1 /* 2 * WPA Supplicant - driver interaction with BSD net80211 layer 3 * Copyright (c) 2004, Sam Leffler <sam@errno.com> 4 * Copyright (c) 2004, 2Wire, Inc 5 * 6 * This software may be distributed under the terms of the BSD license. 7 * See README for more details. 8 */ 9 10 #include "includes.h" 11 #include <sys/ioctl.h> 12 #include <sys/sysctl.h> 13 14 #include "common.h" 15 #include "driver.h" 16 #include "eloop.h" 17 #include "common/ieee802_11_defs.h" 18 #include "common/wpa_common.h" 19 20 #include <net/if.h> 21 #include <net/if_media.h> 22 23 #ifdef __NetBSD__ 24 #include <net/if_ether.h> 25 #else 26 #include <net/ethernet.h> 27 #endif 28 #include <net/route.h> 29 30 #ifdef __DragonFly__ 31 #include <netproto/802_11/ieee80211_ioctl.h> 32 #include <netproto/802_11/ieee80211_dragonfly.h> 33 #else /* __DragonFly__ */ 34 #ifdef __GLIBC__ 35 #include <netinet/ether.h> 36 #endif /* __GLIBC__ */ 37 #include <net80211/ieee80211.h> 38 #include <net80211/ieee80211_ioctl.h> 39 #include <net80211/ieee80211_crypto.h> 40 #endif /* __DragonFly__ || __GLIBC__ */ 41 #if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) 42 #include <net80211/ieee80211_freebsd.h> 43 #endif 44 #if __NetBSD__ 45 #include <net80211/ieee80211_netbsd.h> 46 #endif 47 48 #include "l2_packet/l2_packet.h" 49 50 struct bsd_driver_global { 51 void *ctx; 52 int sock; /* socket for 802.11 ioctls */ 53 int route; /* routing socket for events */ 54 char *event_buf; 55 size_t event_buf_len; 56 struct dl_list ifaces; /* list of interfaces */ 57 }; 58 59 struct bsd_driver_data { 60 struct dl_list list; 61 struct bsd_driver_global *global; 62 struct hostapd_data *hapd; /* back pointer */ 63 64 struct l2_packet_data *sock_xmit;/* raw packet xmit socket */ 65 char ifname[IFNAMSIZ+1]; /* interface name */ 66 int flags; 67 unsigned int ifindex; /* interface index */ 68 int if_removed; /* has the interface been removed? */ 69 void *ctx; 70 struct wpa_driver_capa capa; /* driver capability */ 71 int is_ap; /* Access point mode */ 72 int prev_roaming; /* roaming state to restore on deinit */ 73 int prev_privacy; /* privacy state to restore on deinit */ 74 int prev_wpa; /* wpa state to restore on deinit */ 75 enum ieee80211_opmode opmode; /* operation mode */ 76 }; 77 78 /* Generic functions for hostapd and wpa_supplicant */ 79 static struct bsd_driver_data * 80 bsd_get_drvindex(void *priv, unsigned int ifindex) 81 { 82 struct bsd_driver_global *global = priv; 83 struct bsd_driver_data *drv; 84 85 dl_list_for_each(drv, &global->ifaces, struct bsd_driver_data, list) { 86 if (drv->ifindex == ifindex) 87 return drv; 88 } 89 return NULL; 90 } 91 92 #ifndef HOSTAPD 93 static struct bsd_driver_data * 94 bsd_get_drvname(void *priv, const char *ifname) 95 { 96 struct bsd_driver_global *global = priv; 97 struct bsd_driver_data *drv; 98 99 dl_list_for_each(drv, &global->ifaces, struct bsd_driver_data, list) { 100 if (os_strcmp(drv->ifname, ifname) == 0) 101 return drv; 102 } 103 return NULL; 104 } 105 #endif /* HOSTAPD */ 106 107 static int 108 bsd_set80211(void *priv, int op, int val, const void *arg, int arg_len) 109 { 110 struct bsd_driver_data *drv = priv; 111 struct ieee80211req ireq; 112 113 if (drv->ifindex == 0 || drv->if_removed) 114 return -1; 115 116 os_memset(&ireq, 0, sizeof(ireq)); 117 os_strlcpy(ireq.i_name, drv->ifname, sizeof(ireq.i_name)); 118 ireq.i_type = op; 119 ireq.i_val = val; 120 ireq.i_data = (void *) arg; 121 ireq.i_len = arg_len; 122 123 if (ioctl(drv->global->sock, SIOCS80211, &ireq) < 0) { 124 wpa_printf(MSG_ERROR, "ioctl[SIOCS80211, op=%u, val=%u, " 125 "arg_len=%u]: %s", op, val, arg_len, 126 strerror(errno)); 127 return -1; 128 } 129 return 0; 130 } 131 132 static int 133 bsd_get80211(void *priv, struct ieee80211req *ireq, int op, void *arg, 134 int arg_len) 135 { 136 struct bsd_driver_data *drv = priv; 137 138 os_memset(ireq, 0, sizeof(*ireq)); 139 os_strlcpy(ireq->i_name, drv->ifname, sizeof(ireq->i_name)); 140 ireq->i_type = op; 141 ireq->i_len = arg_len; 142 ireq->i_data = arg; 143 144 if (ioctl(drv->global->sock, SIOCG80211, ireq) < 0) { 145 wpa_printf(MSG_ERROR, "ioctl[SIOCG80211, op=%u, " 146 "arg_len=%u]: %s", op, arg_len, strerror(errno)); 147 return -1; 148 } 149 return 0; 150 } 151 152 static int 153 get80211var(struct bsd_driver_data *drv, int op, void *arg, int arg_len) 154 { 155 struct ieee80211req ireq; 156 157 if (bsd_get80211(drv, &ireq, op, arg, arg_len) < 0) 158 return -1; 159 return ireq.i_len; 160 } 161 162 static int 163 set80211var(struct bsd_driver_data *drv, int op, const void *arg, int arg_len) 164 { 165 return bsd_set80211(drv, op, 0, arg, arg_len); 166 } 167 168 static int 169 set80211param(struct bsd_driver_data *drv, int op, int arg) 170 { 171 return bsd_set80211(drv, op, arg, NULL, 0); 172 } 173 174 static int 175 bsd_get_ssid(void *priv, u8 *ssid, int len) 176 { 177 struct bsd_driver_data *drv = priv; 178 #ifdef SIOCG80211NWID 179 struct ieee80211_nwid nwid; 180 struct ifreq ifr; 181 182 os_memset(&ifr, 0, sizeof(ifr)); 183 os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); 184 ifr.ifr_data = (void *)&nwid; 185 if (ioctl(drv->global->sock, SIOCG80211NWID, &ifr) < 0 || 186 nwid.i_len > IEEE80211_NWID_LEN) 187 return -1; 188 os_memcpy(ssid, nwid.i_nwid, nwid.i_len); 189 return nwid.i_len; 190 #else 191 return get80211var(drv, IEEE80211_IOC_SSID, ssid, IEEE80211_NWID_LEN); 192 #endif 193 } 194 195 static int 196 bsd_set_ssid(void *priv, const u8 *ssid, int ssid_len) 197 { 198 struct bsd_driver_data *drv = priv; 199 #ifdef SIOCS80211NWID 200 struct ieee80211_nwid nwid; 201 struct ifreq ifr; 202 203 os_memcpy(nwid.i_nwid, ssid, ssid_len); 204 nwid.i_len = ssid_len; 205 os_memset(&ifr, 0, sizeof(ifr)); 206 os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); 207 ifr.ifr_data = (void *)&nwid; 208 return ioctl(drv->global->sock, SIOCS80211NWID, &ifr); 209 #else 210 return set80211var(drv, IEEE80211_IOC_SSID, ssid, ssid_len); 211 #endif 212 } 213 214 static int 215 bsd_get_if_media(void *priv) 216 { 217 struct bsd_driver_data *drv = priv; 218 struct ifmediareq ifmr; 219 220 os_memset(&ifmr, 0, sizeof(ifmr)); 221 os_strlcpy(ifmr.ifm_name, drv->ifname, sizeof(ifmr.ifm_name)); 222 223 if (ioctl(drv->global->sock, SIOCGIFMEDIA, &ifmr) < 0) { 224 wpa_printf(MSG_ERROR, "%s: SIOCGIFMEDIA %s", __func__, 225 strerror(errno)); 226 return -1; 227 } 228 229 return ifmr.ifm_current; 230 } 231 232 static int 233 bsd_set_if_media(void *priv, int media) 234 { 235 struct bsd_driver_data *drv = priv; 236 struct