1 /* 2 * hostapd / Configuration definitions and helpers functions 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef HOSTAPD_CONFIG_H 10 #define HOSTAPD_CONFIG_H 11 12 #include "common/defs.h" 13 #include "common/wpa_common.h" 14 15 #define MAX_STA_COUNT 10 16 #define MAX_VLAN_ID 4094 17 18 typedef u8 macaddr[ETH_ALEN]; 19 20 struct mac_acl_entry { 21 macaddr addr; 22 int vlan_id; 23 }; 24 25 struct hostapd_radius_servers; 26 struct ft_remote_r0kh; 27 struct ft_remote_r1kh; 28 29 #define HOSTAPD_MAX_SSID_LEN 32 30 31 #define NUM_WEP_KEYS 4 32 struct hostapd_wep_keys { 33 u8 idx; 34 u8 *key[NUM_WEP_KEYS]; 35 size_t len[NUM_WEP_KEYS]; 36 int keys_set; 37 size_t default_len; /* key length used for dynamic key generation */ 38 }; 39 40 typedef enum hostap_security_policy { 41 SECURITY_PLAINTEXT = 0, 42 SECURITY_STATIC_WEP = 1, 43 SECURITY_IEEE_802_1X = 2, 44 SECURITY_WPA_PSK = 3, 45 SECURITY_WPA = 4 46 } secpolicy; 47 48 struct hostapd_ssid { 49 u8 ssid[HOSTAPD_MAX_SSID_LEN]; 50 size_t ssid_len; 51 unsigned int ssid_set:1; 52 unsigned int utf8_ssid:1; 53 54 struct hostapd_wpa_psk *wpa_psk; 55 char *wpa_passphrase; 56 struct sae_pt *pt; 57 58 struct hostapd_wep_keys wep; 59 60 #if 0 61 #define DYNAMIC_VLAN_DISABLED 0 62 #define DYNAMIC_VLAN_OPTIONAL 1 63 #define DYNAMIC_VLAN_REQUIRED 2 64 int dynamic_vlan; 65 #define DYNAMIC_VLAN_NAMING_WITHOUT_DEVICE 0 66 #define DYNAMIC_VLAN_NAMING_WITH_DEVICE 1 67 #define DYNAMIC_VLAN_NAMING_END 2 68 int vlan_naming; 69 #ifdef CONFIG_FULL_DYNAMIC_VLAN 70 char *vlan_tagged_interface; 71 #endif /* CONFIG_FULL_DYNAMIC_VLAN */ 72 struct hostapd_wep_keys **dyn_vlan_keys; 73 size_t max_dyn_vlan_keys; 74 #endif 75 }; 76 77 #if 0 78 #define VLAN_ID_WILDCARD -1 79 80 struct hostapd_vlan { 81 struct hostapd_vlan *next; 82 int vlan_id; /* VLAN ID or -1 (VLAN_ID_WILDCARD) for wildcard entry */ 83 char ifname[IFNAMSIZ + 1]; 84 int dynamic_vlan; 85 #ifdef CONFIG_FULL_DYNAMIC_VLAN 86 87 #define DVLAN_CLEAN_BR 0x1 88 #define DVLAN_CLEAN_VLAN 0x2 89 #define DVLAN_CLEAN_VLAN_PORT 0x4 90 #define DVLAN_CLEAN_WLAN_PORT 0x8 91 int clean; 92 #endif /* CONFIG_FULL_DYNAMIC_VLAN */ 93 }; 94 #endif 95 96 #define PMK_LEN 32 97 struct hostapd_sta_wpa_psk_short { 98 struct hostapd_sta_wpa_psk_short *next; 99 u8 psk[PMK_LEN]; 100 }; 101 102 struct hostapd_wpa_psk { 103 struct hostapd_wpa_psk *next; 104 int group; 105 u8 psk[PMK_LEN]; 106 u8 addr[ETH_ALEN]; 107 }; 108 109 struct hostapd_eap_user { 110 struct hostapd_eap_user *next; 111 u8 *identity; 112 size_t identity_len; 113 struct { 114 int vendor; 115 u32 method; 116 } methods[EAP_MAX_METHODS]; 117 u8 *password; 118 size_t password_len; 119 int phase2; 120 int force_version; 121 unsigned int wildcard_prefix:1; 122 unsigned int password_hash:1; /* whether password is hashed with 123 * nt_password_hash() */ 124 int ttls_auth; /* EAP_TTLS_AUTH_* bitfield */ 125 }; 126 127 #if 0 128 struct hostapd_radius_attr { 129 u8 type; 130 struct wpabuf *val; 131 struct hostapd_radius_attr *next; 132 }; 133 134 135 #define NUM_TX_QUEUES 4 136 137 struct hostapd_tx_queue_params { 138 int aifs; 139 int cwmin; 140 int cwmax; 141 int burst; /* maximum burst time in 0.1 ms, i.e., 10 = 1 ms */ 142 }; 143 144 145 #define MAX_ROAMING_CONSORTIUM_LEN 15 146 147 struct hostapd_roaming_consortium { 148 u8 len; 149 u8 oi[MAX_ROAMING_CONSORTIUM_LEN]; 150 }; 151 152 struct hostapd_lang_string { 153 u8 lang[3]; 154 