1 /*
2  * WPA Supplicant / Configuration parser and common functions
3  * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
4  *
5  * This software may be distributed under the terms of the BSD license.
6  * See README for more details.
7  */
8 
9 #include "includes.h"
10 
11 #include "common.h"
12 #include "utils/uuid.h"
13 #include "utils/ip_addr.h"
14 #include "common/ieee802_1x_defs.h"
15 #include "common/sae.h"
16 #include "crypto/sha1.h"
17 #include "rsn_supp/wpa.h"
18 #include "eap_peer/eap.h"
19 #include "p2p/p2p.h"
20 #include "fst/fst.h"
21 #include "config.h"
22 
23 
24 #if !defined(CONFIG_CTRL_IFACE) && defined(CONFIG_NO_CONFIG_WRITE)
25 #define NO_CONFIG_WRITE
26 #endif
27 
28 /*
29  * Structure for network configuration parsing. This data is used to implement
30  * a generic parser for each network block variable. The table of configuration
31  * variables is defined below in this file (ssid_fields[]).
32  */
33 struct parse_data {
34 	/* Configuration variable name */
35 	char *name;
36 
37 	/* Parser function for this variable. The parser functions return 0 or 1
38 	 * to indicate success. Value 0 indicates that the parameter value may
39 	 * have changed while value 1 means that the value did not change.
40 	 * Error cases (failure to parse the string) are indicated by returning
41 	 * -1. */
42 	int (*parser)(const struct parse_data *data, struct wpa_ssid *ssid,
43 		      int line, const char *value);
44 
45 #ifndef NO_CONFIG_WRITE
46 	/* Writer function (i.e., to get the variable in text format from
47 	 * internal presentation). */
48 	char * (*writer)(const struct parse_data *data, struct wpa_ssid *ssid);
49 #endif /* NO_CONFIG_WRITE */
50 
51 	/* Variable specific parameters for the parser. */
52 	void *param1, *param2, *param3, *param4;
53 
54 	/* 0 = this variable can be included in debug output and ctrl_iface
55 	 * 1 = this variable contains key/private data and it must not be
56 	 *     included in debug output unless explicitly requested. In
57 	 *     addition, this variable will not be readable through the
58 	 *     ctrl_iface.
59 	 */
60 	int key_data;
61 };
62 
63 
wpa_config_parse_str(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)64 static int wpa_config_parse_str(const struct parse_data *data,
65 				struct wpa_ssid *ssid,
66 				int line, const char *value)
67 {
68 	size_t res_len, *dst_len, prev_len;
69 	char **dst, *tmp;
70 
71 	if (os_strcmp(value, "NULL") == 0) {
72 		wpa_printf(MSG_DEBUG, "Unset configuration string '%s'",
73 			   data->name);
74 		tmp = NULL;
75 		res_len = 0;
76 		goto set;
77 	}
78 
79 	tmp = wpa_config_parse_string(value, &res_len);
80 	if (tmp == NULL) {
81 		wpa_printf(MSG_ERROR, "Line %d: failed to parse %s '%s'.",
82 			   line, data->name,
83 			   data->key_data ? "[KEY DATA REMOVED]" : value);
84 		return -1;
85 	}
86 
87 	if (data->key_data) {
88 		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
89 				      (u8 *) tmp, res_len);
90 	} else {
91 		wpa_hexdump_ascii(MSG_MSGDUMP, data->name,
92 				  (u8 *) tmp, res_len);
93 	}
94 
95 	if (data->param3 && res_len < (size_t) data->param3) {
96 		wpa_printf(MSG_ERROR, "Line %d: too short %s (len=%lu "
97 			   "min_len=%ld)", line, data->name,
98 			   (unsigned long) res_len, (long) data->param3);
99 		os_free(tmp);
100 		return -1;
101 	}
102 
103 	if (data->param4 && res_len > (size_t) data->param4) {
104 		wpa_printf(MSG_ERROR, "Line %d: too long %s (len=%lu "
105 			   "max_len=%ld)", line, data->name,
106 			   (unsigned long) res_len, (long) data->param4);
107 		os_free(tmp);
108 		return -1;
109 	}
110 
111 set:
112 	dst = (char **) (((u8 *) ssid) + (long) data->param1);
113 	dst_len = (size_t *) (((u8 *) ssid) + (long) data->param2);
114 
115 	if (data->param2)
116 		prev_len = *dst_len;
117 	else if (*dst)
118 		prev_len = os_strlen(*dst);
119 	else
120 		prev_len = 0;
121 	if ((*dst == NULL && tmp == NULL) ||
122 	    (*dst && tmp && prev_len == res_len &&
123 	     os_memcmp(*dst, tmp, res_len) == 0)) {
124 		/* No change to the previously configured value */
125 		os_free(tmp);
126 		return 1;
127 	}
128 
129 	os_free(*dst);
130 	*dst = tmp;
131 	if (data->param2)
132 		*dst_len = res_len;
133 
134 	return 0;
135 }
136 
137 
138 #ifndef NO_CONFIG_WRITE
wpa_config_write_string_ascii(const u8 * value,size_t len)139 static char * wpa_config_write_string_ascii(const u8 *value, size_t len)
140 {
141 	char *buf;
142 
143 	buf = os_malloc(len + 3);
144 	if (buf == NULL)
145 		return NULL;
146 	buf[0] = '"';
147 	os_memcpy(buf + 1, value, len);
148 	buf[len + 1] = '"';
149 	buf[len + 2] = '\0';
150 
151 	return buf;
152 }
153 
154 
wpa_config_write_string_hex(const u8 * value,size_t len)155 static char * wpa_config_write_string_hex(const u8 *value, size_t len)
156 {
157 	char *buf;
158 
159 	buf = os_zalloc(2 * len + 1);
160 	if (buf == NULL)
161 		return NULL;
162 	wpa_snprintf_hex(buf, 2 * len + 1, value, len);
163 
164 	return buf;
165 }
166 
167 
wpa_config_write_string(const u8 * value,size_t len)168 static char * wpa_config_write_string(const u8 *value, size_t len)
169 {
170 	if (value == NULL)
171 		return NULL;
172 
173 	if (is_hex(value, len))
174 		return wpa_config_write_string_hex(value, len);
175 	else
176 		return wpa_config_write_string_ascii(value, len);
177 }
178 
179 
wpa_config_write_str(const struct parse_data * data,struct wpa_ssid * ssid)180 static char * wpa_config_write_str(const struct parse_data *data,
181 				   struct wpa_ssid *ssid)
182 {
183 	size_t len;
184 	char **src;
185 
186 	src = (char **) (((u8 *) ssid) + (long) data->param1);
187 	if (*src == NULL)
188 		return NULL;
189 
190 	if (data->param2)
191 		len = *((size_t *) (((u8 *) ssid) + (long) data->param2));
192 	else
193 		len = os_strlen(*src);
194 
195 	return wpa_config_write_string((const u8 *) *src, len);
196 }
197 #endif /* NO_CONFIG_WRITE */
198 
199 
wpa_config_parse_int_impl(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value,bool check_range)200 static int wpa_config_parse_int_impl(const struct parse_data *data,
201 				     struct wpa_ssid *ssid,
202 				     int line, const char *value,
203 				     bool check_range)
204 {
205 	int val, *dst;
206 	char *end;
207 
208 	dst = (int *) (((u8 *) ssid) + (long) data->param1);
209 	val = strtol(value, &end, 0);
210 	if (*end) {
211 		wpa_printf(MSG_ERROR, "Line %d: invalid number \"%s\"",
212 			   line, value);
213 		return -1;
214 	}
215 
216 	if (check_range && val < (long) data->param3) {
217 		wpa_printf(MSG_ERROR, "Line %d: too small %s (value=%d "
218 			   "min_value=%ld)", line, data->name, val,
219 			   (long) data->param3);
220 		return -1;
221 	}
222 
223 	if (check_range && val > (long) data->param4) {
224 		wpa_printf(MSG_ERROR, "Line %d: too large %s (value=%d "
225 			   "max_value=%ld)", line, data->name, val,
226 			   (long) data->param4);
227 		return -1;
228 	}
229 
230 	if (*dst == val)
231 		return 1;
232 
233 	*dst = val;
234 	wpa_printf(MSG_MSGDUMP, "%s=%d (0x%x)", data->name, *dst, *dst);
235 
236 	return 0;
237 }
238 
239 
wpa_config_parse_int(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)240 static int wpa_config_parse_int(const struct parse_data *data,
241 				struct wpa_ssid *ssid,
242 				int line, const char *value)
243 {
244 	return wpa_config_parse_int_impl(data, ssid, line, value, false);
245 }
246 
247 
wpa_config_parse_int_range(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)248 static int wpa_config_parse_int_range(const struct parse_data *data,
249 				      struct wpa_ssid *ssid,
250 				      int line, const char *value)
251 {
252 	return wpa_config_parse_int_impl(data, ssid, line, value, true);
253 }
254 
255 
256 #ifndef NO_CONFIG_WRITE
wpa_config_write_int(const struct parse_data * data,struct wpa_ssid * ssid)257 static char * wpa_config_write_int(const struct parse_data *data,
258 				   struct wpa_ssid *ssid)
259 {
260 	int *src, res;
261 	char *value;
262 
263 	src = (int *) (((u8 *) ssid) + (long) data->param1);
264 
265 	value = os_malloc(20);
266 	if (value == NULL)
267 		return NULL;
268 	res = os_snprintf(value, 20, "%d", *src);
269 	if (os_snprintf_error(20, res)) {
270 		os_free(value);
271 		return NULL;
272 	}
273 	value[20 - 1] = '\0';
274 	return value;
275 }
276 #endif /* NO_CONFIG_WRITE */
277 
278 
wpa_config_parse_addr_list(const struct parse_data * data,int line,const char * value,u8 ** list,size_t * num,char * name,u8 abort_on_error,u8 masked)279 static int wpa_config_parse_addr_list(const struct parse_data *data,
280 				      int line, const char *value,
281 				      u8 **list, size_t *num, char *name,
282 				      u8 abort_on_error, u8 masked)
283 {
284 	const char *pos;
285 	u8 *buf, *n, addr[2 * ETH_ALEN];
286 	size_t count;
287 
288 	buf = NULL;
289 	count = 0;
290 
291 	pos = value;
292 	while (pos && *pos) {
293 		while (*pos == ' ')
294 			pos++;
295 
296 		if (hwaddr_masked_aton(pos, addr, &addr[ETH_ALEN], masked)) {
297 			if (abort_on_error || count == 0) {
298 				wpa_printf(MSG_ERROR,
299 					   "Line %d: Invalid %s address '%s'",
300 					   line, name, value);
301 				os_free(buf);
302 				return -1;
303 			}
304 			/* continue anyway since this could have been from a
305 			 * truncated configuration file line */
306 			wpa_printf(MSG_INFO,
307 				   "Line %d: Ignore likely truncated %s address '%s'",
308 				   line, name, pos);
309 		} else {
310 			n = os_realloc_array(buf, count + 1, 2 * ETH_ALEN);
311 			if (n == NULL) {
312 				os_free(buf);
313 				return -1;
314 			}
315 			buf = n;
316 			os_memmove(buf + 2 * ETH_ALEN, buf,
317 				   count * 2 * ETH_ALEN);
318 			os_memcpy(buf, addr, 2 * ETH_ALEN);
319 			count++;
320 			wpa_printf(MSG_MSGDUMP,
321 				   "%s: addr=" MACSTR " mask=" MACSTR,
322 				   name, MAC2STR(addr),
323 				   MAC2STR(&addr[ETH_ALEN]));
324 		}
325 
326 		pos = os_strchr(pos, ' ');
327 	}
328 
329 	os_free(*list);
330 	*list = buf;
331 	*num = count;
332 
333 	return 0;
334 }
335 
336 
337 #ifndef NO_CONFIG_WRITE
wpa_config_write_addr_list(const struct parse_data * data,const u8 * list,size_t num,char * name)338 static char * wpa_config_write_addr_list(const struct parse_data *data,
339 					 const u8 *list, size_t num, char *name)
340 {
341 	char *value, *end, *pos;
342 	int res;
343 	size_t i;
344 
345 	if (list == NULL || num == 0)
346 		return NULL;
347 
348 	value = os_malloc(2 * 20 * num);
349 	if (value == NULL)
350 		return NULL;
351 	pos = value;
352 	end = value + 2 * 20 * num;
353 
354 	for (i = num; i > 0; i--) {
355 		const u8 *a = list + (i - 1) * 2 * ETH_ALEN;
356 		const u8 *m = a + ETH_ALEN;
357 
358 		if (i < num)
359 			*pos++ = ' ';
360 		res = hwaddr_mask_txt(pos, end - pos, a, m);
361 		if (res < 0) {
362 			os_free(value);
363 			return NULL;
364 		}
365 		pos += res;
366 	}
367 
368 	return value;
369 }
370 #endif /* NO_CONFIG_WRITE */
371 
wpa_config_parse_bssid(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)372 static int wpa_config_parse_bssid(const struct parse_data *data,
373 				  struct wpa_ssid *ssid, int line,
374 				  const char *value)
375 {
376 	if (value[0] == '\0' || os_strcmp(value, "\"\"") == 0 ||
377 	    os_strcmp(value, "any") == 0) {
378 		ssid->bssid_set = 0;
379 		wpa_printf(MSG_MSGDUMP, "BSSID any");
380 		return 0;
381 	}
382 	if (hwaddr_aton(value, ssid->bssid)) {
383 		wpa_printf(MSG_ERROR, "Line %d: Invalid BSSID '%s'.",
384 			   line, value);
385 		return -1;
386 	}
387 	ssid->bssid_set = 1;
388 	wpa_hexdump(MSG_MSGDUMP, "BSSID", ssid->bssid, ETH_ALEN);
389 	return 0;
390 }
391 
392 
393 #ifndef NO_CONFIG_WRITE
wpa_config_write_bssid(const struct parse_data * data,struct wpa_ssid * ssid)394 static char * wpa_config_write_bssid(const struct parse_data *data,
395 				     struct wpa_ssid *ssid)
396 {
397 	char *value;
398 	int res;
399 
400 	if (!ssid->bssid_set)
401 		return NULL;
402 
403 	value = os_malloc(20);
404 	if (value == NULL)
405 		return NULL;
406 	res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->bssid));
407 	if (os_snprintf_error(20, res)) {
408 		os_free(value);
409 		return NULL;
410 	}
411 	value[20 - 1] = '\0';
412 	return value;
413 }
414 #endif /* NO_CONFIG_WRITE */
415 
416 
wpa_config_parse_bssid_hint(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)417 static int wpa_config_parse_bssid_hint(const struct parse_data *data,
418 				       struct wpa_ssid *ssid, int line,
419 				       const char *value)
420 {
421 	if (value[0] == '\0' || os_strcmp(value, "\"\"") == 0 ||
422 	    os_strcmp(value, "any") == 0) {
423 		ssid->bssid_hint_set = 0;
424 		wpa_printf(MSG_MSGDUMP, "BSSID hint any");
425 		return 0;
426 	}
427 	if (hwaddr_aton(value, ssid->bssid_hint)) {
428 		wpa_printf(MSG_ERROR, "Line %d: Invalid BSSID hint '%s'.",
429 			   line, value);
430 		return -1;
431 	}
432 	ssid->bssid_hint_set = 1;
433 	wpa_hexdump(MSG_MSGDUMP, "BSSID hint", ssid->bssid_hint, ETH_ALEN);
434 	return 0;
435 }
436 
437 
438 #ifndef NO_CONFIG_WRITE
wpa_config_write_bssid_hint(const struct parse_data * data,struct wpa_ssid * ssid)439 static char * wpa_config_write_bssid_hint(const struct parse_data *data,
440 					  struct wpa_ssid *ssid)
441 {
442 	char *value;
443 	int res;
444 
445 	if (!ssid->bssid_hint_set)
446 		return NULL;
447 
448 	value = os_malloc(20);
449 	if (!value)
450 		return NULL;
451 	res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->bssid_hint));
452 	if (os_snprintf_error(20, res)) {
453 		os_free(value);
454 		return NULL;
455 	}
456 	return value;
457 }
458 #endif /* NO_CONFIG_WRITE */
459 
460 
wpa_config_parse_bssid_ignore(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)461 static int wpa_config_parse_bssid_ignore(const struct parse_data *data,
462 					 struct wpa_ssid *ssid, int line,
463 					 const char *value)
464 {
465 	return wpa_config_parse_addr_list(data, line, value,
466 					  &ssid->bssid_ignore,
467 					  &ssid->num_bssid_ignore,
468 					  "bssid_ignore", 1, 1);
469 }
470 
471 
472 /* deprecated alias for bssid_ignore for backwards compatibility */
wpa_config_parse_bssid_blacklist(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)473 static int wpa_config_parse_bssid_blacklist(const struct parse_data *data,
474 					    struct wpa_ssid *ssid, int line,
475 					    const char *value)
476 {
477 	return wpa_config_parse_addr_list(data, line, value,
478 					  &ssid->bssid_ignore,
479 					  &ssid->num_bssid_ignore,
480 					  "bssid_ignore", 1, 1);
481 }
482 
483 
484 #ifndef NO_CONFIG_WRITE
485 
wpa_config_write_bssid_ignore(const struct parse_data * data,struct wpa_ssid * ssid)486 static char * wpa_config_write_bssid_ignore(const struct parse_data *data,
487 					    struct wpa_ssid *ssid)
488 {
489 	return wpa_config_write_addr_list(data, ssid->bssid_ignore,
490 					  ssid->num_bssid_ignore,
491 					  "bssid_ignore");
492 }
493 
494 
495 /* deprecated alias for bssid_ignore for backwards compatibility */
wpa_config_write_bssid_blacklist(const struct parse_data * data,struct wpa_ssid * ssid)496 static char * wpa_config_write_bssid_blacklist(const struct parse_data *data,
497 					       struct wpa_ssid *ssid)
498 {
499 	return wpa_config_write_addr_list(data, ssid->bssid_ignore,
500 					  ssid->num_bssid_ignore,
501 					  "bssid_ignore");
502 }
503 
504 #endif /* NO_CONFIG_WRITE */
505 
506 
wpa_config_parse_bssid_accept(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)507 static int wpa_config_parse_bssid_accept(const struct parse_data *data,
508 					 struct wpa_ssid *ssid, int line,
509 					 const char *value)
510 {
511 	return wpa_config_parse_addr_list(data, line, value,
512 					  &ssid->bssid_accept,
513 					  &ssid->num_bssid_accept,
514 					  "bssid_accept", 1, 1);
515 }
516 
517 
518 /* deprecated alias for bssid_accept for backwards compatibility */
wpa_config_parse_bssid_whitelist(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)519 static int wpa_config_parse_bssid_whitelist(const struct parse_data *data,
520 					    struct wpa_ssid *ssid, int line,
521 					    const char *value)
522 {
523 	return wpa_config_parse_addr_list(data, line, value,
524 					  &ssid->bssid_accept,
525 					  &ssid->num_bssid_accept,
526 					  "bssid_accept", 1, 1);
527 }
528 
529 
530 #ifndef NO_CONFIG_WRITE
531 
wpa_config_write_bssid_accept(const struct parse_data * data,struct wpa_ssid * ssid)532 static char * wpa_config_write_bssid_accept(const struct parse_data *data,
533 					    struct wpa_ssid *ssid)
534 {
535 	return wpa_config_write_addr_list(data, ssid->bssid_accept,
536 					  ssid->num_bssid_accept,
537 					  "bssid_accept");
538 }
539 
540 
541 /* deprecated alias for bssid_accept for backwards compatibility */
wpa_config_write_bssid_whitelist(const struct parse_data * data,struct wpa_ssid * ssid)542 static char * wpa_config_write_bssid_whitelist(const struct parse_data *data,
543 					       struct wpa_ssid *ssid)
544 {
545 	return wpa_config_write_addr_list(data, ssid->bssid_accept,
546 					  ssid->num_bssid_accept,
547 					  "bssid_accept");
548 }
549 
550 #endif /* NO_CONFIG_WRITE */
551 
552 
553 #ifndef NO_CONFIG_WRITE
554 #endif /* NO_CONFIG_WRITE */
555 
556 
wpa_config_parse_psk(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)557 static int wpa_config_parse_psk(const struct parse_data *data,
558 				struct wpa_ssid *ssid, int line,
559 				const char *value)
560 {
561 #ifdef CONFIG_EXT_PASSWORD
562 	if (os_strncmp(value, "ext:", 4) == 0) {
563 		str_clear_free(ssid->passphrase);
564 		ssid->passphrase = NULL;
565 		ssid->psk_set = 0;
566 		os_free(ssid->ext_psk);
567 		ssid->ext_psk = os_strdup(value + 4);
568 		if (ssid->ext_psk == NULL)
569 			return -1;
570 		wpa_printf(MSG_DEBUG, "PSK: External password '%s'",
571 			   ssid->ext_psk);
572 		return 0;
573 	}
574 #endif /* CONFIG_EXT_PASSWORD */
575 
576 	if (*value == '"') {
577 #ifndef CONFIG_NO_PBKDF2
578 		const char *pos;
579 		size_t len;
580 
581 		value++;
582 		pos = os_strrchr(value, '"');
583 		if (pos)
584 			len = pos - value;
585 		else
586 			len = os_strlen(value);
587 		if (len < 8 || len > 63) {
588 			wpa_printf(MSG_ERROR, "Line %d: Invalid passphrase "
589 				   "length %lu (expected: 8..63) '%s'.",
590 				   line, (unsigned long) len, value);
591 			return -1;
592 		}
593 		wpa_hexdump_ascii_key(MSG_MSGDUMP, "PSK (ASCII passphrase)",
594 				      (u8 *) value, len);
595 		if (has_ctrl_char((u8 *) value, len)) {
596 			wpa_printf(MSG_ERROR,
597 				   "Line %d: Invalid passphrase character",
598 				   line);
599 			return -1;
600 		}
601 		if (ssid->passphrase && os_strlen(ssid->passphrase) == len &&
602 		    os_memcmp(ssid->passphrase, value, len) == 0) {
603 			/* No change to the previously configured value */
604 			return 1;
605 		}
606 		ssid->psk_set = 0;
607 		str_clear_free(ssid->passphrase);
608 		ssid->passphrase = dup_binstr(value, len);
609 		if (ssid->passphrase == NULL)
610 			return -1;
611 		return 0;
612 #else /* CONFIG_NO_PBKDF2 */
613 		wpa_printf(MSG_ERROR, "Line %d: ASCII passphrase not "
614 			   "supported.", line);
615 		return -1;
616 #endif /* CONFIG_NO_PBKDF2 */
617 	}
618 
619 	if (hexstr2bin(value, ssid->psk, PMK_LEN) ||
620 	    value[PMK_LEN * 2] != '\0') {
621 		wpa_printf(MSG_ERROR, "Line %d: Invalid PSK '%s'.",
622 			   line, value);
623 		return -1;
624 	}
625 
626 	str_clear_free(ssid->passphrase);
627 	ssid->passphrase = NULL;
628 
629 	ssid->psk_set = 1;
630 	wpa_hexdump_key(MSG_MSGDUMP, "PSK", ssid->psk, PMK_LEN);
631 	return 0;
632 }
633 
634 
635 #ifndef NO_CONFIG_WRITE
wpa_config_write_psk(const struct parse_data * data,struct wpa_ssid * ssid)636 static char * wpa_config_write_psk(const struct parse_data *data,
637 				   struct wpa_ssid *ssid)
638 {
639 #ifdef CONFIG_EXT_PASSWORD
640 	if (ssid->ext_psk) {
641 		size_t len = 4 + os_strlen(ssid->ext_psk) + 1;
642 		char *buf = os_malloc(len);
643 		int res;
644 
645 		if (buf == NULL)
646 			return NULL;
647 		res = os_snprintf(buf, len, "ext:%s", ssid->ext_psk);
648 		if (os_snprintf_error(len, res)) {
649 			os_free(buf);
650 			buf = NULL;
651 		}
652 		return buf;
653 	}
654 #endif /* CONFIG_EXT_PASSWORD */
655 
656 	if (ssid->passphrase)
657 		return wpa_config_write_string_ascii(
658 			(const u8 *) ssid->passphrase,
659 			os_strlen(ssid->passphrase));
660 
661 	if (ssid->psk_set)
662 		return wpa_config_write_string_hex(ssid->psk, PMK_LEN);
663 
664 	return NULL;
665 }
666 #endif /* NO_CONFIG_WRITE */
667 
668 
wpa_config_parse_proto(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)669 static int wpa_config_parse_proto(const struct parse_data *data,
670 				  struct wpa_ssid *ssid, int line,
671 				  const char *value)
672 {
673 	int val = 0, last, errors = 0;
674 	char *start, *end, *buf;
675 
676 	buf = os_strdup(value);
677 	if (buf == NULL)
678 		return -1;
679 	start = buf;
680 
681 	while (*start != '\0') {
682 		while (*start == ' ' || *start == '\t')
683 			start++;
684 		if (*start == '\0')
685 			break;
686 		end = start;
687 		while (*end != ' ' && *end != '\t' && *end != '\0')
688 			end++;
689 		last = *end == '\0';
690 		*end = '\0';
691 		if (os_strcmp(start, "WPA") == 0)
692 			val |= WPA_PROTO_WPA;
693 		else if (os_strcmp(start, "RSN") == 0 ||
694 			 os_strcmp(start, "WPA2") == 0)
695 			val |= WPA_PROTO_RSN;
696 		else if (os_strcmp(start, "OSEN") == 0)
697 			val |= WPA_PROTO_OSEN;
698 		else {
699 			wpa_printf(MSG_ERROR, "Line %d: invalid proto '%s'",
700 				   line, start);
701 			errors++;
702 		}
703 
704 		if (last)
705 			break;
706 		start = end + 1;
707 	}
708 	os_free(buf);
709 
710 	if (val == 0) {
711 		wpa_printf(MSG_ERROR,
712 			   "Line %d: no proto values configured.", line);
713 		errors++;
714 	}
715 
716 	if (!errors && ssid->proto == val)
717 		return 1;
718 	wpa_printf(MSG_MSGDUMP, "proto: 0x%x", val);
719 	ssid->proto = val;
720 	return errors ? -1 : 0;
721 }
722 
723 
724 #ifndef NO_CONFIG_WRITE
wpa_config_write_proto(const struct parse_data * data,struct wpa_ssid * ssid)725 static char * wpa_config_write_proto(const struct parse_data *data,
726 				     struct wpa_ssid *ssid)
727 {
728 	int ret;
729 	char *buf, *pos, *end;
730 
731 	pos = buf = os_zalloc(20);
732 	if (buf == NULL)
733 		return NULL;
734 	end = buf + 20;
735 
736 	if (ssid->proto & WPA_PROTO_WPA) {
737 		ret = os_snprintf(pos, end - pos, "%sWPA",
738 				  pos == buf ? "" : " ");
739 		if (os_snprintf_error(end - pos, ret))
740 			return buf;
741 		pos += ret;
742 	}
743 
744 	if (ssid->proto & WPA_PROTO_RSN) {
745 		ret = os_snprintf(pos, end - pos, "%sRSN",
746 				  pos == buf ? "" : " ");
747 		if (os_snprintf_error(end - pos, ret))
748 			return buf;
749 		pos += ret;
750 	}
751 
752 	if (ssid->proto & WPA_PROTO_OSEN) {
753 		ret = os_snprintf(pos, end - pos, "%sOSEN",
754 				  pos == buf ? "" : " ");
755 		if (os_snprintf_error(end - pos, ret))
756 			return buf;
757 		pos += ret;
758 	}
759 
760 	if (pos == buf) {
761 		os_free(buf);
762 		buf = NULL;
763 	}
764 
765 	return buf;
766 }
767 #endif /* NO_CONFIG_WRITE */
768 
769 
wpa_config_parse_key_mgmt(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)770 static int wpa_config_parse_key_mgmt(const struct parse_data *data,
771 				     struct wpa_ssid *ssid, int line,
772 				     const char *value)
773 {
774 	int val = 0, last, errors = 0;
775 	char *start, *end, *buf;
776 
777 	buf = os_strdup(value);
778 	if (buf == NULL)
779 		return -1;
780 	start = buf;
781 
782 	while (*start != '\0') {
783 		while (*start == ' ' || *start == '\t')
784 			start++;
785 		if (*start == '\0')
786 			break;
787 		end = start;
788 		while (*end != ' ' && *end != '\t' && *end != '\0')
789 			end++;
790 		last = *end == '\0';
791 		*end = '\0';
792 		if (os_strcmp(start, "WPA-PSK") == 0)
793 			val |= WPA_KEY_MGMT_PSK;
794 		else if (os_strcmp(start, "WPA-EAP") == 0)
795 			val |= WPA_KEY_MGMT_IEEE8021X;
796 		else if (os_strcmp(start, "IEEE8021X") == 0)
797 			val |= WPA_KEY_MGMT_IEEE8021X_NO_WPA;
798 		else if (os_strcmp(start, "NONE") == 0)
799 			val |= WPA_KEY_MGMT_NONE;
800 		else if (os_strcmp(start, "WPA-NONE") == 0)
801 			val |= WPA_KEY_MGMT_WPA_NONE;
802 #ifdef CONFIG_IEEE80211R
803 		else if (os_strcmp(start, "FT-PSK") == 0)
804 			val |= WPA_KEY_MGMT_FT_PSK;
805 		else if (os_strcmp(start, "FT-EAP") == 0)
806 			val |= WPA_KEY_MGMT_FT_IEEE8021X;
807 #ifdef CONFIG_SHA384
808 		else if (os_strcmp(start, "FT-EAP-SHA384") == 0)
809 			val |= WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
810 #endif /* CONFIG_SHA384 */
811 #endif /* CONFIG_IEEE80211R */
812 #ifdef CONFIG_SHA384
813 		else if (os_strcmp(start, "WPA-EAP-SHA384") == 0)
814 			val |= WPA_KEY_MGMT_IEEE8021X_SHA384;
815 #endif /* CONFIG_SHA384 */
816 		else if (os_strcmp(start, "WPA-PSK-SHA256") == 0)
817 			val |= WPA_KEY_MGMT_PSK_SHA256;
818 		else if (os_strcmp(start, "WPA-EAP-SHA256") == 0)
819 			val |= WPA_KEY_MGMT_IEEE8021X_SHA256;
820 #ifdef CONFIG_WPS
821 		else if (os_strcmp(start, "WPS") == 0)
822 			val |= WPA_KEY_MGMT_WPS;
823 #endif /* CONFIG_WPS */
824 #ifdef CONFIG_SAE
825 		else if (os_strcmp(start, "SAE") == 0)
826 			val |= WPA_KEY_MGMT_SAE;
827 		else if (os_strcmp(start, "SAE-EXT-KEY") == 0)
828 			val |= WPA_KEY_MGMT_SAE_EXT_KEY;
829 		else if (os_strcmp(start, "FT-SAE") == 0)
830 			val |= WPA_KEY_MGMT_FT_SAE;
831 		else if (os_strcmp(start, "FT-SAE-EXT-KEY") == 0)
832 			val |= WPA_KEY_MGMT_FT_SAE_EXT_KEY;
833 #endif /* CONFIG_SAE */
834 #ifdef CONFIG_HS20
835 		else if (os_strcmp(start, "OSEN") == 0)
836 			val |= WPA_KEY_MGMT_OSEN;
837 #endif /* CONFIG_HS20 */
838 #ifdef CONFIG_SUITEB
839 		else if (os_strcmp(start, "WPA-EAP-SUITE-B") == 0)
840 			val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B;
841 #endif /* CONFIG_SUITEB */
