📄 config.c
字号:
struct hostapd_eap_user *user, *tail = NULL; if (!fname) return 0; f = fopen(fname, "r"); if (!f) { wpa_printf(MSG_ERROR, "EAP user file '%s' not found.", fname); return -1; } /* Lines: "user" METHOD,METHOD2 "password" (password optional) */ while (fgets(buf, sizeof(buf), f)) { line++; if (buf[0] == '#') continue; pos = buf; while (*pos != '\0') { if (*pos == '\n') { *pos = '\0'; break; } pos++; } if (buf[0] == '\0') continue; user = NULL; if (buf[0] != '"' && buf[0] != '*') { wpa_printf(MSG_ERROR, "Invalid EAP identity (no \" in " "start) on line %d in '%s'", line, fname); goto failed; } user = os_zalloc(sizeof(*user)); if (user == NULL) { wpa_printf(MSG_ERROR, "EAP user allocation failed"); goto failed; } user->force_version = -1; if (buf[0] == '*') { pos = buf; } else { pos = buf + 1; start = pos; while (*pos != '"' && *pos != '\0') pos++; if (*pos == '\0') { wpa_printf(MSG_ERROR, "Invalid EAP identity " "(no \" in end) on line %d in '%s'", line, fname); goto failed; } user->identity = os_malloc(pos - start); if (user->identity == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate " "memory for EAP identity"); goto failed; } os_memcpy(user->identity, start, pos - start); user->identity_len = pos - start; if (pos[0] == '"' && pos[1] == '*') { user->wildcard_prefix = 1; pos++; } } pos++; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0') { wpa_printf(MSG_ERROR, "No EAP method on line %d in " "'%s'", line, fname); goto failed; } start = pos; while (*pos != ' ' && *pos != '\t' && *pos != '\0') pos++; if (*pos == '\0') { pos = NULL; } else { *pos = '\0'; pos++; } num_methods = 0; while (*start) { char *pos3 = os_strchr(start, ','); if (pos3) { *pos3++ = '\0'; } user->methods[num_methods].method = eap_server_get_type( start, &user->methods[num_methods].vendor); if (user->methods[num_methods].vendor == EAP_VENDOR_IETF && user->methods[num_methods].method == EAP_TYPE_NONE) { if (os_strcmp(start, "TTLS-PAP") == 0) { user->ttls_auth |= EAP_TTLS_AUTH_PAP; goto skip_eap; } if (os_strcmp(start, "TTLS-CHAP") == 0) { user->ttls_auth |= EAP_TTLS_AUTH_CHAP; goto skip_eap; } if (os_strcmp(start, "TTLS-MSCHAP") == 0) { user->ttls_auth |= EAP_TTLS_AUTH_MSCHAP; goto skip_eap; } if (os_strcmp(start, "TTLS-MSCHAPV2") == 0) { user->ttls_auth |= EAP_TTLS_AUTH_MSCHAPV2; goto skip_eap; } wpa_printf(MSG_ERROR, "Unsupported EAP type " "'%s' on line %d in '%s'", start, line, fname); goto failed; } num_methods++; if (num_methods >= EAP_USER_MAX_METHODS) break; skip_eap: if (pos3 == NULL) break; start = pos3; } if (num_methods == 0 && user->ttls_auth == 0) { wpa_printf(MSG_ERROR, "No EAP types configured on " "line %d in '%s'", line, fname); goto failed; } if (pos == NULL) goto done; while (*pos == ' ' || *pos == '\t') pos++; if (*pos == '\0') goto done; if (os_strncmp(pos, "[ver=0]", 7) == 0) { user->force_version = 0; goto done; } if (os_strncmp(pos, "[ver=1]", 7) == 0) { user->force_version = 1; goto done; } if (os_strncmp(pos, "[2]", 3) == 0) { user->phase2 = 1; goto done; } if (*pos == '"') { pos++; start = pos; while (*pos != '"' && *pos != '\0') pos++; if (*pos == '\0') { wpa_printf(MSG_ERROR, "Invalid EAP password " "(no \" in end) on line %d in '%s'", line, fname); goto failed; } user->password = os_malloc(pos - start); if (user->password == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate " "memory for EAP password"); goto failed; } os_memcpy(user->password, start, pos - start); user->password_len = pos - start; pos++; } else if (os_strncmp(pos, "hash:", 5) == 0) { pos += 5; pos2 = pos; while (*pos2 != '\0' && *pos2 != ' ' && *pos2 != '\t' && *pos2 != '#') pos2++; if (pos2 - pos != 32) { wpa_printf(MSG_ERROR, "Invalid password hash " "on line %d in '%s'", line, fname); goto failed; } user->password = os_malloc(16); if (user->password == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate " "memory for EAP password hash"); goto failed; } if (hexstr2bin(pos, user->password, 16) < 0) { wpa_printf(MSG_ERROR, "Invalid hash password " "on line %d in '%s'", line, fname); goto failed; } user->password_len = 16; user->password_hash = 1; pos = pos2; } else { pos2 = pos; while (*pos2 != '\0' && *pos2 != ' ' && *pos2 != '\t' && *pos2 != '#') pos2++; if ((pos2 - pos) & 1) { wpa_printf(MSG_ERROR, "Invalid hex password " "on line %d in '%s'", line, fname); goto failed; } user->password = os_malloc((pos2 - pos) / 2); if (user->password == NULL) { wpa_printf(MSG_ERROR, "Failed to allocate " "memory for EAP password"); goto failed; } if (hexstr2bin(pos, user->password, (pos2 - pos) / 2) < 0) { wpa_printf(MSG_ERROR, "Invalid hex password " "on line %d in '%s'", line, fname); goto failed; } user->password_len = (pos2 - pos) / 2; pos = pos2; } while (*pos == ' ' || *pos == '\t') pos++; if (os_strncmp(pos, "[2]", 3) == 0) { user->phase2 = 1; } done: if (tail == NULL) { tail = conf->eap_user = user; } else { tail->next = user; tail = user; } continue; failed: if (user) { os_free(user->password); os_free(user->identity); os_free(user); } ret = -1; break; } fclose(f); return ret;}#endif /* EAP_SERVER */static inthostapd_config_read_radius_addr(struct hostapd_radius_server **server, int *num_server, const char *val, int def_port, struct hostapd_radius_server **curr_serv){ struct hostapd_radius_server *nserv; int ret; static int server_index = 1; nserv = os_realloc(*server, (*num_server + 1) * sizeof(*nserv)); if (nserv == NULL) return -1; *server = nserv; nserv = &nserv[*num_server]; (*num_server)++; (*curr_serv) = nserv; os_memset(nserv, 0, sizeof(*nserv)); nserv->port = def_port; ret = hostapd_parse_ip_addr(val, &nserv->addr); nserv->index = server_index++; return ret;}static int hostapd_config_parse_key_mgmt(int line, const char *value){ int val = 0, last; char *start, *end, *buf; buf = os_strdup(value); if (buf == NULL) return -1; start = buf; while (*start != '\0') { while (*start == ' ' || *start == '\t') start++; if (*start == '\0') break; end = start; while (*end != ' ' && *end != '\t' && *end != '\0') end++; last = *end == '\0'; *end = '\0'; if (os_strcmp(start, "WPA-PSK") == 0) val |= WPA_KEY_MGMT_PSK; else if (os_strcmp(start, "WPA-EAP") == 0) val |= WPA_KEY_MGMT_IEEE8021X;#ifdef CONFIG_IEEE80211R else if (os_strcmp(start, "FT-PSK") == 0) val |= WPA_KEY_MGMT_FT_PSK; else if (os_strcmp(start, "FT-EAP") == 0) val |= WPA_KEY_MGMT_FT_IEEE8021X;#endif /* CONFIG_IEEE80211R */#ifdef CONFIG_IEEE80211W else if (os_strcmp(start, "WPA-PSK-SHA256") == 0) val |= WPA_KEY_MGMT_PSK_SHA256; else if (os_strcmp(start, "WPA-EAP-SHA256") == 0) val |= WPA_KEY_MGMT_IEEE8021X_SHA256;#endif /* CONFIG_IEEE80211W */ else { wpa_printf(MSG_ERROR, "Line %d: invalid key_mgmt '%s'", line, start); os_free(buf); return -1; } if (last) break; start = end + 1; } os_free(buf); if (val == 0) { wpa_printf(MSG_ERROR, "Line %d: no key_mgmt values " "configured.", line); return -1; } return val;}static int hostapd_config_parse_cipher(int line, const char *value){ int val = 0, last; char *start, *end, *buf; buf = os_strdup(value); if (buf == NULL) return -1; start = buf; while (*start != '\0') { while (*start == ' ' || *start == '\t') start++; if (*start == '\0') break; end = start; while (*end != ' ' && *end != '\t' && *end != '\0') end++; last = *end == '\0'; *end = '\0'; if (os_strcmp(start, "CCMP") == 0) val |= WPA_CIPHER_CCMP; else if (os_strcmp(start, "TKIP") == 0) val |= WPA_CIPHER_TKIP; else if (os_strcmp(start, "WEP104") == 0) val |= WPA_CIPHER_WEP104; else if (os_strcmp(start, "WEP40") == 0) val |= WPA_CIPHER_WEP40; else if (os_strcmp(start, "NONE") == 0) val |= WPA_CIPHER_NONE; else { wpa_printf(MSG_ERROR, "Line %d: invalid cipher '%s'.", line, start); os_free(buf); return -1; } if (last) break; start = end + 1; } os_free(buf); if (val == 0) { wpa_printf(MSG_ERROR, "Line %d: no cipher values configured.", line); return -1; } return val;}static int hostapd_config_check_bss(struct hostapd_bss_config *bss, struct hostapd_config *conf){ if (bss->ieee802_1x && !bss->eap_server && !bss->radius->auth_servers) { wpa_printf(MSG_ERROR, "Invalid IEEE 802.1X configuration (no " "EAP authenticator configured)."); return -1; } if (bss->wpa && (bss->wpa_key_mgmt & WPA_KEY_MGMT_PSK) && bss->ssid.wpa_psk == NULL && bss->ssid.wpa_passphrase == NULL && bss->ssid.wpa_psk_file == NULL) { wpa_printf(MSG_ERROR, "WPA-PSK enabled, but PSK or passphrase " "is not configured."); return -1; } if (hostapd_mac_comp_empty(bss->bssid) != 0) { size_t i; for (i = 0; i < conf->num_bss; i++) { if ((&conf->bss[i] != bss) && (hostapd_mac_comp(conf->bss[i].bssid, bss->bssid) == 0)) { wpa_printf(MSG_ERROR, "Duplicate BSSID " MACSTR " on interface '%s' and '%s'.", MAC2STR(bss->bssid), conf->bss[i].iface, bss->iface); return -1; } } }#ifdef CONFIG_IEEE80211R if ((bss->wpa_key_mgmt & (WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X)) && (bss->nas_identifier == NULL || os_strlen(bss->nas_identifier) < 1 || os_strlen(bss->nas_identifier) > FT_R0KH_ID_MAX_LEN)) { wpa_printf(MSG_ERROR, "FT (IEEE 802.11r) requires " "nas_identifier to be configured as a 1..48 octet " "string"); return -1; }#endif /* CONFIG_IEEE80211R */#ifdef CONFIG_IEEE80211N if (conf->ieee80211n && bss->wpa && !(bss->wpa_pairwise & WPA_CIPHER_CCMP) && !(bss->rsn_pairwise & WPA_CIPHER_CCMP)) { wpa_printf(MSG_ERROR, "HT (IEEE 802.11n) with WPA/WPA2 " "requires CCMP to be enabled"); return -1; }#endif /* CONFIG_IEEE80211N */ return 0;}static int hostapd_config_check(struct hostapd_config *conf){ size_t i; if (conf->ieee80211d && (!conf->country[0] || !conf->country[1])) { wpa_printf(MSG_ERROR, "Cannot enable IEEE 802.11d without " "setting the country_code"); return -1; } for (i = 0; i < conf->num_bss; i++) { if (hostapd_config_check_bss(&conf->bss[i], conf)) return -1; } return 0;}static int hostapd_config_read_wep(struct hostapd_wep_keys *wep, int keyidx, char *val){ size_t len = os_strlen(val);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -