├── debian ├── compat ├── source │ └── format ├── rules ├── files ├── postinst ├── conffiles ├── prerm ├── copyright ├── changelog └── control ├── src ├── tls │ ├── .gitignore │ ├── pkcs5.h │ ├── pkcs8.h │ ├── Makefile │ ├── rsa.h │ ├── pkcs1.h │ ├── bignum.h │ ├── tlsv1_cred.h │ ├── tlsv1_record.h │ ├── tlsv1_server.h │ └── tlsv1_client.h ├── crypto │ ├── .gitignore │ ├── crypto_none.c │ ├── md5.h │ ├── aes_siv.h │ ├── sha384.h │ ├── md5_i.h │ ├── aes.h │ ├── dh_group5.h │ ├── sha1_i.h │ ├── sha256_i.h │ ├── des_i.h │ ├── dh_groups.h │ ├── aes-encblock.c │ ├── dh_group5.c │ ├── random.h │ ├── milenage.h │ ├── sha1.h │ ├── sha256.h │ ├── rc4.c │ ├── Makefile │ ├── aes-ctr.c │ ├── crypto_internal-modexp.c │ ├── fips_prf_internal.c │ ├── sha1-prf.c │ ├── fips_prf_openssl.c │ ├── aes-wrap.c │ ├── sha1-tprf.c │ ├── sha256-kdf.c │ ├── sha256-tlsprf.c │ ├── aes-unwrap.c │ └── aes-cbc.c ├── radius │ ├── .gitignore │ ├── Makefile │ └── radius_das.h ├── utils │ ├── .gitignore │ ├── uuid.h │ ├── base64.h │ ├── browser.h │ ├── platform.h │ ├── bitfield.h │ ├── ext_password_i.h │ ├── edit.h │ ├── ip_addr.h │ ├── Makefile │ ├── ext_password.h │ ├── ip_addr.c │ ├── includes.h │ ├── uuid.c │ ├── pcsc_funcs.h │ ├── build_config.h │ ├── bitfield.c │ ├── http-utils.h │ ├── edit_simple.c │ ├── ext_password_test.c │ └── trace.h ├── drivers │ ├── .gitignore │ ├── Makefile │ ├── rfkill.h │ ├── netlink.h │ ├── linux_ioctl.h │ ├── linux_wext.h │ ├── linux_defines.h │ ├── driver_ndis.h │ ├── driver_none.c │ └── android_drv.h ├── pae │ ├── Makefile │ ├── ieee802_1x_key.h │ └── ieee802_1x_cp.h ├── ap │ ├── Makefile │ ├── authsrv.h │ ├── vlan_util.h │ ├── bss_load.h │ ├── wpa_auth_glue.h │ ├── tkip_countermeasures.h │ ├── dhcp_snoop.h │ ├── hs20.h │ ├── wmm.h │ ├── acs.h │ ├── beacon.h │ ├── wnm_ap.h │ ├── ieee802_11_auth.h │ ├── iapp.h │ ├── ndisc_snoop.h │ ├── p2p_hostapd.h │ ├── ap_mlme.h │ ├── ctrl_iface_ap.h │ ├── dfs.h │ ├── accounting.h │ ├── preauth_auth.h │ ├── wpa_auth_ie.h │ ├── vlan_init.h │ ├── x_snoop.h │ ├── ap_list.h │ ├── bss_load.c │ ├── hw_features.h │ ├── utils.c │ └── pmksa_cache_auth.h ├── common │ ├── Makefile │ ├── version.h │ ├── qca-vendor-attr.h │ ├── wpa_helpers.h │ ├── gas.h │ ├── hw_features_common.h │ ├── privsep_commands.h │ └── ieee802_1x_defs.h ├── p2p │ └── Makefile ├── wps │ ├── Makefile │ ├── http.h │ ├── upnp_xml.h │ ├── http_server.h │ ├── http_client.h │ ├── wps_upnp.h │ └── wps_dev_attr.h ├── eap_common │ ├── Makefile │ ├── chap.h │ ├── eap_peap_common.h │ ├── chap.c │ ├── eap_wsc_common.h │ ├── eap_wsc_common.c │ ├── eap_ikev2_common.h │ ├── eap_common.h │ ├── eap_psk_common.c │ ├── eap_ttls.h │ ├── eap_psk_common.h │ ├── eap_peap_common.c │ ├── eap_pwd_common.h │ └── eap_gpsk_common.h ├── eap_server │ ├── Makefile │ ├── tncs.h │ ├── ikev2.h │ └── eap_methods.h ├── eapol_auth │ └── Makefile ├── eapol_supp │ └── Makefile ├── l2_packet │ └── Makefile ├── rsn_supp │ ├── Makefile │ ├── wpa_ie.h │ └── preauth.h ├── eap_peer │ ├── Makefile │ ├── mschapv2.h │ ├── tncc.h │ ├── eap_proxy.h │ ├── ikev2.h │ ├── eap_fast_pac.h │ └── eap_proxy_dummy.c ├── lib.rules └── Makefile ├── hostapd ├── hostapd.deny ├── hostapd.radius_clients ├── hostapd.accept ├── hostapd.vlan ├── eap_register.h ├── logwatch │ ├── hostapd.conf │ ├── README │ └── hostapd ├── hapd_module_tests.c ├── hostapd.sim_db ├── config_file.h ├── hostapd.wpa_psk ├── hostapd.eap_user_sqlite ├── hlr_auc_gw.milenage_db ├── nt_password_hash.c ├── ctrl_iface.h ├── wired.conf ├── hostapd.8 └── hostapd_cli.1 ├── etc ├── Makefile ├── default ├── hostapd.conf └── init ├── Makefile ├── COPYING ├── README.md └── patches └── 300-noscan.patch /debian/compat: -------------------------------------------------------------------------------- 1 | 9 2 | -------------------------------------------------------------------------------- /src/tls/.gitignore: -------------------------------------------------------------------------------- 1 | libtls.a 2 | -------------------------------------------------------------------------------- /debian/source/format: -------------------------------------------------------------------------------- 1 | 3.0 (quilt) 2 | -------------------------------------------------------------------------------- /src/crypto/.gitignore: -------------------------------------------------------------------------------- 1 | libcrypto.a 2 | -------------------------------------------------------------------------------- /src/radius/.gitignore: -------------------------------------------------------------------------------- 1 | libradius.a 2 | -------------------------------------------------------------------------------- /src/utils/.gitignore: -------------------------------------------------------------------------------- 1 | libutils.a 2 | -------------------------------------------------------------------------------- /debian/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | %: 3 | dh $@ 4 | -------------------------------------------------------------------------------- /debian/files: -------------------------------------------------------------------------------- 1 | hostapd-rtl_2.4-2_armhf.deb network optional 2 | -------------------------------------------------------------------------------- /debian/postinst: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | update-rc.d -f hostapd defaults 3 | -------------------------------------------------------------------------------- /src/drivers/.gitignore: -------------------------------------------------------------------------------- 1 | build.wpa_supplicant 2 | build.hostapd 3 | -------------------------------------------------------------------------------- /debian/conffiles: -------------------------------------------------------------------------------- 1 | /etc/hostapd/hostapd.conf 2 | /etc/init.d/hostapd 3 | /etc/default/hostapd 4 | -------------------------------------------------------------------------------- /debian/prerm: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | if [ "$1" = "remove" ]; then 3 | /etc/init.d/hostapd stop 4 | update-rc.d -f hostapd remove 5 | fi 6 | -------------------------------------------------------------------------------- /src/pae/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/ap/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/common/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/p2p/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/wps/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/eap_common/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/eap_server/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/eapol_auth/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/eapol_supp/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/l2_packet/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /src/rsn_supp/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | @echo Nothing to be made. 9 | -------------------------------------------------------------------------------- /hostapd/hostapd.deny: -------------------------------------------------------------------------------- 1 | # List of MAC addresses that are not allowed to authenticate (IEEE 802.11) 2 | # with the AP. 3 | 00:20:30:40:50:60 4 | 00:ab:cd:ef:12:34 5 | 00:00:30:40:50:60 6 | -------------------------------------------------------------------------------- /hostapd/hostapd.radius_clients: -------------------------------------------------------------------------------- 1 | # RADIUS client configuration for the RADIUS server 2 | 10.1.2.3 secret passphrase 3 | 192.168.1.0/24 another very secret passphrase 4 | 0.0.0.0/0 radius 5 | -------------------------------------------------------------------------------- /src/drivers/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov 6 | rm -f build.wpa_supplicant build.hostapd 7 | 8 | install: 9 | @echo Nothing to be made. 10 | -------------------------------------------------------------------------------- /src/common/version.h: -------------------------------------------------------------------------------- 1 | #ifndef VERSION_H 2 | #define VERSION_H 3 | 4 | #ifndef VERSION_STR_POSTFIX 5 | #define VERSION_STR_POSTFIX "" 6 | #endif /* VERSION_STR_POSTFIX */ 7 | 8 | #define VERSION_STR "2.4" VERSION_STR_POSTFIX 9 | 10 | #endif /* VERSION_H */ 11 | -------------------------------------------------------------------------------- /etc/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | @echo Nothing to be made. 6 | 7 | install: 8 | install -D hostapd.conf $(DESTDIR)/etc/hostapd/hostapd.conf 9 | install -D init $(DESTDIR)/etc/init.d/hostapd 10 | install -D default $(DESTDIR)/etc/default/hostapd 11 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | SUBDIRS=hostapd etc 2 | 3 | all: 4 | for d in $(SUBDIRS); do [ -d $$d ] && $(MAKE) -C $$d; done 5 | 6 | clean: 7 | for d in $(SUBDIRS); do [ -d $$d ] && $(MAKE) -C $$d clean; done 8 | rm -f *~ 9 | 10 | install: 11 | for d in $(SUBDIRS); do [ -d $$d ] && $(MAKE) -C $$d install; done 12 | -------------------------------------------------------------------------------- /src/eap_peer/Makefile: -------------------------------------------------------------------------------- 1 | all: 2 | @echo Nothing to be made. 3 | 4 | clean: 5 | rm -f *~ *.o *.so *.d *.gcno *.gcda *.gcov 6 | 7 | install: 8 | if ls *.so >/dev/null 2>&1; then \ 9 | install -d $(DESTDIR)$(LIBDIR)/wpa_supplicant && \ 10 | cp *.so $(DESTDIR)$(LIBDIR)/wpa_supplicant \ 11 | ; fi 12 | -------------------------------------------------------------------------------- /hostapd/hostapd.accept: -------------------------------------------------------------------------------- 1 | # List of MAC addresses that are allowed to authenticate (IEEE 802.11) 2 | # with the AP. Optional VLAN ID can be assigned for clients based on the 3 | # MAC address if dynamic VLANs (hostapd.conf dynamic_vlan option) are used. 4 | 00:11:22:33:44:55 5 | 00:66:77:88:99:aa 6 | 00:00:22:33:44:55 1 7 | -------------------------------------------------------------------------------- /hostapd/hostapd.vlan: -------------------------------------------------------------------------------- 1 | # VLAN ID to network interface mapping 2 | 1 vlan1 3 | 2 vlan2 4 | 3 vlan3 5 | 100 guest 6 | # Optional wildcard entry matching all VLAN IDs. The first # in the interface 7 | # name will be replaced with the VLAN ID. The network interfaces are created 8 | # (and removed) dynamically based on the use. 9 | * vlan# 10 | -------------------------------------------------------------------------------- /src/lib.rules: -------------------------------------------------------------------------------- 1 | ifndef CC 2 | CC=gcc 3 | endif 4 | 5 | ifndef CFLAGS 6 | CFLAGS = -MMD -O2 -Wall -g 7 | endif 8 | 9 | CFLAGS += -I.. -I../utils 10 | 11 | 12 | Q=@ 13 | E=echo 14 | ifeq ($(V), 1) 15 | Q= 16 | E=true 17 | endif 18 | ifeq ($(QUIET), 1) 19 | Q=@ 20 | E=true 21 | endif 22 | 23 | %.o: %.c 24 | $(Q)$(CC) -c -o $@ $(CFLAGS) $< 25 | @$(E) " CC " $< 26 | -------------------------------------------------------------------------------- /hostapd/eap_register.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP method registration 3 | * Copyright (c) 2004-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_REGISTER_H 10 | #define EAP_REGISTER_H 11 | 12 | int eap_server_register_methods(void); 13 | 14 | #endif /* EAP_REGISTER_H */ 15 | -------------------------------------------------------------------------------- /hostapd/logwatch/hostapd.conf: -------------------------------------------------------------------------------- 1 | # Logwatch configuration for hostapd 2 | # 3 | # Copyright 2005 Henrik Brix Andersen 4 | # Distributed under the terms of the GNU General Public License v2 5 | # Alternatively, this file may be distributed under the terms of the BSD License 6 | 7 | Title = "hostapd" 8 | LogFile = messages 9 | *OnlyService = hostapd 10 | *RemoveHeaders 11 | -------------------------------------------------------------------------------- /debian/copyright: -------------------------------------------------------------------------------- 1 | Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ 2 | Upstream-Name: hostapd 3 | Upstream-Contact: Jouni Malinen 4 | Source: http://w1.fi/hostapd/ 5 | 6 | Files: * 7 | Copyright: 2015 8 | License: BSD 9 | On Debian systems, the full text of the BSD 10 | License can be found in the file 11 | `/usr/share/common-licenses/BSD'. 12 | 13 | 14 | -------------------------------------------------------------------------------- /src/radius/Makefile: -------------------------------------------------------------------------------- 1 | all: libradius.a 2 | 3 | clean: 4 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov libradius.a 5 | 6 | install: 7 | @echo Nothing to be made. 8 | 9 | 10 | include ../lib.rules 11 | 12 | CFLAGS += -DCONFIG_IPV6 13 | 14 | LIB_OBJS= \ 15 | radius.o \ 16 | radius_client.o \ 17 | radius_server.o 18 | 19 | libradius.a: $(LIB_OBJS) 20 | $(AR) crT $@ $? 