ifreq ifr; 237 238 os_memset(&ifr, 0, sizeof(ifr)); 239 os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); 240 ifr.ifr_media = media; 241 242 if (ioctl(drv->global->sock, SIOCSIFMEDIA, &ifr) < 0) { 243 wpa_printf(MSG_ERROR, "%s: SIOCSIFMEDIA %s", __func__, 244 strerror(errno)); 245 return -1; 246 } 247 248 return 0; 249 } 250 251 static int 252 bsd_set_mediaopt(void *priv, uint32_t mask, uint32_t mode) 253 { 254 int media = bsd_get_if_media(priv); 255 256 if (media < 0) 257 return -1; 258 media &= ~mask; 259 media |= mode; 260 if (bsd_set_if_media(priv, media) < 0) 261 return -1; 262 return 0; 263 } 264 265 static int 266 bsd_del_key(void *priv, const u8 *addr, int key_idx) 267 { 268 struct ieee80211req_del_key wk; 269 270 os_memset(&wk, 0, sizeof(wk)); 271 if (addr == NULL) { 272 wpa_printf(MSG_DEBUG, "%s: key_idx=%d", __func__, key_idx); 273 wk.idk_keyix = key_idx; 274 } else { 275 wpa_printf(MSG_DEBUG, "%s: addr=" MACSTR, __func__, 276 MAC2STR(addr)); 277 os_memcpy(wk.idk_macaddr, addr, IEEE80211_ADDR_LEN); 278 wk.idk_keyix = (u_int8_t) IEEE80211_KEYIX_NONE; /* XXX */ 279 } 280 281 return set80211var(priv, IEEE80211_IOC_DELKEY, &wk, sizeof(wk)); 282 } 283 284 static int 285 bsd_send_mlme_param(void *priv, const u8 op, const u16 reason, const u8 *addr) 286 { 287 struct ieee80211req_mlme mlme; 288 289 os_memset(&mlme, 0, sizeof(mlme)); 290 mlme.im_op = op; 291 mlme.im_reason = reason; 292 os_memcpy(mlme.im_macaddr, addr, IEEE80211_ADDR_LEN); 293 return set80211var(priv, IEEE80211_IOC_MLME, &mlme, sizeof(mlme)); 294 } 295 296 static int 297 bsd_ctrl_iface(void *priv, int enable) 298 { 299 struct bsd_driver_data *drv = priv; 300 struct ifreq ifr; 301 302 os_memset(&ifr, 0, sizeof(ifr)); 303 os_strlcpy(ifr.ifr_name, drv->ifname, sizeof(ifr.ifr_name)); 304 305 if (ioctl(drv->global->sock, SIOCGIFFLAGS, &ifr) < 0) { 306 wpa_printf(MSG_ERROR, "ioctl[SIOCGIFFLAGS]: %s", 307 strerror(errno)); 308 return -1; 309 } 310 drv->flags = ifr.ifr_flags; 311 312 if (enable) { 313 if (ifr.ifr_flags & IFF_UP) 314 return 0; 315 ifr.ifr_flags |= IFF_UP; 316 } else { 317 if (!(ifr.ifr_flags & IFF_UP)) 318 return 0; 319 ifr.ifr_flags &= ~IFF_UP; 320 } 321 322 if (ioctl(drv->global->sock, SIOCSIFFLAGS, &ifr) < 0) { 323 wpa_printf(MSG_ERROR, "ioctl[SIOCSIFFLAGS]: %s", 324 strerror(errno)); 325 return -1; 326 } 327 328 drv->flags = ifr.ifr_flags; 329 return 0; 330 } 331 332 static int 333 bsd_set_key(const char *ifname, void *priv, enum wpa_alg alg, 334 const unsigned char *addr, int key_idx, int set_tx, const u8 *seq, 335 size_t seq_len, const u8 *key, size_t key_len) 336 { 337 struct ieee80211req_key wk; 338 #ifdef IEEE80211_KEY_NOREPLAY 339 struct bsd_driver_data *drv = priv; 340 #endif /* IEEE80211_KEY_NOREPLAY */ 341 342 wpa_printf(MSG_DEBUG, "%s: alg=%d addr=%p key_idx=%d set_tx=%d " 343 "seq_len=%zu key_len=%zu", __func__, alg, addr, key_idx, 344 set_tx, seq_len, key_len); 345 346 if (alg == WPA_ALG_NONE) { 347 #ifndef HOSTAPD 348 if (addr == NULL || is_broadcast_ether_addr(addr)) 349 return bsd_del_key(priv, NULL, key_idx); 350 else 351 #endif /* HOSTAPD */ 352 return bsd_del_key(priv, addr, key_idx); 353 } 354 355 os_memset(&wk, 0, sizeof(wk)); 356 switch (alg) { 357 case WPA_ALG_WEP: 358 wk.ik_type = IEEE80211_CIPHER_WEP; 359 break; 360 case WPA_ALG_TKIP: 361 wk.ik_type = IEEE80211_CIPHER_TKIP; 362 break; 363 case WPA_ALG_CCMP: 364 wk.ik_type = IEEE80211_CIPHER_AES_CCM; 365 break; 366 default: 367 wpa_printf(MSG_ERROR, "%s: unknown alg=%d", __func__, alg); 368 return -1; 369 } 370 371 wk.ik_flags = IEEE80211_KEY_RECV; 372 if (set_tx) 373 wk.ik_flags |= IEEE80211_KEY_XMIT; 374 375 if (addr == NULL) { 376 os_memset(wk.ik_macaddr, 0xff, IEEE80211_ADDR_LEN); 377 wk.ik_keyix = key_idx; 378 } else { 379 os_memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN); 380 /* 381 * Deduce whether group/global or unicast key by checking 382 * the address (yech). Note also that we can only mark global 383 * keys default; doing this for a unicast key is an error. 384 */ 385 if (is_broadcast_ether_addr(addr)) { 386 wk.ik_flags |= IEEE80211_KEY_GROUP; 387 wk.ik_keyix = key_idx; 388 } else { 389 wk.ik_keyix = key_idx == 0 ? IEEE80211_KEYIX_NONE : 390 key_idx; 391 } 392 } 393 if (wk.ik_keyix != IEEE80211_KEYIX_NONE && set_tx) 394 wk.ik_flags |= IEEE80211_KEY_DEFAULT; 395 #ifndef HOSTAPD 396 #ifdef IEEE80211_KEY_NOREPLAY 397 /* 398 * Ignore replay failures in IBSS and AHDEMO mode. 399 */ 400 if (drv->opmode == IEEE80211_M_IBSS || 401 drv->opmode == IEEE80211_M_AHDEMO) 402 wk.ik_flags |= IEEE80211_KEY_NOREPLAY; 403 #endif /* IEEE80211_KEY_NOREPLAY */ 404 #endif /* HOSTAPD */ 405 wk.ik_keylen = key_len; 406 if (seq) { 407 #ifdef WORDS_BIGENDIAN 408 /* 409 * wk.ik_keyrsc is in host byte order (big endian), need to 410 * swap it to match with the byte order used in WPA. 411 */ 412 int i; 413 u8 *keyrsc = (u8 *) &wk.ik_keyrsc; 414 for (i = 0; i < seq_len; i++) 415 keyrsc[WPA_KEY_RSC_LEN - i - 1] = seq[i]; 416 #else /* WORDS_BIGENDIAN */ 417 os_memcpy(&wk.ik_keyrsc, seq, seq_len); 418 #endif /* WORDS_BIGENDIAN */ 419 } 420 os_memcpy(wk.ik_keydata, key, key_len); 421 422 return set80211var(priv, IEEE80211_IOC_WPAKEY, &wk, sizeof(wk)); 423 } 424 425 static int 426 bsd_configure_wpa(void *priv, struct wpa_bss_params *params) 427 { 428 #ifndef IEEE80211_IOC_APPIE 429 static const char *ciphernames[] = 430 { "WEP", "TKIP", "AES-OCB", "AES-CCM", "CKIP", "NONE" }; 431 int v; 432 433 switch (params->wpa_group) { 434 case WPA_CIPHER_CCMP: 435 v = IEEE80211_CIPHER_AES_CCM; 436 break; 437 case WPA_CIPHER_TKIP: 438 v = IEEE80211_CIPHER_TKIP; 439 break; 440 case WPA_CIPHER_WEP104: 441 v = IEEE80211_CIPHER_WEP; 442 break; 443 case WPA_CIPHER_WEP40: 444 v = IEEE80211_CIPHER_WEP; 445 break; 446 case WPA_CIPHER_NONE: 447 v = IEEE80211_CIPHER_NONE; 448 break; 449 default: 450 wpa_printf(MSG_INFO, "Unknown group key cipher %u", 451 params->wpa_group); 452 return -1; 453 } 454 wpa_printf(MSG_DEBUG, "%s: group key cipher=%s (%u)", 455 __func__, ciphernames[v], v); 456 if (set80211param(priv, IEEE80211_IOC_MCASTCIPHER, v)) { 457 wpa_printf(MSG_INFO, 458 "Unable to set group key cipher to %u (%s)", 459 v, ciphernames[v]); 460 return -1; 461 } 462 if (v == IEEE80211_CIPHER_WEP) { 463 /* key length is done only for specific ciphers */ 464 v = (params->wpa_group == WPA_CIPHER_WEP104 ? 