選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

config_file.c 57KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119
  1. /*
  2. * hostapd / Configuration file parser
  3. * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License version 2 as
  7. * published by the Free Software Foundation.
  8. *
  9. * Alternatively, this software may be distributed under the terms of BSD
  10. * license.
  11. *
  12. * See README and COPYING for more details.
  13. */
  14. #include "utils/includes.h"
  15. #ifndef CONFIG_NATIVE_WINDOWS
  16. #include <grp.h>
  17. #endif /* CONFIG_NATIVE_WINDOWS */
  18. #include "utils/common.h"
  19. #include "utils/uuid.h"
  20. #include "common/ieee802_11_defs.h"
  21. #include "drivers/driver.h"
  22. #include "eap_server/eap.h"
  23. #include "radius/radius_client.h"
  24. #include "ap/wpa_auth.h"
  25. #include "ap/ap_config.h"
  26. #include "config_file.h"
  27. extern struct wpa_driver_ops *wpa_drivers[];
  28. #ifndef CONFIG_NO_VLAN
  29. static int hostapd_config_read_vlan_file(struct hostapd_bss_config *bss,
  30. const char *fname)
  31. {
  32. FILE *f;
  33. char buf[128], *pos, *pos2;
  34. int line = 0, vlan_id;
  35. struct hostapd_vlan *vlan;
  36. f = fopen(fname, "r");
  37. if (!f) {
  38. wpa_printf(MSG_ERROR, "VLAN file '%s' not readable.", fname);
  39. return -1;
  40. }
  41. while (fgets(buf, sizeof(buf), f)) {
  42. line++;
  43. if (buf[0] == '#')
  44. continue;
  45. pos = buf;
  46. while (*pos != '\0') {
  47. if (*pos == '\n') {
  48. *pos = '\0';
  49. break;
  50. }
  51. pos++;
  52. }
  53. if (buf[0] == '\0')
  54. continue;
  55. if (buf[0] == '*') {
  56. vlan_id = VLAN_ID_WILDCARD;
  57. pos = buf + 1;
  58. } else {
  59. vlan_id = strtol(buf, &pos, 10);
  60. if (buf == pos || vlan_id < 1 ||
  61. vlan_id > MAX_VLAN_ID) {
  62. wpa_printf(MSG_ERROR, "Invalid VLAN ID at "
  63. "line %d in '%s'", line, fname);
  64. fclose(f);
  65. return -1;
  66. }
  67. }
  68. while (*pos == ' ' || *pos == '\t')
  69. pos++;
  70. pos2 = pos;
  71. while (*pos2 != ' ' && *pos2 != '\t' && *pos2 != '\0')
  72. pos2++;
  73. *pos2 = '\0';
  74. if (*pos == '\0' || os_strlen(pos) > IFNAMSIZ) {
  75. wpa_printf(MSG_ERROR, "Invalid VLAN ifname at line %d "
  76. "in '%s'", line, fname);
  77. fclose(f);
  78. return -1;
  79. }
  80. vlan = os_malloc(sizeof(*vlan));
  81. if (vlan == NULL) {
  82. wpa_printf(MSG_ERROR, "Out of memory while reading "
  83. "VLAN interfaces from '%s'", fname);
  84. fclose(f);
  85. return -1;
  86. }
  87. os_memset(vlan, 0, sizeof(*vlan));
  88. vlan->vlan_id = vlan_id;
  89. os_strlcpy(vlan->ifname, pos, sizeof(vlan->ifname));
  90. if (bss->vlan_tail)
  91. bss->vlan_tail->next = vlan;
  92. else
  93. bss->vlan = vlan;
  94. bss->vlan_tail = vlan;
  95. }
  96. fclose(f);
  97. return 0;
  98. }
  99. #endif /* CONFIG_NO_VLAN */
  100. static int hostapd_acl_comp(const void *a, const void *b)
  101. {
  102. const struct mac_acl_entry *aa = a;
  103. const struct mac_acl_entry *bb = b;
  104. return os_memcmp(aa->addr, bb->addr, sizeof(macaddr));
  105. }
  106. static int hostapd_config_read_maclist(const char *fname,
  107. struct mac_acl_entry **acl, int *num)
  108. {
  109. FILE *f;
  110. char buf[128], *pos;
  111. int line = 0;
  112. u8 addr[ETH_ALEN];
  113. struct mac_acl_entry *newacl;
  114. int vlan_id;
  115. if (!fname)
  116. return 0;
  117. f = fopen(fname, "r");
  118. if (!f) {
  119. wpa_printf(MSG_ERROR, "MAC list file '%s' not found.", fname);
  120. return -1;
  121. }
  122. while (fgets(buf, sizeof(buf), f)) {
  123. line++;
  124. if (buf[0] == '#')
  125. continue;
  126. pos = buf;
  127. while (*pos != '\0') {
  128. if (*pos == '\n') {
  129. *pos = '\0';
  130. break;
  131. }
  132. pos++;
  133. }
  134. if (buf[0] == '\0')
  135. continue;
  136. if (hwaddr_aton(buf, addr)) {
  137. wpa_printf(MSG_ERROR, "Invalid MAC address '%s' at "
  138. "line %d in '%s'", buf, line, fname);
  139. fclose(f);
  140. return -1;
  141. }
  142. vlan_id = 0;
  143. pos = buf;
  144. while (*pos != '\0' && *pos != ' ' && *pos != '\t')
  145. pos++;
  146. while (*pos == ' ' || *pos == '\t')
  147. pos++;
  148. if (*pos != '\0')
  149. vlan_id = atoi(pos);
  150. newacl = os_realloc(*acl, (*num + 1) * sizeof(**acl));
  151. if (newacl == NULL) {
  152. wpa_printf(MSG_ERROR, "MAC list reallocation failed");
  153. fclose(f);
  154. return -1;
  155. }
  156. *acl = newacl;
  157. os_memcpy((*acl)[*num].addr, addr, ETH_ALEN);
  158. (*acl)[*num].vlan_id = vlan_id;
  159. (*num)++;
  160. }
  161. fclose(f);
  162. qsort(*acl, *num, sizeof(**acl), hostapd_acl_comp);
  163. return 0;
  164. }
  165. #ifdef EAP_SERVER
  166. static int hostapd_config_read_eap_user(const char *fname,
  167. struct hostapd_bss_config *conf)
  168. {
  169. FILE *f;
  170. char buf[512], *pos, *start, *pos2;
  171. int line = 0, ret = 0, num_methods;
  172. struct hostapd_eap_user *user, *tail = NULL;
  173. if (!fname)
  174. return 0;
  175. f = fopen(fname, "r");
  176. if (!f) {
  177. wpa_printf(MSG_ERROR, "EAP user file '%s' not found.", fname);
  178. return -1;
  179. }
  180. /* Lines: "user" METHOD,METHOD2 "password" (password optional) */
  181. while (fgets(buf, sizeof(buf), f)) {
  182. line++;
  183. if (buf[0] == '#')
  184. continue;
  185. pos = buf;
  186. while (*pos != '\0') {
  187. if (*pos == '\n') {
  188. *pos = '\0';
  189. break;
  190. }
  191. pos++;
  192. }
  193. if (buf[0] == '\0')
  194. continue;
  195. user = NULL;
  196. if (buf[0] != '"' && buf[0] != '*') {
  197. wpa_printf(MSG_ERROR, "Invalid EAP identity (no \" in "
  198. "start) on line %d in '%s'", line, fname);
  199. goto failed;
  200. }
  201. user = os_zalloc(sizeof(*user));
  202. if (user == NULL) {
  203. wpa_printf(MSG_ERROR, "EAP user allocation failed");
  204. goto failed;
  205. }
  206. user->force_version = -1;
  207. if (buf[0] == '*') {
  208. pos = buf;
  209. } else {
  210. pos = buf + 1;
  211. start = pos;
  212. while (*pos != '"' && *pos != '\0')
  213. pos++;
  214. if (*pos == '\0') {
  215. wpa_printf(MSG_ERROR, "Invalid EAP identity "
  216. "(no \" in end) on line %d in '%s'",
  217. line, fname);
  218. goto failed;
  219. }
  220. user->identity = os_malloc(pos - start);
  221. if (user->identity == NULL) {
  222. wpa_printf(MSG_ERROR, "Failed to allocate "
  223. "memory for EAP identity");
  224. goto failed;
  225. }
  226. os_memcpy(user->identity, start, pos - start);
  227. user->identity_len = pos - start;
  228. if (pos[0] == '"' && pos[1] == '*') {
  229. user->wildcard_prefix = 1;
  230. pos++;
  231. }
  232. }
  233. pos++;
  234. while (*pos == ' ' || *pos == '\t')
  235. pos++;
  236. if (*pos == '\0') {
  237. wpa_printf(MSG_ERROR, "No EAP method on line %d in "
  238. "'%s'", line, fname);
  239. goto failed;
  240. }
  241. start = pos;
  242. while (*pos != ' ' && *pos != '\t' && *pos != '\0')
  243. pos++;
  244. if (*pos == '\0') {
  245. pos = NULL;
  246. } else {
  247. *pos = '\0';
  248. pos++;
  249. }
  250. num_methods = 0;
  251. while (*start) {
  252. char *pos3 = os_strchr(start, ',');
  253. if (pos3) {
  254. *pos3++ = '\0';
  255. }
  256. user->methods[num_methods].method =
  257. eap_server_get_type(
  258. start,
  259. &user->methods[num_methods].vendor);
  260. if (user->methods[num_methods].vendor ==
  261. EAP_VENDOR_IETF &&
  262. user->methods[num_methods].method == EAP_TYPE_NONE)
  263. {
  264. if (os_strcmp(start, "TTLS-PAP") == 0) {
  265. user->ttls_auth |= EAP_TTLS_AUTH_PAP;
  266. goto skip_eap;
  267. }
  268. if (os_strcmp(start, "TTLS-CHAP") == 0) {
  269. user->ttls_auth |= EAP_TTLS_AUTH_CHAP;
  270. goto skip_eap;
  271. }
  272. if (os_strcmp(start, "TTLS-MSCHAP") == 0) {
  273. user->ttls_auth |=
  274. EAP_TTLS_AUTH_MSCHAP;
  275. goto skip_eap;
  276. }
  277. if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) {
  278. user->ttls_auth |=
  279. EAP_TTLS_AUTH_MSCHAPV2;
  280. goto skip_eap;
  281. }
  282. wpa_printf(MSG_ERROR, "Unsupported EAP type "
  283. "'%s' on line %d in '%s'",
  284. start, line, fname);
  285. goto failed;
  286. }
  287. num_methods++;
  288. if (num_methods >= EAP_USER_MAX_METHODS)
  289. break;
  290. skip_eap:
  291. if (pos3 == NULL)
  292. break;
  293. start = pos3;
  294. }
  295. if (num_methods == 0 && user->ttls_auth == 0) {
