1 /* 2 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* 7 * Copyright (c) 2003-2004, Jouni Malinen <jkmaline@cc.hut.fi> 8 * Sun elects to license this software under the BSD license. 9 * See README for more details. 10 */ 11 12 #include <stdio.h> 13 #include <stdlib.h> 14 #include <stdarg.h> 15 #include <unistd.h> 16 #include <string.h> 17 #include <syslog.h> 18 #include <sys/stat.h> 19 #include <errno.h> 20 #include <signal.h> 21 #include <fcntl.h> 22 #include <door.h> 23 #include <libscf.h> 24 #include <libdladm.h> 25 #include <libdllink.h> 26 #include <sys/ethernet.h> 27 28 #include "wpa_impl.h" 29 #include "wpa_enc.h" 30 #include "driver.h" 31 #include "eloop.h" 32 #include "l2_packet.h" 33 34 extern struct wpa_driver_ops wpa_driver_wifi_ops; 35 int wpa_debug_level = MSG_ERROR; 36 37 /* 38 * wpa_printf - conditional printf 39 * @level: priority level (MSG_*) of the message 40 * @fmt: printf format string, followed by optional arguments 41 * 42 * This function is used to print conditional debugging and error messages. The 43 * output may be directed to stdout, stderr, and/or syslog based on 44 * configuration. 45 */ 46 void 47 wpa_printf(int level, char *fmt, ...) 48 { 49 va_list ap; 50 char buffer[MAX_LOGBUF]; 51 52 if (level < wpa_debug_level) 53 return; 54 55 va_start(ap, fmt); 56 57 /* LINTED E_SEC_PRINTF_VAR_FMT */ 58 (void) vsnprintf(buffer, sizeof (buffer), fmt, ap); 59 60 va_end(ap); 61 62 syslog(LOG_NOTICE | LOG_DAEMON, "%s", buffer); 63 } 64 65 /* 66 * wpa_hexdump - conditional hex dump 67 * @level: priority level (MSG_*) of the message 68 * @title: title of for the message 69 * @buf: data buffer to be dumped 70 * @len: length of the @buf 71 * 72 * This function is used to print conditional debugging and error messages. The 73 * output may be directed to stdout, stderr, and/or syslog based on 74 * configuration. The contents of @buf is printed out has hex dump. 75 */ 76 void 77 wpa_hexdump(int level, const char *title, const uint8_t *buf, size_t len) 78 { 79 size_t i; 80 char buffer[MAX_LOGBUF], tmp[4]; 81 int n; 82 83 if (level < wpa_debug_level) 84 return; 85 86 (void) snprintf(buffer, sizeof (buffer), "%s - hexdump(len=%d):", 87 title, len); 88 n = strlen(buffer); 89 90 for (i = 0; i < len; i++) { 91 (void) sprintf(tmp, " %02x", buf[i]); 92 93 n += strlen(tmp); 94 if (n >= MAX_LOGBUF) break; 95 96 (void) strlcat(buffer, tmp, sizeof (buffer)); 97 } 98 99 syslog(LOG_NOTICE | LOG_DAEMON, "%s", buffer); 100 } 101 102 static const char * 103 wpa_ssid_txt(char *ssid, size_t ssid_len) 104 { 105 static char ssid_txt[MAX_ESSID_LENGTH + 1]; 106 char *pos; 107 108 if (ssid_len > MAX_ESSID_LENGTH) 109 ssid_len = MAX_ESSID_LENGTH; 110 (void) memcpy(ssid_txt, ssid, ssid_len); 111 ssid_txt[ssid_len] = '\0'; 112 for (pos = ssid_txt; *pos != '\0'; pos ++) { 113 if ((uint8_t)*pos < 32 || (uint8_t)*pos >= 127) 114 *pos = '_'; 115 } 116 return (ssid_txt); 117 } 118 119 /* ARGSUSED */ 120 void 121 wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx) 122 { 123 struct wpa_supplicant *wpa_s = eloop_ctx; 124 struct wpa_ssid *ssid; 125 126 if (wpa_s->conf == NULL) 127 return; 128 129 if (wpa_s->wpa_state == WPA_DISCONNECTED) 130 wpa_s->wpa_state = WPA_SCANNING; 131 132 ssid = wpa_s->conf->ssid; 133 wpa_printf(MSG_DEBUG, "Starting AP scan (%s SSID)", 134 ssid ? "specific": "broadcast"); 135 136 if (ssid) { 137 wpa_printf(MSG_DEBUG, "Scan SSID: %s", ssid->ssid); 138 } 139 140 if (wpa_s->driver->scan(wpa_s->linkid)) { 141 wpa_printf(MSG_WARNING, "Failed to initiate AP scan."); 142 } 143 } 144 145 void 146 wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec) 147 { 148 wpa_printf(MSG_DEBUG, "Setting scan request: %d sec %d usec", 149 sec, usec); 150 (void) eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL); 151 (void) eloop_register_timeout(sec, usec, wpa_supplicant_scan, 152 wpa_s, NULL); 153 } 154 155 void 156 wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s) 157 { 158 wpa_printf(MSG_DEBUG, "Cancelling scan request"); 159 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL); 160 } 161 162 /* ARGSUSED */ 163 static void 164 wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 165 { 166 struct wpa_supplicant *wpa_s = eloop_ctx; 167 168 wpa_printf(MSG_INFO, "Authentication with " MACSTR " timed out.", 169 MAC2STR(wpa_s->bssid)); 170 171 wpa_s->reassociate = 1; 172 wpa_supplicant_req_scan(wpa_s, 0, 0); 173 } 174 175 void 176 wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 177 int sec, int usec) 178 { 179 wpa_printf(MSG_DEBUG, "Setting authentication timeout: %d sec " 180 "%d usec", sec, usec); 181 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 182 (void) eloop_register_timeout(sec, usec, wpa_supplicant_timeout, 183 wpa_s, NULL); 184 } 185 186 void 187 wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 188 { 189 wpa_printf(MSG_DEBUG, "Cancelling authentication timeout"); 190 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 191 } 192 193 static void 194 wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 195 { 196 l2_packet_deinit(wpa_s->l2); 197 wpa_s->l2 = NULL; 198 199 if (wpa_s->conf != NULL) { 200 wpa_config_free(wpa_s->conf); 201 wpa_s->conf = NULL; 202 } 203 204 free(wpa_s->ap_wpa_ie); 205 pmksa_candidate_free(wpa_s); 206 pmksa_cache_free(wpa_s); 207 } 208 209 static void 210 wpa_clear_keys(struct wpa_supplicant *wpa_s, uint8_t *addr) 211 { 212 wpa_s->driver->set_key(wpa_s->linkid, WPA_ALG_NONE, 213 (uint8_t *)"\xff\xff\xff\xff\xff\xff", 0, 0, NULL, 0, NULL, 0); 214 wpa_s->driver->set_key(wpa_s->linkid, WPA_ALG_NONE, 215 (uint8_t *)"\xff\xff\xff\xff\xff\xff", 1, 0, NULL, 0, NULL, 0); 216 wpa_s->driver->set_key(wpa_s->linkid, WPA_ALG_NONE, 217 (uint8_t *)"\xff\xff\xff\xff\xff\xff", 2, 0, NULL, 0, NULL, 0); 218 wpa_s->driver->set_key(wpa_s->linkid, WPA_ALG_NONE, 219 (uint8_t *)"\xff\xff\xff\xff\xff\xff", 3, 0, NULL, 0, NULL, 0); 220 if (addr) { 221 wpa_s->driver->set_key(wpa_s->linkid, WPA_ALG_NONE, addr, 222 0, 0, NULL, 0, NULL, 0); 223 } 224 } 225 226 static void 227 wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) 228 { 229 wpa_s->wpa_state = WPA_DISCONNECTED; 230 (void) memset(wpa_s->bssid, 0, IEEE80211_ADDR_LEN); 231 } 232 233 static int 234 wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 235 dladm_wlan_ess_t *bss, struct wpa_ssid *ssid, 236 uint8_t *wpa_ie, int *wpa_ie_len) 237 { 238 struct wpa_ie_data ie; 239 int sel, proto; 240 uint8_t *ap_ie; 241 size_t ap_ie_len; 242 243 /* RSN