Home | History | Annotate | Download | only in ap 
      1 /*
      2  * hostapd / EAP user database
      3  * Copyright (c) 2012, Jouni Malinen <j (at) w1.fi>
      4  *
      5  * This software may be distributed under the terms of the BSD license.
      6  * See README for more details.
      7  */
      8 
      9 #include "includes.h"
     10 #ifdef CONFIG_SQLITE
     11 #include <sqlite3.h>
     12 #endif /* CONFIG_SQLITE */
     13 
     14 #include "common.h"
     15 #include "eap_common/eap_wsc_common.h"
     16 #include "eap_server/eap_methods.h"
     17 #include "eap_server/eap.h"
     18 #include "ap_config.h"
     19 #include "hostapd.h"
     20 
     21 #ifdef CONFIG_SQLITE
     22 
     23 static void set_user_methods(struct hostapd_eap_user *user, const char *methods)
     24 {
     25 	char *buf, *start;
     26 	int num_methods;
     27 
     28 	buf = os_strdup(methods);
     29 	if (buf == NULL)
     30 		return;
     31 
     32 	os_memset(&user->methods, 0, sizeof(user->methods));
     33 	num_methods = 0;
     34 	start = buf;
     35 	while (*start) {
     36 		char *pos3 = os_strchr(start, ',');
     37 		if (pos3)
     38 			*pos3++ = '\0';
     39 		user->methods[num_methods].method =
     40 			eap_server_get_type(start,
     41 					    &user->methods[num_methods].vendor);
     42 		if (user->methods[num_methods].vendor == EAP_VENDOR_IETF &&
     43 		    user->methods[num_methods].method == EAP_TYPE_NONE) {
     44 			if (os_strcmp(start, "TTLS-PAP") == 0) {
     45 				user->ttls_auth |= EAP_TTLS_AUTH_PAP;
     46 				goto skip_eap;
     47 			}
     48 			if (os_strcmp(start, "TTLS-CHAP") == 0) {
     49 				user->ttls_auth |= EAP_TTLS_AUTH_CHAP;
     50 				goto skip_eap;
     51 			}
     52 			if (os_strcmp(start, "TTLS-MSCHAP") == 0) {
     53 				user->ttls_auth |= EAP_TTLS_AUTH_MSCHAP;
     54 				goto skip_eap;
     55 			}
     56 			if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) {
     57 				user->ttls_auth |= EAP_TTLS_AUTH_MSCHAPV2;
     58 				goto skip_eap;
     59 			}
     60 			wpa_printf(MSG_INFO, "DB: Unsupported EAP type '%s'",
     61 				   start);
     62 			os_free(buf);
     63 			return;
     64 		}
     65 
     66 		num_methods++;
     67 		if (num_methods >= EAP_MAX_METHODS)
     68 			break;
     69 	skip_eap:
     70 		if (pos3 == NULL)
     71 			break;
     72 		start = pos3;
     73 	}
     74 
     75 	os_free(buf);
     76 }
     77 
     78 
     79 static int get_user_cb(void *ctx, int argc, char *argv[], char *col[])
     80 {
     81 	struct hostapd_eap_user *user = ctx;
     82 	int i;
     83 
     84 	for (i = 0; i < argc; i++) {
     85 		if (os_strcmp(col[i], "password") == 0 && argv[i]) {
     86 			bin_clear_free(user->password, user->password_len);
     87 			user->password_len = os_strlen(argv[i]);
     88 			user->password = (u8 *) os_strdup(argv[i]);
     89 			user->next = (void *) 1;
     90 		} else if (os_strcmp(col[i], "methods") == 0 && argv[i]) {
     91 			set_user_methods(user, argv[i]);
     92 		} else if (os_strcmp(col[i], "remediation") == 0 && argv[i]) {
     93 			user->remediation = strlen(argv[i]) > 0;
     94 		}
     95 	}
     96 
     97 	return 0;
     98 }
     99 
    100 
    101 static int get_wildcard_cb(void *ctx, int argc, char *argv[], char *col[])
    102 {
    103 	struct hostapd_eap_user *user = ctx;
    104 	int i, id = -1, methods = -1;
    105 	size_t len;
    106 
    107 	for (i = 0; i < argc; i++) {
    108 		if (os_strcmp(col[i], "identity") == 0 && argv[i])
    109 			id = i;
    110 		else if (os_strcmp(col[i], "methods") == 0 && argv[i])
    111 			methods = i;
    112 	}
    113 
    114 	if (id < 0 || methods < 0)
    115 		return 0;
    116 
    117 	len = os_strlen(argv[id]);
    118 	if (len <= user->identity_len &&
    119 	    os_memcmp(argv[id], user->identity, len) == 0 &&
    120 	    (user->password == NULL || len > user->password_len)) {
    121 		bin_clear_free(user->password, user->password_len);
    122 		user->password_len = os_strlen(argv[id]);
    123 		user->password = (u8 *) os_strdup(argv[id]);
    124 		user->next = (void *) 1;
    125 		set_user_methods(user, argv[methods]);
    126 	}
    127 
    128 	return 0;
    129 }
    130 
    131 
    132 static const struct hostapd_eap_user *
    133 eap_user_sqlite_get(struct hostapd_data *hapd, const u8 *identity,
    134 		    size_t identity_len, int phase2)
    135 {
    136 	sqlite3 *db;
    137 	struct hostapd_eap_user *user = NULL;
    138 	char id_str[256], cmd[300];
    139 	size_t i;
    140 
    141 	if (identity_len >= sizeof(id_str)) {
    142 		wpa_printf(MSG_DEBUG, "%s: identity len too big: %d >= %d",
    143 			   __func__, (int) identity_len,
    144 			   (int) (sizeof(id_str)));
    145 		return NULL;
    146 	}
    147 	os_memcpy(id_str, identity, identity_len);
    148 	id_str[identity_len] = '\0';
    149 	for (i = 0; i < identity_len; i++) {
    150 		if (id_str[i] >= 'a' && id_str[i] <= 'z')
    151 			continue;
    152 		if (id_str[i] >= 'A' && id_str[i] <= 'Z')
    153 			continue;
    154 		if (id_str[i] >= '0' && id_str[i] <= '9')
    155 			continue;
    156 		if (id_str[i] == '-' || id_str[i] == '_' || id_str[i] == '.' ||
    157 		    id_str[i] == ',' || id_str[i] == '@' || id_str[i] == '\\' ||
    158 		    id_str[i] == '!' || id_str[i] == '#' || id_str[i] == '%' ||
    159 		    id_str[i] == '=' || id_str[i] == ' ')
    160 			continue;
    161 		wpa_printf(MSG_INFO, "DB: Unsupported character in identity");
    162 		return NULL;
    163 	}
    164 
    165 	bin_clear_free(hapd->tmp_eap_user.identity,
    166 		       hapd->tmp_eap_user.identity_len);
    167 	bin_clear_free(hapd->tmp_eap_user.password,
    168 		       hapd->tmp_eap_user.password_len);
    169 	os_memset(&hapd->tmp_eap_user, 0, sizeof(hapd->tmp_eap_user));
    170 	hapd->tmp_eap_user.phase2 = phase2;
    171 	hapd->tmp_eap_user.identity = os_zalloc(identity_len + 1);
    172 	if (hapd->tmp_eap_user.identity == NULL)
    173 		return NULL;
    174 	os_memcpy(hapd->tmp_eap_user.identity, identity, identity_len);
    175 
    176 	if (sqlite3_open(hapd->conf->eap_user_sqlite, &db)) {
    177 		wpa_printf(MSG_INFO, "DB: Failed to open database %s: %s",
    178 			   hapd->conf->eap_user_sqlite, sqlite3_errmsg(db));
    179 		sqlite3_close(db);
    180 		return NULL;
    181 	}
    182 
    183 	os_snprintf(cmd, sizeof(cmd),
    184 		    "SELECT * FROM users WHERE identity='%s' AND phase2=%d;",
    185 		    id_str, phase2);
    186 	wpa_printf(MSG_DEBUG, "DB: %s", cmd);
    187 	if (sqlite3_exec(db, cmd, get_user_cb, &hapd->tmp_eap_user, NULL) !=
    188 	    SQLITE_OK) {
    189 		wpa_printf(MSG_DEBUG,
    190 			   "DB: Failed to complete SQL operation: %s  db: %s",
    191 			   sqlite3_errmsg(db), hapd->conf->eap_user_sqlite);
    192 	} else if (hapd->tmp_eap_user.next)
    193 		user = &hapd->tmp_eap_user;
    194 
    195 	if (user == NULL && !phase2) {
    196 		os_snprintf(cmd, sizeof(cmd),
    197 			    "SELECT identity,methods FROM wildcards;");
    198 		wpa_printf(MSG_DEBUG, "DB: %s", cmd);
    199 		if (sqlite3_exec(db, cmd, get_wildcard_cb, &hapd->tmp_eap_user,
    200 				 NULL) != SQLITE_OK) {
    201 			wpa_printf(MSG_DEBUG,
    202 				   "DB: Failed to complete SQL operation: %s  db: %s",
    203 				   sqlite3_errmsg(db),
    204 				   hapd->conf->eap_user_sqlite);
    205 		} else if (hapd->tmp_eap_user.next) {
    206 			user = &hapd->tmp_eap_user;
    207 			os_free(user->identity);
    208 			user->identity = user->password;
    209 			user->identity_len = user->password_len;
    210 			user->password = NULL;
    211 			user->password_len = 0;
    212 		}
    213 	}
    214 
    215 	sqlite3_close(db);
    216 
    217 	return user;
    218 }
    219 
    220 #endif /* CONFIG_SQLITE */
    221 
    222 
    223 const struct hostapd_eap_user *
    224 hostapd_get_eap_user(struct hostapd_data *hapd, const u8 *identity,
    225 		     size_t identity_len, int phase2)
    226 {
    227 	const struct hostapd_bss_config *conf = hapd->conf;
    228 	struct hostapd_eap_user *user = conf->eap_user;
    229 
    230 #ifdef CONFIG_WPS
    231 	if (conf->wps_state && identity_len == WSC_ID_ENROLLEE_LEN &&
    232 	    os_memcmp(identity, WSC_ID_ENROLLEE, WSC_ID_ENROLLEE_LEN) == 0) {
    233 		static struct hostapd_eap_user wsc_enrollee;
    234 		os_memset(&wsc_enrollee, 0, sizeof(wsc_enrollee));
    235 		wsc_enrollee.methods[0].method = eap_server_get_type(
    236 			"WSC", &wsc_enrollee.methods[0].vendor);
    237 		return &wsc_enrollee;
    238 	}
    239 
    240 	if (conf->wps_state && identity_len == WSC_ID_REGISTRAR_LEN &&
    241 	    os_memcmp(identity, WSC_ID_REGISTRAR, WSC_ID_REGISTRAR_LEN) == 0) {
    242 		static struct hostapd_eap_user wsc_registrar;
    243 		os_memset(&wsc_registrar, 0, sizeof(wsc_registrar));
    244 		wsc_registrar.methods[0].method = eap_server_get_type(
    245 			"WSC", &wsc_registrar.methods[0].vendor);
    246 		wsc_registrar.password = (u8 *) conf->ap_pin;
    247 		wsc_registrar.password_len = conf->ap_pin ?
    248 			os_strlen(conf->ap_pin) : 0;
    249 		return &wsc_registrar;
    250 	}
    251 #endif /* CONFIG_WPS */
    252 
    253 	while (user) {
    254 		if (!phase2 && user->identity == NULL) {
    255 			/* Wildcard match */
    256 			break;
    257 		}
    258 
    259 		if (user->phase2 == !!phase2 && user->wildcard_prefix &&
    260 		    identity_len >= user->identity_len &&
    261 		    os_memcmp(user->identity, identity, user->identity_len) ==
    262 		    0) {
    263 			/* Wildcard prefix match */
    264 			break;
    265 		}
    266 
    267 		if (user->phase2 == !!phase2 &&
    268 		    user->identity_len == identity_len &&
    269 		    os_memcmp(user->identity, identity, identity_len) == 0)
    270 			break;
    271 		user = user->next;
    272 	}
    273 
    274 #ifdef CONFIG_SQLITE
    275 	if (user == NULL && conf->eap_user_sqlite) {
    276 		return eap_user_sqlite_get(hapd, identity, identity_len,
    277 					   phase2);
    278 	}
    279 #endif /* CONFIG_SQLITE */
    280 
    281 	return user;
    282 }
    283