xref: /freebsd/contrib/wpa/wpa_supplicant/config_ssid.h (revision 10b9d77bf1ccf2f3affafa6261692cb92cf7e992)
1 /*
2  * WPA Supplicant / Network configuration structures
3  * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License version 2 as
7  * published by the Free Software Foundation.
8  *
9  * Alternatively, this software may be distributed under the terms of BSD
10  * license.
11  *
12  * See README and COPYING for more details.
13  */
14 
15 #ifndef CONFIG_SSID_H
16 #define CONFIG_SSID_H
17 
18 #include "common/defs.h"
19 #include "eap_peer/eap_config.h"
20 
21 #define MAX_SSID_LEN 32
22 
23 
24 #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1)
25 #define DEFAULT_EAPOL_FLAGS (EAPOL_FLAG_REQUIRE_KEY_UNICAST | \
26 			     EAPOL_FLAG_REQUIRE_KEY_BROADCAST)
27 #define DEFAULT_PROTO (WPA_PROTO_WPA | WPA_PROTO_RSN)
28 #define DEFAULT_KEY_MGMT (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X)
29 #define DEFAULT_PAIRWISE (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP)
30 #define DEFAULT_GROUP (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP | \
31 		       WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40)
32 #define DEFAULT_FRAGMENT_SIZE 1398
33 
34 /**
35  * struct wpa_ssid - Network configuration data
36  *
37  * This structure includes all the configuration variables for a network. This
38  * data is included in the per-interface configuration data as an element of
39  * the network list, struct wpa_config::ssid. Each network block in the
40  * configuration is mapped to a struct wpa_ssid instance.
41  */
42 struct wpa_ssid {
43 	/**
44 	 * next - Next network in global list
45 	 *
46 	 * This pointer can be used to iterate over all networks. The head of
47 	 * this list is stored in the ssid field of struct wpa_config.
48 	 */
49 	struct wpa_ssid *next;
50 
51 	/**
52 	 * pnext - Next network in per-priority list
53 	 *
54 	 * This pointer can be used to iterate over all networks in the same
55 	 * priority class. The heads of these list are stored in the pssid
56 	 * fields of struct wpa_config.
57 	 */
58 	struct wpa_ssid *pnext;
59 
60 	/**
61 	 * id - Unique id for the network
62 	 *
63 	 * This identifier is used as a unique identifier for each network
64 	 * block when using the control interface. Each network is allocated an
65 	 * id when it is being created, either when reading the configuration
66 	 * file or when a new network is added through the control interface.
67 	 */
68 	int id;
69 
70 	/**
71 	 * priority - Priority group
72 	 *
73 	 * By default, all networks will get same priority group (0). If some
74 	 * of the networks are more desirable, this field can be used to change
75 	 * the order in which wpa_supplicant goes through the networks when
76 	 * selecting a BSS. The priority groups will be iterated in decreasing
77 	 * priority (i.e., the larger the priority value, the sooner the
78 	 * network is matched against the scan results). Within each priority
79 	 * group, networks will be selected based on security policy, signal
80 	 * strength, etc.
81 	 *
82 	 * Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode are
83 	 * not using this priority to select the order for scanning. Instead,
84 	 * they try the networks in the order that used in the configuration
85 	 * file.
86 	 */
87 	int priority;
88 
89 	/**
90 	 * ssid - Service set identifier (network name)
91 	 *
92 	 * This is the SSID for the network. For wireless interfaces, this is
93 	 * used to select which network will be used. If set to %NULL (or
94 	 * ssid_len=0), any SSID can be used. For wired interfaces, this must
95 	 * be set to %NULL. Note: SSID may contain any characters, even nul
96 	 * (ASCII 0) and as such, this should not be assumed to be a nul
97 	 * terminated string. ssid_len defines how many characters are valid
98 	 * and the ssid field is not guaranteed to be nul terminated.
99 	 */
100 	u8 *ssid;
101 
102 	/**
103 	 * ssid_len - Length of the SSID
104 	 */
105 	size_t ssid_len;
106 
107 	/**
108 	 * bssid - BSSID
109 	 *
110 	 * If set, this network block is used only when associating with the AP
111 	 * using the configured BSSID
112 	 */
113 	u8 bssid[ETH_ALEN];
114 
115 	/**
116 	 * bssid_set - Whether BSSID is configured for this network
117 	 */
118 	int bssid_set;
119 
120 	/**
121 	 * psk - WPA pre-shared key (256 bits)
122 	 */
123 	u8 psk[32];
124 
125 	/**
126 	 * psk_set - Whether PSK field is configured
127 	 */
128 	int psk_set;
129 
130 	/**
131 	 * passphrase - WPA ASCII passphrase
132 	 *
133 	 * If this is set, psk will be generated using the SSID and passphrase
134 	 * configured for the network. ASCII passphrase must be between 8 and
135 	 * 63 characters (inclusive).
