static int hostapd_cli_cmd_quit(struct wpa_ctrl *ctrl, int argc, char *argv[])
{
hostapd_cli_quit = 1;
if (interactive)
eloop_terminate();
return 0;
}
static void
wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s,
union wpa_event_data *data)
{
if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0)
return;
switch (data->interface_status.ievent) {
case EVENT_INTERFACE_ADDED:
if (!wpa_s->interface_removed)
break;
wpa_s->interface_removed = 0;
wpa_printf(MSG_DEBUG, "Configured interface was added.");
if (wpa_supplicant_driver_init(wpa_s) < 0) {
wpa_printf(MSG_INFO, "Failed to initialize the driver "
"after interface was added.");
}
break;
case EVENT_INTERFACE_REMOVED:
wpa_printf(MSG_DEBUG, "Configured interface was removed.");
wpa_s->interface_removed = 1;
wpa_supplicant_mark_disassoc(wpa_s);
l2_packet_deinit(wpa_s->l2);
wpa_s->l2 = NULL;
#ifdef CONFIG_TERMINATE_ONLASTIF
/* check if last interface */
if (!any_interfaces(wpa_s->global->ifaces))
eloop_terminate();
#endif /* CONFIG_TERMINATE_ONLASTIF */
break;
}
}
static void eapol_test_terminate(int sig, void *eloop_ctx,
void *signal_ctx)
{
struct wpa_supplicant *wpa_s = eloop_ctx;
wpa_msg(wpa_s, MSG_INFO, "Signal %d received - terminating", sig);
eloop_terminate();
}
static void eapol_test_timeout(void *eloop_ctx, void *timeout_ctx)
{
struct preauth_test_data *p = eloop_ctx;
printf("EAPOL test timed out\n");
p->auth_timed_out = 1;
eloop_terminate();
}
/* Process the RADIUS frames from Authentication Server */
static RadiusRxResult
ieee802_1x_receive_auth(struct wpa_supplicant *wpa_s,
struct radius_msg *msg, struct radius_msg *req,
u8 *shared_secret, size_t shared_secret_len,
void *data)
{
/* RFC 2869, Ch. 5.13: valid Message-Authenticator attribute MUST be
* present when packet contains an EAP-Message attribute */
if (msg->hdr->code == RADIUS_CODE_ACCESS_REJECT &&
radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL,
0) < 0 &&
radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) {
wpa_printf(MSG_DEBUG, "Allowing RADIUS "
"Access-Reject without Message-Authenticator "
"since it does not include EAP-Message\n");
} else if (radius_msg_verify(msg, shared_secret, shared_secret_len,
req)) {
printf("Incoming RADIUS packet did not have correct "
"Message-Authenticator - dropped\n");
return RADIUS_RX_UNKNOWN;
}
if (msg->hdr->code != RADIUS_CODE_ACCESS_ACCEPT &&
msg->hdr->code != RADIUS_CODE_ACCESS_REJECT &&
msg->hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) {
printf("Unknown RADIUS message code\n");
return RADIUS_RX_UNKNOWN;
}
wpa_s->radius_identifier = -1;
wpa_printf(MSG_DEBUG, "RADIUS packet matching with station");
if (wpa_s->last_recv_radius) {
radius_msg_free(wpa_s->last_recv_radius);
free(wpa_s->last_recv_radius);
}
wpa_s->last_recv_radius = msg;
switch (msg->hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
wpa_s->radius_access_accept_received = 1;
ieee802_1x_get_keys(wpa_s, msg, req, shared_secret,
shared_secret_len);
break;
case RADIUS_CODE_ACCESS_REJECT:
wpa_s->radius_access_reject_received = 1;
break;
}
ieee802_1x_decapsulate_radius(wpa_s);
if ((msg->hdr->code == RADIUS_CODE_ACCESS_ACCEPT &&
eapol_test_num_reauths < 0) ||
msg->hdr->code == RADIUS_CODE_ACCESS_REJECT) {
eloop_terminate();
}
