]> git.ipfire.org Git - thirdparty/hostap.git/blob - hostapd/ctrl_iface.c
projects / thirdparty / hostap.git / blob
? search:


1a369ed2aedabe0c1c99fdb4884550373fdd54dc
[thirdparty/hostap.git] / hostapd / ctrl_iface.c
1 /*
2 * hostapd / UNIX domain socket -based control interface
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #ifndef CONFIG_NATIVE_WINDOWS
12
13 #ifdef CONFIG_TESTING_OPTIONS
14 #ifdef __NetBSD__
15 #include <net/if_ether.h>
16 #else
17 #include <net/ethernet.h>
18 #endif
19 #include <netinet/ip.h>
20 #endif /* CONFIG_TESTING_OPTIONS */
21
22 #include <sys/un.h>
23 #include <sys/stat.h>
24 #include <stddef.h>
25
26 #ifdef CONFIG_CTRL_IFACE_UDP
27 #include <netdb.h>
28 #endif /* CONFIG_CTRL_IFACE_UDP */
29
30 #include "utils/common.h"
31 #include "utils/eloop.h"
32 #include "utils/module_tests.h"
33 #include "common/version.h"
34 #include "common/ieee802_11_defs.h"
35 #include "common/ctrl_iface_common.h"
36 #ifdef CONFIG_DPP
37 #include "common/dpp.h"
38 #endif /* CONFIG_DPP */
39 #include "common/wpa_ctrl.h"
40 #include "crypto/tls.h"
41 #include "drivers/driver.h"
42 #include "eapol_auth/eapol_auth_sm.h"
43 #include "radius/radius_client.h"
44 #include "radius/radius_server.h"
45 #include "l2_packet/l2_packet.h"
46 #include "ap/hostapd.h"
47 #include "ap/ap_config.h"
48 #include "ap/ieee802_1x.h"
49 #include "ap/wpa_auth.h"
50 #include "ap/ieee802_11.h"
51 #include "ap/sta_info.h"
52 #include "ap/wps_hostapd.h"
53 #include "ap/ctrl_iface_ap.h"
54 #include "ap/ap_drv_ops.h"
55 #include "ap/hs20.h"
56 #include "ap/wnm_ap.h"
57 #include "ap/wpa_auth.h"
58 #include "ap/beacon.h"
59 #include "ap/neighbor_db.h"
60 #include "ap/rrm.h"
61 #include "ap/dpp_hostapd.h"
62 #include "wps/wps_defs.h"
63 #include "wps/wps.h"
64 #include "fst/fst_ctrl_iface.h"
65 #include "config_file.h"
66 #include "ctrl_iface.h"
67
68
69 #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
70
71 #ifdef CONFIG_CTRL_IFACE_UDP
72 #define HOSTAPD_CTRL_IFACE_PORT 8877
73 #define HOSTAPD_CTRL_IFACE_PORT_LIMIT 50
74 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT 8878
75 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT 50
76 #endif /* CONFIG_CTRL_IFACE_UDP */
77
78 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
79 enum wpa_msg_type type,
80 const char *buf, size_t len);
81
82
83 static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
84 struct sockaddr_storage *from,
85 socklen_t fromlen, const char *input)
86 {
87 return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen, input);
88 }
89
90
91 static int hostapd_ctrl_iface_detach(struct hostapd_data *hapd,
92 struct sockaddr_storage *from,
93 socklen_t fromlen)
94 {
95 return ctrl_iface_detach(&hapd->ctrl_dst, from, fromlen);
96 }
97
98
99 static int hostapd_ctrl_iface_level(struct hostapd_data *hapd,
100 struct sockaddr_storage *from,
101 socklen_t fromlen,
102 char *level)
103 {
104 return ctrl_iface_level(&hapd->ctrl_dst, from, fromlen, level);
105 }
106
107
108 static int hostapd_ctrl_iface_new_sta(struct hostapd_data *hapd,
109 const char *txtaddr)
110 {
111 u8 addr[ETH_ALEN];
112 struct sta_info *sta;
113
114 wpa_printf(MSG_DEBUG, "CTRL_IFACE NEW_STA %s", txtaddr);
115
116 if (hwaddr_aton(txtaddr, addr))
117 return -1;
118
119 sta = ap_get_sta(hapd, addr);
120 if (sta)
121 return 0;
122
123 wpa_printf(MSG_DEBUG, "Add new STA " MACSTR " based on ctrl_iface "
124 "notification", MAC2STR(addr));
125 sta = ap_sta_add(hapd, addr);
126 if (sta == NULL)
127 return -1;
128
129 hostapd_new_assoc_sta(hapd, sta, 0);
130 return 0;
131 }
132
133
134 #ifdef NEED_AP_MLME
135 static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd,
136 const char *txtaddr)
137 {
138 u8 addr[ETH_ALEN];
139 u8 trans_id[WLAN_SA_QUERY_TR_ID_LEN];
140
141 wpa_printf(MSG_DEBUG, "CTRL_IFACE SA_QUERY %s", txtaddr);
142
143 if (hwaddr_aton(txtaddr, addr) ||
144 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0)
145 return -1;
146
147 ieee802_11_send_sa_query_req(hapd, addr, trans_id);
148
149 return 0;
150 }
151 #endif /* NEED_AP_MLME */
152
153
154 #ifdef CONFIG_WPS
155 static int hostapd_ctrl_iface_wps_pin(struct hostapd_data *hapd, char *txt)
156 {
157 char *pin = os_strchr(txt, ' ');
158 char *timeout_txt;
159 int timeout;
160 u8 addr_buf[ETH_ALEN], *addr = NULL;
161 char *pos;
162
163 if (pin == NULL)
164 return -1;
165 *pin++ = '\0';
166
167 timeout_txt = os_strchr(pin, ' ');
168 if (timeout_txt) {
169 *timeout_txt++ = '\0';
170 timeout = atoi(timeout_txt);
171 pos = os_strchr(timeout_txt, ' ');
172 if (pos) {
173 *pos++ = '\0';
174 if (hwaddr_aton(pos, addr_buf) == 0)
175 addr = addr_buf;
176 }
177 } else
178 timeout = 0;
179
180 return hostapd_wps_add_pin(hapd, addr, txt, pin, timeout);
181 }
182
183
184 static int hostapd_ctrl_iface_wps_check_pin(
185 struct hostapd_data *hapd, char *cmd, char *buf, size_t buflen)
186 {
187 char pin[9];
188 size_t len;
189 char *pos;
190 int ret;
191
192 wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN",
193 (u8 *) cmd, os_strlen(cmd));
194 for (pos = cmd, len = 0; *pos != '\0'; pos++) {
195 if (*pos < '0' || *pos > '9')
196 continue;
197 pin[len++] = *pos;
198 if (len == 9) {
199 wpa_printf(MSG_DEBUG, "WPS: Too long PIN");
200 return -1;
201 }
202 }
203 if (len != 4 && len != 8) {
204 wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len);
205 return -1;
206 }
207 pin[len] = '\0';
208
209 if (len == 8) {
210 unsigned int pin_val;
211 pin_val = atoi(pin);
212 if (!wps_pin_valid(pin_val)) {
213 wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit");
214 ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n");
215 if (os_snprintf_error(buflen, ret))
216 return -1;
217 return ret;
218 }
219 }
220
221 ret = os_snprintf(buf, buflen, "%s", pin);
222 if (os_snprintf_error(buflen, ret))
223 return -1;
224
225 return ret;
226 }
227
228
229 #ifdef CONFIG_WPS_NFC
230 static int hostapd_ctrl_iface_wps_nfc_tag_read(struct hostapd_data *hapd,
231 char *pos)
232 {
233 size_t len;
234 struct wpabuf *buf;
235 int ret;
236
237 len = os_strlen(pos);
238 if (len & 0x01)
239 return -1;
240 len /= 2;
241
242 buf = wpabuf_alloc(len);
243 if (buf == NULL)
244 return -1;
245 if (hexstr2bin(pos, wpabuf_put(buf, len), len) < 0) {
246 wpabuf_free(buf);
247 return -1;
248 }
249
250 ret = hostapd_wps_nfc_tag_read(hapd, buf);
251 wpabuf_free(buf);
252
253 return ret;
254 }
255
256
257 static int hostapd_ctrl_iface_wps_nfc_config_token(struct hostapd_data *hapd,
258 char *cmd, char *reply,
259 size_t max_len)
260 {
261 int ndef;
262 struct wpabuf *buf;
263 int res;
264
265 if (os_strcmp(cmd, "WPS") == 0)
266 ndef = 0;
267 else if (os_strcmp(cmd, "NDEF") == 0)
268 ndef = 1;
269 else
270 return -1;
271
272 buf = hostapd_wps_nfc_config_token(hapd, ndef);
273 if (buf == NULL)
274 return -1;
275
276 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
277 wpabuf_len(buf));
278 reply[res++] = '\n';
279 reply[res] = '\0';
280
281 wpabuf_free(buf);
282
283 return res;
284 }
285
286
287 static int hostapd_ctrl_iface_wps_nfc_token_gen(struct hostapd_data *hapd,
288 char *reply, size_t max_len,
289 int ndef)
290 {
291 struct wpabuf *buf;
292 int res;
293
294 buf = hostapd_wps_nfc_token_gen(hapd, ndef);
295 if (buf == NULL)
296 return -1;
297
298 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
299 wpabuf_len(buf));
300 reply[res++] = '\n';
301 reply[res] = '\0';
302
303 wpabuf_free(buf);
304
305 return res;
306 }
307
308
309 static int hostapd_ctrl_iface_wps_nfc_token(struct hostapd_data *hapd,
310 char *cmd, char *reply,
311 size_t max_len)
312 {
313 if (os_strcmp(cmd, "WPS") == 0)
314 return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
315 max_len, 0);
316
317 if (os_strcmp(cmd, "NDEF") == 0)
318 return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
319 max_len, 1);
320
321 if (os_strcmp(cmd, "enable") == 0)
322 return hostapd_wps_nfc_token_enable(hapd);
323
324 if (os_strcmp(cmd, "disable") == 0) {
325 hostapd_wps_nfc_token_disable(hapd);
326 return 0;
327 }
328
329 return -1;
330 }
331
332
333 static int hostapd_ctrl_iface_nfc_get_handover_sel(struct hostapd_data *hapd,
334 char *cmd, char *reply,
335 size_t max_len)
336 {
337 struct wpabuf *buf;
338 int res;
339 char *pos;
340 int ndef;
341
342 pos = os_strchr(cmd, ' ');
343 if (pos == NULL)
344 return -1;
345 *pos++ = '\0';
346
347 if (os_strcmp(cmd, "WPS") == 0)
348 ndef = 0;
349 else if (os_strcmp(cmd, "NDEF") == 0)
350 ndef = 1;
351 else
352 return -1;
353
354 if (os_strcmp(pos, "WPS-CR") == 0)
355 buf = hostapd_wps_nfc_hs_cr(hapd, ndef);
356 else
357 buf = NULL;
358 if (buf == NULL)
359 return -1;
360
361 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
362 wpabuf_len(buf));
363 reply[res++] = '\n';
364 reply[res] = '\0';
365
366 wpabuf_free(buf);
367
368 return res;
369 }
370
371
372 static int hostapd_ctrl_iface_nfc_report_handover(struct hostapd_data *hapd,
373 char *cmd)
374 {
375 size_t len;
376 struct wpabuf *req, *sel;
377 int ret;
378 char *pos, *role, *type, *pos2;
379
380 role = cmd;
381 pos = os_strchr(role, ' ');
382 if (pos == NULL)
383 return -1;
384 *pos++ = '\0';
385
386 type = pos;
387 pos = os_strchr(type, ' ');
388 if (pos == NULL)
389 return -1;
390 *pos++ = '\0';
391
392 pos2 = os_strchr(pos, ' ');
393 if (pos2 == NULL)
394 return -1;
395 *pos2++ = '\0';
396
397 len = os_strlen(pos);
398 if (len & 0x01)
399 return -1;
400 len /= 2;
401
402 req = wpabuf_alloc(len);
403 if (req == NULL)
404 return -1;
405 if (hexstr2bin(pos, wpabuf_put(req, len), len) < 0) {
406 wpabuf_free(req);
407 return -1;
408 }
409
410 len = os_strlen(pos2);
411 if (len & 0x01) {
412 wpabuf_free(req);
413 return -1;
414 }
415 len /= 2;
416
417 sel = wpabuf_alloc(len);
418 if (sel == NULL) {
419 wpabuf_free(req);
420 return -1;
421 }
422 if (hexstr2bin(pos2, wpabuf_put(sel, len), len) < 0) {
423 wpabuf_free(req);
424 wpabuf_free(sel);
425 return -1;
426 }
427
428 if (os_strcmp(role, "RESP") == 0 && os_strcmp(type, "WPS") == 0) {
429 ret = hostapd_wps_nfc_report_handover(hapd, req, sel);
430 } else {
431 wpa_printf(MSG_DEBUG, "NFC: Unsupported connection handover "
432 "reported: role=%s type=%s", role, type);
433 ret = -1;
434 }
435 wpabuf_free(req);
436 wpabuf_free(sel);
437
438 return ret;
439 }
440
441 #endif /* CONFIG_WPS_NFC */
442
443
444 static int hostapd_ctrl_iface_wps_ap_pin(struct hostapd_data *hapd, char *txt,
445 char *buf, size_t buflen)
446 {
447 int timeout = 300;
448 char *pos;
449 const char *pin_txt;
450
451 pos = os_strchr(txt, ' ');
452 if (pos)
453 *pos++ = '\0';
454
455 if (os_strcmp(txt, "disable") == 0) {
456 hostapd_wps_ap_pin_disable(hapd);
457 return os_snprintf(buf, buflen, "OK\n");
458 }
459
460 if (os_strcmp(txt, "random") == 0) {
461 if (pos)
462 timeout = atoi(pos);
463 pin_txt = hostapd_wps_ap_pin_random(hapd, timeout);
464 if (pin_txt == NULL)
465 return -1;
466 return os_snprintf(buf, buflen, "%s", pin_txt);
467 }
468
469 if (os_strcmp(txt, "get") == 0) {
470 pin_txt = hostapd_wps_ap_pin_get(hapd);
471 if (pin_txt == NULL)
472 return -1;
473 return os_snprintf(buf, buflen, "%s", pin_txt);
474 }
475
476 if (os_strcmp(txt, "set") == 0) {
477 char *pin;
478 if (pos == NULL)
479 return -1;
480 pin = pos;
481 pos = os_strchr(pos, ' ');
482 if (pos) {
483 *pos++ = '\0';
484 timeout = atoi(pos);
485 }
486 if (os_strlen(pin) > buflen)
487 return -1;
488 if (hostapd_wps_ap_pin_set(hapd, pin, timeout) < 0)
489 return -1;
490 return os_snprintf(buf, buflen, "%s", pin);
491 }
492
493 return -1;
494 }
495
496
497 static int hostapd_ctrl_iface_wps_config(struct hostapd_data *hapd, char *txt)
498 {
499 char *pos;
500 char *ssid, *auth, *encr = NULL, *key = NULL;
501
502 ssid = txt;
503 pos = os_strchr(txt, ' ');
504 if (!pos)
505 return -1;
506 *pos++ = '\0';
507
508 auth = pos;
509 pos = os_strchr(pos, ' ');
510 if (pos) {
511 *pos++ = '\0';
512 encr = pos;
513 pos = os_strchr(pos, ' ');
514 if (pos) {
515 *pos++ = '\0';
516 key = pos;
517 }
518 }
519
520 return hostapd_wps_config_ap(hapd, ssid, auth, encr, key);
521 }
522
523
524 static const char * pbc_status_str(enum pbc_status status)
525 {
526 switch (status) {
527 case WPS_PBC_STATUS_DISABLE:
528 return "Disabled";
529 case WPS_PBC_STATUS_ACTIVE:
530 return "Active";
531 case WPS_PBC_STATUS_TIMEOUT:
532 return "Timed-out";
533 case WPS_PBC_STATUS_OVERLAP:
534 return "Overlap";
535 default:
536 return "Unknown";
537 }
538 }
539
540
541 static int hostapd_ctrl_iface_wps_get_status(struct hostapd_data *hapd,
542 char *buf, size_t buflen)
543 {
544 int ret;
545 char *pos, *end;
546
547 pos = buf;
548 end = buf + buflen;
549
550 ret = os_snprintf(pos, end - pos, "PBC Status: %s\n",
551 pbc_status_str(hapd->wps_stats.pbc_status));
552
553 if (os_snprintf_error(end - pos, ret))
554 return pos - buf;
555 pos += ret;
556
557 ret = os_snprintf(pos, end - pos, "Last WPS result: %s\n",
558 (hapd->wps_stats.status == WPS_STATUS_SUCCESS ?
559 "Success":
560 (hapd->wps_stats.status == WPS_STATUS_FAILURE ?
