1 /* 2 * hostapd / EAP user database 3 * Copyright (c) 2012, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "includes.h" 10 #ifdef CONFIG_SQLITE 11 #include <sqlite3.h> 12 #endif /* CONFIG_SQLITE */ 13 14 #include "common.h" 15 #include "eap_common/eap_wsc_common.h" 16 #include "eap_server/eap_methods.h" 17 #include "eap_server/eap.h" 18 #include "ap_config.h" 19 #include "hostapd.h" 20 21 #ifdef CONFIG_SQLITE 22 23 static void set_user_methods(struct hostapd_eap_user *user, const char *methods) 24 { 25 char *buf, *start; 26 int num_methods; 27 28 buf = os_strdup(methods); 29 if (buf == NULL) 30 return; 31 32 os_memset(&user->methods, 0, sizeof(user->methods)); 33 num_methods = 0; 34 start = buf; 35 while (*start) { 36 char *pos3 = os_strchr(start, ','); 37 if (pos3) 38 *pos3++ = '\0'; 39 user->methods[num_methods].method = 40 eap_server_get_type(start, 41 &user->methods[num_methods].vendor); 42 if (user->methods[num_methods].vendor == EAP_VENDOR_IETF && 43 user->methods[num_methods].method == EAP_TYPE_NONE) { 44 if (os_strcmp(start, "TTLS-PAP") == 0) { 45 user->ttls_auth |= EAP_TTLS_AUTH_PAP; 46 goto skip_eap; 47 } 48 if (os_strcmp(start, "TTLS-CHAP") == 0) { 49 user->ttls_auth |= EAP_TTLS_AUTH_CHAP; 50 goto skip_eap; 51 } 52 if (os_strcmp(start, "TTLS-MSCHAP") == 0) { 53 user->ttls_auth |= EAP_TTLS_AUTH_MSCHAP; 54 goto skip_eap; 55 } 56 if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) { 57 user->ttls_auth |= EAP_TTLS_AUTH_MSCHAPV2; 58 goto skip_eap; 59 } 60 wpa_printf(MSG_INFO, "DB: Unsupported EAP type '%s'", 61 start); 62 os_free(buf); 63 return; 64 } 65 66 num_methods++; 67 if (num_methods >= EAP_MAX_METHODS) 68 break; 69 skip_eap: 70 if (pos3 == NULL) 71 break; 72 start = pos3; 73 } 74 75 os_free(buf); 76 } 77 78 79 static int get_user_cb(void *ctx, int argc, char *argv[], char *col[]) 80 { 81 struct hostapd_eap_user *user = ctx; 82 int i; 83 84 for (i = 0; i < argc; i++) { 85 if (os_strcmp(col[i], "password") == 0 && argv[i]) { 86 bin_clear_free(user->password, user->password_len); 87 user->password_len = os_strlen(argv[i]); 88 user->password = (u8 *) os_strdup(argv[i]); 89 user->next = (void *) 1; 90 } else if (os_strcmp(col[i], "methods") == 0 && argv[i]) { 91 set_user_methods(user, argv[i]); 92 } else if (os_strcmp(col[i], "remediation") == 0 && argv[i]) { 93 user->remediation = strlen(argv[i]) > 0; 94 } else if (os_strcmp(col[i], "t_c_timestamp") == 0 && argv[i]) { 95 user->t_c_timestamp = strtol(argv[i], NULL, 10); 96 } 97 } 98 99 return 0; 100 } 101 102 103 static int get_wildcard_cb(void *ctx, int argc, char *argv[], char *col[]) 104 { 105 struct hostapd_eap_user *user = ctx; 106 int i, id = -1, methods = -1; 107 size_t len; 108 109 for (i = 0; i < argc; i++) { 110 if (os_strcmp(col[i], "identity") == 0 && argv[i]) 111 id = i; 112 else if (os_strcmp(col[i], "methods") == 0 && argv[i]) 113 methods = i; 114 } 115 116 if (id < 0 || methods < 0) 117 return 0; 118 119 len = os_strlen(argv[id]); 120 if (len <= user->identity_len && 121 os_memcmp(argv[id], user->identity, len) == 0 && 122 (user->password == NULL || len > user->password_len)) { 123 bin_clear_free(user->password, user->password_len); 124 user->password_len = os_strlen(argv[id]); 125 user->password = (u8 *) os_strdup(argv[id]); 126 user->next = (void *) 1; 127 set_user_methods(user, argv[methods]); 128 } 129 130 return 0; 131 } 132 133 134 static const struct hostapd_eap_user * 135 eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity, 136 size_t identity_len, int phase2) 137 { 138 sqlite3 *db; 139 struct hostapd_eap_user *user = NULL; 140 char id_str[256], cmd[300]; 141 size_t i; 142 int res; 143 144 if (identity_len >= sizeof(id_str)) { 145 wpa_printf(MSG_DEBUG, "%s: identity len too big: %d >= %d", 146 __func__, (int) identity_len, 147 (int) (sizeof(id_str))); 148 return NULL; 149 } 150 os_memcpy(id_str, identity, identity_len); 151 id_str[identity_len] = '\0'; 152 for (i = 0; i < identity_len; i++) { 153 if (id_str[i] >= 'a' && id_str[i] <= 'z') 154 continue; 155 if (id_str[i] >= 'A' && id_str[i] <= 'Z') 156 continue; 157 if (id_str[i] >= '0' && id_str[i] <= '9') 158 continue; 159 if (id_str[i] == '-' || id_str[i] == '_' || id_str[i] == '.' || 160 