]> git.ipfire.org Git - thirdparty/hostap.git/blob - hostapd/ctrl_iface.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: DPP netAccessKey for reconfig
[thirdparty/hostap.git] / hostapd / ctrl_iface.c
1 /*
2 * hostapd / UNIX domain socket -based control interface
3 * Copyright (c) 2004-2018, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #ifndef CONFIG_NATIVE_WINDOWS
12
13 #ifdef CONFIG_TESTING_OPTIONS
14 #ifdef __NetBSD__
15 #include <net/if_ether.h>
16 #else
17 #include <net/ethernet.h>
18 #endif
19 #include <netinet/ip.h>
20 #endif /* CONFIG_TESTING_OPTIONS */
21
22 #include <sys/un.h>
23 #include <sys/stat.h>
24 #include <stddef.h>
25
26 #ifdef CONFIG_CTRL_IFACE_UDP
27 #include <netdb.h>
28 #endif /* CONFIG_CTRL_IFACE_UDP */
29
30 #include "utils/common.h"
31 #include "utils/eloop.h"
32 #include "utils/module_tests.h"
33 #include "common/version.h"
34 #include "common/ieee802_11_defs.h"
35 #include "common/ctrl_iface_common.h"
36 #ifdef CONFIG_DPP
37 #include "common/dpp.h"
38 #endif /* CONFIG_DPP */
39 #include "common/wpa_ctrl.h"
40 #include "crypto/tls.h"
41 #include "drivers/driver.h"
42 #include "eapol_auth/eapol_auth_sm.h"
43 #include "radius/radius_client.h"
44 #include "radius/radius_server.h"
45 #include "l2_packet/l2_packet.h"
46 #include "ap/hostapd.h"
47 #include "ap/ap_config.h"
48 #include "ap/ieee802_1x.h"
49 #include "ap/wpa_auth.h"
50 #include "ap/ieee802_11.h"
51 #include "ap/sta_info.h"
52 #include "ap/wps_hostapd.h"
53 #include "ap/ctrl_iface_ap.h"
54 #include "ap/ap_drv_ops.h"
55 #include "ap/hs20.h"
56 #include "ap/wnm_ap.h"
57 #include "ap/wpa_auth.h"
58 #include "ap/beacon.h"
59 #include "ap/neighbor_db.h"
60 #include "ap/rrm.h"
61 #include "ap/dpp_hostapd.h"
62 #include "ap/dfs.h"
63 #include "wps/wps_defs.h"
64 #include "wps/wps.h"
65 #include "fst/fst_ctrl_iface.h"
66 #include "config_file.h"
67 #include "ctrl_iface.h"
68
69
70 #define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256
71
72 #ifdef CONFIG_CTRL_IFACE_UDP
73 #define HOSTAPD_CTRL_IFACE_PORT 8877
74 #define HOSTAPD_CTRL_IFACE_PORT_LIMIT 50
75 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT 8878
76 #define HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT 50
77 #endif /* CONFIG_CTRL_IFACE_UDP */
78
79 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
80 enum wpa_msg_type type,
81 const char *buf, size_t len);
82
83
84 static int hostapd_ctrl_iface_attach(struct hostapd_data *hapd,
85 struct sockaddr_storage *from,
86 socklen_t fromlen, const char *input)
87 {
88 return ctrl_iface_attach(&hapd->ctrl_dst, from, fromlen, input);
89 }
90
91
92 static int hostapd_ctrl_iface_detach(struct hostapd_data *hapd,
93 struct sockaddr_storage *from,
94 socklen_t fromlen)
95 {
96 return ctrl_iface_detach(&hapd->ctrl_dst, from, fromlen);
97 }
98
99
100 static int hostapd_ctrl_iface_level(struct hostapd_data *hapd,
101 struct sockaddr_storage *from,
102 socklen_t fromlen,
103 char *level)
104 {
105 return ctrl_iface_level(&hapd->ctrl_dst, from, fromlen, level);
106 }
107
108
109 static int hostapd_ctrl_iface_new_sta(struct hostapd_data *hapd,
110 const char *txtaddr)
111 {
112 u8 addr[ETH_ALEN];
113 struct sta_info *sta;
114
115 wpa_printf(MSG_DEBUG, "CTRL_IFACE NEW_STA %s", txtaddr);
116
117 if (hwaddr_aton(txtaddr, addr))
118 return -1;
119
120 sta = ap_get_sta(hapd, addr);
121 if (sta)
122 return 0;
123
124 wpa_printf(MSG_DEBUG, "Add new STA " MACSTR " based on ctrl_iface "
125 "notification", MAC2STR(addr));
126 sta = ap_sta_add(hapd, addr);
127 if (sta == NULL)
128 return -1;
129
130 hostapd_new_assoc_sta(hapd, sta, 0);
131 return 0;
132 }
133
134
135 #ifdef NEED_AP_MLME
136 static int hostapd_ctrl_iface_sa_query(struct hostapd_data *hapd,
137 const char *txtaddr)
138 {
139 u8 addr[ETH_ALEN];
140 u8 trans_id[WLAN_SA_QUERY_TR_ID_LEN];
141
142 wpa_printf(MSG_DEBUG, "CTRL_IFACE SA_QUERY %s", txtaddr);
143
144 if (hwaddr_aton(txtaddr, addr) ||
145 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0)
146 return -1;
147
148 ieee802_11_send_sa_query_req(hapd, addr, trans_id);
149
150 return 0;
151 }
152 #endif /* NEED_AP_MLME */
153
154
155 #ifdef CONFIG_WPS
156 static int hostapd_ctrl_iface_wps_pin(struct hostapd_data *hapd, char *txt)
157 {
158 char *pin = os_strchr(txt, ' ');
159 char *timeout_txt;
160 int timeout;
161 u8 addr_buf[ETH_ALEN], *addr = NULL;
162 char *pos;
163
164 if (pin == NULL)
165 return -1;
166 *pin++ = '\0';
167
168 timeout_txt = os_strchr(pin, ' ');
169 if (timeout_txt) {
170 *timeout_txt++ = '\0';
171 timeout = atoi(timeout_txt);
172 pos = os_strchr(timeout_txt, ' ');
173 if (pos) {
174 *pos++ = '\0';
175 if (hwaddr_aton(pos, addr_buf) == 0)
176 addr = addr_buf;
177 }
178 } else
179 timeout = 0;
180
181 return hostapd_wps_add_pin(hapd, addr, txt, pin, timeout);
182 }
183
184
185 static int hostapd_ctrl_iface_wps_check_pin(
186 struct hostapd_data *hapd, char *cmd, char *buf, size_t buflen)
187 {
188 char pin[9];
189 size_t len;
190 char *pos;
191 int ret;
192
193 wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN",
194 (u8 *) cmd, os_strlen(cmd));
195 for (pos = cmd, len = 0; *pos != '\0'; pos++) {
196 if (*pos < '0' || *pos > '9')
197 continue;
198 pin[len++] = *pos;
199 if (len == 9) {
200 wpa_printf(MSG_DEBUG, "WPS: Too long PIN");
201 return -1;
202 }
203 }
204 if (len != 4 && len != 8) {
205 wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len);
206 return -1;
207 }
208 pin[len] = '\0';
209
210 if (len == 8) {
211 unsigned int pin_val;
212 pin_val = atoi(pin);
213 if (!wps_pin_valid(pin_val)) {
214 wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit");
215 ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n");
216 if (os_snprintf_error(buflen, ret))
217 return -1;
218 return ret;
219 }
220 }
221
222 ret = os_snprintf(buf, buflen, "%s", pin);
223 if (os_snprintf_error(buflen, ret))
224 return -1;
225
226 return ret;
227 }
228
229
230 #ifdef CONFIG_WPS_NFC
231 static int hostapd_ctrl_iface_wps_nfc_tag_read(struct hostapd_data *hapd,
232 char *pos)
233 {
234 size_t len;
235 struct wpabuf *buf;
236 int ret;
237
238 len = os_strlen(pos);
239 if (len & 0x01)
240 return -1;
241 len /= 2;
242
243 buf = wpabuf_alloc(len);
244 if (buf == NULL)
245 return -1;
246 if (hexstr2bin(pos, wpabuf_put(buf, len), len) < 0) {
247 wpabuf_free(buf);
248 return -1;
249 }
250
251 ret = hostapd_wps_nfc_tag_read(hapd, buf);
252 wpabuf_free(buf);
253
254 return ret;
255 }
256
257
258 static int hostapd_ctrl_iface_wps_nfc_config_token(struct hostapd_data *hapd,
259 char *cmd, char *reply,
260 size_t max_len)
261 {
262 int ndef;
263 struct wpabuf *buf;
264 int res;
265
266 if (os_strcmp(cmd, "WPS") == 0)
267 ndef = 0;
268 else if (os_strcmp(cmd, "NDEF") == 0)
269 ndef = 1;
270 else
271 return -1;
272
273 buf = hostapd_wps_nfc_config_token(hapd, ndef);
274 if (buf == NULL)
275 return -1;
276
277 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
278 wpabuf_len(buf));
279 reply[res++] = '\n';
280 reply[res] = '\0';
281
282 wpabuf_free(buf);
283
284 return res;
285 }
286
287
288 static int hostapd_ctrl_iface_wps_nfc_token_gen(struct hostapd_data *hapd,
289 char *reply, size_t max_len,
290 int ndef)
291 {
292 struct wpabuf *buf;
293 int res;
294
295 buf = hostapd_wps_nfc_token_gen(hapd, ndef);
296 if (buf == NULL)
297 return -1;
298
299 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
300 wpabuf_len(buf));
301 reply[res++] = '\n';
302 reply[res] = '\0';
303
304 wpabuf_free(buf);
305
306 return res;
307 }
308
309
310 static int hostapd_ctrl_iface_wps_nfc_token(struct hostapd_data *hapd,
311 char *cmd, char *reply,
312 size_t max_len)
313 {
314 if (os_strcmp(cmd, "WPS") == 0)
315 return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
316 max_len, 0);
317
318 if (os_strcmp(cmd, "NDEF") == 0)
319 return hostapd_ctrl_iface_wps_nfc_token_gen(hapd, reply,
320 max_len, 1);
321
322 if (os_strcmp(cmd, "enable") == 0)
323 return hostapd_wps_nfc_token_enable(hapd);
324
325 if (os_strcmp(cmd, "disable") == 0) {
326 hostapd_wps_nfc_token_disable(hapd);
327 return 0;
328 }
329
330 return -1;
331 }
332
333
334 static int hostapd_ctrl_iface_nfc_get_handover_sel(struct hostapd_data *hapd,
335 char *cmd, char *reply,
336 size_t max_len)
337 {
338 struct wpabuf *buf;
339 int res;
340 char *pos;
341 int ndef;
342
343 pos = os_strchr(cmd, ' ');
344 if (pos == NULL)
345 return -1;
346 *pos++ = '\0';
347
348 if (os_strcmp(cmd, "WPS") == 0)
349 ndef = 0;
350 else if (os_strcmp(cmd, "NDEF") == 0)
351 ndef = 1;
352 else
353 return -1;
354
355 if (os_strcmp(pos, "WPS-CR") == 0)
356 buf = hostapd_wps_nfc_hs_cr(hapd, ndef);
357 else
358 buf = NULL;
359 if (buf == NULL)
360 return -1;
361
362 res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
363 wpabuf_len(buf));
364 reply[res++] = '\n';
365 reply[res] = '\0';
366
367 wpabuf_free(buf);
368
369 return res;
370 }
371
372
373 static int hostapd_ctrl_iface_nfc_report_handover(struct hostapd_data *hapd,
374 char *cmd)
375 {
376 size_t len;
377 struct wpabuf *req, *sel;
378 int ret;
379 char *pos, *role, *type, *pos2;
380
381 role = cmd;
382 pos = os_strchr(role, ' ');
383 if (pos == NULL)
384 return -1;
385 *pos++ = '\0';
386
387 type = pos;
388 pos = os_strchr(type, ' ');
389 if (pos == NULL)
390 return -1;
391 *pos++ = '\0';
392
393 pos2 = os_strchr(pos, ' ');
394 if (pos2 == NULL)
395 return -1;
396 *pos2++ = '\0';
397
398 len = os_strlen(pos);
399 if (len & 0x01)
400 return -1;
401 len /= 2;
402
403 req = wpabuf_alloc(len);
404 if (req == NULL)
405 return -1;
406 if (hexstr2bin(pos, wpabuf_put(req, len), len) < 0) {
407 wpabuf_free(req);
408 return -1;
409 }
410
411 len = os_strlen(pos2);
412 if (len & 0x01) {
413 wpabuf_free(req);
414 return -1;
415 }
416 len /= 2;
417
418 sel = wpabuf_alloc(len);
419 if (sel == NULL) {
420 wpabuf_free(req);
421 return -1;
422 }
423 if (hexstr2bin(pos2, wpabuf_put(sel, len), len) < 0) {
424 wpabuf_free(req);
425 wpabuf_free(sel);
426 return -1;
427 }
428
429 if (os_strcmp(role, "RESP") == 0 && os_strcmp(type, "WPS") == 0) {
430 ret = hostapd_wps_nfc_report_handover(hapd, req, sel);
431 } else {
432 wpa_printf(MSG_DEBUG, "NFC: Unsupported connection handover "
433 "reported: role=%s type=%s", role, type);
434 ret = -1;
435 }
436 wpabuf_free(req);
437 wpabuf_free(sel);
438
439 return ret;
440 }
441
442 #endif /* CONFIG_WPS_NFC */
443
444
445 static int hostapd_ctrl_iface_wps_ap_pin(struct hostapd_data *hapd, char *txt,
446 char *buf, size_t buflen)
447 {
448 int timeout = 300;
449 char *pos;
450 const char *pin_txt;
451
452 pos = os_strchr(txt, ' ');
453 if (pos)
454 *pos++ = '\0';
455
456 if (os_strcmp(txt, "disable") == 0) {
457 hostapd_wps_ap_pin_disable(hapd);
458 return os_snprintf(buf, buflen, "OK\n");
459 }
460
461 if (os_strcmp(txt, "random") == 0) {
462 if (pos)
463 timeout = atoi(pos);
464 pin_txt = hostapd_wps_ap_pin_random(hapd, timeout);
465 if (pin_txt == NULL)
466 return -1;
467 return os_snprintf(buf, buflen, "%s", pin_txt);
468 }
469
470 if (os_strcmp(txt, "get") == 0) {
471 pin_txt = hostapd_wps_ap_pin_get(hapd);
472 if (pin_txt == NULL)
473 return -1;
474 return os_snprintf(buf, buflen, "%s", pin_txt);
475 }
476
477 if (os_strcmp(txt, "set") == 0) {
478 char *pin;
479 if (pos == NULL)
480 return -1;
481 pin = pos;
482 pos = os_strchr(pos, ' ');
483 if (pos) {
484 *pos++ = '\0';
485 timeout = atoi(pos);
486 }
487 if (os_strlen(pin) > buflen)
488 return -1;
489 if (hostapd_wps_ap_pin_set(hapd, pin, timeout) < 0)
490 return -1;
491 return os_snprintf(buf, buflen, "%s", pin);
492 }
493
494 return -1;
495 }
496
497
498 static int hostapd_ctrl_iface_wps_config(struct hostapd_data *hapd, char *txt)
499 {
500 char *pos;
501 char *ssid, *auth, *encr = NULL, *key = NULL;
502
503 ssid = txt;
504 pos = os_strchr(txt, ' ');
505 if (!pos)
506 return -1;
507 *pos++ = '\0';
508
509 auth = pos;
510 pos = os_strchr(pos, ' ');
511 if (pos) {
512 *pos++ = '\0';
513 encr = pos;
514 pos = os_strchr(pos, ' ');
515 if (pos) {
516 *pos++ = '\0';
517 key = pos;
518 }
519 }
520
521 return hostapd_wps_config_ap(hapd, ssid, auth, encr, key);
522 }
523
524
525 static const char * pbc_status_str(enum pbc_status status)
526 {
527 switch (status) {
528 case WPS_PBC_STATUS_DISABLE:
529 return "Disabled";
530 case WPS_PBC_STATUS_ACTIVE:
531 return "Active";
532 case WPS_PBC_STATUS_TIMEOUT:
533 return "Timed-out";
534 case WPS_PBC_STATUS_OVERLAP:
535 return "Overlap";
536 default:
537 return "Unknown";
538 }
539 }
540
541
542 static int hostapd_ctrl_iface_wps_get_status(struct hostapd_data *hapd,
543 char *buf, size_t buflen)
544 {
545 int ret;
546 char *pos, *end;
547
548 pos = buf;
549 end = buf + buflen;
550
551 ret = os_snprintf(pos, end - pos, "PBC Status: %s\n",
552 pbc_status_str(hapd->wps_stats.pbc_status));
553
554 if (os_snprintf_error(end - pos, ret))
555 return pos - buf;
556 pos += ret;
557
558 ret = os_snprintf(pos, end - pos, "Last WPS result: %s\n",
559 (hapd->wps_stats.status == WPS_STATUS_SUCCESS ?
560 "Success":
561 (hapd->wps_stats.status == WPS_STATUS_FAILURE ?
