2 * Host AP (software wireless LAN access point) user space daemon for
3 * Host AP kernel driver
4 * Copyright (c) 2002-2005, Jouni Malinen <jkmaline@cc.hut.fi>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * Alternatively, this software may be distributed under the terms of BSD
13 * See README and COPYING for more details.
19 #include <netinet/in.h>
25 #include <sys/types.h>
26 #include <sys/socket.h>
27 #include <arpa/inet.h>
31 #include "ieee802_1x.h"
32 #include "ieee802_11.h"
33 #include "accounting.h"
37 #include "ieee802_11_auth.h"
40 #include "radius_client.h"
41 #include "radius_server.h"
43 #include "ctrl_iface.h"
45 #include "eap_sim_db.h"
47 #include "hostap_common.h"
50 struct hapd_interfaces {
55 unsigned char rfc1042_header[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
58 extern int wpa_debug_level;
59 extern int wpa_debug_show_keys;
60 extern int wpa_debug_timestamp;
63 void hostapd_logger(struct hostapd_data *hapd, const u8 *addr,
64 unsigned int module, int level, const char *fmt, ...)
66 char *format, *module_str;
69 int conf_syslog_level, conf_stdout_level;
70 unsigned int conf_syslog, conf_stdout;
72 maxlen = strlen(fmt) + 100;
73 format = malloc(maxlen);
77 if (hapd && hapd->conf) {
78 conf_syslog_level = hapd->conf->logger_syslog_level;
79 conf_stdout_level = hapd->conf->logger_stdout_level;
80 conf_syslog = hapd->conf->logger_syslog;
81 conf_stdout = hapd->conf->logger_stdout;
83 conf_syslog_level = conf_stdout_level = 0;
84 conf_syslog = conf_stdout = (unsigned int) -1;
88 case HOSTAPD_MODULE_IEEE80211:
89 module_str = "IEEE 802.11";
91 case HOSTAPD_MODULE_IEEE8021X:
92 module_str = "IEEE 802.1X";
94 case HOSTAPD_MODULE_RADIUS:
95 module_str = "RADIUS";
97 case HOSTAPD_MODULE_WPA:
100 case HOSTAPD_MODULE_DRIVER:
101 module_str = "DRIVER";
103 case HOSTAPD_MODULE_IAPP:
111 if (hapd && hapd->conf && addr)
112 snprintf(format, maxlen, "%s: STA " MACSTR "%s%s: %s",
113 hapd->conf->iface, MAC2STR(addr),
114 module_str ? " " : "", module_str, fmt);
115 else if (hapd && hapd->conf)
116 snprintf(format, maxlen, "%s:%s%s %s",
117 hapd->conf->iface, module_str ? " " : "",
120 snprintf(format, maxlen, "STA " MACSTR "%s%s: %s",
121 MAC2STR(addr), module_str ? " " : "",
124 snprintf(format, maxlen, "%s%s%s",
125 module_str, module_str ? ": " : "", fmt);
127 if ((conf_stdout & module) && level >= conf_stdout_level) {
128 wpa_debug_print_timestamp();
135 if ((conf_syslog & module) && level >= conf_syslog_level) {
138 case HOSTAPD_LEVEL_DEBUG_VERBOSE:
139 case HOSTAPD_LEVEL_DEBUG:
140 priority = LOG_DEBUG;
142 case HOSTAPD_LEVEL_INFO:
145 case HOSTAPD_LEVEL_NOTICE:
146 priority = LOG_NOTICE;
148 case HOSTAPD_LEVEL_WARNING:
149 priority = LOG_WARNING;
156 vsyslog(priority, format, ap);
164 const char * hostapd_ip_txt(const struct hostapd_ip_addr *addr, char *buf,
167 if (buflen == 0 || addr == NULL)
170 if (addr->af == AF_INET) {
171 snprintf(buf, buflen, "%s", inet_ntoa(addr->u.v4));
176 if (addr->af == AF_INET6) {
177 if (inet_ntop(AF_INET6, &addr->u.v6, buf, buflen) == NULL)
180 #endif /* CONFIG_IPV6 */
186 static void hostapd_deauth_all_stas(hostapd *hapd)
191 memset(addr, 0xff, ETH_ALEN);
192 hostapd_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID);
194 /* New Prism2.5/3 STA firmware versions seem to have issues with this
195 * broadcast deauth frame. This gets the firmware in odd state where
196 * nothing works correctly, so let's skip sending this for a while
197 * until the issue has been resolved. */
202 /* This function will be called whenever a station associates with the AP */
203 void hostapd_new_assoc_sta(hostapd *hapd, struct sta_info *sta, int reassoc)
205 if (hapd->tkip_countermeasures) {
206 hostapd_sta_deauth(hapd, sta->addr,
207 WLAN_REASON_MICHAEL_MIC_FAILURE);
211 /* IEEE 802.11F (IAPP) */
212 if (hapd->conf->ieee802_11f)
213 iapp_new_station(hapd->iapp, sta);
215 /* Start accounting here, if IEEE 802.1X and WPA are not used.