id_str[i] == ',' || id_str[i] == '@' || id_str[i] == '\\' || 161 id_str[i] == '!' || id_str[i] == '#' || id_str[i] == '%' || 162 id_str[i] == '=' || id_str[i] == ' ') 163 continue; 164 wpa_printf(MSG_INFO, "DB: Unsupported character in identity"); 165 return NULL; 166 } 167 168 bin_clear_free(hapd->tmp_eap_user.identity, 169 hapd->tmp_eap_user.identity_len); 170 bin_clear_free(hapd->tmp_eap_user.password, 171 hapd->tmp_eap_user.password_len); 172 os_memset(&hapd->tmp_eap_user, 0, sizeof(hapd->tmp_eap_user)); 173 hapd->tmp_eap_user.phase2 = phase2; 174 hapd->tmp_eap_user.identity = os_zalloc(identity_len + 1); 175 if (hapd->tmp_eap_user.identity == NULL) 176 return NULL; 177 os_memcpy(hapd->tmp_eap_user.identity, identity, identity_len); 178 hapd->tmp_eap_user.identity_len = identity_len; 179 180 if (sqlite3_open(hapd->conf->eap_user_sqlite, &db)) { 181 wpa_printf(MSG_INFO, "DB: Failed to open database %s: %s", 182 hapd->conf->eap_user_sqlite, sqlite3_errmsg(db)); 183 sqlite3_close(db); 184 return NULL; 185 } 186 187 res = os_snprintf(cmd, sizeof(cmd), 188 "SELECT * FROM users WHERE identity='%s' AND phase2=%d;", 189 id_str, phase2); 190 if (os_snprintf_error(sizeof(cmd), res)) 191 goto fail; 192 193 wpa_printf(MSG_DEBUG, "DB: %s", cmd); 194 if (sqlite3_exec(db, cmd, get_user_cb, &hapd->tmp_eap_user, NULL) != 195 SQLITE_OK) { 196 wpa_printf(MSG_DEBUG, 197 "DB: Failed to complete SQL operation: %s db: %s", 198 sqlite3_errmsg(db), hapd->conf->eap_user_sqlite); 199 } else if (hapd->tmp_eap_user.next) 200 user = &hapd->tmp_eap_user; 201 202 if (user == NULL && !phase2) { 203 os_snprintf(cmd, sizeof(cmd), 204 "SELECT identity,methods FROM wildcards;"); 205 wpa_printf(MSG_DEBUG, "DB: %s", cmd); 206 if (sqlite3_exec(db, cmd, get_wildcard_cb, &hapd->tmp_eap_user, 207 NULL) != SQLITE_OK) { 208 wpa_printf(MSG_DEBUG, 209 "DB: Failed to complete SQL operation: %s db: %s", 210 sqlite3_errmsg(db), 211 hapd->conf->eap_user_sqlite); 212 } else if (hapd->tmp_eap_user.next) { 213 user = &hapd->tmp_eap_user; 214 os_free(user->identity); 215 user->identity = user->password; 216 user->identity_len = user->password_len; 217 user->password = NULL; 218 user->password_len = 0; 219 } 220 } 221 222 fail: 223 sqlite3_close(db); 224 225 return user; 226 } 227 228 #endif /* CONFIG_SQLITE */ 229 230 231 const struct hostapd_eap_user * 232 hostapd_get_eap_user(struct hostapd_data *hapd, const u8 *identity, 233 size_t identity_len, int phase2) 234 { 235 const struct hostapd_bss_config *conf = hapd->conf; 236 struct hostapd_eap_user *user = conf->eap_user; 237 238 #ifdef CONFIG_WPS 239 if (conf->wps_state && identity_len == WSC_ID_ENROLLEE_LEN && 240 os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0) { 241 static struct hostapd_eap_user wsc_enrollee; 242 os_memset(&wsc_enrollee, 0, sizeof(wsc_enrollee)); 243 wsc_enrollee.methods[0].method = eap_server_get_type( 244 "WSC", &wsc_enrollee.methods[0].vendor); 245 return &wsc_enrollee; 246 } 247 248 if (conf->wps_state && identity_len == WSC_ID_REGISTRAR_LEN && 249 os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) { 250 static struct hostapd_eap_user wsc_registrar; 251 os_memset(&wsc_registrar, 0, sizeof(wsc_registrar)); 252 wsc_registrar.methods[0].method = eap_server_get_type( 253 "WSC", &wsc_registrar.methods[0].vendor); 254 wsc_registrar.password = (u8 *) conf->ap_pin; 255 wsc_registrar.password_len = conf->ap_pin ? 256 os_strlen(conf->ap_pin) : 0; 257 return &wsc_registrar; 258 } 259 #endif /* CONFIG_WPS */ 260 261 while (user) { 262 if (!phase2 && user->identity == NULL) { 263 /* Wildcard match */ 264 break; 265 } 266 267 if (user->phase2 == !!phase2 && user->wildcard_prefix && 268 identity_len >= user->identity_len && 269 os_memcmp(user->identity, identity, user->identity_len) == 270 0) { 271 /* Wildcard prefix match */ 272 break; 273 } 274 275 if (user->phase2 == !!phase2 && 276 user->identity_len == identity_len && 277 os_memcmp(user->identity, identity, identity_len) == 0) 278 break; 279 user = user->next; 280 } 281 282 #ifdef CONFIG_SQLITE 283 if (user == NULL && conf->eap_user_sqlite) { 284 return eap_user_sqlite_get(hapd, identity, identity_len, 285 phase2); 286 } 287 #endif /* CONFIG_SQLITE */ 288 289 return user; 290 } 291