21 | 22 | -include $(OBJS:%.o=%.d) 23 | -------------------------------------------------------------------------------- /src/Makefile: -------------------------------------------------------------------------------- 1 | SUBDIRS=ap common crypto drivers eapol_auth eapol_supp eap_common eap_peer eap_server l2_packet p2p pae radius rsn_supp tls utils wps 2 | 3 | all: 4 | for d in $(SUBDIRS); do [ -d $$d ] && $(MAKE) -C $$d; done 5 | 6 | clean: 7 | for d in $(SUBDIRS); do [ -d $$d ] && $(MAKE) -C $$d clean; done 8 | rm -f *~ 9 | 10 | install: 11 | for d in $(SUBDIRS); do [ -d $$d ] && $(MAKE) -C $$d install; done 12 | -------------------------------------------------------------------------------- /hostapd/hapd_module_tests.c: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd module tests 3 | * Copyright (c) 2014, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "utils/includes.h" 10 | 11 | #include "utils/common.h" 12 | 13 | int hapd_module_tests(void) 14 | { 15 | wpa_printf(MSG_INFO, "hostapd module tests"); 16 | return 0; 17 | } 18 | -------------------------------------------------------------------------------- /src/ap/authsrv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Authentication server setup 3 | * Copyright (c) 2002-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef AUTHSRV_H 10 | #define AUTHSRV_H 11 | 12 | int authsrv_init(struct hostapd_data *hapd); 13 | void authsrv_deinit(struct hostapd_data *hapd); 14 | 15 | #endif /* AUTHSRV_H */ 16 | -------------------------------------------------------------------------------- /hostapd/hostapd.sim_db: -------------------------------------------------------------------------------- 1 | # Example GSM authentication triplet file for EAP-SIM authenticator 2 | # IMSI:Kc:SRES:RAND 3 | # IMSI: ASCII string (numbers) 4 | # Kc: hex, 8 octets 5 | # SRES: hex, 4 octets 6 | # RAND: hex, 16 octets 7 | 234567898765432:A0A1A2A3A4A5A6A7:D1D2D3D4:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 8 | 234567898765432:B0B1B2B3B4B5B6B7:E1E2E3E4:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB 9 | 234567898765432:C0C1C2C3C4C5C6C7:F1F2F3F4:CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC 10 | -------------------------------------------------------------------------------- /src/ap/vlan_util.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / VLAN netlink api 3 | * Copyright (c) 2012, Michael Braun 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef VLAN_UTIL_H 10 | #define VLAN_UTIL_H 11 | 12 | int vlan_add(const char *if_name, int vid, const char *vlan_if_name); 13 | int vlan_rem(const char *if_name); 14 | 15 | #endif /* VLAN_UTIL_H */ 16 | -------------------------------------------------------------------------------- /src/ap/bss_load.h: -------------------------------------------------------------------------------- 1 | /* 2 | * BSS load update 3 | * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef BSS_LOAD_UPDATE_H 10 | #define BSS_LOAD_UPDATE_H 11 | 12 | 13 | int bss_load_update_init(struct hostapd_data *hapd); 14 | void bss_load_update_deinit(struct hostapd_data *hapd); 15 | 16 | 17 | #endif /* BSS_LOAD_UPDATE_H */ 18 | -------------------------------------------------------------------------------- /hostapd/logwatch/README: -------------------------------------------------------------------------------- 1 | Logwatch is a utility for analyzing system logs and provide a human 2 | readable summary. This directory has a configuration file and a log 3 | analyzer script for parsing hostapd system log entries for logwatch. 4 | These files can be installed by copying them to following locations: 5 | 6 | /etc/log.d/conf/services/hostapd.conf 7 | /etc/log.d/scripts/services/hostapd 8 | 9 | More information about logwatch is available from http://www.logwatch.org/ 10 | -------------------------------------------------------------------------------- /src/eap_common/chap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * CHAP-MD5 (RFC 1994) 3 | * Copyright (c) 2007-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef CHAP_H 10 | #define CHAP_H 11 | 12 | #define CHAP_MD5_LEN 16 13 | 14 | int chap_md5(u8 id, const u8 *secret, size_t secret_len, const u8 *challenge, 15 | size_t challenge_len, u8 *response); 16 | 17 | #endif /* CHAP_H */ 18 | -------------------------------------------------------------------------------- /src/tls/pkcs5.h: -------------------------------------------------------------------------------- 1 | /* 2 | * PKCS #5 (Password-based Encryption) 3 | * Copyright (c) 2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PKCS5_H 10 | #define PKCS5_H 11 | 12 | u8 * pkcs5_decrypt(const u8 *enc_alg, size_t enc_alg_len, 13 | const u8 *enc_data, size_t enc_data_len, 14 | const char *passwd, size_t *data_len); 15 | 16 | #endif /* PKCS5_H */ 17 | -------------------------------------------------------------------------------- /src/utils/uuid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Universally Unique IDentifier (UUID) 3 | * Copyright (c) 2008, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef UUID_H 10 | #define UUID_H 11 | 12 | #define UUID_LEN 16 13 | 14 | int uuid_str2bin(const char *str, u8 *bin); 15 | int uuid_bin2str(const u8 *bin, char *str, size_t max_len); 16 | int is_nil_uuid(const u8 *uuid); 17 | 18 | #endif /* UUID_H */ 19 | -------------------------------------------------------------------------------- /src/tls/pkcs8.h: -------------------------------------------------------------------------------- 1 | /* 2 | * PKCS #8 (Private-key information syntax) 3 | * Copyright (c) 2006-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PKCS8_H 10 | #define PKCS8_H 11 | 12 | struct crypto_private_key * pkcs8_key_import(const u8 *buf, size_t len); 13 | struct crypto_private_key * 14 | pkcs8_enc_key_import(const u8 *buf, size_t len, const char *passwd); 15 | 16 | #endif /* PKCS8_H */ 17 | -------------------------------------------------------------------------------- /src/eap_common/eap_peap_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-PEAP common routines 3 | * Copyright (c) 2008-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_PEAP_COMMON_H 10 | #define EAP_PEAP_COMMON_H 11 | 12 | int peap_prfplus(int version, const u8 *key, size_t key_len, 13 | const char *label, const u8 *seed, size_t seed_len, 14 | u8 *buf, size_t buf_len); 15 | 16 | #endif /* EAP_PEAP_COMMON_H */ 17 | -------------------------------------------------------------------------------- /src/ap/wpa_auth_glue.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / WPA authenticator glue code 3 | * Copyright (c) 2002-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef WPA_AUTH_GLUE_H 10 | #define WPA_AUTH_GLUE_H 11 | 12 | int hostapd_setup_wpa(struct hostapd_data *hapd); 13 | void hostapd_reconfig_wpa(struct hostapd_data *hapd); 14 | void hostapd_deinit_wpa(struct hostapd_data *hapd); 15 | 16 | #endif /* WPA_AUTH_GLUE_H */ 17 | -------------------------------------------------------------------------------- /src/utils/base64.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Base64 encoding/decoding (RFC1341) 3 | * Copyright (c) 2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef BASE64_H 10 | #define BASE64_H 11 | 12 | unsigned char * base64_encode(const unsigned char *src, size_t len, 13 | size_t *out_len); 14 | unsigned char * base64_decode(const unsigned char *src, size_t len, 15 | size_t *out_len); 16 | 17 | #endif /* BASE64_H */ 18 | -------------------------------------------------------------------------------- /src/ap/tkip_countermeasures.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / TKIP countermeasures 3 | * Copyright (c) 2002-2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TKIP_COUNTERMEASURES_H 10 | #define TKIP_COUNTERMEASURES_H 11 | 12 | int michael_mic_failure(struct hostapd_data *hapd, const u8 *addr, int local); 13 | void ieee80211_tkip_countermeasures_deinit(struct hostapd_data *hapd); 14 | 15 | #endif /* TKIP_COUNTERMEASURES_H */ 16 | -------------------------------------------------------------------------------- /hostapd/config_file.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / Configuration file parser 3 | * Copyright (c) 2003-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef CONFIG_FILE_H 10 | #define CONFIG_FILE_H 11 | 12 | struct hostapd_config * hostapd_config_read(const char *fname); 13 | int hostapd_set_iface(struct hostapd_config *conf, 14 | struct hostapd_bss_config *bss, char *field, 15 | char *value); 16 | 17 | #endif /* CONFIG_FILE_H */ 18 | -------------------------------------------------------------------------------- /src/utils/browser.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Hotspot 2.0 client - Web browser 3 | * Copyright (c) 2013, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef BROWSER_H 10 | #define BROWSER_H 11 | 12 | #ifdef CONFIG_NO_BROWSER 13 | static inline int hs20_web_browser(const char *url) 14 | { 15 | return -1; 16 | } 17 | #else /* CONFIG_NO_BROWSER */ 18 | int hs20_web_browser(const char *url); 19 | #endif /* CONFIG_NO_BROWSER */ 20 | 21 | #endif /* BROWSER_H */ 22 | -------------------------------------------------------------------------------- /src/crypto/crypto_none.c: -------------------------------------------------------------------------------- 1 | /* 2 | * WPA Supplicant / Empty template functions for crypto wrapper 3 | * Copyright (c) 2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "crypto.h" 13 | 14 | 15 | int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) 16 | { 17 | return 0; 18 | } 19 | 20 | 21 | void des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) 22 | { 23 | } 24 | -------------------------------------------------------------------------------- /hostapd/hostapd.wpa_psk: -------------------------------------------------------------------------------- 1 | # List of WPA PSKs. Each line, except for empty lines and lines starting 2 | # with #, must contain a MAC address and PSK separated with a space. 3 | # Special MAC address 00:00:00:00:00:00 can be used to configure PSKs that 4 | # anyone can use. PSK can be configured as an ASCII passphrase of 8..63 5 | # characters or as a 256-bit hex PSK (64 hex digits). 6 | 00:00:00:00:00:00 secret passphrase 7 | 00:11:22:33:44:55 another passphrase 8 | 00:22:33:44:55:66 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 9 | 00:00:00:00:00:00 another passphrase for all STAs 10 | -------------------------------------------------------------------------------- /src/crypto/md5.h: -------------------------------------------------------------------------------- 1 | /* 2 | * MD5 hash implementation and interface functions 3 | * Copyright (c) 2003-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef MD5_H 10 | #define MD5_H 11 | 12 | #define MD5_MAC_LEN 16 13 | 14 | int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem, 15 | const u8 *addr[], const size_t *len, u8 *mac); 16 | int hmac_md5(const u8 *key, size_t key_len, const u8 *data, size_t data_len, 17 | u8 *mac); 18 | 19 | #endif /* MD5_H */ 20 | -------------------------------------------------------------------------------- /src/crypto/aes_siv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * AES SIV (RFC 5297) 3 | * Copyright (c) 2013 Cozybit, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef AES_SIV_H 10 | #define AES_SIV_H 11 | 12 | int aes_siv_encrypt(const u8 *key, const u8 *pw, 13 | size_t pwlen, size_t num_elem, 14 | const u8 *addr[], const size_t *len, u8 *out); 15 | int aes_siv_decrypt(const u8 *key, const u8 *iv_crypt, size_t iv_c_len, 16 | size_t num_elem, const u8 *addr[], const size_t *len, 17 | u8 *out); 18 | 19 | #endif /* AES_SIV_H */ 20 | -------------------------------------------------------------------------------- /src/crypto/sha384.h: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA384 hash implementation and interface functions 3 | * Copyright (c) 2015, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef SHA384_H 10 | #define SHA384_H 11 | 12 | #define SHA384_MAC_LEN 48 13 | 14 | int hmac_sha384_vector(const u8 *key, size_t key_len, size_t num_elem, 15 | const u8 *addr[], const size_t *len, u8 *mac); 16 | int hmac_sha384(const u8 *key, size_t key_len, const u8 *data, 17 | size_t data_len, u8 *mac); 18 | 19 | #endif /* SHA384_H */ 20 | -------------------------------------------------------------------------------- /src/utils/platform.h: -------------------------------------------------------------------------------- 1 | #ifndef PLATFORM_H 2 | #define PLATFORM_H 3 | 4 | #include "includes.h" 5 | #include "common.h" 6 | 7 | #define le16_to_cpu le_to_host16 8 | #define le32_to_cpu le_to_host32 9 | 10 | #define get_unaligned(p) \ 11 | ({ \ 12 | struct packed_dummy_struct { \ 13 | typeof(*(p)) __val; \ 14 | } __attribute__((packed)) *__ptr = (void *) (p); \ 15 | \ 16 | __ptr->__val; \ 17 | }) 18 | #define get_unaligned_le16(p) le16_to_cpu(get_unaligned((uint16_t *)(p))) 19 | #define get_unaligned_le32(p) le32_to_cpu(get_unaligned((uint32_t *)(p))) 20 | 21 | #endif /* PLATFORM_H */ 22 | -------------------------------------------------------------------------------- /src/crypto/md5_i.h: -------------------------------------------------------------------------------- 1 | /* 2 | * MD5 internal definitions 3 | * Copyright (c) 2003-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef MD5_I_H 10 | #define MD5_I_H 11 | 12 | struct MD5Context { 13 | u32 buf[4]; 14 | u32 bits[2]; 15 | u8 in[64]; 16 | }; 17 | 18 | void MD5Init(struct MD5Context *context); 19 | void MD5Update(struct MD5Context *context, unsigned char const *buf, 20 | unsigned len); 21 | void MD5Final(unsigned char digest[16], struct MD5Context *context); 22 | 23 | #endif /* MD5_I_H */ 24 | -------------------------------------------------------------------------------- /src/crypto/aes.h: -------------------------------------------------------------------------------- 1 | /* 2 | * AES functions 3 | * Copyright (c) 2003-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef AES_H 10 | #define AES_H 11 | 12 | #define AES_BLOCK_SIZE 16 13 | 14 | void * aes_encrypt_init(const u8 *key, size_t len); 15 | void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt); 16 | void aes_encrypt_deinit(void *ctx); 17 | void * aes_decrypt_init(const u8 *key, size_t len); 18 | void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain); 19 | void aes_decrypt_deinit(void *ctx); 20 | 21 | #endif /* AES_H */ 22 | -------------------------------------------------------------------------------- /src/crypto/dh_group5.