136 	 */
137 	char *passphrase;
138 
139 	/**
140 	 * pairwise_cipher - Bitfield of allowed pairwise ciphers, WPA_CIPHER_*
141 	 */
142 	int pairwise_cipher;
143 
144 	/**
145 	 * group_cipher - Bitfield of allowed group ciphers, WPA_CIPHER_*
146 	 */
147 	int group_cipher;
148 
149 	/**
150 	 * key_mgmt - Bitfield of allowed key management protocols
151 	 *
152 	 * WPA_KEY_MGMT_*
153 	 */
154 	int key_mgmt;
155 
156 	/**
157 	 * proto - Bitfield of allowed protocols, WPA_PROTO_*
158 	 */
159 	int proto;
160 
161 	/**
162 	 * auth_alg -  Bitfield of allowed authentication algorithms
163 	 *
164 	 * WPA_AUTH_ALG_*
165 	 */
166 	int auth_alg;
167 
168 	/**
169 	 * scan_ssid - Scan this SSID with Probe Requests
170 	 *
171 	 * scan_ssid can be used to scan for APs using hidden SSIDs.
172 	 * Note: Many drivers do not support this. ap_mode=2 can be used with
173 	 * such drivers to use hidden SSIDs.
174 	 */
175 	int scan_ssid;
176 
177 #ifdef IEEE8021X_EAPOL
178 #define EAPOL_FLAG_REQUIRE_KEY_UNICAST BIT(0)
179 #define EAPOL_FLAG_REQUIRE_KEY_BROADCAST BIT(1)
180 	/**
181 	 * eapol_flags - Bit field of IEEE 802.1X/EAPOL options (EAPOL_FLAG_*)
182 	 */
183 	int eapol_flags;
184 
185 	/**
186 	 * eap - EAP peer configuration for this network
187 	 */
188 	struct eap_peer_config eap;
189 #endif /* IEEE8021X_EAPOL */
190 
191 #define NUM_WEP_KEYS 4
192 #define MAX_WEP_KEY_LEN 16
193 	/**
194 	 * wep_key - WEP keys
195 	 */
196 	u8 wep_key[NUM_WEP_KEYS][MAX_WEP_KEY_LEN];
197 
198 	/**
199 	 * wep_key_len - WEP key lengths
200 	 */
201 	size_t wep_key_len[NUM_WEP_KEYS];
202 
203 	/**
204 	 * wep_tx_keyidx - Default key index for TX frames using WEP
205 	 */
206 	int wep_tx_keyidx;
207 
208 	/**
209 	 * proactive_key_caching - Enable proactive key caching
210 	 *
211 	 * This field can be used to enable proactive key caching which is also
212 	 * known as opportunistic PMKSA caching for WPA2. This is disabled (0)
213 	 * by default. Enable by setting this to 1.
214 	 *
215 	 * Proactive key caching is used to make supplicant assume that the APs
216 	 * are using the same PMK and generate PMKSA cache entries without
217 	 * doing RSN pre-authentication. This requires support from the AP side
218 	 * and is normally used with wireless switches that co-locate the
219 	 * authenticator.
220 	 */
221 	int proactive_key_caching;
222 
223 	/**
224 	 * mixed_cell - Whether mixed cells are allowed
225 	 *
226 	 * This option can be used to configure whether so called mixed cells,
227 	 * i.e., networks that use both plaintext and encryption in the same
228 	 * SSID, are allowed. This is disabled (0) by default. Enable by
229 	 * setting this to 1.
230 	 */
231 	int mixed_cell;
232 
233 #ifdef IEEE8021X_EAPOL
234 
235 	/**
236 	 * leap - Number of EAP methods using LEAP
237 	 *
238 	 * This field should be set to 1 if LEAP is enabled. This is used to
239 	 * select IEEE 802.11 authentication algorithm.
240 	 */
241 	int leap;
242 
243 	/**
244 	 * non_leap - Number of EAP methods not using LEAP
245 	 *
246 	 * This field should be set to >0 if any EAP method other than LEAP is
247 	 * enabled. This is used to select IEEE 802.11 authentication
248 	 * algorithm.
249 	 */
250 	int non_leap;
251 
252 	/**
253 	 * eap_workaround - EAP workarounds enabled
254 	 *
255 	 * wpa_supplicant supports number of "EAP workarounds" to work around
256 	 * interoperability issues with incorrectly behaving authentication
257 	 * servers. This is recommended to be enabled by default because some
258 	 * of the issues are present in large number of authentication servers.