562 "Failed" : "None")));
563
564 if (os_snprintf_error(end - pos, ret))
565 return pos - buf;
566 pos += ret;
567
568 /* If status == Failure - Add possible Reasons */
569 if(hapd->wps_stats.status == WPS_STATUS_FAILURE &&
570 hapd->wps_stats.failure_reason > 0) {
571 ret = os_snprintf(pos, end - pos,
572 "Failure Reason: %s\n",
573 wps_ei_str(hapd->wps_stats.failure_reason));
574
575 if (os_snprintf_error(end - pos, ret))
576 return pos - buf;
577 pos += ret;
578 }
579
580 if (hapd->wps_stats.status) {
581 ret = os_snprintf(pos, end - pos, "Peer Address: " MACSTR "\n",
582 MAC2STR(hapd->wps_stats.peer_addr));
583
584 if (os_snprintf_error(end - pos, ret))
585 return pos - buf;
586 pos += ret;
587 }
588
589 return pos - buf;
590 }
591
592 #endif /* CONFIG_WPS */
593
594 #ifdef CONFIG_HS20
595
596 static int hostapd_ctrl_iface_hs20_wnm_notif(struct hostapd_data *hapd,
597 const char *cmd)
598 {
599 u8 addr[ETH_ALEN];
600 const char *url;
601
602 if (hwaddr_aton(cmd, addr))
603 return -1;
604 url = cmd + 17;
605 if (*url == '\0') {
606 url = NULL;
607 } else {
608 if (*url != ' ')
609 return -1;
610 url++;
611 if (*url == '\0')
612 url = NULL;
613 }
614
615 return hs20_send_wnm_notification(hapd, addr, 1, url);
616 }
617
618
619 static int hostapd_ctrl_iface_hs20_deauth_req(struct hostapd_data *hapd,
620 const char *cmd)
621 {
622 u8 addr[ETH_ALEN];
623 int code, reauth_delay, ret;
624 const char *pos;
625 size_t url_len;
626 struct wpabuf *req;
627
628 /* <STA MAC Addr> <Code(0/1)> <Re-auth-Delay(sec)> [URL] */
629 if (hwaddr_aton(cmd, addr))
630 return -1;
631
632 pos = os_strchr(cmd, ' ');
633 if (pos == NULL)
634 return -1;
635 pos++;
636 code = atoi(pos);
637
638 pos = os_strchr(pos, ' ');
639 if (pos == NULL)
640 return -1;
641 pos++;
642 reauth_delay = atoi(pos);
643
644 url_len = 0;
645 pos = os_strchr(pos, ' ');
646 if (pos) {
647 pos++;
648 url_len = os_strlen(pos);
649 }
650
651 req = wpabuf_alloc(4 + url_len);
652 if (req == NULL)
653 return -1;
654 wpabuf_put_u8(req, code);
655 wpabuf_put_le16(req, reauth_delay);
656 wpabuf_put_u8(req, url_len);
657 if (pos)
658 wpabuf_put_data(req, pos, url_len);
659
660 wpa_printf(MSG_DEBUG, "HS 2.0: Send WNM-Notification to " MACSTR
661 " to indicate imminent deauthentication (code=%d "
662 "reauth_delay=%d)", MAC2STR(addr), code, reauth_delay);
663 ret = hs20_send_wnm_notification_deauth_req(hapd, addr, req);
664 wpabuf_free(req);
665 return ret;
666 }
667
668 #endif /* CONFIG_HS20 */
669
670
671 #ifdef CONFIG_INTERWORKING
672
673 static int hostapd_ctrl_iface_set_qos_map_set(struct hostapd_data *hapd,
674 const char *cmd)
675 {
676 u8 qos_map_set[16 + 2 * 21], count = 0;
677 const char *pos = cmd;
678 int val, ret;
679
680 for (;;) {
681 if (count == sizeof(qos_map_set)) {
682 wpa_printf(MSG_ERROR, "Too many qos_map_set parameters");
683 return -1;
684 }
685
686 val = atoi(pos);
687 if (val < 0 || val > 255) {
688 wpa_printf(MSG_INFO, "Invalid QoS Map Set");
689 return -1;
690 }
691
692 qos_map_set[count++] = val;
693 pos = os_strchr(pos, ',');
694 if (!pos)
695 break;
696 pos++;
697 }
698
699 if (count < 16 || count & 1) {
700 wpa_printf(MSG_INFO, "Invalid QoS Map Set");
701 return -1;
702 }
703
704 ret = hostapd_drv_set_qos_map(hapd, qos_map_set, count);
705 if (ret) {
706 wpa_printf(MSG_INFO, "Failed to set QoS Map Set");
707 return -1;
708 }
709
710 os_memcpy(hapd->conf->qos_map_set, qos_map_set, count);
711 hapd->conf->qos_map_set_len = count;
712
713 return 0;
714 }
715
716
717 static int hostapd_ctrl_iface_send_qos_map_conf(struct hostapd_data *hapd,
718 const char *cmd)
719 {
720 u8 addr[ETH_ALEN];
721 struct sta_info *sta;
722 struct wpabuf *buf;
723 u8 *qos_map_set = hapd->conf->qos_map_set;
724 u8 qos_map_set_len = hapd->conf->qos_map_set_len;
725 int ret;
726
727 if (!qos_map_set_len) {
728 wpa_printf(MSG_INFO, "QoS Map Set is not set");
729 return -1;
730 }
731
732 if (hwaddr_aton(cmd, addr))
733 return -1;
734
735 sta = ap_get_sta(hapd, addr);
736 if (sta == NULL) {
737 wpa_printf(MSG_DEBUG, "Station " MACSTR " not found "
738 "for QoS Map Configuration message",
739 MAC2STR(addr));
740 return -1;
741 }
742
743 if (!sta->qos_map_enabled) {
744 wpa_printf(MSG_DEBUG, "Station " MACSTR " did not indicate "
745 "support for QoS Map", MAC2STR(addr));
746 return -1;
747 }
748
749 buf = wpabuf_alloc(2 + 2 + qos_map_set_len);
750 if (buf == NULL)
751 return -1;
752
753 wpabuf_put_u8(buf, WLAN_ACTION_QOS);
754 wpabuf_put_u8(buf, QOS_QOS_MAP_CONFIG);
755
756 /* QoS Map Set Element */
757 wpabuf_put_u8(buf, WLAN_EID_QOS_MAP_SET);
758 wpabuf_put_u8(buf, qos_map_set_len);
759 wpabuf_put_data(buf, qos_map_set, qos_map_set_len);
760
761 ret = hostapd_drv_send_action(hapd, hapd->iface->freq, 0, addr,
762 wpabuf_head(buf), wpabuf_len(buf));
763 wpabuf_free(buf);
764
765 return ret;
766 }
767
768 #endif /* CONFIG_INTERWORKING */
769
770
771 #ifdef CONFIG_WNM_AP
772
773 static int hostapd_ctrl_iface_disassoc_imminent(struct hostapd_data *hapd,
774 const char *cmd)
775 {
776 u8 addr[ETH_ALEN];
777 int disassoc_timer;
778 struct sta_info *sta;
779
780 if (hwaddr_aton(cmd, addr))
781 return -1;
782 if (cmd[17] != ' ')
783 return -1;
784 disassoc_timer = atoi(cmd + 17);
785
786 sta = ap_get_sta(hapd, addr);
787 if (sta == NULL) {
788 wpa_printf(MSG_DEBUG, "Station " MACSTR
789 " not found for disassociation imminent message",
790 MAC2STR(addr));
791 return -1;
792 }
793
794 return wnm_send_disassoc_imminent(hapd, sta, disassoc_timer);
795 }
796
797
798 static int hostapd_ctrl_iface_ess_disassoc(struct hostapd_data *hapd,
799 const char *cmd)
800 {
801 u8 addr[ETH_ALEN];
802 const char *url, *timerstr;
803 int disassoc_timer;
804 struct sta_info *sta;
805
806 if (hwaddr_aton(cmd, addr))
807 return -1;
808
809 sta = ap_get_sta(hapd, addr);
810 if (sta == NULL) {
811 wpa_printf(MSG_DEBUG, "Station " MACSTR
812 " not found for ESS disassociation imminent message",
813 MAC2STR(addr));
814 return -1;
815 }
816
817 timerstr = cmd + 17;
818 if (*timerstr != ' ')
819 return -1;
820 timerstr++;
821 disassoc_timer = atoi(timerstr);
822 if (disassoc_timer < 0 || disassoc_timer > 65535)
823 return -1;
824
825 url = os_strchr(timerstr, ' ');
826 if (url == NULL)
827 return -1;
828 url++;
829
830 return wnm_send_ess_disassoc_imminent(hapd, sta, url, disassoc_timer);
831 }
832
833
834 static int hostapd_ctrl_iface_bss_tm_req(struct hostapd_data *hapd,
835 const char *cmd)
836 {
837 u8 addr[ETH_ALEN];
838 const char *pos, *end;
839 int disassoc_timer = 0;
840 struct sta_info *sta;
841 u8 req_mode = 0, valid_int = 0x01;
842 u8 bss_term_dur[12];
843 char *url = NULL;
844 int ret;
845 u8 nei_rep[1000];
846 int nei_len;
847 u8 mbo[10];
848 size_t mbo_len = 0;
849
850 if (hwaddr_aton(cmd, addr)) {
851 wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
852 return -1;
853 }
854
855 sta = ap_get_sta(hapd, addr);
856 if (sta == NULL) {
857 wpa_printf(MSG_DEBUG, "Station " MACSTR
858 " not found for BSS TM Request message",
859 MAC2STR(addr));
860 return -1;
861 }
862
863 pos = os_strstr(cmd, " disassoc_timer=");
864 if (pos) {
865 pos += 16;
866 disassoc_timer = atoi(pos);
867 if (disassoc_timer < 0 || disassoc_timer > 65535) {
868 wpa_printf(MSG_DEBUG, "Invalid disassoc_timer");
869 return -1;
870 }
871 }
872
873 pos = os_strstr(cmd, " valid_int=");
874 if (pos) {
875 pos += 11;
876 valid_int = atoi(pos);
877 }
878
879 pos = os_strstr(cmd, " bss_term=");
880 if (pos) {
881 pos += 10;
882 req_mode |= WNM_BSS_TM_REQ_BSS_TERMINATION_INCLUDED;
883 /* TODO: TSF configurable/learnable */
884 bss_term_dur[0] = 4; /* Subelement ID */
885 bss_term_dur[1] = 10; /* Length */
886 os_memset(&bss_term_dur[2], 0, 8);
887 end = os_strchr(pos, ',');
888 if (end == NULL) {
889 wpa_printf(MSG_DEBUG, "Invalid bss_term data");
890 return -1;
891 }
892 end++;
893 WPA_PUT_LE16(&bss_term_dur[10], atoi(end));
894 }
895
896 nei_len = ieee802_11_parse_candidate_list(cmd, nei_rep,
897 sizeof(nei_rep));
898 if (nei_len < 0)
899 return -1;
900
901 pos = os_strstr(cmd, " url=");
902 if (pos) {
903 size_t len;
904 pos += 5;
905 end = os_strchr(pos, ' ');
906 if (end)
907 len = end - pos;
908 else
909 len = os_strlen(pos);
910 url = os_malloc(len + 1);
911 if (url == NULL)
912 return -1;
913 os_memcpy(url, pos, len);
914 url[len] = '\0';
915 req_mode |= WNM_BSS_TM_REQ_ESS_DISASSOC_IMMINENT;
916 }
917
918 if (os_strstr(cmd, " pref=1"))
919 req_mode |= WNM_BSS_TM_REQ_PREF_CAND_LIST_INCLUDED;
920 if (os_strstr(cmd, " abridged=1"))
921 req_mode |= WNM_BSS_TM_REQ_ABRIDGED;
922 if (os_strstr(cmd, " disassoc_imminent=1"))
923 req_mode |= WNM_BSS_TM_REQ_DISASSOC_IMMINENT;
924
925 #ifdef CONFIG_MBO
926 pos = os_strstr(cmd, "mbo=");
927 if (pos) {
928 unsigned int mbo_reason, cell_pref, reassoc_delay;
929 u8 *mbo_pos = mbo;
930
931 ret = sscanf(pos, "mbo=%u:%u:%u", &mbo_reason,
932 &reassoc_delay, &cell_pref);
933 if (ret != 3) {
934 wpa_printf(MSG_DEBUG,
935 "MBO requires three arguments: mbo=<reason>:<reassoc_delay>:<cell_pref>");
936 ret = -1;
937 goto fail;
938 }
939
940 if (mbo_reason > MBO_TRANSITION_REASON_PREMIUM_AP) {
941 wpa_printf(MSG_DEBUG,
942 "Invalid MBO transition reason code %u",
943 mbo_reason);
944 ret = -1;
945 goto fail;
946 }
947
948 /* Valid values for Cellular preference are: 0, 1, 255 */
949 if (cell_pref != 0 && cell_pref != 1 && cell_pref != 255) {
950 wpa_printf(MSG_DEBUG,
951 "Invalid MBO cellular capability %u",
952 cell_pref);
953 ret = -1;
954 goto fail;
955 }
956
957 if (reassoc_delay > 65535 ||
958 (reassoc_delay &&
959 !(req_mode & WNM_BSS_TM_REQ_DISASSOC_IMMINENT))) {
960 wpa_printf(MSG_DEBUG,
961 "MBO: Assoc retry delay is only valid in disassoc imminent mode");
962 ret = -1;
963 goto fail;
964 }
965
966 *mbo_pos++ = MBO_ATTR_ID_TRANSITION_REASON;
967 *mbo_pos++ = 1;
968 *mbo_pos++ = mbo_reason;
969 *mbo_pos++ = MBO_ATTR_ID_CELL_DATA_PREF;
970 *mbo_pos++ = 1;
971 *mbo_pos++ = cell_pref;
972
973 if (reassoc_delay) {
974 *mbo_pos++ = MBO_ATTR_ID_ASSOC_RETRY_DELAY;
975 *mbo_pos++ = 2;
976 WPA_PUT_LE16(mbo_pos, reassoc_delay);
977 mbo_pos += 2;
978 }
979
980 mbo_len = mbo_pos - mbo;
981 }
982 #endif /* CONFIG_MBO */
983
984 ret = wnm_send_bss_tm_req(hapd, sta, req_mode, disassoc_timer,
985 valid_int, bss_term_dur, url,
986 nei_len ? nei_rep : NULL, nei_len,
987 mbo_len ? mbo : NULL, mbo_len);
988 #ifdef CONFIG_MBO
989 fail:
990 #endif /* CONFIG_MBO */
991 os_free(url);
992 return ret;
993 }
994
995
996 static int hostapd_ctrl_iface_coloc_intf_req(struct hostapd_data *hapd,
997 const char *cmd)
998 {
999 u8 addr[ETH_ALEN];
1000 struct sta_info *sta;
1001 const char *pos;
1002 unsigned int auto_report, timeout;
1003
1004 if (hwaddr_aton(cmd, addr)) {
1005 wpa_printf(MSG_DEBUG, "Invalid STA MAC address");
1006 return -1;
1007 }
1008
1009 sta = ap_get_sta(hapd, addr);
1010 if (!sta) {
1011 wpa_printf(MSG_DEBUG, "Station " MACSTR
1012 " not found for Collocated Interference Request",
1013 MAC2STR(addr));
1014 return -1;
1015 }
1016
1017 pos = cmd + 17;
1018 if (*pos != ' ')
1019 return -1;
1020 pos++;
1021 auto_report = atoi(pos);
1022 pos = os_strchr(pos, ' ');
1023 if (!pos)
1024 return -1;
1025 pos++;
1026 timeout = atoi(pos);
1027
1028 return wnm_send_coloc_intf_req(hapd, sta, auto_report, timeout);
1029 }
1030
1031 #endif /* CONFIG_WNM_AP */
1032
1033
1034 static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd,
1035 char *buf, size_t buflen)
1036 {
1037 int ret = 0;
1038 char *pos, *end;
1039
1040 pos = buf;
1041 end = buf + buflen;
1042
1043 WPA_ASSERT(hapd->conf->wpa_key_mgmt);
1044
1045 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) {
1046 ret = os_snprintf(pos, end - pos, "WPA-PSK ");
1047 if (os_snprintf_error(end - pos, ret))
1048 return pos - buf;
1049 pos += ret;
1050 }
1051 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
1052 ret = os_snprintf(pos, end - pos, "WPA-EAP ");
1053 if (os_snprintf_error(end - pos, ret))
1054 return pos - buf;
1055 pos += ret;
1056 }
1057 #ifdef CONFIG_IEEE80211R_AP
1058 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) {
1059 ret = os_snprintf(pos, end - pos, "FT-PSK ");
1060 if (os_snprintf_error(end - pos, ret))
1061 return pos - buf;
1062 pos += ret;
1063 }
1064 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
1065 ret = os_snprintf(pos, end - pos, "FT-EAP ");
1066 if (os_snprintf_error(end - pos, ret))
1067 return pos - buf;
1068 pos += ret;
1069 }
1070 #ifdef CONFIG_SHA384
1071 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
1072 ret = os_snprintf(pos, end - pos, "FT-EAP-SHA384 ");
1073 if (os_snprintf_error(end - pos, ret))
1074 return pos - buf;
1075 pos += ret;
1076 }
1077 #endif /* CONFIG_SHA384 */
1078 #ifdef CONFIG_SAE
1079 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) {
1080 ret = os_snprintf(pos, end - pos, "FT-SAE ");
1081 if (os_snprintf_error(end - pos, ret))
1082 return pos - buf;
1083 pos += ret;
1084 }
1085 #endif /* CONFIG_SAE */
1086 #ifdef CONFIG_FILS
1087 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
1088 ret = os_snprintf(pos, end - pos, "FT-FILS-SHA256 ");
1089 if (os_snprintf_error(end - pos, ret))
1090 return pos - buf;
1091 pos += ret;
1092 }
1093 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
1094 ret = os_snprintf(pos, end - pos, "FT-FILS-SHA384 ");
1095 if (os_snprintf_error(end - pos, ret))
1096 return pos - buf;
1097 pos += ret;
1098 }
1099 #endif /* CONFIG_FILS */
1100 #endif /* CONFIG_IEEE80211R_AP */
1101 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
1102 ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 ");
1103 if (os_snprintf_error(end - pos, ret))
1104 return pos - buf;
1105 pos += ret;
1106 }
1107 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1108 ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 ");
1109 if (os_snprintf_error(end - pos, ret))
1110 return pos - buf;
1111 pos += ret;
1112 }
1113 #ifdef CONFIG_SAE
1114 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) {
1115 ret = os_snprintf(pos, end - pos, "SAE ");
1116 if (os_snprintf_error(end - pos, ret))
1117 return pos - buf;
1118 pos += ret;
1119 }
1120 #endif /* CONFIG_SAE */
1121 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1122 ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B ");
1123 if (os_snprintf_error(end - pos, ret))
1124 return pos - buf;
1125 pos += ret;
1126 }
1127 if (hapd->conf->wpa_key_mgmt &
1128 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1129 ret = os_snprintf(pos, end - pos,
1130 "WPA-EAP-SUITE-B-192 ");
1131 if (os_snprintf_error(end - pos, ret))
1132 return pos - buf;
1133 pos += ret;
1134 }
1135 #ifdef CONFIG_FILS
1136 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
1137 ret = os_snprintf(pos, end - pos, "FILS-SHA256 ");
1138 if (os_snprintf_error(end - pos, ret))
1139 return pos - buf;
1140 pos += ret;
1141 }
1142 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
1143 ret = os_snprintf(pos, end - pos, "FILS-SHA384 ");
1144 if (os_snprintf_error(end - pos, ret))
1145 return pos - buf;
1146 pos += ret;
1147 }
1148 #endif /* CONFIG_FILS */
1149
1150 #ifdef CONFIG_OWE
1151 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) {
1152 ret = os_snprintf(pos, end - pos, "OWE ");
1153 if (os_snprintf_error(end - pos, ret))
1154 return pos - buf;
1155 pos += ret;
1156 }
1157 #endif /* CONFIG_OWE */
1158
1159 #ifdef CONFIG_DPP
1160 if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) {
1161 ret = os_snprintf(pos, end - pos, "DPP ");
1162 if (os_snprintf_error(end - pos, ret))
1163 return pos - buf;
1164 pos += ret;
1165 }
1166 #endif /* CONFIG_DPP */
1167
1168 if (pos > buf && *(pos - 1) == ' ') {
1169 *(pos - 1) = '\0';
1170 pos--;
1171 }
1172
1173 return pos - buf;
1174 }
1175
1176
1177 static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd,
1178 char *buf, size_t buflen)
1179 {
1180 int ret;
1181 char *pos, *end;
1182
1183 pos = buf;
1184 end = buf + buflen;
1185
1186 ret = os_snprintf(pos, end - pos, "bssid=" MACSTR "\n"
1187 "ssid=%s\n",
1188 MAC2STR(hapd->own_addr),
1189 wpa_ssid_txt(hapd->conf->ssid.ssid,
1190 hapd->conf->ssid.ssid_len));
1191 if (os_snprintf_error(end - pos, ret))
1192 return pos - buf;
1193 pos += ret;
1194
1195 #ifdef CONFIG_WPS
1196 ret = os_snprintf(pos, end - pos, "wps_state=%s\n",
1197 hapd->conf->wps_state == 0 ? "disabled" :
1198 (hapd->conf->wps_state == 1 ? "not configured" :
1199 "configured"));
1200 if (os_snprintf_error(end - pos, ret))
1201 return pos - buf;
1202 pos += ret;
1203
1204 if (hapd->conf->wps_state && hapd->conf->wpa &&
1205 hapd->conf->ssid.wpa_passphrase) {
1206 ret = os_snprintf(pos, end - pos, "passphrase=%s\n",
1207 hapd->conf->ssid.wpa_passphrase);
1208 if (os_snprintf_error(end - pos, ret))
1209 return pos - buf;
1210 pos += ret;
1211 }
1212
1213 if (hapd->conf->wps_state && hapd->conf->wpa &&
1214 hapd->conf->ssid.wpa_psk &&
1215 hapd->conf->ssid.wpa_psk->group) {
1216 char hex[PMK_LEN * 2 + 1];
1217 wpa_snprintf_hex(hex, sizeof(hex),
1218 hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
1219 ret = os_snprintf(pos, end - pos, "psk=%s\n", hex);
1220 if (os_snprintf_error(end - pos, ret))
1221 return pos - buf;
1222 pos += ret;
1223 }
1224 #endif /* CONFIG_WPS */
1225
1226 if (hapd->conf->wpa) {
1227 ret = os_snprintf(pos, end - pos, "wpa=%d\n", hapd->conf->wpa);
1228 if (os_snprintf_error(end - pos, ret))
1229 return pos - buf;
1230 pos += ret;
1231 }
1232
1233 if (hapd->conf->wpa && hapd->conf->wpa_key_mgmt) {
1234 ret = os_snprintf(pos, end - pos, "key_mgmt=");
1235 if (os_snprintf_error(end - pos, ret))
1236 return pos - buf;
1237 pos += ret;
1238
1239 pos += hostapd_ctrl_iface_get_key_mgmt(hapd, pos, end - pos);
1240
1241 ret = os_snprintf(pos, end - pos, "\n");
1242 if (os_snprintf_error(end - pos, ret))
1243 return pos - buf;
1244 pos += ret;
1245 }
1246
1247 if (hapd->conf->wpa) {
1248 ret = os_snprintf(pos, end - pos, "group_cipher=%s\n",
1249 wpa_cipher_txt(hapd->conf->wpa_group));
1250 if (os_snprintf_error(end - pos, ret))
1251 return pos - buf;
1252 pos += ret;
1253 }
1254
1255 if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->rsn_pairwise) {
1256 ret = os_snprintf(pos, end - pos, "rsn_pairwise_cipher=");
1257 if (os_snprintf_error(end - pos, ret))
1258 return pos - buf;
1259 pos += ret;
1260
1261 ret = wpa_write_ciphers(pos, end, hapd->conf->rsn_pairwise,
1262 " ");
1263 if (ret < 0)
1264 return pos - buf;
1265 pos += ret;
1266
1267 ret = os_snprintf(pos, end - pos, "\n");
1268 if (os_snprintf_error(end - pos, ret))
1269 return pos - buf;
1270 pos += ret;
1271 }
1272
1273 if ((hapd->conf->wpa & WPA_PROTO_WPA) && hapd->conf->wpa_pairwise) {
1274 ret = os_snprintf(pos, end - pos, "wpa_pairwise_cipher=");
1275 if (os_snprintf_error(end - pos, ret))
1276 return pos - buf;
1277 pos += ret;
1278
1279 ret = wpa_write_ciphers(pos, end, hapd->conf->wpa_pairwise,
1280 " ");
1281 if (ret < 0)
1282 return pos - buf;
1283 pos += ret;
1284
1285 ret = os_snprintf(pos, end - pos, "\n");
1286 if (os_snprintf_error(end - pos, ret))
1287 return pos - buf;
1288 pos += ret;
1289 }
1290
1291 if (hapd->conf->wpa && hapd->conf->wpa_deny_ptk0_rekey) {
1292 ret = os_snprintf(pos, end - pos, "wpa_deny_ptk0_rekey=%d\n",
1293 hapd->conf->wpa_deny_ptk0_rekey);
1294 if (os_snprintf_error(end - pos, ret))
1295 return pos - buf;
1296 pos += ret;
1297 }
1298
1299 if ((hapd->conf->wpa & WPA_PROTO_RSN) && hapd->conf->extended_key_id) {
1300 ret = os_snprintf(pos, end - pos, "extended_key_id=%d\n",
1301 hapd->conf->extended_key_id);
1302 if (os_snprintf_error(end - pos, ret))
1303 return pos - buf;
1304 pos += ret;
1305 }
1306
1307 return pos - buf;
1308 }
1309
1310
1311 static void hostapd_disassoc_accept_mac(struct hostapd_data *hapd)
1312 {
1313 struct sta_info *sta;
1314 struct vlan_description vlan_id;
1315
1316 if (hapd->conf->macaddr_acl != DENY_UNLESS_ACCEPTED)
1317 return;
1318
1319 for (sta = hapd->sta_list; sta; sta = sta->next) {
1320 if (!hostapd_maclist_found(hapd->conf->accept_mac,
1321 hapd->conf->num_accept_mac,
1322 sta->addr, &vlan_id) ||
1323 (vlan_id.notempty &&
1324 vlan_compare(&vlan_id, sta->vlan_desc)))
1325 ap_sta_disconnect(hapd, sta, sta->addr,
1326 WLAN_REASON_UNSPECIFIED);
1327 }
1328 }
1329
1330
1331 static void hostapd_disassoc_deny_mac(struct hostapd_data *hapd)
1332 {
1333 struct sta_info *sta;
1334 struct vlan_description vlan_id;
1335
1336 for (sta = hapd->sta_list; sta; sta = sta->next) {
1337 if (hostapd_maclist_found(hapd->conf->deny_mac,
1338 hapd->conf->num_deny_mac, sta->addr,
1339 &vlan_id) &&
1340 (!vlan_id.notempty ||
1341 !vlan_compare(&vlan_id, sta->vlan_desc)))
1342 ap_sta_disconnect(hapd, sta, sta->addr,
1343 WLAN_REASON_UNSPECIFIED);
1344 }
1345 }
1346
1347
1348 static int hostapd_ctrl_iface_set_band(struct hostapd_data *hapd,
1349 const char *band)
1350 {
1351 union wpa_event_data event;
1352 enum set_band setband;
1353
1354 if (os_strcmp(band, "AUTO") == 0)
1355 setband = WPA_SETBAND_AUTO;
1356 else if (os_strcmp(band, "5G") == 0)
1357 setband = WPA_SETBAND_5G;
1358 else if (os_strcmp(band, "2G") == 0)
1359 setband = WPA_SETBAND_2G;
1360 else
1361 return -1;
1362
1363 if (hostapd_drv_set_band(hapd, setband) == 0) {
1364 os_memset(&event, 0, sizeof(event));
1365 event.channel_list_changed.initiator = REGDOM_SET_BY_USER;
1366 event.channel_list_changed.type = REGDOM_TYPE_UNKNOWN;
1367 wpa_supplicant_event(hapd, EVENT_CHANNEL_LIST_CHANGED, &event);
1368 }
1369
1370 return 0;
1371 }
1372
1373
1374 static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd)
1375 {
1376 char *value;
1377 int ret = 0;
1378
1379 value = os_strchr(cmd, ' ');
1380 if (value == NULL)
1381 return -1;
1382 *value++ = '\0';
1383
1384 wpa_printf(MSG_DEBUG, "CTRL_IFACE SET '%s'='%s'", cmd, value);
1385 if (0) {
1386 #ifdef CONFIG_WPS_TESTING
1387 } else if (os_strcasecmp(cmd, "wps_version_number") == 0) {
1388 long int val;
1389 val = strtol(value, NULL, 0);
1390 if (val < 0 || val > 0xff) {
1391 ret = -1;
1392 wpa_printf(MSG_DEBUG, "WPS: Invalid "
1393 "wps_version_number %ld", val);
1394 } else {
1395 wps_version_number = val;
1396 wpa_printf(MSG_DEBUG, "WPS: Testing - force WPS "
1397 "version %u.%u",
1398 (wps_version_number & 0xf0) >> 4,
1399 wps_version_number & 0x0f);
1400 hostapd_wps_update_ie(hapd);
1401 }
1402 } else if (os_strcasecmp(cmd, "wps_testing_dummy_cred") == 0) {
1403 wps_testing_dummy_cred = atoi(value);
1404 wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
1405 wps_testing_dummy_cred);
1406 } else if (os_strcasecmp(cmd, "wps_corrupt_pkhash") == 0) {
1407 wps_corrupt_pkhash = atoi(value);
1408 wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d",
1409 wps_corrupt_pkhash);
1410 #endif /* CONFIG_WPS_TESTING */
1411 #ifdef CONFIG_TESTING_OPTIONS
1412 } else if (os_strcasecmp(cmd, "ext_mgmt_frame_handling") == 0) {
1413 hapd->ext_mgmt_frame_handling = atoi(value);
1414 } else if (os_strcasecmp(cmd, "ext_eapol_frame_io") == 0) {
1415 hapd->ext_eapol_frame_io = atoi(value);
1416 #ifdef CONFIG_DPP
1417 } else if (os_strcasecmp(cmd, "dpp_config_obj_override") == 0) {
1418 os_free(hapd->dpp_config_obj_override);
1419 hapd->dpp_config_obj_override = os_strdup(value);
1420 } else if (os_strcasecmp(cmd, "dpp_discovery_override") == 0) {
1421 os_free(hapd->dpp_discovery_override);
1422 hapd->dpp_discovery_override = os_strdup(value);
1423 } else if (os_strcasecmp(cmd, "dpp_groups_override") == 0) {
1424 os_free(hapd->dpp_groups_override);
1425 hapd->dpp_groups_override = os_strdup(value);
1426 } else if (os_strcasecmp(cmd,
1427 "dpp_ignore_netaccesskey_mismatch") == 0) {
1428 hapd->dpp_ignore_netaccesskey_mismatch = atoi(value);
1429 } else if (os_strcasecmp(cmd, "dpp_test") == 0) {
1430 dpp_test = atoi(value);
1431 #endif /* CONFIG_DPP */
1432 #endif /* CONFIG_TESTING_OPTIONS */
1433 #ifdef CONFIG_MBO
1434 } else if (os_strcasecmp(cmd, "mbo_assoc_disallow") == 0) {
1435 int val;
1436
1437 if (!hapd->conf->mbo_enabled)
1438 return -1;
1439
1440 val = atoi(value);
1441 if (val < 0 || val > 1)
1442 return -1;
1443
1444 hapd->mbo_assoc_disallow = val;
1445 ieee802_11_update_beacons(hapd->iface);
1446
1447 /*
1448 * TODO: Need to configure drivers that do AP MLME offload with
1449 * disallowing station logic.
