_secret") == 0) { 2224 int len = os_strlen(pos); 2225 if (len == 0) { 2226 /* RFC 2865, Ch. 3 */ 2227 wpa_printf(MSG_ERROR, "Line %d: empty shared secret is not allowed", 2228 line); 2229 return 1; 2230 } 2231 os_free(bss->radius->auth_server->shared_secret); 2232 bss->radius->auth_server->shared_secret = (u8 *) os_strdup(pos); 2233 bss->radius->auth_server->shared_secret_len = len; 2234 } else if (os_strcmp(buf, "acct_server_addr") == 0) { 2235 if (hostapd_config_read_radius_addr( 2236 &bss->radius->acct_servers, 2237 &bss->radius->num_acct_servers, pos, 1813, 2238 &bss->radius->acct_server)) { 2239 wpa_printf(MSG_ERROR, 2240 "Line %d: invalid IP address '%s'", 2241 line, pos); 2242 return 1; 2243 } 2244 } else if (bss->radius->acct_server && 2245 os_strcmp(buf, "acct_server_addr_replace") == 0) { 2246 if (hostapd_parse_ip_addr(pos, 2247 &bss->radius->acct_server->addr)) { 2248 wpa_printf(MSG_ERROR, 2249 "Line %d: invalid IP address '%s'", 2250 line, pos); 2251 return 1; 2252 } 2253 } else if (bss->radius->acct_server && 2254 os_strcmp(buf, "acct_server_port") == 0) { 2255 bss->radius->acct_server->port = atoi(pos); 2256 } else if (bss->radius->acct_server && 2257 os_strcmp(buf, "acct_server_shared_secret") == 0) { 2258 int len = os_strlen(pos); 2259 if (len == 0) { 2260 /* RFC 2865, Ch. 3 */ 2261 wpa_printf(MSG_ERROR, "Line %d: empty shared secret is not allowed", 2262 line); 2263 return 1; 2264 } 2265 os_free(bss->radius->acct_server->shared_secret); 2266 bss->radius->acct_server->shared_secret = (u8 *) os_strdup(pos); 2267 bss->radius->acct_server->shared_secret_len = len; 2268 } else if (os_strcmp(buf, "radius_retry_primary_interval") == 0) { 2269 bss->radius->retry_primary_interval = atoi(pos); 2270 } else if (os_strcmp(buf, "radius_acct_interim_interval") == 0) { 2271 bss->acct_interim_interval = atoi(pos); 2272 } else if (os_strcmp(buf, "radius_request_cui") == 0) { 2273 bss->radius_request_cui = atoi(pos); 2274 } else if (os_strcmp(buf, "radius_auth_req_attr") == 0) { 2275 struct hostapd_radius_attr *attr, *a; 2276 attr = hostapd_parse_radius_attr(pos); 2277 if (attr == NULL) { 2278 wpa_printf(MSG_ERROR, 2279 "Line %d: invalid radius_auth_req_attr", 2280 line); 2281 return 1; 2282 } else if (bss->radius_auth_req_attr == NULL) { 2283 bss->radius_auth_req_attr = attr; 2284 } else { 2285 a = bss->radius_auth_req_attr; 2286 while (a->next) 2287 a = a->next; 2288 a->next = attr; 2289 } 2290 } else if (os_strcmp(buf, "radius_acct_req_attr") == 0) { 2291 struct hostapd_radius_attr *attr, *a; 2292 attr = hostapd_parse_radius_attr(pos); 2293 if (attr == NULL) { 2294 wpa_printf(MSG_ERROR, 2295 "Line %d: invalid radius_acct_req_attr", 2296 line); 2297 return 1; 2298 } else if (bss->radius_acct_req_attr == NULL) { 2299 bss->radius_acct_req_attr = attr; 2300 } else { 2301 a = bss->radius_acct_req_attr; 2302 while (a->next) 2303 a = a->next; 2304 a->next = attr; 2305 } 2306 } else if (os_strcmp(buf, "radius_das_port") == 0) { 2307 bss->radius_das_port = atoi(pos); 2308 } else if (os_strcmp(buf, "radius_das_client") == 0) { 2309 if (hostapd_parse_das_client(bss, pos) < 0) { 2310 wpa_printf(MSG_ERROR, "Line %d: invalid DAS client", 2311 line); 2312 return 1; 2313 } 2314 } else if (os_strcmp(buf, "radius_das_time_window") == 0) { 2315 bss->radius_das_time_window = atoi(pos); 2316 } else if (os_strcmp(buf, "radius_das_require_event_timestamp") == 0) { 2317 bss->radius_das_require_event_timestamp = atoi(pos); 2318 #endif /* CONFIG_NO_RADIUS */ 2319 } else if (os_strcmp(buf, "auth_algs") == 0) { 2320 bss->auth_algs = atoi(pos); 2321 if (bss->auth_algs == 0) { 2322 wpa_printf(MSG_ERROR, "Line %d: no authentication algorithms allowed", 2323 line); 2324 return 1; 2325 } 2326 } else if (os_strcmp(buf, "max_num_sta") == 0) { 2327 bss->max_num_sta = atoi(pos); 2328 if (bss->max_num_sta < 0 || 2329 bss->max_num_sta > MAX_STA_COUNT) { 2330 wpa_printf(MSG_ERROR, "Line %d: Invalid max_num_sta=%d; allowed range 0..%d", 2331 line, bss->max_num_sta, MAX_STA_COUNT); 2332 return 1; 2333 } 2334 } else if (os_strcmp(buf, "wpa") == 0) { 2335 bss->wpa = atoi(pos); 2336 } else if (os_strcmp(buf, "wpa_group_rekey") == 0) { 2337 bss->wpa_group_rekey = atoi(pos); 2338 } else if (os_strcmp(buf, "wpa_strict_rekey") == 0) { 2339 bss->wpa_strict_rekey = atoi(pos); 2340 } else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) { 2341 bss->wpa_gmk_rekey = atoi(pos); 2342 } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) { 2343 bss->wpa_ptk_rekey = atoi(pos); 2344 } else if (os_strcmp(buf, "wpa_passphrase") == 0) { 2345 int len = os_strlen(pos); 2346 if (len < 8 || len > 63) { 2347 wpa_printf(MSG_ERROR, "Line %d: invalid WPA passphrase length %d (expected 8..63)", 2348 line, len); 2349 return 1; 2350 } 2351 os_free(bss->ssid.wpa_passphrase); 2352 bss->ssid.wpa_passphrase = os_strdup(pos); 2353 if (bss->ssid.wpa_passphrase) { 2354 hostapd_config_clear_wpa_psk(&bss->ssid.wpa_psk); 2355 bss->ssid.wpa_passphrase_set = 1; 2356 } 2357 } else if (os_strcmp(buf, "wpa_psk") == 0) { 2358 hostapd_config_clear_wpa_psk(&bss->ssid.wpa_psk); 2359 bss->ssid.wpa_psk = os_zalloc(sizeof(struct hostapd_wpa_psk)); 2360 if (bss->ssid.wpa_psk == NULL) 2361 return 1; 2362 if (hexstr2bin(pos, bss->ssid.wpa_psk->psk, PMK_LEN) || 2363 pos[PMK_LEN * 2] != '\0') { 2364 wpa_printf(MSG_ERROR, "Line %d: Invalid PSK '%s'.", 2365 line, pos); 2366 hostapd_config_clear_wpa_psk(&bss->ssid.wpa_psk); 2367 return 1; 2368 } 2369 bss->ssid.wpa_psk->group = 1; 2370 os_free(bss->ssid.wpa_passphrase); 2371 bss->ssid.wpa_passphrase = NULL; 2372 bss->ssid.wpa_psk_set = 1; 2373 } else if (os_strcmp(buf, "wpa_psk_file") == 0) { 2374 os_free(bss->ssid.wpa_psk_file); 2375 bss->ssid.wpa_psk_file = os_strdup(pos); 2376 if (!bss->ssid.wpa_psk_file) { 2377 wpa_printf(MSG_ERROR, "Line %d: allocation failed", 2378 line); 2379 return 1; 2380 } 2381 } else if (os_strcmp(buf, "wpa_key_mgmt") == 0) { 2382 bss->wpa_key_mgmt = hostapd_config_parse_key_mgmt(line, pos); 2383 if (bss->wpa_key_mgmt == -1) 2384 return 1; 2385 } else if (os_strcmp(buf, "wpa_psk_radius") == 0) { 2386 bss->wpa_psk_radius = atoi(pos); 2387 if (bss->wpa_psk_radius != PSK_RADIUS_IGNORED && 2388 bss->wpa_psk_radius != PSK_RADIUS_ACCEPTED && 2389 bss->wpa_psk_radius != PSK_RADIUS_REQUIRED) { 2390 wpa_printf(MSG_ERROR, 2391 "Line %d: unknown wpa_psk_radius %d", 2392 line, bss->wpa_psk_radius); 2393 return 1; 2394 } 2395 } else if (os_strcmp(buf, "wpa_pairwise") == 0) { 2396 bss->wpa_pairwise = hostapd_config_parse_cipher(line, pos); 2397 if (bss->wpa_pairwise == -1 || bss->wpa_pairwise == 0) 2398 return 1; 2399 if (bss->wpa_pairwise & 2400 (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)) { 2401 wpa_printf(MSG_ERROR, "Line %d: unsupported pairwise cipher suite '%s'", 2402 bss->wpa_pairwise, pos); 2403 return 1; 2404 } 2405 } else if (os_strcmp(buf, "rsn_pairwise") == 0) { 2406 bss->rsn_pairwise = hostapd_config_parse_cipher(line, pos); 2407 if (bss->rsn_pairwise == -1 || bss->rsn_pairwise == 0) 2408 return 1; 2409 if (bss->rsn_pairwise & 2410 (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)) { 2411 wpa_printf(MSG_ERROR, "Line %d: unsupported pairwise cipher suite '%s'", 2412 bss->rsn_pairwise, pos); 2413 return 1; 2414 } 2415 #ifdef CONFIG_RSN_PREAUTH 2416 } else if (os_strcmp(buf, "rsn_preauth") == 0) { 2417 bss->rsn_preauth = atoi(pos); 2418 } else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) { 2419 os_free(bss->rsn_preauth_interfaces); 2420 bss->rsn_preauth_interfaces = os_strdup(pos); 2421 #endif /* CONFIG_RSN_PREAUTH */ 2422 #ifdef CONFIG_PEERKEY 2423 } else if (os_strcmp(buf, "peerkey") == 0) { 2424 bss->peerkey = atoi(pos); 2425 #endif /* CONFIG_PEERKEY */ 2426 #ifdef CONFIG_IEEE80211R 2427 } else if (os_strcmp(buf, "mobility_domain") == 0) { 2428 if (os_strlen(pos) != 2 * MOBILITY_DOMAIN_ID_LEN || 2429 hexstr2bin(pos, bss->mobility_domain, 2430 MOBILITY_DOMAIN_ID_LEN) != 0) { 2431 wpa_printf(MSG_ERROR, 2432 "Line %d: Invalid mobility_domain '%s'", 2433 line, pos); 2434 return 1; 2435 } 2436 } else if (os_strcmp(buf, "r1_key_holder") == 0) { 2437 if (os_strlen(pos) != 2 * FT_R1KH_ID_LEN || 2438 hexstr2bin(pos, bss->r1_key_holder, FT_R1KH_ID_LEN) != 0) { 2439 wpa_printf(MSG_ERROR, 2440 "Line %d: Invalid r1_key_holder '%s'", 2441 line, pos); 2442 return 1; 2443 } 2444 } else if (os_strcmp(buf, "r0_key_lifetime") == 0) { 2445 bss->r0_key_lifetime = atoi(pos); 2446 } else if (os_strcmp(buf, "reassociation_deadline") == 0) { 2447 bss->reassociation_deadline = atoi(pos); 2448 } else if (os_strcmp(buf, "r0kh") == 0) { 2449 if (add_r0kh(bss, pos) < 0) { 2450 wpa_printf(MSG_DEBUG, "Line %d: Invalid r0kh '%s'", 2451 line, pos); 2452 return 1; 2453 } 2454 } else if (os_strcmp(buf, "r1kh") == 0) { 2455 if (add_r1kh(bss, pos) < 0) { 2456 wpa_printf(MSG_DEBUG, "Line %d: Invalid r1kh '%s'", 2457 line, pos); 2458 return 1; 2459 } 2460 } else if (os_strcmp(buf, "pmk_r1_push") == 0) { 2461 bss->pmk_r1_push = atoi(pos); 2462 } else if (os_strcmp(buf, "ft_over_ds") == 0) { 2463 bss->ft_over_ds = atoi(pos); 2464 #endif /* CONFIG_IEEE80211R */ 2465 #ifndef CONFIG_NO_CTRL_IFACE 2466 } else if (os_strcmp(buf, "ctrl_interface") == 0) { 2467 os_free(bss->ctrl_interface); 2468 bss->ctrl_interface = os_strdup(pos); 2469 } else if (os_strcmp(buf, "ctrl_interface_group") == 0) { 2470 #ifndef CONFIG_NATIVE_WINDOWS 2471 struct group *grp; 2472 char *endp; 2473 const char *group = pos; 2474 2475 grp = getgrnam(group); 2476 if (grp) { 2477 bss->ctrl_interface_gid = grp->gr_gid; 2478 bss->ctrl_interface_gid_set = 1; 2479 wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d (from group name '%s')", 2480 bss->ctrl_interface_gid, group); 2481 return 0; 2482 } 2483 2484 /* Group name not found - try to parse this as gid */ 2485 bss->ctrl_interface_gid = strtol(group, &endp, 10); 2486 if (*group == '\0' || *endp != '\0') { 2487 wpa_printf(MSG_DEBUG, "Line %d: Invalid group '%s'", 2488 line, group); 2489 return 1; 2490 } 2491 bss->ctrl_interface_gid_set = 1; 2492 wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d", 2493 bss->ctrl_interface_gid); 2494 #endif /* CONFIG_NATIVE_WINDOWS */ 2495 #endif /* CONFIG_NO_CTRL_IFACE */ 2496 #ifdef RADIUS_SERVER 2497 } else if (os_strcmp(buf, "radius_server_clients") == 0) { 2498 os_free(bss->radius_server_clients); 2499 bss->radius_server_clients = os_strdup(pos); 2500 } else if (os_strcmp(buf, "radius_server_auth_port") == 0) { 2501 bss->radius_server_auth_port = atoi(pos); 2502 } else if (os_strcmp(buf, "radius_server_acct_port") == 0) { 2503 bss->radius_server_acct_port = atoi(pos); 2504 } else if (os_strcmp(buf, "radius_server_ipv6") == 0) { 2505 bss->radius_server_ipv6 = atoi(pos); 2506 #endif /* RADIUS_SERVER */ 2507 } else if (os_strcmp(buf, "use_pae_group_addr") == 0) { 2508 bss->use_pae_group_addr = atoi(pos); 2509 } else if (os_strcmp(buf, "hw_mode") == 0) { 2510 if (os_strcmp(pos, "a") == 0) 2511 conf->hw_mode = HOSTAPD_MODE_IEEE80211A; 2512 else if (os_strcmp(pos, "b") == 0) 2513 conf->hw_mode = HOSTAPD_MODE_IEEE80211B; 2514 else if (os_strcmp(pos, "g") == 0) 2515 conf->hw_mode = HOSTAPD_MODE_IEEE80211G; 2516 else if (os_strcmp(pos, "ad") == 0) 2517 conf->hw_mode = HOSTAPD_MODE_IEEE80211AD; 2518 else { 2519 wpa_printf(MSG_ERROR, "Line %d: unknown hw_mode '%s'", 2520 line, pos); 2521 return 1; 2522 } 2523 } else if (os_strcmp(buf, "wps_rf_bands") == 0) { 2524 if (os_strcmp(pos, "a") == 0) 2525 bss->wps_rf_bands = WPS_RF_50GHZ; 2526 else if (os_strcmp(pos, "g") == 0 || 2527 os_strcmp(pos, "b") == 0) 2528 bss->wps_rf_bands = WPS_RF_24GHZ; 2529 else if (os_strcmp(pos, "ag") == 0 || 2530 os_strcmp(pos, "ga") == 0) 2531 bss->wps_rf_bands = WPS_RF_24GHZ | WPS_RF_50GHZ; 2532 else { 2533 wpa_printf(MSG_ERROR, 2534 "Line %d: unknown wps_rf_band '%s'", 2535 line, pos); 2536 return 1; 2537 } 2538 } else if (os_strcmp(buf, "channel") == 0) { 2539 if (os_strcmp(pos, "acs_survey") == 0) { 2540 #ifndef CONFIG_ACS 2541 wpa_printf(MSG_ERROR, "Line %d: tries to enable ACS but CONFIG_ACS disabled", 2542 line); 2543 return 1; 2544 #else /* CONFIG_ACS */ 2545 conf->channel = 0; 2546 #endif /* CONFIG_ACS */ 2547 } else 2548 conf->channel = atoi(pos); 2549 } else if (os_strcmp(buf, "chanlist") == 0) { 2550 if (hostapd_parse_intlist(&conf->chanlist, pos)) { 2551 wpa_printf(MSG_ERROR, "Line %d: invalid channel list", 2552 line); 2553 return 1; 2554 } 2555 } else if (os_strcmp(buf, "beacon_int") == 0) { 2556 int val = atoi(pos); 2557 /* MIB defines range as 1..65535, but very small values 2558 * cause problems with the current implementation. 2559 * Since it is unlikely that this small numbers are 2560 * useful in real life scenarios, do not allow beacon 2561 * period to be set below 15 TU. */ 2562 if (val < 15 || val > 65535) { 2563 wpa_printf(MSG_ERROR, "Line %d: invalid beacon_int %d (expected 15..65535)", 2564 line, val); 2565 return 1; 2566 } 2567 conf->beacon_int = val; 2568 #ifdef CONFIG_ACS 2569 } else if (os_strcmp(buf, "acs_num_scans") == 0) { 2570 int val = atoi(pos); 2571 if (val <= 0 || val > 100) { 2572 wpa_printf(MSG_ERROR, "Line %d: invalid acs_num_scans %d (expected 1..100)", 2573 line, val); 2574 return 1; 2575 } 2576 conf->acs_num_scans = val; 2577 } else if (os_strcmp(buf, "acs_chan_bias") == 0) { 2578 if (hostapd_config_parse_acs_chan_bias(conf, pos)) { 2579 wpa_printf(MSG_ERROR, "Line %d: invalid acs_chan_bias", 2580 line); 2581 return -1; 2582 } 2583 #endif /* CONFIG_ACS */ 2584 } else if (os_strcmp(buf, "dtim_period") == 0) { 2585 bss->dtim_period = atoi(pos); 2586 if (bss->dtim_period < 1 || bss->dtim_period > 255) { 2587 wpa_printf(MSG_ERROR, "Line %d: invalid dtim_period %d", 2588 line, bss->dtim_period); 2589 return 1; 2590 } 2591 } else if (os_strcmp(buf, "bss_load_update_period") == 0) { 2592 bss->bss_load_update_period = atoi(pos); 2593 if (bss->bss_load_update_period < 0 || 2594 bss->bss_load_update_period > 100) { 2595 wpa_printf(MSG_ERROR, 2596 "Line %d: invalid bss_load_update_period %d", 2597 line, bss->bss_load_update_period); 2598 return 1; 2599 } 2600 } else if (os_strcmp(buf, "rts_threshold") == 0) { 2601 conf->rts_threshold = atoi(pos); 2602 if (conf->rts_threshold < 0 || conf->rts_threshold > 2347) { 2603 wpa_printf(MSG_ERROR, 2604 "Line %d: invalid rts_threshold %d", 2605 line, conf->rts_threshold); 2606 return 1; 2607 } 2608 } else if (os_strcmp(buf, "fragm_threshold") == 0) { 2609 conf->fragm_threshold = atoi(pos); 2610 if (conf->fragm_threshold < 256 || 2611 conf->fragm_threshold > 2346) { 2612 wpa_printf(MSG_ERROR, 2613 "Line %d: invalid fragm_threshold %d", 2614 line, conf->fragm_threshold); 2615 return 1; 2616 } 2617 } else if (os_strcmp(buf, "send_probe_response") == 0) { 2618 int val = atoi(pos); 2619 if (val != 0 && val != 1) { 2620 wpa_printf(MSG_ERROR, "Line %d: invalid send_probe_response %d (expected 0 or 1)", 2621 line, val); 2622 return 1; 2623 } 2624 conf->send_probe_response = val; 2625 } else if (os_strcmp(buf, "supported_rates") == 0) { 2626 if (hostapd_parse_intlist(&conf->supported_rates, pos)) { 2627 wpa_printf(MSG_ERROR, "Line %d: invalid rate list", 2628 line); 2629 return 1; 2630 } 2631 } else if (os_strcmp(buf, "basic_rates") == 0) { 2632 if (hostapd_parse_intlist(&conf->basic_rates, pos)) { 2633 wpa_printf(MSG_ERROR, "Line %d: invalid rate list", 2634 line); 2635 return 1; 2636 } 2637 } else if (os_strcmp(buf, "preamble") == 0) { 2638 if (atoi(pos)) 2639 conf->preamble = SHORT_PREAMBLE; 2640 else 2641 conf->preamble = LONG_PREAMBLE; 2642 } else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) { 2643 bss->ignore_broadcast_ssid = atoi(pos); 2644 } else if (os_strcmp(buf, "wep_default_key") == 0) { 2645 bss->ssid.wep.idx = atoi(pos); 2646 if (bss->ssid.wep.idx > 3) { 2647 wpa_printf(MSG_ERROR, 2648 "Invalid wep_default_key index %d", 2649 bss->ssid.wep.idx); 2650 return 1; 2651 } 2652 } else if (os_strcmp(buf, "wep_key0") == 0 || 2653 os_strcmp(buf, "wep_key1") == 0 || 2654 os_strcmp(buf, "wep_key2") == 0 || 2655 os_strcmp(buf, "wep_key3") == 0) { 2656 if (hostapd_config_read_wep(&bss->ssid.wep, 2657 buf[7] - '0', pos)) { 2658 wpa_printf(MSG_ERROR, "Line %d: invalid WEP key '%s'", 2659 line, buf); 2660 return 1; 2661 } 2662 #ifndef CONFIG_NO_VLAN 2663 } else if (os_strcmp(buf, "dynamic_vlan") == 0) { 2664 bss->ssid.dynamic_vlan = atoi(pos); 2665 } else if (os_strcmp(buf, "vlan_file") == 0) { 2666 if (hostapd_config_read_vlan_file(bss, pos)) { 2667 wpa_printf(MSG_ERROR, "Line %d: failed to read VLAN file '%s'", 2668 line, pos); 2669 return 1; 2670 } 2671 } else if (os_strcmp(buf, "vlan_naming") == 0) { 2672 bss->ssid.vlan_naming = atoi(pos); 2673 if (bss->ssid.vlan_naming >= DYNAMIC_VLAN_NAMING_END || 2674 bss->ssid.vlan_naming < 0) { 2675 wpa_printf(MSG_ERROR, 2676 "Line %d: invalid naming scheme %d", 2677 line, bss->ssid.vlan_naming); 2678 return 1; 2679 } 2680 #ifdef CONFIG_FULL_DYNAMIC_VLAN 2681 } else if (os_strcmp(buf, "vlan_tagged_interface") == 0) { 2682 os_free(bss->ssid.vlan_tagged_interface); 2683 bss->ssid.vlan_tagged_interface = os_strdup(pos); 2684 #endif /* CONFIG_FULL_DYNAMIC_VLAN */ 2685 #endif /* CONFIG_NO_VLAN */ 2686 } else if (os_strcmp(buf, "ap_table_max_size") == 0) { 2687 conf->ap_table_max_size = atoi(pos); 2688 } else if (os_strcmp(buf, "ap_table_expiration_time") == 0) { 2689 conf->ap_table_expiration_time = atoi(pos); 2690 } else if (os_strncmp(buf, "tx_queue_", 9) == 0) { 2691 if (hostapd_config_tx_queue(conf, buf, pos)) { 2692 wpa_printf(MSG_ERROR, "Line %d: invalid TX queue item", 2693 line); 2694 return 1; 2695 } 2696 } else if (os_strcmp(buf, "wme_enabled") == 0 || 2697 os_strcmp(buf, "wmm_enabled") == 0) { 2698 bss->wmm_enabled = atoi(pos); 2699 } else if (os_strcmp(buf, "uapsd_advertisement_enabled") == 0) { 2700 bss->wmm_uapsd = atoi(pos); 2701 } else if (os_strncmp(buf, "wme_ac_", 7) == 0 || 2702 os_strncmp(buf, "wmm_ac_", 7) == 0) { 2703 if (hostapd_config_wmm_ac(conf->wmm_ac_params, buf, pos)) { 2704 wpa_printf(MSG_ERROR, "Line %d: invalid WMM ac item", 2705 line); 2706 return 1; 2707 } 2708 } else if (os_strcmp(buf, "bss") == 0) { 2709 if (hostapd_config_bss(conf, pos)) { 2710 wpa_printf(MSG_ERROR, "Line %d: invalid bss item", 2711 line); 2712 return 1; 2713 } 2714 } else if (os_strcmp(buf, "bssid") == 0) { 2715 if (hwaddr_aton(pos, bss->bssid)) { 2716 wpa_printf(MSG_ERROR, "Line %d: invalid bssid item", 2717 line); 2718 return 1; 2719 } 2720 #ifdef CONFIG_IEEE80211W 2721 } else if (os_strcmp(buf, "ieee80211w") == 0) { 2722 bss->ieee80211w = atoi(pos); 2723 } else if (os_strcmp(buf, "group_mgmt_cipher") == 0) { 2724 if (os_strcmp(pos, "AES-128-CMAC") == 0) { 2725 bss->group_mgmt_cipher = WPA_CIPHER_AES_128_CMAC; 2726 } else if (os_strcmp(pos, "BIP-GMAC-128") == 0) { 2727 bss->group_mgmt_cipher = WPA_CIPHER_BIP_GMAC_128; 2728 } else if (os_strcmp(pos, "BIP-GMAC-256") == 0) { 2729 bss->group_mgmt_cipher = WPA_CIPHER_BIP_GMAC_256; 2730 } else if (os_strcmp(pos, "BIP-CMAC-256") == 0) { 2731 bss->group_mgmt_cipher = WPA_CIPHER_BIP_CMAC_256; 2732 } else { 2733 wpa_printf(MSG_ERROR, "Line %d: invalid group_mgmt_cipher: %s", 2734 line, pos); 2735 return 1; 2736 } 2737 } else if (os_strcmp(buf, "assoc_sa_query_max_timeout") == 0) { 2738 bss->assoc_sa_query_max_timeout = atoi(pos); 2739 if (bss->assoc_sa_query_max_timeout == 0) { 2740 wpa_printf(MSG_ERROR, "Line %d: invalid assoc_sa_query_max_timeout", 2741 line); 2742 return 1; 2743 } 2744 } else if (os_strcmp(buf, "assoc_sa_query_retry_timeout") == 0) { 2745 bss->assoc_sa_query_retry_timeout = atoi(pos); 2746 if (bss->assoc_sa_query_retry_timeout == 0) { 2747 wpa_printf(MSG_ERROR, "Line %d: invalid assoc_sa_query_retry_timeout", 2748 line); 2749 return 1; 2750 } 2751 #endif /* CONFIG_IEEE80211W */ 2752 #ifdef CONFIG_IEEE80211N 2753 } else if (os_strcmp(buf, "ieee80211n") == 0) { 2754 conf->ieee80211n = atoi(pos); 2755 } else if (os_strcmp(buf, "ht_capab") == 0) { 2756 if (hostapd_config_ht_capab(conf, pos) < 0) { 2757 wpa_printf(MSG_ERROR, "Line %d: invalid ht_capab", 2758 line); 2759 return 1; 2760 } 2761 } else if (os_strcmp(buf, "require_ht") == 0) { 2762 conf->require_ht = atoi(pos); 2763 } else if (os_strcmp(buf, "obss_interval") == 0) { 2764 conf->obss_interval = atoi(pos); 2765 #endif /* CONFIG_IEEE80211N */ 2766 #ifdef CONFIG_IEEE80211AC 2767 } else if (os_strcmp(buf, "ieee80211ac") == 0) { 2768 conf->ieee80211ac = atoi(pos); 2769 } else if (os_strcmp(buf, "vht_capab") == 0) { 2770 if (hostapd_config_vht_capab(conf, pos) < 0) { 2771 wpa_printf(MSG_ERROR, "Line %d: invalid vht_capab", 2772 line); 2773 return 1; 2774 } 2775 } else if (os_strcmp(buf, "require_vht") == 0) { 2776 conf->require_vht = atoi(pos); 2777 } else if (os_strcmp(buf, "vht_oper_chwidth") == 0) { 2778 conf->vht_oper_chwidth = atoi(pos); 2779 } else if (os_strcmp(buf, "vht_oper_centr_freq_seg0_idx") == 0) { 2780 conf->vht_oper_centr_freq_seg0_idx = atoi(pos); 2781 } else if (os_strcmp(buf, "vht_oper_centr_freq_seg1_idx") == 