  296. wpa_printf(MSG_ERROR, "No EAP types configured on "
  297. "line %d in '%s'", line, fname);
  298. goto failed;
  299. }
  300. if (pos == NULL)
  301. goto done;
  302. while (*pos == ' ' || *pos == '\t')
  303. pos++;
  304. if (*pos == '\0')
  305. goto done;
  306. if (os_strncmp(pos, "[ver=0]", 7) == 0) {
  307. user->force_version = 0;
  308. goto done;
  309. }
  310. if (os_strncmp(pos, "[ver=1]", 7) == 0) {
  311. user->force_version = 1;
  312. goto done;
  313. }
  314. if (os_strncmp(pos, "[2]", 3) == 0) {
  315. user->phase2 = 1;
  316. goto done;
  317. }
  318. if (*pos == '"') {
  319. pos++;
  320. start = pos;
  321. while (*pos != '"' && *pos != '\0')
  322. pos++;
  323. if (*pos == '\0') {
  324. wpa_printf(MSG_ERROR, "Invalid EAP password "
  325. "(no \" in end) on line %d in '%s'",
  326. line, fname);
  327. goto failed;
  328. }
  329. user->password = os_malloc(pos - start);
  330. if (user->password == NULL) {
  331. wpa_printf(MSG_ERROR, "Failed to allocate "
  332. "memory for EAP password");
  333. goto failed;
  334. }
  335. os_memcpy(user->password, start, pos - start);
  336. user->password_len = pos - start;
  337. pos++;
  338. } else if (os_strncmp(pos, "hash:", 5) == 0) {
  339. pos += 5;
  340. pos2 = pos;
  341. while (*pos2 != '\0' && *pos2 != ' ' &&
  342. *pos2 != '\t' && *pos2 != '#')
  343. pos2++;
  344. if (pos2 - pos != 32) {
  345. wpa_printf(MSG_ERROR, "Invalid password hash "
  346. "on line %d in '%s'", line, fname);
  347. goto failed;
  348. }
  349. user->password = os_malloc(16);
  350. if (user->password == NULL) {
  351. wpa_printf(MSG_ERROR, "Failed to allocate "
  352. "memory for EAP password hash");
  353. goto failed;
  354. }
  355. if (hexstr2bin(pos, user->password, 16) < 0) {
  356. wpa_printf(MSG_ERROR, "Invalid hash password "
  357. "on line %d in '%s'", line, fname);
  358. goto failed;
  359. }
  360. user->password_len = 16;
  361. user->password_hash = 1;
  362. pos = pos2;
  363. } else {
  364. pos2 = pos;
  365. while (*pos2 != '\0' && *pos2 != ' ' &&
  366. *pos2 != '\t' && *pos2 != '#')
  367. pos2++;
  368. if ((pos2 - pos) & 1) {
  369. wpa_printf(MSG_ERROR, "Invalid hex password "
  370. "on line %d in '%s'", line, fname);
  371. goto failed;
  372. }
  373. user->password = os_malloc((pos2 - pos) / 2);
  374. if (user->password == NULL) {
  375. wpa_printf(MSG_ERROR, "Failed to allocate "
  376. "memory for EAP password");
  377. goto failed;
  378. }
  379. if (hexstr2bin(pos, user->password,
  380. (pos2 - pos) / 2) < 0) {
  381. wpa_printf(MSG_ERROR, "Invalid hex password "
  382. "on line %d in '%s'", line, fname);
  383. goto failed;
  384. }
  385. user->password_len = (pos2 - pos) / 2;
  386. pos = pos2;
  387. }
  388. while (*pos == ' ' || *pos == '\t')
  389. pos++;
  390. if (os_strncmp(pos, "[2]", 3) == 0) {
  391. user->phase2 = 1;
  392. }
  393. done:
  394. if (tail == NULL) {
  395. tail = conf->eap_user = user;
  396. } else {
  397. tail->next = user;
  398. tail = user;
  399. }
  400. continue;
  401. failed:
  402. if (user) {
  403. os_free(user->password);
  404. os_free(user->identity);
  405. os_free(user);
  406. }
  407. ret = -1;
  408. break;
  409. }
  410. fclose(f);
  411. return ret;
  412. }
  413. #endif /* EAP_SERVER */
  414. #ifndef CONFIG_NO_RADIUS
  415. static int
  416. hostapd_config_read_radius_addr(struct hostapd_radius_server **server,
  417. int *num_server, const char *val, int def_port,
  418. struct hostapd_radius_server **curr_serv)
  419. {
  420. struct hostapd_radius_server *nserv;
  421. int ret;
  422. static int server_index = 1;
  423. nserv = os_realloc(*server, (*num_server + 1) * sizeof(*nserv));
  424. if (nserv == NULL)
  425. return -1;
  426. *server = nserv;
  427. nserv = &nserv[*num_server];
  428. (*num_server)++;
  429. (*curr_serv) = nserv;
  430. os_memset(nserv, 0, sizeof(*nserv));
  431. nserv->port = def_port;
  432. ret = hostapd_parse_ip_addr(val, &nserv->addr);
  433. nserv->index = server_index++;
  434. return ret;
  435. }
  436. #endif /* CONFIG_NO_RADIUS */
  437. static int hostapd_config_parse_key_mgmt(int line, const char *value)
  438. {
  439. int val = 0, last;
  440. char *start, *end, *buf;
  441. buf = os_strdup(value);
  442. if (buf == NULL)
  443. return -1;
  444. start = buf;
  445. while (*start != '\0') {
  446. while (*start == ' ' || *start == '\t')
  447. start++;
  448. if (*start == '\0')
  449. break;
  450. end = start;
  451. while (*end != ' ' && *end != '\t' && *end != '\0')
  452. end++;
  453. last = *end == '\0';
  454. *end = '\0';
  455. if (os_strcmp(start, "WPA-PSK") == 0)
  456. val |= WPA_KEY_MGMT_PSK;
  457. else if (os_strcmp(start, "WPA-EAP") == 0)
  458. val |= WPA_KEY_MGMT_IEEE8021X;
  459. #ifdef CONFIG_IEEE80211R
  460. else if (os_strcmp(start, "FT-PSK") == 0)
  461. val |= WPA_KEY_MGMT_FT_PSK;
  462. else if (os_strcmp(start, "FT-EAP") == 0)
  463. val |= WPA_KEY_MGMT_FT_IEEE8021X;
  464. #endif /* CONFIG_IEEE80211R */
  465. #ifdef CONFIG_IEEE80211W
  466. else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
  467. val |= WPA_KEY_MGMT_PSK_SHA256;
  468. else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
  469. val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
  470. #endif /* CONFIG_IEEE80211W */
  471. else {
  472. wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
  473. line, start);
  474. os_free(buf);
  475. return -1;
  476. }
  477. if (last)
  478. break;
  479. start = end + 1;
  480. }
  481. os_free(buf);
  482. if (val == 0) {
  483. wpa_printf(MSG_ERROR, "Line %d: no key_mgmt values "
  484. "configured.", line);
  485. return -1;
  486. }
  487. return val;
  488. }
  489. static int hostapd_config_parse_cipher(int line, const char *value)
  490. {
  491. int val = 0, last;
  492. char *start, *end, *buf;
  493. buf = os_strdup(value);
  494. if (buf == NULL)
  495. return -1;
  496. start = buf;
  497. while (*start != '\0') {
  498. while (*start == ' ' || *start == '\t')
  499. start++;
  500. if (*start == '\0')
  501. break;
  502. end = start;
  503. while (*end != ' ' && *end != '\t' && *end != '\0')
  504. end++;
  505. last = *end == '\0';
  506. *end = '\0';
  507. if (os_strcmp(start, "CCMP") == 0)
  508. val |= WPA_CIPHER_CCMP;
  509. else if (os_strcmp(start, "TKIP") == 0)
  510. val |= WPA_CIPHER_TKIP;
  511. else if (os_strcmp(start, "WEP104") == 0)
  512. val |= WPA_CIPHER_WEP104;
  513. else if (os_strcmp(start, "WEP40") == 0)
  514. val |= WPA_CIPHER_WEP40;
  515. else if (os_strcmp(start, "NONE") == 0)
  516. val |= WPA_CIPHER_NONE;
  517. else {
  518. wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
  519. line, start);
  520. os_free(buf);
  521. return -1;
  522. }
  523. if (last)
  524. break;
  525. start = end + 1;
  526. }
  527. os_free(buf);
  528. if (val == 0) {
  529. wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
  530. line);
  531. return -1;
  532. }
  533. return val;
  534. }
  535. static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx,
  536. char *val)
  537. {
  538. size_t len = os_strlen(val);
  539. if (keyidx < 0 || keyidx > 3 || wep->key[keyidx] != NULL)
  540. return -1;
  541. if (val[0] == '"') {
  542. if (len < 2 || val[len - 1] != '"')
  543. return -1;
  544. len -= 2;
  545. wep->key[keyidx] = os_malloc(len);
  546. if (wep->key[keyidx] == NULL)
  547. return -1;
  548. os_memcpy(wep->key[keyidx], val + 1, len);
  549. wep->len[keyidx] = len;
  550. } else {
  551. if (len & 1)
  552. return -1;
  553. len /= 2;
  554. wep->key[keyidx] = os_malloc(len);
  555. if (wep->key[keyidx] == NULL)
  556. return -1;
  557. wep->len[keyidx] = len;
  558. if (hexstr2bin(val, wep->key[keyidx], len) < 0)
  559. return -1;
  560. }
  561. wep->keys_set++;
  562. return 0;
  563. }
  564. static int hostapd_parse_rates(int **rate_list, char *val)
  565. {
  566. int *list;
  567. int count;
  568. char *pos, *end;
  569. os_free(*rate_list);
  570. *rate_list = NULL;
  571. pos = val;
  572. count = 0;
  573. while (*pos != '\0') {
  574. if (*pos == ' ')
  575. count++;
  576. pos++;
  577. }
  578. list = os_malloc(sizeof(int) * (count + 2));
  579. if (list == NULL)
  580. return -1;
  581. pos = val;
  582. count = 0;
  583. while (*pos != '\0') {
  584. end = os_strchr(pos, ' ');
  585. if (end)
  586. *end = '\0';