1450 */
1451 #endif /* CONFIG_MBO */
1452 #ifdef CONFIG_DPP
1453 } else if (os_strcasecmp(cmd, "dpp_configurator_params") == 0) {
1454 os_free(hapd->dpp_configurator_params);
1455 hapd->dpp_configurator_params = os_strdup(value);
1456 #endif /* CONFIG_DPP */
1457 } else if (os_strcasecmp(cmd, "setband") == 0) {
1458 ret = hostapd_ctrl_iface_set_band(hapd, value);
1459 } else {
1460 ret = hostapd_set_iface(hapd->iconf, hapd->conf, cmd, value);
1461 if (ret)
1462 return ret;
1463
1464 if (os_strcasecmp(cmd, "deny_mac_file") == 0) {
1465 hostapd_disassoc_deny_mac(hapd);
1466 } else if (os_strcasecmp(cmd, "accept_mac_file") == 0) {
1467 hostapd_disassoc_accept_mac(hapd);
1468 } else if (os_strncmp(cmd, "wme_ac_", 7) == 0 ||
1469 os_strncmp(cmd, "wmm_ac_", 7) == 0) {
1470 hapd->parameter_set_count++;
1471 if (ieee802_11_update_beacons(hapd->iface))
1472 wpa_printf(MSG_DEBUG,
1473 "Failed to update beacons with WMM parameters");
1474 } else if (os_strcmp(cmd, "wpa_passphrase") == 0 ||
1475 os_strcmp(cmd, "sae_password") == 0 ||
1476 os_strcmp(cmd, "sae_pwe") == 0) {
1477 if (hapd->started)
1478 hostapd_setup_sae_pt(hapd->conf);
1479 }
1480 }
1481
1482 return ret;
1483 }
1484
1485
1486 static int hostapd_ctrl_iface_get(struct hostapd_data *hapd, char *cmd,
1487 char *buf, size_t buflen)
1488 {
1489 int res;
1490
1491 wpa_printf(MSG_DEBUG, "CTRL_IFACE GET '%s'", cmd);
1492
1493 if (os_strcmp(cmd, "version") == 0) {
1494 res = os_snprintf(buf, buflen, "%s", VERSION_STR);
1495 if (os_snprintf_error(buflen, res))
1496 return -1;
1497 return res;
1498 } else if (os_strcmp(cmd, "tls_library") == 0) {
1499 res = tls_get_library_version(buf, buflen);
1500 if (os_snprintf_error(buflen, res))
1501 return -1;
1502 return res;
1503 }
1504
1505 return -1;
1506 }
1507
1508
1509 static int hostapd_ctrl_iface_enable(struct hostapd_iface *iface)
1510 {
1511 if (hostapd_enable_iface(iface) < 0) {
1512 wpa_printf(MSG_ERROR, "Enabling of interface failed");
1513 return -1;
1514 }
1515 return 0;
1516 }
1517
1518
1519 static int hostapd_ctrl_iface_reload(struct hostapd_iface *iface)
1520 {
1521 if (hostapd_reload_iface(iface) < 0) {
1522 wpa_printf(MSG_ERROR, "Reloading of interface failed");
1523 return -1;
1524 }
1525 return 0;
1526 }
1527
1528
1529 static int hostapd_ctrl_iface_disable(struct hostapd_iface *iface)
1530 {
1531 if (hostapd_disable_iface(iface) < 0) {
1532 wpa_printf(MSG_ERROR, "Disabling of interface failed");
1533 return -1;
1534 }
1535 return 0;
1536 }
1537
1538
1539 static int
1540 hostapd_ctrl_iface_kick_mismatch_psk_sta_iter(struct hostapd_data *hapd,
1541 struct sta_info *sta, void *ctx)
1542 {
1543 struct hostapd_wpa_psk *psk;
1544 const u8 *pmk;
1545 int pmk_len;
1546 int pmk_match;
1547 int sta_match;
1548 int bss_match;
1549 int reason;
1550
1551 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
1552
1553 for (psk = hapd->conf->ssid.wpa_psk; pmk && psk; psk = psk->next) {
1554 pmk_match = PMK_LEN == pmk_len &&
1555 os_memcmp(psk->psk, pmk, pmk_len) == 0;
1556 sta_match = psk->group == 0 &&
1557 os_memcmp(sta->addr, psk->addr, ETH_ALEN) == 0;
1558 bss_match = psk->group == 1;
1559
1560 if (pmk_match && (sta_match || bss_match))
1561 return 0;
1562 }
1563
1564 wpa_printf(MSG_INFO, "STA " MACSTR
1565 " PSK/passphrase no longer valid - disconnect",
1566 MAC2STR(sta->addr));
1567 reason = WLAN_REASON_PREV_AUTH_NOT_VALID;
1568 hostapd_drv_sta_deauth(hapd, sta->addr, reason);
1569 ap_sta_deauthenticate(hapd, sta, reason);
1570
1571 return 0;
1572 }
1573
1574
1575 static int hostapd_ctrl_iface_reload_wpa_psk(struct hostapd_data *hapd)
1576 {
1577 struct hostapd_bss_config *conf = hapd->conf;
1578 int err;
1579
1580 hostapd_config_clear_wpa_psk(&conf->ssid.wpa_psk);
1581
1582 err = hostapd_setup_wpa_psk(conf);
1583 if (err < 0) {
1584 wpa_printf(MSG_ERROR, "Reloading WPA-PSK passwords failed: %d",
1585 err);
1586 return -1;
1587 }
1588
1589 ap_for_each_sta(hapd, hostapd_ctrl_iface_kick_mismatch_psk_sta_iter,
1590 NULL);
1591
1592 return 0;
1593 }
1594
1595
1596 #ifdef CONFIG_TESTING_OPTIONS
1597
1598 static int hostapd_ctrl_iface_radar(struct hostapd_data *hapd, char *cmd)
1599 {
1600 union wpa_event_data data;
1601 char *pos, *param;
1602 enum wpa_event_type event;
1603
1604 wpa_printf(MSG_DEBUG, "RADAR TEST: %s", cmd);
1605
1606 os_memset(&data, 0, sizeof(data));
1607
1608 param = os_strchr(cmd, ' ');
1609 if (param == NULL)
1610 return -1;
1611 *param++ = '\0';
1612
1613 if (os_strcmp(cmd, "DETECTED") == 0)
1614 event = EVENT_DFS_RADAR_DETECTED;
1615 else if (os_strcmp(cmd, "CAC-FINISHED") == 0)
1616 event = EVENT_DFS_CAC_FINISHED;
1617 else if (os_strcmp(cmd, "CAC-ABORTED") == 0)
1618 event = EVENT_DFS_CAC_ABORTED;
1619 else if (os_strcmp(cmd, "NOP-FINISHED") == 0)
1620 event = EVENT_DFS_NOP_FINISHED;
1621 else {
1622 wpa_printf(MSG_DEBUG, "Unsupported RADAR test command: %s",
1623 cmd);
1624 return -1;
1625 }
1626
1627 pos = os_strstr(param, "freq=");
1628 if (pos)
1629 data.dfs_event.freq = atoi(pos + 5);
1630
1631 pos = os_strstr(param, "ht_enabled=1");
1632 if (pos)
1633 data.dfs_event.ht_enabled = 1;
1634
1635 pos = os_strstr(param, "chan_offset=");
1636 if (pos)
1637 data.dfs_event.chan_offset = atoi(pos + 12);
1638
1639 pos = os_strstr(param, "chan_width=");
1640 if (pos)
1641 data.dfs_event.chan_width = atoi(pos + 11);
1642
1643 pos = os_strstr(param, "cf1=");
1644 if (pos)
1645 data.dfs_event.cf1 = atoi(pos + 4);
1646
1647 pos = os_strstr(param, "cf2=");
1648 if (pos)
1649 data.dfs_event.cf2 = atoi(pos + 4);
1650
1651 wpa_supplicant_event(hapd, event, &data);
1652
1653 return 0;
1654 }
1655
1656
1657 static int hostapd_ctrl_iface_mgmt_tx(struct hostapd_data *hapd, char *cmd)
1658 {
1659 size_t len;
1660 u8 *buf;
1661 int res;
1662
1663 wpa_printf(MSG_DEBUG, "External MGMT TX: %s", cmd);
1664
1665 len = os_strlen(cmd);
1666 if (len & 1)
1667 return -1;
1668 len /= 2;
1669
1670 buf = os_malloc(len);
1671 if (buf == NULL)
1672 return -1;
1673
1674 if (hexstr2bin(cmd, buf, len) < 0) {
1675 os_free(buf);
1676 return -1;
1677 }
1678
1679 res = hostapd_drv_send_mlme(hapd, buf, len, 0, NULL, 0, 0);
1680 os_free(buf);
1681 return res;
1682 }
1683
1684
1685 static int hostapd_ctrl_iface_mgmt_tx_status_process(struct hostapd_data *hapd,
1686 char *cmd)
1687 {
1688 char *pos, *param;
1689 size_t len;
1690 u8 *buf;
1691 int stype = 0, ok = 0;
1692 union wpa_event_data event;
1693
1694 if (!hapd->ext_mgmt_frame_handling)
1695 return -1;
1696
1697 /* stype=<val> ok=<0/1> buf=<frame hexdump> */
1698
1699 wpa_printf(MSG_DEBUG, "External MGMT TX status process: %s", cmd);
1700
1701 pos = cmd;
1702 param = os_strstr(pos, "stype=");
1703 if (param) {
1704 param += 6;
1705 stype = atoi(param);
1706 }
1707
1708 param = os_strstr(pos, " ok=");
1709 if (param) {
1710 param += 4;
1711 ok = atoi(param);
1712 }
1713
1714 param = os_strstr(pos, " buf=");
1715 if (!param)
1716 return -1;
1717 param += 5;
1718
1719 len = os_strlen(param);
1720 if (len & 1)
1721 return -1;
1722 len /= 2;
1723
1724 buf = os_malloc(len);
1725 if (!buf || hexstr2bin(param, buf, len) < 0) {
1726 os_free(buf);
1727 return -1;
1728 }
1729
1730 os_memset(&event, 0, sizeof(event));
1731 event.tx_status.type = WLAN_FC_TYPE_MGMT;
1732 event.tx_status.data = buf;
1733 event.tx_status.data_len = len;
1734 event.tx_status.stype = stype;
1735 event.tx_status.ack = ok;
1736 hapd->ext_mgmt_frame_handling = 0;
1737 wpa_supplicant_event(hapd, EVENT_TX_STATUS, &event);
1738 hapd->ext_mgmt_frame_handling = 1;
1739
1740 os_free(buf);
1741
1742 return 0;
1743 }
1744
1745
1746 static int hostapd_ctrl_iface_mgmt_rx_process(struct hostapd_data *hapd,
1747 char *cmd)
1748 {
1749 char *pos, *param;
1750 size_t len;
1751 u8 *buf;
1752 int freq = 0, datarate = 0, ssi_signal = 0;
1753 union wpa_event_data event;
1754
1755 if (!hapd->ext_mgmt_frame_handling)
1756 return -1;
1757
1758 /* freq=<MHz> datarate=<val> ssi_signal=<val> frame=<frame hexdump> */
1759
1760 wpa_printf(MSG_DEBUG, "External MGMT RX process: %s", cmd);
1761
1762 pos = cmd;
1763 param = os_strstr(pos, "freq=");
1764 if (param) {
1765 param += 5;
1766 freq = atoi(param);
1767 }
1768
1769 param = os_strstr(pos, " datarate=");
1770 if (param) {
1771 param += 10;
1772 datarate = atoi(param);
1773 }
1774
1775 param = os_strstr(pos, " ssi_signal=");
1776 if (param) {
1777 param += 12;
1778 ssi_signal = atoi(param);
1779 }
1780
1781 param = os_strstr(pos, " frame=");
1782 if (param == NULL)
1783 return -1;
1784 param += 7;
1785
1786 len = os_strlen(param);
1787 if (len & 1)
1788 return -1;
1789 len /= 2;
1790
1791 buf = os_malloc(len);
1792 if (buf == NULL)
1793 return -1;
1794
1795 if (hexstr2bin(param, buf, len) < 0) {
1796 os_free(buf);
1797 return -1;
1798 }
1799
1800 os_memset(&event, 0, sizeof(event));
1801 event.rx_mgmt.freq = freq;
1802 event.rx_mgmt.frame = buf;
1803 event.rx_mgmt.frame_len = len;
1804 event.rx_mgmt.ssi_signal = ssi_signal;
1805 event.rx_mgmt.datarate = datarate;
1806 hapd->ext_mgmt_frame_handling = 0;
1807 wpa_supplicant_event(hapd, EVENT_RX_MGMT, &event);
1808 hapd->ext_mgmt_frame_handling = 1;
1809
1810 os_free(buf);
1811
1812 return 0;
1813 }
1814
1815
1816 static int hostapd_ctrl_iface_eapol_rx(struct hostapd_data *hapd, char *cmd)
1817 {
1818 char *pos;
1819 u8 src[ETH_ALEN], *buf;
1820 int used;
1821 size_t len;
1822
1823 wpa_printf(MSG_DEBUG, "External EAPOL RX: %s", cmd);
1824
1825 pos = cmd;
1826 used = hwaddr_aton2(pos, src);
1827 if (used < 0)
1828 return -1;
1829 pos += used;
1830 while (*pos == ' ')
1831 pos++;
1832
1833 len = os_strlen(pos);
1834 if (len & 1)
1835 return -1;
1836 len /= 2;
1837
1838 buf = os_malloc(len);
1839 if (buf == NULL)
1840 return -1;
1841
1842 if (hexstr2bin(pos, buf, len) < 0) {
1843 os_free(buf);
1844 return -1;
1845 }
1846
1847 ieee802_1x_receive(hapd, src, buf, len);
1848 os_free(buf);
1849
1850 return 0;
1851 }
1852
1853
1854 static u16 ipv4_hdr_checksum(const void *buf, size_t len)
1855 {
1856 size_t i;
1857 u32 sum = 0;
1858 const u16 *pos = buf;
1859
1860 for (i = 0; i < len / 2; i++)
1861 sum += *pos++;
1862
1863 while (sum >> 16)
1864 sum = (sum & 0xffff) + (sum >> 16);
1865
1866 return sum ^ 0xffff;
1867 }
1868
1869
1870 #define HWSIM_PACKETLEN 1500
1871 #define HWSIM_IP_LEN (HWSIM_PACKETLEN - sizeof(struct ether_header))
1872
1873 static void hostapd_data_test_rx(void *ctx, const u8 *src_addr, const u8 *buf,
1874 size_t len)
1875 {
1876 struct hostapd_data *hapd = ctx;
1877 const struct ether_header *eth;
1878 struct ip ip;
1879 const u8 *pos;
1880 unsigned int i;
1881 char extra[30];
1882
1883 if (len < sizeof(*eth) + sizeof(ip) || len > HWSIM_PACKETLEN) {
1884 wpa_printf(MSG_DEBUG,
1885 "test data: RX - ignore unexpected length %d",
1886 (int) len);
1887 return;
1888 }
1889
1890 eth = (const struct ether_header *) buf;
1891 os_memcpy(&ip, eth + 1, sizeof(ip));
1892 pos = &buf[sizeof(*eth) + sizeof(ip)];
1893
1894 if (ip.ip_hl != 5 || ip.ip_v != 4 ||
1895 ntohs(ip.ip_len) > HWSIM_IP_LEN) {
1896 wpa_printf(MSG_DEBUG,
1897 "test data: RX - ignore unexpect IP header");
1898 return;
1899 }
1900
1901 for (i = 0; i < ntohs(ip.ip_len) - sizeof(ip); i++) {
1902 if (*pos != (u8) i) {
1903 wpa_printf(MSG_DEBUG,
1904 "test data: RX - ignore mismatching payload");
1905 return;
1906 }
1907 pos++;
1908 }
1909
1910 extra[0] = '\0';
1911 if (ntohs(ip.ip_len) != HWSIM_IP_LEN)
1912 os_snprintf(extra, sizeof(extra), " len=%d", ntohs(ip.ip_len));
1913 wpa_msg(hapd->msg_ctx, MSG_INFO, "DATA-TEST-RX " MACSTR " " MACSTR "%s",
1914 MAC2STR(eth->ether_dhost), MAC2STR(eth->ether_shost), extra);
1915 }
1916
1917
1918 static int hostapd_ctrl_iface_data_test_config(struct hostapd_data *hapd,
1919 char *cmd)
1920 {
1921 int enabled = atoi(cmd);
1922 char *pos;
1923 const char *ifname;
1924
1925 if (!enabled) {
1926 if (hapd->l2_test) {
1927 l2_packet_deinit(hapd->l2_test);
1928 hapd->l2_test = NULL;
1929 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
1930 "test data: Disabled");
1931 }
1932 return 0;
1933 }
1934
1935 if (hapd->l2_test)
1936 return 0;
1937
1938 pos = os_strstr(cmd, " ifname=");
1939 if (pos)
1940 ifname = pos + 8;
1941 else
1942 ifname = hapd->conf->iface;
1943
1944 hapd->l2_test = l2_packet_init(ifname, hapd->own_addr,
1945 ETHERTYPE_IP, hostapd_data_test_rx,
1946 hapd, 1);
1947 if (hapd->l2_test == NULL)
1948 return -1;
1949
1950 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: Enabled");
1951
1952 return 0;
1953 }
1954
1955
1956 static int hostapd_ctrl_iface_data_test_tx(struct hostapd_data *hapd, char *cmd)
1957 {
1958 u8 dst[ETH_ALEN], src[ETH_ALEN];
1959 char *pos, *pos2;
1960 int used;
1961 long int val;
1962 u8 tos;
1963 u8 buf[2 + HWSIM_PACKETLEN];
1964 struct ether_header *eth;
1965 struct ip *ip;
1966 u8 *dpos;
1967 unsigned int i;
1968 size_t send_len = HWSIM_IP_LEN;
1969
1970 if (hapd->l2_test == NULL)
1971 return -1;
1972
1973 /* format: <dst> <src> <tos> [len=<length>] */
1974
1975 pos = cmd;
1976 used = hwaddr_aton2(pos, dst);
1977 if (used < 0)
1978 return -1;
1979 pos += used;
1980 while (*pos == ' ')
1981 pos++;
1982 used = hwaddr_aton2(pos, src);
1983 if (used < 0)
1984 return -1;
1985 pos += used;
1986
1987 val = strtol(pos, &pos2, 0);
1988 if (val < 0 || val > 0xff)
1989 return -1;
1990 tos = val;
1991
1992 pos = os_strstr(pos2, " len=");
1993 if (pos) {
1994 i = atoi(pos + 5);
1995 if (i < sizeof(*ip) || i > HWSIM_IP_LEN)
1996 return -1;
1997 send_len = i;
1998 }
1999
2000 eth = (struct ether_header *) &buf[2];
2001 os_memcpy(eth->ether_dhost, dst, ETH_ALEN);
2002 os_memcpy(eth->ether_shost, src, ETH_ALEN);
2003 eth->ether_type = htons(ETHERTYPE_IP);
2004 ip = (struct ip *) (eth + 1);
2005 os_memset(ip, 0, sizeof(*ip));
2006 ip->ip_hl = 5;
2007 ip->ip_v = 4;
2008 ip->ip_ttl = 64;
2009 ip->ip_tos = tos;
2010 ip->ip_len = htons(send_len);
2011 ip->ip_p = 1;
2012 ip->ip_src.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1);
2013 ip->ip_dst.s_addr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2);
2014 ip->ip_sum = ipv4_hdr_checksum(ip, sizeof(*ip));
2015 dpos = (u8 *) (ip + 1);
2016 for (i = 0; i < send_len - sizeof(*ip); i++)
2017 *dpos++ = i;
2018
2019 if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, &buf[2],
2020 sizeof(struct ether_header) + send_len) < 0)
2021 return -1;
2022
2023 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX dst=" MACSTR
2024 " src=" MACSTR " tos=0x%x", MAC2STR(dst), MAC2STR(src), tos);
2025
2026 return 0;
2027 }
2028
2029
2030 static int hostapd_ctrl_iface_data_test_frame(struct hostapd_data *hapd,
2031 char *cmd)
2032 {
2033 u8 *buf;
2034 struct ether_header *eth;
2035 struct l2_packet_data *l2 = NULL;
2036 size_t len;
2037 u16 ethertype;
2038 int res = -1;
2039 const char *ifname = hapd->conf->iface;
2040
2041 if (os_strncmp(cmd, "ifname=", 7) == 0) {
2042 cmd += 7;
2043 ifname = cmd;
2044 cmd = os_strchr(cmd, ' ');
2045 if (cmd == NULL)
2046 return -1;
2047 *cmd++ = '\0';
2048 }
2049
2050 len = os_strlen(cmd);
2051 if (len & 1 || len < ETH_HLEN * 2)
2052 return -1;
2053 len /= 2;
2054
2055 buf = os_malloc(len);
2056 if (buf == NULL)
2057 return -1;
2058
2059 if (hexstr2bin(cmd, buf, len) < 0)
2060 goto done;
2061
2062 eth = (struct ether_header *) buf;
2063 ethertype = ntohs(eth->ether_type);
2064
2065 l2 = l2_packet_init(ifname, hapd->own_addr, ethertype,
2066 hostapd_data_test_rx, hapd, 1);
2067 if (l2 == NULL)
2068 goto done;
2069
2070 res = l2_packet_send(l2, eth->ether_dhost, ethertype, buf, len);
2071 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "test data: TX frame res=%d", res);
2072 done:
2073 if (l2)
2074 l2_packet_deinit(l2);
2075 os_free(buf);
2076
2077 return res < 0 ? -1 : 0;
2078 }
2079
2080
2081 static int hostapd_ctrl_test_alloc_fail(struct hostapd_data *hapd, char *cmd)
2082 {
2083 #ifdef WPA_TRACE_BFD
2084 char *pos;
2085
2086 wpa_trace_fail_after = atoi(cmd);
2087 pos = os_strchr(cmd, ':');
2088 if (pos) {
2089 pos++;
2090 os_strlcpy(wpa_trace_fail_func, pos,
2091 sizeof(wpa_trace_fail_func));
2092 } else {
2093 wpa_trace_fail_after = 0;
2094 }
2095
2096 return 0;
2097 #else /* WPA_TRACE_BFD */
2098 return -1;
2099 #endif /* WPA_TRACE_BFD */
2100 }
2101
2102
2103 static int hostapd_ctrl_get_alloc_fail(struct hostapd_data *hapd,
2104 char *buf, size_t buflen)
2105 {
2106 #ifdef WPA_TRACE_BFD
2107 return os_snprintf(buf, buflen, "%u:%s", wpa_trace_fail_after,
2108 wpa_trace_fail_func);
2109 #else /* WPA_TRACE_BFD */
2110 return -1;
2111 #endif /* WPA_TRACE_BFD */
2112 }
2113
2114
2115 static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd)
2116 {
2117 #ifdef WPA_TRACE_BFD
2118 char *pos;
2119
2120 wpa_trace_test_fail_after = atoi(cmd);
2121 pos = os_strchr(cmd, ':');
2122 if (pos) {
2123 pos++;
2124 os_strlcpy(wpa_trace_test_fail_func, pos,
2125 sizeof(wpa_trace_test_fail_func));
2126 } else {
2127 wpa_trace_test_fail_after = 0;
2128 }
2129
2130 return 0;
2131 #else /* WPA_TRACE_BFD */
2132 return -1;
2133 #endif /* WPA_TRACE_BFD */
2134 }
2135
2136
2137 static int hostapd_ctrl_get_fail(struct hostapd_data *hapd,
2138 char *buf, size_t buflen)
2139 {
2140 #ifdef WPA_TRACE_BFD
2141 return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after,
2142 wpa_trace_test_fail_func);
2143 #else /* WPA_TRACE_BFD */
2144 return -1;
2145 #endif /* WPA_TRACE_BFD */
2146 }
2147
2148
2149 static int hostapd_ctrl_reset_pn(struct hostapd_data *hapd, const char *cmd)
2150 {
2151 struct sta_info *sta;
2152 u8 addr[ETH_ALEN];
2153 u8 zero[WPA_TK_MAX_LEN];
2154
2155 os_memset(zero, 0, sizeof(zero));
2156
2157 if (hwaddr_aton(cmd, addr))
2158 return -1;
2159
2160 if (is_broadcast_ether_addr(addr) && os_strstr(cmd, "IGTK")) {
2161 if (hapd->last_igtk_alg == WPA_ALG_NONE)
2162 return -1;
2163
2164 wpa_printf(MSG_INFO, "TESTING: Reset IPN for IGTK");
2165
2166 /* First, use a zero key to avoid any possible duplicate key
2167 * avoidance in the driver. */
2168 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2169 hapd->last_igtk_alg,
2170 broadcast_ether_addr,
2171 hapd->last_igtk_key_idx, 0, 1, NULL, 0,
2172 zero, hapd->last_igtk_len,
2173 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2174 return -1;
2175
2176 /* Set the previously configured key to reset its TSC */
2177 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2178 hapd->last_igtk_alg,
2179 broadcast_ether_addr,
2180 hapd->last_igtk_key_idx, 0, 1, NULL,
2181 0, hapd->last_igtk,
2182 hapd->last_igtk_len,
2183 KEY_FLAG_GROUP_TX_DEFAULT);
2184 }
2185
2186 if (is_broadcast_ether_addr(addr)) {
2187 if (hapd->last_gtk_alg == WPA_ALG_NONE)
2188 return -1;
2189
2190 wpa_printf(MSG_INFO, "TESTING: Reset PN for GTK");
2191
2192 /* First, use a zero key to avoid any possible duplicate key
2193 * avoidance in the driver. */
2194 if (hostapd_drv_set_key(hapd->conf->iface, hapd,
2195 hapd->last_gtk_alg,
2196 broadcast_ether_addr,
2197 hapd->last_gtk_key_idx, 0, 1, NULL, 0,
2198 zero, hapd->last_gtk_len,
2199 KEY_FLAG_GROUP_TX_DEFAULT) < 0)
2200 return -1;
2201
2202 /* Set the previously configured key to reset its TSC */
2203 return hostapd_drv_set_key(hapd->conf->iface, hapd,
2204 hapd->last_gtk_alg,
2205 broadcast_ether_addr,
2206 hapd->last_gtk_key_idx, 0, 1, NULL,
2207 0, hapd->last_gtk,
2208 hapd->last_gtk_len,
2209 KEY_FLAG_GROUP_TX_DEFAULT);
2210 }
2211
2212 sta = ap_get_sta(hapd, addr);
2213 if (!sta)
2214 return -1;
2215
2216 if (sta->last_tk_alg == WPA_ALG_NONE)
2217 return -1;
2218
2219 wpa_printf(MSG_INFO, "TESTING: Reset PN for " MACSTR,
2220 MAC2STR(sta->addr));
2221
2222 /* First, use a zero key to avoid any possible duplicate key avoidance
2223 * in the driver. */
2224 if (hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2225 sta->addr, sta->last_tk_key_idx, 0, 1, NULL, 0,
2226 zero, sta->last_tk_len,
2227 KEY_FLAG_PAIRWISE_RX_TX) < 0)
2228 return -1;
2229
2230 /* Set the previously configured key to reset its TSC/RSC */
2231 return hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2232 sta->addr, sta->last_tk_key_idx, 0, 1, NULL,
2233 0, sta->last_tk, sta->last_tk_len,
2234 KEY_FLAG_PAIRWISE_RX_TX);
2235 }
2236
2237
2238 static int hostapd_ctrl_set_key(struct hostapd_data *hapd, const char *cmd)
2239 {
2240 u8 addr[ETH_ALEN];
2241 const char *pos = cmd;
2242 enum wpa_alg alg;
2243 enum key_flag key_flag;
2244 int idx, set_tx;
2245 u8 seq[6], key[WPA_TK_MAX_LEN];
2246 size_t key_len;
2247
2248 /* parameters: alg addr idx set_tx seq key key_flag */
2249
2250 alg = atoi(pos);
2251 pos = os_strchr(pos, ' ');
2252 if (!pos)
2253 return -1;
2254 pos++;
2255 if (hwaddr_aton(pos, addr))
2256 return -1;
2257 pos += 17;
2258 if (*pos != ' ')
2259 return -1;
2260 pos++;
2261 idx = atoi(pos);
2262 pos = os_strchr(pos, ' ');
2263 if (!pos)
2264 return -1;
2265 pos++;
2266 set_tx = atoi(pos);
2267 pos = os_strchr(pos, ' ');
2268 if (!pos)
2269 return -1;
2270 pos++;
2271 if (hexstr2bin(pos, seq, sizeof(seq)) < 0)
2272 return -1;
2273 pos += 2 * 6;
2274 if (*pos != ' ')
2275 return -1;
2276 pos++;
2277 if (!os_strchr(pos, ' '))
2278 return -1;
2279 key_len = (os_strchr(pos, ' ') - pos) / 2;
2280 if (hexstr2bin(pos, key, key_len) < 0)
2281 return -1;
2282 pos += 2 * key_len;
2283 if (*pos != ' ')
2284 return -1;
2285
2286 pos++;
2287 key_flag = atoi(pos);
2288 pos = os_strchr(pos, ' ');
2289 if (pos)
2290 return -1;
2291
2292 wpa_printf(MSG_INFO, "TESTING: Set key");
2293 return hostapd_drv_set_key(hapd->conf->iface, hapd, alg, addr, idx, 0,
2294 set_tx, seq, 6, key, key_len, key_flag);
2295 }
2296
2297
2298 static void restore_tk(void *ctx1, void *ctx2)
2299 {
2300 struct hostapd_data *hapd = ctx1;
2301 struct sta_info *sta = ctx2;
2302
2303 wpa_printf(MSG_INFO, "TESTING: Restore TK for " MACSTR,
2304 MAC2STR(sta->addr));
2305 /* This does not really restore the TSC properly, so this will result
2306 * in replay protection issues for now since there is no clean way of
2307 * preventing encryption of a single EAPOL frame. */
2308 hostapd_drv_set_key(hapd->conf->iface, hapd, sta->last_tk_alg,
2309 sta->addr, sta->last_tk_key_idx, 0, 1, NULL, 0,
2310 sta->last_tk, sta->last_tk_len,
2311 KEY_FLAG_PAIRWISE_RX_TX);
2312 }
2313
2314
2315 static int hostapd_ctrl_resend_m1(struct hostapd_data *hapd, const char *cmd)
2316 {
2317 struct sta_info *sta;
2318 u8 addr[ETH_ALEN];
2319 int plain = os_strstr(cmd, "plaintext") != NULL;
2320
2321 if (hwaddr_aton(cmd, addr))
2322 return -1;
2323
2324 sta = ap_get_sta(hapd, addr);
2325 if (!sta || !sta->wpa_sm)
2326 return -1;
2327
2328 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2329 plain = 0; /* no need for special processing */
2330 if (plain) {
2331 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
2332 MAC2STR(sta->addr));
2333 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2334 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2335 0, NULL, 0, KEY_FLAG_PAIRWISE);
2336 }
2337
2338 wpa_printf(MSG_INFO, "TESTING: Send M1 to " MACSTR, MAC2STR(sta->addr));
2339 return wpa_auth_resend_m1(sta->wpa_sm,
2340 os_strstr(cmd, "change-anonce") != NULL,
2341 plain ? restore_tk : NULL, hapd, sta);
2342 }
2343
2344
2345 static int hostapd_ctrl_resend_m3(struct hostapd_data *hapd, const char *cmd)
2346 {
2347 struct sta_info *sta;
2348 u8 addr[ETH_ALEN];
2349 int plain = os_strstr(cmd, "plaintext") != NULL;
2350
2351 if (hwaddr_aton(cmd, addr))
2352 return -1;
2353
2354 sta = ap_get_sta(hapd, addr);
2355 if (!sta || !sta->wpa_sm)
2356 return -1;
2357
2358 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2359 plain = 0; /* no need for special processing */
2360 if (plain) {
2361 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
2362 MAC2STR(sta->addr));
2363 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2364 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2365 0, NULL, 0, KEY_FLAG_PAIRWISE);
2366 }
2367
2368 wpa_printf(MSG_INFO, "TESTING: Send M3 to " MACSTR, MAC2STR(sta->addr));
2369 return wpa_auth_resend_m3(sta->wpa_sm,
2370 plain ? restore_tk : NULL, hapd, sta);
2371 }
2372
2373
2374 static int hostapd_ctrl_resend_group_m1(struct hostapd_data *hapd,
2375 const char *cmd)
2376 {
2377 struct sta_info *sta;
2378 u8 addr[ETH_ALEN];
2379 int plain = os_strstr(cmd, "plaintext") != NULL;
2380
2381 if (hwaddr_aton(cmd, addr))
2382 return -1;
2383
2384 sta = ap_get_sta(hapd, addr);
2385 if (!sta || !sta->wpa_sm)
2386 return -1;
2387
2388 if (plain && sta->last_tk_alg == WPA_ALG_NONE)
2389 plain = 0; /* no need for special processing */
2390 if (plain) {
2391 wpa_printf(MSG_INFO, "TESTING: Clear TK for " MACSTR,
2392 MAC2STR(sta->addr));
2393 hostapd_drv_set_key(hapd->conf->iface, hapd, WPA_ALG_NONE,
2394 sta->addr, sta->last_tk_key_idx, 0, 0, NULL,
2395 0, NULL, 0, KEY_FLAG_PAIRWISE);
2396 }
2397
2398 wpa_printf(MSG_INFO,
2399 "TESTING: Send group M1 for the same GTK and zero RSC to "
2400 MACSTR, MAC2STR(sta->addr));
2401 return wpa_auth_resend_group_m1(sta->wpa_sm,
2402 plain ? restore_tk : NULL, hapd, sta);
2403 }
2404
2405
2406 static int hostapd_ctrl_get_pmk(struct hostapd_data *hapd, const char *cmd,
2407 char *buf, size_t buflen)
2408 {
2409 struct sta_info *sta;
2410 u8 addr[ETH_ALEN];
2411 const u8 *pmk;
2412 int pmk_len;
2413
2414 if (hwaddr_aton(cmd, addr))
2415 return -1;
2416
2417 sta = ap_get_sta(hapd, addr);
2418 if (!sta || !sta->wpa_sm) {
2419 wpa_printf(MSG_DEBUG, "No STA WPA state machine for " MACSTR,
2420 MAC2STR(addr));
2421 return -1;
2422 }
2423 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
2424 if (!pmk) {
2425 wpa_printf(MSG_DEBUG, "No PMK stored for " MACSTR,
2426 MAC2STR(addr));
2427 return -1;
2428 }
2429
2430 return wpa_snprintf_hex(buf, buflen, pmk, pmk_len);
2431 }
2432
2433 #endif /* CONFIG_TESTING_OPTIONS */
2434
2435
2436 static int hostapd_ctrl_check_freq_params(struct hostapd_freq_params *params)
2437 {
2438 switch (params->bandwidth) {
2439 case 0:
2440 /* bandwidth not specified: use 20 MHz by default */
2441 /* fall-through */
2442 case 20:
2443 if (params->center_freq1 &&
2444 params->center_freq1 != params->freq)
2445 return -1;
2446
2447 if (params->center_freq2 || params->sec_channel_offset)
2448 return -1;
2449 break;
2450 case 40:
2451 if (params->center_freq2 || !params->sec_channel_offset)
2452 return -1;
2453
2454 if (!params->center_freq1)
2455 break;
2456 switch (params->sec_channel_offset) {
2457 case 1:
2458 if (params->freq + 10 != params->center_freq1)
2459 return -1;
2460 break;
2461 case -1:
2462 if (params->freq - 10 != params->center_freq1)
2463 return -1;
2464 break;
2465 default:
2466 return -1;
2467 }
2468 break;
2469 case 80:
2470 if (!params->center_freq1 || !params->sec_channel_offset)
2471 return 1;
2472
2473 switch (params->sec_channel_offset) {
2474 case 1:
2475 if (params->freq - 10 != params->center_freq1 &&
2476 params->freq + 30 != params->center_freq1)
2477 return 1;
2478 break;
2479 case -1:
2480 if (params->freq + 10 != params->center_freq1 &&
2481 params->freq - 30 != params->center_freq1)
2482 return -1;
2483 break;
2484 default:
2485 return -1;
2486 }
2487
2488 /* Adjacent and overlapped are not allowed for 80+80 */
2489 if (params->center_freq2 &&
2490 params->center_freq1 - params->center_freq2 <= 80 &&
2491 params->center_freq2 - params->center_freq1 <= 80)
2492 return 1;
2493 break;
2494 case 160:
2495 if (!params->center_freq1 || params->center_freq2 ||
2496 !params->sec_channel_offset)
2497 return -1;
2498
2499 switch (params->sec_channel_offset) {
2500 case 1:
2501 if (params->freq + 70 != params->center_freq1 &&
2502 params->freq + 30 != params->center_freq1 &&
2503 params->freq - 10 != params->center_freq1 &&
2504 params->freq - 50 != params->center_freq1)
2505 return -1;
2506 break;
2507 case -1:
2508 if (params->freq + 50 != params->center_freq1 &&
2509 params->freq + 10 != params->center_freq1 &&
2510 params->freq - 30 != params->center_freq1 &&
2511 params->freq - 70 != params->center_freq1)
2512 return -1;
2513 break;
2514 default:
2515 return -1;
2516 }
2517 break;
2518 default:
2519 return -1;
2520 }
2521
2522 return 0;
2523 }
2524
2525
2526 static int hostapd_ctrl_iface_chan_switch(struct hostapd_iface *iface,
2527 char *pos)
2528 {
2529 #ifdef NEED_AP_MLME
2530 struct csa_settings settings;
2531 int ret;
2532 int dfs_range = 0;
2533 unsigned int i;
2534 int bandwidth;
2535 u8 chan;
2536
2537 ret = hostapd_parse_csa_settings(pos, &settings);
2538 if (ret)
2539 return ret;
2540
2541 ret = hostapd_ctrl_check_freq_params(&settings.freq_params);
2542 if (ret) {
2543 wpa_printf(MSG_INFO,
2544 "chanswitch: invalid frequency settings provided");
2545 return ret;
2546 }
2547
2548 switch (settings.freq_params.bandwidth) {
2549 case 40:
2550 bandwidth = CHAN_WIDTH_40;
2551 break;
2552 case 80:
2553 if (settings.freq_params.center_freq2)
2554 bandwidth = CHAN_WIDTH_80P80;
2555 else
2556 bandwidth = CHAN_WIDTH_80;
2557 break;
2558 case 160:
2559 bandwidth = CHAN_WIDTH_160;
2560 break;
2561 default:
2562 bandwidth = CHAN_WIDTH_20;
2563 break;
2564 }
2565
2566 if (settings.freq_params.center_freq1)
2567 dfs_range += hostapd_is_dfs_overlap(
2568 iface, bandwidth, settings.freq_params.center_freq1);
2569 else
2570 dfs_range += hostapd_is_dfs_overlap(
2571 iface, bandwidth, settings.freq_params.freq);
2572
2573 if (settings.freq_params.center_freq2)
2574 dfs_range += hostapd_is_dfs_overlap(
2575 iface, bandwidth, settings.freq_params.center_freq2);
2576
2577 if (dfs_range) {
2578 ret = ieee80211_freq_to_chan(settings.freq_params.freq, &chan);
2579 if (ret == NUM_HOSTAPD_MODES) {
2580 wpa_printf(MSG_ERROR,
2581 "Failed to get channel for (freq=%d, sec_channel_offset=%d, bw=%d)",
2582 settings.freq_params.freq,
2583 settings.freq_params.sec_channel_offset,
2584 settings.freq_params.bandwidth);
2585 return -1;
2586 }
2587
2588 settings.freq_params.channel = chan;
2589
2590 wpa_printf(MSG_DEBUG,
2591 "DFS/CAC to (channel=%u, freq=%d, sec_channel_offset=%d, bw=%d, center_freq1=%d)",
2592 settings.freq_params.channel,
2593 settings.freq_params.freq,
2594 settings.freq_params.sec_channel_offset,
2595 settings.freq_params.bandwidth,
2596 settings.freq_params.center_freq1);
2597
2598 /* Perform CAC and switch channel */
2599 hostapd_switch_channel_fallback(iface, &settings.freq_params);
2600 return 0;
2601 }
2602
2603 for (i = 0; i < iface->num_bss; i++) {
2604
2605 /* Save CHAN_SWITCH VHT config */
2606 hostapd_chan_switch_vht_config(
2607 iface->bss[i], settings.freq_params.vht_enabled);
2608
2609 ret = hostapd_switch_channel(iface->bss[i], &settings);
2610 if (ret) {
2611 /* FIX: What do we do if CSA fails in the middle of
2612 * submitting multi-BSS CSA requests? */
2613 return ret;
2614 }
2615 }
2616
2617 return 0;
2618 #else /* NEED_AP_MLME */
2619 return -1;
2620 #endif /* NEED_AP_MLME */
2621 }
2622
2623
2624 static int hostapd_ctrl_iface_mib(struct hostapd_data *hapd, char *reply,
2625 int reply_size, const char *param)
2626 {
2627 #ifdef RADIUS_SERVER
2628 if (os_strcmp(param, "radius_server") == 0) {
2629 return radius_server_get_mib(hapd->radius_srv, reply,
2630 reply_size);
2631 }
2632 #endif /* RADIUS_SERVER */
2633 return -1;
2634 }
2635
2636
2637 static int hostapd_ctrl_iface_vendor(struct hostapd_data *hapd, char *cmd,
2638 char *buf, size_t buflen)
2639 {
2640 int ret;
2641 char *pos;
2642 u8 *data = NULL;
2643 unsigned int vendor_id, subcmd;
2644 struct wpabuf *reply;
2645 size_t data_len = 0;
2646
2647 /* cmd: <vendor id> <subcommand id> [<hex formatted data>] */
2648 vendor_id = strtoul(cmd, &pos, 16);
2649 if (!isblank((unsigned char) *pos))
2650 return -EINVAL;
2651
2652 subcmd = strtoul(pos, &pos, 10);
2653
2654 if (*pos != '\0') {
2655 if (!isblank((unsigned char) *pos++))
2656 return -EINVAL;
2657 data_len = os_strlen(pos);
2658 }
2659
2660 if (data_len) {
2661 data_len /= 2;
2662 data = os_malloc(data_len);
2663 if (!data)
2664 return -ENOBUFS;
2665
2666 if (hexstr2bin(pos, data, data_len)) {
2667 wpa_printf(MSG_DEBUG,
2668 "Vendor command: wrong parameter format");
2669 os_free(data);
2670 return -EINVAL;
2671 }
2672 }
2673
2674 reply = wpabuf_alloc((buflen - 1) / 2);
2675 if (!reply) {
2676 os_free(data);
2677 return -ENOBUFS;
2678 }
2679
2680 ret = hostapd_drv_vendor_cmd(hapd, vendor_id, subcmd, data, data_len,
2681 reply);
2682
2683 if (ret == 0)
2684 ret = wpa_snprintf_hex(buf, buflen, wpabuf_head_u8(reply),
2685 wpabuf_len(reply));
2686
2687 wpabuf_free(reply);
2688 os_free(data);
2689
2690 return ret;
2691 }
2692
2693
2694 static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd,
2695 const char *cmd)
2696 {
2697 u8 addr[ETH_ALEN];
2698 struct sta_info *sta;
2699
2700 if (hwaddr_aton(cmd, addr))
2701 return -1;
2702
2703 sta = ap_get_sta(hapd, addr);
2704 if (!sta || !sta->eapol_sm)
2705 return -1;
2706
2707 eapol_auth_reauthenticate(sta->eapol_sm);
2708 return 0;
2709 }
2710
2711
2712 static int hostapd_ctrl_iface_eapol_set(struct hostapd_data *hapd, char *cmd)
2713 {
2714 u8 addr[ETH_ALEN];
2715 struct sta_info *sta;
2716 char *pos = cmd, *param;