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Diffie-Hellman group 5 operations 3 | * Copyright (c) 2009, 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef DH_GROUP5_H 10 | #define DH_GROUP5_H 11 | 12 | void * dh5_init(struct wpabuf **priv, struct wpabuf **publ); 13 | void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ); 14 | struct wpabuf * dh5_derive_shared(void *ctx, const struct wpabuf *peer_public, 15 | const struct wpabuf *own_private); 16 | void dh5_free(void *ctx); 17 | 18 | #endif /* DH_GROUP5_H */ 19 | -------------------------------------------------------------------------------- /src/utils/bitfield.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Bitfield 3 | * Copyright (c) 2013, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef BITFIELD_H 10 | #define BITFIELD_H 11 | 12 | struct bitfield; 13 | 14 | struct bitfield * bitfield_alloc(size_t max_bits); 15 | void bitfield_free(struct bitfield *bf); 16 | void bitfield_set(struct bitfield *bf, size_t bit); 17 | void bitfield_clear(struct bitfield *bf, size_t bit); 18 | int bitfield_is_set(struct bitfield *bf, size_t bit); 19 | int bitfield_get_first_zero(struct bitfield *bf); 20 | 21 | #endif /* BITFIELD_H */ 22 | -------------------------------------------------------------------------------- /src/utils/ext_password_i.h: -------------------------------------------------------------------------------- 1 | /* 2 | * External password backend - internal definitions 3 | * Copyright (c) 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EXT_PASSWORD_I_H 10 | #define EXT_PASSWORD_I_H 11 | 12 | #include "ext_password.h" 13 | 14 | struct ext_password_backend { 15 | const char *name; 16 | void * (*init)(const char *params); 17 | void (*deinit)(void *ctx); 18 | struct wpabuf * (*get)(void *ctx, const char *name); 19 | }; 20 | 21 | struct wpabuf * ext_password_alloc(size_t len); 22 | 23 | #endif /* EXT_PASSWORD_I_H */ 24 | -------------------------------------------------------------------------------- /src/crypto/sha1_i.h: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA1 internal definitions 3 | * Copyright (c) 2003-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef SHA1_I_H 10 | #define SHA1_I_H 11 | 12 | struct SHA1Context { 13 | u32 state[5]; 14 | u32 count[2]; 15 | unsigned char buffer[64]; 16 | }; 17 | 18 | void SHA1Init(struct SHA1Context *context); 19 | void SHA1Update(struct SHA1Context *context, const void *data, u32 len); 20 | void SHA1Final(unsigned char digest[20], struct SHA1Context *context); 21 | void SHA1Transform(u32 state[5], const unsigned char buffer[64]); 22 | 23 | #endif /* SHA1_I_H */ 24 | -------------------------------------------------------------------------------- /src/crypto/sha256_i.h: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA-256 internal definitions 3 | * Copyright (c) 2003-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef SHA256_I_H 10 | #define SHA256_I_H 11 | 12 | #define SHA256_BLOCK_SIZE 64 13 | 14 | struct sha256_state { 15 | u64 length; 16 | u32 state[8], curlen; 17 | u8 buf[SHA256_BLOCK_SIZE]; 18 | }; 19 | 20 | void sha256_init(struct sha256_state *md); 21 | int sha256_process(struct sha256_state *md, const unsigned char *in, 22 | unsigned long inlen); 23 | int sha256_done(struct sha256_state *md, unsigned char *out); 24 | 25 | #endif /* SHA256_I_H */ 26 | -------------------------------------------------------------------------------- /src/drivers/rfkill.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Linux rfkill helper functions for driver wrappers 3 | * Copyright (c) 2010, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef RFKILL_H 10 | #define RFKILL_H 11 | 12 | struct rfkill_data; 13 | 14 | struct rfkill_config { 15 | void *ctx; 16 | char ifname[IFNAMSIZ]; 17 | void (*blocked_cb)(void *ctx); 18 | void (*unblocked_cb)(void *ctx); 19 | }; 20 | 21 | struct rfkill_data * rfkill_init(struct rfkill_config *cfg); 22 | void rfkill_deinit(struct rfkill_data *rfkill); 23 | int rfkill_is_blocked(struct rfkill_data *rfkill); 24 | 25 | #endif /* RFKILL_H */ 26 | -------------------------------------------------------------------------------- /src/utils/edit.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Command line editing and history 3 | * Copyright (c) 2010, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EDIT_H 10 | #define EDIT_H 11 | 12 | int edit_init(void (*cmd_cb)(void *ctx, char *cmd), 13 | void (*eof_cb)(void *ctx), 14 | char ** (*completion_cb)(void *ctx, const char *cmd, int pos), 15 | void *ctx, const char *history_file, const char *ps); 16 | void edit_deinit(const char *history_file, 17 | int (*filter_cb)(void *ctx, const char *cmd)); 18 | void edit_clear_line(void); 19 | void edit_redraw(void); 20 | 21 | #endif /* EDIT_H */ 22 | -------------------------------------------------------------------------------- /debian/changelog: -------------------------------------------------------------------------------- 1 | hostapd-rtl (2.4-4) UNRELEASED; urgency=medium 2 | 3 | * Updated noscan patch, fixing github issue #6 4 | 5 | -- Jeka Der Fri, 1 May 2015 21:00:03 +0100 6 | hostapd-rtl (2.4-3) UNRELEASED; urgency=medium 7 | 8 | * Added noscan patch to make 40 MHz channels work 9 | 10 | -- Jeka Der Fri, 1 May 2015 21:00:03 +0100 11 | 12 | hostapd-rtl (2.4-2) UNRELEASED; urgency=medium 13 | 14 | * Renamed package to differentiate from normal hostapd 15 | 16 | -- Jeka Der Sun, 22 Mar 2015 19:51:28 +0100 17 | 18 | hostapd (2.4-1) UNRELEASED; urgency=medium 19 | 20 | * Initial release. 21 | 22 | -- Jeka Der Sun, 22 Mar 2015 15:47:25 +0100 23 | -------------------------------------------------------------------------------- /src/ap/dhcp_snoop.h: -------------------------------------------------------------------------------- 1 | /* 2 | * DHCP snooping for Proxy ARP 3 | * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef DHCP_SNOOP_H 10 | #define DHCP_SNOOP_H 11 | 12 | #ifdef CONFIG_PROXYARP 13 | 14 | int dhcp_snoop_init(struct hostapd_data *hapd); 15 | void dhcp_snoop_deinit(struct hostapd_data *hapd); 16 | 17 | #else /* CONFIG_PROXYARP */ 18 | 19 | static inline int dhcp_snoop_init(struct hostapd_data *hapd) 20 | { 21 | return 0; 22 | } 23 | 24 | static inline void dhcp_snoop_deinit(struct hostapd_data *hapd) 25 | { 26 | } 27 | 28 | #endif /* CONFIG_PROXYARP */ 29 | 30 | #endif /* DHCP_SNOOP_H */ 31 | -------------------------------------------------------------------------------- /src/utils/ip_addr.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IP address processing 3 | * Copyright (c) 2003-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IP_ADDR_H 10 | #define IP_ADDR_H 11 | 12 | struct hostapd_ip_addr { 13 | int af; /* AF_INET / AF_INET6 */ 14 | union { 15 | struct in_addr v4; 16 | #ifdef CONFIG_IPV6 17 | struct in6_addr v6; 18 | #endif /* CONFIG_IPV6 */ 19 | u8 max_len[16]; 20 | } u; 21 | }; 22 | 23 | const char * hostapd_ip_txt(const struct hostapd_ip_addr *addr, char *buf, 24 | size_t buflen); 25 | int hostapd_parse_ip_addr(const char *txt, struct hostapd_ip_addr *addr); 26 | 27 | #endif /* IP_ADDR_H */ 28 | -------------------------------------------------------------------------------- /src/eap_common/chap.c: -------------------------------------------------------------------------------- 1 | /* 2 | * CHAP-MD5 (RFC 1994) 3 | * Copyright (c) 2007-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "crypto/crypto.h" 13 | #include "chap.h" 14 | 15 | int chap_md5(u8 id, const u8 *secret, size_t secret_len, const u8 *challenge, 16 | size_t challenge_len, u8 *response) 17 | { 18 | const u8 *addr[3]; 19 | size_t len[3]; 20 | 21 | addr[0] = &id; 22 | len[0] = 1; 23 | addr[1] = secret; 24 | len[1] = secret_len; 25 | addr[2] = challenge; 26 | len[2] = challenge_len; 27 | return md5_vector(3, addr, len, response); 28 | } 29 | -------------------------------------------------------------------------------- /src/ap/hs20.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Hotspot 2.0 AP ANQP processing 3 | * Copyright (c) 2011-2013, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef HS20_H 10 | #define HS20_H 11 | 12 | struct hostapd_data; 13 | 14 | u8 * hostapd_eid_hs20_indication(struct hostapd_data *hapd, u8 *eid); 15 | u8 * hostapd_eid_osen(struct hostapd_data *hapd, u8 *eid); 16 | int hs20_send_wnm_notification(struct hostapd_data *hapd, const u8 *addr, 17 | u8 osu_method, const char *url); 18 | int hs20_send_wnm_notification_deauth_req(struct hostapd_data *hapd, 19 | const u8 *addr, 20 | const struct wpabuf *payload); 21 | 22 | #endif /* HS20_H */ 23 | -------------------------------------------------------------------------------- /src/ap/wmm.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / WMM (Wi-Fi Multimedia) 3 | * Copyright 2002-2003, Instant802 Networks, Inc. 4 | * Copyright 2005-2006, Devicescape Software, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef WME_H 11 | #define WME_H 12 | 13 | struct ieee80211_mgmt; 14 | struct wmm_tspec_element; 15 | 16 | u8 * hostapd_eid_wmm(struct hostapd_data *hapd, u8 *eid); 17 | int hostapd_eid_wmm_valid(struct hostapd_data *hapd, const u8 *eid, 18 | size_t len); 19 | void hostapd_wmm_action(struct hostapd_data *hapd, 20 | const struct ieee80211_mgmt *mgmt, size_t len); 21 | int wmm_process_tspec(struct wmm_tspec_element *tspec); 22 | 23 | #endif /* WME_H */ 24 | -------------------------------------------------------------------------------- /hostapd/hostapd.eap_user_sqlite: -------------------------------------------------------------------------------- 1 | CREATE TABLE users( 2 | identity TEXT PRIMARY KEY, 3 | methods TEXT, 4 | password TEXT, 5 | remediation TEXT, 6 | phase2 INTEGER 7 | ); 8 | 9 | CREATE TABLE wildcards( 10 | identity TEXT PRIMARY KEY, 11 | methods TEXT 12 | ); 13 | 14 | INSERT INTO users(identity,methods,password,phase2) VALUES ('user','TTLS-MSCHAPV2','password',1); 15 | INSERT INTO users(identity,methods,password,phase2) VALUES ('DOMAIN\mschapv2 user','TTLS-MSCHAPV2','password',1); 16 | 17 | INSERT INTO wildcards(identity,methods) VALUES ('','TTLS,TLS'); 18 | INSERT INTO wildcards(identity,methods) VALUES ('0','AKA'); 19 | 20 | CREATE TABLE authlog( 21 | timestamp TEXT, 22 | session TEXT, 23 | nas_ip TEXT, 24 | username TEXT, 25 | note TEXT 26 | ); 27 | -------------------------------------------------------------------------------- /src/tls/Makefile: -------------------------------------------------------------------------------- 1 | all: libtls.a 2 | 3 | clean: 4 | rm -f *~ *.o *.d libtls.a 5 | 6 | install: 7 | @echo Nothing to be made. 8 | 9 | 10 | include ../lib.rules 11 | 12 | CFLAGS += -DCONFIG_INTERNAL_LIBTOMMATH 13 | CFLAGS += -DCONFIG_CRYPTO_INTERNAL 14 | CFLAGS += -DCONFIG_TLSV11 15 | CFLAGS += -DCONFIG_TLSV12 16 | 17 | LIB_OBJS= \ 18 | asn1.o \ 19 | bignum.o \ 20 | pkcs1.o \ 21 | pkcs5.o \ 22 | pkcs8.o \ 23 | rsa.o \ 24 | tlsv1_client.o \ 25 | tlsv1_client_read.o \ 26 | tlsv1_client_write.o \ 27 | tlsv1_common.o \ 28 | tlsv1_cred.o \ 29 | tlsv1_record.o \ 30 | tlsv1_server.o \ 31 | tlsv1_server_read.o \ 32 | tlsv1_server_write.o \ 33 | x509v3.o 34 | 35 | 36 | libtls.a: $(LIB_OBJS) 37 | $(AR) crT $@ $? 38 | 39 | -include $(OBJS:%.o=%.d) 40 | -------------------------------------------------------------------------------- /src/ap/acs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * ACS - Automatic Channel Selection module 3 | * Copyright (c) 2011, Atheros Communications 4 | * Copyright (c) 2013, Qualcomm Atheros, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef ACS_H 11 | #define ACS_H 12 | 13 | #ifdef CONFIG_ACS 14 | 15 | enum hostapd_chan_status acs_init(struct hostapd_iface *iface); 16 | 17 | #else /* CONFIG_ACS */ 18 | 19 | static inline enum hostapd_chan_status acs_init(struct hostapd_iface *iface) 20 | { 21 | wpa_printf(MSG_ERROR, "ACS was disabled on your build, rebuild hostapd with CONFIG_ACS=y or set channel"); 22 | return HOSTAPD_CHAN_INVALID; 23 | } 24 | 25 | #endif /* CONFIG_ACS */ 26 | 27 | #endif /* ACS_H */ 28 | -------------------------------------------------------------------------------- /src/eap_common/eap_wsc_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-WSC definitions for Wi-Fi Protected Setup 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_WSC_COMMON_H 10 | #define EAP_WSC_COMMON_H 11 | 12 | #define EAP_VENDOR_TYPE_WSC 1 13 | 14 | #define WSC_FLAGS_MF 0x01 15 | #define WSC_FLAGS_LF 0x02 16 | 17 | #define WSC_ID_REGISTRAR "WFA-SimpleConfig-Registrar-1-0" 18 | #define WSC_ID_REGISTRAR_LEN 30 19 | #define WSC_ID_ENROLLEE "WFA-SimpleConfig-Enrollee-1-0" 20 | #define WSC_ID_ENROLLEE_LEN 29 21 | 22 | #define WSC_FRAGMENT_SIZE 1400 23 | 24 | 25 | struct wpabuf * eap_wsc_build_frag_ack(u8 id, u8 code); 26 | 27 | #endif /* EAP_WSC_COMMON_H */ 28 | -------------------------------------------------------------------------------- /debian/control: -------------------------------------------------------------------------------- 1 | Source: hostapd-rtl 2 | Maintainer: Jeka Der 3 | Section: network 4 | Priority: optional 5 | Standards-Version: 3.9.6 6 | Build-Depends: debhelper (>= 9), libnl-dev, libssl-dev 7 | 8 | Package: hostapd-rtl 9 | Architecture: any 10 | Depends: lsb-base, initscripts (>=2.88), ${shlibs:Depends}, ${misc:Depends} 11 | Conflicts: hostapd 12 | Description: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator 13 | hostapd is a user space daemon for access point and authentication servers. 14 | It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP 15 | Authenticators, RADIUS client, EAP server, and RADIUS authentication server. 16 | The current version supports Linux (Host AP, madwifi, mac80211-based drivers) 17 | and FreeBSD (net80211). -------------------------------------------------------------------------------- /hostapd/hlr_auc_gw.milenage_db: -------------------------------------------------------------------------------- 1 | # Parameters for Milenage (Example algorithms for AKA). 2 | # The example Ki, OPc, and AMF values here are from 3GPP TS 35.208 v6.0.0 3 | # 4.3.20 Test Set 20. SQN is the last used SQN value. 