842 #ifdef CONFIG_SUITEB192
843 		else if (os_strcmp(start, "WPA-EAP-SUITE-B-192") == 0)
844 			val |= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
845 #endif /* CONFIG_SUITEB192 */
846 #ifdef CONFIG_FILS
847 		else if (os_strcmp(start, "FILS-SHA256") == 0)
848 			val |= WPA_KEY_MGMT_FILS_SHA256;
849 		else if (os_strcmp(start, "FILS-SHA384") == 0)
850 			val |= WPA_KEY_MGMT_FILS_SHA384;
851 #ifdef CONFIG_IEEE80211R
852 		else if (os_strcmp(start, "FT-FILS-SHA256") == 0)
853 			val |= WPA_KEY_MGMT_FT_FILS_SHA256;
854 		else if (os_strcmp(start, "FT-FILS-SHA384") == 0)
855 			val |= WPA_KEY_MGMT_FT_FILS_SHA384;
856 #endif /* CONFIG_IEEE80211R */
857 #endif /* CONFIG_FILS */
858 #ifdef CONFIG_OWE
859 		else if (os_strcmp(start, "OWE") == 0)
860 			val |= WPA_KEY_MGMT_OWE;
861 #endif /* CONFIG_OWE */
862 #ifdef CONFIG_DPP
863 		else if (os_strcmp(start, "DPP") == 0)
864 			val |= WPA_KEY_MGMT_DPP;
865 #endif /* CONFIG_DPP */
866 		else {
867 			wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'",
868 				   line, start);
869 			errors++;
870 		}
871 
872 		if (last)
873 			break;
874 		start = end + 1;
875 	}
876 	os_free(buf);
877 
878 	if (val == 0) {
879 		wpa_printf(MSG_ERROR,
880 			   "Line %d: no key_mgmt values configured.", line);
881 		errors++;
882 	}
883 
884 	if (!errors && ssid->key_mgmt == val)
885 		return 1;
886 	wpa_printf(MSG_MSGDUMP, "key_mgmt: 0x%x", val);
887 	ssid->key_mgmt = val;
888 	return errors ? -1 : 0;
889 }
890 
891 
892 #ifndef NO_CONFIG_WRITE
wpa_config_write_key_mgmt(const struct parse_data * data,struct wpa_ssid * ssid)893 static char * wpa_config_write_key_mgmt(const struct parse_data *data,
894 					struct wpa_ssid *ssid)
895 {
896 	char *buf, *pos, *end;
897 	int ret;
898 
899 	pos = buf = os_zalloc(100);
900 	if (buf == NULL)
901 		return NULL;
902 	end = buf + 100;
903 
904 	if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
905 		ret = os_snprintf(pos, end - pos, "%sWPA-PSK",
906 				  pos == buf ? "" : " ");
907 		if (os_snprintf_error(end - pos, ret)) {
908 			end[-1] = '\0';
909 			return buf;
910 		}
911 		pos += ret;
912 	}
913 
914 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
915 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP",
916 				  pos == buf ? "" : " ");
917 		if (os_snprintf_error(end - pos, ret)) {
918 			end[-1] = '\0';
919 			return buf;
920 		}
921 		pos += ret;
922 	}
923 
924 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
925 		ret = os_snprintf(pos, end - pos, "%sIEEE8021X",
926 				  pos == buf ? "" : " ");
927 		if (os_snprintf_error(end - pos, ret)) {
928 			end[-1] = '\0';
929 			return buf;
930 		}
931 		pos += ret;
932 	}
933 
934 	if (ssid->key_mgmt & WPA_KEY_MGMT_NONE) {
935 		ret = os_snprintf(pos, end - pos, "%sNONE",
936 				  pos == buf ? "" : " ");
937 		if (os_snprintf_error(end - pos, ret)) {
938 			end[-1] = '\0';
939 			return buf;
940 		}
941 		pos += ret;
942 	}
943 
944 	if (ssid->key_mgmt & WPA_KEY_MGMT_WPA_NONE) {
945 		ret = os_snprintf(pos, end - pos, "%sWPA-NONE",
946 				  pos == buf ? "" : " ");
947 		if (os_snprintf_error(end - pos, ret)) {
948 			end[-1] = '\0';
949 			return buf;
950 		}
951 		pos += ret;
952 	}
953 
954 #ifdef CONFIG_IEEE80211R
955 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_PSK) {
956 		ret = os_snprintf(pos, end - pos, "%sFT-PSK",
957 				  pos == buf ? "" : " ");
958 		if (os_snprintf_error(end - pos, ret)) {
959 			end[-1] = '\0';
960 			return buf;
961 		}
962 		pos += ret;
963 	}
964 
965 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
966 		ret = os_snprintf(pos, end - pos, "%sFT-EAP",
967 				  pos == buf ? "" : " ");
968 		if (os_snprintf_error(end - pos, ret)) {
969 			end[-1] = '\0';
970 			return buf;
971 		}
972 		pos += ret;
973 	}
974 
975 #ifdef CONFIG_SHA384
976 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
977 		ret = os_snprintf(pos, end - pos, "%sFT-EAP-SHA384",
978 				  pos == buf ? "" : " ");
979 		if (os_snprintf_error(end - pos, ret)) {
980 			end[-1] = '\0';
981 			return buf;
982 		}
983 		pos += ret;
984 	}
985 #endif /* CONFIG_SHA384 */
986 #endif /* CONFIG_IEEE80211R */
987 
988 #ifdef CONFIG_SHA384
989 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA384) {
990 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP-SHA384",
991 				  pos == buf ? "" : " ");
992 		if (os_snprintf_error(end - pos, ret)) {
993 			end[-1] = '\0';
994 			return buf;
995 		}
996 		pos += ret;
997 	}
998 #endif /* CONFIG_SHA384 */
999 
1000 	if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
1001 		ret = os_snprintf(pos, end - pos, "%sWPA-PSK-SHA256",
1002 				  pos == buf ? "" : " ");
1003 		if (os_snprintf_error(end - pos, ret)) {
1004 			end[-1] = '\0';
1005 			return buf;
1006 		}
1007 		pos += ret;
1008 	}
1009 
1010 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1011 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP-SHA256",
1012 				  pos == buf ? "" : " ");
1013 		if (os_snprintf_error(end - pos, ret)) {
1014 			end[-1] = '\0';
1015 			return buf;
1016 		}
1017 		pos += ret;
1018 	}
1019 
1020 #ifdef CONFIG_WPS
1021 	if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1022 		ret = os_snprintf(pos, end - pos, "%sWPS",
1023 				  pos == buf ? "" : " ");
1024 		if (os_snprintf_error(end - pos, ret)) {
1025 			end[-1] = '\0';
1026 			return buf;
1027 		}
1028 		pos += ret;
1029 	}
1030 #endif /* CONFIG_WPS */
1031 
1032 #ifdef CONFIG_SAE
1033 	if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1034 		ret = os_snprintf(pos, end - pos, "%sSAE",
1035 				  pos == buf ? "" : " ");
1036 		if (os_snprintf_error(end - pos, ret)) {
1037 			end[-1] = '\0';
1038 			return buf;
1039 		}
1040 		pos += ret;
1041 	}
1042 
1043 	if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1044 		ret = os_snprintf(pos, end - pos, "%sSAE-EXT-KEY",
1045 				  pos == buf ? "" : " ");
1046 		if (os_snprintf_error(end - pos, ret)) {
1047 			end[-1] = '\0';
1048 			return buf;
1049 		}
1050 		pos += ret;
1051 	}
1052 
1053 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_SAE) {
1054 		ret = os_snprintf(pos, end - pos, "%sFT-SAE",
1055 				  pos == buf ? "" : " ");
1056 		if (os_snprintf_error(end - pos, ret)) {
1057 			end[-1] = '\0';
1058 			return buf;
1059 		}
1060 		pos += ret;
1061 	}
1062 
1063 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
1064 		ret = os_snprintf(pos, end - pos, "%sFT-SAE-EXT-KEY",
1065 				  pos == buf ? "" : " ");
1066 		if (os_snprintf_error(end - pos, ret)) {
1067 			end[-1] = '\0';
1068 			return buf;
1069 		}
1070 		pos += ret;
1071 	}
1072 #endif /* CONFIG_SAE */
1073 
1074 #ifdef CONFIG_HS20
1075 	if (ssid->key_mgmt & WPA_KEY_MGMT_OSEN) {
1076 		ret = os_snprintf(pos, end - pos, "%sOSEN",
1077 				  pos == buf ? "" : " ");
1078 		if (os_snprintf_error(end - pos, ret)) {
1079 			end[-1] = '\0';
1080 			return buf;
1081 		}
1082 		pos += ret;
1083 	}
1084 #endif /* CONFIG_HS20 */
1085 
1086 #ifdef CONFIG_SUITEB
1087 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1088 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP-SUITE-B",
1089 				  pos == buf ? "" : " ");
1090 		if (os_snprintf_error(end - pos, ret)) {
1091 			end[-1] = '\0';
1092 			return buf;
1093 		}
1094 		pos += ret;
1095 	}
1096 #endif /* CONFIG_SUITEB */
1097 
1098 #ifdef CONFIG_SUITEB192
1099 	if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1100 		ret = os_snprintf(pos, end - pos, "%sWPA-EAP-SUITE-B-192",
1101 				  pos == buf ? "" : " ");
1102 		if (os_snprintf_error(end - pos, ret)) {
1103 			end[-1] = '\0';
1104 			return buf;
1105 		}
1106 		pos += ret;
1107 	}
1108 #endif /* CONFIG_SUITEB192 */
1109 
1110 #ifdef CONFIG_FILS
1111 	if (ssid->key_mgmt & WPA_KEY_MGMT_FILS_SHA256) {
1112 		ret = os_snprintf(pos, end - pos, "%sFILS-SHA256",
1113 				  pos == buf ? "" : " ");
1114 		if (os_snprintf_error(end - pos, ret)) {
1115 			end[-1] = '\0';
1116 			return buf;
1117 		}
1118 		pos += ret;
1119 	}
1120 	if (ssid->key_mgmt & WPA_KEY_MGMT_FILS_SHA384) {
1121 		ret = os_snprintf(pos, end - pos, "%sFILS-SHA384",
1122 				  pos == buf ? "" : " ");
1123 		if (os_snprintf_error(end - pos, ret)) {
1124 			end[-1] = '\0';
1125 			return buf;
1126 		}
1127 		pos += ret;
1128 	}
1129 #ifdef CONFIG_IEEE80211R
1130 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA256) {
1131 		ret = os_snprintf(pos, end - pos, "%sFT-FILS-SHA256",
1132 				  pos == buf ? "" : " ");
1133 		if (os_snprintf_error(end - pos, ret)) {
1134 			end[-1] = '\0';
1135 			return buf;
1136 		}
1137 		pos += ret;
1138 	}
1139 	if (ssid->key_mgmt & WPA_KEY_MGMT_FT_FILS_SHA384) {
1140 		ret = os_snprintf(pos, end - pos, "%sFT-FILS-SHA384",
1141 				  pos == buf ? "" : " ");
1142 		if (os_snprintf_error(end - pos, ret)) {
1143 			end[-1] = '\0';
1144 			return buf;
1145 		}
1146 		pos += ret;
1147 	}
1148 #endif /* CONFIG_IEEE80211R */
1149 #endif /* CONFIG_FILS */
1150 
1151 #ifdef CONFIG_DPP
1152 	if (ssid->key_mgmt & WPA_KEY_MGMT_DPP) {
1153 		ret = os_snprintf(pos, end - pos, "%sDPP",
1154 				  pos == buf ? "" : " ");
1155 		if (os_snprintf_error(end - pos, ret)) {
1156 			end[-1] = '\0';
1157 			return buf;
1158 		}
1159 		pos += ret;
1160 	}
1161 #endif /* CONFIG_DPP */
1162 
1163 #ifdef CONFIG_OWE
1164 	if (ssid->key_mgmt & WPA_KEY_MGMT_OWE) {
1165 		ret = os_snprintf(pos, end - pos, "%sOWE",
1166 				  pos == buf ? "" : " ");
1167 		if (os_snprintf_error(end - pos, ret)) {
1168 			end[-1] = '\0';
1169 			return buf;
1170 		}
1171 		pos += ret;
1172 	}
1173 #endif /* CONFIG_OWE */
1174 
1175 	if (pos == buf) {
1176 		os_free(buf);
1177 		buf = NULL;
1178 	}
1179 
1180 	return buf;
1181 }
1182 #endif /* NO_CONFIG_WRITE */
1183 
1184 
wpa_config_parse_cipher(int line,const char * value)1185 static int wpa_config_parse_cipher(int line, const char *value)
1186 {
1187 #ifdef CONFIG_NO_WPA
1188 	return -1;
1189 #else /* CONFIG_NO_WPA */
1190 	int val = wpa_parse_cipher(value);
1191 	if (val < 0) {
1192 		wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.",
1193 			   line, value);
1194 		return -1;
1195 	}
1196 	if (val == 0) {
1197 		wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.",
1198 			   line);
1199 		return -1;
1200 	}
1201 	return val;
1202 #endif /* CONFIG_NO_WPA */
1203 }
1204 
1205 
1206 #ifndef NO_CONFIG_WRITE
wpa_config_write_cipher(int cipher)1207 static char * wpa_config_write_cipher(int cipher)
1208 {
1209 #ifdef CONFIG_NO_WPA
1210 	return NULL;
1211 #else /* CONFIG_NO_WPA */
1212 	char *buf = os_zalloc(50);
1213 	if (buf == NULL)
1214 		return NULL;
1215 
1216 	if (wpa_write_ciphers(buf, buf + 50, cipher, " ") < 0) {
1217 		os_free(buf);
1218 		return NULL;
1219 	}
1220 
1221 	return buf;
1222 #endif /* CONFIG_NO_WPA */
1223 }
1224 #endif /* NO_CONFIG_WRITE */
1225 
1226 
wpa_config_parse_pairwise(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1227 static int wpa_config_parse_pairwise(const struct parse_data *data,
1228 				     struct wpa_ssid *ssid, int line,
1229 				     const char *value)
1230 {
1231 	int val;
1232 	val = wpa_config_parse_cipher(line, value);
1233 	if (val == -1)
1234 		return -1;
1235 	if (val & ~WPA_ALLOWED_PAIRWISE_CIPHERS) {
1236 		wpa_printf(MSG_ERROR, "Line %d: not allowed pairwise cipher "
1237 			   "(0x%x).", line, val);
1238 		return -1;
1239 	}
1240 
1241 	if (ssid->pairwise_cipher == val)
1242 		return 1;
1243 	wpa_printf(MSG_MSGDUMP, "pairwise: 0x%x", val);
1244 	ssid->pairwise_cipher = val;
1245 	return 0;
1246 }
1247 
1248 
1249 #ifndef NO_CONFIG_WRITE
wpa_config_write_pairwise(const struct parse_data * data,struct wpa_ssid * ssid)1250 static char * wpa_config_write_pairwise(const struct parse_data *data,
1251 					struct wpa_ssid *ssid)
1252 {
1253 	return wpa_config_write_cipher(ssid->pairwise_cipher);
1254 }
1255 #endif /* NO_CONFIG_WRITE */
1256 
1257 
wpa_config_parse_group(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1258 static int wpa_config_parse_group(const struct parse_data *data,
1259 				  struct wpa_ssid *ssid, int line,
1260 				  const char *value)
1261 {
1262 	int val;
1263 	val = wpa_config_parse_cipher(line, value);
1264 	if (val == -1)
1265 		return -1;
1266 
1267 	/*
1268 	 * Backwards compatibility - filter out WEP ciphers that were previously
1269 	 * allowed.
1270 	 */
1271 	val &= ~(WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40);
1272 
1273 	if (val & ~WPA_ALLOWED_GROUP_CIPHERS) {
1274 		wpa_printf(MSG_ERROR, "Line %d: not allowed group cipher "
1275 			   "(0x%x).", line, val);
1276 		return -1;
1277 	}
1278 
1279 	if (ssid->group_cipher == val)
1280 		return 1;
1281 	wpa_printf(MSG_MSGDUMP, "group: 0x%x", val);
1282 	ssid->group_cipher = val;
1283 	return 0;
1284 }
1285 
1286 
1287 #ifndef NO_CONFIG_WRITE
wpa_config_write_group(const struct parse_data * data,struct wpa_ssid * ssid)1288 static char * wpa_config_write_group(const struct parse_data *data,
1289 				     struct wpa_ssid *ssid)
1290 {
1291 	return wpa_config_write_cipher(ssid->group_cipher);
1292 }
1293 #endif /* NO_CONFIG_WRITE */
1294 
1295 
wpa_config_parse_group_mgmt(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1296 static int wpa_config_parse_group_mgmt(const struct parse_data *data,
1297 				       struct wpa_ssid *ssid, int line,
1298 				       const char *value)
1299 {
1300 	int val;
1301 
1302 	val = wpa_config_parse_cipher(line, value);
1303 	if (val == -1)
1304 		return -1;
1305 
1306 	if (val & ~WPA_ALLOWED_GROUP_MGMT_CIPHERS) {
1307 		wpa_printf(MSG_ERROR,
1308 			   "Line %d: not allowed group management cipher (0x%x).",
1309 			   line, val);
1310 		return -1;
1311 	}
1312 
1313 	if (ssid->group_mgmt_cipher == val)
1314 		return 1;
1315 	wpa_printf(MSG_MSGDUMP, "group_mgmt: 0x%x", val);
1316 	ssid->group_mgmt_cipher = val;
1317 	return 0;
1318 }
1319 
1320 
1321 #ifndef NO_CONFIG_WRITE
wpa_config_write_group_mgmt(const struct parse_data * data,struct wpa_ssid * ssid)1322 static char * wpa_config_write_group_mgmt(const struct parse_data *data,
1323 					  struct wpa_ssid *ssid)
1324 {
1325 	return wpa_config_write_cipher(ssid->group_mgmt_cipher);
1326 }
1327 #endif /* NO_CONFIG_WRITE */
1328 
1329 
wpa_config_parse_auth_alg(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1330 static int wpa_config_parse_auth_alg(const struct parse_data *data,
1331 				     struct wpa_ssid *ssid, int line,
1332 				     const char *value)
1333 {
1334 	int val = 0, last, errors = 0;
1335 	char *start, *end, *buf;
1336 
1337 	buf = os_strdup(value);
1338 	if (buf == NULL)
1339 		return -1;
1340 	start = buf;
1341 
1342 	while (*start != '\0') {
1343 		while (*start == ' ' || *start == '\t')
1344 			start++;
1345 		if (*start == '\0')
1346 			break;
1347 		end = start;
1348 		while (*end != ' ' && *end != '\t' && *end != '\0')
1349 			end++;
1350 		last = *end == '\0';
1351 		*end = '\0';
1352 		if (os_strcmp(start, "OPEN") == 0)
1353 			val |= WPA_AUTH_ALG_OPEN;
1354 		else if (os_strcmp(start, "SHARED") == 0)
1355 			val |= WPA_AUTH_ALG_SHARED;
1356 		else if (os_strcmp(start, "LEAP") == 0)
1357 			val |= WPA_AUTH_ALG_LEAP;
1358 		else {
1359 			wpa_printf(MSG_ERROR, "Line %d: invalid auth_alg '%s'",
1360 				   line, start);
1361 			errors++;
1362 		}
1363 
1364 		if (last)
1365 			break;
1366 		start = end + 1;
1367 	}
1368 	os_free(buf);
1369 
1370 	if (val == 0) {
1371 		wpa_printf(MSG_ERROR,
1372 			   "Line %d: no auth_alg values configured.", line);
1373 		errors++;
1374 	}
1375 
1376 	if (!errors && ssid->auth_alg == val)
1377 		return 1;
1378 	wpa_printf(MSG_MSGDUMP, "auth_alg: 0x%x", val);
1379 	ssid->auth_alg = val;
1380 	return errors ? -1 : 0;
1381 }
1382 
1383 
1384 #ifndef NO_CONFIG_WRITE
wpa_config_write_auth_alg(const struct parse_data * data,struct wpa_ssid * ssid)1385 static char * wpa_config_write_auth_alg(const struct parse_data *data,
1386 					struct wpa_ssid *ssid)
1387 {
1388 	char *buf, *pos, *end;
1389 	int ret;
1390 
1391 	pos = buf = os_zalloc(30);
1392 	if (buf == NULL)
1393 		return NULL;
1394 	end = buf + 30;
1395 
1396 	if (ssid->auth_alg & WPA_AUTH_ALG_OPEN) {
1397 		ret = os_snprintf(pos, end - pos, "%sOPEN",
1398 				  pos == buf ? "" : " ");
1399 		if (os_snprintf_error(end - pos, ret)) {
1400 			end[-1] = '\0';
1401 			return buf;
1402 		}
1403 		pos += ret;
1404 	}
1405 
1406 	if (ssid->auth_alg & WPA_AUTH_ALG_SHARED) {
1407 		ret = os_snprintf(pos, end - pos, "%sSHARED",
1408 				  pos == buf ? "" : " ");
1409 		if (os_snprintf_error(end - pos, ret)) {
1410 			end[-1] = '\0';
1411 			return buf;
1412 		}
1413 		pos += ret;
1414 	}
1415 
1416 	if (ssid->auth_alg & WPA_AUTH_ALG_LEAP) {
1417 		ret = os_snprintf(pos, end - pos, "%sLEAP",
1418 				  pos == buf ? "" : " ");
1419 		if (os_snprintf_error(end - pos, ret)) {
1420 			end[-1] = '\0';
1421 			return buf;
1422 		}
1423 		pos += ret;
1424 	}
1425 
1426 	if (pos == buf) {
1427 		os_free(buf);
1428 		buf = NULL;
1429 	}
1430 
1431 	return buf;
1432 }
1433 #endif /* NO_CONFIG_WRITE */
1434 
1435 
wpa_config_parse_int_array(const char * value)1436 static int * wpa_config_parse_int_array(const char *value)
1437 {
1438 	int *freqs;
1439 	size_t used, len;
1440 	const char *pos;
1441 
1442 	used = 0;
1443 	len = 10;
1444 	freqs = os_calloc(len + 1, sizeof(int));
1445 	if (freqs == NULL)
1446 		return NULL;
1447 
1448 	pos = value;
1449 	while (pos) {
1450 		while (*pos == ' ')
1451 			pos++;
1452 		if (used == len) {
1453 			int *n;
1454 			size_t i;
1455 			n = os_realloc_array(freqs, len * 2 + 1, sizeof(int));
1456 			if (n == NULL) {
1457 				os_free(freqs);
1458 				return NULL;
1459 			}
1460 			for (i = len; i <= len * 2; i++)
1461 				n[i] = 0;
1462 			freqs = n;
1463 			len *= 2;
1464 		}
1465 
1466 		freqs[used] = atoi(pos);
1467 		if (freqs[used] == 0)
1468 			break;
1469 		used++;
1470 		pos = os_strchr(pos + 1, ' ');
1471 	}
1472 
1473 	return freqs;
1474 }
1475 
1476 
wpa_config_parse_scan_freq(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1477 static int wpa_config_parse_scan_freq(const struct parse_data *data,
1478 				      struct wpa_ssid *ssid, int line,
1479 				      const char *value)
1480 {
1481 	int *freqs;
1482 
1483 	freqs = wpa_config_parse_int_array(value);
1484 	if (freqs == NULL)
1485 		return -1;
1486 	if (freqs[0] == 0) {
1487 		os_free(freqs);
1488 		freqs = NULL;
1489 	}
1490 	os_free(ssid->scan_freq);
1491 	ssid->scan_freq = freqs;
1492 
1493 	return 0;
1494 }
1495 
1496 
wpa_config_parse_freq_list(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1497 static int wpa_config_parse_freq_list(const struct parse_data *data,
1498 				      struct wpa_ssid *ssid, int line,
1499 				      const char *value)
1500 {
1501 	int *freqs;
1502 
1503 	freqs = wpa_config_parse_int_array(value);
1504 	if (freqs == NULL)
1505 		return -1;
1506 	if (freqs[0] == 0) {
1507 		os_free(freqs);
1508 		freqs = NULL;
1509 	}
1510 	os_free(ssid->freq_list);
1511 	ssid->freq_list = freqs;
1512 
1513 	return 0;
1514 }
1515 
1516 
1517 #ifndef NO_CONFIG_WRITE
wpa_config_write_freqs(const struct parse_data * data,const int * freqs)1518 static char * wpa_config_write_freqs(const struct parse_data *data,
1519 				     const int *freqs)
1520 {
1521 	char *buf, *pos, *end;
1522 	int i, ret;
1523 	size_t count;
1524 
1525 	if (freqs == NULL)
1526 		return NULL;
1527 
1528 	count = 0;
1529 	for (i = 0; freqs[i]; i++)
1530 		count++;
1531 
1532 	pos = buf = os_zalloc(10 * count + 1);
1533 	if (buf == NULL)
1534 		return NULL;
1535 	end = buf + 10 * count + 1;
1536 
1537 	for (i = 0; freqs[i]; i++) {
1538 		ret = os_snprintf(pos, end - pos, "%s%u",
1539 				  i == 0 ? "" : " ", freqs[i]);
1540 		if (os_snprintf_error(end - pos, ret)) {
1541 			end[-1] = '\0';
1542 			return buf;
1543 		}
1544 		pos += ret;
1545 	}
1546 
1547 	return buf;
1548 }
1549 
1550 
wpa_config_write_scan_freq(const struct parse_data * data,struct wpa_ssid * ssid)1551 static char * wpa_config_write_scan_freq(const struct parse_data *data,
1552 					 struct wpa_ssid *ssid)
1553 {
1554 	return wpa_config_write_freqs(data, ssid->scan_freq);
1555 }
1556 
1557 
wpa_config_write_freq_list(const struct parse_data * data,struct wpa_ssid * ssid)1558 static char * wpa_config_write_freq_list(const struct parse_data *data,
1559 					 struct wpa_ssid *ssid)
1560 {
1561 	return wpa_config_write_freqs(data, ssid->freq_list);
1562 }
1563 #endif /* NO_CONFIG_WRITE */
1564 
1565 
1566 #ifdef IEEE8021X_EAPOL
wpa_config_parse_eap(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1567 static int wpa_config_parse_eap(const struct parse_data *data,
1568 				struct wpa_ssid *ssid, int line,
1569 				const char *value)
1570 {
1571 	int last, errors = 0;
1572 	char *start, *end, *buf;
1573 	struct eap_method_type *methods = NULL, *tmp;
1574 	size_t num_methods = 0;
1575 
1576 	buf = os_strdup(value);
1577 	if (buf == NULL)
1578 		return -1;
1579 	start = buf;
1580 
1581 	while (*start != '\0') {
1582 		while (*start == ' ' || *start == '\t')
1583 			start++;
1584 		if (*start == '\0')
1585 			break;
1586 		end = start;
1587 		while (*end != ' ' && *end != '\t' && *end != '\0')
1588 			end++;
1589 		last = *end == '\0';
1590 		*end = '\0';
1591 		tmp = methods;
1592 		methods = os_realloc_array(methods, num_methods + 1,
1593 					   sizeof(*methods));
1594 		if (methods == NULL) {
1595 			os_free(tmp);
1596 			os_free(buf);
1597 			return -1;
1598 		}
1599 		methods[num_methods].method = eap_peer_get_type(
1600 			start, &methods[num_methods].vendor);
1601 		if (methods[num_methods].vendor == EAP_VENDOR_IETF &&
1602 		    methods[num_methods].method == EAP_TYPE_NONE) {
1603 			wpa_printf(MSG_ERROR, "Line %d: unknown EAP method "
1604 				   "'%s'", line, start);
1605 			wpa_printf(MSG_ERROR, "You may need to add support for"
1606 				   " this EAP method during wpa_supplicant\n"
1607 				   "build time configuration.\n"
1608 				   "See README for more information.");
1609 			errors++;
1610 		} else if (methods[num_methods].vendor == EAP_VENDOR_IETF &&
1611 			   methods[num_methods].method == EAP_TYPE_LEAP)
1612 			ssid->leap++;
1613 		else
1614 			ssid->non_leap++;
1615 		num_methods++;
1616 		if (last)
1617 			break;
1618 		start = end + 1;
1619 	}
1620 	os_free(buf);
1621 
1622 	tmp = methods;
1623 	methods = os_realloc_array(methods, num_methods + 1, sizeof(*methods));
1624 	if (methods == NULL) {
1625 		os_free(tmp);
1626 		return -1;
1627 	}
1628 	methods[num_methods].vendor = EAP_VENDOR_IETF;
1629 	methods[num_methods].method = EAP_TYPE_NONE;
1630 	num_methods++;
1631 
1632 	if (!errors && ssid->eap.eap_methods) {
1633 		struct eap_method_type *prev_m;
1634 		size_t i, j, prev_methods, match = 0;
1635 
1636 		prev_m = ssid->eap.eap_methods;
1637 		for (i = 0; prev_m[i].vendor != EAP_VENDOR_IETF ||
1638 			     prev_m[i].method != EAP_TYPE_NONE; i++) {
1639 			/* Count the methods */
1640 		}
1641 		prev_methods = i + 1;
1642 
1643 		for (i = 0; prev_methods == num_methods && i < prev_methods;
1644 		     i++) {
1645 			for (j = 0; j < num_methods; j++) {
1646 				if (prev_m[i].vendor == methods[j].vendor &&
1647 				    prev_m[i].method == methods[j].method) {
1648 					match++;
1649 					break;
1650 				}
1651 			}
1652 		}
1653 		if (match == num_methods) {
1654 			os_free(methods);
1655 			return 1;
1656 		}
1657 	}
1658 	wpa_hexdump(MSG_MSGDUMP, "eap methods",
1659 		    (u8 *) methods, num_methods * sizeof(*methods));
1660 	os_free(ssid->eap.eap_methods);
1661 	ssid->eap.eap_methods = methods;
1662 	return errors ? -1 : 0;
1663 }
1664 
1665 
1666 #ifndef NO_CONFIG_WRITE
wpa_config_write_eap(const struct parse_data * data,struct wpa_ssid * ssid)1667 static char * wpa_config_write_eap(const struct parse_data *data,
1668 				   struct wpa_ssid *ssid)
1669 {
1670 	int i, ret;
1671 	char *buf, *pos, *end;
1672 	const struct eap_method_type *eap_methods = ssid->eap.eap_methods;
1673 	const char *name;
1674 
1675 	if (eap_methods == NULL)
1676 		return NULL;
1677 
1678 	pos = buf = os_zalloc(100);
1679 	if (buf == NULL)
1680 		return NULL;
1681 	end = buf + 100;
1682 
1683 	for (i = 0; eap_methods[i].vendor != EAP_VENDOR_IETF ||
1684 		     eap_methods[i].method != EAP_TYPE_NONE; i++) {
1685 		name = eap_get_name(eap_methods[i].vendor,
1686 				    eap_methods[i].method);
1687 		if (name) {
1688 			ret = os_snprintf(pos, end - pos, "%s%s",
1689 					  pos == buf ? "" : " ", name);
1690 			if (os_snprintf_error(end - pos, ret))
1691 				break;
1692 			pos += ret;
1693 		}
1694 	}
1695 
1696 	end[-1] = '\0';
1697 
1698 	return buf;
1699 }
1700 #endif /* NO_CONFIG_WRITE */
1701 
1702 
wpa_config_parse_password(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1703 static int wpa_config_parse_password(const struct parse_data *data,
1704 				     struct wpa_ssid *ssid, int line,
1705 				     const char *value)
1706 {
1707 	u8 *hash;
1708 
1709 	if (os_strcmp(value, "NULL") == 0) {
1710 		if (!ssid->eap.password)
1711 			return 1; /* Already unset */
1712 		wpa_printf(MSG_DEBUG, "Unset configuration string 'password'");
1713 		bin_clear_free(ssid->eap.password, ssid->eap.password_len);
1714 		ssid->eap.password = NULL;
1715 		ssid->eap.password_len = 0;
1716 		return 0;
1717 	}
1718 
1719 #ifdef CONFIG_EXT_PASSWORD
1720 	if (os_strncmp(value, "ext:", 4) == 0) {
1721 		char *name = os_strdup(value + 4);
1722 		if (!name)
1723 			return -1;
1724 		bin_clear_free(ssid->eap.password, ssid->eap.password_len);
1725 		ssid->eap.password = (u8 *) name;
1726 		ssid->eap.password_len = os_strlen(name);
1727 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
1728 		ssid->eap.flags |= EAP_CONFIG_FLAGS_EXT_PASSWORD;
1729 		return 0;
1730 	}
1731 #endif /* CONFIG_EXT_PASSWORD */
1732 
1733 	if (os_strncmp(value, "hash:", 5) != 0) {
1734 		char *tmp;
1735 		size_t res_len;
1736 
1737 		tmp = wpa_config_parse_string(value, &res_len);
1738 		if (!tmp) {
1739 			wpa_printf(MSG_ERROR,
1740 				   "Line %d: failed to parse password.", line);
1741 			return -1;
1742 		}
1743 		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
1744 				      (u8 *) tmp, res_len);
1745 
1746 		bin_clear_free(ssid->eap.password, ssid->eap.password_len);
1747 		ssid->eap.password = (u8 *) tmp;
1748 		ssid->eap.password_len = res_len;
1749 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
1750 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_PASSWORD;
1751 
1752 		return 0;
1753 	}
1754 
1755 
1756 	/* NtPasswordHash: hash:<32 hex digits> */
1757 	if (os_strlen(value + 5) != 2 * 16) {
1758 		wpa_printf(MSG_ERROR,
1759 			   "Line %d: Invalid password hash length (expected 32 hex digits)",
1760 			   line);
1761 		return -1;
1762 	}
1763 
1764 	hash = os_malloc(16);
1765 	if (!hash)
1766 		return -1;
1767 
1768 	if (hexstr2bin(value + 5, hash, 16)) {
1769 		os_free(hash);
1770 		wpa_printf(MSG_ERROR, "Line %d: Invalid password hash", line);
1771 		return -1;
1772 	}
1773 
1774 	wpa_hexdump_key(MSG_MSGDUMP, data->name, hash, 16);
1775 
1776 	if (ssid->eap.password && ssid->eap.password_len == 16 &&
1777 	    os_memcmp(ssid->eap.password, hash, 16) == 0 &&
1778 	    (ssid->eap.flags & EAP_CONFIG_FLAGS_PASSWORD_NTHASH)) {
1779 		bin_clear_free(hash, 16);
1780 		return 1;
1781 	}
1782 	bin_clear_free(ssid->eap.password, ssid->eap.password_len);
1783 	ssid->eap.password = hash;
1784 	ssid->eap.password_len = 16;
1785 	ssid->eap.flags |= EAP_CONFIG_FLAGS_PASSWORD_NTHASH;
1786 	ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_PASSWORD;
1787 
1788 	return 0;
1789 }
1790 
1791 
wpa_config_parse_machine_password(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)1792 static int wpa_config_parse_machine_password(const struct parse_data *data,
1793 					     struct wpa_ssid *ssid, int line,
1794 					     const char *value)
1795 {
1796 	u8 *hash;
1797 
1798 	if (os_strcmp(value, "NULL") == 0) {
1799 		if (!ssid->eap.machine_password)
1800 			return 1; /* Already unset */
1801 		wpa_printf(MSG_DEBUG,
1802 			   "Unset configuration string 'machine_password'");
1803 		bin_clear_free(ssid->eap.machine_password,
1804 			       ssid->eap.machine_password_len);
1805 		ssid->eap.machine_password = NULL;
1806 		ssid->eap.machine_password_len = 0;
1807 		return 0;
1808 	}
1809 
1810 #ifdef CONFIG_EXT_PASSWORD
1811 	if (os_strncmp(value, "ext:", 4) == 0) {
1812 		char *name = os_strdup(value + 4);
1813 
1814 		if (!name)
1815 			return -1;
1816 		bin_clear_free(ssid->eap.machine_password,
1817 			       ssid->eap.machine_password_len);
1818 		ssid->eap.machine_password = (u8 *) name;
1819 		ssid->eap.machine_password_len = os_strlen(name);
1820 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_MACHINE_PASSWORD_NTHASH;
1821 		ssid->eap.flags |= EAP_CONFIG_FLAGS_EXT_MACHINE_PASSWORD;
1822 		return 0;
1823 	}
1824 #endif /* CONFIG_EXT_PASSWORD */
1825 
1826 	if (os_strncmp(value, "hash:", 5) != 0) {
1827 		char *tmp;
1828 		size_t res_len;
1829 
1830 		tmp = wpa_config_parse_string(value, &res_len);
1831 		if (!tmp) {
1832 			wpa_printf(MSG_ERROR,
1833 				   "Line %d: failed to parse machine_password.",
1834 				   line);
1835 			return -1;
1836 		}
1837 		wpa_hexdump_ascii_key(MSG_MSGDUMP, data->name,
1838 				      (u8 *) tmp, res_len);
1839 
1840 		bin_clear_free(ssid->eap.machine_password,
1841 			       ssid->eap.machine_password_len);
1842 		ssid->eap.machine_password = (u8 *) tmp;
1843 		ssid->eap.machine_password_len = res_len;
1844 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_MACHINE_PASSWORD_NTHASH;
1845 		ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_MACHINE_PASSWORD;
1846 
1847 		return 0;
1848 	}
1849 
1850 
1851 	/* NtPasswordHash: hash:<32 hex digits> */
1852 	if (os_strlen(value + 5) != 2 * 16) {
1853 		wpa_printf(MSG_ERROR,
1854 			   "Line %d: Invalid machine_password hash length (expected 32 hex digits)",
1855 			   line);
1856 		return -1;
1857 	}
1858 
1859 	hash = os_malloc(16);
1860 	if (!hash)
1861 		return -1;
1862 
1863 	if (hexstr2bin(value + 5, hash, 16)) {
1864 		os_free(hash);
1865 		wpa_printf(MSG_ERROR, "Line %d: Invalid machine_password hash",
1866 			   line);
1867 		return -1;
1868 	}
1869 
1870 	wpa_hexdump_key(MSG_MSGDUMP, data->name, hash, 16);
1871 
1872 	if (ssid->eap.machine_password &&
1873 	    ssid->eap.machine_password_len == 16 &&
1874 	    os_memcmp(ssid->eap.machine_password, hash, 16) == 0 &&
1875 	    (ssid->eap.flags & EAP_CONFIG_FLAGS_MACHINE_PASSWORD_NTHASH)) {
1876 		bin_clear_free(hash, 16);
1877 		return 1;
1878 	}
1879 	bin_clear_free(ssid->eap.machine_password,
1880 		       ssid->eap.machine_password_len);
1881 	ssid->eap.machine_password = hash;
1882 	ssid->eap.machine_password_len = 16;
1883 	ssid->eap.flags |= EAP_CONFIG_FLAGS_MACHINE_PASSWORD_NTHASH;
1884 	ssid->eap.flags &= ~EAP_CONFIG_FLAGS_EXT_MACHINE_PASSWORD;
1885 
1886 	return 0;
1887 }
1888 
1889 
1890 #ifndef NO_CONFIG_WRITE
1891 
wpa_config_write_password(const struct parse_data * data,struct wpa_ssid * ssid)1892 static char * wpa_config_write_password(const struct parse_data *data,
1893 					struct wpa_ssid *ssid)
1894 {
1895 	char *buf;
1896 
1897 	if (!ssid->eap.password)
1898 		return NULL;
1899 
1900 #ifdef CONFIG_EXT_PASSWORD
1901 	if (ssid->eap.flags & EAP_CONFIG_FLAGS_EXT_PASSWORD) {
1902 		buf = os_zalloc(4 + ssid->eap.password_len + 1);
1903 		if (!buf)
1904 			return NULL;
1905 		os_memcpy(buf, "ext:", 4);
1906 		os_memcpy(buf + 4, ssid->eap.password, ssid->eap.password_len);
1907 		return buf;
1908 	}
1909 #endif /* CONFIG_EXT_PASSWORD */
1910 
1911 	if (!(ssid->eap.flags & EAP_CONFIG_FLAGS_PASSWORD_NTHASH)) {
1912 		return wpa_config_write_string(
1913 			ssid->eap.password, ssid->eap.password_len);
1914 	}
1915 
1916 	buf = os_malloc(5 + 32 + 1);
1917 	if (!buf)
1918 		return NULL;
1919 
1920 	os_memcpy(buf, "hash:", 5);
1921 	wpa_snprintf_hex(buf + 5, 32 + 1, ssid->eap.password, 16);
1922 
1923 	return buf;
1924 }
1925 
1926 
wpa_config_write_machine_password(const struct parse_data * data,struct wpa_ssid * ssid)1927 static char * wpa_config_write_machine_password(const struct parse_data *data,
1928 						struct wpa_ssid *ssid)
1929 {
1930 	char *buf;
1931 
1932 	if (!ssid->eap.machine_password)
1933 		return NULL;
1934 
1935 #ifdef CONFIG_EXT_PASSWORD
1936 	if (ssid->eap.flags & EAP_CONFIG_FLAGS_EXT_MACHINE_PASSWORD) {
1937 		buf = os_zalloc(4 + ssid->eap.machine_password_len + 1);
1938 		if (!buf)
1939 			return NULL;
1940 		os_memcpy(buf, "ext:", 4);
1941 		os_memcpy(buf + 4, ssid->eap.machine_password,
1942 			  ssid->eap.machine_password_len);
1943 		return buf;
1944 	}
1945 #endif /* CONFIG_EXT_PASSWORD */
1946 
1947 	if (!(ssid->eap.flags & EAP_CONFIG_FLAGS_MACHINE_PASSWORD_NTHASH)) {
1948 		return wpa_config_write_string(
1949 			ssid->eap.machine_password,
1950 			ssid->eap.machine_password_len);
1951 	}
1952 
1953 	buf = os_malloc(5 + 32 + 1);
1954 	if (!buf)
1955 		return NULL;
1956 
1957 	os_memcpy(buf, "hash:", 5);
1958 	wpa_snprintf_hex(buf + 5, 32 + 1, ssid->eap.machine_password, 16);
1959 
1960 	return buf;
1961 }
1962 
1963 #endif /* NO_CONFIG_WRITE */
1964 #endif /* IEEE8021X_EAPOL */
1965 
1966 
1967 #ifdef CONFIG_WEP
1968 
wpa_config_parse_wep_key(u8 * key,size_t * len,int line,const char * value,int idx)1969 static int wpa_config_parse_wep_key(u8 *key, size_t *len, int line,
1970 				    const char *value, int idx)
1971 {
1972 	char *buf, title[20];
1973 	int res;
1974 
1975 	buf = wpa_config_parse_string(value, len);
1976 	if (buf == NULL) {
1977 		wpa_printf(MSG_ERROR, "Line %d: Invalid WEP key %d '%s'.",
1978 			   line, idx, value);
1979 		return -1;
1980 	}
1981 	if (*len > MAX_WEP_KEY_LEN) {
1982 		wpa_printf(MSG_ERROR, "Line %d: Too long WEP key %d '%s'.",
1983 			   line, idx, value);
1984 		os_free(buf);
1985 		return -1;
1986 	}
1987 	if (*len && *len != 5 && *len != 13 && *len != 16) {
1988 		wpa_printf(MSG_ERROR, "Line %d: Invalid WEP key length %u - "
1989 			   "this network block will be ignored",
1990 			   line, (unsigned int) *len);
1991 	}
1992 	os_memcpy(key, buf, *len);
1993 	str_clear_free(buf);
1994 	res = os_snprintf(title, sizeof(title), "wep_key%d", idx);
1995 	if (!os_snprintf_error(sizeof(title), res))
1996 		wpa_hexdump_key(MSG_MSGDUMP, title, key, *len);
1997 	return 0;
1998 }
1999 
2000 
wpa_config_parse_wep_key0(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2001 static int wpa_config_parse_wep_key0(const struct parse_data *data,
2002 				     struct wpa_ssid *ssid, int line,
2003 				     const char *value)
2004 {
2005 	return wpa_config_parse_wep_key(ssid->wep_key[0],
2006 					&ssid->wep_key_len[0], line,
2007 					value, 0);
2008 }
2009 
2010 
wpa_config_parse_wep_key1(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2011 static int wpa_config_parse_wep_key1(const struct parse_data *data,
2012 				     struct wpa_ssid *ssid, int line,
2013 				     const char *value)
2014 {
2015 	return wpa_config_parse_wep_key(ssid->wep_key[1],
2016 					&ssid->wep_key_len[1], line,
2017 					value, 1);
2018 }
2019 
2020 
wpa_config_parse_wep_key2(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2021 static int wpa_config_parse_wep_key2(const struct parse_data *data,
2022 				     struct wpa_ssid *ssid, int line,
2023 				     const char *value)
2024 {
2025 	return wpa_config_parse_wep_key(ssid->wep_key[2],
2026 					&ssid->wep_key_len[2], line,
2027 					value, 2);
2028 }
2029 
2030 
wpa_config_parse_wep_key3(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2031 static int wpa_config_parse_wep_key3(const struct parse_data *data,
2032 				     struct wpa_ssid *ssid, int line,
2033 				     const char *value)
2034 {
2035 	return wpa_config_parse_wep_key(ssid->wep_key[3],
2036 					&ssid->wep_key_len[3], line,
2037 					value, 3);
2038 }
2039 
2040 
2041 #ifndef NO_CONFIG_WRITE
wpa_config_write_wep_key(struct wpa_ssid * ssid,int idx)2042 static char * wpa_config_write_wep_key(struct wpa_ssid *ssid, int idx)
2043 {
2044 	if (ssid->wep_key_len[idx] == 0)
2045 		return NULL;
2046 	return wpa_config_write_string(ssid->wep_key[idx],
2047 				       ssid->wep_key_len[idx]);
2048 }
2049 
2050 
wpa_config_write_wep_key0(const struct parse_data * data,struct wpa_ssid * ssid)2051 static char * wpa_config_write_wep_key0(const struct parse_data *data,
2052 					struct wpa_ssid *ssid)
2053 {
2054 	return wpa_config_write_wep_key(ssid, 0);
2055 }
2056 
2057 
wpa_config_write_wep_key1(const struct parse_data * data,struct wpa_ssid * ssid)2058 static char * wpa_config_write_wep_key1(const struct parse_data *data,
2059 					struct wpa_ssid *ssid)
2060 {
2061 	return wpa_config_write_wep_key(ssid, 1);
2062 }
2063 
2064 
wpa_config_write_wep_key2(const struct parse_data * data,struct wpa_ssid * ssid)2065 static char * wpa_config_write_wep_key2(const struct parse_data *data,
2066 					struct wpa_ssid *ssid)
2067 {
2068 	return wpa_config_write_wep_key(ssid, 2);
2069 }
2070 
2071 
wpa_config_write_wep_key3(const struct parse_data * data,struct wpa_ssid * ssid)2072 static char * wpa_config_write_wep_key3(const struct parse_data *data,
2073 					struct wpa_ssid *ssid)
2074 {
2075 	return wpa_config_write_wep_key(ssid, 3);
2076 }
2077 #endif /* NO_CONFIG_WRITE */
2078 
2079 #endif /* CONFIG_WEP */
2080 
2081 
2082 #ifdef CONFIG_P2P
2083 
wpa_config_parse_go_p2p_dev_addr(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2084 static int wpa_config_parse_go_p2p_dev_addr(const struct parse_data *data,
2085 					    struct wpa_ssid *ssid, int line,
2086 					    const char *value)
2087 {
2088 	if (value[0] == '\0' || os_strcmp(value, "\"\"") == 0 ||
2089 	    os_strcmp(value, "any") == 0) {
2090 		os_memset(ssid->go_p2p_dev_addr, 0, ETH_ALEN);
2091 		wpa_printf(MSG_MSGDUMP, "GO P2P Device Address any");
2092 		return 0;
2093 	}
2094 	if (hwaddr_aton(value, ssid->go_p2p_dev_addr)) {
2095 		wpa_printf(MSG_ERROR, "Line %d: Invalid GO P2P Device Address '%s'.",
2096 			   line, value);
2097 		return -1;
2098 	}
2099 	ssid->bssid_set = 1;
2100 	wpa_printf(MSG_MSGDUMP, "GO P2P Device Address " MACSTR,
2101 		   MAC2STR(ssid->go_p2p_dev_addr));
2102 	return 0;
2103 }
2104 
2105 
2106 #ifndef NO_CONFIG_WRITE
wpa_config_write_go_p2p_dev_addr(const struct parse_data * data,struct wpa_ssid * ssid)2107 static char * wpa_config_write_go_p2p_dev_addr(const struct parse_data *data,
2108 					       struct wpa_ssid *ssid)
2109 {
2110 	char *value;
2111 	int res;
2112 
2113 	if (is_zero_ether_addr(ssid->go_p2p_dev_addr))
2114 		return NULL;
2115 
2116 	value = os_malloc(20);
2117 	if (value == NULL)
2118 		return NULL;
2119 	res = os_snprintf(value, 20, MACSTR, MAC2STR(ssid->go_p2p_dev_addr));
2120 	if (os_snprintf_error(20, res)) {
2121 		os_free(value);
2122 		return NULL;
2123 	}
2124 	value[20 - 1] = '\0';
2125 	return value;
2126 }
2127 #endif /* NO_CONFIG_WRITE */
2128 
2129 
wpa_config_parse_p2p_client_list(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2130 static int wpa_config_parse_p2p_client_list(const struct parse_data *data,
2131 					    struct wpa_ssid *ssid, int line,
2132 					    const char *value)
2133 {
2134 	return wpa_config_parse_addr_list(data, line, value,
2135 					  &ssid->p2p_client_list,
2136 					  &ssid->num_p2p_clients,
2137 					  "p2p_client_list", 0, 0);
2138 }
2139 
2140 
2141 #ifndef NO_CONFIG_WRITE
wpa_config_write_p2p_client_list(const struct parse_data * data,struct wpa_ssid * ssid)2142 static char * wpa_config_write_p2p_client_list(const struct parse_data *data,
2143 					       struct wpa_ssid *ssid)
2144 {
2145 	return wpa_config_write_addr_list(data, ssid->p2p_client_list,
2146 					  ssid->num_p2p_clients,
2147 					  "p2p_client_list");
2148 }
2149 #endif /* NO_CONFIG_WRITE */
2150 
2151 
wpa_config_parse_psk_list(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2152 static int wpa_config_parse_psk_list(const struct parse_data *data,
2153 				     struct wpa_ssid *ssid, int line,
2154 				     const char *value)
2155 {
2156 	struct psk_list_entry *p;
2157 	const char *pos;
2158 
2159 	p = os_zalloc(sizeof(*p));
2160 	if (p == NULL)
2161 		return -1;
2162 
2163 	pos = value;
2164 	if (os_strncmp(pos, "P2P-", 4) == 0) {
2165 		p->p2p = 1;
2166 		pos += 4;
2167 	}
2168 
2169 	if (hwaddr_aton(pos, p->addr)) {
2170 		wpa_printf(MSG_ERROR, "Line %d: Invalid psk_list address '%s'",
2171 			   line, pos);
2172 		os_free(p);
2173 		return -1;
2174 	}
2175 	pos += 17;
2176 	if (*pos != '-') {
2177 		wpa_printf(MSG_ERROR, "Line %d: Invalid psk_list '%s'",
2178 			   line, pos);
2179 		os_free(p);
2180 		return -1;
2181 	}
2182 	pos++;
2183 
2184 	if (hexstr2bin(pos, p->psk, PMK_LEN) || pos[PMK_LEN * 2] != '\0') {
2185 		wpa_printf(MSG_ERROR, "Line %d: Invalid psk_list PSK '%s'",
2186 			   line, pos);
2187 		os_free(p);
2188 		return -1;
2189 	}
2190 
2191 	dl_list_add(&ssid->psk_list, &p->list);
2192 
2193 	return 0;
2194 }
2195 
2196 
2197 #ifndef NO_CONFIG_WRITE
wpa_config_write_psk_list(const struct parse_data * data,struct wpa_ssid * ssid)2198 static char * wpa_config_write_psk_list(const struct parse_data *data,
2199 					struct wpa_ssid *ssid)
2200 {
2201 	return NULL;
2202 }
2203 #endif /* NO_CONFIG_WRITE */
2204 
2205 #endif /* CONFIG_P2P */
2206 
2207 
2208 #ifdef CONFIG_MESH
2209 
wpa_config_parse_mesh_basic_rates(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2210 static int wpa_config_parse_mesh_basic_rates(const struct parse_data *data,
2211 					     struct wpa_ssid *ssid, int line,
2212 					     const char *value)
2213 {
2214 	int *rates = wpa_config_parse_int_array(value);
2215 
2216 	if (rates == NULL) {
2217 		wpa_printf(MSG_ERROR, "Line %d: Invalid mesh_basic_rates '%s'",
2218 			   line, value);
2219 		return -1;
2220 	}
2221 	if (rates[0] == 0) {
2222 		os_free(rates);
2223 		rates = NULL;
2224 	}
2225 
2226 	os_free(ssid->mesh_basic_rates);
2227 	ssid->mesh_basic_rates = rates;
2228 
2229 	return 0;
2230 }
2231 
2232 
2233 #ifndef NO_CONFIG_WRITE
2234 
wpa_config_write_mesh_basic_rates(const struct parse_data * data,struct wpa_ssid * ssid)2235 static char * wpa_config_write_mesh_basic_rates(const struct parse_data *data,
2236 						struct wpa_ssid *ssid)
2237 {
2238 	return wpa_config_write_freqs(data, ssid->mesh_basic_rates);
2239 }
2240 
2241 #endif /* NO_CONFIG_WRITE */
2242 
2243 #endif /* CONFIG_MESH */
2244 
2245 
2246 #ifdef CONFIG_MACSEC
2247 
wpa_config_parse_mka_cak(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2248 static int wpa_config_parse_mka_cak(const struct parse_data *data,
2249 				    struct wpa_ssid *ssid, int line,
2250 				    const char *value)
2251 {
2252 	size_t len;
2253 
2254 	len = os_strlen(value);
2255 	if (len > 2 * MACSEC_CAK_MAX_LEN ||
2256 	    (len != 2 * 16 && len != 2 * 32) ||
2257 	    hexstr2bin(value, ssid->mka_cak, len / 2)) {
2258 		wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CAK '%s'.",
2259 			   line, value);
2260 		return -1;
2261 	}
2262 	ssid->mka_cak_len = len / 2;
2263 	ssid->mka_psk_set |= MKA_PSK_SET_CAK;
2264 
2265 	wpa_hexdump_key(MSG_MSGDUMP, "MKA-CAK", ssid->mka_cak,
2266 			ssid->mka_cak_len);
2267 	return 0;
2268 }
2269 
2270 
wpa_config_parse_mka_ckn(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2271 static int wpa_config_parse_mka_ckn(const struct parse_data *data,
2272 				    struct wpa_ssid *ssid, int line,
2273 				    const char *value)
2274 {
2275 	size_t len;
2276 
2277 	len = os_strlen(value);
2278 	if (len > 2 * MACSEC_CKN_MAX_LEN || /* too long */
2279 	    len < 2 || /* too short */
2280 	    len % 2 != 0 /* not an integral number of bytes */) {
2281 		wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.",
2282 			   line, value);
2283 		return -1;
2284 	}
2285 	ssid->mka_ckn_len = len / 2;
2286 	if (hexstr2bin(value, ssid->mka_ckn, ssid->mka_ckn_len)) {
2287 		wpa_printf(MSG_ERROR, "Line %d: Invalid MKA-CKN '%s'.",
2288 			   line, value);
2289 		return -1;
2290 	}
2291 
2292 	ssid->mka_psk_set |= MKA_PSK_SET_CKN;
2293 
2294 	wpa_hexdump_key(MSG_MSGDUMP, "MKA-CKN", ssid->mka_ckn,
2295 			ssid->mka_ckn_len);
2296 	return 0;
2297 }
2298 
2299 
2300 #ifndef NO_CONFIG_WRITE
2301 
wpa_config_write_mka_cak(const struct parse_data * data,struct wpa_ssid * ssid)2302 static char * wpa_config_write_mka_cak(const struct parse_data *data,
2303 				       struct wpa_ssid *ssid)
2304 {
2305 	if (!(ssid->mka_psk_set & MKA_PSK_SET_CAK))
2306 		return NULL;
2307 
2308 	return wpa_config_write_string_hex(ssid->mka_cak, ssid->mka_cak_len);
2309 }
2310 
2311 
wpa_config_write_mka_ckn(const struct parse_data * data,struct wpa_ssid * ssid)2312 static char * wpa_config_write_mka_ckn(const struct parse_data *data,
2313 				       struct wpa_ssid *ssid)
2314 {
2315 	if (!(ssid->mka_psk_set & MKA_PSK_SET_CKN))
2316 		return NULL;
2317 	return wpa_config_write_string_hex(ssid->mka_ckn, ssid->mka_ckn_len);
2318 }
2319 
2320 #endif /* NO_CONFIG_WRITE */
2321 
2322 #endif /* CONFIG_MACSEC */
2323 
2324 
2325 #ifdef CONFIG_OCV
2326 
wpa_config_parse_ocv(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2327 static int wpa_config_parse_ocv(const struct parse_data *data,
2328 				struct wpa_ssid *ssid, int line,
2329 				const char *value)
2330 {
2331 	char *end;
2332 
2333 	ssid->ocv = strtol(value, &end, 0);
2334 	if (*end || ssid->ocv < 0 || ssid->ocv > 1) {
2335 		wpa_printf(MSG_ERROR, "Line %d: Invalid ocv value '%s'.",
2336 			   line, value);
2337 		return -1;
2338 	}
2339 	if (ssid->ocv && ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION)
2340 		ssid->ieee80211w = MGMT_FRAME_PROTECTION_OPTIONAL;
2341 	return 0;
2342 }
2343 
2344 
2345 #ifndef NO_CONFIG_WRITE
wpa_config_write_ocv(const struct parse_data * data,struct wpa_ssid * ssid)2346 static char * wpa_config_write_ocv(const struct parse_data *data,
2347 				   struct wpa_ssid *ssid)
2348 {
2349 	char *value = os_malloc(20);
2350 
2351 	if (!value)
2352 		return NULL;
2353 	os_snprintf(value, 20, "%d", ssid->ocv);
2354 	value[20 - 1] = '\0';
2355 	return value;
2356 }
2357 #endif /* NO_CONFIG_WRITE */
2358 
2359 #endif /* CONFIG_OCV */
2360 
2361 
wpa_config_parse_peerkey(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2362 static int wpa_config_parse_peerkey(const struct parse_data *data,
2363 				    struct wpa_ssid *ssid, int line,
2364 				    const char *value)
2365 {
2366 	wpa_printf(MSG_INFO, "NOTE: Obsolete peerkey parameter ignored");
2367 	return 0;
2368 }
2369 
2370 
2371 #ifndef NO_CONFIG_WRITE
wpa_config_write_peerkey(const struct parse_data * data,struct wpa_ssid * ssid)2372 static char * wpa_config_write_peerkey(const struct parse_data *data,
2373 				       struct wpa_ssid *ssid)
2374 {
2375 	return NULL;
2376 }
2377 #endif /* NO_CONFIG_WRITE */
2378 
2379 
wpa_config_parse_mac_value(const struct parse_data * data,struct wpa_ssid * ssid,int line,const char * value)2380 static int wpa_config_parse_mac_value(const struct parse_data *data,
2381 				      struct wpa_ssid *ssid, int line,
2382 				      const char *value)
2383 {
2384 	u8 mac_value[ETH_ALEN];
2385 
2386 	if (hwaddr_aton(value, mac_value) == 0) {
2387 		if (ether_addr_equal(mac_value, ssid->mac_value))
2388 			return 1;
2389 		os_memcpy(ssid->mac_value, mac_value, ETH_ALEN);
2390 		return 0;
2391 	}
2392 
2393 	wpa_printf(MSG_ERROR, "Line %d: Invalid MAC address '%s'",
2394 		   line, value);
2395 	return -1;
2396 }
2397 
2398 
2399 #ifndef NO_CONFIG_WRITE
wpa_config_write_mac_value(const struct parse_data * data,struct wpa_ssid * ssid)2400 static char * wpa_config_write_mac_value(const struct parse_data *data,
2401 					 struct wpa_ssid *ssid)
2402 {
2403 	const size_t size = 3 * ETH_ALEN;
2404 	char *value;
2405 	int res;
2406 
2407 	if (ssid->mac_addr != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS)
2408 		return NULL;
2409 
2410 	value = os_malloc(size);
2411 	if (!value)
2412 		return NULL;
2413 	res = os_snprintf(value, size, MACSTR, MAC2STR(ssid->mac_value));
2414 	if (os_snprintf_error(size, res)) {
2415 		os_free(value);
2416 		return NULL;
2417 	}
2418 	value[size - 1] = '\0';
2419 	return value;
2420 }
2421 #endif /* NO_CONFIG_WRITE */
2422 
2423 
2424 /* Helper macros for network block parser */
2425 
2426 #ifdef OFFSET
2427 #undef OFFSET
2428 #endif /* OFFSET */
2429 /* OFFSET: Get offset of a variable within the wpa_ssid structure */
2430 #define OFFSET(v) ((void *) &((struct wpa_ssid *) 0)->v)
2431 
2432 /* STR: Define a string variable for an ASCII string; f = field name */
2433 #ifdef NO_CONFIG_WRITE
2434 #define _STR(f) #f, wpa_config_parse_str, OFFSET(f)
2435 #define _STRe(f, m) #f, wpa_config_parse_str, OFFSET(eap.m)
2436 #else /* NO_CONFIG_WRITE */
2437 #define _STR(f) #f, wpa_config_parse_str, wpa_config_write_str, OFFSET(f)
2438 #define _STRe(f, m) #f, wpa_config_parse_str, wpa_config_write_str, \
2439 		OFFSET(eap.m)
2440 #endif /* NO_CONFIG_WRITE */
2441 #define STR(f) _STR(f), NULL, NULL, NULL, 0
2442 #define STRe(f, m) _STRe(f, m), NULL, NULL, NULL, 0
2443 #define STR_KEY(f) _STR(f), NULL, NULL, NULL, 1
2444 #define STR_KEYe(f, m) _STRe(f, m), NULL, NULL, NULL, 1
2445 
2446 /* STR_LEN: Define a string variable with a separate variable for storing the
2447  * data length. Unlike STR(), this can be used to store arbitrary binary data
2448  * (i.e., even nul termination character). */
2449 #define _STR_LEN(f) _STR(f), OFFSET(f ## _len)
2450 #define _STR_LENe(f, m) _STRe(f, m), OFFSET(eap.m ## _len)
2451 #define STR_LEN(f) _STR_LEN(f), NULL, NULL, 0
2452 #define STR_LENe(f, m) _STR_LENe(f, m), NULL, NULL, 0
2453 #define STR_LEN_KEY(f) _STR_LEN(f), NULL, NULL, 1
2454 
2455 /* STR_RANGE: Like STR_LEN(), but with minimum and maximum allowed length
2456  * explicitly specified. */
2457 #define _STR_RANGE(f, min, max) _STR_LEN(f), (void *) (min), (void *) (max)
2458 #define STR_RANGE(f, min, max) _STR_RANGE(f, min, max), 0
2459 #define STR_RANGE_KEY(f, min, max) _STR_RANGE(f, min, max), 1
2460 
2461 #ifdef NO_CONFIG_WRITE
2462 #define _INT(f) #f, wpa_config_parse_int, OFFSET(f), (void *) 0
2463 #define _INTe(f, m) #f, wpa_config_parse_int, OFFSET(eap.m), (void *) 0
2464 #else /* NO_CONFIG_WRITE */
2465 #define _INT(f) #f, wpa_config_parse_int, wpa_config_write_int, \
2466 	OFFSET(f), (void *) 0
2467 #define _INTe(f, m) #f, wpa_config_parse_int, wpa_config_write_int,	\
2468 	OFFSET(eap.m), (void *) 0
2469 #endif /* NO_CONFIG_WRITE */
2470 
2471 /* INT: Define an integer variable */
2472 #define INT(f) _INT(f), NULL, NULL, 0
2473 #define INTe(f, m) _INTe(f, m), NULL, NULL, 0
2474 
2475 /* INT_RANGE: Define an integer variable with allowed value range */
2476 #ifdef NO_CONFIG_WRITE
2477 #define INT_RANGE(f, min, max) #f, wpa_config_parse_int_range, OFFSET(f), \
2478 	(void *) 0, (void *) (min), (void *) (max), 0
2479 #else /* NO_CONFIG_WRITE */
2480 #define INT_RANGE(f, min, max) #f, wpa_config_parse_int_range, \
2481 	wpa_config_write_int, OFFSET(f),	       \
2482 	(void *) 0, (void *) (min), (void *) (max), 0
2483 #endif /* NO_CONFIG_WRITE */
2484 
2485 /* FUNC: Define a configuration variable that uses a custom function for
2486  * parsing and writing the value. */
2487 #ifdef NO_CONFIG_WRITE
2488 #define _FUNC(f) #f, wpa_config_parse_ ## f, NULL, NULL, NULL, NULL
2489 #else /* NO_CONFIG_WRITE */
2490 #define _FUNC(f) #f, wpa_config_parse_ ## f, wpa_config_write_ ## f, \
2491 	NULL, NULL, NULL, NULL
2492 #endif /* NO_CONFIG_WRITE */
2493 #define FUNC(f) _FUNC(f), 0
2494 #define FUNC_KEY(f) _FUNC(f), 1
2495 
2496 /*
2497  * Table of network configuration variables. This table is used to parse each
2498  * network configuration variable, e.g., each line in wpa_supplicant.conf file
2499  * that is inside a network block.