return RADIUS_RX_QUEUED;
}
static void http_req(void *ctx, struct http_request *req)
{
struct browser_data *data = ctx;
struct wpabuf *resp;
const char *url;
int done = 0;
url = http_request_get_uri(req);
wpa_printf(MSG_INFO, "Browser response received: %s", url);
if (os_strcmp(url, "/") == 0) {
data->success = 1;
done = 1;
} else if (os_strncmp(url, "/osu/", 5) == 0) {
data->success = atoi(url + 5);
done = 1;
}
resp = wpabuf_alloc(1);
if (resp == NULL) {
http_request_deinit(req);
if (done)
eloop_terminate();
return;
}
if (done) {
eloop_cancel_timeout(browser_timeout, NULL, NULL);
eloop_register_timeout(0, 500000, browser_timeout, &data, NULL);
}
http_request_send_and_deinit(req, resp);
}
static void eapol_test_timeout(void *eloop_ctx, void *timeout_ctx)
{
struct wpa_supplicant *wpa_s = eloop_ctx;
printf("EAPOL test timed out\n");
wpa_s->auth_timed_out = 1;
eloop_terminate();
}
static void eapol_test_poll(void *eloop_ctx, void *timeout_ctx)
{
struct wpa_supplicant *wpa_s = eloop_ctx;
if (!rsn_preauth_in_progress(wpa_s->wpa))
eloop_terminate();
else {
eloop_register_timeout(0, 100000, eapol_test_poll, eloop_ctx,
timeout_ctx);
}
}
void Handle_term(int sig, void *eloop_ctx, void *signal_ctx)
{
//FILE *f;
//char buf[256], *pos;
//int line = 0, i;
//int filesize,cur = 0;
//char *ini_buffer; /* storage area for .INI file */
DBGPRINT(RT_DEBUG_ERROR,"Signal %d received - terminating\n", sig);
eloop_terminate();
}
static void eapol_sm_cb(struct eapol_sm *eapol, int success, void *ctx)
{
struct eapol_test_data *e = ctx;
printf("eapol_sm_cb: success=%d\n", success);
e->eapol_test_num_reauths--;
if (e->eapol_test_num_reauths < 0)
eloop_terminate();
else {
eapol_test_compare_pmk(e);
eloop_register_timeout(0, 100000, eapol_sm_reauth, e, NULL);
}
}
static void eapol_sm_cb(struct eapol_sm *eapol, enum eapol_supp_result result,
void *ctx)
{
struct eapol_test_data *e = ctx;
printf("eapol_sm_cb: result=%d\n", result);
e->eapol_test_num_reauths--;
if (e->eapol_test_num_reauths < 0)
eloop_terminate();
else {
eapol_test_compare_pmk(e);
eloop_register_timeout(0, 100000, eapol_sm_reauth, e, NULL);
}
}
static void eapol_sm_cb(struct eapol_sm *eapol, int success, void *ctx)
{
struct wpa_supplicant *wpa_s = ctx;
printf("eapol_sm_cb: success=%d\n", success);
eapol_test_num_reauths--;
if (eapol_test_num_reauths < 0)
eloop_terminate();
else {
eapol_test_compare_pmk(wpa_s);
eloop_register_timeout(0, 100000, eapol_sm_reauth,
wpa_s, NULL);
}
}
int handle_reload_iface(struct hostapd_iface *iface, void *ctx)
{
/* if (hostapd_reload_config(iface) < 0) {
wpa_printf(MSG_WARNING, "Failed to read new configuration "
"file - continuing with old.");
}
*/
reloading = 1;
eloop_terminate();
return 0;
}
char * wpa_supplicant_global_ctrl_iface_process(struct wpa_global *global,
char *buf, size_t *resp_len)
{
char *reply;
const int reply_size = 4096;
int reply_len;
if (os_strcmp(buf, "PING") != 0) {
wpa_hexdump_ascii(MSG_DEBUG, "RX global ctrl_iface",
(const u8 *) buf, os_strlen(buf));
}
reply = os_malloc(reply_size);
if (reply == NULL) {
*resp_len = 1;
return NULL;
}
os_memcpy(reply, "OK\n", 3);
reply_len = 3;
if (os_strcmp(buf, "PING") == 0) {
os_memcpy(reply, "PONG\n", 5);
reply_len = 5;
} else if (os_strncmp(buf, "INTERFACE_ADD ", 14) == 0) {
if (wpa_supplicant_global_iface_add(global, buf + 14))
reply_len = -1;
} else if (os_strncmp(buf, "INTERFACE_REMOVE ", 17) == 0) {
if (wpa_supplicant_global_iface_remove(global, buf + 17))
reply_len = -1;
} else if (os_strcmp(buf, "INTERFACE_LIST") == 0) {
reply_len = wpa_supplicant_global_iface_list(
global, reply, reply_size);
} else if (os_strcmp(buf, "INTERFACES") == 0) {
reply_len = wpa_supplicant_global_iface_interfaces(
global, reply, reply_size);
} else if (os_strcmp(buf, "TERMINATE") == 0) {
eloop_terminate();
} else {
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
reply_len = 16;
}
if (reply_len < 0) {
os_memcpy(reply, "FAIL\n", 5);
reply_len = 5;
}
*resp_len = reply_len;
return reply;
}
int DOT1X_Stop(void)
{
int i;
DBGPRINT(RT_DEBUG_ERROR,"DOT1X_Stop\n");
if(interfaces.rtapd != NULL)
{
eloop_terminate();
cyg_thread_delay(300);
cyg_thread_delete(dot1x_thread);
}
else
DBGPRINT(RT_DEBUG_ERROR,"1x daemon not running interfaces.rtapd == NULL\n");
}
/* Process the RADIUS frames from Authentication Server */
static RadiusRxResult receive_auth(struct radius_msg *msg,
struct radius_msg *req,
const u8 *shared_secret,
size_t shared_secret_len,
void *data)
{
/* struct radius_ctx *ctx = data; */
printf("Received RADIUS Authentication message; code=%d\n",
radius_msg_get_hdr(msg)->code);
/* We're done for this example, so request eloop to terminate. */
eloop_terminate();
return RADIUS_RX_PROCESSED;
}
static void check_sconf_integrity(struct smartconfig *sc)
{
int i, count = 0;
int len = (sc->ssid_len > sc->psk_len ? sc->ssid_len : sc->psk_len);
if (len > 0) {
for (i = 0; i < len; i++)
if (sc->slm[i + 4].flag)
count++;
if (count == len) {
eloop_terminate();
}
}
}
static void WINAPI service_ctrl_handler(DWORD control_code)
{
switch (control_code) {
case SERVICE_CONTROL_INTERROGATE:
break;
case SERVICE_CONTROL_SHUTDOWN:
case SERVICE_CONTROL_STOP:
svc_status.dwCurrentState = SERVICE_STOP_PENDING;
svc_status.dwWaitHint = 2000;
eloop_terminate();
SetEvent(kill_svc);
break;
}
if (!SetServiceStatus(svc_status_handle, &svc_status)) {
printf("SetServiceStatus() failed: %d\n",
(int) GetLastError());
}
}
/**
* handle_term - SIGINT and SIGTERM handler to terminate hostapd process
*/
static void handle_term(int sig, void *signal_ctx)
{
wpa_printf(MSG_DEBUG, "Signal %d received - terminating", sig);
eloop_terminate();
}
static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e)
{
u8 *eap;
size_t len;
struct eap_hdr *hdr;
int eap_type = -1;
char buf[64];
struct radius_msg *msg;
if (e->last_recv_radius == NULL)
return;
msg = e->last_recv_radius;
eap = radius_msg_get_eap(msg, &len);
if (eap == NULL) {
/* draft-aboba-radius-rfc2869bis-20.txt, Chap. 2.6.3:
* RADIUS server SHOULD NOT send Access-Reject/no EAP-Message
* attribute */
wpa_printf(MSG_DEBUG, "could not extract "
"EAP-Message from RADIUS message");
os_free(e->last_eap_radius);
e->last_eap_radius = NULL;
e->last_eap_radius_len = 0;
return;
}
if (len < sizeof(*hdr)) {
wpa_printf(MSG_DEBUG, "too short EAP packet "
"received from authentication server");
os_free(eap);
return;
}
if (len > sizeof(*hdr))
eap_type = eap[sizeof(*hdr)];
hdr = (struct eap_hdr *) eap;
switch (hdr->code) {
case EAP_CODE_REQUEST:
os_snprintf(buf, sizeof(buf), "EAP-Request-%s (%d)",
eap_type >= 0 ? eap_type_text(eap_type) : "??",
eap_type);
break;
case EAP_CODE_RESPONSE:
os_snprintf(buf, sizeof(buf), "EAP Response-%s (%d)",
eap_type >= 0 ? eap_type_text(eap_type) : "??",
eap_type);
break;
case EAP_CODE_SUCCESS:
os_strlcpy(buf, "EAP Success", sizeof(buf));
/* LEAP uses EAP Success within an authentication, so must not
* stop here with eloop_terminate(); */
break;
case EAP_CODE_FAILURE:
os_strlcpy(buf, "EAP Failure", sizeof(buf));
eloop_terminate();
break;
default:
os_strlcpy(buf, "unknown EAP code", sizeof(buf));
wpa_hexdump(MSG_DEBUG, "Decapsulated EAP packet", eap, len);
break;
}
wpa_printf(MSG_DEBUG, "decapsulated EAP packet (code=%d "
"id=%d len=%d) from RADIUS server: %s",
hdr->code, hdr->identifier, ntohs(hdr->length), buf);
/* sta->eapol_sm->be_auth.idFromServer = hdr->identifier; */
os_free(e->last_eap_radius);
e->last_eap_radius = eap;
e->last_eap_radius_len = len;
{
struct ieee802_1x_hdr *dot1x;
dot1x = os_malloc(sizeof(*dot1x) + len);
assert(dot1x != NULL);
dot1x->version = EAPOL_VERSION;
dot1x->type = IEEE802_1X_TYPE_EAP_PACKET;
dot1x->length = htons(len);
os_memcpy((u8 *) (dot1x + 1), eap, len);
eapol_sm_rx_eapol(e->wpa_s->eapol, e->wpa_s->bssid,
(u8 *) dot1x, sizeof(*dot1x) + len);
os_free(dot1x);
}
}
static void handle_term(int sig, void *eloop_ctx, void *signal_ctx)
{
printf("Signal %d received - terminating\n", sig);
eloop_terminate();
}
static void wpa_priv_terminate(int sig, void *eloop_ctx, void *signal_ctx)
{
wpa_printf(MSG_DEBUG, "wpa_priv termination requested");
eloop_terminate();
}
void Handle_term(int sig, void *eloop_ctx, void *signal_ctx)
{
//FILE *f;
//char buf[256], *pos;
//int line = 0, i;
//int filesize,cur = 0;
//char *ini_buffer; /* storage area for .INI file */
DBGPRINT(RT_DEBUG_ERROR,"Signal %d received - terminating\n", sig);
#if 0
f = fopen(RT2860AP_SYSTEM_PATH, "r");
if (f == NULL)
{
DBGPRINT(RT_DEBUG_ERROR,"Could not open configuration file '%s' for reading.\n", RT2860AP_SYSTEM_PATH);
return;
}
if ((fseek(f, 0, SEEK_END))!=0)
return;
filesize=ftell(f);
DBGPRINT(RT_DEBUG_ERROR,"filesize %d - terminating\n", filesize);
if ((ini_buffer=(char *)malloc(filesize + 1 ))==NULL)
return; //out of memory
fseek(f,0,SEEK_SET);
fread(ini_buffer, filesize, 1, f);
fseek(f,0,SEEK_SET);
ini_buffer[filesize]='\0';
while ((fgets(buf, sizeof(buf), f)))
{
line++;
if (buf[0] == '#')
continue;
pos = buf;
while (*pos != '\0')
{
if (*pos == '\n')
{
*pos = '\0';
break;
}
pos++;
}
if (buf[0] == '\0')
continue;
pos = strchr(buf, '=');
if (pos == NULL)
{
pos = strchr(buf, '[');
continue;
}
*pos = '\0';
pos++;
if ((strcmp(buf, "pid") == 0) )
{
cur = 0;
while(cur < (int)filesize)
{
if ((ini_buffer[cur]=='p') && (ini_buffer[cur+1]=='i') && (ini_buffer[cur+2]=='d'))
{
cur += 4;
for( i=4; i>=0; i--)
{
if (ini_buffer[cur] !='\n' )
{
ini_buffer[cur] =0x30;
}
else
{
break;
}
cur++;
}
break;
}
cur++;
}
}
}
fseek(f,0,SEEK_SET);
fprintf(f, "%s", ini_buffer);
fclose(f);
#endif
eloop_terminate();
}
static void browser_timeout(void *eloop_data, void *user_ctx)
{
wpa_printf(MSG_INFO, "Timeout on waiting browser interaction to "
"complete");
eloop_terminate();
}
static void hostapd_cli_edit_eof_cb(void *ctx)
{
eloop_terminate();
}
