summaryrefslogtreecommitdiffstats
path: root/contrib/hostapd/config.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/hostapd/config.c')
-rw-r--r--contrib/hostapd/config.c196
1 files changed, 138 insertions, 58 deletions
diff --git a/contrib/hostapd/config.c b/contrib/hostapd/config.c
index 02ecd79..34e2256 100644
--- a/contrib/hostapd/config.c
+++ b/contrib/hostapd/config.c
@@ -28,18 +28,20 @@
#include "driver.h"
#include "sha1.h"
#include "eap.h"
+#include "radius_client.h"
static struct hostapd_config *hostapd_config_defaults(void)
{
struct hostapd_config *conf;
- conf = malloc(sizeof(*conf));
+ conf = malloc(sizeof(*conf) + sizeof(struct hostapd_radius_servers));
if (conf == NULL) {
printf("Failed to allocate memory for configuration data.\n");
return NULL;
}
- memset(conf, 0, sizeof(*conf));
+ memset(conf, 0, sizeof(*conf) + sizeof(struct hostapd_radius_servers));
+ conf->radius = (struct hostapd_radius_servers *) (conf + 1);
/* set default driver based on configuration */
conf->driver = driver_lookup("default");
@@ -71,6 +73,24 @@ static struct hostapd_config *hostapd_config_defaults(void)
}
+static int hostapd_parse_ip_addr(const char *txt, struct hostapd_ip_addr *addr)
+{
+ if (inet_aton(txt, &addr->u.v4)) {
+ addr->af = AF_INET;
+ return 0;
+ }
+
+#ifdef CONFIG_IPV6
+ if (inet_pton(AF_INET6, txt, &addr->u.v6) > 0) {
+ addr->af = AF_INET6;
+ return 0;
+ }
+#endif /* CONFIG_IPV6 */
+
+ return -1;
+}
+
+
static int mac_comp(const void *a, const void *b)
{
return memcmp(a, b, sizeof(macaddr));
@@ -269,12 +289,12 @@ int hostapd_setup_wpa_psk(struct hostapd_config *conf)
}
-#ifdef EAP_AUTHENTICATOR
+#ifdef EAP_SERVER
static int hostapd_config_read_eap_user(const char *fname,
struct hostapd_config *conf)
{
FILE *f;
- char buf[512], *pos, *start;
+ char buf[512], *pos, *start, *pos2;
int line = 0, ret = 0, num_methods;
struct hostapd_eap_user *user, *tail = NULL;
@@ -410,30 +430,53 @@ static int hostapd_config_read_eap_user(const char *fname,
goto done;
}
- if (*pos != '"') {
- printf("Invalid EAP password (no \" in start) on "
- "line %d in '%s'\n", line, fname);
- goto failed;
- }
- pos++;
- start = pos;
- while (*pos != '"' && *pos != '\0')
+ if (*pos == '"') {
pos++;
- if (*pos == '\0') {
- printf("Invalid EAP password (no \" in end) on "
- "line %d in '%s'\n", line, fname);
- goto failed;
- }
+ start = pos;
+ while (*pos != '"' && *pos != '\0')
+ pos++;
+ if (*pos == '\0') {
+ printf("Invalid EAP password (no \" in end) "
+ "on line %d in '%s'\n", line, fname);
+ goto failed;
+ }
- user->password = malloc(pos - start);
- if (user->password == NULL) {
- printf("Failed to allocate memory for EAP password\n");
- goto failed;
+ user->password = malloc(pos - start);
+ if (user->password == NULL) {
+ printf("Failed to allocate memory for EAP "
+ "password\n");
+ goto failed;
+ }
+ memcpy(user->password, start, pos - start);
+ user->password_len = pos - start;
+
+ pos++;
+ } else {
+ pos2 = pos;
+ while (*pos2 != '\0' && *pos2 != ' ' &&
+ *pos2 != '\t' && *pos2 != '#')
+ pos2++;