  587. list[count++] = atoi(pos);
  588. if (!end)
  589. break;
  590. pos = end + 1;
  591. }
  592. list[count] = -1;
  593. *rate_list = list;
  594. return 0;
  595. }
  596. static int hostapd_config_bss(struct hostapd_config *conf, const char *ifname)
  597. {
  598. struct hostapd_bss_config *bss;
  599. if (*ifname == '\0')
  600. return -1;
  601. bss = os_realloc(conf->bss, (conf->num_bss + 1) *
  602. sizeof(struct hostapd_bss_config));
  603. if (bss == NULL) {
  604. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  605. "multi-BSS entry");
  606. return -1;
  607. }
  608. conf->bss = bss;
  609. bss = &(conf->bss[conf->num_bss]);
  610. os_memset(bss, 0, sizeof(*bss));
  611. bss->radius = os_zalloc(sizeof(*bss->radius));
  612. if (bss->radius == NULL) {
  613. wpa_printf(MSG_ERROR, "Failed to allocate memory for "
  614. "multi-BSS RADIUS data");
  615. return -1;
  616. }
  617. conf->num_bss++;
  618. conf->last_bss = bss;
  619. hostapd_config_defaults_bss(bss);
  620. os_strlcpy(bss->iface, ifname, sizeof(bss->iface));
  621. os_memcpy(bss->ssid.vlan, bss->iface, IFNAMSIZ + 1);
  622. return 0;
  623. }
  624. /* convert floats with one decimal place to value*10 int, i.e.,
  625. * "1.5" will return 15 */
  626. static int hostapd_config_read_int10(const char *value)
  627. {
  628. int i, d;
  629. char *pos;
  630. i = atoi(value);
  631. pos = os_strchr(value, '.');
  632. d = 0;
  633. if (pos) {
  634. pos++;
  635. if (*pos >= '0' && *pos <= '9')
  636. d = *pos - '0';
  637. }
  638. return i * 10 + d;
  639. }
  640. static int valid_cw(int cw)
  641. {
  642. return (cw == 1 || cw == 3 || cw == 7 || cw == 15 || cw == 31 ||
  643. cw == 63 || cw == 127 || cw == 255 || cw == 511 || cw == 1023);
  644. }
  645. enum {
  646. IEEE80211_TX_QUEUE_DATA0 = 0, /* used for EDCA AC_VO data */
  647. IEEE80211_TX_QUEUE_DATA1 = 1, /* used for EDCA AC_VI data */
  648. IEEE80211_TX_QUEUE_DATA2 = 2, /* used for EDCA AC_BE data */
  649. IEEE80211_TX_QUEUE_DATA3 = 3 /* used for EDCA AC_BK data */
  650. };
  651. static int hostapd_config_tx_queue(struct hostapd_config *conf, char *name,
  652. char *val)
  653. {
  654. int num;
  655. char *pos;
  656. struct hostapd_tx_queue_params *queue;
  657. /* skip 'tx_queue_' prefix */
  658. pos = name + 9;
  659. if (os_strncmp(pos, "data", 4) == 0 &&
  660. pos[4] >= '0' && pos[4] <= '9' && pos[5] == '_') {
  661. num = pos[4] - '0';
  662. pos += 6;
  663. } else if (os_strncmp(pos, "after_beacon_", 13) == 0 ||
  664. os_strncmp(pos, "beacon_", 7) == 0) {
  665. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  666. return 0;
  667. } else {
  668. wpa_printf(MSG_ERROR, "Unknown tx_queue name '%s'", pos);
  669. return -1;
  670. }
  671. if (num >= NUM_TX_QUEUES) {
  672. /* for backwards compatibility, do not trigger failure */
  673. wpa_printf(MSG_INFO, "DEPRECATED: '%s' not used", name);
  674. return 0;
  675. }
  676. queue = &conf->tx_queue[num];
  677. if (os_strcmp(pos, "aifs") == 0) {
  678. queue->aifs = atoi(val);
  679. if (queue->aifs < 0 || queue->aifs > 255) {
  680. wpa_printf(MSG_ERROR, "Invalid AIFS value %d",
  681. queue->aifs);
  682. return -1;
  683. }
  684. } else if (os_strcmp(pos, "cwmin") == 0) {
  685. queue->cwmin = atoi(val);
  686. if (!valid_cw(queue->cwmin)) {
  687. wpa_printf(MSG_ERROR, "Invalid cwMin value %d",
  688. queue->cwmin);
  689. return -1;
  690. }
  691. } else if (os_strcmp(pos, "cwmax") == 0) {
  692. queue->cwmax = atoi(val);
  693. if (!valid_cw(queue->cwmax)) {
  694. wpa_printf(MSG_ERROR, "Invalid cwMax value %d",
  695. queue->cwmax);
  696. return -1;
  697. }
  698. } else if (os_strcmp(pos, "burst") == 0) {
  699. queue->burst = hostapd_config_read_int10(val);
  700. } else {
  701. wpa_printf(MSG_ERROR, "Unknown tx_queue field '%s'", pos);
  702. return -1;
  703. }
  704. return 0;
  705. }
  706. static int hostapd_config_wmm_ac(struct hostapd_config *conf, char *name,
  707. char *val)
  708. {
  709. int num, v;
  710. char *pos;
  711. struct hostapd_wmm_ac_params *ac;
  712. /* skip 'wme_ac_' or 'wmm_ac_' prefix */
  713. pos = name + 7;
  714. if (os_strncmp(pos, "be_", 3) == 0) {
  715. num = 0;
  716. pos += 3;
  717. } else if (os_strncmp(pos, "bk_", 3) == 0) {
  718. num = 1;
  719. pos += 3;
  720. } else if (os_strncmp(pos, "vi_", 3) == 0) {
  721. num = 2;
  722. pos += 3;
  723. } else if (os_strncmp(pos, "vo_", 3) == 0) {
  724. num = 3;
  725. pos += 3;
  726. } else {
  727. wpa_printf(MSG_ERROR, "Unknown WMM name '%s'", pos);
  728. return -1;
  729. }
  730. ac = &conf->wmm_ac_params[num];
  731. if (os_strcmp(pos, "aifs") == 0) {
  732. v = atoi(val);
  733. if (v < 1 || v > 255) {
  734. wpa_printf(MSG_ERROR, "Invalid AIFS value %d", v);
  735. return -1;
  736. }
  737. ac->aifs = v;
  738. } else if (os_strcmp(pos, "cwmin") == 0) {
  739. v = atoi(val);
  740. if (v < 0 || v > 12) {
  741. wpa_printf(MSG_ERROR, "Invalid cwMin value %d", v);
  742. return -1;
  743. }
  744. ac->cwmin = v;
  745. } else if (os_strcmp(pos, "cwmax") == 0) {
  746. v = atoi(val);
  747. if (v < 0 || v > 12) {
  748. wpa_printf(MSG_ERROR, "Invalid cwMax value %d", v);
  749. return -1;
  750. }
  751. ac->cwmax = v;
  752. } else if (os_strcmp(pos, "txop_limit") == 0) {
  753. v = atoi(val);
  754. if (v < 0 || v > 0xffff) {
  755. wpa_printf(MSG_ERROR, "Invalid txop value %d", v);
  756. return -1;
  757. }
  758. ac->txop_limit = v;
  759. } else if (os_strcmp(pos, "acm") == 0) {
  760. v = atoi(val);
  761. if (v < 0 || v > 1) {
  762. wpa_printf(MSG_ERROR, "Invalid acm value %d", v);
  763. return -1;
  764. }
  765. ac->admission_control_mandatory = v;
  766. } else {
  767. wpa_printf(MSG_ERROR, "Unknown wmm_ac_ field '%s'", pos);
  768. return -1;
  769. }
  770. return 0;
  771. }
  772. #ifdef CONFIG_IEEE80211R
  773. static int add_r0kh(struct hostapd_bss_config *bss, char *value)
  774. {
  775. struct ft_remote_r0kh *r0kh;
  776. char *pos, *next;
  777. r0kh = os_zalloc(sizeof(*r0kh));
  778. if (r0kh == NULL)
  779. return -1;
  780. /* 02:01:02:03:04:05 a.example.com 000102030405060708090a0b0c0d0e0f */
  781. pos = value;
  782. next = os_strchr(pos, ' ');
  783. if (next)
  784. *next++ = '\0';
  785. if (next == NULL || hwaddr_aton(pos, r0kh->addr)) {
  786. wpa_printf(MSG_ERROR, "Invalid R0KH MAC address: '%s'", pos);
  787. os_free(r0kh);
  788. return -1;
  789. }
  790. pos = next;
  791. next = os_strchr(pos, ' ');
  792. if (next)
  793. *next++ = '\0';
  794. if (next == NULL || next - pos > FT_R0KH_ID_MAX_LEN) {
  795. wpa_printf(MSG_ERROR, "Invalid R0KH-ID: '%s'", pos);
  796. os_free(r0kh);
  797. return -1;
  798. }
  799. r0kh->id_len = next - pos - 1;
  800. os_memcpy(r0kh->id, pos, r0kh->id_len);
  801. pos = next;
  802. if (hexstr2bin(pos, r0kh->key, sizeof(r0kh->key))) {
  803. wpa_printf(MSG_ERROR, "Invalid R0KH key: '%s'", pos);
  804. os_free(r0kh);
  805. return -1;
  806. }
  807. r0kh->next = bss->r0kh_list;
  808. bss->r0kh_list = r0kh;
  809. return 0;
  810. }
  811. static int add_r1kh(struct hostapd_bss_config *bss, char *value)
  812. {
  813. struct ft_remote_r1kh *r1kh;
  814. char *pos, *next;
  815. r1kh = os_zalloc(sizeof(*r1kh));
  816. if (r1kh == NULL)
  817. return -1;
  818. /* 02:01:02:03:04:05 02:01:02:03:04:05
  819. * 000102030405060708090a0b0c0d0e0f */
  820. pos = value;
  821. next = os_strchr(pos, ' ');
  822. if (next)
  823. *next++ = '\0';
  824. if (next == NULL || hwaddr_aton(pos, r1kh->addr)) {
  825. wpa_printf(MSG_ERROR, "Invalid R1KH MAC address: '%s'", pos);
  826. os_free(r1kh);
  827. return -1;
  828. }
  829. pos = next;
  830. next = os_strchr(pos, ' ');
  831. if (next)
  832. *next++ = '\0';
  833. if (next == NULL || hwaddr_aton(pos, r1kh->id)) {
  834. wpa_printf(MSG_ERROR, "Invalid R1KH-ID: '%s'", pos);
  835. os_free(r1kh);
  836. return -1;
  837. }
  838. pos = next;
  839. if (hexstr2bin(pos, r1kh->key, sizeof(r1kh->key))) {
  840. wpa_printf(MSG_ERROR, "Invalid R1KH key: '%s'", pos);
  841. os_free(r1kh);
  842. return -1;
  843. }
  844. r1kh->next = bss->r1kh_list;
  845. bss->r1kh_list = r1kh;
  846. return 0;
  847. }
  848. #endif /* CONFIG_IEEE80211R */
  849. #ifdef CONFIG_IEEE80211N
  850. static int hostapd_config_ht_capab(struct hostapd_config *conf,
  851. const char *capab)
  852. {
  853. if (os_strstr(capab, "[LDPC]"))
  854. conf->ht_capab |= HT_CAP_INFO_LDPC_CODING_CAP;
  855. if (os_strstr(capab, "[HT40-]")) {
  856. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  857. conf->secondary_channel = -1;
  858. }
  859. if (os_strstr(capab, "[HT40+]")) {
  860. conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET;
  861. conf->secondary_channel = 1;
  862. }
  863. if (os_strstr(capab, "[SMPS-STATIC]")) {
  864. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  865. conf->ht_capab |= HT_CAP_INFO_SMPS_STATIC;
  866. }
  867. if (os_strstr(capab, "[SMPS-DYNAMIC]")) {
  868. conf->ht_capab &= ~HT_CAP_INFO_SMPS_MASK;
  869. conf->ht_capab |= HT_CAP_INFO_SMPS_DYNAMIC;
  870. }
  871. if (os_strstr(capab, "[GF]"))
  872. conf->ht_capab |= HT_CAP_INFO_GREEN_FIELD;
  873. if (os_strstr(capab, "[SHORT-GI-20]"))
  874. conf->ht_capab |= HT_CAP_INFO_SHORT_GI20MHZ;
  875. if (os_strstr(capab, "[SHORT-GI-40]"))
  876. conf->ht_capab |= HT_CAP_INFO_SHORT_GI40MHZ;
  877. if (os_strstr(capab, "[TX-STBC]"))
  878. conf->ht_capab |= HT_CAP_INFO_TX_STBC;
  879. if (os_strstr(capab, "[RX-STBC1]")) {
  880. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  881. conf->ht_capab |= HT_CAP_INFO_RX_STBC_1;
  882. }
  883. if (os_strstr(capab, "[RX-STBC12]")) {
  884. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  885. conf->ht_capab |= HT_CAP_INFO_RX_STBC_12;
  886. }
  887. if (os_strstr(capab, "[RX-STBC123]")) {
  888. conf->ht_capab &= ~HT_CAP_INFO_RX_STBC_MASK;
  889. conf->ht_capab |= HT_CAP_INFO_RX_STBC_123;
  890. }
  891. if (os_strstr(capab, "[DELAYED-BA]"))
  892. conf->ht_capab |= HT_CAP_INFO_DELAYED_BA;
  893. if (os_strstr(capab, "[MAX-AMSDU-7935]"))
  894. conf->ht_capab |= HT_CAP_INFO_MAX_AMSDU_SIZE;
  895. if (os_strstr(capab, "[DSSS_CCK-40]"))
  896. conf->ht_capab |= HT_CAP_INFO_DSSS_CCK40MHZ;
  897. if (os_strstr(capab, "[PSMP]"))
  898. conf->ht_capab |= HT_CAP_INFO_PSMP_SUPP;
  899. if (os_strstr(capab, "[LSIG-TXOP-PROT]"))
  900. conf->ht_capab |= HT_CAP_INFO_LSIG_TXOP_PROTECT_SUPPORT;
  901. return 0;
  902. }
  903. #endif /* CONFIG_IEEE80211N */
  904. static int hostapd_config_check_bss(struct hostapd_bss_config *bss,
  905. struct hostapd_config *conf)
  906. {
  907. if (bss->ieee802_1x && !bss->eap_server &&
  908. !bss->radius->auth_servers) {
  909. wpa_printf(MSG_ERROR, "Invalid IEEE 802.1X configuration (no "
  910. "EAP authenticator configured).");
  911. return -1;
  912. }
  913. if (bss->wpa && (bss->wpa_key_mgmt & WPA_KEY_MGMT_PSK) &&
  914. bss->ssid.wpa_psk == NULL && bss->ssid.wpa_passphrase == NULL &&
  915. bss->ssid.wpa_psk_file == NULL) {
  916. wpa_printf(MSG_ERROR, "WPA-PSK enabled, but PSK or passphrase "
  917. "is not configured.");
  918. return -1;
  919. }
  920. if (hostapd_mac_comp_empty(bss->bssid) != 0) {
  921. size_t i;
  922. for (i = 0; i < conf->num_bss; i++) {
  923. if ((&conf->bss[i] != bss) &&
  924. (hostapd_mac_comp(conf->bss[i].bssid,
  925. bss->bssid) == 0)) {
  926. wpa_printf(MSG_ERROR, "Duplicate BSSID " MACSTR
  927. " on interface '%s' and '%s'.",
  928. MAC2STR(bss->bssid),
  929. conf->bss[i].iface, bss->iface);
  930. return -1;
  931. }
  932. }
  933. }
  934. #ifdef CONFIG_IEEE80211R
  935. if ((bss->wpa_key_mgmt &
  936. (WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X)) &&
  937. (bss->nas_identifier == NULL ||
  938. os_strlen(bss->nas_identifier) < 1 ||
  939. os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) {
  940. wpa_printf(MSG_ERROR, "FT (IEEE 802.11r) requires "
  941. "nas_identifier to be configured as a 1..48 octet "
  942. "string");
  943. return -1;
  944. }
  945. #endif /* CONFIG_IEEE80211R */
  946. #ifdef CONFIG_IEEE80211N
  947. if (conf->ieee80211n &&
  948. bss->ssid.security_policy == SECURITY_STATIC_WEP) {
  949. bss->disable_11n = 1;
  950. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WEP is not "
  951. "allowed, disabling HT capabilities");
  952. }
  953. if (conf->ieee80211n && bss->wpa &&
  954. !(bss->wpa_pairwise & WPA_CIPHER_CCMP) &&
  955. !(bss->rsn_pairwise & WPA_CIPHER_CCMP)) {
  956. bss->disable_11n = 1;
  957. wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 "
  958. "requires CCMP to be enabled, disabling HT "
  959. "capabilities");
  960. }
  961. #endif /* CONFIG_IEEE80211N */
  962. #ifdef CONFIG_WPS2
  963. if (bss->wps_state && bss->ignore_broadcast_ssid) {
  964. wpa_printf(MSG_INFO, "WPS: ignore_broadcast_ssid "
  965. "configuration forced WPS to be disabled");
  966. bss->wps_state = 0;
  967. }
  968. if (bss->wps_state && bss->ssid.wep.keys_set && bss->wpa == 0) {
  969. wpa_printf(MSG_INFO, "WPS: WEP configuration forced WPS to be "
  970. "disabled");
  971. bss->wps_state = 0;
  972. }
  973. #endif /* CONFIG_WPS2 */
  974. return 0;
  975. }
  976. static int hostapd_config_check(struct hostapd_config *conf)
  977. {
  978. size_t i;
  979. if (conf->ieee80211d && (!conf->country[0] || !conf->country[1])) {
  980. wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11d without "
  981. "setting the country_code");
  982. return -1;
  983. }
  984. for (i = 0; i < conf->num_bss; i++) {
  985. if (hostapd_config_check_bss(&conf->bss[i], conf))
  986. return -1;
  987. }
  988. return 0;
  989. }
  990. /**
  991. * hostapd_config_read - Read and parse a configuration file
  992. * @fname: Configuration file name (including path, if needed)
  993. * Returns: Allocated configuration data structure
  994. */
  995. struct hostapd_config * hostapd_config_read(const char *fname)
  996. {
  997. struct hostapd_config *conf;
  998. struct hostapd_bss_config *bss;
  999. FILE *f;
  1000. char buf[256], *pos;
  1001. int line = 0;
  1002. int errors = 0;
  1003. int pairwise;
  1004. size_t i;
  1005. f = fopen(fname, "r");
  1006. if (f == NULL) {
  1007. wpa_printf(MSG_ERROR, "Could not open configuration file '%s' "
  1008. "for reading.", fname);
  1009. return NULL;
  1010. }
  1011. conf = hostapd_config_defaults();
  1012. if (conf == NULL) {
  1013. fclose(f);
  1014. return NULL;
  1015. }
  1016. /* set default driver based on configuration */
  1017. conf->driver = wpa_drivers[0];
  1018. if (conf->driver == NULL) {
  1019. wpa_printf(MSG_ERROR, "No driver wrappers registered!");
  1020. hostapd_config_free(conf);
  1021. fclose(f);
  1022. return NULL;
  1023. }
  1024. bss = conf->last_bss = conf->bss;
  1025. while (fgets(buf, sizeof(buf), f)) {
  1026. bss = conf->last_bss;
  1027. line++;
  1028. if (buf[0] == '#')
  1029. continue;
  1030. pos = buf;
  1031. while (*pos != '\0') {
  1032. if (*pos == '\n') {
  1033. *pos = '\0';
  1034. break;
  1035. }
  1036. pos++;
  1037. }
  1038. if (buf[0] == '\0')
  1039. continue;
  1040. pos = os_strchr(buf, '=');
  1041. if (pos == NULL) {
  1042. wpa_printf(MSG_ERROR, "Line %d: invalid line '%s'",
  1043. line, buf);
  1044. errors++;
  1045. continue;
  1046. }
  1047. *pos = '\0';
  1048. pos++;
  1049. if (os_strcmp(buf, "interface") == 0) {
  1050. os_strlcpy(conf->bss[0].iface, pos,
  1051. sizeof(conf->bss[0].iface));
  1052. } else if (os_strcmp(buf, "bridge") == 0) {
  1053. os_strlcpy(bss->bridge, pos, sizeof(bss->bridge));
  1054. } else if (os_strcmp(buf, "wds_bridge") == 0) {
  1055. os_strlcpy(bss->wds_bridge, pos,
  1056. sizeof(bss->wds_bridge));
  1057. } else if (os_strcmp(buf, "driver") == 0) {
  1058. int j;
  1059. /* clear to get error below if setting is invalid */
  1060. conf->driver = NULL;
  1061. for (j = 0; wpa_drivers[j]; j++) {
  1062. if (os_strcmp(pos, wpa_drivers[j]->name) == 0)
  1063. {
  1064. conf->driver = wpa_drivers[j];
  1065. break;
  1066. }
  1067. }
  1068. if (conf->driver == NULL) {
  1069. wpa_printf(MSG_ERROR, "Line %d: invalid/"
  1070. "unknown driver '%s'", line, pos);
  1071. errors++;
  1072. }
  1073. } else if (os_strcmp(buf, "debug") == 0) {
  1074. wpa_printf(MSG_DEBUG, "Line %d: DEPRECATED: 'debug' "
  1075. "configuration variable is not used "
  1076. "anymore", line);
  1077. } else if (os_strcmp(buf, "logger_syslog_level") == 0) {
  1078. bss->logger_syslog_level = atoi(pos);
  1079. } else if (os_strcmp(buf, "logger_stdout_level") == 0) {
  1080. bss->logger_stdout_level = atoi(pos);
  1081. } else if (os_strcmp(buf, "logger_syslog") == 0) {
  1082. bss->logger_syslog = atoi(pos);
  1083. } else if (os_strcmp(buf, "logger_stdout") == 0) {
  1084. bss->logger_stdout = atoi(pos);