4 | # These values can be used for both UMTS (EAP-AKA) and GSM (EAP-SIM) 5 | # authentication. In case of GSM/EAP-SIM, AMF and SQN values are not used, but 6 | # dummy values will need to be included in this file. 7 | 8 | # IMSI Ki OPc AMF SQN 9 | 232010000000000 90dca4eda45b53cf0f12d7c9c3bc6a89 cb9cccc4b9258e6dca4760379fb82581 61df 000000000000 10 | 11 | # These values are from Test Set 19 which has the AMF separation bit set to 1 12 | # and as such, is suitable for EAP-AKA' test. 13 | 555444333222111 5122250214c33e723a5dd523fc145fc0 981d464c7c52eb6e5036234984ad0bcf c3ab 16f3b3f70fc1 14 | -------------------------------------------------------------------------------- /src/utils/Makefile: -------------------------------------------------------------------------------- 1 | all: libutils.a 2 | 3 | clean: 4 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov libutils.a 5 | 6 | install: 7 | @echo Nothing to be made. 8 | 9 | 10 | include ../lib.rules 11 | 12 | #CFLAGS += -DWPA_TRACE 13 | CFLAGS += -DCONFIG_IPV6 14 | CFLAGS += -DCONFIG_DEBUG_FILE 15 | 16 | LIB_OBJS= \ 17 | base64.o \ 18 | bitfield.o \ 19 | common.o \ 20 | ip_addr.o \ 21 | radiotap.o \ 22 | trace.o \ 23 | uuid.o \ 24 | wpa_debug.o \ 25 | wpabuf.o 26 | 27 | # Pick correct OS wrapper implementation 28 | LIB_OBJS += os_unix.o 29 | 30 | # Pick correct event loop implementation 31 | LIB_OBJS += eloop.o 32 | 33 | # Pick correct edit implementation 34 | LIB_OBJS += edit.o 35 | 36 | #LIB_OBJS += pcsc_funcs.o 37 | 38 | libutils.a: $(LIB_OBJS) 39 | $(AR) crT $@ $? 40 | 41 | -include $(OBJS:%.o=%.d) 42 | -------------------------------------------------------------------------------- /src/crypto/des_i.h: -------------------------------------------------------------------------------- 1 | /* 2 | * DES and 3DES-EDE ciphers 3 | * Copyright (c) 2006-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef DES_I_H 10 | #define DES_I_H 11 | 12 | struct des3_key_s { 13 | u32 ek[3][32]; 14 | u32 dk[3][32]; 15 | }; 16 | 17 | void des_key_setup(const u8 *key, u32 *ek, u32 *dk); 18 | void des_block_encrypt(const u8 *plain, const u32 *ek, u8 *crypt); 19 | void des_block_decrypt(const u8 *crypt, const u32 *dk, u8 *plain); 20 | 21 | void des3_key_setup(const u8 *key, struct des3_key_s *dkey); 22 | void des3_encrypt(const u8 *plain, const struct des3_key_s *key, u8 *crypt); 23 | void des3_decrypt(const u8 *crypt, const struct des3_key_s *key, u8 *plain); 24 | 25 | #endif /* DES_I_H */ 26 | -------------------------------------------------------------------------------- /src/wps/http.h: -------------------------------------------------------------------------------- 1 | /* 2 | * HTTP for WPS 3 | * Copyright (c) 2000-2003 Intel Corporation 4 | * Copyright (c) 2006-2007 Sony Corporation 5 | * Copyright (c) 2008-2009 Atheros Communications 6 | * Copyright (c) 2009, Jouni Malinen 7 | * 8 | * See wps_upnp.c for more details on licensing and code history. 9 | */ 10 | 11 | #ifndef HTTP_H 12 | #define HTTP_H 13 | 14 | enum http_reply_code { 15 | HTTP_OK = 200, 16 | HTTP_BAD_REQUEST = 400, 17 | UPNP_INVALID_ACTION = 401, 18 | UPNP_INVALID_ARGS = 402, 19 | HTTP_NOT_FOUND = 404, 20 | HTTP_PRECONDITION_FAILED = 412, 21 | HTTP_INTERNAL_SERVER_ERROR = 500, 22 | HTTP_UNIMPLEMENTED = 501, 23 | UPNP_ACTION_FAILED = 501, 24 | UPNP_ARG_VALUE_INVALID = 600, 25 | UPNP_ARG_VALUE_OUT_OF_RANGE = 601, 26 | UPNP_OUT_OF_MEMORY = 603 27 | }; 28 | 29 | #endif /* HTTP_H */ 30 | -------------------------------------------------------------------------------- /src/common/qca-vendor-attr.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Qualcomm Atheros vendor specific attribute definitions 3 | * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef QCA_VENDOR_ATTR_H 10 | #define QCA_VENDOR_ATTR_H 11 | 12 | /* 13 | * This file defines some of the attributes used with Qualcomm Atheros OUI 14 | * 00:13:74 in a way that is not suitable for qca-vendor.h, e.g., due to 15 | * compiler dependencies. 16 | */ 17 | 18 | struct qca_avoid_freq_range { 19 | u32 start_freq; 20 | u32 end_freq; 21 | } __attribute__ ((packed)); 22 | 23 | struct qca_avoid_freq_list { 24 | u32 count; 25 | struct qca_avoid_freq_range range[0]; 26 | } __attribute__ ((packed)); 27 | 28 | #endif /* QCA_VENDOR_ATTR_H */ 29 | -------------------------------------------------------------------------------- /src/crypto/dh_groups.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Diffie-Hellman groups 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef DH_GROUPS_H 10 | #define DH_GROUPS_H 11 | 12 | struct dh_group { 13 | int id; 14 | const u8 *generator; 15 | size_t generator_len; 16 | const u8 *prime; 17 | size_t prime_len; 18 | const u8 *order; 19 | size_t order_len; 20 | unsigned int safe_prime:1; 21 | }; 22 | 23 | const struct dh_group * dh_groups_get(int id); 24 | struct wpabuf * dh_init(const struct dh_group *dh, struct wpabuf **priv); 25 | struct wpabuf * dh_derive_shared(const struct wpabuf *peer_public, 26 | const struct wpabuf *own_private, 27 | const struct dh_group *dh); 28 | 29 | #endif /* DH_GROUPS_H */ 30 | -------------------------------------------------------------------------------- /src/crypto/aes-encblock.c: -------------------------------------------------------------------------------- 1 | /* 2 | * AES encrypt_block 3 | * 4 | * Copyright (c) 2003-2007, Jouni Malinen 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #include "includes.h" 11 | 12 | #include "common.h" 13 | #include "aes.h" 14 | #include "aes_wrap.h" 15 | 16 | /** 17 | * aes_128_encrypt_block - Perform one AES 128-bit block operation 18 | * @key: Key for AES 19 | * @in: Input data (16 bytes) 20 | * @out: Output of the AES block operation (16 bytes) 21 | * Returns: 0 on success, -1 on failure 22 | */ 23 | int aes_128_encrypt_block(const u8 *key, const u8 *in, u8 *out) 24 | { 25 | void *ctx; 26 | ctx = aes_encrypt_init(key, 16); 27 | if (ctx == NULL) 28 | return -1; 29 | aes_encrypt(ctx, in, out); 30 | aes_encrypt_deinit(ctx); 31 | return 0; 32 | } 33 | -------------------------------------------------------------------------------- /src/drivers/netlink.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Netlink helper functions for driver wrappers 3 | * Copyright (c) 2002-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef NETLINK_H 10 | #define NETLINK_H 11 | 12 | struct netlink_data; 13 | struct ifinfomsg; 14 | 15 | struct netlink_config { 16 | void *ctx; 17 | void (*newlink_cb)(void *ctx, struct ifinfomsg *ifi, u8 *buf, 18 | size_t len); 19 | void (*dellink_cb)(void *ctx, struct ifinfomsg *ifi, u8 *buf, 20 | size_t len); 21 | }; 22 | 23 | struct netlink_data * netlink_init(struct netlink_config *cfg); 24 | void netlink_deinit(struct netlink_data *netlink); 25 | int netlink_send_oper_ifla(struct netlink_data *netlink, int ifindex, 26 | int linkmode, int operstate); 27 | 28 | #endif /* NETLINK_H */ 29 | -------------------------------------------------------------------------------- /etc/default: -------------------------------------------------------------------------------- 1 | # Defaults for hostapd initscript 2 | # 3 | # See /usr/share/doc/hostapd/README.Debian for information about alternative 4 | # methods of managing hostapd. 5 | # 6 | # Uncomment and set DAEMON_CONF to the absolute path of a hostapd configuration 7 | # file and hostapd will be started during system boot. An example configuration 8 | # file can be found at /usr/share/doc/hostapd/examples/hostapd.conf.gz 9 | # 10 | #DAEMON_CONF="/etc/hostapd/hostapd.conf" 11 | 12 | # Additional daemon options to be appended to hostapd command:- 13 | # -d show more debug messages (-dd for even more) 14 | # -K include key data in debug messages 15 | # -t include timestamps in some debug messages 16 | # 17 | # Note that -B (daemon mode) and -P (pidfile) options are automatically 18 | # configured by the init.d script and must not be added to DAEMON_OPTS. 19 | # 20 | #DAEMON_OPTS="" 21 | -------------------------------------------------------------------------------- /src/tls/rsa.h: -------------------------------------------------------------------------------- 1 | /* 2 | * RSA 3 | * Copyright (c) 2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef RSA_H 10 | #define RSA_H 11 | 12 | struct crypto_rsa_key; 13 | 14 | struct crypto_rsa_key * 15 | crypto_rsa_import_public_key(const u8 *buf, size_t len); 16 | struct crypto_rsa_key * 17 | crypto_rsa_import_public_key_parts(const u8 *n, size_t n_len, 18 | const u8 *e, size_t e_len); 19 | struct crypto_rsa_key * 20 | crypto_rsa_import_private_key(const u8 *buf, size_t len); 21 | size_t crypto_rsa_get_modulus_len(struct crypto_rsa_key *key); 22 | int crypto_rsa_exptmod(const u8 *in, size_t inlen, u8 *out, size_t *outlen, 23 | struct crypto_rsa_key *key, int use_private); 24 | void crypto_rsa_free(struct crypto_rsa_key *key); 25 | 26 | #endif /* RSA_H */ 27 | -------------------------------------------------------------------------------- /etc/hostapd.conf: -------------------------------------------------------------------------------- 1 | ctrl_interface=/var/run/hostapd 2 | ctrl_interface_group=0 3 | macaddr_acl=0 4 | auth_algs=3 5 | ignore_broadcast_ssid=0 6 | 7 | # 802.11n related stuff 8 | ieee80211n=1 9 | noscan=1 10 | ht_capab=[HT40+][SHORT-GI-20][SHORT-GI-40] 11 | 12 | #WPA2 settings 13 | wpa=2 14 | wpa_key_mgmt=WPA-PSK 15 | wpa_pairwise=TKIP 16 | rsn_pairwise=CCMP 17 | 18 | # CHANGE THE PASSPHRASE 19 | wpa_passphrase=ICanHasBananaz 20 | 21 | # Most modern wireless drivers in the kernel need driver=nl80211 22 | #driver=nl80211 23 | driver=rtl871xdrv 24 | max_num_sta=8 25 | beacon_int=100 26 | wme_enabled=1 27 | wpa_group_rekey=86400 28 | device_name=RTL8192CU 29 | manufacturer=Realtek 30 | 31 | # set proper interface 32 | interface=wlan0 33 | bridge=lanbr0 34 | hw_mode=g 35 | # best channels are 1 6 11 14 (scan networks first to find which slot is free) 36 | channel=6 37 | # this is the network name 38 | ssid=BPI-R1 39 | -------------------------------------------------------------------------------- /src/wps/upnp_xml.h: -------------------------------------------------------------------------------- 1 | /* 2 | * UPnP XML helper routines 3 | * Copyright (c) 2000-2003 Intel Corporation 4 | * Copyright (c) 2006-2007 Sony Corporation 5 | * Copyright (c) 2008-2009 Atheros Communications 6 | * Copyright (c) 2009, Jouni Malinen 7 | * 8 | * See wps_upnp.c for more details on licensing and code history. 9 | */ 10 | 11 | #ifndef UPNP_XML_H 12 | #define UPNP_XML_H 13 | 14 | #include "http.h" 15 | 16 | void xml_data_encode(struct wpabuf *buf, const char *data, int len); 17 | void xml_add_tagged_data(struct wpabuf *buf, const char *tag, 18 | const char *data); 19 | int xml_next_tag(const char *in, const char **out, 20 | const char **out_tagname, const char **end); 21 | char * xml_get_first_item(const char *doc, const char *item); 22 | struct wpabuf * xml_get_base64_item(const char *data, const char *name, 23 | enum http_reply_code *ret); 24 | 25 | #endif /* UPNP_XML_H */ 26 | -------------------------------------------------------------------------------- /src/drivers/linux_ioctl.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Linux ioctl helper functions for driver wrappers 3 | * Copyright (c) 2002-2010, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef LINUX_IOCTL_H 10 | #define LINUX_IOCTL_H 11 | 12 | int linux_set_iface_flags(int sock, const char *ifname, int dev_up); 13 | int linux_iface_up(int sock, const char *ifname); 14 | int linux_get_ifhwaddr(int sock, const char *ifname, u8 *addr); 15 | int linux_set_ifhwaddr(int sock, const char *ifname, const u8 *addr); 16 | int linux_br_add(int sock, const char *brname); 17 | int linux_br_del(int sock, const char *brname); 18 | int linux_br_add_if(int sock, const char *brname, const char *ifname); 19 | int linux_br_del_if(int sock, const char *brname, const char *ifname); 20 | int linux_br_get(char *brname, const char *ifname); 21 | 22 | #endif /* LINUX_IOCTL_H */ 23 | -------------------------------------------------------------------------------- /src/eap_common/eap_wsc_common.c: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-WSC common routines for Wi-Fi Protected Setup 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "eap_defs.h" 13 | #include "eap_common.h" 14 | #include "wps/wps.h" 15 | #include "eap_wsc_common.h" 16 | 17 | struct wpabuf * eap_wsc_build_frag_ack(u8 id, u8 code) 18 | { 19 | struct wpabuf *msg; 20 | 21 | msg = eap_msg_alloc(EAP_VENDOR_WFA, EAP_VENDOR_TYPE_WSC, 2, code, id); 22 | if (msg == NULL) { 23 | wpa_printf(MSG_ERROR, "EAP-WSC: Failed to allocate memory for " 24 | "FRAG_ACK"); 25 | return NULL; 26 | } 27 | 28 | wpa_printf(MSG_DEBUG, "EAP-WSC: Send WSC/FRAG_ACK"); 29 | wpabuf_put_u8(msg, WSC_FRAG_ACK); /* Op-Code */ 30 | wpabuf_put_u8(msg, 0); /* Flags */ 31 | 32 | return msg; 33 | } 34 | -------------------------------------------------------------------------------- /src/ap/beacon.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / IEEE 802.11 Management: Beacon and Probe Request/Response 3 | * Copyright (c) 2002-2004, Instant802 Networks, Inc. 4 | * Copyright (c) 2005-2006, Devicescape Software, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef BEACON_H 11 | #define BEACON_H 12 | 13 | struct ieee80211_mgmt; 14 | 15 | void handle_probe_req(struct hostapd_data *hapd, 16 | const struct ieee80211_mgmt *mgmt, size_t len, 17 | int ssi_signal); 18 | int ieee802_11_set_beacon(struct hostapd_data *hapd); 19 | int ieee802_11_set_beacons(struct hostapd_iface *iface); 20 | int ieee802_11_update_beacons(struct hostapd_iface *iface); 21 | int ieee802_11_build_ap_params(struct hostapd_data *hapd, 22 | struct wpa_driver_ap_params *params); 23 | void ieee802_11_free_ap_params(struct wpa_driver_ap_params *params); 24 | 25 | #endif /* BEACON_H */ 26 | -------------------------------------------------------------------------------- /src/eap_peer/mschapv2.h: -------------------------------------------------------------------------------- 1 | /* 2 | * MSCHAPV2 (RFC 2759) 3 | * Copyright (c) 2004-2008, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef MSCHAPV2_H 10 | #define MSCHAPV2_H 11 | 12 | #define MSCHAPV2_CHAL_LEN 16 13 | #define MSCHAPV2_NT_RESPONSE_LEN 24 14 | #define MSCHAPV2_AUTH_RESPONSE_LEN 20 15 | #define MSCHAPV2_MASTER_KEY_LEN 16 16 | 17 | const u8 * mschapv2_remove_domain(const u8 *username, size_t *len); 18 | int mschapv2_derive_response(const u8 *username, size_t username_len, 19 | const u8 *password, size_t password_len, 20 | int pwhash, 21 | const u8 *auth_challenge, 22 | const u8 *peer_challenge, 23 | u8 *nt_response, u8 *auth_response, 24 | u8 *master_key); 25 | int mschapv2_verify_auth_response(const u8 *auth_response, 26 | const u8 *buf, size_t buf_len); 27 | 28 | #endif /* MSCHAPV2_H */ 29 | -------------------------------------------------------------------------------- /src/crypto/dh_group5.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Diffie-Hellman group 5 operations 3 | * Copyright (c) 2009, 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "dh_groups.h" 13 | #include "dh_group5.h" 14 | 15 | 16 | void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) 17 | { 18 | *publ = dh_init(dh_groups_get(5), priv); 19 | if (*publ == NULL) 20 | return NULL; 21 | return (void *) 1; 22 | } 23 | 24 | 25 | void * dh5_init_fixed(const struct wpabuf *priv, const struct wpabuf *publ) 26 | { 27 | return (void *) 1; 28 | } 29 | 30 | 31 | struct wpabuf * dh5_derive_shared(void *ctx, const struct wpabuf *peer_public, 32 | const struct wpabuf *own_private) 33 | { 34 | return dh_derive_shared(peer_public, own_private, dh_groups_get(5)); 35 | } 36 | 37 | 38 | void dh5_free(void *ctx) 39 | { 40 | } 41 | -------------------------------------------------------------------------------- /src/ap/wnm_ap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IEEE 802.11v WNM related functions and structures 3 | * Copyright (c) 2011-2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef WNM_AP_H 10 | #define WNM_AP_H 11 | 12 | struct sta_info; 13 | 14 | int ieee802_11_rx_wnm_action_ap(struct hostapd_data *hapd, 15 | const struct ieee80211_mgmt *mgmt, size_t len); 16 | int wnm_send_disassoc_imminent(struct hostapd_data *hapd, 17 | struct sta_info *sta, int disassoc_timer); 18 | int wnm_send_ess_disassoc_imminent(struct hostapd_data *hapd, 19 | struct sta_info *sta, const char *url, 20 | int disassoc_timer); 21 | int wnm_send_bss_tm_req(struct hostapd_data *hapd, struct sta_info *sta, 22 | u8 req_mode, int disassoc_timer, u8 valid_int, 23 | const u8 *bss_term_dur, const char *url, 24 | const u8 *nei_rep, size_t nei_rep_len); 25 | 26 | #endif /* WNM_AP_H */ 27 | -------------------------------------------------------------------------------- /src/eap_common/eap_ikev2_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-IKEv2 definitions 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_IKEV2_COMMON_H 10 | #define EAP_IKEV2_COMMON_H 11 | 12 | #define IKEV2_FLAGS_LENGTH_INCLUDED 0x80 13 | #define IKEV2_FLAGS_MORE_FRAGMENTS 0x40 14 | #define IKEV2_FLAGS_ICV_INCLUDED 0x20 15 | 16 | #define IKEV2_FRAGMENT_SIZE 1400 17 | 18 | struct ikev2_keys; 19 | 20 | int eap_ikev2_derive_keymat(int prf, struct ikev2_keys *keys, 21 | const u8 *i_nonce, size_t i_nonce_len, 22 | const u8 *r_nonce, size_t r_nonce_len, 23 | u8 *keymat); 24 | struct wpabuf * eap_ikev2_build_frag_ack(u8 id, u8 code); 25 | int eap_ikev2_validate_icv(int integ_alg, struct ikev2_keys *keys, 26 | int initiator, const struct wpabuf *msg, 27 | const u8 *pos, const u8 *end); 28 | 29 | #endif /* EAP_IKEV2_COMMON_H */ 30 | -------------------------------------------------------------------------------- /src/ap/ieee802_11_auth.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / IEEE 802.11 authentication (ACL) 3 | * Copyright (c) 2003-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IEEE802_11_AUTH_H 10 | #define IEEE802_11_AUTH_H 11 | 12 | enum { 13 | HOSTAPD_ACL_REJECT = 0, 14 | HOSTAPD_ACL_ACCEPT = 1, 15 | HOSTAPD_ACL_PENDING = 2, 16 | HOSTAPD_ACL_ACCEPT_TIMEOUT = 3 17 | }; 18 | 19 | int hostapd_allowed_address(struct hostapd_data *hapd, const u8 *addr, 20 | const u8 *msg, size_t len, u32 *session_timeout, 21 | u32 *acct_interim_interval, int *vlan_id, 22 | struct hostapd_sta_wpa_psk_short **psk, 23 | char **identity, char **radius_cui); 24 | int hostapd_acl_init(struct hostapd_data *hapd); 25 | void hostapd_acl_deinit(struct hostapd_data *hapd); 26 | void hostapd_free_psk_list(struct hostapd_sta_wpa_psk_short *psk); 27 | 28 | #endif /* IEEE802_11_AUTH_H */ 29 | -------------------------------------------------------------------------------- /src/crypto/random.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Random number generator 3 | * Copyright (c) 2010-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef RANDOM_H 10 | #define RANDOM_H 11 | 12 | #ifdef CONFIG_NO_RANDOM_POOL 13 | #define random_init(e) do { } while (0) 14 | #define random_deinit() do { } while (0) 15 | #define random_add_randomness(b, l) do { } while (0) 16 | #define random_get_bytes(b, l) os_get_random((b), (l)) 17 | #define random_pool_ready() 1 18 | #define random_mark_pool_ready() do { } while (0) 19 | #else /* CONFIG_NO_RANDOM_POOL */ 20 | void random_init(const char *entropy_file); 21 | void random_deinit(void); 22 | void random_add_randomness(const void *buf, size_t len); 23 | int random_get_bytes(void *buf, size_t len); 24 | int random_pool_ready(void); 25 | void random_mark_pool_ready(void); 26 | #endif /* CONFIG_NO_RANDOM_POOL */ 27 | 28 | #endif /* RANDOM_H */ 29 | -------------------------------------------------------------------------------- /src/tls/pkcs1.h: -------------------------------------------------------------------------------- 1 | /* 2 | * PKCS #1 (RSA Encryption) 3 | * Copyright (c) 2006-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PKCS1_H 10 | #define PKCS1_H 11 | 12 | struct crypto_public_key; 13 | struct asn1_oid; 14 | 15 | int pkcs1_encrypt(int block_type, struct crypto_rsa_key *key, 16 | int use_private, const u8 *in, size_t inlen, 17 | u8 *out, size_t *outlen); 18 | int pkcs1_v15_private_key_decrypt(struct crypto_rsa_key *key, 19 | const u8 *in, size_t inlen, 20 | u8 *out, size_t *outlen); 21 | int pkcs1_decrypt_public_key(struct crypto_rsa_key *key, 22 | const u8 *crypt, size_t crypt_len, 23 | u8 *plain, size_t *plain_len); 24 | int pkcs1_v15_sig_ver(struct crypto_public_key *pk, 25 | const u8 *s, size_t s_len, 26 | const struct asn1_oid *hash_alg, 27 | const u8 *hash, size_t hash_len); 28 | 29 | #endif /* PKCS1_H */ 30 | -------------------------------------------------------------------------------- /src/ap/iapp.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / IEEE 802.11F-2003 Inter-Access Point Protocol (IAPP) 3 | * Copyright (c) 2002-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IAPP_H 10 | #define IAPP_H 11 | 12 | struct iapp_data; 13 | 14 | #ifdef CONFIG_IAPP 15 | 16 | void iapp_new_station(struct iapp_data *iapp, struct sta_info *sta); 17 | struct iapp_data * iapp_init(struct hostapd_data *hapd, const char *iface); 18 | void iapp_deinit(struct iapp_data *iapp); 19 | 20 | #else /* CONFIG_IAPP */ 21 | 22 | static inline void iapp_new_station(struct iapp_data *iapp, 23 | struct sta_info *sta) 24 | { 25 | } 26 | 27 | static inline struct iapp_data * iapp_init(struct hostapd_data *hapd, 28 | const char *iface) 29 | { 30 | return NULL; 31 | } 32 | 33 | static inline void iapp_deinit(struct iapp_data *iapp) 34 | { 35 | } 36 | 37 | #endif /* CONFIG_IAPP */ 38 | 39 | #endif /* IAPP_H */ 40 | -------------------------------------------------------------------------------- /src/ap/ndisc_snoop.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Neighbor Discovery snooping for Proxy ARP 3 | * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef NDISC_SNOOP_H 10 | #define NDISC_SNOOP_H 11 | 12 | #if defined(CONFIG_PROXYARP) && defined(CONFIG_IPV6) 13 | 14 | int ndisc_snoop_init(struct hostapd_data *hapd); 15 | void ndisc_snoop_deinit(struct hostapd_data *hapd); 16 | void sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta); 17 | 18 | #else /* CONFIG_PROXYARP && CONFIG_IPV6 */ 19 | 20 | static inline int ndisc_snoop_init(struct hostapd_data *hapd) 21 | { 22 | return 0; 23 | } 24 | 25 | static inline void ndisc_snoop_deinit(struct hostapd_data *hapd) 26 | { 27 | } 28 | 29 | static inline void sta_ip6addr_del(struct hostapd_data *hapd, 30 | struct sta_info *sta) 31 | { 32 | } 33 | 34 | #endif /* CONFIG_PROXYARP && CONFIG_IPV6 */ 35 | 36 | #endif /* NDISC_SNOOP_H */ 37 | -------------------------------------------------------------------------------- /src/utils/ext_password.h: -------------------------------------------------------------------------------- 1 | /* 2 | * External password backend 3 | * Copyright (c) 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EXT_PASSWORD_H 10 | #define EXT_PASSWORD_H 11 | 12 | struct ext_password_data; 13 | 14 | #ifdef CONFIG_EXT_PASSWORD 15 | 16 | struct ext_password_data * ext_password_init(const char *backend, 17 | const char *params); 18 | void ext_password_deinit(struct ext_password_data *data); 19 | 20 | struct wpabuf * ext_password_get(struct ext_password_data *data, 21 | const char *name); 22 | void ext_password_free(struct wpabuf *pw); 23 | 24 | #else /* CONFIG_EXT_PASSWORD */ 25 | 26 | #define ext_password_init(b, p) ((void *) 1) 27 | #define ext_password_deinit(d) do { } while (0) 28 | #define ext_password_get(d, n) (NULL) 29 | #define ext_password_free(p) do { } while (0) 30 | 31 | #endif /* CONFIG_EXT_PASSWORD */ 32 | 33 | #endif /* EXT_PASSWORD_H */ 34 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | wpa_supplicant and hostapd 2 | -------------------------- 3 | 4 | Copyright (c) 2002-2015, Jouni Malinen and contributors 5 | All Rights Reserved. 6 | 7 | 8 | See the README file for the current license terms. 9 | 10 | This software was previously distributed under BSD/GPL v2 dual license 11 | terms that allowed either of those license alternatives to be 12 | selected. As of February 11, 2012, the project has chosen to use only 13 | the BSD license option for future distribution. As such, the GPL v2 14 | license option is no longer used. It should be noted that the BSD 15 | license option (the one with advertisement clause removed) is compatible 16 | with GPL and as such, does not prevent use of this software in projects 17 | that use GPL. 18 | 19 | Some of the files may still include pointers to GPL version 2 license 20 | terms. However, such copyright and license notifications are maintained 21 | only for attribution purposes and any distribution of this software 22 | after February 11, 2012 is no longer under the GPL v2 option. 23 | -------------------------------------------------------------------------------- /src/pae/ieee802_1x_key.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IEEE 802.1X-2010 Key Hierarchy 3 | * Copyright (c) 2013, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IEEE802_1X_KEY_H 10 | #define IEEE802_1X_KEY_H 11 | 12 | int ieee802_1x_cak_128bits_aes_cmac(const u8 *msk, const u8 *mac1, 13 | const u8 *mac2, u8 *cak); 14 | int ieee802_1x_ckn_128bits_aes_cmac(const u8 *msk, const u8 *mac1, 15 | const u8 *mac2, const u8 *sid, 16 | size_t sid_bytes, u8 *ckn); 17 | int ieee802_1x_kek_128bits_aes_cmac(const u8 *cak, const u8 *ckn, 18 | size_t ckn_bytes, u8 *kek); 19 | int ieee802_1x_ick_128bits_aes_cmac(const u8 *cak, const u8 *ckn, 20 | size_t ckn_bytes, u8 *ick); 21 | int ieee802_1x_icv_128bits_aes_cmac(const u8 *ick, const u8 *msg, 22 | size_t msg_bytes, u8 *icv); 23 | int ieee802_1x_sak_128bits_aes_cmac(const u8 *cak, const u8 *ctx, 24 | size_t ctx_bytes, u8 *sak); 25 | 26 | #endif /* IEEE802_1X_KEY_H */ 27 | -------------------------------------------------------------------------------- /src/ap/p2p_hostapd.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / P2P integration 3 | * Copyright (c) 2009-2010, Atheros Communications 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef P2P_HOSTAPD_H 10 | #define P2P_HOSTAPD_H 11 | 12 | #ifdef CONFIG_P2P 13 | 14 | int hostapd_p2p_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta, 15 | char *buf, size_t buflen); 16 | int hostapd_p2p_set_noa(struct hostapd_data *hapd, u8 count, int start, 17 | int duration); 18 | void hostapd_p2p_non_p2p_sta_connected(struct hostapd_data *hapd); 19 | void hostapd_p2p_non_p2p_sta_disconnected(struct hostapd_data *hapd); 20 | 21 | 22 | #else /* CONFIG_P2P */ 23 | 24 | static inline int hostapd_p2p_get_mib_sta(struct hostapd_data *hapd, 25 | struct sta_info *sta, 26 | char *buf, size_t buflen) 27 | { 28 | return 0; 29 | } 30 | 31 | #endif /* CONFIG_P2P */ 32 | 33 | u8 * hostapd_eid_p2p_manage(struct hostapd_data *hapd, u8 *eid); 34 | 35 | #endif /* P2P_HOSTAPD_H */ 36 | -------------------------------------------------------------------------------- /src/eap_common/eap_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP common peer/server definitions 3 | * Copyright (c) 2004-2014, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_COMMON_H 10 | #define EAP_COMMON_H 11 | 12 | #include "wpabuf.h" 13 | 14 | struct erp_tlvs { 15 | const u8 *keyname; 16 | const u8 *domain; 17 | 18 | u8 keyname_len; 19 | u8 domain_len; 20 | }; 21 | 22 | int eap_hdr_len_valid(const struct wpabuf *msg, size_t min_payload); 23 | const u8 * eap_hdr_validate(int vendor, EapType eap_type, 24 | const struct wpabuf *msg, size_t *plen); 25 | struct wpabuf * eap_msg_alloc(int vendor, EapType type, size_t payload_len, 26 | u8 code, u8 identifier); 27 | void eap_update_len(struct wpabuf *msg); 28 | u8 eap_get_id(const struct wpabuf *msg); 29 | EapType eap_get_type(const struct wpabuf *msg); 30 | int erp_parse_tlvs(const u8 *pos, const u8 *end, struct erp_tlvs *tlvs, 31 | int stop_at_keyname); 32 | 33 | #endif /* EAP_COMMON_H */ 34 | -------------------------------------------------------------------------------- /src/drivers/linux_wext.