2500  *
2501  * This table is generated using the helper macros defined above and with
2502  * generous help from the C pre-processor. The field name is stored as a string
2503  * into .name and for STR and INT types, the offset of the target buffer within
2504  * struct wpa_ssid is stored in .param1. .param2 (if not NULL) is similar
2505  * offset to the field containing the length of the configuration variable.
2506  * .param3 and .param4 can be used to mark the allowed range (length for STR
2507  * and value for INT).
2508  *
2509  * For each configuration line in wpa_supplicant.conf, the parser goes through
2510  * this table and select the entry that matches with the field name. The parser
2511  * function (.parser) is then called to parse the actual value of the field.
2512  *
2513  * This kind of mechanism makes it easy to add new configuration parameters,
2514  * since only one line needs to be added into this table and into the
2515  * struct wpa_ssid definition if the new variable is either a string or
2516  * integer. More complex types will need to use their own parser and writer
2517  * functions.
2518  */
2519 static const struct parse_data ssid_fields[] = {
2520 	{ STR_RANGE(ssid, 0, SSID_MAX_LEN) },
2521 	{ INT_RANGE(scan_ssid, 0, 1) },
2522 	{ FUNC(bssid) },
2523 	{ FUNC(bssid_hint) },
2524 	{ FUNC(bssid_ignore) },
2525 	{ FUNC(bssid_accept) },
2526 	{ FUNC(bssid_blacklist) }, /* deprecated alias for bssid_ignore */
2527 	{ FUNC(bssid_whitelist) }, /* deprecated alias for bssid_accept */
2528 	{ FUNC_KEY(psk) },
2529 	{ INT(mem_only_psk) },
2530 	{ STR_KEY(sae_password) },
2531 	{ STR(sae_password_id) },
2532 	{ FUNC(proto) },
2533 	{ FUNC(key_mgmt) },
2534 	{ INT(bg_scan_period) },
2535 	{ FUNC(pairwise) },
2536 	{ FUNC(group) },
2537 	{ FUNC(group_mgmt) },
2538 	{ FUNC(auth_alg) },
2539 	{ FUNC(scan_freq) },
2540 	{ FUNC(freq_list) },
2541 	{ INT_RANGE(ht, 0, 1) },
2542 	{ INT_RANGE(vht, 0, 1) },
2543 	{ INT_RANGE(he, 0, 1) },
2544 	{ INT_RANGE(ht40, -1, 1) },
2545 	{ INT_RANGE(max_oper_chwidth, CONF_OPER_CHWIDTH_USE_HT,
2546 		    CONF_OPER_CHWIDTH_80P80MHZ) },
2547 	{ INT(vht_center_freq1) },
2548 	{ INT(vht_center_freq2) },
2549 #ifdef IEEE8021X_EAPOL
2550 	{ FUNC(eap) },
2551 	{ STR_LENe(identity, identity) },
2552 	{ STR_LENe(anonymous_identity, anonymous_identity) },
2553 	{ STR_LENe(imsi_identity, imsi_identity) },
2554 	{ STR_LENe(machine_identity, machine_identity) },
2555 	{ FUNC_KEY(password) },
2556 	{ FUNC_KEY(machine_password) },
2557 	{ STRe(ca_cert, cert.ca_cert) },
2558 	{ STRe(ca_path, cert.ca_path) },
2559 	{ STRe(client_cert, cert.client_cert) },
2560 	{ STRe(private_key, cert.private_key) },
2561 	{ STR_KEYe(private_key_passwd, cert.private_key_passwd) },
2562 	{ STRe(subject_match, cert.subject_match) },
2563 	{ STRe(check_cert_subject, cert.check_cert_subject) },
2564 	{ STRe(altsubject_match, cert.altsubject_match) },
2565 	{ STRe(domain_suffix_match, cert.domain_suffix_match) },
2566 	{ STRe(domain_match, cert.domain_match) },
2567 	{ STRe(ca_cert2, phase2_cert.ca_cert) },
2568 	{ STRe(ca_path2, phase2_cert.ca_path) },
2569 	{ STRe(client_cert2, phase2_cert.client_cert) },
2570 	{ STRe(private_key2, phase2_cert.private_key) },
2571 	{ STR_KEYe(private_key2_passwd, phase2_cert.private_key_passwd) },
2572 	{ STRe(subject_match2, phase2_cert.subject_match) },
2573 	{ STRe(check_cert_subject2, phase2_cert.check_cert_subject) },
2574 	{ STRe(altsubject_match2, phase2_cert.altsubject_match) },
2575 	{ STRe(domain_suffix_match2, phase2_cert.domain_suffix_match) },
2576 	{ STRe(domain_match2, phase2_cert.domain_match) },
2577 	{ STRe(phase1, phase1) },
2578 	{ STRe(phase2, phase2) },
2579 	{ STRe(machine_phase2, machine_phase2) },
2580 	{ STRe(pcsc, pcsc) },
2581 	{ STR_KEYe(pin, cert.pin) },
2582 	{ STRe(engine_id, cert.engine_id) },
2583 	{ STRe(key_id, cert.key_id) },
2584 	{ STRe(cert_id, cert.cert_id) },
2585 	{ STRe(ca_cert_id, cert.ca_cert_id) },
2586 	{ STR_KEYe(pin2, phase2_cert.pin) },
2587 	{ STRe(engine_id2, phase2_cert.engine_id) },
2588 	{ STRe(key_id2, phase2_cert.key_id) },
2589 	{ STRe(cert_id2, phase2_cert.cert_id) },
2590 	{ STRe(ca_cert_id2, phase2_cert.ca_cert_id) },
2591 	{ INTe(engine, cert.engine) },
2592 	{ INTe(engine2, phase2_cert.engine) },
2593 	{ STRe(machine_ca_cert, machine_cert.ca_cert) },
2594 	{ STRe(machine_ca_path, machine_cert.ca_path) },
2595 	{ STRe(machine_client_cert, machine_cert.client_cert) },
2596 	{ STRe(machine_private_key, machine_cert.private_key) },
2597 	{ STR_KEYe(machine_private_key_passwd,
2598 		   machine_cert.private_key_passwd) },
2599 	{ STRe(machine_subject_match, machine_cert.subject_match) },
2600 	{ STRe(machine_check_cert_subject, machine_cert.check_cert_subject) },
2601 	{ STRe(machine_altsubject_match, machine_cert.altsubject_match) },
2602 	{ STRe(machine_domain_suffix_match,
2603 	       machine_cert.domain_suffix_match) },
2604 	{ STRe(machine_domain_match, machine_cert.domain_match) },
2605 	{ STR_KEYe(machine_pin, machine_cert.pin) },
2606 	{ STRe(machine_engine_id, machine_cert.engine_id) },
2607 	{ STRe(machine_key_id, machine_cert.key_id) },
2608 	{ STRe(machine_cert_id, machine_cert.cert_id) },
2609 	{ STRe(machine_ca_cert_id, machine_cert.ca_cert_id) },
2610 	{ INTe(machine_engine, machine_cert.engine) },
2611 	{ INTe(machine_ocsp, machine_cert.ocsp) },
2612 	{ INT(eapol_flags) },
2613 	{ INTe(sim_num, sim_num) },
2614 	{ STRe(imsi_privacy_cert, imsi_privacy_cert) },
2615 	{ STRe(imsi_privacy_attr, imsi_privacy_attr) },
2616 	{ STRe(openssl_ciphers, openssl_ciphers) },
2617 	{ INTe(erp, erp) },
2618 #endif /* IEEE8021X_EAPOL */
2619 #ifdef CONFIG_WEP
2620 	{ FUNC_KEY(wep_key0) },
2621 	{ FUNC_KEY(wep_key1) },
2622 	{ FUNC_KEY(wep_key2) },
2623 	{ FUNC_KEY(wep_key3) },
2624 	{ INT(wep_tx_keyidx) },
2625 #endif /* CONFIG_WEP */
2626 	{ INT(priority) },
2627 #ifdef IEEE8021X_EAPOL
2628 	{ INT(eap_workaround) },
2629 	{ STRe(pac_file, pac_file) },
2630 	{ INTe(fragment_size, fragment_size) },
2631 	{ INTe(ocsp, cert.ocsp) },
2632 	{ INTe(ocsp2, phase2_cert.ocsp) },
2633 #endif /* IEEE8021X_EAPOL */
2634 #ifdef CONFIG_MESH
2635 	{ INT_RANGE(mode, 0, 5) },
2636 	{ INT_RANGE(no_auto_peer, 0, 1) },
2637 	{ INT_RANGE(mesh_fwding, 0, 1) },
2638 	{ INT_RANGE(mesh_rssi_threshold, -255, 1) },
2639 #else /* CONFIG_MESH */
2640 	{ INT_RANGE(mode, 0, 4) },
2641 #endif /* CONFIG_MESH */
2642 	{ INT_RANGE(proactive_key_caching, 0, 1) },
2643 	{ INT_RANGE(disabled, 0, 2) },
2644 	{ STR(id_str) },
2645 	{ INT_RANGE(ieee80211w, 0, 2) },
2646 #ifdef CONFIG_OCV
2647 	{ FUNC(ocv) },
2648 #endif /* CONFIG_OCV */
2649 	{ FUNC(peerkey) /* obsolete - removed */ },
2650 	{ INT_RANGE(mixed_cell, 0, 1) },
2651 	{ INT_RANGE(frequency, 0, 70200) },
2652 	{ INT_RANGE(fixed_freq, 0, 1) },
2653 	{ INT_RANGE(enable_edmg, 0, 1) },
2654 	{ INT_RANGE(edmg_channel, 9, 13) },
2655 #ifdef CONFIG_ACS
2656 	{ INT_RANGE(acs, 0, 1) },
2657 #endif /* CONFIG_ACS */
2658 #ifdef CONFIG_MESH
2659 	{ FUNC(mesh_basic_rates) },
2660 	{ INT(dot11MeshMaxRetries) },
2661 	{ INT(dot11MeshRetryTimeout) },
2662 	{ INT(dot11MeshConfirmTimeout) },
2663 	{ INT(dot11MeshHoldingTimeout) },
2664 #endif /* CONFIG_MESH */
2665 	{ INT(wpa_ptk_rekey) },
2666 	{ INT_RANGE(wpa_deny_ptk0_rekey, 0, 2) },
2667 	{ INT(group_rekey) },
2668 	{ STR(bgscan) },
2669 	{ INT_RANGE(ignore_broadcast_ssid, 0, 2) },
2670 #ifdef CONFIG_P2P
2671 	{ FUNC(go_p2p_dev_addr) },
2672 	{ FUNC(p2p_client_list) },
2673 	{ FUNC(psk_list) },
2674 #endif /* CONFIG_P2P */
2675 #ifdef CONFIG_HT_OVERRIDES
2676 	{ INT_RANGE(disable_ht, 0, 1) },
2677 	{ INT_RANGE(disable_ht40, 0, 1) },
2678 	{ INT_RANGE(disable_sgi, 0, 1) },
2679 	{ INT_RANGE(disable_ldpc, 0, 1) },
2680 	{ INT_RANGE(ht40_intolerant, 0, 1) },
2681 	{ INT_RANGE(tx_stbc, -1, 1) },
2682 	{ INT_RANGE(rx_stbc, -1, 3) },
2683 	{ INT_RANGE(disable_max_amsdu, -1, 1) },
2684 	{ INT_RANGE(ampdu_factor, -1, 3) },
2685 	{ INT_RANGE(ampdu_density, -1, 7) },
2686 	{ STR(ht_mcs) },
2687 #endif /* CONFIG_HT_OVERRIDES */
2688 #ifdef CONFIG_VHT_OVERRIDES
2689 	{ INT_RANGE(disable_vht, 0, 1) },
2690 	{ INT(vht_capa) },
2691 	{ INT(vht_capa_mask) },
2692 	{ INT_RANGE(vht_rx_mcs_nss_1, -1, 3) },
2693 	{ INT_RANGE(vht_rx_mcs_nss_2, -1, 3) },
2694 	{ INT_RANGE(vht_rx_mcs_nss_3, -1, 3) },
2695 	{ INT_RANGE(vht_rx_mcs_nss_4, -1, 3) },
2696 	{ INT_RANGE(vht_rx_mcs_nss_5, -1, 3) },
2697 	{ INT_RANGE(vht_rx_mcs_nss_6, -1, 3) },
2698 	{ INT_RANGE(vht_rx_mcs_nss_7, -1, 3) },
2699 	{ INT_RANGE(vht_rx_mcs_nss_8, -1, 3) },
2700 	{ INT_RANGE(vht_tx_mcs_nss_1, -1, 3) },
2701 	{ INT_RANGE(vht_tx_mcs_nss_2, -1, 3) },
2702 	{ INT_RANGE(vht_tx_mcs_nss_3, -1, 3) },
2703 	{ INT_RANGE(vht_tx_mcs_nss_4, -1, 3) },
2704 	{ INT_RANGE(vht_tx_mcs_nss_5, -1, 3) },
2705 	{ INT_RANGE(vht_tx_mcs_nss_6, -1, 3) },
2706 	{ INT_RANGE(vht_tx_mcs_nss_7, -1, 3) },
2707 	{ INT_RANGE(vht_tx_mcs_nss_8, -1, 3) },
2708 #endif /* CONFIG_VHT_OVERRIDES */
2709 #ifdef CONFIG_HE_OVERRIDES
2710 	{ INT_RANGE(disable_he, 0, 1)},
2711 #endif /* CONFIG_HE_OVERRIDES */
2712 	{ INT(ap_max_inactivity) },
2713 	{ INT(dtim_period) },
2714 	{ INT(beacon_int) },
2715 #ifdef CONFIG_MACSEC
2716 	{ INT_RANGE(macsec_policy, 0, 1) },
2717 	{ INT_RANGE(macsec_integ_only, 0, 1) },
2718 	{ INT_RANGE(macsec_replay_protect, 0, 1) },
2719 	{ INT(macsec_replay_window) },
2720 	{ INT_RANGE(macsec_offload, 0, 2) },
2721 	{ INT_RANGE(macsec_port, 1, 65534) },
2722 	{ INT_RANGE(mka_priority, 0, 255) },
2723 	{ INT_RANGE(macsec_csindex, 0, 1) },
2724 	{ FUNC_KEY(mka_cak) },
2725 	{ FUNC_KEY(mka_ckn) },
2726 #endif /* CONFIG_MACSEC */
2727 #ifdef CONFIG_HS20
2728 	{ INT(update_identifier) },
2729 	{ STR_RANGE(roaming_consortium_selection, 0, MAX_ROAMING_CONS_OI_LEN) },
2730 #endif /* CONFIG_HS20 */
2731 	{ INT_RANGE(mac_addr, 0, 3) },
2732 	{ FUNC_KEY(mac_value) },
2733 	{ INT_RANGE(pbss, 0, 2) },
2734 	{ INT_RANGE(wps_disabled, 0, 1) },
2735 	{ INT_RANGE(fils_dh_group, 0, 65535) },
2736 #ifdef CONFIG_DPP
2737 	{ STR(dpp_connector) },
2738 	{ STR_LEN(dpp_netaccesskey) },
2739 	{ INT(dpp_netaccesskey_expiry) },
2740 	{ STR_LEN(dpp_csign) },
2741 	{ STR_LEN(dpp_pp_key) },
2742 	{ INT_RANGE(dpp_pfs, 0, 2) },
2743 	{ INT_RANGE(dpp_connector_privacy, 0, 1) },
2744 #endif /* CONFIG_DPP */
2745 	{ INT_RANGE(owe_group, 0, 65535) },
2746 	{ INT_RANGE(owe_only, 0, 1) },
2747 	{ INT_RANGE(owe_ptk_workaround, 0, 1) },
2748 	{ INT_RANGE(multi_ap_backhaul_sta, 0, 1) },
2749 	{ INT_RANGE(ft_eap_pmksa_caching, 0, 1) },
2750 	{ INT_RANGE(multi_ap_profile, MULTI_AP_PROFILE_1,
2751 		    MULTI_AP_PROFILE_MAX) },
2752 	{ INT_RANGE(beacon_prot, 0, 1) },
2753 	{ INT_RANGE(transition_disable, 0, 255) },
2754 	{ INT_RANGE(sae_pk, 0, 2) },
2755 	{ INT_RANGE(disable_eht, 0, 1)},
2756 	{ INT_RANGE(enable_4addr_mode, 0, 1)},
2757 	{ INT_RANGE(max_idle, 0, 65535)},
2758 	{ INT_RANGE(ssid_protection, 0, 1)},
2759 	{ INT_RANGE(rsn_overriding, 0, 2)},
2760 };
2761 
2762 #undef OFFSET
2763 #undef _STR
2764 #undef STR
2765 #undef STR_KEY
2766 #undef _STR_LEN
2767 #undef STR_LEN
2768 #undef STR_LEN_KEY
2769 #undef _STR_RANGE
2770 #undef STR_RANGE
2771 #undef STR_RANGE_KEY
2772 #undef _INT
2773 #undef INT
2774 #undef INT_RANGE
2775 #undef _FUNC
2776 #undef FUNC
2777 #undef FUNC_KEY
2778 #define NUM_SSID_FIELDS ARRAY_SIZE(ssid_fields)
2779 
2780 
2781 /**
2782  * wpa_config_add_prio_network - Add a network to priority lists
2783  * @config: Configuration data from wpa_config_read()
2784  * @ssid: Pointer to the network configuration to be added to the list
2785  * Returns: 0 on success, -1 on failure
2786  *
2787  * This function is used to add a network block to the priority list of
2788  * networks. This must be called for each network when reading in the full
2789  * configuration. In addition, this can be used indirectly when updating
2790  * priorities by calling wpa_config_update_prio_list().
2791  */
wpa_config_add_prio_network(struct wpa_config * config,struct wpa_ssid * ssid)2792 int wpa_config_add_prio_network(struct wpa_config *config,
2793 				struct wpa_ssid *ssid)
2794 {
2795 	size_t prio;
2796 	struct wpa_ssid *prev, **nlist;
2797 
2798 	/*
2799 	 * Add to an existing priority list if one is available for the
2800 	 * configured priority level for this network.
2801 	 */
2802 	for (prio = 0; prio < config->num_prio; prio++) {
2803 		prev = config->pssid[prio];
2804 		if (prev->priority == ssid->priority) {
2805 			while (prev->pnext)
2806 				prev = prev->pnext;
2807 			prev->pnext = ssid;
2808 			return 0;
2809 		}
2810 	}
2811 
2812 	/* First network for this priority - add a new priority list */
2813 	nlist = os_realloc_array(config->pssid, config->num_prio + 1,
2814 				 sizeof(struct wpa_ssid *));
2815 	if (nlist == NULL)
2816 		return -1;
2817 
2818 	for (prio = 0; prio < config->num_prio; prio++) {
2819 		if (nlist[prio]->priority < ssid->priority) {
2820 			os_memmove(&nlist[prio + 1], &nlist[prio],
2821 				   (config->num_prio - prio) *
2822 				   sizeof(struct wpa_ssid *));
2823 			break;
2824 		}
2825 	}
2826 
2827 	nlist[prio] = ssid;
2828 	config->num_prio++;
2829 	config->pssid = nlist;
2830 
2831 	return 0;
2832 }
2833 
2834 
2835 /**
2836  * wpa_config_update_prio_list - Update network priority list
2837  * @config: Configuration data from wpa_config_read()
2838  * Returns: 0 on success, -1 on failure
2839  *
2840  * This function is called to update the priority list of networks in the
2841  * configuration when a network is being added or removed. This is also called
2842  * if a priority for a network is changed.
2843  */
wpa_config_update_prio_list(struct wpa_config * config)2844 int wpa_config_update_prio_list(struct wpa_config *config)
2845 {
2846 	struct wpa_ssid *ssid;
2847 	int ret = 0;
2848 
2849 	os_free(config->pssid);
2850 	config->pssid = NULL;
2851 	config->num_prio = 0;
2852 
2853 	ssid = config->ssid;
2854 	while (ssid) {
2855 		ssid->pnext = NULL;
2856 		if (wpa_config_add_prio_network(config, ssid) < 0)
2857 			ret = -1;
2858 		ssid = ssid->next;
2859 	}
2860 
2861 	return ret;
2862 }
2863 
2864 
2865 #ifdef IEEE8021X_EAPOL
2866 
eap_peer_config_free_cert(struct eap_peer_cert_config * cert)2867 static void eap_peer_config_free_cert(struct eap_peer_cert_config *cert)
2868 {
2869 	os_free(cert->ca_cert);
2870 	os_free(cert->ca_path);
2871 	os_free(cert->client_cert);
2872 	os_free(cert->private_key);
2873 	str_clear_free(cert->private_key_passwd);
2874 	os_free(cert->subject_match);
2875 	os_free(cert->check_cert_subject);
2876 	os_free(cert->altsubject_match);
2877 	os_free(cert->domain_suffix_match);
2878 	os_free(cert->domain_match);
2879 	str_clear_free(cert->pin);
2880 	os_free(cert->engine_id);
2881 	os_free(cert->key_id);
2882 	os_free(cert->cert_id);
2883 	os_free(cert->ca_cert_id);
2884 }
2885 
2886 
eap_peer_config_free(struct eap_peer_config * eap)2887 static void eap_peer_config_free(struct eap_peer_config *eap)
2888 {
2889 	os_free(eap->eap_methods);
2890 	bin_clear_free(eap->identity, eap->identity_len);
2891 	os_free(eap->anonymous_identity);
2892 	os_free(eap->imsi_identity);
2893 	os_free(eap->imsi_privacy_cert);
2894 	os_free(eap->imsi_privacy_attr);
2895 	os_free(eap->machine_identity);
2896 	bin_clear_free(eap->password, eap->password_len);
2897 	bin_clear_free(eap->machine_password, eap->machine_password_len);
2898 	eap_peer_config_free_cert(&eap->cert);
2899 	eap_peer_config_free_cert(&eap->phase2_cert);
2900 	eap_peer_config_free_cert(&eap->machine_cert);
2901 	os_free(eap->phase1);
2902 	os_free(eap->phase2);
2903 	os_free(eap->machine_phase2);
2904 	os_free(eap->pcsc);
2905 	os_free(eap->otp);
2906 	os_free(eap->pending_req_otp);
2907 	os_free(eap->pac_file);
2908 	bin_clear_free(eap->new_password, eap->new_password_len);
2909 	str_clear_free(eap->external_sim_resp);
2910 	os_free(eap->openssl_ciphers);
2911 }
2912 
2913 #endif /* IEEE8021X_EAPOL */
2914 
2915 
2916 /**
2917  * wpa_config_free_ssid - Free network/ssid configuration data
2918  * @ssid: Configuration data for the network
2919  *
2920  * This function frees all resources allocated for the network configuration
2921  * data.
2922  */
wpa_config_free_ssid(struct wpa_ssid * ssid)2923 void wpa_config_free_ssid(struct wpa_ssid *ssid)
2924 {
2925 	struct psk_list_entry *psk;
2926 
2927 	os_free(ssid->ssid);
2928 	str_clear_free(ssid->passphrase);
2929 	os_free(ssid->ext_psk);
2930 	str_clear_free(ssid->sae_password);
2931 	os_free(ssid->sae_password_id);
2932 #ifdef IEEE8021X_EAPOL
2933 	eap_peer_config_free(&ssid->eap);
2934 #endif /* IEEE8021X_EAPOL */
2935 	os_free(ssid->id_str);
2936 	os_free(ssid->scan_freq);
2937 	os_free(ssid->freq_list);
2938 	os_free(ssid->bgscan);
2939 	os_free(ssid->p2p_client_list);
2940 	os_free(ssid->bssid_ignore);
2941 	os_free(ssid->bssid_accept);
2942 #ifdef CONFIG_HT_OVERRIDES
2943 	os_free(ssid->ht_mcs);
2944 #endif /* CONFIG_HT_OVERRIDES */
2945 #ifdef CONFIG_MESH
2946 	os_free(ssid->mesh_basic_rates);
2947 #endif /* CONFIG_MESH */
2948 #ifdef CONFIG_HS20
2949 	os_free(ssid->roaming_consortium_selection);
2950 #endif /* CONFIG_HS20 */
2951 	os_free(ssid->dpp_connector);
2952 	bin_clear_free(ssid->dpp_netaccesskey, ssid->dpp_netaccesskey_len);
2953 	os_free(ssid->dpp_csign);
2954 	os_free(ssid->dpp_pp_key);
2955 	while ((psk = dl_list_first(&ssid->psk_list, struct psk_list_entry,
2956 				    list))) {
2957 		dl_list_del(&psk->list);
2958 		bin_clear_free(psk, sizeof(*psk));
2959 	}
2960 #ifdef CONFIG_SAE
2961 	sae_deinit_pt(ssid->pt);
2962 #endif /* CONFIG_SAE */
2963 	bin_clear_free(ssid, sizeof(*ssid));
2964 }
2965 
2966 
wpa_config_free_cred(struct wpa_cred * cred)2967 void wpa_config_free_cred(struct wpa_cred *cred)
2968 {
2969 	size_t i;
2970 
2971 	os_free(cred->realm);
2972 	str_clear_free(cred->username);
2973 	str_clear_free(cred->password);
2974 	os_free(cred->ca_cert);
2975 	os_free(cred->client_cert);
2976 	os_free(cred->private_key);
2977 	str_clear_free(cred->private_key_passwd);
2978 	os_free(cred->engine_id);
2979 	os_free(cred->ca_cert_id);
2980 	os_free(cred->cert_id);
2981 	os_free(cred->key_id);
2982 	os_free(cred->imsi);
2983 	str_clear_free(cred->milenage);
2984 	for (i = 0; i < cred->num_domain; i++)
2985 		os_free(cred->domain[i]);
2986 	os_free(cred->domain);
2987 	os_free(cred->domain_suffix_match);
2988 	os_free(cred->eap_method);
2989 	os_free(cred->phase1);
2990 	os_free(cred->phase2);
2991 	os_free(cred->excluded_ssid);
2992 	os_free(cred->roaming_partner);
2993 	os_free(cred->provisioning_sp);
2994 	for (i = 0; i < cred->num_req_conn_capab; i++)
2995 		os_free(cred->req_conn_capab_port[i]);
2996 	os_free(cred->req_conn_capab_port);
2997 	os_free(cred->req_conn_capab_proto);
2998 	os_free(cred->imsi_privacy_cert);
2999 	os_free(cred->imsi_privacy_attr);
3000 	os_free(cred);
3001 }
3002 
3003 
wpa_config_flush_blobs(struct wpa_config * config)3004 void wpa_config_flush_blobs(struct wpa_config *config)
3005 {
3006 #ifndef CONFIG_NO_CONFIG_BLOBS
3007 	struct wpa_config_blob *blob, *prev;
3008 
3009 	blob = config->blobs;
3010 	config->blobs = NULL;
3011 	while (blob) {
3012 		prev = blob;
3013 		blob = blob->next;
3014 		wpa_config_free_blob(prev);
3015 	}
3016 #endif /* CONFIG_NO_CONFIG_BLOBS */
3017 }
3018 
3019 
3020 /**
3021  * wpa_config_free - Free configuration data
3022  * @config: Configuration data from wpa_config_read()
3023  *
3024  * This function frees all resources allocated for the configuration data by
3025  * wpa_config_read().
3026  */
wpa_config_free(struct wpa_config * config)3027 void wpa_config_free(struct wpa_config *config)
3028 {
3029 	struct wpa_ssid *ssid, *prev = NULL;
3030 	struct wpa_cred *cred, *cprev;
3031 	int i;
3032 
3033 	ssid = config->ssid;
3034 	while (ssid) {
3035 		prev = ssid;
3036 		ssid = ssid->next;
3037 		wpa_config_free_ssid(prev);
3038 	}
3039 
3040 	cred = config->cred;
3041 	while (cred) {
3042 		cprev = cred;
3043 		cred = cred->next;
3044 		wpa_config_free_cred(cprev);
3045 	}
3046 
3047 	wpa_config_flush_blobs(config);
3048 
3049 	wpabuf_free(config->wps_vendor_ext_m1);
3050 	for (i = 0; i < MAX_WPS_VENDOR_EXT; i++)
3051 		wpabuf_free(config->wps_vendor_ext[i]);
3052 	os_free(config->ctrl_interface);
3053 	os_free(config->ctrl_interface_group);
3054 #ifndef CONFIG_OPENSC_ENGINE_PATH
3055 	os_free(config->opensc_engine_path);
3056 #endif /* CONFIG_OPENSC_ENGINE_PATH */
3057 #ifndef CONFIG_PKCS11_ENGINE_PATH
3058 	os_free(config->pkcs11_engine_path);
3059 #endif /* CONFIG_PKCS11_ENGINE_PATH */
3060 #ifndef CONFIG_PKCS11_MODULE_PATH
3061 	os_free(config->pkcs11_module_path);
3062 #endif /* CONFIG_PKCS11_MODULE_PATH */
3063 	os_free(config->openssl_ciphers);
3064 	os_free(config->pcsc_reader);
3065 	str_clear_free(config->pcsc_pin);
3066 	os_free(config->driver_param);
3067 	os_free(config->device_name);
3068 	os_free(config->manufacturer);
3069 	os_free(config->model_name);
3070 	os_free(config->model_number);
3071 	os_free(config->serial_number);
3072 	os_free(config->config_methods);
3073 	os_free(config->p2p_ssid_postfix);
3074 	os_free(config->pssid);
3075 	os_free(config->p2p_pref_chan);
3076 	os_free(config->p2p_no_go_freq.range);
3077 	os_free(config->autoscan);
3078 	os_free(config->freq_list);
3079 	os_free(config->initial_freq_list);
3080 	wpabuf_free(config->wps_nfc_dh_pubkey);
3081 	wpabuf_free(config->wps_nfc_dh_privkey);
3082 	wpabuf_free(config->wps_nfc_dev_pw);
3083 	os_free(config->ext_password_backend);
3084 	os_free(config->sae_groups);
3085 	wpabuf_free(config->ap_vendor_elements);
3086 	wpabuf_free(config->ap_assocresp_elements);
3087 	os_free(config->osu_dir);
3088 	os_free(config->bgscan);
3089 	os_free(config->wowlan_triggers);
3090 	os_free(config->fst_group_id);
3091 	os_free(config->sched_scan_plans);
3092 #ifdef CONFIG_MBO
3093 	os_free(config->non_pref_chan);
3094 #endif /* CONFIG_MBO */
3095 	os_free(config->dpp_name);
3096 	os_free(config->dpp_mud_url);
3097 	os_free(config->dpp_extra_conf_req_name);
3098 	os_free(config->dpp_extra_conf_req_value);
3099 
3100 	os_free(config);
3101 }
3102 
3103 
3104 /**
3105  * wpa_config_foreach_network - Iterate over each configured network
3106  * @config: Configuration data from wpa_config_read()
3107  * @func: Callback function to process each network
3108  * @arg: Opaque argument to pass to callback function
3109  *
3110  * Iterate over the set of configured networks calling the specified
3111  * function for each item. We guard against callbacks removing the
3112  * supplied network.
3113  */
wpa_config_foreach_network(struct wpa_config * config,void (* func)(void *,struct wpa_ssid *),void * arg)3114 void wpa_config_foreach_network(struct wpa_config *config,
3115 				void (*func)(void *, struct wpa_ssid *),
3116 				void *arg)
3117 {
3118 	struct wpa_ssid *ssid, *next;
3119 
3120 	ssid = config->ssid;
3121 	while (ssid) {
3122 		next = ssid->next;
3123 		func(arg, ssid);
3124 		ssid = next;
3125 	}
3126 }
3127 
3128 
3129 /**
3130  * wpa_config_get_network - Get configured network based on id
3131  * @config: Configuration data from wpa_config_read()
3132  * @id: Unique network id to search for
3133  * Returns: Network configuration or %NULL if not found
3134  */
wpa_config_get_network(struct wpa_config * config,int id)3135 struct wpa_ssid * wpa_config_get_network(struct wpa_config *config, int id)
3136 {
3137 	struct wpa_ssid *ssid;
3138 
3139 	ssid = config->ssid;
3140 	while (ssid) {
3141 		if (id == ssid->id)
3142 			break;
3143 		ssid = ssid->next;
3144 	}
3145 
3146 	return ssid;
3147 }
3148 
3149 
3150 /**
3151  * wpa_config_add_network - Add a new network with empty configuration
3152  * @config: Configuration data from wpa_config_read()
3153  * Returns: The new network configuration or %NULL if operation failed
3154  */
wpa_config_add_network(struct wpa_config * config)3155 struct wpa_ssid * wpa_config_add_network(struct wpa_config *config)
3156 {
3157 	int id;
3158 	struct wpa_ssid *ssid, *last = NULL;
3159 
3160 	id = -1;
3161 	ssid = config->ssid;
3162 	while (ssid) {
3163 		if (ssid->id > id)
3164 			id = ssid->id;
3165 		last = ssid;
3166 		ssid = ssid->next;
3167 	}
3168 	id++;
3169 
3170 	ssid = os_zalloc(sizeof(*ssid));
3171 	if (ssid == NULL)
3172 		return NULL;
3173 	ssid->id = id;
3174 	dl_list_init(&ssid->psk_list);
3175 	if (last)
3176 		last->next = ssid;
3177 	else
3178 		config->ssid = ssid;
3179 
3180 	wpa_config_update_prio_list(config);
3181 
3182 	return ssid;
3183 }
3184 
3185 
3186 /**
3187  * wpa_config_remove_network - Remove a configured network based on id
3188  * @config: Configuration data from wpa_config_read()
3189  * @id: Unique network id to search for
3190  * Returns: 0 on success, or -1 if the network was not found
3191  */
wpa_config_remove_network(struct wpa_config * config,int id)3192 int wpa_config_remove_network(struct wpa_config *config, int id)
3193 {
3194 	struct wpa_ssid *ssid, *prev = NULL;
3195 
3196 	ssid = config->ssid;
3197 	while (ssid) {
3198 		if (id == ssid->id)
3199 			break;
3200 		prev = ssid;
3201 		ssid = ssid->next;
3202 	}
3203 
3204 	if (ssid == NULL)
3205 		return -1;
3206 
3207 	if (prev)
3208 		prev->next = ssid->next;
3209 	else
3210 		config->ssid = ssid->next;
3211 
3212 	wpa_config_update_prio_list(config);
3213 	wpa_config_free_ssid(ssid);
3214 	return 0;
3215 }
3216 
3217 
3218 /**
3219  * wpa_config_set_network_defaults - Set network default values
3220  * @ssid: Pointer to network configuration data
3221  */
wpa_config_set_network_defaults(struct wpa_ssid * ssid)3222 void wpa_config_set_network_defaults(struct wpa_ssid *ssid)
3223 {
3224 	ssid->proto = DEFAULT_PROTO;
3225 	ssid->pairwise_cipher = DEFAULT_PAIRWISE;
3226 	ssid->group_cipher = DEFAULT_GROUP;
3227 	ssid->key_mgmt = DEFAULT_KEY_MGMT;
3228 	ssid->wpa_deny_ptk0_rekey = PTK0_REKEY_ALLOW_ALWAYS;
3229 	ssid->bg_scan_period = DEFAULT_BG_SCAN_PERIOD;
3230 	ssid->ht = 1;
3231 	ssid->vht = 1;
3232 	ssid->he = 1;
3233 #ifdef IEEE8021X_EAPOL
3234 	ssid->eapol_flags = DEFAULT_EAPOL_FLAGS;
3235 	ssid->eap_workaround = DEFAULT_EAP_WORKAROUND;
3236 	ssid->eap.fragment_size = DEFAULT_FRAGMENT_SIZE;
3237 	ssid->eap.sim_num = DEFAULT_USER_SELECTED_SIM;
3238 #endif /* IEEE8021X_EAPOL */
3239 #ifdef CONFIG_MESH
3240 	ssid->dot11MeshMaxRetries = DEFAULT_MESH_MAX_RETRIES;
3241 	ssid->dot11MeshRetryTimeout = DEFAULT_MESH_RETRY_TIMEOUT;
3242 	ssid->dot11MeshConfirmTimeout = DEFAULT_MESH_CONFIRM_TIMEOUT;
3243 	ssid->dot11MeshHoldingTimeout = DEFAULT_MESH_HOLDING_TIMEOUT;
3244 	ssid->mesh_fwding = DEFAULT_MESH_FWDING;
3245 	ssid->mesh_rssi_threshold = DEFAULT_MESH_RSSI_THRESHOLD;
3246 #endif /* CONFIG_MESH */
3247 #ifdef CONFIG_HT_OVERRIDES
3248 	ssid->disable_ht = DEFAULT_DISABLE_HT;
3249 	ssid->disable_ht40 = DEFAULT_DISABLE_HT40;
3250 	ssid->disable_sgi = DEFAULT_DISABLE_SGI;
3251 	ssid->disable_ldpc = DEFAULT_DISABLE_LDPC;
3252 	ssid->tx_stbc = DEFAULT_TX_STBC;
3253 	ssid->rx_stbc = DEFAULT_RX_STBC;
3254 	ssid->disable_max_amsdu = DEFAULT_DISABLE_MAX_AMSDU;
3255 	ssid->ampdu_factor = DEFAULT_AMPDU_FACTOR;
3256 	ssid->ampdu_density = DEFAULT_AMPDU_DENSITY;
3257 #endif /* CONFIG_HT_OVERRIDES */
3258 #ifdef CONFIG_VHT_OVERRIDES
3259 	ssid->vht_rx_mcs_nss_1 = -1;
3260 	ssid->vht_rx_mcs_nss_2 = -1;
3261 	ssid->vht_rx_mcs_nss_3 = -1;
3262 	ssid->vht_rx_mcs_nss_4 = -1;
3263 	ssid->vht_rx_mcs_nss_5 = -1;
3264 	ssid->vht_rx_mcs_nss_6 = -1;
3265 	ssid->vht_rx_mcs_nss_7 = -1;
3266 	ssid->vht_rx_mcs_nss_8 = -1;
3267 	ssid->vht_tx_mcs_nss_1 = -1;
3268 	ssid->vht_tx_mcs_nss_2 = -1;
3269 	ssid->vht_tx_mcs_nss_3 = -1;
3270 	ssid->vht_tx_mcs_nss_4 = -1;
3271 	ssid->vht_tx_mcs_nss_5 = -1;
3272 	ssid->vht_tx_mcs_nss_6 = -1;
3273 	ssid->vht_tx_mcs_nss_7 = -1;
3274 	ssid->vht_tx_mcs_nss_8 = -1;
3275 #endif /* CONFIG_VHT_OVERRIDES */
3276 	ssid->proactive_key_caching = -1;
3277 	ssid->ieee80211w = MGMT_FRAME_PROTECTION_DEFAULT;
3278 	ssid->sae_pwe = DEFAULT_SAE_PWE;
3279 #ifdef CONFIG_MACSEC
3280 	ssid->mka_priority = DEFAULT_PRIO_NOT_KEY_SERVER;
3281 #endif /* CONFIG_MACSEC */
3282 	ssid->mac_addr = WPAS_MAC_ADDR_STYLE_NOT_SET;
3283 	ssid->max_oper_chwidth = DEFAULT_MAX_OPER_CHWIDTH;
3284 	ssid->rsn_overriding = RSN_OVERRIDING_NOT_SET;
3285 }
3286 
3287 
3288 static const char *removed_fields[] = {
3289 	"dh_file",
3290 	"dh_file2",
3291 	"machine_dh_file",
3292 	NULL
3293 };
3294 
removed_field(const char * field)3295 static bool removed_field(const char *field)
3296 {
3297 	int i;
3298 
3299 	for (i = 0; removed_fields[i]; i++) {
3300 		if (os_strcmp(field, removed_fields[i]) == 0)
3301 			return true;
3302 	}
3303 
3304 	return false;
3305 }
3306 
3307 
3308 /**
3309  * wpa_config_set - Set a variable in network configuration
3310  * @ssid: Pointer to network configuration data
3311  * @var: Variable name, e.g., "ssid"
3312  * @value: Variable value
3313  * @line: Line number in configuration file or 0 if not used
3314  * Returns: 0 on success with possible change in the value, 1 on success with
3315  * no change to previously configured value, or -1 on failure
3316  *
3317  * This function can be used to set network configuration variables based on
3318  * both the configuration file and management interface input. The value
3319  * parameter must be in the same format as the text-based configuration file is
3320  * using. For example, strings are using double quotation marks.
3321  */
wpa_config_set(struct wpa_ssid * ssid,const char * var,const char * value,int line)3322 int wpa_config_set(struct wpa_ssid *ssid, const char *var, const char *value,
3323 		   int line)
3324 {
3325 	size_t i;
3326 	int ret = 0;
3327 
3328 	if (ssid == NULL || var == NULL || value == NULL)
3329 		return -1;
3330 
3331 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
3332 		const struct parse_data *field = &ssid_fields[i];
3333 		if (os_strcmp(var, field->name) != 0)
3334 			continue;
3335 
3336 		ret = field->parser(field, ssid, line, value);
3337 		if (ret < 0) {
3338 			if (line) {
3339 				wpa_printf(MSG_ERROR, "Line %d: failed to "
3340 					   "parse %s '%s'.", line, var, value);
3341 			}
3342 			ret = -1;
3343 		}
3344 #ifdef CONFIG_SAE
3345 		if (os_strcmp(var, "ssid") == 0 ||
3346 		    os_strcmp(var, "psk") == 0 ||
3347 		    os_strcmp(var, "sae_password") == 0 ||
3348 		    os_strcmp(var, "sae_password_id") == 0) {
3349 			sae_deinit_pt(ssid->pt);
3350 			ssid->pt = NULL;
3351 		}
3352 #endif /* CONFIG_SAE */
3353 		break;
3354 	}
3355 	if (i == NUM_SSID_FIELDS) {
3356 		if (removed_field(var)) {
3357 			wpa_printf(MSG_INFO,
3358 				   "Line %d: Ignore removed configuration field '%s'",
3359 				   line, var);
3360 			return ret;
3361 		}
3362 		if (line) {
3363 			wpa_printf(MSG_ERROR, "Line %d: unknown network field "
3364 				   "'%s'.", line, var);
3365 		}
3366 		ret = -1;
3367 	}
3368 	ssid->was_recently_reconfigured = true;
3369 
3370 	return ret;
3371 }
3372 
3373 
wpa_config_set_quoted(struct wpa_ssid * ssid,const char * var,const char * value)3374 int wpa_config_set_quoted(struct wpa_ssid *ssid, const char *var,
3375 			  const char *value)
3376 {
3377 	size_t len;
3378 	char *buf;
3379 	int ret;
3380 
3381 	len = os_strlen(value);
3382 	buf = os_malloc(len + 3);
3383 	if (buf == NULL)
3384 		return -1;
3385 	buf[0] = '"';
3386 	os_memcpy(buf + 1, value, len);
3387 	buf[len + 1] = '"';
3388 	buf[len + 2] = '\0';
3389 	ret = wpa_config_set(ssid, var, buf, 0);
3390 	os_free(buf);
3391 	return ret;
3392 }
3393 
3394 
3395 /**
3396  * wpa_config_get_all - Get all options from network configuration
3397  * @ssid: Pointer to network configuration data
3398  * @get_keys: Determines if keys/passwords will be included in returned list
3399  *	(if they may be exported)
3400  * Returns: %NULL terminated list of all set keys and their values in the form
3401  * of [key1, val1, key2, val2, ... , NULL]
3402  *
3403  * This function can be used to get list of all configured network properties.
3404  * The caller is responsible for freeing the returned list and all its
3405  * elements.
3406  */
wpa_config_get_all(struct wpa_ssid * ssid,int get_keys)3407 char ** wpa_config_get_all(struct wpa_ssid *ssid, int get_keys)
3408 {
3409 #ifdef NO_CONFIG_WRITE
3410 	return NULL;
3411 #else /* NO_CONFIG_WRITE */
3412 	const struct parse_data *field;
3413 	char *key, *value;
3414 	size_t i;
3415 	char **props;
3416 	int fields_num;
3417 
3418 	get_keys = get_keys && ssid->export_keys;
3419 
3420 	props = os_calloc(2 * NUM_SSID_FIELDS + 1, sizeof(char *));
3421 	if (!props)
3422 		return NULL;
3423 
3424 	fields_num = 0;
3425 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
3426 		field = &ssid_fields[i];
3427 		if (field->key_data && !get_keys)
3428 			continue;
3429 		value = field->writer(field, ssid);
3430 		if (value == NULL)
3431 			continue;
3432 		if (os_strlen(value) == 0) {
3433 			os_free(value);
3434 			continue;
3435 		}
3436 
3437 		key = os_strdup(field->name);
3438 		if (key == NULL) {
3439 			os_free(value);
3440 			goto err;
3441 		}
3442 
3443 		props[fields_num * 2] = key;
3444 		props[fields_num * 2 + 1] = value;
3445 
3446 		fields_num++;
3447 	}
3448 
3449 	return props;
3450 
3451 err:
3452 	for (i = 0; props[i]; i++)
3453 		os_free(props[i]);
3454 	os_free(props);
3455 	return NULL;
3456 #endif /* NO_CONFIG_WRITE */
3457 }
3458 
3459 
3460 #ifndef NO_CONFIG_WRITE
3461 /**
3462  * wpa_config_get - Get a variable in network configuration
3463  * @ssid: Pointer to network configuration data
3464  * @var: Variable name, e.g., "ssid"
3465  * Returns: Value of the variable or %NULL on failure
3466  *
3467  * This function can be used to get network configuration variables. The
3468  * returned value is a copy of the configuration variable in text format, i.e,.
3469  * the same format that the text-based configuration file and wpa_config_set()
3470  * are using for the value. The caller is responsible for freeing the returned
3471  * value.
3472  */
wpa_config_get(struct wpa_ssid * ssid,const char * var)3473 char * wpa_config_get(struct wpa_ssid *ssid, const char *var)
3474 {
3475 	size_t i;
3476 
3477 	if (ssid == NULL || var == NULL)
3478 		return NULL;
3479 
3480 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
3481 		const struct parse_data *field = &ssid_fields[i];
3482 		if (os_strcmp(var, field->name) == 0) {
3483 			char *ret = field->writer(field, ssid);
3484 
3485 			if (ret && has_newline(ret)) {
3486 				wpa_printf(MSG_ERROR,
3487 					   "Found newline in value for %s; not returning it",
3488 					   var);
3489 				os_free(ret);
3490 				ret = NULL;
3491 			}
3492 
3493 			return ret;
3494 		}
3495 	}
3496 
3497 	return NULL;
3498 }
3499 
3500 
3501 /**
3502  * wpa_config_get_no_key - Get a variable in network configuration (no keys)
3503  * @ssid: Pointer to network configuration data
3504  * @var: Variable name, e.g., "ssid"
3505  * Returns: Value of the variable or %NULL on failure
3506  *
3507  * This function can be used to get network configuration variable like
3508  * wpa_config_get(). The only difference is that this functions does not expose
3509  * key/password material from the configuration. In case a key/password field
3510  * is requested, the returned value is an empty string or %NULL if the variable
3511  * is not set or "*" if the variable is set (regardless of its value). The
3512  * returned value is a copy of the configuration variable in text format, i.e,.
3513  * the same format that the text-based configuration file and wpa_config_set()
3514  * are using for the value. The caller is responsible for freeing the returned
3515  * value.
3516  */
wpa_config_get_no_key(struct wpa_ssid * ssid,const char * var)3517 char * wpa_config_get_no_key(struct wpa_ssid *ssid, const char *var)
3518 {
3519 	size_t i;
3520 
3521 	if (ssid == NULL || var == NULL)
3522 		return NULL;
3523 
3524 	for (i = 0; i < NUM_SSID_FIELDS; i++) {
3525 		const struct parse_data *field = &ssid_fields[i];
3526 		if (os_strcmp(var, field->name) == 0) {
3527 			char *res = field->writer(field, ssid);
3528 			if (field->key_data) {
3529 				if (res && res[0]) {
3530 					wpa_printf(MSG_DEBUG, "Do not allow "
3531 						   "key_data field to be "
3532 						   "exposed");
3533 					str_clear_free(res);
3534 					return os_strdup("*");
3535 				}
3536 
3537 				os_free(res);
3538 				return NULL;
3539 			}
3540 			return res;
3541 		}
3542 	}
3543 
3544 	return NULL;
3545 }
3546 #endif /* NO_CONFIG_WRITE */
3547 
3548 
3549 /**
3550  * wpa_config_update_psk - Update WPA PSK based on passphrase and SSID
3551  * @ssid: Pointer to network configuration data
3552  *
3553  * This function must be called to update WPA PSK when either SSID or the
3554  * passphrase has changed for the network configuration.