u8 name_len; 155 u8 name[252]; 156 }; 157 158 #define MAX_NAI_REALMS 10 159 #define MAX_NAI_REALMLEN 255 160 #define MAX_NAI_EAP_METHODS 5 161 #define MAX_NAI_AUTH_TYPES 4 162 struct hostapd_nai_realm_data { 163 u8 encoding; 164 char realm_buf[MAX_NAI_REALMLEN + 1]; 165 char *realm[MAX_NAI_REALMS]; 166 u8 eap_method_count; 167 struct hostapd_nai_realm_eap { 168 u8 eap_method; 169 u8 num_auths; 170 u8 auth_id[MAX_NAI_AUTH_TYPES]; 171 u8 auth_val[MAX_NAI_AUTH_TYPES]; 172 } eap_method[MAX_NAI_EAP_METHODS]; 173 }; 174 #endif 175 176 /** 177 * struct hostapd_bss_config - Per-BSS configuration 178 */ 179 struct hostapd_bss_config { 180 int max_num_sta; /* maximum number of STAs in station table */ 181 182 int dtim_period; 183 184 int ieee802_1x; /* use IEEE 802.1X */ 185 int eapol_version; 186 struct hostapd_ssid ssid; 187 188 int wep_rekeying_period; 189 int broadcast_key_idx_min, broadcast_key_idx_max; 190 191 enum { 192 ACCEPT_UNLESS_DENIED = 0, 193 DENY_UNLESS_ACCEPTED = 1, 194 USE_EXTERNAL_RADIUS_AUTH = 2 195 } macaddr_acl; 196 197 int auth_algs; /* bitfield of allowed IEEE 802.11 authentication 198 * algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */ 199 200 int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */ 201 int wpa_key_mgmt; 202 #ifdef CONFIG_IEEE80211W 203 enum mfp_options ieee80211w; 204 /* dot11AssociationSAQueryMaximumTimeout (in TUs) */ 205 unsigned int assoc_sa_query_max_timeout; 206 /* dot11AssociationSAQueryRetryTimeout (in TUs) */ 207 int assoc_sa_query_retry_timeout; 208 #endif /* CONFIG_IEEE80211W */ 209 enum { 210 PSK_RADIUS_IGNORED = 0, 211 PSK_RADIUS_ACCEPTED = 1, 212 PSK_RADIUS_REQUIRED = 2 213 } wpa_psk_radius; 214 int wpa_pairwise; 215 int wpa_group; 216 int wpa_group_rekey; 217 int wpa_strict_rekey; 218 int wpa_gmk_rekey; 219 int wpa_ptk_rekey; 220 int rsn_pairwise; 221 int rsn_preauth; 222 char *rsn_preauth_interfaces; 223 224 #ifdef CONFIG_IEEE80211R 225 /* IEEE 802.11r - Fast BSS Transition */ 226 u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; 227 u8 r1_key_holder[FT_R1KH_ID_LEN]; 228 u32 r0_key_lifetime; 229 u32 reassociation_deadline; 230 struct ft_remote_r0kh *r0kh_list; 231 struct ft_remote_r1kh *r1kh_list; 232 int pmk_r1_push; 233 int ft_over_ds; 234 #endif /* CONFIG_IEEE80211R */ 235 236 int ap_max_inactivity; 237 int ignore_broadcast_ssid; 238 239 int wmm_enabled; 240 int wmm_uapsd; 241 242 macaddr bssid; 243 244 /* 245 * Maximum listen interval that STAs can use when associating with this 246 * BSS. If a STA tries to use larger value, the association will be 247 * denied with status code 51. 248 */ 249 u16 max_listen_interval; 250 251 int wps_state; 252 #ifdef CONFIG_WPS 253 #define WPS_DEV_TYPE_LEN 8 254 /* maximum number of advertised WPS vendor extension attributes */ 255 #define MAX_WPS_VENDOR_EXTENSIONS 10 256 int ap_setup_locked; 257 u8 uuid[16]; 258 char *wps_pin_requests; 259 char *device_name; 260 char *manufacturer; 261 char *model_name; 262 char *model_number; 263 char *serial_number; 264 u8 device_type[WPS_DEV_TYPE_LEN]; 265 char *config_methods; 266 u8 os_version[4]; 267 char *ap_pin; 268 int skip_cred_build; 269 u8 *extra_cred; 270 size_t extra_cred_len; 271 int wps_cred_processing; 272 u8 *ap_settings; 273 size_t ap_settings_len; 274 char *upnp_iface; 275 char *friendly_name; 276 char *manufacturer_url; 277 char *model_description; 278 char *model_url; 279 char *upc; 280 