2717
2718 if (hwaddr_aton(pos, addr) || pos[17] != ' ')
2719 return -1;
2720 pos += 18;
2721 param = pos;
2722 pos = os_strchr(pos, ' ');
2723 if (!pos)
2724 return -1;
2725 *pos++ = '\0';
2726
2727 sta = ap_get_sta(hapd, addr);
2728 if (!sta || !sta->eapol_sm)
2729 return -1;
2730
2731 return eapol_auth_set_conf(sta->eapol_sm, param, pos);
2732 }
2733
2734
2735 static int hostapd_ctrl_iface_log_level(struct hostapd_data *hapd, char *cmd,
2736 char *buf, size_t buflen)
2737 {
2738 char *pos, *end, *stamp;
2739 int ret;
2740
2741 /* cmd: "LOG_LEVEL [<level>]" */
2742 if (*cmd == '\0') {
2743 pos = buf;
2744 end = buf + buflen;
2745 ret = os_snprintf(pos, end - pos, "Current level: %s\n"
2746 "Timestamp: %d\n",
2747 debug_level_str(wpa_debug_level),
2748 wpa_debug_timestamp);
2749 if (os_snprintf_error(end - pos, ret))
2750 ret = 0;
2751
2752 return ret;
2753 }
2754
2755 while (*cmd == ' ')
2756 cmd++;
2757
2758 stamp = os_strchr(cmd, ' ');
2759 if (stamp) {
2760 *stamp++ = '\0';
2761 while (*stamp == ' ') {
2762 stamp++;
2763 }
2764 }
2765
2766 if (os_strlen(cmd)) {
2767 int level = str_to_debug_level(cmd);
2768 if (level < 0)
2769 return -1;
2770 wpa_debug_level = level;
2771 }
2772
2773 if (stamp && os_strlen(stamp))
2774 wpa_debug_timestamp = atoi(stamp);
2775
2776 os_memcpy(buf, "OK\n", 3);
2777 return 3;
2778 }
2779
2780
2781 #ifdef NEED_AP_MLME
2782 static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd,
2783 char *buf, size_t buflen)
2784 {
2785 struct hostapd_iface *iface = hapd->iface;
2786 char *pos, *end;
2787 struct hostapd_sta_info *info;
2788 struct os_reltime now;
2789
2790 if (!iface->num_sta_seen)
2791 return 0;
2792
2793 sta_track_expire(iface, 0);
2794
2795 pos = buf;
2796 end = buf + buflen;
2797
2798 os_get_reltime(&now);
2799 dl_list_for_each_reverse(info, &iface->sta_seen,
2800 struct hostapd_sta_info, list) {
2801 struct os_reltime age;
2802 int ret;
2803
2804 os_reltime_sub(&now, &info->last_seen, &age);
2805 ret = os_snprintf(pos, end - pos, MACSTR " %u %d\n",
2806 MAC2STR(info->addr), (unsigned int) age.sec,
2807 info->ssi_signal);
2808 if (os_snprintf_error(end - pos, ret))
2809 break;
2810 pos += ret;
2811 }
2812
2813 return pos - buf;
2814 }
2815 #endif /* NEED_AP_MLME */
2816
2817
2818 static int hostapd_ctrl_iface_req_lci(struct hostapd_data *hapd,
2819 const char *cmd)
2820 {
2821 u8 addr[ETH_ALEN];
2822
2823 if (hwaddr_aton(cmd, addr)) {
2824 wpa_printf(MSG_INFO, "CTRL: REQ_LCI: Invalid MAC address");
2825 return -1;
2826 }
2827
2828 return hostapd_send_lci_req(hapd, addr);
2829 }
2830
2831
2832 static int hostapd_ctrl_iface_req_range(struct hostapd_data *hapd, char *cmd)
2833 {
2834 u8 addr[ETH_ALEN];
2835 char *token, *context = NULL;
2836 int random_interval, min_ap;
2837 u8 responders[ETH_ALEN * RRM_RANGE_REQ_MAX_RESPONDERS];
2838 unsigned int n_responders;
2839
2840 token = str_token(cmd, " ", &context);
2841 if (!token || hwaddr_aton(token, addr)) {
2842 wpa_printf(MSG_INFO,
2843 "CTRL: REQ_RANGE - Bad destination address");
2844 return -1;
2845 }
2846
2847 token = str_token(cmd, " ", &context);
2848 if (!token)
2849 return -1;
2850
2851 random_interval = atoi(token);
2852 if (random_interval < 0 || random_interval > 0xffff)
2853 return -1;
2854
2855 token = str_token(cmd, " ", &context);
2856 if (!token)
2857 return -1;
2858
2859 min_ap = atoi(token);
2860 if (min_ap <= 0 || min_ap > WLAN_RRM_RANGE_REQ_MAX_MIN_AP)
2861 return -1;
2862
2863 n_responders = 0;
2864 while ((token = str_token(cmd, " ", &context))) {
2865 if (n_responders == RRM_RANGE_REQ_MAX_RESPONDERS) {
2866 wpa_printf(MSG_INFO,
2867 "CTRL: REQ_RANGE: Too many responders");
2868 return -1;
2869 }
2870
2871 if (hwaddr_aton(token, responders + n_responders * ETH_ALEN)) {
2872 wpa_printf(MSG_INFO,
2873 "CTRL: REQ_RANGE: Bad responder address");
2874 return -1;
2875 }
2876
2877 n_responders++;
2878 }
2879
2880 if (!n_responders) {
2881 wpa_printf(MSG_INFO,
2882 "CTRL: REQ_RANGE - No FTM responder address");
2883 return -1;
2884 }
2885
2886 return hostapd_send_range_req(hapd, addr, random_interval, min_ap,
2887 responders, n_responders);
2888 }
2889
2890
2891 static int hostapd_ctrl_iface_req_beacon(struct hostapd_data *hapd,
2892 const char *cmd, char *reply,
2893 size_t reply_size)
2894 {
2895 u8 addr[ETH_ALEN];
2896 const char *pos;
2897 struct wpabuf *req;
2898 int ret;
2899 u8 req_mode = 0;
2900
2901 if (hwaddr_aton(cmd, addr))
2902 return -1;
2903 pos = os_strchr(cmd, ' ');
2904 if (!pos)
2905 return -1;
2906 pos++;
2907 if (os_strncmp(pos, "req_mode=", 9) == 0) {
2908 int val = hex2byte(pos + 9);
2909
2910 if (val < 0)
2911 return -1;
2912 req_mode = val;
2913 pos += 11;
2914 pos = os_strchr(pos, ' ');
2915 if (!pos)
2916 return -1;
2917 pos++;
2918 }
2919 req = wpabuf_parse_bin(pos);
2920 if (!req)
2921 return -1;
2922
2923 ret = hostapd_send_beacon_req(hapd, addr, req_mode, req);
2924 wpabuf_free(req);
2925 if (ret >= 0)
2926 ret = os_snprintf(reply, reply_size, "%d", ret);
2927 return ret;
2928 }
2929
2930
2931 static int hostapd_ctrl_iface_show_neighbor(struct hostapd_data *hapd,
2932 char *buf, size_t buflen)
2933 {
2934 if (!(hapd->conf->radio_measurements[0] &
2935 WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
2936 wpa_printf(MSG_ERROR,
2937 "CTRL: SHOW_NEIGHBOR: Neighbor report is not enabled");
2938 return -1;
2939 }
2940
2941 return hostapd_neighbor_show(hapd, buf, buflen);
2942 }
2943
2944
2945 static int hostapd_ctrl_iface_set_neighbor(struct hostapd_data *hapd, char *buf)
2946 {
2947 struct wpa_ssid_value ssid;
2948 u8 bssid[ETH_ALEN];
2949 struct wpabuf *nr, *lci = NULL, *civic = NULL;
2950 int stationary = 0;
2951 char *tmp;
2952 int ret;
2953
2954 if (!(hapd->conf->radio_measurements[0] &
2955 WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
2956 wpa_printf(MSG_ERROR,
2957 "CTRL: SET_NEIGHBOR: Neighbor report is not enabled");
2958 return -1;
2959 }
2960
2961 if (hwaddr_aton(buf, bssid)) {
2962 wpa_printf(MSG_ERROR, "CTRL: SET_NEIGHBOR: Bad BSSID");
2963 return -1;
2964 }
2965
2966 tmp = os_strstr(buf, "ssid=");
2967 if (!tmp || ssid_parse(tmp + 5, &ssid)) {
2968 wpa_printf(MSG_ERROR,
2969 "CTRL: SET_NEIGHBOR: Bad or missing SSID");
2970 return -1;
2971 }
2972 buf = os_strchr(tmp + 6, tmp[5] == '"' ? '"' : ' ');
2973 if (!buf)
2974 return -1;
2975
2976 tmp = os_strstr(buf, "nr=");
2977 if (!tmp) {
2978 wpa_printf(MSG_ERROR,
2979 "CTRL: SET_NEIGHBOR: Missing Neighbor Report element");
2980 return -1;
2981 }
2982
2983 buf = os_strchr(tmp, ' ');
2984 if (buf)
2985 *buf++ = '\0';
2986
2987 nr = wpabuf_parse_bin(tmp + 3);
2988 if (!nr) {
2989 wpa_printf(MSG_ERROR,
2990 "CTRL: SET_NEIGHBOR: Bad Neighbor Report element");
2991 return -1;
2992 }
2993
2994 if (!buf)
2995 goto set;
2996
2997 tmp = os_strstr(buf, "lci=");
2998 if (tmp) {
2999 buf = os_strchr(tmp, ' ');
3000 if (buf)
3001 *buf++ = '\0';
3002 lci = wpabuf_parse_bin(tmp + 4);
3003 if (!lci) {
3004 wpa_printf(MSG_ERROR,
3005 "CTRL: SET_NEIGHBOR: Bad LCI subelement");
3006 wpabuf_free(nr);
3007 return -1;
3008 }
3009 }
3010
3011 if (!buf)
3012 goto set;
3013
3014 tmp = os_strstr(buf, "civic=");
3015 if (tmp) {
3016 buf = os_strchr(tmp, ' ');
3017 if (buf)
3018 *buf++ = '\0';
3019 civic = wpabuf_parse_bin(tmp + 6);
3020 if (!civic) {
3021 wpa_printf(MSG_ERROR,
3022 "CTRL: SET_NEIGHBOR: Bad civic subelement");
3023 wpabuf_free(nr);
3024 wpabuf_free(lci);
3025 return -1;
3026 }
3027 }
3028
3029 if (!buf)
3030 goto set;
3031
3032 if (os_strstr(buf, "stat"))
3033 stationary = 1;
3034
3035 set:
3036 ret = hostapd_neighbor_set(hapd, bssid, &ssid, nr, lci, civic,
3037 stationary);
3038
3039 wpabuf_free(nr);
3040 wpabuf_free(lci);
3041 wpabuf_free(civic);
3042
3043 return ret;
3044 }
3045
3046
3047 static int hostapd_ctrl_iface_remove_neighbor(struct hostapd_data *hapd,
3048 char *buf)
3049 {
3050 struct wpa_ssid_value ssid;
3051 struct wpa_ssid_value *ssidp = NULL;
3052 u8 bssid[ETH_ALEN];
3053 char *tmp;
3054
3055 if (hwaddr_aton(buf, bssid)) {
3056 wpa_printf(MSG_ERROR, "CTRL: REMOVE_NEIGHBOR: Bad BSSID");
3057 return -1;
3058 }
3059
3060 tmp = os_strstr(buf, "ssid=");
3061 if (tmp) {
3062 ssidp = &ssid;
3063 if (ssid_parse(tmp + 5, &ssid)) {
3064 wpa_printf(MSG_ERROR,
3065 "CTRL: REMOVE_NEIGHBOR: Bad SSID");
3066 return -1;
3067 }
3068 }
3069
3070 return hostapd_neighbor_remove(hapd, bssid, ssidp);
3071 }
3072
3073
3074 static int hostapd_ctrl_driver_flags(struct hostapd_iface *iface, char *buf,
3075 size_t buflen)
3076 {
3077 int ret, i;
3078 char *pos, *end;
3079
3080 ret = os_snprintf(buf, buflen, "%016llX:\n",
3081 (long long unsigned) iface->drv_flags);
3082 if (os_snprintf_error(buflen, ret))
3083 return -1;
3084
3085 pos = buf + ret;
3086 end = buf + buflen;
3087
3088 for (i = 0; i < 64; i++) {
3089 if (iface->drv_flags & (1LLU << i)) {
3090 ret = os_snprintf(pos, end - pos, "%s\n",
3091 driver_flag_to_string(1LLU << i));
3092 if (os_snprintf_error(end - pos, ret))
3093 return -1;
3094 pos += ret;
3095 }
3096 }
3097
3098 return pos - buf;
3099 }
3100
3101
3102 static int hostapd_ctrl_iface_acl_del_mac(struct mac_acl_entry **acl, int *num,
3103 const char *txtaddr)
3104 {
3105 u8 addr[ETH_ALEN];
3106 struct vlan_description vlan_id;
3107
3108 if (!(*num))
3109 return 0;
3110
3111 if (hwaddr_aton(txtaddr, addr))
3112 return -1;
3113
3114 if (hostapd_maclist_found(*acl, *num, addr, &vlan_id))
3115 hostapd_remove_acl_mac(acl, num, addr);
3116
3117 return 0;
3118 }
3119
3120
3121 static void hostapd_ctrl_iface_acl_clear_list(struct mac_acl_entry **acl,
3122 int *num)
3123 {
3124 while (*num)
3125 hostapd_remove_acl_mac(acl, num, (*acl)[0].addr);
3126 }
3127
3128
3129 static int hostapd_ctrl_iface_acl_show_mac(struct mac_acl_entry *acl, int num,
3130 char *buf, size_t buflen)
3131 {
3132 int i = 0, len = 0, ret = 0;
3133
3134 if (!acl)
3135 return 0;
3136
3137 while (i < num) {
3138 ret = os_snprintf(buf + len, buflen - len,
3139 MACSTR " VLAN_ID=%d\n",
3140 MAC2STR(acl[i].addr),
3141 acl[i].vlan_id.untagged);
3142 if (ret < 0 || (size_t) ret >= buflen - len)
3143 return len;
3144 i++;
3145 len += ret;
3146 }
3147 return len;
3148 }
3149
3150
3151 static int hostapd_ctrl_iface_acl_add_mac(struct mac_acl_entry **acl, int *num,
3152 const char *cmd)
3153 {
3154 u8 addr[ETH_ALEN];
3155 struct vlan_description vlan_id;
3156 int ret = 0, vlanid = 0;
3157 const char *pos;
3158
3159 if (hwaddr_aton(cmd, addr))
3160 return -1;
3161
3162 pos = os_strstr(cmd, "VLAN_ID=");
3163 if (pos)
3164 vlanid = atoi(pos + 8);
3165
3166 if (!hostapd_maclist_found(*acl, *num, addr, &vlan_id)) {
3167 ret = hostapd_add_acl_maclist(acl, num, vlanid, addr);
3168 if (ret != -1 && *acl)
3169 qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
3170 }
3171
3172 return ret < 0 ? -1 : 0;
3173 }
3174
3175
3176 static int hostapd_ctrl_iface_get_capability(struct hostapd_data *hapd,
3177 const char *field, char *buf,
3178 size_t buflen)
3179 {
3180 wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_CAPABILITY '%s'", field);
3181
3182 #ifdef CONFIG_DPP
3183 if (os_strcmp(field, "dpp") == 0) {
3184 int res;
3185
3186 #ifdef CONFIG_DPP2
3187 res = os_snprintf(buf, buflen, "DPP=2");
3188 #else /* CONFIG_DPP2 */
3189 res = os_snprintf(buf, buflen, "DPP=1");
3190 #endif /* CONFIG_DPP2 */
3191 if (os_snprintf_error(buflen, res))
3192 return -1;
3193 return res;
3194 }
3195 #endif /* CONFIG_DPP */
3196
3197 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown GET_CAPABILITY field '%s'",
3198 field);
3199
3200 return -1;
3201 }
3202
3203
3204 static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd,
3205 char *buf, char *reply,
3206 int reply_size,
3207 struct sockaddr_storage *from,
3208 socklen_t fromlen)
3209 {
3210 int reply_len, res;
3211
3212 os_memcpy(reply, "OK\n", 3);
3213 reply_len = 3;
3214
3215 if (os_strcmp(buf, "PING") == 0) {
3216 os_memcpy(reply, "PONG\n", 5);
3217 reply_len = 5;
3218 } else if (os_strncmp(buf, "RELOG", 5) == 0) {
3219 if (wpa_debug_reopen_file() < 0)
3220 reply_len = -1;
3221 } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
3222 wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
3223 } else if (os_strcmp(buf, "STATUS") == 0) {
3224 reply_len = hostapd_ctrl_iface_status(hapd, reply,
3225 reply_size);
3226 } else if (os_strcmp(buf, "STATUS-DRIVER") == 0) {
3227 reply_len = hostapd_drv_status(hapd, reply, reply_size);
3228 } else if (os_strcmp(buf, "MIB") == 0) {
3229 reply_len = ieee802_11_get_mib(hapd, reply, reply_size);
3230 if (reply_len >= 0) {
3231 res = wpa_get_mib(hapd->wpa_auth, reply + reply_len,
3232 reply_size - reply_len);
3233 if (res < 0)
3234 reply_len = -1;
3235 else
3236 reply_len += res;
3237 }
3238 if (reply_len >= 0) {
3239 res = ieee802_1x_get_mib(hapd, reply + reply_len,
3240 reply_size - reply_len);
3241 if (res < 0)
3242 reply_len = -1;
3243 else
3244 reply_len += res;
3245 }
3246 #ifndef CONFIG_NO_RADIUS
3247 if (reply_len >= 0) {
3248 res = radius_client_get_mib(hapd->radius,
3249 reply + reply_len,
3250 reply_size - reply_len);
3251 if (res < 0)
3252 reply_len = -1;
3253 else
3254 reply_len += res;
3255 }
3256 #endif /* CONFIG_NO_RADIUS */
3257 } else if (os_strncmp(buf, "MIB ", 4) == 0) {
3258 reply_len = hostapd_ctrl_iface_mib(hapd, reply, reply_size,
3259 buf + 4);
3260 } else if (os_strcmp(buf, "STA-FIRST") == 0) {
3261 reply_len = hostapd_ctrl_iface_sta_first(hapd, reply,
3262 reply_size);
3263 } else if (os_strncmp(buf, "STA ", 4) == 0) {
3264 reply_len = hostapd_ctrl_iface_sta(hapd, buf + 4, reply,
3265 reply_size);
3266 } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
3267 reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply,
3268 reply_size);
3269 } else if (os_strcmp(buf, "ATTACH") == 0) {
3270 if (hostapd_ctrl_iface_attach(hapd, from, fromlen, NULL))
3271 reply_len = -1;
3272 } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
3273 if (hostapd_ctrl_iface_attach(hapd, from, fromlen, buf + 7))
3274 reply_len = -1;
3275 } else if (os_strcmp(buf, "DETACH") == 0) {
3276 if (hostapd_ctrl_iface_detach(hapd, from, fromlen))
3277 reply_len = -1;
3278 } else if (os_strncmp(buf, "LEVEL ", 6) == 0) {
3279 if (hostapd_ctrl_iface_level(hapd, from, fromlen,
3280 buf + 6))
3281 reply_len = -1;
3282 } else if (os_strncmp(buf, "NEW_STA ", 8) == 0) {
3283 if (hostapd_ctrl_iface_new_sta(hapd, buf + 8))
3284 reply_len = -1;
3285 } else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
3286 if (hostapd_ctrl_iface_deauthenticate(hapd, buf + 15))
3287 reply_len = -1;
3288 } else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
3289 if (hostapd_ctrl_iface_disassociate(hapd, buf + 13))
3290 reply_len = -1;
3291 #ifdef CONFIG_TAXONOMY
3292 } else if (os_strncmp(buf, "SIGNATURE ", 10) == 0) {
3293 reply_len = hostapd_ctrl_iface_signature(hapd, buf + 10,
3294 reply, reply_size);
3295 #endif /* CONFIG_TAXONOMY */
3296 } else if (os_strncmp(buf, "POLL_STA ", 9) == 0) {
3297 if (hostapd_ctrl_iface_poll_sta(hapd, buf + 9))
3298 reply_len = -1;
3299 } else if (os_strcmp(buf, "STOP_AP") == 0) {
3300 if (hostapd_ctrl_iface_stop_ap(hapd))
3301 reply_len = -1;
3302 #ifdef NEED_AP_MLME
3303 } else if (os_strncmp(buf, "SA_QUERY ", 9) == 0) {
3304 if (hostapd_ctrl_iface_sa_query(hapd, buf + 9))
3305 reply_len = -1;
3306 #endif /* NEED_AP_MLME */
3307 #ifdef CONFIG_WPS
3308 } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
3309 if (hostapd_ctrl_iface_wps_pin(hapd, buf + 8))
3310 reply_len = -1;
3311 } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) {
3312 reply_len = hostapd_ctrl_iface_wps_check_pin(
3313 hapd, buf + 14, reply, reply_size);
3314 } else if (os_strcmp(buf, "WPS_PBC") == 0) {
3315 if (hostapd_wps_button_pushed(hapd, NULL))
3316 reply_len = -1;
3317 } else if (os_strcmp(buf, "WPS_CANCEL") == 0) {
3318 if (hostapd_wps_cancel(hapd))
3319 reply_len = -1;
3320 } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
3321 reply_len = hostapd_ctrl_iface_wps_ap_pin(hapd, buf + 11,
3322 reply, reply_size);
3323 } else if (os_strncmp(buf, "WPS_CONFIG ", 11) == 0) {
3324 if (hostapd_ctrl_iface_wps_config(hapd, buf + 11) < 0)
3325 reply_len = -1;
3326 } else if (os_strncmp(buf, "WPS_GET_STATUS", 13) == 0) {
3327 reply_len = hostapd_ctrl_iface_wps_get_status(hapd, reply,
3328 reply_size);
3329 #ifdef CONFIG_WPS_NFC
3330 } else if (os_strncmp(buf, "WPS_NFC_TAG_READ ", 17) == 0) {
3331 if (hostapd_ctrl_iface_wps_nfc_tag_read(hapd, buf + 17))
3332 reply_len = -1;