0) { 2782 conf->vht_oper_centr_freq_seg1_idx = atoi(pos); 2783 } else if (os_strcmp(buf, "vendor_vht") == 0) { 2784 bss->vendor_vht = atoi(pos); 2785 #endif /* CONFIG_IEEE80211AC */ 2786 } else if (os_strcmp(buf, "max_listen_interval") == 0) { 2787 bss->max_listen_interval = atoi(pos); 2788 } else if (os_strcmp(buf, "disable_pmksa_caching") == 0) { 2789 bss->disable_pmksa_caching = atoi(pos); 2790 } else if (os_strcmp(buf, "okc") == 0) { 2791 bss->okc = atoi(pos); 2792 #ifdef CONFIG_WPS 2793 } else if (os_strcmp(buf, "wps_state") == 0) { 2794 bss->wps_state = atoi(pos); 2795 if (bss->wps_state < 0 || bss->wps_state > 2) { 2796 wpa_printf(MSG_ERROR, "Line %d: invalid wps_state", 2797 line); 2798 return 1; 2799 } 2800 } else if (os_strcmp(buf, "wps_independent") == 0) { 2801 bss->wps_independent = atoi(pos); 2802 } else if (os_strcmp(buf, "ap_setup_locked") == 0) { 2803 bss->ap_setup_locked = atoi(pos); 2804 } else if (os_strcmp(buf, "uuid") == 0) { 2805 if (uuid_str2bin(pos, bss->uuid)) { 2806 wpa_printf(MSG_ERROR, "Line %d: invalid UUID", line); 2807 return 1; 2808 } 2809 } else if (os_strcmp(buf, "wps_pin_requests") == 0) { 2810 os_free(bss->wps_pin_requests); 2811 bss->wps_pin_requests = os_strdup(pos); 2812 } else if (os_strcmp(buf, "device_name") == 0) { 2813 if (os_strlen(pos) > 32) { 2814 wpa_printf(MSG_ERROR, "Line %d: Too long " 2815 "device_name", line); 2816 return 1; 2817 } 2818 os_free(bss->device_name); 2819 bss->device_name = os_strdup(pos); 2820 } else if (os_strcmp(buf, "manufacturer") == 0) { 2821 if (os_strlen(pos) > 64) { 2822 wpa_printf(MSG_ERROR, "Line %d: Too long manufacturer", 2823 line); 2824 return 1; 2825 } 2826 os_free(bss->manufacturer); 2827 bss->manufacturer = os_strdup(pos); 2828 } else if (os_strcmp(buf, "model_name") == 0) { 2829 if (os_strlen(pos) > 32) { 2830 wpa_printf(MSG_ERROR, "Line %d: Too long model_name", 2831 line); 2832 return 1; 2833 } 2834 os_free(bss->model_name); 2835 bss->model_name = os_strdup(pos); 2836 } else if (os_strcmp(buf, "model_number") == 0) { 2837 if (os_strlen(pos) > 32) { 2838 wpa_printf(MSG_ERROR, "Line %d: Too long model_number", 2839 line); 2840 return 1; 2841 } 2842 os_free(bss->model_number); 2843 bss->model_number = os_strdup(pos); 2844 } else if (os_strcmp(buf, "serial_number") == 0) { 2845 if (os_strlen(pos) > 32) { 2846 wpa_printf(MSG_ERROR, "Line %d: Too long serial_number", 2847 line); 2848 return 1; 2849 } 2850 os_free(bss->serial_number); 2851 bss->serial_number = os_strdup(pos); 2852 } else if (os_strcmp(buf, "device_type") == 0) { 2853 if (wps_dev_type_str2bin(pos, bss->device_type)) 2854 return 1; 2855 } else if (os_strcmp(buf, "config_methods") == 0) { 2856 os_free(bss->config_methods); 2857 bss->config_methods = os_strdup(pos); 2858 } else if (os_strcmp(buf, "os_version") == 0) { 2859 if (hexstr2bin(pos, bss->os_version, 4)) { 2860 wpa_printf(MSG_ERROR, "Line %d: invalid os_version", 2861 line); 2862 return 1; 2863 } 2864 } else if (os_strcmp(buf, "ap_pin") == 0) { 2865 os_free(bss->ap_pin); 2866 bss->ap_pin = os_strdup(pos); 2867 } else if (os_strcmp(buf, "skip_cred_build") == 0) { 2868 bss->skip_cred_build = atoi(pos); 2869 } else if (os_strcmp(buf, "extra_cred") == 0) { 2870 os_free(bss->extra_cred); 2871 bss->extra_cred = (u8 *) os_readfile(pos, &bss->extra_cred_len); 2872 if (bss->extra_cred == NULL) { 2873 wpa_printf(MSG_ERROR, "Line %d: could not read Credentials from '%s'", 2874 line, pos); 2875 return 1; 2876 } 2877 } else if (os_strcmp(buf, "wps_cred_processing") == 0) { 2878 bss->wps_cred_processing = atoi(pos); 2879 } else if (os_strcmp(buf, "ap_settings") == 0) { 2880 os_free(bss->ap_settings); 2881 bss->ap_settings = 2882 (u8 *) os_readfile(pos, &bss->ap_settings_len); 2883 if (bss->ap_settings == NULL) { 2884 wpa_printf(MSG_ERROR, "Line %d: could not read AP Settings from '%s'", 2885 line, pos); 2886 return 1; 2887 } 2888 } else if (os_strcmp(buf, "upnp_iface") == 0) { 2889 os_free(bss->upnp_iface); 2890 bss->upnp_iface = os_strdup(pos); 2891 } else if (os_strcmp(buf, "friendly_name") == 0) { 2892 os_free(bss->friendly_name); 2893 bss->friendly_name = os_strdup(pos); 2894 } else if (os_strcmp(buf, "manufacturer_url") == 0) { 2895 os_free(bss->manufacturer_url); 2896 bss->manufacturer_url = os_strdup(pos); 2897 } else if (os_strcmp(buf, "model_description") == 0) { 2898 os_free(bss->model_description); 2899 bss->model_description = os_strdup(pos); 2900 } else if (os_strcmp(buf, "model_url") == 0) { 2901 os_free(bss->model_url); 2902 bss->model_url = os_strdup(pos); 2903 } else if (os_strcmp(buf, "upc") == 0) { 2904 os_free(bss->upc); 2905 bss->upc = os_strdup(pos); 2906 } else if (os_strcmp(buf, "pbc_in_m1") == 0) { 2907 bss->pbc_in_m1 = atoi(pos); 2908 } else if (os_strcmp(buf, "server_id") == 0) { 2909 os_free(bss->server_id); 2910 bss->server_id = os_strdup(pos); 2911 #ifdef CONFIG_WPS_NFC 2912 } else if (os_strcmp(buf, "wps_nfc_dev_pw_id") == 0) { 2913 bss->wps_nfc_dev_pw_id = atoi(pos); 2914 if (bss->wps_nfc_dev_pw_id < 0x10 || 2915 bss->wps_nfc_dev_pw_id > 0xffff) { 2916 wpa_printf(MSG_ERROR, "Line %d: Invalid wps_nfc_dev_pw_id value", 2917 line); 2918 return 1; 2919 } 2920 bss->wps_nfc_pw_from_config = 1; 2921 } else if (os_strcmp(buf, "wps_nfc_dh_pubkey") == 0) { 2922 wpabuf_free(bss->wps_nfc_dh_pubkey); 2923 bss->wps_nfc_dh_pubkey = hostapd_parse_bin(pos); 2924 bss->wps_nfc_pw_from_config = 1; 2925 } else if (os_strcmp(buf, "wps_nfc_dh_privkey") == 0) { 2926 wpabuf_free(bss->wps_nfc_dh_privkey); 2927 bss->wps_nfc_dh_privkey = hostapd_parse_bin(pos); 2928 bss->wps_nfc_pw_from_config = 1; 2929 } else if (os_strcmp(buf, "wps_nfc_dev_pw") == 0) { 2930 wpabuf_free(bss->wps_nfc_dev_pw); 2931 bss->wps_nfc_dev_pw = hostapd_parse_bin(pos); 2932 bss->wps_nfc_pw_from_config = 1; 2933 #endif /* CONFIG_WPS_NFC */ 2934 #endif /* CONFIG_WPS */ 2935 #ifdef CONFIG_P2P_MANAGER 2936 } else if (os_strcmp(buf, "manage_p2p") == 0) { 2937 if (atoi(pos)) 2938 bss->p2p |= P2P_MANAGE; 2939 else 2940 bss->p2p &= ~P2P_MANAGE; 2941 } else if (os_strcmp(buf, "allow_cross_connection") == 0) { 2942 if (atoi(pos)) 2943 bss->p2p |= P2P_ALLOW_CROSS_CONNECTION; 2944 else 2945 bss->p2p &= ~P2P_ALLOW_CROSS_CONNECTION; 2946 #endif /* CONFIG_P2P_MANAGER */ 2947 } else if (os_strcmp(buf, "disassoc_low_ack") == 0) { 2948 bss->disassoc_low_ack = atoi(pos); 2949 } else if (os_strcmp(buf, "tdls_prohibit") == 0) { 2950 if (atoi(pos)) 2951 bss->tdls |= TDLS_PROHIBIT; 2952 else 2953 bss->tdls &= ~TDLS_PROHIBIT; 2954 } else if (os_strcmp(buf, "tdls_prohibit_chan_switch") == 0) { 2955 if (atoi(pos)) 2956 bss->tdls |= TDLS_PROHIBIT_CHAN_SWITCH; 2957 else 2958 bss->tdls &= ~TDLS_PROHIBIT_CHAN_SWITCH; 2959 #ifdef CONFIG_RSN_TESTING 2960 } else if (os_strcmp(buf, "rsn_testing") == 0) { 2961 extern int rsn_testing; 2962 rsn_testing = atoi(pos); 2963 #endif /* CONFIG_RSN_TESTING */ 2964 } else if (os_strcmp(buf, "time_advertisement") == 0) { 2965 bss->time_advertisement = atoi(pos); 2966 } else if (os_strcmp(buf, "time_zone") == 0) { 2967 size_t tz_len = os_strlen(pos); 2968 if (tz_len < 4 || tz_len > 255) { 2969 wpa_printf(MSG_DEBUG, "Line %d: invalid time_zone", 2970 line); 2971 return 1; 2972 } 2973 os_free(bss->time_zone); 2974 bss->time_zone = os_strdup(pos); 2975 if (bss->time_zone == NULL) 2976 return 1; 2977 #ifdef CONFIG_WNM 2978 } else if (os_strcmp(buf, "wnm_sleep_mode") == 0) { 2979 bss->wnm_sleep_mode = atoi(pos); 2980 } else if (os_strcmp(buf, "bss_transition") == 0) { 2981 bss->bss_transition = atoi(pos); 2982 #endif /* CONFIG_WNM */ 2983 #ifdef CONFIG_INTERWORKING 2984 } else if (os_strcmp(buf, "interworking") == 0) { 2985 bss->interworking = atoi(pos); 2986 } else if (os_strcmp(buf, "access_network_type") == 0) { 2987 bss->access_network_type = atoi(pos); 2988 if (bss->access_network_type < 0 || 2989 bss->access_network_type > 15) { 2990 wpa_printf(MSG_ERROR, 2991 "Line %d: invalid access_network_type", 2992 line); 2993 return 1; 2994 } 2995 } else if (os_strcmp(buf, "internet") == 0) { 2996 bss->internet = atoi(pos); 2997 } else if (os_strcmp(buf, "asra") == 0) { 2998 bss->asra = atoi(pos); 2999 } else if (os_strcmp(buf, "esr") == 0) { 3000 bss->esr = atoi(pos); 3001 } else if (os_strcmp(buf, "uesa") == 0) { 3002 bss->uesa = atoi(pos); 3003 } else if (os_strcmp(buf, "venue_group") == 0) { 3004 bss->venue_group = atoi(pos); 3005 bss->venue_info_set = 1; 3006 } else if (os_strcmp(buf, "venue_type") == 0) { 3007 bss->venue_type = atoi(pos); 3008 bss->venue_info_set = 1; 3009 } else if (os_strcmp(buf, "hessid") == 0) { 3010 if (hwaddr_aton(pos, bss->hessid)) { 3011 wpa_printf(MSG_ERROR, "Line %d: invalid hessid", line); 3012 return 1; 3013 } 3014 } else if (os_strcmp(buf, "roaming_consortium") == 0) { 3015 if (parse_roaming_consortium(bss, pos, line) < 0) 3016 return 1; 3017 } else if (os_strcmp(buf, "venue_name") == 0) { 3018 if (parse_venue_name(bss, pos, line) < 0) 3019 return 1; 3020 } else if (os_strcmp(buf, "network_auth_type") == 0) { 3021 u8 auth_type; 3022 u16 redirect_url_len; 3023 if (hexstr2bin(pos, &auth_type, 1)) { 3024 wpa_printf(MSG_ERROR, 3025 "Line %d: Invalid network_auth_type '%s'", 3026 line, pos); 3027 return 1; 3028 } 3029 if (auth_type == 0 || auth_type == 2) 3030 redirect_url_len = os_strlen(pos + 2); 3031 else 3032 redirect_url_len = 0; 3033 os_free(bss->network_auth_type); 3034 bss->network_auth_type = os_malloc(redirect_url_len + 3 + 1); 3035 if (bss->network_auth_type == NULL) 3036 return 1; 3037 *bss->network_auth_type = auth_type; 3038 WPA_PUT_LE16(bss->network_auth_type + 1, redirect_url_len); 3039 if (redirect_url_len) 3040 os_memcpy(bss->network_auth_type + 3, pos + 2, 3041 redirect_url_len); 3042 bss->network_auth_type_len = 3 + redirect_url_len; 3043 } else if (os_strcmp(buf, "ipaddr_type_availability") == 0) { 3044 if (hexstr2bin(pos, &bss->ipaddr_type_availability, 1)) { 3045 wpa_printf(MSG_ERROR, "Line %d: Invalid ipaddr_type_availability '%s'", 3046 line, pos); 3047 bss->ipaddr_type_configured = 0; 3048 return 1; 3049 } 3050 bss->ipaddr_type_configured = 1; 3051 } else if (os_strcmp(buf, "domain_name") == 0) { 3052 int j, num_domains, domain_len, domain_list_len = 0; 3053 char *tok_start, *tok_prev; 3054 u8 *domain_list, *domain_ptr; 3055 3056 domain_list_len = os_strlen(pos) + 1; 3057 domain_list = os_malloc(domain_list_len); 3058 if (domain_list == NULL) 3059 return 1; 3060 3061 domain_ptr = domain_list; 3062 tok_prev = pos; 3063 num_domains = 1; 3064 