  1085. } else if (os_strcmp(buf, "dump_file") == 0) {
  1086. bss->dump_log_name = os_strdup(pos);
  1087. } else if (os_strcmp(buf, "ssid") == 0) {
  1088. bss->ssid.ssid_len = os_strlen(pos);
  1089. if (bss->ssid.ssid_len > HOSTAPD_MAX_SSID_LEN ||
  1090. bss->ssid.ssid_len < 1) {
  1091. wpa_printf(MSG_ERROR, "Line %d: invalid SSID "
  1092. "'%s'", line, pos);
  1093. errors++;
  1094. } else {
  1095. os_memcpy(bss->ssid.ssid, pos,
  1096. bss->ssid.ssid_len);
  1097. bss->ssid.ssid[bss->ssid.ssid_len] = '\0';
  1098. bss->ssid.ssid_set = 1;
  1099. }
  1100. } else if (os_strcmp(buf, "macaddr_acl") == 0) {
  1101. bss->macaddr_acl = atoi(pos);
  1102. if (bss->macaddr_acl != ACCEPT_UNLESS_DENIED &&
  1103. bss->macaddr_acl != DENY_UNLESS_ACCEPTED &&
  1104. bss->macaddr_acl != USE_EXTERNAL_RADIUS_AUTH) {
  1105. wpa_printf(MSG_ERROR, "Line %d: unknown "
  1106. "macaddr_acl %d",
  1107. line, bss->macaddr_acl);
  1108. }
  1109. } else if (os_strcmp(buf, "accept_mac_file") == 0) {
  1110. if (hostapd_config_read_maclist(pos, &bss->accept_mac,
  1111. &bss->num_accept_mac))
  1112. {
  1113. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1114. "read accept_mac_file '%s'",
  1115. line, pos);
  1116. errors++;
  1117. }
  1118. } else if (os_strcmp(buf, "deny_mac_file") == 0) {
  1119. if (hostapd_config_read_maclist(pos, &bss->deny_mac,
  1120. &bss->num_deny_mac)) {
  1121. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1122. "read deny_mac_file '%s'",
  1123. line, pos);
  1124. errors++;
  1125. }
  1126. } else if (os_strcmp(buf, "wds_sta") == 0) {
  1127. bss->wds_sta = atoi(pos);
  1128. } else if (os_strcmp(buf, "ap_isolate") == 0) {
  1129. bss->isolate = atoi(pos);
  1130. } else if (os_strcmp(buf, "ap_max_inactivity") == 0) {
  1131. bss->ap_max_inactivity = atoi(pos);
  1132. } else if (os_strcmp(buf, "country_code") == 0) {
  1133. os_memcpy(conf->country, pos, 2);
  1134. /* FIX: make this configurable */
  1135. conf->country[2] = ' ';
  1136. } else if (os_strcmp(buf, "ieee80211d") == 0) {
  1137. conf->ieee80211d = atoi(pos);
  1138. } else if (os_strcmp(buf, "ieee8021x") == 0) {
  1139. bss->ieee802_1x = atoi(pos);
  1140. } else if (os_strcmp(buf, "eapol_version") == 0) {
  1141. bss->eapol_version = atoi(pos);
  1142. if (bss->eapol_version < 1 ||
  1143. bss->eapol_version > 2) {
  1144. wpa_printf(MSG_ERROR, "Line %d: invalid EAPOL "
  1145. "version (%d): '%s'.",
  1146. line, bss->eapol_version, pos);
  1147. errors++;
  1148. } else
  1149. wpa_printf(MSG_DEBUG, "eapol_version=%d",
  1150. bss->eapol_version);
  1151. #ifdef EAP_SERVER
  1152. } else if (os_strcmp(buf, "eap_authenticator") == 0) {
  1153. bss->eap_server = atoi(pos);
  1154. wpa_printf(MSG_ERROR, "Line %d: obsolete "
  1155. "eap_authenticator used; this has been "
  1156. "renamed to eap_server", line);
  1157. } else if (os_strcmp(buf, "eap_server") == 0) {
  1158. bss->eap_server = atoi(pos);
  1159. } else if (os_strcmp(buf, "eap_user_file") == 0) {
  1160. if (hostapd_config_read_eap_user(pos, bss))
  1161. errors++;
  1162. } else if (os_strcmp(buf, "ca_cert") == 0) {
  1163. os_free(bss->ca_cert);
  1164. bss->ca_cert = os_strdup(pos);
  1165. } else if (os_strcmp(buf, "server_cert") == 0) {
  1166. os_free(bss->server_cert);
  1167. bss->server_cert = os_strdup(pos);
  1168. } else if (os_strcmp(buf, "private_key") == 0) {
  1169. os_free(bss->private_key);
  1170. bss->private_key = os_strdup(pos);
  1171. } else if (os_strcmp(buf, "private_key_passwd") == 0) {
  1172. os_free(bss->private_key_passwd);
  1173. bss->private_key_passwd = os_strdup(pos);
  1174. } else if (os_strcmp(buf, "check_crl") == 0) {
  1175. bss->check_crl = atoi(pos);
  1176. } else if (os_strcmp(buf, "dh_file") == 0) {
  1177. os_free(bss->dh_file);
  1178. bss->dh_file = os_strdup(pos);
  1179. } else if (os_strcmp(buf, "fragment_size") == 0) {
  1180. bss->fragment_size = atoi(pos);
  1181. #ifdef EAP_SERVER_FAST
  1182. } else if (os_strcmp(buf, "pac_opaque_encr_key") == 0) {
  1183. os_free(bss->pac_opaque_encr_key);
  1184. bss->pac_opaque_encr_key = os_malloc(16);
  1185. if (bss->pac_opaque_encr_key == NULL) {
  1186. wpa_printf(MSG_ERROR, "Line %d: No memory for "
  1187. "pac_opaque_encr_key", line);
  1188. errors++;
  1189. } else if (hexstr2bin(pos, bss->pac_opaque_encr_key,
  1190. 16)) {
  1191. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1192. "pac_opaque_encr_key", line);
  1193. errors++;
  1194. }
  1195. } else if (os_strcmp(buf, "eap_fast_a_id") == 0) {
  1196. size_t idlen = os_strlen(pos);
  1197. if (idlen & 1) {
  1198. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1199. "eap_fast_a_id", line);
  1200. errors++;
  1201. } else {
  1202. os_free(bss->eap_fast_a_id);
  1203. bss->eap_fast_a_id = os_malloc(idlen / 2);
  1204. if (bss->eap_fast_a_id == NULL ||
  1205. hexstr2bin(pos, bss->eap_fast_a_id,
  1206. idlen / 2)) {
  1207. wpa_printf(MSG_ERROR, "Line %d: "
  1208. "Failed to parse "
  1209. "eap_fast_a_id", line);
  1210. errors++;
  1211. } else
  1212. bss->eap_fast_a_id_len = idlen / 2;
  1213. }
  1214. } else if (os_strcmp(buf, "eap_fast_a_id_info") == 0) {
  1215. os_free(bss->eap_fast_a_id_info);
  1216. bss->eap_fast_a_id_info = os_strdup(pos);
  1217. } else if (os_strcmp(buf, "eap_fast_prov") == 0) {
  1218. bss->eap_fast_prov = atoi(pos);
  1219. } else if (os_strcmp(buf, "pac_key_lifetime") == 0) {
  1220. bss->pac_key_lifetime = atoi(pos);
  1221. } else if (os_strcmp(buf, "pac_key_refresh_time") == 0) {
  1222. bss->pac_key_refresh_time = atoi(pos);
  1223. #endif /* EAP_SERVER_FAST */
  1224. #ifdef EAP_SERVER_SIM
  1225. } else if (os_strcmp(buf, "eap_sim_db") == 0) {
  1226. os_free(bss->eap_sim_db);
  1227. bss->eap_sim_db = os_strdup(pos);
  1228. } else if (os_strcmp(buf, "eap_sim_aka_result_ind") == 0) {
  1229. bss->eap_sim_aka_result_ind = atoi(pos);
  1230. #endif /* EAP_SERVER_SIM */
  1231. #ifdef EAP_SERVER_TNC
  1232. } else if (os_strcmp(buf, "tnc") == 0) {
  1233. bss->tnc = atoi(pos);
  1234. #endif /* EAP_SERVER_TNC */
  1235. #ifdef EAP_SERVER_PWD
  1236. } else if (os_strcmp(buf, "pwd_group") == 0) {
  1237. bss->pwd_group = atoi(pos);
  1238. #endif /* EAP_SERVER_PWD */
  1239. #endif /* EAP_SERVER */
  1240. } else if (os_strcmp(buf, "eap_message") == 0) {
  1241. char *term;
  1242. bss->eap_req_id_text = os_strdup(pos);
  1243. if (bss->eap_req_id_text == NULL) {
  1244. wpa_printf(MSG_ERROR, "Line %d: Failed to "
  1245. "allocate memory for "
  1246. "eap_req_id_text", line);
  1247. errors++;
  1248. continue;
  1249. }
  1250. bss->eap_req_id_text_len =
  1251. os_strlen(bss->eap_req_id_text);
  1252. term = os_strstr(bss->eap_req_id_text, "\\0");
  1253. if (term) {
  1254. *term++ = '\0';
  1255. os_memmove(term, term + 1,
  1256. bss->eap_req_id_text_len -
  1257. (term - bss->eap_req_id_text) - 1);
  1258. bss->eap_req_id_text_len--;
  1259. }
  1260. } else if (os_strcmp(buf, "wep_key_len_broadcast") == 0) {
  1261. bss->default_wep_key_len = atoi(pos);
  1262. if (bss->default_wep_key_len > 13) {
  1263. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1264. "key len %lu (= %lu bits)", line,
  1265. (unsigned long)
  1266. bss->default_wep_key_len,
  1267. (unsigned long)
  1268. bss->default_wep_key_len * 8);
  1269. errors++;
  1270. }
  1271. } else if (os_strcmp(buf, "wep_key_len_unicast") == 0) {
  1272. bss->individual_wep_key_len = atoi(pos);
  1273. if (bss->individual_wep_key_len < 0 ||
  1274. bss->individual_wep_key_len > 13) {
  1275. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1276. "key len %d (= %d bits)", line,
  1277. bss->individual_wep_key_len,
  1278. bss->individual_wep_key_len * 8);
  1279. errors++;
  1280. }
  1281. } else if (os_strcmp(buf, "wep_rekey_period") == 0) {
  1282. bss->wep_rekeying_period = atoi(pos);
  1283. if (bss->wep_rekeying_period < 0) {
  1284. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1285. "period %d",
  1286. line, bss->wep_rekeying_period);
  1287. errors++;
  1288. }
  1289. } else if (os_strcmp(buf, "eap_reauth_period") == 0) {
  1290. bss->eap_reauth_period = atoi(pos);
  1291. if (bss->eap_reauth_period < 0) {
  1292. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1293. "period %d",
  1294. line, bss->eap_reauth_period);
  1295. errors++;
  1296. }