3333 } else if (os_strncmp(buf, "WPS_NFC_CONFIG_TOKEN ", 21) == 0) {
3334 reply_len = hostapd_ctrl_iface_wps_nfc_config_token(
3335 hapd, buf + 21, reply, reply_size);
3336 } else if (os_strncmp(buf, "WPS_NFC_TOKEN ", 14) == 0) {
3337 reply_len = hostapd_ctrl_iface_wps_nfc_token(
3338 hapd, buf + 14, reply, reply_size);
3339 } else if (os_strncmp(buf, "NFC_GET_HANDOVER_SEL ", 21) == 0) {
3340 reply_len = hostapd_ctrl_iface_nfc_get_handover_sel(
3341 hapd, buf + 21, reply, reply_size);
3342 } else if (os_strncmp(buf, "NFC_REPORT_HANDOVER ", 20) == 0) {
3343 if (hostapd_ctrl_iface_nfc_report_handover(hapd, buf + 20))
3344 reply_len = -1;
3345 #endif /* CONFIG_WPS_NFC */
3346 #endif /* CONFIG_WPS */
3347 #ifdef CONFIG_INTERWORKING
3348 } else if (os_strncmp(buf, "SET_QOS_MAP_SET ", 16) == 0) {
3349 if (hostapd_ctrl_iface_set_qos_map_set(hapd, buf + 16))
3350 reply_len = -1;
3351 } else if (os_strncmp(buf, "SEND_QOS_MAP_CONF ", 18) == 0) {
3352 if (hostapd_ctrl_iface_send_qos_map_conf(hapd, buf + 18))
3353 reply_len = -1;
3354 #endif /* CONFIG_INTERWORKING */
3355 #ifdef CONFIG_HS20
3356 } else if (os_strncmp(buf, "HS20_WNM_NOTIF ", 15) == 0) {
3357 if (hostapd_ctrl_iface_hs20_wnm_notif(hapd, buf + 15))
3358 reply_len = -1;
3359 } else if (os_strncmp(buf, "HS20_DEAUTH_REQ ", 16) == 0) {
3360 if (hostapd_ctrl_iface_hs20_deauth_req(hapd, buf + 16))
3361 reply_len = -1;
3362 #endif /* CONFIG_HS20 */
3363 #ifdef CONFIG_WNM_AP
3364 } else if (os_strncmp(buf, "DISASSOC_IMMINENT ", 18) == 0) {
3365 if (hostapd_ctrl_iface_disassoc_imminent(hapd, buf + 18))
3366 reply_len = -1;
3367 } else if (os_strncmp(buf, "ESS_DISASSOC ", 13) == 0) {
3368 if (hostapd_ctrl_iface_ess_disassoc(hapd, buf + 13))
3369 reply_len = -1;
3370 } else if (os_strncmp(buf, "BSS_TM_REQ ", 11) == 0) {
3371 if (hostapd_ctrl_iface_bss_tm_req(hapd, buf + 11))
3372 reply_len = -1;
3373 } else if (os_strncmp(buf, "COLOC_INTF_REQ ", 15) == 0) {
3374 if (hostapd_ctrl_iface_coloc_intf_req(hapd, buf + 15))
3375 reply_len = -1;
3376 #endif /* CONFIG_WNM_AP */
3377 } else if (os_strcmp(buf, "GET_CONFIG") == 0) {
3378 reply_len = hostapd_ctrl_iface_get_config(hapd, reply,
3379 reply_size);
3380 } else if (os_strncmp(buf, "SET ", 4) == 0) {
3381 if (hostapd_ctrl_iface_set(hapd, buf + 4))
3382 reply_len = -1;
3383 } else if (os_strncmp(buf, "GET ", 4) == 0) {
3384 reply_len = hostapd_ctrl_iface_get(hapd, buf + 4, reply,
3385 reply_size);
3386 } else if (os_strncmp(buf, "ENABLE", 6) == 0) {
3387 if (hostapd_ctrl_iface_enable(hapd->iface))
3388 reply_len = -1;
3389 } else if (os_strcmp(buf, "RELOAD_WPA_PSK") == 0) {
3390 if (hostapd_ctrl_iface_reload_wpa_psk(hapd))
3391 reply_len = -1;
3392 } else if (os_strncmp(buf, "RELOAD", 6) == 0) {
3393 if (hostapd_ctrl_iface_reload(hapd->iface))
3394 reply_len = -1;
3395 } else if (os_strncmp(buf, "DISABLE", 7) == 0) {
3396 if (hostapd_ctrl_iface_disable(hapd->iface))
3397 reply_len = -1;
3398 } else if (os_strcmp(buf, "UPDATE_BEACON") == 0) {
3399 if (ieee802_11_set_beacon(hapd))
3400 reply_len = -1;
3401 #ifdef CONFIG_TESTING_OPTIONS
3402 } else if (os_strncmp(buf, "RADAR ", 6) == 0) {
3403 if (hostapd_ctrl_iface_radar(hapd, buf + 6))
3404 reply_len = -1;
3405 } else if (os_strncmp(buf, "MGMT_TX ", 8) == 0) {
3406 if (hostapd_ctrl_iface_mgmt_tx(hapd, buf + 8))
3407 reply_len = -1;
3408 } else if (os_strncmp(buf, "MGMT_TX_STATUS_PROCESS ", 23) == 0) {
3409 if (hostapd_ctrl_iface_mgmt_tx_status_process(hapd,
3410 buf + 23) < 0)
3411 reply_len = -1;
3412 } else if (os_strncmp(buf, "MGMT_RX_PROCESS ", 16) == 0) {
3413 if (hostapd_ctrl_iface_mgmt_rx_process(hapd, buf + 16) < 0)
3414 reply_len = -1;
3415 } else if (os_strncmp(buf, "EAPOL_RX ", 9) == 0) {
3416 if (hostapd_ctrl_iface_eapol_rx(hapd, buf + 9) < 0)
3417 reply_len = -1;
3418 } else if (os_strncmp(buf, "DATA_TEST_CONFIG ", 17) == 0) {
3419 if (hostapd_ctrl_iface_data_test_config(hapd, buf + 17) < 0)
3420 reply_len = -1;
3421 } else if (os_strncmp(buf, "DATA_TEST_TX ", 13) == 0) {
3422 if (hostapd_ctrl_iface_data_test_tx(hapd, buf + 13) < 0)
3423 reply_len = -1;
3424 } else if (os_strncmp(buf, "DATA_TEST_FRAME ", 16) == 0) {
3425 if (hostapd_ctrl_iface_data_test_frame(hapd, buf + 16) < 0)
3426 reply_len = -1;
3427 } else if (os_strncmp(buf, "TEST_ALLOC_FAIL ", 16) == 0) {
3428 if (hostapd_ctrl_test_alloc_fail(hapd, buf + 16) < 0)
3429 reply_len = -1;
3430 } else if (os_strcmp(buf, "GET_ALLOC_FAIL") == 0) {
3431 reply_len = hostapd_ctrl_get_alloc_fail(hapd, reply,
3432 reply_size);
3433 } else if (os_strncmp(buf, "TEST_FAIL ", 10) == 0) {
3434 if (hostapd_ctrl_test_fail(hapd, buf + 10) < 0)
3435 reply_len = -1;
3436 } else if (os_strcmp(buf, "GET_FAIL") == 0) {
3437 reply_len = hostapd_ctrl_get_fail(hapd, reply, reply_size);
3438 } else if (os_strncmp(buf, "RESET_PN ", 9) == 0) {
3439 if (hostapd_ctrl_reset_pn(hapd, buf + 9) < 0)
3440 reply_len = -1;
3441 } else if (os_strncmp(buf, "SET_KEY ", 8) == 0) {
3442 if (hostapd_ctrl_set_key(hapd, buf + 8) < 0)
3443 reply_len = -1;
3444 } else if (os_strncmp(buf, "RESEND_M1 ", 10) == 0) {
3445 if (hostapd_ctrl_resend_m1(hapd, buf + 10) < 0)
3446 reply_len = -1;
3447 } else if (os_strncmp(buf, "RESEND_M3 ", 10) == 0) {
3448 if (hostapd_ctrl_resend_m3(hapd, buf + 10) < 0)
3449 reply_len = -1;
3450 } else if (os_strncmp(buf, "RESEND_GROUP_M1 ", 16) == 0) {
3451 if (hostapd_ctrl_resend_group_m1(hapd, buf + 16) < 0)
3452 reply_len = -1;
3453 } else if (os_strcmp(buf, "REKEY_GTK") == 0) {
3454 if (wpa_auth_rekey_gtk(hapd->wpa_auth) < 0)
3455 reply_len = -1;
3456 } else if (os_strncmp(buf, "GET_PMK ", 8) == 0) {
3457 reply_len = hostapd_ctrl_get_pmk(hapd, buf + 8, reply,
3458 reply_size);
3459 #endif /* CONFIG_TESTING_OPTIONS */
3460 } else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) {
3461 if (hostapd_ctrl_iface_chan_switch(hapd->iface, buf + 12))
3462 reply_len = -1;
3463 } else if (os_strncmp(buf, "VENDOR ", 7) == 0) {
3464 reply_len = hostapd_ctrl_iface_vendor(hapd, buf + 7, reply,
3465 reply_size);
3466 } else if (os_strcmp(buf, "ERP_FLUSH") == 0) {
3467 ieee802_1x_erp_flush(hapd);
3468 #ifdef RADIUS_SERVER
3469 radius_server_erp_flush(hapd->radius_srv);
3470 #endif /* RADIUS_SERVER */
3471 } else if (os_strncmp(buf, "EAPOL_REAUTH ", 13) == 0) {
3472 if (hostapd_ctrl_iface_eapol_reauth(hapd, buf + 13))
3473 reply_len = -1;
3474 } else if (os_strncmp(buf, "EAPOL_SET ", 10) == 0) {
3475 if (hostapd_ctrl_iface_eapol_set(hapd, buf + 10))
3476 reply_len = -1;
3477 } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) {
3478 reply_len = hostapd_ctrl_iface_log_level(
3479 hapd, buf + 9, reply, reply_size);
3480 #ifdef NEED_AP_MLME
3481 } else if (os_strcmp(buf, "TRACK_STA_LIST") == 0) {
3482 reply_len = hostapd_ctrl_iface_track_sta_list(
3483 hapd, reply, reply_size);
3484 #endif /* NEED_AP_MLME */
3485 } else if (os_strcmp(buf, "PMKSA") == 0) {
3486 reply_len = hostapd_ctrl_iface_pmksa_list(hapd, reply,
3487 reply_size);
3488 } else if (os_strcmp(buf, "PMKSA_FLUSH") == 0) {
3489 hostapd_ctrl_iface_pmksa_flush(hapd);
3490 } else if (os_strncmp(buf, "PMKSA_ADD ", 10) == 0) {
3491 if (hostapd_ctrl_iface_pmksa_add(hapd, buf + 10) < 0)
3492 reply_len = -1;
3493 } else if (os_strncmp(buf, "SET_NEIGHBOR ", 13) == 0) {
3494 if (hostapd_ctrl_iface_set_neighbor(hapd, buf + 13))
3495 reply_len = -1;
3496 } else if (os_strcmp(buf, "SHOW_NEIGHBOR") == 0) {
3497 reply_len = hostapd_ctrl_iface_show_neighbor(hapd, reply,
3498 reply_size);
3499 } else if (os_strncmp(buf, "REMOVE_NEIGHBOR ", 16) == 0) {
3500 if (hostapd_ctrl_iface_remove_neighbor(hapd, buf + 16))
3501 reply_len = -1;
3502 } else if (os_strncmp(buf, "REQ_LCI ", 8) == 0) {
3503 if (hostapd_ctrl_iface_req_lci(hapd, buf + 8))
3504 reply_len = -1;
3505 } else if (os_strncmp(buf, "REQ_RANGE ", 10) == 0) {
3506 if (hostapd_ctrl_iface_req_range(hapd, buf + 10))
3507 reply_len = -1;
3508 } else if (os_strncmp(buf, "REQ_BEACON ", 11) == 0) {
3509 reply_len = hostapd_ctrl_iface_req_beacon(hapd, buf + 11,
3510 reply, reply_size);
3511 } else if (os_strcmp(buf, "DRIVER_FLAGS") == 0) {
3512 reply_len = hostapd_ctrl_driver_flags(hapd->iface, reply,
3513 reply_size);
3514 } else if (os_strcmp(buf, "TERMINATE") == 0) {
3515 eloop_terminate();
3516 } else if (os_strncmp(buf, "ACCEPT_ACL ", 11) == 0) {
3517 if (os_strncmp(buf + 11, "ADD_MAC ", 8) == 0) {
3518 if (!hostapd_ctrl_iface_acl_add_mac(
3519 &hapd->conf->accept_mac,
3520 &hapd->conf->num_accept_mac, buf + 19))
3521 hostapd_disassoc_accept_mac(hapd);
3522 else
3523 reply_len = -1;
3524 } else if (os_strncmp((buf + 11), "DEL_MAC ", 8) == 0) {
3525 hostapd_ctrl_iface_acl_del_mac(
3526 &hapd->conf->accept_mac,
3527 &hapd->conf->num_accept_mac, buf + 19);
3528 } else if (os_strcmp(buf + 11, "SHOW") == 0) {
3529 reply_len = hostapd_ctrl_iface_acl_show_mac(
3530 hapd->conf->accept_mac,
3531 hapd->conf->num_accept_mac, reply, reply_size);
3532 } else if (os_strcmp(buf + 11, "CLEAR") == 0) {
3533 hostapd_ctrl_iface_acl_clear_list(
3534 &hapd->conf->accept_mac,
3535 &hapd->conf->num_accept_mac);
3536 }
3537 } else if (os_strncmp(buf, "DENY_ACL ", 9) == 0) {
3538 if (os_strncmp(buf + 9, "ADD_MAC ", 8) == 0) {
3539 if (!hostapd_ctrl_iface_acl_add_mac(
3540 &hapd->conf->deny_mac,
3541 &hapd->conf->num_deny_mac, buf + 17))
3542 hostapd_disassoc_deny_mac(hapd);
3543 } else if (os_strncmp(buf + 9, "DEL_MAC ", 8) == 0) {
3544 hostapd_ctrl_iface_acl_del_mac(
3545 &hapd->conf->deny_mac,
3546 &hapd->conf->num_deny_mac, buf + 17);
3547 } else if (os_strcmp(buf + 9, "SHOW") == 0) {
3548 reply_len = hostapd_ctrl_iface_acl_show_mac(
3549 hapd->conf->deny_mac,
3550 hapd->conf->num_deny_mac, reply, reply_size);
3551 } else if (os_strcmp(buf + 9, "CLEAR") == 0) {
3552 hostapd_ctrl_iface_acl_clear_list(
3553 &hapd->conf->deny_mac,
3554 &hapd->conf->num_deny_mac);
3555 }
3556 #ifdef CONFIG_DPP
3557 } else if (os_strncmp(buf, "DPP_QR_CODE ", 12) == 0) {
3558 res = hostapd_dpp_qr_code(hapd, buf + 12);
3559 if (res < 0) {
3560 reply_len = -1;
3561 } else {
3562 reply_len = os_snprintf(reply, reply_size, "%d", res);
3563 if (os_snprintf_error(reply_size, reply_len))
3564 reply_len = -1;
3565 }
3566 } else if (os_strncmp(buf, "DPP_NFC_URI ", 12) == 0) {
3567 res = hostapd_dpp_nfc_uri(hapd, buf + 12);
3568 if (res < 0) {
3569 reply_len = -1;
3570 } else {
3571 reply_len = os_snprintf(reply, reply_size, "%d", res);
3572 if (os_snprintf_error(reply_size, reply_len))
3573 reply_len = -1;
3574 }
3575 } else if (os_strncmp(buf, "DPP_NFC_HANDOVER_REQ ", 21) == 0) {
3576 res = hostapd_dpp_nfc_handover_req(hapd, buf + 20);
3577 if (res < 0) {
3578 reply_len = -1;
3579 } else {
3580 reply_len = os_snprintf(reply, reply_size, "%d", res);
3581 if (os_snprintf_error(reply_size, reply_len))
3582 reply_len = -1;
3583 }
3584 } else if (os_strncmp(buf, "DPP_NFC_HANDOVER_SEL ", 21) == 0) {
3585 res = hostapd_dpp_nfc_handover_sel(hapd, buf + 20);
3586 if (res < 0) {
3587 reply_len = -1;
3588 } else {
3589 reply_len = os_snprintf(reply, reply_size, "%d", res);
3590 if (os_snprintf_error(reply_size, reply_len))
3591 reply_len = -1;
3592 }
3593 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GEN ", 18) == 0) {
3594 res = dpp_bootstrap_gen(hapd->iface->interfaces->dpp, buf + 18);
3595 if (res < 0) {
3596 reply_len = -1;
3597 } else {
3598 reply_len = os_snprintf(reply, reply_size, "%d", res);
3599 if (os_snprintf_error(reply_size, reply_len))
3600 reply_len = -1;
3601 }
3602 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_REMOVE ", 21) == 0) {
3603 if (dpp_bootstrap_remove(hapd->iface->interfaces->dpp,
3604 buf + 21) < 0)
3605 reply_len = -1;
3606 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_GET_URI ", 22) == 0) {
3607 const char *uri;
3608
3609 uri = dpp_bootstrap_get_uri(hapd->iface->interfaces->dpp,
3610 atoi(buf + 22));
3611 if (!uri) {
3612 reply_len = -1;
3613 } else {
3614 reply_len = os_snprintf(reply, reply_size, "%s", uri);
3615 if (os_snprintf_error(reply_size, reply_len))
3616 reply_len = -1;
3617 }
3618 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_INFO ", 19) == 0) {
3619 reply_len = dpp_bootstrap_info(hapd->iface->interfaces->dpp,
3620 atoi(buf + 19),
3621 reply, reply_size);
3622 } else if (os_strncmp(buf, "DPP_BOOTSTRAP_SET ", 18) == 0) {
3623 if (dpp_bootstrap_set(hapd->iface->interfaces->dpp,
3624 atoi(buf + 18),
3625 os_strchr(buf + 18, ' ')) < 0)
3626 reply_len = -1;
3627 } else if (os_strncmp(buf, "DPP_AUTH_INIT ", 14) == 0) {
3628 if (hostapd_dpp_auth_init(hapd, buf + 13) < 0)
3629 reply_len = -1;
3630 } else if (os_strncmp(buf, "DPP_LISTEN ", 11) == 0) {
3631 if (hostapd_dpp_listen(hapd, buf + 11) < 0)
3632 reply_len = -1;
3633 } else if (os_strcmp(buf, "DPP_STOP_LISTEN") == 0) {
3634 hostapd_dpp_stop(hapd);
3635 hostapd_dpp_listen_stop(hapd);
3636 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_ADD", 20) == 0) {
3637 res = dpp_configurator_add(hapd->iface->interfaces->dpp,
3638 buf + 20);
3639 if (res < 0) {
3640 reply_len = -1;
3641 } else {
3642 reply_len = os_snprintf(reply, reply_size, "%d", res);
3643 if (os_snprintf_error(reply_size, reply_len))
3644 reply_len = -1;
3645 }
3646 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_REMOVE ", 24) == 0) {
3647 if (dpp_configurator_remove(hapd->iface->interfaces->dpp,
3648 buf + 24) < 0)
3649 reply_len = -1;
3650 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_SIGN ", 22) == 0) {
3651 if (hostapd_dpp_configurator_sign(hapd, buf + 21) < 0)
3652 reply_len = -1;
3653 } else if (os_strncmp(buf, "DPP_CONFIGURATOR_GET_KEY ", 25) == 0) {
3654 reply_len = dpp_configurator_get_key_id(
3655 hapd->iface->interfaces->dpp,
3656 atoi(buf + 25),
3657 reply, reply_size);
3658 } else if (os_strncmp(buf, "DPP_PKEX_ADD ", 13) == 0) {
3659 res = hostapd_dpp_pkex_add(hapd, buf + 12);
3660 if (res < 0) {
3661 reply_len = -1;
3662 } else {
3663 reply_len = os_snprintf(reply, reply_size, "%d", res);
3664 if (os_snprintf_error(reply_size, reply_len))
3665 reply_len = -1;
3666 }
3667 } else if (os_strncmp(buf, "DPP_PKEX_REMOVE ", 16) == 0) {
3668 if (hostapd_dpp_pkex_remove(hapd, buf + 16) < 0)
3669 reply_len = -1;
3670 #endif /* CONFIG_DPP */
3671 #ifdef RADIUS_SERVER
3672 } else if (os_strncmp(buf, "DAC_REQUEST ", 12) == 0) {
3673 if (radius_server_dac_request(hapd->radius_srv, buf + 12) < 0)
3674 reply_len = -1;
3675 #endif /* RADIUS_SERVER */
3676 } else if (os_strncmp(buf, "GET_CAPABILITY ", 15) == 0) {
3677 reply_len = hostapd_ctrl_iface_get_capability(
3678 hapd, buf + 15, reply, reply_size);
3679 } else {
3680 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
3681 reply_len = 16;
3682 }
3683
3684 if (reply_len < 0) {
3685 os_memcpy(reply, "FAIL\n", 5);
3686 reply_len = 5;
3687 }
3688
3689 return reply_len;
3690 }
3691
3692
3693 static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx,
3694 void *sock_ctx)
3695 {
3696 struct hostapd_data *hapd = eloop_ctx;
3697 char buf[4096];
3698 int res;
3699 struct sockaddr_storage from;
3700 socklen_t fromlen = sizeof(from);
3701 char *reply, *pos = buf;
3702 const int reply_size = 4096;
3703 int reply_len;
3704 int level = MSG_DEBUG;
3705 #ifdef CONFIG_CTRL_IFACE_UDP
3706 unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
3707 #endif /* CONFIG_CTRL_IFACE_UDP */
3708
3709 res = recvfrom(sock, buf, sizeof(buf) - 1, 0,
3710 (struct sockaddr *) &from, &fromlen);
3711 if (res < 0) {
3712 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
3713 strerror(errno));
3714 return;
3715 }
3716 buf[res] = '\0';
3717
3718 reply = os_malloc(reply_size);
3719 if (reply == NULL) {
3720 if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
3721 fromlen) < 0) {
3722 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
3723 strerror(errno));
3724 }
3725 return;
3726 }
3727
3728 #ifdef CONFIG_CTRL_IFACE_UDP
3729 if (os_strcmp(buf, "GET_COOKIE") == 0) {
3730 os_memcpy(reply, "COOKIE=", 7);
3731 wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1,
3732 hapd->ctrl_iface_cookie,
3733 CTRL_IFACE_COOKIE_LEN);
3734 reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN;
3735 goto done;
3736 }
3737
3738 if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
3739 hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) {
3740 wpa_printf(MSG_DEBUG,
3741 "CTRL: No cookie in the request - drop request");
3742 os_free(reply);
3743 return;
3744 }
3745
3746 if (os_memcmp(hapd->ctrl_iface_cookie, lcookie,
3747 CTRL_IFACE_COOKIE_LEN) != 0) {
3748 wpa_printf(MSG_DEBUG,
3749 "CTRL: Invalid cookie in the request - drop request");