3555  */
wpa_config_update_psk(struct wpa_ssid * ssid)3556 void wpa_config_update_psk(struct wpa_ssid *ssid)
3557 {
3558 #ifndef CONFIG_NO_PBKDF2
3559 	if (pbkdf2_sha1(ssid->passphrase, ssid->ssid, ssid->ssid_len, 4096,
3560 			ssid->psk, PMK_LEN) != 0) {
3561 		wpa_printf(MSG_ERROR, "Error in pbkdf2_sha1()");
3562 		return;
3563 	}
3564 	wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
3565 			ssid->psk, PMK_LEN);
3566 	ssid->psk_set = 1;
3567 #endif /* CONFIG_NO_PBKDF2 */
3568 }
3569 
3570 
wpa_config_set_cred_req_conn_capab(struct wpa_cred * cred,const char * value)3571 static int wpa_config_set_cred_req_conn_capab(struct wpa_cred *cred,
3572 					      const char *value)
3573 {
3574 	u8 *proto;
3575 	int **port;
3576 	int *ports, *nports;
3577 	const char *pos;
3578 	unsigned int num_ports;
3579 
3580 	proto = os_realloc_array(cred->req_conn_capab_proto,
3581 				 cred->num_req_conn_capab + 1, sizeof(u8));
3582 	if (proto == NULL)
3583 		return -1;
3584 	cred->req_conn_capab_proto = proto;
3585 
3586 	port = os_realloc_array(cred->req_conn_capab_port,
3587 				cred->num_req_conn_capab + 1, sizeof(int *));
3588 	if (port == NULL)
3589 		return -1;
3590 	cred->req_conn_capab_port = port;
3591 
3592 	proto[cred->num_req_conn_capab] = atoi(value);
3593 
3594 	pos = os_strchr(value, ':');
3595 	if (pos == NULL) {
3596 		port[cred->num_req_conn_capab] = NULL;
3597 		cred->num_req_conn_capab++;
3598 		return 0;
3599 	}
3600 	pos++;
3601 
3602 	ports = NULL;
3603 	num_ports = 0;
3604 
3605 	while (*pos) {
3606 		nports = os_realloc_array(ports, num_ports + 1, sizeof(int));
3607 		if (nports == NULL) {
3608 			os_free(ports);
3609 			return -1;
3610 		}
3611 		ports = nports;
3612 		ports[num_ports++] = atoi(pos);
3613 
3614 		pos = os_strchr(pos, ',');
3615 		if (pos == NULL)
3616 			break;
3617 		pos++;
3618 	}
3619 
3620 	nports = os_realloc_array(ports, num_ports + 1, sizeof(int));
3621 	if (nports == NULL) {
3622 		os_free(ports);
3623 		return -1;
3624 	}
3625 	ports = nports;
3626 	ports[num_ports] = -1;
3627 
3628 	port[cred->num_req_conn_capab] = ports;
3629 	cred->num_req_conn_capab++;
3630 	return 0;
3631 }
3632 
3633 
3634 static int
wpa_config_set_cred_ois(u8 cred_ois[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN],size_t cred_ois_len[MAX_ROAMING_CONS],unsigned int * cred_num_ois,const char * value)3635 wpa_config_set_cred_ois(u8 cred_ois[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN],
3636 			size_t cred_ois_len[MAX_ROAMING_CONS],
3637 			unsigned int *cred_num_ois,
3638 			const char *value)
3639 {
3640 	u8 ois[MAX_ROAMING_CONS][MAX_ROAMING_CONS_OI_LEN];
3641 	size_t ois_len[MAX_ROAMING_CONS];
3642 	unsigned int num_ois = 0;
3643 	const char *pos, *end;
3644 	size_t len;
3645 
3646 	len = os_strlen(value);
3647 	if (len / 2 < 3) {
3648 		wpa_printf(MSG_ERROR,
3649 			   "Invalid organisation identifier (OI) list: %s",
3650 			   value);
3651 		return -1;
3652 	}
3653 
3654 	os_memset(ois, 0, sizeof(ois));
3655 	os_memset(ois_len, 0, sizeof(ois_len));
3656 
3657 	for (pos = value;;) {
3658 		end = os_strchr(pos, ',');
3659 		len = end ? (size_t) (end - pos) : os_strlen(pos);
3660 		if (!end && len == 0)
3661 			break;
3662 		if (len / 2 < 3 || (len & 1) != 0 ||
3663 		    len / 2 > MAX_ROAMING_CONS_OI_LEN ||
3664 		    hexstr2bin(pos,
3665 			       ois[num_ois],
3666 			       len / 2) < 0) {
3667 			wpa_printf(MSG_INFO,
3668 				   "Invalid organisation identifier (OI) entry: %s",
3669 				   pos);
3670 			return -1;
3671 		}
3672 		ois_len[num_ois] = len / 2;
3673 		num_ois++;
3674 
3675 		if (!end)
3676 			break;
3677 
3678 		if (num_ois >= MAX_ROAMING_CONS) {
3679 			wpa_printf(MSG_INFO,
3680 				   "Too many OIs");
3681 			return -1;
3682 		}
3683 
3684 		pos = end + 1;
3685 	}
3686 
3687 	os_memcpy(cred_ois, ois, sizeof(ois));
3688 	os_memcpy(cred_ois_len, ois_len, sizeof(ois_len));
3689 	*cred_num_ois = num_ois;
3690 
3691 	return 0;
3692 }
3693 
3694 
wpa_config_set_cred(struct wpa_cred * cred,const char * var,const char * value,int line)3695 int wpa_config_set_cred(struct wpa_cred *cred, const char *var,
3696 			const char *value, int line)
3697 {
3698 	char *val;
3699 	size_t len;
3700 	int res;
3701 
3702 	if (os_strcmp(var, "temporary") == 0) {
3703 		cred->temporary = atoi(value);
3704 		return 0;
3705 	}
3706 
3707 	if (os_strcmp(var, "priority") == 0) {
3708 		cred->priority = atoi(value);
3709 		return 0;
3710 	}
3711 
3712 	if (os_strcmp(var, "sp_priority") == 0) {
3713 		int prio = atoi(value);
3714 		if (prio < 0 || prio > 255)
3715 			return -1;
3716 		cred->sp_priority = prio;
3717 		return 0;
3718 	}
3719 
3720 	if (os_strcmp(var, "pcsc") == 0) {
3721 		cred->pcsc = atoi(value);
3722 		return 0;
3723 	}
3724 
3725 	if (os_strcmp(var, "eap") == 0) {
3726 		struct eap_method_type method;
3727 		method.method = eap_peer_get_type(value, &method.vendor);
3728 		if (method.vendor == EAP_VENDOR_IETF &&
3729 		    method.method == EAP_TYPE_NONE) {
3730 			wpa_printf(MSG_ERROR, "Line %d: unknown EAP type '%s' "
3731 				   "for a credential", line, value);
3732 			return -1;
3733 		}
3734 		os_free(cred->eap_method);
3735 		cred->eap_method = os_malloc(sizeof(*cred->eap_method));
3736 		if (cred->eap_method == NULL)
3737 			return -1;
3738 		os_memcpy(cred->eap_method, &method, sizeof(method));
3739 		return 0;
3740 	}
3741 
3742 	if (os_strcmp(var, "password") == 0 &&
3743 	    os_strncmp(value, "ext:", 4) == 0) {
3744 		if (has_newline(value))
3745 			return -1;
3746 		str_clear_free(cred->password);
3747 		cred->password = os_strdup(value);
3748 		cred->ext_password = 1;
3749 		return 0;
3750 	}
3751 
3752 	if (os_strcmp(var, "update_identifier") == 0) {
3753 		cred->update_identifier = atoi(value);
3754 		return 0;
3755 	}
3756 
3757 	if (os_strcmp(var, "min_dl_bandwidth_home") == 0) {
3758 		cred->min_dl_bandwidth_home = atoi(value);
3759 		return 0;
3760 	}
3761 
3762 	if (os_strcmp(var, "min_ul_bandwidth_home") == 0) {
3763 		cred->min_ul_bandwidth_home = atoi(value);
3764 		return 0;
3765 	}
3766 
3767 	if (os_strcmp(var, "min_dl_bandwidth_roaming") == 0) {
3768 		cred->min_dl_bandwidth_roaming = atoi(value);
3769 		return 0;
3770 	}
3771 
3772 	if (os_strcmp(var, "min_ul_bandwidth_roaming") == 0) {
3773 		cred->min_ul_bandwidth_roaming = atoi(value);
3774 		return 0;
3775 	}
3776 
3777 	if (os_strcmp(var, "max_bss_load") == 0) {
3778 		cred->max_bss_load = atoi(value);
3779 		return 0;
3780 	}
3781 
3782 	if (os_strcmp(var, "req_conn_capab") == 0)
3783 		return wpa_config_set_cred_req_conn_capab(cred, value);
3784 
3785 	if (os_strcmp(var, "ocsp") == 0) {
3786 		cred->ocsp = atoi(value);
3787 		return 0;
3788 	}
3789 
3790 	if (os_strcmp(var, "sim_num") == 0) {
3791 		cred->sim_num = atoi(value);
3792 		return 0;
3793 	}
3794 
3795 	if (os_strcmp(var, "engine") == 0) {
3796 		cred->engine = atoi(value);
3797 		return 0;
3798 	}
3799 
3800 	val = wpa_config_parse_string(value, &len);
3801 	if (val == NULL ||
3802 	    (os_strcmp(var, "excluded_ssid") != 0 &&
3803 	     os_strcmp(var, "roaming_consortium") != 0 &&
3804 	     os_strcmp(var, "required_roaming_consortium") != 0 &&
3805 	     has_newline(val))) {
3806 		wpa_printf(MSG_ERROR, "Line %d: invalid field '%s' string "
3807 			   "value '%s'.", line, var, value);
3808 		os_free(val);
3809 		return -1;
3810 	}
3811 
3812 	if (os_strcmp(var, "realm") == 0) {
3813 		os_free(cred->realm);
3814 		cred->realm = val;
3815 		return 0;
3816 	}
3817 
3818 	if (os_strcmp(var, "username") == 0) {
3819 		str_clear_free(cred->username);
3820 		cred->username = val;
3821 		return 0;
3822 	}
3823 
3824 	if (os_strcmp(var, "password") == 0) {
3825 		str_clear_free(cred->password);
3826 		cred->password = val;
3827 		cred->ext_password = 0;
3828 		return 0;
3829 	}
3830 
3831 	if (os_strcmp(var, "ca_cert") == 0) {
3832 		os_free(cred->ca_cert);
3833 		cred->ca_cert = val;
3834 		return 0;
3835 	}
3836 
3837 	if (os_strcmp(var, "client_cert") == 0) {
3838 		os_free(cred->client_cert);
3839 		cred->client_cert = val;
3840 		return 0;
3841 	}
3842 
3843 	if (os_strcmp(var, "private_key") == 0) {
3844 		os_free(cred->private_key);
3845 		cred->private_key = val;
3846 		return 0;
3847 	}
3848 
3849 	if (os_strcmp(var, "private_key_passwd") == 0) {
3850 		str_clear_free(cred->private_key_passwd);
3851 		cred->private_key_passwd = val;
3852 		return 0;
3853 	}
3854 
3855 	if (os_strcmp(var, "engine_id") == 0) {
3856 		os_free(cred->engine_id);
3857 		cred->engine_id = val;
3858 		return 0;
3859 	}
3860 
3861 	if (os_strcmp(var, "ca_cert_id") == 0) {
3862 		os_free(cred->ca_cert_id);
3863 		cred->ca_cert_id = val;
3864 		return 0;
3865 	}
3866 
3867 	if (os_strcmp(var, "cert_id") == 0) {
3868 		os_free(cred->cert_id);
3869 		cred->cert_id = val;
3870 		return 0;
3871 	}
3872 
3873 	if (os_strcmp(var, "key_id") == 0) {
3874 		os_free(cred->key_id);
3875 		cred->key_id = val;
3876 		return 0;
3877 	}
3878 
3879 	if (os_strcmp(var, "imsi") == 0) {
3880 		os_free(cred->imsi);
3881 		cred->imsi = val;
3882 		return 0;
3883 	}
3884 
3885 	if (os_strcmp(var, "milenage") == 0) {
3886 		str_clear_free(cred->milenage);
3887 		cred->milenage = val;
3888 		return 0;
3889 	}
3890 
3891 	if (os_strcmp(var, "domain_suffix_match") == 0) {
3892 		os_free(cred->domain_suffix_match);
3893 		cred->domain_suffix_match = val;
3894 		return 0;
3895 	}
3896 
3897 	if (os_strcmp(var, "domain") == 0) {
3898 		char **new_domain;
3899 		new_domain = os_realloc_array(cred->domain,
3900 					      cred->num_domain + 1,
3901 					      sizeof(char *));
3902 		if (new_domain == NULL) {
3903 			os_free(val);
3904 			return -1;
3905 		}
3906 		new_domain[cred->num_domain++] = val;
3907 		cred->domain = new_domain;
3908 		return 0;
3909 	}
3910 
3911 	if (os_strcmp(var, "phase1") == 0) {
3912 		os_free(cred->phase1);
3913 		cred->phase1 = val;
3914 		return 0;
3915 	}
3916 
3917 	if (os_strcmp(var, "phase2") == 0) {
3918 		os_free(cred->phase2);
3919 		cred->phase2 = val;
3920 		return 0;
3921 	}
3922 
3923 	if (os_strcmp(var, "roaming_consortium") == 0) {
3924 		if (len < 3 || len > sizeof(cred->home_ois[0])) {
3925 			wpa_printf(MSG_ERROR, "Line %d: invalid "
3926 				   "roaming_consortium length %d (3..15 "
3927 				   "expected)", line, (int) len);
3928 			os_free(val);
3929 			return -1;
3930 		}
3931 		wpa_printf(MSG_WARNING,
3932 			   "Line %d: option roaming_consortium is deprecated and will be removed in the future",
3933 			   line);
3934 		os_memcpy(cred->home_ois[0], val, len);
3935 		cred->home_ois_len[0] = len;
3936 		cred->num_home_ois = 1;
3937 		os_free(val);
3938 		return 0;
3939 	}
3940 
3941 	if (os_strcmp(var, "required_roaming_consortium") == 0) {
3942 		if (len < 3 || len > sizeof(cred->required_home_ois[0])) {
3943 			wpa_printf(MSG_ERROR, "Line %d: invalid "
3944 				   "required_roaming_consortium length %d "
3945 				   "(3..15 expected)", line, (int) len);
3946 			os_free(val);
3947 			return -1;
3948 		}
3949 		wpa_printf(MSG_WARNING,
3950 			   "Line %d: option required_roaming_consortium is deprecated and will be removed in the future",
3951 			   line);
3952 		os_memcpy(cred->required_home_ois[0], val, len);
3953 		cred->required_home_ois_len[0] = len;
3954 		cred->num_required_home_ois = 1;
3955 		os_free(val);
3956 		return 0;
3957 	}
3958 
3959 	if (os_strcmp(var, "home_ois") == 0) {
3960 		res = wpa_config_set_cred_ois(cred->home_ois,
3961 					      cred->home_ois_len,
3962 					      &cred->num_home_ois,
3963 					      val);
3964 		if (res < 0)
3965 			wpa_printf(MSG_ERROR, "Line %d: invalid home_ois",
3966 				   line);
3967 		os_free(val);
3968 		return res;
3969 	}
3970 
3971 	if (os_strcmp(var, "required_home_ois") == 0) {
3972 		res = wpa_config_set_cred_ois(cred->required_home_ois,
3973 					      cred->required_home_ois_len,
3974 					      &cred->num_required_home_ois,
3975 					      val);
3976 		if (res < 0)
3977 			wpa_printf(MSG_ERROR,
3978 				   "Line %d: invalid required_home_ois", line);
3979 		os_free(val);
3980 		return res;
3981 	}
3982 
3983 	if (os_strcmp(var, "roaming_consortiums") == 0) {
3984 		res = wpa_config_set_cred_ois(cred->roaming_consortiums,
3985 					      cred->roaming_consortiums_len,
3986 					      &cred->num_roaming_consortiums,
3987 					      val);
3988 		if (res < 0)
3989 			wpa_printf(MSG_ERROR,
3990 				   "Line %d: invalid roaming_consortiums",
3991 				   line);
3992 		os_free(val);
3993 		return res;
3994 	}
3995 
3996 	if (os_strcmp(var, "excluded_ssid") == 0) {
3997 		struct excluded_ssid *e;
3998 
3999 		if (len > SSID_MAX_LEN) {
4000 			wpa_printf(MSG_ERROR, "Line %d: invalid "
4001 				   "excluded_ssid length %d", line, (int) len);
4002 			os_free(val);
4003 			return -1;
4004 		}
4005 
4006 		e = os_realloc_array(cred->excluded_ssid,
4007 				     cred->num_excluded_ssid + 1,
4008 				     sizeof(struct excluded_ssid));
4009 		if (e == NULL) {
4010 			os_free(val);
4011 			return -1;
4012 		}
4013 		cred->excluded_ssid = e;
4014 
4015 		e = &cred->excluded_ssid[cred->num_excluded_ssid++];
4016 		os_memcpy(e->ssid, val, len);
4017 		e->ssid_len = len;
4018 
4019 		os_free(val);
4020 
4021 		return 0;
4022 	}
4023 
4024 	if (os_strcmp(var, "roaming_partner") == 0) {
4025 		struct roaming_partner *p;
4026 		char *pos;
4027 
4028 		p = os_realloc_array(cred->roaming_partner,
4029 				     cred->num_roaming_partner + 1,
4030 				     sizeof(struct roaming_partner));
4031 		if (p == NULL) {
4032 			os_free(val);
4033 			return -1;
4034 		}
4035 		cred->roaming_partner = p;
4036 
4037 		p = &cred->roaming_partner[cred->num_roaming_partner];
4038 
4039 		pos = os_strchr(val, ',');
4040 		if (pos == NULL) {
4041 			os_free(val);
4042 			return -1;
4043 		}
4044 		*pos++ = '\0';
4045 		if (pos - val - 1 >= (int) sizeof(p->fqdn)) {
4046 			os_free(val);
4047 			return -1;
4048 		}
4049 		os_memcpy(p->fqdn, val, pos - val);
4050 
4051 		p->exact_match = atoi(pos);
4052 
4053 		pos = os_strchr(pos, ',');
4054 		if (pos == NULL) {
4055 			os_free(val);
4056 			return -1;
4057 		}
4058 		*pos++ = '\0';
4059 
4060 		p->priority = atoi(pos);
4061 
4062 		pos = os_strchr(pos, ',');
4063 		if (pos == NULL) {
4064 			os_free(val);
4065 			return -1;
4066 		}
4067 		*pos++ = '\0';
4068 
4069 		if (os_strlen(pos) >= sizeof(p->country)) {
4070 			os_free(val);
4071 			return -1;
4072 		}
4073 		os_memcpy(p->country, pos, os_strlen(pos) + 1);
4074 
4075 		cred->num_roaming_partner++;
4076 		os_free(val);
4077 
4078 		return 0;
4079 	}
4080 
4081 	if (os_strcmp(var, "provisioning_sp") == 0) {
4082 		os_free(cred->provisioning_sp);
4083 		cred->provisioning_sp = val;
4084 		return 0;
4085 	}
4086 
4087 	if (os_strcmp(var, "imsi_privacy_cert") == 0) {
4088 		os_free(cred->imsi_privacy_cert);
4089 		cred->imsi_privacy_cert = val;
4090 		return 0;
4091 	}
4092 
4093 	if (os_strcmp(var, "imsi_privacy_attr") == 0) {
4094 		os_free(cred->imsi_privacy_attr);
4095 		cred->imsi_privacy_attr = val;
4096 		return 0;
4097 	}
4098 
4099 	if (line) {
4100 		wpa_printf(MSG_ERROR, "Line %d: unknown cred field '%s'.",
4101 			   line, var);
4102 	}
4103 
4104 	os_free(val);
4105 
4106 	return -1;
4107 }
4108 
4109 
alloc_int_str(int val)4110 static char * alloc_int_str(int val)
4111 {
4112 	const unsigned int bufsize = 20;
4113 	char *buf;
4114 	int res;
4115 
4116 	buf = os_malloc(bufsize);
4117 	if (buf == NULL)
4118 		return NULL;
4119 	res = os_snprintf(buf, bufsize, "%d", val);
4120 	if (os_snprintf_error(bufsize, res)) {
4121 		os_free(buf);
4122 		buf = NULL;
4123 	}
4124 	return buf;
4125 }
4126 
4127 
alloc_strdup(const char * str)4128 static char * alloc_strdup(const char *str)
4129 {
4130 	if (str == NULL)
4131 		return NULL;
4132 	return os_strdup(str);
4133 }
4134 
4135 
wpa_config_get_cred_no_key(struct wpa_cred * cred,const char * var)4136 char * wpa_config_get_cred_no_key(struct wpa_cred *cred, const char *var)
4137 {
4138 	if (os_strcmp(var, "temporary") == 0)
4139 		return alloc_int_str(cred->temporary);
4140 
4141 	if (os_strcmp(var, "priority") == 0)
4142 		return alloc_int_str(cred->priority);
4143 
4144 	if (os_strcmp(var, "sp_priority") == 0)
4145 		return alloc_int_str(cred->sp_priority);
4146 
4147 	if (os_strcmp(var, "pcsc") == 0)
4148 		return alloc_int_str(cred->pcsc);
4149 
4150 	if (os_strcmp(var, "eap") == 0) {
4151 		if (!cred->eap_method)
4152 			return NULL;
4153 		return alloc_strdup(eap_get_name(cred->eap_method[0].vendor,
4154 						 cred->eap_method[0].method));
4155 	}
4156 
4157 	if (os_strcmp(var, "update_identifier") == 0)
4158 		return alloc_int_str(cred->update_identifier);
4159 
4160 	if (os_strcmp(var, "min_dl_bandwidth_home") == 0)
4161 		return alloc_int_str(cred->min_dl_bandwidth_home);
4162 
4163 	if (os_strcmp(var, "min_ul_bandwidth_home") == 0)
4164 		return alloc_int_str(cred->min_ul_bandwidth_home);
4165 
4166 	if (os_strcmp(var, "min_dl_bandwidth_roaming") == 0)
4167 		return alloc_int_str(cred->min_dl_bandwidth_roaming);
4168 
4169 	if (os_strcmp(var, "min_ul_bandwidth_roaming") == 0)
4170 		return alloc_int_str(cred->min_ul_bandwidth_roaming);
4171 
4172 	if (os_strcmp(var, "max_bss_load") == 0)
4173 		return alloc_int_str(cred->max_bss_load);
4174 
4175 	if (os_strcmp(var, "req_conn_capab") == 0) {
4176 		unsigned int i;
4177 		char *buf, *end, *pos;
4178 		int ret;
4179 
4180 		if (!cred->num_req_conn_capab)
4181 			return NULL;
4182 
4183 		buf = os_malloc(4000);
4184 		if (buf == NULL)
4185 			return NULL;
4186 		pos = buf;
4187 		end = pos + 4000;
4188 		for (i = 0; i < cred->num_req_conn_capab; i++) {
4189 			int *ports;
4190 
4191 			ret = os_snprintf(pos, end - pos, "%s%u",
4192 					  i > 0 ? "\n" : "",
4193 					  cred->req_conn_capab_proto[i]);
4194 			if (os_snprintf_error(end - pos, ret))
4195 				return buf;
4196 			pos += ret;
4197 
4198 			ports = cred->req_conn_capab_port[i];
4199 			if (ports) {
4200 				int j;
4201 				for (j = 0; ports[j] != -1; j++) {
4202 					ret = os_snprintf(pos, end - pos,
4203 							  "%s%d",
4204 							  j > 0 ? "," : ":",
4205 							  ports[j]);
4206 					if (os_snprintf_error(end - pos, ret))
4207 						return buf;
4208 					pos += ret;
4209 				}
4210 			}
4211 		}
4212 
4213 		return buf;
4214 	}
4215 
4216 	if (os_strcmp(var, "ocsp") == 0)
4217 		return alloc_int_str(cred->ocsp);
4218 
4219 	if (os_strcmp(var, "realm") == 0)
4220 		return alloc_strdup(cred->realm);
4221 
4222 	if (os_strcmp(var, "username") == 0)
4223 		return alloc_strdup(cred->username);
4224 
4225 	if (os_strcmp(var, "password") == 0) {
4226 		if (!cred->password)
4227 			return NULL;
4228 		return alloc_strdup("*");
4229 	}
4230 
4231 	if (os_strcmp(var, "ca_cert") == 0)
4232 		return alloc_strdup(cred->ca_cert);
4233 
4234 	if (os_strcmp(var, "client_cert") == 0)
4235 		return alloc_strdup(cred->client_cert);
4236 
4237 	if (os_strcmp(var, "private_key") == 0)
4238 		return alloc_strdup(cred->private_key);
4239 
4240 	if (os_strcmp(var, "private_key_passwd") == 0) {
4241 		if (!cred->private_key_passwd)
4242 			return NULL;
4243 		return alloc_strdup("*");
4244 	}
4245 
4246 	if (os_strcmp(var, "imsi") == 0)
4247 		return alloc_strdup(cred->imsi);
4248 
4249 	if (os_strcmp(var, "imsi_privacy_cert") == 0)
4250 		return alloc_strdup(cred->imsi_privacy_cert);
4251 
4252 	if (os_strcmp(var, "imsi_privacy_attr") == 0)
4253 		return alloc_strdup(cred->imsi_privacy_attr);
4254 
4255 	if (os_strcmp(var, "milenage") == 0) {
4256 		if (!(cred->milenage))
4257 			return NULL;
4258 		return alloc_strdup("*");
4259 	}
4260 
4261 	if (os_strcmp(var, "domain_suffix_match") == 0)
4262 		return alloc_strdup(cred->domain_suffix_match);
4263 
4264 	if (os_strcmp(var, "domain") == 0) {
4265 		unsigned int i;
4266 		char *buf, *end, *pos;
4267 		int ret;
4268 
4269 		if (!cred->num_domain)
4270 			return NULL;
4271 
4272 		buf = os_malloc(4000);
4273 		if (buf == NULL)
4274 			return NULL;
4275 		pos = buf;
4276 		end = pos + 4000;
4277 
4278 		for (i = 0; i < cred->num_domain; i++) {
4279 			ret = os_snprintf(pos, end - pos, "%s%s",
4280 					  i > 0 ? "\n" : "", cred->domain[i]);
4281 			if (os_snprintf_error(end - pos, ret))
4282 				return buf;
4283 			pos += ret;
4284 		}
4285 
4286 		return buf;
4287 	}
4288 
4289 	if (os_strcmp(var, "phase1") == 0)
4290 		return alloc_strdup(cred->phase1);
4291 
4292 	if (os_strcmp(var, "phase2") == 0)
4293 		return alloc_strdup(cred->phase2);
4294 
4295 	if (os_strcmp(var, "roaming_consortium") == 0) {
4296 		size_t buflen;
4297 		char *buf;
4298 
4299 		if (!cred->num_home_ois || !cred->home_ois_len[0])
4300 			return NULL;
4301 		buflen = cred->home_ois_len[0] * 2 + 1;
4302 		buf = os_malloc(buflen);
4303 		if (buf == NULL)
4304 			return NULL;
4305 		wpa_snprintf_hex(buf, buflen, cred->home_ois[0],
4306 				 cred->home_ois_len[0]);
4307 		return buf;
4308 	}
4309 
4310 	if (os_strcmp(var, "required_roaming_consortium") == 0) {
4311 		size_t buflen;
4312 		char *buf;
4313 
4314 		if (!cred->num_required_home_ois ||
4315 		    !cred->required_home_ois_len[0])
4316 			return NULL;
4317 		buflen = cred->required_home_ois_len[0] * 2 + 1;
4318 		buf = os_malloc(buflen);
4319 		if (buf == NULL)
4320 			return NULL;
4321 		wpa_snprintf_hex(buf, buflen, cred->required_home_ois[0],
4322 				 cred->required_home_ois_len[0]);
4323 		return buf;
4324 	}
4325 
4326 	if (os_strcmp(var, "home_ois") == 0) {
4327 		size_t buflen;
4328 		char *buf, *pos;
4329 		size_t i;
4330 
4331 		if (!cred->num_home_ois)
4332 			return NULL;
4333 		buflen = cred->num_home_ois * MAX_ROAMING_CONS_OI_LEN * 2 + 1;
4334 		buf = os_malloc(buflen);
4335 		if (!buf)
4336 			return NULL;
4337 		pos = buf;
4338 		for (i = 0; i < cred->num_home_ois; i++) {
4339 			if (i > 0)
4340 				*pos++ = ',';
4341 			pos += wpa_snprintf_hex(
4342 				pos, buf + buflen - pos,
4343 				cred->home_ois[i],
4344 				cred->home_ois_len[i]);
4345 		}
4346 		*pos = '\0';
4347 		return buf;
4348 	}
4349 
4350 	if (os_strcmp(var, "required_home_ois") == 0) {
4351 		size_t buflen;
4352 		char *buf, *pos;
4353 		size_t i;
4354 
4355 		if (!cred->num_required_home_ois)
4356 			return NULL;
4357 		buflen = cred->num_required_home_ois *
4358 			MAX_ROAMING_CONS_OI_LEN * 2 + 1;
4359 		buf = os_malloc(buflen);
4360 		if (!buf)
4361 			return NULL;
4362 		pos = buf;
4363 		for (i = 0; i < cred->num_required_home_ois; i++) {
4364 			if (i > 0)
4365 				*pos++ = ',';
4366 			pos += wpa_snprintf_hex(
4367 				pos, buf + buflen - pos,
4368 				cred->required_home_ois[i],
4369 				cred->required_home_ois_len[i]);
4370 		}
4371 		*pos = '\0';
4372 		return buf;
4373 	}
4374 
4375 	if (os_strcmp(var, "roaming_consortiums") == 0) {
4376 		size_t buflen;
4377 		char *buf, *pos;
4378 		size_t i;
4379 
4380 		if (!cred->num_roaming_consortiums)
4381 			return NULL;
4382 		buflen = cred->num_roaming_consortiums *
4383 			MAX_ROAMING_CONS_OI_LEN * 2 + 1;
4384 		buf = os_malloc(buflen);
4385 		if (!buf)
4386 			return NULL;
4387 		pos = buf;
4388 		for (i = 0; i < cred->num_roaming_consortiums; i++) {
4389 			if (i > 0)
4390 				*pos++ = ',';
4391 			pos += wpa_snprintf_hex(
4392 				pos, buf + buflen - pos,
4393 				cred->roaming_consortiums[i],
4394 				cred->roaming_consortiums_len[i]);
4395 		}
4396 		*pos = '\0';
4397 		return buf;
4398 	}
4399 
4400 	if (os_strcmp(var, "excluded_ssid") == 0) {
4401 		unsigned int i;
4402 		char *buf, *end, *pos;
4403 
4404 		if (!cred->num_excluded_ssid)
4405 			return NULL;
4406 
4407 		buf = os_malloc(4000);
4408 		if (buf == NULL)
4409 			return NULL;
4410 		pos = buf;
4411 		end = pos + 4000;
4412 
4413 		for (i = 0; i < cred->num_excluded_ssid; i++) {
4414 			struct excluded_ssid *e;
4415 			int ret;
4416 
4417 			e = &cred->excluded_ssid[i];
4418 			ret = os_snprintf(pos, end - pos, "%s%s",
4419 					  i > 0 ? "\n" : "",
4420 					  wpa_ssid_txt(e->ssid, e->ssid_len));
4421 			if (os_snprintf_error(end - pos, ret))
4422 				return buf;
4423 			pos += ret;
4424 		}
4425 
4426 		return buf;
4427 	}
4428 
4429 	if (os_strcmp(var, "roaming_partner") == 0) {
4430 		unsigned int i;
4431 		char *buf, *end, *pos;
4432 
4433 		if (!cred->num_roaming_partner)
4434 			return NULL;
4435 
4436 		buf = os_malloc(4000);
4437 		if (buf == NULL)
4438 			return NULL;
4439 		pos = buf;
4440 		end = pos + 4000;
4441 
4442 		for (i = 0; i < cred->num_roaming_partner; i++) {
4443 			struct roaming_partner *p;
4444 			int ret;
4445 
4446 			p = &cred->roaming_partner[i];
4447 			ret = os_snprintf(pos, end - pos, "%s%s,%d,%u,%s",
4448 					  i > 0 ? "\n" : "",
4449 					  p->fqdn, p->exact_match, p->priority,
4450 					  p->country);
4451 			if (os_snprintf_error(end - pos, ret))
4452 				return buf;
4453 			pos += ret;
4454 		}
4455 
4456 		return buf;
4457 	}
4458 
4459 	if (os_strcmp(var, "provisioning_sp") == 0)
4460 		return alloc_strdup(cred->provisioning_sp);
4461 
4462 	return NULL;
4463 }
4464 
4465 
wpa_config_get_cred(struct wpa_config * config,int id)4466 struct wpa_cred * wpa_config_get_cred(struct wpa_config *config, int id)
4467 {
4468 	struct wpa_cred *cred;
4469 
4470 	cred = config->cred;
4471 	while (cred) {
4472 		if (id == cred->id)
4473 			break;
4474 		cred = cred->next;
4475 	}
4476 
4477 	return cred;
4478 }
4479 
4480 
wpa_config_add_cred(struct wpa_config * config)4481 struct wpa_cred * wpa_config_add_cred(struct wpa_config *config)
4482 {
4483 	int id;
4484 	struct wpa_cred *cred, *last = NULL;
4485 
4486 	id = -1;
4487 	cred = config->cred;
4488 	while (cred) {
4489 		if (cred->id > id)
4490 			id = cred->id;
4491 		last = cred;
4492 		cred = cred->next;
4493 	}
4494 	id++;
4495 
4496 	cred = os_zalloc(sizeof(*cred));
4497 	if (cred == NULL)
4498 		return NULL;
4499 	cred->id = id;
4500 	cred->sim_num = DEFAULT_USER_SELECTED_SIM;
4501 	if (last)
4502 		last->next = cred;
4503 	else
4504 		config->cred = cred;
4505 
4506 	return cred;
4507 }
4508 
4509 
wpa_config_remove_cred(struct wpa_config * config,int id)4510 int wpa_config_remove_cred(struct wpa_config *config, int id)
4511 {
4512 	struct wpa_cred *cred, *prev = NULL;
4513 
4514 	cred = config->cred;
4515 	while (cred) {
4516 		if (id == cred->id)
4517 			break;
4518 		prev = cred;
4519 		cred = cred->next;
4520 	}
4521 
4522 	if (cred == NULL)
4523 		return -1;
4524 
4525 	if (prev)
4526 		prev->next = cred->next;
4527 	else
4528 		config->cred = cred->next;
4529 
4530 	wpa_config_free_cred(cred);
4531 	return 0;
4532 }
4533 
4534 
4535 #ifndef CONFIG_NO_CONFIG_BLOBS
4536 /**
4537  * wpa_config_get_blob - Get a named configuration blob
4538  * @config: Configuration data from wpa_config_read()
4539  * @name: Name of the blob
4540  * Returns: Pointer to blob data or %NULL if not found
4541  */
wpa_config_get_blob(struct wpa_config * config,const char * name)4542 const struct wpa_config_blob * wpa_config_get_blob(struct wpa_config *config,
4543 						   const char *name)
4544 {
4545 	struct wpa_config_blob *blob = config->blobs;
4546 
4547 	while (blob) {
4548 		if (os_strcmp(blob->name, name) == 0)
4549 			return blob;
4550 		blob = blob->next;
4551 	}
4552 	return NULL;
4553 }
4554 
4555 
4556 /**
4557  * wpa_config_set_blob - Set or add a named configuration blob
4558  * @config: Configuration data from wpa_config_read()
4559  * @blob: New value for the blob
4560  *
4561  * Adds a new configuration blob or replaces the current value of an existing
4562  * blob.