  1297. } else if (os_strcmp(buf, "eapol_key_index_workaround") == 0) {
  1298. bss->eapol_key_index_workaround = atoi(pos);
  1299. #ifdef CONFIG_IAPP
  1300. } else if (os_strcmp(buf, "iapp_interface") == 0) {
  1301. bss->ieee802_11f = 1;
  1302. os_strlcpy(bss->iapp_iface, pos,
  1303. sizeof(bss->iapp_iface));
  1304. #endif /* CONFIG_IAPP */
  1305. } else if (os_strcmp(buf, "own_ip_addr") == 0) {
  1306. if (hostapd_parse_ip_addr(pos, &bss->own_ip_addr)) {
  1307. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1308. "address '%s'", line, pos);
  1309. errors++;
  1310. }
  1311. } else if (os_strcmp(buf, "nas_identifier") == 0) {
  1312. bss->nas_identifier = os_strdup(pos);
  1313. #ifndef CONFIG_NO_RADIUS
  1314. } else if (os_strcmp(buf, "auth_server_addr") == 0) {
  1315. if (hostapd_config_read_radius_addr(
  1316. &bss->radius->auth_servers,
  1317. &bss->radius->num_auth_servers, pos, 1812,
  1318. &bss->radius->auth_server)) {
  1319. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1320. "address '%s'", line, pos);
  1321. errors++;
  1322. }
  1323. } else if (bss->radius->auth_server &&
  1324. os_strcmp(buf, "auth_server_port") == 0) {
  1325. bss->radius->auth_server->port = atoi(pos);
  1326. } else if (bss->radius->auth_server &&
  1327. os_strcmp(buf, "auth_server_shared_secret") == 0) {
  1328. int len = os_strlen(pos);
  1329. if (len == 0) {
  1330. /* RFC 2865, Ch. 3 */
  1331. wpa_printf(MSG_ERROR, "Line %d: empty shared "
  1332. "secret is not allowed.", line);
  1333. errors++;
  1334. }
  1335. bss->radius->auth_server->shared_secret =
  1336. (u8 *) os_strdup(pos);
  1337. bss->radius->auth_server->shared_secret_len = len;
  1338. } else if (os_strcmp(buf, "acct_server_addr") == 0) {
  1339. if (hostapd_config_read_radius_addr(
  1340. &bss->radius->acct_servers,
  1341. &bss->radius->num_acct_servers, pos, 1813,
  1342. &bss->radius->acct_server)) {
  1343. wpa_printf(MSG_ERROR, "Line %d: invalid IP "
  1344. "address '%s'", line, pos);
  1345. errors++;
  1346. }
  1347. } else if (bss->radius->acct_server &&
  1348. os_strcmp(buf, "acct_server_port") == 0) {
  1349. bss->radius->acct_server->port = atoi(pos);
  1350. } else if (bss->radius->acct_server &&
  1351. os_strcmp(buf, "acct_server_shared_secret") == 0) {
  1352. int len = os_strlen(pos);
  1353. if (len == 0) {
  1354. /* RFC 2865, Ch. 3 */
  1355. wpa_printf(MSG_ERROR, "Line %d: empty shared "
  1356. "secret is not allowed.", line);
  1357. errors++;
  1358. }
  1359. bss->radius->acct_server->shared_secret =
  1360. (u8 *) os_strdup(pos);
  1361. bss->radius->acct_server->shared_secret_len = len;
  1362. } else if (os_strcmp(buf, "radius_retry_primary_interval") ==
  1363. 0) {
  1364. bss->radius->retry_primary_interval = atoi(pos);
  1365. } else if (os_strcmp(buf, "radius_acct_interim_interval") == 0)
  1366. {
  1367. bss->acct_interim_interval = atoi(pos);
  1368. #endif /* CONFIG_NO_RADIUS */
  1369. } else if (os_strcmp(buf, "auth_algs") == 0) {
  1370. bss->auth_algs = atoi(pos);
  1371. if (bss->auth_algs == 0) {
  1372. wpa_printf(MSG_ERROR, "Line %d: no "
  1373. "authentication algorithms allowed",
  1374. line);
  1375. errors++;
  1376. }
  1377. } else if (os_strcmp(buf, "max_num_sta") == 0) {
  1378. bss->max_num_sta = atoi(pos);
  1379. if (bss->max_num_sta < 0 ||
  1380. bss->max_num_sta > MAX_STA_COUNT) {
  1381. wpa_printf(MSG_ERROR, "Line %d: Invalid "
  1382. "max_num_sta=%d; allowed range "
  1383. "0..%d", line, bss->max_num_sta,
  1384. MAX_STA_COUNT);
  1385. errors++;
  1386. }
  1387. } else if (os_strcmp(buf, "wpa") == 0) {
  1388. bss->wpa = atoi(pos);
  1389. } else if (os_strcmp(buf, "wpa_group_rekey") == 0) {
  1390. bss->wpa_group_rekey = atoi(pos);
  1391. } else if (os_strcmp(buf, "wpa_strict_rekey") == 0) {
  1392. bss->wpa_strict_rekey = atoi(pos);
  1393. } else if (os_strcmp(buf, "wpa_gmk_rekey") == 0) {
  1394. bss->wpa_gmk_rekey = atoi(pos);
  1395. } else if (os_strcmp(buf, "wpa_ptk_rekey") == 0) {
  1396. bss->wpa_ptk_rekey = atoi(pos);
  1397. } else if (os_strcmp(buf, "wpa_passphrase") == 0) {
  1398. int len = os_strlen(pos);
  1399. if (len < 8 || len > 63) {
  1400. wpa_printf(MSG_ERROR, "Line %d: invalid WPA "
  1401. "passphrase length %d (expected "
  1402. "8..63)", line, len);
  1403. errors++;
  1404. } else {
  1405. os_free(bss->ssid.wpa_passphrase);
  1406. bss->ssid.wpa_passphrase = os_strdup(pos);
  1407. }
  1408. } else if (os_strcmp(buf, "wpa_psk") == 0) {
  1409. os_free(bss->ssid.wpa_psk);
  1410. bss->ssid.wpa_psk =
  1411. os_zalloc(sizeof(struct hostapd_wpa_psk));
  1412. if (bss->ssid.wpa_psk == NULL)
  1413. errors++;
  1414. else if (hexstr2bin(pos, bss->ssid.wpa_psk->psk,
  1415. PMK_LEN) ||
  1416. pos[PMK_LEN * 2] != '\0') {
  1417. wpa_printf(MSG_ERROR, "Line %d: Invalid PSK "
  1418. "'%s'.", line, pos);
  1419. errors++;
  1420. } else {
  1421. bss->ssid.wpa_psk->group = 1;
  1422. }
  1423. } else if (os_strcmp(buf, "wpa_psk_file") == 0) {
  1424. os_free(bss->ssid.wpa_psk_file);
  1425. bss->ssid.wpa_psk_file = os_strdup(pos);
  1426. if (!bss->ssid.wpa_psk_file) {
  1427. wpa_printf(MSG_ERROR, "Line %d: allocation "
  1428. "failed", line);
  1429. errors++;
  1430. }
  1431. } else if (os_strcmp(buf, "wpa_key_mgmt") == 0) {
  1432. bss->wpa_key_mgmt =
  1433. hostapd_config_parse_key_mgmt(line, pos);
  1434. if (bss->wpa_key_mgmt == -1)
  1435. errors++;
  1436. } else if (os_strcmp(buf, "wpa_pairwise") == 0) {
  1437. bss->wpa_pairwise =
  1438. hostapd_config_parse_cipher(line, pos);
  1439. if (bss->wpa_pairwise == -1 ||
  1440. bss->wpa_pairwise == 0)
  1441. errors++;
  1442. else if (bss->wpa_pairwise &
  1443. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 |
  1444. WPA_CIPHER_WEP104)) {
  1445. wpa_printf(MSG_ERROR, "Line %d: unsupported "
  1446. "pairwise cipher suite '%s'",
  1447. bss->wpa_pairwise, pos);
  1448. errors++;
  1449. }
  1450. } else if (os_strcmp(buf, "rsn_pairwise") == 0) {
  1451. bss->rsn_pairwise =
  1452. hostapd_config_parse_cipher(line, pos);
  1453. if (bss->rsn_pairwise == -1 ||
  1454. bss->rsn_pairwise == 0)
  1455. errors++;
  1456. else if (bss->rsn_pairwise &
  1457. (WPA_CIPHER_NONE | WPA_CIPHER_WEP40 |
  1458. WPA_CIPHER_WEP104)) {
  1459. wpa_printf(MSG_ERROR, "Line %d: unsupported "
  1460. "pairwise cipher suite '%s'",
  1461. bss->rsn_pairwise, pos);
  1462. errors++;
  1463. }
  1464. #ifdef CONFIG_RSN_PREAUTH
  1465. } else if (os_strcmp(buf, "rsn_preauth") == 0) {
  1466. bss->rsn_preauth = atoi(pos);
  1467. } else if (os_strcmp(buf, "rsn_preauth_interfaces") == 0) {
  1468. bss->rsn_preauth_interfaces = os_strdup(pos);
  1469. #endif /* CONFIG_RSN_PREAUTH */
  1470. #ifdef CONFIG_PEERKEY
  1471. } else if (os_strcmp(buf, "peerkey") == 0) {
  1472. bss->peerkey = atoi(pos);
  1473. #endif /* CONFIG_PEERKEY */
  1474. #ifdef CONFIG_IEEE80211R
  1475. } else if (os_strcmp(buf, "mobility_domain") == 0) {
  1476. if (os_strlen(pos) != 2 * MOBILITY_DOMAIN_ID_LEN ||
  1477. hexstr2bin(pos, bss->mobility_domain,
  1478. MOBILITY_DOMAIN_ID_LEN) != 0) {
  1479. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1480. "mobility_domain '%s'", line, pos);
  1481. errors++;
  1482. continue;
  1483. }
  1484. } else if (os_strcmp(buf, "r1_key_holder") == 0) {
  1485. if (os_strlen(pos) != 2 * FT_R1KH_ID_LEN ||
  1486. hexstr2bin(pos, bss->r1_key_holder,
  1487. FT_R1KH_ID_LEN) != 0) {
  1488. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1489. "r1_key_holder '%s'", line, pos);
  1490. errors++;
  1491. continue;
  1492. }
  1493. } else if (os_strcmp(buf, "r0_key_lifetime") == 0) {
  1494. bss->r0_key_lifetime = atoi(pos);
  1495. } else if (os_strcmp(buf, "reassociation_deadline") == 0) {
  1496. bss->reassociation_deadline = atoi(pos);
  1497. } else if (os_strcmp(buf, "r0kh") == 0) {
  1498. if (add_r0kh(bss, pos) < 0) {
  1499. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1500. "r0kh '%s'", line, pos);
  1501. errors++;
  1502. continue;
  1503. }
  1504. } else if (os_strcmp(buf, "r1kh") == 0) {
  1505. if (add_r1kh(bss, pos) < 0) {
  1506. wpa_printf(MSG_DEBUG, "Line %d: Invalid "
  1507. "r1kh '%s'", line, pos);
  1508. errors++;
  1509. continue;
  1510. }
  1511. } else if (os_strcmp(buf, "pmk_r1_push") == 0) {
  1512. bss->pmk_r1_push = atoi(pos);
  1513. } else if (os_strcmp(buf, "ft_over_ds") == 0) {