3750 os_free(reply);
3751 return;
3752 }
3753
3754 pos = buf + 7 + 2 * CTRL_IFACE_COOKIE_LEN;
3755 while (*pos == ' ')
3756 pos++;
3757 #endif /* CONFIG_CTRL_IFACE_UDP */
3758
3759 if (os_strcmp(pos, "PING") == 0)
3760 level = MSG_EXCESSIVE;
3761 wpa_hexdump_ascii(level, "RX ctrl_iface", pos, res);
3762
3763 reply_len = hostapd_ctrl_iface_receive_process(hapd, pos,
3764 reply, reply_size,
3765 &from, fromlen);
3766
3767 #ifdef CONFIG_CTRL_IFACE_UDP
3768 done:
3769 #endif /* CONFIG_CTRL_IFACE_UDP */
3770 if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
3771 fromlen) < 0) {
3772 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
3773 strerror(errno));
3774 }
3775 os_free(reply);
3776 }
3777
3778
3779 #ifndef CONFIG_CTRL_IFACE_UDP
3780 static char * hostapd_ctrl_iface_path(struct hostapd_data *hapd)
3781 {
3782 char *buf;
3783 size_t len;
3784
3785 if (hapd->conf->ctrl_interface == NULL)
3786 return NULL;
3787
3788 len = os_strlen(hapd->conf->ctrl_interface) +
3789 os_strlen(hapd->conf->iface) + 2;
3790 buf = os_malloc(len);
3791 if (buf == NULL)
3792 return NULL;
3793
3794 os_snprintf(buf, len, "%s/%s",
3795 hapd->conf->ctrl_interface, hapd->conf->iface);
3796 buf[len - 1] = '\0';
3797 return buf;
3798 }
3799 #endif /* CONFIG_CTRL_IFACE_UDP */
3800
3801
3802 static void hostapd_ctrl_iface_msg_cb(void *ctx, int level,
3803 enum wpa_msg_type type,
3804 const char *txt, size_t len)
3805 {
3806 struct hostapd_data *hapd = ctx;
3807 if (hapd == NULL)
3808 return;
3809 hostapd_ctrl_iface_send(hapd, level, type, txt, len);
3810 }
3811
3812
3813 int hostapd_ctrl_iface_init(struct hostapd_data *hapd)
3814 {
3815 #ifdef CONFIG_CTRL_IFACE_UDP
3816 int port = HOSTAPD_CTRL_IFACE_PORT;
3817 char p[32] = { 0 };
3818 char port_str[40], *tmp;
3819 char *pos;
3820 struct addrinfo hints = { 0 }, *res, *saveres;
3821 int n;
3822
3823 if (hapd->ctrl_sock > -1) {
3824 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
3825 return 0;
3826 }
3827
3828 if (hapd->conf->ctrl_interface == NULL)
3829 return 0;
3830
3831 pos = os_strstr(hapd->conf->ctrl_interface, "udp:");
3832 if (pos) {
3833 pos += 4;
3834 port = atoi(pos);
3835 if (port <= 0) {
3836 wpa_printf(MSG_ERROR, "Invalid ctrl_iface UDP port");
3837 goto fail;
3838 }
3839 }
3840
3841 dl_list_init(&hapd->ctrl_dst);
3842 hapd->ctrl_sock = -1;
3843 os_get_random(hapd->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN);
3844
3845 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
3846 hints.ai_flags = AI_PASSIVE;
3847 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
3848
3849 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
3850 hints.ai_family = AF_INET6;
3851 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
3852 hints.ai_family = AF_INET;
3853 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
3854 hints.ai_socktype = SOCK_DGRAM;
3855
3856 try_again:
3857 os_snprintf(p, sizeof(p), "%d", port);
3858 n = getaddrinfo(NULL, p, &hints, &res);
3859 if (n) {
3860 wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
3861 goto fail;
3862 }
3863
3864 saveres = res;
3865 hapd->ctrl_sock = socket(res->ai_family, res->ai_socktype,
3866 res->ai_protocol);
3867 if (hapd->ctrl_sock < 0) {
3868 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
3869 goto fail;
3870 }
3871
3872 if (bind(hapd->ctrl_sock, res->ai_addr, res->ai_addrlen) < 0) {
3873 port--;
3874 if ((HOSTAPD_CTRL_IFACE_PORT - port) <
3875 HOSTAPD_CTRL_IFACE_PORT_LIMIT && !pos)
3876 goto try_again;
3877 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
3878 goto fail;
3879 }
3880
3881 freeaddrinfo(saveres);
3882
3883 os_snprintf(port_str, sizeof(port_str), "udp:%d", port);
3884 tmp = os_strdup(port_str);
3885 if (tmp) {
3886 os_free(hapd->conf->ctrl_interface);
3887 hapd->conf->ctrl_interface = tmp;
3888 }
3889 wpa_printf(MSG_DEBUG, "ctrl_iface_init UDP port: %d", port);
3890
3891 if (eloop_register_read_sock(hapd->ctrl_sock,
3892 hostapd_ctrl_iface_receive, hapd, NULL) <
3893 0) {
3894 hostapd_ctrl_iface_deinit(hapd);
3895 return -1;
3896 }
3897
3898 hapd->msg_ctx = hapd;
3899 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
3900
3901 return 0;
3902
3903 fail:
3904 if (hapd->ctrl_sock >= 0)
3905 close(hapd->ctrl_sock);
3906 return -1;
3907 #else /* CONFIG_CTRL_IFACE_UDP */
3908 struct sockaddr_un addr;
3909 int s = -1;
3910 char *fname = NULL;
3911
3912 if (hapd->ctrl_sock > -1) {
3913 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
3914 return 0;
3915 }
3916
3917 dl_list_init(&hapd->ctrl_dst);
3918
3919 if (hapd->conf->ctrl_interface == NULL)
3920 return 0;
3921
3922 if (mkdir(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
3923 if (errno == EEXIST) {
3924 wpa_printf(MSG_DEBUG, "Using existing control "
3925 "interface directory.");
3926 } else {
3927 wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
3928 strerror(errno));
3929 goto fail;
3930 }
3931 }
3932
3933 if (hapd->conf->ctrl_interface_gid_set &&
3934 lchown(hapd->conf->ctrl_interface, -1,
3935 hapd->conf->ctrl_interface_gid) < 0) {
3936 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
3937 strerror(errno));
3938 return -1;
3939 }
3940
3941 if (!hapd->conf->ctrl_interface_gid_set &&
3942 hapd->iface->interfaces->ctrl_iface_group &&
3943 lchown(hapd->conf->ctrl_interface, -1,
3944 hapd->iface->interfaces->ctrl_iface_group) < 0) {
3945 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
3946 strerror(errno));
3947 return -1;
3948 }
3949
3950 #ifdef ANDROID
3951 /*
3952 * Android is using umask 0077 which would leave the control interface
3953 * directory without group access. This breaks things since Wi-Fi
3954 * framework assumes that this directory can be accessed by other
3955 * applications in the wifi group. Fix this by adding group access even
3956 * if umask value would prevent this.
3957 */
3958 if (chmod(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
3959 wpa_printf(MSG_ERROR, "CTRL: Could not chmod directory: %s",
3960 strerror(errno));
3961 /* Try to continue anyway */
3962 }
3963 #endif /* ANDROID */
3964
3965 if (os_strlen(hapd->conf->ctrl_interface) + 1 +
3966 os_strlen(hapd->conf->iface) >= sizeof(addr.sun_path))
3967 goto fail;
3968
3969 s = socket(PF_UNIX, SOCK_DGRAM, 0);
3970 if (s < 0) {
3971 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
3972 goto fail;
3973 }
3974
3975 os_memset(&addr, 0, sizeof(addr));
3976 #ifdef __FreeBSD__
3977 addr.sun_len = sizeof(addr);
3978 #endif /* __FreeBSD__ */
3979 addr.sun_family = AF_UNIX;
3980 fname = hostapd_ctrl_iface_path(hapd);
3981 if (fname == NULL)
3982 goto fail;
3983 os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
3984 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
3985 wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
3986 strerror(errno));
3987 if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
3988 wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
3989 " allow connections - assuming it was left"
3990 "over from forced program termination");
3991 if (unlink(fname) < 0) {
3992 wpa_printf(MSG_ERROR,
3993 "Could not unlink existing ctrl_iface socket '%s': %s",
3994 fname, strerror(errno));
3995 goto fail;
3996 }
3997 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
3998 0) {
3999 wpa_printf(MSG_ERROR,
4000 "hostapd-ctrl-iface: bind(PF_UNIX): %s",
4001 strerror(errno));
4002 goto fail;
4003 }
4004 wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
4005 "ctrl_iface socket '%s'", fname);
4006 } else {
4007 wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
4008 "be in use - cannot override it");
4009 wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
4010 "not used anymore", fname);
4011 os_free(fname);
4012 fname = NULL;
4013 goto fail;
4014 }
4015 }
4016
4017 if (hapd->conf->ctrl_interface_gid_set &&
4018 lchown(fname, -1, hapd->conf->ctrl_interface_gid) < 0) {
4019 wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
4020 strerror(errno));
4021 goto fail;
4022 }
4023
4024 if (!hapd->conf->ctrl_interface_gid_set &&
4025 hapd->iface->interfaces->ctrl_iface_group &&
4026 lchown(fname, -1, hapd->iface->interfaces->ctrl_iface_group) < 0) {
4027 wpa_printf(MSG_ERROR, "lchown[ctrl_interface/ifname]: %s",
4028 strerror(errno));
4029 goto fail;
4030 }
4031
4032 if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
4033 wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
4034 strerror(errno));
4035 goto fail;
4036 }
4037 os_free(fname);
4038
4039 hapd->ctrl_sock = s;
4040 if (eloop_register_read_sock(s, hostapd_ctrl_iface_receive, hapd,
4041 NULL) < 0) {
4042 hostapd_ctrl_iface_deinit(hapd);
4043 return -1;
4044 }
4045 hapd->msg_ctx = hapd;
4046 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4047
4048 return 0;
4049
4050 fail:
4051 if (s >= 0)
4052 close(s);
4053 if (fname) {
4054 unlink(fname);
4055 os_free(fname);
4056 }
4057 return -1;
4058 #endif /* CONFIG_CTRL_IFACE_UDP */
4059 }
4060
4061
4062 void hostapd_ctrl_iface_deinit(struct hostapd_data *hapd)
4063 {
4064 struct wpa_ctrl_dst *dst, *prev;
4065
4066 if (hapd->ctrl_sock > -1) {
4067 #ifndef CONFIG_CTRL_IFACE_UDP
4068 char *fname;
4069 #endif /* !CONFIG_CTRL_IFACE_UDP */
4070
4071 eloop_unregister_read_sock(hapd->ctrl_sock);
4072 close(hapd->ctrl_sock);
4073 hapd->ctrl_sock = -1;
4074 #ifndef CONFIG_CTRL_IFACE_UDP
4075 fname = hostapd_ctrl_iface_path(hapd);
4076 if (fname)
4077 unlink(fname);
4078 os_free(fname);
4079
4080 if (hapd->conf->ctrl_interface &&
4081 rmdir(hapd->conf->ctrl_interface) < 0) {
4082 if (errno == ENOTEMPTY) {
4083 wpa_printf(MSG_DEBUG, "Control interface "
4084 "directory not empty - leaving it "
4085 "behind");
4086 } else {
4087 wpa_printf(MSG_ERROR,
4088 "rmdir[ctrl_interface=%s]: %s",
4089 hapd->conf->ctrl_interface,
4090 strerror(errno));
4091 }
4092 }
4093 #endif /* !CONFIG_CTRL_IFACE_UDP */
4094 }
4095
4096 dl_list_for_each_safe(dst, prev, &hapd->ctrl_dst, struct wpa_ctrl_dst,
4097 list)
4098 os_free(dst);
4099
4100 #ifdef CONFIG_TESTING_OPTIONS
4101 l2_packet_deinit(hapd->l2_test);
4102 hapd->l2_test = NULL;
4103 #endif /* CONFIG_TESTING_OPTIONS */
4104 }
4105
4106
4107 static int hostapd_ctrl_iface_add(struct hapd_interfaces *interfaces,
4108 char *buf)
4109 {
4110 if (hostapd_add_iface(interfaces, buf) < 0) {
4111 wpa_printf(MSG_ERROR, "Adding interface %s failed", buf);
4112 return -1;
4113 }
4114 return 0;
4115 }
4116
4117
4118 static int hostapd_ctrl_iface_remove(struct hapd_interfaces *interfaces,
4119 char *buf)
4120 {
4121 if (hostapd_remove_iface(interfaces, buf) < 0) {
4122 wpa_printf(MSG_ERROR, "Removing interface %s failed", buf);
4123 return -1;
4124 }
4125 return 0;
4126 }
4127
4128
4129 static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces,
4130 struct sockaddr_storage *from,
4131 socklen_t fromlen, char *input)
4132 {
4133 return ctrl_iface_attach(&interfaces->global_ctrl_dst, from, fromlen,
4134 input);
4135 }
4136
4137
4138 static int hostapd_global_ctrl_iface_detach(struct hapd_interfaces *interfaces,
4139 struct sockaddr_storage *from,
4140 socklen_t fromlen)
4141 {
4142 return ctrl_iface_detach(&interfaces->global_ctrl_dst, from, fromlen);
4143 }
4144
4145
4146 static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces)
4147 {
4148 #ifdef CONFIG_WPS_TESTING
4149 wps_version_number = 0x20;
4150 wps_testing_dummy_cred = 0;
4151 wps_corrupt_pkhash = 0;
4152 #endif /* CONFIG_WPS_TESTING */
4153
4154 #ifdef CONFIG_TESTING_OPTIONS
4155 #ifdef CONFIG_DPP
4156 dpp_test = DPP_TEST_DISABLED;
4157 #endif /* CONFIG_DPP */
4158 #endif /* CONFIG_TESTING_OPTIONS */
4159
4160 #ifdef CONFIG_DPP
4161 dpp_global_clear(interfaces->dpp);
4162 #endif /* CONFIG_DPP */
4163 }
4164
4165
4166 #ifdef CONFIG_FST
4167
4168 static int
4169 hostapd_global_ctrl_iface_fst_attach(struct hapd_interfaces *interfaces,
4170 const char *cmd)
4171 {
4172 char ifname[IFNAMSIZ + 1];
4173 struct fst_iface_cfg cfg;
4174 struct hostapd_data *hapd;
4175 struct fst_wpa_obj iface_obj;
4176
4177 if (!fst_parse_attach_command(cmd, ifname, sizeof(ifname), &cfg)) {
4178 hapd = hostapd_get_iface(interfaces, ifname);
4179 if (hapd) {
4180 if (hapd->iface->fst) {
4181 wpa_printf(MSG_INFO, "FST: Already attached");
4182 return -1;
4183 }
4184 fst_hostapd_fill_iface_obj(hapd, &iface_obj);
4185 hapd->iface->fst = fst_attach(ifname, hapd->own_addr,
4186 &iface_obj, &cfg);
4187 if (hapd->iface->fst)
4188 return 0;
4189 }
4190 }
4191
4192 return -EINVAL;
4193 }
4194
4195
4196 static int
4197 hostapd_global_ctrl_iface_fst_detach(struct hapd_interfaces *interfaces,
4198 const char *cmd)
4199 {
4200 char ifname[IFNAMSIZ + 1];
4201 struct hostapd_data * hapd;
4202
4203 if (!fst_parse_detach_command(cmd, ifname, sizeof(ifname))) {
4204 hapd = hostapd_get_iface(interfaces, ifname);
4205 if (hapd) {
4206 if (!fst_iface_detach(ifname)) {
4207 hapd->iface->fst = NULL;
4208 hapd->iface->fst_ies = NULL;
4209 return 0;
4210 }
4211 }
4212 }
4213
4214 return -EINVAL;
4215 }
4216
4217 #endif /* CONFIG_FST */
4218
4219
4220 static struct hostapd_data *
4221 hostapd_interfaces_get_hapd(struct hapd_interfaces *interfaces,
4222 const char *ifname)
4223 {
4224 size_t i, j;
4225
4226 for (i = 0; i < interfaces->count; i++) {
4227 struct hostapd_iface *iface = interfaces->iface[i];
4228
4229 for (j = 0; j < iface->num_bss; j++) {
4230 struct hostapd_data *hapd;
4231
4232 hapd = iface->bss[j];
4233 if (os_strcmp(ifname, hapd->conf->iface) == 0)
4234 return hapd;
4235 }
4236 }
4237
4238 return NULL;
4239 }
4240
4241
4242 static int hostapd_ctrl_iface_dup_param(struct hostapd_data *src_hapd,
4243 struct hostapd_data *dst_hapd,
4244 const char *param)
4245 {
4246 int res;
4247 char *value;
4248
4249 value = os_zalloc(HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
4250 if (!value) {
4251 wpa_printf(MSG_ERROR,
4252 "DUP: cannot allocate buffer to stringify %s",
4253 param);
4254 goto error_return;
4255 }
4256
4257 if (os_strcmp(param, "wpa") == 0) {
4258 os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%d",
4259 src_hapd->conf->wpa);
4260 } else if (os_strcmp(param, "wpa_key_mgmt") == 0 &&
4261 src_hapd->conf->wpa_key_mgmt) {
4262 res = hostapd_ctrl_iface_get_key_mgmt(
4263 src_hapd, value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN);
4264 if (os_snprintf_error(HOSTAPD_CLI_DUP_VALUE_MAX_LEN, res))
4265 goto error_stringify;
4266 } else if (os_strcmp(param, "wpa_pairwise") == 0 &&
4267 src_hapd->conf->wpa_pairwise) {
4268 res = wpa_write_ciphers(value,
4269 value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
4270 src_hapd->conf->wpa_pairwise, " ");
4271 if (res < 0)
4272 goto error_stringify;
4273 } else if (os_strcmp(param, "rsn_pairwise") == 0 &&
4274 src_hapd->conf->rsn_pairwise) {
4275 res = wpa_write_ciphers(value,
4276 value + HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
4277 src_hapd->conf->rsn_pairwise, " ");
4278 if (res < 0)
4279 goto error_stringify;
4280 } else if (os_strcmp(param, "wpa_passphrase") == 0 &&
4281 src_hapd->conf->ssid.wpa_passphrase) {
4282 os_snprintf(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN, "%s",
4283 src_hapd->conf->ssid.wpa_passphrase);
4284 } else if (os_strcmp(param, "wpa_psk") == 0 &&
4285 src_hapd->conf->ssid.wpa_psk_set) {
4286 wpa_snprintf_hex(value, HOSTAPD_CLI_DUP_VALUE_MAX_LEN,
4287 src_hapd->conf->ssid.wpa_psk->psk, PMK_LEN);
4288 } else {
4289 wpa_printf(MSG_WARNING, "DUP: %s cannot be duplicated", param);
4290 goto error_return;
4291 }
4292
4293 res = hostapd_set_iface(dst_hapd->iconf, dst_hapd->conf, param, value);
4294 os_free(value);
4295 return res;
4296
4297 error_stringify:
4298 wpa_printf(MSG_ERROR, "DUP: cannot stringify %s", param);
4299 error_return:
4300 os_free(value);
4301 return -1;
4302 }
4303
4304
4305 static int
4306 hostapd_global_ctrl_iface_interfaces(struct hapd_interfaces *interfaces,
4307 const char *input,
4308 char *reply, int reply_size)
4309 {
4310 size_t i, j;
4311 int res;
4312 char *pos, *end;
4313 struct hostapd_iface *iface;
4314 int show_ctrl = 0;
4315
4316 if (input)
4317 show_ctrl = !!os_strstr(input, "ctrl");
4318
4319 pos = reply;
4320 end = reply + reply_size;
4321
4322 for (i = 0; i < interfaces->count; i++) {
4323 iface = interfaces->iface[i];
4324
4325 for (j = 0; j < iface->num_bss; j++) {
4326 struct hostapd_bss_config *conf;
4327
4328 conf = iface->conf->bss[j];
4329 if (show_ctrl)
4330 res = os_snprintf(pos, end - pos,
4331 "%s ctrl_iface=%s\n",
4332 conf->iface,
4333 conf->ctrl_interface ?
