119370Spst/* 2130803Smarcel * hostapd / Configuration definitions and helpers functions 3130803Smarcel * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> 4130803Smarcel * 5130803Smarcel * This software may be distributed under the terms of the BSD license. 619370Spst * See README for more details. 719370Spst */ 819370Spst 998944Sobrien#ifndef HOSTAPD_CONFIG_H 1019370Spst#define HOSTAPD_CONFIG_H 1198944Sobrien 1298944Sobrien#include "common/defs.h" 1398944Sobrien#include "ip_addr.h" 1498944Sobrien#include "common/wpa_common.h" 1519370Spst#include "common/ieee802_11_common.h" 1698944Sobrien#include "wps/wps.h" 1798944Sobrien 1898944Sobrien#define MAX_STA_COUNT 2007 1998944Sobrien#define MAX_VLAN_ID 4094 2019370Spst 2198944Sobrientypedef u8 macaddr[ETH_ALEN]; 2298944Sobrien 2398944Sobrienstruct mac_acl_entry { 2498944Sobrien macaddr addr; 2519370Spst int vlan_id; 2619370Spst}; 27130803Smarcel 2819370Spststruct hostapd_radius_servers; 2919370Spststruct ft_remote_r0kh; 3019370Spststruct ft_remote_r1kh; 3119370Spst 3219370Spst#define HOSTAPD_MAX_SSID_LEN 32 3319370Spst 3419370Spst#define NUM_WEP_KEYS 4 3519370Spststruct hostapd_wep_keys { 3619370Spst u8 idx; 3719370Spst u8 *key[NUM_WEP_KEYS]; 3819370Spst size_t len[NUM_WEP_KEYS]; 3919370Spst int keys_set; 4098944Sobrien size_t default_len; /* key length used for dynamic key generation */ 4198944Sobrien}; 4219370Spst 4319370Spsttypedef enum hostap_security_policy { 4498944Sobrien SECURITY_PLAINTEXT = 0, 4598944Sobrien SECURITY_STATIC_WEP = 1, 4646283Sdfr SECURITY_IEEE_802_1X = 2, 4798944Sobrien SECURITY_WPA_PSK = 3, 4898944Sobrien SECURITY_WPA = 4 4919370Spst} secpolicy; 5098944Sobrien 5198944Sobrienstruct hostapd_ssid { 5219370Spst u8 ssid[HOSTAPD_MAX_SSID_LEN]; 5398944Sobrien size_t ssid_len; 5498944Sobrien unsigned int ssid_set:1; 5519370Spst unsigned int utf8_ssid:1; 5619370Spst 5719370Spst char vlan[IFNAMSIZ + 1]; 5819370Spst secpolicy security_policy; 5998944Sobrien 6098944Sobrien struct hostapd_wpa_psk *wpa_psk; 6119370Spst char *wpa_passphrase; 62130803Smarcel char *wpa_psk_file; 6319370Spst 6419370Spst struct hostapd_wep_keys wep; 6519370Spst 6619370Spst#define DYNAMIC_VLAN_DISABLED 0 6719370Spst#define DYNAMIC_VLAN_OPTIONAL 1 6819370Spst#define DYNAMIC_VLAN_REQUIRED 2 6998944Sobrien int dynamic_vlan; 7098944Sobrien#define DYNAMIC_VLAN_NAMING_WITHOUT_DEVICE 0 7119370Spst#define DYNAMIC_VLAN_NAMING_WITH_DEVICE 1 7219370Spst#define DYNAMIC_VLAN_NAMING_END 2 7319370Spst int vlan_naming; 7419370Spst#ifdef CONFIG_FULL_DYNAMIC_VLAN 7519370Spst char *vlan_tagged_interface; 7619370Spst#endif /* CONFIG_FULL_DYNAMIC_VLAN */ 7719370Spst struct hostapd_wep_keys **dyn_vlan_keys; 7819370Spst size_t max_dyn_vlan_keys; 7919370Spst}; 8019370Spst 8119370Spst 8219370Spst#define VLAN_ID_WILDCARD -1 8319370Spst 8419370Spststruct hostapd_vlan { 8519370Spst struct hostapd_vlan *next; 8698944Sobrien int vlan_id; /* VLAN ID or -1 (VLAN_ID_WILDCARD) for wildcard entry */ 8719370Spst char ifname[IFNAMSIZ + 1]; 8819370Spst int dynamic_vlan; 