static void hostapd_cli_eloop_terminate(int sig, void *signal_ctx)
{
eloop_terminate();
}
static void wpas_wps_terminate_cb(void *ctx)
{
wpa_printf(MSG_DEBUG, "WPS ER: Terminated");
eloop_terminate();
}
static void eapol_sm_cb(struct eapol_sm *eapol, int success, void *ctx)
{
printf("eapol_sm_cb: success=%d\n", success);
eloop_terminate();
}
char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
char *buf, size_t *resp_len)
{
char *reply;
const int reply_size = 4096;
int ctrl_rsp = 0;
int reply_len;
if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0 ||
os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
(const u8 *) buf, os_strlen(buf));
} else {
if (os_strcmp(buf, "PING") != 0)
wpa_hexdump_ascii(MSG_DEBUG, "RX ctrl_iface",
(const u8 *) buf, os_strlen(buf));
}
reply = os_malloc(reply_size);
if (reply == NULL) {
*resp_len = 1;
return NULL;
}
os_memcpy(reply, "OK\n", 3);
reply_len = 3;
if (os_strcmp(buf, "PING") == 0) {
os_memcpy(reply, "PONG\n", 5);
reply_len = 5;
} else if (os_strcmp(buf, "MIB") == 0) {
reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
if (reply_len >= 0) {
int res;
res = eapol_sm_get_mib(wpa_s->eapol, reply + reply_len,
reply_size - reply_len);
if (res < 0)
reply_len = -1;
else
reply_len += res;
}
} else if (os_strncmp(buf, "STATUS", 6) == 0) {
reply_len = wpa_supplicant_ctrl_iface_status(
wpa_s, buf + 6, reply, reply_size);
} else if (os_strcmp(buf, "PMKSA") == 0) {
reply_len = pmksa_cache_list(wpa_s->wpa, reply, reply_size);
} else if (os_strncmp(buf, "SET ", 4) == 0) {
if (wpa_supplicant_ctrl_iface_set(wpa_s, buf + 4))
reply_len = -1;
} else if (os_strcmp(buf, "LOGON") == 0) {
eapol_sm_notify_logoff(wpa_s->eapol, FALSE);
} else if (os_strcmp(buf, "LOGOFF") == 0) {
eapol_sm_notify_logoff(wpa_s->eapol, TRUE);
} else if (os_strcmp(buf, "REASSOCIATE") == 0) {
wpa_s->disconnected = 0;
wpa_s->reassociate = 1;
wpa_supplicant_req_scan(wpa_s, 0, 0);
} else if (os_strcmp(buf, "RECONNECT") == 0) {
if (wpa_s->disconnected) {
wpa_s->disconnected = 0;
wpa_s->reassociate = 1;
wpa_supplicant_req_scan(wpa_s, 0, 0);
}
#ifdef IEEE8021X_EAPOL
} else if (os_strncmp(buf, "PREAUTH ", 8) == 0) {
if (wpa_supplicant_ctrl_iface_preauth(wpa_s, buf + 8))
reply_len = -1;
#endif /* IEEE8021X_EAPOL */
#ifdef CONFIG_PEERKEY
} else if (os_strncmp(buf, "STKSTART ", 9) == 0) {
if (wpa_supplicant_ctrl_iface_stkstart(wpa_s, buf + 9))
reply_len = -1;
#endif /* CONFIG_PEERKEY */
} else if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0)
{
if (wpa_supplicant_ctrl_iface_ctrl_rsp(
wpa_s, buf + os_strlen(WPA_CTRL_RSP)))
reply_len = -1;
else
ctrl_rsp = 1;
} else if (os_strcmp(buf, "RECONFIGURE") == 0) {
if (wpa_supplicant_reload_configuration(wpa_s))
reply_len = -1;
} else if (os_strcmp(buf, "TERMINATE") == 0) {
eloop_terminate();
} else if (os_strncmp(buf, "BSSID ", 6) == 0) {
if (wpa_supplicant_ctrl_iface_bssid(wpa_s, buf + 6))
reply_len = -1;
#ifdef ANDROID
} else if (os_strncmp(buf, "BLACKLIST", 9) == 0) {
reply_len = wpa_supplicant_ctrl_iface_blacklist(
wpa_s, buf + 9, reply, reply_size);
if (os_strlen(buf) > 10 && reply_len == 0) {
struct wpa_blacklist *bl = wpa_s->blacklist;
if (os_strncmp(buf+10, "clear", 5) == 0 ||
(bl != NULL && os_memcmp(bl->bssid, wpa_s->bssid, ETH_ALEN) == 0)) {
