1 /* 2 * WPA Supplicant / privileged helper program 3 * Copyright (c) 2007-2009, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "includes.h" 10 #ifdef __linux__ 11 #include <fcntl.h> 12 #endif /* __linux__ */ 13 #include <sys/un.h> 14 #include <sys/stat.h> 15 16 #include "common.h" 17 #include "eloop.h" 18 #include "common/version.h" 19 #include "drivers/driver.h" 20 #include "l2_packet/l2_packet.h" 21 #include "common/privsep_commands.h" 22 #include "common/ieee802_11_defs.h" 23 24 25 struct wpa_priv_interface { 26 struct wpa_priv_interface *next; 27 char *driver_name; 28 char *ifname; 29 char *sock_name; 30 int fd; 31 32 const struct wpa_driver_ops *driver; 33 void *drv_priv; 34 void *drv_global_priv; 35 struct sockaddr_un drv_addr; 36 int wpas_registered; 37 38 /* TODO: add support for multiple l2 connections */ 39 struct l2_packet_data *l2; 40 struct sockaddr_un l2_addr; 41 }; 42 43 44 static void wpa_priv_cmd_register(struct wpa_priv_interface *iface, 45 struct sockaddr_un *from) 46 { 47 if (iface->drv_priv) { 48 wpa_printf(MSG_DEBUG, "Cleaning up forgotten driver instance"); 49 if (iface->driver->deinit) 50 iface->driver->deinit(iface->drv_priv); 51 iface->drv_priv = NULL; 52 if (iface->drv_global_priv) { 53 iface->driver->global_deinit(iface->drv_global_priv); 54 iface->drv_global_priv = NULL; 55 } 56 iface->wpas_registered = 0; 57 } 58 59 if (iface->l2) { 60 wpa_printf(MSG_DEBUG, "Cleaning up forgotten l2_packet " 61 "instance"); 62 l2_packet_deinit(iface->l2); 63 iface->l2 = NULL; 64 } 65 66 if (iface->driver->init2) { 67 if (iface->driver->global_init) { 68 iface->drv_global_priv = iface->driver->global_init(); 69 if (!iface->drv_global_priv) { 70 wpa_printf(MSG_INFO, 71 "Failed to initialize driver global context"); 72 return; 73 } 74 } else { 75 iface->drv_global_priv = NULL; 76 } 77 iface->drv_priv = iface->driver->init2(iface, iface->ifname, 78 iface->drv_global_priv); 79 } else if (iface->driver->init) { 80 iface->drv_priv = iface->driver->init(iface, iface->ifname); 81 } else { 82 return; 83 } 84 if (iface->drv_priv == NULL) { 85 wpa_printf(MSG_DEBUG, "Failed to initialize driver wrapper"); 86 return; 87 } 88 89 wpa_printf(MSG_DEBUG, "Driver wrapper '%s' initialized for interface " 90 "'%s'", iface->driver_name, iface->ifname); 91 92 os_memcpy(&iface->drv_addr, from, sizeof(iface->drv_addr)); 93 iface->wpas_registered = 1; 94 95 if (iface->driver->set_param && 96 iface->driver->set_param(iface->drv_priv, NULL) < 0) { 97 wpa_printf(MSG_ERROR, "Driver interface rejected param"); 98 } 99 } 100 101 102 static void wpa_priv_cmd_unregister(struct wpa_priv_interface *iface, 103 struct sockaddr_un *from) 104 { 105 if (iface->drv_priv) { 106 if (iface->driver->deinit) 107 iface->driver->deinit(iface->drv_priv); 108 iface->drv_priv = NULL; 109 if (iface->drv_global_priv) { 110 iface->driver->global_deinit(iface->drv_global_priv); 111 iface->drv_global_priv = NULL; 112 } 113 iface->wpas_registered = 0; 114 } 115 } 116 117 118 static void wpa_priv_cmd_scan(struct wpa_priv_interface *iface, 119 char *buf, size_t len) 120 { 121 struct wpa_driver_scan_params params; 122 123 if (iface->drv_priv == NULL) 124 return; 125 126 os_memset(¶ms, 0, sizeof(params)); 127 if (len) { 128 params.ssids[0].ssid = (u8 *) buf; 129 params.ssids[0].ssid_len = len; 130 params.num_ssids = 1; 131 } 132 133 if (iface->driver->scan2) 134 iface->driver->scan2(iface->drv_priv, ¶ms); 135 } 136 137 138 static void wpa_priv_get_scan_results2(struct wpa_priv_interface *iface, 139 struct sockaddr_un *from) 140 { 141 struct wpa_scan_results *res; 142 u8 *buf = NULL, *pos, *end; 143 int val; 144 size_t i; 145 146 res = iface->driver->get_scan_results2(iface->drv_priv); 147 if (res == NULL) 148 goto