aboutsummaryrefslogtreecommitdiffstats
path: root/hostapd/ctrl_iface.c
Commit message (Collapse)AuthorAgeFilesLines
* hostapd: Add FTM range requestDavid Spinadel2016-04-171-0/+62
| | | | | | | | | | | | | | | | | | | | Add FTM range request via RRM. The AP sends Radio measurement request with FTM range request as a request for the receiving STA to send FTM requests to the given list of APs. The neighbor report part of the request is taken from the neighbor database. The control interface command is: REQ_RANGE <dst addr> <rand_int> <min_ap> <responder> [<responder>..] dst addr: MAC address of an associated STA rand_int: Randomization Interval (0..65535) in TUs min_ap: Minimum AP Count (1..15); minimum number of requested FTM ranges between the associated STA and the listed APs responder: List of BSSIDs for neighboring APs for which a measurement is requested Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Add LCI requestDavid Spinadel2016-04-171-0/+18
| | | | | | | Add a hostapd control interface command REQ_LCI to request LCI from an associated station using radio measurement. Signed-off-by: David Spinadel <david.spinadel@intel.com>
* hostapd: Add a database of neighboring APsDavid Spinadel2016-04-161-0/+124
| | | | | | | | | | | | | | | | | Add a configurable neighbor database that includes the content of Nighbor Report element, LCI and Location Civic subelements and SSID. All parameters for a neighbor must be updated at once; Neighbor Report element and SSID are mandatory, LCI and civic are optional. The age of LCI is set to the time of neighbor update. The control interface API is: SET_NEIGHBOR <BSSID> <ssid=SSID> <nr=data> [lci=<data>] [civic=<data>] To delete a neighbor use: REMOVE_NEIGHBOR <BSSID> <SSID> Signed-off-by: David Spinadel <david.spinadel@intel.com>
* Add POLL_STA command to check connectivity in AP modeJouni Malinen2016-04-081-0/+3
| | | | | | | | | The hostapd "POLL_STA <addr>" control interface command can be used to check whether an associated station ACKs a QoS Data frame. The received ACK for such a frame is reported as an event message ("AP-STA-POLL-OK <addr>"). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* PMKSA: Flush AP/mesh PMKSA cache by PMKSA_FLUSH commandMasashi Honma2016-03-201-0/+2
| | | | | | | | | This extends the wpa_supplicant PMKSA_FLUSH control interface command to allow the PMKSA list from the authenticator side to be flushed for AP and mesh mode. In addition, this adds a hostapd PMKSA_FLUSH control interface command to flush the PMKSA entries. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* PMKSA: Show AP/mesh PMKSA list in PMKSA commandMasashi Honma2016-03-201-0/+3
| | | | | | | | | This extends the wpa_supplicant PMKSA control interface command to allow the PMKSA list from the authenticator side to be listed for AP and mesh mode. In addition, this adds a hostapd PMKSA control interface command to show the same list for the AP case. Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
* hostapd: Add global TERMINATE commandJanusz Dziedzic2016-03-051-0/+2
| | | | | | This will terminate the hostapd process. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Add INTERFACES ctrl_iface commandJanusz Dziedzic2016-03-051-0/+48
| | | | | | | | | | Return a list of the available interfaces (the main BSS) and optionally with ctrl_iface when the optional "ctrl" parameter is included. This is useful when using UDP ctrl_iface and add interfaces using the ADD command. After that we need to know which UDP port was assigned for the control interface for the added interface. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Update ctrl_interface for UDP to include the selected portJanusz Dziedzic2016-03-051-0/+7
| | | | | | | | Set up the real ctrl_interface for UDP after having selected the port. This is in format: udp:<port_no>. This is needed to get accurate interface <-> udp_port mapping. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Allow UDP ctrl_iface configuration to set the UDP portJanusz Dziedzic2016-03-051-2/+24
| | | | | | | | | | | | | This allows the UDP port to be set for the per-interface and global control interfaces. The format is: udp:<port_no> For example: hostapd -ddt -g udp:8888 And in the configuration file: ctrl_interface=udp:8877 Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Add UDP support for ctrl_ifaceJanusz Dziedzic2016-03-051-7/+251