wpa_s->disconnected = 0;
wpa_s->reassociate = 1;
wpa_supplicant_req_scan(wpa_s, 0, 0);
}
}
#endif
} else if (os_strcmp(buf, "LIST_NETWORKS") == 0) {
reply_len = wpa_supplicant_ctrl_iface_list_networks(
wpa_s, reply, reply_size);
} else if (os_strcmp(buf, "DISCONNECT") == 0) {
wpa_s->reassociate = 0;
wpa_s->disconnected = 1;
wpa_supplicant_disassociate(wpa_s, REASON_DEAUTH_LEAVING);
} else if (os_strcmp(buf, "SCAN") == 0) {
#ifdef ANDROID
if (!wpa_s->scan_ongoing && ((wpa_s->wpa_state <= WPA_SCANNING) ||
(wpa_s->wpa_state >= WPA_COMPLETED))) {
#endif
wpa_s->scan_req = 2;
wpa_supplicant_req_scan(wpa_s, 0, 0);
#ifdef ANDROID
} else {
wpa_printf(MSG_DEBUG, "Ongoing Scan action...");
}
#endif
} else if (os_strcmp(buf, "SCAN_RESULTS") == 0) {
reply_len = wpa_supplicant_ctrl_iface_scan_results(
wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "SELECT_NETWORK ", 15) == 0) {
if (wpa_supplicant_ctrl_iface_select_network(wpa_s, buf + 15))
reply_len = -1;
} else if (os_strncmp(buf, "ENABLE_NETWORK ", 15) == 0) {
if (wpa_supplicant_ctrl_iface_enable_network(wpa_s, buf + 15))
reply_len = -1;
} else if (os_strncmp(buf, "DISABLE_NETWORK ", 16) == 0) {
if (wpa_supplicant_ctrl_iface_disable_network(wpa_s, buf + 16))
reply_len = -1;
} else if (os_strcmp(buf, "ADD_NETWORK") == 0) {
reply_len = wpa_supplicant_ctrl_iface_add_network(
wpa_s, reply, reply_size);
} else if (os_strncmp(buf, "REMOVE_NETWORK ", 15) == 0) {
if (wpa_supplicant_ctrl_iface_remove_network(wpa_s, buf + 15))
reply_len = -1;
} else if (os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
if (wpa_supplicant_ctrl_iface_set_network(wpa_s, buf + 12))
reply_len = -1;
} else if (os_strncmp(buf, "GET_NETWORK ", 12) == 0) {
reply_len = wpa_supplicant_ctrl_iface_get_network(
wpa_s, buf + 12, reply, reply_size);
} else if (os_strcmp(buf, "SAVE_CONFIG") == 0) {
if (wpa_supplicant_ctrl_iface_save_config(wpa_s))
reply_len = -1;
} else if (os_strncmp(buf, "GET_CAPABILITY ", 15) == 0) {
reply_len = wpa_supplicant_ctrl_iface_get_capability(
wpa_s, buf + 15, reply, reply_size);
} else if (os_strncmp(buf, "AP_SCAN ", 8) == 0) {
if (wpa_supplicant_ctrl_iface_ap_scan(wpa_s, buf + 8))
reply_len = -1;
} else if (os_strcmp(buf, "INTERFACES") == 0) {
reply_len = wpa_supplicant_global_iface_interfaces(
wpa_s->global, reply, reply_size);
} else if (os_strncmp(buf, "DRIVER ", 7) == 0) {
reply_len = wpa_supplicant_driver_cmd(wpa_s, buf + 7, reply, reply_size);
} else {
os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
reply_len = 16;
}
if (reply_len < 0) {
os_memcpy(reply, "FAIL\n", 5);
reply_len = 5;
}
if (ctrl_rsp)
eapol_sm_notify_ctrl_response(wpa_s->eapol);
*resp_len = reply_len;
return reply;
}
/* Process the RADIUS frames from Authentication Server */
static RadiusRxResult
ieee802_1x_receive_auth(struct wpa_supplicant *wpa_s,
struct radius_msg *msg, struct radius_msg *req,
u8 *shared_secret, size_t shared_secret_len,
void *data)
{
#if 0
u32 session_timeout, termination_action;
int session_timeout_set;
int acct_interim_interval;
#endif
#if 0
sta = ap_get_sta_radius_identifier(hapd, msg->hdr->identifier);
if (sta == NULL) {
wpa_printf(MSG_DEBUG, "IEEE 802.1X: Could not "
"find matching station for this RADIUS "
"message\n");