fail; 149 150 buf = os_malloc(60000); 151 if (buf == NULL) 152 goto fail; 153 pos = buf; 154 end = buf + 60000; 155 val = res->num; 156 os_memcpy(pos, &val, sizeof(int)); 157 pos += sizeof(int); 158 159 for (i = 0; i < res->num; i++) { 160 struct wpa_scan_res *r = res->res[i]; 161 val = sizeof(*r) + r->ie_len; 162 if (end - pos < (int) sizeof(int) + val) 163 break; 164 os_memcpy(pos, &val, sizeof(int)); 165 pos += sizeof(int); 166 os_memcpy(pos, r, val); 167 pos += val; 168 } 169 170 sendto(iface->fd, buf, pos - buf, 0, (struct sockaddr *) from, 171 sizeof(*from)); 172 173 os_free(buf); 174 wpa_scan_results_free(res); 175 return; 176 177 fail: 178 os_free(buf); 179 wpa_scan_results_free(res); 180 sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); 181 } 182 183 184 static void wpa_priv_cmd_get_scan_results(struct wpa_priv_interface *iface, 185 struct sockaddr_un *from) 186 { 187 if (iface->drv_priv == NULL) 188 return; 189 190 if (iface->driver->get_scan_results2) 191 wpa_priv_get_scan_results2(iface, from); 192 else 193 sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, 194 sizeof(*from)); 195 } 196 197 198 static void wpa_priv_cmd_authenticate(struct wpa_priv_interface *iface, 199 void *buf, size_t len) 200 { 201 struct wpa_driver_auth_params params; 202 struct privsep_cmd_authenticate *auth; 203 int res, i; 204 205 if (iface->drv_priv == NULL || iface->driver->authenticate == NULL) 206 return; 207 208 if (len < sizeof(*auth)) { 209 wpa_printf(MSG_DEBUG, "Invalid authentication request"); 210 return; 211 } 212 213 auth = buf; 214 if (sizeof(*auth) + auth->ie_len + auth->sae_data_len > len) { 215 wpa_printf(MSG_DEBUG, "Authentication request overflow"); 216 return; 217 } 218 219 os_memset(¶ms, 0, sizeof(params)); 220 params.freq = auth->freq; 221 params.bssid = auth->bssid; 222 params.ssid = auth->ssid; 223 if (auth->ssid_len > SSID_MAX_LEN) 224 return; 225 params.ssid_len = auth->ssid_len; 226 params.auth_alg = auth->auth_alg; 227 for (i = 0; i < 4; i++) { 228 if (auth->wep_key_len[i]) { 229 params.wep_key[i] = auth->wep_key[i]; 230 params.wep_key_len[i] = auth->wep_key_len[i]; 231 } 232 } 233 params.wep_tx_keyidx = auth->wep_tx_keyidx; 234 params.local_state_change = auth->local_state_change; 235 params.p2p = auth->p2p; 236 if (auth->ie_len) { 237 params.ie = (u8 *) (auth + 1); 238 params.ie_len = auth->ie_len; 239 } 240 if (auth->sae_data_len) { 241 params.sae_data = ((u8 *) (auth + 1)) + auth->ie_len; 242 params.sae_data_len = auth->sae_data_len; 243 } 244 245 res = iface->driver->authenticate(iface->drv_priv, ¶ms); 246 wpa_printf(MSG_DEBUG, "drv->authenticate: res=%d", res); 247 } 248 249 250 static void wpa_priv_cmd_associate(struct wpa_priv_interface *iface, 251 void *buf, size_t len) 252 { 253 struct wpa_driver_associate_params params; 254 struct privsep_cmd_associate *assoc; 255 u8 *bssid; 256 int res; 257 258 if (iface->drv_priv == NULL || iface->driver->associate == NULL) 259 return; 260 261 if (len < sizeof(*assoc)) { 262 wpa_printf(MSG_DEBUG, "Invalid association request"); 263 return; 264 } 265 266 assoc = buf; 267 if (sizeof(*assoc) + assoc->wpa_ie_len > len) { 268 wpa_printf(MSG_DEBUG, "Association request overflow"); 269 return; 270 } 271 272 os_memset(¶ms, 0, sizeof(params)); 273 bssid = assoc->bssid; 274 if (bssid[0] | bssid[1] | bssid[2] | bssid[3] | bssid[4] | bssid[5]) 275 params.bssid = bssid; 276 params.ssid = assoc->ssid; 277 if (assoc->ssid_len > SSID_MAX_LEN) 278 return; 279 params.ssid_len = assoc->ssid_len; 280 params.freq.mode = assoc->hwmode; 281 params.freq.freq = assoc->freq; 282 params.freq.channel = assoc->channel; 283 if (assoc->wpa_ie_len) { 284 params.wpa_ie = (u8 *) (assoc + 1); 285 params.wpa_ie_len = assoc->wpa_ie_len; 