8919370Spst#ifdef CONFIG_FULL_DYNAMIC_VLAN 9019370Spst 9119370Spst#define DVLAN_CLEAN_BR 0x1 9219370Spst#define DVLAN_CLEAN_VLAN 0x2 9319370Spst#define DVLAN_CLEAN_VLAN_PORT 0x4 9419370Spst#define DVLAN_CLEAN_WLAN_PORT 0x8 9519370Spst int clean; 9619370Spst#endif /* CONFIG_FULL_DYNAMIC_VLAN */ 9719370Spst}; 9819370Spst 9998944Sobrien#define PMK_LEN 32 10098944Sobrienstruct hostapd_sta_wpa_psk_short { 10119370Spst struct hostapd_sta_wpa_psk_short *next; 10219370Spst u8 psk[PMK_LEN]; 10319370Spst}; 10419370Spst 10519370Spststruct hostapd_wpa_psk { 10619370Spst struct hostapd_wpa_psk *next; 10719370Spst int group; 10819370Spst u8 psk[PMK_LEN]; 10919370Spst u8 addr[ETH_ALEN]; 11019370Spst}; 11119370Spst 11219370Spststruct hostapd_eap_user { 11319370Spst struct hostapd_eap_user *next; 11419370Spst u8 *identity; 11519370Spst size_t identity_len; 11619370Spst struct { 11719370Spst int vendor; 11819370Spst u32 method; 11919370Spst } methods[EAP_MAX_METHODS]; 12019370Spst u8 *password; 12119370Spst size_t password_len; 12219370Spst int phase2; 12319370Spst int force_version; 12419370Spst unsigned int wildcard_prefix:1; 12519370Spst unsigned int password_hash:1; /* whether password is hashed with 12619370Spst * nt_password_hash() */ 12719370Spst int ttls_auth; /* EAP_TTLS_AUTH_* bitfield */ 12819370Spst}; 12919370Spst 13019370Spststruct hostapd_radius_attr { 13119370Spst u8 type; 13219370Spst struct wpabuf *val; 13319370Spst struct hostapd_radius_attr *next; 13419370Spst}; 13519370Spst 13619370Spst 13719370Spst#define NUM_TX_QUEUES 4 13819370Spst 13919370Spststruct hostapd_tx_queue_params { 14019370Spst int aifs; 14119370Spst int cwmin; 14219370Spst int cwmax; 14319370Spst int burst; /* maximum burst time in 0.1 ms, i.e., 10 = 1 ms */ 14419370Spst}; 14519370Spst 14698944Sobrien 14719370Spst#define MAX_ROAMING_CONSORTIUM_LEN 15 14819370Spst 14919370Spststruct hostapd_roaming_consortium { 15019370Spst u8 len; 15119370Spst u8 oi[MAX_ROAMING_CONSORTIUM_LEN]; 15219370Spst}; 15319370Spst 15419370Spststruct hostapd_lang_string { 15519370Spst u8 lang[3]; 15698944Sobrien u8 name_len; 15798944Sobrien u8 name[252]; 15819370Spst}; 15919370Spst 16019370Spst#define MAX_NAI_REALMS 10 16119370Spst#define MAX_NAI_REALMLEN 255 16219370Spst#define MAX_NAI_EAP_METHODS 5 16319370Spst#define MAX_NAI_AUTH_TYPES 4 16419370Spststruct hostapd_nai_realm_data { 16519370Spst u8 encoding; 16619370Spst char realm_buf[MAX_NAI_REALMLEN + 1]; 16719370Spst char *realm[MAX_NAI_REALMS]; 16819370Spst u8 eap_method_count; 16919370Spst struct hostapd_nai_realm_eap { 17019370Spst u8 eap_method; 17119370Spst u8 num_auths; 17219370Spst u8 auth_id[MAX_NAI_AUTH_TYPES]; 17319370Spst u8 auth_val[MAX_NAI_AUTH_TYPES]; 17419370Spst } eap_method[MAX_NAI_EAP_METHODS]; 17519370Spst}; 17619370Spst 17719370Spst/** 17898944Sobrien * struct hostapd_bss_config - Per-BSS configuration 17919370Spst */ 18019370Spststruct hostapd_bss_config { 18119370Spst char iface[IFNAMSIZ + 1]; 18219370Spst char bridge[IFNAMSIZ + 1]; 18398944Sobrien char wds_bridge[IFNAMSIZ + 1]; 18419370Spst 18519370Spst enum hostapd_logger_level logger_syslog_level, logger_stdout_level; 18619370Spst 18719370Spst unsigned int logger_syslog; /* module bitfield */ 18898944Sobrien unsigned int logger_stdout; /* module bitfield */ 18998944Sobrien 19098944Sobrien char *dump_log_name; /* file name for state dump (SIGUSR1) */ 19119370Spst 19298944Sobrien int max_num_sta; /* maximum number of STAs in station table */ 19319370Spst 19419370Spst int dtim_period; 19519370Spst 19619370Spst int ieee802_1x; /* use IEEE 802.1X */ 19798944Sobrien int eapol_version; 19819370Spst int eap_server; /* Use internal EAP server instead of external 19919370Spst * RADIUS server */ 20098944Sobrien struct hostapd_eap_user *eap_user; 20119370Spst char *eap_user_sqlite; 20298944Sobrien char *eap_sim_db; 20319370Spst struct hostapd_ip_addr own_ip_addr; 20498944Sobrien char *nas_identifier; 20598944Sobrien struct hostapd_radius_servers *radius; 20698944Sobrien int acct_interim_interval; 20719370Spst int radius_request_cui; 20898944Sobrien struct hostapd_radius_attr *radius_auth_req_attr; 20998944Sobrien struct hostapd_radius_attr *radius_acct_req_attr; 21098944Sobrien int radius_das_port; 21198944Sobrien unsigned int radius_das_time_window; 21298944Sobrien int radius_das_require_event_timestamp; 21319370Spst struct hostapd_ip_addr radius_das_client_addr; 21419370Spst u8 *radius_das_shared_secret; 21519370Spst size_t radius_das_shared_secret_len; 21619370Spst 21719370Spst struct hostapd_ssid ssid; 21819370Spst 21998944Sobrien char *eap_req_id_text; /* optional displayable message sent with 22019370Spst * EAP Request-Identity */ 22119370Spst size_t eap_req_id_text_len; 22219370Spst int eapol_key_index_workaround; 22319370Spst 22419370Spst size_t default_wep_key_len; 22519370Spst int individual_wep_key_len; 22698944Sobrien int wep_rekeying_period; 22719370Spst int broadcast_key_idx_min, broadcast_key_idx_max; 22819370Spst int eap_reauth_period; 22919370Spst 23019370Spst int ieee802_11f; /* use IEEE 802.11f (IAPP) */ 23198944Sobrien char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast 23219370Spst * frames */ 23319370Spst 23419370Spst enum { 23519370Spst ACCEPT_UNLESS_DENIED = 0, 23619370Spst DENY_UNLESS_ACCEPTED = 1, 23719370Spst USE_EXTERNAL_RADIUS_AUTH = 2 23819370Spst } macaddr_acl; 23919370Spst struct mac_acl_entry *accept_mac; 24019370Spst int num_accept_mac; 24119370Spst struct mac_acl_entry *deny_mac; 24219370Spst int num_deny_mac; 24319370Spst int wds_sta; 24419370Spst int isolate; 24519370Spst 24619370Spst int auth_algs; /* bitfield of allowed IEEE 802.11 authentication 24719370Spst * algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */ 24819370Spst 24919370Spst int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */ 25019370Spst int wpa_key_mgmt; 25119370Spst#ifdef CONFIG_IEEE80211W 25219370Spst enum mfp_options ieee80211w; 25319370Spst /* dot11AssociationSAQueryMaximumTimeout (in TUs) */ 25419370Spst unsigned int assoc_sa_query_max_timeout; 25519370Spst /* dot11AssociationSAQueryRetryTimeout (in TUs) */ 25619370Spst int assoc_sa_query_retry_timeout; 25798944Sobrien#endif /* CONFIG_IEEE80211W */ 25819370Spst enum { 25919370Spst PSK_RADIUS_IGNORED = 0, 26019370Spst PSK_RADIUS_ACCEPTED = 1, 26119370Spst PSK_RADIUS_REQUIRED = 2 26246283Sdfr } wpa_psk_radius; 26398944Sobrien int wpa_pairwise; 26419370Spst int wpa_group; 26519370Spst int wpa_group_rekey; 26619370Spst int wpa_strict_rekey; 26719370Spst int wpa_gmk_rekey; 26819370Spst int wpa_ptk_rekey; 26919370Spst int rsn_pairwise; 27019370Spst int rsn_preauth; 27119370Spst char *rsn_preauth_interfaces; 27219370Spst int peerkey; 27319370Spst 27419370Spst#ifdef CONFIG_IEEE80211R 27519370Spst /* IEEE 802.11r - Fast BSS Transition */ 27619370Spst u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; 27719370Spst u8 r1_key_holder[FT_R1KH_ID_LEN]; 27819370Spst u32 r0_key_lifetime; 27919370Spst u32 reassociation_deadline; 28019370Spst struct ft_remote_r0kh *r0kh_list; 28119370Spst struct ft_remote_r1kh *r1kh_list; 28219370Spst int pmk_r1_push; 28319370Spst int ft_over_ds; 28419370Spst#endif /* CONFIG_IEEE80211R */ 28519370Spst 28698944Sobrien char *ctrl_interface; /* directory for UNIX domain sockets */ 28798944Sobrien#ifndef CONFIG_NATIVE_WINDOWS 28819370Spst gid_t ctrl_interface_gid; 28919370Spst#endif /* CONFIG_NATIVE_WINDOWS */ 29019370Spst int ctrl_interface_gid_set; 29119370Spst 29219370Spst char *ca_cert; 29319370Spst char *server_cert; 29419370Spst char *private_key; 29519370Spst char *private_key_passwd; 29619370Spst int check_crl; 29719370Spst char *dh_file; 29819370Spst u8 *pac_opaque_encr_key; 29919370Spst u8 *eap_fast_a_id; 30019370Spst size_t eap_fast_a_id_len; 30119370Spst char *eap_fast_a_id_info; 30219370Spst int eap_fast_prov; 30319370Spst int pac_key_lifetime; 30419370Spst int pac_key_refresh_time; 30519370Spst int eap_sim_aka_result_ind; 30619370Spst int tnc; 30719370Spst int fragment_size; 30819370Spst u16 pwd_group; 30919370Spst 31019370Spst char *radius_server_clients; 31119370Spst int radius_server_auth_port; 31219370Spst int radius_server_ipv6; 31319370Spst 31419370Spst char *test_socket; /* UNIX domain socket path for driver_test */ 31519370Spst 31619370Spst int use_pae_group_addr; /* Whether to send EAPOL frames to PAE group 31719370Spst * address instead of individual address 31819370Spst * (for driver_wired.c). 31919370Spst */ 32019370Spst 32119370Spst int ap_max_inactivity; 32219370Spst int ignore_broadcast_ssid; 32319370Spst 32419370Spst int wmm_enabled; 32519370Spst int wmm_uapsd; 32619370Spst 32798944Sobrien struct hostapd_vlan *vlan, *vlan_tail; 32819370Spst 32919370Spst macaddr bssid; 33019370Spst 33119370Spst /* 332130803Smarcel * Maximum listen interval that STAs can use when associating with this 333130803Smarcel * BSS. If a STA tries to use larger value, the association will be 334130803Smarcel * denied with status code 51. 335130803Smarcel */ 336130803Smarcel u16 max_listen_interval; 33719370Spst 33819370Spst int disable_pmksa_caching; 33919370Spst int okc; /* Opportunistic Key Caching */ 34019370Spst 34119370Spst int wps_state; 34219370Spst#ifdef CONFIG_WPS 34319370Spst int ap_setup_locked; 34419370Spst u8 uuid[16]; 34519370Spst char *wps_pin_requests; 34619370Spst char *device_name; 34719370Spst char *manufacturer; 34819370Spst char *model_name; 34919370Spst char *model_number; 35019370Spst char *serial_number; 35119370Spst u8 device_type[WPS_DEV_TYPE_LEN]; 35219370Spst char *config_methods; 35319370Spst u8 os_version[4]; 35419370Spst char *ap_pin; 35519370Spst int skip_cred_build; 35619370Spst u8 *extra_cred; 35719370Spst size_t extra_cred_len; 35819370Spst int wps_cred_processing; 35919370Spst u8 *ap_settings; 36019370Spst size_t ap_settings_len; 36119370Spst char *upnp_iface; 36219370Spst char *friendly_name; 36319370Spst char *manufacturer_url; 364130803Smarcel char *model_description; 36519370Spst char *model_url; 36619370Spst char *upc; 36719370Spst struct wpabuf *wps_vendor_ext[MAX_WPS_VENDOR_EXTENSIONS]; 36819370Spst int wps_nfc_dev_pw_id; 36919370Spst struct wpabuf *wps_nfc_dh_pubkey; 37019370Spst struct wpabuf *wps_nfc_dh_privkey; 37119370Spst struct wpabuf *wps_nfc_dev_pw; 37219370Spst#endif /* CONFIG_WPS */ 37319370Spst int pbc_in_m1; 37419370Spst 37519370Spst#define P2P_ENABLED BIT(0) 37619370Spst#define P2P_GROUP_OWNER BIT(1) 37719370Spst#define P2P_GROUP_FORMATION BIT(2) 37819370Spst#define P2P_MANAGE BIT(3) 37919370Spst#define P2P_ALLOW_CROSS_CONNECTION BIT(4) 38019370Spst int p2p; 38119370Spst 38219370Spst int disassoc_low_ack; 38319370Spst int skip_inactivity_poll; 38419370Spst 38519370Spst#define TDLS_PROHIBIT BIT(0) 38619370Spst#define TDLS_PROHIBIT_CHAN_SWITCH BIT(1) 38719370Spst int tdls; 38819370Spst int disable_11n; 38919370Spst int disable_11ac; 39019370Spst 39119370Spst /* IEEE 802.11v */ 39219370Spst int time_advertisement; 39319370Spst char *time_zone; 39419370Spst int wnm_sleep_mode; 39519370Spst int bss_transition; 39619370Spst 39798944Sobrien /* IEEE 802.11u - Interworking */ 39898944Sobrien int interworking; 39998944Sobrien int access_network_type; 40019370Spst int internet; 40119370Spst int asra; 40219370Spst int esr; 40319370Spst int uesa; 40419370Spst int venue_info_set; 40519370Spst u8 venue_group; 40619370Spst u8 venue_type; 407 u8 hessid[ETH_ALEN]; 408 409 /* IEEE 802.11u - Roaming Consortium list */ 410 unsigned int roaming_consortium_count; 411 struct hostapd_roaming_consortium *roaming_consortium; 412 413 /* IEEE 802.11u - Venue Name duples */ 414 unsigned int venue_name_count; 415 struct hostapd_lang_string *venue_name; 416 417 /* IEEE 802.11u - Network Authentication Type */ 418 u8 *network_auth_type; 419 size_t network_auth_type_len; 420 421 /* IEEE 802.11u - IP Address Type Availability */ 422 u8 ipaddr_type_availability; 423 u8 ipaddr_type_configured; 424 425 /* IEEE 802.11u - 3GPP Cellular Network */ 426 u8 *anqp_3gpp_cell_net; 427 size_t anqp_3gpp_cell_net_len; 428 429 /* IEEE 802.11u - Domain Name */ 430 u8 *domain_name; 431 size_t domain_name_len; 432 433 unsigned int