4334 conf->ctrl_interface : "N/A");
4335 else
4336 res = os_snprintf(pos, end - pos, "%s\n",
4337 conf->iface);
4338 if (os_snprintf_error(end - pos, res)) {
4339 *pos = '\0';
4340 return pos - reply;
4341 }
4342 pos += res;
4343 }
4344 }
4345
4346 return pos - reply;
4347 }
4348
4349
4350 static int
4351 hostapd_global_ctrl_iface_dup_network(struct hapd_interfaces *interfaces,
4352 char *cmd)
4353 {
4354 char *p_start = cmd, *p_end;
4355 struct hostapd_data *src_hapd, *dst_hapd;
4356
4357 /* cmd: "<src ifname> <dst ifname> <variable name> */
4358
4359 p_end = os_strchr(p_start, ' ');
4360 if (!p_end) {
4361 wpa_printf(MSG_ERROR, "DUP: no src ifname found in cmd: '%s'",
4362 cmd);
4363 return -1;
4364 }
4365
4366 *p_end = '\0';
4367 src_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
4368 if (!src_hapd) {
4369 wpa_printf(MSG_ERROR, "DUP: no src ifname found: '%s'",
4370 p_start);
4371 return -1;
4372 }
4373
4374 p_start = p_end + 1;
4375 p_end = os_strchr(p_start, ' ');
4376 if (!p_end) {
4377 wpa_printf(MSG_ERROR, "DUP: no dst ifname found in cmd: '%s'",
4378 cmd);
4379 return -1;
4380 }
4381
4382 *p_end = '\0';
4383 dst_hapd = hostapd_interfaces_get_hapd(interfaces, p_start);
4384 if (!dst_hapd) {
4385 wpa_printf(MSG_ERROR, "DUP: no dst ifname found: '%s'",
4386 p_start);
4387 return -1;
4388 }
4389
4390 p_start = p_end + 1;
4391 return hostapd_ctrl_iface_dup_param(src_hapd, dst_hapd, p_start);
4392 }
4393
4394
4395 static int hostapd_global_ctrl_iface_ifname(struct hapd_interfaces *interfaces,
4396 const char *ifname,
4397 char *buf, char *reply,
4398 int reply_size,
4399 struct sockaddr_storage *from,
4400 socklen_t fromlen)
4401 {
4402 struct hostapd_data *hapd;
4403
4404 hapd = hostapd_interfaces_get_hapd(interfaces, ifname);
4405 if (hapd == NULL) {
4406 int res;
4407
4408 res = os_snprintf(reply, reply_size, "FAIL-NO-IFNAME-MATCH\n");
4409 if (os_snprintf_error(reply_size, res))
4410 return -1;
4411 return res;
4412 }
4413
4414 return hostapd_ctrl_iface_receive_process(hapd, buf, reply,reply_size,
4415 from, fromlen);
4416 }
4417
4418
4419 static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
4420 void *sock_ctx)
4421 {
4422 struct hapd_interfaces *interfaces = eloop_ctx;
4423 char buffer[256], *buf = buffer;
4424 int res;
4425 struct sockaddr_storage from;
4426 socklen_t fromlen = sizeof(from);
4427 char *reply;
4428 int reply_len;
4429 const int reply_size = 4096;
4430 #ifdef CONFIG_CTRL_IFACE_UDP
4431 unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
4432 #endif /* CONFIG_CTRL_IFACE_UDP */
4433
4434 res = recvfrom(sock, buffer, sizeof(buffer) - 1, 0,
4435 (struct sockaddr *) &from, &fromlen);
4436 if (res < 0) {
4437 wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s",
4438 strerror(errno));
4439 return;
4440 }
4441 buf[res] = '\0';
4442 wpa_printf(MSG_DEBUG, "Global ctrl_iface command: %s", buf);
4443
4444 reply = os_malloc(reply_size);
4445 if (reply == NULL) {
4446 if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from,
4447 fromlen) < 0) {
4448 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
4449 strerror(errno));
4450 }
4451 return;
4452 }
4453
4454 os_memcpy(reply, "OK\n", 3);
4455 reply_len = 3;
4456
4457 #ifdef CONFIG_CTRL_IFACE_UDP
4458 if (os_strcmp(buf, "GET_COOKIE") == 0) {
4459 os_memcpy(reply, "COOKIE=", 7);
4460 wpa_snprintf_hex(reply + 7, 2 * CTRL_IFACE_COOKIE_LEN + 1,
4461 interfaces->ctrl_iface_cookie,
4462 CTRL_IFACE_COOKIE_LEN);
4463 reply_len = 7 + 2 * CTRL_IFACE_COOKIE_LEN;
4464 goto send_reply;
4465 }
4466
4467 if (os_strncmp(buf, "COOKIE=", 7) != 0 ||
4468 hexstr2bin(buf + 7, lcookie, CTRL_IFACE_COOKIE_LEN) < 0) {
4469 wpa_printf(MSG_DEBUG,
4470 "CTRL: No cookie in the request - drop request");
4471 os_free(reply);
4472 return;
4473 }
4474
4475 if (os_memcmp(interfaces->ctrl_iface_cookie, lcookie,
4476 CTRL_IFACE_COOKIE_LEN) != 0) {
4477 wpa_printf(MSG_DEBUG,
4478 "CTRL: Invalid cookie in the request - drop request");
4479 os_free(reply);
4480 return;
4481 }
4482
4483 buf += 7 + 2 * CTRL_IFACE_COOKIE_LEN;
4484 while (*buf == ' ')
4485 buf++;
4486 #endif /* CONFIG_CTRL_IFACE_UDP */
4487
4488 if (os_strncmp(buf, "IFNAME=", 7) == 0) {
4489 char *pos = os_strchr(buf + 7, ' ');
4490
4491 if (pos) {
4492 *pos++ = '\0';
4493 reply_len = hostapd_global_ctrl_iface_ifname(
4494 interfaces, buf + 7, pos, reply, reply_size,
4495 &from, fromlen);
4496 goto send_reply;
4497 }
4498 }
4499
4500 if (os_strcmp(buf, "PING") == 0) {
4501 os_memcpy(reply, "PONG\n", 5);
4502 reply_len = 5;
4503 } else if (os_strncmp(buf, "RELOG", 5) == 0) {
4504 if (wpa_debug_reopen_file() < 0)
4505 reply_len = -1;
4506 } else if (os_strcmp(buf, "FLUSH") == 0) {
4507 hostapd_ctrl_iface_flush(interfaces);
4508 } else if (os_strncmp(buf, "ADD ", 4) == 0) {
4509 if (hostapd_ctrl_iface_add(interfaces, buf + 4) < 0)
4510 reply_len = -1;
4511 } else if (os_strncmp(buf, "REMOVE ", 7) == 0) {
4512 if (hostapd_ctrl_iface_remove(interfaces, buf + 7) < 0)
4513 reply_len = -1;
4514 } else if (os_strcmp(buf, "ATTACH") == 0) {
4515 if (hostapd_global_ctrl_iface_attach(interfaces, &from,
4516 fromlen, NULL))
4517 reply_len = -1;
4518 } else if (os_strncmp(buf, "ATTACH ", 7) == 0) {
4519 if (hostapd_global_ctrl_iface_attach(interfaces, &from,
4520 fromlen, buf + 7))
4521 reply_len = -1;
4522 } else if (os_strcmp(buf, "DETACH") == 0) {
4523 if (hostapd_global_ctrl_iface_detach(interfaces, &from,
4524 fromlen))
4525 reply_len = -1;
4526 #ifdef CONFIG_MODULE_TESTS
4527 } else if (os_strcmp(buf, "MODULE_TESTS") == 0) {
4528 if (hapd_module_tests() < 0)
4529 reply_len = -1;
4530 #endif /* CONFIG_MODULE_TESTS */
4531 #ifdef CONFIG_FST
4532 } else if (os_strncmp(buf, "FST-ATTACH ", 11) == 0) {
4533 if (!hostapd_global_ctrl_iface_fst_attach(interfaces, buf + 11))
4534 reply_len = os_snprintf(reply, reply_size, "OK\n");
4535 else
4536 reply_len = -1;
4537 } else if (os_strncmp(buf, "FST-DETACH ", 11) == 0) {
4538 if (!hostapd_global_ctrl_iface_fst_detach(interfaces, buf + 11))
4539 reply_len = os_snprintf(reply, reply_size, "OK\n");
4540 else
4541 reply_len = -1;
4542 } else if (os_strncmp(buf, "FST-MANAGER ", 12) == 0) {
4543 reply_len = fst_ctrl_iface_receive(buf + 12, reply, reply_size);
4544 #endif /* CONFIG_FST */
4545 } else if (os_strncmp(buf, "DUP_NETWORK ", 12) == 0) {
4546 if (!hostapd_global_ctrl_iface_dup_network(interfaces,
4547 buf + 12))
4548 reply_len = os_snprintf(reply, reply_size, "OK\n");
4549 else
4550 reply_len = -1;
4551 } else if (os_strncmp(buf, "INTERFACES", 10) == 0) {
4552 reply_len = hostapd_global_ctrl_iface_interfaces(
4553 interfaces, buf + 10, reply, sizeof(buffer));
4554 } else if (os_strcmp(buf, "TERMINATE") == 0) {
4555 eloop_terminate();
4556 } else {
4557 wpa_printf(MSG_DEBUG, "Unrecognized global ctrl_iface command "
4558 "ignored");
4559 reply_len = -1;
4560 }
4561
4562 send_reply:
4563 if (reply_len < 0) {
4564 os_memcpy(reply, "FAIL\n", 5);
4565 reply_len = 5;
4566 }
4567
4568 if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from,
4569 fromlen) < 0) {
4570 wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s",
4571 strerror(errno));
4572 }
4573 os_free(reply);
4574 }
4575
4576
4577 #ifndef CONFIG_CTRL_IFACE_UDP
4578 static char * hostapd_global_ctrl_iface_path(struct hapd_interfaces *interface)
4579 {
4580 char *buf;
4581 size_t len;
4582
4583 if (interface->global_iface_path == NULL)
4584 return NULL;
4585
4586 len = os_strlen(interface->global_iface_path) +
4587 os_strlen(interface->global_iface_name) + 2;
4588 buf = os_malloc(len);
4589 if (buf == NULL)
4590 return NULL;
4591
4592 os_snprintf(buf, len, "%s/%s", interface->global_iface_path,
4593 interface->global_iface_name);
4594 buf[len - 1] = '\0';
4595 return buf;
4596 }
4597 #endif /* CONFIG_CTRL_IFACE_UDP */
4598
4599
4600 int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface)
4601 {
4602 #ifdef CONFIG_CTRL_IFACE_UDP
4603 int port = HOSTAPD_GLOBAL_CTRL_IFACE_PORT;
4604 char p[32] = { 0 };
4605 char *pos;
4606 struct addrinfo hints = { 0 }, *res, *saveres;
4607 int n;
4608
4609 if (interface->global_ctrl_sock > -1) {
4610 wpa_printf(MSG_DEBUG, "ctrl_iface already exists!");
4611 return 0;
4612 }
4613
4614 if (interface->global_iface_path == NULL)
4615 return 0;
4616
4617 pos = os_strstr(interface->global_iface_path, "udp:");
4618 if (pos) {
4619 pos += 4;
4620 port = atoi(pos);
4621 if (port <= 0) {
4622 wpa_printf(MSG_ERROR, "Invalid global ctrl UDP port");
4623 goto fail;
4624 }
4625 }
4626
4627 os_get_random(interface->ctrl_iface_cookie, CTRL_IFACE_COOKIE_LEN);
4628
4629 #ifdef CONFIG_CTRL_IFACE_UDP_REMOTE
4630 hints.ai_flags = AI_PASSIVE;
4631 #endif /* CONFIG_CTRL_IFACE_UDP_REMOTE */
4632
4633 #ifdef CONFIG_CTRL_IFACE_UDP_IPV6
4634 hints.ai_family = AF_INET6;
4635 #else /* CONFIG_CTRL_IFACE_UDP_IPV6 */
4636 hints.ai_family = AF_INET;
4637 #endif /* CONFIG_CTRL_IFACE_UDP_IPV6 */
4638 hints.ai_socktype = SOCK_DGRAM;
4639
4640 try_again:
4641 os_snprintf(p, sizeof(p), "%d", port);
4642 n = getaddrinfo(NULL, p, &hints, &res);
4643 if (n) {
4644 wpa_printf(MSG_ERROR, "getaddrinfo(): %s", gai_strerror(n));
4645 goto fail;
4646 }
4647
4648 saveres = res;
4649 interface->global_ctrl_sock = socket(res->ai_family, res->ai_socktype,
4650 res->ai_protocol);
4651 if (interface->global_ctrl_sock < 0) {
4652 wpa_printf(MSG_ERROR, "socket(PF_INET): %s", strerror(errno));
4653 goto fail;
4654 }
4655
4656 if (bind(interface->global_ctrl_sock, res->ai_addr, res->ai_addrlen) <
4657 0) {
4658 port++;
4659 if ((port - HOSTAPD_GLOBAL_CTRL_IFACE_PORT) <
4660 HOSTAPD_GLOBAL_CTRL_IFACE_PORT_LIMIT && !pos)
4661 goto try_again;
4662 wpa_printf(MSG_ERROR, "bind(AF_INET): %s", strerror(errno));
4663 goto fail;
4664 }
4665
4666 freeaddrinfo(saveres);
4667
4668 wpa_printf(MSG_DEBUG, "global ctrl_iface_init UDP port: %d", port);
4669
4670 if (eloop_register_read_sock(interface->global_ctrl_sock,
4671 hostapd_global_ctrl_iface_receive,
4672 interface, NULL) < 0) {
4673 hostapd_global_ctrl_iface_deinit(interface);
4674 return -1;
4675 }
4676
4677 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4678
4679 return 0;
4680
4681 fail:
4682 if (interface->global_ctrl_sock >= 0)
4683 close(interface->global_ctrl_sock);
4684 return -1;
4685 #else /* CONFIG_CTRL_IFACE_UDP */
4686 struct sockaddr_un addr;
4687 int s = -1;
4688 char *fname = NULL;
4689
4690 if (interface->global_iface_path == NULL) {
4691 wpa_printf(MSG_DEBUG, "ctrl_iface not configured!");
4692 return 0;
4693 }
4694
4695 if (mkdir(interface->global_iface_path, S_IRWXU | S_IRWXG) < 0) {
4696 if (errno == EEXIST) {
4697 wpa_printf(MSG_DEBUG, "Using existing control "
4698 "interface directory.");
4699 } else {
4700 wpa_printf(MSG_ERROR, "mkdir[ctrl_interface]: %s",
4701 strerror(errno));
4702 goto fail;
4703 }
4704 } else if (interface->ctrl_iface_group &&
4705 lchown(interface->global_iface_path, -1,
4706 interface->ctrl_iface_group) < 0) {
4707 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
4708 strerror(errno));
4709 goto fail;
4710 }
4711
4712 if (os_strlen(interface->global_iface_path) + 1 +
4713 os_strlen(interface->global_iface_name) >= sizeof(addr.sun_path))
4714 goto fail;
4715
4716 s = socket(PF_UNIX, SOCK_DGRAM, 0);
4717 if (s < 0) {
4718 wpa_printf(MSG_ERROR, "socket(PF_UNIX): %s", strerror(errno));
4719 goto fail;
4720 }
4721
4722 os_memset(&addr, 0, sizeof(addr));
4723 #ifdef __FreeBSD__
4724 addr.sun_len = sizeof(addr);
4725 #endif /* __FreeBSD__ */
4726 addr.sun_family = AF_UNIX;
4727 fname = hostapd_global_ctrl_iface_path(interface);
4728 if (fname == NULL)
4729 goto fail;
4730 os_strlcpy(addr.sun_path, fname, sizeof(addr.sun_path));
4731 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
4732 wpa_printf(MSG_DEBUG, "ctrl_iface bind(PF_UNIX) failed: %s",
4733 strerror(errno));
4734 if (connect(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
4735 wpa_printf(MSG_DEBUG, "ctrl_iface exists, but does not"
4736 " allow connections - assuming it was left"
4737 "over from forced program termination");
4738 if (unlink(fname) < 0) {
4739 wpa_printf(MSG_ERROR,
4740 "Could not unlink existing ctrl_iface socket '%s': %s",
4741 fname, strerror(errno));
4742 goto fail;
4743 }
4744 if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) <
4745 0) {
4746 wpa_printf(MSG_ERROR, "bind(PF_UNIX): %s",
4747 strerror(errno));
4748 goto fail;
4749 }
4750 wpa_printf(MSG_DEBUG, "Successfully replaced leftover "
4751 "ctrl_iface socket '%s'", fname);
4752 } else {
4753 wpa_printf(MSG_INFO, "ctrl_iface exists and seems to "
4754 "be in use - cannot override it");
4755 wpa_printf(MSG_INFO, "Delete '%s' manually if it is "
4756 "not used anymore", fname);
4757 os_free(fname);
4758 fname = NULL;
4759 goto fail;
4760 }
4761 }
4762
4763 if (interface->ctrl_iface_group &&
4764 lchown(fname, -1, interface->ctrl_iface_group) < 0) {
4765 wpa_printf(MSG_ERROR, "lchown[ctrl_interface]: %s",
4766 strerror(errno));
4767 goto fail;
4768 }
4769
4770 if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
4771 wpa_printf(MSG_ERROR, "chmod[ctrl_interface/ifname]: %s",
4772 strerror(errno));
4773 goto fail;
4774 }
4775 os_free(fname);
4776
4777 interface->global_ctrl_sock = s;
4778 eloop_register_read_sock(s, hostapd_global_ctrl_iface_receive,
4779 interface, NULL);
4780
4781 wpa_msg_register_cb(hostapd_ctrl_iface_msg_cb);
4782
4783 return 0;
4784
4785 fail:
4786 if (s >= 0)
4787 close(s);
4788 if (fname) {
4789 unlink(fname);
4790 os_free(fname);
4791 }
4792 return -1;
4793 #endif /* CONFIG_CTRL_IFACE_UDP */
4794 }
4795
4796
4797 void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interfaces)
4798 {
4799 #ifndef CONFIG_CTRL_IFACE_UDP
4800 char *fname = NULL;
4801 #endif /* CONFIG_CTRL_IFACE_UDP */
4802 struct wpa_ctrl_dst *dst, *prev;
4803
4804 if (interfaces->global_ctrl_sock > -1) {
4805 eloop_unregister_read_sock(interfaces->global_ctrl_sock);
4806 close(interfaces->global_ctrl_sock);
4807 interfaces->global_ctrl_sock = -1;
4808 #ifndef CONFIG_CTRL_IFACE_UDP
4809 fname = hostapd_global_ctrl_iface_path(interfaces);
4810 if (fname) {
4811 unlink(fname);
4812 os_free(fname);
4813 }
4814
4815 if (interfaces->global_iface_path &&
4816 rmdir(interfaces->global_iface_path) < 0) {
4817 if (errno == ENOTEMPTY) {
4818 wpa_printf(MSG_DEBUG, "Control interface "
4819 "directory not empty - leaving it "
4820 "behind");
4821 } else {
4822 wpa_printf(MSG_ERROR,
4823 "rmdir[ctrl_interface=%s]: %s",
4824 interfaces->global_iface_path,
4825 strerror(errno));
4826 }
4827 }
4828 #endif /* CONFIG_CTRL_IFACE_UDP */
4829 }
4830
4831 os_free(interfaces->global_iface_path);
4832 interfaces->global_iface_path = NULL;
4833
4834 dl_list_for_each_safe(dst, prev, &interfaces->global_ctrl_dst,
4835 struct wpa_ctrl_dst, list)
4836 os_free(dst);
4837 }
4838
4839
4840 static int hostapd_ctrl_check_event_enabled(struct wpa_ctrl_dst *dst,
4841 const char *buf)
4842 {
4843 /* Enable Probe Request events based on explicit request.
4844 * Other events are enabled by default.
4845 */
4846 if (str_starts(buf, RX_PROBE_REQUEST))
4847 return !!(dst->events & WPA_EVENT_RX_PROBE_REQUEST);
4848 return 1;
4849 }
4850
4851
4852 static void hostapd_ctrl_iface_send_internal(int sock, struct dl_list *ctrl_dst,
4853 const char *ifname, int level,
4854 const char *buf, size_t len)
4855 {
4856 struct wpa_ctrl_dst *dst, *next;
4857 struct msghdr msg;
4858 int idx, res;
4859 struct iovec io[5];
4860 char levelstr[10];
4861
4862 if (sock < 0 || dl_list_empty(ctrl_dst))
4863 return;
4864
4865 res = os_snprintf(levelstr, sizeof(levelstr), "<%d>", level);
4866 if (os_snprintf_error(sizeof(levelstr), res))
4867 return;
4868 idx = 0;
4869 if (ifname) {
4870 io[idx].iov_base = "IFNAME=";
4871 io[idx].iov_len = 7;
4872 idx++;
4873 io[idx].iov_base = (char *) ifname;
4874 io[idx].iov_len = os_strlen(ifname);
4875 idx++;
4876 io[idx].iov_base = " ";
4877 io[idx].iov_len = 1;
4878 idx++;
4879 }
4880 io[idx].iov_base = levelstr;
4881 io[idx].iov_len = os_strlen(levelstr);
4882 idx++;
4883 io[idx].iov_base = (char *) buf;
4884 io[idx].iov_len = len;
4885 idx++;
4886 os_memset(&msg, 0, sizeof(msg));
4887 msg.msg_iov = io;
4888 msg.msg_iovlen = idx;
4889
4890 idx = 0;
4891 dl_list_for_each_safe(dst, next, ctrl_dst, struct wpa_ctrl_dst, list) {
4892 if ((level >= dst->debug_level) &&
4893 hostapd_ctrl_check_event_enabled(dst, buf)) {
4894 sockaddr_print(MSG_DEBUG, "CTRL_IFACE monitor send",
4895 &dst->addr, dst->addrlen);
4896 msg.msg_name = &dst->addr;
4897 msg.msg_namelen = dst->addrlen;
4898 if (sendmsg(sock, &msg, 0) < 0) {
4899 int _errno = errno;
4900 wpa_printf(MSG_INFO, "CTRL_IFACE monitor[%d]: "
4901 "%d - %s",
4902 idx, errno, strerror(errno));
4903 dst->errors++;
4904 if (dst->errors > 10 || _errno == ENOENT) {
4905 ctrl_iface_detach(ctrl_dst,
4906 &dst->addr,
4907 dst->addrlen);
4908 }
4909 } else
4910 dst->errors = 0;
4911 }
4912 idx++;
4913 }
4914 }
4915
4916
4917 static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level,
4918 enum wpa_msg_type type,
4919 const char *buf, size_t len)
4920 {
4921 if (type != WPA_MSG_NO_GLOBAL) {
4922 hostapd_ctrl_iface_send_internal(
4923 hapd->iface->interfaces->global_ctrl_sock,
4924 &hapd->iface->interfaces->global_ctrl_dst,
4925 type != WPA_MSG_PER_INTERFACE ?
4926 NULL : hapd->conf->iface,
4927 level, buf, len);
4928 }
4929
4930 if (type != WPA_MSG_ONLY_GLOBAL) {
4931 hostapd_ctrl_iface_send_internal(
4932 hapd->ctrl_sock, &hapd->ctrl_dst,
4933 NULL, level, buf, len);
4934 }
4935 }
4936
4937 #endif /* CONFIG_NATIVE_WINDOWS */
Unnamed repository; edit this file 'description' to name the repository.