286 } 287 params.pairwise_suite = assoc->pairwise_suite; 288 params.group_suite = assoc->group_suite; 289 params.key_mgmt_suite = assoc->key_mgmt_suite; 290 params.auth_alg = assoc->auth_alg; 291 params.mode = assoc->mode; 292 293 res = iface->driver->associate(iface->drv_priv, ¶ms); 294 wpa_printf(MSG_DEBUG, "drv->associate: res=%d", res); 295 } 296 297 298 static void wpa_priv_cmd_get_bssid(struct wpa_priv_interface *iface, 299 struct sockaddr_un *from) 300 { 301 u8 bssid[ETH_ALEN]; 302 303 if (iface->drv_priv == NULL) 304 goto fail; 305 306 if (iface->driver->get_bssid == NULL || 307 iface->driver->get_bssid(iface->drv_priv, bssid) < 0) 308 goto fail; 309 310 sendto(iface->fd, bssid, ETH_ALEN, 0, (struct sockaddr *) from, 311 sizeof(*from)); 312 return; 313 314 fail: 315 sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); 316 } 317 318 319 static void wpa_priv_cmd_get_ssid(struct wpa_priv_interface *iface, 320 struct sockaddr_un *from) 321 { 322 u8 ssid[sizeof(int) + SSID_MAX_LEN]; 323 int res; 324 325 if (iface->drv_priv == NULL) 326 goto fail; 327 328 if (iface->driver->get_ssid == NULL) 329 goto fail; 330 331 res = iface->driver->get_ssid(iface->drv_priv, &ssid[sizeof(int)]); 332 if (res < 0 || res > SSID_MAX_LEN) 333 goto fail; 334 os_memcpy(ssid, &res, sizeof(int)); 335 336 sendto(iface->fd, ssid, sizeof(ssid), 0, (struct sockaddr *) from, 337 sizeof(*from)); 338 return; 339 340 fail: 341 sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); 342 } 343 344 345 static void wpa_priv_cmd_set_key(struct wpa_priv_interface *iface, 346 void *buf, size_t len) 347 { 348 struct privsep_cmd_set_key *params; 349 int res; 350 351 if (iface->drv_priv == NULL || iface->driver->set_key == NULL) 352 return; 353 354 if (len != sizeof(*params)) { 355 wpa_printf(MSG_DEBUG, "Invalid set_key request"); 356 return; 357 } 358 359 params = buf; 360 361 res = iface->driver->set_key(iface->ifname, iface->drv_priv, 362 params->alg, 363 params->addr, params->key_idx, 364 params->set_tx, 365 params->seq_len ? params->seq : NULL, 366 params->seq_len, 367 params->key_len ? params->key : NULL, 368 params->key_len); 369 wpa_printf(MSG_DEBUG, "drv->set_key: res=%d", res); 370 } 371 372 373 static void wpa_priv_cmd_get_capa(struct wpa_priv_interface *iface, 374 struct sockaddr_un *from) 375 { 376 struct wpa_driver_capa capa; 377 378 if (iface->drv_priv == NULL) 379 goto fail; 380 381 if (iface->driver->get_capa == NULL || 382 iface->driver->get_capa(iface->drv_priv, &capa) < 0) 383 goto fail; 384 385 /* For now, no support for passing extended_capa pointers */ 386 capa.extended_capa = NULL; 387 capa.extended_capa_mask = NULL; 388 capa.extended_capa_len = 0; 389 sendto(iface->fd, &capa, sizeof(capa), 0, (struct sockaddr *) from, 390 sizeof(*from)); 391 return; 392 393 fail: 394 sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, sizeof(*from)); 395 } 396 397 398 static void wpa_priv_l2_rx(void *ctx, const u8 *src_addr, const u8 *buf, 399 size_t len) 400 { 401 struct wpa_priv_interface *iface = ctx; 402 struct msghdr msg; 403 struct iovec io[2]; 404 405 io[0].iov_base = (u8 *) src_addr; 406 io[0].iov_len = ETH_ALEN; 407 io[1].iov_base = (u8 *) buf; 408 io[1].iov_len = len; 409 410 os_memset(&msg, 0, sizeof(msg)); 411 msg.msg_iov = io; 412 msg.msg_iovlen = 2; 413 msg.msg_name = &iface->l2_addr; 414 msg.msg_namelen = sizeof(iface->l2_addr); 415 416 if (sendmsg(iface->fd, &msg, 0) < 0) { 417 wpa_printf(MSG_ERROR, "sendmsg(l2 rx): %s", strerror(errno)); 418 } 419 } 420 421 422 static void wpa_priv_cmd_l2_register(struct wpa_priv_interface *iface, 423 struct sockaddr_un *from, 424 void *buf, size_t len) 425 { 426 int *reg_cmd = buf; 427 u8 own_addr[ETH_ALEN]; 428 int res; 429 u16 proto; 430 431 