Home | History | Annotate | Download | only in wpa_supplicant
      1 /*
      2  * WPA Supplicant / Configuration parser and common functions
      3  * Copyright (c) 2003-2012, Jouni Malinen <j (at) w1.fi>
      4  *
      5  * This software may be distributed under the terms of the BSD license.
      6  * See README for more details.
      7  */
      8 
      9 #include "includes.h"
     10 
     11 #include "common.h"
     12 #include "utils/uuid.h"
     13 #include "utils/ip_addr.h"
     14 #include "crypto/sha1.h"
     15 #include "rsn_supp/wpa.h"
     16 #include "eap_peer/eap.h"
     17 #include "p2p/p2p.h"
     18 #include "config.h"
     19 
     20 
     21 #if !defined(CONFIG_CTRL_IFACE) && defined(CONFIG_NO_CONFIG_WRITE)
     22 #define NO_CONFIG_WRITE
     23 #endif
     24 
     25 /*
     26  * Structure for network configuration parsing. This data is used to implement
     27  * a generic parser for each network block variable. The table of configuration
     28  * variables is defined below in this file (ssid_fields[]).
     29  */
     30 struct parse_data {
     31 	/* Configuration variable name */
     32 	char *name;
     33 
     34 	/* Parser function for this variable */
     35 	int (*parser)(const struct parse_data *data, struct wpa_ssid *ssid,
     36 		      int line, const char *value);
     37 
     38 #ifndef NO_CONFIG_WRITE
     39 	/* Writer function (i.e., to get the variable in text format from
     40 	 * internal presentation). */
     41 	char * (*writer)(const struct parse_data *data, struct wpa_ssid *ssid);
     42 #endif /* NO_CONFIG_WRITE */
     43 
     44 	/* Variable specific parameters for the parser. */
     45 	void *param1, *param2, *param3, *param4;
     46 
     47 	/* 0 = this variable can be included in debug output and ctrl_iface
     48 	 * 1 = this variable contains key/private data and it must not be
     49 	 *     included in debug output unless explicitly requested. In
     50 	 *     addition, this variable will not be readable through the
     51 	 *     ctrl_iface.
     52 	 */
     53 	int key_data;
     54 };
     55 
     56 
     57 static int wpa_config_parse_str(const struct parse_data *data,
     58 				struct wpa_ssid *ssid,
     59 				int line, const char *value)
     60 {
     61 	size_t res_len, *dst_len;
     62 	char **dst, *tmp;
     63 
     64 	if (os_strcmp(value, "NULL") == 0) {
     65 		wpa_printf(MSG_DEBUG, "Unset configuration string '%s'",
     66 			   data->name);
     67 		tmp = NULL;
     68 		res_len = 0;
     69 		goto set;
     70 	}
     71 
     72 	tmp = wpa_config_parse_string(value, &res_len);
     73 	if (tmp == NULL) {
     74 		wpa_printf(MSG_ERROR, "Line %d: failed to parse %s '%s'.",
     75 			   line, data->name,
     76 			   data->key_data ? "[KEY DATA REMOVED]" : value);
     77 		return -1;
     78 	}
     79 
     80 	if (data->key_data) {
     81 		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
     82 				      (u8 *) tmp, res_len);
     83 	} else {
     84 		wpa_hexdump_ascii(MSG_MSGDUMP, data->name,
     85 				  (u8 *) tmp, res_len);
     86 	}
     87 
     88 	if (data->param3 && res_len < (size_t) data->param3) {
     89 		wpa_printf(MSG_ERROR, "Line %d: too short %s (len=%lu "
     90 			   "min_len=%ld)", line, data->name,
     91 			   (unsigned long) res_len, (long) data->param3);
     92 		os_free(tmp);
     93 		return -1;
     94 	}
     95 
     96 	if (data->param4 && res_len > (size_t) data->param4) {
     97 		wpa_printf(MSG_ERROR, "Line %d: too long %s (len=%lu "
     98 			   "max_len=%ld)", line, data->name,
     99 			   (unsigned long) res_len, (long) data->param4);
    100 		os_free(tmp);
    101 		return -1;
    102 	}
    103 
    104 set:
    105 	dst = (char **) (((u8 *) ssid) + (long) data->param1);
    106 	dst_len = (size_t *) (((u8 *) ssid) + (long) data->param2);
    107 	os_free(*dst);
    108 	*dst = tmp;
    109 	if (data->param2)
    110 		*dst_len = res_len;
    111 
    112 	return 0;
    113 }
    114 
    115 
    116 #ifndef NO_CONFIG_WRITE
    117 static char * wpa_config_write_string_ascii(const u8 *value, size_t len)
    118 {
    119 	char *buf;
    120 
    121 	buf = os_malloc(len + 3);
    122 	if (buf == NULL)
    123 		return NULL;
    124 	buf[0] = '"';
    125 	os_memcpy(buf + 1, value, len);
    126 	buf[len + 1] = '"';
    127 	buf[len + 2] = '\0';
    128 
    129 	return buf;
    130 }
    131 
    132 
    133 static char * wpa_config_write_string_hex(const u8 *value, size_t len)
    134 {
    135 	char *buf;
    136 
    137 	buf = os_zalloc(2 * len + 1);
    138 	if (buf == NULL)
    139 		return NULL;
    140 	wpa_snprintf_hex(buf, 2 * len + 1, value, len);
    141 
    142 	return buf;
    143 }
    144 
    145 
    146 static char * wpa_config_write_string(const u8 *value, size_t len)
    147 {
    148 	if (value == NULL)
    149 		return NULL;
    150 
    151 	if (is_hex(value, len))
    152 		return wpa_config_write_string_hex(value, len);
    153 	else
    154 		return wpa_config_write_string_ascii(value, len);
    155 }
    156 
    157 
    158 static char * wpa_config_write_str(const struct parse_data *data,
    159 				   struct wpa_ssid *ssid)
    160 {
    161 	size_t len;
    162 	char **src;
    163 
    164 	src = (char **) (((u8 *) ssid) + (long) data->param1);
    165 	if (*src == NULL)
    166 		return NULL;
    167 
    168 	if (data->param2)
    169 		len = *((size_t *) (((u8 *) ssid) + (long) data->param2));
    170 	else
    171 		len = os_strlen(*src);
    172 
    173 	return wpa_config_write_string((const u8 *) *src, len);
    174 }
    175 #endif /* NO_CONFIG_WRITE */
    176 
    177 
    178 static int wpa_config_parse_int(const struct parse_data *data,
    179 				struct wpa_ssid *ssid,
    180 				int line, const char *value)
    181 {
    182 	int val, *dst;
    183 	char *end;
    184 
    185 	dst = (int *) (((u8 *) ssid) + (long) data->param1);
    186 	val = strtol(value, &end, 0);
    187 	if (*end) {
    188 		wpa_printf(MSG_ERROR, "Line %d: invalid number \"%s\"",
    189 			   line, value);
    190 		return -1;
    191 	}
    192 	*dst = val;
    193 	wpa_printf(MSG_MSGDUMP, "%s=%d (0x%x)", data->name, *dst, *dst);
    194 
    195 	if (data->param3 && *dst < (long) data->param3) {
    196 		wpa_printf(MSG_ERROR, "Line %d: too small %s (value=%d "
    197 			   "min_value=%ld)", line, data->name, *dst,
    198 			   (long) data->param3);
    199 		*dst = (long) data->param3;
    200 		return -1;
    201 	}
    202 
    203 	if (data->param4 && *dst > (long) data->param4) {
    204 		wpa_printf(MSG_ERROR, "Line %d: too large %s (value=%d "
    205 			   "max_value=%ld)", line, data->name, *dst,
    206 			   (long) data->param4);
    207 		*dst = (long) data->param4;
    208 		return -1;
    209 	}
    210 
    211 	return 0;
    212 }
    213 
    214 
    215 #ifndef NO_CONFIG_WRITE
    216 static char * wpa_config_write_int(const struct parse_data *data,
    217 				   struct wpa_ssid *ssid)
    218 {
    219 	int *src, res;
    220 	char *value;
    221 
    222 	src = (int *) (((u8 *) ssid) + (long) data->param1);
    223 
    224 	value = os_malloc(20);
    225 	if (value == NULL)
    226 		return NULL;
    227 	res = os_snprintf(value, 20, "%d", *src);
    228 	if (res < 0 || res >= 20) {
    229 		os_free(value);
    230 		return NULL;
    231 	}
    232 	value[20 - 1] = '\0';
    233 	return value;
    234 }
    235 #endif /* NO_CONFIG_WRITE */
    236 
    237 
    238 static int wpa_config_parse_bssid(const struct parse_data *data,
    239 				  struct wpa_ssid *ssid, int line,
    240 				  const char *value)
    241 {
    242 	if (value[0] == '\0' || os_strcmp(value, "\"\"") == 0 ||
    243 	    os_strcmp(value, "any") == 0) {
    244 		ssid->bssid_set = 0;
    245 		wpa_printf(MSG_MSGDUMP, "BSSID any");
    246 		return 0;
    247 	}
    248 	if (hwaddr_aton(value, ssid->bssid)) {
    249 		wpa_printf(MSG_ERROR, "Line %d: Invalid BSSID '%s'.",
    250 			   line, value);
    251 		return -1;
    252 	}
    253 	ssid->bssid_set = 1;
    254 	wpa_hexdump(MSG_MSGDUMP, "BSSID", ssid->bssid, ETH_ALEN);
    255 	return 0;
    256 }
    257 
    258 
    259 #ifndef NO_CONFIG_WRITE
    260 static char * wpa_config_write_bssid(const struct parse_data *data,
    261 				     struct wpa_ssid *ssid)
    262 {
    263 	char *value;
    264 	int res;
    265 
    266 	if (!ssid->bssid_set)
    267 		return NULL;
    268 
    269 	value = os_malloc(20);
    270 	if (value == NULL)
    271 		return NULL;
    272 	res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->bssid));
    273 	if (res < 0 || res >= 20) {
    274 		os_free(value);
    275 		return NULL;
    276 	}
    277 	value[20 - 1] = '\0';
    278 	return value;
    279 }
    280 #endif /* NO_CONFIG_WRITE */
    281 
    282 
    283 static int wpa_config_parse_psk(const struct parse_data *data,
    284 				struct wpa_ssid *ssid, int line,
    285 				const char *value)
    286 {
    287 #ifdef CONFIG_EXT_PASSWORD
    288 	if (os_strncmp(value, "ext:", 4) == 0) {
    289 		str_clear_free(ssid->passphrase);
    290 		ssid->passphrase = NULL;
    291 		ssid->psk_set = 0;
    292 		os_free(ssid->ext_psk);
    293 		ssid->ext_psk = os_strdup(value + 4);
    294 		if (ssid->ext_psk == NULL)
    295 			return -1;
    296 		wpa_printf(MSG_DEBUG, "PSK: External password '%s'",
    297 			   ssid->ext_psk);
    298 		return 0;
    299 	}
    300 #endif /* CONFIG_EXT_PASSWORD */
    301 
    302 	if (*value == '"') {
    303 #ifndef CONFIG_NO_PBKDF2
    304 		const char *pos;
    305 		size_t len;
    306 
    307 		value++;
    308 		pos = os_strrchr(value, '"');
    309 		if (pos)
    310 			len = pos - value;
    311 		else
    312 			len = os_strlen(value);
    313 		if (len < 8 || len > 63) {
    314 			wpa_printf(MSG_ERROR, "Line %d: Invalid passphrase "
    315 				   "length %lu (expected: 8..63) '%s'.",
    316 				   line, (unsigned long) len, value);
    317 			return -1;
    318 		}
    319 		wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)",
    320 				      (u8 *) value, len);
    321 		if (ssid->passphrase && os_strlen(ssid->passphrase) == len &&
    322 		    os_memcmp(ssid->passphrase, value, len) == 0)
    323 			return 0;
    324 		ssid->psk_set = 0;
    325 		str_clear_free(ssid->passphrase);
    326 		ssid->passphrase = dup_binstr(value, len);
    327 		if (ssid->passphrase == NULL)
    328 			return -1;
    329 		return 0;
    330 #else /* CONFIG_NO_PBKDF2 */
    331 		wpa_printf(MSG_ERROR, "Line %d: ASCII passphrase not "
    332 			   "supported.", line);
    333 		return -1;
    334 #endif /* CONFIG_NO_PBKDF2 */
    335 	}
    336 
    337 	if (hexstr2bin(value, ssid->psk, PMK_LEN) ||
    338 	    value[PMK_LEN * 2] != '\0') {
    339 		wpa_printf(MSG_ERROR, "Line %d: Invalid PSK '%s'.",
    340 			   line, value);
    341 		return -1;
    342 	}
    343 
    344 	str_clear_free(ssid->passphrase);
    345 	ssid->passphrase = NULL;
    346 
    347 	ssid->psk_set = 1;
    348 	wpa_hexdump_key(MSG_MSGDUMP, "PSK", ssid->psk, PMK_LEN);
    349 	return 0;
    350 }
    351 
    352 
    353 #ifndef NO_CONFIG_WRITE
    354 static char * wpa_config_write_psk(const struct parse_data *data,
    355 				   struct wpa_ssid *ssid)
    356 {
    357 #ifdef CONFIG_EXT_PASSWORD
    358 	if (ssid->ext_psk) {
    359 		size_t len = 4 + os_strlen(ssid->ext_psk) + 1;
    360 		char *buf = os_malloc(len);
    361 		if (buf == NULL)
    362 			return NULL;
    363 		os_snprintf(buf, len, "ext:%s", ssid->ext_psk);
    364 		return buf;
    365 	}
    366 #endif /* CONFIG_EXT_PASSWORD */
    367 
    368 	if (ssid->passphrase)
    369 		return wpa_config_write_string_ascii(
    370 			(const u8 *) ssid->passphrase,
    371 			os_strlen(ssid->passphrase));
    372 
    373 	if (ssid->psk_set)
    374 		return wpa_config_write_string_hex(ssid->psk, PMK_LEN);
    375 
    376 	return NULL;
    377 }
    378 #endif /* NO_CONFIG_WRITE */
    379 
    380 
    381 static int wpa_config_parse_proto(const struct parse_data *data,
    382 				  struct wpa_ssid *ssid, int line,
    383 				  const char *value)
    384 {
    385 	int val = 0, last, errors = 0;
    386 	char *start, *end, *buf;
    387 
    388 	buf = os_strdup(value);
    389 	if (buf == NULL)
    390 		return -1;
    391 	start = buf;
    392 
    393 	while (*start != '\0') {
    394 		while (*start == ' ' || *start == '\t')
    395 			start++;
    396 		if (*start == '\0')
    397 			break;
    398 		end = start;
    399 		while (*end != ' ' && *end != '\t' && *end != '\0')
    400 			end++;
    401 		last = *end == '\0';
    402 		*end = '\0';
    403 		if (os_strcmp(start, "WPA") == 0)
    404 			val |= WPA_PROTO_WPA;
    405 		else if (os_strcmp(start, "RSN") == 0 ||
    406 			 os_strcmp(start, "WPA2") == 0)
    407 			val |= WPA_PROTO_RSN;
    408 		else if (os_strcmp(start, "OSEN") == 0)
    409 			val |= WPA_PROTO_OSEN;
    410 		else {
    411 			wpa_printf(MSG_ERROR, "Line %d: invalid proto '%s'",
    412 				   line, start);
    413 			errors++;
    414 		}
    415 
    416 		if (last)
    417 			break;
    418 		start = end + 1;
    419 	}
    420 	os_free(buf);
    421 
    422 	if (val == 0) {
    423 		wpa_printf(MSG_ERROR,
    424 			   "Line %d: no proto values configured.", line);
    425 		errors++;
    426 	}
    427 
    428 	wpa_printf(MSG_MSGDUMP, "proto: 0x%x", val);
    429 	ssid->proto = val;
    430 	return errors ? -1 : 0;
    431 }
    432 
    433 
    434 #ifndef NO_CONFIG_WRITE
    435 static char * wpa_config_write_proto(const struct parse_data *data,
    436 				     struct wpa_ssid *ssid)
    437 {
    438 	int ret;
    439 	char *buf, *pos, *end;
    440 
    441 	pos = buf = os_zalloc(20);
    442 	if (buf == NULL)
    443 		return NULL;
    444 	end = buf + 20;
    445 
    446 	if (ssid->proto & WPA_PROTO_WPA) {
    447 		ret = os_snprintf(pos, end - pos, "%sWPA",
    448 				  pos == buf ? "" : " ");
    449 		if (ret < 0 || ret >= end - pos)
    450 			return buf;
    451 		pos += ret;
    452 	}
    453 
    454 	if (ssid->proto & WPA_PROTO_RSN) {
    455 		ret = os_snprintf(pos, end - pos, "%sRSN",
    456 				  pos == buf ? "" : " ");
    457 		if (ret < 0 || ret >= end - pos)
    458 			return buf;
    459 		pos += ret;
    460 	}
    461 
    462 	if (ssid->proto & WPA_PROTO_OSEN) {
    463 		ret = os_snprintf(pos, end - pos, "%sOSEN",
    464 				  pos == buf ? "" : " ");
    465 		if (ret < 0 || ret >= end - pos)
    466 			return buf;
    467 		pos += ret;
    468 	}
    469 
    470 	if (pos == buf) {
    471 		os_free(buf);
    472 		buf = NULL;
    473 	}
    474 
    475 	return buf;
    476 }
    477 #endif /* NO_CONFIG_WRITE */
    478 
    479 
    480 static int wpa_config_parse_key_mgmt(const struct parse_data *data,
    481 				     struct wpa_ssid *ssid, int line,
    482 				     const char *value)
    483 {
    484 	int val = 0, last, errors = 0;
    485 	char *start, *end, *buf;
    486 
    487 	buf = os_strdup(value);
    488 	if (buf == NULL)
    489 		return -1;
    490 	start = buf;
    491 
    492 	while (*start != '\0') {
    493 		while (*start == ' ' || *start == '\t')
    494 			start++;
    495 		if (*start == '\0')
    496 			break;
    497 		end = start;
    498 		while (*end != ' ' && *end != '\t' && *end != '\0')
    499 			end++;
    500 		last = *end == '\0';
    501 		*end = '\0';
    502 		if (os_strcmp(start, "WPA-PSK") == 0)
    503 			val |= WPA_KEY_MGMT_PSK;
    504 		else if (os_strcmp(start, "WPA-EAP") == 0)
    505 			val |= WPA_KEY_MGMT_IEEE8021X;
    506 		else if (os_strcmp(start, "IEEE8021X") == 0)
    507 			val |= WPA_KEY_MGMT_IEEE8021X_NO_WPA;
    508 		else if (os_strcmp(start, "NONE") == 0)
    509 			val |= WPA_KEY_MGMT_NONE;
    510 		else if (os_strcmp(start, "WPA-NONE") == 0)
    511 			val |= WPA_KEY_MGMT_WPA_NONE;
    512 #ifdef CONFIG_IEEE80211R
    513 		else if (os_strcmp(start, "FT-PSK") == 0)
    514 			val |= WPA_KEY_MGMT_FT_PSK;
    515 		else if (os_strcmp(start, "FT-EAP") == 0)
    516 			val |= WPA_KEY_MGMT_FT_IEEE8021X;
    517 #endif /* CONFIG_IEEE80211R */
    518 #ifdef CONFIG_IEEE80211W
    519 		else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
    520 			val |= WPA_KEY_MGMT_PSK_SHA256;
    521 		else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
    522 			val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
    523 #endif /* CONFIG_IEEE80211W */
    524 #ifdef CONFIG_WPS
    525 		else if (os_strcmp(start, "WPS") == 0)
    526 			val |= WPA_KEY_MGMT_WPS;
    527 #endif /* CONFIG_WPS */
    528 #ifdef CONFIG_SAE
    529 		else if (os_strcmp(start, "SAE") == 0)
    530 			val |= WPA_KEY_MGMT_SAE;
    531 		else if (os_strcmp(start, "FT-SAE") == 0)
    532 			val |= WPA_KEY_MGMT_FT_SAE;
    533 #endif /* CONFIG_SAE */
    534 #ifdef CONFIG_HS20
    535 		else if (os_strcmp(start, "OSEN") == 0)
    536 			val |= WPA_KEY_MGMT_OSEN;
    537 #endif /* CONFIG_HS20 */
    538 		else {
    539 			wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
    540 				   line, start);
    541 			errors++;
    542 		}
    543 
    544 		if (last)
    545 			break;
    546 		start = end + 1;
    547 	}
    548 	os_free(buf);
    549 
    550 	if (val == 0) {
    551 		wpa_printf(MSG_ERROR,
    552 			   "Line %d: no key_mgmt values configured.", line);
    553 		errors++;
    554 	}
    555 
    556 	wpa_printf(MSG_MSGDUMP, "key_mgmt: 0x%x", val);
    557 	ssid->key_mgmt = val;
    558 	return errors ? -1 : 0;
    559 }
    560 
    561 
    562 #ifndef NO_CONFIG_WRITE
    563 static char * wpa_config_write_key_mgmt(const struct parse_data *data,
    564 					struct wpa_ssid *ssid)
    565 {
    566 	char *buf, *pos, *end;
    567 	int ret;
    568 
    569 	pos = buf = os_zalloc(100);
    570 	if (buf == NULL)
    571 		return NULL;
    572 	end = buf + 100;
    573 
    574 	if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
    575 		ret = os_snprintf(pos, end - pos, "%sWPA-PSK",
    576 				  pos == buf ? "" : " ");
    577 		if (ret < 0 || ret >= end - pos) {
    578 			end[-1] = '\0';
    579 			return buf;
    580 		}
    581 		pos += ret;
    582 	}
    583 
    584 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
    585 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP",
    586 				  pos == buf ? "" : " ");
    587 		if (ret < 0 || ret >= end - pos) {
    588 			end[-1] = '\0';
    589 			return buf;
    590 		}
    591 		pos += ret;
    592 	}
    593 
    594 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
    595 		ret = os_snprintf(pos, end - pos, "%sIEEE8021X",
    596 				  pos == buf ? "" : " ");
    597 		if (ret < 0 || ret >= end - pos) {
    598 			end[-1] = '\0';
    599 			return buf;
    600 		}
    601 		pos += ret;
    602 	}
    603 
    604 	if (ssid->key_mgmt & WPA_KEY_MGMT_NONE) {
    605 		ret = os_snprintf(pos, end - pos, "%sNONE",
    606 				  pos == buf ? "" : " ");
    607 		if (ret < 0 || ret >= end - pos) {
    608 			end[-1] = '\0';
    609 			return buf;
    610 		}
    611 		pos += ret;
    612 	}
    613 
    614 	if (ssid->key_mgmt & WPA_KEY_MGMT_WPA_NONE) {
    615 		ret = os_snprintf(pos, end - pos, "%sWPA-NONE",
    616 				  pos == buf ? "" : " ");
    617 		if (ret < 0 || ret >= end - pos) {
    618 			end[-1] = '\0';
    619 			return buf;
    620 		}
    621 		pos += ret;
    622 	}
    623 
    624 #ifdef CONFIG_IEEE80211R
    625 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_PSK) {
    626 		ret = os_snprintf(pos, end - pos, "%sFT-PSK",
    627 				  pos == buf ? "" : " ");
    628 		if (ret < 0 || ret >= end - pos) {
    629 			end[-1] = '\0';
    630 			return buf;
    631 		}
    632 		pos += ret;
    633 	}
    634 
    635 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
    636 		ret = os_snprintf(pos, end - pos, "%sFT-EAP",
    637 				  pos == buf ? "" : " ");
    638 		if (ret < 0 || ret >= end - pos) {
    639 			end[-1] = '\0';
    640 			return buf;
    641 		}
    642 		pos += ret;
    643 	}
    644 #endif /* CONFIG_IEEE80211R */
    645 
    646 #ifdef CONFIG_IEEE80211W
    647 	if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
    648 		ret = os_snprintf(pos, end - pos, "%sWPA-PSK-SHA256",
    649 				  pos == buf ? "" : " ");
    650 		if (ret < 0 || ret >= end - pos) {
    651 			end[-1] = '\0';
    652 			return buf;
    653 		}
    654 		pos += ret;
    655 	}
    656 
    657 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
    658 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP-SHA256",
    659 				  pos == buf ? "" : " ");
    660 		if (ret < 0 || ret >= end - pos) {
    661 			end[-1] = '\0';
    662 			return buf;
    663 		}
    664 		pos += ret;
    665 	}
    666 #endif /* CONFIG_IEEE80211W */
    667 
    668 #ifdef CONFIG_WPS
    669 	if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
    670 		ret = os_snprintf(pos, end - pos, "%sWPS",
    671 				  pos == buf ? "" : " ");
    672 		if (ret < 0 || ret >= end - pos) {
    673 			end[-1] = '\0';
    674 			return buf;
    675 		}
    676 		pos += ret;
    677 	}
    678 #endif /* CONFIG_WPS */
    679 
    680 	if (pos == buf) {
    681 		os_free(buf);
    682 		buf = NULL;
    683 	}
    684 
    685 	return buf;
    686 }
    687 #endif /* NO_CONFIG_WRITE */
    688 
    689 
    690 static int wpa_config_parse_cipher(int line, const char *value)
    691 {
    692 	int val = wpa_parse_cipher(value);
    693 	if (val < 0) {
    694 		wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
    695 			   line, value);
    696 		return -1;
    697 	}
    698 	if (val == 0) {
    699 		wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
    700 			   line);
    701 		return -1;
    702 	}
    703 	return val;
    704 }
    705 
    706 
    707 #ifndef NO_CONFIG_WRITE
    708 static char * wpa_config_write_cipher(int cipher)
    709 {
    710 	char *buf = os_zalloc(50);
    711 	if (buf == NULL)
    712 		return NULL;
    713 
    714 	if (wpa_write_ciphers(buf, buf + 50, cipher, " ") < 0) {
    715 		os_free(buf);
    716 		return NULL;
    717 	}
    718 
    719 	return buf;
    720 }
    721 #endif /* NO_CONFIG_WRITE */
    722 
    723 
    724 static int wpa_config_parse_pairwise(const struct parse_data *data,
    725 				     struct wpa_ssid *ssid, int line,
    726 				     const char *value)
    727 {
    728 	int val;
    729 	val = wpa_config_parse_cipher(line, value);
    730 	if (val == -1)
    731 		return -1;
    732 	if (val & ~WPA_ALLOWED_PAIRWISE_CIPHERS) {
    733 		wpa_printf(MSG_ERROR, "Line %d: not allowed pairwise cipher "
    734 			   "(0x%x).", line, val);
    735 		return -1;
    736 	}
    737 
    738 	wpa_printf(MSG_MSGDUMP, "pairwise: 0x%x", val);
    739 	ssid->pairwise_cipher = val;
    740 	return 0;
    741 }
    742 
    743 
    744 #ifndef NO_CONFIG_WRITE
    745 static char * wpa_config_write_pairwise(const struct parse_data *data,
    746 					struct wpa_ssid *ssid)
    747 {
    748 	return wpa_config_write_cipher(ssid->pairwise_cipher);
    749 }
    750 #endif /* NO_CONFIG_WRITE */
    751 
    752 
    753 static int wpa_config_parse_group(const struct parse_data *data,
    754 				  struct wpa_ssid *ssid, int line,
    755 				  const char *value)
    756 {
    757 	int val;
    758 	val = wpa_config_parse_cipher(line, value);
    759 	if (val == -1)
    760 		return -1;
    761 	if (val & ~WPA_ALLOWED_GROUP_CIPHERS) {
    762 		wpa_printf(MSG_ERROR, "Line %d: not allowed group cipher "
    763 			   "(0x%x).", line, val);
    764 		return -1;
    765 	}
    766 
    767 	wpa_printf(MSG_MSGDUMP, "group: 0x%x", val);
    768 	ssid->group_cipher = val;
    769 	return 0;
    770 }
    771 
    772 
    773 #ifndef NO_CONFIG_WRITE
    774 static char * wpa_config_write_group(const struct parse_data *data,
    775 				     struct wpa_ssid *ssid)
    776 {
    777 	return wpa_config_write_cipher(ssid->group_cipher);
    778 }
    779 #endif /* NO_CONFIG_WRITE */
    780 
    781 
    782 static int wpa_config_parse_auth_alg(const struct parse_data *data,
    783 				     struct wpa_ssid *ssid, int line,
    784 				     const char *value)
    785 {
    786 	int val = 0, last, errors = 0;
    787 	char *start, *end, *buf;
    788 
    789 	buf = os_strdup(value);
    790 	if (buf == NULL)
    791 		return -1;
    792 	start = buf;
    793 
    794 	while (*start != '\0') {
    795 		while (*start == ' ' || *start == '\t')
    796 			start++;
    797 		if (*start == '\0')
    798 			break;
    799 		end = start;
    800 		while (*end != ' ' && *end != '\t' && *end != '\0')
    801 			end++;
    802 		last = *end == '\0';
    803 		*end = '\0';
    804 		if (os_strcmp(start, "OPEN") == 0)
    805 			val |= WPA_AUTH_ALG_OPEN;
    806 		else if (os_strcmp(start, "SHARED") == 0)
    807 			val |= WPA_AUTH_ALG_SHARED;
    808 		else if (os_strcmp(start, "LEAP") == 0)
    809 			val |= WPA_AUTH_ALG_LEAP;
    810 		else {
    811 			wpa_printf(MSG_ERROR, "Line %d: invalid auth_alg '%s'",
    812 				   line, start);
    813 			errors++;
    814 		}
    815 
    816 		if (last)
    817 			break;
    818 		start = end + 1;
    819 	}
    820 	os_free(buf);
    821 
    822 	if (val == 0) {
    823 		wpa_printf(MSG_ERROR,
    824 			   "Line %d: no auth_alg values configured.", line);
    825 		errors++;
    826 	}
    827 
    828 	wpa_printf(MSG_MSGDUMP, "auth_alg: 0x%x", val);
    829 	ssid->auth_alg = val;
    830 	return errors ? -1 : 0;
    831 }
    832 
    833 
    834 #ifndef NO_CONFIG_WRITE
    835 static char * wpa_config_write_auth_alg(const struct parse_data *data,
    836 					struct wpa_ssid *ssid)
    837 {
    838 	char *buf, *pos, *end;
    839 	int ret;
    840 
    841 	pos = buf = os_zalloc(30);
    842 	if (buf == NULL)
    843 		return NULL;
    844 	end = buf + 30;
    845 
    846 	if (ssid->auth_alg & WPA_AUTH_ALG_OPEN) {
    847 		ret = os_snprintf(pos, end - pos, "%sOPEN",
    848 				  pos == buf ? "" : " ");
    849 		if (ret < 0 || ret >= end - pos) {
    850 			end[-1] = '\0';
    851 			return buf;
    852 		}
    853 		pos += ret;
    854 	}
    855 
    856 	if (ssid->auth_alg & WPA_AUTH_ALG_SHARED) {
    857 		ret = os_snprintf(pos, end - pos, "%sSHARED",
    858 				  pos == buf ? "" : " ");
    859 		if (ret < 0 || ret >= end - pos) {
    860 			end[-1] = '\0';
    861 			return buf;
    862 		}
    863 		pos += ret;
    864 	}
    865 
    866 	if (ssid->auth_alg & WPA_AUTH_ALG_LEAP) {
    867 		ret = os_snprintf(pos, end - pos, "%sLEAP",
    868 				  pos == buf ? "" : " ");
    869 		if (ret < 0 || ret >= end - pos) {
    870 			end[-1] = '\0';
    871 			return buf;
    872 		}
    873 		pos += ret;
    874 	}
    875 
    876 	if (pos == buf) {
    877 		os_free(buf);
    878 		buf = NULL;
    879 	}
    880 
    881 	return buf;
    882 }
    883 #endif /* NO_CONFIG_WRITE */
    884 
    885 
    886 static int * wpa_config_parse_int_array(const char *value)
    887 {
    888 	int *freqs;
    889 	size_t used, len;
    890 	const char *pos;
    891 
    892 	used = 0;
    893 	len = 10;
    894 	freqs = os_calloc(len + 1, sizeof(int));
    895 	if (freqs == NULL)
    896 		return NULL;
    897 
    898 	pos = value;
    899 	while (pos) {
    900 		while (*pos == ' ')
    901 			pos++;
    902 		if (used == len) {
    903 			int *n;
    904 			size_t i;
    905 			n = os_realloc_array(freqs, len * 2 + 1, sizeof(int));
    906 			if (n == NULL) {
    907 				os_free(freqs);
    908 				return NULL;
    909 			}
    910 			for (i = len; i <= len * 2; i++)
    911 				n[i] = 0;
    912 			freqs = n;
    913 			len *= 2;
    914 		}
    915 
    916 		freqs[used] = atoi(pos);
    917 		if (freqs[used] == 0)
    918 			break;
    919 		used++;
    920 		pos = os_strchr(pos + 1, ' ');
    921 	}
    922 
    923 	return freqs;
    924 }
    925 
    926 
    927 static int wpa_config_parse_scan_freq(const struct parse_data *data,
    928 				      struct wpa_ssid *ssid, int line,
    929 				      const char *value)
    930 {
    931 	int *freqs;
    932 
    933 	freqs = wpa_config_parse_int_array(value);
    934 	if (freqs == NULL)
    935 		return -1;
    936 	if (freqs[0] == 0) {
    937 		os_free(freqs);
    938 		freqs = NULL;
    939 	}
    940 	os_free(ssid->scan_freq);
    941 	ssid->scan_freq = freqs;
    942 
    943 	return 0;
    944 }
    945 
    946 
    947 static int wpa_config_parse_freq_list(const struct parse_data *data,
    948 				      struct wpa_ssid *ssid, int line,
    949 				      const char *value)
    950 {
    951 	int *freqs;
    952 
    953 	freqs = wpa_config_parse_int_array(value);
    954 	if (freqs == NULL)
    955 		return -1;
    956 	if (freqs[0] == 0) {
    957 		os_free(freqs);
    958 		freqs = NULL;
    959 	}
    960 	os_free(ssid->freq_list);
    961 	ssid->freq_list = freqs;
    962 
    963 	return 0;
    964 }
    965 
    966 
    967 #ifndef NO_CONFIG_WRITE
    968 static char * wpa_config_write_freqs(const struct parse_data *data,
    969 				     const int *freqs)
    970 {
    971 	char *buf, *pos, *end;
    972 	int i, ret;
    973 	size_t count;
    974 
    975 	if (freqs == NULL)
    976 		return NULL;
    977 
    978 	count = 0;
    979 	for (i = 0; freqs[i]; i++)
    980 		count++;
    981 
    982 	pos = buf = os_zalloc(10 * count + 1);
    983 	if (buf == NULL)
    984 		return NULL;
    985 	end = buf + 10 * count + 1;
    986 
    987 	for (i = 0; freqs[i]; i++) {
    988 		ret = os_snprintf(pos, end - pos, "%s%u",
    989 				  i == 0 ? "" : " ", freqs[i]);
    990 		if (ret < 0 || ret >= end - pos) {
    991 			end[-1] = '\0';
    992 			return buf;
    993 		}
    994 		pos += ret;
    995 	}
    996 
    997 	return buf;
    998 }
    999 
   1000 
   1001 static char * wpa_config_write_scan_freq(const struct parse_data *data,
   1002 					 struct wpa_ssid *ssid)
   1003 {
   1004 	return wpa_config_write_freqs(data, ssid->scan_freq);
   1005 }
   1006 
   1007 
   1008 static char * wpa_config_write_freq_list(const struct parse_data *data,
   1009 					 struct wpa_ssid *ssid)
   1010 {
   1011 	return wpa_config_write_freqs(data, ssid->freq_list);
   1012 }
   1013 #endif /* NO_CONFIG_WRITE */
   1014 
   1015 
   1016 #ifdef IEEE8021X_EAPOL
   1017 static int wpa_config_parse_eap(const struct parse_data *data,
   1018 				struct wpa_ssid *ssid, int line,
   1019 				const char *value)
   1020 {
   1021 	int last, errors = 0;
   1022 	char *start, *end, *buf;
   1023 	struct eap_method_type *methods = NULL, *tmp;
   1024 	size_t num_methods = 0;
   1025 
   1026 	buf = os_strdup(value);
   1027 	if (buf == NULL)
   1028 		return -1;
   1029 	start = buf;
   1030 
   1031 	while (*start != '\0') {
   1032 		while (*start == ' ' || *start == '\t')
   1033 			start++;
   1034 		if (*start == '\0')
   1035 			break;
   1036 		end = start;
   1037 		while (*end != ' ' && *end != '\t' && *end != '\0')
   1038 			end++;
   1039 		last = *end == '\0';
   1040 		*end = '\0';
   1041 		tmp = methods;
   1042 		methods = os_realloc_array(methods, num_methods + 1,
   1043 					   sizeof(*methods));
   1044 		if (methods == NULL) {
   1045 			os_free(tmp);
   1046 			os_free(buf);
   1047 			return -1;
   1048 		}
   1049 		methods[num_methods].method = eap_peer_get_type(
   1050 			start, &methods[num_methods].vendor);
   1051 		if (methods[num_methods].vendor == EAP_VENDOR_IETF &&
   1052 		    methods[num_methods].method == EAP_TYPE_NONE) {
   1053 			wpa_printf(MSG_ERROR, "Line %d: unknown EAP method "
   1054 				   "'%s'", line, start);
   1055 			wpa_printf(MSG_ERROR, "You may need to add support for"
   1056 				   " this EAP method during wpa_supplicant\n"
   1057 				   "build time configuration.\n"
   1058 				   "See README for more information.");
   1059 			errors++;
   1060 		} else if (methods[num_methods].vendor == EAP_VENDOR_IETF &&
   1061 			   methods[num_methods].method == EAP_TYPE_LEAP)
   1062 			ssid->leap++;
   1063 		else
   1064 			ssid->non_leap++;
   1065 		num_methods++;
   1066 		if (last)
   1067 			break;
   1068 		start = end + 1;
   1069 	}
   1070 	os_free(buf);
   1071 
   1072 	tmp = methods;
   1073 	methods = os_realloc_array(methods, num_methods + 1, sizeof(*methods));
   1074 	if (methods == NULL) {
   1075 		os_free(tmp);
   1076 		return -1;
   1077 	}
   1078 	methods[num_methods].vendor = EAP_VENDOR_IETF;
   1079 	methods[num_methods].method = EAP_TYPE_NONE;
   1080 	num_methods++;
   1081 
   1082 	wpa_hexdump(MSG_MSGDUMP, "eap methods",
   1083 		    (u8 *) methods, num_methods * sizeof(*methods));
   1084 	os_free(ssid->eap.eap_methods);
   1085 	ssid->eap.eap_methods = methods;
   1086 	return errors ? -1 : 0;
   1087 }
   1088 
   1089 
   1090 static char * wpa_config_write_eap(const struct parse_data *data,
   1091 				   struct wpa_ssid *ssid)
   1092 {
   1093 	int i, ret;
   1094 	char *buf, *pos, *end;
   1095 	const struct eap_method_type *eap_methods = ssid->eap.eap_methods;
   1096 	const char *name;
   1097 
   1098 	if (eap_methods == NULL)
   1099 		return NULL;
   1100 
   1101 	pos = buf = os_zalloc(100);
   1102 	if (buf == NULL)
   1103 		return NULL;
   1104 	end = buf + 100;
   1105 
   1106 	for (i = 0; eap_methods[i].vendor != EAP_VENDOR_IETF ||
   1107 		     eap_methods[i].method != EAP_TYPE_NONE; i++) {
   1108 		name = eap_get_name(eap_methods[i].vendor,
   1109 				    eap_methods[i].method);
   1110 		if (name) {
   1111 			ret = os_snprintf(pos, end - pos, "%s%s",
   1112 					  pos == buf ? "" : " ", name);
   1113 			if (ret < 0 || ret >= end - pos)
   1114 				break;
   1115 			pos += ret;
   1116 		}
   1117 	}
   1118 
   1119 	end[-1] = '\0';
   1120 
   1121 	return buf;
   1122 }
   1123 
   1124 
   1125 static int wpa_config_parse_password(const struct parse_data *data,
   1126 				     struct wpa_ssid *ssid, int line,
   1127 				     const char *value)
   1128 {
   1129 	u8 *hash;
   1130 
   1131 	if (os_strcmp(value, "NULL") == 0) {
   1132 		wpa_printf(MSG_DEBUG, "Unset configuration string 'password'");
   1133 		bin_clear_free(ssid->eap.password, ssid->eap.password_len);
   1134 		ssid->eap.password = NULL;
   1135 		ssid->eap.password_len = 0;
   1136 		return 0;
   1137 	}
   1138 
   1139 #ifdef CONFIG_EXT_PASSWORD
   1140 	if (os_strncmp(value, "ext:", 4) == 0) {
   1141 		char *name = os_strdup(value + 4);
   1142 		if (name == NULL)
   1143 			return -1;
   1144 		bin_clear_free(ssid->eap.password, ssid->eap.password_len);
   1145 		ssid->eap.password = (u8 *) name;
   1146 		ssid->eap.password_len = os_strlen(name);
   1147 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
   1148 		ssid->eap.flags |= EAP_CONFIG_FLAGS_EXT_PASSWORD;
   1149 		return 0;
   1150 	}
   1151 #endif /* CONFIG_EXT_PASSWORD */
   1152 
   1153 	if (os_strncmp(value, "hash:", 5) != 0) {
   1154 		char *tmp;
   1155 		size_t res_len;
   1156 
   1157 		tmp = wpa_config_parse_string(value, &res_len);
   1158 		if (tmp == NULL) {
   1159 			wpa_printf(MSG_ERROR, "Line %d: failed to parse "
   1160 				   "password.", line);
   1161 			return -1;
   1162 		}
   1163 		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
   1164 				      (u8 *) tmp, res_len);
   1165 
   1166 		bin_clear_free(ssid->eap.password, ssid->eap.password_len);
   1167 		ssid->eap.password = (u8 *) tmp;
   1168 		ssid->eap.password_len = res_len;
   1169 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
   1170 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_PASSWORD;
   1171 
   1172 		return 0;
   1173 	}
   1174 
   1175 
   1176 	/* NtPasswordHash: hash:<32 hex digits> */
   1177 	if (os_strlen(value + 5) != 2 * 16) {
   1178 		wpa_printf(MSG_ERROR, "Line %d: Invalid password hash length "
   1179 			   "(expected 32 hex digits)", line);
   1180 		return -1;
   1181 	}
   1182 
   1183 	hash = os_malloc(16);
   1184 	if (hash == NULL)
   1185 		return -1;
   1186 
   1187 	if (hexstr2bin(value + 5, hash, 16)) {
   1188 		os_free(hash);
   1189 		wpa_printf(MSG_ERROR, "Line %d: Invalid password hash", line);
   1190 		return -1;
   1191 	}
   1192 
   1193 	wpa_hexdump_key(MSG_MSGDUMP, data->name, hash, 16);
   1194 
   1195 	bin_clear_free(ssid->eap.password, ssid->eap.password_len);
   1196 	ssid->eap.password = hash;
   1197 	ssid->eap.password_len = 16;
   1198 	ssid->eap.flags |= EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
   1199 	ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_PASSWORD;
   1200 
   1201 	return 0;
   1202 }
   1203 
   1204 
   1205 static char * wpa_config_write_password(const struct parse_data *data,
   1206 					struct wpa_ssid *ssid)
   1207 {
   1208 	char *buf;
   1209 
   1210 	if (ssid->eap.password == NULL)
   1211 		return NULL;
   1212 
   1213 #ifdef CONFIG_EXT_PASSWORD
   1214 	if (ssid->eap.flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
   1215 		buf = os_zalloc(4 + ssid->eap.password_len + 1);
   1216 		if (buf == NULL)
   1217 			return NULL;
   1218 		os_memcpy(buf, "ext:", 4);
   1219 		os_memcpy(buf + 4, ssid->eap.password, ssid->eap.password_len);
   1220 		return buf;
   1221 	}
   1222 #endif /* CONFIG_EXT_PASSWORD */
   1223 
   1224 	if (!(ssid->eap.flags & EAP_CONFIG_FLAGS_PASSWORD_NTHASH)) {
   1225 		return wpa_config_write_string(
   1226 			ssid->eap.password, ssid->eap.password_len);
   1227 	}
   1228 
   1229 	buf = os_malloc(5 + 32 + 1);
   1230 	if (buf == NULL)
   1231 		return NULL;
   1232 
   1233 	os_memcpy(buf, "hash:", 5);
   1234 	wpa_snprintf_hex(buf + 5, 32 + 1, ssid->eap.password, 16);
   1235 
   1236 	return buf;
   1237 }
   1238 #endif /* IEEE8021X_EAPOL */
   1239 
   1240 
   1241 static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line,
   1242 				    const char *value, int idx)
   1243 {
   1244 	char *buf, title[20];
   1245 	int res;
   1246 
   1247 	buf = wpa_config_parse_string(value, len);
   1248 	if (buf == NULL) {
   1249 		wpa_printf(MSG_ERROR, "Line %d: Invalid WEP key %d '%s'.",
   1250 			   line, idx, value);
   1251 		return -1;
   1252 	}
   1253 	if (*len > MAX_WEP_KEY_LEN) {
   1254 		wpa_printf(MSG_ERROR, "Line %d: Too long WEP key %d '%s'.",
   1255 			   line, idx, value);
   1256 		os_free(buf);
   1257 		return -1;
   1258 	}
   1259 	if (*len && *len != 5 && *len != 13 && *len != 16) {
   1260 		wpa_printf(MSG_ERROR, "Line %d: Invalid WEP key length %u - "
   1261 			   "this network block will be ignored",
   1262 			   line, (unsigned int) *len);
   1263 	}
   1264 	os_memcpy(key, buf, *len);
   1265 	str_clear_free(buf);
   1266 	res = os_snprintf(title, sizeof(title), "wep_key%d", idx);
   1267 	if (res >= 0 && (size_t) res < sizeof(title))
   1268 		wpa_hexdump_key(MSG_MSGDUMP, title, key, *len);
   1269 	return 0;
   1270 }
   1271 
   1272 
   1273 static int wpa_config_parse_wep_key0(const struct parse_data *data,
   1274 				     struct wpa_ssid *ssid, int line,
   1275 				     const char *value)
   1276 {
   1277 	return wpa_config_parse_wep_key(ssid->wep_key[0],
   1278 					&ssid->wep_key_len[0], line,
   1279 					value, 0);
   1280 }
   1281 
   1282 
   1283 static int wpa_config_parse_wep_key1(const struct parse_data *data,
   1284 				     struct wpa_ssid *ssid, int line,
   1285 				     const char *value)
   1286 {
   1287 	return wpa_config_parse_wep_key(ssid->wep_key[1],
   1288 					&ssid->wep_key_len[1], line,
   1289 					value, 1);
   1290 }
   1291 
   1292 
   1293 static int wpa_config_parse_wep_key2(const struct parse_data *data,
   1294 				     struct wpa_ssid *ssid, int line,
   1295 				     const char *value)
   1296 {
   1297 	return wpa_config_parse_wep_key(ssid->wep_key[2],
   1298 					&ssid->wep_key_len[2], line,
   1299 					value, 2);
   1300 }
   1301 
   1302 
   1303 static int wpa_config_parse_wep_key3(const struct parse_data *data,
   1304 				     struct wpa_ssid *ssid, int line,
   1305 				     const char *value)
   1306 {
   1307 	return wpa_config_parse_wep_key(ssid->wep_key[3],
   1308 					&ssid->wep_key_len[3], line,
   1309 					value, 3);
   1310 }
   1311 
   1312 
   1313 #ifndef NO_CONFIG_WRITE
   1314 static char * wpa_config_write_wep_key(struct wpa_ssid *ssid, int idx)
   1315 {
   1316 	if (ssid->wep_key_len[idx] == 0)
   1317 		return NULL;
   1318 	return wpa_config_write_string(ssid->wep_key[idx],
   1319 				       ssid->wep_key_len[idx]);
   1320 }
   1321 
   1322 
   1323 static char * wpa_config_write_wep_key0(const struct parse_data *data,
   1324 					struct wpa_ssid *ssid)
   1325 {
   1326 	return wpa_config_write_wep_key(ssid, 0);
   1327 }
   1328 
   1329 
   1330 static char * wpa_config_write_wep_key1(const struct parse_data *data,
   1331 					struct wpa_ssid *ssid)
   1332 {
   1333 	return wpa_config_write_wep_key(ssid, 1);
   1334 }
   1335 
   1336 
   1337 static char * wpa_config_write_wep_key2(const struct parse_data *data,
   1338 					struct wpa_ssid *ssid)
   1339 {
   1340 	return wpa_config_write_wep_key(ssid, 2);
   1341 }
   1342 
   1343 
   1344 static char * wpa_config_write_wep_key3(const struct parse_data *data,
   1345 					struct wpa_ssid *ssid)
   1346 {
   1347 	return wpa_config_write_wep_key(ssid, 3);
   1348 }
   1349 #endif /* NO_CONFIG_WRITE */
   1350 
   1351 
   1352 #ifdef CONFIG_P2P
   1353 
   1354 static int wpa_config_parse_go_p2p_dev_addr(const struct parse_data *data,
   1355 					    struct wpa_ssid *ssid, int line,
   1356 					    const char *value)
   1357 {
   1358 	if (value[0] == '\0' || os_strcmp(value, "\"\"") == 0 ||
   1359 	    os_strcmp(value, "any") == 0) {
   1360 		os_memset(ssid->go_p2p_dev_addr, 0, ETH_ALEN);
   1361 		wpa_printf(MSG_MSGDUMP, "GO P2P Device Address any");
   1362 		return 0;
   1363 	}
   1364 	if (hwaddr_aton(value, ssid->go_p2p_dev_addr)) {
   1365 		wpa_printf(MSG_ERROR, "Line %d: Invalid GO P2P Device Address '%s'.",
   1366 			   line, value);
   1367 		return -1;
   1368 	}
   1369 	ssid->bssid_set = 1;
   1370 	wpa_printf(MSG_MSGDUMP, "GO P2P Device Address " MACSTR,
   1371 		   MAC2STR(ssid->go_p2p_dev_addr));
   1372 	return 0;
   1373 }
   1374 
   1375 
   1376 #ifndef NO_CONFIG_WRITE
   1377 static char * wpa_config_write_go_p2p_dev_addr(const struct parse_data *data,
   1378 					       struct wpa_ssid *ssid)
   1379 {
   1380 	char *value;
   1381 	int res;
   1382 
   1383 	if (is_zero_ether_addr(ssid->go_p2p_dev_addr))
   1384 		return NULL;
   1385 
   1386 	value = os_malloc(20);
   1387 	if (value == NULL)
   1388 		return NULL;
   1389 	res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->go_p2p_dev_addr));
   1390 	if (res < 0 || res >= 20) {
   1391 		os_free(value);
   1392 		return NULL;
   1393 	}
   1394 	value[20 - 1] = '\0';
   1395 	return value;
   1396 }
   1397 #endif /* NO_CONFIG_WRITE */
   1398 
   1399 
   1400 static int wpa_config_parse_p2p_client_list(const struct parse_data *data,
   1401 					    struct wpa_ssid *ssid, int line,
   1402 					    const char *value)
   1403 {
   1404 	const char *pos;
   1405 	u8 *buf, *n, addr[ETH_ALEN];
   1406 	size_t count;
   1407 
   1408 	buf = NULL;
   1409 	count = 0;
   1410 
   1411 	pos = value;
   1412 	while (pos && *pos) {
   1413 		while (*pos == ' ')
   1414 			pos++;
   1415 
   1416 		if (hwaddr_aton(pos, addr)) {
   1417 			if (count == 0) {
   1418 				wpa_printf(MSG_ERROR, "Line %d: Invalid "
   1419 					   "p2p_client_list address '%s'.",
   1420 					   line, value);
   1421 				os_free(buf);
   1422 				return -1;
   1423 			}
   1424 			/* continue anyway since this could have been from a
   1425 			 * truncated configuration file line */
   1426 			wpa_printf(MSG_INFO, "Line %d: Ignore likely "
   1427 				   "truncated p2p_client_list address '%s'",
   1428 				   line, pos);
   1429 		} else {
   1430 			n = os_realloc_array(buf, count + 1, ETH_ALEN);
   1431 			if (n == NULL) {
   1432 				os_free(buf);
   1433 				return -1;
   1434 			}
   1435 			buf = n;
   1436 			os_memmove(buf + ETH_ALEN, buf, count * ETH_ALEN);
   1437 			os_memcpy(buf, addr, ETH_ALEN);
   1438 			count++;
   1439 			wpa_hexdump(MSG_MSGDUMP, "p2p_client_list",
   1440 				    addr, ETH_ALEN);
   1441 		}
   1442 
   1443 		pos = os_strchr(pos, ' ');
   1444 	}
   1445 
   1446 	os_free(ssid->p2p_client_list);
   1447 	ssid->p2p_client_list = buf;
   1448 	ssid->num_p2p_clients = count;
   1449 
   1450 	return 0;
   1451 }
   1452 
   1453 
   1454 #ifndef NO_CONFIG_WRITE
   1455 static char * wpa_config_write_p2p_client_list(const struct parse_data *data,
   1456 					       struct wpa_ssid *ssid)
   1457 {
   1458 	char *value, *end, *pos;
   1459 	int res;
   1460 	size_t i;
   1461 
   1462 	if (ssid->p2p_client_list == NULL || ssid->num_p2p_clients == 0)
   1463 		return NULL;
   1464 
   1465 	value = os_malloc(20 * ssid->num_p2p_clients);
   1466 	if (value == NULL)
   1467 		return NULL;
   1468 	pos = value;
   1469 	end = value + 20 * ssid->num_p2p_clients;
   1470 
   1471 	for (i = ssid->num_p2p_clients; i > 0; i--) {
   1472 		res = os_snprintf(pos, end - pos, MACSTR " ",
   1473 				  MAC2STR(ssid->p2p_client_list +
   1474 					  (i - 1) * ETH_ALEN));
   1475 		if (res < 0 || res >= end - pos) {
   1476 			os_free(value);
   1477 			return NULL;
   1478 		}
   1479 		pos += res;
   1480 	}
   1481 
   1482 	if (pos > value)
   1483 		pos[-1] = '\0';
   1484 
   1485 	return value;
   1486 }
   1487 #endif /* NO_CONFIG_WRITE */
   1488 
   1489 
   1490 static int wpa_config_parse_psk_list(const struct parse_data *data,
   1491 				     struct wpa_ssid *ssid, int line,
   1492 				     const char *value)
   1493 {
   1494 	struct psk_list_entry *p;
   1495 	const char *pos;
   1496 
   1497 	p = os_zalloc(sizeof(*p));
   1498 	if (p == NULL)
   1499 		return -1;
   1500 
   1501 	pos = value;
   1502 	if (os_strncmp(pos, "P2P-", 4) == 0) {
   1503 		p->p2p = 1;
   1504 		pos += 4;
   1505 	}
   1506 
   1507 	if (hwaddr_aton(pos, p->addr)) {
   1508 		wpa_printf(MSG_ERROR, "Line %d: Invalid psk_list address '%s'",
   1509 			   line, pos);
   1510 		os_free(p);
   1511 		return -1;
   1512 	}
   1513 	pos += 17;
   1514 	if (*pos != '-') {
   1515 		wpa_printf(MSG_ERROR, "Line %d: Invalid psk_list '%s'",
   1516 			   line, pos);
   1517 		os_free(p);
   1518 		return -1;
   1519 	}
   1520 	pos++;
   1521 
   1522 	if (hexstr2bin(pos, p->psk, PMK_LEN) || pos[PMK_LEN * 2] != '\0') {
   1523 		wpa_printf(MSG_ERROR, "Line %d: Invalid psk_list PSK '%s'",
   1524 			   line, pos);
   1525 		os_free(p);
   1526 		return -1;
   1527 	}
   1528 
   1529 	dl_list_add(&ssid->psk_list, &p->list);
   1530 
   1531 	return 0;
   1532 }
   1533 
   1534 
   1535 #ifndef NO_CONFIG_WRITE
   1536 static char * wpa_config_write_psk_list(const struct parse_data *data,
   1537 					struct wpa_ssid *ssid)
   1538 {
   1539 	return NULL;
   1540 }
   1541 #endif /* NO_CONFIG_WRITE */
   1542 
   1543 #endif /* CONFIG_P2P */
   1544 
   1545 /* Helper macros for network block parser */
   1546 
   1547 #ifdef OFFSET
   1548 #undef OFFSET
   1549 #endif /* OFFSET */
   1550 /* OFFSET: Get offset of a variable within the wpa_ssid structure */
   1551 #define OFFSET(v) ((void *) &((struct wpa_ssid *) 0)->v)
   1552 
   1553 /* STR: Define a string variable for an ASCII string; f = field name */
   1554 #ifdef NO_CONFIG_WRITE
   1555 #define _STR(f) #f, wpa_config_parse_str, OFFSET(f)
   1556 #define _STRe(f) #f, wpa_config_parse_str, OFFSET(eap.f)
   1557 #else /* NO_CONFIG_WRITE */
   1558 #define _STR(f) #f, wpa_config_parse_str, wpa_config_write_str, OFFSET(f)
   1559 #define _STRe(f) #f, wpa_config_parse_str, wpa_config_write_str, OFFSET(eap.f)
   1560 #endif /* NO_CONFIG_WRITE */
   1561 #define STR(f) _STR(f), NULL, NULL, NULL, 0
   1562 #define STRe(f) _STRe(f), NULL, NULL, NULL, 0
   1563 #define STR_KEY(f) _STR(f), NULL, NULL, NULL, 1
   1564 #define STR_KEYe(f) _STRe(f), NULL, NULL, NULL, 1
   1565 
   1566 /* STR_LEN: Define a string variable with a separate variable for storing the
   1567  * data length. Unlike STR(), this can be used to store arbitrary binary data
   1568  * (i.e., even nul termination character). */
   1569 #define _STR_LEN(f) _STR(f), OFFSET(f ## _len)
   1570 #define _STR_LENe(f) _STRe(f), OFFSET(eap.f ## _len)
   1571 #define STR_LEN(f) _STR_LEN(f), NULL, NULL, 0
   1572 #define STR_LENe(f) _STR_LENe(f), NULL, NULL, 0
   1573 #define STR_LEN_KEY(f) _STR_LEN(f), NULL, NULL, 1
   1574 
   1575 /* STR_RANGE: Like STR_LEN(), but with minimum and maximum allowed length
   1576  * explicitly specified. */
   1577 #define _STR_RANGE(f, min, max) _STR_LEN(f), (void *) (min), (void *) (max)
   1578 #define STR_RANGE(f, min, max) _STR_RANGE(f, min, max), 0
   1579 #define STR_RANGE_KEY(f, min, max) _STR_RANGE(f, min, max), 1
   1580 
   1581 #ifdef NO_CONFIG_WRITE
   1582 #define _INT(f) #f, wpa_config_parse_int, OFFSET(f), (void *) 0
   1583 #define _INTe(f) #f, wpa_config_parse_int, OFFSET(eap.f), (void *) 0
   1584 #else /* NO_CONFIG_WRITE */
   1585 #define _INT(f) #f, wpa_config_parse_int, wpa_config_write_int, \
   1586 	OFFSET(f), (void *) 0
   1587 #define _INTe(f) #f, wpa_config_parse_int, wpa_config_write_int, \
   1588 	OFFSET(eap.f), (void *) 0
   1589 #endif /* NO_CONFIG_WRITE */
   1590 
   1591 /* INT: Define an integer variable */
   1592 #define INT(f) _INT(f), NULL, NULL, 0
   1593 #define INTe(f) _INTe(f), NULL, NULL, 0
   1594 
   1595 /* INT_RANGE: Define an integer variable with allowed value range */
   1596 #define INT_RANGE(f, min, max) _INT(f), (void *) (min), (void *) (max), 0
   1597 
   1598 /* FUNC: Define a configuration variable that uses a custom function for
   1599  * parsing and writing the value. */
   1600 #ifdef NO_CONFIG_WRITE
   1601 #define _FUNC(f) #f, wpa_config_parse_ ## f, NULL, NULL, NULL, NULL
   1602 #else /* NO_CONFIG_WRITE */
   1603 #define _FUNC(f) #f, wpa_config_parse_ ## f, wpa_config_write_ ## f, \
   1604 	NULL, NULL, NULL, NULL
   1605 #endif /* NO_CONFIG_WRITE */
   1606 #define FUNC(f) _FUNC(f), 0
   1607 #define FUNC_KEY(f) _FUNC(f), 1
   1608 
   1609 /*
   1610  * Table of network configuration variables. This table is used to parse each
   1611  * network configuration variable, e.g., each line in wpa_supplicant.conf file
   1612  * that is inside a network block.
   1613  *
   1614  * This table is generated using the helper macros defined above and with
   1615  * generous help from the C pre-processor. The field name is stored as a string
   1616  * into .name and for STR and INT types, the offset of the target buffer within
   1617  * struct wpa_ssid is stored in .param1. .param2 (if not NULL) is similar
   1618  * offset to the field containing the length of the configuration variable.
   1619  * .param3 and .param4 can be used to mark the allowed range (length for STR
   1620  * and value for INT).
   1621  *
   1622  * For each configuration line in wpa_supplicant.conf, the parser goes through
   1623  * this table and select the entry that matches with the field name. The parser
   1624  * function (.parser) is then called to parse the actual value of the field.
   1625  *
   1626  * This kind of mechanism makes it easy to add new configuration parameters,
   1627  * since only one line needs to be added into this table and into the
   1628  * struct wpa_ssid definition if the new variable is either a string or
   1629  * integer. More complex types will need to use their own parser and writer
   1630  * functions.
   1631  */
   1632 static const struct parse_data ssid_fields[] = {
   1633 	{ STR_RANGE(ssid, 0, MAX_SSID_LEN) },
   1634 	{ INT_RANGE(scan_ssid, 0, 1) },
   1635 	{ FUNC(bssid) },
   1636 	{ FUNC_KEY(psk) },
   1637 	{ FUNC(proto) },
   1638 	{ FUNC(key_mgmt) },
   1639 	{ INT(bg_scan_period) },
   1640 	{ FUNC(pairwise) },
   1641 	{ FUNC(group) },
   1642 	{ FUNC(auth_alg) },
   1643 	{ FUNC(scan_freq) },
   1644 	{ FUNC(freq_list) },
   1645 #ifdef IEEE8021X_EAPOL
   1646 	{ FUNC(eap) },
   1647 	{ STR_LENe(identity) },
   1648 	{ STR_LENe(anonymous_identity) },
   1649 	{ FUNC_KEY(password) },
   1650 	{ STRe(ca_cert) },
   1651 	{ STRe(ca_path) },
   1652 	{ STRe(client_cert) },
   1653 	{ STRe(private_key) },
   1654 	{ STR_KEYe(private_key_passwd) },
   1655 	{ STRe(dh_file) },
   1656 	{ STRe(subject_match) },
   1657 	{ STRe(altsubject_match) },
   1658 	{ STRe(domain_suffix_match) },
   1659 	{ STRe(ca_cert2) },
   1660 	{ STRe(ca_path2) },
   1661 	{ STRe(client_cert2) },
   1662 	{ STRe(private_key2) },
   1663 	{ STR_KEYe(private_key2_passwd) },
   1664 	{ STRe(dh_file2) },
   1665 	{ STRe(subject_match2) },
   1666 	{ STRe(altsubject_match2) },
   1667 	{ STRe(domain_suffix_match2) },
   1668 	{ STRe(phase1) },
   1669 	{ STRe(phase2) },
   1670 	{ STRe(pcsc) },
   1671 	{ STR_KEYe(pin) },
   1672 	{ STRe(engine_id) },
   1673 	{ STRe(key_id) },
   1674 	{ STRe(cert_id) },
   1675 	{ STRe(ca_cert_id) },
   1676 	{ STR_KEYe(pin2) },
   1677 	{ STRe(engine2_id) },
   1678 	{ STRe(key2_id) },
   1679 	{ STRe(cert2_id) },
   1680 	{ STRe(ca_cert2_id) },
   1681 	{ INTe(engine) },
   1682 	{ INTe(engine2) },
   1683 	{ INT(eapol_flags) },
   1684 	{ INTe(sim_num) },
   1685 #endif /* IEEE8021X_EAPOL */
   1686 	{ FUNC_KEY(wep_key0) },
   1687 	{ FUNC_KEY(wep_key1) },
   1688 	{ FUNC_KEY(wep_key2) },
   1689 	{ FUNC_KEY(wep_key3) },
   1690 	{ INT(wep_tx_keyidx) },
   1691 	{ INT(priority) },
   1692 #ifdef IEEE8021X_EAPOL
   1693 	{ INT(eap_workaround) },
   1694 	{ STRe(pac_file) },
   1695 	{ INTe(fragment_size) },
   1696 	{ INTe(ocsp) },
   1697 #endif /* IEEE8021X_EAPOL */
   1698 	{ INT_RANGE(mode, 0, 4) },
   1699 	{ INT_RANGE(proactive_key_caching, 0, 1) },
   1700 	{ INT_RANGE(disabled, 0, 2) },
   1701 	{ STR(id_str) },
   1702 #ifdef CONFIG_IEEE80211W
   1703 	{ INT_RANGE(ieee80211w, 0, 2) },
   1704 #endif /* CONFIG_IEEE80211W */
   1705 	{ INT_RANGE(peerkey, 0, 1) },
   1706 	{ INT_RANGE(mixed_cell, 0, 1) },
   1707 	{ INT_RANGE(frequency, 0, 65000) },
   1708 	{ INT(wpa_ptk_rekey) },
   1709 	{ STR(bgscan) },
   1710 	{ INT_RANGE(ignore_broadcast_ssid, 0, 2) },
   1711 #ifdef CONFIG_P2P
   1712 	{ FUNC(go_p2p_dev_addr) },
   1713 	{ FUNC(p2p_client_list) },
   1714 	{ FUNC(psk_list) },
   1715 #endif /* CONFIG_P2P */
   1716 #ifdef CONFIG_HT_OVERRIDES
   1717 	{ INT_RANGE(disable_ht, 0, 1) },
   1718 	{ INT_RANGE(disable_ht40, -1, 1) },
   1719 	{ INT_RANGE(disable_sgi, 0, 1) },
   1720 	{ INT_RANGE(disable_ldpc, 0, 1) },
   1721 	{ INT_RANGE(ht40_intolerant, 0, 1) },
   1722 	{ INT_RANGE(disable_max_amsdu, -1, 1) },
   1723 	{ INT_RANGE(ampdu_factor, -1, 3) },
   1724 	{ INT_RANGE(ampdu_density, -1, 7) },
   1725 	{ STR(ht_mcs) },
   1726 #endif /* CONFIG_HT_OVERRIDES */
   1727 #ifdef CONFIG_VHT_OVERRIDES
   1728 	{ INT_RANGE(disable_vht, 0, 1) },
   1729 	{ INT(vht_capa) },
   1730 	{ INT(vht_capa_mask) },
   1731 	{ INT_RANGE(vht_rx_mcs_nss_1, -1, 3) },
   1732 	{ INT_RANGE(vht_rx_mcs_nss_2, -1, 3) },
   1733 	{ INT_RANGE(vht_rx_mcs_nss_3, -1, 3) },
   1734 	{ INT_RANGE(vht_rx_mcs_nss_4, -1, 3) },
   1735 	{ INT_RANGE(vht_rx_mcs_nss_5, -1, 3) },
   1736 	{ INT_RANGE(vht_rx_mcs_nss_6, -1, 3) },
   1737 	{ INT_RANGE(vht_rx_mcs_nss_7, -1, 3) },
   1738 	{ INT_RANGE(vht_rx_mcs_nss_8, -1, 3) },
   1739 	{ INT_RANGE(vht_tx_mcs_nss_1, -1, 3) },
   1740 	{ INT_RANGE(vht_tx_mcs_nss_2, -1, 3) },
   1741 	{ INT_RANGE(vht_tx_mcs_nss_3, -1, 3) },
   1742 	{ INT_RANGE(vht_tx_mcs_nss_4, -1, 3) },
   1743 	{ INT_RANGE(vht_tx_mcs_nss_5, -1, 3) },
   1744 	{ INT_RANGE(vht_tx_mcs_nss_6, -1, 3) },
   1745 	{ INT_RANGE(vht_tx_mcs_nss_7, -1, 3) },
   1746 	{ INT_RANGE(vht_tx_mcs_nss_8, -1, 3) },
   1747 #endif /* CONFIG_VHT_OVERRIDES */
   1748 	{ INT(ap_max_inactivity) },
   1749 	{ INT(dtim_period) },
   1750 	{ INT(beacon_int) },
   1751 #ifdef CONFIG_MACSEC
   1752 	{ INT_RANGE(macsec_policy, 0, 1) },
   1753 #endif /* CONFIG_MACSEC */
   1754 #ifdef CONFIG_HS20
   1755 	{ INT(update_identifier) },
   1756 #endif /* CONFIG_HS20 */
   1757 };
   1758 
   1759 #undef OFFSET
   1760 #undef _STR
   1761 #undef STR
   1762 #undef STR_KEY
   1763 #undef _STR_LEN
   1764 #undef STR_LEN
   1765 #undef STR_LEN_KEY
   1766 #undef _STR_RANGE
   1767 #undef STR_RANGE
   1768 #undef STR_RANGE_KEY
   1769 #undef _INT
   1770 #undef INT
   1771 #undef INT_RANGE
   1772 #undef _FUNC
   1773 #undef FUNC
   1774 #undef FUNC_KEY
   1775 #define NUM_SSID_FIELDS ARRAY_SIZE(ssid_fields)
   1776 
   1777 
   1778 /**
   1779  * wpa_config_add_prio_network - Add a network to priority lists
   1780  * @config: Configuration data from wpa_config_read()
   1781  * @ssid: Pointer to the network configuration to be added to the list
   1782  * Returns: 0 on success, -1 on failure
   1783  *
   1784  * This function is used to add a network block to the priority list of
   1785  * networks. This must be called for each network when reading in the full
   1786  * configuration. In addition, this can be used indirectly when updating
   1787  * priorities by calling wpa_config_update_prio_list().
   1788  */
   1789 int wpa_config_add_prio_network(struct wpa_config *config,
   1790 				struct wpa_ssid *ssid)
   1791 {
   1792 	int prio;
   1793 	struct wpa_ssid *prev, **nlist;
   1794 
   1795 	/*
   1796 	 * Add to an existing priority list if one is available for the
   1797 	 * configured priority level for this network.
   1798 	 */
   1799 	for (prio = 0; prio < config->num_prio; prio++) {
   1800 		prev = config->pssid[prio];
   1801 		if (prev->priority == ssid->priority) {
   1802 			while (prev->pnext)
   1803 				prev = prev->pnext;
   1804 			prev->pnext = ssid;
   1805 			return 0;
   1806 		}
   1807 	}
   1808 
   1809 	/* First network for this priority - add a new priority list */
   1810 	nlist = os_realloc_array(config->pssid, config->num_prio + 1,
   1811 				 sizeof(struct wpa_ssid *));
   1812 	if (nlist == NULL)
   1813 		return -1;
   1814 
   1815 	for (prio = 0; prio < config->num_prio; prio++) {
   1816 		if (nlist[prio]->priority < ssid->priority) {
   1817 			os_memmove(&nlist[prio + 1], &nlist[prio],
   1818 				   (config->num_prio - prio) *
   1819 				   sizeof(struct wpa_ssid *));
   1820 			break;
   1821 		}
   1822 	}
   1823 
   1824 	nlist[prio] = ssid;
   1825 	config->num_prio++;
   1826 	config->pssid = nlist;
   1827 
   1828 	return 0;
   1829 }
   1830 
   1831 
   1832 /**
   1833  * wpa_config_update_prio_list - Update network priority list
   1834  * @config: Configuration data from wpa_config_read()
   1835  * Returns: 0 on success, -1 on failure
   1836  *
   1837  * This function is called to update the priority list of networks in the
   1838  * configuration when a network is being added or removed. This is also called
   1839  * if a priority for a network is changed.
   1840  */
   1841 int wpa_config_update_prio_list(struct wpa_config *config)
   1842 {
   1843 	struct wpa_ssid *ssid;
   1844 	int ret = 0;
   1845 
   1846 	os_free(config->pssid);
   1847 	config->pssid = NULL;
   1848 	config->num_prio = 0;
   1849 
   1850 	ssid = config->ssid;
   1851 	while (ssid) {
   1852 		ssid->pnext = NULL;
   1853 		if (wpa_config_add_prio_network(config, ssid) < 0)
   1854 			ret = -1;
   1855 		ssid = ssid->next;
   1856 	}
   1857 
   1858 	return ret;
   1859 }
   1860 
   1861 
   1862 #ifdef IEEE8021X_EAPOL
   1863 static void eap_peer_config_free(struct eap_peer_config *eap)
   1864 {
   1865 	os_free(eap->eap_methods);
   1866 	bin_clear_free(eap->identity, eap->identity_len);
   1867 	os_free(eap->anonymous_identity);
   1868 	bin_clear_free(eap->password, eap->password_len);
   1869 	os_free(eap->ca_cert);
   1870 	os_free(eap->ca_path);
   1871 	os_free(eap->client_cert);
   1872 	os_free(eap->private_key);
   1873 	str_clear_free(eap->private_key_passwd);
   1874 	os_free(eap->dh_file);
   1875 	os_free(eap->subject_match);
   1876 	os_free(eap->altsubject_match);
   1877 	os_free(eap->domain_suffix_match);
   1878 	os_free(eap->ca_cert2);
   1879 	os_free(eap->ca_path2);
   1880 	os_free(eap->client_cert2);
   1881 	os_free(eap->private_key2);
   1882 	str_clear_free(eap->private_key2_passwd);
   1883 	os_free(eap->dh_file2);
   1884 	os_free(eap->subject_match2);
   1885 	os_free(eap->altsubject_match2);
   1886 	os_free(eap->domain_suffix_match2);
   1887 	os_free(eap->phase1);
   1888 	os_free(eap->phase2);
   1889 	os_free(eap->pcsc);
   1890 	str_clear_free(eap->pin);
   1891 	os_free(eap->engine_id);
   1892 	os_free(eap->key_id);
   1893 	os_free(eap->cert_id);
   1894 	os_free(eap->ca_cert_id);
   1895 	os_free(eap->key2_id);
   1896 	os_free(eap->cert2_id);
   1897 	os_free(eap->ca_cert2_id);
   1898 	str_clear_free(eap->pin2);
   1899 	os_free(eap->engine2_id);
   1900 	os_free(eap->otp);
   1901 	os_free(eap->pending_req_otp);
   1902 	os_free(eap->pac_file);
   1903 	bin_clear_free(eap->new_password, eap->new_password_len);
   1904 	str_clear_free(eap->external_sim_resp);
   1905 }
   1906 #endif /* IEEE8021X_EAPOL */
   1907 
   1908 
   1909 /**
   1910  * wpa_config_free_ssid - Free network/ssid configuration data
   1911  * @ssid: Configuration data for the network
   1912  *
   1913  * This function frees all resources allocated for the network configuration
   1914  * data.
   1915  */
   1916 void wpa_config_free_ssid(struct wpa_ssid *ssid)
   1917 {
   1918 	struct psk_list_entry *psk;
   1919 
   1920 	os_free(ssid->ssid);
   1921 	os_memset(ssid->psk, 0, sizeof(ssid->psk));
   1922 	str_clear_free(ssid->passphrase);
   1923 	os_free(ssid->ext_psk);
   1924 #ifdef IEEE8021X_EAPOL
   1925 	eap_peer_config_free(&ssid->eap);
   1926 #endif /* IEEE8021X_EAPOL */
   1927 	os_free(ssid->id_str);
   1928 	os_free(ssid->scan_freq);
   1929 	os_free(ssid->freq_list);
   1930 	os_free(ssid->bgscan);
   1931 	os_free(ssid->p2p_client_list);
   1932 #ifdef CONFIG_HT_OVERRIDES
   1933 	os_free(ssid->ht_mcs);
   1934 #endif /* CONFIG_HT_OVERRIDES */
   1935 	while ((psk = dl_list_first(&ssid->psk_list, struct psk_list_entry,
   1936 				    list))) {
   1937 		dl_list_del(&psk->list);
   1938 		os_free(psk);
   1939 	}
   1940 	os_free(ssid);
   1941 }
   1942 
   1943 
   1944 void wpa_config_free_cred(struct wpa_cred *cred)
   1945 {
   1946 	size_t i;
   1947 
   1948 	os_free(cred->realm);
   1949 	str_clear_free(cred->username);
   1950 	str_clear_free(cred->password);
   1951 	os_free(cred->ca_cert);
   1952 	os_free(cred->client_cert);
   1953 	os_free(cred->private_key);
   1954 	str_clear_free(cred->private_key_passwd);
   1955 	os_free(cred->imsi);
   1956 	str_clear_free(cred->milenage);
   1957 	for (i = 0; i < cred->num_domain; i++)
   1958 		os_free(cred->domain[i]);
   1959 	os_free(cred->domain);
   1960 	os_free(cred->domain_suffix_match);
   1961 	os_free(cred->eap_method);
   1962 	os_free(cred->phase1);
   1963 	os_free(cred->phase2);
   1964 	os_free(cred->excluded_ssid);
   1965 	os_free(cred->roaming_partner);
   1966 	os_free(cred->provisioning_sp);
   1967 	for (i = 0; i < cred->num_req_conn_capab; i++)
   1968 		os_free(cred->req_conn_capab_port[i]);
   1969 	os_free(cred->req_conn_capab_port);
   1970 	os_free(cred->req_conn_capab_proto);
   1971 	os_free(cred);
   1972 }
   1973 
   1974 
   1975 void wpa_config_flush_blobs(struct wpa_config *config)
   1976 {
   1977 #ifndef CONFIG_NO_CONFIG_BLOBS
   1978 	struct wpa_config_blob *blob, *prev;
   1979 
   1980 	blob = config->blobs;
   1981 	config->blobs = NULL;
   1982 	while (blob) {
   1983 		prev = blob;
   1984 		blob = blob->next;
   1985 		wpa_config_free_blob(prev);
   1986 	}
   1987 #endif /* CONFIG_NO_CONFIG_BLOBS */
   1988 }
   1989 
   1990 
   1991 /**
   1992  * wpa_config_free - Free configuration data
   1993  * @config: Configuration data from wpa_config_read()
   1994  *
   1995  * This function frees all resources allocated for the configuration data by
   1996  * wpa_config_read().
   1997  */
   1998 void wpa_config_free(struct wpa_config *config)
   1999 {
   2000 	struct wpa_ssid *ssid, *prev = NULL;
   2001 	struct wpa_cred *cred, *cprev;
   2002 
   2003 	ssid = config->ssid;
   2004 	while (ssid) {
   2005 		prev = ssid;
   2006 		ssid = ssid->next;
   2007 		wpa_config_free_ssid(prev);
   2008 	}
   2009 
   2010 	cred = config->cred;
   2011 	while (cred) {
   2012 		cprev = cred;
   2013 		cred = cred->next;
   2014 		wpa_config_free_cred(cprev);
   2015 	}
   2016 
   2017 	wpa_config_flush_blobs(config);
   2018 
   2019 	wpabuf_free(config->wps_vendor_ext_m1);
   2020 	os_free(config->ctrl_interface);
   2021 	os_free(config->ctrl_interface_group);
   2022 	os_free(config->opensc_engine_path);
   2023 	os_free(config->pkcs11_engine_path);
   2024 	os_free(config->pkcs11_module_path);
   2025 	os_free(config->pcsc_reader);
   2026 	str_clear_free(config->pcsc_pin);
   2027 	os_free(config->driver_param);
   2028 	os_free(config->device_name);
   2029 	os_free(config->manufacturer);
   2030 	os_free(config->model_name);
   2031 	os_free(config->model_number);
   2032 	os_free(config->serial_number);
   2033 	os_free(config->config_methods);
   2034 	os_free(config->p2p_ssid_postfix);
   2035 	os_free(config->pssid);
   2036 	os_free(config->p2p_pref_chan);
   2037 	os_free(config->p2p_no_go_freq.range);
   2038 	os_free(config->autoscan);
   2039 	os_free(config->freq_list);
   2040 	wpabuf_free(config->wps_nfc_dh_pubkey);
   2041 	wpabuf_free(config->wps_nfc_dh_privkey);
   2042 	wpabuf_free(config->wps_nfc_dev_pw);
   2043 	os_free(config->ext_password_backend);
   2044 	os_free(config->sae_groups);
   2045 	wpabuf_free(config->ap_vendor_elements);
   2046 	os_free(config->osu_dir);
   2047 	os_free(config->wowlan_triggers);
   2048 	os_free(config);
   2049 }
   2050 
   2051 
   2052 /**
   2053  * wpa_config_foreach_network - Iterate over each configured network
   2054  * @config: Configuration data from wpa_config_read()
   2055  * @func: Callback function to process each network
   2056  * @arg: Opaque argument to pass to callback function
   2057  *
   2058  * Iterate over the set of configured networks calling the specified
   2059  * function for each item. We guard against callbacks removing the
   2060  * supplied network.
   2061  */
   2062 void wpa_config_foreach_network(struct wpa_config *config,
   2063 				void (*func)(void *, struct wpa_ssid *),
   2064 				void *arg)
   2065 {
   2066 	struct wpa_ssid *ssid, *next;
   2067 
   2068 	ssid = config->ssid;
   2069 	while (ssid) {
   2070 		next = ssid->next;
   2071 		func(arg, ssid);
   2072 		ssid = next;
   2073 	}
   2074 }
   2075 
   2076 
   2077 /**
   2078  * wpa_config_get_network - Get configured network based on id
   2079  * @config: Configuration data from wpa_config_read()
   2080  * @id: Unique network id to search for
   2081  * Returns: Network configuration or %NULL if not found
   2082  */
   2083 struct wpa_ssid * wpa_config_get_network(struct wpa_config *config, int id)
   2084 {
   2085 	struct wpa_ssid *ssid;
   2086 
   2087 	ssid = config->ssid;
   2088 	while (ssid) {
   2089 		if (id == ssid->id)
   2090 			break;
   2091 		ssid = ssid->next;
   2092 	}
   2093 
   2094 	return ssid;
   2095 }
   2096 
   2097 
   2098 /**
   2099  * wpa_config_add_network - Add a new network with empty configuration
   2100  * @config: Configuration data from wpa_config_read()
   2101  * Returns: The new network configuration or %NULL if operation failed
   2102  */
   2103 struct wpa_ssid * wpa_config_add_network(struct wpa_config *config)
   2104 {
   2105 	int id;
   2106 	struct wpa_ssid *ssid, *last = NULL;
   2107 
   2108 	id = -1;
   2109 	ssid = config->ssid;
   2110 	while (ssid) {
   2111 		if (ssid->id > id)
   2112 			id = ssid->id;
   2113 		last = ssid;
   2114 		ssid = ssid->next;
   2115 	}
   2116 	id++;
   2117 
   2118 	ssid = os_zalloc(sizeof(*ssid));
   2119 	if (ssid == NULL)
   2120 		return NULL;
   2121 	ssid->id = id;
   2122 	dl_list_init(&ssid->psk_list);
   2123 	if (last)
   2124 		last->next = ssid;
   2125 	else
   2126 		config->ssid = ssid;
   2127 
   2128 	wpa_config_update_prio_list(config);
   2129 
   2130 	return ssid;
   2131 }
   2132 
   2133 
   2134 /**
   2135  * wpa_config_remove_network - Remove a configured network based on id
   2136  * @config: Configuration data from wpa_config_read()
   2137  * @id: Unique network id to search for
   2138  * Returns: 0 on success, or -1 if the network was not found
   2139  */
   2140 int wpa_config_remove_network(struct wpa_config *config, int id)
   2141 {
   2142 	struct wpa_ssid *ssid, *prev = NULL;
   2143 
   2144 	ssid = config->ssid;
   2145 	while (ssid) {
   2146 		if (id == ssid->id)
   2147 			break;
   2148 		prev = ssid;
   2149 		ssid = ssid->next;
   2150 	}
   2151 
   2152 	if (ssid == NULL)
   2153 		return -1;
   2154 
   2155 	if (prev)
   2156 		prev->next = ssid->next;
   2157 	else
   2158 		config->ssid = ssid->next;
   2159 
   2160 	wpa_config_update_prio_list(config);
   2161 	wpa_config_free_ssid(ssid);
   2162 	return 0;
   2163 }
   2164 
   2165 
   2166 /**
   2167  * wpa_config_set_network_defaults - Set network default values
   2168  * @ssid: Pointer to network configuration data
   2169  */
   2170 void wpa_config_set_network_defaults(struct wpa_ssid *ssid)
   2171 {
   2172 	ssid->proto = DEFAULT_PROTO;
   2173 	ssid->pairwise_cipher = DEFAULT_PAIRWISE;
   2174 	ssid->group_cipher = DEFAULT_GROUP;
   2175 	ssid->key_mgmt = DEFAULT_KEY_MGMT;
   2176 	ssid->bg_scan_period = DEFAULT_BG_SCAN_PERIOD;
   2177 #ifdef IEEE8021X_EAPOL
   2178 	ssid->eapol_flags = DEFAULT_EAPOL_FLAGS;
   2179 	ssid->eap_workaround = DEFAULT_EAP_WORKAROUND;
   2180 	ssid->eap.fragment_size = DEFAULT_FRAGMENT_SIZE;
   2181 	ssid->eap.sim_num = DEFAULT_USER_SELECTED_SIM;
   2182 #endif /* IEEE8021X_EAPOL */
   2183 #ifdef CONFIG_HT_OVERRIDES
   2184 	ssid->disable_ht = DEFAULT_DISABLE_HT;
   2185 	ssid->disable_ht40 = DEFAULT_DISABLE_HT40;
   2186 	ssid->disable_sgi = DEFAULT_DISABLE_SGI;
   2187 	ssid->disable_ldpc = DEFAULT_DISABLE_LDPC;
   2188 	ssid->disable_max_amsdu = DEFAULT_DISABLE_MAX_AMSDU;
   2189 	ssid->ampdu_factor = DEFAULT_AMPDU_FACTOR;
   2190 	ssid->ampdu_density = DEFAULT_AMPDU_DENSITY;
   2191 #endif /* CONFIG_HT_OVERRIDES */
   2192 #ifdef CONFIG_VHT_OVERRIDES
   2193 	ssid->vht_rx_mcs_nss_1 = -1;
   2194 	ssid->vht_rx_mcs_nss_2 = -1;
   2195 	ssid->vht_rx_mcs_nss_3 = -1;
   2196 	ssid->vht_rx_mcs_nss_4 = -1;
   2197 	ssid->vht_rx_mcs_nss_5 = -1;
   2198 	ssid->vht_rx_mcs_nss_6 = -1;
   2199 	ssid->vht_rx_mcs_nss_7 = -1;
   2200 	ssid->vht_rx_mcs_nss_8 = -1;
   2201 	ssid->vht_tx_mcs_nss_1 = -1;
   2202 	ssid->vht_tx_mcs_nss_2 = -1;
   2203 	ssid->vht_tx_mcs_nss_3 = -1;
   2204 	ssid->vht_tx_mcs_nss_4 = -1;
   2205 	ssid->vht_tx_mcs_nss_5 = -1;
   2206 	ssid->vht_tx_mcs_nss_6 = -1;
   2207 	ssid->vht_tx_mcs_nss_7 = -1;
   2208 	ssid->vht_tx_mcs_nss_8 = -1;
   2209 #endif /* CONFIG_VHT_OVERRIDES */
   2210 	ssid->proactive_key_caching = -1;
   2211 #ifdef CONFIG_IEEE80211W
   2212 	ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT;
   2213 #endif /* CONFIG_IEEE80211W */
   2214 }
   2215 
   2216 
   2217 /**
   2218  * wpa_config_set - Set a variable in network configuration
   2219  * @ssid: Pointer to network configuration data
   2220  * @var: Variable name, e.g., "ssid"
   2221  * @value: Variable value
   2222  * @line: Line number in configuration file or 0 if not used
   2223  * Returns: 0 on success, -1 on failure
   2224  *
   2225  * This function can be used to set network configuration variables based on
   2226  * both the configuration file and management interface input. The value
   2227  * parameter must be in the same format as the text-based configuration file is
   2228  * using. For example, strings are using double quotation marks.
   2229  */
   2230 int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
   2231 		   int line)
   2232 {
   2233 	size_t i;
   2234 	int ret = 0;
   2235 
   2236 	if (ssid == NULL || var == NULL || value == NULL)
   2237 		return -1;
   2238 
   2239 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
   2240 		const struct parse_data *field = &ssid_fields[i];
   2241 		if (os_strcmp(var, field->name) != 0)
   2242 			continue;
   2243 
   2244 		if (field->parser(field, ssid, line, value)) {
   2245 			if (line) {
   2246 				wpa_printf(MSG_ERROR, "Line %d: failed to "
   2247 					   "parse %s '%s'.", line, var, value);
   2248 			}
   2249 			ret = -1;
   2250 		}
   2251 		break;
   2252 	}
   2253 	if (i == NUM_SSID_FIELDS) {
   2254 		if (line) {
   2255 			wpa_printf(MSG_ERROR, "Line %d: unknown network field "
   2256 				   "'%s'.", line, var);
   2257 		}
   2258 		ret = -1;
   2259 	}
   2260 
   2261 	return ret;
   2262 }
   2263 
   2264 
   2265 int wpa_config_set_quoted(struct wpa_ssid *ssid, const char *var,
   2266 			  const char *value)
   2267 {
   2268 	size_t len;
   2269 	char *buf;
   2270 	int ret;
   2271 
   2272 	len = os_strlen(value);
   2273 	buf = os_malloc(len + 3);
   2274 	if (buf == NULL)
   2275 		return -1;
   2276 	buf[0] = '"';
   2277 	os_memcpy(buf + 1, value, len);
   2278 	buf[len + 1] = '"';
   2279 	buf[len + 2] = '\0';
   2280 	ret = wpa_config_set(ssid, var, buf, 0);
   2281 	os_free(buf);
   2282 	return ret;
   2283 }
   2284 
   2285 
   2286 /**
   2287  * wpa_config_get_all - Get all options from network configuration
   2288  * @ssid: Pointer to network configuration data
   2289  * @get_keys: Determines if keys/passwords will be included in returned list
   2290  *	(if they may be exported)
   2291  * Returns: %NULL terminated list of all set keys and their values in the form
   2292  * of [key1, val1, key2, val2, ... , NULL]
   2293  *
   2294  * This function can be used to get list of all configured network properties.
   2295  * The caller is responsible for freeing the returned list and all its
   2296  * elements.
   2297  */
   2298 char ** wpa_config_get_all(struct wpa_ssid *ssid, int get_keys)
   2299 {
   2300 	const struct parse_data *field;
   2301 	char *key, *value;
   2302 	size_t i;
   2303 	char **props;
   2304 	int fields_num;
   2305 
   2306 	get_keys = get_keys && ssid->export_keys;
   2307 
   2308 	props = os_calloc(2 * NUM_SSID_FIELDS + 1, sizeof(char *));
   2309 	if (!props)
   2310 		return NULL;
   2311 
   2312 	fields_num = 0;
   2313 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
   2314 		field = &ssid_fields[i];
   2315 		if (field->key_data && !get_keys)
   2316 			continue;
   2317 		value = field->writer(field, ssid);
   2318 		if (value == NULL)
   2319 			continue;
   2320 		if (os_strlen(value) == 0) {
   2321 			os_free(value);
   2322 			continue;
   2323 		}
   2324 
   2325 		key = os_strdup(field->name);
   2326 		if (key == NULL) {
   2327 			os_free(value);
   2328 			goto err;
   2329 		}
   2330 
   2331 		props[fields_num * 2] = key;
   2332 		props[fields_num * 2 + 1] = value;
   2333 
   2334 		fields_num++;
   2335 	}
   2336 
   2337 	return props;
   2338 
   2339 err:
   2340 	value = *props;
   2341 	while (value)
   2342 		os_free(value++);
   2343 	os_free(props);
   2344 	return NULL;
   2345 }
   2346 
   2347 
   2348 #ifndef NO_CONFIG_WRITE
   2349 /**
   2350  * wpa_config_get - Get a variable in network configuration
   2351  * @ssid: Pointer to network configuration data
   2352  * @var: Variable name, e.g., "ssid"
   2353  * Returns: Value of the variable or %NULL on failure
   2354  *
   2355  * This function can be used to get network configuration variables. The
   2356  * returned value is a copy of the configuration variable in text format, i.e,.
   2357  * the same format that the text-based configuration file and wpa_config_set()
   2358  * are using for the value. The caller is responsible for freeing the returned
   2359  * value.
   2360  */
   2361 char * wpa_config_get(struct wpa_ssid *ssid, const char *var)
   2362 {
   2363 	size_t i;
   2364 
   2365 	if (ssid == NULL || var == NULL)
   2366 		return NULL;
   2367 
   2368 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
   2369 		const struct parse_data *field = &ssid_fields[i];
   2370 		if (os_strcmp(var, field->name) == 0)
   2371 			return field->writer(field, ssid);
   2372 	}
   2373 
   2374 	return NULL;
   2375 }
   2376 
   2377 
   2378 /**
   2379  * wpa_config_get_no_key - Get a variable in network configuration (no keys)
   2380  * @ssid: Pointer to network configuration data
   2381  * @var: Variable name, e.g., "ssid"
   2382  * Returns: Value of the variable or %NULL on failure
   2383  *
   2384  * This function can be used to get network configuration variable like
   2385  * wpa_config_get(). The only difference is that this functions does not expose
   2386  * key/password material from the configuration. In case a key/password field
   2387  * is requested, the returned value is an empty string or %NULL if the variable
   2388  * is not set or "*" if the variable is set (regardless of its value). The
   2389  * returned value is a copy of the configuration variable in text format, i.e,.
   2390  * the same format that the text-based configuration file and wpa_config_set()
   2391  * are using for the value. The caller is responsible for freeing the returned
   2392  * value.
   2393  */
   2394 char * wpa_config_get_no_key(struct wpa_ssid *ssid, const char *var)
   2395 {
   2396 	size_t i;
   2397 
   2398 	if (ssid == NULL || var == NULL)
   2399 		return NULL;
   2400 
   2401 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
   2402 		const struct parse_data *field = &ssid_fields[i];
   2403 		if (os_strcmp(var, field->name) == 0) {
   2404 			char *res = field->writer(field, ssid);
   2405 			if (field->key_data) {
   2406 				if (res && res[0]) {
   2407 					wpa_printf(MSG_DEBUG, "Do not allow "
   2408 						   "key_data field to be "
   2409 						   "exposed");
   2410 					str_clear_free(res);
   2411 					return os_strdup("*");
   2412 				}
   2413 
   2414 				os_free(res);
   2415 				return NULL;
   2416 			}
   2417 			return res;
   2418 		}
   2419 	}
   2420 
   2421 	return NULL;
   2422 }
   2423 #endif /* NO_CONFIG_WRITE */
   2424 
   2425 
   2426 /**
   2427  * wpa_config_update_psk - Update WPA PSK based on passphrase and SSID
   2428  * @ssid: Pointer to network configuration data
   2429  *
   2430  * This function must be called to update WPA PSK when either SSID or the
   2431  * passphrase has changed for the network configuration.
   2432  */
   2433 void wpa_config_update_psk(struct wpa_ssid *ssid)
   2434 {
   2435 #ifndef CONFIG_NO_PBKDF2
   2436 	pbkdf2_sha1(ssid->passphrase, ssid->ssid, ssid->ssid_len, 4096,
   2437 		    ssid->psk, PMK_LEN);
   2438 	wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
   2439 			ssid->psk, PMK_LEN);
   2440 	ssid->psk_set = 1;
   2441 #endif /* CONFIG_NO_PBKDF2 */
   2442 }
   2443 
   2444 
   2445 static int wpa_config_set_cred_req_conn_capab(struct wpa_cred *cred,
   2446 					      const char *value)
   2447 {
   2448 	u8 *proto;
   2449 	int **port;
   2450 	int *ports, *nports;
   2451 	const char *pos;
   2452 	unsigned int num_ports;
   2453 
   2454 	proto = os_realloc_array(cred->req_conn_capab_proto,
   2455 				 cred->num_req_conn_capab + 1, sizeof(u8));
   2456 	if (proto == NULL)
   2457 		return -1;
   2458 	cred->req_conn_capab_proto = proto;
   2459 
   2460 	port = os_realloc_array(cred->req_conn_capab_port,
   2461 				cred->num_req_conn_capab + 1, sizeof(int *));
   2462 	if (port == NULL)
   2463 		return -1;
   2464 	cred->req_conn_capab_port = port;
   2465 
   2466 	proto[cred->num_req_conn_capab] = atoi(value);
   2467 
   2468 	pos = os_strchr(value, ':');
   2469 	if (pos == NULL) {
   2470 		port[cred->num_req_conn_capab] = NULL;
   2471 		cred->num_req_conn_capab++;
   2472 		return 0;
   2473 	}
   2474 	pos++;
   2475 
   2476 	ports = NULL;
   2477 	num_ports = 0;
   2478 
   2479 	while (*pos) {
   2480 		nports = os_realloc_array(ports, num_ports + 1, sizeof(int));
   2481 		if (nports == NULL) {
   2482 			os_free(ports);
   2483 			return -1;
   2484 		}
   2485 		ports = nports;
   2486 		ports[num_ports++] = atoi(pos);
   2487 
   2488 		pos = os_strchr(pos, ',');
   2489 		if (pos == NULL)
   2490 			break;
   2491 		pos++;
   2492 	}
   2493 
   2494 	nports = os_realloc_array(ports, num_ports + 1, sizeof(int));
   2495 	if (nports == NULL) {
   2496 		os_free(ports);
   2497 		return -1;
   2498 	}
   2499 	ports = nports;
   2500 	ports[num_ports] = -1;
   2501 
   2502 	port[cred->num_req_conn_capab] = ports;
   2503 	cred->num_req_conn_capab++;
   2504 	return 0;
   2505 }
   2506 
   2507 
   2508 int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
   2509 			const char *value, int line)
   2510 {
   2511 	char *val;
   2512 	size_t len;
   2513 
   2514 	if (os_strcmp(var, "temporary") == 0) {
   2515 		cred->temporary = atoi(value);
   2516 		return 0;
   2517 	}
   2518 
   2519 	if (os_strcmp(var, "priority") == 0) {
   2520 		cred->priority = atoi(value);
   2521 		return 0;
   2522 	}
   2523 
   2524 	if (os_strcmp(var, "sp_priority") == 0) {
   2525 		int prio = atoi(value);
   2526 		if (prio < 0 || prio > 255)
   2527 			return -1;
   2528 		cred->sp_priority = prio;
   2529 		return 0;
   2530 	}
   2531 
   2532 	if (os_strcmp(var, "pcsc") == 0) {
   2533 		cred->pcsc = atoi(value);
   2534 		return 0;
   2535 	}
   2536 
   2537 	if (os_strcmp(var, "eap") == 0) {
   2538 		struct eap_method_type method;
   2539 		method.method = eap_peer_get_type(value, &method.vendor);
   2540 		if (method.vendor == EAP_VENDOR_IETF &&
   2541 		    method.method == EAP_TYPE_NONE) {
   2542 			wpa_printf(MSG_ERROR, "Line %d: unknown EAP type '%s' "
   2543 				   "for a credential", line, value);
   2544 			return -1;
   2545 		}
   2546 		os_free(cred->eap_method);
   2547 		cred->eap_method = os_malloc(sizeof(*cred->eap_method));
   2548 		if (cred->eap_method == NULL)
   2549 			return -1;
   2550 		os_memcpy(cred->eap_method, &method, sizeof(method));
   2551 		return 0;
   2552 	}
   2553 
   2554 	if (os_strcmp(var, "password") == 0 &&
   2555 	    os_strncmp(value, "ext:", 4) == 0) {
   2556 		str_clear_free(cred->password);
   2557 		cred->password = os_strdup(value);
   2558 		cred->ext_password = 1;
   2559 		return 0;
   2560 	}
   2561 
   2562 	if (os_strcmp(var, "update_identifier") == 0) {
   2563 		cred->update_identifier = atoi(value);
   2564 		return 0;
   2565 	}
   2566 
   2567 	if (os_strcmp(var, "min_dl_bandwidth_home") == 0) {
   2568 		cred->min_dl_bandwidth_home = atoi(value);
   2569 		return 0;
   2570 	}
   2571 
   2572 	if (os_strcmp(var, "min_ul_bandwidth_home") == 0) {
   2573 		cred->min_ul_bandwidth_home = atoi(value);
   2574 		return 0;
   2575 	}
   2576 
   2577 	if (os_strcmp(var, "min_dl_bandwidth_roaming") == 0) {
   2578 		cred->min_dl_bandwidth_roaming = atoi(value);
   2579 		return 0;
   2580 	}
   2581 
   2582 	if (os_strcmp(var, "min_ul_bandwidth_roaming") == 0) {
   2583 		cred->min_ul_bandwidth_roaming = atoi(value);
   2584 		return 0;
   2585 	}
   2586 
   2587 	if (os_strcmp(var, "max_bss_load") == 0) {
   2588 		cred->max_bss_load = atoi(value);
   2589 		return 0;
   2590 	}
   2591 
   2592 	if (os_strcmp(var, "req_conn_capab") == 0)
   2593 		return wpa_config_set_cred_req_conn_capab(cred, value);
   2594 
   2595 	if (os_strcmp(var, "ocsp") == 0) {
   2596 		cred->ocsp = atoi(value);
   2597 		return 0;
   2598 	}
   2599 
   2600 	if (os_strcmp(var, "sim_num") == 0) {
   2601 		cred->sim_num = atoi(value);
   2602 		return 0;
   2603 	}
   2604 
   2605 	val = wpa_config_parse_string(value, &len);
   2606 	if (val == NULL) {
   2607 		wpa_printf(MSG_ERROR, "Line %d: invalid field '%s' string "
   2608 			   "value '%s'.", line, var, value);
   2609 		return -1;
   2610 	}
   2611 
   2612 	if (os_strcmp(var, "realm") == 0) {
   2613 		os_free(cred->realm);
   2614 		cred->realm = val;
   2615 		return 0;
   2616 	}
   2617 
   2618 	if (os_strcmp(var, "username") == 0) {
   2619 		str_clear_free(cred->username);
   2620 		cred->username = val;
   2621 		return 0;
   2622 	}
   2623 
   2624 	if (os_strcmp(var, "password") == 0) {
   2625 		str_clear_free(cred->password);
   2626 		cred->password = val;
   2627 		cred->ext_password = 0;
   2628 		return 0;
   2629 	}
   2630 
   2631 	if (os_strcmp(var, "ca_cert") == 0) {
   2632 		os_free(cred->ca_cert);
   2633 		cred->ca_cert = val;
   2634 		return 0;
   2635 	}
   2636 
   2637 	if (os_strcmp(var, "client_cert") == 0) {
   2638 		os_free(cred->client_cert);
   2639 		cred->client_cert = val;
   2640 		return 0;
   2641 	}
   2642 
   2643 	if (os_strcmp(var, "private_key") == 0) {
   2644 		os_free(cred->private_key);
   2645 		cred->private_key = val;
   2646 		return 0;
   2647 	}
   2648 
   2649 	if (os_strcmp(var, "private_key_passwd") == 0) {
   2650 		str_clear_free(cred->private_key_passwd);
   2651 		cred->private_key_passwd = val;
   2652 		return 0;
   2653 	}
   2654 
   2655 	if (os_strcmp(var, "imsi") == 0) {
   2656 		os_free(cred->imsi);
   2657 		cred->imsi = val;
   2658 		return 0;
   2659 	}
   2660 
   2661 	if (os_strcmp(var, "milenage") == 0) {
   2662 		str_clear_free(cred->milenage);
   2663 		cred->milenage = val;
   2664 		return 0;
   2665 	}
   2666 
   2667 	if (os_strcmp(var, "domain_suffix_match") == 0) {
   2668 		os_free(cred->domain_suffix_match);
   2669 		cred->domain_suffix_match = val;
   2670 		return 0;
   2671 	}
   2672 
   2673 	if (os_strcmp(var, "domain") == 0) {
   2674 		char **new_domain;
   2675 		new_domain = os_realloc_array(cred->domain,
   2676 					      cred->num_domain + 1,
   2677 					      sizeof(char *));
   2678 		if (new_domain == NULL) {
   2679 			os_free(val);
   2680 			return -1;
   2681 		}
   2682 		new_domain[cred->num_domain++] = val;
   2683 		cred->domain = new_domain;
   2684 		return 0;
   2685 	}
   2686 
   2687 	if (os_strcmp(var, "phase1") == 0) {
   2688 		os_free(cred->phase1);
   2689 		cred->phase1 = val;
   2690 		return 0;
   2691 	}
   2692 
   2693 	if (os_strcmp(var, "phase2") == 0) {
   2694 		os_free(cred->phase2);
   2695 		cred->phase2 = val;
   2696 		return 0;
   2697 	}
   2698 
   2699 	if (os_strcmp(var, "roaming_consortium") == 0) {
   2700 		if (len < 3 || len > sizeof(cred->roaming_consortium)) {
   2701 			wpa_printf(MSG_ERROR, "Line %d: invalid "
   2702 				   "roaming_consortium length %d (3..15 "
   2703 				   "expected)", line, (int) len);
   2704 			os_free(val);
   2705 			return -1;
   2706 		}
   2707 		os_memcpy(cred->roaming_consortium, val, len);
   2708 		cred->roaming_consortium_len = len;
   2709 		os_free(val);
   2710 		return 0;
   2711 	}
   2712 
   2713 	if (os_strcmp(var, "required_roaming_consortium") == 0) {
   2714 		if (len < 3 || len > sizeof(cred->required_roaming_consortium))
   2715 		{
   2716 			wpa_printf(MSG_ERROR, "Line %d: invalid "
   2717 				   "required_roaming_consortium length %d "
   2718 				   "(3..15 expected)", line, (int) len);
   2719 			os_free(val);
   2720 			return -1;
   2721 		}
   2722 		os_memcpy(cred->required_roaming_consortium, val, len);
   2723 		cred->required_roaming_consortium_len = len;
   2724 		os_free(val);
   2725 		return 0;
   2726 	}
   2727 
   2728 	if (os_strcmp(var, "excluded_ssid") == 0) {
   2729 		struct excluded_ssid *e;
   2730 
   2731 		if (len > MAX_SSID_LEN) {
   2732 			wpa_printf(MSG_ERROR, "Line %d: invalid "
   2733 				   "excluded_ssid length %d", line, (int) len);
   2734 			os_free(val);
   2735 			return -1;
   2736 		}
   2737 
   2738 		e = os_realloc_array(cred->excluded_ssid,
   2739 				     cred->num_excluded_ssid + 1,
   2740 				     sizeof(struct excluded_ssid));
   2741 		if (e == NULL) {
   2742 			os_free(val);
   2743 			return -1;
   2744 		}
   2745 		cred->excluded_ssid = e;
   2746 
   2747 		e = &cred->excluded_ssid[cred->num_excluded_ssid++];
   2748 		os_memcpy(e->ssid, val, len);
   2749 		e->ssid_len = len;
   2750 
   2751 		os_free(val);
   2752 
   2753 		return 0;
   2754 	}
   2755 
   2756 	if (os_strcmp(var, "roaming_partner") == 0) {
   2757 		struct roaming_partner *p;
   2758 		char *pos;
   2759 
   2760 		p = os_realloc_array(cred->roaming_partner,
   2761 				     cred->num_roaming_partner + 1,
   2762 				     sizeof(struct roaming_partner));
   2763 		if (p == NULL) {
   2764 			os_free(val);
   2765 			return -1;
   2766 		}
   2767 		cred->roaming_partner = p;
   2768 
   2769 		p = &cred->roaming_partner[cred->num_roaming_partner];
   2770 
   2771 		pos = os_strchr(val, ',');
   2772 		if (pos == NULL) {
   2773 			os_free(val);
   2774 			return -1;
   2775 		}
   2776 		*pos++ = '\0';
   2777 		if (pos - val - 1 >= (int) sizeof(p->fqdn)) {
   2778 			os_free(val);
   2779 			return -1;
   2780 		}
   2781 		os_memcpy(p->fqdn, val, pos - val);
   2782 
   2783 		p->exact_match = atoi(pos);
   2784 
   2785 		pos = os_strchr(pos, ',');
   2786 		if (pos == NULL) {
   2787 			os_free(val);
   2788 			return -1;
   2789 		}
   2790 		*pos++ = '\0';
   2791 
   2792 		p->priority = atoi(pos);
   2793 
   2794 		pos = os_strchr(pos, ',');
   2795 		if (pos == NULL) {
   2796 			os_free(val);
   2797 			return -1;
   2798 		}
   2799 		*pos++ = '\0';
   2800 
   2801 		if (os_strlen(pos) >= sizeof(p->country)) {
   2802 			os_free(val);
   2803 			return -1;
   2804 		}
   2805 		os_memcpy(p->country, pos, os_strlen(pos) + 1);
   2806 
   2807 		cred->num_roaming_partner++;
   2808 		os_free(val);
   2809 
   2810 		return 0;
   2811 	}
   2812 
   2813 	if (os_strcmp(var, "provisioning_sp") == 0) {
   2814 		os_free(cred->provisioning_sp);
   2815 		cred->provisioning_sp = val;
   2816 		return 0;
   2817 	}
   2818 
   2819 	if (line) {
   2820 		wpa_printf(MSG_ERROR, "Line %d: unknown cred field '%s'.",
   2821 			   line, var);
   2822 	}
   2823 
   2824 	os_free(val);
   2825 
   2826 	return -1;
   2827 }
   2828 
   2829 
   2830 static char * alloc_int_str(int val)
   2831 {
   2832 	char *buf;
   2833 
   2834 	buf = os_malloc(20);
   2835 	if (buf == NULL)
   2836 		return NULL;
   2837 	os_snprintf(buf, 20, "%d", val);
   2838 	return buf;
   2839 }
   2840 
   2841 
   2842 static char * alloc_strdup(const char *str)
   2843 {
   2844 	if (str == NULL)
   2845 		return NULL;
   2846 	return os_strdup(str);
   2847 }
   2848 
   2849 
   2850 char * wpa_config_get_cred_no_key(struct wpa_cred *cred, const char *var)
   2851 {
   2852 	if (os_strcmp(var, "temporary") == 0)
   2853 		return alloc_int_str(cred->temporary);
   2854 
   2855 	if (os_strcmp(var, "priority") == 0)
   2856 		return alloc_int_str(cred->priority);
   2857 
   2858 	if (os_strcmp(var, "sp_priority") == 0)
   2859 		return alloc_int_str(cred->sp_priority);
   2860 
   2861 	if (os_strcmp(var, "pcsc") == 0)
   2862 		return alloc_int_str(cred->pcsc);
   2863 
   2864 	if (os_strcmp(var, "eap") == 0) {
   2865 		if (!cred->eap_method)
   2866 			return NULL;
   2867 		return alloc_strdup(eap_get_name(cred->eap_method[0].vendor,
   2868 						 cred->eap_method[0].method));
   2869 	}
   2870 
   2871 	if (os_strcmp(var, "update_identifier") == 0)
   2872 		return alloc_int_str(cred->update_identifier);
   2873 
   2874 	if (os_strcmp(var, "min_dl_bandwidth_home") == 0)
   2875 		return alloc_int_str(cred->min_dl_bandwidth_home);
   2876 
   2877 	if (os_strcmp(var, "min_ul_bandwidth_home") == 0)
   2878 		return alloc_int_str(cred->min_ul_bandwidth_home);
   2879 
   2880 	if (os_strcmp(var, "min_dl_bandwidth_roaming") == 0)
   2881 		return alloc_int_str(cred->min_dl_bandwidth_roaming);
   2882 
   2883 	if (os_strcmp(var, "min_ul_bandwidth_roaming") == 0)
   2884 		return alloc_int_str(cred->min_ul_bandwidth_roaming);
   2885 
   2886 	if (os_strcmp(var, "max_bss_load") == 0)
   2887 		return alloc_int_str(cred->max_bss_load);
   2888 
   2889 	if (os_strcmp(var, "req_conn_capab") == 0) {
   2890 		unsigned int i;
   2891 		char *buf, *end, *pos;
   2892 		int ret;
   2893 
   2894 		if (!cred->num_req_conn_capab)
   2895 			return NULL;
   2896 
   2897 		buf = os_malloc(4000);
   2898 		if (buf == NULL)
   2899 			return NULL;
   2900 		pos = buf;
   2901 		end = pos + 4000;
   2902 		for (i = 0; i < cred->num_req_conn_capab; i++) {
   2903 			int *ports;
   2904 
   2905 			ret = os_snprintf(pos, end - pos, "%s%u",
   2906 					  i > 0 ? "\n" : "",
   2907 					  cred->req_conn_capab_proto[i]);
   2908 			if (ret < 0 || ret >= end - pos)
   2909 				return buf;
   2910 			pos += ret;
   2911 
   2912 			ports = cred->req_conn_capab_port[i];
   2913 			if (ports) {
   2914 				int j;
   2915 				for (j = 0; ports[j] != -1; j++) {
   2916 					ret = os_snprintf(pos, end - pos,
   2917 							  "%s%d",
   2918 							  j > 0 ? "," : ":",
   2919 							  ports[j]);
   2920 					if (ret < 0 || ret >= end - pos)
   2921 						return buf;
   2922 					pos += ret;
   2923 				}
   2924 			}
   2925 		}
   2926 
   2927 		return buf;
   2928 	}
   2929 
   2930 	if (os_strcmp(var, "ocsp") == 0)
   2931 		return alloc_int_str(cred->ocsp);
   2932 
   2933 	if (os_strcmp(var, "realm") == 0)
   2934 		return alloc_strdup(cred->realm);
   2935 
   2936 	if (os_strcmp(var, "username") == 0)
   2937 		return alloc_strdup(cred->username);
   2938 
   2939 	if (os_strcmp(var, "password") == 0) {
   2940 		if (!cred->password)
   2941 			return NULL;
   2942 		return alloc_strdup("*");
   2943 	}
   2944 
   2945 	if (os_strcmp(var, "ca_cert") == 0)
   2946 		return alloc_strdup(cred->ca_cert);
   2947 
   2948 	if (os_strcmp(var, "client_cert") == 0)
   2949 		return alloc_strdup(cred->client_cert);
   2950 
   2951 	if (os_strcmp(var, "private_key") == 0)
   2952 		return alloc_strdup(cred->private_key);
   2953 
   2954 	if (os_strcmp(var, "private_key_passwd") == 0) {
   2955 		if (!cred->private_key_passwd)
   2956 			return NULL;
   2957 		return alloc_strdup("*");
   2958 	}
   2959 
   2960 	if (os_strcmp(var, "imsi") == 0)
   2961 		return alloc_strdup(cred->imsi);
   2962 
   2963 	if (os_strcmp(var, "milenage") == 0) {
   2964 		if (!(cred->milenage))
   2965 			return NULL;
   2966 		return alloc_strdup("*");
   2967 	}
   2968 
   2969 	if (os_strcmp(var, "domain_suffix_match") == 0)
   2970 		return alloc_strdup(cred->domain_suffix_match);
   2971 
   2972 	if (os_strcmp(var, "domain") == 0) {
   2973 		unsigned int i;
   2974 		char *buf, *end, *pos;
   2975 		int ret;
   2976 
   2977 		if (!cred->num_domain)
   2978 			return NULL;
   2979 
   2980 		buf = os_malloc(4000);
   2981 		if (buf == NULL)
   2982 			return NULL;
   2983 		pos = buf;
   2984 		end = pos + 4000;
   2985 
   2986 		for (i = 0; i < cred->num_domain; i++) {
   2987 			ret = os_snprintf(pos, end - pos, "%s%s",
   2988 					  i > 0 ? "\n" : "", cred->domain[i]);
   2989 			if (ret < 0 || ret >= end - pos)
   2990 				return buf;
   2991 			pos += ret;
   2992 		}
   2993 
   2994 		return buf;
   2995 	}
   2996 
   2997 	if (os_strcmp(var, "phase1") == 0)
   2998 		return alloc_strdup(cred->phase1);
   2999 
   3000 	if (os_strcmp(var, "phase2") == 0)
   3001 		return alloc_strdup(cred->phase2);
   3002 
   3003 	if (os_strcmp(var, "roaming_consortium") == 0) {
   3004 		size_t buflen;
   3005 		char *buf;
   3006 
   3007 		if (!cred->roaming_consortium_len)
   3008 			return NULL;
   3009 		buflen = cred->roaming_consortium_len * 2 + 1;
   3010 		buf = os_malloc(buflen);
   3011 		if (buf == NULL)
   3012 			return NULL;
   3013 		wpa_snprintf_hex(buf, buflen, cred->roaming_consortium,
   3014 				 cred->roaming_consortium_len);
   3015 		return buf;
   3016 	}
   3017 
   3018 	if (os_strcmp(var, "required_roaming_consortium") == 0) {
   3019 		size_t buflen;
   3020 		char *buf;
   3021 
   3022 		if (!cred->required_roaming_consortium_len)
   3023 			return NULL;
   3024 		buflen = cred->required_roaming_consortium_len * 2 + 1;
   3025 		buf = os_malloc(buflen);
   3026 		if (buf == NULL)
   3027 			return NULL;
   3028 		wpa_snprintf_hex(buf, buflen, cred->required_roaming_consortium,
   3029 				 cred->required_roaming_consortium_len);
   3030 		return buf;
   3031 	}
   3032 
   3033 	if (os_strcmp(var, "excluded_ssid") == 0) {
   3034 		unsigned int i;
   3035 		char *buf, *end, *pos;
   3036 
   3037 		if (!cred->num_excluded_ssid)
   3038 			return NULL;
   3039 
   3040 		buf = os_malloc(4000);
   3041 		if (buf == NULL)
   3042 			return NULL;
   3043 		pos = buf;
   3044 		end = pos + 4000;
   3045 
   3046 		for (i = 0; i < cred->num_excluded_ssid; i++) {
   3047 			struct excluded_ssid *e;
   3048 			int ret;
   3049 
   3050 			e = &cred->excluded_ssid[i];
   3051 			ret = os_snprintf(pos, end - pos, "%s%s",
   3052 					  i > 0 ? "\n" : "",
   3053 					  wpa_ssid_txt(e->ssid, e->ssid_len));
   3054 			if (ret < 0 || ret >= end - pos)
   3055 				return buf;
   3056 			pos += ret;
   3057 		}
   3058 
   3059 		return buf;
   3060 	}
   3061 
   3062 	if (os_strcmp(var, "roaming_partner") == 0) {
   3063 		unsigned int i;
   3064 		char *buf, *end, *pos;
   3065 
   3066 		if (!cred->num_roaming_partner)
   3067 			return NULL;
   3068 
   3069 		buf = os_malloc(4000);
   3070 		if (buf == NULL)
   3071 			return NULL;
   3072 		pos = buf;
   3073 		end = pos + 4000;
   3074 
   3075 		for (i = 0; i < cred->num_roaming_partner; i++) {
   3076 			struct roaming_partner *p;
   3077 			int ret;
   3078 
   3079 			p = &cred->roaming_partner[i];
   3080 			ret = os_snprintf(pos, end - pos, "%s%s,%d,%u,%s",
   3081 					  i > 0 ? "\n" : "",
   3082 					  p->fqdn, p->exact_match, p->priority,
   3083 					  p->country);
   3084 			if (ret < 0 || ret >= end - pos)
   3085 				return buf;
   3086 			pos += ret;
   3087 		}
   3088 
   3089 		return buf;
   3090 	}
   3091 
   3092 	if (os_strcmp(var, "provisioning_sp") == 0)
   3093 		return alloc_strdup(cred->provisioning_sp);
   3094 
   3095 	return NULL;
   3096 }
   3097 
   3098 
   3099 struct wpa_cred * wpa_config_get_cred(struct wpa_config *config, int id)
   3100 {
   3101 	struct wpa_cred *cred;
   3102 
   3103 	cred = config->cred;
   3104 	while (cred) {
   3105 		if (id == cred->id)
   3106 			break;
   3107 		cred = cred->next;
   3108 	}
   3109 
   3110 	return cred;
   3111 }
   3112 
   3113 
   3114 struct wpa_cred * wpa_config_add_cred(struct wpa_config *config)
   3115 {
   3116 	int id;
   3117 	struct wpa_cred *cred, *last = NULL;
   3118 
   3119 	id = -1;
   3120 	cred = config->cred;
   3121 	while (cred) {
   3122 		if (cred->id > id)
   3123 			id = cred->id;
   3124 		last = cred;
   3125 		cred = cred->next;
   3126 	}
   3127 	id++;
   3128 
   3129 	cred = os_zalloc(sizeof(*cred));
   3130 	if (cred == NULL)
   3131 		return NULL;
   3132 	cred->id = id;
   3133 	cred->sim_num = DEFAULT_USER_SELECTED_SIM;
   3134 	if (last)
   3135 		last->next = cred;
   3136 	else
   3137 		config->cred = cred;
   3138 
   3139 	return cred;
   3140 }
   3141 
   3142 
   3143 int wpa_config_remove_cred(struct wpa_config *config, int id)
   3144 {
   3145 	struct wpa_cred *cred, *prev = NULL;
   3146 
   3147 	cred = config->cred;
   3148 	while (cred) {
   3149 		if (id == cred->id)
   3150 			break;
   3151 		prev = cred;
   3152 		cred = cred->next;
   3153 	}
   3154 
   3155 	if (cred == NULL)
   3156 		return -1;
   3157 
   3158 	if (prev)
   3159 		prev->next = cred->next;
   3160 	else
   3161 		config->cred = cred->next;
   3162 
   3163 	wpa_config_free_cred(cred);
   3164 	return 0;
   3165 }
   3166 
   3167 
   3168 #ifndef CONFIG_NO_CONFIG_BLOBS
   3169 /**
   3170  * wpa_config_get_blob - Get a named configuration blob
   3171  * @config: Configuration data from wpa_config_read()
   3172  * @name: Name of the blob
   3173  * Returns: Pointer to blob data or %NULL if not found
   3174  */
   3175 const struct wpa_config_blob * wpa_config_get_blob(struct wpa_config *config,
   3176 						   const char *name)
   3177 {
   3178 	struct wpa_config_blob *blob = config->blobs;
   3179 
   3180 	while (blob) {
   3181 		if (os_strcmp(blob->name, name) == 0)
   3182 			return blob;
   3183 		blob = blob->next;
   3184 	}
   3185 	return NULL;
   3186 }
   3187 
   3188 
   3189 /**
   3190  * wpa_config_set_blob - Set or add a named configuration blob
   3191  * @config: Configuration data from wpa_config_read()
   3192  * @blob: New value for the blob
   3193  *
   3194  * Adds a new configuration blob or replaces the current value of an existing
   3195  * blob.
   3196  */
   3197 void wpa_config_set_blob(struct wpa_config *config,
   3198 			 struct wpa_config_blob *blob)
   3199 {
   3200 	wpa_config_remove_blob(config, blob->name);
   3201 	blob->next = config->blobs;
   3202 	config->blobs = blob;
   3203 }
   3204 
   3205 
   3206 /**
   3207  * wpa_config_free_blob - Free blob data
   3208  * @blob: Pointer to blob to be freed
   3209  */
   3210 void wpa_config_free_blob(struct wpa_config_blob *blob)
   3211 {
   3212 	if (blob) {
   3213 		os_free(blob->name);
   3214 		bin_clear_free(blob->data, blob->len);
   3215 		os_free(blob);
   3216 	}
   3217 }
   3218 
   3219 
   3220 /**
   3221  * wpa_config_remove_blob - Remove a named configuration blob
   3222  * @config: Configuration data from wpa_config_read()
   3223  * @name: Name of the blob to remove
   3224  * Returns: 0 if blob was removed or -1 if blob was not found
   3225  */
   3226 int wpa_config_remove_blob(struct wpa_config *config, const char *name)
   3227 {
   3228 	struct wpa_config_blob *pos = config->blobs, *prev = NULL;
   3229 
   3230 	while (pos) {
   3231 		if (os_strcmp(pos->name, name) == 0) {
   3232 			if (prev)
   3233 				prev->next = pos->next;
   3234 			else
   3235 				config->blobs = pos->next;
   3236 			wpa_config_free_blob(pos);
   3237 			return 0;
   3238 		}
   3239 		prev = pos;
   3240 		pos = pos->next;
   3241 	}
   3242 
   3243 	return -1;
   3244 }
   3245 #endif /* CONFIG_NO_CONFIG_BLOBS */
   3246 
   3247 
   3248 /**
   3249  * wpa_config_alloc_empty - Allocate an empty configuration
   3250  * @ctrl_interface: Control interface parameters, e.g., path to UNIX domain
   3251  * socket
   3252  * @driver_param: Driver parameters
   3253  * Returns: Pointer to allocated configuration data or %NULL on failure
   3254  */
   3255 struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
   3256 					   const char *driver_param)
   3257 {
   3258 	struct wpa_config *config;
   3259 	const int aCWmin = 4, aCWmax = 10;
   3260 	const struct hostapd_wmm_ac_params ac_bk =
   3261 		{ aCWmin, aCWmax, 7, 0, 0 }; /* background traffic */
   3262 	const struct hostapd_wmm_ac_params ac_be =
   3263 		{ aCWmin, aCWmax, 3, 0, 0 }; /* best effort traffic */
   3264 	const struct hostapd_wmm_ac_params ac_vi = /* video traffic */
   3265 		{ aCWmin - 1, aCWmin, 2, 3000 / 32, 0 };
   3266 	const struct hostapd_wmm_ac_params ac_vo = /* voice traffic */
   3267 		{ aCWmin - 2, aCWmin - 1, 2, 1500 / 32, 0 };
   3268 
   3269 	config = os_zalloc(sizeof(*config));
   3270 	if (config == NULL)
   3271 		return NULL;
   3272 	config->eapol_version = DEFAULT_EAPOL_VERSION;
   3273 	config->ap_scan = DEFAULT_AP_SCAN;
   3274 	config->fast_reauth = DEFAULT_FAST_REAUTH;
   3275 	config->p2p_go_intent = DEFAULT_P2P_GO_INTENT;
   3276 	config->p2p_intra_bss = DEFAULT_P2P_INTRA_BSS;
   3277 	config->p2p_go_max_inactivity = DEFAULT_P2P_GO_MAX_INACTIVITY;
   3278 	config->p2p_optimize_listen_chan = DEFAULT_P2P_OPTIMIZE_LISTEN_CHAN;
   3279 	config->bss_max_count = DEFAULT_BSS_MAX_COUNT;
   3280 	config->bss_expiration_age = DEFAULT_BSS_EXPIRATION_AGE;
   3281 	config->bss_expiration_scan_count = DEFAULT_BSS_EXPIRATION_SCAN_COUNT;
   3282 	config->max_num_sta = DEFAULT_MAX_NUM_STA;
   3283 	config->access_network_type = DEFAULT_ACCESS_NETWORK_TYPE;
   3284 	config->scan_cur_freq = DEFAULT_SCAN_CUR_FREQ;
   3285 	config->wmm_ac_params[0] = ac_be;
   3286 	config->wmm_ac_params[1] = ac_bk;
   3287 	config->wmm_ac_params[2] = ac_vi;
   3288 	config->wmm_ac_params[3] = ac_vo;
   3289 	config->p2p_search_delay = DEFAULT_P2P_SEARCH_DELAY;
   3290 
   3291 	if (ctrl_interface)
   3292 		config->ctrl_interface = os_strdup(ctrl_interface);
   3293 	if (driver_param)
   3294 		config->driver_param = os_strdup(driver_param);
   3295 
   3296 	return config;
   3297 }
   3298 
   3299 
   3300 #ifndef CONFIG_NO_STDOUT_DEBUG
   3301 /**
   3302  * wpa_config_debug_dump_networks - Debug dump of configured networks
   3303  * @config: Configuration data from wpa_config_read()
   3304  */
   3305 void wpa_config_debug_dump_networks(struct wpa_config *config)
   3306 {
   3307 	int prio;
   3308 	struct wpa_ssid *ssid;
   3309 
   3310 	for (prio = 0; prio < config->num_prio; prio++) {
   3311 		ssid = config->pssid[prio];
   3312 		wpa_printf(MSG_DEBUG, "Priority group %d",
   3313 			   ssid->priority);
   3314 		while (ssid) {
   3315 			wpa_printf(MSG_DEBUG, "   id=%d ssid='%s'",
   3316 				   ssid->id,
   3317 				   wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
   3318 			ssid = ssid->pnext;
   3319 		}
   3320 	}
   3321 }
   3322 #endif /* CONFIG_NO_STDOUT_DEBUG */
   3323 
   3324 
   3325 struct global_parse_data {
   3326 	char *name;
   3327 	int (*parser)(const struct global_parse_data *data,
   3328 		      struct wpa_config *config, int line, const char *value);
   3329 	void *param1, *param2, *param3;
   3330 	unsigned int changed_flag;
   3331 };
   3332 
   3333 
   3334 static int wpa_global_config_parse_int(const struct global_parse_data *data,
   3335 				       struct wpa_config *config, int line,
   3336 				       const char *pos)
   3337 {
   3338 	int val, *dst;
   3339 	char *end;
   3340 
   3341 	dst = (int *) (((u8 *) config) + (long) data->param1);
   3342 	val = strtol(pos, &end, 0);
   3343 	if (*end) {
   3344 		wpa_printf(MSG_ERROR, "Line %d: invalid number \"%s\"",
   3345 			   line, pos);
   3346 		return -1;
   3347 	}
   3348 	*dst = val;
   3349 
   3350 	wpa_printf(MSG_DEBUG, "%s=%d", data->name, *dst);
   3351 
   3352 	if (data->param2 && *dst < (long) data->param2) {
   3353 		wpa_printf(MSG_ERROR, "Line %d: too small %s (value=%d "
   3354 			   "min_value=%ld)", line, data->name, *dst,
   3355 			   (long) data->param2);
   3356 		*dst = (long) data->param2;
   3357 		return -1;
   3358 	}
   3359 
   3360 	if (data->param3 && *dst > (long) data->param3) {
   3361 		wpa_printf(MSG_ERROR, "Line %d: too large %s (value=%d "
   3362 			   "max_value=%ld)", line, data->name, *dst,
   3363 			   (long) data->param3);
   3364 		*dst = (long) data->param3;
   3365 		return -1;
   3366 	}
   3367 
   3368 	return 0;
   3369 }
   3370 
   3371 
   3372 static int wpa_global_config_parse_str(const struct global_parse_data *data,
   3373 				       struct wpa_config *config, int line,
   3374 				       const char *pos)
   3375 {
   3376 	size_t len;
   3377 	char **dst, *tmp;
   3378 
   3379 	len = os_strlen(pos);
   3380 	if (data->param2 && len < (size_t) data->param2) {
   3381 		wpa_printf(MSG_ERROR, "Line %d: too short %s (len=%lu "
   3382 			   "min_len=%ld)", line, data->name,
   3383 			   (unsigned long) len, (long) data->param2);
   3384 		return -1;
   3385 	}
   3386 
   3387 	if (data->param3 && len > (size_t) data->param3) {
   3388 		wpa_printf(MSG_ERROR, "Line %d: too long %s (len=%lu "
   3389 			   "max_len=%ld)", line, data->name,
   3390 			   (unsigned long) len, (long) data->param3);
   3391 		return -1;
   3392 	}
   3393 
   3394 	tmp = os_strdup(pos);
   3395 	if (tmp == NULL)
   3396 		return -1;
   3397 
   3398 	dst = (char **) (((u8 *) config) + (long) data->param1);
   3399 	os_free(*dst);
   3400 	*dst = tmp;
   3401 	wpa_printf(MSG_DEBUG, "%s='%s'", data->name, *dst);
   3402 
   3403 	return 0;
   3404 }
   3405 
   3406 
   3407 static int wpa_config_process_bgscan(const struct global_parse_data *data,
   3408 				     struct wpa_config *config, int line,
   3409 				     const char *pos)
   3410 {
   3411 	size_t len;
   3412 	char *tmp;
   3413 	int res;
   3414 
   3415 	tmp = wpa_config_parse_string(pos, &len);
   3416 	if (tmp == NULL) {
   3417 		wpa_printf(MSG_ERROR, "Line %d: failed to parse %s",
   3418 			   line, data->name);
   3419 		return -1;
   3420 	}
   3421 
   3422 	res = wpa_global_config_parse_str(data, config, line, tmp);
   3423 	os_free(tmp);
   3424 	return res;
   3425 }
   3426 
   3427 
   3428 static int wpa_global_config_parse_bin(const struct global_parse_data *data,
   3429 				       struct wpa_config *config, int line,
   3430 				       const char *pos)
   3431 {
   3432 	size_t len;
   3433 	struct wpabuf **dst, *tmp;
   3434 
   3435 	len = os_strlen(pos);
   3436 	if (len & 0x01)
   3437 		return -1;
   3438 
   3439 	tmp = wpabuf_alloc(len / 2);
   3440 	if (tmp == NULL)
   3441 		return -1;
   3442 
   3443 	if (hexstr2bin(pos, wpabuf_put(tmp, len / 2), len / 2)) {
   3444 		wpabuf_free(tmp);
   3445 		return -1;
   3446 	}
   3447 
   3448 	dst = (struct wpabuf **) (((u8 *) config) + (long) data->param1);
   3449 	wpabuf_free(*dst);
   3450 	*dst = tmp;
   3451 	wpa_printf(MSG_DEBUG, "%s", data->name);
   3452 
   3453 	return 0;
   3454 }
   3455 
   3456 
   3457 static int wpa_config_process_freq_list(const struct global_parse_data *data,
   3458 					struct wpa_config *config, int line,
   3459 					const char *value)
   3460 {
   3461 	int *freqs;
   3462 
   3463 	freqs = wpa_config_parse_int_array(value);
   3464 	if (freqs == NULL)
   3465 		return -1;
   3466 	if (freqs[0] == 0) {
   3467 		os_free(freqs);
   3468 		freqs = NULL;
   3469 	}
   3470 	os_free(config->freq_list);
   3471 	config->freq_list = freqs;
   3472 	return 0;
   3473 }
   3474 
   3475 
   3476 #ifdef CONFIG_P2P
   3477 static int wpa_global_config_parse_ipv4(const struct global_parse_data *data,
   3478 					struct wpa_config *config, int line,
   3479 					const char *pos)
   3480 {
   3481 	u32 *dst;
   3482 	struct hostapd_ip_addr addr;
   3483 
   3484 	if (hostapd_parse_ip_addr(pos, &addr) < 0)
   3485 		return -1;
   3486 	if (addr.af != AF_INET)
   3487 		return -1;
   3488 
   3489 	dst = (u32 *) (((u8 *) config) + (long) data->param1);
   3490 	os_memcpy(dst, &addr.u.v4.s_addr, 4);
   3491 	wpa_printf(MSG_DEBUG, "%s = 0x%x", data->name,
   3492 		   WPA_GET_BE32((u8 *) dst));
   3493 
   3494 	return 0;
   3495 }
   3496 #endif /* CONFIG_P2P */
   3497 
   3498 
   3499 static int wpa_config_process_country(const struct global_parse_data *data,
   3500 				      struct wpa_config *config, int line,
   3501 				      const char *pos)
   3502 {
   3503 	if (!pos[0] || !pos[1]) {
   3504 		wpa_printf(MSG_DEBUG, "Invalid country set");
   3505 		return -1;
   3506 	}
   3507 	config->country[0] = pos[0];
   3508 	config->country[1] = pos[1];
   3509 	wpa_printf(MSG_DEBUG, "country='%c%c'",
   3510 		   config->country[0], config->country[1]);
   3511 	return 0;
   3512 }
   3513 
   3514 
   3515 static int wpa_config_process_load_dynamic_eap(
   3516 	const struct global_parse_data *data, struct wpa_config *config,
   3517 	int line, const char *so)
   3518 {
   3519 	int ret;
   3520 	wpa_printf(MSG_DEBUG, "load_dynamic_eap=%s", so);
   3521 	ret = eap_peer_method_load(so);
   3522 	if (ret == -2) {
   3523 		wpa_printf(MSG_DEBUG, "This EAP type was already loaded - not "
   3524 			   "reloading.");
   3525 	} else if (ret) {
   3526 		wpa_printf(MSG_ERROR, "Line %d: Failed to load dynamic EAP "
   3527 			   "method '%s'.", line, so);
   3528 		return -1;
   3529 	}
   3530 
   3531 	return 0;
   3532 }
   3533 
   3534 
   3535 #ifdef CONFIG_WPS
   3536 
   3537 static int wpa_config_process_uuid(const struct global_parse_data *data,
   3538 				   struct wpa_config *config, int line,
   3539 				   const char *pos)
   3540 {
   3541 	char buf[40];
   3542 	if (uuid_str2bin(pos, config->uuid)) {
   3543 		wpa_printf(MSG_ERROR, "Line %d: invalid UUID", line);
   3544 		return -1;
   3545 	}
   3546 	uuid_bin2str(config->uuid, buf, sizeof(buf));
   3547 	wpa_printf(MSG_DEBUG, "uuid=%s", buf);
   3548 	return 0;
   3549 }
   3550 
   3551 
   3552 static int wpa_config_process_device_type(
   3553 	const struct global_parse_data *data,
   3554 	struct wpa_config *config, int line, const char *pos)
   3555 {
   3556 	return wps_dev_type_str2bin(pos, config->device_type);
   3557 }
   3558 
   3559 
   3560 static int wpa_config_process_os_version(const struct global_parse_data *data,
   3561 					 struct wpa_config *config, int line,
   3562 					 const char *pos)
   3563 {
   3564 	if (hexstr2bin(pos, config->os_version, 4)) {
   3565 		wpa_printf(MSG_ERROR, "Line %d: invalid os_version", line);
   3566 		return -1;
   3567 	}
   3568 	wpa_printf(MSG_DEBUG, "os_version=%08x",
   3569 		   WPA_GET_BE32(config->os_version));
   3570 	return 0;
   3571 }
   3572 
   3573 
   3574 static int wpa_config_process_wps_vendor_ext_m1(
   3575 	const struct global_parse_data *data,
   3576 	struct wpa_config *config, int line, const char *pos)
   3577 {
   3578 	struct wpabuf *tmp;
   3579 	int len = os_strlen(pos) / 2;
   3580 	u8 *p;
   3581 
   3582 	if (!len) {
   3583 		wpa_printf(MSG_ERROR, "Line %d: "
   3584 			   "invalid wps_vendor_ext_m1", line);
   3585 		return -1;
   3586 	}
   3587 
   3588 	tmp = wpabuf_alloc(len);
   3589 	if (tmp) {
   3590 		p = wpabuf_put(tmp, len);
   3591 
   3592 		if (hexstr2bin(pos, p, len)) {
   3593 			wpa_printf(MSG_ERROR, "Line %d: "
   3594 				   "invalid wps_vendor_ext_m1", line);
   3595 			wpabuf_free(tmp);
   3596 			return -1;
   3597 		}
   3598 
   3599 		wpabuf_free(config->wps_vendor_ext_m1);
   3600 		config->wps_vendor_ext_m1 = tmp;
   3601 	} else {
   3602 		wpa_printf(MSG_ERROR, "Can not allocate "
   3603 			   "memory for wps_vendor_ext_m1");
   3604 		return -1;
   3605 	}
   3606 
   3607 	return 0;
   3608 }
   3609 
   3610 #endif /* CONFIG_WPS */
   3611 
   3612 #ifdef CONFIG_P2P
   3613 static int wpa_config_process_sec_device_type(
   3614 	const struct global_parse_data *data,
   3615 	struct wpa_config *config, int line, const char *pos)
   3616 {
   3617 	int idx;
   3618 
   3619 	if (config->num_sec_device_types >= MAX_SEC_DEVICE_TYPES) {
   3620 		wpa_printf(MSG_ERROR, "Line %d: too many sec_device_type "
   3621 			   "items", line);
   3622 		return -1;
   3623 	}
   3624 
   3625 	idx = config->num_sec_device_types;
   3626 
   3627 	if (wps_dev_type_str2bin(pos, config->sec_device_type[idx]))
   3628 		return -1;
   3629 
   3630 	config->num_sec_device_types++;
   3631 	return 0;
   3632 }
   3633 
   3634 
   3635 static int wpa_config_process_p2p_pref_chan(
   3636 	const struct global_parse_data *data,
   3637 	struct wpa_config *config, int line, const char *pos)
   3638 {
   3639 	struct p2p_channel *pref = NULL, *n;
   3640 	unsigned int num = 0;
   3641 	const char *pos2;
   3642 	u8 op_class, chan;
   3643 
   3644 	/* format: class:chan,class:chan,... */
   3645 
   3646 	while (*pos) {
   3647 		op_class = atoi(pos);
   3648 		pos2 = os_strchr(pos, ':');
   3649 		if (pos2 == NULL)
   3650 			goto fail;
   3651 		pos2++;
   3652 		chan = atoi(pos2);
   3653 
   3654 		n = os_realloc_array(pref, num + 1,
   3655 				     sizeof(struct p2p_channel));
   3656 		if (n == NULL)
   3657 			goto fail;
   3658 		pref = n;
   3659 		pref[num].op_class = op_class;
   3660 		pref[num].chan = chan;
   3661 		num++;
   3662 
   3663 		pos = os_strchr(pos2, ',');
   3664 		if (pos == NULL)
   3665 			break;
   3666 		pos++;
   3667 	}
   3668 
   3669 	os_free(config->p2p_pref_chan);
   3670 	config->p2p_pref_chan = pref;
   3671 	config->num_p2p_pref_chan = num;
   3672 	wpa_hexdump(MSG_DEBUG, "P2P: Preferred class/channel pairs",
   3673 		    (u8 *) config->p2p_pref_chan,
   3674 		    config->num_p2p_pref_chan * sizeof(struct p2p_channel));
   3675 
   3676 	return 0;
   3677 
   3678 fail:
   3679 	os_free(pref);
   3680 	wpa_printf(MSG_ERROR, "Line %d: Invalid p2p_pref_chan list", line);
   3681 	return -1;
   3682 }
   3683 
   3684 
   3685 static int wpa_config_process_p2p_no_go_freq(
   3686 	const struct global_parse_data *data,
   3687 	struct wpa_config *config, int line, const char *pos)
   3688 {
   3689 	int ret;
   3690 
   3691 	ret = freq_range_list_parse(&config->p2p_no_go_freq, pos);
   3692 	if (ret < 0) {
   3693 		wpa_printf(MSG_ERROR, "Line %d: Invalid p2p_no_go_freq", line);
   3694 		return -1;
   3695 	}
   3696 
   3697 	wpa_printf(MSG_DEBUG, "P2P: p2p_no_go_freq with %u items",
   3698 		   config->p2p_no_go_freq.num);
   3699 
   3700 	return 0;
   3701 }
   3702 
   3703 #endif /* CONFIG_P2P */
   3704 
   3705 
   3706 static int wpa_config_process_hessid(
   3707 	const struct global_parse_data *data,
   3708 	struct wpa_config *config, int line, const char *pos)
   3709 {
   3710 	if (hwaddr_aton2(pos, config->hessid) < 0) {
   3711 		wpa_printf(MSG_ERROR, "Line %d: Invalid hessid '%s'",
   3712 			   line, pos);
   3713 		return -1;
   3714 	}
   3715 
   3716 	return 0;
   3717 }
   3718 
   3719 
   3720 static int wpa_config_process_sae_groups(
   3721 	const struct global_parse_data *data,
   3722 	struct wpa_config *config, int line, const char *pos)
   3723 {
   3724 	int *groups = wpa_config_parse_int_array(pos);
   3725 	if (groups == NULL) {
   3726 		wpa_printf(MSG_ERROR, "Line %d: Invalid sae_groups '%s'",
   3727 			   line, pos);
   3728 		return -1;
   3729 	}
   3730 
   3731 	os_free(config->sae_groups);
   3732 	config->sae_groups = groups;
   3733 
   3734 	return 0;
   3735 }
   3736 
   3737 
   3738 static int wpa_config_process_ap_vendor_elements(
   3739 	const struct global_parse_data *data,
   3740 	struct wpa_config *config, int line, const char *pos)
   3741 {
   3742 	struct wpabuf *tmp;
   3743 	int len = os_strlen(pos) / 2;
   3744 	u8 *p;
   3745 
   3746 	if (!len) {
   3747 		wpa_printf(MSG_ERROR, "Line %d: invalid ap_vendor_elements",
   3748 			   line);
   3749 		return -1;
   3750 	}
   3751 
   3752 	tmp = wpabuf_alloc(len);
   3753 	if (tmp) {
   3754 		p = wpabuf_put(tmp, len);
   3755 
   3756 		if (hexstr2bin(pos, p, len)) {
   3757 			wpa_printf(MSG_ERROR, "Line %d: invalid "
   3758 				   "ap_vendor_elements", line);
   3759 			wpabuf_free(tmp);
   3760 			return -1;
   3761 		}
   3762 
   3763 		wpabuf_free(config->ap_vendor_elements);
   3764 		config->ap_vendor_elements = tmp;
   3765 	} else {
   3766 		wpa_printf(MSG_ERROR, "Cannot allocate memory for "
   3767 			   "ap_vendor_elements");
   3768 		return -1;
   3769 	}
   3770 
   3771 	return 0;
   3772 }
   3773 
   3774 
   3775 #ifdef CONFIG_CTRL_IFACE
   3776 static int wpa_config_process_no_ctrl_interface(
   3777 	const struct global_parse_data *data,
   3778 	struct wpa_config *config, int line, const char *pos)
   3779 {
   3780 	wpa_printf(MSG_DEBUG, "no_ctrl_interface -> ctrl_interface=NULL");
   3781 	os_free(config->ctrl_interface);
   3782 	config->ctrl_interface = NULL;
   3783 	return 0;
   3784 }
   3785 #endif /* CONFIG_CTRL_IFACE */
   3786 
   3787 
   3788 #ifdef OFFSET
   3789 #undef OFFSET
   3790 #endif /* OFFSET */
   3791 /* OFFSET: Get offset of a variable within the wpa_config structure */
   3792 #define OFFSET(v) ((void *) &((struct wpa_config *) 0)->v)
   3793 
   3794 #define FUNC(f) #f, wpa_config_process_ ## f, OFFSET(f), NULL, NULL
   3795 #define FUNC_NO_VAR(f) #f, wpa_config_process_ ## f, NULL, NULL, NULL
   3796 #define _INT(f) #f, wpa_global_config_parse_int, OFFSET(f)
   3797 #define INT(f) _INT(f), NULL, NULL
   3798 #define INT_RANGE(f, min, max) _INT(f), (void *) min, (void *) max
   3799 #define _STR(f) #f, wpa_global_config_parse_str, OFFSET(f)
   3800 #define STR(f) _STR(f), NULL, NULL
   3801 #define STR_RANGE(f, min, max) _STR(f), (void *) min, (void *) max
   3802 #define BIN(f) #f, wpa_global_config_parse_bin, OFFSET(f), NULL, NULL
   3803 #define IPV4(f) #f, wpa_global_config_parse_ipv4, OFFSET(f), NULL, NULL
   3804 
   3805 static const struct global_parse_data global_fields[] = {
   3806 #ifdef CONFIG_CTRL_IFACE
   3807 	{ STR(ctrl_interface), 0 },
   3808 	{ FUNC_NO_VAR(no_ctrl_interface), 0 },
   3809 	{ STR(ctrl_interface_group), 0 } /* deprecated */,
   3810 #endif /* CONFIG_CTRL_IFACE */
   3811 #ifdef CONFIG_MACSEC
   3812 	{ INT_RANGE(eapol_version, 1, 3), 0 },
   3813 #else /* CONFIG_MACSEC */
   3814 	{ INT_RANGE(eapol_version, 1, 2), 0 },
   3815 #endif /* CONFIG_MACSEC */
   3816 	{ INT(ap_scan), 0 },
   3817 	{ FUNC(bgscan), 0 },
   3818 	{ INT(disable_scan_offload), 0 },
   3819 	{ INT(fast_reauth), 0 },
   3820 	{ STR(opensc_engine_path), 0 },
   3821 	{ STR(pkcs11_engine_path), 0 },
   3822 	{ STR(pkcs11_module_path), 0 },
   3823 	{ STR(pcsc_reader), 0 },
   3824 	{ STR(pcsc_pin), 0 },
   3825 	{ INT(external_sim), 0 },
   3826 	{ STR(driver_param), 0 },
   3827 	{ INT(dot11RSNAConfigPMKLifetime), 0 },
   3828 	{ INT(dot11RSNAConfigPMKReauthThreshold), 0 },
   3829 	{ INT(dot11RSNAConfigSATimeout), 0 },
   3830 #ifndef CONFIG_NO_CONFIG_WRITE
   3831 	{ INT(update_config), 0 },
   3832 #endif /* CONFIG_NO_CONFIG_WRITE */
   3833 	{ FUNC_NO_VAR(load_dynamic_eap), 0 },
   3834 #ifdef CONFIG_WPS
   3835 	{ FUNC(uuid), CFG_CHANGED_UUID },
   3836 	{ STR_RANGE(device_name, 0, 32), CFG_CHANGED_DEVICE_NAME },
   3837 	{ STR_RANGE(manufacturer, 0, 64), CFG_CHANGED_WPS_STRING },
   3838 	{ STR_RANGE(model_name, 0, 32), CFG_CHANGED_WPS_STRING },
   3839 	{ STR_RANGE(model_number, 0, 32), CFG_CHANGED_WPS_STRING },
   3840 	{ STR_RANGE(serial_number, 0, 32), CFG_CHANGED_WPS_STRING },
   3841 	{ FUNC(device_type), CFG_CHANGED_DEVICE_TYPE },
   3842 	{ FUNC(os_version), CFG_CHANGED_OS_VERSION },
   3843 	{ STR(config_methods), CFG_CHANGED_CONFIG_METHODS },
   3844 	{ INT_RANGE(wps_cred_processing, 0, 2), 0 },
   3845 	{ FUNC(wps_vendor_ext_m1), CFG_CHANGED_VENDOR_EXTENSION },
   3846 #endif /* CONFIG_WPS */
   3847 #ifdef CONFIG_P2P
   3848 	{ FUNC(sec_device_type), CFG_CHANGED_SEC_DEVICE_TYPE },
   3849 	{ INT(p2p_listen_reg_class), 0 },
   3850 	{ INT(p2p_listen_channel), 0 },
   3851 	{ INT(p2p_oper_reg_class), CFG_CHANGED_P2P_OPER_CHANNEL },
   3852 	{ INT(p2p_oper_channel), CFG_CHANGED_P2P_OPER_CHANNEL },
   3853 	{ INT_RANGE(p2p_go_intent, 0, 15), 0 },
   3854 	{ STR(p2p_ssid_postfix), CFG_CHANGED_P2P_SSID_POSTFIX },
   3855 	{ INT_RANGE(persistent_reconnect, 0, 1), 0 },
   3856 	{ INT_RANGE(p2p_intra_bss, 0, 1), CFG_CHANGED_P2P_INTRA_BSS },
   3857 	{ INT(p2p_group_idle), 0 },
   3858 	{ INT_RANGE(p2p_passphrase_len, 8, 63),
   3859 	  CFG_CHANGED_P2P_PASSPHRASE_LEN },
   3860 	{ FUNC(p2p_pref_chan), CFG_CHANGED_P2P_PREF_CHAN },
   3861 	{ FUNC(p2p_no_go_freq), CFG_CHANGED_P2P_PREF_CHAN },
   3862 	{ INT_RANGE(p2p_add_cli_chan, 0, 1), 0 },
   3863 	{ INT_RANGE(p2p_optimize_listen_chan, 0, 1), 0 },
   3864 	{ INT(p2p_go_ht40), 0 },
   3865 	{ INT(p2p_go_vht), 0 },
   3866 	{ INT(p2p_disabled), 0 },
   3867 	{ INT(p2p_no_group_iface), 0 },
   3868 	{ INT_RANGE(p2p_ignore_shared_freq, 0, 1), 0 },
   3869 	{ IPV4(ip_addr_go), 0 },
   3870 	{ IPV4(ip_addr_mask), 0 },
   3871 	{ IPV4(ip_addr_start), 0 },
   3872 	{ IPV4(ip_addr_end), 0 },
   3873 #endif /* CONFIG_P2P */
   3874 	{ FUNC(country), CFG_CHANGED_COUNTRY },
   3875 	{ INT(bss_max_count), 0 },
   3876 	{ INT(bss_expiration_age), 0 },
   3877 	{ INT(bss_expiration_scan_count), 0 },
   3878 	{ INT_RANGE(filter_ssids, 0, 1), 0 },
   3879 	{ INT_RANGE(filter_rssi, -100, 0), 0 },
   3880 	{ INT(max_num_sta), 0 },
   3881 	{ INT_RANGE(disassoc_low_ack, 0, 1), 0 },
   3882 #ifdef CONFIG_HS20
   3883 	{ INT_RANGE(hs20, 0, 1), 0 },
   3884 #endif /* CONFIG_HS20 */
   3885 	{ INT_RANGE(interworking, 0, 1), 0 },
   3886 	{ FUNC(hessid), 0 },
   3887 	{ INT_RANGE(access_network_type, 0, 15), 0 },
   3888 	{ INT_RANGE(pbc_in_m1, 0, 1), 0 },
   3889 	{ STR(autoscan), 0 },
   3890 	{ INT_RANGE(wps_nfc_dev_pw_id, 0x10, 0xffff),
   3891 	  CFG_CHANGED_NFC_PASSWORD_TOKEN },
   3892 	{ BIN(wps_nfc_dh_pubkey), CFG_CHANGED_NFC_PASSWORD_TOKEN },
   3893 	{ BIN(wps_nfc_dh_privkey), CFG_CHANGED_NFC_PASSWORD_TOKEN },
   3894 	{ BIN(wps_nfc_dev_pw), CFG_CHANGED_NFC_PASSWORD_TOKEN },
   3895 	{ STR(ext_password_backend), CFG_CHANGED_EXT_PW_BACKEND },
   3896 	{ INT(p2p_go_max_inactivity), 0 },
   3897 	{ INT_RANGE(auto_interworking, 0, 1), 0 },
   3898 	{ INT(okc), 0 },
   3899 	{ INT(pmf), 0 },
   3900 	{ FUNC(sae_groups), 0 },
   3901 	{ INT(dtim_period), 0 },
   3902 	{ INT(beacon_int), 0 },
   3903 	{ FUNC(ap_vendor_elements), 0 },
   3904 	{ INT_RANGE(ignore_old_scan_res, 0, 1), 0 },
   3905 	{ FUNC(freq_list), 0 },
   3906 	{ INT(scan_cur_freq), 0 },
   3907 	{ INT(sched_scan_interval), 0 },
   3908 	{ INT(tdls_external_control), 0},
   3909 	{ STR(osu_dir), 0 },
   3910 	{ STR(wowlan_triggers), 0 },
   3911 	{ INT(p2p_search_delay), 0},
   3912 };
   3913 
   3914 #undef FUNC
   3915 #undef _INT
   3916 #undef INT
   3917 #undef INT_RANGE
   3918 #undef _STR
   3919 #undef STR
   3920 #undef STR_RANGE
   3921 #undef BIN
   3922 #undef IPV4
   3923 #define NUM_GLOBAL_FIELDS ARRAY_SIZE(global_fields)
   3924 
   3925 
   3926 int wpa_config_process_global(struct wpa_config *config, char *pos, int line)
   3927 {
   3928 	size_t i;
   3929 	int ret = 0;
   3930 
   3931 	for (i = 0; i < NUM_GLOBAL_FIELDS; i++) {
   3932 		const struct global_parse_data *field = &global_fields[i];
   3933 		size_t flen = os_strlen(field->name);
   3934 		if (os_strncmp(pos, field->name, flen) != 0 ||
   3935 		    pos[flen] != '=')
   3936 			continue;
   3937 
   3938 		if (field->parser(field, config, line, pos + flen + 1)) {
   3939 			wpa_printf(MSG_ERROR, "Line %d: failed to "
   3940 				   "parse '%s'.", line, pos);
   3941 			ret = -1;
   3942 		}
   3943 		if (field->changed_flag == CFG_CHANGED_NFC_PASSWORD_TOKEN)
   3944 			config->wps_nfc_pw_from_config = 1;
   3945 		config->changed_parameters |= field->changed_flag;
   3946 		break;
   3947 	}
   3948 	if (i == NUM_GLOBAL_FIELDS) {
   3949 #ifdef CONFIG_AP
   3950 		if (os_strncmp(pos, "wmm_ac_", 7) == 0) {
   3951 			char *tmp = os_strchr(pos, '=');
   3952 			if (tmp == NULL) {
   3953 				if (line < 0)
   3954 					return -1;
   3955 				wpa_printf(MSG_ERROR, "Line %d: invalid line "
   3956 					   "'%s'", line, pos);
   3957 				return -1;
   3958 			}
   3959 			*tmp++ = '\0';
   3960 			if (hostapd_config_wmm_ac(config->wmm_ac_params, pos,
   3961 						  tmp)) {
   3962 				wpa_printf(MSG_ERROR, "Line %d: invalid WMM "
   3963 					   "AC item", line);
   3964 				return -1;
   3965 			}
   3966 		}
   3967 #endif /* CONFIG_AP */
   3968 		if (line < 0)
   3969 			return -1;
   3970 		wpa_printf(MSG_ERROR, "Line %d: unknown global field '%s'.",
   3971 			   line, pos);
   3972 		ret = -1;
   3973 	}
   3974 
   3975 	return ret;
   3976 }
   3977