259 	 *
260 	 * Strict EAP conformance mode can be configured by disabling
261 	 * workarounds with eap_workaround = 0.
262 	 */
263 	unsigned int eap_workaround;
264 
265 #endif /* IEEE8021X_EAPOL */
266 
267 	/**
268 	 * mode - IEEE 802.11 operation mode (Infrastucture/IBSS)
269 	 *
270 	 * 0 = infrastructure (Managed) mode, i.e., associate with an AP.
271 	 *
272 	 * 1 = IBSS (ad-hoc, peer-to-peer)
273 	 *
274 	 * 2 = AP (access point)
275 	 *
276 	 * Note: IBSS can only be used with key_mgmt NONE (plaintext and
277 	 * static WEP) and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In
278 	 * addition, ap_scan has to be set to 2 for IBSS. WPA-None requires
279 	 * following network block options: proto=WPA, key_mgmt=WPA-NONE,
280 	 * pairwise=NONE, group=TKIP (or CCMP, but not both), and psk must also
281 	 * be set (either directly or using ASCII passphrase).
282 	 */
283 	enum wpas_mode {
284 		WPAS_MODE_INFRA = 0,
285 		WPAS_MODE_IBSS = 1,
286 		WPAS_MODE_AP = 2,
287 	} mode;
288 
289 	/**
290 	 * disabled - Whether this network is currently disabled
291 	 *
292 	 * 0 = this network can be used (default).
293 	 * 1 = this network block is disabled (can be enabled through
294 	 * ctrl_iface, e.g., with wpa_cli or wpa_gui).
295 	 */
296 	int disabled;
297 
298 	/**
299 	 * peerkey -  Whether PeerKey handshake for direct links is allowed
300 	 *
301 	 * This is only used when both RSN/WPA2 and IEEE 802.11e (QoS) are
302 	 * enabled.
303 	 *
304 	 * 0 = disabled (default)
305 	 * 1 = enabled
306 	 */
307 	int peerkey;
308 
309 	/**
310 	 * id_str - Network identifier string for external scripts
311 	 *
312 	 * This value is passed to external ctrl_iface monitors in
313 	 * WPA_EVENT_CONNECTED event and wpa_cli sets this as WPA_ID_STR
314 	 * environment variable for action scripts.
315 	 */
316 	char *id_str;
317 
318 #ifdef CONFIG_IEEE80211W
319 	/**
320 	 * ieee80211w - Whether management frame protection is enabled
321 	 *
322 	 * This value is used to configure policy for management frame
323 	 * protection (IEEE 802.11w). 0 = disabled, 1 = optional, 2 = required.
324 	 */
325 	enum mfp_options ieee80211w;
326 #endif /* CONFIG_IEEE80211W */
327 
328 	/**
329 	 * frequency - Channel frequency in megahertz (MHz) for IBSS
330 	 *
331 	 * This value is used to configure the initial channel for IBSS (adhoc)
332 	 * networks, e.g., 2412 = IEEE 802.11b/g channel 1. It is ignored in
333 	 * the infrastructure mode. In addition, this value is only used by the
334 	 * station that creates the IBSS. If an IBSS network with the
335 	 * configured SSID is already present, the frequency of the network
336 	 * will be used instead of this configured value.
337 	 */
338 	int frequency;
339 
340 	/**
341 	 * wpa_ptk_rekey - Maximum lifetime for PTK in seconds
342 	 *
343 	 * This value can be used to enforce rekeying of PTK to mitigate some
344 	 * attacks against TKIP deficiencies.
345 	 */
346 	int wpa_ptk_rekey;
347 
348 	/**
349 	 * scan_freq - Array of frequencies to scan or %NULL for all
350 	 *
351 	 * This is an optional zero-terminated array of frequencies in
352 	 * megahertz (MHz) to include in scan requests when searching for this
353 	 * network. This can be used to speed up scanning when the network is
354 	 * known to not use all possible channels.
355 	 */
356 	int *scan_freq;
357 
358 	/**
359 	 * bgscan - Background scan and roaming parameters or %NULL if none
360 	 *
361 	 * This is an optional set of parameters for background scanning and
362 	 * roaming within a network (ESS) in following format:
363 	 * <bgscan module name>:<module parameters>
364 	 */
365 	char *bgscan;
366 
367 	/**
368 	 * freq_list - Array of allowed frequencies or %NULL for all
369 	 *
370 	 * This is an optional zero-terminated array of frequencies in
371 	 * megahertz (MHz) to allow for selecting the BSS. If set, scan results
372 	 * that do not match any of the specified frequencies are not
373 	 * considered when selecting a BSS.
374 	 */
375 	int *freq_list;
376 };
377 
378 #endif /* CONFIG_SSID_H */
379