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Driver interaction with generic Linux Wireless Extensions 3 | * Copyright (c) 2003-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef LINUX_WEXT_H 10 | #define LINUX_WEXT_H 11 | 12 | #ifndef ANDROID 13 | 14 | /* 15 | * Avoid including other kernel header to avoid conflicts with C library 16 | * headers. 17 | */ 18 | #define _LINUX_TYPES_H 19 | #define _LINUX_SOCKET_H 20 | #define _LINUX_IF_H 21 | 22 | #include 23 | #include 24 | typedef uint32_t __u32; 25 | typedef int32_t __s32; 26 | typedef uint16_t __u16; 27 | typedef int16_t __s16; 28 | typedef uint8_t __u8; 29 | #ifndef __user 30 | #define __user 31 | #endif /* __user */ 32 | 33 | #endif /* ANDROID */ 34 | 35 | #include 36 | 37 | #ifndef IW_ENCODE_ALG_PMK 38 | #define IW_ENCODE_ALG_PMK 4 39 | #endif 40 | 41 | #ifndef IW_ENC_CAPA_4WAY_HANDSHAKE 42 | #define IW_ENC_CAPA_4WAY_HANDSHAKE 0x00000010 43 | #endif 44 | 45 | #endif /* LINUX_WEXT_H */ 46 | -------------------------------------------------------------------------------- /src/crypto/milenage.h: -------------------------------------------------------------------------------- 1 | /* 2 | * UMTS AKA - Milenage algorithm (3GPP TS 35.205, .206, .207, .208) 3 | * Copyright (c) 2006-2007 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef MILENAGE_H 10 | #define MILENAGE_H 11 | 12 | void milenage_generate(const u8 *opc, const u8 *amf, const u8 *k, 13 | const u8 *sqn, const u8 *_rand, u8 *autn, u8 *ik, 14 | u8 *ck, u8 *res, size_t *res_len); 15 | int milenage_auts(const u8 *opc, const u8 *k, const u8 *_rand, const u8 *auts, 16 | u8 *sqn); 17 | int gsm_milenage(const u8 *opc, const u8 *k, const u8 *_rand, u8 *sres, 18 | u8 *kc); 19 | int milenage_check(const u8 *opc, const u8 *k, const u8 *sqn, const u8 *_rand, 20 | const u8 *autn, u8 *ik, u8 *ck, u8 *res, size_t *res_len, 21 | u8 *auts); 22 | int milenage_f1(const u8 *opc, const u8 *k, const u8 *_rand, 23 | const u8 *sqn, const u8 *amf, u8 *mac_a, u8 *mac_s); 24 | int milenage_f2345(const u8 *opc, const u8 *k, const u8 *_rand, 25 | u8 *res, u8 *ck, u8 *ik, u8 *ak, u8 *akstar); 26 | 27 | #endif /* MILENAGE_H */ 28 | -------------------------------------------------------------------------------- /hostapd/nt_password_hash.c: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd - Plaintext password to NtPasswordHash 3 | * Copyright (c) 2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "crypto/ms_funcs.h" 13 | 14 | 15 | int main(int argc, char *argv[]) 16 | { 17 | unsigned char password_hash[16]; 18 | size_t i; 19 | char *password, buf[64], *pos; 20 | 21 | if (argc > 1) 22 | password = argv[1]; 23 | else { 24 | if (fgets(buf, sizeof(buf), stdin) == NULL) { 25 | printf("Failed to read password\n"); 26 | return 1; 27 | } 28 | buf[sizeof(buf) - 1] = '\0'; 29 | pos = buf; 30 | while (*pos != '\0') { 31 | if (*pos == '\r' || *pos == '\n') { 32 | *pos = '\0'; 33 | break; 34 | } 35 | pos++; 36 | } 37 | password = buf; 38 | } 39 | 40 | if (nt_password_hash((u8 *) password, strlen(password), password_hash)) 41 | return -1; 42 | for (i = 0; i < sizeof(password_hash); i++) 43 | printf("%02x", password_hash[i]); 44 | printf("\n"); 45 | 46 | return 0; 47 | } 48 | -------------------------------------------------------------------------------- /src/ap/ap_mlme.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / IEEE 802.11 MLME 3 | * Copyright 2003, Jouni Malinen 4 | * Copyright 2003-2004, Instant802 Networks, Inc. 5 | * Copyright 2005-2006, Devicescape Software, Inc. 6 | * 7 | * This software may be distributed under the terms of the BSD license. 8 | * See README for more details. 9 | */ 10 | 11 | #ifndef MLME_H 12 | #define MLME_H 13 | 14 | void mlme_authenticate_indication(struct hostapd_data *hapd, 15 | struct sta_info *sta); 16 | 17 | void mlme_deauthenticate_indication(struct hostapd_data *hapd, 18 | struct sta_info *sta, u16 reason_code); 19 | 20 | void mlme_associate_indication(struct hostapd_data *hapd, 21 | struct sta_info *sta); 22 | 23 | void mlme_reassociate_indication(struct hostapd_data *hapd, 24 | struct sta_info *sta); 25 | 26 | void mlme_disassociate_indication(struct hostapd_data *hapd, 27 | struct sta_info *sta, u16 reason_code); 28 | 29 | void mlme_michaelmicfailure_indication(struct hostapd_data *hapd, 30 | const u8 *addr); 31 | 32 | void mlme_deletekeys_request(struct hostapd_data *hapd, struct sta_info *sta); 33 | 34 | #endif /* MLME_H */ 35 | -------------------------------------------------------------------------------- /src/ap/ctrl_iface_ap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Control interface for shared AP commands 3 | * Copyright (c) 2004-2013, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef CTRL_IFACE_AP_H 10 | #define CTRL_IFACE_AP_H 11 | 12 | int hostapd_ctrl_iface_sta_first(struct hostapd_data *hapd, 13 | char *buf, size_t buflen); 14 | int hostapd_ctrl_iface_sta(struct hostapd_data *hapd, const char *txtaddr, 15 | char *buf, size_t buflen); 16 | int hostapd_ctrl_iface_sta_next(struct hostapd_data *hapd, const char *txtaddr, 17 | char *buf, size_t buflen); 18 | int hostapd_ctrl_iface_deauthenticate(struct hostapd_data *hapd, 19 | const char *txtaddr); 20 | int hostapd_ctrl_iface_disassociate(struct hostapd_data *hapd, 21 | const char *txtaddr); 22 | int hostapd_ctrl_iface_status(struct hostapd_data *hapd, char *buf, 23 | size_t buflen); 24 | int hostapd_parse_csa_settings(const char *pos, 25 | struct csa_settings *settings); 26 | int hostapd_ctrl_iface_stop_ap(struct hostapd_data *hapd); 27 | 28 | #endif /* CTRL_IFACE_AP_H */ 29 | -------------------------------------------------------------------------------- /src/eap_peer/tncc.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-TNC - TNCC (IF-IMC and IF-TNCCS) 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TNCC_H 10 | #define TNCC_H 11 | 12 | struct tncc_data; 13 | 14 | struct tncc_data * tncc_init(void); 15 | void tncc_deinit(struct tncc_data *tncc); 16 | void tncc_init_connection(struct tncc_data *tncc); 17 | size_t tncc_total_send_len(struct tncc_data *tncc); 18 | u8 * tncc_copy_send_buf(struct tncc_data *tncc, u8 *pos); 19 | char * tncc_if_tnccs_start(struct tncc_data *tncc); 20 | char * tncc_if_tnccs_end(void); 21 | 22 | enum tncc_process_res { 23 | TNCCS_PROCESS_ERROR = -1, 24 | TNCCS_PROCESS_OK_NO_RECOMMENDATION = 0, 25 | TNCCS_RECOMMENDATION_ERROR, 26 | TNCCS_RECOMMENDATION_ALLOW, 27 | TNCCS_RECOMMENDATION_NONE, 28 | TNCCS_RECOMMENDATION_ISOLATE 29 | }; 30 | 31 | enum tncc_process_res tncc_process_if_tnccs(struct tncc_data *tncc, 32 | const u8 *msg, size_t len); 33 | 34 | struct wpabuf * tncc_process_soh_request(int ver, const u8 *data, size_t len); 35 | 36 | #endif /* TNCC_H */ 37 | -------------------------------------------------------------------------------- /src/crypto/sha1.h: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA1 hash implementation and interface functions 3 | * Copyright (c) 2003-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef SHA1_H 10 | #define SHA1_H 11 | 12 | #define SHA1_MAC_LEN 20 13 | 14 | int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem, 15 | const u8 *addr[], const size_t *len, u8 *mac); 16 | int hmac_sha1(const u8 *key, size_t key_len, const u8 *data, size_t data_len, 17 | u8 *mac); 18 | int sha1_prf(const u8 *key, size_t key_len, const char *label, 19 | const u8 *data, size_t data_len, u8 *buf, size_t buf_len); 20 | int sha1_t_prf(const u8 *key, size_t key_len, const char *label, 21 | const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len); 22 | int __must_check tls_prf_sha1_md5(const u8 *secret, size_t secret_len, 23 | const char *label, const u8 *seed, 24 | size_t seed_len, u8 *out, size_t outlen); 25 | int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len, 26 | int iterations, u8 *buf, size_t buflen); 27 | #endif /* SHA1_H */ 28 | -------------------------------------------------------------------------------- /hostapd/ctrl_iface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / UNIX domain socket -based control interface 3 | * Copyright (c) 2004, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef CTRL_IFACE_H 10 | #define CTRL_IFACE_H 11 | 12 | #ifndef CONFIG_NO_CTRL_IFACE 13 | int hostapd_ctrl_iface_init(struct hostapd_data *hapd); 14 | void hostapd_ctrl_iface_deinit(struct hostapd_data *hapd); 15 | int hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface); 16 | void hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interface); 17 | #else /* CONFIG_NO_CTRL_IFACE */ 18 | static inline int hostapd_ctrl_iface_init(struct hostapd_data *hapd) 19 | { 20 | return 0; 21 | } 22 | 23 | static inline void hostapd_ctrl_iface_deinit(struct hostapd_data *hapd) 24 | { 25 | } 26 | 27 | static inline int 28 | hostapd_global_ctrl_iface_init(struct hapd_interfaces *interface) 29 | { 30 | return 0; 31 | } 32 | 33 | static inline void 34 | hostapd_global_ctrl_iface_deinit(struct hapd_interfaces *interface) 35 | { 36 | } 37 | #endif /* CONFIG_NO_CTRL_IFACE */ 38 | 39 | #endif /* CTRL_IFACE_H */ 40 | -------------------------------------------------------------------------------- /src/drivers/linux_defines.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Linux defines for values that are not yet included in common C libraries 3 | * Copyright (c) 2014, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef LINUX_DEFINES_H 10 | #define LINUX_DEFINES_H 11 | 12 | #ifndef SO_WIFI_STATUS 13 | # if defined(__sparc__) 14 | # define SO_WIFI_STATUS 0x0025 15 | # elif defined(__parisc__) 16 | # define SO_WIFI_STATUS 0x4022 17 | # else 18 | # define SO_WIFI_STATUS 41 19 | # endif 20 | 21 | # define SCM_WIFI_STATUS SO_WIFI_STATUS 22 | #endif 23 | 24 | #ifndef SO_EE_ORIGIN_TXSTATUS 25 | #define SO_EE_ORIGIN_TXSTATUS 4 26 | #endif 27 | 28 | #ifndef PACKET_TX_TIMESTAMP 29 | #define PACKET_TX_TIMESTAMP 16 30 | #endif 31 | 32 | #ifndef IFF_LOWER_UP 33 | #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */ 34 | #endif 35 | #ifndef IFF_DORMANT 36 | #define IFF_DORMANT 0x20000 /* driver signals dormant */ 37 | #endif 38 | 39 | #ifndef IF_OPER_DORMANT 40 | #define IF_OPER_DORMANT 5 41 | #endif 42 | #ifndef IF_OPER_UP 43 | #define IF_OPER_UP 6 44 | #endif 45 | 46 | #endif /* LINUX_DEFINES_H */ 47 | -------------------------------------------------------------------------------- /src/ap/dfs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * DFS - Dynamic Frequency Selection 3 | * Copyright (c) 2002-2013, Jouni Malinen 4 | * Copyright (c) 2013, Qualcomm Atheros, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | #ifndef DFS_H 10 | #define DFS_H 11 | 12 | int hostapd_handle_dfs(struct hostapd_iface *iface); 13 | 14 | int hostapd_dfs_complete_cac(struct hostapd_iface *iface, int success, int freq, 15 | int ht_enabled, int chan_offset, int chan_width, 16 | int cf1, int cf2); 17 | int hostapd_dfs_radar_detected(struct hostapd_iface *iface, int freq, 18 | int ht_enabled, 19 | int chan_offset, int chan_width, 20 | int cf1, int cf2); 21 | int hostapd_dfs_nop_finished(struct hostapd_iface *iface, int freq, 22 | int ht_enabled, 23 | int chan_offset, int chan_width, int cf1, int cf2); 24 | int hostapd_is_dfs_required(struct hostapd_iface *iface); 25 | int hostapd_dfs_start_cac(struct hostapd_iface *iface, int freq, 26 | int ht_enabled, int chan_offset, int chan_width, 27 | int cf1, int cf2); 28 | int hostapd_handle_dfs_offload(struct hostapd_iface *iface); 29 | 30 | #endif /* DFS_H */ 31 | -------------------------------------------------------------------------------- /src/crypto/sha256.h: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA256 hash implementation and interface functions 3 | * Copyright (c) 2003-2014, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef SHA256_H 10 | #define SHA256_H 11 | 12 | #define SHA256_MAC_LEN 32 13 | 14 | int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem, 15 | const u8 *addr[], const size_t *len, u8 *mac); 16 | int hmac_sha256(const u8 *key, size_t key_len, const u8 *data, 17 | size_t data_len, u8 *mac); 18 | void sha256_prf(const u8 *key, size_t key_len, const char *label, 19 | const u8 *data, size_t data_len, u8 *buf, size_t buf_len); 20 | void sha256_prf_bits(const u8 *key, size_t key_len, const char *label, 21 | const u8 *data, size_t data_len, u8 *buf, 22 | size_t buf_len_bits); 23 | void tls_prf_sha256(const u8 *secret, size_t secret_len, 24 | const char *label, const u8 *seed, size_t seed_len, 25 | u8 *out, size_t outlen); 26 | int hmac_sha256_kdf(const u8 *secret, size_t secret_len, 27 | const char *label, const u8 *seed, size_t seed_len, 28 | u8 *out, size_t outlen); 29 | 30 | #endif /* SHA256_H */ 31 | -------------------------------------------------------------------------------- /src/crypto/rc4.c: -------------------------------------------------------------------------------- 1 | /* 2 | * RC4 stream cipher 3 | * Copyright (c) 2002-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "crypto.h" 13 | 14 | #define S_SWAP(a,b) do { u8 t = S[a]; S[a] = S[b]; S[b] = t; } while(0) 15 | 16 | int rc4_skip(const u8 *key, size_t keylen, size_t skip, 17 | u8 *data, size_t data_len) 18 | { 19 | u32 i, j, k; 20 | u8 S[256], *pos; 21 | size_t kpos; 22 | 23 | /* Setup RC4 state */ 24 | for (i = 0; i < 256; i++) 25 | S[i] = i; 26 | j = 0; 27 | kpos = 0; 28 | for (i = 0; i < 256; i++) { 29 | j = (j + S[i] + key[kpos]) & 0xff; 30 | kpos++; 31 | if (kpos >= keylen) 32 | kpos = 0; 33 | S_SWAP(i, j); 34 | } 35 | 36 | /* Skip the start of the stream */ 37 | i = j = 0; 38 | for (k = 0; k < skip; k++) { 39 | i = (i + 1) & 0xff; 40 | j = (j + S[i]) & 0xff; 41 | S_SWAP(i, j); 42 | } 43 | 44 | /* Apply RC4 to data */ 45 | pos = data; 46 | for (k = 0; k < data_len; k++) { 47 | i = (i + 1) & 0xff; 48 | j = (j + S[i]) & 0xff; 49 | S_SWAP(i, j); 50 | *pos++ ^= S[(S[i] + S[j]) & 0xff]; 51 | } 52 | 53 | return 0; 54 | } 55 | -------------------------------------------------------------------------------- /src/tls/bignum.