while ((tok_prev = os_strchr(tok_prev, ','))) { 3065 num_domains++; 3066 tok_prev++; 3067 } 3068 tok_prev = pos; 3069 for (j = 0; j < num_domains; j++) { 3070 tok_start = os_strchr(tok_prev, ','); 3071 if (tok_start) { 3072 domain_len = tok_start - tok_prev; 3073 *domain_ptr = domain_len; 3074 os_memcpy(domain_ptr + 1, tok_prev, domain_len); 3075 domain_ptr += domain_len + 1; 3076 tok_prev = ++tok_start; 3077 } else { 3078 domain_len = os_strlen(tok_prev); 3079 *domain_ptr = domain_len; 3080 os_memcpy(domain_ptr + 1, tok_prev, domain_len); 3081 domain_ptr += domain_len + 1; 3082 } 3083 } 3084 3085 os_free(bss->domain_name); 3086 bss->domain_name = domain_list; 3087 bss->domain_name_len = domain_list_len; 3088 } else if (os_strcmp(buf, "anqp_3gpp_cell_net") == 0) { 3089 if (parse_3gpp_cell_net(bss, pos, line) < 0) 3090 return 1; 3091 } else if (os_strcmp(buf, "nai_realm") == 0) { 3092 if (parse_nai_realm(bss, pos, line) < 0) 3093 return 1; 3094 } else if (os_strcmp(buf, "gas_frag_limit") == 0) { 3095 bss->gas_frag_limit = atoi(pos); 3096 } else if (os_strcmp(buf, "gas_comeback_delay") == 0) { 3097 bss->gas_comeback_delay = atoi(pos); 3098 } else if (os_strcmp(buf, "qos_map_set") == 0) { 3099 if (parse_qos_map_set(bss, pos, line) < 0) 3100 return 1; 3101 #endif /* CONFIG_INTERWORKING */ 3102 #ifdef CONFIG_RADIUS_TEST 3103 } else if (os_strcmp(buf, "dump_msk_file") == 0) { 3104 os_free(bss->dump_msk_file); 3105 bss->dump_msk_file = os_strdup(pos); 3106 #endif /* CONFIG_RADIUS_TEST */ 3107 #ifdef CONFIG_HS20 3108 } else if (os_strcmp(buf, "hs20") == 0) { 3109 bss->hs20 = atoi(pos); 3110 } else if (os_strcmp(buf, "disable_dgaf") == 0) { 3111 bss->disable_dgaf = atoi(pos); 3112 } else if (os_strcmp(buf, "proxy_arp") == 0) { 3113 bss->proxy_arp = atoi(pos); 3114 } else if (os_strcmp(buf, "osen") == 0) { 3115 bss->osen = atoi(pos); 3116 } else if (os_strcmp(buf, "anqp_domain_id") == 0) { 3117 bss->anqp_domain_id = atoi(pos); 3118 } else if (os_strcmp(buf, "hs20_deauth_req_timeout") == 0) { 3119 bss->hs20_deauth_req_timeout = atoi(pos); 3120 } else if (os_strcmp(buf, "hs20_oper_friendly_name") == 0) { 3121 if (hs20_parse_oper_friendly_name(bss, pos, line) < 0) 3122 return 1; 3123 } else if (os_strcmp(buf, "hs20_wan_metrics") == 0) { 3124 if (hs20_parse_wan_metrics(bss, pos, line) < 0) 3125 return 1; 3126 } else if (os_strcmp(buf, "hs20_conn_capab") == 0) { 3127 if (hs20_parse_conn_capab(bss, pos, line) < 0) { 3128 return 1; 3129 } 3130 } else if (os_strcmp(buf, "hs20_operating_class") == 0) { 3131 u8 *oper_class; 3132 size_t oper_class_len; 3133 oper_class_len = os_strlen(pos); 3134 if (oper_class_len < 2 || (oper_class_len & 0x01)) { 3135 wpa_printf(MSG_ERROR, 3136 "Line %d: Invalid hs20_operating_class '%s'", 3137 line, pos); 3138 return 1; 3139 } 3140 oper_class_len /= 2; 3141 oper_class = os_malloc(oper_class_len); 3142 if (oper_class == NULL) 3143 return 1; 3144 if (hexstr2bin(pos, oper_class, oper_class_len)) { 3145 wpa_printf(MSG_ERROR, 3146 "Line %d: Invalid hs20_operating_class '%s'", 3147 line, pos); 3148 os_free(oper_class); 3149 return 1; 3150 } 3151 os_free(bss->hs20_operating_class); 3152 bss->hs20_operating_class = oper_class; 3153 bss->hs20_operating_class_len = oper_class_len; 3154 } else if (os_strcmp(buf, "hs20_icon") == 0) { 3155 if (hs20_parse_icon(bss, pos) < 0) { 3156 wpa_printf(MSG_ERROR, "Line %d: Invalid hs20_icon '%s'", 3157 line, pos); 3158 return 1; 3159 } 3160 } else if (os_strcmp(buf, "osu_ssid") == 0) { 3161 if (hs20_parse_osu_ssid(bss, pos, line) < 0) 3162 return 1; 3163 } else if (os_strcmp(buf, "osu_server_uri") == 0) { 3164 if (hs20_parse_osu_server_uri(bss, pos, line) < 0) 3165 return 1; 3166 } else if (os_strcmp(buf, "osu_friendly_name") == 0) { 3167 if (hs20_parse_osu_friendly_name(bss, pos, line) < 0) 3168 return 1; 3169 } else if (os_strcmp(buf, "osu_nai") == 0) { 3170 if (hs20_parse_osu_nai(bss, pos, line) < 0) 3171 return 1; 3172 } else if (os_strcmp(buf, "osu_method_list") == 0) { 3173 if (hs20_parse_osu_method_list(bss, pos, line) < 0) 3174 return 1; 3175 } else if (os_strcmp(buf, "osu_icon") == 0) { 3176 if (hs20_parse_osu_icon(bss, pos, line) < 0) 3177 return 1; 3178 } else if (os_strcmp(buf, "osu_service_desc") == 0) { 3179 if (hs20_parse_osu_service_desc(bss, pos, line) < 0) 3180 return 1; 3181 } else if (os_strcmp(buf, "subscr_remediation_url") == 0) { 3182 os_free(bss->subscr_remediation_url); 3183 bss->subscr_remediation_url = os_strdup(pos); 3184 } else if (os_strcmp(buf, "subscr_remediation_method") == 0) { 3185 bss->subscr_remediation_method = atoi(pos); 3186 #endif /* CONFIG_HS20 */ 3187 #ifdef CONFIG_TESTING_OPTIONS 3188 #define PARSE_TEST_PROBABILITY(_val) \ 3189 } else if (os_strcmp(buf, #_val) == 0) { \ 3190 char *end; \ 3191 \ 3192 conf->_val = strtod(pos, &end); \ 3193 if (*end || conf->_val < 0.0 || \ 3194 conf->_val > 1.0) { \ 3195 wpa_printf(MSG_ERROR, \ 3196 "Line %d: Invalid value '%s'", \ 3197 line, pos); \ 3198 return 1; \ 3199 } 3200 PARSE_TEST_PROBABILITY(ignore_probe_probability) 3201 PARSE_TEST_PROBABILITY(ignore_auth_probability) 3202 PARSE_TEST_PROBABILITY(ignore_assoc_probability) 3203 PARSE_TEST_PROBABILITY(ignore_reassoc_probability) 3204 PARSE_TEST_PROBABILITY(corrupt_gtk_rekey_mic_probability) 