  1514. bss->ft_over_ds = atoi(pos);
  1515. #endif /* CONFIG_IEEE80211R */
  1516. #ifndef CONFIG_NO_CTRL_IFACE
  1517. } else if (os_strcmp(buf, "ctrl_interface") == 0) {
  1518. os_free(bss->ctrl_interface);
  1519. bss->ctrl_interface = os_strdup(pos);
  1520. } else if (os_strcmp(buf, "ctrl_interface_group") == 0) {
  1521. #ifndef CONFIG_NATIVE_WINDOWS
  1522. struct group *grp;
  1523. char *endp;
  1524. const char *group = pos;
  1525. grp = getgrnam(group);
  1526. if (grp) {
  1527. bss->ctrl_interface_gid = grp->gr_gid;
  1528. bss->ctrl_interface_gid_set = 1;
  1529. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d"
  1530. " (from group name '%s')",
  1531. bss->ctrl_interface_gid, group);
  1532. continue;
  1533. }
  1534. /* Group name not found - try to parse this as gid */
  1535. bss->ctrl_interface_gid = strtol(group, &endp, 10);
  1536. if (*group == '\0' || *endp != '\0') {
  1537. wpa_printf(MSG_DEBUG, "Line %d: Invalid group "
  1538. "'%s'", line, group);
  1539. errors++;
  1540. continue;
  1541. }
  1542. bss->ctrl_interface_gid_set = 1;
  1543. wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d",
  1544. bss->ctrl_interface_gid);
  1545. #endif /* CONFIG_NATIVE_WINDOWS */
  1546. #endif /* CONFIG_NO_CTRL_IFACE */
  1547. #ifdef RADIUS_SERVER
  1548. } else if (os_strcmp(buf, "radius_server_clients") == 0) {
  1549. os_free(bss->radius_server_clients);
  1550. bss->radius_server_clients = os_strdup(pos);
  1551. } else if (os_strcmp(buf, "radius_server_auth_port") == 0) {
  1552. bss->radius_server_auth_port = atoi(pos);
  1553. } else if (os_strcmp(buf, "radius_server_ipv6") == 0) {
  1554. bss->radius_server_ipv6 = atoi(pos);
  1555. #endif /* RADIUS_SERVER */
  1556. } else if (os_strcmp(buf, "test_socket") == 0) {
  1557. os_free(bss->test_socket);
  1558. bss->test_socket = os_strdup(pos);
  1559. } else if (os_strcmp(buf, "use_pae_group_addr") == 0) {
  1560. bss->use_pae_group_addr = atoi(pos);
  1561. } else if (os_strcmp(buf, "hw_mode") == 0) {
  1562. if (os_strcmp(pos, "a") == 0)
  1563. conf->hw_mode = HOSTAPD_MODE_IEEE80211A;
  1564. else if (os_strcmp(pos, "b") == 0)
  1565. conf->hw_mode = HOSTAPD_MODE_IEEE80211B;
  1566. else if (os_strcmp(pos, "g") == 0)
  1567. conf->hw_mode = HOSTAPD_MODE_IEEE80211G;
  1568. else {
  1569. wpa_printf(MSG_ERROR, "Line %d: unknown "
  1570. "hw_mode '%s'", line, pos);
  1571. errors++;
  1572. }
  1573. } else if (os_strcmp(buf, "channel") == 0) {
  1574. conf->channel = atoi(pos);
  1575. } else if (os_strcmp(buf, "beacon_int") == 0) {
  1576. int val = atoi(pos);
  1577. /* MIB defines range as 1..65535, but very small values
  1578. * cause problems with the current implementation.
  1579. * Since it is unlikely that this small numbers are
  1580. * useful in real life scenarios, do not allow beacon
  1581. * period to be set below 15 TU. */
  1582. if (val < 15 || val > 65535) {
  1583. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1584. "beacon_int %d (expected "
  1585. "15..65535)", line, val);
  1586. errors++;
  1587. } else
  1588. conf->beacon_int = val;
  1589. } else if (os_strcmp(buf, "dtim_period") == 0) {
  1590. bss->dtim_period = atoi(pos);
  1591. if (bss->dtim_period < 1 || bss->dtim_period > 255) {
  1592. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1593. "dtim_period %d",
  1594. line, bss->dtim_period);
  1595. errors++;
  1596. }
  1597. } else if (os_strcmp(buf, "rts_threshold") == 0) {
  1598. conf->rts_threshold = atoi(pos);
  1599. if (conf->rts_threshold < 0 ||
  1600. conf->rts_threshold > 2347) {
  1601. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1602. "rts_threshold %d",
  1603. line, conf->rts_threshold);
  1604. errors++;
  1605. }
  1606. } else if (os_strcmp(buf, "fragm_threshold") == 0) {
  1607. conf->fragm_threshold = atoi(pos);
  1608. if (conf->fragm_threshold < 256 ||
  1609. conf->fragm_threshold > 2346) {
  1610. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1611. "fragm_threshold %d",
  1612. line, conf->fragm_threshold);
  1613. errors++;
  1614. }
  1615. } else if (os_strcmp(buf, "send_probe_response") == 0) {
  1616. int val = atoi(pos);
  1617. if (val != 0 && val != 1) {
  1618. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1619. "send_probe_response %d (expected "
  1620. "0 or 1)", line, val);
  1621. } else
  1622. conf->send_probe_response = val;
  1623. } else if (os_strcmp(buf, "supported_rates") == 0) {
  1624. if (hostapd_parse_rates(&conf->supported_rates, pos)) {
  1625. wpa_printf(MSG_ERROR, "Line %d: invalid rate "
  1626. "list", line);
  1627. errors++;
  1628. }
  1629. } else if (os_strcmp(buf, "basic_rates") == 0) {
  1630. if (hostapd_parse_rates(&conf->basic_rates, pos)) {
  1631. wpa_printf(MSG_ERROR, "Line %d: invalid rate "
  1632. "list", line);
  1633. errors++;
  1634. }
  1635. } else if (os_strcmp(buf, "preamble") == 0) {
  1636. if (atoi(pos))
  1637. conf->preamble = SHORT_PREAMBLE;
  1638. else
  1639. conf->preamble = LONG_PREAMBLE;
  1640. } else if (os_strcmp(buf, "ignore_broadcast_ssid") == 0) {
  1641. bss->ignore_broadcast_ssid = atoi(pos);
  1642. } else if (os_strcmp(buf, "wep_default_key") == 0) {
  1643. bss->ssid.wep.idx = atoi(pos);
  1644. if (bss->ssid.wep.idx > 3) {
  1645. wpa_printf(MSG_ERROR, "Invalid "
  1646. "wep_default_key index %d",
  1647. bss->ssid.wep.idx);
  1648. errors++;
  1649. }
  1650. } else if (os_strcmp(buf, "wep_key0") == 0 ||
  1651. os_strcmp(buf, "wep_key1") == 0 ||
  1652. os_strcmp(buf, "wep_key2") == 0 ||
  1653. os_strcmp(buf, "wep_key3") == 0) {
  1654. if (hostapd_config_read_wep(&bss->ssid.wep,
  1655. buf[7] - '0', pos)) {
  1656. wpa_printf(MSG_ERROR, "Line %d: invalid WEP "
  1657. "key '%s'", line, buf);
  1658. errors++;
  1659. }
  1660. #ifndef CONFIG_NO_VLAN
  1661. } else if (os_strcmp(buf, "dynamic_vlan") == 0) {
  1662. bss->ssid.dynamic_vlan = atoi(pos);
  1663. } else if (os_strcmp(buf, "vlan_file") == 0) {
  1664. if (hostapd_config_read_vlan_file(bss, pos)) {
  1665. wpa_printf(MSG_ERROR, "Line %d: failed to "
  1666. "read VLAN file '%s'", line, pos);
  1667. errors++;
  1668. }
  1669. #ifdef CONFIG_FULL_DYNAMIC_VLAN
  1670. } else if (os_strcmp(buf, "vlan_tagged_interface") == 0) {
  1671. bss->ssid.vlan_tagged_interface = os_strdup(pos);
  1672. #endif /* CONFIG_FULL_DYNAMIC_VLAN */
  1673. #endif /* CONFIG_NO_VLAN */
  1674. } else if (os_strcmp(buf, "ap_table_max_size") == 0) {
  1675. conf->ap_table_max_size = atoi(pos);
  1676. } else if (os_strcmp(buf, "ap_table_expiration_time") == 0) {
  1677. conf->ap_table_expiration_time = atoi(pos);
  1678. } else if (os_strncmp(buf, "tx_queue_", 9) == 0) {
  1679. if (hostapd_config_tx_queue(conf, buf, pos)) {
  1680. wpa_printf(MSG_ERROR, "Line %d: invalid TX "
  1681. "queue item", line);
  1682. errors++;
  1683. }
  1684. } else if (os_strcmp(buf, "wme_enabled") == 0 ||
  1685. os_strcmp(buf, "wmm_enabled") == 0) {
  1686. bss->wmm_enabled = atoi(pos);
  1687. } else if (os_strcmp(buf, "uapsd_advertisement_enabled") == 0) {
  1688. bss->wmm_uapsd = atoi(pos);
  1689. } else if (os_strncmp(buf, "wme_ac_", 7) == 0 ||
  1690. os_strncmp(buf, "wmm_ac_", 7) == 0) {
  1691. if (hostapd_config_wmm_ac(conf, buf, pos)) {
  1692. wpa_printf(MSG_ERROR, "Line %d: invalid WMM "
  1693. "ac item", line);
  1694. errors++;
  1695. }
  1696. } else if (os_strcmp(buf, "bss") == 0) {
  1697. if (hostapd_config_bss(conf, pos)) {
  1698. wpa_printf(MSG_ERROR, "Line %d: invalid bss "
  1699. "item", line);
  1700. errors++;
  1701. }
  1702. } else if (os_strcmp(buf, "bssid") == 0) {
  1703. if (hwaddr_aton(pos, bss->bssid)) {
  1704. wpa_printf(MSG_ERROR, "Line %d: invalid bssid "
  1705. "item", line);
  1706. errors++;
  1707. }
  1708. #ifdef CONFIG_IEEE80211W
  1709. } else if (os_strcmp(buf, "ieee80211w") == 0) {
  1710. bss->ieee80211w = atoi(pos);
  1711. } else if (os_strcmp(buf, "assoc_sa_query_max_timeout") == 0) {
  1712. bss->assoc_sa_query_max_timeout = atoi(pos);
  1713. if (bss->assoc_sa_query_max_timeout == 0) {
  1714. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1715. "assoc_sa_query_max_timeout", line);
  1716. errors++;
  1717. }
  1718. } else if (os_strcmp(buf, "assoc_sa_query_retry_timeout") == 0)
  1719. {
  1720. bss->assoc_sa_query_retry_timeout = atoi(pos);
  1721. if (bss->assoc_sa_query_retry_timeout == 0) {
