2 * Host AP (software wireless LAN access point) user space daemon for
3 * Host AP kernel driver
4 * Copyright (c) 2002-2005, Jouni Malinen <jkmaline@cc.hut.fi>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * Alternatively, this software may be distributed under the terms of BSD
13 * See README and COPYING for more details.
19 #include <netinet/in.h>
25 #include <sys/types.h>
26 #include <sys/socket.h>
27 #include <arpa/inet.h>
31 #include "ieee802_1x.h"
32 #include "ieee802_11.h"
33 #include "accounting.h"
37 #include "ieee802_11_auth.h"
40 #include "radius_client.h"
41 #include "radius_server.h"
43 #include "ctrl_iface.h"
45 #include "eap_sim_db.h"
47 #include "hostap_common.h"
50 struct hapd_interfaces
{
55 unsigned char rfc1042_header
[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
58 extern int wpa_debug_level
;
59 extern int wpa_debug_show_keys
;
60 extern int wpa_debug_timestamp
;
63 void hostapd_logger(struct hostapd_data
*hapd
, const u8
*addr
,
64 unsigned int module
, int level
, const char *fmt
, ...)
66 char *format
, *module_str
;
69 int conf_syslog_level
, conf_stdout_level
;
70 unsigned int conf_syslog
, conf_stdout
;
72 maxlen
= strlen(fmt
) + 100;
73 format
= malloc(maxlen
);
77 if (hapd
&& hapd
->conf
) {
78 conf_syslog_level
= hapd
->conf
->logger_syslog_level
;
79 conf_stdout_level
= hapd
->conf
->logger_stdout_level
;
80 conf_syslog
= hapd
->conf
->logger_syslog
;
81 conf_stdout
= hapd
->conf
->logger_stdout
;
83 conf_syslog_level
= conf_stdout_level
= 0;
84 conf_syslog
= conf_stdout
= (unsigned int) -1;
88 case HOSTAPD_MODULE_IEEE80211
:
89 module_str
= "IEEE 802.11";
91 case HOSTAPD_MODULE_IEEE8021X
:
92 module_str
= "IEEE 802.1X";
94 case HOSTAPD_MODULE_RADIUS
:
95 module_str
= "RADIUS";
97 case HOSTAPD_MODULE_WPA
:
100 case HOSTAPD_MODULE_DRIVER
:
101 module_str
= "DRIVER";
103 case HOSTAPD_MODULE_IAPP
:
111 if (hapd
&& hapd
->conf
&& addr
)
112 snprintf(format
, maxlen
, "%s: STA " MACSTR
"%s%s: %s",
113 hapd
->conf
->iface
, MAC2STR(addr
),
114 module_str
? " " : "", module_str
, fmt
);
115 else if (hapd
&& hapd
->conf
)
116 snprintf(format
, maxlen
, "%s:%s%s %s",
117 hapd
->conf
->iface
, module_str
? " " : "",
120 snprintf(format
, maxlen
, "STA " MACSTR
"%s%s: %s",
121 MAC2STR(addr
), module_str
? " " : "",
124 snprintf(format
, maxlen
, "%s%s%s",
125 module_str
, module_str
? ": " : "", fmt
);
127 if ((conf_stdout
& module
) && level
>= conf_stdout_level
) {
128 wpa_debug_print_timestamp();
135 if ((conf_syslog
& module
) && level
>= conf_syslog_level
) {
138 case HOSTAPD_LEVEL_DEBUG_VERBOSE
:
139 case HOSTAPD_LEVEL_DEBUG
:
140 priority
= LOG_DEBUG
;
142 case HOSTAPD_LEVEL_INFO
:
145 case HOSTAPD_LEVEL_NOTICE
:
146 priority
= LOG_NOTICE
;
148 case HOSTAPD_LEVEL_WARNING
:
149 priority
= LOG_WARNING
;
156 vsyslog(priority
, format
, ap
);
164 const char * hostapd_ip_txt(const struct hostapd_ip_addr
*addr
, char *buf
,
167 if (buflen
== 0 || addr
== NULL
)
170 if (addr
->af
== AF_INET
) {
171 snprintf(buf
, buflen
, "%s", inet_ntoa(addr
->u
.v4
));
176 if (addr
->af
== AF_INET6
) {
177 if (inet_ntop(AF_INET6
, &addr
->u
.v6
, buf
, buflen
) == NULL
)
180 #endif /* CONFIG_IPV6 */
186 static void hostapd_deauth_all_stas(hostapd
*hapd
)
191 memset(addr
, 0xff, ETH_ALEN
);
192 hostapd_sta_deauth(hapd
, addr
, WLAN_REASON_PREV_AUTH_NOT_VALID
);
194 /* New Prism2.5/3 STA firmware versions seem to have issues with this
195 * broadcast deauth frame. This gets the firmware in odd state where
196 * nothing works correctly, so let's skip sending this for a while
197 * until the issue has been resolved. */
202 /* This function will be called whenever a station associates with the AP */
203 void hostapd_new_assoc_sta(hostapd
*hapd
, struct sta_info
*sta
, int reassoc
)
205 if (hapd
->tkip_countermeasures
) {
206 hostapd_sta_deauth(hapd
, sta
->addr
,
207 WLAN_REASON_MICHAEL_MIC_FAILURE
);
211 /* IEEE 802.11F (IAPP) */
212 if (hapd
->conf
->ieee802_11f
)
213 iapp_new_station(hapd
->iapp
, sta
);
215 /* Start accounting here, if IEEE 802.1X and WPA are not used.