216 * IEEE 802.1X/WPA code will start accounting after the station has
217 * been authorized. */
218 if (!hapd->conf->ieee802_1x && !hapd->conf->wpa)
219 accounting_sta_start(hapd, sta);
221 /* Start IEEE 802.1X authentication process for new stations */
222 ieee802_1x_new_station(hapd, sta);
224 wpa_sm_event(hapd, sta, WPA_REAUTH);
226 wpa_new_station(hapd, sta);
230 static void handle_term(int sig, void *eloop_ctx, void *signal_ctx)
232 printf("Signal %d received - terminating\n", sig);
237 static void handle_reload(int sig, void *eloop_ctx, void *signal_ctx)
239 struct hapd_interfaces *hapds = (struct hapd_interfaces *) eloop_ctx;
240 struct hostapd_config *newconf;
243 printf("Signal %d received - reloading configuration\n", sig);
245 for (i = 0; i < hapds->count; i++) {
246 hostapd *hapd = hapds->hapd[i];
247 newconf = hostapd_config_read(hapd->config_fname);
248 if (newconf == NULL) {
249 printf("Failed to read new configuration file - "
250 "continuing with old.\n");
253 /* TODO: update dynamic data based on changed configuration
254 * items (e.g., open/close sockets, remove stations added to
255 * deny list, etc.) */
256 radius_client_flush(hapd->radius);
257 hostapd_config_free(hapd->conf);
258 hapd->conf = newconf;
263 #ifdef HOSTAPD_DUMP_STATE
264 static void hostapd_dump_state(hostapd *hapd)
268 struct sta_info *sta;
272 if (!hapd->conf->dump_log_name) {
273 printf("Dump file not defined - ignoring dump request\n");
277 printf("Dumping hostapd state to '%s'\n", hapd->conf->dump_log_name);
278 f = fopen(hapd->conf->dump_log_name, "w");
280 printf("Could not open dump file '%s' for writing.\n",
281 hapd->conf->dump_log_name);
286 fprintf(f, "hostapd state dump - %s", ctime(&now));
288 for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
289 fprintf(f, "\nSTA=" MACSTR "\n", MAC2STR(sta->addr));
292 " AID=%d flags=0x%x %s%s%s%s%s%s\n"
293 " capability=0x%x listen_interval=%d\n",
296 (sta->flags & WLAN_STA_AUTH ? "[AUTH]" : ""),
297 (sta->flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""),
298 (sta->flags & WLAN_STA_PS ? "[PS]" : ""),
299 (sta->flags & WLAN_STA_TIM ? "[TIM]" : ""),
300 (sta->flags & WLAN_STA_PERM ? "[PERM]" : ""),
301 (sta->flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" :
304 sta->listen_interval);
306 fprintf(f, " supported_rates=");
307 for (i = 0; i < sizeof(sta->supported_rates); i++)
308 if (sta->supported_rates[i] != 0)
309 fprintf(f, "%02x ", sta->supported_rates[i]);
310 fprintf(f, "%s%s%s%s\n",
311 (sta->tx_supp_rates & WLAN_RATE_1M ? "[1M]" : ""),
312 (sta->tx_supp_rates & WLAN_RATE_2M ? "[2M]" : ""),
313 (sta->tx_supp_rates & WLAN_RATE_5M5 ? "[5.5M]" : ""),
314 (sta->tx_supp_rates & WLAN_RATE_11M ? "[11M]" : ""));
317 " timeout_next=%s\n",
318 (sta->timeout_next == STA_NULLFUNC ? "NULLFUNC POLL" :
319 (sta->timeout_next == STA_DISASSOC ? "DISASSOC" :
322 ieee802_1x_dump_state(f, " ", sta);
327 int count = radius_client_get_mib(hapd->radius, buf, 4096);
330 else if (count > 4095)
333 fprintf(f, "%s", buf);
