1214501Srpaulo/* 2214501Srpaulo * hostapd / Configuration definitions and helpers functions 3214501Srpaulo * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4214501Srpaulo * 5214501Srpaulo * This program is free software; you can redistribute it and/or modify 6214501Srpaulo * it under the terms of the GNU General Public License version 2 as 7214501Srpaulo * published by the Free Software Foundation. 8214501Srpaulo * 9214501Srpaulo * Alternatively, this software may be distributed under the terms of BSD 10214501Srpaulo * license. 11214501Srpaulo * 12214501Srpaulo * See README and COPYING for more details. 13214501Srpaulo */ 14214501Srpaulo 15214501Srpaulo#ifndef HOSTAPD_CONFIG_H 16214501Srpaulo#define HOSTAPD_CONFIG_H 17214501Srpaulo 18214501Srpaulo#include "common/defs.h" 19214501Srpaulo#include "ip_addr.h" 20214501Srpaulo#include "common/wpa_common.h" 21214501Srpaulo 22214501Srpaulo#define MAX_STA_COUNT 2007 23214501Srpaulo#define MAX_VLAN_ID 4094 24214501Srpaulo 25214501Srpaulotypedef u8 macaddr[ETH_ALEN]; 26214501Srpaulo 27214501Srpaulostruct mac_acl_entry { 28214501Srpaulo macaddr addr; 29214501Srpaulo int vlan_id; 30214501Srpaulo}; 31214501Srpaulo 32214501Srpaulostruct hostapd_radius_servers; 33214501Srpaulostruct ft_remote_r0kh; 34214501Srpaulostruct ft_remote_r1kh; 35214501Srpaulo 36214501Srpaulo#define HOSTAPD_MAX_SSID_LEN 32 37214501Srpaulo 38214501Srpaulo#define NUM_WEP_KEYS 4 39214501Srpaulostruct hostapd_wep_keys { 40214501Srpaulo u8 idx; 41214501Srpaulo u8 *key[NUM_WEP_KEYS]; 42214501Srpaulo size_t len[NUM_WEP_KEYS]; 43214501Srpaulo int keys_set; 44214501Srpaulo size_t default_len; /* key length used for dynamic key generation */ 45214501Srpaulo}; 46214501Srpaulo 47214501Srpaulotypedef enum hostap_security_policy { 48214501Srpaulo SECURITY_PLAINTEXT = 0, 49214501Srpaulo SECURITY_STATIC_WEP = 1, 50214501Srpaulo SECURITY_IEEE_802_1X = 2, 51214501Srpaulo SECURITY_WPA_PSK = 3, 52214501Srpaulo SECURITY_WPA = 4 53214501Srpaulo} secpolicy; 54214501Srpaulo 55214501Srpaulostruct hostapd_ssid { 56214501Srpaulo char ssid[HOSTAPD_MAX_SSID_LEN + 1]; 57214501Srpaulo size_t ssid_len; 58214501Srpaulo int ssid_set; 59214501Srpaulo 60214501Srpaulo char vlan[IFNAMSIZ + 1]; 61214501Srpaulo secpolicy security_policy; 62214501Srpaulo 63214501Srpaulo struct hostapd_wpa_psk *wpa_psk; 64214501Srpaulo char *wpa_passphrase; 65214501Srpaulo char *wpa_psk_file; 66214501Srpaulo 67214501Srpaulo struct hostapd_wep_keys wep; 68214501Srpaulo 69214501Srpaulo#define DYNAMIC_VLAN_DISABLED 0 70214501Srpaulo#define DYNAMIC_VLAN_OPTIONAL 1 71214501Srpaulo#define DYNAMIC_VLAN_REQUIRED 2 72214501Srpaulo int dynamic_vlan; 73214501Srpaulo#ifdef CONFIG_FULL_DYNAMIC_VLAN 74214501Srpaulo char *vlan_tagged_interface; 75214501Srpaulo#endif /* CONFIG_FULL_DYNAMIC_VLAN */ 76214501Srpaulo struct hostapd_wep_keys **dyn_vlan_keys; 77214501Srpaulo size_t max_dyn_vlan_keys; 78214501Srpaulo}; 79214501Srpaulo 80214501Srpaulo 81214501Srpaulo#define VLAN_ID_WILDCARD -1 82214501Srpaulo 83214501Srpaulostruct hostapd_vlan { 84214501Srpaulo struct hostapd_vlan *next; 85214501Srpaulo int vlan_id; /* VLAN ID or -1 (VLAN_ID_WILDCARD) for wildcard entry */ 86214501Srpaulo char ifname[IFNAMSIZ + 1]; 87214501Srpaulo int dynamic_vlan; 88214501Srpaulo#ifdef CONFIG_FULL_DYNAMIC_VLAN 89214501Srpaulo 90214501Srpaulo#define DVLAN_CLEAN_BR 0x1 91214501Srpaulo#define DVLAN_CLEAN_VLAN 0x2 92214501Srpaulo#define DVLAN_CLEAN_VLAN_PORT 0x4 93214501Srpaulo#define DVLAN_CLEAN_WLAN_PORT 0x8 94214501Srpaulo int clean; 95214501Srpaulo#endif /* CONFIG_FULL_DYNAMIC_VLAN */ 96214501Srpaulo}; 97214501Srpaulo 98214501Srpaulo#define PMK_LEN 32 99214501Srpaulostruct hostapd_wpa_psk { 100214501Srpaulo struct hostapd_wpa_psk *next; 101214501Srpaulo int group; 102214501Srpaulo u8 psk[PMK_LEN]; 103214501Srpaulo u8 addr[ETH_ALEN]; 104214501Srpaulo}; 105214501Srpaulo 106214501Srpaulo#define EAP_USER_MAX_METHODS 8 107214501Srpaulostruct hostapd_eap_user { 108214501Srpaulo struct hostapd_eap_user *next; 109214501Srpaulo u8 *identity; 110214501Srpaulo size_t identity_len; 111214501Srpaulo struct { 112214501Srpaulo int vendor; 113214501Srpaulo u32 method; 114214501Srpaulo } methods[EAP_USER_MAX_METHODS]; 115214501Srpaulo u8 *password; 116214501Srpaulo size_t password_len; 117214501Srpaulo int phase2; 118214501Srpaulo int force_version; 119214501Srpaulo unsigned int wildcard_prefix:1; 120214501Srpaulo unsigned int password_hash:1; /* whether password is hashed with 121214501Srpaulo * nt_password_hash() */ 122214501Srpaulo int ttls_auth; /* EAP_TTLS_AUTH_* bitfield */ 123214501Srpaulo}; 124214501Srpaulo 125214501Srpaulo 126214501Srpaulo#define NUM_TX_QUEUES 8 127214501Srpaulo 128214501Srpaulostruct hostapd_tx_queue_params { 129214501Srpaulo int aifs; 130214501Srpaulo int cwmin; 131214501Srpaulo int cwmax; 132214501Srpaulo int burst; /* maximum burst time in 0.1 ms, i.e., 10 = 1 ms */ 133214501Srpaulo int configured; 134214501Srpaulo}; 135214501Srpaulo 136214501Srpaulostruct hostapd_wmm_ac_params { 137214501Srpaulo int cwmin; 138214501Srpaulo int cwmax; 139214501Srpaulo int aifs; 140214501Srpaulo int txop_limit; /* in units of 32us */ 141214501Srpaulo int admission_control_mandatory; 142214501Srpaulo}; 143214501Srpaulo 144214501Srpaulo 145214501Srpaulo/** 146214501Srpaulo * struct hostapd_bss_config - Per-BSS configuration 147214501Srpaulo */ 148214501Srpaulostruct hostapd_bss_config { 149214501Srpaulo char iface[IFNAMSIZ + 1]; 150214501Srpaulo char bridge[IFNAMSIZ + 1]; 151214501Srpaulo 152214501Srpaulo enum hostapd_logger_level logger_syslog_level, logger_stdout_level; 153214501Srpaulo 154214501Srpaulo unsigned int logger_syslog; /* module bitfield */ 155214501Srpaulo unsigned int logger_stdout; /* module bitfield */ 156214501Srpaulo 157214501Srpaulo char *dump_log_name; /* file name for state dump (SIGUSR1) */ 158214501Srpaulo 159214501Srpaulo int max_num_sta; /* maximum number of STAs in station table */ 160214501Srpaulo 161214501Srpaulo int dtim_period; 162214501Srpaulo 163214501Srpaulo int ieee802_1x; /* use IEEE 802.1X */ 164214501Srpaulo int eapol_version; 165214501Srpaulo int eap_server; /* Use internal EAP server instead of external 166214501Srpaulo * RADIUS server */ 167214501Srpaulo struct hostapd_eap_user *eap_user; 168214501Srpaulo char *eap_sim_db; 169214501Srpaulo struct hostapd_ip_addr own_ip_addr; 170214501Srpaulo char *nas_identifier; 171214501Srpaulo struct hostapd_radius_servers *radius; 172214501Srpaulo int acct_interim_interval; 173214501Srpaulo 174214501Srpaulo struct hostapd_ssid ssid; 175214501Srpaulo 176214501Srpaulo char *eap_req_id_text; /* optional displayable message sent with 177214501Srpaulo * EAP Request-Identity */ 178214501Srpaulo size_t eap_req_id_text_len; 179214501Srpaulo int eapol_key_index_workaround; 180214501Srpaulo 181214501Srpaulo size_t default_wep_key_len; 182214501Srpaulo int individual_wep_key_len; 183214501Srpaulo int wep_rekeying_period; 184214501Srpaulo int broadcast_key_idx_min, broadcast_key_idx_max; 185214501Srpaulo int eap_reauth_period; 186214501Srpaulo 187214501Srpaulo int ieee802_11f; /* use IEEE 802.11f (IAPP) */ 188214501Srpaulo char iapp_iface[IFNAMSIZ + 1]; /* interface used with IAPP broadcast 189214501Srpaulo * frames */ 190214501Srpaulo 191214501Srpaulo enum { 192214501Srpaulo ACCEPT_UNLESS_DENIED = 0, 193214501Srpaulo DENY_UNLESS_ACCEPTED = 1, 194214501Srpaulo USE_EXTERNAL_RADIUS_AUTH = 2 195214501Srpaulo } macaddr_acl; 196214501Srpaulo struct mac_acl_entry *accept_mac; 197214501Srpaulo int num_accept_mac; 198214501Srpaulo struct mac_acl_entry *deny_mac; 199214501Srpaulo int num_deny_mac; 200214501Srpaulo int wds_sta; 201214501Srpaulo 202214501Srpaulo int auth_algs; /* bitfield of allowed IEEE 802.11 authentication 203214501Srpaulo * algorithms, WPA_AUTH_ALG_{OPEN,SHARED,LEAP} */ 204214501Srpaulo 205214501Srpaulo int wpa; /* bitfield of WPA_PROTO_WPA, WPA_PROTO_RSN */ 206214501Srpaulo int wpa_key_mgmt; 207214501Srpaulo#ifdef CONFIG_IEEE80211W 208214501Srpaulo enum mfp_options ieee80211w; 209214501Srpaulo /* dot11AssociationSAQueryMaximumTimeout (in TUs) */ 210214501Srpaulo unsigned int assoc_sa_query_max_timeout; 211214501Srpaulo /* dot11AssociationSAQueryRetryTimeout (in TUs) */ 212214501Srpaulo int assoc_sa_query_retry_timeout; 213214501Srpaulo#endif /* CONFIG_IEEE80211W */ 214214501Srpaulo int wpa_pairwise; 215214501Srpaulo int wpa_group; 216214501Srpaulo int wpa_group_rekey; 217214501Srpaulo int wpa_strict_rekey; 218214501Srpaulo int wpa_gmk_rekey; 219214501Srpaulo int wpa_ptk_rekey; 220214501Srpaulo int rsn_pairwise; 221214501Srpaulo int rsn_preauth; 222214501Srpaulo char *rsn_preauth_interfaces; 223214501Srpaulo int peerkey; 224214501Srpaulo 225214501Srpaulo#ifdef CONFIG_IEEE80211R 226214501Srpaulo /* IEEE 802.11r - Fast BSS Transition */ 227214501Srpaulo u8 mobility_domain[MOBILITY_DOMAIN_ID_LEN]; 228214501Srpaulo u8 r1_key_holder[FT_R1KH_ID_LEN]; 229214501Srpaulo u32 r0_key_lifetime; 230214501Srpaulo u32 reassociation_deadline; 231214501Srpaulo struct ft_remote_r0kh *r0kh_list; 232214501Srpaulo struct ft_remote_r1kh *r1kh_list; 233214501Srpaulo int pmk_r1_push; 234214501Srpaulo#endif /* CONFIG_IEEE80211R */ 235214501Srpaulo 236214501Srpaulo char *ctrl_interface; /* directory for UNIX domain sockets */ 237214501Srpaulo#ifndef CONFIG_NATIVE_WINDOWS 238214501Srpaulo gid_t ctrl_interface_gid; 239214501Srpaulo#endif /* CONFIG_NATIVE_WINDOWS */ 240214501Srpaulo