if (len != 2 * sizeof(int)) { 432 wpa_printf(MSG_DEBUG, "Invalid l2_register length %lu", 433 (unsigned long) len); 434 return; 435 } 436 437 proto = reg_cmd[0]; 438 if (proto != ETH_P_EAPOL && proto != ETH_P_RSN_PREAUTH && 439 proto != ETH_P_80211_ENCAP) { 440 wpa_printf(MSG_DEBUG, "Refused l2_packet connection for " 441 "ethertype 0x%x", proto); 442 return; 443 } 444 445 if (iface->l2) { 446 wpa_printf(MSG_DEBUG, "Cleaning up forgotten l2_packet " 447 "instance"); 448 l2_packet_deinit(iface->l2); 449 iface->l2 = NULL; 450 } 451 452 os_memcpy(&iface->l2_addr, from, sizeof(iface->l2_addr)); 453 454 iface->l2 = l2_packet_init(iface->ifname, NULL, proto, 455 wpa_priv_l2_rx, iface, reg_cmd[1]); 456 if (iface->l2 == NULL) { 457 wpa_printf(MSG_DEBUG, "Failed to initialize l2_packet " 458 "instance for protocol %d", proto); 459 return; 460 } 461 462 if (l2_packet_get_own_addr(iface->l2, own_addr) < 0) { 463 wpa_printf(MSG_DEBUG, "Failed to get own address from " 464 "l2_packet"); 465 l2_packet_deinit(iface->l2); 466 iface->l2 = NULL; 467 return; 468 } 469 470 res = sendto(iface->fd, own_addr, ETH_ALEN, 0, 471 (struct sockaddr *) from, sizeof(*from)); 472 wpa_printf(MSG_DEBUG, "L2 registration: res=%d", res); 473 } 474 475 476 static void wpa_priv_cmd_l2_unregister(struct wpa_priv_interface *iface, 477 struct sockaddr_un *from) 478 { 479 if (iface->l2) { 480 l2_packet_deinit(iface->l2); 481 iface->l2 = NULL; 482 } 483 } 484 485 486 static void wpa_priv_cmd_l2_notify_auth_start(struct wpa_priv_interface *iface, 487 struct sockaddr_un *from) 488 { 489 if (iface->l2) 490 l2_packet_notify_auth_start(iface->l2); 491 } 492 493 494 static void wpa_priv_cmd_l2_send(struct wpa_priv_interface *iface, 495 struct sockaddr_un *from, 496 void *buf, size_t len) 497 { 498 u8 *dst_addr; 499 u16 proto; 500 int res; 501 502 if (iface->l2 == NULL) 503 return; 504 505 if (len < ETH_ALEN + 2) { 506 wpa_printf(MSG_DEBUG, "Too short L2 send packet (len=%lu)", 507 (unsigned long) len); 508 return; 509 } 510 511 dst_addr = buf; 512 os_memcpy(&proto, buf + ETH_ALEN, 2); 513 514 if (proto != ETH_P_EAPOL && proto != ETH_P_RSN_PREAUTH) { 515 wpa_printf(MSG_DEBUG, "Refused l2_packet send for ethertype " 516 "0x%x", proto); 517 return; 518 } 519 520 res = l2_packet_send(iface->l2, dst_addr, proto, buf + ETH_ALEN + 2, 521 len - ETH_ALEN - 2); 522 wpa_printf(MSG_DEBUG, "L2 send: res=%d", res); 523 } 524 525 526 static void wpa_priv_cmd_set_country(struct wpa_priv_interface *iface, 527 char *buf) 528 { 529 if (iface->drv_priv == NULL || iface->driver->set_country == NULL || 530 *buf == '\0') 531 return; 532 533 iface->driver->set_country(iface->drv_priv, buf); 534 } 535 536 537 static void wpa_priv_receive(int sock, void *eloop_ctx, void *sock_ctx) 538 { 539 struct wpa_priv_interface *iface = eloop_ctx; 540 char buf[2000], *pos; 541 void *cmd_buf; 542 size_t cmd_len; 543 int res, cmd; 544 struct sockaddr_un from; 545 socklen_t fromlen = sizeof(from); 546 547 res = recvfrom(sock, buf, sizeof(buf), 0, (struct sockaddr *) &from, 548 &fromlen); 549 if (res < 0) { 550 wpa_printf(MSG_ERROR, "recvfrom: %s", strerror(errno)); 551 return; 552 } 553 554 if (res < (int) sizeof(int)) { 555 wpa_printf(MSG_DEBUG, "Too short command (len=%d)", res); 556 return; 557 } 558 559 os_memcpy(&cmd, buf, sizeof(int)); 560 wpa_printf(MSG_DEBUG, "Command %d for interface %s", 561 cmd, iface->ifname); 562 cmd_buf = &buf[sizeof(int)]; 563 cmd_len = res - sizeof(int); 564 565 switch (cmd) { 566 case PRIVSEP_CMD_REGISTER: 567 wpa_priv_cmd_register(iface, &from); 568 break; 569 case PRIVSEP_CMD_UNREGISTER: 570 wpa_priv_cmd_unregister(iface, &from); 571 break; 572 case PRIVSEP_CMD_SCAN: 573 wpa_priv_cmd_scan(iface, cmd_buf, cmd_len); 574 break; 575 case PRIVSEP_CMD_GET_SCAN_RESULTS: 576 wpa_priv_cmd_get_scan_results(iface, &from); 577 break; 578 case PRIVSEP_CMD_ASSOCIATE: 579 wpa_priv_cmd_associate(iface, cmd_buf, cmd_len); 580 break; 581 case PRIVSEP_CMD_GET_BSSID: 582 wpa_priv_cmd_get_bssid(iface, &from); 583 break; 584 case PRIVSEP_CMD_GET_SSID: 585 wpa_priv_cmd_get_ssid(iface, &from); 586 break; 587 case PRIVSEP_CMD_SET_KEY: 588 wpa_priv_cmd_set_key(iface, cmd_buf, cmd_len); 589 break; 590 case PRIVSEP_CMD_GET_CAPA: 591 wpa_priv_cmd_get_capa(iface, &from); 592 break; 593 case PRIVSEP_CMD_L2_REGISTER: 594 wpa_priv_cmd_l2_register(iface, &from, cmd_buf, cmd_len); 595 break; 596 case PRIVSEP_CMD_L2_UNREGISTER: 597 wpa_priv_cmd_l2_unregister(iface, &from); 598 break; 599 case PRIVSEP_CMD_L2_NOTIFY_AUTH_START: 600 wpa_priv_cmd_l2_notify_auth_start(iface, &from); 601 break; 602 case PRIVSEP_CMD_L2_SEND: 603 wpa_priv_cmd_l2_send(iface, &from, cmd_buf, cmd_len); 604 break; 605 case PRIVSEP_CMD_SET_COUNTRY: 606 pos = cmd_buf; 607 if (pos + cmd_len >= buf + sizeof(buf)) 608 break; 609 pos[cmd_len] = '\0'; 610 wpa_priv_cmd_set_country(iface, pos); 611 break; 612 case PRIVSEP_CMD_AUTHENTICATE: 613 wpa_priv_cmd_authenticate(iface, cmd_buf, cmd_len); 614 break; 615 } 616 } 617 618 619 static void wpa_priv_interface_deinit(struct wpa_priv_interface *iface) 620 { 621 if (iface->drv_priv && iface->driver->deinit) 622 iface->driver->deinit(iface->drv_priv); 623 624 if (iface->fd >= 0) { 625 eloop_unregister_read_sock(iface->fd); 626 close(iface->fd); 627 unlink(iface->sock_name); 628 } 629 630 if (iface->l2) 631 l2_packet_deinit(iface->l2); 632 633 os_free(iface->ifname); 634 os_free(iface->driver_name); 635 os_free(iface->sock_name); 636 os_free(iface); 637 } 638 639 640 static struct wpa_priv_interface * 641 wpa_priv_interface_init(const char *dir, const char *params) 642 { 643 struct wpa_priv_interface *iface; 644 char *pos; 645 size_t len; 646 struct sockaddr_un addr; 647 int i; 648 649 pos = os_strchr(params, ':'); 650 if (pos == NULL) 651 return NULL; 652 653 iface = os_zalloc(sizeof(*iface)); 654 if (iface == NULL) 655 return NULL; 656 iface->fd = -1; 657 658 len = pos - params; 659 iface->driver_name = dup_binstr(params, len); 660 if (iface->driver_name == NULL) { 661 wpa_priv_interface_deinit(iface); 662 return NULL; 663 } 664 665 for (i = 0; wpa_drivers[i]; i++) { 666 if (os_strcmp(iface->driver_name, 667 wpa_drivers[i]->name) == 0) { 668 iface->driver = wpa_drivers[i]; 669 break; 670 } 671 } 672 if (iface->driver == NULL) { 673 wpa_printf(MSG_ERROR, "Unsupported driver '%s'", 674 iface->driver_name); 675 wpa_priv_interface_deinit(iface); 676 return NULL; 677 } 678 679 pos++; 680 iface->ifname = os_strdup(pos); 681 if (iface->ifname == NULL) { 682 wpa_priv_interface_deinit(iface); 683 return NULL; 684 } 685 686 len = os_strlen(dir) + 1 + os_strlen(iface->ifname); 687 iface->sock_name = os_malloc(len + 1); 688 if (iface->sock_name == NULL) { 689 wpa_priv_interface_deinit(iface); 690 return NULL; 691 } 692 693 os_snprintf(iface->sock_name, len + 1, "%s/%s", dir, iface->ifname); 694 if (os_strlen(iface->sock_name) >= sizeof(addr.sun_path)) { 695 wpa_priv_interface_deinit(iface); 696 return NULL; 697 } 698 699 iface->fd = socket(PF_UNIX, SOCK_DGRAM, 0); 700 if (iface->fd < 0) { 701 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno)); 702 wpa_priv_interface_deinit(iface); 703 return NULL; 704 } 705 706 os_memset(&addr, 0, sizeof(addr)); 707 addr.sun_family = AF_UNIX; 708 os_strlcpy(addr.sun_path, iface->sock_name, sizeof(addr.sun_path)); 709 710 if (bind(iface->fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) { 711 wpa_printf(MSG_DEBUG, "bind(PF_UNIX) failed: %s", 712 strerror(errno)); 713 if (connect(iface->fd, (struct sockaddr *) &addr, 714 sizeof(addr)) < 0) { 715 wpa_printf(MSG_DEBUG, "Socket exists, but does not " 716 "allow connections - assuming it was " 717 "leftover from forced program termination"); 718 if (unlink(iface->sock_name) < 0) { 719 wpa_printf(MSG_ERROR, 720 "Could not unlink existing ctrl_iface socket '%s': %s", 721 iface->sock_name, strerror(errno)); 722 goto fail; 723 } 724 if (bind(iface->fd, (struct sockaddr *) &addr, 725 sizeof(addr)) < 0) { 726 wpa_printf(MSG_ERROR, 727 "wpa-priv-iface-init: bind(PF_UNIX): %s", 728 strerror(errno)); 729 goto fail; 730 } 731 wpa_printf(MSG_DEBUG, "Successfully replaced leftover " 732 "socket '%s'", iface->sock_name); 733 } else { 734 wpa_printf(MSG_INFO, "Socket exists and seems to be " 735 "in use - cannot override it"); 736 wpa_printf(MSG_INFO, "Delete '%s' manually if it is " 737 "not used anymore", iface->sock_name); 738 goto fail; 739 } 740 } 741 742 if (chmod(iface->sock_name, S_IRWXU | S_IRWXG | S_IRWXO) < 0) { 743 wpa_printf(MSG_ERROR, "chmod: %s", strerror(errno)); 744 goto fail; 745 } 746 747 eloop_register_read_sock(iface->fd, wpa_priv_receive, iface, NULL); 748 749 return iface; 750 751 fail: 752 wpa_priv_interface_deinit(iface); 753 return NULL; 754 } 755 756 757 static int wpa_priv_send_event(struct wpa_priv_interface *iface, int event, 758 const void *data, size_t data_len) 759 { 760 struct msghdr msg; 761 struct iovec io[2]; 762 763 io[0].iov_base = &event; 764 io[0].iov_len = sizeof(event); 765 io[1].iov_base = (u8 *) data; 766 io[1].iov_len = data_len; 767 768 os_memset(&msg, 0, sizeof(msg)); 769 msg.msg_iov = io; 770 msg.msg_iovlen = data ? 2 : 1; 771 msg.msg_name = &iface->drv_addr; 772 msg.msg_namelen = sizeof(iface->drv_addr); 773 774 if (sendmsg(iface->fd, &msg, 0) < 0) { 775 wpa_printf(MSG_ERROR, "sendmsg(wpas_socket): %s", 776 strerror(errno)); 777 return -1; 778 } 779 780 return 0; 781 } 782 783 784 static void wpa_priv_send_auth(struct wpa_priv_interface *iface, 785 union wpa_event_data *data) 786 { 787 size_t buflen = sizeof(struct privsep_event_auth) + data->auth.ies_len; 788 struct privsep_event_auth *auth; 789 u8 *buf, *pos; 790 791 buf = os_malloc(buflen); 792 if (buf == NULL) 793 return; 794 795 auth = (struct privsep_event_auth *) buf; 796 pos = (u8 *) (auth + 1); 797 798 os_memcpy(auth->peer, data->auth.peer, ETH_ALEN); 799 os_memcpy(auth->bssid, data->auth.bssid, ETH_ALEN); 800 auth->auth_type = data->auth.auth_type; 801 auth->auth_transaction = data->auth.auth_transaction; 802 auth->status_code = data->auth.status_code; 803 if (data->auth.ies) { 804 os_memcpy(pos, data->auth.ies, data->auth.ies_len); 805 auth->ies_len = data->auth.ies_len; 806 } 807 808 wpa_priv_send_event(iface, PRIVSEP_EVENT_AUTH, buf, buflen); 809 810 os_free(buf); 811 } 812 813 814 static void wpa_priv_send_assoc(struct wpa_priv_interface *iface, int event, 815 union wpa_event_data *data) 816 { 817 size_t buflen = 3 * sizeof(int); 818 u8 *buf, *pos; 819 int len; 820 821 if (data) { 822 buflen += data->assoc_info.req_ies_len + 823 data->assoc_info.resp_ies_len + 824 data->assoc_info.beacon_ies_len; 825 } 826 827 buf = os_malloc(buflen); 828 if (buf == NULL) 829 return; 830 831 pos = buf; 832 833 if (data && data->assoc_info.req_ies) { 834 len = data->assoc_info.req_ies_len; 835 os_memcpy(pos, &len, sizeof(int)); 836 pos += sizeof(int); 837 os_memcpy(pos, data->assoc_info.req_ies, len); 838 pos += len; 839 } else { 840 len = 0; 841 os_memcpy(pos, &len, sizeof(int)); 842 pos += sizeof(int); 843 } 844 845 if (data && data->assoc_info.resp_ies) { 846 len = data->assoc_info.resp_ies_len; 847 os_memcpy(pos, &len, sizeof(int)); 848 pos += sizeof(int); 849 os_memcpy(pos, data->assoc_info.resp_ies, len); 850 pos += len; 851 } else { 852 len = 0; 853 os_memcpy(pos, &len, sizeof(int)); 854 pos += sizeof(int); 855 } 856 857 if (data && data->assoc_info.beacon_ies) { 858 len = data->assoc_info.beacon_ies_len; 859 os_memcpy(pos, &len, sizeof(int)); 860 pos += sizeof(int); 861 os_memcpy(pos, data->assoc_info.beacon_ies, len); 862 pos += len; 863 } else { 864 len = 0; 865 os_memcpy(pos, &len, sizeof(int)); 866 pos += sizeof(int); 867 } 868 869 wpa_priv_send_event(iface, event, buf, buflen); 870 871 os_free(buf); 872 } 873 874 875 static void wpa_priv_send_interface_status(struct wpa_priv_interface *iface, 876 union wpa_event_data *data) 877 { 878 int ievent; 879 size_t len, maxlen; 880 u8 *buf; 881 char *ifname; 882 883 if (data == NULL) 884 return; 885 886 ievent = data->interface_status.ievent; 887 maxlen = sizeof(data->interface_status.ifname); 888 ifname = data->interface_status.ifname; 889 for (len = 0; len < maxlen && ifname[len]; len++) 890 ; 891 892 buf = os_malloc(sizeof(int) + len); 893 if (buf == NULL) 894 return; 895 896 os_memcpy(buf, &ievent, sizeof(int)); 897 os_memcpy(buf + sizeof(int), ifname, len); 898 899 wpa_priv_send_event(iface, PRIVSEP_EVENT_INTERFACE_STATUS, 900 buf, sizeof(int) + len); 901 902 os_free(buf); 903 904 } 905 906 907 static void wpa_priv_send_ft_response(struct wpa_priv_interface *iface, 908 union wpa_event_data *data) 909 { 910 size_t len; 911 u8 *buf, *pos; 912 913 if (data == NULL || data->ft_ies.ies == NULL) 914 return; 915 916 len = sizeof(int) + ETH_ALEN + data->ft_ies.ies_len; 917 buf = os_malloc(len); 918 if (buf == NULL) 919 return; 920 921 pos = buf; 922 os_memcpy(pos, &data->ft_ies.ft_action, sizeof(int)); 923 pos += sizeof(int); 924 os_memcpy(pos, data->ft_ies.target_ap, ETH_ALEN); 925 pos += ETH_ALEN; 926 os_memcpy(pos, data->ft_ies.ies, data->ft_ies.ies_len); 927 928 wpa_priv_send_event(iface, PRIVSEP_EVENT_FT_RESPONSE, buf, len); 929 930 os_free(buf); 931 932 } 933 934 935 void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 936 union wpa_event_data *data) 937 { 938 struct wpa_priv_interface *iface = ctx; 939 940 wpa_printf(MSG_DEBUG, "%s - event=%d", __func__, event); 941 942 if (!iface->wpas_registered) { 943 wpa_printf(MSG_DEBUG, "Driver event received, but " 944 "wpa_supplicant not registered"); 945 return; 946 } 947 948 switch (event) { 949 case EVENT_ASSOC: 950 wpa_priv_send_assoc(iface, PRIVSEP_EVENT_ASSOC, data); 951 break; 952 case EVENT_DISASSOC: 953 wpa_priv_send_event(iface, PRIVSEP_EVENT_DISASSOC, NULL, 0); 954 break; 955 case EVENT_ASSOCINFO: 956 if (data == NULL) 957 return; 958 wpa_priv_send_assoc(iface, PRIVSEP_EVENT_ASSOCINFO, data); 959 break; 960 case EVENT_MICHAEL_MIC_FAILURE: 961 if (data == NULL) 962 return; 963 wpa_priv_send_event(iface, PRIVSEP_EVENT_MICHAEL_MIC_FAILURE, 964 &data->michael_mic_failure.unicast, 965 sizeof(int)); 966 break; 967 case EVENT_SCAN_STARTED: 968 wpa_priv_send_event(iface, PRIVSEP_EVENT_SCAN_STARTED, NULL, 969 0); 970 break; 971 case EVENT_SCAN_RESULTS: 972 wpa_priv_send_event(iface, PRIVSEP_EVENT_SCAN_RESULTS, NULL, 973 0); 974 break; 975 case EVENT_INTERFACE_STATUS: 976 wpa_priv_send_interface_status(iface, data); 977 break; 978 case EVENT_PMKID_CANDIDATE: 979 if (data == NULL) 980 return; 981 wpa_priv_send_event(iface, PRIVSEP_EVENT_PMKID_CANDIDATE, 982 &data->pmkid_candidate, 983 sizeof(struct pmkid_candidate)); 984 break; 985 case EVENT_STKSTART: 986 if (data == NULL) 987 return; 988 wpa_priv_send_event(iface, PRIVSEP_EVENT_STKSTART, 989 &data->stkstart.peer, ETH_ALEN); 990 break; 991 case EVENT_FT_RESPONSE: 992 wpa_priv_send_ft_response(iface, data); 993 break; 994 case EVENT_AUTH: 995 wpa_priv_send_auth(iface, data); 996 break; 997 default: 998 wpa_printf(MSG_DEBUG, "Unsupported