1 /* 2 * hostapd / Configuration definitions and helpers functions 3 * Copyright (c) 2003-2012, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef HOSTAPD_CONFIG_H 10 #define HOSTAPD_CONFIG_H 11 12 #include "common/defs.h" 13 #include "ip_addr.h" 14 #include "common/wpa_common.h" 15 #include "common/ieee802_11_common.h" 16 #include "wps/wps.h" 17 18 #define MAX_STA_COUNT 2007 19 #define MAX_VLAN_ID 4094 20 21 typedef u8 macaddr[ETH_ALEN]; 22 23 struct mac_acl_entry { 24 macaddr addr; 25 int vlan_id; 26 }; 27 28 struct hostapd_radius_servers; 29 struct ft_remote_r0kh; 30 struct ft_remote_r1kh; 31 32 #define HOSTAPD_MAX_SSID_LEN 32 33 34 #define NUM_WEP_KEYS 4 35 struct hostapd_wep_keys { 36 u8 idx; 37 u8 *key[NUM_WEP_KEYS]; 38 size_t len[NUM_WEP_KEYS]; 39 int keys_set; 40 size_t default_len; /* key length used for dynamic key generation */ 41 }; 42 43 typedef enum hostap_security_policy { 44 SECURITY_PLAINTEXT = 0, 45 SECURITY_STATIC_WEP = 1, 46 SECURITY_IEEE_802_1X = 2, 47 SECURITY_WPA_PSK = 3, 48 SECURITY_WPA = 4 49 } secpolicy; 50 51 struct hostapd_ssid { 52 u8 ssid[HOSTAPD_MAX_SSID_LEN]; 53 size_t ssid_len; 54 unsigned int ssid_set:1; 55 unsigned int utf8_ssid:1; 56 57 char vlan[IFNAMSIZ + 1]; 58 secpolicy security_policy; 59 60 struct hostapd_wpa_psk *wpa_psk; 61 char *wpa_passphrase; 62 char *wpa_psk_file; 63 64 struct hostapd_wep_keys wep; 65 66 #define DYNAMIC_VLAN_DISABLED 0 67 #define DYNAMIC_VLAN_OPTIONAL 1 68 #define DYNAMIC_VLAN_REQUIRED 2 69 int dynamic_vlan; 70 #define DYNAMIC_VLAN_NAMING_WITHOUT_DEVICE 0 71 #define DYNAMIC_VLAN_NAMING_WITH_DEVICE 1 72 #define DYNAMIC_VLAN_NAMING_END 2 73 int vlan_naming; 74 #ifdef CONFIG_FULL_DYNAMIC_VLAN 75 char *vlan_tagged_interface; 76 #endif /* CONFIG_FULL_DYNAMIC_VLAN */ 77 struct hostapd_wep_keys **dyn_vlan_keys; 78 size_t max_dyn_vlan_keys; 79 }; 80 81 82 #define VLAN_ID_WILDCARD -1 83 84 struct hostapd_vlan { 85 struct hostapd_vlan *next; 86 int vlan_id; /* VLAN ID or -1 (VLAN_ID_WILDCARD) for wildcard entry */ 87 char ifname[IFNAMSIZ + 1]; 88 int dynamic_vlan; 89 #ifdef CONFIG_FULL_DYNAMIC_VLAN 90 91 #define DVLAN_CLEAN_BR 0x1 92 #define DVLAN_CLEAN_VLAN 0x2 93 #define DVLAN_CLEAN_VLAN_PORT 0x4 94 #define DVLAN_CLEAN_WLAN_PORT 0x8 95 int clean; 96 #endif /* CONFIG_FULL_DYNAMIC_VLAN */ 97 }; 98 99 #define PMK_LEN 32 100 struct hostapd_sta_wpa_psk_short { 101 struct hostapd_sta_wpa_psk_short *next; 102 u8 psk[PMK_LEN]; 103 }; 104 105 struct hostapd_wpa_psk { 106 struct hostapd_wpa_psk *next; 107 int group; 108 u8 psk[PMK_LEN]; 109 u8 addr[ETH_ALEN]; 110 }; 111 112 struct hostapd_eap_user { 113 struct hostapd_eap_user *next; 114 u8 *identity; 115 size_t identity_len; 116 struct { 117 int vendor; 118 u32 method; 119 } methods[EAP_MAX_METHODS]; 120 u8 *password; 121 size_t password_len; 122 int phase2; 123 int force_version; 124 unsigned int wildcard_prefix:1; 125 unsigned int password_hash:1; /* whether password is hashed with 126 * nt_password_hash() */ 127 int ttls_auth; /* EAP_TTLS_AUTH_* bitfield */ 128 }; 129 130 struct hostapd_radius_attr { 131 u8 type; 132 struct wpabuf *val; 133 struct hostapd_radius_attr *next; 134 }; 135 136 137 #define NUM_TX_QUEUES 4 138 139 struct hostapd_tx_queue_params { 140 int aifs; 141 int cwmin; 142 int cwmax; 143 int burst; /* maximum burst time in 0.1 ms, i.e., 10 = 1 ms */ 144 }; 145 146 147 #define MAX_ROAMING_CONSORTIUM_LEN 15 148 149 struct hostapd_roaming_consortium { 150 u8 len; 151 u8 oi[MAX_ROAMING_CONSORTIUM_LEN]; 152 }; 153 154 struct hostapd_lang_string { 155 u8 lang[3]; 156 u8 name_len; 157 u8 name[252]; 158 }; 159 160 #define MAX_NAI_REALMS 10 161 #define MAX_NAI_REALMLEN 255 162 #define MAX_NAI_EAP_METHODS 5 163 #define MAX_NAI_AUTH_TYPES 4 164 struct hostapd_nai_realm_data { 165 u8 encoding; 166 char realm_buf[MAX_NAI_REALMLEN + 1]; 167 char *realm[MAX_NAI_REALMS]; 168 u8 eap_method_count; 169 struct hostapd_nai_realm_eap { 170 u8 eap_method; 171 u8 num_auths; 172 u8 auth_id[MAX_NAI_AUTH_TYPES]; 173 u8 auth_val[MAX_NAI_AUTH_TYPES]; 174 } eap_method[MAX_NAI_EAP_METHODS]; 175 }; 176 177 /** 178 * struct hostapd_bss_config - Per-BSS configuration 179 */ 180 struct hostapd_bss_config { 181 char iface[IFNAMSIZ + 1]; 182 char bridge[IFNAMSIZ + 1]; 183 char wds_bridge[IFNAMSIZ + 1]; 184 185 enum hostapd_logger_level logger_syslog_level, logger_stdout_level; 186 187 unsigned int logger_syslog; /* module bitfield */ 188 unsigned int logger_stdout; /* module bitfield */ 189 190 char *dump_log_name; /* file name for state dump (SIGUSR1) */ 191 192 int max_num_sta; /* maximum number of STAs in station table */ 193 194 int dtim_period; 195 196 int ieee802_1x; /* use IEEE 802.1X */ 197 int eapol_version; 198 int eap_server; /* Use internal EAP server instead of external 199 * RADIUS server */ 200 struct hostapd_eap_user *eap_user; 201 char *eap_user_sqlite; 202 char *eap_sim_db; 203 struct hostapd_ip_addr own_ip_addr; 204 char *nas_identifier; 205 struct hostapd_radius_servers *radius; 206 int acct_interim_interval; 207 int radius_request_cui; 208 struct hostapd_radius_attr *radius_auth_req_attr; 209 struct hostapd_radius_attr *radius_acct_req_attr; 210 int radius_das_port; 211 unsigned int radius_das_time_window; 212 int radius_das_require_event_timestamp; 213 struct hostapd_ip_addr radius_das_client_addr; 214 u8 *radius_das_shared_secret; 215 size_t radius_das_shared_secret_len; 216 217 struct hostapd_ssid ssid; 218 219 char *eap_req_id_text; /* optional displayable message sent with 220 * EAP Request-Identity */ 221 size_t eap_req_id_text_len; 222 int eapol_key_index_workaround; 223 224 size_t default_wep_key_len; 225 int individual_wep_key_len; 226 int wep_rekeying_period; 227 int broadcast_key_idx_min, broadcast_key_idx_max; 228 int eap_reauth_period; 229 230 int ieee802_11f; /* use IEEE 802.11f (IAPP) */ 231 char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast 232 * frames */ 233 234 enum { 235 ACCEPT_UNLESS_DENIED = 0, 236 DENY_UNLESS_ACCEPTED = 1, 237 USE_EXTERNAL_RADIUS_AUTH = 2 238 } macaddr_acl; 239 struct mac_acl_entry *accept_mac; 240 int num_accept_mac; 241 struct mac_acl_entry *deny_mac; 242 int num_deny_mac; 243 int wds_sta; 244 int isolate; 245 246 int auth_algs; /* bitfield of allowed IEEE 802.11 authentication 247 * algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */ 248 249 int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */ 250 int wpa_key_mgmt; 251 #ifdef CONFIG_IEEE80211W 252 enum mfp_options ieee80211w; 253 /* dot11AssociationSAQueryMaximumTimeout (in TUs) */ 254 unsigned int assoc_sa_query_max_timeout; 255 /* dot11AssociationSAQueryRetryTimeout (in TUs) */ 256 int assoc_sa_query_retry_timeout; 257 #endif /* CONFIG_IEEE80211W */ 258 enum { 259 PSK_RADIUS_IGNORED = 0, 260 PSK_RADIUS_ACCEPTED = 1, 261 PSK_RADIUS_REQUIRED = 2 262 } wpa_psk_radius; 263 int wpa_pairwise; 264 int wpa_group; 265 int wpa_group_rekey; 266 int wpa_strict_rekey; 267 int wpa_gmk_rekey; 268 int wpa_ptk_rekey; 269 int rsn_pairwise; 270 int rsn_preauth; 271 char *rsn_preauth_interfaces; 272 int peerkey; 273 274 #ifdef CONFIG_IEEE80211R 275 /* IEEE 802.11r - Fast BSS Transition */ 276 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; 277 u8 r1_key_holder[FT_R1KH_ID_LEN]; 278 u32 r0_key_lifetime; 279 u32 reassociation_deadline; 280 struct ft_remote_r0kh *r0kh_list; 281 struct ft_remote_r1kh *r1kh_list; 282 int pmk_r1_push; 283 int ft_over_ds; 284 #endif /* CONFIG_IEEE80211R */ 285 286 char *ctrl_interface; /* directory for UNIX domain sockets */ 287 #ifndef CONFIG_NATIVE_WINDOWS 288 gid_t ctrl_interface_gid; 289 #endif /* CONFIG_NATIVE_WINDOWS */ 290 int ctrl_interface_gid_set; 291 292 char *ca_cert; 293 char *server_cert; 294 char *private_key; 295 char *private_key_passwd; 296 int check_crl; 297 char *dh_file; 298 u8 *pac_opaque_encr_key; 299 u8 *eap_fast_a_id; 300 size_t eap_fast_a_id_len; 301 char *eap_fast_a_id_info; 302 int eap_fast_prov; 303 int pac_key_lifetime; 304 int pac_key_refresh_time; 305 int eap_sim_aka_result_ind; 306 int tnc; 307 int fragment_size; 308 u16 pwd_group; 309 310 char *radius_server_clients; 311 int radius_server_auth_port; 312 int radius_server_ipv6; 313 314 char *test_socket; /* UNIX domain socket path for driver_test */ 315 316 int use_pae_group_addr; /* Whether to send EAPOL frames to PAE group 317 * address instead of individual address 318 * (for driver_wired.c). 319 */ 320 321 int ap_max_inactivity; 322 int ignore_broadcast_ssid; 323 324 int wmm_enabled; 325 int wmm_uapsd; 326 327 struct hostapd_vlan *vlan, *vlan_tail; 328 329 macaddr bssid; 330 331 /* 332 * Maximum listen interval that STAs can use when associating with this 333 * BSS. If a STA tries to use larger value, the association will be 334 * denied with status code 51. 335 */ 336 u16 max_listen_interval; 337 338 int disable_pmksa_caching; 339 int okc; /* Opportunistic Key Caching */ 340 341 int wps_state; 342 #ifdef CONFIG_WPS 343 int wps_independent; 344 int ap_setup_locked; 345 u8 uuid[16]; 346 char *wps_pin_requests; 347 char *device_name; 348 char *manufacturer; 349 char *model_name; 350 char *model_number; 351 char *serial_number; 352 u8 device_type[WPS_DEV_TYPE_LEN]; 353 char *config_methods; 354 u8 os_version[4]; 355 char *ap_pin; 356 int skip_cred_build; 357 u8 *extra_cred; 358 size_t extra_cred_len; 359 int wps_cred_processing; 360 u8 *ap_settings; 361 size_t ap_settings_len; 362 char *upnp_iface; 363 char *friendly_name; 364 char *manufacturer_url; 365 char *model_description; 366 char *model_url; 367 char *upc; 368 struct wpabuf *wps_vendor_ext[MAX_WPS_VENDOR_EXTENSIONS]; 369 int wps_nfc_pw_from_config; 370 int wps_nfc_dev_pw_id; 371 struct wpabuf *wps_nfc_dh_pubkey; 372 struct wpabuf *wps_nfc_dh_privkey; 373 struct wpabuf *wps_nfc_dev_pw; 374 #endif /* CONFIG_WPS */ 375 int pbc_in_m1; 376 377 #define P2P_ENABLED BIT(0) 378 #define P2P_GROUP_OWNER BIT(1) 379 #define P2P_GROUP_FORMATION BIT(2) 380 #define P2P_MANAGE BIT(3) 381 #define P2P_ALLOW_CROSS_CONNECTION BIT(4) 382 int p2p; 383 384 int disassoc_low_ack; 385 int skip_inactivity_poll; 386 387 #define TDLS_PROHIBIT BIT(0) 388 #define TDLS_PROHIBIT_CHAN_SWITCH BIT(1) 389 int tdls; 390 int disable_11n; 391 int disable_11ac; 392 393 /* IEEE 802.11v */ 394 int time_advertisement; 395 char *time_zone; 396 int wnm_sleep_mode; 397 int bss_transition; 398 399 /* IEEE 802.11u - Interworking */ 400 int interworking; 401 int access_network_type; 402 int internet; 403 int asra; 404 int esr; 405 int uesa; 406 int venue_info_set; 407 u8 venue_group; 408 u8 venue_type; 409 u8 hessid[ETH_ALEN]; 410 411 /* IEEE 802.11u - Roaming Consortium list */ 412 unsigned int roaming_consortium_count; 413 struct hostapd_roaming_consortium *roaming_consortium; 414 415 /* IEEE 802.11u - Venue Name duples */ 416 unsigned int venue_name_count; 417 struct hostapd_lang_string *venue_name; 418 419 /* IEEE 802.11u - Network Authentication Type */ 420 u8 *network_auth_type; 421 size_t network_auth_type_len; 422 423 /* IEEE 802.11u - IP Address Type Availability */ 424 u8 ipaddr_type_availability; 425 u8 ipaddr_type_configured; 426 427 /* IEEE 802.11u - 3GPP Cellular Network */ 428 u8 *anqp_3gpp_cell_net; 429 size_t anqp_3gpp_cell_net_len; 430 431 /* IEEE 802.11u - Domain Name */ 432 u8 *domain_name; 433 size_t domain_name_len; 434 435 unsigned int nai_realm_count; 436 struct hostapd_nai_realm_data *nai_realm_data; 437 438 u16 gas_comeback_delay; 439 int gas_frag_limit; 440 441 #ifdef CONFIG_HS20 442 int hs20; 443 int disable_dgaf; 444 unsigned int hs20_oper_friendly_name_count; 445 struct hostapd_lang_string *hs20_oper_friendly_name; 446 u8 *hs20_wan_metrics; 447 u8 *hs20_connection_capability; 448 size_t hs20_connection_capability_len; 449 u8 *hs20_operating_class; 450 u8 hs20_operating_class_len; 451 #endif /* CONFIG_HS20 */ 452 453 u8 wps_rf_bands; /* RF bands for WPS (WPS_RF_*) */ 454 455 #ifdef CONFIG_RADIUS_TEST 456 char *dump_msk_file; 457 #endif /* CONFIG_RADIUS_TEST */ 458 459 struct wpabuf *vendor_elements; 460 461 unsigned int sae_anti_clogging_threshold; 462 int *sae_groups; 463 }; 464 465 466 /** 467 * struct hostapd_config - Per-radio interface configuration 468 */ 469 struct hostapd_config { 470 struct hostapd_bss_config *bss, *last_bss; 471 size_t num_bss; 472 473 u16 beacon_int; 474 int rts_threshold; 475 int fragm_threshold; 476 u8 send_probe_response; 477 u8 channel; 478 enum hostapd_hw_mode hw_mode; /* HOSTAPD_MODE_IEEE80211A, .. */ 479 enum { 480 LONG_PREAMBLE = 0, 481 SHORT_PREAMBLE = 1 482 } preamble; 483 484 int *supported_rates; 485 int *basic_rates; 486 487 const struct wpa_driver_ops *driver; 488 489 int ap_table_max_size; 490 int ap_table_expiration_time; 491 492 char country[3]; /* first two octets: country code as described in 493 * ISO/IEC 3166-1. Third octet: 494 * ' ' (ascii 32): all environments 495 * 'O': Outdoor environemnt only 496 * 'I': Indoor environment only 497 */ 498 499 int ieee80211d; 500 501 struct hostapd_tx_queue_params tx_queue[NUM_TX_QUEUES]; 502 503 /* 504 * WMM AC parameters, in same order as 802.1D, i.e. 505 * 0 = BE (best effort) 506 * 1 = BK (background) 507 * 2 = VI (video) 508 * 3 = VO (voice) 509 */ 510 struct hostapd_wmm_ac_params wmm_ac_params[4]; 511 512 int ht_op_mode_fixed; 513 u16 ht_capab; 514 int ieee80211n; 515 int secondary_channel; 516 int require_ht; 517 u32 vht_capab; 518 int ieee80211ac; 519 int require_vht; 520 u8 vht_oper_chwidth; 521 u8 vht_oper_centr_freq_seg0_idx; 522 u8 vht_oper_centr_freq_seg1_idx; 523 }; 524 525 526 int hostapd_mac_comp(const void *a, const void *b); 527 int hostapd_mac_comp_empty(const void *a); 528 struct hostapd_config * hostapd_config_defaults(void); 529 void hostapd_config_defaults_bss(struct hostapd_bss_config *bss); 530 void hostapd_config_free(struct hostapd_config *conf); 531 int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries, 532 const u8 *addr, int *vlan_id); 533 int hostapd_rate_found(int *list, int rate); 534 int hostapd_wep_key_cmp(struct hostapd_wep_keys *a, 535 struct hostapd_wep_keys *b); 536 const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf, 537 const u8 *addr, const u8 *prev_psk); 538 int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf); 539 const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, 540 int vlan_id); 541 struct hostapd_radius_attr * 542 hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type); 543 544 #endif /* HOSTAPD_CONFIG_H */ 545