3205 } else if (os_strcmp(buf, "bss_load_test") == 0) { 3206 WPA_PUT_LE16(bss->bss_load_test, atoi(pos)); 3207 pos = os_strchr(pos, ':'); 3208 if (pos == NULL) { 3209 wpa_printf(MSG_ERROR, "Line %d: Invalid bss_load_test", 3210 line); 3211 return 1; 3212 } 3213 pos++; 3214 bss->bss_load_test[2] = atoi(pos); 3215 pos = os_strchr(pos, ':'); 3216 if (pos == NULL) { 3217 wpa_printf(MSG_ERROR, "Line %d: Invalid bss_load_test", 3218 line); 3219 return 1; 3220 } 3221 pos++; 3222 WPA_PUT_LE16(&bss->bss_load_test[3], atoi(pos)); 3223 bss->bss_load_test_set = 1; 3224 } else if (os_strcmp(buf, "radio_measurements") == 0) { 3225 bss->radio_measurements = atoi(pos); 3226 #endif /* CONFIG_TESTING_OPTIONS */ 3227 } else if (os_strcmp(buf, "vendor_elements") == 0) { 3228 struct wpabuf *elems; 3229 size_t len = os_strlen(pos); 3230 if (len & 0x01) { 3231 wpa_printf(MSG_ERROR, 3232 "Line %d: Invalid vendor_elements '%s'", 3233 line, pos); 3234 return 1; 3235 } 3236 len /= 2; 3237 if (len == 0) { 3238 wpabuf_free(bss->vendor_elements); 3239 bss->vendor_elements = NULL; 3240 return 0; 3241 } 3242 3243 elems = wpabuf_alloc(len); 3244 if (elems == NULL) 3245 return 1; 3246 3247 if (hexstr2bin(pos, wpabuf_put(elems, len), len)) { 3248 wpabuf_free(elems); 3249 wpa_printf(MSG_ERROR, 3250 "Line %d: Invalid vendor_elements '%s'", 3251 line, pos); 3252 return 1; 3253 } 3254 3255 wpabuf_free(bss->vendor_elements); 3256 bss->vendor_elements = elems; 3257 } else if (os_strcmp(buf, "sae_anti_clogging_threshold") == 0) { 3258 bss->sae_anti_clogging_threshold = atoi(pos); 3259 } else if (os_strcmp(buf, "sae_groups") == 0) { 3260 if (hostapd_parse_intlist(&bss->sae_groups, pos)) { 3261 wpa_printf(MSG_ERROR, 3262 "Line %d: Invalid sae_groups value '%s'", 3263 line, pos); 3264 return 1; 3265 } 3266 } else if (os_strcmp(buf, "local_pwr_constraint") == 0) { 3267 int val = atoi(pos); 3268 if (val < 0 || val > 255) { 3269 wpa_printf(MSG_ERROR, "Line %d: Invalid local_pwr_constraint %d (expected 0..255)", 3270 line, val); 3271 return 1; 3272 } 3273 conf->local_pwr_constraint = val; 3274 } else if (os_strcmp(buf, "spectrum_mgmt_required") == 0) { 3275 conf->spectrum_mgmt_required = atoi(pos); 3276 } else if (os_strcmp(buf, "wowlan_triggers") == 0) { 3277 os_free(bss->wowlan_triggers); 3278 bss->wowlan_triggers = os_strdup(pos); 3279 } else { 3280 wpa_printf(MSG_ERROR, 3281 "Line %d: unknown configuration item '%s'", 3282 line, buf); 3283 return 1; 3284 } 3285 3286 return 0; 3287 } 3288 3289 3290 /** 3291 * hostapd_config_read - Read and parse a configuration file 3292 * @fname: Configuration file name (including path, if needed) 3293 * Returns: Allocated configuration data structure 3294 */ 3295 struct hostapd_config * hostapd_config_read(const char *fname) 3296 { 3297 struct hostapd_config *conf; 3298 FILE *f; 3299 char buf[512], *pos; 3300 int line = 0; 3301 int errors = 0; 3302 size_t i; 3303 3304 f = fopen(fname, "r"); 3305 if (f == NULL) { 3306 wpa_printf(MSG_ERROR, "Could not open configuration file '%s' " 3307 "for reading.", fname); 3308 return NULL; 3309 } 3310 3311 conf = hostapd_config_defaults(); 3312 if (conf == NULL) { 3313 fclose(f); 3314 return NULL; 3315 } 3316 3317 /* set default driver based on configuration */ 3318 conf->driver = wpa_drivers[0]; 3319 if (conf->driver == NULL) { 3320 wpa_printf(MSG_ERROR, "No driver wrappers registered!"); 3321 hostapd_config_free(conf); 3322 fclose(f); 3323 return NULL; 3324 } 3325 3326 conf->last_bss = conf->bss[0]; 3327 3328 while (fgets(buf, sizeof(buf), f)) { 3329 struct hostapd_bss_config *bss; 3330 3331 bss = conf->last_bss; 3332 line++; 3333 3334 if (buf[0] == '#') 3335 continue; 3336 pos = buf; 3337 while (*pos != '\0') { 3338 if (*pos == '\n') { 3339 *pos = '\0'; 3340 break; 3341 } 3342 pos++; 3343 } 3344 if (buf[0] == '\0') 3345 continue; 3346 3347 pos = os_strchr(buf, '='); 3348 if (pos == NULL) { 3349 wpa_printf(MSG_ERROR, "Line %d: invalid line '%s'", 3350 line, buf); 3351 errors++; 3352 continue; 3353 } 3354 *pos = '\0'; 3355 pos++; 3356 errors += hostapd_config_fill(conf, bss, buf, pos, line); 3357 } 3358 3359 fclose(f); 3360 3361 for (i = 0; i < conf->num_bss; i++) 3362 hostapd_set_security_params(conf->bss[i], 1); 3363 3364 if (hostapd_config_check(conf, 1)) 3365 errors++; 3366 3367 #ifndef WPA_IGNORE_CONFIG_ERRORS 3368 if (errors) { 3369 wpa_printf(MSG_ERROR, "%d errors found in configuration file " 3370 "'%s'", errors, fname); 3371 hostapd_config_free(conf); 3372 conf = NULL; 3373 } 3374 #endif /* WPA_IGNORE_CONFIG_ERRORS */ 3375 3376 return conf; 3377 } 3378 3379 3380 int hostapd_set_iface(struct hostapd_config *conf, 3381 struct hostapd_bss_config *bss, char *field, char *value) 3382 { 3383 int errors; 3384 size_t i; 3385 3386 errors = hostapd_config_fill(conf, bss, field, value, 0); 3387 if (errors) { 3388 wpa_printf(MSG_INFO, "Failed to set configuration field '%s' " 3389 "to value '%s'", field, value); 3390 return -1; 3391 } 3392 3393 for (i = 0; i < conf->num_bss; i++) 3394 hostapd_set_security_params(conf->bss[i], 0); 3395 3396 if (hostapd_config_check(conf, 0)) { 3397 wpa_printf(MSG_ERROR, "Configuration check failed"); 3398 return -1; 3399 } 3400 3401 return 0; 3402 } 3403