driver event %d (%s) - TODO", 999 event, event_to_string(event)); 1000 break; 1001 } 1002 } 1003 1004 1005 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 1006 const u8 *buf, size_t len) 1007 { 1008 struct wpa_priv_interface *iface = ctx; 1009 struct msghdr msg; 1010 struct iovec io[3]; 1011 int event = PRIVSEP_EVENT_RX_EAPOL; 1012 1013 wpa_printf(MSG_DEBUG, "RX EAPOL from driver"); 1014 io[0].iov_base = &event; 1015 io[0].iov_len = sizeof(event); 1016 io[1].iov_base = (u8 *) src_addr; 1017 io[1].iov_len = ETH_ALEN; 1018 io[2].iov_base = (u8 *) buf; 1019 io[2].iov_len = len; 1020 1021 os_memset(&msg, 0, sizeof(msg)); 1022 msg.msg_iov = io; 1023 msg.msg_iovlen = 3; 1024 msg.msg_name = &iface->drv_addr; 1025 msg.msg_namelen = sizeof(iface->drv_addr); 1026 1027 if (sendmsg(iface->fd, &msg, 0) < 0) 1028 wpa_printf(MSG_ERROR, "sendmsg(wpas_socket): %s", 1029 strerror(errno)); 1030 } 1031 1032 1033 static void wpa_priv_terminate(int sig, void *signal_ctx) 1034 { 1035 wpa_printf(MSG_DEBUG, "wpa_priv termination requested"); 1036 eloop_terminate(); 1037 } 1038 1039 1040 static void wpa_priv_fd_workaround(void) 1041 { 1042 #ifdef __linux__ 1043 int s, i; 1044 /* When started from pcmcia-cs scripts, wpa_supplicant might start with 1045 * fd 0, 1, and 2 closed. This will cause some issues because many 1046 * places in wpa_supplicant are still printing out to stdout. As a 1047 * workaround, make sure that fd's 0, 1, and 2 are not used for other 1048 * sockets. */ 1049 for (i = 0; i < 3; i++) { 1050 s = open("/dev/null", O_RDWR); 1051 if (s > 2) { 1052 close(s); 1053 break; 1054 } 1055 } 1056 #endif /* __linux__ */ 1057 } 1058 1059 1060 static void usage(void) 1061 { 1062 printf("wpa_priv v" VERSION_STR "\n" 1063 "Copyright (c) 2007-2009, Jouni Malinen <j@w1.fi> and " 1064 "contributors\n" 1065 "\n" 1066 "usage:\n" 1067 " wpa_priv [-Bdd] [-c<ctrl dir>] [-P<pid file>] " 1068 "<driver:ifname> \\\n" 1069 " [driver:ifname ...]\n"); 1070 } 1071 1072 1073 int main(int argc, char *argv[]) 1074 { 1075 int c, i; 1076 int ret = -1; 1077 char *pid_file = NULL; 1078 int daemonize = 0; 1079 char *ctrl_dir = "/var/run/wpa_priv"; 1080 struct wpa_priv_interface *interfaces = NULL, *iface; 1081 1082 if (os_program_init()) 1083 return -1; 1084 1085 wpa_priv_fd_workaround(); 1086 1087 for (;;) { 1088 c = getopt(argc, argv, "Bc:dP:"); 1089 if (c < 0) 1090 break; 1091 switch (c) { 1092 case 'B': 1093 daemonize++; 1094 break; 1095 case 'c': 1096 ctrl_dir = optarg; 1097 break; 1098 case 'd': 1099 wpa_debug_level--; 1100 break; 1101 case 'P': 1102 pid_file = os_rel2abs_path(optarg); 1103 break; 1104 default: 1105 usage(); 1106 goto out2; 1107 } 1108 } 1109 1110 if (optind >= argc) { 1111 usage(); 1112 goto out2; 1113 } 1114 1115 wpa_printf(MSG_DEBUG, "wpa_priv control directory: '%s'", ctrl_dir); 1116 1117 if (eloop_init()) { 1118 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 1119 goto out2; 1120 } 1121 1122 for (i = optind; i < argc; i++) { 1123 wpa_printf(MSG_DEBUG, "Adding driver:interface %s", argv[i]); 1124 iface = wpa_priv_interface_init(ctrl_dir, argv[i]); 1125 if (iface == NULL) 1126 goto out; 1127 iface->next = interfaces; 1128 interfaces = iface; 1129 } 1130 1131 if (daemonize && os_daemonize(pid_file)) 1132 goto out; 1133 1134 eloop_register_signal_terminate(wpa_priv_terminate, NULL); 1135 eloop_run(); 1136 1137 ret = 0; 1138 1139 out: 1140 iface = interfaces; 1141 while (iface) { 1142 struct wpa_priv_interface *prev = iface; 1143 iface = iface->next; 1144 wpa_priv_interface_deinit(prev); 1145 } 1146 1147 eloop_destroy(); 1148 1149 out2: 1150 if (daemonize) 1151 os_daemonize_terminate(pid_file); 1152 os_free(pid_file); 1153 os_program_deinit(); 1154 1155 return ret; 1156 } 1157