+ if ((pos2 - pos) & 1) {
+ printf("Invalid hex password on line %d in "
+ "'%s'\n", line, fname);
+ goto failed;
+ }
+ user->password = malloc((pos2 - pos) / 2);
+ if (user->password == NULL) {
+ printf("Failed to allocate memory for EAP "
+ "password\n");
+ goto failed;
+ }
+ if (hexstr2bin(pos, user->password,
+ (pos2 - pos) / 2) < 0) {
+ printf("Invalid hex password on line %d in "
+ "'%s'\n", line, fname);
+ goto failed;
+ }
+ user->password_len = (pos2 - pos) / 2;
+ pos = pos2;
}
- memcpy(user->password, start, pos - start);
- user->password_len = pos - start;
- pos++;
while (*pos == ' ' || *pos == '\t')
pos++;
if (strncmp(pos, "[2]", 3) == 0) {
@@ -462,7 +505,7 @@ static int hostapd_config_read_eap_user(const char *fname,
return ret;
}
-#endif /* EAP_AUTHENTICATOR */
+#endif /* EAP_SERVER */
static int
@@ -485,7 +528,7 @@ hostapd_config_read_radius_addr(struct hostapd_radius_server **server,
memset(nserv, 0, sizeof(*nserv));
nserv->port = def_port;
- ret = !inet_aton(val, &nserv->addr);
+ ret = hostapd_parse_ip_addr(val, &nserv->addr);
nserv->index = server_index++;
return ret;
@@ -589,8 +632,8 @@ static int hostapd_config_parse_cipher(int line, const char *value)
static int hostapd_config_check(struct hostapd_config *conf)
{
- if (conf->ieee802_1x && !conf->eap_authenticator &&
- !conf->auth_servers) {
+ if (conf->ieee802_1x && !conf->eap_server &&
+ !conf->radius->auth_servers) {
printf("Invalid IEEE 802.1X configuration (no EAP "
"authenticator configured).\n");
return -1;
@@ -616,9 +659,9 @@ struct hostapd_config * hostapd_config_read(const char *fname)
int line = 0;
int errors = 0;
char *accept_mac_file = NULL, *deny_mac_file = NULL;
-#ifdef EAP_AUTHENTICATOR
+#ifdef EAP_SERVER
char *eap_user_file = NULL;
-#endif /* EAP_AUTHENTICATOR */
+#endif /* EAP_SERVER */
f = fopen(fname, "r");
if (f == NULL) {
@@ -722,9 +765,13 @@ struct hostapd_config * hostapd_config_read(const char *fname)
conf->assoc_ap = 1;
} else if (strcmp(buf, "ieee8021x") == 0) {
conf->ieee802_1x = atoi(pos);
-#ifdef EAP_AUTHENTICATOR
+#ifdef EAP_SERVER
} else if (strcmp(buf, "eap_authenticator") == 0) {
- conf->eap_authenticator = atoi(pos);
+ conf->eap_server = atoi(pos);
+ printf("Line %d: obsolete eap_authenticator used; "
+ "this has been renamed to eap_server\n", line);
+ } else if (strcmp(buf, "eap_server") == 0) {
+ conf->eap_server = atoi(pos);
} else if (strcmp(buf, "eap_user_file") == 0) {
free(eap_user_file);
eap_user_file = strdup(pos);
@@ -744,14 +791,33 @@ struct hostapd_config * hostapd_config_read(const char *fname)
} else if (strcmp(buf, "private_key_passwd") == 0) {
free(conf->private_key_passwd);
conf->private_key_passwd = strdup(pos);
+ } else if (strcmp(buf, "check_crl") == 0) {
+ conf->check_crl = atoi(pos);
#ifdef EAP_SIM
} else if (strcmp(buf, "eap_sim_db") == 0) {
free(conf->eap_sim_db);
conf->eap_sim_db = strdup(pos);
#endif /* EAP_SIM */
-#endif /* EAP_AUTHENTICATOR */
+#endif /* EAP_SERVER */
} else if (strcmp(buf, "eap_message") == 0) {
+ char *term;
conf->eap_req_id_text = strdup(pos);
+ if (conf->eap_req_id_text == NULL) {
+ printf("Line %d: Failed to allocate memory "
+ "for eap_req_id_text\n", line);
+ errors++;
+ continue;
+ }
+ conf->eap_req_id_text_len =
+ strlen(conf->eap_req_id_text);
+ term = strstr(conf->eap_req_id_text, "\\0");
+ if (term) {
+ *term++ = '\0';
+ memmove(term, term + 1,
+ conf->eap_req_id_text_len -
+ (term - conf->eap_req_id_text) - 1);
+ conf->eap_req_id_text_len--;
+ }
} else if (strcmp(buf, "wep_key_len_broadcast") == 0) {
conf->default_wep_key_len = atoi(pos);
if (conf->default_wep_key_len > 13) {
@@ -796,7 +862,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
"%s", pos);
#endif /* CONFIG_IAPP */
} else if (strcmp(buf, "own_ip_addr") == 0) {
- if (!inet_aton(pos, &conf->own_ip_addr)) {
+ if (hostapd_parse_ip_addr(pos, &conf->own_ip_addr)) {
printf("Line %d: invalid IP address '%s'\n",
line, pos);
errors++;
@@ -805,17 +871,17 @@ struct hostapd_config * hostapd_config_read(const char *fname)
conf->nas_identifier = strdup(pos);
} else if (strcmp(buf, "auth_server_addr") == 0) {
if (hostapd_config_read_radius_addr(
- &conf->auth_servers,
- &conf->num_auth_servers, pos, 1812,
- &conf->auth_server)) {
+ &conf->radius->auth_servers,
+ &conf->radius->num_auth_servers, pos, 1812,
+ &conf->radius->auth_server)) {
printf("Line %d: invalid IP address '%s'\n",
line, pos);
errors++;
}
- } else if (conf->auth_server &&
+ } else if (conf->radius->auth_server &&
strcmp(buf, "auth_server_port") == 0) {
- conf->auth_server->port = atoi(pos);
- } else if (conf->auth_server &&
+ conf->radius->auth_server->port = atoi(pos);
+ } else if (conf->radius->auth_server &&
strcmp(buf, "auth_server_shared_secret") == 0) {
int len = strlen(pos);
if (len == 0) {
@@ -824,21 +890,22 @@ struct hostapd_config * hostapd_config_read(const char *fname)
"allowed.\n", line);
errors++;
}
- conf->auth_server->shared_secret = (u8 *) strdup(pos);
- conf->auth_server->shared_secret_len = len;
+ conf->radius->auth_server->shared_secret =
+ (u8 *) strdup(pos);
+ conf->radius->auth_server->shared_secret_len = len;
} else if (strcmp(buf, "acct_server_addr") == 0) {
if (hostapd_config_read_radius_addr(
- &conf->acct_servers,
- &conf->num_acct_servers, pos, 1813,
- &conf->acct_server)) {
+ &conf->radius->acct_servers,
+ &conf->radius->num_acct_servers, pos, 1813,
+ &conf->radius->acct_server)) {
printf("Line %d: invalid IP address '%s'\n",
line, pos);
errors++;
}
- } else if (conf->acct_server &&
+ } else if (conf->radius->acct_server &&
strcmp(buf, "acct_server_port") == 0) {
- conf->acct_server->port = atoi(pos);
- } else if (conf->acct_server &&
+ conf->radius->acct_server->port = atoi(pos);
+ } else if (conf->radius->acct_server &&
strcmp(buf, "acct_server_shared_secret") == 0) {
int len = strlen(pos);
if (len == 0) {
@@ -847,12 +914,13 @@ struct hostapd_config * hostapd_config_read(const char *fname)
"allowed.\n", line);
errors++;
}
- conf->acct_server->shared_secret = (u8 *) strdup(pos);
- conf->acct_server->shared_secret_len = len;
+ conf->radius->acct_server->shared_secret =
+ (u8 *) strdup(pos);
+ conf->radius->acct_server->shared_secret_len = len;
} else if (strcmp(buf, "radius_retry_primary_interval") == 0) {
- conf->radius_retry_primary_interval = atoi(pos);
+ conf->radius->retry_primary_interval = atoi(pos);
} else if (strcmp(buf, "radius_acct_interim_interval") == 0) {
- conf->radius_acct_interim_interval = atoi(pos);
+ conf->radius->acct_interim_interval = atoi(pos);
} else if (strcmp(buf, "auth_algs") == 0) {
conf->auth_algs = atoi(pos);
if (conf->auth_algs == 0) {
@@ -944,6 +1012,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
grp = getgrnam(group);
if (grp) {
conf->ctrl_interface_gid = grp->gr_gid;
+ conf->ctrl_interface_gid_set = 1;
wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d"
" (from group name '%s')",
conf->ctrl_interface_gid, group);
@@ -958,6 +1027,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
errors++;
continue;
}
+ conf->ctrl_interface_gid_set = 1;
wpa_printf(MSG_DEBUG, "ctrl_interface_group=%d",
conf->ctrl_interface_gid);
#ifdef RADIUS_SERVER
@@ -966,7 +1036,14 @@ struct hostapd_config * hostapd_config_read(const char *fname)
conf->radius_server_clients = strdup(pos);
} else if (strcmp(buf, "radius_server_auth_port") == 0) {
conf->radius_server_auth_port = atoi(pos);
+ } else if (strcmp(buf, "radius_server_ipv6") == 0) {
+ conf->radius_server_ipv6 = atoi(pos);
#endif /* RADIUS_SERVER */
+ } else if (strcmp(buf, "test_socket") == 0) {
+ free(conf->test_socket);
+ conf->test_socket = strdup(pos);
+ } else if (strcmp(buf, "use_pae_group_addr") == 0) {
+ conf->use_pae_group_addr = atoi(pos);
} else {
printf("Line %d: unknown configuration item '%s'\n",
line, buf);
@@ -985,14 +1062,14 @@ struct hostapd_config * hostapd_config_read(const char *fname)
errors++;
free(deny_mac_file);
-#ifdef EAP_AUTHENTICATOR
+#ifdef EAP_SERVER
if (hostapd_config_read_eap_user(eap_user_file, conf))
errors++;
free(eap_user_file);
-#endif /* EAP_AUTHENTICATOR */
+#endif /* EAP_SERVER */
- conf->auth_server = conf->auth_servers;
- conf->acct_server = conf->acct_servers;
+ conf->radius->auth_server = conf->radius->auth_servers;
+ conf->radius->acct_server = conf->radius->acct_servers;
if (hostapd_config_check(conf))
errors++;
@@ -1058,8 +1135,10 @@ void hostapd_config_free(struct hostapd_config *conf)
free(conf->accept_mac);
free(conf->deny_mac);
free(conf->nas_identifier);
- hostapd_config_free_radius(conf->auth_servers, conf->num_auth_servers);
- hostapd_config_free_radius(conf->acct_servers, conf->num_acct_servers);
+ hostapd_config_free_radius(conf->radius->auth_servers,
+ conf->radius->num_auth_servers);
+ hostapd_config_free_radius(conf->radius->acct_servers,
+ conf->radius->num_acct_servers);
free(conf->rsn_preauth_interfaces);
free(conf->ctrl_interface);
free(conf->ca_cert);
@@ -1068,6 +1147,7 @@ void hostapd_config_free(struct hostapd_config *conf)
free(conf->private_key_passwd);
free(conf->eap_sim_db);
free(conf->radius_server_clients);
+ free(conf->test_socket);
free(conf);
}
OpenPOWER on IntegriCloud