335 count = radius_server_get_mib(hapd->radius_srv, buf, 4096);
338 else if (count > 4095)
341 fprintf(f, "%s", buf);
346 #endif /* HOSTAPD_DUMP_STATE */
349 static void handle_dump_state(int sig, void *eloop_ctx, void *signal_ctx)
351 #ifdef HOSTAPD_DUMP_STATE
352 struct hapd_interfaces *hapds = (struct hapd_interfaces *) eloop_ctx;
355 for (i = 0; i < hapds->count; i++) {
356 hostapd *hapd = hapds->hapd[i];
357 hostapd_dump_state(hapd);
359 #endif /* HOSTAPD_DUMP_STATE */
363 static void hostapd_cleanup(struct hostapd_data *hapd)
365 hostapd_ctrl_iface_deinit(hapd);
367 free(hapd->default_wep_key);
368 hapd->default_wep_key = NULL;
369 iapp_deinit(hapd->iapp);
370 accounting_deinit(hapd);
372 ieee802_1x_deinit(hapd);
373 hostapd_acl_deinit(hapd);
374 radius_client_deinit(hapd->radius);
376 radius_server_deinit(hapd->radius_srv);
377 hapd->radius_srv = NULL;
379 hostapd_wireless_event_deinit(hapd);
382 hostapd_driver_deinit(hapd);
384 hostapd_config_free(hapd->conf);
387 free(hapd->config_fname);
391 tls_deinit(hapd->ssl_ctx);
392 hapd->ssl_ctx = NULL;
394 #endif /* EAP_TLS_FUNCS */
396 if (hapd->eap_sim_db_priv)
397 eap_sim_db_deinit(hapd->eap_sim_db_priv);
401 static int hostapd_flush_old_stations(hostapd *hapd)
405 printf("Flushing old station entries\n");
406 if (hostapd_flush(hapd)) {
407 printf("Could not connect to kernel driver.\n");
410 printf("Deauthenticate all stations\n");
411 hostapd_deauth_all_stas(hapd);
417 static int hostapd_setup_interface(struct hostapd_data *hapd)
419 struct hostapd_config *conf = hapd->conf;
420 u8 ssid[HOSTAPD_SSID_LEN + 1];
421 int ssid_len, set_ssid;
424 if (hostapd_driver_init(hapd)) {
425 printf("%s driver initialization failed.\n",
426 hapd->driver ? hapd->driver->name : "Unknown");
432 * Fetch the SSID from the system and use it or,
433 * if one was specified in the config file, verify they
436 ssid_len = hostapd_get_ssid(hapd, ssid, sizeof(ssid));
438 printf("Could not read SSID from system\n");
441 if (conf->ssid_set) {
443 * If SSID is specified in the config file and it differs
444 * from what is being used then force installation of the
447 set_ssid = (conf->ssid_len != ssid_len ||
448 memcmp(conf->ssid, ssid, ssid_len) != 0);
451 * No SSID in the config file; just use the one we got
455 conf->ssid_len = ssid_len;
456 memcpy(conf->ssid, ssid, conf->ssid_len);
457 conf->ssid[conf->ssid_len] = '\0';
460 printf("Using interface %s with hwaddr " MACSTR " and ssid '%s'\n",
461 hapd->conf->iface, MAC2STR(hapd->own_addr), hapd->conf->ssid);
463 if (hostapd_setup_wpa_psk(conf)) {
464 printf("WPA-PSK setup failed.\n");
468 /* Set SSID for the kernel driver (to be used in beacon and probe
469 * response frames) */
470 if (set_ssid && hostapd_set_ssid(hapd, (u8 *) conf->ssid,
472 printf("Could not set SSID for kernel driver\n");
476 if (HOSTAPD_DEBUG_COND(HOSTAPD_DEBUG_MSGDUMPS))
477 conf->radius->msg_dumps = 1;
478 hapd->radius = radius_client_init(hapd, conf->radius);
479 if (hapd->radius == NULL) {
480 printf("RADIUS client initialization failed.\n");
483 if (conf->radius_server_clients) {
484 struct radius_server_conf srv;
485 memset(&srv, 0, sizeof(srv));
486 srv.client_file = conf->radius_server_clients;
487 srv.auth_port = conf->radius_server_auth_port;
488 srv.hostapd_conf = conf;
489 srv.eap_sim_db_priv = hapd->eap_sim_db_priv;
490 srv.ssl_ctx = hapd->ssl_ctx;
491 srv.ipv6 = conf->radius_server_ipv6;
492 hapd->radius_srv = radius_server_init(&srv);
493 if (hapd->radius_srv == NULL) {
494 printf("RADIUS server initialization failed.\n");
498 if (hostapd_acl_init(hapd)) {
499 printf("ACL initialization failed.\n");
502 if (ieee802_1x_init(hapd)) {
503 printf("IEEE 802.1X initialization failed.\n");
507 if (hapd->conf->wpa && wpa_init(hapd)) {
508 printf("WPA initialization failed.\n");
512 if (accounting_init(hapd)) {
513 printf("Accounting initialization failed.\n");
517 if (hapd->conf->ieee802_11f &&
518 (hapd->iapp = iapp_init(hapd, hapd->conf->iapp_iface)) == NULL) {
519 printf("IEEE 802.11F (IAPP) initialization failed.\n");
523 if (hostapd_wireless_event_init(hapd) < 0)
526 if (hostapd_flush_old_stations(hapd))
529 if (hostapd_ctrl_iface_init(hapd)) {
530 printf("Failed to setup control interface\n");
541 const struct driver_ops *ops;
543 static struct driver *drivers = NULL;
545 void driver_register(const char *name, const struct driver_ops *ops)
549 d = malloc(sizeof(struct driver));
551 printf("Failed to register driver %s!\n", name);
554 d->name = strdup(name);
555 if (d->name == NULL) {
556 printf("Failed to register driver %s!\n", name);
567 void driver_unregister(const char *name)
569 struct driver *p, **pp;
571 for (pp = &drivers; (p = *pp) != NULL; pp = &p->next) {
572 if (strcasecmp(p->name, name) == 0) {
583 static void driver_unregister_all(void)
585 struct driver *p, *pp;
597 const struct driver_ops * driver_lookup(const char *name)
601 if (strcmp(name, "default") == 0) {
608 for (p = drivers; p != NULL; p = p->next) {
609 if (strcasecmp(p->name, name) == 0)
617 static void show_version(void)
620 "hostapd v" VERSION_STR "\n"
621 "User space daemon for IEEE 802.11 AP management,\n"
622 "IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator\n"
623 "Copyright (c) 2002-2005, Jouni Malinen <jkmaline@cc.hut.fi> "
624 "and contributors\n");
628 static void usage(void)
633 "usage: hostapd [-hdBKt] <configuration file(s)>\n"
636 " -h show this usage\n"
637 " -d show more debug messages (-dd for even more)\n"
638 " -B run daemon in the background\n"
639 " -K include key data in debug messages\n"
640 " -t include timestamps in some debug messages\n"
641 " -v show hostapd version\n");
647 static hostapd * hostapd_init(const char *config_file)
651 hapd = malloc(sizeof(*hapd));
653 printf("Could not allocate memory for hostapd data\n");
656 memset(hapd, 0, sizeof(*hapd));
658 hapd->config_fname = strdup(config_file);
659 if (hapd->config_fname == NULL) {
660 printf("Could not allocate memory for config_fname\n");
664 hapd->conf = hostapd_config_read(hapd->config_fname);
665 if (hapd->conf == NULL) {
669 if (hapd->conf->individual_wep_key_len > 0) {
670 /* use key0 in individual key and key1 in broadcast key */
671 hapd->default_wep_key_idx = 1;
675 if (hapd->conf->eap_server &&
676 (hapd->conf->ca_cert || hapd->conf->server_cert)) {
677 hapd->ssl_ctx = tls_init(NULL);
678 if (hapd->ssl_ctx == NULL) {
679 printf("Failed to initialize TLS\n");
682 if (tls_global_ca_cert(hapd->ssl_ctx, hapd->conf->ca_cert)) {
683 printf("Failed to load CA certificate (%s)\n",
684 hapd->conf->ca_cert);
687 if (tls_global_client_cert(hapd->ssl_ctx,
688 hapd->conf->server_cert)) {
689 printf("Failed to load server certificate (%s)\n",
690 hapd->conf->server_cert);
693 if (tls_global_private_key(hapd->ssl_ctx,
694 hapd->conf->private_key,
695 hapd->conf->private_key_passwd)) {
696 printf("Failed to load private key (%s)\n",
697 hapd->conf->private_key);
700 if (tls_global_set_verify(hapd->ssl_ctx,
701 hapd->conf->check_crl)) {
702 printf("Failed to enable check_crl\n");
706 #endif /* EAP_TLS_FUNCS */
708 if (hapd->conf->eap_sim_db) {
709 hapd->eap_sim_db_priv =
710 eap_sim_db_init(hapd->conf->eap_sim_db);
711 if (hapd->eap_sim_db_priv == NULL) {
712 printf("Failed to initialize EAP-SIM database "
718 if (hapd->conf->assoc_ap)
719 hapd->assoc_ap_state = WAIT_BEACON;
721 /* FIX: need to fix this const vs. not */
722 hapd->driver = (struct driver_ops *) hapd->conf->driver;
729 tls_deinit(hapd->ssl_ctx);
731 hostapd_config_free(hapd->conf);
732 free(hapd->config_fname);
739 void register_drivers(void);
741 int main(int argc, char *argv[])
743 struct hapd_interfaces interfaces;
745 int c, debug = 0, daemonize = 0;
748 c = getopt(argc, argv, "BdhKtv");
762 wpa_debug_show_keys++;
765 wpa_debug_timestamp++;
781 register_drivers(); /* NB: generated by Makefile */
783 interfaces.count = argc - optind;
785 interfaces.hapd = malloc(interfaces.count * sizeof(hostapd *));
786 if (interfaces.hapd == NULL) {
787 printf("malloc failed\n");
791 eloop_init(&interfaces);
792 eloop_register_signal(SIGHUP, handle_reload, NULL);
793 eloop_register_signal(SIGINT, handle_term, NULL);
794 eloop_register_signal(SIGTERM, handle_term, NULL);
795 eloop_register_signal(SIGUSR1, handle_dump_state, NULL);
797 for (i = 0; i < interfaces.count; i++) {
798 printf("Configuration file: %s\n", argv[optind + i]);
799 interfaces.hapd[i] = hostapd_init(argv[optind + i]);
800 if (!interfaces.hapd[i])
802 for (j = 0; j < debug; j++) {
803 if (interfaces.hapd[i]->conf->logger_stdout_level > 0)
804 interfaces.hapd[i]->conf->
805 logger_stdout_level--;
806 interfaces.hapd[i]->conf->debug++;
808 if (hostapd_setup_interface(interfaces.hapd[i]))
810 wpa_debug_level -= interfaces.hapd[0]->conf->debug;
813 if (daemonize && daemon(0, 0)) {
818 openlog("hostapd", 0, LOG_DAEMON);
822 for (i = 0; i < interfaces.count; i++) {
823 hostapd_free_stas(interfaces.hapd[i]);
824 hostapd_flush_old_stations(interfaces.hapd[i]);
830 for (i = 0; i < interfaces.count; i++) {
831 if (!interfaces.hapd[i])
834 hostapd_cleanup(interfaces.hapd[i]);
835 free(interfaces.hapd[i]);
837 free(interfaces.hapd);
843 driver_unregister_all();