561 "Failed" : "None")));
562
563 if (os_snprintf_error(end - pos, ret))
564 return pos - buf;
565 pos += ret;
566
567 /* If status == Failure - Add possible Reasons */
568 if(hapd->wps_stats.status == WPS_STATUS_FAILURE &&
569 hapd->wps_stats.failure_reason > 0) {
570 ret = os_snprintf(pos, end - pos,
571 "Failure Reason: %s\n",
572 wps_ei_str(hapd->wps_stats.failure_reason));
573
574 if (os_snprintf_error(end - pos, ret))
575 return pos - buf;
576 pos += ret;
577 }
578
579 if (hapd->wps_stats.status) {
580 ret = os_snprintf(pos, end - pos, "Peer Address: " MACSTR "\n",
581 MAC2STR(hapd->wps_stats.peer_addr));
582
583 if (os_snprintf_error(end - pos, ret))
584 return pos - buf;
585 pos += ret;
586 }
587
588 return pos - buf;
589 }
590
591 #endif /* CONFIG_WPS */
592
593 #ifdef CONFIG_HS20
594
595 static int hostapd_ctrl_iface_hs20_wnm_notif(struct hostapd_data *hapd,
596 const char *cmd)
597 {
598 u8 addr[ETH_ALEN];
599 const char *url;
600
601 if (hwaddr_aton(cmd, addr))
602 return -1;
603 url = cmd + 17;
604 if (*url == '\0') {
605 url = NULL;
606 } else {
607 if (*url != ' ')
608 return -1;
609 url++;
610 if (*url == '\0')
611 url = NULL;
612 }
613
614 return hs20_send_wnm_notification(hapd, addr, 1, url);
615 }
616
617
618 static int hostapd_ctrl_iface_hs20_deauth_req(struct hostapd_data *hapd,
619 const char *cmd)
620 {
621 u8 addr[ETH_ALEN];
622 int code, reauth_delay, ret;
623 const char *pos;
624 size_t url_len;
625 struct wpabuf *req;
626
627 /* <STA MAC Addr> <Code(0/1)> <Re-auth-Delay(sec)> [URL] */
628 if (hwaddr_aton(cmd, addr))
629 return -1;
630
631 pos = os_strchr(cmd, ' ');
632 if (pos == NULL)
633 return -1;
634 pos++;
635 code = atoi(pos);
636
637 pos = os_strchr(pos, ' ');
638 if (pos == NULL)
639 return -1;
640 pos++;
641 reauth_delay = atoi(pos);
642
643 url_len = 0;
644 pos = os_strchr(pos, ' ');
645 if (pos) {
646 pos++;
647 url_len = os_strlen(pos);
648 }
649
650 req = wpabuf_alloc(4 + url_len);
651 if (req == NULL)
652 return -1;
653 wpabuf_put_u8(req, code);
654 wpabuf_put_le16(req, reauth_delay);
655 wpabuf_put_u8(req, url_len);
656 if (pos)
657 wpabuf_put_data(req, pos, url_len);
658
659 wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to " MACSTR
660 " to indicate imminent deauthentication (code=%d "
661 "reauth_delay=%d)", MAC2STR(addr), code, reauth_delay);
662 ret = hs20_send_wnm_notification_deauth_req(hapd, addr, req);
663 wpabuf_free(req);
664 return ret;
665 }
666
667 #endif /* CONFIG_HS20 */
668
669
670 #ifdef CONFIG_INTERWORKING
671
672 static int hostapd_ctrl_iface_set_qos_map_set(struct hostapd_data *hapd,
673 const char *cmd)
674 {
675 u8 qos_map_set[16 + 2 * 21], count = 0;
676 const char *pos = cmd;
677 int val, ret;
678
679 for (;;) {
680 if (count == sizeof(qos_map_set)) {
681 wpa_printf(MSG_ERROR, "Too many qos_map_set parameters");
682 return -1;
683 }
684
685 val = atoi(pos);
686 if (val < 0 || val > 255) {
687 wpa_printf(MSG_INFO, "Invalid QoS Map Set");
688 return -1;
689 }
690
691 qos_map_set[count++] = val;
692 pos = os_strchr(pos, ',');
693 if (!pos)
694 break;
695 pos++;
696 }
697
698 if (count < 16 || count & 1) {
699 wpa_printf(MSG_INFO, "Invalid QoS Map Set");
700 return -1;
701 }
702
703 ret = hostapd_drv_set_qos_map(hapd, qos_map_set, count);
704 if (ret) {
705 wpa_printf(MSG_INFO, "Failed to set QoS Map Set");
706 return -1;
707 }
708
709 os_memcpy(hapd->conf->qos_map_set, qos_map_set, count);
710 hapd->conf->qos_map_set_len = count;
711
712 return 0;
713 }
714
715
716 static int hostapd_ctrl_iface_send_qos_map_conf(struct hostapd_data *hapd,
717 const char *cmd)
718 {
719 u8 addr[ETH_ALEN];
720 struct sta_info *sta;
721 struct wpabuf *buf;
722 u8 *qos_map_set = hapd->conf->qos_map_set;
723 u8 qos_map_set_len = hapd->conf->qos_map_set_len;
724 int ret;
725
726 if (!qos_map_set_len) {
727 wpa_printf(MSG_INFO, "QoS Map Set is not set");
728 return -1;
729 }
730
731 if (hwaddr_aton(cmd, addr))
732 return -1;
733
734 sta = ap_get_sta(hapd, addr);
735 if (sta == NULL) {
736 wpa_printf(MSG_DEBUG, "Station " MACSTR " not found "
737 "for QoS Map Configuration message",
738 MAC2STR(addr));
739 return -1;
740 }
741
742 if (!sta->qos_map_enabled) {
743 wpa_printf(MSG_DEBUG, "Station " MACSTR " did not indicate "
744 "support for QoS Map", MAC2STR(addr));
745 return -1;
746 }
747
748 buf = wpabuf_alloc(2 + 2 + qos_map_set_len);
749 if (buf == NULL)
750 return -1;
751
752 wpabuf_put_u8(buf, WLAN_ACTION_QOS);
753 wpabuf_put_u8(buf, QOS_QOS_MAP_CONFIG);
754
755 /* QoS Map Set Element */
756 wpabuf_put_u8(buf, WLAN_EID_QOS_MAP_SET);
757 wpabuf_put_u8(buf, qos_map_set_len);
758 wpabuf_put_data(buf, qos_map_set, qos_map_set_len);
759
760 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
761 wpabuf_head(buf), wpabuf_len(buf));
762 wpabuf_free(buf);
763
764 return ret;
765 }
766
767 #endif /* CONFIG_INTERWORKING */
768
769
770 #ifdef CONFIG_WNM_AP
771
772 static int hostapd_ctrl_iface_disassoc_imminent(struct hostapd_data *hapd,
773 const char *cmd)
774 {
775 u8 addr[ETH_ALEN];
776 int disassoc_timer;
777 struct sta_info *sta;
778
779 if (hwaddr_aton(cmd, addr))
780 return -1;
781 if (cmd[17] != ' ')
782 return -1;
783 disassoc_timer = atoi(cmd + 17);
784
785 sta = ap_get_sta(hapd, addr);
786 if (sta == NULL) {
787 wpa_printf(MSG_DEBUG, "Station " MACSTR
788 " not found for disassociation imminent message",
789 MAC2STR(addr));
790 return -1;
791 }
792
793 return wnm_send_disassoc_imminent(hapd, sta, disassoc_timer);
794 }
795
796
797 static int hostapd_ctrl_iface_ess_disassoc(struct hostapd_data *hapd,
798 const char *cmd)
799 {
800 u8 addr[ETH_ALEN];
801 const char *url, *timerstr;
802 int disassoc_timer;
803 struct sta_info *sta;
804
805 if (hwaddr_aton(cmd, addr))
806 return -1;
807
808 sta = ap_get_sta(hapd, addr);
809 if (sta == NULL) {
810 wpa_printf(MSG_DEBUG, "Station " MACSTR
811 " not found for ESS disassociation imminent message",
812 MAC2STR(addr));
813 return -1;
814 }
815
816 timerstr = cmd + 17;
817 if (*timerstr != ' ')
818 return -1;
819 timerstr++;
820 disassoc_timer = atoi(timerstr);
821 if (disassoc_timer < 0 || disassoc_timer > 65535)
822 return -1;
823
824 url = os_strchr(timerstr, ' ');
825 if (url == NULL)
826 return -1;
827 url++;
828
829 return wnm_send_ess_disassoc_imminent(hapd, sta, url, disassoc_timer);
830 }
831
832
833 static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd,
834 const char *cmd)
835 {
836 u8 addr[ETH_ALEN];
837 const char *pos, *end;
838 int disassoc_timer = 0;
839 struct sta_info *sta;
840 u8 req_mode = 0, valid_int = 0x01;
841 u8 bss_term_dur[12];
842 char *url = NULL;
843 int ret;
844 u8 nei_rep[1000];
845 int nei_len;
846 u8 mbo[10];
847 size_t mbo_len = 0;
848
849 if (hwaddr_aton(cmd, addr)) {
850 wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
851 return -1;
852 }
853
854 sta = ap_get_sta(hapd, addr);
855 if (sta == NULL) {
856 wpa_printf(MSG_DEBUG, "Station " MACSTR
857 " not found for BSS TM Request message",
858 MAC2STR(addr));
859 return -1;
860 }
861
862 pos = os_strstr(cmd, " disassoc_timer=");
863 if (pos) {
864 pos += 16;
865 disassoc_timer = atoi(pos);
866 if (disassoc_timer < 0 || disassoc_timer > 65535) {
867 wpa_printf(MSG_DEBUG, "Invalid disassoc_timer");
868 return -1;
869 }
870 }
871
872 pos = os_strstr(cmd, " valid_int=");
873 if (pos) {
874 pos += 11;
875 valid_int = atoi(pos);
876 }
877
878 pos = os_strstr(cmd, " bss_term=");
879 if (pos) {
880 pos += 10;
881 req_mode |= WNM_BSS_TM_REQ_BSS_TERMINATION_INCLUDED;
882 /* TODO: TSF configurable/learnable */
883 bss_term_dur[0] = 4; /* Subelement ID */
884 bss_term_dur[1] = 10; /* Length */
885 os_memset(&bss_term_dur[2], 0, 8);
886 end = os_strchr(pos, ',');
887 if (end == NULL) {
888 wpa_printf(MSG_DEBUG, "Invalid bss_term data");
889 return -1;
890 }
891 end++;
892 WPA_PUT_LE16(&bss_term_dur[10], atoi(end));
893 }
894
895 nei_len = ieee802_11_parse_candidate_list(cmd, nei_rep,
896 sizeof(nei_rep));
897 if (nei_len < 0)
898 return -1;
899
900 pos = os_strstr(cmd, " url=");
901 if (pos) {
902 size_t len;
903 pos += 5;
904 end = os_strchr(pos, ' ');
905 if (end)
906 len = end - pos;
907 else
908 len = os_strlen(pos);
909 url = os_malloc(len + 1);
910 if (url == NULL)
911 return -1;
912 os_memcpy(url, pos, len);
913 url[len] = '\0';
914 req_mode |= WNM_BSS_TM_REQ_ESS_DISASSOC_IMMINENT;
915 }
916
917 if (os_strstr(cmd, " pref=1"))
918 req_mode |= WNM_BSS_TM_REQ_PREF_CAND_LIST_INCLUDED;
919 if (os_strstr(cmd, " abridged=1"))
920 req_mode |= WNM_BSS_TM_REQ_ABRIDGED;
921 if (os_strstr(cmd, " disassoc_imminent=1"))
922 req_mode |= WNM_BSS_TM_REQ_DISASSOC_IMMINENT;
923
924 #ifdef CONFIG_MBO
925 pos = os_strstr(cmd, "mbo=");
926 if (pos) {
927 unsigned int mbo_reason, cell_pref, reassoc_delay;
928 u8 *mbo_pos = mbo;
929
930 ret = sscanf(pos, "mbo=%u:%u:%u", &mbo_reason,
931 &reassoc_delay, &cell_pref);
932 if (ret != 3) {
933 wpa_printf(MSG_DEBUG,
934 "MBO requires three arguments: mbo=<reason>:<reassoc_delay>:<cell_pref>");
935 ret = -1;
936 goto fail;
937 }
938
939 if (mbo_reason > MBO_TRANSITION_REASON_PREMIUM_AP) {
940 wpa_printf(MSG_DEBUG,
941 "Invalid MBO transition reason code %u",
942 mbo_reason);
943 ret = -1;
944 goto fail;
945 }
946
947 /* Valid values for Cellular preference are: 0, 1, 255 */
948 if (cell_pref != 0 && cell_pref != 1 && cell_pref != 255) {
949 wpa_printf(MSG_DEBUG,
950 "Invalid MBO cellular capability %u",
951 cell_pref);
952 ret = -1;
953 goto fail;
954 }
955
956 if (reassoc_delay > 65535 ||
957 (reassoc_delay &&
958 !(req_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT))) {
959 wpa_printf(MSG_DEBUG,
960 "MBO: Assoc retry delay is only valid in disassoc imminent mode");
961 ret = -1;
962 goto fail;
963 }
964
965 *mbo_pos++ = MBO_ATTR_ID_TRANSITION_REASON;
966 *mbo_pos++ = 1;
967 *mbo_pos++ = mbo_reason;
968 *mbo_pos++ = MBO_ATTR_ID_CELL_DATA_PREF;
969 *mbo_pos++ = 1;
970 *mbo_pos++ = cell_pref;
971
972 if (reassoc_delay) {
973 *mbo_pos++ = MBO_ATTR_ID_ASSOC_RETRY_DELAY;
974 *mbo_pos++ = 2;
975 WPA_PUT_LE16(mbo_pos, reassoc_delay);
976 mbo_pos += 2;
977 }
978
979 mbo_len = mbo_pos - mbo;
980 }
981 #endif /* CONFIG_MBO */
982
983 ret = wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer,
984 valid_int, bss_term_dur, url,
985 nei_len ? nei_rep : NULL, nei_len,
986 mbo_len ? mbo : NULL, mbo_len);
987 #ifdef CONFIG_MBO
988 fail:
989 #endif /* CONFIG_MBO */
990 os_free(url);
991 return ret;
992 }
993
994
995 static int hostapd_ctrl_iface_coloc_intf_req(struct hostapd_data *hapd,
996 const char *cmd)
997 {
998 u8 addr[ETH_ALEN];
999 struct sta_info *sta;
1000 const char *pos;
1001 unsigned int auto_report, timeout;
1002
1003 if (hwaddr_aton(cmd, addr)) {
1004 wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
1005 return -1;
1006 }
1007
1008 sta = ap_get_sta(hapd, addr);
1009 if (!sta) {
1010 wpa_printf(MSG_DEBUG, "Station " MACSTR
1011 " not found for Collocated Interference Request",
1012 MAC2STR(addr));
1013 return -1;
1014 }
1015
1016 pos = cmd + 17;
1017 if (*pos != ' ')
1018 return -1;
1019 pos++;
1020 auto_report = atoi(pos);
1021 pos = os_strchr(pos, ' ');
1022 if (!pos)
1023 return -1;
1024 pos++;
1025 timeout = atoi(pos);
1026
1027 return wnm_send_coloc_intf_req(hapd, sta, auto_report, timeout);
1028 }
1029
1030 #endif /* CONFIG_WNM_AP */
1031
1032
1033 static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
1034 char *buf, size_t buflen)
1035 {
1036 int ret = 0;
1037 char *pos, *end;
1038
1039 pos = buf;
1040 end = buf + buflen;
1041
1042 WPA_ASSERT(hapd->conf->wpa_key_mgmt);
1043
1044 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
1045 ret = os_snprintf(pos, end - pos, "WPA-PSK ");
1046 if (os_snprintf_error(end - pos, ret))
1047 return pos - buf;
1048 pos += ret;
1049 }
1050 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
1051 ret = os_snprintf(pos, end - pos, "WPA-EAP ");
1052 if (os_snprintf_error(end - pos, ret))
1053 return pos - buf;
1054 pos += ret;
1055 }
1056 #ifdef CONFIG_IEEE80211R_AP
1057 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
1058 ret = os_snprintf(pos, end - pos, "FT-PSK ");
1059 if (os_snprintf_error(end - pos, ret))
1060 return pos - buf;
1061 pos += ret;
1062 }
1063 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
1064 ret = os_snprintf(pos, end - pos, "FT-EAP ");
1065 if (os_snprintf_error(end - pos, ret))
1066 return pos - buf;
1067 pos += ret;
1068 }
1069 #ifdef CONFIG_SHA384
1070 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
1071 ret = os_snprintf(pos, end - pos, "FT-EAP-SHA384 ");
1072 if (os_snprintf_error(end - pos, ret))
1073 return pos - buf;
1074 pos += ret;
1075 }
1076 #endif /* CONFIG_SHA384 */
1077 #ifdef CONFIG_SAE
1078 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
1079 ret = os_snprintf(pos, end - pos, "FT-SAE ");
1080 if (os_snprintf_error(end - pos, ret))
1081 return pos - buf;
1082 pos += ret;
1083 }
1084 #endif /* CONFIG_SAE */
1085 #ifdef CONFIG_FILS
1086 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
1087 ret = os_snprintf(pos, end - pos, "FT-FILS-SHA256 ");
1088 if (os_snprintf_error(end - pos, ret))
1089 return pos - buf;
1090 pos += ret;
1091 }
1092 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
1093 ret = os_snprintf(pos, end - pos, "FT-FILS-SHA384 ");
1094 if (os_snprintf_error(end - pos, ret))
1095 return pos - buf;
1096 pos += ret;
1097 }
1098 #endif /* CONFIG_FILS */
1099 #endif /* CONFIG_IEEE80211R_AP */
1100 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
1101 ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
1102 if (os_snprintf_error(end - pos, ret))
1103 return pos - buf;
1104 pos += ret;
1105 }
1106 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1107 ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 ");
1108 if (os_snprintf_error(end - pos, ret))
1109 return pos - buf;
1110 pos += ret;
1111 }
1112 #ifdef CONFIG_SAE
1113 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
1114 ret = os_snprintf(pos, end - pos, "SAE ");
1115 if (os_snprintf_error(end - pos, ret))
1116 return pos - buf;
1117 pos += ret;
1118 }
1119 #endif /* CONFIG_SAE */
1120 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1121 ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B ");
1122 if (os_snprintf_error(end - pos, ret))
1123 return pos - buf;
1124 pos += ret;
1125 }
1126 if (hapd->conf->wpa_key_mgmt &
1127 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1128 ret = os_snprintf(pos, end - pos,
1129 "WPA-EAP-SUITE-B-192 ");
1130 if (os_snprintf_error(end - pos, ret))
1131 return pos - buf;
1132 pos += ret;
1133 }
1134 #ifdef CONFIG_FILS
1135 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
1136 ret = os_snprintf(pos, end - pos, "FILS-SHA256 ");
1137 if (os_snprintf_error(end - pos, ret))
1138 return pos - buf;
1139 pos += ret;
1140 }
1141 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
1142 ret = os_snprintf(pos, end - pos, "FILS-SHA384 ");
1143 if (os_snprintf_error(end - pos, ret))
1144 return pos - buf;
1145 pos += ret;
1146 }
1147 #endif /* CONFIG_FILS */
1148
1149 #ifdef CONFIG_OWE
1150 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) {
1151 ret = os_snprintf(pos, end - pos, "OWE ");
1152 if (os_snprintf_error(end - pos, ret))
1153 return pos - buf;
1154 pos += ret;
1155 }
1156 #endif /* CONFIG_OWE */
1157
1158 #ifdef CONFIG_DPP
1159 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) {
1160 ret = os_snprintf(pos, end - pos, "DPP ");
1161 if (os_snprintf_error(end - pos, ret))
1162 return pos - buf;
1163 pos += ret;
1164 }
1165 #endif /* CONFIG_DPP */
1166
1167 if (pos > buf && *(pos - 1) == ' ') {
1168 *(pos - 1) = '\0';
1169 pos--;
1170 }
1171
1172 return pos - buf;
1173 }
1174
1175
1176 static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd,
1177 char *buf, size_t buflen)
1178 {
1179 int ret;
1180 char *pos, *end;
1181
1182 pos = buf;
1183 end = buf + buflen;
1184
1185 ret = os_snprintf(pos, end - pos, "bssid=" MACSTR "\n"
1186 "ssid=%s\n",
1187 MAC2STR(hapd->own_addr),
1188 wpa_ssid_txt(hapd->conf->ssid.ssid,
1189 hapd->conf->ssid.ssid_len));
1190 if (os_snprintf_error(end - pos, ret))
1191 return pos - buf;
1192 pos += ret;
1193
1194 #ifdef CONFIG_WPS
1195 ret = os_snprintf(pos, end - pos, "wps_state=%s\n",
1196 hapd->conf->wps_state == 0 ? "disabled" :
1197 (hapd->conf->wps_state == 1 ? "not configured" :
1198 "configured"));
1199 if (os_snprintf_error(end - pos, ret))
1200 return pos - buf;
1201 pos += ret;
1202
1203 if (hapd->conf->wps_state && hapd->conf->wpa &&
1204 hapd->conf->ssid.wpa_passphrase) {
1205 ret = os_snprintf(pos, end - pos, "passphrase=%s\n",
1206 hapd->conf->ssid.wpa_passphrase);
1207 if (os_snprintf_error(end - pos, ret))
1208 return pos - buf;
1209 pos += ret;
1210 }
1211
1212 if (hapd->conf->wps_state && hapd->conf->wpa &&
1213 hapd->conf->ssid.wpa_psk &&
1214 hapd->conf->ssid.wpa_psk->group) {
1215 char hex[PMK_LEN * 2 + 1];
1216 wpa_snprintf_hex(hex, sizeof(hex),
1217 hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
1218 ret = os_snprintf(pos, end - pos, "psk=%s\n", hex);
1219 if (os_snprintf_error(end - pos, ret))
1220 return pos - buf;
1221 pos += ret;
1222 }
1223 #endif /* CONFIG_WPS */
1224
1225 if (hapd->conf->wpa) {
1226 ret = os_snprintf(pos, end - pos, "wpa=%d\n", hapd->conf->wpa);
1227 if (os_snprintf_error(end - pos, ret))
1228 return pos - buf;
1229 pos += ret;
1230 }
1231
1232 if (hapd->conf->wpa && hapd->conf->wpa_key_mgmt) {
1233 ret = os_snprintf(pos, end - pos, "key_mgmt=");
1234 if (os_snprintf_error(end - pos, ret))
1235 return pos - buf;
1236 pos += ret;
1237
1238 pos += hostapd_ctrl_iface_get_key_mgmt(hapd, pos, end - pos);
1239
1240 ret = os_snprintf(pos, end - pos, "\n");
1241 if (os_snprintf_error(end - pos, ret))
1242 return pos - buf;
1243 pos += ret;
1244 }
1245
1246 if (hapd->conf->wpa) {
1247 ret = os_snprintf(pos, end - pos, "group_cipher=%s\n",
1248 wpa_cipher_txt(hapd->conf->wpa_group));
1249 if (os_snprintf_error(end - pos, ret))
1250 return pos - buf;
1251 pos += ret;
1252 }
1253
1254 if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->rsn_pairwise) {
1255 ret = os_snprintf(pos, end - pos, "rsn_pairwise_cipher=");
1256 if (os_snprintf_error(end - pos, ret))
1257 return pos - buf;
1258 pos += ret;
1259
1260 ret = wpa_write_ciphers(pos, end, hapd->conf->rsn_pairwise,
1261 " ");
1262 if (ret < 0)
1263 return pos - buf;
1264 pos += ret;
1265
1266 ret = os_snprintf(pos, end - pos, "\n");
1267 if (os_snprintf_error(end - pos, ret))
1268 return pos - buf;
1269 pos += ret;
1270 }
1271
1272 if ((hapd->conf->wpa & WPA_PROTO_WPA) && hapd->conf->wpa_pairwise) {
1273 ret = os_snprintf(pos, end - pos, "wpa_pairwise_cipher=");
1274 if (os_snprintf_error(end - pos, ret))
1275 return pos - buf;
1276 pos += ret;
1277
1278 ret = wpa_write_ciphers(pos, end, hapd->conf->wpa_pairwise,
1279 " ");
1280 if (ret < 0)
1281 return pos - buf;
1282 pos += ret;
1283
1284 ret = os_snprintf(pos, end - pos, "\n");
1285 if (os_snprintf_error(end - pos, ret))
1286 return pos - buf;
1287 pos += ret;
1288 }
1289
1290 if (hapd->conf->wpa && hapd->conf->wpa_deny_ptk0_rekey) {
1291 ret = os_snprintf(pos, end - pos, "wpa_deny_ptk0_rekey=%d\n",
1292 hapd->conf->wpa_deny_ptk0_rekey);
1293 if (os_snprintf_error(end - pos, ret))
1294 return pos - buf;
1295 pos += ret;
1296 }
1297
1298 if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->extended_key_id) {
1299 ret = os_snprintf(pos, end - pos, "extended_key_id=%d\n",
1300 hapd->conf->extended_key_id);
1301 if (os_snprintf_error(end - pos, ret))
1302 return pos - buf;
1303 pos += ret;
1304 }
1305
1306 return pos - buf;
1307 }
1308
1309
1310 static void hostapd_disassoc_accept_mac(struct hostapd_data *hapd)
1311 {
1312 struct sta_info *sta;
1313 struct vlan_description vlan_id;
1314
1315 if (hapd->conf->macaddr_acl != DENY_UNLESS_ACCEPTED)
1316 return;
1317
1318 for (sta = hapd->sta_list; sta; sta = sta->next) {
1319 if (!hostapd_maclist_found(hapd->conf->accept_mac,
1320 hapd->conf->num_accept_mac,
1321 sta->addr, &vlan_id) ||
1322 (vlan_id.notempty &&
1323 vlan_compare(&vlan_id, sta->vlan_desc)))
1324 ap_sta_disconnect(hapd, sta, sta->addr,
1325 WLAN_REASON_UNSPECIFIED);
1326 }
1327 }
1328
1329
1330 static void hostapd_disassoc_deny_mac(struct hostapd_data *hapd)
1331 {
1332 struct sta_info *sta;
1333 struct vlan_description vlan_id;
1334
1335 for (sta = hapd->sta_list; sta; sta = sta->next) {
1336 if (hostapd_maclist_found(hapd->conf->deny_mac,
1337 hapd->conf->num_deny_mac, sta->addr,
1338 &vlan_id) &&
1339 (!vlan_id.notempty ||
1340 !vlan_compare(&vlan_id, sta->vlan_desc)))
1341 ap_sta_disconnect(hapd, sta, sta->addr,
1342 WLAN_REASON_UNSPECIFIED);
1343 }
1344 }
1345
1346
1347 static int hostapd_ctrl_iface_set_band(struct hostapd_data *hapd,
1348 const char *band)
1349 {
1350 union wpa_event_data event;
1351 enum set_band setband;
1352
1353 if (os_strcmp(band, "AUTO") == 0)
1354 setband = WPA_SETBAND_AUTO;
1355 else if (os_strcmp(band, "5G") == 0)
1356 setband = WPA_SETBAND_5G;
1357 else if (os_strcmp(band, "2G") == 0)
1358 setband = WPA_SETBAND_2G;
1359 else
1360 return -1;
1361
1362 if (hostapd_drv_set_band(hapd, setband) == 0) {
1363 os_memset(&event, 0, sizeof(event));
1364 event.channel_list_changed.initiator = REGDOM_SET_BY_USER;
1365 event.channel_list_changed.type = REGDOM_TYPE_UNKNOWN;
1366 wpa_supplicant_event(hapd, EVENT_CHANNEL_LIST_CHANGED, &event);
1367 }
1368
1369 return 0;
1370 }
1371
1372
1373 static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd)
1374 {
1375 char *value;
1376 int ret = 0;
1377
1378 value = os_strchr(cmd, ' ');
1379 if (value == NULL)
1380 return -1;
1381 *value++ = '\0';
1382
1383 wpa_printf(MSG_DEBUG, "CTRL_IFACE SET '%s'='%s'", cmd, value);
1384 if (0) {
1385 #ifdef CONFIG_WPS_TESTING
1386 } else if (os_strcasecmp(cmd, "wps_version_number") == 0) {
1387 long int val;
1388 val = strtol(value, NULL, 0);
1389 if (val < 0 || val > 0xff) {
1390 ret = -1;
1391 wpa_printf(MSG_DEBUG, "WPS: Invalid "
1392 "wps_version_number %ld", val);
1393 } else {
1394 wps_version_number = val;
1395 wpa_printf(MSG_DEBUG, "WPS: Testing - force WPS "
1396 "version %u.%u",
1397 (wps_version_number & 0xf0) >> 4,
1398 wps_version_number & 0x0f);
1399 hostapd_wps_update_ie(hapd);
1400 }
1401 } else if (os_strcasecmp(cmd, "wps_testing_dummy_cred") == 0) {
1402 wps_testing_dummy_cred = atoi(value);
1403 wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
1404 wps_testing_dummy_cred);
1405 } else if (os_strcasecmp(cmd, "wps_corrupt_pkhash") == 0) {
1406 wps_corrupt_pkhash = atoi(value);
1407 wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d",
1408 wps_corrupt_pkhash);
1409 #endif /* CONFIG_WPS_TESTING */
1410 #ifdef CONFIG_TESTING_OPTIONS
1411 } else if (os_strcasecmp(cmd, "ext_mgmt_frame_handling") == 0) {
1412 hapd->ext_mgmt_frame_handling = atoi(value);
1413 } else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) {
1414 hapd->ext_eapol_frame_io = atoi(value);
1415 #ifdef CONFIG_DPP
1416 } else if (os_strcasecmp(cmd, "dpp_config_obj_override") == 0) {
1417 os_free(hapd->dpp_config_obj_override);
1418 hapd->dpp_config_obj_override = os_strdup(value);
1419 } else if (os_strcasecmp(cmd, "dpp_discovery_override") == 0) {
1420 os_free(hapd->dpp_discovery_override);
1421 hapd->dpp_discovery_override = os_strdup(value);
1422 } else if (os_strcasecmp(cmd, "dpp_groups_override") == 0) {
1423 os_free(hapd->dpp_groups_override);
1424 hapd->dpp_groups_override = os_strdup(value);
1425 } else if (os_strcasecmp(cmd,
1426 "dpp_ignore_netaccesskey_mismatch") == 0) {
1427 hapd->dpp_ignore_netaccesskey_mismatch = atoi(value);
1428 } else if (os_strcasecmp(cmd, "dpp_test") == 0) {
1429 dpp_test = atoi(value);
1430 #endif /* CONFIG_DPP */
1431 #endif /* CONFIG_TESTING_OPTIONS */
1432 #ifdef CONFIG_MBO
1433 } else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) {
1434 int val;
1435
1436 if (!hapd->conf->mbo_enabled)
1437 return -1;
1438
1439 val = atoi(value);
1440 if (val < 0 || val > 1)
1441 return -1;
1442
1443 hapd->mbo_assoc_disallow = val;
1444 ieee802_11_update_beacons(hapd->iface);
1445
1446 /*
1447 * TODO: Need to configure drivers that do AP MLME offload with
1448 * disallowing station logic.
1449 */
1450 #endif /* CONFIG_MBO */
1451 #ifdef CONFIG_DPP
1452 } else if (os_strcasecmp(cmd, "dpp_configurator_params") == 0) {
1453 os_free(hapd->dpp_configurator_params);
1454 hapd->dpp_configurator_params = os_strdup(value);
1455 #endif /* CONFIG_DPP */
1456 } else if (os_strcasecmp(cmd, "setband") == 0) {
1457 ret = hostapd_ctrl_iface_set_band(hapd, value);
1458 } else {
1459 ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value);
1460 if (ret)
1461 return ret;
1462
1463 if (os_strcasecmp(cmd, "deny_mac_file") == 0) {
1464 hostapd_disassoc_deny_mac(hapd);
1465 } else if (os_strcasecmp(cmd, "accept_mac_file") == 0) {
1466 hostapd_disassoc_accept_mac(hapd);
1467 } else if (os_strncmp(cmd, "wme_ac_", 7) == 0 ||
1468 os_strncmp(cmd, "wmm_ac_", 7) == 0) {
1469 hapd->parameter_set_count++;
1470 if (ieee802_11_update_beacons(hapd->iface))
1471 wpa_printf(MSG_DEBUG,
1472 "Failed to update beacons with WMM parameters");
1473 } else if (os_strcmp(cmd, "wpa_passphrase") == 0 ||
1474 os_strcmp(cmd, "sae_password") == 0 ||
1475 os_strcmp(cmd, "sae_pwe") == 0) {
1476 if (hapd->started)
1477 hostapd_setup_sae_pt(hapd->conf);
1478 }
1479 }
1480
1481 return ret;
1482 }
1483
1484
1485 static int hostapd_ctrl_iface_get(struct hostapd_data *hapd, char *cmd,
1486 char *buf, size_t buflen)
1487 {
1488 int res;
1489
1490 wpa_printf(MSG_DEBUG, "CTRL_IFACE GET '%s'", cmd);
1491
1492 if (os_strcmp(cmd, "version") == 0) {
1493 res = os_snprintf(buf, buflen, "%s", VERSION_STR);
1494 if (os_snprintf_error(buflen, res))
1495 return -1;
1496 return res;
1497 } else if (os_strcmp(cmd, "tls_library") == 0) {
1498 res = tls_get_library_version(buf, buflen);
1499 if (os_snprintf_error(buflen, res))
1500 return -1;
1501 return res;
1502 }
1503
1504 return -1;
1505 }
1506
1507
1508 static int hostapd_ctrl_iface_enable(struct hostapd_iface *iface)
1509 {
1510 if (hostapd_enable_iface(iface) < 0) {
1511 wpa_printf(MSG_ERROR, "Enabling of interface failed");
1512 return -1;
1513 }
1514 return 0;
1515 }
1516
1517
1518 static int hostapd_ctrl_iface_reload(struct hostapd_iface *iface)
1519 {
1520 if (hostapd_reload_iface(iface) < 0) {
1521 wpa_printf(MSG_ERROR, "Reloading of interface failed");
1522 return -1;
1523 }
1524 return 0;
1525 }
1526
1527
1528 static int hostapd_ctrl_iface_disable(struct hostapd_iface *iface)
1529 {
1530 if (hostapd_disable_iface(iface) < 0) {
1531 wpa_printf(MSG_ERROR, "Disabling of interface failed");
1532 return -1;
1533 }
1534 return 0;
1535 }
1536
1537
1538 static int
1539 hostapd_ctrl_iface_kick_mismatch_psk_sta_iter(struct hostapd_data *hapd,
1540 struct sta_info *sta, void *ctx)
1541 {
1542 struct hostapd_wpa_psk *psk;
1543 const u8 *pmk;
1544 int pmk_len;
1545 int pmk_match;
1546 int sta_match;
1547 int bss_match;
1548 int reason;
1549
1550 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
1551
1552 for (psk = hapd->conf->ssid.wpa_psk; pmk && psk; psk = psk->next) {
1553 pmk_match = PMK_LEN == pmk_len &&
1554 os_memcmp(psk->psk, pmk, pmk_len) == 0;
1555 sta_match = psk->group == 0 &&
1556 os_memcmp(sta->addr, psk->addr, ETH_ALEN) == 0;
1557 bss_match = psk->group == 1;
1558
1559 if (pmk_match && (sta_match || bss_match))
1560 return 0;
1561 }
1562
1563 wpa_printf(MSG_INFO, "STA " MACSTR
1564 " PSK/passphrase no longer valid - disconnect",
1565 MAC2STR(sta->addr));
1566 reason = WLAN_REASON_PREV_AUTH_NOT_VALID;
1567 hostapd_drv_sta_deauth(hapd, sta->addr, reason);
1568 ap_sta_deauthenticate(hapd, sta, reason);
1569
1570 return 0;
1571 }
1572
1573
1574 static int hostapd_ctrl_iface_reload_wpa_psk(struct hostapd_data *hapd)
1575 {
1576 struct hostapd_bss_config *conf = hapd->conf;
1577 int err;
1578
1579 hostapd_config_clear_wpa_psk(&conf->ssid.wpa_psk);
1580
1581 err = hostapd_setup_wpa_psk(conf);
1582 if (err < 0) {
1583 wpa_printf(MSG_ERROR, "Reloading WPA-PSK passwords failed: %d",
1584 err);
1585 return -1;
1586 }
1587
1588 ap_for_each_sta(hapd, hostapd_ctrl_iface_kick_mismatch_psk_sta_iter,
1589 NULL);
1590
1591 return 0;
1592 }
1593
1594
1595 #ifdef CONFIG_TESTING_OPTIONS
1596
1597 static int hostapd_ctrl_iface_radar(struct hostapd_data *hapd, char *cmd)
1598 {
1599 union wpa_event_data data;
1600 char *pos, *param;
1601 enum wpa_event_type event;
1602
1603 wpa_printf(MSG_DEBUG, "RADAR TEST: %s", cmd);
1604
1605 os_memset(&data, 0, sizeof(data));
1606
1607 param = os_strchr(cmd, ' ');
1608 if (param == NULL)
1609 return -1;
1610 *param++ = '\0';
1611
1612 if (os_strcmp(cmd, "DETECTED") == 0)
1613 event = EVENT_DFS_RADAR_DETECTED;
1614 else if (os_strcmp(cmd, "CAC-FINISHED") == 0)
1615 event = EVENT_DFS_CAC_FINISHED;
1616 else if (os_strcmp(cmd, "CAC-ABORTED") == 0)
1617 event = EVENT_DFS_CAC_ABORTED;
1618 else if (os_strcmp(cmd, "NOP-FINISHED") == 0)
1619 event = EVENT_DFS_NOP_FINISHED;
1620 else {
1621 wpa_printf(MSG_DEBUG, "Unsupported RADAR test command: %s",
1622 cmd);
1623 return -1;
1624 }
1625
1626 pos = os_strstr(param, "freq=");
1627 if (pos)
1628 data.dfs_event.freq = atoi(pos + 5);
1629
1630 pos = os_strstr(param, "ht_enabled=1");
1631 if (pos)
1632 data.dfs_event.ht_enabled = 1;
1633
1634 pos = os_strstr(param, "chan_offset=");
1635 if (pos)
1636 data.dfs_event.chan_offset = atoi(pos + 12);
1637
1638 pos = os_strstr(param, "chan_width=");
1639 if (pos)
1640 data.dfs_event.chan_width = atoi(pos + 11);
1641
1642 pos = os_strstr(param, "cf1=");
1643 if (pos)
1644 data.dfs_event.cf1 = atoi(pos + 4);
1645
1646 pos = os_strstr(param, "cf2=");
1647 if (pos)
1648 data.dfs_event.cf2 = atoi(pos + 4);
1649
1650 wpa_supplicant_event(hapd, event, &data);
1651
1652 return 0;
1653 }
1654
1655
1656 static int hostapd_ctrl_iface_mgmt_tx(struct hostapd_data *hapd, char *cmd)
1657 {
1658 size_t len;
1659 u8 *buf;
1660 int res;
1661
1662 wpa_printf(MSG_DEBUG, "External MGMT TX: %s", cmd);
1663
1664 len = os_strlen(cmd);
1665 if (len & 1)
1666 return -1;
1667 len /= 2;
1668
1669 buf = os_malloc(len);
1670 if (buf == NULL)
1671 return -1;
1672
1673 if (hexstr2bin(cmd, buf, len) < 0) {
1674 os_free(buf);
1675 return -1;
1676 }
1677
1678 res = hostapd_drv_send_mlme(hapd, buf, len, 0, NULL, 0, 0);
1679 os_free(buf);
1680 return res;
1681 }
1682
1683
1684 static int hostapd_ctrl_iface_mgmt_tx_status_process(struct hostapd_data *hapd,
1685 char *cmd)
1686 {
1687 char *pos, *param;
1688 size_t len;
1689 u8 *buf;
1690 int stype = 0, ok = 0;
1691 union wpa_event_data event;
1692
1693 if (!hapd->ext_mgmt_frame_handling)
1694 return -1;
1695
1696 /* stype=<val> ok=<0/1> buf=<frame hexdump> */
1697
1698 wpa_printf(MSG_DEBUG, "External MGMT TX status process: %s", cmd);
1699
1700 pos = cmd;
1701 param = os_strstr(pos, "stype=");
1702 if (param) {
1703 param += 6;
1704 stype = atoi(param);
1705 }
1706
1707 param = os_strstr(pos, " ok=");
1708 if (param) {
1709 param += 4;
1710 ok = atoi(param);
1711 }
1712
1713 param = os_strstr(pos, " buf=");
1714 if (!param)
1715 return -1;
1716 param += 5;
1717
1718 len = os_strlen(param);
1719 if (len & 1)
1720 return -1;
1721 len /= 2;
1722
1723 buf = os_malloc(len);
1724 if (!buf || hexstr2bin(param, buf, len) < 0) {
1725 os_free(buf);
1726 return -1;
1727 }
1728
1729 os_memset(&event, 0, sizeof(event));
1730 event.tx_status.type = WLAN_FC_TYPE_MGMT;
1731 event.tx_status.data = buf;
1732 event.tx_status.data_len = len;
1733 event.tx_status.stype = stype;
1734 event.tx_status.ack = ok;
1735 hapd->ext_mgmt_frame_handling = 0;
1736 wpa_supplicant_event(hapd, EVENT_TX_STATUS, &event);
1737 hapd->ext_mgmt_frame_handling = 1;
1738
1739 os_free(buf);
1740
1741 return 0;
1742 }
1743
1744
1745 static int hostapd_ctrl_iface_mgmt_rx_process(struct hostapd_data *hapd,
1746 char *cmd)
1747 {
1748 char *pos, *param;
1749 size_t len;
1750 u8 *buf;
1751 int freq = 0, datarate = 0, ssi_signal = 0;
1752 union wpa_event_data event;
1753
1754 if (!hapd->ext_mgmt_frame_handling)
1755 return -1;
1756
1757 /* freq=<MHz> datarate=<val> ssi_signal=<val> frame=<frame hexdump> */
1758
1759 wpa_printf(MSG_DEBUG, "External MGMT RX process: %s", cmd);
1760
1761 pos = cmd;
1762 param = os_strstr(pos, "freq=");
1763 if (param) {
1764 param += 5;
1765 freq = atoi(param);
1766 }
1767
1768 param = os_strstr(pos, " datarate=");
1769 if (param) {
1770 param += 10;
1771 datarate = atoi(param);
1772 }
1773
1774 param = os_strstr(pos, " ssi_signal=");
1775 if (param) {
1776 param += 12;
1777 ssi_signal = atoi(param);
1778 }
1779
1780 param = os_strstr(pos, " frame=");
1781 if (param == NULL)
1782 return -1;
1783 param += 7;
1784
1785 len = os_strlen(param);
1786 if (len & 1)
1787 return -1;
1788 len /= 2;
1789
1790 buf = os_malloc(len);
1791 if (buf == NULL)
1792 return -1;
1793
1794 if (hexstr2bin(param, buf, len) < 0) {
1795 os_free(buf);
1796 return -1;
1797 }
1798
1799 os_memset(&event, 0, sizeof(event));
1800 event.rx_mgmt.freq = freq;
1801 event.rx_mgmt.frame = buf;
1802 event.rx_mgmt.frame_len = len;
1803 event.rx_mgmt.ssi_signal = ssi_signal;
1804 event.rx_mgmt.datarate = datarate;
1805 hapd->ext_mgmt_frame_handling = 0;
1806 wpa_supplicant_event(hapd, EVENT_RX_MGMT, &event);
1807 hapd->ext_mgmt_frame_handling = 1;
1808
1809 os_free(buf);
1810
1811 return 0;
1812 }
1813
1814
1815 static int hostapd_ctrl_iface_eapol_rx(struct hostapd_data *hapd, char *cmd)
1816 {
1817 char *pos;
1818 u8 src[ETH_ALEN], *buf;
1819 int used;
1820 size_t len;
1821
1822 wpa_printf(MSG_DEBUG, "External EAPOL RX: %s", cmd);
1823
1824 pos = cmd;
1825 used = hwaddr_aton2(pos, src);
1826 if (used < 0)
1827 return -1;
1828 pos += used;
1829 while (*pos == ' ')
1830 pos++;
1831
1832 len = os_strlen(pos);
1833 if (len & 1)
1834 return -1;
1835 len /= 2;
1836
1837 buf = os_malloc(len);
1838 if (buf == NULL)
1839 return -1;
1840
1841 if (hexstr2bin(pos, buf, len) < 0) {
1842 os_free(buf);
1843 return -1;
1844 }
1845
1846 ieee802_1x_receive(hapd, src, buf, len);
1847 os_free(buf);
1848
1849 return 0;
1850 }
1851
1852
1853 static u16 ipv4_hdr_checksum(const void *buf, size_t len)
1854 {
1855 size_t i;
1856 u32 sum = 0;
1857 const u16 *pos = buf;
1858
1859 for (i = 0; i < len / 2; i++)
1860 sum += *pos++;
1861
1862 while (sum >> 16)
1863 sum = (sum & 0xffff) + (sum >> 16);
1864
1865 return sum ^ 0xffff;
1866 }
1867
1868
1869 #define HWSIM_PACKETLEN 1500
1870 #define HWSIM_IP_LEN (HWSIM_PACKETLEN - sizeof(struct ether_header))
1871
1872 static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
1873 size_t len)
1874 {
1875 struct hostapd_data *hapd = ctx;
1876 const struct ether_header *eth;
1877 struct ip ip;
1878 const u8 *pos;
1879 unsigned int i;
1880 char extra[30];
1881
1882 if (len < sizeof(*eth) + sizeof(ip) || len > HWSIM_PACKETLEN) {
1883 wpa_printf(MSG_DEBUG,
1884 "test data: RX - ignore unexpected length %d",
1885 (int) len);
1886 return;
1887 }
1888
1889 eth = (const struct ether_header *) buf;
1890 os_memcpy(&ip, eth + 1, sizeof(ip));
1891 pos = &buf[sizeof(*eth) + sizeof(ip)];
1892
1893 if (ip.ip_hl != 5 || ip.ip_v != 4 ||
1894 ntohs(ip.ip_len) > HWSIM_IP_LEN) {
1895 wpa_printf(MSG_DEBUG,
1896 "test data: RX - ignore unexpect IP header");
1897 return;
1898 }
1899
1900 for (i = 0; i < ntohs(ip.ip_len) - sizeof(ip); i++) {
1901 if (*pos != (u8) i) {
1902 wpa_printf(MSG_DEBUG,
1903 "test data: RX - ignore mismatching payload");
1904 return;
1905 }
1906 pos++;
1907 }
1908
1909 extra[0] = '\0';
1910 if (ntohs(ip.ip_len) != HWSIM_IP_LEN)
1911 os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.ip_len));
1912 wpa_msg(hapd->msg_ctx, MSG_INFO, "DATA-TEST-RX " MACSTR " " MACSTR "%s",
1913 MAC2STR(eth->ether_dhost), MAC2STR(eth->ether_shost), extra);
1914 }
1915
1916
1917 static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd,
1918 char *cmd)
1919 {
1920 int enabled = atoi(cmd);
1921 char *pos;
1922 const char *ifname;
1923
1924 if (!enabled) {
1925 if (hapd->l2_test) {
1926 l2_packet_deinit(hapd->l2_test);
1927 hapd->l2_test = NULL;
1928 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
1929 "test data: Disabled");
1930 }
1931 return 0;
1932 }
1933
1934 if (hapd->l2_test)
1935 return 0;
1936
1937 pos = os_strstr(cmd, " ifname=");
1938 if (pos)
1939 ifname = pos + 8;
1940 else
1941 ifname = hapd->conf->iface;
1942
1943 hapd->l2_test = l2_packet_init(ifname, hapd->own_addr,
1944 ETHERTYPE_IP, hostapd_data_test_rx,
1945 hapd, 1);
1946 if (hapd->l2_test == NULL)
1947 return -1;
1948
1949 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: Enabled");
1950
1951 return 0;
1952 }
1953
1954
1955 static int hostapd_ctrl_iface_data_test_tx(struct hostapd_data *hapd, char *cmd)
1956 {
1957 u8 dst[ETH_ALEN], src[ETH_ALEN];
1958 char *pos, *pos2;
1959 int used;
1960 long int val;
1961 u8 tos;
1962 u8 buf[2 + HWSIM_PACKETLEN];
1963 struct ether_header *eth;
1964 struct ip *ip;
1965 u8 *dpos;
1966 unsigned int i;
1967 size_t send_len = HWSIM_IP_LEN;
1968
1969 if (hapd->l2_test == NULL)
1970 return -1;
1971
1972 /* format: <dst> <src> <tos> [len=<length>] */
1973
1974 pos = cmd;
1975 used = hwaddr_aton2(pos, dst);
1976 if (used < 0)
1977 return -1;
1978 pos += used;
1979 while (*pos == ' ')
1980 pos++;
1981 used = hwaddr_aton2(pos, src);
1982 if (used < 0)
1983 return -1;
1984 pos += used;
1985
1986 val = strtol(pos, &pos2, 0);
1987 if (val < 0 || val > 0xff)
1988 return -1;
1989 tos = val;
1990
1991 pos = os_strstr(pos2, " len=");
1992 if (pos) {
1993 i = atoi(pos + 5);
1994 if (i < sizeof(*ip) || i > HWSIM_IP_LEN)
1995 return -1;
1996 send_len = i;
1997 }
1998
1999 eth = (struct ether_header *) &buf[2];
2000 os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
2001 os_memcpy(eth->ether_shost, src, ETH_ALEN);
2002 eth->ether_type = htons(ETHERTYPE_IP);
2003 ip = (struct ip *) (eth + 1);
2004 os_memset(ip, 0, sizeof(*ip));
2005 ip->ip_hl = 5;
2006 ip->ip_v = 4;
2007 ip->ip_ttl = 64;
2008 ip->ip_tos = tos;
2009 ip->ip_len = htons(send_len);
2010 ip->ip_p = 1;
2011 ip->ip_src.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
2012 ip->ip_dst.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
2013 ip->ip_sum = ipv4_hdr_checksum(ip, sizeof(*ip));
2014 dpos = (u8 *) (ip + 1);
2015 for (i = 0; i < send_len - sizeof(*ip); i++)
2016 *dpos++ = i;
2017
2018 if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, &buf[2],
2019 sizeof(struct ether_header) + send_len) < 0)
2020 return -1;
2021
2022 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX dst=" MACSTR
2023 " src=" MACSTR " tos=0x%x", MAC2STR(dst), MAC2STR(src), tos);
2024
2025 return 0;
2026 }
2027
2028
2029 static int hostapd_ctrl_iface_data_test_frame(struct hostapd_data *hapd,
2030 char *cmd)
2031 {
2032 u8 *buf;
2033 struct ether_header *eth;
2034 struct l2_packet_data *l2 = NULL;
2035 size_t len;
2036 u16 ethertype;
2037 int res = -1;
2038 const char *ifname = hapd->conf->iface;
2039
2040 if (os_strncmp(cmd, "ifname=", 7) == 0) {
2041 cmd += 7;
2042 ifname = cmd;
2043 cmd = os_strchr(cmd, ' ');
2044 if (cmd == NULL)
2045 return -1;
2046 *cmd++ = '\0';
2047 }
2048
2049 len = os_strlen(cmd);
2050 if (len & 1 || len < ETH_HLEN * 2)
2051 return -1;
2052 len /= 2;
2053
2054 buf = os_malloc(len);
2055 if (buf == NULL)
2056 return -1;
2057
2058 if (hexstr2bin(cmd, buf, len) < 0)
2059 goto done;
2060
2061 eth = (struct ether_header *) buf;
2062 ethertype = ntohs(eth->ether_type);
2063
2064 l2 = l2_packet_init(ifname, hapd->own_addr, ethertype,
2065 hostapd_data_test_rx, hapd, 1);
2066 if (l2 == NULL)
2067 goto done;
2068
2069 res = l2_packet_send(l2, eth->ether_dhost, ethertype, buf, len);
2070 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX frame res=%d", res);
2071 done:
2072 if (l2)