216 * IEEE 802.1X/WPA code will start accounting after the station has
217 * been authorized. */
218 if (!hapd
->conf
->ieee802_1x
&& !hapd
->conf
->wpa
)
219 accounting_sta_start(hapd
, sta
);
221 /* Start IEEE 802.1X authentication process for new stations */
222 ieee802_1x_new_station(hapd
, sta
);
224 wpa_sm_event(hapd
, sta
, WPA_REAUTH
);
226 wpa_new_station(hapd
, sta
);
230 static void handle_term(int sig
, void *eloop_ctx
, void *signal_ctx
)
232 printf("Signal %d received - terminating\n", sig
);
237 static void handle_reload(int sig
, void *eloop_ctx
, void *signal_ctx
)
239 struct hapd_interfaces
*hapds
= (struct hapd_interfaces
*) eloop_ctx
;
240 struct hostapd_config
*newconf
;
243 printf("Signal %d received - reloading configuration\n", sig
);
245 for (i
= 0; i
< hapds
->count
; i
++) {
246 hostapd
*hapd
= hapds
->hapd
[i
];
247 newconf
= hostapd_config_read(hapd
->config_fname
);
248 if (newconf
== NULL
) {
249 printf("Failed to read new configuration file - "
250 "continuing with old.\n");
253 /* TODO: update dynamic data based on changed configuration
254 * items (e.g., open/close sockets, remove stations added to
255 * deny list, etc.) */
256 radius_client_flush(hapd
->radius
);
257 hostapd_config_free(hapd
->conf
);
258 hapd
->conf
= newconf
;
263 #ifdef HOSTAPD_DUMP_STATE
264 static void hostapd_dump_state(hostapd
*hapd
)
268 struct sta_info
*sta
;
272 if (!hapd
->conf
->dump_log_name
) {
273 printf("Dump file not defined - ignoring dump request\n");
277 printf("Dumping hostapd state to '%s'\n", hapd
->conf
->dump_log_name
);
278 f
= fopen(hapd
->conf
->dump_log_name
, "w");
280 printf("Could not open dump file '%s' for writing.\n",
281 hapd
->conf
->dump_log_name
);
286 fprintf(f
, "hostapd state dump - %s", ctime(&now
));
288 for (sta
= hapd
->sta_list
; sta
!= NULL
; sta
= sta
->next
) {
289 fprintf(f
, "\nSTA=" MACSTR
"\n", MAC2STR(sta
->addr
));
292 " AID=%d flags=0x%x %s%s%s%s%s%s\n"
293 " capability=0x%x listen_interval=%d\n",
296 (sta
->flags
& WLAN_STA_AUTH
? "[AUTH]" : ""),
297 (sta
->flags
& WLAN_STA_ASSOC
? "[ASSOC]" : ""),
298 (sta
->flags
& WLAN_STA_PS
? "[PS]" : ""),
299 (sta
->flags
& WLAN_STA_TIM
? "[TIM]" : ""),
300 (sta
->flags
& WLAN_STA_PERM
? "[PERM]" : ""),
301 (sta
->flags
& WLAN_STA_AUTHORIZED
? "[AUTHORIZED]" :
304 sta
->listen_interval
);
306 fprintf(f
, " supported_rates=");
307 for (i
= 0; i
< sizeof(sta
->supported_rates
); i
++)
308 if (sta
->supported_rates
[i
] != 0)
309 fprintf(f
, "%02x ", sta
->supported_rates
[i
]);
310 fprintf(f
, "%s%s%s%s\n",
311 (sta
->tx_supp_rates
& WLAN_RATE_1M
? "[1M]" : ""),
312 (sta
->tx_supp_rates
& WLAN_RATE_2M
? "[2M]" : ""),
313 (sta
->tx_supp_rates
& WLAN_RATE_5M5
? "[5.5M]" : ""),
314 (sta
->tx_supp_rates
& WLAN_RATE_11M
? "[11M]" : ""));
317 " timeout_next=%s\n",
318 (sta
->timeout_next
== STA_NULLFUNC
? "NULLFUNC POLL" :
319 (sta
->timeout_next
== STA_DISASSOC
? "DISASSOC" :
322 ieee802_1x_dump_state(f
, " ", sta
);
327 int count
= radius_client_get_mib(hapd
->radius
, buf
, 4096);
330 else if (count
> 4095)
333 fprintf(f
, "%s", buf
);
335 count
= radius_server_get_mib(hapd
->radius_srv
, buf
, 4096);
338 else if (count
> 4095)
341 fprintf(f
, "%s", buf
);
346 #endif /* HOSTAPD_DUMP_STATE */
349 static void handle_dump_state(int sig
, void *eloop_ctx
, void *signal_ctx
)
351 #ifdef HOSTAPD_DUMP_STATE
352 struct hapd_interfaces
*hapds
= (struct hapd_interfaces
*) eloop_ctx
;
355 for (i
= 0; i
< hapds
->count
; i
++) {
356 hostapd
*hapd
= hapds
->hapd
[i
];
357 hostapd_dump_state(hapd
);
359 #endif /* HOSTAPD_DUMP_STATE */
363 static void hostapd_cleanup(struct hostapd_data
*hapd
)
365 hostapd_ctrl_iface_deinit(hapd
);
367 free(hapd
->default_wep_key
);
368 hapd
->default_wep_key
= NULL
;
369 iapp_deinit(hapd
->iapp
);
370 accounting_deinit(hapd
);
372 ieee802_1x_deinit(hapd
);
373 hostapd_acl_deinit(hapd
);
374 radius_client_deinit(hapd
->radius
);
376 radius_server_deinit(hapd
->radius_srv
);
377 hapd
->radius_srv
= NULL
;
379 hostapd_wireless_event_deinit(hapd
);
382 hostapd_driver_deinit(hapd
);
384 hostapd_config_free(hapd
->conf
);
387 free(hapd
->config_fname
);
391 tls_deinit(hapd
->ssl_ctx
);
392 hapd
->ssl_ctx
= NULL
;
394 #endif /* EAP_TLS_FUNCS */
396 if (hapd
->eap_sim_db_priv
)
397 eap_sim_db_deinit(hapd
->eap_sim_db_priv
);
401 static int hostapd_flush_old_stations(hostapd
*hapd
)
405 printf("Flushing old station entries\n");
406 if (hostapd_flush(hapd
)) {
407 printf("Could not connect to kernel driver.\n");
410 printf("Deauthenticate all stations\n");
411 hostapd_deauth_all_stas(hapd
);
417 static int hostapd_setup_interface(struct hostapd_data
*hapd
)
419 struct hostapd_config
*conf
= hapd
->conf
;
420 u8 ssid
[HOSTAPD_SSID_LEN
+ 1];
421 int ssid_len
, set_ssid
;
424 if (hostapd_driver_init(hapd
)) {
425 printf("%s driver initialization failed.\n",
426 hapd
->driver
? hapd
->driver
->name
: "Unknown");
432 * Fetch the SSID from the system and use it or,
433 * if one was specified in the config file, verify they
436 ssid_len
= hostapd_get_ssid(hapd
, ssid
, sizeof(ssid
));
438 printf("Could not read SSID from system\n");
441 if (conf
->ssid_set
) {
443 * If SSID is specified in the config file and it differs
444 * from what is being used then force installation of the
447 set_ssid
= (conf
->ssid_len
!= ssid_len
||
448 memcmp(conf
->ssid
, ssid
, ssid_len
) != 0);
451 * No SSID in the config file; just use the one we got
455 conf
->ssid_len
= ssid_len
;
456 memcpy(conf
->ssid
, ssid
, conf
->ssid_len
);
457 conf
->ssid
[conf
->ssid_len
] = '\0';
460 printf("Using interface %s with hwaddr " MACSTR
" and ssid '%s'\n",
461 hapd
->conf
->iface
, MAC2STR(hapd
->own_addr
), hapd
->conf
->ssid
);
463 if (hostapd_setup_wpa_psk(conf
)) {
464 printf("WPA-PSK setup failed.\n");
468 /* Set SSID for the kernel driver (to be used in beacon and probe
469 * response frames) */
470 if (set_ssid
&& hostapd_set_ssid(hapd
, (u8
*) conf
->ssid
,
472 printf("Could not set SSID for kernel driver\n");
476 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MSGDUMPS
))
477 conf
->radius
->msg_dumps
= 1;
478 hapd
->radius
= radius_client_init(hapd
, conf
->radius
);
479 if (hapd
->radius
== NULL
) {
480 printf("RADIUS client initialization failed.\n");
483 if (conf
->radius_server_clients
) {
484 struct radius_server_conf srv
;
485 memset(&srv
, 0, sizeof(srv
));
486 srv
.client_file
= conf
->radius_server_clients
;
487 srv
.auth_port
= conf
->radius_server_auth_port
;
488 srv
.hostapd_conf
= conf
;
489 srv
.eap_sim_db_priv
= hapd
->eap_sim_db_priv
;
490 srv
.ssl_ctx
= hapd
->ssl_ctx
;
491 srv
.ipv6
= conf
->radius_server_ipv6
;
492 hapd
->radius_srv
= radius_server_init(&srv
);
493 if (hapd
->radius_srv
== NULL
) {
494 printf("RADIUS server initialization failed.\n");
498 if (hostapd_acl_init(hapd
)) {
499 printf("ACL initialization failed.\n");
502 if (ieee802_1x_init(hapd
)) {
503 printf("IEEE 802.1X initialization failed.\n");
507 if (hapd
->conf
->wpa
&& wpa_init(hapd
)) {
508 printf("WPA initialization failed.\n");
512 if (accounting_init(hapd
)) {
513 printf("Accounting initialization failed.\n");
517 if (hapd
->conf
->ieee802_11f
&&
518 (hapd
->iapp
= iapp_init(hapd
, hapd
->conf
->iapp_iface
)) == NULL
) {
519 printf("IEEE 802.11F (IAPP) initialization failed.\n");
523 if (hostapd_wireless_event_init(hapd
) < 0)
526 if (hostapd_flush_old_stations(hapd
))
529 if (hostapd_ctrl_iface_init(hapd
)) {
530 printf("Failed to setup control interface\n");
541 const struct driver_ops
*ops
;
543 static struct driver
*drivers
= NULL
;
545 void driver_register(const char *name
, const struct driver_ops
*ops
)
549 d
= malloc(sizeof(struct driver
));
551 printf("Failed to register driver %s!\n", name
);
554 d
->name
= strdup(name
);
555 if (d
->name
== NULL
) {
556 printf("Failed to register driver %s!\n", name
);
567 void driver_unregister(const char *name
)
569 struct driver
*p
, **pp
;
571 for (pp
= &drivers
; (p
= *pp
) != NULL
; pp
= &p
->next
) {
572 if (strcasecmp(p
->name
, name
) == 0) {
583 static void driver_unregister_all(void)
585 struct driver
*p
, *pp
;
597 const struct driver_ops
* driver_lookup(const char *name
)
601 if (strcmp(name
, "default") == 0) {
608 for (p
= drivers
; p
!= NULL
; p
= p
->next
) {
609 if (strcasecmp(p
->name
, name
) == 0)
617 static void show_version(void)
620 "hostapd v" VERSION_STR
"\n"
621 "User space daemon for IEEE 802.11 AP management,\n"
622 "IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
623 "Copyright (c) 2002-2005, Jouni Malinen <jkmaline@cc.hut.fi> "
624 "and contributors\n");
628 static void usage(void)
633 "usage: hostapd [-hdBKt] <configuration file(s)>\n"
636 " -h show this usage\n"
637 " -d show more debug messages (-dd for even more)\n"
638 " -B run daemon in the background\n"
639 " -K include key data in debug messages\n"
640 " -t include timestamps in some debug messages\n"
641 " -v show hostapd version\n");
647 static hostapd
* hostapd_init(const char *config_file
)
651 hapd
= malloc(sizeof(*hapd
));
653 printf("Could not allocate memory for hostapd data\n");
656 memset(hapd
, 0, sizeof(*hapd
));
658 hapd
->config_fname
= strdup(config_file
);
659 if (hapd
->config_fname
== NULL
) {
660 printf("Could not allocate memory for config_fname\n");
664 hapd
->conf
= hostapd_config_read(hapd
->config_fname
);
665 if (hapd
->conf
== NULL
) {
669 if (hapd
->conf
->individual_wep_key_len
> 0) {
670 /* use key0 in individual key and key1 in broadcast key */