return RADIUS_RX_UNKNOWN;
}
#endif
/* RFC 2869, Ch. 5.13: valid Message-Authenticator attribute MUST be
* present when packet contains an EAP-Message attribute */
if (msg->hdr->code == RADIUS_CODE_ACCESS_REJECT &&
radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL,
0) < 0 &&
radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) {
wpa_printf(MSG_DEBUG, "Allowing RADIUS "
"Access-Reject without Message-Authenticator "
"since it does not include EAP-Message\n");
} else if (radius_msg_verify(msg, shared_secret, shared_secret_len,
req)) {
printf("Incoming RADIUS packet did not have correct "
"Message-Authenticator - dropped\n");
return RADIUS_RX_UNKNOWN;
}
if (msg->hdr->code != RADIUS_CODE_ACCESS_ACCEPT &&
msg->hdr->code != RADIUS_CODE_ACCESS_REJECT &&
msg->hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) {
printf("Unknown RADIUS message code\n");
return RADIUS_RX_UNKNOWN;
}
wpa_s->radius_identifier = -1;
wpa_printf(MSG_DEBUG, "RADIUS packet matching with station");
if (wpa_s->last_recv_radius) {
radius_msg_free(wpa_s->last_recv_radius);
free(wpa_s->last_recv_radius);
}
wpa_s->last_recv_radius = msg;
#if 0
session_timeout_set =
!radius_msg_get_attr_int32(msg, RADIUS_ATTR_SESSION_TIMEOUT,
&session_timeout);
if (radius_msg_get_attr_int32(msg, RADIUS_ATTR_TERMINATION_ACTION,
&termination_action))
termination_action = RADIUS_TERMINATION_ACTION_DEFAULT;
if (hapd->conf->radius_acct_interim_interval == 0 &&
msg->hdr->code == RADIUS_CODE_ACCESS_ACCEPT &&
radius_msg_get_attr_int32(msg, RADIUS_ATTR_ACCT_INTERIM_INTERVAL,
&acct_interim_interval) == 0) {
if (acct_interim_interval < 60) {
hostapd_logger(hapd, sta->addr,
HOSTAPD_MODULE_IEEE8021X,
HOSTAPD_LEVEL_INFO,
"ignored too small "
"Acct-Interim-Interval %d",
acct_interim_interval);
} else
sta->acct_interim_interval = acct_interim_interval;
}
switch (msg->hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
/* draft-congdon-radius-8021x-22.txt, Ch. 3.17 */
if (session_timeout_set &&
termination_action ==
RADIUS_TERMINATION_ACTION_RADIUS_REQUEST) {
sta->eapol_sm->reauth_timer.reAuthPeriod =
session_timeout;
} else if (session_timeout_set)
ap_sta_session_timeout(hapd, sta, session_timeout);
sta->eapol_sm->be_auth.aSuccess = TRUE;
ieee802_1x_get_keys(hapd, sta, msg, req, shared_secret,
shared_secret_len);
if (sta->eapol_sm->keyAvailable) {
pmksa_cache_add(hapd, sta, sta->eapol_key_crypt,
session_timeout_set ?
session_timeout : -1);
}
break;
case RADIUS_CODE_ACCESS_REJECT:
sta->eapol_sm->be_auth.aFail = TRUE;
break;
case RADIUS_CODE_ACCESS_CHALLENGE:
if (session_timeout_set) {
/* RFC 2869, Ch. 2.3.2
* draft-congdon-radius-8021x-22.txt, Ch. 3.17 */
sta->eapol_sm->be_auth.suppTimeout = session_timeout;
}
sta->eapol_sm->be_auth.aReq = TRUE;
break;
}
#else
switch (msg->hdr->code) {
case RADIUS_CODE_ACCESS_ACCEPT:
wpa_s->radius_access_accept_received = 1;
ieee802_1x_get_keys(wpa_s, msg, req, shared_secret,
shared_secret_len);
break;
case RADIUS_CODE_ACCESS_REJECT:
wpa_s->radius_access_reject_received = 1;
break;
}
#endif
ieee802_1x_decapsulate_radius(wpa_s);
/* eapol_sm_step(sta->eapol_sm); */
if (msg->hdr->code == RADIUS_CODE_ACCESS_ACCEPT ||
msg->hdr->code == RADIUS_CODE_ACCESS_REJECT) {
eloop_terminate();
}
return RADIUS_RX_QUEUED;
}