| | | | | | | | | | | | | | | Add UDP support for ctrl_iface: New config option could be set: CONFIG_CTRL_IFACE=udp CONFIG_CTRL_IFACE=udp-remote CONFIG_CTRL_IFACE=udp6 CONFIG_CTRL_IFACE=udp6-remote And hostapd_cli usage: hostapd_cli -i localhost:8877 Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* ctrl_iface_common: Use sockaddr_storage instead of sockaddr_unJanusz Dziedzic2016-03-051-12/+11
| | | | | | | This is a step towards allowing UDP sockets to be used with the common implementation. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Use common functions for ctrl_ifaceJanusz Dziedzic2016-03-051-123/+19
| | | | | | Use the common functions, structures when UNIX socket ctrl_iface used. Signed-off-by: Janusz Dziedzic <janusz.dziedzic@tieto.com>
* hostapd: Add MBO IE to BSS Transition Management Request frameAvraham Stern2016-02-221-1/+59
| | | | | | | | | | | | | | | | Add an option to add MBO IE to BSS Transition Management Request frame. The MBO IE includes the transition reason code, cellular data connection preference, and, if the disassoc imminent bit is set, it may also include re-association retry delay. Otherwise, the re-association retry delay should be set to zero. The additional BSS_TM_REQ argument uses the following format: mbo=<reason>:<reassoc delay>:<cell pref> reason: 0-9 reassoc delay: 0-65535 (seconds; 0 = disabled) cell pref: 0, 1, 255 Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* hostapd: Add MBO IE to Beacon, Probe Response, Association ResponseAvraham Stern2016-02-221-0/+19
| | | | | | | | | | | | | | | | | | Add MBO IE with AP capability attribute to Beacon, Probe Response, and (Re)Association Response frames to indicate the AP supports MBO. Add option to add Association Disallowed attribute to Beacon, Probe Response, and (Re)Association Response frames. Usage: SET mbo_assoc_disallow <reason code> Valid reason code values are between 1-5. Setting the reason code to 0 will remove the Association Disallowed attribute from the MBO IE and will allow new associations. MBO functionality is enabled by setting "mbo=1" in the config file. Signed-off-by: Avraham Stern <avraham.stern@intel.com>
* ctype functions require an unsigned charRoy Marples2016-02-181-2/+2
| | | | | | | | Ensure that characters are represented as unsigned char when using isblank() and isspace(). These function take in a "int c" argument, but it needs to be unsigned for the cases where EOF is not indicated. Signed-off-by: Roy Marples <roy@marples.name>
* VLAN: Separate station grouping and uplink configurationMichael Braun2016-02-171-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Separate uplink configuration (IEEE 802.1q VID) and grouping of stations into AP_VLAN interfaces. The int vlan_id will continue to identify the AP_VLAN interface the station should be assigned to. Each AP_VLAN interface corresponds to an instance of struct hostapd_vlan that is uniquely identified by int vlan_id within an BSS. New: Each station and struct hostapd_vlan holds a struct vlan_description vlan_desc member that describes the uplink configuration requested. Currently this is just an int untagged IEEE 802.1q VID, but can be extended to tagged VLANs and other settings easily. When the station was about to be assigned its vlan_id, vlan_desc and vlan_id will now be set simultaneously by ap_sta_set_vlan(). So sta->vlan_id can still be tested for whether the station needs to be moved to an AP_VLAN interface. To ease addition of tagged VLAN support, a member notempty is added to struct vlan_description. Is is set to 1 if an untagged or tagged VLAN assignment is requested and needs to be validated. The inverted form allows os_zalloc() to initialize an empty description. Though not depended on by the code, vlan_id assignment ensures: * vlan_id = 0 will continue to mean no AP_VLAN interface * vlan_id < 4096 will continue to mean vlan_id = untagged vlan id with no per_sta_vif and no extra tagged vlan. * vlan_id > 4096 will be used for per_sta_vif and/or tagged vlans. This way struct wpa_group and drivers API do not need to be changed in order to implement tagged VLANs or per_sta_vif support. DYNAMIC_VLAN_* will refer to (struct vlan_description).notempty only, thus grouping of the stations for per_sta_vif can be used with DYNAMIC_VLAN_DISABLED, but not with CONFIG_NO_VLAN, as struct hostapd_vlan is still used to manage AP_VLAN interfaces. MAX_VLAN_ID will be checked in hostapd_vlan_valid and during setup of VLAN interfaces and refer to IEEE 802.1q VID. VLAN_ID_WILDCARD will continue to refer to int vlan_id. Renaming vlan_id to vlan_desc when type changed from int to struct vlan_description was avoided when vlan_id was also used in a way that did not depend on its type (for example, when passed to another function). Output of "VLAN ID %d" continues to refer to int vlan_id, while "VLAN %d" will refer to untagged IEEE 802.1q VID. Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
* hostapd: Add mechanism to track unconnected stationsJouni Malinen2015-09-051-0/+38
| | | | | | | | | | | hostapd can now be configured to track unconnected stations based on Probe Request frames seen from them. This can be used, e.g., to detect dualband capable station before they have associated. Such information could then be used to provide guidance on which colocated BSS to use in case of a dualband AP that operates concurrently on multiple bands under the control of a single hostapd process. Signed-off-by: Jouni Malinen <j@w1.fi>
* Remove unnecessary NULL check from LOG_LEVEL handlerJouni Malinen2015-08-211-1/+1
| | | | | | | cmd cannot be NULL here, so there is no need to check it before calling os_strlen(). Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add support to configure debug log level at runtimeSrinivas Dasari2015-08-031-0/+49
| | | | | | | | Add support to read/configure log_level using hostapd control interface LOG_LEVEL command similarly to what was already supported in wpa_supplicant. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: Do not replace previous attachmentJouni Malinen2015-07-251-0/+4
| | | | | | | | hapd->iface->fst must not be overridden if it is already pointing to FST instance. Without this, duplicated FST-ATTACH could result in memory leak and process termination. Signed-off-by: Jouni Malinen <j@w1.fi>
* FST: Use -EINVAL instead of EINVAL as return valueJouni Malinen2015-07-251-2/+2
| | | | | | This is more consistent with other error cases. Signed-off-by: Jouni Malinen <j@w1.fi>
* hostapd: Mark config parameter name constJouni Malinen2015-07-211-1/+1
| | | | | | | | | The functions parsing configuration parameters do not modify the name of the parameter, so mark that function argument constant. In theory, the value should also be const, but at least for now, number of the parser functions end up modifying this to simplify parsing. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add DUP_NETWORK global control interface commandAnton Nayshtut2015-07-211-0/+116
| | | | | | | | | | | | | | | | | | | | | | This adds a new global control interface command DUP_NETWORK with the following syntax: DUP_NETWORK src_ifname dst_ifname param The currently supported parameters: wpa wpa_key_mgmt wpa_pairwise rsn_pairwise wpa_passphrase wpa_psk The specified configuration parameter is copied from the source interface to the destination interface. The main use for this is to allow cloning of security configuration without having to expose the keys from the hostapd process. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Introduce hostapd_ctrl_iface_get_key_mgmt()Anton Nayshtut2015-07-211-70/+92
| | | | | | This function will be used in DUP_NETWORK command implementation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Introduce hostapd_interfaces_get_hapd()Anton Nayshtut2015-07-211-10/+22
| | | | | | This function will be used in DUP_NETWORK command implementation. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add current wpa parameter into GET_CONFIG outputMohammed Shafi Shajakhan2015-07-171-0/+7
| | | | | | | This can be used, e.g., by an action script to update new WPS settings for the AP. Signed-off-by: Mohammed Shafi Shajakhan <mohammed@qti.qualcomm.com>
* FST: Clear hostapd fst_ies on FST-DETACH to avoid use of freed memoryJouni Malinen2015-07-171-0/+1
| | | | | | | This is needed in the corner case of FST-DETACH being used without stopping the AP instance. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add global to local control interface redirectionAnton Nayshtut2015-07-161-0/+47
| | | | | | | | | This patch implements global to local control interface redirection in the same way as it's done for wpa_supplicant. Any global control interface command beginning with "IFNAME=..." will be routed to the corresponding local control interface handler. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Add hostapd_ctrl_iface_receive_process()Anton Nayshtut2015-07-161-36/+53
| | | | | | | The newly introduced function will be used in followup commits to handle requests redirected from the global control interface. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* FST: hostapd control interfaceAnton Nayshtut2015-07-161-0/+64
| | | | Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Global control interface notificationsAnton Nayshtut2015-07-161-10/+108
| | | | | | | | | | This commit implements hostapd global control interface notifications infrastructure. hostapd global control interface clients issue ATTACH/DETACH commands to register and deregister with hostapd correspondingly - the same way as for any other hostapd/wpa_supplicant control interface. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add EAPOL_SET hostapd command to configure EAPOL parametersJouni Malinen2015-07-121-0/+26
| | | | | | | | This new control interface command "EAPOL_REAUTH <MAC address> <parameter> <value>" can be used to implement the IEEE 802.1X PAE Set Authenticator Configuration operation. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add EAPOL_REAUTH hostapd command to trigger EAPOL reauthenticationJouni Malinen2015-07-121-0/+22
| | | | | | | This new control interface command "EAPOL_REAUTH <MAC address>" can be used to implement the IEEE 802.1X PAE Reauthenticate operation. Signed-off-by: Jouni Malinen <j@w1.fi>
* DATA_TEST_TX: Avoid ubsan warning on 0x80<<24 not fitting in intJouni Malinen2015-07-071-2/+2
| | | | | | | Use unsigned constant instead of signed to avoid warning with the LSB being set in an int. Signed-off-by: Jouni Malinen <j@w1.fi>
* Avoid misaligned IPv4 header accesses in DATA_TEST_* commandsJouni Malinen2015-07-071-9/+9
| | | | | | | | The IPv4 header after the Ethernet header is not 32-bit aligned and the previous version ended up accessing 32-bit members at misaligned addresses. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add backtrace-based error path testing mechanismJouni Malinen2015-06-291-0/+44
| | | | | | | | | | | | | | | | The new TEST_FAIL and GET_FAIL control interface commands can be used similarly to the earlier TEST_ALLOC_FAIL/GET_ALLOC_FAIL design. The new version is more generic framework allowing any function to be annotated for failure testing with the TEST_FAIL() macro. This mechanism is only available in builds with CONFIG_WPA_TRACE_BFD=y and CONFIG_TESTING_OPTIONS=y. For other builds, the TEST_FAIL() macro is defined to return 0 to allow the compiler to remove the test code from normal production builds. As the first test site, allow os_get_random() to be marked for failing based on call backtrace. Signed-off-by: Jouni Malinen <j@w1.fi>
* Document the wpa_msg_cb "global" parameterJouni Malinen2015-06-101-1/+2
| | | | | | | | Instead of an int variable with magic values 0, 1, 2, use an enum that gives clearer meaning to the values now that the original boolean type global argument is not really a boolean anymore. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add hostapd UPDATE_BEACON ctrl_iface commandJouni Malinen2015-02-091-0/+4
| | | | | | | | This can be used to ask Beacon frames to be updated explicitly, e.g., after a dynamic configuration parameter change. This can also be used to start beaconing on an interface that was started with start_disabled=1. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add STOP_AP control interface commandJouni Malinen2015-02-081-0/+3
| | | | | | | This is mainly for testing purposes to allow beaconing to be stopped without clearing AP state in hostapd. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add Suite B 192-bit AKMJouni Malinen2015-01-261-1/+9
| | | | | | | WPA-EAP-SUITE-B-192 can now be used to select 192-bit level Suite B into use as the key management method. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add "GET tls_library" to provide information on TLS library and versionJouni Malinen2015-01-111-0/+6
| | | | | | | | This new wpa_supplicant and hostapd control interface command can be used to determine which TLS library is used in the build and what is the version of that library. Signed-off-by: Jouni Malinen <j@w1.fi>
* Verify that eloop_register_read_sock() succeeds for ctrl_iface setupJouni Malinen2015-01-081-2/+6
| | | | | | | This allows faster detection of a case where a memory allocation fails within eloop. Signed-off-by: Jouni Malinen <j@w1.fi>
* Add support for testing memory allocation failuresJouni Malinen2015-01-071-0/+45
| | | | | | | | | | | | | | | | | | The new control interface command TEST_ALLOC_FAIL and GET_ALLOC_FAIL can now be used to trigger memory allocation failures for testing purposes. TEST_ALLOC_FAIL sets a failure conditions with <count>:func[;func][;func]... string and GET_ALLOC_FAIL returns the current state using the same format. Whenever an allocation is made with a matching backtrace of calling functions, the count is decremented by one and once zero is reached, the allocation is forced to fail. Function names can be prefixed with either '=' or '?' to get different matching behavior. '=' requires this specific function to be the next one in the backtrace (i.e., do not skip any other functions in the list which is the default behavior). '?' allows the function to be optionally present in the backtrace. Signed-off-by: Jouni Malinen <j@w1.fi>
* Clean up debug prints to use wpa_printf()Jouni Malinen2014-12-261-24/+37
| | | | | | | This converts most of the remaining perror() and printf() calls from hostapd and wpa_supplicant to use wpa_printf(). Signed-off-by: Jouni Malinen <j@w1.fi>
* ERP: Add ERP_FLUSH for hostapdJouni Malinen2014-12-141-1/+5
| | | | | | | This can be used to drop any pending ERP key from both the internal AP authentication server and RADIUS server use of hostapd. Signed-off-by: Jouni Malinen <j@w1.fi>
* Check os_snprintf() result more consistently - automatic 1Jouni Malinen2014-12-081-27/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts os_snprintf() result validation cases to use os_snprintf_error() where the exact rule used in os_snprintf_error() was used. These changes were done automatically with spatch using the following semantic patch: @@ identifier E1; expression E2,E3,E4,E5,E6; statement S1; @@ ( E1 = os_snprintf(E2, E3, ...); | int E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else E1 = os_snprintf(E2, E3, ...); | if (E5) E1 = os_snprintf(E2, E3, ...); else if (E6) E1 = os_snprintf(E2, E3, ...); else E1 = 0; | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else if (E6) { ... E1 = os_snprintf(E2, E3, ...); } else { ... return -1; } | if (E5) { ... E1 = os_snprintf(E2, E3, ...); } else { ... E1 = os_snprintf(E2, E3, ...); } ) ? os_free(E4); - if (E1 < 0 || \( E1 >= E3 \| (size_t) E1 >= E3 \| (unsigned int) E1 >= E3 \| E1 >= (int) E3 \)) + if (os_snprintf_error(E3, E1)) ( S1 | { ... } ) Signed-off-by: Jouni Malinen <j@w1.fi>
* Add DATA_TEST_FRAME for testing Data frame processing on AP sideJouni Malinen2014-11-281-0/+54
| | | | | | | | The new hostapd control interface command can be used in automated testing to verify how AP processes Data frames with arbitrary contents. This is enabled only in builds with CONFIG_TESTING_OPTIONS=y. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* hostapd: Allow DATA_TEST_CONFIG to configure ifnameJouni Malinen2014-11-271-1/+9
| | | | | | | This allows the device-based data connectivity tests to be extended for bridge and VLAN interface cases. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
* Add BSS_TM_REQ command to send BSS Transition Management RequestJouni Malinen2014-11-221-0/+190
| | | | | | | hostapd control interface can now be used to request transmission of a BSS Transition Management Request frame to a specified station. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>