671 hapd
->default_wep_key_idx
= 1;
675 if (hapd
->conf
->eap_server
&&
676 (hapd
->conf
->ca_cert
|| hapd
->conf
->server_cert
)) {
677 hapd
->ssl_ctx
= tls_init(NULL
);
678 if (hapd
->ssl_ctx
== NULL
) {
679 printf("Failed to initialize TLS\n");
682 if (tls_global_ca_cert(hapd
->ssl_ctx
, hapd
->conf
->ca_cert
)) {
683 printf("Failed to load CA certificate (%s)\n",
684 hapd
->conf
->ca_cert
);
687 if (tls_global_client_cert(hapd
->ssl_ctx
,
688 hapd
->conf
->server_cert
)) {
689 printf("Failed to load server certificate (%s)\n",
690 hapd
->conf
->server_cert
);
693 if (tls_global_private_key(hapd
->ssl_ctx
,
694 hapd
->conf
->private_key
,
695 hapd
->conf
->private_key_passwd
)) {
696 printf("Failed to load private key (%s)\n",
697 hapd
->conf
->private_key
);
700 if (tls_global_set_verify(hapd
->ssl_ctx
,
701 hapd
->conf
->check_crl
)) {
702 printf("Failed to enable check_crl\n");
706 #endif /* EAP_TLS_FUNCS */
708 if (hapd
->conf
->eap_sim_db
) {
709 hapd
->eap_sim_db_priv
=
710 eap_sim_db_init(hapd
->conf
->eap_sim_db
);
711 if (hapd
->eap_sim_db_priv
== NULL
) {
712 printf("Failed to initialize EAP-SIM database "
718 if (hapd
->conf
->assoc_ap
)
719 hapd
->assoc_ap_state
= WAIT_BEACON
;
721 /* FIX: need to fix this const vs. not */
722 hapd
->driver
= (struct driver_ops
*) hapd
->conf
->driver
;
729 tls_deinit(hapd
->ssl_ctx
);
731 hostapd_config_free(hapd
->conf
);
732 free(hapd
->config_fname
);
739 void register_drivers(void);
741 int main(int argc
, char *argv
[])
743 struct hapd_interfaces interfaces
;
745 int c
, debug
= 0, daemonize
= 0;
748 c
= getopt(argc
, argv
, "BdhKtv");
762 wpa_debug_show_keys
++;
765 wpa_debug_timestamp
++;
781 register_drivers(); /* NB: generated by Makefile */
783 interfaces
.count
= argc
- optind
;
785 interfaces
.hapd
= malloc(interfaces
.count
* sizeof(hostapd
*));
786 if (interfaces
.hapd
== NULL
) {
787 printf("malloc failed\n");
791 eloop_init(&interfaces
);
792 eloop_register_signal(SIGHUP
, handle_reload
, NULL
);
793 eloop_register_signal(SIGINT
, handle_term
, NULL
);
794 eloop_register_signal(SIGTERM
, handle_term
, NULL
);
795 eloop_register_signal(SIGUSR1
, handle_dump_state
, NULL
);
797 for (i
= 0; i
< interfaces
.count
; i
++) {
798 printf("Configuration file: %s\n", argv
[optind
+ i
]);
799 interfaces
.hapd
[i
] = hostapd_init(argv
[optind
+ i
]);
800 if (!interfaces
.hapd
[i
])
802 for (j
= 0; j
< debug
; j
++) {
803 if (interfaces
.hapd
[i
]->conf
->logger_stdout_level
> 0)
804 interfaces
.hapd
[i
]->conf
->
805 logger_stdout_level
--;
806 interfaces
.hapd
[i
]->conf
->debug
++;
808 if (hostapd_setup_interface(interfaces
.hapd
[i
]))
810 wpa_debug_level
-= interfaces
.hapd
[0]->conf
->debug
;
813 if (daemonize
&& daemon(0, 0)) {
818 openlog("hostapd", 0, LOG_DAEMON
);
822 for (i
= 0; i
< interfaces
.count
; i
++) {
823 hostapd_free_stas(interfaces
.hapd
[i
]);
824 hostapd_flush_old_stations(interfaces
.hapd
[i
]);
830 for (i
= 0; i
< interfaces
.count
; i
++) {
831 if (!interfaces
.hapd
[i
])
834 hostapd_cleanup(interfaces
.hapd
[i
]);
835 free(interfaces
.hapd
[i
]);
837 free(interfaces
.hapd
);
843 driver_unregister_all();