1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
#ifndef CONFIG_H
#define CONFIG_H
typedef u8 macaddr[ETH_ALEN];
struct hostapd_radius_server {
/* MIB prefix for shared variables:
* @ = radiusAuth or radiusAcc depending on the type of the server */
struct in_addr addr; /* @ServerAddress */
int port; /* @ClientServerPortNumber */
u8 *shared_secret;
size_t shared_secret_len;
/* Dynamic (not from configuration file) MIB data */
int index; /* @ServerIndex */
int round_trip_time; /* @ClientRoundTripTime; in hundredths of a
* second */
u32 requests; /* @Client{Access,}Requests */
u32 retransmissions; /* @Client{Access,}Retransmissions */
u32 access_accepts; /* radiusAuthClientAccessAccepts */
u32 access_rejects; /* radiusAuthClientAccessRejects */
u32 access_challenges; /* radiusAuthClientAccessChallenges */
u32 responses; /* radiusAccClientResponses */
u32 malformed_responses; /* @ClientMalformed{Access,}Responses */
u32 bad_authenticators; /* @ClientBadAuthenticators */
u32 timeouts; /* @ClientTimeouts */
u32 unknown_types; /* @ClientUnknownTypes */
u32 packets_dropped; /* @ClientPacketsDropped */
/* @ClientPendingRequests: length of hapd->radius->msgs for matching
* msg_type */
};
#define PMK_LEN 32
struct hostapd_wpa_psk {
struct hostapd_wpa_psk *next;
int group;
u8 psk[PMK_LEN];
u8 addr[ETH_ALEN];
};
#define EAP_USER_MAX_METHODS 8
struct hostapd_eap_user {
struct hostapd_eap_user *next;
u8 *identity;
size_t identity_len;
u8 methods[EAP_USER_MAX_METHODS];
u8 *password;
size_t password_len;
int phase2;
int force_version;
};
struct hostapd_config {
char iface[IFNAMSIZ + 1];
char bridge[IFNAMSIZ + 1];
const struct driver_ops *driver;
enum {
HOSTAPD_LEVEL_DEBUG_VERBOSE = 0,
HOSTAPD_LEVEL_DEBUG = 1,
HOSTAPD_LEVEL_INFO = 2,
HOSTAPD_LEVEL_NOTICE = 3,
HOSTAPD_LEVEL_WARNING = 4
} logger_syslog_level, logger_stdout_level;
#define HOSTAPD_MODULE_IEEE80211 BIT(0)
#define HOSTAPD_MODULE_IEEE8021X BIT(1)
#define HOSTAPD_MODULE_RADIUS BIT(2)
#define HOSTAPD_MODULE_WPA BIT(3)
#define HOSTAPD_MODULE_DRIVER BIT(4)
#define HOSTAPD_MODULE_IAPP BIT(5)
unsigned int logger_syslog; /* module bitfield */
unsigned int logger_stdout; /* module bitfield */
enum { HOSTAPD_DEBUG_NO = 0, HOSTAPD_DEBUG_MINIMAL = 1,
HOSTAPD_DEBUG_VERBOSE = 2,
HOSTAPD_DEBUG_MSGDUMPS = 3,
HOSTAPD_DEBUG_EXCESSIVE = 4 } debug; /* debug verbosity level */
char *dump_log_name; /* file name for state dump (SIGUSR1) */
int ieee802_1x; /* use IEEE 802.1X */
int eap_authenticator; /* Use internal EAP authenticator instead of
* external RADIUS server */
struct hostapd_eap_user *eap_user;
char *eap_sim_db;
struct in_addr own_ip_addr;
char *nas_identifier;
/* RADIUS Authentication and Accounting servers in priority order */
struct hostapd_radius_server *auth_servers, *auth_server;
int num_auth_servers;
struct hostapd_radius_server *acct_servers, *acct_server;
int num_acct_servers;
int radius_retry_primary_interval;
int radius_acct_interim_interval;
#define HOSTAPD_SSID_LEN 32
char ssid[HOSTAPD_SSID_LEN + 1];
size_t ssid_len;
int ssid_set;
char *eap_req_id_text; /* optional displayable message sent with
* EAP Request-Identity */
int eapol_key_index_workaround;
size_t default_wep_key_len;
int individual_wep_key_len;
int wep_rekeying_period;
int eap_reauth_period;
int ieee802_11f; /* use IEEE 802.11f (IAPP) */
char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast
* frames */
u8 assoc_ap_addr[ETH_ALEN];
int assoc_ap; /* whether assoc_ap_addr is set */
enum {
ACCEPT_UNLESS_DENIED = 0,
DENY_UNLESS_ACCEPTED = 1,
USE_EXTERNAL_RADIUS_AUTH = 2
} macaddr_acl;
macaddr *accept_mac;
int num_accept_mac;
macaddr *deny_mac;
int num_deny_mac;
#define HOSTAPD_AUTH_OPEN BIT(0)
#define HOSTAPD_AUTH_SHARED_KEY BIT(1)
int auth_algs; /* bitfield of allowed IEEE 802.11 authentication
* algorithms */
#define HOSTAPD_WPA_VERSION_WPA BIT(0)
#define HOSTAPD_WPA_VERSION_WPA2 BIT(1)
int wpa;
struct hostapd_wpa_psk *wpa_psk;
char *wpa_passphrase;
char *wpa_psk_file;
#define WPA_KEY_MGMT_IEEE8021X BIT(0)
#define WPA_KEY_MGMT_PSK BIT(1)
int wpa_key_mgmt;
#define WPA_CIPHER_NONE BIT(0)
#define WPA_CIPHER_WEP40 BIT(1)
#define WPA_CIPHER_WEP104 BIT(2)
#define WPA_CIPHER_TKIP BIT(3)
#define WPA_CIPHER_CCMP BIT(4)
int wpa_pairwise;
int wpa_group;
int wpa_group_rekey;
int wpa_strict_rekey;
int wpa_gmk_rekey;
int rsn_preauth;
char *rsn_preauth_interfaces;
char *ctrl_interface; /* directory for UNIX domain sockets */
gid_t ctrl_interface_gid;
char *ca_cert;
char *server_cert;
char *private_key;
char *private_key_passwd;
char *radius_server_clients;
int radius_server_auth_port;
};
struct hostapd_config * hostapd_config_read(const char *fname);
void hostapd_config_free(struct hostapd_config *conf);
int hostapd_maclist_found(macaddr *list, int num_entries, u8 *addr);
const u8 * hostapd_get_psk(const struct hostapd_config *conf, const u8 *addr,
const u8 *prev_psk);
int hostapd_setup_wpa_psk(struct hostapd_config *conf);
const struct hostapd_eap_user *
hostapd_get_eap_user(const struct hostapd_config *conf, const u8 *identity,
size_t identity_len, int phase2);
#endif /* CONFIG_H */
|