4563  */
wpa_config_set_blob(struct wpa_config * config,struct wpa_config_blob * blob)4564 void wpa_config_set_blob(struct wpa_config *config,
4565 			 struct wpa_config_blob *blob)
4566 {
4567 	wpa_config_remove_blob(config, blob->name);
4568 	blob->next = config->blobs;
4569 	config->blobs = blob;
4570 }
4571 
4572 
4573 /**
4574  * wpa_config_free_blob - Free blob data
4575  * @blob: Pointer to blob to be freed
4576  */
wpa_config_free_blob(struct wpa_config_blob * blob)4577 void wpa_config_free_blob(struct wpa_config_blob *blob)
4578 {
4579 	if (blob) {
4580 		os_free(blob->name);
4581 		bin_clear_free(blob->data, blob->len);
4582 		os_free(blob);
4583 	}
4584 }
4585 
4586 
4587 /**
4588  * wpa_config_remove_blob - Remove a named configuration blob
4589  * @config: Configuration data from wpa_config_read()
4590  * @name: Name of the blob to remove
4591  * Returns: 0 if blob was removed or -1 if blob was not found
4592  */
wpa_config_remove_blob(struct wpa_config * config,const char * name)4593 int wpa_config_remove_blob(struct wpa_config *config, const char *name)
4594 {
4595 	struct wpa_config_blob *pos = config->blobs, *prev = NULL;
4596 
4597 	while (pos) {
4598 		if (os_strcmp(pos->name, name) == 0) {
4599 			if (prev)
4600 				prev->next = pos->next;
4601 			else
4602 				config->blobs = pos->next;
4603 			wpa_config_free_blob(pos);
4604 			return 0;
4605 		}
4606 		prev = pos;
4607 		pos = pos->next;
4608 	}
4609 
4610 	return -1;
4611 }
4612 #endif /* CONFIG_NO_CONFIG_BLOBS */
4613 
4614 
4615 /**
4616  * wpa_config_alloc_empty - Allocate an empty configuration
4617  * @ctrl_interface: Control interface parameters, e.g., path to UNIX domain
4618  * socket
4619  * @driver_param: Driver parameters
4620  * Returns: Pointer to allocated configuration data or %NULL on failure
4621  */
wpa_config_alloc_empty(const char * ctrl_interface,const char * driver_param)4622 struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
4623 					   const char *driver_param)
4624 {
4625 #define ecw2cw(ecw) ((1 << (ecw)) - 1)
4626 
4627 	struct wpa_config *config;
4628 	const int aCWmin = 4, aCWmax = 10;
4629 	const struct hostapd_wmm_ac_params ac_bk =
4630 		{ aCWmin, aCWmax, 7, 0, 0 }; /* background traffic */
4631 	const struct hostapd_wmm_ac_params ac_be =
4632 		{ aCWmin, aCWmax, 3, 0, 0 }; /* best effort traffic */
4633 	const struct hostapd_wmm_ac_params ac_vi = /* video traffic */
4634 		{ aCWmin - 1, aCWmin, 2, 3008 / 32, 0 };
4635 	const struct hostapd_wmm_ac_params ac_vo = /* voice traffic */
4636 		{ aCWmin - 2, aCWmin - 1, 2, 1504 / 32, 0 };
4637 	const struct hostapd_tx_queue_params txq_bk =
4638 		{ 7, ecw2cw(aCWmin), ecw2cw(aCWmax), 0 };
4639 	const struct hostapd_tx_queue_params txq_be =
4640 		{ 3, ecw2cw(aCWmin), 4 * (ecw2cw(aCWmin) + 1) - 1, 0 };
4641 	const struct hostapd_tx_queue_params txq_vi =
4642 		{ 1, (ecw2cw(aCWmin) + 1) / 2 - 1, ecw2cw(aCWmin), 30 };
4643 	const struct hostapd_tx_queue_params txq_vo =
4644 		{ 1, (ecw2cw(aCWmin) + 1) / 4 - 1,
4645 		  (ecw2cw(aCWmin) + 1) / 2 - 1, 15 };
4646 
4647 #undef ecw2cw
4648 
4649 	config = os_zalloc(sizeof(*config));
4650 	if (config == NULL)
4651 		return NULL;
4652 	config->eapol_version = DEFAULT_EAPOL_VERSION;
4653 	config->ap_scan = DEFAULT_AP_SCAN;
4654 	config->user_mpm = DEFAULT_USER_MPM;
4655 	config->max_peer_links = DEFAULT_MAX_PEER_LINKS;
4656 	config->mesh_max_inactivity = DEFAULT_MESH_MAX_INACTIVITY;
4657 	config->mesh_fwding = DEFAULT_MESH_FWDING;
4658 	config->dot11RSNASAERetransPeriod =
4659 		DEFAULT_DOT11_RSNA_SAE_RETRANS_PERIOD;
4660 	config->fast_reauth = DEFAULT_FAST_REAUTH;
4661 	config->p2p_go_intent = DEFAULT_P2P_GO_INTENT;
4662 	config->p2p_intra_bss = DEFAULT_P2P_INTRA_BSS;
4663 	config->p2p_go_freq_change_policy = DEFAULT_P2P_GO_FREQ_MOVE;
4664 	config->p2p_go_max_inactivity = DEFAULT_P2P_GO_MAX_INACTIVITY;
4665 	config->p2p_optimize_listen_chan = DEFAULT_P2P_OPTIMIZE_LISTEN_CHAN;
4666 	config->p2p_go_ctwindow = DEFAULT_P2P_GO_CTWINDOW;
4667 	config->bss_max_count = DEFAULT_BSS_MAX_COUNT;
4668 	config->bss_expiration_age = DEFAULT_BSS_EXPIRATION_AGE;
4669 	config->bss_expiration_scan_count = DEFAULT_BSS_EXPIRATION_SCAN_COUNT;
4670 	config->max_num_sta = DEFAULT_MAX_NUM_STA;
4671 	config->ap_isolate = DEFAULT_AP_ISOLATE;
4672 	config->access_network_type = DEFAULT_ACCESS_NETWORK_TYPE;
4673 	config->scan_cur_freq = DEFAULT_SCAN_CUR_FREQ;
4674 	config->scan_res_valid_for_connect = DEFAULT_SCAN_RES_VALID_FOR_CONNECT;
4675 	config->wmm_ac_params[0] = ac_be;
4676 	config->wmm_ac_params[1] = ac_bk;
4677 	config->wmm_ac_params[2] = ac_vi;
4678 	config->wmm_ac_params[3] = ac_vo;
4679 	config->tx_queue[0] = txq_vo;
4680 	config->tx_queue[1] = txq_vi;
4681 	config->tx_queue[2] = txq_be;
4682 	config->tx_queue[3] = txq_bk;
4683 	config->p2p_search_delay = DEFAULT_P2P_SEARCH_DELAY;
4684 	config->rand_addr_lifetime = DEFAULT_RAND_ADDR_LIFETIME;
4685 	config->key_mgmt_offload = DEFAULT_KEY_MGMT_OFFLOAD;
4686 	config->cert_in_cb = DEFAULT_CERT_IN_CB;
4687 	config->wpa_rsc_relaxation = DEFAULT_WPA_RSC_RELAXATION;
4688 	config->extended_key_id = DEFAULT_EXTENDED_KEY_ID;
4689 
4690 #ifdef CONFIG_MBO
4691 	config->mbo_cell_capa = DEFAULT_MBO_CELL_CAPA;
4692 	config->disassoc_imminent_rssi_threshold =
4693 		DEFAULT_DISASSOC_IMMINENT_RSSI_THRESHOLD;
4694 	config->oce = DEFAULT_OCE_SUPPORT;
4695 #endif /* CONFIG_MBO */
4696 
4697 	if (ctrl_interface)
4698 		config->ctrl_interface = os_strdup(ctrl_interface);
4699 	if (driver_param)
4700 		config->driver_param = os_strdup(driver_param);
4701 	config->gas_rand_addr_lifetime = DEFAULT_RAND_ADDR_LIFETIME;
4702 
4703 #ifdef CONFIG_TESTING_OPTIONS
4704 	config->mld_connect_band_pref = DEFAULT_MLD_CONNECT_BAND_PREF;
4705 #endif /* CONFIG_TESTING_OPTIONS */
4706 
4707 	return config;
4708 }
4709 
4710 
4711 #ifndef CONFIG_NO_STDOUT_DEBUG
4712 /**
4713  * wpa_config_debug_dump_networks - Debug dump of configured networks
4714  * @config: Configuration data from wpa_config_read()
4715  */
wpa_config_debug_dump_networks(struct wpa_config * config)4716 void wpa_config_debug_dump_networks(struct wpa_config *config)
4717 {
4718 	size_t prio;
4719 	struct wpa_ssid *ssid;
4720 
4721 	for (prio = 0; prio < config->num_prio; prio++) {
4722 		ssid = config->pssid[prio];
4723 		wpa_printf(MSG_DEBUG, "Priority group %d",
4724 			   ssid->priority);
4725 		while (ssid) {
4726 			wpa_printf(MSG_DEBUG, "   id=%d ssid='%s'",
4727 				   ssid->id,
4728 				   wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4729 			ssid = ssid->pnext;
4730 		}
4731 	}
4732 }
4733 #endif /* CONFIG_NO_STDOUT_DEBUG */
4734 
4735 
4736 /**
4737  * Structure for global configuration parsing. This data is used to implement a
4738  * generic parser for the global interface configuration. The table of variables
4739  * is defined below in this file (global_fields[]).
4740  */
4741 struct global_parse_data {
4742 	/* Configuration variable name */
4743 	char *name;
4744 
4745 	/* Parser function for this variable. The parser functions return 0 or 1
4746 	 * to indicate success. Value 0 indicates that the parameter value may
4747 	 * have changed while value 1 means that the value did not change.
4748 	 * Error cases (failure to parse the string) are indicated by returning
4749 	 * -1. */
4750 	int (*parser)(const struct global_parse_data *data,
4751 		      struct wpa_config *config, int line, const char *value);
4752 
4753 	/* Getter function to print the variable in text format to buf. */
4754 	int (*get)(const char *name, struct wpa_config *config, long offset,
4755 		   char *buf, size_t buflen, int pretty_print);
4756 
4757 	/* Variable specific parameters for the parser. */
4758 	void *param1, *param2, *param3;
4759 
4760 	/* Indicates which configuration variable has changed. */
4761 	unsigned int changed_flag;
4762 };
4763 
4764 
4765 static int
wpa_global_config_parse_int_impl(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos,bool check_range)4766 wpa_global_config_parse_int_impl(const struct global_parse_data *data,
4767 				 struct wpa_config *config, int line,
4768 				 const char *pos, bool check_range)
4769 {
4770 	int val, *dst;
4771 	char *end;
4772 	bool same;
4773 
4774 	dst = (int *) (((u8 *) config) + (long) data->param1);
4775 	val = strtol(pos, &end, 0);
4776 	if (*end) {
4777 		wpa_printf(MSG_ERROR, "Line %d: invalid number \"%s\"",
4778 			   line, pos);
4779 		return -1;
4780 	}
4781 
4782 	if (check_range && val < (long) data->param2) {
4783 		wpa_printf(MSG_ERROR, "Line %d: too small %s (value=%d "
4784 			   "min_value=%ld)", line, data->name, val,
4785 			   (long) data->param2);
4786 		return -1;
4787 	}
4788 
4789 	if (check_range && val > (long) data->param3) {
4790 		wpa_printf(MSG_ERROR, "Line %d: too large %s (value=%d "
4791 			   "max_value=%ld)", line, data->name, val,
4792 			   (long) data->param3);
4793 		return -1;
4794 	}
4795 
4796 	same = *dst == val;
4797 	*dst = val;
4798 
4799 	wpa_printf(MSG_DEBUG, "%s=%d", data->name, *dst);
4800 
4801 	return same;
4802 }
4803 
4804 
wpa_global_config_parse_int(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4805 static int wpa_global_config_parse_int(const struct global_parse_data *data,
4806 				       struct wpa_config *config, int line,
4807 				       const char *pos)
4808 {
4809 	return wpa_global_config_parse_int_impl(data, config, line, pos, false);
4810 }
4811 
4812 
4813 static int
wpa_global_config_parse_int_range(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4814 wpa_global_config_parse_int_range(const struct global_parse_data *data,
4815 				  struct wpa_config *config, int line,
4816 				  const char *pos)
4817 {
4818 	return wpa_global_config_parse_int_impl(data, config, line, pos, true);
4819 }
4820 
4821 
wpa_global_config_parse_str(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4822 static int wpa_global_config_parse_str(const struct global_parse_data *data,
4823 				       struct wpa_config *config, int line,
4824 				       const char *pos)
4825 {
4826 	size_t len, prev_len;
4827 	char **dst, *tmp;
4828 
4829 	len = os_strlen(pos);
4830 	if (data->param2 && len < (size_t) data->param2) {
4831 		wpa_printf(MSG_ERROR, "Line %d: too short %s (len=%lu "
4832 			   "min_len=%ld)", line, data->name,
4833 			   (unsigned long) len, (long) data->param2);
4834 		return -1;
4835 	}
4836 
4837 	if (data->param3 && len > (size_t) data->param3) {
4838 		wpa_printf(MSG_ERROR, "Line %d: too long %s (len=%lu "
4839 			   "max_len=%ld)", line, data->name,
4840 			   (unsigned long) len, (long) data->param3);
4841 		return -1;
4842 	}
4843 
4844 	if (has_newline(pos)) {
4845 		wpa_printf(MSG_ERROR, "Line %d: invalid %s value with newline",
4846 			   line, data->name);
4847 		return -1;
4848 	}
4849 
4850 	dst = (char **) (((u8 *) config) + (long) data->param1);
4851 	if (*dst)
4852 		prev_len = os_strlen(*dst);
4853 	else
4854 		prev_len = 0;
4855 
4856 	/* No change to the previously configured value */
4857 	if (*dst && prev_len == len && os_memcmp(*dst, pos, len) == 0)
4858 		return 1;
4859 
4860 	tmp = os_strdup(pos);
4861 	if (tmp == NULL)
4862 		return -1;
4863 
4864 	os_free(*dst);
4865 	*dst = tmp;
4866 	wpa_printf(MSG_DEBUG, "%s='%s'", data->name, *dst);
4867 
4868 	return 0;
4869 }
4870 
4871 
wpa_config_process_bgscan(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4872 static int wpa_config_process_bgscan(const struct global_parse_data *data,
4873 				     struct wpa_config *config, int line,
4874 				     const char *pos)
4875 {
4876 	size_t len;
4877 	char *tmp;
4878 	int res;
4879 
4880 	tmp = wpa_config_parse_string(pos, &len);
4881 	if (tmp == NULL) {
4882 		wpa_printf(MSG_ERROR, "Line %d: failed to parse %s",
4883 			   line, data->name);
4884 		return -1;
4885 	}
4886 
4887 	res = wpa_global_config_parse_str(data, config, line, tmp);
4888 	os_free(tmp);
4889 	return res;
4890 }
4891 
4892 
wpa_global_config_parse_bin(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4893 static int wpa_global_config_parse_bin(const struct global_parse_data *data,
4894 				       struct wpa_config *config, int line,
4895 				       const char *pos)
4896 {
4897 	struct wpabuf **dst, *tmp;
4898 
4899 	tmp = wpabuf_parse_bin(pos);
4900 	if (!tmp)
4901 		return -1;
4902 
4903 	dst = (struct wpabuf **) (((u8 *) config) + (long) data->param1);
4904 	if (wpabuf_cmp(*dst, tmp) == 0) {
4905 		wpabuf_free(tmp);
4906 		return 1;
4907 	}
4908 	wpabuf_free(*dst);
4909 	*dst = tmp;
4910 	wpa_printf(MSG_DEBUG, "%s", data->name);
4911 
4912 	return 0;
4913 }
4914 
4915 
wpa_config_process_freq_list(const struct global_parse_data * data,struct wpa_config * config,int line,const char * value)4916 static int wpa_config_process_freq_list(const struct global_parse_data *data,
4917 					struct wpa_config *config, int line,
4918 					const char *value)
4919 {
4920 	int *freqs;
4921 
4922 	freqs = wpa_config_parse_int_array(value);
4923 	if (freqs == NULL)
4924 		return -1;
4925 	if (freqs[0] == 0) {
4926 		os_free(freqs);
4927 		freqs = NULL;
4928 	}
4929 	os_free(config->freq_list);
4930 	config->freq_list = freqs;
4931 	return 0;
4932 }
4933 
4934 
4935 static int
wpa_config_process_initial_freq_list(const struct global_parse_data * data,struct wpa_config * config,int line,const char * value)4936 wpa_config_process_initial_freq_list(const struct global_parse_data *data,
4937 				     struct wpa_config *config, int line,
4938 				     const char *value)
4939 {
4940 	int *freqs;
4941 
4942 	freqs = wpa_config_parse_int_array(value);
4943 	if (!freqs)
4944 		return -1;
4945 	if (freqs[0] == 0) {
4946 		os_free(freqs);
4947 		freqs = NULL;
4948 	}
4949 	os_free(config->initial_freq_list);
4950 	config->initial_freq_list = freqs;
4951 	return 0;
4952 }
4953 
4954 
4955 #ifdef CONFIG_P2P
wpa_global_config_parse_ipv4(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4956 static int wpa_global_config_parse_ipv4(const struct global_parse_data *data,
4957 					struct wpa_config *config, int line,
4958 					const char *pos)
4959 {
4960 	u32 *dst;
4961 	struct hostapd_ip_addr addr;
4962 
4963 	if (hostapd_parse_ip_addr(pos, &addr) < 0)
4964 		return -1;
4965 	if (addr.af != AF_INET)
4966 		return -1;
4967 
4968 	dst = (u32 *) (((u8 *) config) + (long) data->param1);
4969 	if (os_memcmp(dst, &addr.u.v4.s_addr, 4) == 0)
4970 		return 1;
4971 	os_memcpy(dst, &addr.u.v4.s_addr, 4);
4972 	wpa_printf(MSG_DEBUG, "%s = 0x%x", data->name,
4973 		   WPA_GET_BE32((u8 *) dst));
4974 
4975 	return 0;
4976 }
4977 #endif /* CONFIG_P2P */
4978 
4979 
wpa_config_process_country(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)4980 static int wpa_config_process_country(const struct global_parse_data *data,
4981 				      struct wpa_config *config, int line,
4982 				      const char *pos)
4983 {
4984 	if (!pos[0] || !pos[1]) {
4985 		wpa_printf(MSG_DEBUG, "Invalid country set");
4986 		return -1;
4987 	}
4988 	if (pos[0] == config->country[0] && pos[1] == config->country[1])
4989 		return 1;
4990 	config->country[0] = pos[0];
4991 	config->country[1] = pos[1];
4992 	wpa_printf(MSG_DEBUG, "country='%c%c'",
4993 		   config->country[0], config->country[1]);
4994 	return 0;
4995 }
4996 
4997 
4998 #ifndef CONFIG_NO_LOAD_DYNAMIC_EAP
wpa_config_process_load_dynamic_eap(const struct global_parse_data * data,struct wpa_config * config,int line,const char * so)4999 static int wpa_config_process_load_dynamic_eap(
5000 	const struct global_parse_data *data, struct wpa_config *config,
5001 	int line, const char *so)
5002 {
5003 	int ret;
5004 	wpa_printf(MSG_DEBUG, "load_dynamic_eap=%s", so);
5005 	ret = eap_peer_method_load(so);
5006 	if (ret == -2) {
5007 		wpa_printf(MSG_DEBUG, "This EAP type was already loaded - not "
5008 			   "reloading.");
5009 	} else if (ret) {
5010 		wpa_printf(MSG_ERROR, "Line %d: Failed to load dynamic EAP "
5011 			   "method '%s'.", line, so);
5012 		return -1;
5013 	}
5014 
5015 	return 0;
5016 }
5017 #endif /* CONFIG_NO_LOAD_DYNAMIC_EAP */
5018 
5019 
5020 #ifdef CONFIG_WPS
5021 
wpa_config_process_uuid(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5022 static int wpa_config_process_uuid(const struct global_parse_data *data,
5023 				   struct wpa_config *config, int line,
5024 				   const char *pos)
5025 {
5026 	char buf[40];
5027 	if (uuid_str2bin(pos, config->uuid)) {
5028 		wpa_printf(MSG_ERROR, "Line %d: invalid UUID", line);
5029 		return -1;
5030 	}
5031 	uuid_bin2str(config->uuid, buf, sizeof(buf));
5032 	wpa_printf(MSG_DEBUG, "uuid=%s", buf);
5033 	return 0;
5034 }
5035 
5036 
wpa_config_process_device_type(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5037 static int wpa_config_process_device_type(
5038 	const struct global_parse_data *data,
5039 	struct wpa_config *config, int line, const char *pos)
5040 {
5041 	return wps_dev_type_str2bin(pos, config->device_type);
5042 }
5043 
5044 
wpa_config_process_os_version(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5045 static int wpa_config_process_os_version(const struct global_parse_data *data,
5046 					 struct wpa_config *config, int line,
5047 					 const char *pos)
5048 {
5049 	if (hexstr2bin(pos, config->os_version, 4)) {
5050 		wpa_printf(MSG_ERROR, "Line %d: invalid os_version", line);
5051 		return -1;
5052 	}
5053 	wpa_printf(MSG_DEBUG, "os_version=%08x",
5054 		   WPA_GET_BE32(config->os_version));
5055 	return 0;
5056 }
5057 
5058 
wpa_config_process_wps_vendor_ext_m1(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5059 static int wpa_config_process_wps_vendor_ext_m1(
5060 	const struct global_parse_data *data,
5061 	struct wpa_config *config, int line, const char *pos)
5062 {
5063 	struct wpabuf *tmp;
5064 	int len = os_strlen(pos) / 2;
5065 	u8 *p;
5066 
5067 	if (!len) {
5068 		wpa_printf(MSG_ERROR, "Line %d: "
5069 			   "invalid wps_vendor_ext_m1", line);
5070 		return -1;
5071 	}
5072 
5073 	tmp = wpabuf_alloc(len);
5074 	if (tmp) {
5075 		p = wpabuf_put(tmp, len);
5076 
5077 		if (hexstr2bin(pos, p, len)) {
5078 			wpa_printf(MSG_ERROR, "Line %d: "
5079 				   "invalid wps_vendor_ext_m1", line);
5080 			wpabuf_free(tmp);
5081 			return -1;
5082 		}
5083 
5084 		wpabuf_free(config->wps_vendor_ext_m1);
5085 		config->wps_vendor_ext_m1 = tmp;
5086 	} else {
5087 		wpa_printf(MSG_ERROR, "Can not allocate "
5088 			   "memory for wps_vendor_ext_m1");
5089 		return -1;
5090 	}
5091 
5092 	return 0;
5093 }
5094 
5095 #endif /* CONFIG_WPS */
5096 
5097 #ifdef CONFIG_P2P
wpa_config_process_sec_device_type(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5098 static int wpa_config_process_sec_device_type(
5099 	const struct global_parse_data *data,
5100 	struct wpa_config *config, int line, const char *pos)
5101 {
5102 	int idx;
5103 
5104 	if (config->num_sec_device_types >= MAX_SEC_DEVICE_TYPES) {
5105 		wpa_printf(MSG_ERROR, "Line %d: too many sec_device_type "
5106 			   "items", line);
5107 		return -1;
5108 	}
5109 
5110 	idx = config->num_sec_device_types;
5111 
5112 	if (wps_dev_type_str2bin(pos, config->sec_device_type[idx]))
5113 		return -1;
5114 
5115 	config->num_sec_device_types++;
5116 	return 0;
5117 }
5118 
5119 
wpa_config_process_p2p_pref_chan(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5120 static int wpa_config_process_p2p_pref_chan(
5121 	const struct global_parse_data *data,
5122 	struct wpa_config *config, int line, const char *pos)
5123 {
5124 	struct p2p_channel *pref = NULL, *n;
5125 	size_t num = 0;
5126 	const char *pos2;
5127 	u8 op_class, chan;
5128 
5129 	/* format: class:chan,class:chan,... */
5130 
5131 	while (*pos) {
5132 		op_class = atoi(pos);
5133 		pos2 = os_strchr(pos, ':');
5134 		if (pos2 == NULL)
5135 			goto fail;
5136 		pos2++;
5137 		chan = atoi(pos2);
5138 
5139 		n = os_realloc_array(pref, num + 1,
5140 				     sizeof(struct p2p_channel));
5141 		if (n == NULL)
5142 			goto fail;
5143 		pref = n;
5144 		pref[num].op_class = op_class;
5145 		pref[num].chan = chan;
5146 		num++;
5147 
5148 		pos = os_strchr(pos2, ',');
5149 		if (pos == NULL)
5150 			break;
5151 		pos++;
5152 	}
5153 
5154 	os_free(config->p2p_pref_chan);
5155 	config->p2p_pref_chan = pref;
5156 	config->num_p2p_pref_chan = num;
5157 	wpa_hexdump(MSG_DEBUG, "P2P: Preferred class/channel pairs",
5158 		    (u8 *) config->p2p_pref_chan,
5159 		    config->num_p2p_pref_chan * sizeof(struct p2p_channel));
5160 
5161 	return 0;
5162 
5163 fail:
5164 	os_free(pref);
5165 	wpa_printf(MSG_ERROR, "Line %d: Invalid p2p_pref_chan list", line);
5166 	return -1;
5167 }
5168 
5169 
wpa_config_process_p2p_no_go_freq(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5170 static int wpa_config_process_p2p_no_go_freq(
5171 	const struct global_parse_data *data,
5172 	struct wpa_config *config, int line, const char *pos)
5173 {
5174 	int ret;
5175 
5176 	ret = freq_range_list_parse(&config->p2p_no_go_freq, pos);
5177 	if (ret < 0) {
5178 		wpa_printf(MSG_ERROR, "Line %d: Invalid p2p_no_go_freq", line);
5179 		return -1;
5180 	}
5181 
5182 	wpa_printf(MSG_DEBUG, "P2P: p2p_no_go_freq with %u items",
5183 		   config->p2p_no_go_freq.num);
5184 
5185 	return 0;
5186 }
5187 
5188 
wpa_config_process_p2p_device_persistent_mac_addr(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5189 static int wpa_config_process_p2p_device_persistent_mac_addr(
5190 	const struct global_parse_data *data,
5191 	struct wpa_config *config, int line, const char *pos)
5192 {
5193 	if (hwaddr_aton2(pos, config->p2p_device_persistent_mac_addr) < 0) {
5194 		wpa_printf(MSG_ERROR,
5195 			   "Line %d: Invalid p2p_device_persistent_mac_addr '%s'",
5196 			   line, pos);
5197 		return -1;
5198 	}
5199 
5200 	return 0;
5201 }
5202 
5203 #endif /* CONFIG_P2P */
5204 
5205 
wpa_config_process_hessid(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5206 static int wpa_config_process_hessid(
5207 	const struct global_parse_data *data,
5208 	struct wpa_config *config, int line, const char *pos)
5209 {
5210 	if (hwaddr_aton2(pos, config->hessid) < 0) {
5211 		wpa_printf(MSG_ERROR, "Line %d: Invalid hessid '%s'",
5212 			   line, pos);
5213 		return -1;
5214 	}
5215 
5216 	return 0;
5217 }
5218 
5219 
wpa_config_process_sae_groups(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5220 static int wpa_config_process_sae_groups(
5221 	const struct global_parse_data *data,
5222 	struct wpa_config *config, int line, const char *pos)
5223 {
5224 	int *groups = wpa_config_parse_int_array(pos);
5225 	if (groups == NULL) {
5226 		wpa_printf(MSG_ERROR, "Line %d: Invalid sae_groups '%s'",
5227 			   line, pos);
5228 		return -1;
5229 	}
5230 
5231 	os_free(config->sae_groups);
5232 	config->sae_groups = groups;
5233 
5234 	return 0;
5235 }
5236 
5237 
wpa_config_process_ap_vendor_elements(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5238 static int wpa_config_process_ap_vendor_elements(
5239 	const struct global_parse_data *data,
5240 	struct wpa_config *config, int line, const char *pos)
5241 {
5242 	struct wpabuf *tmp;
5243 
5244 	if (!*pos) {
5245 		wpabuf_free(config->ap_vendor_elements);
5246 		config->ap_vendor_elements = NULL;
5247 		return 0;
5248 	}
5249 
5250 	tmp = wpabuf_parse_bin(pos);
5251 	if (!tmp) {
5252 		wpa_printf(MSG_ERROR, "Line %d: invalid ap_vendor_elements",
5253 			   line);
5254 		return -1;
5255 	}
5256 	wpabuf_free(config->ap_vendor_elements);
5257 	config->ap_vendor_elements = tmp;
5258 
5259 	return 0;
5260 }
5261 
5262 
wpa_config_process_ap_assocresp_elements(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5263 static int wpa_config_process_ap_assocresp_elements(
5264 	const struct global_parse_data *data,
5265 	struct wpa_config *config, int line, const char *pos)
5266 {
5267 	struct wpabuf *tmp;
5268 
5269 	if (!*pos) {
5270 		wpabuf_free(config->ap_assocresp_elements);
5271 		config->ap_assocresp_elements = NULL;
5272 		return 0;
5273 	}
5274 
5275 	tmp = wpabuf_parse_bin(pos);
5276 	if (!tmp) {
5277 		wpa_printf(MSG_ERROR, "Line %d: invalid ap_assocresp_elements",
5278 			   line);
5279 		return -1;
5280 	}
5281 	wpabuf_free(config->ap_assocresp_elements);
5282 	config->ap_assocresp_elements = tmp;
5283 
5284 	return 0;
5285 }
5286 
5287 
5288 #ifdef CONFIG_CTRL_IFACE
wpa_config_process_no_ctrl_interface(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5289 static int wpa_config_process_no_ctrl_interface(
5290 	const struct global_parse_data *data,
5291 	struct wpa_config *config, int line, const char *pos)
5292 {
5293 	wpa_printf(MSG_DEBUG, "no_ctrl_interface -> ctrl_interface=NULL");
5294 	os_free(config->ctrl_interface);
5295 	config->ctrl_interface = NULL;
5296 	return 0;
5297 }
5298 #endif /* CONFIG_CTRL_IFACE */
5299 
5300 
wpa_config_get_int(const char * name,struct wpa_config * config,long offset,char * buf,size_t buflen,int pretty_print)5301 static int wpa_config_get_int(const char *name, struct wpa_config *config,
5302 			      long offset, char *buf, size_t buflen,
5303 			      int pretty_print)
5304 {
5305 	int *val = (int *) (((u8 *) config) + (long) offset);
5306 
5307 	if (pretty_print)
5308 		return os_snprintf(buf, buflen, "%s=%d\n", name, *val);
5309 	return os_snprintf(buf, buflen, "%d", *val);
5310 }
5311 
5312 
wpa_config_get_str(const char * name,struct wpa_config * config,long offset,char * buf,size_t buflen,int pretty_print)5313 static int wpa_config_get_str(const char *name, struct wpa_config *config,
5314 			      long offset, char *buf, size_t buflen,
5315 			      int pretty_print)
5316 {
5317 	char **val = (char **) (((u8 *) config) + (long) offset);
5318 	int res;
5319 
5320 	if (pretty_print)
5321 		res = os_snprintf(buf, buflen, "%s=%s\n", name,
5322 				  *val ? *val : "null");
5323 	else if (!*val)
5324 		return -1;
5325 	else
5326 		res = os_snprintf(buf, buflen, "%s", *val);
5327 	if (os_snprintf_error(buflen, res))
5328 		res = -1;
5329 
5330 	return res;
5331 }
5332 
5333 
5334 #ifdef CONFIG_P2P
wpa_config_get_ipv4(const char * name,struct wpa_config * config,long offset,char * buf,size_t buflen,int pretty_print)5335 static int wpa_config_get_ipv4(const char *name, struct wpa_config *config,
5336 			       long offset, char *buf, size_t buflen,
5337 			       int pretty_print)
5338 {
5339 	void *val = ((u8 *) config) + (long) offset;
5340 	int res;
5341 	char addr[INET_ADDRSTRLEN];
5342 
5343 	if (!val || !inet_ntop(AF_INET, val, addr, sizeof(addr)))
5344 		return -1;
5345 
5346 	if (pretty_print)
5347 		res = os_snprintf(buf, buflen, "%s=%s\n", name, addr);
5348 	else
5349 		res = os_snprintf(buf, buflen, "%s", addr);
5350 
5351 	if (os_snprintf_error(buflen, res))
5352 		res = -1;
5353 
5354 	return res;
5355 }
5356 #endif /* CONFIG_P2P */
5357 
5358 
5359 #ifdef CONFIG_TESTING_OPTIONS
wpa_config_process_mld_connect_bssid_pref(const struct global_parse_data * data,struct wpa_config * config,int line,const char * pos)5360 static int wpa_config_process_mld_connect_bssid_pref(
5361 	const struct global_parse_data *data,
5362 	struct wpa_config *config, int line, const char *pos)
5363 {
5364 	if (hwaddr_aton2(pos, config->mld_connect_bssid_pref) < 0) {
5365 		wpa_printf(MSG_ERROR,
5366 			   "Line %d: Invalid mld_connect_bssid_pref '%s'",
5367 			   line, pos);
5368 		return -1;
5369 	}
5370 
5371 	return 0;
5372 }
5373 #endif /* CONFIG_TESTING_OPTIONS */
5374 
5375 
5376 #ifdef OFFSET
5377 #undef OFFSET
5378 #endif /* OFFSET */
5379 /* OFFSET: Get offset of a variable within the wpa_config structure */
5380 #define OFFSET(v) ((void *) &((struct wpa_config *) 0)->v)
5381 
5382 #define FUNC(f) #f, wpa_config_process_ ## f, NULL, OFFSET(f), NULL, NULL
5383 #define FUNC_NO_VAR(f) #f, wpa_config_process_ ## f, NULL, NULL, NULL, NULL
5384 #define _INT(f) #f, wpa_global_config_parse_int, wpa_config_get_int, OFFSET(f)
5385 #define INT(f) _INT(f), NULL, NULL
5386 #define INT_RANGE(f, min, max) #f, wpa_global_config_parse_int_range, \
5387 	wpa_config_get_int, OFFSET(f), (void *) min, (void *) max
5388 #define _STR(f) #f, wpa_global_config_parse_str, wpa_config_get_str, OFFSET(f)
5389 #define STR(f) _STR(f), NULL, NULL
5390 #define STR_RANGE(f, min, max) _STR(f), (void *) min, (void *) max
5391 #define BIN(f) #f, wpa_global_config_parse_bin, NULL, OFFSET(f), NULL, NULL
5392 #define IPV4(f) #f, wpa_global_config_parse_ipv4, wpa_config_get_ipv4,  \
5393 	OFFSET(f), NULL, NULL
5394 
5395 static const struct global_parse_data global_fields[] = {
5396 #ifdef CONFIG_CTRL_IFACE
5397 	{ STR(ctrl_interface), 0 },
5398 	{ FUNC_NO_VAR(no_ctrl_interface), 0 },
5399 	{ STR(ctrl_interface_group), 0 } /* deprecated */,
5400 #endif /* CONFIG_CTRL_IFACE */
5401 #ifdef CONFIG_MACSEC
5402 	{ INT_RANGE(eapol_version, 1, 3), 0 },
5403 #else /* CONFIG_MACSEC */
5404 	{ INT_RANGE(eapol_version, 1, 2), 0 },
5405 #endif /* CONFIG_MACSEC */
5406 	{ INT(ap_scan), 0 },
5407 	{ FUNC(bgscan), CFG_CHANGED_BGSCAN },
5408 #ifdef CONFIG_MESH
5409 	{ INT(user_mpm), 0 },
5410 	{ INT_RANGE(max_peer_links, 0, 255), 0 },
5411 	{ INT(mesh_max_inactivity), 0 },
5412 	{ INT_RANGE(mesh_fwding, 0, 1), 0 },
5413 	{ INT(dot11RSNASAERetransPeriod), 0 },
5414 #endif /* CONFIG_MESH */
5415 	{ INT(disable_scan_offload), 0 },
5416 	{ INT(fast_reauth), 0 },
5417 #ifndef CONFIG_OPENSC_ENGINE_PATH
5418 	{ STR(opensc_engine_path), 0 },
5419 #endif /* CONFIG_OPENSC_ENGINE_PATH */
5420 #ifndef CONFIG_PKCS11_ENGINE_PATH
5421 	{ STR(pkcs11_engine_path), 0 },
5422 #endif /* CONFIG_PKCS11_ENGINE_PATH */
5423 #ifndef CONFIG_PKCS11_MODULE_PATH
5424 	{ STR(pkcs11_module_path), 0 },
5425 #endif /* CONFIG_PKCS11_MODULE_PATH */
5426 	{ STR(openssl_ciphers), 0 },
5427 	{ STR(pcsc_reader), 0 },
5428 	{ STR(pcsc_pin), 0 },
5429 	{ INT(external_sim), 0 },
5430 	{ STR(driver_param), 0 },
5431 	{ INT(dot11RSNAConfigPMKLifetime), 0 },
5432 	{ INT(dot11RSNAConfigPMKReauthThreshold), 0 },
5433 	{ INT(dot11RSNAConfigSATimeout), 0 },
5434 #ifndef CONFIG_NO_CONFIG_WRITE
5435 	{ INT(update_config), 0 },
5436 #endif /* CONFIG_NO_CONFIG_WRITE */
5437 #ifndef CONFIG_NO_LOAD_DYNAMIC_EAP
5438 	{ FUNC_NO_VAR(load_dynamic_eap), 0 },
5439 #endif /* CONFIG_NO_LOAD_DYNAMIC_EAP */
5440 #ifdef CONFIG_WPS
5441 	{ FUNC(uuid), CFG_CHANGED_UUID },
5442 	{ INT_RANGE(auto_uuid, 0, 1), 0 },
5443 	{ STR_RANGE(device_name, 0, WPS_DEV_NAME_MAX_LEN),
5444 	  CFG_CHANGED_DEVICE_NAME },
5445 	{ STR_RANGE(manufacturer, 0, 64), CFG_CHANGED_WPS_STRING },
5446 	{ STR_RANGE(model_name, 0, 32), CFG_CHANGED_WPS_STRING },
5447 	{ STR_RANGE(model_number, 0, 32), CFG_CHANGED_WPS_STRING },
5448 	{ STR_RANGE(serial_number, 0, 32), CFG_CHANGED_WPS_STRING },
5449 	{ FUNC(device_type), CFG_CHANGED_DEVICE_TYPE },
5450 	{ FUNC(os_version), CFG_CHANGED_OS_VERSION },
5451 	{ STR(config_methods), CFG_CHANGED_CONFIG_METHODS },
5452 	{ INT_RANGE(wps_cred_processing, 0, 2), 0 },
5453 	{ INT_RANGE(wps_cred_add_sae, 0, 1), 0 },
5454 	{ FUNC(wps_vendor_ext_m1), CFG_CHANGED_VENDOR_EXTENSION },
5455 #endif /* CONFIG_WPS */
5456 #ifdef CONFIG_P2P
5457 	{ FUNC(sec_device_type), CFG_CHANGED_SEC_DEVICE_TYPE },
5458 	{ INT(p2p_listen_reg_class), CFG_CHANGED_P2P_LISTEN_CHANNEL },
5459 	{ INT(p2p_listen_channel), CFG_CHANGED_P2P_LISTEN_CHANNEL },
5460 	{ INT(p2p_oper_reg_class), CFG_CHANGED_P2P_OPER_CHANNEL },
5461 	{ INT(p2p_oper_channel), CFG_CHANGED_P2P_OPER_CHANNEL },
5462 	{ INT_RANGE(p2p_go_intent, 0, 15), 0 },
5463 	{ STR(p2p_ssid_postfix), CFG_CHANGED_P2P_SSID_POSTFIX },
5464 	{ INT_RANGE(persistent_reconnect, 0, 1), 0 },
5465 	{ INT_RANGE(p2p_intra_bss, 0, 1), CFG_CHANGED_P2P_INTRA_BSS },
5466 	{ INT(p2p_group_idle), 0 },
5467 	{ INT_RANGE(p2p_go_freq_change_policy, 0, P2P_GO_FREQ_MOVE_MAX), 0 },
5468 	{ INT_RANGE(p2p_passphrase_len, 8, 63),
5469 	  CFG_CHANGED_P2P_PASSPHRASE_LEN },
5470 	{ FUNC(p2p_pref_chan), CFG_CHANGED_P2P_PREF_CHAN },
5471 	{ FUNC(p2p_no_go_freq), CFG_CHANGED_P2P_PREF_CHAN },
5472 	{ INT_RANGE(p2p_add_cli_chan, 0, 1), 0 },
5473 	{ INT_RANGE(p2p_optimize_listen_chan, 0, 1), 0 },
5474 	{ INT(p2p_go_ht40), 0 },
5475 	{ INT(p2p_go_vht), 0 },
5476 	{ INT(p2p_go_he), 0 },
5477 	{ INT(p2p_go_edmg), 0 },
5478 	{ INT(p2p_disabled), 0 },
5479 	{ INT_RANGE(p2p_go_ctwindow, 0, 127), 0 },
5480 	{ INT(p2p_no_group_iface), 0 },
5481 	{ INT_RANGE(p2p_ignore_shared_freq, 0, 1), 0 },
5482 	{ IPV4(ip_addr_go), 0 },
5483 	{ IPV4(ip_addr_mask), 0 },
5484 	{ IPV4(ip_addr_start), 0 },
5485 	{ IPV4(ip_addr_end), 0 },
5486 	{ INT_RANGE(p2p_cli_probe, 0, 1), 0 },
5487 	{ INT(p2p_device_random_mac_addr), 0 },
5488 	{ FUNC(p2p_device_persistent_mac_addr), 0 },
5489 	{ INT(p2p_interface_random_mac_addr), 0 },
5490 	{ INT(p2p_6ghz_disable), 0 },
5491 #endif /* CONFIG_P2P */
5492 	{ FUNC(country), CFG_CHANGED_COUNTRY },
5493 	{ INT(bss_max_count), 0 },
5494 	{ INT(bss_expiration_age), 0 },
5495 	{ INT(bss_expiration_scan_count), 0 },
5496 	{ INT_RANGE(filter_ssids, 0, 1), 0 },
5497 	{ INT_RANGE(filter_rssi, -100, 0), 0 },
5498 	{ INT(max_num_sta), 0 },
5499 	{ INT_RANGE(ap_isolate, 0, 1), 0 },
5500 	{ INT_RANGE(disassoc_low_ack, 0, 1), 0 },
5501 #ifdef CONFIG_HS20
5502 	{ INT_RANGE(hs20, 0, 1), 0 },
5503 #endif /* CONFIG_HS20 */
5504 	{ INT_RANGE(interworking, 0, 1), 0 },
5505 	{ FUNC(hessid), 0 },
5506 	{ INT_RANGE(access_network_type, 0, 15), 0 },
5507 	{ INT_RANGE(go_interworking, 0, 1), 0 },
5508 	{ INT_RANGE(go_access_network_type, 0, 15), 0 },
5509 	{ INT_RANGE(go_internet, 0, 1), 0 },
5510 	{ INT_RANGE(go_venue_group, 0, 255), 0 },
5511 	{ INT_RANGE(go_venue_type, 0, 255), 0 },
5512 	{ INT_RANGE(pbc_in_m1, 0, 1), 0 },
5513 	{ STR(autoscan), 0 },
5514 	{ INT_RANGE(wps_nfc_dev_pw_id, 0x10, 0xffff),
5515 	  CFG_CHANGED_NFC_PASSWORD_TOKEN },
5516 	{ BIN(wps_nfc_dh_pubkey), CFG_CHANGED_NFC_PASSWORD_TOKEN },
5517 	{ BIN(wps_nfc_dh_privkey), CFG_CHANGED_NFC_PASSWORD_TOKEN },
5518 	{ BIN(wps_nfc_dev_pw), CFG_CHANGED_NFC_PASSWORD_TOKEN },
5519 	{ STR(ext_password_backend), CFG_CHANGED_EXT_PW_BACKEND },
5520 	{ INT(p2p_go_max_inactivity), 0 },
5521 	{ INT_RANGE(auto_interworking, 0, 1), 0 },
5522 	{ INT(okc), 0 },
5523 	{ INT(pmf), 0 },
5524 	{ INT_RANGE(sae_check_mfp, 0, 1), 0 },
5525 	{ FUNC(sae_groups), 0 },
5526 	{ INT_RANGE(sae_pwe, 0, 3), 0 },
5527 	{ INT_RANGE(sae_pmkid_in_assoc, 0, 1), 0 },
5528 	{ INT(dtim_period), 0 },
5529 	{ INT(beacon_int), 0 },
5530 	{ FUNC(ap_assocresp_elements), 0 },
5531 	{ FUNC(ap_vendor_elements), 0 },
5532 	{ INT_RANGE(ignore_old_scan_res, 0, 1), 0 },
5533 	{ FUNC(freq_list), 0 },
5534 	{ FUNC(initial_freq_list), 0},
5535 	{ INT(scan_cur_freq), 0 },
5536 	{ INT(scan_res_valid_for_connect), 0},
5537 	{ INT(sched_scan_interval), 0 },
5538 	{ INT(sched_scan_start_delay), 0 },
5539 	{ INT(tdls_external_control), 0},
5540 	{ STR(osu_dir), 0 },
5541 	{ STR(wowlan_triggers), CFG_CHANGED_WOWLAN_TRIGGERS },
5542 	{ INT(p2p_search_delay), 0},
5543 	{ INT_RANGE(mac_addr, 0, 2), 0 },
5544 	{ INT(rand_addr_lifetime), 0 },
5545 	{ INT_RANGE(preassoc_mac_addr, 0, 2), 0 },
5546 	{ INT(key_mgmt_offload), 0},
5547 	{ INT(passive_scan), 0 },
5548 	{ INT(reassoc_same_bss_optim), 0 },
5549 	{ INT(wps_priority), 0},
5550 #ifdef CONFIG_FST
5551 	{ STR_RANGE(fst_group_id, 1, FST_MAX_GROUP_ID_LEN), 0 },
5552 	{ INT_RANGE(fst_priority, 1, FST_MAX_PRIO_VALUE), 0 },
5553 	{ INT_RANGE(fst_llt, 1, FST_MAX_LLT_MS), 0 },
5554 #endif /* CONFIG_FST */
5555 	{ INT_RANGE(cert_in_cb, 0, 1), 0 },
5556 	{ INT_RANGE(wpa_rsc_relaxation, 0, 1), 0 },
5557 	{ STR(sched_scan_plans), CFG_CHANGED_SCHED_SCAN_PLANS },
5558 #ifdef CONFIG_MBO
5559 	{ STR(non_pref_chan), 0 },
5560 	{ INT_RANGE(mbo_cell_capa, MBO_CELL_CAPA_AVAILABLE,
5561 		    MBO_CELL_CAPA_NOT_SUPPORTED), 0 },
5562 	{ INT_RANGE(disassoc_imminent_rssi_threshold, -120, 0), 0 },
5563 	{ INT_RANGE(oce, 0, 3), 0 },
5564 #endif /* CONFIG_MBO */
5565 	{ INT(gas_address3), 0 },
5566 	{ INT_RANGE(ftm_responder, 0, 1), 0 },
5567 	{ INT_RANGE(ftm_initiator, 0, 1), 0 },
5568 	{ INT(gas_rand_addr_lifetime), 0 },
5569 	{ INT_RANGE(gas_rand_mac_addr, 0, 2), 0 },
5570 #ifdef CONFIG_DPP
5571 	{ INT_RANGE(dpp_config_processing, 0, 2), 0 },
5572 	{ STR(dpp_name), 0 },
5573 	{ STR(dpp_mud_url), 0 },
5574 	{ STR(dpp_extra_conf_req_name), 0 },
5575 	{ STR(dpp_extra_conf_req_value), 0 },
5576 	{ INT_RANGE(dpp_connector_privacy_default, 0, 1), 0 },
5577 #endif /* CONFIG_DPP */
5578 	{ INT_RANGE(coloc_intf_reporting, 0, 1), 0 },
5579 #ifdef CONFIG_WNM
5580 	{ INT_RANGE(disable_btm, 0, 1), CFG_CHANGED_DISABLE_BTM },
5581 	{ INT_RANGE(extended_key_id, 0, 1), 0 },
5582 #endif /* CONFIG_WNM */
5583 	{ INT_RANGE(wowlan_disconnect_on_deinit, 0, 1), 0},
5584 	{ INT_RANGE(rsn_overriding, 0, 2), 0},
5585 #ifdef CONFIG_PASN
5586 #ifdef CONFIG_TESTING_OPTIONS
5587 	{ INT_RANGE(force_kdk_derivation, 0, 1), 0 },
5588 	{ INT_RANGE(pasn_corrupt_mic, 0, 1), 0 },
5589 #endif /* CONFIG_TESTING_OPTIONS */
5590 #endif /* CONFIG_PASN */
5591 #ifdef CONFIG_TESTING_OPTIONS
5592 	{ INT_RANGE(mld_force_single_link, 0, 1), 0 },
5593 	{ INT_RANGE(mld_connect_band_pref, 0, MLD_CONNECT_BAND_PREF_MAX), 0 },
5594 	{ FUNC(mld_connect_bssid_pref), 0 },
5595 #endif /* CONFIG_TESTING_OPTIONS */
5596 	{ INT_RANGE(ft_prepend_pmkid, 0, 1), CFG_CHANGED_FT_PREPEND_PMKID },
5597 	/* NOTE: When adding new parameters here, add_interface() in
5598 	 * wpa_supplicant/dbus_new_introspect.c may need to be modified to
5599 	 * increase the size of the iface->xml buffer. */
5600 };
5601 
5602 #undef FUNC
5603 #undef _INT
5604 #undef INT
5605 #undef INT_RANGE
5606 #undef _STR
5607 #undef STR
5608 #undef STR_RANGE
5609 #undef BIN
5610 #undef IPV4
5611 #define NUM_GLOBAL_FIELDS ARRAY_SIZE(global_fields)
5612 
5613 
wpa_config_dump_values(struct wpa_config * config,char * buf,size_t buflen)5614 int wpa_config_dump_values(struct wpa_config *config, char *buf, size_t buflen)
5615 {
5616 	int result = 0;
5617 	size_t i;
5618 
5619 	for (i = 0; i < NUM_GLOBAL_FIELDS; i++) {
5620 		const struct global_parse_data *field = &global_fields[i];
5621 		int tmp;
5622 
5623 		if (!field->get)
5624 			continue;
5625 
5626 		tmp = field->get(field->name, config, (long) field->param1,
5627 				 buf, buflen, 1);
5628 		if (tmp < 0)
5629 			return -1;
5630 		buf += tmp;
5631 		buflen -= tmp;
5632 		result += tmp;
5633 	}
5634 	return result;
5635 }
5636 
5637 
wpa_config_get_value(const char * name,struct wpa_config * config,char * buf,size_t buflen)5638 int wpa_config_get_value(const char *name, struct wpa_config *config,
5639 			 char *buf, size_t buflen)
5640 {
5641 	size_t i;
5642 
5643 	for (i = 0; i < NUM_GLOBAL_FIELDS; i++) {
5644 		const struct global_parse_data *field = &global_fields[i];
5645 
5646 		if (os_strcmp(name, field->name) != 0)
5647 			continue;
5648 		if (!field->get)
5649 			break;
5650 		return field->get(name, config, (long) field->param1,
5651 				  buf, buflen, 0);
5652 	}
5653 
5654 	return -1;
5655 }
5656 
5657 
wpa_config_get_num_global_field_names(void)5658 int wpa_config_get_num_global_field_names(void)
5659 {
5660 	return NUM_GLOBAL_FIELDS;
5661 }
5662 
5663 
wpa_config_get_global_field_name(unsigned int i,int * no_var)5664 const char * wpa_config_get_global_field_name(unsigned int i, int *no_var)
5665 {
5666 	if (i >= NUM_GLOBAL_FIELDS)
5667 		return NULL;
5668 
5669 	if (no_var)
5670 		*no_var = !global_fields[i].param1;
5671 	return global_fields[i].name;
5672 }
5673 
5674 
5675 /**
5676  * wpa_config_process_global - Set a variable in global configuration
5677  * @config: Pointer to global configuration data
5678  * @pos: Name and value in the format "{name}={value}"
5679  * @line: Line number in configuration file or 0 if not used
5680  * Returns: 0 on success with a possible change in value, 1 on success with no
5681  * change to previously configured value, or -1 on failure
5682  *
5683  * This function can be used to set global configuration variables based on
5684  * both the configuration file and management interface input. The value
5685  * parameter must be in the same format as the text-based configuration file is
5686  * using. For example, strings are using double quotation marks.
5687  */
wpa_config_process_global(struct wpa_config * config,char * pos,int line)5688 int wpa_config_process_global(struct wpa_config *config, char *pos, int line)
5689 {
5690 	size_t i;
5691 	int ret = 0;
5692 
5693 	for (i = 0; i < NUM_GLOBAL_FIELDS; i++) {
5694 		const struct global_parse_data *field = &global_fields[i];
5695 		size_t flen = os_strlen(field->name);
5696 		if (os_strncmp(pos, field->name, flen) != 0 ||
5697 		    pos[flen] != '=')
5698 			continue;
5699 
5700 		ret = field->parser(field, config, line, pos + flen + 1);
5701 		if (ret < 0) {
5702 			wpa_printf(MSG_ERROR, "Line %d: failed to "
5703 				   "parse '%s'.", line, pos);
5704 			ret = -1;
5705 		}
5706 		if (ret == 1)
5707 			break;
5708 		if (field->changed_flag == CFG_CHANGED_NFC_PASSWORD_TOKEN)
5709 			config->wps_nfc_pw_from_config = 1;
5710 		config->changed_parameters |= field->changed_flag;
5711 		break;
5712 	}
5713 	if (i == NUM_GLOBAL_FIELDS) {
5714 #ifdef CONFIG_AP
5715 		if (os_strncmp(pos, "tx_queue_", 9) == 0) {
5716 			char *tmp = os_strchr(pos, '=');
5717 
5718 			if (!tmp) {
5719 				if (line < 0)
5720 					wpa_printf(MSG_ERROR,
5721 						   "Line %d: invalid line %s",
5722 						   line, pos);
5723 				return -1;
5724 			}
5725 			*tmp++ = '\0';
5726 			if (hostapd_config_tx_queue(config->tx_queue, pos,
5727 						    tmp)) {
5728 				wpa_printf(MSG_ERROR,
5729 					   "Line %d: invalid TX queue item",
5730 					   line);
5731 				return -1;
5732 			}
5733 			return ret;
5734 		}
5735 
5736 		if (os_strncmp(pos, "wmm_ac_", 7) == 0) {
5737 			char *tmp = os_strchr(pos, '=');
5738 			if (tmp == NULL) {
5739 				if (line < 0)
5740 					return -1;
5741 				wpa_printf(MSG_ERROR, "Line %d: invalid line "
5742 					   "'%s'", line, pos);
5743 				return -1;
5744 			}
5745 			*tmp++ = '\0';
5746 			if (hostapd_config_wmm_ac(config->wmm_ac_params, pos,
5747 						  tmp)) {
5748 				wpa_printf(MSG_ERROR, "Line %d: invalid WMM "
5749 					   "AC item", line);
5750 				return -1;
5751 			}
5752 			return ret;
5753 		}
5754 #endif /* CONFIG_AP */
5755 		if (line < 0)
5756 			return -1;
5757 		wpa_printf(MSG_ERROR, "Line %d: unknown global field '%s'.",
5758 			   line, pos);
5759 		ret = -1;
5760 	}
5761 
5762 	return ret;
5763 }
5764