2073 l2_packet_deinit(l2);
2074 os_free(buf);
2075
2076 return res < 0 ? -1 : 0;
2077 }
2078
2079
2080 static int hostapd_ctrl_test_alloc_fail(struct hostapd_data *hapd, char *cmd)
2081 {
2082 #ifdef WPA_TRACE_BFD
2083 char *pos;
2084
2085 wpa_trace_fail_after = atoi(cmd);
2086 pos = os_strchr(cmd, ':');
2087 if (pos) {
2088 pos++;
2089 os_strlcpy(wpa_trace_fail_func, pos,
2090 sizeof(wpa_trace_fail_func));
2091 } else {
2092 wpa_trace_fail_after = 0;
2093 }
2094
2095 return 0;
2096 #else /* WPA_TRACE_BFD */
2097 return -1;
2098 #endif /* WPA_TRACE_BFD */
2099 }
2100
2101
2102 static int hostapd_ctrl_get_alloc_fail(struct hostapd_data *hapd,
2103 char *buf, size_t buflen)
2104 {
2105 #ifdef WPA_TRACE_BFD
2106 return os_snprintf(buf, buflen, "%u:%s", wpa_trace_fail_after,
2107 wpa_trace_fail_func);
2108 #else /* WPA_TRACE_BFD */
2109 return -1;
2110 #endif /* WPA_TRACE_BFD */
2111 }
2112
2113
2114 static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd)
2115 {
2116 #ifdef WPA_TRACE_BFD
2117 char *pos;
2118
2119 wpa_trace_test_fail_after = atoi(cmd);
2120 pos = os_strchr(cmd, ':');
2121 if (pos) {
2122 pos++;
2123 os_strlcpy(wpa_trace_test_fail_func, pos,
2124 sizeof(wpa_trace_test_fail_func));
2125 } else {
2126 wpa_trace_test_fail_after = 0;
2127 }
2128
2129 return 0;
2130 #else /* WPA_TRACE_BFD */
2131 return -1;
2132 #endif /* WPA_TRACE_BFD */
2133 }
2134
2135
2136 static int hostapd_ctrl_get_fail(struct hostapd_data *hapd,
2137 char *buf, size_t buflen)
2138 {
2139 #ifdef WPA_TRACE_BFD
2140 return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after,
2141 wpa_trace_test_fail_func);
2142 #else /* WPA_TRACE_BFD */
2143 return -1;
2144 #endif /* WPA_TRACE_BFD */
2145 }
2146
2147
2148 static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
2149 {
2150 struct sta_info *sta;
2151 u8 addr[ETH_ALEN];
2152 u8 zero[WPA_TK_MAX_LEN];
2153
2154 os_memset(zero, 0, sizeof(zero));
2155
2156 if (hwaddr_aton(cmd, addr))
2157 return -1;
2158
2159 if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) {
2160 if (hapd->last_igtk_alg == WPA_ALG_NONE)
2161 return -1;
2162
2163 wpa_printf(MSG_INFO, "TESTING: Reset IPN for IGTK");
2164
2165 /* First, use a zero key to avoid any possible duplicate key
2166 * avoidance in the driver. */
2167 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2168 hapd->last_igtk_alg,
2169 broadcast_ether_addr,
2170 hapd->last_igtk_key_idx, 0, 1, NULL, 0,
2171 zero, hapd->last_igtk_len,
2172 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2173 return -1;
2174
2175 /* Set the previously configured key to reset its TSC */
2176 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2177 hapd->last_igtk_alg,
2178 broadcast_ether_addr,
2179 hapd->last_igtk_key_idx, 0, 1, NULL,
2180 0, hapd->last_igtk,
2181 hapd->last_igtk_len,
2182 KEY_FLAG_GROUP_TX_DEFAULT);
2183 }
2184
2185 if (is_broadcast_ether_addr(addr)) {
2186 if (hapd->last_gtk_alg == WPA_ALG_NONE)
2187 return -1;
2188
2189 wpa_printf(MSG_INFO, "TESTING: Reset PN for GTK");
2190
2191 /* First, use a zero key to avoid any possible duplicate key
2192 * avoidance in the driver. */
2193 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2194 hapd->last_gtk_alg,
2195 broadcast_ether_addr,
2196 hapd->last_gtk_key_idx, 0, 1, NULL, 0,
2197 zero, hapd->last_gtk_len,
2198 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2199 return -1;
2200
2201 /* Set the previously configured key to reset its TSC */
2202 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2203 hapd->last_gtk_alg,
2204 broadcast_ether_addr,
2205 hapd->last_gtk_key_idx, 0, 1, NULL,
2206 0, hapd->last_gtk,
2207 hapd->last_gtk_len,
2208 KEY_FLAG_GROUP_TX_DEFAULT);
2209 }
2210
2211 sta = ap_get_sta(hapd, addr);
2212 if (!sta)
2213 return -1;
2214
2215 if (sta->last_tk_alg == WPA_ALG_NONE)
2216 return -1;
2217
2218 wpa_printf(MSG_INFO, "TESTING: Reset PN for " MACSTR,
2219 MAC2STR(sta->addr));
2220
2221 /* First, use a zero key to avoid any possible duplicate key avoidance
2222 * in the driver. */
2223 if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2224 sta->addr, sta->last_tk_key_idx, 0, 1, NULL, 0,
2225 zero, sta->last_tk_len,
2226 KEY_FLAG_PAIRWISE_RX_TX) < 0)
2227 return -1;
2228
2229 /* Set the previously configured key to reset its TSC/RSC */
2230 return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2231 sta->addr, sta->last_tk_key_idx, 0, 1, NULL,
2232 0, sta->last_tk, sta->last_tk_len,
2233 KEY_FLAG_PAIRWISE_RX_TX);
2234 }
2235
2236
2237 static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd)
2238 {
2239 u8 addr[ETH_ALEN];
2240 const char *pos = cmd;
2241 enum wpa_alg alg;
2242 enum key_flag key_flag;
2243 int idx, set_tx;
2244 u8 seq[6], key[WPA_TK_MAX_LEN];
2245 size_t key_len;
2246
2247 /* parameters: alg addr idx set_tx seq key key_flag */
2248
2249 alg = atoi(pos);
2250 pos = os_strchr(pos, ' ');
2251 if (!pos)
2252 return -1;
2253 pos++;
2254 if (hwaddr_aton(pos, addr))
2255 return -1;
2256 pos += 17;
2257 if (*pos != ' ')
2258 return -1;
2259 pos++;
2260 idx = atoi(pos);
2261 pos = os_strchr(pos, ' ');
2262 if (!pos)
2263 return -1;
2264 pos++;
2265 set_tx = atoi(pos);
2266 pos = os_strchr(pos, ' ');
2267 if (!pos)
2268 return -1;
2269 pos++;
2270 if (hexstr2bin(pos, seq, sizeof(seq)) < 0)
2271 return -1;
2272 pos += 2 * 6;
2273 if (*pos != ' ')
2274 return -1;
2275 pos++;
2276 if (!os_strchr(pos, ' '))
2277 return -1;
2278 key_len = (os_strchr(pos, ' ') - pos) / 2;
2279 if (hexstr2bin(pos, key, key_len) < 0)
2280 return -1;
2281 pos += 2 * key_len;
2282 if (*pos != ' ')
2283 return -1;
2284
2285 pos++;
2286 key_flag = atoi(pos);
2287 pos = os_strchr(pos, ' ');
2288 if (pos)
2289 return -1;
2290
2291 wpa_printf(MSG_INFO, "TESTING: Set key");
2292 return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx, 0,
2293 set_tx, seq, 6, key, key_len, key_flag);
2294 }
2295
2296
2297 static void restore_tk(void *ctx1, void *ctx2)
2298 {
2299 struct hostapd_data *hapd = ctx1;
2300 struct sta_info *sta = ctx2;
2301
2302 wpa_printf(MSG_INFO, "TESTING: Restore TK for " MACSTR,
2303 MAC2STR(sta->addr));
2304 /* This does not really restore the TSC properly, so this will result
2305 * in replay protection issues for now since there is no clean way of
2306 * preventing encryption of a single EAPOL frame. */
2307 hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2308 sta->addr, sta->last_tk_key_idx, 0, 1, NULL, 0,
2309 sta->last_tk, sta->last_tk_len,
2310 KEY_FLAG_PAIRWISE_RX_TX);
2311 }
2312
2313
2314 static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd)
2315 {
2316 struct sta_info *sta;
2317 u8 addr[ETH_ALEN];
2318 int plain = os_strstr(cmd, "plaintext") != NULL;
2319
2320 if (hwaddr_aton(cmd, addr))
2321 return -1;
2322
2323 sta = ap_get_sta(hapd, addr);
2324 if (!sta || !sta->wpa_sm)
2325 return -1;
2326
2327 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2328 plain = 0; /* no need for special processing */
2329 if (plain) {
2330 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
2331 MAC2STR(sta->addr));
2332 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2333 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2334 0, NULL, 0, KEY_FLAG_PAIRWISE);
2335 }
2336
2337 wpa_printf(MSG_INFO, "TESTING: Send M1 to " MACSTR, MAC2STR(sta->addr));
2338 return wpa_auth_resend_m1(sta->wpa_sm,
2339 os_strstr(cmd, "change-anonce") != NULL,
2340 plain ? restore_tk : NULL, hapd, sta);
2341 }
2342
2343
2344 static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd)
2345 {
2346 struct sta_info *sta;
2347 u8 addr[ETH_ALEN];
2348 int plain = os_strstr(cmd, "plaintext") != NULL;
2349
2350 if (hwaddr_aton(cmd, addr))
2351 return -1;
2352
2353 sta = ap_get_sta(hapd, addr);
2354 if (!sta || !sta->wpa_sm)
2355 return -1;
2356
2357 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2358 plain = 0; /* no need for special processing */
2359 if (plain) {
2360 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
2361 MAC2STR(sta->addr));
2362 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2363 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2364 0, NULL, 0, KEY_FLAG_PAIRWISE);
2365 }
2366
2367 wpa_printf(MSG_INFO, "TESTING: Send M3 to " MACSTR, MAC2STR(sta->addr));
2368 return wpa_auth_resend_m3(sta->wpa_sm,
2369 plain ? restore_tk : NULL, hapd, sta);
2370 }
2371
2372
2373 static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd,
2374 const char *cmd)
2375 {
2376 struct sta_info *sta;
2377 u8 addr[ETH_ALEN];
2378 int plain = os_strstr(cmd, "plaintext") != NULL;
2379
2380 if (hwaddr_aton(cmd, addr))
2381 return -1;
2382
2383 sta = ap_get_sta(hapd, addr);
2384 if (!sta || !sta->wpa_sm)
2385 return -1;
2386
2387 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2388 plain = 0; /* no need for special processing */
2389 if (plain) {
2390 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
2391 MAC2STR(sta->addr));
2392 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2393 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2394 0, NULL, 0, KEY_FLAG_PAIRWISE);
2395 }
2396
2397 wpa_printf(MSG_INFO,
2398 "TESTING: Send group M1 for the same GTK and zero RSC to "
2399 MACSTR, MAC2STR(sta->addr));
2400 return wpa_auth_resend_group_m1(sta->wpa_sm,
2401 plain ? restore_tk : NULL, hapd, sta);
2402 }
2403
2404
2405 static int hostapd_ctrl_get_pmk(struct hostapd_data *hapd, const char *cmd,
2406 char *buf, size_t buflen)
2407 {
2408 struct sta_info *sta;
2409 u8 addr[ETH_ALEN];
2410 const u8 *pmk;
2411 int pmk_len;
2412
2413 if (hwaddr_aton(cmd, addr))
2414 return -1;
2415
2416 sta = ap_get_sta(hapd, addr);
2417 if (!sta || !sta->wpa_sm) {
2418 wpa_printf(MSG_DEBUG, "No STA WPA state machine for " MACSTR,
2419 MAC2STR(addr));
2420 return -1;
2421 }
2422 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
2423 if (!pmk) {
2424 wpa_printf(MSG_DEBUG, "No PMK stored for " MACSTR,
2425 MAC2STR(addr));
2426 return -1;
2427 }
2428
2429 return wpa_snprintf_hex(buf, buflen, pmk, pmk_len);
2430 }
2431
2432 #endif /* CONFIG_TESTING_OPTIONS */
2433
2434
2435 static int hostapd_ctrl_iface_chan_switch(struct hostapd_iface *iface,
2436 char *pos)
2437 {
2438 #ifdef NEED_AP_MLME
2439 struct csa_settings settings;
2440 int ret;
2441 unsigned int i;
2442
2443 ret = hostapd_parse_csa_settings(pos, &settings);
2444 if (ret)
2445 return ret;
2446
2447 for (i = 0; i < iface->num_bss; i++) {
2448
2449 /* Save CHAN_SWITCH VHT config */
2450 hostapd_chan_switch_vht_config(
2451 iface->bss[i], settings.freq_params.vht_enabled);
2452
2453 ret = hostapd_switch_channel(iface->bss[i], &settings);
2454 if (ret) {
2455 /* FIX: What do we do if CSA fails in the middle of
2456 * submitting multi-BSS CSA requests? */
2457 return ret;
2458 }
2459 }
2460
2461 return 0;
2462 #else /* NEED_AP_MLME */
2463 return -1;
2464 #endif /* NEED_AP_MLME */
2465 }
2466
2467
2468 static int hostapd_ctrl_iface_mib(struct hostapd_data *hapd, char *reply,
2469 int reply_size, const char *param)
2470 {
2471 #ifdef RADIUS_SERVER
2472 if (os_strcmp(param, "radius_server") == 0) {
2473 return radius_server_get_mib(hapd->radius_srv, reply,
2474 reply_size);
2475 }
2476 #endif /* RADIUS_SERVER */
2477 return -1;
2478 }
2479
2480
2481 static int hostapd_ctrl_iface_vendor(struct hostapd_data *hapd, char *cmd,
2482 char *buf, size_t buflen)
2483 {
2484 int ret;
2485 char *pos;
2486 u8 *data = NULL;
2487 unsigned int vendor_id, subcmd;
2488 struct wpabuf *reply;
2489 size_t data_len = 0;
2490
2491 /* cmd: <vendor id> <subcommand id> [<hex formatted data>] */
2492 vendor_id = strtoul(cmd, &pos, 16);
2493 if (!isblank((unsigned char) *pos))
2494 return -EINVAL;
2495
2496 subcmd = strtoul(pos, &pos, 10);
2497
2498 if (*pos != '\0') {
2499 if (!isblank((unsigned char) *pos++))
2500 return -EINVAL;
2501 data_len = os_strlen(pos);
2502 }
2503
2504 if (data_len) {
2505 data_len /= 2;
2506 data = os_malloc(data_len);
2507 if (!data)
2508 return -ENOBUFS;
2509
2510 if (hexstr2bin(pos, data, data_len)) {
2511 wpa_printf(MSG_DEBUG,
2512 "Vendor command: wrong parameter format");
2513 os_free(data);
2514 return -EINVAL;
2515 }
2516 }
2517
2518 reply = wpabuf_alloc((buflen - 1) / 2);
2519 if (!reply) {
2520 os_free(data);
2521 return -ENOBUFS;
2522 }
2523
2524 ret = hostapd_drv_vendor_cmd(hapd, vendor_id, subcmd, data, data_len,
2525 reply);
2526
2527 if (ret == 0)
2528 ret = wpa_snprintf_hex(buf, buflen, wpabuf_head_u8(reply),
2529 wpabuf_len(reply));
2530
2531 wpabuf_free(reply);
2532 os_free(data);
2533
2534 return ret;
2535 }
2536
2537
2538 static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd,
2539 const char *cmd)
2540 {
2541 u8 addr[ETH_ALEN];
2542 struct sta_info *sta;
2543
2544 if (hwaddr_aton(cmd, addr))
2545 return -1;
2546
2547 sta = ap_get_sta(hapd, addr);
2548 if (!sta || !sta->eapol_sm)
2549 return -1;
2550
2551 eapol_auth_reauthenticate(sta->eapol_sm);
2552 return 0;
2553 }
2554
2555
2556 static int hostapd_ctrl_iface_eapol_set(struct hostapd_data *hapd, char *cmd)
2557 {
2558 u8 addr[ETH_ALEN];
2559 struct sta_info *sta;
2560 char *pos = cmd, *param;
2561
2562 if (hwaddr_aton(pos, addr) || pos[17] != ' ')
2563 return -1;
2564 pos += 18;
2565 param = pos;
2566 pos = os_strchr(pos, ' ');
2567 if (!pos)
2568 return -1;
2569 *pos++ = '\0';
2570
2571 sta = ap_get_sta(hapd, addr);
2572 if (!sta || !sta->eapol_sm)
2573 return -1;
2574
2575 return eapol_auth_set_conf(sta->eapol_sm, param, pos);
2576 }
2577
2578
2579 static int hostapd_ctrl_iface_log_level(struct hostapd_data *hapd, char *cmd,
2580 char *buf, size_t buflen)
2581 {
2582 char *pos, *end, *stamp;
2583 int ret;
2584
2585 /* cmd: "LOG_LEVEL [<level>]" */
2586 if (*cmd == '\0') {
2587 pos = buf;
2588 end = buf + buflen;
2589 ret = os_snprintf(pos, end - pos, "Current level: %s\n"
2590 "Timestamp: %d\n",
2591 debug_level_str(wpa_debug_level),
2592 wpa_debug_timestamp);
2593 if (os_snprintf_error(end - pos, ret))
2594 ret = 0;
2595
2596 return ret;
2597 }
2598
2599 while (*cmd == ' ')
2600 cmd++;
2601
2602 stamp = os_strchr(cmd, ' ');
2603 if (stamp) {
2604 *stamp++ = '\0';
2605 while (*stamp == ' ') {
2606 stamp++;
2607 }
2608 }
2609
2610 if (os_strlen(cmd)) {
2611 int level = str_to_debug_level(cmd);
2612 if (level < 0)
2613 return -1;
2614 wpa_debug_level = level;
2615 }
2616
2617 if (stamp && os_strlen(stamp))
2618 wpa_debug_timestamp = atoi(stamp);
2619
2620 os_memcpy(buf, "OK\n", 3);
2621 return 3;
2622 }
2623
2624
2625 #ifdef NEED_AP_MLME
2626 static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd,
2627 char *buf, size_t buflen)
2628 {
2629 struct hostapd_iface *iface = hapd->iface;
2630 char *pos, *end;
2631 struct hostapd_sta_info *info;
2632 struct os_reltime now;
2633
2634 if (!iface->num_sta_seen)
2635 return 0;
2636
2637 sta_track_expire(iface, 0);
2638
2639 pos = buf;
2640 end = buf + buflen;
2641
2642 os_get_reltime(&now);
2643 dl_list_for_each_reverse(info, &iface->sta_seen,
2644 struct hostapd_sta_info, list) {
2645 struct os_reltime age;
2646 int ret;
2647
2648 os_reltime_sub(&now, &info->last_seen, &age);
2649 ret = os_snprintf(pos, end - pos, MACSTR " %u %d\n",
2650 MAC2STR(info->addr), (unsigned int) age.sec,
2651 info->ssi_signal);
2652 if (os_snprintf_error(end - pos, ret))
2653 break;
2654 pos += ret;
2655 }
2656
2657 return pos - buf;
2658 }
2659 #endif /* NEED_AP_MLME */
2660
2661
2662 static int hostapd_ctrl_iface_req_lci(struct hostapd_data *hapd,
2663 const char *cmd)
2664 {
2665 u8 addr[ETH_ALEN];
2666
2667 if (hwaddr_aton(cmd, addr)) {
2668 wpa_printf(MSG_INFO, "CTRL: REQ_LCI: Invalid MAC address");
2669 return -1;