  1722. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1723. "assoc_sa_query_retry_timeout",
  1724. line);
  1725. errors++;
  1726. }
  1727. #endif /* CONFIG_IEEE80211W */
  1728. #ifdef CONFIG_IEEE80211N
  1729. } else if (os_strcmp(buf, "ieee80211n") == 0) {
  1730. conf->ieee80211n = atoi(pos);
  1731. } else if (os_strcmp(buf, "ht_capab") == 0) {
  1732. if (hostapd_config_ht_capab(conf, pos) < 0) {
  1733. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1734. "ht_capab", line);
  1735. errors++;
  1736. }
  1737. } else if (os_strcmp(buf, "require_ht") == 0) {
  1738. conf->require_ht = atoi(pos);
  1739. #endif /* CONFIG_IEEE80211N */
  1740. } else if (os_strcmp(buf, "max_listen_interval") == 0) {
  1741. bss->max_listen_interval = atoi(pos);
  1742. } else if (os_strcmp(buf, "okc") == 0) {
  1743. bss->okc = atoi(pos);
  1744. #ifdef CONFIG_WPS
  1745. } else if (os_strcmp(buf, "wps_state") == 0) {
  1746. bss->wps_state = atoi(pos);
  1747. if (bss->wps_state < 0 || bss->wps_state > 2) {
  1748. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1749. "wps_state", line);
  1750. errors++;
  1751. }
  1752. } else if (os_strcmp(buf, "ap_setup_locked") == 0) {
  1753. bss->ap_setup_locked = atoi(pos);
  1754. } else if (os_strcmp(buf, "uuid") == 0) {
  1755. if (uuid_str2bin(pos, bss->uuid)) {
  1756. wpa_printf(MSG_ERROR, "Line %d: invalid UUID",
  1757. line);
  1758. errors++;
  1759. }
  1760. } else if (os_strcmp(buf, "wps_pin_requests") == 0) {
  1761. os_free(bss->wps_pin_requests);
  1762. bss->wps_pin_requests = os_strdup(pos);
  1763. } else if (os_strcmp(buf, "device_name") == 0) {
  1764. if (os_strlen(pos) > 32) {
  1765. wpa_printf(MSG_ERROR, "Line %d: Too long "
  1766. "device_name", line);
  1767. errors++;
  1768. }
  1769. os_free(bss->device_name);
  1770. bss->device_name = os_strdup(pos);
  1771. } else if (os_strcmp(buf, "manufacturer") == 0) {
  1772. if (os_strlen(pos) > 64) {
  1773. wpa_printf(MSG_ERROR, "Line %d: Too long "
  1774. "manufacturer", line);
  1775. errors++;
  1776. }
  1777. os_free(bss->manufacturer);
  1778. bss->manufacturer = os_strdup(pos);
  1779. } else if (os_strcmp(buf, "model_name") == 0) {
  1780. if (os_strlen(pos) > 32) {
  1781. wpa_printf(MSG_ERROR, "Line %d: Too long "
  1782. "model_name", line);
  1783. errors++;
  1784. }
  1785. os_free(bss->model_name);
  1786. bss->model_name = os_strdup(pos);
  1787. } else if (os_strcmp(buf, "model_number") == 0) {
  1788. if (os_strlen(pos) > 32) {
  1789. wpa_printf(MSG_ERROR, "Line %d: Too long "
  1790. "model_number", line);
  1791. errors++;
  1792. }
  1793. os_free(bss->model_number);
  1794. bss->model_number = os_strdup(pos);
  1795. } else if (os_strcmp(buf, "serial_number") == 0) {
  1796. if (os_strlen(pos) > 32) {
  1797. wpa_printf(MSG_ERROR, "Line %d: Too long "
  1798. "serial_number", line);
  1799. errors++;
  1800. }
  1801. os_free(bss->serial_number);
  1802. bss->serial_number = os_strdup(pos);
  1803. } else if (os_strcmp(buf, "device_type") == 0) {
  1804. if (wps_dev_type_str2bin(pos, bss->device_type))
  1805. errors++;
  1806. } else if (os_strcmp(buf, "config_methods") == 0) {
  1807. os_free(bss->config_methods);
  1808. bss->config_methods = os_strdup(pos);
  1809. } else if (os_strcmp(buf, "os_version") == 0) {
  1810. if (hexstr2bin(pos, bss->os_version, 4)) {
  1811. wpa_printf(MSG_ERROR, "Line %d: invalid "
  1812. "os_version", line);
  1813. errors++;
  1814. }
  1815. } else if (os_strcmp(buf, "ap_pin") == 0) {
  1816. os_free(bss->ap_pin);
  1817. bss->ap_pin = os_strdup(pos);
  1818. } else if (os_strcmp(buf, "skip_cred_build") == 0) {
  1819. bss->skip_cred_build = atoi(pos);
  1820. } else if (os_strcmp(buf, "extra_cred") == 0) {
  1821. os_free(bss->extra_cred);
  1822. bss->extra_cred =
  1823. (u8 *) os_readfile(pos, &bss->extra_cred_len);
  1824. if (bss->extra_cred == NULL) {
  1825. wpa_printf(MSG_ERROR, "Line %d: could not "
  1826. "read Credentials from '%s'",
  1827. line, pos);
  1828. errors++;
  1829. }
  1830. } else if (os_strcmp(buf, "wps_cred_processing") == 0) {
  1831. bss->wps_cred_processing = atoi(pos);
  1832. } else if (os_strcmp(buf, "ap_settings") == 0) {
  1833. os_free(bss->ap_settings);
  1834. bss->ap_settings =
  1835. (u8 *) os_readfile(pos, &bss->ap_settings_len);
  1836. if (bss->ap_settings == NULL) {
  1837. wpa_printf(MSG_ERROR, "Line %d: could not "
  1838. "read AP Settings from '%s'",
  1839. line, pos);
  1840. errors++;
  1841. }
  1842. } else if (os_strcmp(buf, "upnp_iface") == 0) {
  1843. bss->upnp_iface = os_strdup(pos);
  1844. } else if (os_strcmp(buf, "friendly_name") == 0) {
  1845. os_free(bss->friendly_name);
  1846. bss->friendly_name = os_strdup(pos);
  1847. } else if (os_strcmp(buf, "manufacturer_url") == 0) {
  1848. os_free(bss->manufacturer_url);
  1849. bss->manufacturer_url = os_strdup(pos);
  1850. } else if (os_strcmp(buf, "model_description") == 0) {
  1851. os_free(bss->model_description);
  1852. bss->model_description = os_strdup(pos);
  1853. } else if (os_strcmp(buf, "model_url") == 0) {
  1854. os_free(bss->model_url);
  1855. bss->model_url = os_strdup(pos);
  1856. } else if (os_strcmp(buf, "upc") == 0) {
  1857. os_free(bss->upc);
  1858. bss->upc = os_strdup(pos);
  1859. #endif /* CONFIG_WPS */
  1860. #ifdef CONFIG_P2P_MANAGER
  1861. } else if (os_strcmp(buf, "manage_p2p") == 0) {
  1862. int manage = atoi(pos);
  1863. if (manage)
  1864. bss->p2p |= P2P_MANAGE;
  1865. else
  1866. bss->p2p &= ~P2P_MANAGE;
  1867. } else if (os_strcmp(buf, "allow_cross_connection") == 0) {
  1868. if (atoi(pos))
  1869. bss->p2p |= P2P_ALLOW_CROSS_CONNECTION;
  1870. else
  1871. bss->p2p &= ~P2P_ALLOW_CROSS_CONNECTION;
  1872. #endif /* CONFIG_P2P_MANAGER */
  1873. } else if (os_strcmp(buf, "disassoc_low_ack") == 0) {
  1874. bss->disassoc_low_ack = atoi(pos);
  1875. } else if (os_strcmp(buf, "tdls_prohibit") == 0) {
  1876. int val = atoi(pos);
  1877. if (val)
  1878. bss->tdls |= TDLS_PROHIBIT;
  1879. else
  1880. bss->tdls &= ~TDLS_PROHIBIT;
  1881. } else if (os_strcmp(buf, "tdls_prohibit_chan_switch") == 0) {
  1882. int val = atoi(pos);
  1883. if (val)
  1884. bss->tdls |= TDLS_PROHIBIT_CHAN_SWITCH;
  1885. else
  1886. bss->tdls &= ~TDLS_PROHIBIT_CHAN_SWITCH;
  1887. #ifdef CONFIG_RSN_TESTING
  1888. } else if (os_strcmp(buf, "rsn_testing") == 0) {
  1889. extern int rsn_testing;
  1890. rsn_testing = atoi(pos);
  1891. #endif /* CONFIG_RSN_TESTING */
  1892. } else {
  1893. wpa_printf(MSG_ERROR, "Line %d: unknown configuration "
  1894. "item '%s'", line, buf);
  1895. errors++;
  1896. }
  1897. }
  1898. fclose(f);
  1899. for (i = 0; i < conf->num_bss; i++) {
  1900. bss = &conf->bss[i];
  1901. if (bss->individual_wep_key_len == 0) {
  1902. /* individual keys are not use; can use key idx0 for
  1903. * broadcast keys */
  1904. bss->broadcast_key_idx_min = 0;
  1905. }
  1906. /* Select group cipher based on the enabled pairwise cipher
  1907. * suites */
  1908. pairwise = 0;
  1909. if (bss->wpa & 1)
  1910. pairwise |= bss->wpa_pairwise;
  1911. if (bss->wpa & 2) {
  1912. if (bss->rsn_pairwise == 0)
  1913. bss->rsn_pairwise = bss->wpa_pairwise;
  1914. pairwise |= bss->rsn_pairwise;
  1915. }
  1916. if (pairwise & WPA_CIPHER_TKIP)
  1917. bss->wpa_group = WPA_CIPHER_TKIP;
  1918. else
  1919. bss->wpa_group = WPA_CIPHER_CCMP;
  1920. bss->radius->auth_server = bss->radius->auth_servers;
  1921. bss->radius->acct_server = bss->radius->acct_servers;
  1922. if (bss->wpa && bss->ieee802_1x) {
  1923. bss->ssid.security_policy = SECURITY_WPA;
  1924. } else if (bss->wpa) {
  1925. bss->ssid.security_policy = SECURITY_WPA_PSK;
  1926. } else if (bss->ieee802_1x) {
  1927. bss->ssid.security_policy = SECURITY_IEEE_802_1X;
  1928. bss->ssid.wep.default_len = bss->default_wep_key_len;
  1929. } else if (bss->ssid.wep.keys_set)
  1930. bss->ssid.security_policy = SECURITY_STATIC_WEP;
  1931. else
  1932. bss->ssid.security_policy = SECURITY_PLAINTEXT;
  1933. }
  1934. if (hostapd_config_check(conf))
  1935. errors++;
  1936. #ifndef WPA_IGNORE_CONFIG_ERRORS
  1937. if (errors) {
  1938. wpa_printf(MSG_ERROR, "%d errors found in configuration file "
  1939. "'%s'", errors, fname);
  1940. hostapd_config_free(conf);
  1941. conf = NULL;
  1942. }
  1943. #endif /* WPA_IGNORE_CONFIG_ERRORS */
  1944. return conf;
  1945. }