or WPA */ 244 if (bss->we_wpa_ie_len && bss->we_wpa_ie[0] == RSN_INFO_ELEM && 245 (ssid->proto & WPA_PROTO_RSN)) { 246 wpa_printf(MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 247 proto = WPA_PROTO_RSN; 248 } else { 249 wpa_printf(MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 250 proto = WPA_PROTO_WPA; 251 } 252 253 ap_ie = bss->we_wpa_ie; 254 ap_ie_len = bss->we_wpa_ie_len; 255 256 if (wpa_parse_wpa_ie(wpa_s, ap_ie, ap_ie_len, &ie)) { 257 wpa_printf(MSG_WARNING, "WPA: Failed to parse WPA IE for " 258 "the selected BSS."); 259 return (-1); 260 } 261 262 wpa_s->proto = proto; 263 free(wpa_s->ap_wpa_ie); 264 wpa_s->ap_wpa_ie = malloc(ap_ie_len); 265 (void) memcpy(wpa_s->ap_wpa_ie, ap_ie, ap_ie_len); 266 wpa_s->ap_wpa_ie_len = ap_ie_len; 267 268 sel = ie.group_cipher & ssid->group_cipher; 269 if (sel & WPA_CIPHER_CCMP) { 270 wpa_s->group_cipher = WPA_CIPHER_CCMP; 271 } else if (sel & WPA_CIPHER_TKIP) { 272 wpa_s->group_cipher = WPA_CIPHER_TKIP; 273 } else if (sel & WPA_CIPHER_WEP104) { 274 wpa_s->group_cipher = WPA_CIPHER_WEP104; 275 } else if (sel & WPA_CIPHER_WEP40) { 276 wpa_s->group_cipher = WPA_CIPHER_WEP40; 277 } else { 278 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher."); 279 return (-1); 280 } 281 282 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 283 if (sel & WPA_CIPHER_CCMP) { 284 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 285 } else if (sel & WPA_CIPHER_TKIP) { 286 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 287 } else if (sel & WPA_CIPHER_NONE) { 288 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 289 } else { 290 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 291 "cipher."); 292 return (-1); 293 } 294 295 sel = ie.key_mgmt & ssid->key_mgmt; 296 if (sel & WPA_KEY_MGMT_IEEE8021X) { 297 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 298 } else if (sel & WPA_KEY_MGMT_PSK) { 299 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 300 } else { 301 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated " 302 "key management type."); 303 return (-1); 304 } 305 306 *wpa_ie_len = wpa_gen_wpa_ie(wpa_s, wpa_ie); 307 if (*wpa_ie_len < 0) { 308 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE."); 309 return (-1); 310 } 311 wpa_hexdump(MSG_DEBUG, "WPA: Own WPA IE", wpa_ie, *wpa_ie_len); 312 313 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 314 (void) memcpy(wpa_s->pmk, ssid->psk, PMK_LEN); 315 else if (wpa_s->cur_pmksa) 316 (void) memcpy(wpa_s->pmk, wpa_s->cur_pmksa->pmk, PMK_LEN); 317 else { 318 (void) memset(wpa_s->pmk, 0, PMK_LEN); 319 } 320 321 return (0); 322 } 323 324 static void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 325 dladm_wlan_ess_t *bss, struct wpa_ssid *ssid) 326 { 327 uint8_t wpa_ie[IEEE80211_MAX_OPT_IE]; 328 int wpa_ie_len; 329 330 wpa_s->reassociate = 0; 331 wpa_printf(MSG_DEBUG, "Trying to associate with " MACSTR 332 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->we_bssid.wb_bytes), 333 wpa_ssid_txt((char *)ssid->ssid, ssid->ssid_len), bss->we_freq); 334 wpa_supplicant_cancel_scan(wpa_s); 335 336 if (bss->we_wpa_ie_len && 337 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK))) { 338 wpa_s->cur_pmksa = pmksa_cache_get(wpa_s, 339 bss->we_bssid.wb_bytes, NULL); 340 if (wpa_s->cur_pmksa) { 341 wpa_hexdump(MSG_DEBUG, "RSN: PMKID", 342 wpa_s->cur_pmksa->pmkid, PMKID_LEN); 343 } 344 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 345 wpa_ie, &wpa_ie_len)) { 346 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key " 347 "management and encryption suites"); 348 return; 349 } 350 } else { 351 wpa_ie_len = 0; 352 } 353 354 wpa_clear_keys(wpa_s, bss->we_bssid.wb_bytes); 355 wpa_s->wpa_state = WPA_ASSOCIATING; 356 wpa_s->driver->associate(wpa_s->linkid, 357 (const char *)bss->we_bssid.wb_bytes, wpa_ie, wpa_ie_len); 358 359 /* Timeout for IEEE 802.11 authentication and association */ 360 wpa_supplicant_req_auth_timeout(wpa_s, 15, 0); 361 } 362 363 void 364 wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s, int reason_code) 365 { 366 uint8_t *addr = NULL; 367 wpa_s->wpa_state = WPA_DISCONNECTED; 368 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", 369 IEEE80211_ADDR_LEN) != 0) { 370 wpa_s->driver->disassociate(wpa_s->linkid, reason_code); 371 addr = wpa_s->bssid; 372 } 373 wpa_clear_keys(wpa_s, addr); 374 } 375 376 static dladm_wlan_ess_t * 377 wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, struct wpa_ssid *group, 378 dladm_wlan_ess_t *results, int num, struct wpa_ssid **selected_ssid) 379 { 380 struct wpa_ssid *ssid; 381 dladm_wlan_ess_t *bss, *selected = NULL; 382 int i; 383 384 struct wpa_ie_data ie; 385 386 wpa_printf(MSG_DEBUG, "Selecting BSS from scan results (%d)", num); 387 388 bss = NULL; 389 ssid = NULL; 390 391 /* try to find matched AP */ 392 for (i = 0; i < num && !selected; i++) { 393 bss = &results[i]; 394 wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' " 395 "wpa_ie_len=%d", 396 i, MAC2STR(bss->we_bssid.wb_bytes), 397 wpa_ssid_txt(bss->we_ssid.we_bytes, bss->we_ssid_len), 398 bss->we_wpa_ie_len); 399 if (bss->we_wpa_ie_len == 0) { 400 wpa_printf(MSG_DEBUG, " skip - no WPA/RSN IE"); 401 } 402 403 ssid = group; 404 if (bss->we_ssid_len != ssid->ssid_len || 405 memcmp(bss->we_ssid.we_bytes, ssid->ssid, 406 bss->we_ssid_len) != 0) { 407 wpa_printf(MSG_DEBUG, " skip - SSID mismatch"); 408 continue; 409 } 410 if (!((ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_WPA)) && 411 wpa_parse_wpa_ie(wpa_s, bss->we_wpa_ie, 412 bss->we_wpa_ie_len, &ie) == 0)) { 413 wpa_printf(MSG_DEBUG, " skip - " 414 "could not parse WPA/RSN IE"); 415 continue; 416 } 417 if (!(ie.proto & ssid->proto)) { 418 wpa_printf(MSG_DEBUG, " skip - proto mismatch"); 419 continue; 420 } 421 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 422 wpa_printf(MSG_DEBUG, " skip - PTK cipher mismatch"); 423 continue; 424 } 425 if (!(ie.group_cipher & ssid->group_cipher)) { 426 wpa_printf(MSG_DEBUG, " skip - GTK cipher mismatch"); 427 continue; 428 } 429 if (!(ie.key_mgmt & ssid->key_mgmt)) { 430 wpa_printf(MSG_DEBUG, " skip - key mgmt mismatch"); 431 continue; 432 } 433 434 selected = bss; 435 *selected_ssid = ssid; 436 wpa_printf(MSG_DEBUG, " selected"); 437 } 438 439 return (selected); 440 } 441 442 443 static void 444 wpa_supplicant_scan_results(struct wpa_supplicant *wpa_s) 445 { 446 dladm_wlan_ess_t results[MAX_SCANRESULTS]; 447 int num; 448 dladm_wlan_ess_t *selected = NULL; 449 struct wpa_ssid *ssid; 450 451 (void) memset(results, 0, sizeof (dladm_wlan_ess_t) * MAX_SCANRESULTS); 452 num = wpa_s->driver->get_scan_results(wpa_s->linkid, results, 453 MAX_SCANRESULTS); 454 wpa_printf(MSG_DEBUG, "Scan results: %d", num); 455 if (num < 0) 456 return; 457 if (num > MAX_SCANRESULTS) { 458 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)", 459 num, MAX_SCANRESULTS); 460 num = MAX_SCANRESULTS; 461 } 462 463 selected = wpa_supplicant_select_bss(wpa_s, 464 wpa_s->conf->ssid, results, num, &ssid); 465 466 if (selected) { 467 if (wpa_s->reassociate || 468 memcmp(selected->we_bssid.wb_bytes, wpa_s->bssid, 469 IEEE80211_ADDR_LEN) != 0) { 470 wpa_supplicant_associate(wpa_s, selected, ssid); 471 } else { 472 wpa_printf(MSG_DEBUG, "Already associated with the " 473 "selected AP."); 474 } 475 } else { 476 wpa_printf(MSG_DEBUG, "No suitable AP found."); 477 wpa_supplicant_req_scan(wpa_s, 5, 0); /* wait 5 seconds */ 478 } 479 } 480 481 /* 482 * wpa_event_handler - report a driver event for wpa_supplicant 483 * @wpa_s: pointer to wpa_supplicant data; this is the @ctx variable registered 484 * with wpa_driver_events_init() 485 * @event: event type (defined above) 486 * 487 * Driver wrapper code should call this function whenever an event is received 488 * from the driver. 489 */ 490 void 491 wpa_event_handler(void *cookie, wpa_event_type event) 492 { 493 struct wpa_supplicant *wpa_s = cookie; 494 495 switch (event) { 496 case EVENT_ASSOC: 497 wpa_printf(MSG_DEBUG, "\nAssociation event\n"); 498 /* async event */ 499 if (wpa_s->wpa_state < WPA_ASSOCIATED) { 500 wpa_s->wpa_state = WPA_ASSOCIATED; 501 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 502 wpa_supplicant_cancel_auth_timeout(wpa_s); 503 } else { 504 /* Timeout for receiving first EAPOL packet */ 505 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); 506 } 507 } 508 break; 509 case EVENT_DISASSOC: 510 if (wpa_s->wpa_state >= WPA_ASSOCIATED) 511 wpa_supplicant_req_scan(wpa_s, 0, 100000); 512 wpa_supplicant_mark_disassoc(wpa_s); 513 wpa_printf(MSG_DEBUG, "Disconnect event - remove keys"); 514 if (wpa_s->key_mgmt != WPA_KEY_MGMT_NONE) 515 wpa_clear_keys(wpa_s, wpa_s->bssid); 516 break; 517 case EVENT_SCAN_RESULTS: 518 wpa_supplicant_scan_results(wpa_s); 519 /* reset vars */ 520 (void) memset(wpa_s->rx_replay_counter, 0, 521 WPA_REPLAY_COUNTER_LEN); 522 wpa_s->rx_replay_counter_set = 0; 523 wpa_s->renew_snonce = 1; 524 wpa_s->eapol_received = 0; 525 break; 526 default: 527 wpa_printf(MSG_INFO, "Unknown event %d", event); 528 break; 529 } 530 } 531 532 /* ARGSUSED */ 533 static void 534 wpa_supplicant_terminate(int sig, void *eloop_ctx, void *signal_ctx) 535 { 536 wpa_printf(MSG_INFO, "Signal %d received - terminating", sig); 537 eloop_terminate(); 538 } 539 540 static int 541 wpa_supplicant_driver_init(const char *link, struct wpa_supplicant *wpa_s) 542 { 543 wpa_s->l2 = l2_packet_init(link, ETHERTYPE_EAPOL, 544 wpa_supplicant_rx_eapol, wpa_s); 545 if (wpa_s->l2 == NULL) 546 return (-1); 547 548 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 549 (void) fprintf(stderr, "Failed to get own L2 address\n"); 550 return (-1); 551 } 552 553 if (wpa_s->driver->set_wpa(wpa_s->linkid, 1) < 0) { 554 wpa_printf(MSG_ERROR, "Failed to enable WPA in the driver."); 555 return (-1); 556 } 557 558 wpa_clear_keys(wpa_s, NULL); 559 wpa_supplicant_req_scan(wpa_s, 0, 100000); 560 561 return (0); 562 } 563 564 static int door_id = -1; 565 566 /* ARGSUSED */ 567 static void 568 event_handler(void *cookie, char *argp, size_t asize, 569 door_desc_t *dp, uint_t n_desc) 570 { 571 wpa_event_type event; 572 573 /* LINTED E_BAD_PTR_CAST_ALIGN */ 574 event = ((wl_events_t *)argp)->event; 575 wpa_event_handler(cookie, event); 576 577 (void) door_return(NULL, 0, NULL, 0); 578 } 579 580 /* 581 * Create the driver to wpad door 582 */ 583 int 584 wpa_supplicant_door_setup(void *cookie, char *doorname) 585 { 586 struct stat stbuf; 587 int error = 0; 588 589 wpa_printf(MSG_DEBUG, "wpa_supplicant_door_setup(%s)", doorname); 590 /* 591 * Create the door 592 */ 593 door_id = door_create(event_handler, cookie, 594 DOOR_UNREF | DOOR_REFUSE_DESC | DOOR_NO_CANCEL); 595 596 if (door_id < 0) { 597 error = -1; 598 goto out; 599 } 600 601 if (stat(doorname, &stbuf) < 0) { 602 int newfd; 603 if ((newfd = creat(doorname, 0666)) < 0) { 604 (void) door_revoke(door_id); 605 door_id = -1; 606 error = -1; 607 608 goto out; 609 } 610 (void) close(newfd); 611 } 612 613 if (fattach(door_id, doorname) < 0) { 614 if ((errno != EBUSY) || (fdetach(doorname) < 0) || 615 (fattach(door_id, doorname) < 0)) { 616 (void) door_revoke(door_id); 617 door_id = -1; 618 error = -1; 619 620 goto out; 621 } 622 } 623 624 out: 625 return (error); 626 } 627 628 void 629 wpa_supplicant_door_destroy(char *doorname) 630 { 631 wpa_printf(MSG_DEBUG, "wpa_supplicant_door_destroy(%s)\n", doorname); 632 633 if (door_id == -1) 634 return; 635 636 if (door_revoke(door_id) == -1) { 637 wpa_printf(MSG_ERROR, "failed to door_revoke(%d) %s, exiting.", 638 door_id, strerror(errno)); 639 } 640 641 if (fdetach(doorname) == -1) { 642 wpa_printf(MSG_ERROR, "failed to fdetach %s: %s, exiting.", 643 doorname, strerror(errno)); 644 } 645 646 (void) close(door_id); 647 } 648 649 static int 650 wpa_config_parse_ssid(struct wpa_ssid *ssid, int line, const char *value) 651 { 652 free(ssid->ssid); 653 654 ssid->ssid = (uint8_t *)strdup(value); 655 ssid->ssid_len = strlen(value); 656 657 if (ssid->ssid == NULL) { 658 wpa_printf(MSG_ERROR, "Invalid SSID '%s'.", line, value); 659 return (-1); 660 } 661 if (ssid->ssid_len > MAX_ESSID_LENGTH) { 662 free(ssid->ssid); 663 wpa_printf(MSG_ERROR, "Too long SSID '%s'.", line, value); 664 return (-1); 665 } 666 wpa_printf(MSG_MSGDUMP, "SSID: %s", ssid->ssid); 667 return (0); 668 } 669 670 static struct wpa_ssid * 671 wpa_config_read_network(struct wpa_supplicant *wpa_s) 672 { 673 struct wpa_ssid *ssid; 674 char buf[MAX_ESSID_LENGTH + 1]; 675 dladm_secobj_class_t cl; 676 uint8_t psk[MAX_PSK_LENGTH + 1]; 677 uint_t key_len; 678 679 wpa_printf(MSG_MSGDUMP, "Start of a new network configration"); 680 681 ssid = (struct wpa_ssid *)malloc(sizeof (*ssid)); 682 if (ssid == NULL) 683 return (NULL); 684 (void) memset(ssid, 0, sizeof (*ssid)); 685 686 /* 687 * Set default supported values 688 */ 689 ssid->proto = WPA_PROTO_WPA | WPA_PROTO_RSN; 690 ssid->pairwise_cipher = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP; 691 ssid->group_cipher = WPA_CIPHER_CCMP | WPA_CIPHER_TKIP | 692 WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40; 693 ssid->key_mgmt = WPA_KEY_MGMT_PSK; /* | WPA_KEY_MGMT_IEEE8021X; */ 694 695 (void) memset(buf, 0, MAX_ESSID_LENGTH + 1); 696 wpa_s->driver->get_ssid(wpa_s->linkid, (char *)buf); 697 698 (void) wpa_config_parse_ssid(ssid, 0, buf); 699 700 key_len = sizeof (psk); 701 (void) dladm_get_secobj((const char *)wpa_s->kname, &cl, psk, &key_len, 702 DLADM_OPT_ACTIVE); 703 psk[key_len] = '\0'; 704 ssid->passphrase = strdup((const char *)psk); 705 706 if (ssid->passphrase) { 707 pbkdf2_sha1(ssid->passphrase, (char *)ssid->ssid, 708 ssid->ssid_len, 4096, ssid->psk, PMK_LEN); 709 wpa_hexdump(MSG_MSGDUMP, "PSK (from passphrase)", 710 ssid->psk, PMK_LEN); 711 ssid->psk_set = 1; 712 } 713 714 if ((ssid->key_mgmt & WPA_KEY_MGMT_PSK) && !ssid->psk_set) { 715 wpa_printf(MSG_ERROR, "WPA-PSK accepted for key " 716 "management, but no PSK configured."); 717 free(ssid); 718 ssid = NULL; 719 } 720 721 return (ssid); 722 } 723 724 struct wpa_config * 725 wpa_config_read(void *arg) 726 { 727 struct wpa_ssid *ssid; 728 struct wpa_config *config; 729 struct wpa_supplicant *wpa_s = arg; 730 731 config = malloc(sizeof (*config)); 732 if (config == NULL) 733 return (NULL); 734 (void) memset(config, 0, sizeof (*config)); 735 config->eapol_version = 1; /* fixed value */ 736 737 wpa_printf(MSG_DEBUG, "Reading configuration parameters from driver\n"); 738 739 ssid = wpa_config_read_network(wpa_s); 740 if (ssid == NULL) { 741 wpa_config_free(config); 742 config = NULL; 743 } else { 744 config->ssid = ssid; 745 } 746 747 return (config); 748 } 749 750 void 751 wpa_config_free(struct wpa_config *config) 752 { 753 struct wpa_ssid *ssid = config->ssid; 754 755 if (ssid != NULL) { 756 free(ssid->ssid); 757 free(ssid->passphrase); 758 free(ssid); 759 } 760 free(config); 761 } 762 763 static int 764 daemon(boolean_t nochdir, boolean_t noclose) 765 { 766 int retv; 767 768 if ((retv = fork()) == -1) 769 return (-1); 770 if (retv != 0) 771 _exit(EXIT_SUCCESS); 772 if (setsid() == -1) 773 return (-1); 774 775 if (!nochdir && chdir("/") == -1) 776 return (-1); 777 778 if (!noclose) { 779 (void) close(0); 780 (void) close(1); 781 (void) close(2); 782 if ((retv = open("/dev/null", O_RDWR)) != -1) { 783 (void) dup2(retv, 1); 784 (void) dup2(retv, 2); 785 } 786 } 787 788 return (0); 789 } 790 791 /* 792 * make sure wpad is running under SMF context. 793 */ 794 static boolean_t 795 is_smf_context(void) 796 { 797 char *fmri; 798 799 return (((fmri = getenv("SMF_FMRI")) != NULL) && 800 (strstr(fmri, SERVICE_NAME) != NULL)); 801 } 802 803 int 804 main(int argc, char *argv[]) 805 { 806 struct wpa_supplicant wpa_s; 807 char *link = NULL; 808 char *key = NULL; 809 dlpi_handle_t dh = NULL; 810 datalink_id_t linkid; 811 dladm_phys_attr_t dpa; 812 int c; 813 int exitcode; 814 char door_file[MAXPATHLEN]; 815 816 if (!is_smf_context()) { 817 (void) fprintf(stderr, 818 "wpad is an smf(5) managed service and cannot be run from " 819 "the command line; please use dladm(1M).\n"); 820 return (SMF_EXIT_ERR_NOSMF); 821 } 822 823 for (;;) { 824 c = getopt(argc, argv, "i:k:"); 825 if (c < 0) 826 break; 827 switch (c) { 828 case 'i': 829 link = optarg; 830 break; 831 case 'k': 832 key = optarg; 833 break; 834 default: 835 return (SMF_EXIT_ERR_CONFIG); 836 } 837 } 838 839 /* 840 * key name is required to retrieve PSK value through libwdladm APIs. 841 * key is saved by dladm command by keyname 842 * see dladm. 843 */ 844 if ((link == NULL) || (key == NULL)) { 845 wpa_printf(MSG_ERROR, "\nLink & key is required."); 846 return (-1); 847 } 848 849 if ((strlen(key) >= sizeof (wpa_s.kname))) { 850 wpa_printf(MSG_ERROR, "Too long key name '%s'.", key); 851 return (-1); 852 } 853 854 if (daemon(0, 0)) 855 return (-1); 856 857 /* 858 * Hold this link open to prevent a link renaming operation. 859 */ 860 if (dlpi_open(link, &dh, 0) != DLPI_SUCCESS) { 861 wpa_printf(MSG_ERROR, "Failed to open link '%s'.", link); 862 return (-1); 863 } 864 865 if (dladm_name2info(link, &linkid, NULL, NULL, NULL) != 866 DLADM_STATUS_OK) { 867 wpa_printf(MSG_ERROR, "Invalid link name '%s'.", link); 868 dlpi_close(dh); 869 return (-1); 870 } 871 872 /* 873 * Get the device name of the link, which will be used as the door 874 * file name used to communicate with the driver. Note that different 875 * links use different doors. 876 */ 877 if (dladm_phys_info(linkid, &dpa, DLADM_OPT_ACTIVE) != 878 DLADM_STATUS_OK) { 879 wpa_printf(MSG_ERROR, 880 "Failed to get device name of link '%s'.", link); 881 dlpi_close(dh); 882 return (-1); 883 } 884 (void) snprintf(door_file, MAXPATHLEN, "%s_%s", WPA_DOOR, dpa.dp_dev); 885 886 (void) memset(&wpa_s, 0, sizeof (wpa_s)); 887 wpa_s.driver = &wpa_driver_wifi_ops; 888 wpa_s.linkid = linkid; 889 (void) strlcpy(wpa_s.kname, key, sizeof (wpa_s.kname)); 890 eloop_init(&wpa_s); 891 892 /* 893 * Setup default WPA/WPA2 configuration 894 * get ESSID and PSK value 895 */ 896 wpa_s.conf = wpa_config_read(&wpa_s); 897 if (wpa_s.conf == NULL || wpa_s.conf->ssid == NULL) { 898 wpa_printf(MSG_ERROR, "\nNo networks (SSID) configured.\n"); 899 exitcode = -1; 900 goto cleanup; 901 } 902 903 exitcode = 0; 904 905 /* 906 * Setup door file to communicate with driver 907 */ 908 if (wpa_supplicant_door_setup(&wpa_s, door_file) != 0) { 909 wpa_printf(MSG_ERROR, "Failed to setup door(%s)", door_file); 910 exitcode = -1; 911 goto cleanup; 912 } 913 914 wpa_s.renew_snonce = 1; 915 if (wpa_supplicant_driver_init(link, &wpa_s) < 0) { 916 exitcode = -1; 917 goto cleanup; 918 } 919 920 /* 921 * This link is hold again in wpa_supplicant_driver_init(), so that 922 * we release the first reference. 923 */ 924 dlpi_close(dh); 925 dh = NULL; 926 927 wpa_printf(MSG_DEBUG, "=> eloop_run"); 928 929 (void) eloop_register_signal(SIGINT, wpa_supplicant_terminate, NULL); 930 (void) eloop_register_signal(SIGTERM, wpa_supplicant_terminate, NULL); 931 (void) eloop_register_signal(SIGKILL, wpa_supplicant_terminate, NULL); 932 933 eloop_run(); 934 935 wpa_printf(MSG_DEBUG, "<= eloop_run()"); 936 wpa_supplicant_disassociate(&wpa_s, REASON_DEAUTH_LEAVING); 937 938 if (wpa_s.driver->set_wpa(wpa_s.linkid, 0) < 0) { 939 wpa_printf(MSG_ERROR, "Failed to disable WPA in the driver.\n"); 940 } 941 942 cleanup: 943 wpa_supplicant_door_destroy(door_file); 944 wpa_supplicant_cleanup(&wpa_s); 945 eloop_destroy(); 946 947 if (dh != NULL) 948 dlpi_close(dh); 949 950 return (exitcode); 951 } 952