int ctrl_interface_gid_set; 241214501Srpaulo 242214501Srpaulo char *ca_cert; 243214501Srpaulo char *server_cert; 244214501Srpaulo char *private_key; 245214501Srpaulo char *private_key_passwd; 246214501Srpaulo int check_crl; 247214501Srpaulo char *dh_file; 248214501Srpaulo u8 *pac_opaque_encr_key; 249214501Srpaulo u8 *eap_fast_a_id; 250214501Srpaulo size_t eap_fast_a_id_len; 251214501Srpaulo char *eap_fast_a_id_info; 252214501Srpaulo int eap_fast_prov; 253214501Srpaulo int pac_key_lifetime; 254214501Srpaulo int pac_key_refresh_time; 255214501Srpaulo int eap_sim_aka_result_ind; 256214501Srpaulo int tnc; 257214501Srpaulo 258214501Srpaulo char *radius_server_clients; 259214501Srpaulo int radius_server_auth_port; 260214501Srpaulo int radius_server_ipv6; 261214501Srpaulo 262214501Srpaulo char *test_socket; /* UNIX domain socket path for driver_test */ 263214501Srpaulo 264214501Srpaulo int use_pae_group_addr; /* Whether to send EAPOL frames to PAE group 265214501Srpaulo * address instead of individual address 266214501Srpaulo * (for driver_wired.c). 267214501Srpaulo */ 268214501Srpaulo 269214501Srpaulo int ap_max_inactivity; 270214501Srpaulo int ignore_broadcast_ssid; 271214501Srpaulo 272214501Srpaulo int wmm_enabled; 273214501Srpaulo int wmm_uapsd; 274214501Srpaulo 275214501Srpaulo struct hostapd_vlan *vlan, *vlan_tail; 276214501Srpaulo 277214501Srpaulo macaddr bssid; 278214501Srpaulo 279214501Srpaulo /* 280214501Srpaulo * Maximum listen interval that STAs can use when associating with this 281214501Srpaulo * BSS. If a STA tries to use larger value, the association will be 282214501Srpaulo * denied with status code 51. 283214501Srpaulo */ 284214501Srpaulo u16 max_listen_interval; 285214501Srpaulo 286214501Srpaulo int okc; /* Opportunistic Key Caching */ 287214501Srpaulo 288214501Srpaulo int wps_state; 289214501Srpaulo#ifdef CONFIG_WPS 290214501Srpaulo int ap_setup_locked; 291214501Srpaulo u8 uuid[16]; 292214501Srpaulo char *wps_pin_requests; 293214501Srpaulo char *device_name; 294214501Srpaulo char *manufacturer; 295214501Srpaulo char *model_name; 296214501Srpaulo char *model_number; 297214501Srpaulo char *serial_number; 298214501Srpaulo char *device_type; 299214501Srpaulo char *config_methods; 300214501Srpaulo u8 os_version[4]; 301214501Srpaulo char *ap_pin; 302214501Srpaulo int skip_cred_build; 303214501Srpaulo u8 *extra_cred; 304214501Srpaulo size_t extra_cred_len; 305214501Srpaulo int wps_cred_processing; 306214501Srpaulo u8 *ap_settings; 307214501Srpaulo size_t ap_settings_len; 308214501Srpaulo char *upnp_iface; 309214501Srpaulo char *friendly_name; 310214501Srpaulo char *manufacturer_url; 311214501Srpaulo char *model_description; 312214501Srpaulo char *model_url; 313214501Srpaulo char *upc; 314214501Srpaulo#endif /* CONFIG_WPS */ 315214501Srpaulo}; 316214501Srpaulo 317214501Srpaulo 318214501Srpaulo/** 319214501Srpaulo * struct hostapd_config - Per-radio interface configuration 320214501Srpaulo */ 321214501Srpaulostruct hostapd_config { 322214501Srpaulo struct hostapd_bss_config *bss, *last_bss; 323214501Srpaulo size_t num_bss; 324214501Srpaulo 325214501Srpaulo u16 beacon_int; 326214501Srpaulo int rts_threshold; 327214501Srpaulo int fragm_threshold; 328214501Srpaulo u8 send_probe_response; 329214501Srpaulo u8 channel; 330214501Srpaulo enum hostapd_hw_mode hw_mode; /* HOSTAPD_MODE_IEEE80211A, .. */ 331214501Srpaulo enum { 332214501Srpaulo LONG_PREAMBLE = 0, 333214501Srpaulo SHORT_PREAMBLE = 1 334214501Srpaulo } preamble; 335214501Srpaulo enum { 336214501Srpaulo CTS_PROTECTION_AUTOMATIC = 0, 337214501Srpaulo CTS_PROTECTION_FORCE_ENABLED = 1, 338214501Srpaulo CTS_PROTECTION_FORCE_DISABLED = 2, 339214501Srpaulo CTS_PROTECTION_AUTOMATIC_NO_OLBC = 3, 340214501Srpaulo } cts_protection_type; 341214501Srpaulo 342214501Srpaulo int *supported_rates; 343214501Srpaulo int *basic_rates; 344214501Srpaulo 345214501Srpaulo const struct wpa_driver_ops *driver; 346214501Srpaulo 347214501Srpaulo int ap_table_max_size; 348214501Srpaulo int ap_table_expiration_time; 349214501Srpaulo 350214501Srpaulo char country[3]; /* first two octets: country code as described in 351214501Srpaulo * ISO/IEC 3166-1. Third octet: 352214501Srpaulo * ' ' (ascii 32): all environments 353214501Srpaulo * 'O': Outdoor environemnt only 354214501Srpaulo * 'I': Indoor environment only 355214501Srpaulo */ 356214501Srpaulo 357214501Srpaulo int ieee80211d; 358214501Srpaulo 359214501Srpaulo struct hostapd_tx_queue_params tx_queue[NUM_TX_QUEUES]; 360214501Srpaulo 361214501Srpaulo /* 362214501Srpaulo * WMM AC parameters, in same order as 802.1D, i.e. 363214501Srpaulo * 0 = BE (best effort) 364214501Srpaulo * 1 = BK (background) 365214501Srpaulo * 2 = VI (video) 366214501Srpaulo * 3 = VO (voice) 367214501Srpaulo */ 368214501Srpaulo struct hostapd_wmm_ac_params wmm_ac_params[4]; 369214501Srpaulo 370214501Srpaulo int ht_op_mode_fixed; 371214501Srpaulo u16 ht_capab; 372214501Srpaulo int ieee80211n; 373214501Srpaulo int secondary_channel; 374214501Srpaulo}; 375214501Srpaulo 376214501Srpaulo 377214501Srpauloint hostapd_mac_comp(const void *a, const void *b); 378214501Srpauloint hostapd_mac_comp_empty(const void *a); 379214501Srpaulostruct hostapd_config * hostapd_config_defaults(void); 380214501Srpaulovoid hostapd_config_defaults_bss(struct hostapd_bss_config *bss); 381214501Srpaulovoid hostapd_config_free(struct hostapd_config *conf); 382214501Srpauloint hostapd_maclist_found(struct mac_acl_entry *list, int num_entries, 383214501Srpaulo const u8 *addr, int *vlan_id); 384214501Srpauloint hostapd_rate_found(int *list, int rate); 385214501Srpauloint hostapd_wep_key_cmp(struct hostapd_wep_keys *a, 386214501Srpaulo struct hostapd_wep_keys *b); 387214501Srpauloconst u8 * hostapd_get_psk(const struct hostapd_bss_config *conf, 388214501Srpaulo const u8 *addr, const u8 *prev_psk); 389214501Srpauloint hostapd_setup_wpa_psk(struct hostapd_bss_config *conf); 390214501Srpauloconst char * hostapd_get_vlan_id_ifname(struct hostapd_vlan *vlan, 391214501Srpaulo int vlan_id); 392214501Srpauloconst struct hostapd_eap_user * 393214501Srpaulohostapd_get_eap_user(const struct hostapd_bss_config *conf, const u8 *identity, 394214501Srpaulo size_t identity_len, int phase2); 395214501Srpaulo 396214501Srpaulo#endif /* HOSTAPD_CONFIG_H */ 397