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Big number math 3 | * Copyright (c) 2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef BIGNUM_H 10 | #define BIGNUM_H 11 | 12 | struct bignum; 13 | 14 | struct bignum * bignum_init(void); 15 | void bignum_deinit(struct bignum *n); 16 | size_t bignum_get_unsigned_bin_len(struct bignum *n); 17 | int bignum_get_unsigned_bin(const struct bignum *n, u8 *buf, size_t *len); 18 | int bignum_set_unsigned_bin(struct bignum *n, const u8 *buf, size_t len); 19 | int bignum_cmp(const struct bignum *a, const struct bignum *b); 20 | int bignum_cmp_d(const struct bignum *a, unsigned long b); 21 | int bignum_add(const struct bignum *a, const struct bignum *b, 22 | struct bignum *c); 23 | int bignum_sub(const struct bignum *a, const struct bignum *b, 24 | struct bignum *c); 25 | int bignum_mul(const struct bignum *a, const struct bignum *b, 26 | struct bignum *c); 27 | int bignum_mulmod(const struct bignum *a, const struct bignum *b, 28 | const struct bignum *c, struct bignum *d); 29 | int bignum_exptmod(const struct bignum *a, const struct bignum *b, 30 | const struct bignum *c, struct bignum *d); 31 | 32 | #endif /* BIGNUM_H */ 33 | -------------------------------------------------------------------------------- /src/utils/ip_addr.c: -------------------------------------------------------------------------------- 1 | /* 2 | * IP address processing 3 | * Copyright (c) 2003-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "ip_addr.h" 13 | 14 | const char * hostapd_ip_txt(const struct hostapd_ip_addr *addr, char *buf, 15 | size_t buflen) 16 | { 17 | if (buflen == 0 || addr == NULL) 18 | return NULL; 19 | 20 | if (addr->af == AF_INET) { 21 | os_strlcpy(buf, inet_ntoa(addr->u.v4), buflen); 22 | } else { 23 | buf[0] = '\0'; 24 | } 25 | #ifdef CONFIG_IPV6 26 | if (addr->af == AF_INET6) { 27 | if (inet_ntop(AF_INET6, &addr->u.v6, buf, buflen) == NULL) 28 | buf[0] = '\0'; 29 | } 30 | #endif /* CONFIG_IPV6 */ 31 | 32 | return buf; 33 | } 34 | 35 | 36 | int hostapd_parse_ip_addr(const char *txt, struct hostapd_ip_addr *addr) 37 | { 38 | #ifndef CONFIG_NATIVE_WINDOWS 39 | if (inet_aton(txt, &addr->u.v4)) { 40 | addr->af = AF_INET; 41 | return 0; 42 | } 43 | 44 | #ifdef CONFIG_IPV6 45 | if (inet_pton(AF_INET6, txt, &addr->u.v6) > 0) { 46 | addr->af = AF_INET6; 47 | return 0; 48 | } 49 | #endif /* CONFIG_IPV6 */ 50 | #endif /* CONFIG_NATIVE_WINDOWS */ 51 | 52 | return -1; 53 | } 54 | -------------------------------------------------------------------------------- /src/wps/http_server.h: -------------------------------------------------------------------------------- 1 | /* 2 | * http_server - HTTP server 3 | * Copyright (c) 2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef HTTP_SERVER_H 10 | #define HTTP_SERVER_H 11 | 12 | struct http_server; 13 | struct http_request; 14 | 15 | void http_request_deinit(struct http_request *req); 16 | void http_request_send(struct http_request *req, struct wpabuf *resp); 17 | void http_request_send_and_deinit(struct http_request *req, 18 | struct wpabuf *resp); 19 | enum httpread_hdr_type http_request_get_type(struct http_request *req); 20 | char * http_request_get_uri(struct http_request *req); 21 | char * http_request_get_hdr(struct http_request *req); 22 | char * http_request_get_data(struct http_request *req); 23 | char * http_request_get_hdr_line(struct http_request *req, const char *tag); 24 | struct sockaddr_in * http_request_get_cli_addr(struct http_request *req); 25 | 26 | struct http_server * http_server_init(struct in_addr *addr, int port, 27 | void (*cb)(void *ctx, 28 | struct http_request *req), 29 | void *cb_ctx); 30 | void http_server_deinit(struct http_server *srv); 31 | int http_server_get_port(struct http_server *srv); 32 | 33 | #endif /* HTTP_SERVER_H */ 34 | -------------------------------------------------------------------------------- /hostapd/wired.conf: -------------------------------------------------------------------------------- 1 | ##### hostapd configuration file ############################################## 2 | # Empty lines and lines starting with # are ignored 3 | 4 | # Example configuration file for wired authenticator. See hostapd.conf for 5 | # more details. 6 | 7 | interface=eth0 8 | driver=wired 9 | logger_stdout=-1 10 | logger_stdout_level=1 11 | debug=2 12 | dump_file=/tmp/hostapd.dump 13 | 14 | ieee8021x=1 15 | eap_reauth_period=3600 16 | 17 | use_pae_group_addr=1 18 | 19 | 20 | ##### RADIUS configuration #################################################### 21 | # for IEEE 802.1X with external Authentication Server, IEEE 802.11 22 | # authentication with external ACL for MAC addresses, and accounting 23 | 24 | # The own IP address of the access point (used as NAS-IP-Address) 25 | own_ip_addr=127.0.0.1 26 | 27 | # Optional NAS-Identifier string for RADIUS messages. When used, this should be 28 | # a unique to the NAS within the scope of the RADIUS server. For example, a 29 | # fully qualified domain name can be used here. 30 | nas_identifier=ap.example.com 31 | 32 | # RADIUS authentication server 33 | auth_server_addr=127.0.0.1 34 | auth_server_port=1812 35 | auth_server_shared_secret=radius 36 | 37 | # RADIUS accounting server 38 | acct_server_addr=127.0.0.1 39 | acct_server_port=1813 40 | acct_server_shared_secret=radius 41 | -------------------------------------------------------------------------------- /src/ap/accounting.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / RADIUS Accounting 3 | * Copyright (c) 2002-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef ACCOUNTING_H 10 | #define ACCOUNTING_H 11 | 12 | #ifdef CONFIG_NO_ACCOUNTING 13 | static inline void accounting_sta_get_id(struct hostapd_data *hapd, 14 | struct sta_info *sta) 15 | { 16 | } 17 | 18 | static inline void accounting_sta_start(struct hostapd_data *hapd, 19 | struct sta_info *sta) 20 | { 21 | } 22 | 23 | static inline void accounting_sta_stop(struct hostapd_data *hapd, 24 | struct sta_info *sta) 25 | { 26 | } 27 | 28 | static inline int accounting_init(struct hostapd_data *hapd) 29 | { 30 | return 0; 31 | } 32 | 33 | static inline void accounting_deinit(struct hostapd_data *hapd) 34 | { 35 | } 36 | #else /* CONFIG_NO_ACCOUNTING */ 37 | void accounting_sta_get_id(struct hostapd_data *hapd, struct sta_info *sta); 38 | void accounting_sta_start(struct hostapd_data *hapd, struct sta_info *sta); 39 | void accounting_sta_stop(struct hostapd_data *hapd, struct sta_info *sta); 40 | int accounting_init(struct hostapd_data *hapd); 41 | void accounting_deinit(struct hostapd_data *hapd); 42 | #endif /* CONFIG_NO_ACCOUNTING */ 43 | 44 | #endif /* ACCOUNTING_H */ 45 | -------------------------------------------------------------------------------- /src/wps/http_client.h: -------------------------------------------------------------------------------- 1 | /* 2 | * http_client - HTTP client 3 | * Copyright (c) 2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef HTTP_CLIENT_H 10 | #define HTTP_CLIENT_H 11 | 12 | struct http_client; 13 | 14 | enum http_client_event { 15 | HTTP_CLIENT_FAILED, 16 | HTTP_CLIENT_TIMEOUT, 17 | HTTP_CLIENT_OK, 18 | HTTP_CLIENT_INVALID_REPLY, 19 | }; 20 | 21 | char * http_client_url_parse(const char *url, struct sockaddr_in *dst, 22 | char **path); 23 | struct http_client * http_client_addr(struct sockaddr_in *dst, 24 | struct wpabuf *req, size_t max_response, 25 | void (*cb)(void *ctx, 26 | struct http_client *c, 27 | enum http_client_event event), 28 | void *cb_ctx); 29 | struct http_client * http_client_url(const char *url, 30 | struct wpabuf *req, size_t max_response, 31 | void (*cb)(void *ctx, 32 | struct http_client *c, 33 | enum http_client_event event), 34 | void *cb_ctx); 35 | void http_client_free(struct http_client *c); 36 | struct wpabuf * http_client_get_body(struct http_client *c); 37 | char * http_client_get_hdr_line(struct http_client *c, const char *tag); 38 | char * http_link_update(char *url, const char *base); 39 | 40 | #endif /* HTTP_CLIENT_H */ 41 | -------------------------------------------------------------------------------- /src/tls/tlsv1_cred.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TLSv1 credentials 3 | * Copyright (c) 2006-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TLSV1_CRED_H 10 | #define TLSV1_CRED_H 11 | 12 | struct tlsv1_credentials { 13 | struct x509_certificate *trusted_certs; 14 | struct x509_certificate *cert; 15 | struct crypto_private_key *key; 16 | 17 | /* Diffie-Hellman parameters */ 18 | u8 *dh_p; /* prime */ 19 | size_t dh_p_len; 20 | u8 *dh_g; /* generator */ 21 | size_t dh_g_len; 22 | }; 23 | 24 | 25 | struct tlsv1_credentials * tlsv1_cred_alloc(void); 26 | void tlsv1_cred_free(struct tlsv1_credentials *cred); 27 | int tlsv1_set_ca_cert(struct tlsv1_credentials *cred, const char *cert, 28 | const u8 *cert_blob, size_t cert_blob_len, 29 | const char *path); 30 | int tlsv1_set_cert(struct tlsv1_credentials *cred, const char *cert, 31 | const u8 *cert_blob, size_t cert_blob_len); 32 | int tlsv1_set_private_key(struct tlsv1_credentials *cred, 33 | const char *private_key, 34 | const char *private_key_passwd, 35 | const u8 *private_key_blob, 36 | size_t private_key_blob_len); 37 | int tlsv1_set_dhparams(struct tlsv1_credentials *cred, const char *dh_file, 38 | const u8 *dh_blob, size_t dh_blob_len); 39 | 40 | #endif /* TLSV1_CRED_H */ 41 | -------------------------------------------------------------------------------- /src/crypto/Makefile: -------------------------------------------------------------------------------- 1 | all: libcrypto.a 2 | 3 | clean: 4 | rm -f *~ *.o *.d *.gcno *.gcda *.gcov libcrypto.a 5 | 6 | install: 7 | @echo Nothing to be made. 8 | 9 | 10 | include ../lib.rules 11 | 12 | CFLAGS += -DCONFIG_CRYPTO_INTERNAL 13 | CFLAGS += -DCONFIG_TLS_INTERNAL_CLIENT 14 | CFLAGS += -DCONFIG_TLS_INTERNAL_SERVER 15 | #CFLAGS += -DALL_DH_GROUPS 16 | CFLAGS += -DCONFIG_SHA256 17 | 18 | LIB_OBJS= \ 19 | aes-cbc.o \ 20 | aes-ccm.o \ 21 | aes-ctr.o \ 22 | aes-eax.o \ 23 | aes-encblock.o \ 24 | aes-gcm.o \ 25 | aes-internal.o \ 26 | aes-internal-dec.o \ 27 | aes-internal-enc.o \ 28 | aes-omac1.o \ 29 | aes-siv.o \ 30 | aes-unwrap.o \ 31 | aes-wrap.o \ 32 | des-internal.o \ 33 | dh_group5.o \ 34 | dh_groups.o \ 35 | md4-internal.o \ 36 | md5.o \ 37 | md5-internal.o \ 38 | milenage.o \ 39 | ms_funcs.o \ 40 | rc4.o \ 41 | sha1.o \ 42 | sha1-internal.o \ 43 | sha1-pbkdf2.o \ 44 | sha1-prf.o \ 45 | sha1-tlsprf.o \ 46 | sha1-tprf.o \ 47 | sha256.o \ 48 | sha256-prf.o \ 49 | sha256-tlsprf.o \ 50 | sha256-internal.o 51 | 52 | LIB_OBJS += crypto_internal.o 53 | LIB_OBJS += crypto_internal-cipher.o 54 | LIB_OBJS += crypto_internal-modexp.o 55 | LIB_OBJS += crypto_internal-rsa.o 56 | LIB_OBJS += tls_internal.o 57 | LIB_OBJS += fips_prf_internal.o 58 | LIB_OBJS += random.o 59 | 60 | 61 | libcrypto.a: $(LIB_OBJS) 62 | $(AR) crT $@ $? 63 | 64 | -include $(OBJS:%.o=%.d) 65 | -------------------------------------------------------------------------------- /src/eap_server/tncs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-TNC - TNCS (IF-IMV, IF-TNCCS, and IF-TNCCS-SOH) 3 | * Copyright (c) 2007-2008, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TNCS_H 10 | #define TNCS_H 11 | 12 | struct tncs_data; 13 | 14 | struct tncs_data * tncs_init(void); 15 | void tncs_deinit(struct tncs_data *tncs); 16 | void tncs_init_connection(struct tncs_data *tncs); 17 | size_t tncs_total_send_len(struct tncs_data *tncs); 18 | u8 * tncs_copy_send_buf(struct tncs_data *tncs, u8 *pos); 19 | char * tncs_if_tnccs_start(struct tncs_data *tncs); 20 | char * tncs_if_tnccs_end(void); 21 | 22 | enum tncs_process_res { 23 | TNCCS_PROCESS_ERROR = -1, 24 | TNCCS_PROCESS_OK_NO_RECOMMENDATION = 0, 25 | TNCCS_RECOMMENDATION_ERROR, 26 | TNCCS_RECOMMENDATION_ALLOW, 27 | TNCCS_RECOMMENDATION_NONE, 28 | TNCCS_RECOMMENDATION_ISOLATE, 29 | TNCCS_RECOMMENDATION_NO_ACCESS, 30 | TNCCS_RECOMMENDATION_NO_RECOMMENDATION 31 | }; 32 | 33 | enum tncs_process_res tncs_process_if_tnccs(struct tncs_data *tncs, 34 | const u8 *msg, size_t len); 35 | 36 | int tncs_global_init(void); 37 | void tncs_global_deinit(void); 38 | 39 | struct wpabuf * tncs_build_soh_request(void); 40 | struct wpabuf * tncs_process_soh(const u8 *soh_tlv, size_t soh_tlv_len, 41 | int *failure); 42 | 43 | #endif /* TNCS_H */ 44 | -------------------------------------------------------------------------------- /src/crypto/aes-ctr.c: -------------------------------------------------------------------------------- 1 | /* 2 | * AES-128 CTR 3 | * 4 | * Copyright (c) 2003-2007, Jouni Malinen 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #include "includes.h" 11 | 12 | #include "common.h" 13 | #include "aes.h" 14 | #include "aes_wrap.h" 15 | 16 | /** 17 | * aes_128_ctr_encrypt - AES-128 CTR mode encryption 18 | * @key: Key for encryption (16 bytes) 19 | * @nonce: Nonce for counter mode (16 bytes) 20 | * @data: Data to encrypt in-place 21 | * @data_len: Length of data in bytes 22 | * Returns: 0 on success, -1 on failure 23 | */ 24 | int aes_128_ctr_encrypt(const u8 *key, const u8 *nonce, 25 | u8 *data, size_t data_len) 26 | { 27 | void *ctx; 28 | size_t j, len, left = data_len; 29 | int i; 30 | u8 *pos = data; 31 | u8 counter[AES_BLOCK_SIZE], buf[AES_BLOCK_SIZE]; 32 | 33 | ctx = aes_encrypt_init(key, 16); 34 | if (ctx == NULL) 35 | return -1; 36 | os_memcpy(counter, nonce, AES_BLOCK_SIZE); 37 | 38 | while (left > 0) { 39 | aes_encrypt(ctx, counter, buf); 40 | 41 | len = (left < AES_BLOCK_SIZE) ? left : AES_BLOCK_SIZE; 42 | for (j = 0; j < len; j++) 43 | pos[j] ^= buf[j]; 44 | pos += len; 45 | left -= len; 46 | 47 | for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) { 48 | counter[i]++; 49 | if (counter[i]) 50 | break; 51 | } 52 | } 53 | aes_encrypt_deinit(ctx); 54 | return 0; 55 | } 56 | -------------------------------------------------------------------------------- /src/crypto/crypto_internal-modexp.