2670 }
2671
2672 return hostapd_send_lci_req(hapd, addr);
2673 }
2674
2675
2676 static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd)
2677 {
2678 u8 addr[ETH_ALEN];
2679 char *token, *context = NULL;
2680 int random_interval, min_ap;
2681 u8 responders[ETH_ALEN * RRM_RANGE_REQ_MAX_RESPONDERS];
2682 unsigned int n_responders;
2683
2684 token = str_token(cmd, " ", &context);
2685 if (!token || hwaddr_aton(token, addr)) {
2686 wpa_printf(MSG_INFO,
2687 "CTRL: REQ_RANGE - Bad destination address");
2688 return -1;
2689 }
2690
2691 token = str_token(cmd, " ", &context);
2692 if (!token)
2693 return -1;
2694
2695 random_interval = atoi(token);
2696 if (random_interval < 0 || random_interval > 0xffff)
2697 return -1;
2698
2699 token = str_token(cmd, " ", &context);
2700 if (!token)
2701 return -1;
2702
2703 min_ap = atoi(token);
2704 if (min_ap <= 0 || min_ap > WLAN_RRM_RANGE_REQ_MAX_MIN_AP)
2705 return -1;
2706
2707 n_responders = 0;
2708 while ((token = str_token(cmd, " ", &context))) {
2709 if (n_responders == RRM_RANGE_REQ_MAX_RESPONDERS) {
2710 wpa_printf(MSG_INFO,
2711 "CTRL: REQ_RANGE: Too many responders");
2712 return -1;
2713 }
2714
2715 if (hwaddr_aton(token, responders + n_responders * ETH_ALEN)) {
2716 wpa_printf(MSG_INFO,
2717 "CTRL: REQ_RANGE: Bad responder address");
2718 return -1;
2719 }
2720
2721 n_responders++;
2722 }
2723
2724 if (!n_responders) {
2725 wpa_printf(MSG_INFO,
2726 "CTRL: REQ_RANGE - No FTM responder address");
2727 return -1;
2728 }
2729
2730 return hostapd_send_range_req(hapd, addr, random_interval, min_ap,
2731 responders, n_responders);
2732 }
2733
2734
2735 static int hostapd_ctrl_iface_req_beacon(struct hostapd_data *hapd,
2736 const char *cmd, char *reply,
2737 size_t reply_size)
2738 {
2739 u8 addr[ETH_ALEN];
2740 const char *pos;
2741 struct wpabuf *req;
2742 int ret;
2743 u8 req_mode = 0;
2744
2745 if (hwaddr_aton(cmd, addr))
2746 return -1;
2747 pos = os_strchr(cmd, ' ');
2748 if (!pos)
2749 return -1;
2750 pos++;
2751 if (os_strncmp(pos, "req_mode=", 9) == 0) {
2752 int val = hex2byte(pos + 9);
2753
2754 if (val < 0)
2755 return -1;
2756 req_mode = val;
2757 pos += 11;
2758 pos = os_strchr(pos, ' ');
2759 if (!pos)
2760 return -1;
2761 pos++;
2762 }
2763 req = wpabuf_parse_bin(pos);
2764 if (!req)
2765 return -1;
2766
2767 ret = hostapd_send_beacon_req(hapd, addr, req_mode, req);
2768 wpabuf_free(req);
2769 if (ret >= 0)
2770 ret = os_snprintf(reply, reply_size, "%d", ret);
2771 return ret;
2772 }
2773
2774
2775 static int hostapd_ctrl_iface_show_neighbor(struct hostapd_data *hapd,
2776 char *buf, size_t buflen)
2777 {
2778 if (!(hapd->conf->radio_measurements[0] &
2779 WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
2780 wpa_printf(MSG_ERROR,
2781 "CTRL: SHOW_NEIGHBOR: Neighbor report is not enabled");
2782 return -1;
2783 }
2784
2785 return hostapd_neighbor_show(hapd, buf, buflen);
2786 }
2787
2788
2789 static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf)
2790 {
2791 struct wpa_ssid_value ssid;
2792 u8 bssid[ETH_ALEN];
2793 struct wpabuf *nr, *lci = NULL, *civic = NULL;
2794 int stationary = 0;
2795 char *tmp;
2796 int ret;
2797
2798 if (!(hapd->conf->radio_measurements[0] &
2799 WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
2800 wpa_printf(MSG_ERROR,
2801 "CTRL: SET_NEIGHBOR: Neighbor report is not enabled");
2802 return -1;
2803 }
2804
2805 if (hwaddr_aton(buf, bssid)) {
2806 wpa_printf(MSG_ERROR, "CTRL: SET_NEIGHBOR: Bad BSSID");
2807 return -1;
2808 }
2809
2810 tmp = os_strstr(buf, "ssid=");
2811 if (!tmp || ssid_parse(tmp + 5, &ssid)) {
2812 wpa_printf(MSG_ERROR,
2813 "CTRL: SET_NEIGHBOR: Bad or missing SSID");
2814 return -1;
2815 }
2816 buf = os_strchr(tmp + 6, tmp[5] == '"' ? '"' : ' ');
2817 if (!buf)
2818 return -1;
2819
2820 tmp = os_strstr(buf, "nr=");
2821 if (!tmp) {
2822 wpa_printf(MSG_ERROR,
2823 "CTRL: SET_NEIGHBOR: Missing Neighbor Report element");
2824 return -1;
2825 }
2826
2827 buf = os_strchr(tmp, ' ');
2828 if (buf)
2829 *buf++ = '\0';
2830
2831 nr = wpabuf_parse_bin(tmp + 3);
2832 if (!nr) {
2833 wpa_printf(MSG_ERROR,
2834 "CTRL: SET_NEIGHBOR: Bad Neighbor Report element");
2835 return -1;
2836 }
2837
2838 if (!buf)
2839 goto set;
2840
2841 tmp = os_strstr(buf, "lci=");
2842 if (tmp) {
2843 buf = os_strchr(tmp, ' ');
2844 if (buf)
2845 *buf++ = '\0';
2846 lci = wpabuf_parse_bin(tmp + 4);
2847 if (!lci) {
2848 wpa_printf(MSG_ERROR,
2849 "CTRL: SET_NEIGHBOR: Bad LCI subelement");
2850 wpabuf_free(nr);
2851 return -1;
2852 }
2853 }
2854
2855 if (!buf)
2856 goto set;
2857
2858 tmp = os_strstr(buf, "civic=");
2859 if (tmp) {
2860 buf = os_strchr(tmp, ' ');
2861 if (buf)
2862 *buf++ = '\0';
2863 civic = wpabuf_parse_bin(tmp + 6);
2864 if (!civic) {
2865 wpa_printf(MSG_ERROR,
2866 "CTRL: SET_NEIGHBOR: Bad civic subelement");
2867 wpabuf_free(nr);
2868 wpabuf_free(lci);
2869 return -1;
2870 }
2871 }
2872
2873 if (!buf)
2874 goto set;
2875
2876 if (os_strstr(buf, "stat"))
2877 stationary = 1;
2878
2879 set:
2880 ret = hostapd_neighbor_set(hapd, bssid, &ssid, nr, lci, civic,
2881 stationary);
2882
2883 wpabuf_free(nr);
2884 wpabuf_free(lci);
2885 wpabuf_free(civic);
2886
2887 return ret;
2888 }
2889
2890
2891 static int hostapd_ctrl_iface_remove_neighbor(struct hostapd_data *hapd,
2892 char *buf)
2893 {
2894 struct wpa_ssid_value ssid;
2895 struct wpa_ssid_value *ssidp = NULL;
2896 u8 bssid[ETH_ALEN];
2897 char *tmp;
2898
2899 if (hwaddr_aton(buf, bssid)) {
2900 wpa_printf(MSG_ERROR, "CTRL: REMOVE_NEIGHBOR: Bad BSSID");
2901 return -1;
2902 }
2903
2904 tmp = os_strstr(buf, "ssid=");
2905 if (tmp) {
2906 ssidp = &ssid;
2907 if (ssid_parse(tmp + 5, &ssid)) {
2908 wpa_printf(MSG_ERROR,
2909 "CTRL: REMOVE_NEIGHBOR: Bad SSID");
2910 return -1;
2911 }
2912 }
2913
2914 return hostapd_neighbor_remove(hapd, bssid, ssidp);
2915 }
2916
2917
2918 static int hostapd_ctrl_driver_flags(struct hostapd_iface *iface, char *buf,
2919 size_t buflen)
2920 {
2921 int ret, i;
2922 char *pos, *end;
2923
2924 ret = os_snprintf(buf, buflen, "%016llX:\n",
2925 (long long unsigned) iface->drv_flags);
2926 if (os_snprintf_error(buflen, ret))
2927 return -1;
2928
2929 pos = buf + ret;
2930 end = buf + buflen;
2931
2932 for (i = 0; i < 64; i++) {
2933 if (iface->drv_flags & (1LLU << i)) {
2934 ret = os_snprintf(pos, end - pos, "%s\n",
2935 driver_flag_to_string(1LLU << i));
2936 if (os_snprintf_error(end - pos, ret))
2937 return -1;
2938 pos += ret;
2939 }
2940 }
2941
2942 return pos - buf;
2943 }
2944
2945
2946 static int hostapd_ctrl_iface_acl_del_mac(struct mac_acl_entry **acl, int *num,
2947 const char *txtaddr)
2948 {
2949 u8 addr[ETH_ALEN];
2950 struct vlan_description vlan_id;
2951
2952 if (!(*num))
2953 return 0;
2954
2955 if (hwaddr_aton(txtaddr, addr))
2956 return -1;
2957
2958 if (hostapd_maclist_found(*acl, *num, addr, &vlan_id))
2959 hostapd_remove_acl_mac(acl, num, addr);
2960
2961 return 0;
2962 }
2963
2964
2965 static void hostapd_ctrl_iface_acl_clear_list(struct mac_acl_entry **acl,
2966 int *num)
2967 {
2968 while (*num)
2969 hostapd_remove_acl_mac(acl, num, (*acl)[0].addr);
2970 }
2971
2972
2973 static int hostapd_ctrl_iface_acl_show_mac(struct mac_acl_entry *acl, int num,
2974 char *buf, size_t buflen)
2975 {
2976 int i = 0, len = 0, ret = 0;
2977
2978 if (!acl)
2979 return 0;
2980
2981 while (i < num) {
2982 ret = os_snprintf(buf + len, buflen - len,
2983 MACSTR " VLAN_ID=%d\n",
2984 MAC2STR(acl[i].addr),
2985 acl[i].vlan_id.untagged);
2986 if (ret < 0 || (size_t) ret >= buflen - len)
2987 return len;
2988 i++;
2989 len += ret;
2990 }
2991 return len;
2992 }
2993
2994
2995 static int hostapd_ctrl_iface_acl_add_mac(struct mac_acl_entry **acl, int *num,
2996 const char *cmd)
2997 {
2998 u8 addr[ETH_ALEN];
2999 struct vlan_description vlan_id;
3000 int ret = 0, vlanid = 0;
3001 const char *pos;
3002
3003 if (hwaddr_aton(cmd, addr))
3004 return -1;
3005
3006 pos = os_strstr(cmd, "VLAN_ID=");
3007 if (pos)
3008 vlanid = atoi(pos + 8);
3009
3010 if (!hostapd_maclist_found(*acl, *num, addr, &vlan_id)) {
3011 ret = hostapd_add_acl_maclist(acl, num, vlanid, addr);
3012 if (ret != -1 && *acl)
3013 qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
3014 }
3015
3016 return ret < 0 ? -1 : 0;
3017 }
3018
3019
3020 static int hostapd_ctrl_iface_get_capability(struct hostapd_data *hapd,
3021 const char *field, char *buf,
3022 size_t buflen)
3023 {
3024 wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_CAPABILITY '%s'", field);
3025
3026 #ifdef CONFIG_DPP
3027 if (os_strcmp(field, "dpp") == 0) {
3028 int res;
3029
3030 #ifdef CONFIG_DPP2
3031 res = os_snprintf(buf, buflen, "DPP=2");
3032 #else /* CONFIG_DPP2 */
3033 res = os_snprintf(buf, buflen, "DPP=1");
3034 #endif /* CONFIG_DPP2 */
3035 if (os_snprintf_error(buflen, res))
3036 return -1;
3037 return res;
3038 }
3039 #endif /* CONFIG_DPP */
3040
3041 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown GET_CAPABILITY field '%s'",
3042 field);
3043
3044 return -1;
3045 }
3046
3047
3048 static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd,
3049 char *buf, char *reply,
3050 int reply_size,
3051 struct sockaddr_storage *from,
3052 socklen_t fromlen)
3053 {
3054 int reply_len, res;
3055
3056 os_memcpy(reply, "OK\n", 3);
3057 reply_len = 3;
3058
3059 if (os_strcmp(buf, "PING") == 0) {
3060 os_memcpy(reply, "PONG\n", 5);
3061 reply_len = 5;
3062 } else if (os_strncmp(buf, "RELOG", 5) == 0) {
3063 if (wpa_debug_reopen_file() < 0)
3064 reply_len = -1;
3065 } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
3066 wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
3067 } else if (os_strcmp(buf, "STATUS") == 0) {
3068 reply_len = hostapd_ctrl_iface_status(hapd, reply,
3069 reply_size);
3070 } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
3071 reply_len = hostapd_drv_status(hapd, reply, reply_size);
3072 } else if (os_strcmp(buf, "MIB") == 0) {
3073 reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
3074 if (reply_len >= 0) {
3075 res = wpa_get_mib(hapd->wpa_auth, reply + reply_len,
3076 reply_size - reply_len);
3077 if (res < 0)
3078 reply_len = -1;
3079 else
3080 reply_len += res;
3081 }
3082 if (reply_len >= 0) {
3083 res = ieee802_1x_get_mib(hapd, reply + reply_len,
3084 reply_size - reply_len);
3085 if (res < 0)
3086 reply_len = -1;
3087 else
3088 reply_len += res;
3089 }
3090 #ifndef CONFIG_NO_RADIUS
3091 if (reply_len >= 0) {
3092 res = radius_client_get_mib(hapd->radius,
3093 reply + reply_len,
3094 reply_size - reply_len);
3095 if (res < 0)
3096 reply_len = -1;
3097 else
3098 reply_len += res;
3099 }
3100 #endif /* CONFIG_NO_RADIUS */
3101 } else if (os_strncmp(buf, "MIB ", 4) == 0) {
3102 reply_len = hostapd_ctrl_iface_mib(hapd, reply, reply_size,
3103 buf + 4);
3104 } else if (os_strcmp(buf, "STA-FIRST") == 0) {
3105 reply_len = hostapd_ctrl_iface_sta_first(hapd, reply,
3106 reply_size);
3107 } else if (os_strncmp(buf, "STA ", 4) == 0) {
3108 reply_len = hostapd_ctrl_iface_sta(hapd, buf + 4, reply,
3109 reply_size);
3110 } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
3111 reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
3112 reply_size);
3113 } else if (os_strcmp(buf, "ATTACH") == 0) {
3114 if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
3115 reply_len = -1;
3116 } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
3117 if (hostapd_ctrl_iface_attach(hapd, from, fromlen, buf + 7))
3118 reply_len = -1;
3119 } else if (os_strcmp(buf, "DETACH") == 0) {
3120 if (hostapd_ctrl_iface_detach(hapd, from, fromlen))
3121 reply_len = -1;
3122 } else if (os_strncmp(buf, "LEVEL ", 6) == 0) {
3123 if (hostapd_ctrl_iface_level(hapd, from, fromlen,
3124 buf + 6))
3125 reply_len = -1;
3126 } else if (os_strncmp(buf, "NEW_STA ", 8) == 0) {
3127 if (hostapd_ctrl_iface_new_sta(hapd, buf + 8))
3128 reply_len = -1;
3129 } else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
3130 if (hostapd_ctrl_iface_deauthenticate(hapd, buf + 15))
3131 reply_len = -1;
3132 } else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
3133 if (hostapd_ctrl_iface_disassociate(hapd, buf + 13))
3134 reply_len = -1;
3135 #ifdef CONFIG_TAXONOMY
3136 } else if (os_strncmp(buf, "SIGNATURE ", 10) == 0) {
3137 reply_len = hostapd_ctrl_iface_signature(hapd, buf + 10,
3138 reply, reply_size);
3139 #endif /* CONFIG_TAXONOMY */
3140 } else if (os_strncmp(buf, "POLL_STA ", 9) == 0) {
3141 if (hostapd_ctrl_iface_poll_sta(hapd, buf + 9))
3142 reply_len = -1;
3143 } else if (os_strcmp(buf, "STOP_AP") == 0) {
3144 if (hostapd_ctrl_iface_stop_ap(hapd))
3145 reply_len = -1;
3146 #ifdef NEED_AP_MLME
3147 } else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) {
3148 if (hostapd_ctrl_iface_sa_query(hapd, buf + 9))
3149 reply_len = -1;
3150 #endif /* NEED_AP_MLME */
3151 #ifdef CONFIG_WPS
3152 } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
3153 if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8))
3154 reply_len = -1;
3155 } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) {
3156 reply_len = hostapd_ctrl_iface_wps_check_pin(
3157 hapd, buf + 14, reply, reply_size);
3158 } else if (os_strcmp(buf, "WPS_PBC") == 0) {
3159 if (hostapd_wps_button_pushed(hapd, NULL))
3160 reply_len = -1;
3161 } else if (os_strcmp(buf, "WPS_CANCEL") == 0) {
3162 if (hostapd_wps_cancel(hapd))
3163 reply_len = -1;
3164 } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
3165 reply_len = hostapd_ctrl_iface_wps_ap_pin(hapd, buf + 11,
3166 reply, reply_size);
3167 } else if (os_strncmp(buf, "WPS_CONFIG ", 11) == 0) {
3168 if (hostapd_ctrl_iface_wps_config(hapd, buf + 11) < 0)
3169 reply_len = -1;
3170 } else if (os_strncmp(buf, "WPS_GET_STATUS", 13) == 0) {
3171 reply_len = hostapd_ctrl_iface_wps_get_status(hapd, reply,
3172 reply_size);
3173 #ifdef CONFIG_WPS_NFC
3174 } else if (os_strncmp(buf, "WPS_NFC_TAG_READ ", 17) == 0) {
3175 if (hostapd_ctrl_iface_wps_nfc_tag_read(hapd, buf + 17))
3176 reply_len = -1;
3177 } else if (os_strncmp(buf, "WPS_NFC_CONFIG_TOKEN ", 21) == 0) {
3178 reply_len = hostapd_ctrl_iface_wps_nfc_config_token(
3179 hapd, buf + 21, reply, reply_size);
3180 } else if (os_strncmp(buf, "WPS_NFC_TOKEN ", 14) == 0) {
3181 reply_len = hostapd_ctrl_iface_wps_nfc_token(
3182 hapd, buf + 14, reply, reply_size);
3183 } else if (os_strncmp(buf, "NFC_GET_HANDOVER_SEL ", 21) == 0) {
3184 reply_len = hostapd_ctrl_iface_nfc_get_handover_sel(
3185 hapd, buf + 21, reply, reply_size);
3186 } else if (os_strncmp(buf, "NFC_REPORT_HANDOVER ", 20) == 0) {
3187 if (hostapd_ctrl_iface_nfc_report_handover(hapd, buf + 20))
3188 reply_len = -1;
3189 #endif /* CONFIG_WPS_NFC */
3190 #endif /* CONFIG_WPS */
3191 #ifdef CONFIG_INTERWORKING
3192 } else if (os_strncmp(buf, "SET_QOS_MAP_SET ", 16) == 0) {
3193 if (hostapd_ctrl_iface_set_qos_map_set(hapd, buf + 16))
3194 reply_len = -1;
3195 } else if (os_strncmp(buf, "SEND_QOS_MAP_CONF ", 18) == 0) {
3196 if (hostapd_ctrl_iface_send_qos_map_conf(hapd, buf + 18))
3197 reply_len = -1;
3198 #endif /* CONFIG_INTERWORKING */
3199 #ifdef CONFIG_HS20
3200 } else if (os_strncmp(buf, "HS20_WNM_NOTIF ", 15) == 0) {
3201 if (hostapd_ctrl_iface_hs20_wnm_notif(hapd, buf + 15))
3202 reply_len = -1;
3203 } else if (os_strncmp(buf, "HS20_DEAUTH_REQ ", 16) == 0) {
3204 if (hostapd_ctrl_iface_hs20_deauth_req(hapd, buf + 16))
3205 reply_len = -1;
3206 #endif /* CONFIG_HS20 */
3207 #ifdef CONFIG_WNM_AP
3208 } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
3209 if (hostapd_ctrl_iface_disassoc_imminent(hapd, buf + 18))
3210 reply_len = -1;
3211 } else if (os_strncmp(buf, "ESS_DISASSOC ", 13) == 0) {
3212 if (hostapd_ctrl_iface_ess_disassoc(hapd, buf + 13))
3213 reply_len = -1;
3214 } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
3215 if (hostapd_ctrl_iface_bss_tm_req(hapd, buf + 11))
3216 reply_len = -1;
3217 } else if (os_strncmp(buf, "COLOC_INTF_REQ ", 15) == 0) {
3218 if (hostapd_ctrl_iface_coloc_intf_req(hapd, buf + 15))
3219 reply_len = -1;
3220 #endif /* CONFIG_WNM_AP */
3221 } else if (os_strcmp(buf, "GET_CONFIG") == 0) {
3222 reply_len = hostapd_ctrl_iface_get_config(hapd, reply,
3223 reply_size);
3224 } else if (os_strncmp(buf, "SET ", 4) == 0) {
3225 if (hostapd_ctrl_iface_set(hapd, buf + 4))
3226 reply_len = -1;
3227 } else if (os_strncmp(buf, "GET ", 4) == 0) {
3228 reply_len = hostapd_ctrl_iface_get(hapd, buf + 4, reply,
3229 reply_size);
3230 } else if (os_strncmp(buf, "ENABLE", 6) == 0) {
3231 if (hostapd_ctrl_iface_enable(hapd->iface))
3232 reply_len = -1;
3233 } else if (os_strcmp(buf, "RELOAD_WPA_PSK") == 0) {
3234 if (hostapd_ctrl_iface_reload_wpa_psk(hapd))
3235 reply_len = -1;
3236 } else if (os_strncmp(buf, "RELOAD", 6) == 0) {
3237 if (hostapd_ctrl_iface_reload(hapd->iface))
3238 reply_len = -1;
3239 } else if (os_strncmp(buf, "DISABLE", 7) == 0) {
3240 if (hostapd_ctrl_iface_disable(hapd->iface))
3241 reply_len = -1;
3242 } else if (os_strcmp(buf, "UPDATE_BEACON") == 0) {
3243 if (ieee802_11_set_beacon(hapd))
3244 reply_len = -1;
3245 #ifdef CONFIG_TESTING_OPTIONS
3246 } else if (os_strncmp(buf, "RADAR ", 6) == 0) {
3247 if (hostapd_ctrl_iface_radar(hapd, buf + 6))
3248 reply_len = -1;
3249 } else if (os_strncmp(buf, "MGMT_TX ", 8) == 0) {
3250 if (hostapd_ctrl_iface_mgmt_tx(hapd, buf + 8))
3251 reply_len = -1;
3252 } else if (os_strncmp(buf, "MGMT_TX_STATUS_PROCESS ", 23) == 0) {
3253 if (hostapd_ctrl_iface_mgmt_tx_status_process(hapd,
3254 buf + 23) < 0)
3255 reply_len = -1;
3256 } else if (os_strncmp(buf, "MGMT_RX_PROCESS ", 16) == 0) {
3257 if (hostapd_ctrl_iface_mgmt_rx_process(hapd, buf + 16) < 0)
3258 reply_len = -1;
3259 } else if (os_strncmp(buf, "EAPOL_RX ", 9) == 0) {
3260 if (hostapd_ctrl_iface_eapol_rx(hapd, buf + 9) < 0)
3261 reply_len = -1;
3262 } else if (os_strncmp(buf, "DATA_TEST_CONFIG ", 17) == 0) {
3263 if (hostapd_ctrl_iface_data_test_config(hapd, buf + 17) < 0)
3264 reply_len = -1;
3265 } else if (os_strncmp(buf, "DATA_TEST_TX ", 13) == 0) {
3266 if (hostapd_ctrl_iface_data_test_tx(hapd, buf + 13) < 0)
3267 reply_len = -1;
3268 } else if (os_strncmp(buf, "DATA_TEST_FRAME ", 16) == 0) {
3269 if (hostapd_ctrl_iface_data_test_frame(hapd, buf + 16) < 0)
3270 reply_len = -1;
3271 } else if (os_strncmp(buf, "TEST_ALLOC_FAIL ", 16) == 0) {
3272 if (hostapd_ctrl_test_alloc_fail(hapd, buf + 16) < 0)
3273 reply_len = -1;
3274 } else if (os_strcmp(buf, "GET_ALLOC_FAIL") == 0) {
3275 reply_len = hostapd_ctrl_get_alloc_fail(hapd, reply,
3276 reply_size);
3277 } else if (os_strncmp(buf, "TEST_FAIL ", 10) == 0) {
3278 if (hostapd_ctrl_test_fail(hapd, buf + 10) < 0)
3279 reply_len = -1;
3280 } else if (os_strcmp(buf, "GET_FAIL") == 0) {
3281 reply_len = hostapd_ctrl_get_fail(hapd, reply, reply_size);
3282 } else if (os_strncmp(buf, "RESET_PN ", 9) == 0) {
3283 if (hostapd_ctrl_reset_pn(hapd, buf + 9) < 0)
3284 reply_len = -1;
3285 } else if (os_strncmp(buf, "SET_KEY ", 8) == 0) {
3286 if (hostapd_ctrl_set_key(hapd, buf + 8) < 0)
3287 reply_len = -1;
3288 } else if (os_strncmp(buf, "RESEND_M1 ", 10) == 0) {
3289 if (hostapd_ctrl_resend_m1(hapd, buf + 10) < 0)
3290 reply_len = -1;
3291 } else if (os_strncmp(buf, "RESEND_M3 ", 10) == 0) {
3292 if (hostapd_ctrl_resend_m3(hapd, buf + 10) < 0)
3293 reply_len = -1;
3294 } else if (os_strncmp(buf, "RESEND_GROUP_M1 ", 16) == 0) {
3295 if (hostapd_ctrl_resend_group_m1(hapd, buf + 16) < 0)
3296 reply_len = -1;
3297 } else if (os_strcmp(buf, "REKEY_GTK") == 0) {
3298 if (wpa_auth_rekey_gtk(hapd->wpa_auth) < 0)
3299 reply_len = -1;
3300 } else if (os_strncmp(buf, "GET_PMK ", 8) == 0) {
3301 reply_len = hostapd_ctrl_get_pmk(hapd, buf + 8, reply,
3302 reply_size);
3303 #endif /* CONFIG_TESTING_OPTIONS */
3304 } else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) {
3305 if (hostapd_ctrl_iface_chan_switch(hapd->iface, buf + 12))
3306 reply_len = -1;
3307 } else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
3308 reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
3309 reply_size);
3310 } else if (os_strcmp(buf, "ERP_FLUSH") == 0) {
3311 ieee802_1x_erp_flush(hapd);
3312 #ifdef RADIUS_SERVER
3313 radius_server_erp_flush(hapd->radius_srv);
3314 #endif /* RADIUS_SERVER */
3315 } else if (os_strncmp(buf, "EAPOL_REAUTH ", 13) == 0) {
3316 if (hostapd_ctrl_iface_eapol_reauth(hapd, buf + 13))
3317 reply_len = -1;
3318 } else if (os_strncmp(buf, "EAPOL_SET ", 10) == 0) {
3319 if (hostapd_ctrl_iface_eapol_set(hapd, buf + 10))
3320 reply_len = -1;
3321 } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) {
3322 reply_len = hostapd_ctrl_iface_log_level(
3323 hapd, buf + 9, reply, reply_size);
3324 #ifdef NEED_AP_MLME
3325 } else if (os_strcmp(buf, "TRACK_STA_LIST") == 0) {
3326 reply_len = hostapd_ctrl_iface_track_sta_list(
3327 hapd, reply, reply_size);
3328 #endif /* NEED_AP_MLME */
3329 } else if (os_strcmp(buf, "PMKSA") == 0) {
3330 reply_len = hostapd_ctrl_iface_pmksa_list(hapd, reply,
3331 reply_size);
3332 } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) {
3333 hostapd_ctrl_iface_pmksa_flush(hapd);
3334 } else if (os_strncmp(buf, "PMKSA_ADD ", 10) == 0) {
3335 if (hostapd_ctrl_iface_pmksa_add(hapd, buf + 10) < 0)
3336 reply_len = -1;
3337 } else if (os_strncmp(buf, "SET_NEIGHBOR ", 13) == 0) {
3338 if (hostapd_ctrl_iface_set_neighbor(hapd, buf + 13))
3339 reply_len = -1;
3340 } else if (os_strcmp(buf, "SHOW_NEIGHBOR") == 0) {
3341 reply_len = hostapd_ctrl_iface_show_neighbor(hapd, reply,
3342 reply_size);
3343 } else if (os_strncmp(buf, "REMOVE_NEIGHBOR ", 16) == 0) {
3344 if (hostapd_ctrl_iface_remove_neighbor(hapd, buf + 16))
3345 reply_len = -1;
3346 } else if (os_strncmp(buf, "REQ_LCI ", 8) == 0) {
3347 if (hostapd_ctrl_iface_req_lci(hapd, buf + 8))
3348 reply_len = -1;
3349 } else if (os_strncmp(buf, "REQ_RANGE ", 10) == 0) {
3350 if (hostapd_ctrl_iface_req_range(hapd, buf + 10))
3351 reply_len = -1;
3352 } else if (os_strncmp(buf, "REQ_BEACON ", 11) == 0) {
3353 reply_len = hostapd_ctrl_iface_req_beacon(hapd, buf + 11,
3354 reply, reply_size);
3355 } else if (os_strcmp(buf, "DRIVER_FLAGS") == 0) {
3356 reply_len = hostapd_ctrl_driver_flags(hapd->iface, reply,
3357 reply_size);
3358 } else if (os_strcmp(buf, "TERMINATE") == 0) {
3359 eloop_terminate();
3360 } else if (os_strncmp(buf, "ACCEPT_ACL ", 11) == 0) {
3361 if (os_strncmp(buf + 11, "ADD_MAC ", 8) == 0) {
3362 if (!hostapd_ctrl_iface_acl_add_mac(
3363 &hapd->conf->accept_mac,
3364 &hapd->conf->num_accept_mac, buf + 19))
3365 hostapd_disassoc_accept_mac(hapd);
3366 else
3367 reply_len = -1;
3368 } else if (os_strncmp((buf + 11), "DEL_MAC ", 8) == 0) {
3369 hostapd_ctrl_iface_acl_del_mac(
3370 &hapd->conf->accept_mac,
3371 &hapd->conf->num_accept_mac, buf + 19);
3372 } else if (os_strcmp(buf + 11, "SHOW") == 0) {
3373 reply_len = hostapd_ctrl_iface_acl_show_mac(
3374 hapd->conf->accept_mac,
3375 hapd->conf->num_accept_mac, reply, reply_size);
3376 } else if (os_strcmp(buf + 11, "CLEAR") == 0) {
3377 hostapd_ctrl_iface_acl_clear_list(
3378 &hapd->conf->accept_mac,
3379 &hapd->conf->num_accept_mac);
3380 }
3381 } else if (os_strncmp(buf, "DENY_ACL ", 9) == 0) {
3382 if (os_strncmp(buf + 9, "ADD_MAC ", 8) == 0) {
3383 if (!hostapd_ctrl_iface_acl_add_mac(
3384 &hapd->conf->deny_mac,
3385 &hapd->conf->num_deny_mac, buf + 17))
3386 hostapd_disassoc_deny_mac(hapd);
3387 } else if (os_strncmp(buf + 9, "DEL_MAC ", 8) == 0) {
3388 hostapd_ctrl_iface_acl_del_mac(
3389 &hapd->conf->deny_mac,
3390 &hapd->conf->num_deny_mac, buf + 17);
3391 } else if (os_strcmp(buf + 9, "SHOW") == 0) {
3392 reply_len = hostapd_ctrl_iface_acl_show_mac(
3393 hapd->conf->deny_mac,
3394 hapd->conf->num_deny_mac, reply, reply_size);
3395 } else if (os_strcmp(buf + 9, "CLEAR") == 0) {
3396 hostapd_ctrl_iface_acl_clear_list(
3397 &hapd->conf->deny_mac,
3398 &hapd->conf->num_deny_mac);
3399 }
3400 #ifdef CONFIG_DPP
3401 } else if (os_strncmp(buf, "DPP_QR_CODE ", 12) == 0) {
3402 res = hostapd_dpp_qr_code(hapd, buf + 12);
3403 if (res < 0) {
3404 reply_len = -1;
3405 } else {
3406 reply_len = os_snprintf(reply, reply_size, "%d", res);
3407 if (os_snprintf_error(reply_size, reply_len))
3408 reply_len = -1;
3409 }
3410 } else if (os_strncmp(buf, "DPP_NFC_URI ", 12) == 0) {
3411 res = hostapd_dpp_nfc_uri(hapd, buf + 12);
3412 if (res < 0) {
3413 reply_len = -1;
3414 } else {
3415 reply_len = os_snprintf(reply, reply_size, "%d", res);
3416 if (os_snprintf_error(reply_size, reply_len))
3417 reply_len = -1;
3418 }
3419 } else if (os_strncmp(buf, "DPP_NFC_HANDOVER_REQ ", 21) == 0) {
3420 res = hostapd_dpp_nfc_handover_req(hapd, buf + 20);
3421 if (res < 0) {
3422 reply_len = -1;
3423 } else {
3424 reply_len = os_snprintf(reply, reply_size, "%d", res);
3425 if (os_snprintf_error(reply_size, reply_len))
3426 reply_len = -1;
3427 }
3428 } else if (os_strncmp(buf, "DPP_NFC_HANDOVER_SEL ", 21) == 0) {
3429 res = hostapd_dpp_nfc_handover_sel(hapd, buf + 20);
3430 if (res < 0) {
3431 reply_len = -1;
3432 } else {
3433 reply_len = os_snprintf(reply, reply_size, "%d", res);
3434 if (os_snprintf_error(reply_size, reply_len))
3435 reply_len = -1;
3436 }
3437 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GEN ", 18) == 0) {
3438 res = dpp_bootstrap_gen(hapd->iface->interfaces->dpp, buf + 18);
3439 if (res < 0) {
3440 reply_len = -1;
3441 } else {
3442 reply_len = os_snprintf(reply, reply_size, "%d", res);
3443 if (os_snprintf_error(reply_size, reply_len))
3444 reply_len = -1;
3445 }
3446 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_REMOVE ", 21) == 0) {
3447 if (dpp_bootstrap_remove(hapd->iface->interfaces->dpp,
3448 buf + 21) < 0)
3449 reply_len = -1;
3450 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GET_URI ", 22) == 0) {
3451 const char *uri;
3452
3453 uri = dpp_bootstrap_get_uri(hapd->iface->interfaces->dpp,
3454 atoi(buf + 22));
3455 if (!uri) {
3456 reply_len = -1;
3457 } else {
3458 reply_len = os_snprintf(reply, reply_size, "%s", uri);
3459 if (os_snprintf_error(reply_size, reply_len))
3460 reply_len = -1;
3461 }
3462 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_INFO ", 19) == 0) {
3463 reply_len = dpp_bootstrap_info(hapd->iface->interfaces->dpp,
3464 atoi(buf + 19),
3465 reply, reply_size);
3466 } else if (os_strncmp(buf, "DPP_AUTH_INIT ", 14) == 0) {
3467 if (hostapd_dpp_auth_init(hapd, buf + 13) < 0)
3468 reply_len = -1;
3469 } else if (os_strncmp(buf, "DPP_LISTEN ", 11) == 0) {
3470 if (hostapd_dpp_listen(hapd, buf + 11) < 0)
3471 reply_len = -1;
3472 } else if (os_strcmp(buf, "DPP_STOP_LISTEN") == 0) {
3473 hostapd_dpp_stop(hapd);
3474 hostapd_dpp_listen_stop(hapd);
3475 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_ADD", 20) == 0) {
3476 res = dpp_configurator_add(hapd->iface->interfaces->dpp,
3477 buf + 20);
3478 if (res < 0) {
3479 reply_len = -1;
3480 } else {
3481 reply_len = os_snprintf(reply, reply_size, "%d", res);
3482 if (os_snprintf_error(reply_size, reply_len))
3483 reply_len = -1;
3484 }
3485 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_REMOVE ", 24) == 0) {
3486 if (dpp_configurator_remove(hapd->iface->interfaces->dpp,
3487 buf + 24) < 0)
3488 reply_len = -1;
3489 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) {
3490 if (hostapd_dpp_configurator_sign(hapd, buf + 21) < 0)
3491 reply_len = -1;
3492 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) {
3493 reply_len = dpp_configurator_get_key_id(
3494 hapd->iface->interfaces->dpp,
3495 atoi(buf + 25),
3496 reply, reply_size);
3497 } else if (os_strncmp(buf, "DPP_PKEX_ADD ", 13) == 0) {
3498 res = hostapd_dpp_pkex_add(hapd, buf + 12);
3499 if (res < 0) {
3500 reply_len = -1;
3501 } else {
3502 reply_len = os_snprintf(reply, reply_size, "%d", res);
3503 if (os_snprintf_error(reply_size, reply_len))
3504 reply_len = -1;
3505 }
3506 } else if (os_strncmp(buf, "DPP_PKEX_REMOVE ", 16) == 0) {
3507 if (hostapd_dpp_pkex_remove(hapd, buf + 16) < 0)
3508 reply_len = -1;
3509 #endif /* CONFIG_DPP */
3510 #ifdef RADIUS_SERVER
3511 } else if (os_strncmp(buf, "DAC_REQUEST ", 12) == 0) {
3512 if (radius_server_dac_request(hapd->radius_srv, buf + 12) < 0)
3513 reply_len = -1;
3514 #endif /* RADIUS_SERVER */
3515 } else if (os_strncmp(buf, "GET_CAPABILITY ", 15) == 0) {
3516 reply_len = hostapd_ctrl_iface_get_capability(
3517 hapd, buf + 15, reply, reply_size);
3518 } else {
3519 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
3520 reply_len = 16;
3521 }
3522
3523 if (reply_len < 0) {
3524 os_memcpy(reply, "FAIL\n", 5);
3525 reply_len = 5;
3526 }
3527
3528 return reply_len;
3529 }
3530
3531
3532 static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
3533 void *sock_ctx)
3534 {
3535 struct hostapd_data *hapd = eloop_ctx;
3536 char buf[4096];
3537 int res;
3538 struct sockaddr_storage from;
3539 socklen_t fromlen = sizeof(from);
3540 char *reply, *pos = buf;
3541 const int reply_size = 4096;
3542 int reply_len;
3543 int level = MSG_DEBUG;
3544 #ifdef CONFIG_CTRL_IFACE_UDP
3545 unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
3546 #endif /* CONFIG_CTRL_IFACE_UDP */
3547
3548 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
3549 (struct sockaddr *) &from, &fromlen);
3550 if (res < 0) {
3551 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
3552 strerror(errno));
3553 return;
3554 }
3555 buf[res] = '\0';
3556
3557 reply = os_malloc(reply_size);
3558 if (reply == NULL) {
3559 if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
3560 fromlen) < 0) {
3561 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
3562 strerror(errno));
3563 }
3564 return;
3565 }
3566
3567 #ifdef CONFIG_CTRL_IFACE_UDP
3568 if (os_strcmp(buf, "GET_COOKIE") == 0) {
3569 os_memcpy(reply, "COOKIE=", 7);
3570 wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1,
3571 hapd->ctrl_iface_cookie,
3572 CTRL_IFACE_COOKIE_LEN);
3573 reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN;
3574 goto done;
3575 }
3576
3577 if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
3578 hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) {
3579 wpa_printf(MSG_DEBUG,
3580 "CTRL: No cookie in the request - drop request");
3581 os_free(reply);
3582 return;
3583 }
3584
3585 if (os_memcmp(hapd->ctrl_iface_cookie, lcookie,
3586 CTRL_IFACE_COOKIE_LEN) != 0) {
3587 wpa_printf(MSG_DEBUG,
3588 "CTRL: Invalid cookie in the request - drop request");
3589 os_free(reply);
3590 return;
3591 }
3592
3593 pos = buf + 7 + 2 * CTRL_IFACE_COOKIE_LEN;
3594 while (*pos == ' ')
3595 pos++;
3596 #endif /* CONFIG_CTRL_IFACE_UDP */
3597
3598 if (os_strcmp(pos, "PING") == 0)
3599 level = MSG_EXCESSIVE;
3600 wpa_hexdump_ascii(level, "RX ctrl_iface", pos, res);
3601
3602 reply_len = hostapd_ctrl_iface_receive_process(hapd, pos,
3603 reply, reply_size,
3604 &from, fromlen);
3605
3606 #ifdef CONFIG_CTRL_IFACE_UDP
3607 done:
3608 #endif /* CONFIG_CTRL_IFACE_UDP */
3609 if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
3610 fromlen) < 0) {
3611 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
3612 strerror(errno));
3613 }
3614 os_free(reply);
3615 }
3616
3617
3618 #ifndef CONFIG_CTRL_IFACE_UDP
3619 static char * hostapd_ctrl_iface_path(struct hostapd_data *hapd)
3620 {
3621 char *buf;
3622 size_t len;
3623
3624 if (hapd->conf->ctrl_interface == NULL)
3625 return NULL;
3626
3627 len = os_strlen(hapd->conf->ctrl_interface) +
3628 os_strlen(hapd->conf->iface) + 2;
3629 buf = os_malloc(len);
3630 if (buf == NULL)
3631 return NULL;
3632
3633 os_snprintf(buf, len, "%s/%s",
3634 hapd->conf->ctrl_interface, hapd->conf->iface);
3635 buf[len - 1] = '\0';
3636 return buf;
3637 }
3638 #endif /* CONFIG_CTRL_IFACE_UDP */
3639
3640
3641 static void hostapd_ctrl_iface_msg_cb(void *ctx, int level,
3642 enum wpa_msg_type type,
3643 const char *txt, size_t len)
3644 {
3645 struct hostapd_data *hapd = ctx;
3646 if (hapd == NULL)
3647 return;
3648 hostapd_ctrl_iface_send(hapd, level, type, txt, len);
3649 }
3650
3651
3652 int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
3653 {
3654 #ifdef CONFIG_CTRL_IFACE_UDP
3655 int port = HOSTAPD_CTRL_IFACE_PORT;
3656 char p[32] = { 0 };
3657 char port_str[40], *tmp;
3658 char *pos;
3659 struct addrinfo hints = { 0 }, *res, *saveres;
3660 int n;
3661
3662 if (hapd->ctrl_sock > -1) {
3663 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
3664 return 0;
3665 }
3666
3667 if (hapd->conf->ctrl_interface == NULL)
3668 return 0;
3669
3670 pos = os_strstr(hapd->conf->ctrl_interface, "udp:");
3671 if (pos) {
3672 pos += 4;
3673 port = atoi(pos);
3674 if (port <= 0) {
3675 wpa_printf(MSG_ERROR, "Invalid ctrl_iface UDP port");
3676 goto fail;
3677 }
3678 }
3679
3680 dl_list_init(&hapd->ctrl_dst);
3681 hapd->ctrl_sock = -1;
3682 os_get_random(hapd->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN);
3683
3684 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
3685 hints.ai_flags = AI_PASSIVE;
3686 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
3687
3688 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
3689 hints.ai_family = AF_INET6;
3690 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
3691 hints.ai_family = AF_INET;
3692 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
3693 hints.ai_socktype = SOCK_DGRAM;
3694
3695 try_again:
3696 os_snprintf(p, sizeof(p), "%d", port);
3697 n = getaddrinfo(NULL, p, &hints, &res);
3698 if (n) {
3699 wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
3700 goto fail;
3701 }
3702
3703 saveres = res;
3704 hapd->ctrl_sock = socket(res->ai_family, res->ai_socktype,
3705 res->ai_protocol);
3706 if (hapd->ctrl_sock < 0) {
3707 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
3708 goto fail;
3709 }
3710
3711 if (bind(hapd->ctrl_sock, res->ai_addr, res->ai_addrlen) < 0) {
3712 port--;
3713 if ((HOSTAPD_CTRL_IFACE_PORT - port) <
3714 HOSTAPD_CTRL_IFACE_PORT_LIMIT && !pos)
3715 goto try_again;
3716 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
3717 goto fail;
3718 }
3719
3720 freeaddrinfo(saveres);
3721
3722 os_snprintf(port_str, sizeof(port_str), "udp:%d", port);
3723 tmp = os_strdup(port_str);
3724 if (tmp) {
3725 os_free(hapd->conf->ctrl_interface);
3726 hapd->conf->ctrl_interface = tmp;
3727 }
3728 wpa_printf(MSG_DEBUG, "ctrl_iface_init UDP port: %d", port);
3729
3730 if (eloop_register_read_sock(hapd->ctrl_sock,
3731 hostapd_ctrl_iface_receive, hapd, NULL) <
3732 0) {
3733 hostapd_ctrl_iface_deinit(hapd);
3734 return -1;
3735 }
3736
3737 hapd->msg_ctx = hapd;
3738 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
3739
3740 return 0;
3741
3742 fail:
3743 if (hapd->ctrl_sock >= 0)
3744 close(hapd->ctrl_sock);
3745 return -1;
3746 #else /* CONFIG_CTRL_IFACE_UDP */
3747 struct sockaddr_un addr;
3748 int s = -1;
3749 char *fname = NULL;
3750
3751 if (hapd->ctrl_sock > -1) {
3752 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
3753 return 0;
3754 }
3755
3756 dl_list_init(&hapd->ctrl_dst);
3757
3758 if (hapd->conf->ctrl_interface == NULL)
3759 return 0;
3760
3761 if (mkdir(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
3762 if (errno == EEXIST) {
3763 wpa_printf(MSG_DEBUG, "Using existing control "
3764 "interface directory.");
3765 } else {
3766 wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
3767 strerror(errno));
3768 goto fail;
3769 }
3770 }
3771
3772 if (hapd->conf->ctrl_interface_gid_set &&
3773 lchown(hapd->conf->ctrl_interface, -1,
3774 hapd->conf->ctrl_interface_gid) < 0) {
3775 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
3776 strerror(errno));
3777 return -1;
3778 }
3779
3780 if (!hapd->conf->ctrl_interface_gid_set &&
3781 hapd->iface->interfaces->ctrl_iface_group &&
3782 lchown(hapd->conf->ctrl_interface, -1,
3783 hapd->iface->interfaces->ctrl_iface_group) < 0) {
3784 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
3785 strerror(errno));
3786 return -1;
3787 }
3788
3789 #ifdef ANDROID
3790 /*
3791 * Android is using umask 0077 which would leave the control interface
3792 * directory without group access. This breaks things since Wi-Fi
3793 * framework assumes that this directory can be accessed by other
3794 * applications in the wifi group. Fix this by adding group access even
3795 * if umask value would prevent this.
3796 */
3797 if (chmod(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
3798 wpa_printf(MSG_ERROR, "CTRL: Could not chmod directory: %s",
3799 strerror(errno));
3800 /* Try to continue anyway */
3801 }
3802 #endif /* ANDROID */
3803
3804 if (os_strlen(hapd->conf->ctrl_interface) + 1 +
3805 os_strlen(hapd->conf->iface) >= sizeof(addr.sun_path))
3806 goto fail;
3807
3808 s = socket(PF_UNIX, SOCK_DGRAM, 0);
3809 if (s < 0) {
3810 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
3811 goto fail;
3812 }
3813
3814 os_memset(&addr, 0, sizeof(addr));
3815 #ifdef __FreeBSD__
3816 addr.sun_len = sizeof(addr);
3817 #endif /* __FreeBSD__ */
3818 addr.sun_family = AF_UNIX;
3819 fname = hostapd_ctrl_iface_path(hapd);
3820 if (fname == NULL)
3821 goto fail;
3822 os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
3823 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
3824 wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
3825 strerror(errno));
3826 if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
3827 wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
3828 " allow connections - assuming it was left"
3829 "over from forced program termination");
3830 if (unlink(fname) < 0) {
3831 wpa_printf(MSG_ERROR,
3832 "Could not unlink existing ctrl_iface socket '%s': %s",
3833 fname, strerror(errno));
3834 goto fail;
3835 }
3836 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
3837 0) {
3838 wpa_printf(MSG_ERROR,
3839 "hostapd-ctrl-iface: bind(PF_UNIX): %s",
3840 strerror(errno));
3841 goto fail;
3842 }
3843 wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
3844 "ctrl_iface socket '%s'", fname);
3845 } else {
3846 wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
3847 "be in use - cannot override it");
3848 wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
3849 "not used anymore", fname);
3850 os_free(fname);
3851 fname = NULL;
3852 goto fail;
3853 }
3854 }
3855
3856 if (hapd->conf->ctrl_interface_gid_set &&
3857 lchown(fname, -1, hapd->conf->ctrl_interface_gid) < 0) {
3858 wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
3859 strerror(errno));
3860 goto fail;
3861 }
3862
3863 if (!hapd->conf->ctrl_interface_gid_set &&
3864 hapd->iface->interfaces->ctrl_iface_group &&
3865 lchown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
3866 wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
3867 strerror(errno));
3868 goto fail;
3869 }
3870
3871 if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
3872 wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
3873 strerror(errno));
3874 goto fail;
3875 }
3876 os_free(fname);
3877
3878 hapd->ctrl_sock = s;
3879 if (eloop_register_read_sock(s, hostapd_ctrl_iface_receive, hapd,
3880 NULL) < 0) {
3881 hostapd_ctrl_iface_deinit(hapd);
3882 return -1;
3883 }
3884 hapd->msg_ctx = hapd;
3885 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
3886
3887 return 0;
3888
3889 fail:
3890 if (s >= 0)
3891 close(s);
3892 if (fname) {
3893 unlink(fname);
3894 os_free(fname);
3895 }
3896 return -1;
3897 #endif /* CONFIG_CTRL_IFACE_UDP */
3898 }
3899
3900
3901 void hostapd_ctrl_iface_deinit(struct hostapd_data *hapd)
3902 {
3903 struct wpa_ctrl_dst *dst, *prev;
3904
3905 if (hapd->ctrl_sock > -1) {
3906 #ifndef CONFIG_CTRL_IFACE_UDP
3907 char *fname;
3908 #endif /* !CONFIG_CTRL_IFACE_UDP */
3909
3910 eloop_unregister_read_sock(hapd->ctrl_sock);
3911 close(hapd->ctrl_sock);
3912 hapd->ctrl_sock = -1;
3913 #ifndef CONFIG_CTRL_IFACE_UDP
3914 fname = hostapd_ctrl_iface_path(hapd);
3915 if (fname)
3916 unlink(fname);
3917 os_free(fname);
3918
3919 if (hapd->conf->ctrl_interface &&
3920 rmdir(hapd->conf->ctrl_interface) < 0) {
3921 if (errno == ENOTEMPTY) {
3922 wpa_printf(MSG_DEBUG, "Control interface "
3923 "directory not empty - leaving it "
3924 "behind");
3925 } else {
3926 wpa_printf(MSG_ERROR,
3927 "rmdir[ctrl_interface=%s]: %s",
3928 hapd->conf->ctrl_interface,
3929 strerror(errno));
3930 }
3931 }
3932 #endif /* !CONFIG_CTRL_IFACE_UDP */
3933 }
3934
3935 dl_list_for_each_safe(dst, prev, &hapd->ctrl_dst, struct wpa_ctrl_dst,
3936 list)
3937 os_free(dst);
3938
3939 #ifdef CONFIG_TESTING_OPTIONS
3940 l2_packet_deinit(hapd->l2_test);
3941 hapd->l2_test = NULL;
3942 #endif /* CONFIG_TESTING_OPTIONS */
3943 }
3944
3945
3946 static int hostapd_ctrl_iface_add(struct hapd_interfaces *interfaces,
3947 char *buf)
3948 {
3949 if (hostapd_add_iface(interfaces, buf) < 0) {
3950 wpa_printf(MSG_ERROR, "Adding interface %s failed", buf);
3951 return -1;
3952 }
3953 return 0;
3954 }
3955
3956
3957 static int hostapd_ctrl_iface_remove(struct hapd_interfaces *interfaces,
3958 char *buf)
3959 {
3960 if (hostapd_remove_iface(interfaces, buf) < 0) {
3961 wpa_printf(MSG_ERROR, "Removing interface %s failed", buf);
3962 return -1;
3963 }
3964 return 0;
3965 }
3966
3967
3968 static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces,
3969 struct sockaddr_storage *from,
3970 socklen_t fromlen, char *input)
3971 {
3972 return ctrl_iface_attach(&interfaces->global_ctrl_dst, from, fromlen,
3973 input);
3974 }
3975
3976
3977 static int hostapd_global_ctrl_iface_detach(struct hapd_interfaces *interfaces,
3978 struct sockaddr_storage *from,
3979 socklen_t fromlen)
3980 {
3981 return ctrl_iface_detach(&interfaces->global_ctrl_dst, from, fromlen);
3982 }
3983
3984
3985 static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces)
3986 {
3987 #ifdef CONFIG_WPS_TESTING
3988 wps_version_number = 0x20;
3989 wps_testing_dummy_cred = 0;
3990 wps_corrupt_pkhash = 0;
3991 #endif /* CONFIG_WPS_TESTING */
3992
3993 #ifdef CONFIG_TESTING_OPTIONS
3994 #ifdef CONFIG_DPP
3995 dpp_test = DPP_TEST_DISABLED;
3996 #endif /* CONFIG_DPP */
3997 #endif /* CONFIG_TESTING_OPTIONS */
3998
3999 #ifdef CONFIG_DPP
4000 dpp_global_clear(interfaces->dpp);
4001 #endif /* CONFIG_DPP */
4002 }
4003
4004
4005 #ifdef CONFIG_FST
4006
4007 static int
4008 hostapd_global_ctrl_iface_fst_attach(struct hapd_interfaces *interfaces,
4009 const char *cmd)
4010 {
4011 char ifname[IFNAMSIZ + 1];
4012 struct fst_iface_cfg cfg;
4013 struct hostapd_data *hapd;
4014 struct fst_wpa_obj iface_obj;
4015
4016 if (!fst_parse_attach_command(cmd, ifname, sizeof(ifname), &cfg)) {
4017 hapd = hostapd_get_iface(interfaces, ifname);
4018 if (hapd) {
4019 if (hapd->iface->fst) {
4020 wpa_printf(MSG_INFO, "FST: Already attached");
4021 return -1;
4022 }
4023 fst_hostapd_fill_iface_obj(hapd, &iface_obj);
4024 hapd->iface->fst = fst_attach(ifname, hapd->own_addr,
4025 &iface_obj, &cfg);
4026 if (hapd->iface->fst)
4027 return 0;
4028 }
4029 }
4030
4031 return -EINVAL;
4032 }
4033
4034
4035 static int
4036 hostapd_global_ctrl_iface_fst_detach(struct hapd_interfaces *interfaces,
4037 const char *cmd)
4038 {
4039 char ifname[IFNAMSIZ + 1];
4040 struct hostapd_data * hapd;
4041
4042 if (!fst_parse_detach_command(cmd, ifname, sizeof(ifname))) {
4043 hapd = hostapd_get_iface(interfaces, ifname);
4044 if (hapd) {
4045 if (!fst_iface_detach(ifname)) {
4046 hapd->iface->fst = NULL;
4047 hapd->iface->fst_ies = NULL;
4048 return 0;
4049 }
4050 }
4051 }
4052
4053 return -EINVAL;
4054 }
4055
4056 #endif /* CONFIG_FST */
4057
4058
4059 static struct hostapd_data *
4060 hostapd_interfaces_get_hapd(struct hapd_interfaces *interfaces,
4061 const char *ifname)
4062 {
4063 size_t i, j;
4064
4065 for (i = 0; i < interfaces->count; i++) {
4066 struct hostapd_iface *iface = interfaces->iface[i];
4067
4068 for (j = 0; j < iface->num_bss; j++) {
4069 struct hostapd_data *hapd;
4070
4071 hapd = iface->bss[j];
4072 if (os_strcmp(ifname, hapd->conf->iface) == 0)
4073 return hapd;
4074 }
4075 }
4076
4077 return NULL;
4078 }
4079
4080
4081 static int hostapd_ctrl_iface_dup_param(struct hostapd_data *src_hapd,
4082 struct hostapd_data *dst_hapd,
4083 const char *param)
4084 {
4085 int res;
4086 char *value;
4087
4088 value = os_zalloc(HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
4089 if (!value) {
4090 wpa_printf(MSG_ERROR,
4091 "DUP: cannot allocate buffer to stringify %s",
4092 param);
4093 goto error_return;
4094 }
4095
4096 if (os_strcmp(param, "wpa") == 0) {
4097 os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%d",
4098 src_hapd->conf->wpa);
4099 } else if (os_strcmp(param, "wpa_key_mgmt") == 0 &&
4100 src_hapd->conf->wpa_key_mgmt) {
4101 res = hostapd_ctrl_iface_get_key_mgmt(
4102 src_hapd, value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
4103 if (os_snprintf_error(HOSTAPD_CLI_DUP_VALUE_MAX_LEN, res))
4104 goto error_stringify;
4105 } else if (os_strcmp(param, "wpa_pairwise") == 0 &&
4106 src_hapd->conf->wpa_pairwise) {
4107 res = wpa_write_ciphers(value,
4108 value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
4109 src_hapd->conf->wpa_pairwise, " ");
4110 if (res < 0)
4111 goto error_stringify;
4112 } else if (os_strcmp(param, "rsn_pairwise") == 0 &&
4113 src_hapd->conf->rsn_pairwise) {
4114 res = wpa_write_ciphers(value,
4115 value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
4116 src_hapd->conf->rsn_pairwise, " ");
4117 if (res < 0)
4118 goto error_stringify;
4119 } else if (os_strcmp(param, "wpa_passphrase") == 0 &&
4120 src_hapd->conf->ssid.wpa_passphrase) {
4121 os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%s",
4122 src_hapd->conf->ssid.wpa_passphrase);
4123 } else if (os_strcmp(param, "wpa_psk") == 0 &&
4124 src_hapd->conf->ssid.wpa_psk_set) {
4125 wpa_snprintf_hex(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
4126 src_hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
4127 } else {
4128 wpa_printf(MSG_WARNING, "DUP: %s cannot be duplicated", param);
4129 goto error_return;
4130 }
4131
4132 res = hostapd_set_iface(dst_hapd->iconf, dst_hapd->conf, param, value);
4133 os_free(value);
4134 return res;
4135
4136 error_stringify:
4137 wpa_printf(MSG_ERROR, "DUP: cannot stringify %s", param);
4138 error_return:
4139 os_free(value);
4140 return -1;
4141 }
4142
4143
4144 static int
4145 hostapd_global_ctrl_iface_interfaces(struct hapd_interfaces *interfaces,
4146 const char *input,
4147 char *reply, int reply_size)
4148 {
4149 size_t i, j;
4150 int res;
4151 char *pos, *end;
4152 struct hostapd_iface *iface;
4153 int show_ctrl = 0;
4154
4155 if (input)
4156 show_ctrl = !!os_strstr(input, "ctrl");
4157
4158 pos = reply;
4159 end = reply + reply_size;
4160
4161 for (i = 0; i < interfaces->count; i++) {
4162 iface = interfaces->iface[i];
4163
4164 for (j = 0; j < iface->num_bss; j++) {
4165 struct hostapd_bss_config *conf;
4166
4167 conf = iface->conf->bss[j];
4168 if (show_ctrl)
4169 res = os_snprintf(pos, end - pos,
4170 "%s ctrl_iface=%s\n",
4171 conf->iface,
4172 conf->ctrl_interface ?
4173 conf->ctrl_interface : "N/A");
4174 else
4175 res = os_snprintf(pos, end - pos, "%s\n",
4176 conf->iface);
4177 if (os_snprintf_error(end - pos, res)) {
4178 *pos = '\0';
4179 return pos - reply;
4180 }
4181 pos += res;
4182 }
4183 }
4184
4185 return pos - reply;
4186 }
4187
4188
4189 static int
4190 hostapd_global_ctrl_iface_dup_network(struct hapd_interfaces *interfaces,
4191 char *cmd)
4192 {
4193 char *p_start = cmd, *p_end;
4194 struct hostapd_data *src_hapd, *dst_hapd;
4195
4196 /* cmd: "<src ifname> <dst ifname> <variable name> */
4197
4198 p_end = os_strchr(p_start, ' ');
4199 if (!p_end) {
4200 wpa_printf(MSG_ERROR, "DUP: no src ifname found in cmd: '%s'",
4201 cmd);
4202 return -1;
4203 }
4204
4205 *p_end = '\0';
4206 src_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
4207 if (!src_hapd) {
4208 wpa_printf(MSG_ERROR, "DUP: no src ifname found: '%s'",
4209 p_start);
4210 return -1;
4211 }
4212
4213 p_start = p_end + 1;
4214 p_end = os_strchr(p_start, ' ');
4215 if (!p_end) {
4216 wpa_printf(MSG_ERROR, "DUP: no dst ifname found in cmd: '%s'",
4217 cmd);
4218 return -1;
4219 }
4220
4221 *p_end = '\0';
4222 dst_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
4223 if (!dst_hapd) {
4224 wpa_printf(MSG_ERROR, "DUP: no dst ifname found: '%s'",
4225 p_start);
4226 return -1;
4227 }
4228
4229 p_start = p_end + 1;
4230 return hostapd_ctrl_iface_dup_param(src_hapd, dst_hapd, p_start);
4231 }
4232
4233
4234 static int hostapd_global_ctrl_iface_ifname(struct hapd_interfaces *interfaces,
4235 const char *ifname,
4236 char *buf, char *reply,
4237 int reply_size,
4238 struct sockaddr_storage *from,
4239 socklen_t fromlen)
4240 {
4241 struct hostapd_data *hapd;
4242
4243 hapd = hostapd_interfaces_get_hapd(interfaces, ifname);
4244 if (hapd == NULL) {
4245 int res;
4246
4247 res = os_snprintf(reply, reply_size, "FAIL-NO-IFNAME-MATCH\n");
4248 if (os_snprintf_error(reply_size, res))
4249 return -1;
4250 return res;
4251 }
4252
4253 return hostapd_ctrl_iface_receive_process(hapd, buf, reply,reply_size,
4254 from, fromlen);
4255 }
4256
4257
4258 static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
4259 void *sock_ctx)
4260 {
4261 struct hapd_interfaces *interfaces = eloop_ctx;
4262 char buffer[256], *buf = buffer;
4263 int res;
4264 struct sockaddr_storage from;
4265 socklen_t fromlen = sizeof(from);
4266 char *reply;
4267 int reply_len;
4268 const int reply_size = 4096;
4269 #ifdef CONFIG_CTRL_IFACE_UDP
4270 unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
4271 #endif /* CONFIG_CTRL_IFACE_UDP */
4272
4273 res = recvfrom(sock, buffer, sizeof(buffer) - 1, 0,
4274 (struct sockaddr *) &from, &fromlen);
4275 if (res < 0) {
4276 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
4277 strerror(errno));
4278 return;
4279 }
4280 buf[res] = '\0';
4281 wpa_printf(MSG_DEBUG, "Global ctrl_iface command: %s", buf);
4282
4283 reply = os_malloc(reply_size);
4284 if (reply == NULL) {
4285 if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
4286 fromlen) < 0) {
4287 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
4288 strerror(errno));
4289 }
4290 return;
4291 }
4292
4293 os_memcpy(reply, "OK\n", 3);
4294 reply_len = 3;
4295
4296 #ifdef CONFIG_CTRL_IFACE_UDP
4297 if (os_strcmp(buf, "GET_COOKIE") == 0) {
4298 os_memcpy(reply, "COOKIE=", 7);
4299 wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1,
4300 interfaces->ctrl_iface_cookie,
4301 CTRL_IFACE_COOKIE_LEN);
4302 reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN;
4303 goto send_reply;
4304 }
4305
4306 if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
4307 hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) {
4308 wpa_printf(MSG_DEBUG,
4309 "CTRL: No cookie in the request - drop request");
4310 os_free(reply);
4311 return;
4312 }
4313
4314 if (os_memcmp(interfaces->ctrl_iface_cookie, lcookie,
4315 CTRL_IFACE_COOKIE_LEN) != 0) {
4316 wpa_printf(MSG_DEBUG,
4317 "CTRL: Invalid cookie in the request - drop request");
4318 os_free(reply);
4319 return;
4320 }
4321
4322 buf += 7 + 2 * CTRL_IFACE_COOKIE_LEN;
4323 while (*buf == ' ')
4324 buf++;
4325 #endif /* CONFIG_CTRL_IFACE_UDP */
4326
4327 if (os_strncmp(buf, "IFNAME=", 7) == 0) {
4328 char *pos = os_strchr(buf + 7, ' ');
4329
4330 if (pos) {
4331 *pos++ = '\0';
4332 reply_len = hostapd_global_ctrl_iface_ifname(
4333 interfaces, buf + 7, pos, reply, reply_size,
4334 &from, fromlen);
4335 goto send_reply;
4336 }
4337 }
4338
4339 if (os_strcmp(buf, "PING") == 0) {
4340 os_memcpy(reply, "PONG\n", 5);
4341 reply_len = 5;
4342 } else if (os_strncmp(buf, "RELOG", 5) == 0) {
4343 if (wpa_debug_reopen_file() < 0)
4344 reply_len = -1;
4345 } else if (os_strcmp(buf, "FLUSH") == 0) {
4346 hostapd_ctrl_iface_flush(interfaces);
4347 } else if (os_strncmp(buf, "ADD ", 4) == 0) {
4348 if (hostapd_ctrl_iface_add(interfaces, buf + 4) < 0)
4349 reply_len = -1;
4350 } else if (os_strncmp(buf, "REMOVE ", 7) == 0) {
4351 if (hostapd_ctrl_iface_remove(interfaces, buf + 7) < 0)
4352 reply_len = -1;
4353 } else if (os_strcmp(buf, "ATTACH") == 0) {
4354 if (hostapd_global_ctrl_iface_attach(interfaces, &from,
4355 fromlen, NULL))
4356 reply_len = -1;
4357 } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
4358 if (hostapd_global_ctrl_iface_attach(interfaces, &from,
4359 fromlen, buf + 7))
4360 reply_len = -1;
4361 } else if (os_strcmp(buf, "DETACH") == 0) {
4362 if (hostapd_global_ctrl_iface_detach(interfaces, &from,
4363 fromlen))
4364 reply_len = -1;
4365 #ifdef CONFIG_MODULE_TESTS
4366 } else if (os_strcmp(buf, "MODULE_TESTS") == 0) {
4367 if (hapd_module_tests() < 0)
4368 reply_len = -1;
4369 #endif /* CONFIG_MODULE_TESTS */
4370 #ifdef CONFIG_FST
4371 } else if (os_strncmp(buf, "FST-ATTACH ", 11) == 0) {
4372 if (!hostapd_global_ctrl_iface_fst_attach(interfaces, buf + 11))
4373 reply_len = os_snprintf(reply, reply_size, "OK\n");
4374 else
4375 reply_len = -1;
4376 } else if (os_strncmp(buf, "FST-DETACH ", 11) == 0) {
4377 if (!hostapd_global_ctrl_iface_fst_detach(interfaces, buf + 11))
4378 reply_len = os_snprintf(reply, reply_size, "OK\n");
4379 else
4380 reply_len = -1;
4381 } else if (os_strncmp(buf, "FST-MANAGER ", 12) == 0) {
4382 reply_len = fst_ctrl_iface_receive(buf + 12, reply, reply_size);
4383 #endif /* CONFIG_FST */
4384 } else if (os_strncmp(buf, "DUP_NETWORK ", 12) == 0) {
4385 if (!hostapd_global_ctrl_iface_dup_network(interfaces,
4386 buf + 12))
4387 reply_len = os_snprintf(reply, reply_size, "OK\n");
4388 else
4389 reply_len = -1;
4390 } else if (os_strncmp(buf, "INTERFACES", 10) == 0) {
4391 reply_len = hostapd_global_ctrl_iface_interfaces(
4392 interfaces, buf + 10, reply, sizeof(buffer));
4393 } else if (os_strcmp(buf, "TERMINATE") == 0) {
4394 eloop_terminate();
4395 } else {
4396 wpa_printf(MSG_DEBUG, "Unrecognized global ctrl_iface command "
4397 "ignored");
4398 reply_len = -1;
4399 }
4400
4401 send_reply:
4402 if (reply_len < 0) {
4403 os_memcpy(reply, "FAIL\n", 5);
4404 reply_len = 5;
4405 }
4406
4407 if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
4408 fromlen) < 0) {
4409 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
4410 strerror(errno));
4411 }
4412 os_free(reply);
4413 }
4414
4415
4416 #ifndef CONFIG_CTRL_IFACE_UDP
4417 static char * hostapd_global_ctrl_iface_path(struct hapd_interfaces *interface)
4418 {
4419 char *buf;
4420 size_t len;
4421
4422 if (interface->global_iface_path == NULL)
4423 return NULL;
4424
4425 len = os_strlen(interface->global_iface_path) +
4426 os_strlen(interface->global_iface_name) + 2;
4427 buf = os_malloc(len);
4428 if (buf == NULL)
4429 return NULL;
4430
4431 os_snprintf(buf, len, "%s/%s", interface->global_iface_path,
4432 interface->global_iface_name);
4433 buf[len - 1] = '\0';
4434 return buf;
4435 }
4436 #endif /* CONFIG_CTRL_IFACE_UDP */
4437
4438
4439 int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
4440 {
4441 #ifdef CONFIG_CTRL_IFACE_UDP
4442 int port = HOSTAPD_GLOBAL_CTRL_IFACE_PORT;
4443 char p[32] = { 0 };
4444 char *pos;
4445 struct addrinfo hints = { 0 }, *res, *saveres;
4446 int n;
4447
4448 if (interface->global_ctrl_sock > -1) {
4449 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
4450 return 0;
4451 }
4452
4453 if (interface->global_iface_path == NULL)
4454 return 0;
4455
4456 pos = os_strstr(interface->global_iface_path, "udp:");
4457 if (pos) {
4458 pos += 4;
4459 port = atoi(pos);
4460 if (port <= 0) {
4461 wpa_printf(MSG_ERROR, "Invalid global ctrl UDP port");
4462 goto fail;
4463 }
4464 }
4465
4466 os_get_random(interface->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN);
4467
4468 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
4469 hints.ai_flags = AI_PASSIVE;
4470 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
4471
4472 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
4473 hints.ai_family = AF_INET6;
4474 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
4475 hints.ai_family = AF_INET;
4476 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
4477 hints.ai_socktype = SOCK_DGRAM;
4478
4479 try_again:
4480 os_snprintf(p, sizeof(p), "%d", port);
4481 n = getaddrinfo(NULL, p, &hints, &res);
4482 if (n) {
4483 wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
4484 goto fail;
4485 }
4486
4487 saveres = res;
4488 interface->global_ctrl_sock = socket(res->ai_family, res->ai_socktype,
4489 res->ai_protocol);
4490 if (interface->global_ctrl_sock < 0) {
4491 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
4492 goto fail;
4493 }
4494
4495 if (bind(interface->global_ctrl_sock, res->ai_addr, res->ai_addrlen) <
4496 0) {
4497 port++;
4498 if ((port - HOSTAPD_GLOBAL_CTRL_IFACE_PORT) <
4499 HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT && !pos)
4500 goto try_again;
4501 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
4502 goto fail;
4503 }
4504
4505 freeaddrinfo(saveres);
4506
4507 wpa_printf(MSG_DEBUG, "global ctrl_iface_init UDP port: %d", port);
4508
4509 if (eloop_register_read_sock(interface->global_ctrl_sock,
4510 hostapd_global_ctrl_iface_receive,
4511 interface, NULL) < 0) {
4512 hostapd_global_ctrl_iface_deinit(interface);
4513 return -1;
4514 }
4515
4516 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4517
4518 return 0;
4519
4520 fail:
4521 if (interface->global_ctrl_sock >= 0)
4522 close(interface->global_ctrl_sock);
4523 return -1;
4524 #else /* CONFIG_CTRL_IFACE_UDP */
4525 struct sockaddr_un addr;
4526 int s = -1;
4527 char *fname = NULL;
4528
4529 if (interface->global_iface_path == NULL) {
4530 wpa_printf(MSG_DEBUG, "ctrl_iface not configured!");
4531 return 0;
4532 }
4533
4534 if (mkdir(interface->global_iface_path, S_IRWXU | S_IRWXG) < 0) {
4535 if (errno == EEXIST) {
4536 wpa_printf(MSG_DEBUG, "Using existing control "
4537 "interface directory.");
4538 } else {
4539 wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
4540 strerror(errno));
4541 goto fail;
4542 }
4543 } else if (interface->ctrl_iface_group &&
4544 lchown(interface->global_iface_path, -1,
4545 interface->ctrl_iface_group) < 0) {
4546 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
4547 strerror(errno));
4548 goto fail;
4549 }
4550
4551 if (os_strlen(interface->global_iface_path) + 1 +
4552 os_strlen(interface->global_iface_name) >= sizeof(addr.sun_path))
4553 goto fail;
4554
4555 s = socket(PF_UNIX, SOCK_DGRAM, 0);
4556 if (s < 0) {
4557 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
4558 goto fail;
4559 }
4560
4561 os_memset(&addr, 0, sizeof(addr));
4562 #ifdef __FreeBSD__
4563 addr.sun_len = sizeof(addr);
4564 #endif /* __FreeBSD__ */
4565 addr.sun_family = AF_UNIX;
4566 fname = hostapd_global_ctrl_iface_path(interface);
4567 if (fname == NULL)
4568 goto fail;
4569 os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
4570 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
4571 wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
4572 strerror(errno));
4573 if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
4574 wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
4575 " allow connections - assuming it was left"
4576 "over from forced program termination");
4577 if (unlink(fname) < 0) {
4578 wpa_printf(MSG_ERROR,
4579 "Could not unlink existing ctrl_iface socket '%s': %s",
4580 fname, strerror(errno));
4581 goto fail;
4582 }
4583 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
4584 0) {
4585 wpa_printf(MSG_ERROR, "bind(PF_UNIX): %s",
4586 strerror(errno));
4587 goto fail;
4588 }
4589 wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
4590 "ctrl_iface socket '%s'", fname);
4591 } else {
4592 wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
4593 "be in use - cannot override it");
4594 wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
4595 "not used anymore", fname);
4596 os_free(fname);
4597 fname = NULL;
4598 goto fail;
4599 }
4600 }
4601
4602 if (interface->ctrl_iface_group &&
4603 lchown(fname, -1, interface->ctrl_iface_group) < 0) {
4604 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
4605 strerror(errno));
4606 goto fail;
4607 }
4608
4609 if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
4610 wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
4611 strerror(errno));
4612 goto fail;
4613 }
4614 os_free(fname);
4615
4616 interface->global_ctrl_sock = s;
4617 eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
4618 interface, NULL);
4619
4620 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4621
4622 return 0;
4623
4624 fail:
4625 if (s >= 0)
4626 close(s);
4627 if (fname) {
4628 unlink(fname);
4629 os_free(fname);
4630 }
4631 return -1;
4632 #endif /* CONFIG_CTRL_IFACE_UDP */
4633 }
4634
4635
4636 void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interfaces)
4637 {
4638 #ifndef CONFIG_CTRL_IFACE_UDP
4639 char *fname = NULL;
4640 #endif /* CONFIG_CTRL_IFACE_UDP */
4641 struct wpa_ctrl_dst *dst, *prev;
4642
4643 if (interfaces->global_ctrl_sock > -1) {
4644 eloop_unregister_read_sock(interfaces->global_ctrl_sock);
4645 close(interfaces->global_ctrl_sock);
4646 interfaces->global_ctrl_sock = -1;
4647 #ifndef CONFIG_CTRL_IFACE_UDP
4648 fname = hostapd_global_ctrl_iface_path(interfaces);
4649 if (fname) {
4650 unlink(fname);
4651 os_free(fname);
4652 }
4653
4654 if (interfaces->global_iface_path &&
4655 rmdir(interfaces->global_iface_path) < 0) {
4656 if (errno == ENOTEMPTY) {
4657 wpa_printf(MSG_DEBUG, "Control interface "
4658 "directory not empty - leaving it "
4659 "behind");
4660 } else {
4661 wpa_printf(MSG_ERROR,
4662 "rmdir[ctrl_interface=%s]: %s",
4663 interfaces->global_iface_path,
4664 strerror(errno));
4665 }
4666 }
4667 #endif /* CONFIG_CTRL_IFACE_UDP */
4668 }
4669
4670 os_free(interfaces->global_iface_path);
4671 interfaces->global_iface_path = NULL;
4672
4673 dl_list_for_each_safe(dst, prev, &interfaces->global_ctrl_dst,
4674 struct wpa_ctrl_dst, list)
4675 os_free(dst);
4676 }
4677
4678
4679 static int hostapd_ctrl_check_event_enabled(struct wpa_ctrl_dst *dst,
4680 const char *buf)
4681 {
4682 /* Enable Probe Request events based on explicit request.
4683 * Other events are enabled by default.
4684 */
4685 if (str_starts(buf, RX_PROBE_REQUEST))
4686 return !!(dst->events & WPA_EVENT_RX_PROBE_REQUEST);
4687 return 1;
4688 }
4689
4690
4691 static void hostapd_ctrl_iface_send_internal(int sock, struct dl_list *ctrl_dst,
4692 const char *ifname, int level,
4693 const char *buf, size_t len)
4694 {
4695 struct wpa_ctrl_dst *dst, *next;
4696 struct msghdr msg;
4697 int idx, res;
4698 struct iovec io[5];
4699 char levelstr[10];
4700
4701 if (sock < 0 || dl_list_empty(ctrl_dst))
4702 return;
4703
4704 res = os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
4705 if (os_snprintf_error(sizeof(levelstr), res))
4706 return;
4707 idx = 0;
4708 if (ifname) {
4709 io[idx].iov_base = "IFNAME=";
4710 io[idx].iov_len = 7;
4711 idx++;
4712 io[idx].iov_base = (char *) ifname;
4713 io[idx].iov_len = os_strlen(ifname);
4714 idx++;
4715 io[idx].iov_base = " ";
4716 io[idx].iov_len = 1;
4717 idx++;
4718 }
4719 io[idx].iov_base = levelstr;
4720 io[idx].iov_len = os_strlen(levelstr);
4721 idx++;
4722 io[idx].iov_base = (char *) buf;
4723 io[idx].iov_len = len;
4724 idx++;
4725 os_memset(&msg, 0, sizeof(msg));
4726 msg.msg_iov = io;
4727 msg.msg_iovlen = idx;
4728
4729 idx = 0;
4730 dl_list_for_each_safe(dst, next, ctrl_dst, struct wpa_ctrl_dst, list) {
4731 if ((level >= dst->debug_level) &&
4732 hostapd_ctrl_check_event_enabled(dst, buf)) {
4733 sockaddr_print(MSG_DEBUG, "CTRL_IFACE monitor send",
4734 &dst->addr, dst->addrlen);
4735 msg.msg_name = &dst->addr;
4736 msg.msg_namelen = dst->addrlen;
4737 if (sendmsg(sock, &msg, 0) < 0) {
4738 int _errno = errno;
4739 wpa_printf(MSG_INFO, "CTRL_IFACE monitor[%d]: "
4740 "%d - %s",
4741 idx, errno, strerror(errno));
4742 dst->errors++;
4743 if (dst->errors > 10 || _errno == ENOENT) {
4744 ctrl_iface_detach(ctrl_dst,
4745 &dst->addr,
4746 dst->addrlen);
4747 }
4748 } else
4749 dst->errors = 0;
4750 }
4751 idx++;
4752 }
4753 }
4754
4755
4756 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
4757 enum wpa_msg_type type,
4758 const char *buf, size_t len)
4759 {
4760 if (type != WPA_MSG_NO_GLOBAL) {
4761 hostapd_ctrl_iface_send_internal(
4762 hapd->iface->interfaces->global_ctrl_sock,
4763 &hapd->iface->interfaces->global_ctrl_dst,
4764 type != WPA_MSG_PER_INTERFACE ?
4765 NULL : hapd->conf->iface,
4766 level, buf, len);
4767 }
4768
4769 if (type != WPA_MSG_ONLY_GLOBAL) {
4770 hostapd_ctrl_iface_send_internal(
4771 hapd->ctrl_sock, &hapd->ctrl_dst,
4772 NULL, level, buf, len);
4773 }
4774 }
4775
4776 #endif /* CONFIG_NATIVE_WINDOWS */
Unnamed repository; edit this file 'description' to name the repository.