13 : 5); 465 if (set80211param(priv, IEEE80211_IOC_MCASTKEYLEN, v)) { 466 wpa_printf(MSG_INFO, 467 "Unable to set group key length to %u", v); 468 return -1; 469 } 470 } 471 472 v = 0; 473 if (params->wpa_pairwise & WPA_CIPHER_CCMP) 474 v |= 1<<IEEE80211_CIPHER_AES_CCM; 475 if (params->wpa_pairwise & WPA_CIPHER_TKIP) 476 v |= 1<<IEEE80211_CIPHER_TKIP; 477 if (params->wpa_pairwise & WPA_CIPHER_NONE) 478 v |= 1<<IEEE80211_CIPHER_NONE; 479 wpa_printf(MSG_DEBUG, "%s: pairwise key ciphers=0x%x", __func__, v); 480 if (set80211param(priv, IEEE80211_IOC_UCASTCIPHERS, v)) { 481 wpa_printf(MSG_INFO, 482 "Unable to set pairwise key ciphers to 0x%x", v); 483 return -1; 484 } 485 486 wpa_printf(MSG_DEBUG, "%s: key management algorithms=0x%x", 487 __func__, params->wpa_key_mgmt); 488 if (set80211param(priv, IEEE80211_IOC_KEYMGTALGS, 489 params->wpa_key_mgmt)) { 490 wpa_printf(MSG_INFO, 491 "Unable to set key management algorithms to 0x%x", 492 params->wpa_key_mgmt); 493 return -1; 494 } 495 496 v = 0; 497 if (params->rsn_preauth) 498 v |= BIT(0); 499 wpa_printf(MSG_DEBUG, "%s: rsn capabilities=0x%x", 500 __func__, params->rsn_preauth); 501 if (set80211param(priv, IEEE80211_IOC_RSNCAPS, v)) { 502 wpa_printf(MSG_INFO, "Unable to set RSN capabilities to 0x%x", 503 v); 504 return -1; 505 } 506 #endif /* IEEE80211_IOC_APPIE */ 507 508 wpa_printf(MSG_DEBUG, "%s: enable WPA= 0x%x", __func__, params->wpa); 509 if (set80211param(priv, IEEE80211_IOC_WPA, params->wpa)) { 510 wpa_printf(MSG_INFO, "Unable to set WPA to %u", params->wpa); 511 return -1; 512 } 513 return 0; 514 } 515 516 static int 517 bsd_set_ieee8021x(void *priv, struct wpa_bss_params *params) 518 { 519 wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, params->enabled); 520 521 if (!params->enabled) { 522 /* XXX restore state */ 523 return set80211param(priv, IEEE80211_IOC_AUTHMODE, 524 IEEE80211_AUTH_AUTO); 525 } 526 if (!params->wpa && !params->ieee802_1x) { 527 wpa_printf(MSG_ERROR, "%s: No 802.1X or WPA enabled", 528 __func__); 529 return -1; 530 } 531 if (params->wpa && bsd_configure_wpa(priv, params) != 0) { 532 wpa_printf(MSG_ERROR, "%s: Failed to configure WPA state", 533 __func__); 534 return -1; 535 } 536 if (set80211param(priv, IEEE80211_IOC_AUTHMODE, 537 (params->wpa ? IEEE80211_AUTH_WPA : IEEE80211_AUTH_8021X))) { 538 wpa_printf(MSG_ERROR, "%s: Failed to enable WPA/802.1X", 539 __func__); 540 return -1; 541 } 542 return bsd_ctrl_iface(priv, 1); 543 } 544 545 static void 546 bsd_new_sta(void *priv, void *ctx, u8 addr[IEEE80211_ADDR_LEN]) 547 { 548 struct ieee80211req_wpaie ie; 549 int ielen = 0; 550 u8 *iebuf = NULL; 551 552 /* 553 * Fetch and validate any negotiated WPA/RSN parameters. 554 */ 555 memset(&ie, 0, sizeof(ie)); 556 memcpy(ie.wpa_macaddr, addr, IEEE80211_ADDR_LEN); 557 if (get80211var(priv, IEEE80211_IOC_WPAIE, &ie, sizeof(ie)) < 0) { 558 wpa_printf(MSG_INFO, 559 "Failed to get WPA/RSN information element"); 560 goto no_ie; 561 } 562 iebuf = ie.wpa_ie; 563 ielen = ie.wpa_ie[1]; 564 if (ielen == 0) 565 iebuf = NULL; 566 else 567 ielen += 2; 568 569 no_ie: 570 drv_event_assoc(ctx, addr, iebuf, ielen, 0); 571 } 572 573 static int 574 bsd_send_eapol(void *priv, const u8 *addr, const u8 *data, size_t data_len, 575 int encrypt, const u8 *own_addr, u32 flags) 576 { 577 struct bsd_driver_data *drv = priv; 578 579 wpa_hexdump(MSG_MSGDUMP, "TX EAPOL", data, data_len); 580 581 return l2_packet_send(drv->sock_xmit, addr, ETH_P_EAPOL, data, 582 data_len); 583 } 584 585 static int 586 bsd_set_freq(void *priv, struct hostapd_freq_params *freq) 587 { 588 struct bsd_driver_data *drv = priv; 589 #ifdef SIOCS80211CHANNEL 590 struct ieee80211chanreq creq; 591 #endif /* SIOCS80211CHANNEL */ 592 u32 mode; 593 int channel = freq->channel; 594 595 if (channel < 14) { 596 mode = 597 #ifdef CONFIG_IEEE80211N 598 freq->ht_enabled ? IFM_IEEE80211_11NG : 599 #endif /* CONFIG_IEEE80211N */ 600 IFM_IEEE80211_11G; 601 } else if (channel == 14) { 602 mode = IFM_IEEE80211_11B; 603 } else { 604 mode = 605 #ifdef CONFIG_IEEE80211N 606 freq->ht_enabled ? IFM_IEEE80211_11NA : 607 #endif /* CONFIG_IEEE80211N */ 608 IFM_IEEE80211_11A; 609 } 610 if (bsd_set_mediaopt(drv, IFM_MMASK, mode) < 0) { 611 wpa_printf(MSG_ERROR, "%s: failed to set modulation mode", 612 __func__); 613 return -1; 614 } 615 616 #ifdef SIOCS80211CHANNEL 617 os_memset(&creq, 0, sizeof(creq)); 618 os_strlcpy(creq.i_name, drv->ifname, sizeof(creq.i_name)); 619 creq.i_channel = (u_int16_t)channel; 620 return ioctl(drv->global->sock, SIOCS80211CHANNEL, &creq); 621 #else /* SIOCS80211CHANNEL */ 622 return set80211param(priv, IEEE80211_IOC_CHANNEL, channel); 623 #endif /* SIOCS80211CHANNEL */ 624 } 625 626 static int 627 bsd_set_opt_ie(void *priv, const u8 *ie, size_t ie_len) 628 { 629 #ifdef IEEE80211_IOC_APPIE 630 wpa_printf(MSG_DEBUG, "%s: set WPA+RSN ie (len %lu)", __func__, 631 (unsigned long)ie_len); 632 return bsd_set80211(priv, IEEE80211_IOC_APPIE, IEEE80211_APPIE_WPA, 633 ie, ie_len); 634 #endif /* IEEE80211_IOC_APPIE */ 635 return 0; 636 } 637 638 static size_t 639 rtbuf_len(void) 640 { 641 size_t len; 642 643 int mib[6] = {CTL_NET, AF_ROUTE, 0, AF_INET, NET_RT_DUMP, 0}; 644 645 if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) { 646 wpa_printf(MSG_WARNING, "%s failed: %s", __func__, 647 strerror(errno)); 648 len = 2048; 649 } 650 651 return len; 652 } 653 654 #ifdef HOSTAPD 655 656 /* 657 * Avoid conflicts with hostapd definitions by undefining couple of defines 658 * from net80211 header files. 659 */ 660 #undef RSN_VERSION 661 #undef WPA_VERSION 662 #undef WPA_OUI_TYPE 663 664 static int bsd_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, 665 u16 reason_code); 666 667 static const char * 668 ether_sprintf(const u8 *addr) 669 { 670 static char buf[sizeof(MACSTR)]; 671 672 if (addr != NULL) 673 snprintf(buf, sizeof(buf), MACSTR, MAC2STR(addr)); 674 else 675 snprintf(buf, sizeof(buf), MACSTR, 0,0,0,0,0,0); 676 return buf; 677 } 678 679 static int 680 bsd_set_privacy(void *priv, int enabled) 681 { 682 wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); 683 684 return set80211param(priv, IEEE80211_IOC_PRIVACY, enabled); 685 } 686 687 static int 688 bsd_get_seqnum(const char *ifname, void *priv, const u8 *addr, int idx, 689 u8 *seq) 690 { 691 struct ieee80211req_key wk; 692 693 wpa_printf(MSG_DEBUG, "%s: addr=%s idx=%d", 694 __func__, ether_sprintf(addr), idx); 695 696 memset(&wk, 0, sizeof(wk)); 697 if (addr == NULL) 698 memset(wk.ik_macaddr, 0xff, IEEE80211_ADDR_LEN); 699 else 700 memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN); 701 wk.ik_keyix = idx; 702 703 if (get80211var(priv, IEEE80211_IOC_WPAKEY, &wk, sizeof(wk)) < 0) { 704 wpa_printf(MSG_INFO, "Failed to get encryption"); 705 return -1; 706 } 707 708 #ifdef WORDS_BIGENDIAN 709 { 710 /* 711 * wk.ik_keytsc is in host byte order (big endian), need to 712 * swap it to match with the byte order used in WPA. 713 */ 714 int i; 715 u8 tmp[WPA_KEY_RSC_LEN]; 716 memcpy(tmp, &wk.ik_keytsc, sizeof(wk.ik_keytsc)); 717 for (i = 0; i < WPA_KEY_RSC_LEN; i++) { 718 seq[i] = tmp[WPA_KEY_RSC_LEN - i - 1]; 719 } 720 } 721 #else /* WORDS_BIGENDIAN */ 722 memcpy(seq, &wk.ik_keytsc, sizeof(wk.ik_keytsc)); 723 #endif /* WORDS_BIGENDIAN */ 724 return 0; 725 } 726 727 728 static int 729 bsd_flush(void *priv) 730 { 731 u8 allsta[IEEE80211_ADDR_LEN]; 732 733 memset(allsta, 0xff, IEEE80211_ADDR_LEN); 734 return bsd_sta_deauth(priv, NULL, allsta, IEEE80211_REASON_AUTH_LEAVE); 735 } 736 737 738 static int 739 bsd_read_sta_driver_data(void *priv, struct hostap_sta_driver_data *data, 740 const u8 *addr) 741 { 742 struct ieee80211req_sta_stats stats; 743 744 memcpy(stats.is_u.macaddr, addr, IEEE80211_ADDR_LEN); 745 if (get80211var(priv, IEEE80211_IOC_STA_STATS, &stats, sizeof(stats)) 746 > 0) { 747 /* XXX? do packets counts include non-data frames? */ 748 data->rx_packets = stats.is_stats.ns_rx_data; 749 data->rx_bytes = stats.is_stats.ns_rx_bytes; 750 data->tx_packets = stats.is_stats.ns_tx_data; 751 data->tx_bytes = stats.is_stats.ns_tx_bytes; 752 } 753 return 0; 754 } 755 756 static int 757 bsd_sta_deauth(void *priv, const u8 *own_addr, const u8 *addr, u16 reason_code) 758 { 759 return bsd_send_mlme_param(priv, IEEE80211_MLME_DEAUTH, reason_code, 760 addr); 761 } 762 763 static int 764 bsd_sta_disassoc(void *priv, const u8 *own_addr, const u8 *addr, 765 u16 reason_code) 766 { 767 return bsd_send_mlme_param(priv, IEEE80211_MLME_DISASSOC, reason_code, 768 addr); 769 } 770 771 static void 772 bsd_wireless_event_receive(int sock, void *ctx, void *sock_ctx) 773 { 774 struct bsd_driver_global *global = sock_ctx; 775 struct bsd_driver_data *drv; 776 struct if_announcemsghdr *ifan; 777 struct rt_msghdr *rtm; 778 struct ieee80211_michael_event *mic; 779 struct ieee80211_join_event *join; 780 struct ieee80211_leave_event *leave; 781 int n; 782 union wpa_event_data data; 783 784 n = read(sock, global->event_buf, global->event_buf_len); 785 if (n < 0) { 786 if (errno != EINTR && errno != EAGAIN) 787 wpa_printf(MSG_ERROR, "%s read() failed: %s", 788 __func__, strerror(errno)); 789 return; 790 } 791 792 rtm = (struct rt_msghdr *) global->event_buf; 793 if (rtm->rtm_version != RTM_VERSION) { 794 wpa_printf(MSG_DEBUG, "Invalid routing message version=%d", 795 rtm->rtm_version); 796 return; 797 } 798 switch (rtm->rtm_type) { 799 case RTM_IEEE80211: 800 ifan = (struct if_announcemsghdr *) rtm; 801 drv = bsd_get_drvindex(global, ifan->ifan_index); 802 if (drv == NULL) 803 return; 804 switch (ifan->ifan_what) { 805 case RTM_IEEE80211_ASSOC: 806 case RTM_IEEE80211_REASSOC: 807 case RTM_IEEE80211_DISASSOC: 808 case RTM_IEEE80211_SCAN: 809 break; 810 case RTM_IEEE80211_LEAVE: 811 leave = (struct ieee80211_leave_event *) &ifan[1]; 812 drv_event_disassoc(drv->hapd, leave->iev_addr); 813 break; 814 case RTM_IEEE80211_JOIN: 815 #ifdef RTM_IEEE80211_REJOIN 816 case RTM_IEEE80211_REJOIN: 817 #endif 818 join = (struct ieee80211_join_event *) &ifan[1]; 819 bsd_new_sta(drv, drv->hapd, join->iev_addr); 820 break; 821 case RTM_IEEE80211_REPLAY: 822 /* ignore */ 823 break; 824 case RTM_IEEE80211_MICHAEL: 825 mic = (struct ieee80211_michael_event *) &ifan[1]; 826 wpa_printf(MSG_DEBUG, 827 "Michael MIC failure wireless event: " 828 "keyix=%u src_addr=" MACSTR, mic->iev_keyix, 829 MAC2STR(mic->iev_src)); 830 os_memset(&data, 0, sizeof(data)); 831 data.michael_mic_failure.unicast = 1; 832 data.michael_mic_failure.src = mic->iev_src; 833 wpa_supplicant_event(drv->hapd, 834 EVENT_MICHAEL_MIC_FAILURE, &data); 835 break; 836 } 837 break; 838 } 839 } 840 841 static void 842 handle_read(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) 843 { 844 struct bsd_driver_data *drv = ctx; 845 drv_event_eapol_rx(drv->hapd, src_addr, buf, len); 846 } 847 848 static void * 849 bsd_init(struct hostapd_data *hapd, struct wpa_init_params *params) 850 { 851 struct bsd_driver_data *drv; 852 853 drv = os_zalloc(sizeof(struct bsd_driver_data)); 854 if (drv == NULL) { 855 wpa_printf(MSG_ERROR, "Could not allocate memory for bsd driver data"); 856 return NULL; 857 } 858 859 drv->ifindex = if_nametoindex(params->ifname); 860 if (drv->ifindex == 0) { 861 wpa_printf(MSG_DEBUG, "%s: interface %s does not exist", 862 __func__, params->ifname); 863 goto bad; 864 } 865 866 drv->hapd = hapd; 867 drv->global = params->global_priv; 868 os_strlcpy(drv->ifname, params->ifname, sizeof(drv->ifname)); 869 870 drv->sock_xmit = l2_packet_init(drv->ifname, NULL, ETH_P_EAPOL, 871 handle_read, drv, 0); 872 if (drv->sock_xmit == NULL) 873 goto bad; 874 if (l2_packet_get_own_addr(drv->sock_xmit, params->own_addr)) 875 goto bad; 876 877 /* mark down during setup */ 878 if (bsd_ctrl_iface(drv, 0) < 0) 879 goto bad; 880 881 if (bsd_set_mediaopt(drv, IFM_OMASK, IFM_IEEE80211_HOSTAP) < 0) { 882 wpa_printf(MSG_ERROR, "%s: failed to set operation mode", 883 __func__); 884 goto bad; 885 } 886 887 dl_list_add(&drv->global->ifaces, &drv->list); 888 889 return drv; 890 bad: 891 if (drv->sock_xmit != NULL) 892 l2_packet_deinit(drv->sock_xmit); 893 os_free(drv); 894 return NULL; 895 } 896 897 898 static void 899 bsd_deinit(void *priv) 900 { 901 struct bsd_driver_data *drv = priv; 902 903 if (drv->ifindex != 0) 904 bsd_ctrl_iface(drv, 0); 905 if (drv->sock_xmit != NULL) 906 l2_packet_deinit(drv->sock_xmit); 907 os_free(drv); 908 } 909 910 911 static int 912 bsd_commit(void *priv) 913 { 914 return bsd_ctrl_iface(priv, 1); 915 } 916 917 918 static int 919 bsd_set_sta_authorized(void *priv, const u8 *addr, 920 unsigned int total_flags, unsigned int flags_or, 921 unsigned int flags_and) 922 { 923 int authorized = -1; 924 925 /* For now, only support setting Authorized flag */ 926 if (flags_or & WPA_STA_AUTHORIZED) 927 authorized = 1; 928 if (!(flags_and & WPA_STA_AUTHORIZED)) 929 authorized = 0; 930 931 if (authorized < 0) 932 return 0; 933 934 return bsd_send_mlme_param(priv, authorized ? 935 IEEE80211_MLME_AUTHORIZE : 936 IEEE80211_MLME_UNAUTHORIZE, 0, addr); 937 } 938 #else /* HOSTAPD */ 939 940 static int 941 get80211param(struct bsd_driver_data *drv, int op) 942 { 943 struct ieee80211req ireq; 944 945 if (bsd_get80211(drv, &ireq, op, NULL, 0) < 0) 946 return -1; 947 return ireq.i_val; 948 } 949 950 static int 951 wpa_driver_bsd_get_bssid(void *priv, u8 *bssid) 952 { 953 struct bsd_driver_data *drv = priv; 954 #ifdef SIOCG80211BSSID 955 struct ieee80211_bssid bs; 956 957 os_strlcpy(bs.i_name, drv->ifname, sizeof(bs.i_name)); 958 if (ioctl(drv->global->sock, SIOCG80211BSSID, &bs) < 0) 959 return -1; 960 os_memcpy(bssid, bs.i_bssid, sizeof(bs.i_bssid)); 961 return 0; 962 #else 963 return get80211var(drv, IEEE80211_IOC_BSSID, 964 bssid, IEEE80211_ADDR_LEN) < 0 ? -1 : 0; 965 #endif 966 } 967 968 static int 969 wpa_driver_bsd_get_ssid(void *priv, u8 *ssid) 970 { 971 struct bsd_driver_data *drv = priv; 972 return bsd_get_ssid(drv, ssid, 0); 973 } 974 975 static int 976 wpa_driver_bsd_set_wpa_ie(struct bsd_driver_data *drv, const u8 *wpa_ie, 977 size_t wpa_ie_len) 978 { 979 #ifdef IEEE80211_IOC_APPIE 980 return bsd_set_opt_ie(drv, wpa_ie, wpa_ie_len); 981 #else /* IEEE80211_IOC_APPIE */ 982 return set80211var(drv, IEEE80211_IOC_OPTIE, wpa_ie, wpa_ie_len); 983 #endif /* IEEE80211_IOC_APPIE */ 984 } 985 986 static int 987 wpa_driver_bsd_set_wpa_internal(void *priv, int wpa, int privacy) 988 { 989 int ret = 0; 990 991 wpa_printf(MSG_DEBUG, "%s: wpa=%d privacy=%d", 992 __func__, wpa, privacy); 993 994 if (!wpa && wpa_driver_bsd_set_wpa_ie(priv, NULL, 0) < 0) 995 ret = -1; 996 if (set80211param(priv, IEEE80211_IOC_PRIVACY, privacy) < 0) 997 ret = -1; 998 if (set80211param(priv, IEEE80211_IOC_WPA, wpa) < 0) 999 ret = -1; 1000 1001 return ret; 1002 } 1003 1004 static int 1005 wpa_driver_bsd_set_wpa(void *priv, int enabled) 1006 { 1007 wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); 1008 1009 return wpa_driver_bsd_set_wpa_internal(priv, enabled ? 3 : 0, enabled); 1010 } 1011 1012 static int 1013 wpa_driver_bsd_set_countermeasures(void *priv, int enabled) 1014 { 1015 wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); 1016 return set80211param(priv, IEEE80211_IOC_COUNTERMEASURES, enabled); 1017 } 1018 1019 1020 static int 1021 wpa_driver_bsd_set_drop_unencrypted(void *priv, int enabled) 1022 { 1023 wpa_printf(MSG_DEBUG, "%s: enabled=%d", __func__, enabled); 1024 return set80211param(priv, IEEE80211_IOC_DROPUNENCRYPTED, enabled); 1025 } 1026 1027 static int 1028 wpa_driver_bsd_deauthenticate(void *priv, const u8 *addr, u16 reason_code) 1029 { 1030 return bsd_send_mlme_param(priv, IEEE80211_MLME_DEAUTH, reason_code, 1031 addr); 1032 } 1033 1034 static int 1035 wpa_driver_bsd_set_auth_alg(void *priv, int auth_alg) 1036 { 1037 int authmode; 1038 1039 if ((auth_alg & WPA_AUTH_ALG_OPEN) && 1040 (auth_alg & WPA_AUTH_ALG_SHARED)) 1041 authmode = IEEE80211_AUTH_AUTO; 1042 else if (auth_alg & WPA_AUTH_ALG_SHARED) 1043 authmode = IEEE80211_AUTH_SHARED; 1044 else 1045 authmode = IEEE80211_AUTH_OPEN; 1046 1047 return set80211param(priv, IEEE80211_IOC_AUTHMODE, authmode); 1048 } 1049 1050 static void 1051 handle_read(void *ctx, const u8 *src_addr, const u8 *buf, size_t len) 1052 { 1053 struct bsd_driver_data *drv = ctx; 1054 1055 drv_event_eapol_rx(drv->ctx, src_addr, buf, len); 1056 } 1057 1058 static int 1059 wpa_driver_bsd_associate(void *priv, struct wpa_driver_associate_params *params) 1060 { 1061 struct bsd_driver_data *drv = priv; 1062 struct ieee80211req_mlme mlme; 1063 u32 mode; 1064 int privacy; 1065 int ret = 0; 1066 1067 wpa_printf(MSG_DEBUG, 1068 "%s: ssid '%.*s' wpa ie len %u pairwise %u group %u key mgmt %u" 1069 , __func__ 1070 , (unsigned int) params->ssid_len, params->ssid 1071 , (unsigned int) params->wpa_ie_len 1072 , params->pairwise_suite 1073 , params->group_suite 1074 , params->key_mgmt_suite 1075 ); 1076 1077 switch (params->mode) { 1078 case IEEE80211_MODE_INFRA: 1079 mode = 0 /* STA */; 1080 break; 1081 case IEEE80211_MODE_IBSS: 1082 /* 1083 * Ref bin/203086 - FreeBSD's net80211 currently uses 1084 * IFM_IEEE80211_ADHOC. 1085 */ 1086 #if 0 1087 mode = IFM_IEEE80211_IBSS; 1088 #endif 1089 mode = IFM_IEEE80211_ADHOC; 1090 break; 1091 case IEEE80211_MODE_AP: 1092 mode = IFM_IEEE80211_HOSTAP; 1093 break; 1094 default: 1095 wpa_printf(MSG_ERROR, "%s: unknown operation mode", __func__); 1096 return -1; 1097 } 1098 if (bsd_set_mediaopt(drv, IFM_OMASK, mode) < 0) { 1099 wpa_printf(MSG_ERROR, "%s: failed to set operation mode", 1100 __func__); 1101 return -1; 1102 } 1103 1104 if (params->mode == IEEE80211_MODE_AP) { 1105 drv->sock_xmit = l2_packet_init(drv->ifname, NULL, ETH_P_EAPOL, 1106 handle_read, drv, 0); 1107 if (drv->sock_xmit == NULL) 1108 return -1; 1109 drv->is_ap = 1; 1110 return 0; 1111 } 1112 1113 if (wpa_driver_bsd_set_drop_unencrypted(drv, params->drop_unencrypted) 1114 < 0) 1115 ret = -1; 1116 if (wpa_driver_bsd_set_auth_alg(drv, params->auth_alg) < 0) 1117 ret = -1; 1118 /* XXX error handling is wrong but unclear what to do... */ 1119 if (wpa_driver_bsd_set_wpa_ie(drv, params->wpa_ie, params->wpa_ie_len) < 0) 1120 return -1; 1121 1122 privacy = !(params->pairwise_suite == WPA_CIPHER_NONE && 1123 params->group_suite == WPA_CIPHER_NONE && 1124 params->key_mgmt_suite == WPA_KEY_MGMT_NONE && 1125 params->wpa_ie_len == 0); 1126 wpa_printf(MSG_DEBUG, "%s: set PRIVACY %u", __func__, privacy); 1127 1128 if (set80211param(drv, IEEE80211_IOC_PRIVACY, privacy) < 0) 1129 return -1; 1130 1131 if (params->wpa_ie_len && 1132 set80211param(drv, IEEE80211_IOC_WPA, 1133 params->wpa_ie[0] == WLAN_EID_RSN ? 2 : 1) < 0) 1134 return -1; 1135 1136 /* 1137 * NB: interface must be marked UP for association 1138 * or scanning (ap_scan=2) 1139 */ 1140 if (bsd_ctrl_iface(drv, 1) < 0) 1141 return -1; 1142 1143 os_memset(&mlme, 0, sizeof(mlme)); 1144 mlme.im_op = IEEE80211_MLME_ASSOC; 1145 if (params->ssid != NULL) 1146 os_memcpy(mlme.im_ssid, params->ssid, params->ssid_len); 1147 mlme.im_ssid_len = params->ssid_len; 1148 if (params->bssid != NULL) 1149 os_memcpy(mlme.im_macaddr, params->bssid, IEEE80211_ADDR_LEN); 1150 if (set80211var(drv, IEEE80211_IOC_MLME, &mlme, sizeof(mlme)) < 0) 1151 return -1; 1152 return ret; 1153 } 1154 1155 static int 1156 wpa_driver_bsd_scan(void *priv, struct wpa_driver_scan_params *params) 1157 { 1158 struct bsd_driver_data *drv = priv; 1159 #ifdef IEEE80211_IOC_SCAN_MAX_SSID 1160 struct ieee80211_scan_req sr; 1161 int i; 1162 #endif /* IEEE80211_IOC_SCAN_MAX_SSID */ 1163 1164 if (bsd_set_mediaopt(drv, IFM_OMASK, 0 /* STA */) < 0) { 1165 wpa_printf(MSG_ERROR, "%s: failed to set operation mode", 1166 __func__); 1167 return -1; 1168 } 1169 1170 if (set80211param(drv, IEEE80211_IOC_ROAMING, 1171 IEEE80211_ROAMING_MANUAL) < 0) { 1172 wpa_printf(MSG_ERROR, "%s: failed to set " 1173 "wpa_supplicant-based roaming: %s", __func__, 1174 strerror(errno)); 1175 return -1; 1176 } 1177 1178 if (wpa_driver_bsd_set_wpa(drv, 1) < 0) { 1179 wpa_printf(MSG_ERROR, "%s: failed to set wpa: %s", __func__, 1180 strerror(errno)); 1181 return -1; 1182 } 1183 1184 /* NB: interface must be marked UP to do a scan */ 1185 if (bsd_ctrl_iface(drv, 1) < 0) 1186 return -1; 1187 1188 #ifdef IEEE80211_IOC_SCAN_MAX_SSID 1189 os_memset(&sr, 0, sizeof(sr)); 1190 sr.sr_flags = IEEE80211_IOC_SCAN_ACTIVE | IEEE80211_IOC_SCAN_ONCE | 1191 IEEE80211_IOC_SCAN_NOJOIN; 1192 sr.sr_duration = IEEE80211_IOC_SCAN_FOREVER; 1193 if (params->num_ssids > 0) { 1194 sr.sr_nssid = params->num_ssids; 1195 #if 0 1196 /* Boundary check is done by upper layer */ 1197 if (sr.sr_nssid > IEEE80211_IOC_SCAN_MAX_SSID) 1198 sr.sr_nssid = IEEE80211_IOC_SCAN_MAX_SSID; 1199 #endif 1200 1201 /* NB: check scan cache first */ 1202 sr.sr_flags |= IEEE80211_IOC_SCAN_CHECK; 1203 } 1204 for (i = 0; i < sr.sr_nssid; i++) { 1205 sr.sr_ssid[i].len = params->ssids[i].ssid_len; 1206 os_memcpy(sr.sr_ssid[i].ssid, params->ssids[i].ssid, 1207 sr.sr_ssid[i].len); 1208 } 1209 1210 /* NB: net80211 delivers a scan complete event so no need to poll */ 1211 return set80211var(drv, IEEE80211_IOC_SCAN_REQ, &sr, sizeof(sr)); 1212 #else /* IEEE80211_IOC_SCAN_MAX_SSID */ 1213 /* set desired ssid before scan */ 1214 if (bsd_set_ssid(drv, params->ssids[0].ssid, 1215 params->ssids[0].ssid_len) < 0) 1216 return -1; 1217 1218 /* NB: net80211 delivers a scan complete event so no need to poll */ 1219 return set80211param(drv, IEEE80211_IOC_SCAN_REQ, 0); 1220 #endif /* IEEE80211_IOC_SCAN_MAX_SSID */ 1221 } 1222 1223 static void 1224 wpa_driver_bsd_event_receive(int sock, void *ctx, void *sock_ctx) 1225 { 1226 struct bsd_driver_global *global = sock_ctx; 1227 struct bsd_driver_data *drv; 1228 struct if_announcemsghdr *ifan; 1229 struct if_msghdr *ifm; 1230 struct rt_msghdr *rtm; 1231 union wpa_event_data event; 1232 struct ieee80211_michael_event *mic; 1233 struct ieee80211_leave_event *leave; 1234 struct ieee80211_join_event *join; 1235 int n; 1236 1237 /* 1238 * CID 1394785: Memory - illegal access (STRING_NULL): 1239 * Though global->event_buf is a char *, it actually contains 1240 * a struct rt_msghdr *. See below. 1241 */ 1242 n = read(sock, global->event_buf, global->event_buf_len); 1243 if (n < 0) { 1244 if (errno != EINTR && errno != EAGAIN) 1245 wpa_printf(MSG_ERROR, "%s read() failed: %s", 1246 __func__, strerror(errno)); 1247 return; 1248 } 1249 1250 /* 1251 * CID 1394785: global->event_buf is assigned here to a 1252 * struct rt_msghdr *. 1253 */ 1254 rtm = (struct rt_msghdr *) global->event_buf; 1255 if (rtm->rtm_version != RTM_VERSION) { 1256 wpa_printf(MSG_DEBUG, "Invalid routing message version=%d", 1257 rtm->rtm_version); 1258 return; 1259 } 1260 os_memset(&event, 0, sizeof(event)); 1261 switch (rtm->rtm_type) { 1262 case RTM_IFANNOUNCE: 1263 ifan = (struct if_announcemsghdr *) rtm; 1264 switch (ifan->ifan_what) { 1265 case IFAN_DEPARTURE: 1266 drv = bsd_get_drvindex(global, ifan->ifan_index); 1267 if (drv) 1268 drv->if_removed = 1; 1269 event.interface_status.ievent = EVENT_INTERFACE_REMOVED; 1270 break; 1271 case IFAN_ARRIVAL: 1272 drv = bsd_get_drvname(global, ifan->ifan_name); 1273 if (drv) { 1274 drv->ifindex = ifan->ifan_index; 1275 drv->if_removed = 0; 1276 } 1277 event.interface_status.ievent = EVENT_INTERFACE_ADDED; 1278 break; 1279 default: 1280 wpa_printf(MSG_DEBUG, "RTM_IFANNOUNCE: unknown action"); 1281 return; 1282 } 1283 wpa_printf(MSG_DEBUG, "RTM_IFANNOUNCE: Interface '%s' %s", 1284 ifan->ifan_name, 1285 ifan->ifan_what == IFAN_DEPARTURE ? 1286 "removed" : "added"); 1287 os_strlcpy(event.interface_status.ifname, ifan->ifan_name, 1288 sizeof(event.interface_status.ifname)); 1289 if (drv) { 1290 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, 1291 &event); 1292 /* 1293 * Set ifindex to zero after sending the event as the 1294 * event might query the driver to ensure a match. 1295 */ 1296 if (ifan->ifan_what == IFAN_DEPARTURE) 1297 drv->ifindex = 0; 1298 } else { 1299 wpa_supplicant_event_global(global->ctx, 1300 EVENT_INTERFACE_STATUS, 1301 &event); 1302 } 1303 break; 1304 case RTM_IEEE80211: 1305 ifan = (struct if_announcemsghdr *) rtm; 1306 drv = bsd_get_drvindex(global, ifan->ifan_index); 1307 if (drv == NULL) 1308 return; 1309 switch (ifan->ifan_what) { 1310 case RTM_IEEE80211_ASSOC: 1311 case RTM_IEEE80211_REASSOC: 1312 if (drv->is_ap) 1313 break; 1314 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, NULL); 1315 break; 1316 case RTM_IEEE80211_DISASSOC: 1317 if (drv->is_ap) 1318 break; 1319 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL); 1320 break; 1321 case RTM_IEEE80211_SCAN: 1322 if (drv->is_ap) 1323 break; 1324 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, 1325 NULL); 1326 break; 1327 case RTM_IEEE80211_LEAVE: 1328 leave = (struct ieee80211_leave_event *) &ifan[1]; 1329 drv_event_disassoc(drv->ctx, leave->iev_addr); 1330 break; 1331 case RTM_IEEE80211_JOIN: 1332 #ifdef RTM_IEEE80211_REJOIN 1333 case RTM_IEEE80211_REJOIN: 1334 #endif 1335 join = (struct ieee80211_join_event *) &ifan[1]; 1336 bsd_new_sta(drv, drv->ctx, join->iev_addr); 1337 break; 1338 case RTM_IEEE80211_REPLAY: 1339 /* ignore */ 1340 break; 1341 case RTM_IEEE80211_MICHAEL: 1342 mic = (struct ieee80211_michael_event *) &ifan[1]; 1343 wpa_printf(MSG_DEBUG, 1344 "Michael MIC failure wireless event: " 1345 "keyix=%u src_addr=" MACSTR, mic->iev_keyix, 1346 MAC2STR(mic->iev_src)); 1347 1348 os_memset(&event, 0, sizeof(event)); 1349 event.michael_mic_failure.unicast = 1350 !IEEE80211_IS_MULTICAST(mic->iev_dst); 1351 wpa_supplicant_event(drv->ctx, 1352 EVENT_MICHAEL_MIC_FAILURE, &event); 1353 break; 1354 } 1355 break; 1356 case RTM_IFINFO: 1357 ifm = (struct if_msghdr *) rtm; 1358 drv = bsd_get_drvindex(global, ifm->ifm_index); 1359 if (drv == NULL) 1360 return; 1361 if (((ifm->ifm_flags & IFF_UP) == 0 || 1362 (ifm->ifm_flags & IFF_RUNNING) == 0) && 1363 (drv->flags & IFF_UP) != 0 && 1364 (drv->flags & IFF_RUNNING) != 0) { 1365 wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' DOWN", 1366 drv->ifname); 1367 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, 1368 NULL); 1369 } else if ((ifm->ifm_flags & IFF_UP) != 0 && 1370 (ifm->ifm_flags & IFF_RUNNING) != 0 && 1371 ((drv->flags & IFF_UP) == 0 || 1372 (drv->flags & IFF_RUNNING) == 0)) { 1373 wpa_printf(MSG_DEBUG, "RTM_IFINFO: Interface '%s' UP", 1374 drv->ifname); 1375 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED, 1376 NULL); 1377 } 1378 drv->flags = ifm->ifm_flags; 1379 break; 1380 } 1381 } 1382 1383 static void 1384 wpa_driver_bsd_add_scan_entry(struct wpa_scan_results *res, 1385 struct ieee80211req_scan_result *sr) 1386 { 1387 struct wpa_scan_res *result, **tmp; 1388 size_t extra_len; 1389 u8 *pos; 1390 1391 extra_len = 2 + sr->isr_ssid_len; 1392 extra_len += 2 + sr->isr_nrates; 1393 extra_len += 3; /* ERP IE */ 1394 extra_len += sr->isr_ie_len; 1395 1396 result = os_zalloc(sizeof(*result) + extra_len); 1397 if (result == NULL) 1398 return; 1399 os_memcpy(result->bssid, sr->isr_bssid, ETH_ALEN); 1400 result->freq = sr->isr_freq; 1401 result->beacon_int = sr->isr_intval; 1402 result->caps = sr->isr_capinfo; 1403 result->qual = sr->isr_rssi; 1404 result->noise = sr->isr_noise; 1405 1406 #ifdef __FreeBSD__ 1407 /* 1408 * the rssi value reported by the kernel is in 0.5dB steps relative to 1409 * the reported noise floor. see ieee80211_node.h for details. 1410 */ 1411 result->level = sr->isr_rssi / 2 + sr->isr_noise; 1412 #else 1413 result->level = sr->isr_rssi; 1414 #endif 1415 1416 pos = (u8 *)(result + 1); 1417 1418 *pos++ = WLAN_EID_SSID; 1419 *pos++ = sr->isr_ssid_len; 1420 os_memcpy(pos, sr + 1, sr->isr_ssid_len); 1421 pos += sr->isr_ssid_len; 1422 1423 /* 1424 * Deal all rates as supported rate. 1425 * Because net80211 doesn't report extended supported rate or not. 1426 */ 1427 *pos++ = WLAN_EID_SUPP_RATES; 1428 *pos++ = sr->isr_nrates; 1429 os_memcpy(pos, sr->isr_rates, sr->isr_nrates); 1430 pos += sr->isr_nrates; 1431 1432 *pos++ = WLAN_EID_ERP_INFO; 1433 *pos++ = 1; 1434 *pos++ = sr->isr_erp; 1435 1436 #if defined(__DragonFly__) || defined(__FreeBSD__) || defined(__FreeBSD_kernel__) 1437 os_memcpy(pos, (u8 *)(sr + 1) + sr->isr_ssid_len + sr->isr_meshid_len, 1438 sr->isr_ie_len); 1439 #else 1440 os_memcpy(pos, (u8 *)(sr + 1) + sr->isr_ssid_len, sr->isr_ie_len); 1441 #endif 1442 pos += sr->isr_ie_len; 1443 1444 result->ie_len = pos - (u8 *)(result + 1); 1445 1446 tmp = os_realloc_array(res->res, res->num + 1, 1447 sizeof(struct wpa_scan_res *)); 1448 if (tmp == NULL) { 1449 os_free(result); 1450 return; 1451 } 1452 tmp[res->num++] = result; 1453 res->res = tmp; 1454 } 1455 1456 struct wpa_scan_results * 1457 wpa_driver_bsd_get_scan_results2(void *priv) 1458 { 1459 struct ieee80211req_scan_result *sr; 1460 struct wpa_scan_results *res; 1461 int len, rest; 1462 uint8_t buf[24*1024], *pos; 1463 1464 len = get80211var(priv, IEEE80211_IOC_SCAN_RESULTS, buf, 24*1024); 1465 if (len < 0) 1466 return NULL; 1467 1468 res = os_zalloc(sizeof(*res)); 1469 if (res == NULL) 1470 return NULL; 1471 1472 pos = buf; 1473 rest = len; 1474 while (rest >= sizeof(struct ieee80211req_scan_result)) { 1475 sr = (struct ieee80211req_scan_result *)pos; 1476 wpa_driver_bsd_add_scan_entry(res, sr); 1477 pos += sr->isr_len; 1478 rest -= sr->isr_len; 1479 } 1480 1481 wpa_printf(MSG_DEBUG, "Received %d bytes of scan results (%lu BSSes)", 1482 len, (unsigned long)res->num); 1483 1484 return res; 1485 } 1486 1487 static int wpa_driver_bsd_capa(struct bsd_driver_data *drv) 1488 { 1489 #ifdef IEEE80211_IOC_DEVCAPS 1490 /* kernel definitions copied from net80211/ieee80211_var.h */ 1491 #define IEEE80211_CIPHER_WEP 0 1492 #define IEEE80211_CIPHER_TKIP 1 1493 #define IEEE80211_CIPHER_AES_CCM 3 1494 #define IEEE80211_CRYPTO_WEP (1<<IEEE80211_CIPHER_WEP) 1495 #define IEEE80211_CRYPTO_TKIP (1<<IEEE80211_CIPHER_TKIP) 1496 #define IEEE80211_CRYPTO_AES_CCM (1<<IEEE80211_CIPHER_AES_CCM) 1497 #define IEEE80211_C_HOSTAP 0x00000400 /* CAPABILITY: HOSTAP avail */ 1498 #define IEEE80211_C_WPA1 0x00800000 /* CAPABILITY: WPA1 avail */ 1499 #define IEEE80211_C_WPA2 0x01000000 /* CAPABILITY: WPA2 avail */ 1500 struct ieee80211_devcaps_req devcaps; 1501 1502 if (get80211var(drv, IEEE80211_IOC_DEVCAPS, &devcaps, 1503 sizeof(devcaps)) < 0) { 1504 wpa_printf(MSG_ERROR, "failed to IEEE80211_IOC_DEVCAPS: %s", 1505 strerror(errno)); 1506 return -1; 1507 } 1508 1509 wpa_printf(MSG_DEBUG, "%s: drivercaps=0x%08x,cryptocaps=0x%08x", 1510 __func__, devcaps.dc_drivercaps, devcaps.dc_cryptocaps); 1511 1512 if (devcaps.dc_drivercaps & IEEE80211_C_WPA1) 1513 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA | 1514 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK; 1515 if (devcaps.dc_drivercaps & IEEE80211_C_WPA2) 1516 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | 1517 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; 1518 1519 #ifdef __FreeBSD__ 1520 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | 1521 WPA_DRIVER_CAPA_ENC_WEP104 | 1522 WPA_DRIVER_CAPA_ENC_TKIP | 1523 WPA_DRIVER_CAPA_ENC_CCMP; 1524 #else 1525 /* 1526 * XXX 1527 * FreeBSD exports hardware cryptocaps. These have no meaning for wpa 1528 * since net80211 performs software crypto. 1529 */ 1530 if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_WEP) 1531 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | 1532 WPA_DRIVER_CAPA_ENC_WEP104; 1533 if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_TKIP) 1534 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP; 1535 if (devcaps.dc_cryptocaps & IEEE80211_CRYPTO_AES_CCM) 1536 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; 1537 #endif 1538 1539 if (devcaps.dc_drivercaps & IEEE80211_C_HOSTAP) 1540 drv->capa.flags |= WPA_DRIVER_FLAGS_AP; 1541 #undef IEEE80211_CIPHER_WEP 1542 #undef IEEE80211_CIPHER_TKIP 1543 #undef IEEE80211_CIPHER_AES_CCM 1544 #undef IEEE80211_CRYPTO_WEP 1545 #undef IEEE80211_CRYPTO_TKIP 1546 #undef IEEE80211_CRYPTO_AES_CCM 1547 #undef IEEE80211_C_HOSTAP 1548 #undef IEEE80211_C_WPA1 1549 #undef IEEE80211_C_WPA2 1550 #else /* IEEE80211_IOC_DEVCAPS */ 1551 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */ 1552 drv->capa.key_mgmt = WPA_DRIVER_CAPA_KEY_MGMT_WPA | 1553 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK | 1554 WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | 1555 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; 1556 drv->capa.enc = WPA_DRIVER_CAPA_ENC_WEP40 | 1557 WPA_DRIVER_CAPA_ENC_WEP104 | 1558 WPA_DRIVER_CAPA_ENC_TKIP | 1559 WPA_DRIVER_CAPA_ENC_CCMP; 1560 drv->capa.flags |= WPA_DRIVER_FLAGS_AP; 1561 #endif /* IEEE80211_IOC_DEVCAPS */ 1562 #ifdef IEEE80211_IOC_SCAN_MAX_SSID 1563 drv->capa.max_scan_ssids = IEEE80211_IOC_SCAN_MAX_SSID; 1564 #else /* IEEE80211_IOC_SCAN_MAX_SSID */ 1565 drv->capa.max_scan_ssids = 1; 1566 #endif /* IEEE80211_IOC_SCAN_MAX_SSID */ 1567 drv->capa.auth = WPA_DRIVER_AUTH_OPEN | 1568 WPA_DRIVER_AUTH_SHARED | 1569 WPA_DRIVER_AUTH_LEAP; 1570 return 0; 1571 } 1572 1573 static enum ieee80211_opmode 1574 get80211opmode(struct bsd_driver_data *drv) 1575 { 1576 struct ifmediareq ifmr; 1577 1578 (void) memset(&ifmr, 0, sizeof(ifmr)); 1579 (void) os_strlcpy(ifmr.ifm_name, drv->ifname, sizeof(ifmr.ifm_name)); 1580 1581 if (ioctl(drv->global->sock, SIOCGIFMEDIA, (caddr_t)&ifmr) >= 0) { 1582 if (ifmr.ifm_current & IFM_IEEE80211_ADHOC) { 1583 if (ifmr.ifm_current & IFM_FLAG0) 1584 return IEEE80211_M_AHDEMO; 1585 else 1586 return IEEE80211_M_IBSS; 1587 } 1588 if (ifmr.ifm_current & IFM_IEEE80211_HOSTAP) 1589 return IEEE80211_M_HOSTAP; 1590 if (ifmr.ifm_current & IFM_IEEE80211_IBSS) 1591 return IEEE80211_M_IBSS; 1592 if (ifmr.ifm_current & IFM_IEEE80211_MONITOR) 1593 return IEEE80211_M_MONITOR; 1594 #ifdef IEEE80211_M_MBSS 1595 if (ifmr.ifm_current & IFM_IEEE80211_MBSS) 1596 return IEEE80211_M_MBSS; 1597 #endif /* IEEE80211_M_MBSS */ 1598 } 1599 return IEEE80211_M_STA; 1600 } 1601 1602 static void * 1603 wpa_driver_bsd_init(void *ctx, const char *ifname, void *priv) 1604 { 1605 #define GETPARAM(drv, param, v) \ 1606 (((v) = get80211param(drv, param)) != -1) 1607 struct bsd_driver_data *drv; 1608 1609 drv = os_zalloc(sizeof(*drv)); 1610 if (drv == NULL) 1611 return NULL; 1612 1613 /* 1614 * NB: We require the interface name be mappable to an index. 1615 * This implies we do not support having wpa_supplicant 1616 * wait for an interface to appear. This seems ok; that 1617 * doesn't belong here; it's really the job of devd. 1618 */ 1619 drv->ifindex = if_nametoindex(ifname); 1620 if (drv->ifindex == 0) { 1621 wpa_printf(MSG_DEBUG, "%s: interface %s does not exist", 1622 __func__, ifname); 1623 goto fail; 1624 } 1625 1626 drv->ctx = ctx; 1627 drv->global = priv; 1628 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); 1629 1630 if (!GETPARAM(drv, IEEE80211_IOC_ROAMING, drv->prev_roaming)) { 1631 wpa_printf(MSG_DEBUG, "%s: failed to get roaming state: %s", 1632 __func__, strerror(errno)); 1633 goto fail; 1634 } 1635 if (!GETPARAM(drv, IEEE80211_IOC_PRIVACY, drv->prev_privacy)) { 1636 wpa_printf(MSG_DEBUG, "%s: failed to get privacy state: %s", 1637 __func__, strerror(errno)); 1638 goto fail; 1639 } 1640 if (!GETPARAM(drv, IEEE80211_IOC_WPA, drv->prev_wpa)) { 1641 wpa_printf(MSG_DEBUG, "%s: failed to get wpa state: %s", 1642 __func__, strerror(errno)); 1643 goto fail; 1644 } 1645 1646 if (wpa_driver_bsd_capa(drv)) 1647 goto fail; 1648 1649 /* Down interface during setup. */ 1650 if (bsd_ctrl_iface(drv, 0) < 0) 1651 goto fail; 1652 1653 drv->opmode = get80211opmode(drv); 1654 dl_list_add(&drv->global->ifaces, &drv->list); 1655 1656 return drv; 1657 fail: 1658 os_free(drv); 1659 return NULL; 1660 #undef GETPARAM 1661 } 1662 1663 static void 1664 wpa_driver_bsd_deinit(void *priv) 1665 { 1666 struct bsd_driver_data *drv = priv; 1667 1668 if (drv->ifindex != 0 && !drv->if_removed) { 1669 wpa_driver_bsd_set_wpa(drv, 0); 1670 1671 /* NB: mark interface down */ 1672 bsd_ctrl_iface(drv, 0); 1673 1674 wpa_driver_bsd_set_wpa_internal(drv, drv->prev_wpa, 1675 drv->prev_privacy); 1676 1677 if (set80211param(drv, IEEE80211_IOC_ROAMING, drv->prev_roaming) 1678 < 0) 1679 wpa_printf(MSG_DEBUG, 1680 "%s: failed to restore roaming state", 1681 __func__); 1682 } 1683 1684 if (drv->sock_xmit != NULL) 1685 l2_packet_deinit(drv->sock_xmit); 1686 dl_list_del(&drv->list); 1687 os_free(drv); 1688 } 1689 1690 static int 1691 wpa_driver_bsd_get_capa(void *priv, struct wpa_driver_capa *capa) 1692 { 1693 struct bsd_driver_data *drv = priv; 1694 1695 os_memcpy(capa, &drv->capa, sizeof(*capa)); 1696 return 0; 1697 } 1698 #endif /* HOSTAPD */ 1699 1700 static void * 1701 bsd_global_init(void *ctx) 1702 { 1703 struct bsd_driver_global *global; 1704 1705 global = os_zalloc(sizeof(*global)); 1706 if (global == NULL) 1707 return NULL; 1708 1709 global->ctx = ctx; 1710 dl_list_init(&global->ifaces); 1711 1712 global->sock = socket(PF_INET, SOCK_DGRAM, 0); 1713 if (global->sock < 0) { 1714 wpa_printf(MSG_ERROR, "socket[PF_INET,SOCK_DGRAM]: %s", 1715 strerror(errno)); 1716 goto fail1; 1717 } 1718 1719 global->route = socket(PF_ROUTE, SOCK_RAW, 0); 1720 if (global->route < 0) { 1721 wpa_printf(MSG_ERROR, "socket[PF_ROUTE,SOCK_RAW]: %s", 1722 strerror(errno)); 1723 goto fail; 1724 } 1725 1726 global->event_buf_len = rtbuf_len(); 1727 global->event_buf = os_malloc(global->event_buf_len); 1728 if (global->event_buf == NULL) { 1729 wpa_printf(MSG_ERROR, "%s: os_malloc() failed", __func__); 1730 goto fail; 1731 } 1732 1733 #ifdef HOSTAPD 1734 eloop_register_read_sock(global->route, bsd_wireless_event_receive, 1735 NULL, global); 1736 1737 #else /* HOSTAPD */ 1738 eloop_register_read_sock(global->route, wpa_driver_bsd_event_receive, 1739 NULL, global); 1740 #endif /* HOSTAPD */ 1741 1742 return global; 1743 1744 fail: 1745 close(global->sock); 1746 fail1: 1747 os_free(global); 1748 return NULL; 1749 } 1750 1751 static void 1752 bsd_global_deinit(void *priv) 1753 { 1754 struct bsd_driver_global *global = priv; 1755 1756 eloop_unregister_read_sock(global->route); 1757 (void) close(global->route); 1758 (void) close(global->sock); 1759 os_free(global); 1760 } 1761 1762 1763 const struct wpa_driver_ops wpa_driver_bsd_ops = { 1764 .name = "bsd", 1765 .desc = "BSD 802.11 support", 1766 .global_init = bsd_global_init, 1767 .global_deinit = bsd_global_deinit, 1768 #ifdef HOSTAPD 1769 .hapd_init = bsd_init, 1770 .hapd_deinit = bsd_deinit, 1771 .set_privacy = bsd_set_privacy, 1772 .get_seqnum = bsd_get_seqnum, 1773 .flush = bsd_flush, 1774 .read_sta_data = bsd_read_sta_driver_data, 1775 .sta_disassoc = bsd_sta_disassoc, 1776 .sta_deauth = bsd_sta_deauth, 1777 .sta_set_flags = bsd_set_sta_authorized, 1778 .commit = bsd_commit, 1779 #else /* HOSTAPD */ 1780 .init2 = wpa_driver_bsd_init, 1781 .deinit = wpa_driver_bsd_deinit, 1782 .get_bssid = wpa_driver_bsd_get_bssid, 1783 .get_ssid = wpa_driver_bsd_get_ssid, 1784 .set_countermeasures = wpa_driver_bsd_set_countermeasures, 1785 .scan2 = wpa_driver_bsd_scan, 1786 .get_scan_results2 = wpa_driver_bsd_get_scan_results2, 1787 .deauthenticate = wpa_driver_bsd_deauthenticate, 1788 .associate = wpa_driver_bsd_associate, 1789 .get_capa = wpa_driver_bsd_get_capa, 1790 #endif /* HOSTAPD */ 1791 .set_freq = bsd_set_freq, 1792 .set_key = bsd_set_key, 1793 .set_ieee8021x = bsd_set_ieee8021x, 1794 .hapd_set_ssid = bsd_set_ssid, 1795 .hapd_get_ssid = bsd_get_ssid, 1796 .hapd_send_eapol = bsd_send_eapol, 1797 .set_generic_elem = bsd_set_opt_ie, 1798 }; 1799