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Crypto wrapper for internal crypto implementation - modexp 3 | * Copyright (c) 2006-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "tls/bignum.h" 13 | #include "crypto.h" 14 | 15 | 16 | int crypto_mod_exp(const u8 *base, size_t base_len, 17 | const u8 *power, size_t power_len, 18 | const u8 *modulus, size_t modulus_len, 19 | u8 *result, size_t *result_len) 20 | { 21 | struct bignum *bn_base, *bn_exp, *bn_modulus, *bn_result; 22 | int ret = -1; 23 | 24 | bn_base = bignum_init(); 25 | bn_exp = bignum_init(); 26 | bn_modulus = bignum_init(); 27 | bn_result = bignum_init(); 28 | 29 | if (bn_base == NULL || bn_exp == NULL || bn_modulus == NULL || 30 | bn_result == NULL) 31 | goto error; 32 | 33 | if (bignum_set_unsigned_bin(bn_base, base, base_len) < 0 || 34 | bignum_set_unsigned_bin(bn_exp, power, power_len) < 0 || 35 | bignum_set_unsigned_bin(bn_modulus, modulus, modulus_len) < 0) 36 | goto error; 37 | 38 | if (bignum_exptmod(bn_base, bn_exp, bn_modulus, bn_result) < 0) 39 | goto error; 40 | 41 | ret = bignum_get_unsigned_bin(bn_result, result, result_len); 42 | 43 | error: 44 | bignum_deinit(bn_base); 45 | bignum_deinit(bn_exp); 46 | bignum_deinit(bn_modulus); 47 | bignum_deinit(bn_result); 48 | return ret; 49 | } 50 | -------------------------------------------------------------------------------- /src/eap_peer/eap_proxy.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP proxy definitions 3 | * Copyright (c) 2011-2013 Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_PROXY_H 10 | #define EAP_PROXY_H 11 | 12 | struct eap_proxy_sm; 13 | struct eapol_callbacks; 14 | struct eap_sm; 15 | struct eap_peer_config; 16 | 17 | enum eap_proxy_status { 18 | EAP_PROXY_FAILURE = 0x00, 19 | EAP_PROXY_SUCCESS 20 | }; 21 | 22 | struct eap_proxy_sm * 23 | eap_proxy_init(void *eapol_ctx, struct eapol_callbacks *eapol_cb, 24 | void *msg_ctx); 25 | 26 | void eap_proxy_deinit(struct eap_proxy_sm *eap_proxy); 27 | 28 | int eap_proxy_key_available(struct eap_proxy_sm *sm); 29 | 30 | const u8 * eap_proxy_get_eapKeyData(struct eap_proxy_sm *sm, size_t *len); 31 | 32 | struct wpabuf * eap_proxy_get_eapRespData(struct eap_proxy_sm *sm); 33 | 34 | int eap_proxy_sm_step(struct eap_proxy_sm *sm, struct eap_sm *eap_sm); 35 | 36 | enum eap_proxy_status 37 | eap_proxy_packet_update(struct eap_proxy_sm *eap_proxy, u8 *eapReqData, 38 | int eapReqDataLen); 39 | 40 | int eap_proxy_sm_get_status(struct eap_proxy_sm *sm, char *buf, size_t buflen, 41 | int verbose); 42 | 43 | int eap_proxy_get_imsi(struct eap_proxy_sm *eap_proxy, char *imsi_buf, 44 | size_t *imsi_len); 45 | 46 | int eap_proxy_notify_config(struct eap_proxy_sm *sm, 47 | struct eap_peer_config *config); 48 | 49 | #endif /* EAP_PROXY_H */ 50 | -------------------------------------------------------------------------------- /src/utils/includes.h: -------------------------------------------------------------------------------- 1 | /* 2 | * wpa_supplicant/hostapd - Default include files 3 | * Copyright (c) 2005-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | * 8 | * This header file is included into all C files so that commonly used header 9 | * files can be selected with OS specific ifdef blocks in one place instead of 10 | * having to have OS/C library specific selection in many files. 11 | */ 12 | 13 | #ifndef INCLUDES_H 14 | #define INCLUDES_H 15 | 16 | /* Include possible build time configuration before including anything else */ 17 | #include "build_config.h" 18 | 19 | #include 20 | #include 21 | #include 22 | #include 23 | #ifndef _WIN32_WCE 24 | #ifndef CONFIG_TI_COMPILER 25 | #include 26 | #include 27 | #endif /* CONFIG_TI_COMPILER */ 28 | #include 29 | #endif /* _WIN32_WCE */ 30 | #include 31 | 32 | #ifndef CONFIG_TI_COMPILER 33 | #ifndef _MSC_VER 34 | #include 35 | #endif /* _MSC_VER */ 36 | #endif /* CONFIG_TI_COMPILER */ 37 | 38 | #ifndef CONFIG_NATIVE_WINDOWS 39 | #ifndef CONFIG_TI_COMPILER 40 | #include 41 | #include 42 | #include 43 | #ifndef __vxworks 44 | #include 45 | #include 46 | #endif /* __vxworks */ 47 | #endif /* CONFIG_TI_COMPILER */ 48 | #endif /* CONFIG_NATIVE_WINDOWS */ 49 | 50 | #endif /* INCLUDES_H */ 51 | -------------------------------------------------------------------------------- /src/common/wpa_helpers.h: -------------------------------------------------------------------------------- 1 | /* 2 | * wpa_supplicant ctrl_iface helpers 3 | * Copyright (c) 2010-2011, Atheros Communications, Inc. 4 | * Copyright (c) 2011-2012, Qualcomm Atheros, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef WPA_HELPERS_H 11 | #define WPA_HELPERS_H 12 | 13 | int wpa_command(const char *ifname, const char *cmd); 14 | int wpa_command_resp(const char *ifname, const char *cmd, 15 | char *resp, size_t resp_size); 16 | int get_wpa_status(const char *ifname, const char *field, char *obuf, 17 | size_t obuf_size); 18 | 19 | struct wpa_ctrl * open_wpa_mon(const char *ifname); 20 | int wait_ip_addr(const char *ifname, int timeout); 21 | int get_wpa_cli_event(struct wpa_ctrl *mon, 22 | const char *event, char *buf, size_t buf_size); 23 | int get_wpa_cli_event2(struct wpa_ctrl *mon, 24 | const char *event, const char *event2, 25 | char *buf, size_t buf_size); 26 | 27 | int add_network(const char *ifname); 28 | int set_network(const char *ifname, int id, const char *field, 29 | const char *value); 30 | int set_network_quoted(const char *ifname, int id, const char *field, 31 | const char *value); 32 | int add_cred(const char *ifname); 33 | int set_cred(const char *ifname, int id, const char *field, const char *value); 34 | int set_cred_quoted(const char *ifname, int id, const char *field, 35 | const char *value); 36 | 37 | #endif /* WPA_HELPERS_H */ 38 | -------------------------------------------------------------------------------- /src/ap/preauth_auth.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd - Authenticator for IEEE 802.11i RSN pre-authentication 3 | * Copyright (c) 2004-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PREAUTH_H 10 | #define PREAUTH_H 11 | 12 | #ifdef CONFIG_RSN_PREAUTH 13 | 14 | int rsn_preauth_iface_init(struct hostapd_data *hapd); 15 | void rsn_preauth_iface_deinit(struct hostapd_data *hapd); 16 | void rsn_preauth_finished(struct hostapd_data *hapd, struct sta_info *sta, 17 | int success); 18 | void rsn_preauth_send(struct hostapd_data *hapd, struct sta_info *sta, 19 | u8 *buf, size_t len); 20 | void rsn_preauth_free_station(struct hostapd_data *hapd, struct sta_info *sta); 21 | 22 | #else /* CONFIG_RSN_PREAUTH */ 23 | 24 | static inline int rsn_preauth_iface_init(struct hostapd_data *hapd) 25 | { 26 | return 0; 27 | } 28 | 29 | static inline void rsn_preauth_iface_deinit(struct hostapd_data *hapd) 30 | { 31 | } 32 | 33 | static inline void rsn_preauth_finished(struct hostapd_data *hapd, 34 | struct sta_info *sta, 35 | int success) 36 | { 37 | } 38 | 39 | static inline void rsn_preauth_send(struct hostapd_data *hapd, 40 | struct sta_info *sta, 41 | u8 *buf, size_t len) 42 | { 43 | } 44 | 45 | static inline void rsn_preauth_free_station(struct hostapd_data *hapd, 46 | struct sta_info *sta) 47 | { 48 | } 49 | 50 | #endif /* CONFIG_RSN_PREAUTH */ 51 | 52 | #endif /* PREAUTH_H */ 53 | -------------------------------------------------------------------------------- /src/wps/wps_upnp.h: -------------------------------------------------------------------------------- 1 | /* 2 | * UPnP WPS Device 3 | * Copyright (c) 2000-2003 Intel Corporation 4 | * Copyright (c) 2006-2007 Sony Corporation 5 | * Copyright (c) 2008-2009 Atheros Communications 6 | * Copyright (c) 2009, Jouni Malinen 7 | * 8 | * See wps_upnp.c for more details on licensing and code history. 9 | */ 10 | 11 | #ifndef WPS_UPNP_H 12 | #define WPS_UPNP_H 13 | 14 | struct upnp_wps_device_sm; 15 | struct wps_context; 16 | struct wps_data; 17 | 18 | struct upnp_wps_peer { 19 | struct wps_data *wps; 20 | }; 21 | 22 | enum upnp_wps_wlanevent_type { 23 | UPNP_WPS_WLANEVENT_TYPE_PROBE = 1, 24 | UPNP_WPS_WLANEVENT_TYPE_EAP = 2 25 | }; 26 | 27 | struct upnp_wps_device_ctx { 28 | int (*rx_req_put_wlan_response)( 29 | void *priv, enum upnp_wps_wlanevent_type ev_type, 30 | const u8 *mac_addr, const struct wpabuf *msg, 31 | enum wps_msg_type msg_type); 32 | 33 | char *ap_pin; 34 | }; 35 | 36 | struct upnp_wps_device_sm * 37 | upnp_wps_device_init(struct upnp_wps_device_ctx *ctx, struct wps_context *wps, 38 | void *priv, char *net_if); 39 | void upnp_wps_device_deinit(struct upnp_wps_device_sm *sm, void *priv); 40 | 41 | int upnp_wps_device_send_wlan_event(struct upnp_wps_device_sm *sm, 42 | const u8 from_mac_addr[ETH_ALEN], 43 | enum upnp_wps_wlanevent_type ev_type, 44 | const struct wpabuf *msg); 45 | int upnp_wps_subscribers(struct upnp_wps_device_sm *sm); 46 | int upnp_wps_set_ap_pin(struct upnp_wps_device_sm *sm, const char *ap_pin); 47 | 48 | #endif /* WPS_UPNP_H */ 49 | -------------------------------------------------------------------------------- /src/ap/wpa_auth_ie.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd - WPA/RSN IE and KDE definitions 3 | * Copyright (c) 2004-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef WPA_AUTH_IE_H 10 | #define WPA_AUTH_IE_H 11 | 12 | struct wpa_eapol_ie_parse { 13 | const u8 *wpa_ie; 14 | size_t wpa_ie_len; 15 | const u8 *rsn_ie; 16 | size_t rsn_ie_len; 17 | const u8 *pmkid; 18 | const u8 *gtk; 19 | size_t gtk_len; 20 | const u8 *mac_addr; 21 | size_t mac_addr_len; 22 | #ifdef CONFIG_PEERKEY 23 | const u8 *smk; 24 | size_t smk_len; 25 | const u8 *nonce; 26 | size_t nonce_len; 27 | const u8 *lifetime; 28 | size_t lifetime_len; 29 | const u8 *error; 30 | size_t error_len; 31 | #endif /* CONFIG_PEERKEY */ 32 | #ifdef CONFIG_IEEE80211W 33 | const u8 *igtk; 34 | size_t igtk_len; 35 | #endif /* CONFIG_IEEE80211W */ 36 | #ifdef CONFIG_IEEE80211R 37 | const u8 *mdie; 38 | size_t mdie_len; 39 | const u8 *ftie; 40 | size_t ftie_len; 41 | #endif /* CONFIG_IEEE80211R */ 42 | #ifdef CONFIG_P2P 43 | const u8 *ip_addr_req; 44 | const u8 *ip_addr_alloc; 45 | #endif /* CONFIG_P2P */ 46 | 47 | const u8 *osen; 48 | size_t osen_len; 49 | }; 50 | 51 | int wpa_parse_kde_ies(const u8 *buf, size_t len, 52 | struct wpa_eapol_ie_parse *ie); 53 | u8 * wpa_add_kde(u8 *pos, u32 kde, const u8 *data, size_t data_len, 54 | const u8 *data2, size_t data2_len); 55 | int wpa_auth_gen_wpa_ie(struct wpa_authenticator *wpa_auth); 56 | 57 | #endif /* WPA_AUTH_IE_H */ 58 | -------------------------------------------------------------------------------- /src/common/gas.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Generic advertisement service (GAS) (IEEE 802.11u) 3 | * Copyright (c) 2009, Atheros Communications 4 | * Copyright (c) 2011-2012, Qualcomm Atheros 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef GAS_H 11 | #define GAS_H 12 | 13 | struct wpabuf * gas_build_initial_req(u8 dialog_token, size_t size); 14 | struct wpabuf * gas_build_comeback_req(u8 dialog_token); 15 | struct wpabuf * gas_build_initial_resp(u8 dialog_token, u16 status_code, 16 | u16 comeback_delay, size_t size); 17 | struct wpabuf * gas_anqp_build_initial_req(u8 dialog_token, size_t size); 18 | struct wpabuf * gas_anqp_build_initial_resp(u8 dialog_token, u16 status_code, 19 | u16 comeback_delay, size_t size); 20 | struct wpabuf * gas_anqp_build_initial_resp_buf(u8 dialog_token, 21 | u16 status_code, 22 | u16 comeback_delay, 23 | struct wpabuf *payload); 24 | struct wpabuf * gas_anqp_build_comeback_resp(u8 dialog_token, u16 status_code, 25 | u8 frag_id, u8 more, 26 | u16 comeback_delay, size_t size); 27 | struct wpabuf * gas_anqp_build_comeback_resp_buf(u8 dialog_token, 28 | u16 status_code, 29 | u8 frag_id, u8 more, 30 | u16 comeback_delay, 31 | struct wpabuf *payload); 32 | void gas_anqp_set_len(struct wpabuf *buf); 33 | 34 | u8 * gas_anqp_add_element(struct wpabuf *buf, u16 info_id); 35 | void gas_anqp_set_element_len(struct wpabuf *buf, u8 *len_pos); 36 | 37 | #endif /* GAS_H */ 38 | -------------------------------------------------------------------------------- /src/radius/radius_das.h: -------------------------------------------------------------------------------- 1 | /* 2 | * RADIUS Dynamic Authorization Server (DAS) 3 | * Copyright (c) 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef RADIUS_DAS_H 10 | #define RADIUS_DAS_H 11 | 12 | struct radius_das_data; 13 | 14 | enum radius_das_res { 15 | RADIUS_DAS_SUCCESS, 16 | RADIUS_DAS_NAS_MISMATCH, 17 | RADIUS_DAS_SESSION_NOT_FOUND, 18 | RADIUS_DAS_MULTI_SESSION_MATCH, 19 | }; 20 | 21 | struct radius_das_attrs { 22 | /* NAS identification attributes */ 23 | const u8 *nas_ip_addr; 24 | const u8 *nas_identifier; 25 | size_t nas_identifier_len; 26 | const u8 *nas_ipv6_addr; 27 | 28 | /* Session identification attributes */ 29 | const u8 *sta_addr; 30 | const u8 *user_name; 31 | size_t user_name_len; 32 | const u8 *acct_session_id; 33 | size_t acct_session_id_len; 34 | const u8 *acct_multi_session_id; 35 | size_t acct_multi_session_id_len; 36 | const u8 *cui; 37 | size_t cui_len; 38 | }; 39 | 40 | struct radius_das_conf { 41 | int port; 42 | const u8 *shared_secret; 43 | size_t shared_secret_len; 44 | const struct hostapd_ip_addr *client_addr; 45 | unsigned int time_window; 46 | int require_event_timestamp; 47 | void *ctx; 48 | enum radius_das_res (*disconnect)(void *ctx, 49 | struct radius_das_attrs *attr); 50 | }; 51 | 52 | struct radius_das_data * 53 | radius_das_init(struct radius_das_conf *conf); 54 | 55 | void radius_das_deinit(struct radius_das_data *data); 56 | 57 | #endif /* RADIUS_DAS_H */ 58 | -------------------------------------------------------------------------------- /src/ap/vlan_init.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / VLAN initialization 3 | * Copyright 2003, