]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/ctrl_iface_udp.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
wpa_supplicant: Add monitor support for global UDP ctrl_iface
[thirdparty/hostap.git] / wpa_supplicant / ctrl_iface_udp.c
1 /*
2 * WPA Supplicant / UDP socket -based control interface
3 * Copyright (c) 2004-2005, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "eloop.h"
13 #include "config.h"
14 #include "eapol_supp/eapol_supp_sm.h"
15 #include "wpa_supplicant_i.h"
16 #include "ctrl_iface.h"
17 #include "common/wpa_ctrl.h"
18
19
20 #define COOKIE_LEN 8
21
22 /* Per-interface ctrl_iface */
23
24 /**
25 * struct wpa_ctrl_dst - Internal data structure of control interface monitors
26 *
27 * This structure is used to store information about registered control
28 * interface monitors into struct wpa_supplicant. This data is private to
29 * ctrl_iface_udp.c and should not be touched directly from other files.
30 */
31 struct wpa_ctrl_dst {
32 struct wpa_ctrl_dst *next;
33 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
34 struct sockaddr_in6 addr;
35 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
36 struct sockaddr_in addr;
37 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
38 socklen_t addrlen;
39 int debug_level;
40 int errors;
41 };
42
43
44 struct ctrl_iface_priv {
45 struct wpa_supplicant *wpa_s;
46 int sock;
47 struct wpa_ctrl_dst *ctrl_dst;
48 u8 cookie[COOKIE_LEN];
49 };
50
51 struct ctrl_iface_global_priv {
52 int sock;
53 struct wpa_ctrl_dst *ctrl_dst;
54 u8 cookie[COOKIE_LEN];
55 };
56
57
58 static void wpa_supplicant_ctrl_iface_send(struct wpa_supplicant *wpa_s,
59 const char *ifname, int sock,
60 struct wpa_ctrl_dst **head,
61 int level, const char *buf,
62 size_t len);
63
64
65 static void wpas_ctrl_iface_free_dst(struct wpa_ctrl_dst *dst)
66 {
67 struct wpa_ctrl_dst *prev;
68
69 while (dst) {
70 prev = dst;
71 dst = dst->next;
72 os_free(prev);
73 }
74 }
75
76
77 static int wpa_supplicant_ctrl_iface_attach(struct wpa_ctrl_dst **head,
78 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
79 struct sockaddr_in6 *from,
80 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
81 struct sockaddr_in *from,
82 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
83 socklen_t fromlen)
84 {
85 struct wpa_ctrl_dst *dst;
86 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
87 char addr[INET6_ADDRSTRLEN];
88 #endif /* CONFIG_UDP_IPV6 */
89
90 dst = os_zalloc(sizeof(*dst));
91 if (dst == NULL)
92 return -1;
93 os_memcpy(&dst->addr, from, sizeof(*from));
94 dst->addrlen = fromlen;
95 dst->debug_level = MSG_INFO;
96 dst->next = *head;
97 *head = dst;
98 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
99 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor attached %s:%d",
100 inet_ntop(AF_INET6, &from->sin6_addr, addr, sizeof(*from)),
101 ntohs(from->sin6_port));
102 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
103 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor attached %s:%d",
104 inet_ntoa(from->sin_addr), ntohs(from->sin_port));
105 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
106 return 0;
107 }
108
109
110 static int wpa_supplicant_ctrl_iface_detach(struct wpa_ctrl_dst **head,
111 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
112 struct sockaddr_in6 *from,
113 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
114 struct sockaddr_in *from,
115 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
116 socklen_t fromlen)
117 {
118 struct wpa_ctrl_dst *dst, *prev = NULL;
119 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
120 char addr[INET6_ADDRSTRLEN];
121 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
122
123 dst = *head;
124 while (dst) {
125 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
126 if (from->sin6_port == dst->addr.sin6_port &&
127 !os_memcmp(&from->sin6_addr, &dst->addr.sin6_addr,
128 sizeof(from->sin6_addr))) {
129 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor detached %s:%d",
130 inet_ntop(AF_INET6, &from->sin6_addr, addr,
131 sizeof(*from)),
132 ntohs(from->sin6_port));
133 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
134 if (from->sin_addr.s_addr == dst->addr.sin_addr.s_addr &&
135 from->sin_port == dst->addr.sin_port) {
136 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor detached "
137 "%s:%d", inet_ntoa(from->sin_addr),
138 ntohs(from->sin_port));
139 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
140 if (prev == NULL)
141 *head = dst->next;
142 else
143 prev->next = dst->next;
144 os_free(dst);
145 return 0;
146 }
147 prev = dst;
148 dst = dst->next;
149 }
150 return -1;
151 }
152
153
154 static int wpa_supplicant_ctrl_iface_level(struct ctrl_iface_priv *priv,
155 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
156 struct sockaddr_in6 *from,
157 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
158 struct sockaddr_in *from,
159 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
160 socklen_t fromlen,
161 char *level)
162 {
163 struct wpa_ctrl_dst *dst;
164 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
165 char addr[INET6_ADDRSTRLEN];
166 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
167
168 wpa_printf(MSG_DEBUG, "CTRL_IFACE LEVEL %s", level);
169
170 dst = priv->ctrl_dst;
171 while (dst) {
172 #if CONFIG_CTRL_IFACE_UDP_IPV6
173 if (from->sin6_port == dst->addr.sin6_port &&
174 !os_memcmp(&from->sin6_addr, &dst->addr.sin6_addr,
175 sizeof(from->sin6_addr))) {
176 wpa_printf(MSG_DEBUG, "CTRL_IFACE changed monitor level %s:%d",
177 inet_ntop(AF_INET6, &from->sin6_addr, addr,
178 sizeof(*from)),
179 ntohs(from->sin6_port));
180 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
181 if (from->sin_addr.s_addr == dst->addr.sin_addr.s_addr &&
182 from->sin_port == dst->addr.sin_port) {
183 wpa_printf(MSG_DEBUG, "CTRL_IFACE changed monitor "
184 "level %s:%d", inet_ntoa(from->sin_addr),
185 ntohs(from->sin_port));
186 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
187 dst->debug_level = atoi(level);
188 return 0;
189 }
190 dst = dst->next;
191 }
192
193 return -1;
194 }
195
196
197 static char *
198 wpa_supplicant_ctrl_iface_get_cookie(struct ctrl_iface_priv *priv,
199 size_t *reply_len)
200 {
201 char *reply;
202 reply = os_malloc(7 + 2 * COOKIE_LEN + 1);
203 if (reply == NULL) {
204 *reply_len = 1;
205 return NULL;
206 }
207
208 os_memcpy(reply, "COOKIE=", 7);
209 wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1,
210 priv->cookie, COOKIE_LEN);
211
212 *reply_len = 7 + 2 * COOKIE_LEN;
213 return reply;
214 }
215
216
217 static void wpa_supplicant_ctrl_iface_receive(int sock, void *eloop_ctx,
218 void *sock_ctx)
219 {
220 struct wpa_supplicant *wpa_s = eloop_ctx;
221 struct ctrl_iface_priv *priv = sock_ctx;
222 char buf[256], *pos;
223 int res;
224 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
225 struct sockaddr_in6 from;
226 #ifndef CONFIG_CTRL_IFACE_UDP_REMOTE
227 char addr[INET6_ADDRSTRLEN];
228 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
229 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
230 struct sockaddr_in from;
231 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
232 socklen_t fromlen = sizeof(from);
233 char *reply = NULL;
234 size_t reply_len = 0;
235 int new_attached = 0;
236 u8 cookie[COOKIE_LEN];
237
238 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
239 (struct sockaddr *) &from, &fromlen);
240 if (res < 0) {
241 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
242 strerror(errno));
243 return;
244 }
245
246 #ifndef CONFIG_CTRL_IFACE_UDP_REMOTE
247 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
248 inet_ntop(AF_INET6, &from.sin6_addr, addr, sizeof(from));
249 if (os_strcmp(addr, "::1")) {
250 wpa_printf(MSG_DEBUG, "CTRL: Drop packet from unexpected source %s",
251 addr);
252 }
253 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
254 if (from.sin_addr.s_addr != htonl((127 << 24) | 1)) {
255 /*
256 * The OS networking stack is expected to drop this kind of
257 * frames since the socket is bound to only localhost address.
258 * Just in case, drop the frame if it is coming from any other
259 * address.