struct wpabuf *wps_vendor_ext[MAX_WPS_VENDOR_EXTENSIONS]; 281 int wps_nfc_dev_pw_id; 282 struct wpabuf *wps_nfc_dh_pubkey; 283 struct wpabuf *wps_nfc_dh_privkey; 284 struct wpabuf *wps_nfc_dev_pw; 285 #endif /* CONFIG_WPS */ 286 287 #ifdef CONFIG_HS20 288 int hs20; 289 int disable_dgaf; 290 unsigned int hs20_oper_friendly_name_count; 291 struct hostapd_lang_string *hs20_oper_friendly_name; 292 u8 *hs20_wan_metrics; 293 u8 *hs20_connection_capability; 294 size_t hs20_connection_capability_len; 295 u8 *hs20_operating_class; 296 u8 hs20_operating_class_len; 297 #endif /* CONFIG_HS20 */ 298 299 #ifdef CONFIG_RADIUS_TEST 300 char *dump_msk_file; 301 #endif /* CONFIG_RADIUS_TEST */ 302 303 unsigned int sae_anti_clogging_threshold; 304 enum sae_pwe sae_pwe; 305 unsigned int sae_sync; 306 int *sae_groups; 307 #define SAE_ANTI_CLOGGING_THRESHOLD 2 /* max number of commit msg allowed to queue without anti-clogging token request */ 308 309 }; 310 311 312 /** 313 * struct hostapd_config - Per-radio interface configuration 314 */ 315 struct hostapd_config { 316 struct hostapd_bss_config *bss, *last_bss; 317 size_t num_bss; 318 319 u16 beacon_int; 320 int rts_threshold; 321 int fragm_threshold; 322 u8 send_probe_response; 323 u8 channel; 324 enum hostapd_hw_mode hw_mode; /* HOSTAPD_MODE_IEEE80211A, .. */ 325 enum { 326 LONG_PREAMBLE = 0, 327 SHORT_PREAMBLE = 1 328 } preamble; 329 330 int *supported_rates; 331 int *basic_rates; 332 333 const struct wpa_driver_ops *driver; 334 335 int ap_table_max_size; 336 int ap_table_expiration_time; 337 338 char country[3]; /* first two octets: country code as described in 339 * ISO/IEC 3166-1. Third octet: 340 * ' ' (ascii 32): all environments 341 * 'O': Outdoor environment only 342 * 'I': Indoor environment only 343 */ 344 345 int ieee80211d; 346 347 /* 348 * WMM AC parameters, in same order as 802.1D, i.e. 349 * 0 = BE (best effort) 350 * 1 = BK (background) 351 * 2 = VI (video) 352 * 3 = VO (voice) 353 */ 354 355 int ht_op_mode_fixed; 356 u16 ht_capab; 357 int ieee80211n; 358 int secondary_channel; 359 int require_ht; 360 u32 vht_capab; 361 int ieee80211ac; 362 int require_vht; 363 u8 vht_oper_chwidth; 364 u8 vht_oper_centr_freq_seg0_idx; 365 u8 vht_oper_centr_freq_seg1_idx; 366 }; 367 368 369 int hostapd_mac_comp(const void *a, const void *b); 370 int hostapd_mac_comp_empty(const void *a); 371 struct hostapd_config * hostapd_config_defaults(void); 372 void hostapd_config_defaults_bss(struct hostapd_bss_config *bss); 373 void hostapd_config_free(struct hostapd_config *conf); 374 int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries, 375 const u8 *addr, int *vlan_id); 376 int hostapd_rate_found(int *list, int rate); 377 void hostapd_config_clear_wpa_psk(struct hostapd_wpa_psk **p); 378 void hostapd_config_free_bss(struct hostapd_bss_config *conf); 379 int hostapd_wep_key_cmp(struct hostapd_wep_keys *a, 380 struct hostapd_wep_keys *b); 381 const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf, 382 const u8 *addr, const u8 *prev_psk); 383 int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf); 384 struct sta_info; 385 bool hostap_new_assoc_sta(struct sta_info *sta, uint8_t *bssid, uint8_t *wpa_ie, 386 uint8_t wpa_ie_len,uint8_t *rsnxe, uint8_t rsnxe_len, 387 bool *pmf_enable, int subtype, uint8_t *pairwise_cipher, uint8_t *reason); 388 bool wpa_ap_remove(u8* bssid); 389 390 #endif /* HOSTAPD_CONFIG_H */ 391
