From owner-svn-src-all@freebsd.org Sun Oct 18 21:38:26 2015 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AE535A18DC9; Sun, 18 Oct 2015 21:38:26 +0000 (UTC) (envelope-from rpaulo@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 64D98E99; Sun, 18 Oct 2015 21:38:26 +0000 (UTC) (envelope-from rpaulo@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id t9ILcPdE017293; Sun, 18 Oct 2015 21:38:25 GMT (envelope-from rpaulo@FreeBSD.org) Received: (from rpaulo@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id t9ILcPrs017288; Sun, 18 Oct 2015 21:38:25 GMT (envelope-from rpaulo@FreeBSD.org) Message-Id: <201510182138.t9ILcPrs017288@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rpaulo set sender to rpaulo@FreeBSD.org using -f From: Rui Paulo Date: Sun, 18 Oct 2015 21:38:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r289549 - in head: contrib/wpa/hostapd contrib/wpa/hs20/client contrib/wpa/patches contrib/wpa/src/ap contrib/wpa/src/common contrib/wpa/src/crypto contrib/wpa/src/drivers contrib/wpa/s... X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Oct 2015 21:38:26 -0000 Author: rpaulo Date: Sun Oct 18 21:38:25 2015 New Revision: 289549 URL: https://svnweb.freebsd.org/changeset/base/289549 Log: Update hostapd/wpa_supplicant to version 2.5. Tested by several people on current@/wireless@. Relnotes: yes Added: head/contrib/wpa/patches/openssl-0.9.8zf-tls-extensions.patch - copied unchanged from r289285, vendor/wpa/dist/patches/openssl-0.9.8zf-tls-extensions.patch head/contrib/wpa/src/crypto/sha384-prf.c - copied unchanged from r289285, vendor/wpa/dist/src/crypto/sha384-prf.c head/contrib/wpa/src/fst/ - copied from r289285, vendor/wpa/dist/src/fst/ head/contrib/wpa/wpa_supplicant/eapol_test.py - copied unchanged from r289285, vendor/wpa/dist/wpa_supplicant/eapol_test.py head/contrib/wpa/wpa_supplicant/p2p_supplicant_sd.c - copied unchanged from r289285, vendor/wpa/dist/wpa_supplicant/p2p_supplicant_sd.c Deleted: head/contrib/wpa/src/crypto/crypto_cryptoapi.c head/contrib/wpa/src/crypto/tls_schannel.c Modified: head/contrib/wpa/hostapd/ChangeLog head/contrib/wpa/hostapd/config_file.c head/contrib/wpa/hostapd/config_file.h head/contrib/wpa/hostapd/ctrl_iface.c head/contrib/wpa/hostapd/defconfig head/contrib/wpa/hostapd/hlr_auc_gw.c head/contrib/wpa/hostapd/hlr_auc_gw.milenage_db head/contrib/wpa/hostapd/hostapd.conf head/contrib/wpa/hostapd/hostapd_cli.c head/contrib/wpa/hostapd/main.c head/contrib/wpa/hs20/client/Makefile head/contrib/wpa/hs20/client/osu_client.c head/contrib/wpa/hs20/client/spp_client.c head/contrib/wpa/src/ap/accounting.c head/contrib/wpa/src/ap/acs.c head/contrib/wpa/src/ap/ap_config.c head/contrib/wpa/src/ap/ap_config.h head/contrib/wpa/src/ap/ap_drv_ops.c head/contrib/wpa/src/ap/ap_drv_ops.h head/contrib/wpa/src/ap/ap_list.c head/contrib/wpa/src/ap/ap_list.h head/contrib/wpa/src/ap/authsrv.c head/contrib/wpa/src/ap/beacon.c head/contrib/wpa/src/ap/beacon.h head/contrib/wpa/src/ap/ctrl_iface_ap.c head/contrib/wpa/src/ap/dfs.c head/contrib/wpa/src/ap/drv_callbacks.c head/contrib/wpa/src/ap/eap_user_db.c head/contrib/wpa/src/ap/hostapd.c head/contrib/wpa/src/ap/hostapd.h head/contrib/wpa/src/ap/hw_features.c head/contrib/wpa/src/ap/hw_features.h head/contrib/wpa/src/ap/ieee802_11.c head/contrib/wpa/src/ap/ieee802_11.h head/contrib/wpa/src/ap/ieee802_11_auth.c head/contrib/wpa/src/ap/ieee802_11_auth.h head/contrib/wpa/src/ap/ieee802_11_ht.c head/contrib/wpa/src/ap/ieee802_11_vht.c head/contrib/wpa/src/ap/ieee802_1x.c head/contrib/wpa/src/ap/ieee802_1x.h head/contrib/wpa/src/ap/ndisc_snoop.c head/contrib/wpa/src/ap/sta_info.c head/contrib/wpa/src/ap/sta_info.h head/contrib/wpa/src/ap/utils.c head/contrib/wpa/src/ap/vlan_init.c head/contrib/wpa/src/ap/vlan_init.h head/contrib/wpa/src/ap/vlan_util.c head/contrib/wpa/src/ap/wmm.c head/contrib/wpa/src/ap/wpa_auth.c head/contrib/wpa/src/ap/wpa_auth.h head/contrib/wpa/src/ap/wpa_auth_ft.c head/contrib/wpa/src/ap/wpa_auth_glue.c head/contrib/wpa/src/ap/wpa_auth_i.h head/contrib/wpa/src/ap/wpa_auth_ie.c head/contrib/wpa/src/ap/wps_hostapd.c head/contrib/wpa/src/ap/x_snoop.c head/contrib/wpa/src/common/common_module_tests.c head/contrib/wpa/src/common/defs.h head/contrib/wpa/src/common/hw_features_common.c head/contrib/wpa/src/common/hw_features_common.h head/contrib/wpa/src/common/ieee802_11_common.c head/contrib/wpa/src/common/ieee802_11_common.h head/contrib/wpa/src/common/ieee802_11_defs.h head/contrib/wpa/src/common/privsep_commands.h head/contrib/wpa/src/common/qca-vendor.h head/contrib/wpa/src/common/sae.c head/contrib/wpa/src/common/sae.h head/contrib/wpa/src/common/version.h head/contrib/wpa/src/common/wpa_common.c head/contrib/wpa/src/common/wpa_common.h head/contrib/wpa/src/common/wpa_ctrl.c head/contrib/wpa/src/common/wpa_ctrl.h head/contrib/wpa/src/crypto/crypto.h head/contrib/wpa/src/crypto/crypto_module_tests.c head/contrib/wpa/src/crypto/crypto_openssl.c head/contrib/wpa/src/crypto/dh_groups.c head/contrib/wpa/src/crypto/fips_prf_openssl.c head/contrib/wpa/src/crypto/ms_funcs.c head/contrib/wpa/src/crypto/ms_funcs.h head/contrib/wpa/src/crypto/random.c head/contrib/wpa/src/crypto/sha1-tlsprf.c head/contrib/wpa/src/crypto/sha1-tprf.c head/contrib/wpa/src/crypto/sha256-kdf.c head/contrib/wpa/src/crypto/sha384.h head/contrib/wpa/src/crypto/tls.h head/contrib/wpa/src/crypto/tls_gnutls.c head/contrib/wpa/src/crypto/tls_internal.c head/contrib/wpa/src/crypto/tls_none.c head/contrib/wpa/src/crypto/tls_openssl.c head/contrib/wpa/src/drivers/driver.h head/contrib/wpa/src/drivers/driver_bsd.c head/contrib/wpa/src/drivers/driver_ndis.c head/contrib/wpa/src/drivers/driver_nl80211.h head/contrib/wpa/src/drivers/driver_nl80211_android.c head/contrib/wpa/src/drivers/driver_nl80211_capa.c head/contrib/wpa/src/drivers/driver_nl80211_event.c head/contrib/wpa/src/drivers/driver_nl80211_scan.c head/contrib/wpa/src/drivers/driver_privsep.c head/contrib/wpa/src/drivers/drivers.c head/contrib/wpa/src/eap_common/eap_common.c head/contrib/wpa/src/eap_common/eap_fast_common.c head/contrib/wpa/src/eap_common/eap_pwd_common.c head/contrib/wpa/src/eap_common/eap_pwd_common.h head/contrib/wpa/src/eap_common/eap_sake_common.c head/contrib/wpa/src/eap_common/ikev2_common.c head/contrib/wpa/src/eap_peer/eap.c head/contrib/wpa/src/eap_peer/eap.h head/contrib/wpa/src/eap_peer/eap_aka.c head/contrib/wpa/src/eap_peer/eap_eke.c head/contrib/wpa/src/eap_peer/eap_fast.c head/contrib/wpa/src/eap_peer/eap_gpsk.c head/contrib/wpa/src/eap_peer/eap_i.h head/contrib/wpa/src/eap_peer/eap_mschapv2.c head/contrib/wpa/src/eap_peer/eap_pax.c head/contrib/wpa/src/eap_peer/eap_peap.c head/contrib/wpa/src/eap_peer/eap_pwd.c head/contrib/wpa/src/eap_peer/eap_sake.c head/contrib/wpa/src/eap_peer/eap_sim.c head/contrib/wpa/src/eap_peer/eap_tls.c head/contrib/wpa/src/eap_peer/eap_tls_common.c head/contrib/wpa/src/eap_peer/eap_tls_common.h head/contrib/wpa/src/eap_peer/eap_ttls.c head/contrib/wpa/src/eap_peer/eap_wsc.c head/contrib/wpa/src/eap_server/eap.h head/contrib/wpa/src/eap_server/eap_i.h head/contrib/wpa/src/eap_server/eap_server.c head/contrib/wpa/src/eap_server/eap_server_eke.c head/contrib/wpa/src/eap_server/eap_server_fast.c head/contrib/wpa/src/eap_server/eap_server_mschapv2.c head/contrib/wpa/src/eap_server/eap_server_peap.c head/contrib/wpa/src/eap_server/eap_server_pwd.c head/contrib/wpa/src/eap_server/eap_server_tls.c head/contrib/wpa/src/eap_server/eap_server_tls_common.c head/contrib/wpa/src/eap_server/eap_server_ttls.c head/contrib/wpa/src/eap_server/eap_tls_common.h head/contrib/wpa/src/eapol_auth/eapol_auth_sm.c head/contrib/wpa/src/eapol_auth/eapol_auth_sm.h head/contrib/wpa/src/eapol_supp/eapol_supp_sm.c head/contrib/wpa/src/p2p/p2p.c head/contrib/wpa/src/p2p/p2p.h head/contrib/wpa/src/p2p/p2p_build.c head/contrib/wpa/src/p2p/p2p_dev_disc.c head/contrib/wpa/src/p2p/p2p_go_neg.c head/contrib/wpa/src/p2p/p2p_group.c head/contrib/wpa/src/p2p/p2p_i.h head/contrib/wpa/src/p2p/p2p_invitation.c head/contrib/wpa/src/p2p/p2p_parse.c head/contrib/wpa/src/p2p/p2p_pd.c head/contrib/wpa/src/p2p/p2p_utils.c head/contrib/wpa/src/radius/radius.c head/contrib/wpa/src/radius/radius_das.c head/contrib/wpa/src/radius/radius_server.c head/contrib/wpa/src/radius/radius_server.h head/contrib/wpa/src/rsn_supp/tdls.c head/contrib/wpa/src/rsn_supp/wpa.c head/contrib/wpa/src/rsn_supp/wpa_ft.c head/contrib/wpa/src/rsn_supp/wpa_ie.c head/contrib/wpa/src/rsn_supp/wpa_ie.h head/contrib/wpa/src/tls/libtommath.c head/contrib/wpa/src/tls/tlsv1_client.c head/contrib/wpa/src/tls/tlsv1_client.h head/contrib/wpa/src/tls/tlsv1_server.c head/contrib/wpa/src/tls/tlsv1_server.h head/contrib/wpa/src/tls/x509v3.c head/contrib/wpa/src/utils/browser-wpadebug.c head/contrib/wpa/src/utils/common.c head/contrib/wpa/src/utils/common.h head/contrib/wpa/src/utils/eloop.c head/contrib/wpa/src/utils/http_curl.c head/contrib/wpa/src/utils/includes.h head/contrib/wpa/src/utils/os.h head/contrib/wpa/src/utils/os_internal.c head/contrib/wpa/src/utils/os_none.c head/contrib/wpa/src/utils/os_unix.c head/contrib/wpa/src/utils/os_win32.c head/contrib/wpa/src/utils/radiotap.c head/contrib/wpa/src/utils/utils_module_tests.c head/contrib/wpa/src/utils/wpa_debug.c head/contrib/wpa/src/utils/wpa_debug.h head/contrib/wpa/src/utils/wpabuf.c head/contrib/wpa/src/wps/http_client.c head/contrib/wpa/src/wps/http_server.c head/contrib/wpa/src/wps/httpread.c head/contrib/wpa/src/wps/ndef.c head/contrib/wpa/src/wps/wps.c head/contrib/wpa/src/wps/wps.h head/contrib/wpa/src/wps/wps_attr_parse.c head/contrib/wpa/src/wps/wps_attr_parse.h head/contrib/wpa/src/wps/wps_common.c head/contrib/wpa/src/wps/wps_defs.h head/contrib/wpa/src/wps/wps_enrollee.c head/contrib/wpa/src/wps/wps_er.c head/contrib/wpa/src/wps/wps_er_ssdp.c head/contrib/wpa/src/wps/wps_module_tests.c head/contrib/wpa/src/wps/wps_registrar.c head/contrib/wpa/src/wps/wps_upnp.c head/contrib/wpa/src/wps/wps_upnp_ap.c head/contrib/wpa/src/wps/wps_upnp_event.c head/contrib/wpa/src/wps/wps_upnp_ssdp.c head/contrib/wpa/src/wps/wps_upnp_web.c head/contrib/wpa/src/wps/wps_validate.c head/contrib/wpa/wpa_supplicant/ChangeLog head/contrib/wpa/wpa_supplicant/ap.c head/contrib/wpa/wpa_supplicant/ap.h head/contrib/wpa/wpa_supplicant/bss.c head/contrib/wpa/wpa_supplicant/bss.h head/contrib/wpa/wpa_supplicant/config.c head/contrib/wpa/wpa_supplicant/config.h head/contrib/wpa/wpa_supplicant/config_file.c head/contrib/wpa/wpa_supplicant/config_ssid.h head/contrib/wpa/wpa_supplicant/ctrl_iface.c head/contrib/wpa/wpa_supplicant/ctrl_iface_named_pipe.c head/contrib/wpa/wpa_supplicant/ctrl_iface_udp.c head/contrib/wpa/wpa_supplicant/ctrl_iface_unix.c head/contrib/wpa/wpa_supplicant/dbus/dbus_new.c head/contrib/wpa/wpa_supplicant/dbus/dbus_new.h head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.c head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers.h head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.c head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_p2p.h head/contrib/wpa/wpa_supplicant/dbus/dbus_new_handlers_wps.c head/contrib/wpa/wpa_supplicant/dbus/dbus_new_helpers.c head/contrib/wpa/wpa_supplicant/dbus/dbus_new_introspect.c head/contrib/wpa/wpa_supplicant/dbus/dbus_old.c head/contrib/wpa/wpa_supplicant/dbus/dbus_old_handlers.c head/contrib/wpa/wpa_supplicant/defconfig head/contrib/wpa/wpa_supplicant/driver_i.h head/contrib/wpa/wpa_supplicant/eapol_test.c head/contrib/wpa/wpa_supplicant/events.c head/contrib/wpa/wpa_supplicant/hs20_supplicant.c head/contrib/wpa/wpa_supplicant/ibss_rsn.c head/contrib/wpa/wpa_supplicant/interworking.c head/contrib/wpa/wpa_supplicant/main.c head/contrib/wpa/wpa_supplicant/mesh.c head/contrib/wpa/wpa_supplicant/mesh_mpm.c head/contrib/wpa/wpa_supplicant/mesh_rsn.c head/contrib/wpa/wpa_supplicant/notify.c head/contrib/wpa/wpa_supplicant/notify.h head/contrib/wpa/wpa_supplicant/p2p_supplicant.c head/contrib/wpa/wpa_supplicant/p2p_supplicant.h head/contrib/wpa/wpa_supplicant/preauth_test.c head/contrib/wpa/wpa_supplicant/scan.c head/contrib/wpa/wpa_supplicant/sme.c head/contrib/wpa/wpa_supplicant/wpa_cli.c head/contrib/wpa/wpa_supplicant/wpa_priv.c head/contrib/wpa/wpa_supplicant/wpa_supplicant.c head/contrib/wpa/wpa_supplicant/wpa_supplicant.conf head/contrib/wpa/wpa_supplicant/wpa_supplicant_i.h head/contrib/wpa/wpa_supplicant/wpas_glue.c head/contrib/wpa/wpa_supplicant/wpas_glue.h head/contrib/wpa/wpa_supplicant/wps_supplicant.c head/contrib/wpa/wpa_supplicant/wps_supplicant.h head/usr.sbin/wpa/Makefile.crypto head/usr.sbin/wpa/hostapd/Makefile head/usr.sbin/wpa/wpa_supplicant/Makefile Directory Properties: head/contrib/wpa/ (props changed) Modified: head/contrib/wpa/hostapd/ChangeLog ============================================================================== --- head/contrib/wpa/hostapd/ChangeLog Sun Oct 18 20:37:10 2015 (r289548) +++ head/contrib/wpa/hostapd/ChangeLog Sun Oct 18 21:38:25 2015 (r289549) @@ -1,5 +1,41 @@ ChangeLog for hostapd +2015-09-27 - v2.5 + * fixed WPS UPnP vulnerability with HTTP chunked transfer encoding + [http://w1.fi/security/2015-2/] (CVE-2015-4141) + * fixed WMM Action frame parser + [http://w1.fi/security/2015-3/] (CVE-2015-4142) + * fixed EAP-pwd server missing payload length validation + [http://w1.fi/security/2015-4/] + (CVE-2015-4143, CVE-2015-4144, CVE-2015-4145) + * fixed validation of WPS and P2P NFC NDEF record payload length + [http://w1.fi/security/2015-5/] + * nl80211: + - fixed vendor command handling to check OUI properly + * fixed hlr_auc_gw build with OpenSSL + * hlr_auc_gw: allow Milenage RES length to be reduced + * disable HT for a station that does not support WMM/QoS + * added support for hashed password (NtHash) in EAP-pwd server + * fixed and extended dynamic VLAN cases + * added EAP-EKE server support for deriving Session-Id + * set Acct-Session-Id to a random value to make it more likely to be + unique even if the device does not have a proper clock + * added more 2.4 GHz channels for 20/40 MHz HT co-ex scan + * modified SAE routines to be more robust and PWE generation to be + stronger against timing attacks + * added support for Brainpool Elliptic Curves with SAE + * increases maximum value accepted for cwmin/cwmax + * added support for CCMP-256 and GCMP-256 as group ciphers with FT + * added Fast Session Transfer (FST) module + * removed optional fields from RSNE when using FT with PMF + (workaround for interoperability issues with iOS 8.4) + * added EAP server support for TLS session resumption + * fixed key derivation for Suite B 192-bit AKM (this breaks + compatibility with the earlier version) + * added mechanism to track unconnected stations and do minimal band + steering + * number of small fixes + 2015-03-15 - v2.4 * allow OpenSSL cipher configuration to be set for internal EAP server (openssl_ciphers parameter) Modified: head/contrib/wpa/hostapd/config_file.c ============================================================================== --- head/contrib/wpa/hostapd/config_file.c Sun Oct 18 20:37:10 2015 (r289548) +++ head/contrib/wpa/hostapd/config_file.c Sun Oct 18 21:38:25 2015 (r289549) @@ -222,9 +222,15 @@ static int hostapd_config_read_eap_user( return 0; if (os_strncmp(fname, "sqlite:", 7) == 0) { +#ifdef CONFIG_SQLITE os_free(conf->eap_user_sqlite); conf->eap_user_sqlite = os_strdup(fname + 7); return 0; +#else /* CONFIG_SQLITE */ + wpa_printf(MSG_ERROR, + "EAP user file in SQLite DB, but CONFIG_SQLITE was not enabled in the build."); + return -1; +#endif /* CONFIG_SQLITE */ } f = fopen(fname, "r"); @@ -775,6 +781,24 @@ static int hostapd_config_read_wep(struc } +static int hostapd_parse_chanlist(struct hostapd_config *conf, char *val) +{ + char *pos; + + /* for backwards compatibility, translate ' ' in conf str to ',' */ + pos = val; + while (pos) { + pos = os_strchr(pos, ' '); + if (pos) + *pos++ = ','; + } + if (freq_range_list_parse(&conf->acs_ch_list, val)) + return -1; + + return 0; +} + + static int hostapd_parse_intlist(int **int_list, char *val) { int *list; @@ -875,7 +899,9 @@ static int hostapd_config_read_int10(con static int valid_cw(int cw) { return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 || - cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023); + cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023 || + cw == 2047 || cw == 4095 || cw == 8191 || cw == 16383 || + cw == 32767); } @@ -886,11 +912,11 @@ enum { IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */ }; -static int hostapd_config_tx_queue(struct hostapd_config *conf, char *name, - char *val) +static int hostapd_config_tx_queue(struct hostapd_config *conf, + const char *name, const char *val) { int num; - char *pos; + const char *pos; struct hostapd_tx_queue_params *queue; /* skip 'tx_queue_' prefix */ @@ -1134,13 +1160,23 @@ static int hostapd_config_vht_capab(stru if (os_strstr(capab, "[BF-ANTENNA-2]") && (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE)) conf->vht_capab |= (1 << VHT_CAP_BEAMFORMEE_STS_OFFSET); + if (os_strstr(capab, "[BF-ANTENNA-3]") && + (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE)) + conf->vht_capab |= (2 << VHT_CAP_BEAMFORMEE_STS_OFFSET); + if (os_strstr(capab, "[BF-ANTENNA-4]") && + (conf->vht_capab & VHT_CAP_SU_BEAMFORMEE_CAPABLE)) + conf->vht_capab |= (3 << VHT_CAP_BEAMFORMEE_STS_OFFSET); if (os_strstr(capab, "[SOUNDING-DIMENSION-2]") && (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE)) conf->vht_capab |= (1 << VHT_CAP_SOUNDING_DIMENSION_OFFSET); + if (os_strstr(capab, "[SOUNDING-DIMENSION-3]") && + (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE)) + conf->vht_capab |= (2 << VHT_CAP_SOUNDING_DIMENSION_OFFSET); + if (os_strstr(capab, "[SOUNDING-DIMENSION-4]") && + (conf->vht_capab & VHT_CAP_SU_BEAMFORMER_CAPABLE)) + conf->vht_capab |= (3 << VHT_CAP_SOUNDING_DIMENSION_OFFSET); if (os_strstr(capab, "[MU-BEAMFORMER]")) conf->vht_capab |= VHT_CAP_MU_BEAMFORMER_CAPABLE; - if (os_strstr(capab, "[MU-BEAMFORMEE]")) - conf->vht_capab |= VHT_CAP_MU_BEAMFORMEE_CAPABLE; if (os_strstr(capab, "[VHT-TXOP-PS]")) conf->vht_capab |= VHT_CAP_VHT_TXOP_PS; if (os_strstr(capab, "[HTC-VHT]")) @@ -1699,7 +1735,7 @@ static int hs20_parse_osu_ssid(struct ho char *str; str = wpa_config_parse_string(pos, &slen); - if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) { + if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) { wpa_printf(MSG_ERROR, "Line %d: Invalid SSID '%s'", line, pos); os_free(str); return -1; @@ -1900,7 +1936,7 @@ fail: static int hostapd_config_fill(struct hostapd_config *conf, struct hostapd_bss_config *bss, - char *buf, char *pos, int line) + const char *buf, char *pos, int line) { if (os_strcmp(buf, "interface") == 0) { os_strlcpy(conf->bss[0]->iface, pos, @@ -1946,7 +1982,7 @@ static int hostapd_config_fill(struct ho line); } else if (os_strcmp(buf, "ssid") == 0) { bss->ssid.ssid_len = os_strlen(pos); - if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN || + if (bss->ssid.ssid_len > SSID_MAX_LEN || bss->ssid.ssid_len < 1) { wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'", line, pos); @@ -1957,7 +1993,7 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "ssid2") == 0) { size_t slen; char *str = wpa_config_parse_string(pos, &slen); - if (str == NULL || slen < 1 || slen > HOSTAPD_MAX_SSID_LEN) { + if (str == NULL || slen < 1 || slen > SSID_MAX_LEN) { wpa_printf(MSG_ERROR, "Line %d: invalid SSID '%s'", line, pos); os_free(str); @@ -2043,6 +2079,8 @@ static int hostapd_config_fill(struct ho bss->private_key_passwd = os_strdup(pos); } else if (os_strcmp(buf, "check_crl") == 0) { bss->check_crl = atoi(pos); + } else if (os_strcmp(buf, "tls_session_lifetime") == 0) { + bss->tls_session_lifetime = atoi(pos); } else if (os_strcmp(buf, "ocsp_stapling_response") == 0) { os_free(bss->ocsp_stapling_response); bss->ocsp_stapling_response = os_strdup(pos); @@ -2515,13 +2553,17 @@ static int hostapd_config_fill(struct ho conf->hw_mode = HOSTAPD_MODE_IEEE80211G; else if (os_strcmp(pos, "ad") == 0) conf->hw_mode = HOSTAPD_MODE_IEEE80211AD; + else if (os_strcmp(pos, "any") == 0) + conf->hw_mode = HOSTAPD_MODE_IEEE80211ANY; else { wpa_printf(MSG_ERROR, "Line %d: unknown hw_mode '%s'", line, pos); return 1; } } else if (os_strcmp(buf, "wps_rf_bands") == 0) { - if (os_strcmp(pos, "a") == 0) + if (os_strcmp(pos, "ad") == 0) + bss->wps_rf_bands = WPS_RF_60GHZ; + else if (os_strcmp(pos, "a") == 0) bss->wps_rf_bands = WPS_RF_50GHZ; else if (os_strcmp(pos, "g") == 0 || os_strcmp(pos, "b") == 0) @@ -2542,12 +2584,15 @@ static int hostapd_config_fill(struct ho line); return 1; #else /* CONFIG_ACS */ + conf->acs = 1; conf->channel = 0; #endif /* CONFIG_ACS */ - } else + } else { conf->channel = atoi(pos); + conf->acs = conf->channel == 0; + } } else if (os_strcmp(buf, "chanlist") == 0) { - if (hostapd_parse_intlist(&conf->chanlist, pos)) { + if (hostapd_parse_chanlist(conf, pos)) { wpa_printf(MSG_ERROR, "Line %d: invalid channel list", line); return 1; @@ -2810,7 +2855,7 @@ static int hostapd_config_fill(struct ho os_free(bss->wps_pin_requests); bss->wps_pin_requests = os_strdup(pos); } else if (os_strcmp(buf, "device_name") == 0) { - if (os_strlen(pos) > 32) { + if (os_strlen(pos) > WPS_DEV_NAME_MAX_LEN) { wpa_printf(MSG_ERROR, "Line %d: Too long " "device_name", line); return 1; @@ -3111,6 +3156,8 @@ static int hostapd_config_fill(struct ho bss->disable_dgaf = atoi(pos); } else if (os_strcmp(buf, "proxy_arp") == 0) { bss->proxy_arp = atoi(pos); + } else if (os_strcmp(buf, "na_mcast_to_ucast") == 0) { + bss->na_mcast_to_ucast = atoi(pos); } else if (os_strcmp(buf, "osen") == 0) { bss->osen = atoi(pos); } else if (os_strcmp(buf, "anqp_domain_id") == 0) { @@ -3223,6 +3270,24 @@ static int hostapd_config_fill(struct ho bss->bss_load_test_set = 1; } else if (os_strcmp(buf, "radio_measurements") == 0) { bss->radio_measurements = atoi(pos); + } else if (os_strcmp(buf, "own_ie_override") == 0) { + struct wpabuf *tmp; + size_t len = os_strlen(pos) / 2; + + tmp = wpabuf_alloc(len); + if (!tmp) + return 1; + + if (hexstr2bin(pos, wpabuf_put(tmp, len), len)) { + wpabuf_free(tmp); + wpa_printf(MSG_ERROR, + "Line %d: Invalid own_ie_override '%s'", + line, pos); + return 1; + } + + wpabuf_free(bss->own_ie_override); + bss->own_ie_override = tmp; #endif /* CONFIG_TESTING_OPTIONS */ } else if (os_strcmp(buf, "vendor_elements") == 0) { struct wpabuf *elems; @@ -3276,6 +3341,74 @@ static int hostapd_config_fill(struct ho } else if (os_strcmp(buf, "wowlan_triggers") == 0) { os_free(bss->wowlan_triggers); bss->wowlan_triggers = os_strdup(pos); +#ifdef CONFIG_FST + } else if (os_strcmp(buf, "fst_group_id") == 0) { + size_t len = os_strlen(pos); + + if (!len || len >= sizeof(conf->fst_cfg.group_id)) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid fst_group_id value '%s'", + line, pos); + return 1; + } + + if (conf->fst_cfg.group_id[0]) { + wpa_printf(MSG_ERROR, + "Line %d: Duplicate fst_group value '%s'", + line, pos); + return 1; + } + + os_strlcpy(conf->fst_cfg.group_id, pos, + sizeof(conf->fst_cfg.group_id)); + } else if (os_strcmp(buf, "fst_priority") == 0) { + char *endp; + long int val; + + if (!*pos) { + wpa_printf(MSG_ERROR, + "Line %d: fst_priority value not supplied (expected 1..%u)", + line, FST_MAX_PRIO_VALUE); + return -1; + } + + val = strtol(pos, &endp, 0); + if (*endp || val < 1 || val > FST_MAX_PRIO_VALUE) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid fst_priority %ld (%s) (expected 1..%u)", + line, val, pos, FST_MAX_PRIO_VALUE); + return 1; + } + conf->fst_cfg.priority = (u8) val; + } else if (os_strcmp(buf, "fst_llt") == 0) { + char *endp; + long int val; + + if (!*pos) { + wpa_printf(MSG_ERROR, + "Line %d: fst_llt value not supplied (expected 1..%u)", + line, FST_MAX_LLT_MS); + return -1; + } + val = strtol(pos, &endp, 0); + if (*endp || val < 1 || val > FST_MAX_LLT_MS) { + wpa_printf(MSG_ERROR, + "Line %d: Invalid fst_llt %ld (%s) (expected 1..%u)", + line, val, pos, FST_MAX_LLT_MS); + return 1; + } + conf->fst_cfg.llt = (u32) val; +#endif /* CONFIG_FST */ + } else if (os_strcmp(buf, "track_sta_max_num") == 0) { + conf->track_sta_max_num = atoi(pos); + } else if (os_strcmp(buf, "track_sta_max_age") == 0) { + conf->track_sta_max_age = atoi(pos); + } else if (os_strcmp(buf, "no_probe_resp_if_seen_on") == 0) { + os_free(bss->no_probe_resp_if_seen_on); + bss->no_probe_resp_if_seen_on = os_strdup(pos); + } else if (os_strcmp(buf, "no_auth_if_seen_on") == 0) { + os_free(bss->no_auth_if_seen_on); + bss->no_auth_if_seen_on = os_strdup(pos); } else { wpa_printf(MSG_ERROR, "Line %d: unknown configuration item '%s'", @@ -3378,7 +3511,8 @@ struct hostapd_config * hostapd_config_r int hostapd_set_iface(struct hostapd_config *conf, - struct hostapd_bss_config *bss, char *field, char *value) + struct hostapd_bss_config *bss, const char *field, + char *value) { int errors; size_t i; Modified: head/contrib/wpa/hostapd/config_file.h ============================================================================== --- head/contrib/wpa/hostapd/config_file.h Sun Oct 18 20:37:10 2015 (r289548) +++ head/contrib/wpa/hostapd/config_file.h Sun Oct 18 21:38:25 2015 (r289549) @@ -11,7 +11,7 @@ struct hostapd_config * hostapd_config_read(const char *fname); int hostapd_set_iface(struct hostapd_config *conf, - struct hostapd_bss_config *bss, char *field, + struct hostapd_bss_config *bss, const char *field, char *value); #endif /* CONFIG_FILE_H */ Modified: head/contrib/wpa/hostapd/ctrl_iface.c ============================================================================== --- head/contrib/wpa/hostapd/ctrl_iface.c Sun Oct 18 20:37:10 2015 (r289548) +++ head/contrib/wpa/hostapd/ctrl_iface.c Sun Oct 18 21:38:25 2015 (r289549) @@ -25,6 +25,7 @@ #include "common/ieee802_11_defs.h" #include "crypto/tls.h" #include "drivers/driver.h" +#include "eapol_auth/eapol_auth_sm.h" #include "radius/radius_client.h" #include "radius/radius_server.h" #include "l2_packet/l2_packet.h" @@ -43,10 +44,13 @@ #include "ap/beacon.h" #include "wps/wps_defs.h" #include "wps/wps.h" +#include "fst/fst_ctrl_iface.h" #include "config_file.h" #include "ctrl_iface.h" +#define HOSTAPD_CLI_DUP_VALUE_MAX_LEN 256 + struct wpa_ctrl_dst { struct wpa_ctrl_dst *next; struct sockaddr_un addr; @@ -57,6 +61,7 @@ struct wpa_ctrl_dst { static void hostapd_ctrl_iface_send(struct hostapd_data *hapd, int level, + enum wpa_msg_type type, const char *buf, size_t len); @@ -1055,6 +1060,97 @@ static int hostapd_ctrl_iface_bss_tm_req #endif /* CONFIG_WNM */ +static int hostapd_ctrl_iface_get_key_mgmt(struct hostapd_data *hapd, + char *buf, size_t buflen) +{ + int ret = 0; + char *pos, *end; + + pos = buf; + end = buf + buflen; + + WPA_ASSERT(hapd->conf->wpa_key_mgmt); + + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) { + ret = os_snprintf(pos, end - pos, "WPA-PSK "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) { + ret = os_snprintf(pos, end - pos, "WPA-EAP "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#ifdef CONFIG_IEEE80211R + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) { + ret = os_snprintf(pos, end - pos, "FT-PSK "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) { + ret = os_snprintf(pos, end - pos, "FT-EAP "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#ifdef CONFIG_SAE + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) { + ret = os_snprintf(pos, end - pos, "FT-SAE "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_SAE */ +#endif /* CONFIG_IEEE80211R */ +#ifdef CONFIG_IEEE80211W + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { + ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { + ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_IEEE80211W */ +#ifdef CONFIG_SAE + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) { + ret = os_snprintf(pos, end - pos, "SAE "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } +#endif /* CONFIG_SAE */ + if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { + ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa_key_mgmt & + WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { + ret = os_snprintf(pos, end - pos, + "WPA-EAP-SUITE-B-192 "); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + + if (pos > buf && *(pos - 1) == ' ') { + *(pos - 1) = '\0'; + pos--; + } + + return pos - buf; +} + + static int hostapd_ctrl_iface_get_config(struct hostapd_data *hapd, char *buf, size_t buflen) { @@ -1104,82 +1200,20 @@ static int hostapd_ctrl_iface_get_config } #endif /* CONFIG_WPS */ + if (hapd->conf->wpa) { + ret = os_snprintf(pos, end - pos, "wpa=%d\n", hapd->conf->wpa); + if (os_snprintf_error(end - pos, ret)) + return pos - buf; + pos += ret; + } + if (hapd->conf->wpa && hapd->conf->wpa_key_mgmt) { ret = os_snprintf(pos, end - pos, "key_mgmt="); if (os_snprintf_error(end - pos, ret)) return pos - buf; pos += ret; - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK) { - ret = os_snprintf(pos, end - pos, "WPA-PSK "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X) { - ret = os_snprintf(pos, end - pos, "WPA-EAP "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } -#ifdef CONFIG_IEEE80211R - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_PSK) { - ret = os_snprintf(pos, end - pos, "FT-PSK "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) { - ret = os_snprintf(pos, end - pos, "FT-EAP "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } -#ifdef CONFIG_SAE - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_FT_SAE) { - ret = os_snprintf(pos, end - pos, "FT-SAE "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } -#endif /* CONFIG_SAE */ -#endif /* CONFIG_IEEE80211R */ -#ifdef CONFIG_IEEE80211W - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_PSK_SHA256) { - ret = os_snprintf(pos, end - pos, "WPA-PSK-SHA256 "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) { - ret = os_snprintf(pos, end - pos, "WPA-EAP-SHA256 "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } -#endif /* CONFIG_IEEE80211W */ -#ifdef CONFIG_SAE - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_SAE) { - ret = os_snprintf(pos, end - pos, "SAE "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } -#endif /* CONFIG_SAE */ - if (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { - ret = os_snprintf(pos, end - pos, "WPA-EAP-SUITE-B "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } - if (hapd->conf->wpa_key_mgmt & - WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { - ret = os_snprintf(pos, end - pos, - "WPA-EAP-SUITE-B-192 "); - if (os_snprintf_error(end - pos, ret)) - return pos - buf; - pos += ret; - } + pos += hostapd_ctrl_iface_get_key_mgmt(hapd, pos, end - pos); ret = os_snprintf(pos, end - pos, "\n"); if (os_snprintf_error(end - pos, ret)) @@ -1528,7 +1562,7 @@ void hostapd_data_test_rx(void *ctx, con { struct hostapd_data *hapd = ctx; const struct ether_header *eth; - const struct iphdr *ip; + struct iphdr ip; const u8 *pos; unsigned int i; @@ -1536,14 +1570,14 @@ void hostapd_data_test_rx(void *ctx, con return; eth = (const struct ether_header *) buf; - ip = (const struct iphdr *) (eth + 1); - pos = (const u8 *) (ip + 1); + os_memcpy(&ip, eth + 1, sizeof(ip)); + pos = &buf[sizeof(*eth) + sizeof(ip)]; - if (ip->ihl != 5 || ip->version != 4 || - ntohs(ip->tot_len) != HWSIM_IP_LEN) + if (ip.ihl != 5 || ip.version != 4 || + ntohs(ip.tot_len) != HWSIM_IP_LEN) return; - for (i = 0; i < HWSIM_IP_LEN - sizeof(*ip); i++) { + for (i = 0; i < HWSIM_IP_LEN - sizeof(ip); i++) { if (*pos != (u8) i) return; pos++; @@ -1599,7 +1633,7 @@ static int hostapd_ctrl_iface_data_test_ int used; long int val; u8 tos; - u8 buf[HWSIM_PACKETLEN]; + u8 buf[2 + HWSIM_PACKETLEN]; struct ether_header *eth; struct iphdr *ip; u8 *dpos; @@ -1627,7 +1661,7 @@ static int hostapd_ctrl_iface_data_test_ return -1; tos = val; - eth = (struct ether_header *) buf; + eth = (struct ether_header *) &buf[2]; os_memcpy(eth->ether_dhost, dst, ETH_ALEN); os_memcpy(eth->ether_shost, src, ETH_ALEN); eth->ether_type = htons(ETHERTYPE_IP); @@ -1639,14 +1673,14 @@ static int hostapd_ctrl_iface_data_test_ ip->tos = tos; ip->tot_len = htons(HWSIM_IP_LEN); ip->protocol = 1; - ip->saddr = htonl(192 << 24 | 168 << 16 | 1 << 8 | 1); - ip->daddr = htonl(192 << 24 | 168 << 16 | 1 << 8 | 2); + ip->saddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 1); + ip->daddr = htonl(192U << 24 | 168 << 16 | 1 << 8 | 2); ip->check = ipv4_hdr_checksum(ip, sizeof(*ip)); dpos = (u8 *) (ip + 1); for (i = 0; i < HWSIM_IP_LEN - sizeof(*ip); i++) *dpos++ = i; - if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, buf, + if (l2_packet_send(hapd->l2_test, dst, ETHERTYPE_IP, &buf[2], HWSIM_PACKETLEN) < 0) return -1; @@ -1746,6 +1780,45 @@ static int hostapd_ctrl_get_alloc_fail(s #endif /* WPA_TRACE_BFD */ } + +static int hostapd_ctrl_test_fail(struct hostapd_data *hapd, char *cmd) +{ +#ifdef WPA_TRACE_BFD + extern char wpa_trace_test_fail_func[256]; + extern unsigned int wpa_trace_test_fail_after; + char *pos; + + wpa_trace_test_fail_after = atoi(cmd); + pos = os_strchr(cmd, ':'); + if (pos) { + pos++; + os_strlcpy(wpa_trace_test_fail_func, pos, + sizeof(wpa_trace_test_fail_func)); + } else { + wpa_trace_test_fail_after = 0; + } + + return 0; +#else /* WPA_TRACE_BFD */ + return -1; +#endif /* WPA_TRACE_BFD */ +} + + +static int hostapd_ctrl_get_fail(struct hostapd_data *hapd, + char *buf, size_t buflen) +{ +#ifdef WPA_TRACE_BFD + extern char wpa_trace_test_fail_func[256]; + extern unsigned int wpa_trace_test_fail_after; + + return os_snprintf(buf, buflen, "%u:%s", wpa_trace_test_fail_after, + wpa_trace_test_fail_func); +#else /* WPA_TRACE_BFD */ + return -1; +#endif /* WPA_TRACE_BFD */ +} + #endif /* CONFIG_TESTING_OPTIONS */ @@ -1847,41 +1920,134 @@ static int hostapd_ctrl_iface_vendor(str } -static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx, - void *sock_ctx) +static int hostapd_ctrl_iface_eapol_reauth(struct hostapd_data *hapd, + const char *cmd) { - struct hostapd_data *hapd = eloop_ctx; - char buf[4096]; - int res; - struct sockaddr_un from; - socklen_t fromlen = sizeof(from); - char *reply; - const int reply_size = 4096; - int reply_len; - int level = MSG_DEBUG; + u8 addr[ETH_ALEN]; + struct sta_info *sta; - res = recvfrom(sock, buf, sizeof(buf) - 1, 0, - (struct sockaddr *) &from, &fromlen); - if (res < 0) { - wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s", - strerror(errno)); - return; + if (hwaddr_aton(cmd, addr)) + return -1; + + sta = ap_get_sta(hapd, addr); + if (!sta || !sta->eapol_sm) + return -1; + + eapol_auth_reauthenticate(sta->eapol_sm); + return 0; +} + + +static int hostapd_ctrl_iface_eapol_set(struct hostapd_data *hapd, char *cmd) +{ + u8 addr[ETH_ALEN]; + struct sta_info *sta; + char *pos = cmd, *param; + + if (hwaddr_aton(pos, addr) || pos[17] != ' ') + return -1; + pos += 18; + param = pos; + pos = os_strchr(pos, ' '); + if (!pos) + return -1; + *pos++ = '\0'; + + sta = ap_get_sta(hapd, addr); + if (!sta || !sta->eapol_sm) + return -1; + + return eapol_auth_set_conf(sta->eapol_sm, param, pos); +} + + +static int hostapd_ctrl_iface_log_level(struct hostapd_data *hapd, char *cmd, + char *buf, size_t buflen) +{ + char *pos, *end, *stamp; + int ret; + + /* cmd: "LOG_LEVEL []" */ + if (*cmd == '\0') { + pos = buf; + end = buf + buflen; + ret = os_snprintf(pos, end - pos, "Current level: %s\n" + "Timestamp: %d\n", + debug_level_str(wpa_debug_level), + wpa_debug_timestamp); + if (os_snprintf_error(end - pos, ret)) + ret = 0; + + return ret; } - buf[res] = '\0'; - if (os_strcmp(buf, "PING") == 0) - level = MSG_EXCESSIVE; - wpa_hexdump_ascii(level, "RX ctrl_iface", (u8 *) buf, res); - reply = os_malloc(reply_size); - if (reply == NULL) { - if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from, - fromlen) < 0) { - wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s", - strerror(errno)); + while (*cmd == ' ') + cmd++; + + stamp = os_strchr(cmd, ' '); + if (stamp) { + *stamp++ = '\0'; + while (*stamp == ' ') { + stamp++; } - return; } + if (os_strlen(cmd)) { + int level = str_to_debug_level(cmd); + if (level < 0) + return -1; + wpa_debug_level = level; + } + + if (stamp && os_strlen(stamp)) + wpa_debug_timestamp = atoi(stamp); + + os_memcpy(buf, "OK\n", 3); + return 3; +} + + +#ifdef NEED_AP_MLME +static int hostapd_ctrl_iface_track_sta_list(struct hostapd_data *hapd, + char *buf, size_t buflen) +{ + struct hostapd_iface *iface = hapd->iface; + char *pos, *end; + struct hostapd_sta_info *info; + struct os_reltime now; + + sta_track_expire(iface, 0); + + pos = buf; + end = buf + buflen; + + os_get_reltime(&now); + dl_list_for_each_reverse(info, &iface->sta_seen, + struct hostapd_sta_info, list) { + struct os_reltime age; + int ret; + + os_reltime_sub(&now, &info->last_seen, &age); + ret = os_snprintf(pos, end - pos, MACSTR " %u\n", + MAC2STR(info->addr), (unsigned int) age.sec); + if (os_snprintf_error(end - pos, ret)) + break; + pos += ret; + } + + return pos - buf; +} +#endif /* NEED_AP_MLME */ + + +static int hostapd_ctrl_iface_receive_process(struct hostapd_data *hapd, + char *buf, char *reply, + int reply_size, + struct sockaddr_un *from, + socklen_t fromlen) +{ + int reply_len, res; + os_memcpy(reply, "OK\n", 3); reply_len = 3; @@ -1938,13 +2104,13 @@ static void hostapd_ctrl_iface_receive(i reply_len = hostapd_ctrl_iface_sta_next(hapd, buf + 9, reply, reply_size); } else if (os_strcmp(buf, "ATTACH") == 0) { - if (hostapd_ctrl_iface_attach(hapd, &from, fromlen)) + if (hostapd_ctrl_iface_attach(hapd, from, fromlen)) reply_len = -1; } else if (os_strcmp(buf, "DETACH") == 0) { - if (hostapd_ctrl_iface_detach(hapd, &from, fromlen)) + if (hostapd_ctrl_iface_detach(hapd, from, fromlen)) reply_len = -1; } else if (os_strncmp(buf, "LEVEL ", 6) == 0) { - if (hostapd_ctrl_iface_level(hapd, &from, fromlen, + if (hostapd_ctrl_iface_level(hapd, from, fromlen, buf + 6)) reply_len = -1; } else if (os_strncmp(buf, "NEW_STA ", 8) == 0) { @@ -2079,6 +2245,11 @@ static void hostapd_ctrl_iface_receive(i } else if (os_strcmp(buf, "GET_ALLOC_FAIL") == 0) { reply_len = hostapd_ctrl_get_alloc_fail(hapd, reply, reply_size); + } else if (os_strncmp(buf, "TEST_FAIL ", 10) == 0) { + if (hostapd_ctrl_test_fail(hapd, buf + 10) < 0) + reply_len = -1; + } else if (os_strcmp(buf, "GET_FAIL") == 0) { + reply_len = hostapd_ctrl_get_fail(hapd, reply, reply_size); #endif /* CONFIG_TESTING_OPTIONS */ } else if (os_strncmp(buf, "CHAN_SWITCH ", 12) == 0) { if (hostapd_ctrl_iface_chan_switch(hapd->iface, buf + 12)) @@ -2091,6 +2262,20 @@ static void hostapd_ctrl_iface_receive(i #ifdef RADIUS_SERVER radius_server_erp_flush(hapd->radius_srv); #endif /* RADIUS_SERVER */ + } else if (os_strncmp(buf, "EAPOL_REAUTH ", 13) == 0) { + if (hostapd_ctrl_iface_eapol_reauth(hapd, buf + 13)) + reply_len = -1; + } else if (os_strncmp(buf, "EAPOL_SET ", 10) == 0) { + if (hostapd_ctrl_iface_eapol_set(hapd, buf + 10)) + reply_len = -1; + } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) { + reply_len = hostapd_ctrl_iface_log_level( + hapd, buf + 9, reply, reply_size); +#ifdef NEED_AP_MLME + } else if (os_strcmp(buf, "TRACK_STA_LIST") == 0) { + reply_len = hostapd_ctrl_iface_track_sta_list( + hapd, reply, reply_size); +#endif /* NEED_AP_MLME */ } else { os_memcpy(reply, "UNKNOWN COMMAND\n", 16); reply_len = 16; @@ -2100,6 +2285,50 @@ static void hostapd_ctrl_iface_receive(i os_memcpy(reply, "FAIL\n", 5); reply_len = 5; } + + return reply_len; +} + + +static void hostapd_ctrl_iface_receive(int sock, void *eloop_ctx, + void *sock_ctx) +{ + struct hostapd_data *hapd = eloop_ctx; + char buf[4096]; + int res; + struct sockaddr_un from; + socklen_t fromlen = sizeof(from); + char *reply; + const int reply_size = 4096; + int reply_len; + int level = MSG_DEBUG; + + res = recvfrom(sock, buf, sizeof(buf) - 1, 0, + (struct sockaddr *) &from, &fromlen); + if (res < 0) { + wpa_printf(MSG_ERROR, "recvfrom(ctrl_iface): %s", + strerror(errno)); + return; + } + buf[res] = '\0'; + if (os_strcmp(buf, "PING") == 0) + level = MSG_EXCESSIVE; + wpa_hexdump_ascii(level, "RX ctrl_iface", (u8 *) buf, res); + + reply = os_malloc(reply_size); + if (reply == NULL) { + if (sendto(sock, "FAIL\n", 5, 0, (struct sockaddr *) &from, + fromlen) < 0) { + wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s", + strerror(errno)); + } + return; + } + + reply_len = hostapd_ctrl_iface_receive_process(hapd, buf, + reply, reply_size, + &from, fromlen); + if (sendto(sock, reply, reply_len, 0, (struct sockaddr *) &from, fromlen) < 0) { wpa_printf(MSG_DEBUG, "CTRL: sendto failed: %s", @@ -2130,13 +2359,14 @@ static char * hostapd_ctrl_iface_path(st } -static void hostapd_ctrl_iface_msg_cb(void *ctx, int level, int global, +static void hostapd_ctrl_iface_msg_cb(void *ctx, int level, + enum wpa_msg_type type, const char *txt, size_t len) { struct hostapd_data *hapd = ctx; if (hapd == NULL) return; - hostapd_ctrl_iface_send(hapd, level, txt, len); + hostapd_ctrl_iface_send(hapd, level, type, txt, len); } @@ -2359,6 +2589,58 @@ static int hostapd_ctrl_iface_remove(str } +static int hostapd_global_ctrl_iface_attach(struct hapd_interfaces *interfaces, + struct sockaddr_un *from, + socklen_t fromlen) +{ + struct wpa_ctrl_dst *dst; + + dst = os_zalloc(sizeof(*dst)); + if (dst == NULL) + return -1; + os_memcpy(&dst->addr, from, sizeof(struct sockaddr_un)); + dst->addrlen = fromlen; + dst->debug_level = MSG_INFO; + dst->next = interfaces->global_ctrl_dst; + interfaces->global_ctrl_dst = dst; + wpa_hexdump(MSG_DEBUG, "CTRL_IFACE monitor attached (global)", + from->sun_path, + fromlen - offsetof(struct sockaddr_un, sun_path)); + return 0; +} + + +static int hostapd_global_ctrl_iface_detach(struct hapd_interfaces *interfaces, + struct sockaddr_un *from, *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***