nai_realm_count; 434 struct hostapd_nai_realm_data *nai_realm_data; 435 436 u16 gas_comeback_delay; 437 int gas_frag_limit; 438 439#ifdef CONFIG_HS20 440 int hs20; 441 int disable_dgaf; 442 unsigned int hs20_oper_friendly_name_count; 443 struct hostapd_lang_string *hs20_oper_friendly_name; 444 u8 *hs20_wan_metrics; 445 u8 *hs20_connection_capability; 446 size_t hs20_connection_capability_len; 447 u8 *hs20_operating_class; 448 u8 hs20_operating_class_len; 449#endif /* CONFIG_HS20 */ 450 451 u8 wps_rf_bands; /* RF bands for WPS (WPS_RF_*) */ 452 453#ifdef CONFIG_RADIUS_TEST 454 char *dump_msk_file; 455#endif /* CONFIG_RADIUS_TEST */ 456 457 struct wpabuf *vendor_elements; 458}; 459 460 461/** 462 * struct hostapd_config - Per-radio interface configuration 463 */ 464struct hostapd_config { 465 struct hostapd_bss_config *bss, *last_bss; 466 size_t num_bss; 467 468 u16 beacon_int; 469 int rts_threshold; 470 int fragm_threshold; 471 u8 send_probe_response; 472 u8 channel; 473 enum hostapd_hw_mode hw_mode; /* HOSTAPD_MODE_IEEE80211A, .. */ 474 enum { 475 LONG_PREAMBLE = 0, 476 SHORT_PREAMBLE = 1 477 } preamble; 478 479 int *supported_rates; 480 int *basic_rates; 481 482 const struct wpa_driver_ops *driver; 483 484 int ap_table_max_size; 485 int ap_table_expiration_time; 486 487 char country[3]; /* first two octets: country code as described in 488 * ISO/IEC 3166-1. Third octet: 489 * ' ' (ascii 32): all environments 490 * 'O': Outdoor environemnt only 491 * 'I': Indoor environment only 492 */ 493 494 int ieee80211d; 495 496 struct hostapd_tx_queue_params tx_queue[NUM_TX_QUEUES]; 497 498 /* 499 * WMM AC parameters, in same order as 802.1D, i.e. 500 * 0 = BE (best effort) 501 * 1 = BK (background) 502 * 2 = VI (video) 503 * 3 = VO (voice) 504 */ 505 struct hostapd_wmm_ac_params wmm_ac_params[4]; 506 507 int ht_op_mode_fixed; 508 u16 ht_capab; 509 int ieee80211n; 510 int secondary_channel; 511 int require_ht; 512 u32 vht_capab; 513 int ieee80211ac; 514 int require_vht; 515 u8 vht_oper_chwidth; 516 u8 vht_oper_centr_freq_seg0_idx; 517 u8 vht_oper_centr_freq_seg1_idx; 518}; 519 520 521int hostapd_mac_comp(const void *a, const void *b); 522int hostapd_mac_comp_empty(const void *a); 523struct hostapd_config * hostapd_config_defaults(void); 524void hostapd_config_defaults_bss(struct hostapd_bss_config *bss); 525void hostapd_config_free(struct hostapd_config *conf); 526int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries, 527 const u8 *addr, int *vlan_id); 528int hostapd_rate_found(int *list, int rate); 529int hostapd_wep_key_cmp(struct hostapd_wep_keys *a, 530 struct hostapd_wep_keys *b); 531const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf, 532 const u8 *addr, const u8 *prev_psk); 533int hostapd_setup_wpa_psk(struct hostapd_bss_config *conf); 534const char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, 535 int vlan_id); 536struct hostapd_radius_attr * 537hostapd_config_get_radius_attr(struct hostapd_radius_attr *attr, u8 type); 538 539#endif /* HOSTAPD_CONFIG_H */ 540