260 */
261 wpa_printf(MSG_DEBUG, "CTRL: Drop packet from unexpected "
262 "source %s", inet_ntoa(from.sin_addr));
263 return;
264 }
265 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
266 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
267
268 buf[res] = '\0';
269
270 if (os_strcmp(buf, "GET_COOKIE") == 0) {
271 reply = wpa_supplicant_ctrl_iface_get_cookie(priv, &reply_len);
272 goto done;
273 }
274
275 /*
276 * Require that the client includes a prefix with the 'cookie' value
277 * fetched with GET_COOKIE command. This is used to verify that the
278 * client has access to a bidirectional link over UDP in order to
279 * avoid attacks using forged localhost IP address even if the OS does
280 * not block such frames from remote destinations.
281 */
282 if (os_strncmp(buf, "COOKIE=", 7) != 0) {
283 wpa_printf(MSG_DEBUG, "CTLR: No cookie in the request - "
284 "drop request");
285 return;
286 }
287
288 if (hexstr2bin(buf + 7, cookie, COOKIE_LEN) < 0) {
289 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie format in the "
290 "request - drop request");
291 return;
292 }
293
294 if (os_memcmp(cookie, priv->cookie, COOKIE_LEN) != 0) {
295 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie in the request - "
296 "drop request");
297 return;
298 }
299
300 pos = buf + 7 + 2 * COOKIE_LEN;
301 while (*pos == ' ')
302 pos++;
303
304 if (os_strcmp(pos, "ATTACH") == 0) {
305 if (wpa_supplicant_ctrl_iface_attach(&priv->ctrl_dst,
306 &from, fromlen))
307 reply_len = 1;
308 else {
309 new_attached = 1;
310 reply_len = 2;
311 }
312 } else if (os_strcmp(pos, "DETACH") == 0) {
313 if (wpa_supplicant_ctrl_iface_detach(&priv->ctrl_dst,
314 &from, fromlen))
315 reply_len = 1;
316 else
317 reply_len = 2;
318 } else if (os_strncmp(pos, "LEVEL ", 6) == 0) {
319 if (wpa_supplicant_ctrl_iface_level(priv, &from, fromlen,
320 pos + 6))
321 reply_len = 1;
322 else
323 reply_len = 2;
324 } else {
325 reply = wpa_supplicant_ctrl_iface_process(wpa_s, pos,
326 &reply_len);
327 }
328
329 done:
330 if (reply) {
331 sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
332 fromlen);
333 os_free(reply);
334 } else if (reply_len == 1) {
335 sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
336 fromlen);
337 } else if (reply_len == 2) {
338 sendto(sock, "OK\n", 3, 0, (struct sockaddr *) &from,
339 fromlen);
340 }
341
342 if (new_attached)
343 eapol_sm_notify_ctrl_attached(wpa_s->eapol);
344 }
345
346
347 static void wpa_supplicant_ctrl_iface_msg_cb(void *ctx, int level,
348 enum wpa_msg_type type,
349 const char *txt, size_t len)
350 {
351 struct wpa_supplicant *wpa_s = ctx;
352
353 if (!wpa_s)
354 return;
355
356 if (type != WPA_MSG_NO_GLOBAL && wpa_s->global->ctrl_iface) {
357 struct ctrl_iface_global_priv *priv = wpa_s->global->ctrl_iface;
358
359 if (priv->ctrl_dst) {
360 wpa_supplicant_ctrl_iface_send(
361 wpa_s,
362 type != WPA_MSG_PER_INTERFACE ?
363 NULL : wpa_s->ifname,
364 priv->sock, &priv->ctrl_dst, level, txt, len);
365 }
366 }
367
368 if (type == WPA_MSG_ONLY_GLOBAL || !wpa_s->ctrl_iface)
369 return;
370
371 wpa_supplicant_ctrl_iface_send(wpa_s, NULL, wpa_s->ctrl_iface->sock,
372 &wpa_s->ctrl_iface->ctrl_dst,
373 level, txt, len);
374 }
375
376
377 struct ctrl_iface_priv *
378 wpa_supplicant_ctrl_iface_init(struct wpa_supplicant *wpa_s)
379 {
380 struct ctrl_iface_priv *priv;
381 int port = WPA_CTRL_IFACE_PORT;
382 char *pos;
383 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
384 struct sockaddr_in6 addr;
385 int domain = PF_INET6;
386 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
387 struct sockaddr_in addr;
388 int domain = PF_INET;
389 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
390
391 priv = os_zalloc(sizeof(*priv));
392 if (priv == NULL)
393 return NULL;
394 priv->wpa_s = wpa_s;
395 priv->sock = -1;
396 os_get_random(priv->cookie, COOKIE_LEN);
397
398 if (wpa_s->conf->ctrl_interface == NULL)
399 return priv;
400
401 pos = os_strstr(wpa_s->conf->ctrl_interface, "udp:");
402 if (pos) {
403 pos += 4;
404 port = atoi(pos);
405 if (port <= 0) {
406 wpa_printf(MSG_ERROR, "Invalid ctrl_iface UDP port: %s",
407 wpa_s->conf->ctrl_interface);
408 goto fail;
409 }
410 }
411
412 priv->sock = socket(domain, SOCK_DGRAM, 0);
413 if (priv->sock < 0) {
414 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
415 goto fail;
416 }
417
418 os_memset(&addr, 0, sizeof(addr));
419 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
420 addr.sin6_family = AF_INET6;
421 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
422 addr.sin6_addr = in6addr_any;
423 #else /* CONFIG_CTRL_IFACE_UDP_REMOTE */
424 inet_pton(AF_INET6, "::1", &addr.sin6_addr);
425 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
426 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
427 addr.sin_family = AF_INET;
428 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
429 addr.sin_addr.s_addr = INADDR_ANY;
430 #else /* CONFIG_CTRL_IFACE_UDP_REMOTE */
431 addr.sin_addr.s_addr = htonl((127 << 24) | 1);
432 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
433 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
434 try_again:
435 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
436 addr.sin6_port = htons(port);
437 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
438 addr.sin_port = htons(port);
439 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
440 if (bind(priv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
441 port--;
442 if ((WPA_CTRL_IFACE_PORT - port) < WPA_CTRL_IFACE_PORT_LIMIT &&
443 !pos)
444 goto try_again;
445 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
446 goto fail;
447 }
448
449 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
450 wpa_msg(wpa_s, MSG_DEBUG, "ctrl_iface_init UDP port: %d", port);
451 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
452
453 eloop_register_read_sock(priv->sock, wpa_supplicant_ctrl_iface_receive,
454 wpa_s, priv);
455 wpa_msg_register_cb(wpa_supplicant_ctrl_iface_msg_cb);
456
457 return priv;
458
459 fail:
460 if (priv->sock >= 0)
461 close(priv->sock);
462 os_free(priv);
463 return NULL;
464 }
465
466
467 void wpa_supplicant_ctrl_iface_deinit(struct ctrl_iface_priv *priv)
468 {
469 if (priv->sock > -1) {
470 eloop_unregister_read_sock(priv->sock);
471 if (priv->ctrl_dst) {
472 /*
473 * Wait before closing the control socket if
474 * there are any attached monitors in order to allow
475 * them to receive any pending messages.
476 */
477 wpa_printf(MSG_DEBUG, "CTRL_IFACE wait for attached "
478 "monitors to receive messages");
479 os_sleep(0, 100000);
480 }
481 close(priv->sock);
482 priv->sock = -1;
483 }
484
485 wpas_ctrl_iface_free_dst(priv->ctrl_dst);
486 os_free(priv);
487 }
488
489
490 static void wpa_supplicant_ctrl_iface_send(struct wpa_supplicant *wpa_s,
491 const char *ifname, int sock,
492 struct wpa_ctrl_dst **head,
493 int level, const char *buf,
494 size_t len)
495 {
496 struct wpa_ctrl_dst *dst, *next;
497 char levelstr[64];
498 int idx;
499 char *sbuf;
500 int llen;
501 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
502 char addr[INET6_ADDRSTRLEN];
503 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
504
505 dst = *head;
506 if (sock < 0 || dst == NULL)
507 return;
508
509 if (ifname)
510 os_snprintf(levelstr, sizeof(levelstr), "IFACE=%s <%d>",
511 ifname, level);
512 else
513 os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
514
515 llen = os_strlen(levelstr);
516 sbuf = os_malloc(llen + len);
517 if (sbuf == NULL)
518 return;
519
520 os_memcpy(sbuf, levelstr, llen);
521 os_memcpy(sbuf + llen, buf, len);
522
523 idx = 0;
524 while (dst) {
525 next = dst->next;
526 if (level >= dst->debug_level) {
527 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
528 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor send %s:%d",
529 inet_ntop(AF_INET6, &dst->addr.sin6_addr,
530 addr, sizeof(dst->addr)),
531 ntohs(dst->addr.sin6_port));
532 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
533 wpa_printf(MSG_DEBUG, "CTRL_IFACE monitor send %s:%d",
534 inet_ntoa(dst->addr.sin_addr),
535 ntohs(dst->addr.sin_port));
536 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
537 if (sendto(sock, sbuf, llen + len, 0,
538 (struct sockaddr *) &dst->addr,
539 sizeof(dst->addr)) < 0) {
540 wpa_printf(MSG_ERROR,
541 "sendto(CTRL_IFACE monitor): %s",
542 strerror(errno));
543 dst->errors++;
544 if (dst->errors > 10) {
545 wpa_supplicant_ctrl_iface_detach(
546 head, &dst->addr,
547 dst->addrlen);
548 }
549 } else
550 dst->errors = 0;
551 }
552 idx++;
553 dst = next;
554 }
555 os_free(sbuf);
556 }
557
558
559 void wpa_supplicant_ctrl_iface_wait(struct ctrl_iface_priv *priv)
560 {
561 wpa_printf(MSG_DEBUG, "CTRL_IFACE - %s - wait for monitor",
562 priv->wpa_s->ifname);
563 eloop_wait_for_read_sock(priv->sock);
564 }
565
566
567 /* Global ctrl_iface */
568
569 static char *
570 wpa_supplicant_global_get_cookie(struct ctrl_iface_global_priv *priv,
571 size_t *reply_len)
572 {
573 char *reply;
574 reply = os_malloc(7 + 2 * COOKIE_LEN + 1);
575 if (reply == NULL) {
576 *reply_len = 1;
577 return NULL;
578 }
579
580 os_memcpy(reply, "COOKIE=", 7);
581 wpa_snprintf_hex(reply + 7, 2 * COOKIE_LEN + 1,
582 priv->cookie, COOKIE_LEN);
583
584 *reply_len = 7 + 2 * COOKIE_LEN;
585 return reply;
586 }
587
588
589 static void wpa_supplicant_global_ctrl_iface_receive(int sock, void *eloop_ctx,
590 void *sock_ctx)
591 {
592 struct wpa_global *global = eloop_ctx;
593 struct ctrl_iface_global_priv *priv = sock_ctx;
594 char buf[256], *pos;
595 int res;
596 struct sockaddr_in from;
597 socklen_t fromlen = sizeof(from);
598 char *reply = NULL;
599 size_t reply_len;
600 u8 cookie[COOKIE_LEN];
601
602 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
603 (struct sockaddr *) &from, &fromlen);
604 if (res < 0) {
605 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
606 strerror(errno));
607 return;
608 }
609
610 #ifndef CONFIG_CTRL_IFACE_UDP_REMOTE
611 if (from.sin_addr.s_addr != htonl((127 << 24) | 1)) {
612 /*
613 * The OS networking stack is expected to drop this kind of
614 * frames since the socket is bound to only localhost address.
615 * Just in case, drop the frame if it is coming from any other
616 * address.
617 */
618 wpa_printf(MSG_DEBUG, "CTRL: Drop packet from unexpected "
619 "source %s", inet_ntoa(from.sin_addr));
620 return;
621 }
622 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
623
624 buf[res] = '\0';
625
626 if (os_strcmp(buf, "GET_COOKIE") == 0) {
627 reply = wpa_supplicant_global_get_cookie(priv, &reply_len);
628 goto done;
629 }
630
631 if (os_strncmp(buf, "COOKIE=", 7) != 0) {
632 wpa_printf(MSG_DEBUG, "CTLR: No cookie in the request - "
633 "drop request");
634 return;
635 }
636
637 if (hexstr2bin(buf + 7, cookie, COOKIE_LEN) < 0) {
638 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie format in the "
639 "request - drop request");
640 return;
641 }
642
643 if (os_memcmp(cookie, priv->cookie, COOKIE_LEN) != 0) {
644 wpa_printf(MSG_DEBUG, "CTLR: Invalid cookie in the request - "
645 "drop request");
646 return;
647 }
648
649 pos = buf + 7 + 2 * COOKIE_LEN;
650 while (*pos == ' ')
651 pos++;
652
653 if (os_strcmp(pos, "ATTACH") == 0) {
654 if (wpa_supplicant_ctrl_iface_attach(&priv->ctrl_dst,
655 &from, fromlen))
656 reply_len = 1;
657 else
658 reply_len = 2;
659 } else if (os_strcmp(pos, "DETACH") == 0) {
660 if (wpa_supplicant_ctrl_iface_detach(&priv->ctrl_dst,
661 &from, fromlen))
662 reply_len = 1;
663 else
664 reply_len = 2;
665 } else {
666 reply = wpa_supplicant_global_ctrl_iface_process(global, pos,
667 &reply_len);
668 }
669
670 done:
671 if (reply) {
672 sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
673 fromlen);
674 os_free(reply);
675 } else if (reply_len == 1) {
676 sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
677 fromlen);
678 } else if (reply_len == 2) {
679 sendto(sock, "OK\n", 3, 0, (struct sockaddr *) &from,
680 fromlen);
681 }
682 }
683
684
685 struct ctrl_iface_global_priv *
686 wpa_supplicant_global_ctrl_iface_init(struct wpa_global *global)
687 {
688 struct ctrl_iface_global_priv *priv;
689 struct sockaddr_in addr;
690 char *pos;
691 int port = WPA_GLOBAL_CTRL_IFACE_PORT;
692
693 priv = os_zalloc(sizeof(*priv));
694 if (priv == NULL)
695 return NULL;
696 priv->sock = -1;
697 os_get_random(priv->cookie, COOKIE_LEN);
698
699 if (global->params.ctrl_interface == NULL)
700 return priv;
701
702 wpa_printf(MSG_DEBUG, "Global control interface '%s'",
703 global->params.ctrl_interface);
704
705 pos = os_strstr(global->params.ctrl_interface, "udp:");
706 if (pos) {
707 pos += 4;
708 port = atoi(pos);
709 if (port <= 0) {
710 wpa_printf(MSG_ERROR, "Invalid global ctrl UDP port %s",
711 global->params.ctrl_interface);
712 goto fail;
713 }
714 }
715
716 priv->sock = socket(PF_INET, SOCK_DGRAM, 0);
717 if (priv->sock < 0) {
718 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
719 goto fail;
720 }
721
722 os_memset(&addr, 0, sizeof(addr));
723 addr.sin_family = AF_INET;
724 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
725 addr.sin_addr.s_addr = INADDR_ANY;
726 #else /* CONFIG_CTRL_IFACE_UDP_REMOTE */
727 addr.sin_addr.s_addr = htonl((127 << 24) | 1);
728 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
729 try_again:
730 addr.sin_port = htons(port);
731 if (bind(priv->sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
732 port++;
733 if ((port - WPA_GLOBAL_CTRL_IFACE_PORT) <
734 WPA_GLOBAL_CTRL_IFACE_PORT_LIMIT && !pos)
735 goto try_again;
736 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
737 goto fail;
738 }
739
740 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
741 wpa_printf(MSG_DEBUG, "global_ctrl_iface_init UDP port: %d", port);
742 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
743
744 eloop_register_read_sock(priv->sock,
745 wpa_supplicant_global_ctrl_iface_receive,
746 global, priv);
747 wpa_msg_register_cb(wpa_supplicant_ctrl_iface_msg_cb);
748
749 return priv;
750
751 fail:
752 if (priv->sock >= 0)
753 close(priv->sock);
754 os_free(priv);
755 return NULL;
756 }
757
758
759 void
760 wpa_supplicant_global_ctrl_iface_deinit(struct ctrl_iface_global_priv *priv)
761 {
762 if (priv->sock >= 0) {
763 eloop_unregister_read_sock(priv->sock);
764 close(priv->sock);
765 }
766
767 wpas_ctrl_iface_free_dst(priv->ctrl_dst);
768 os_free(priv);
769 }
Unnamed repository; edit this file 'description' to name the repository.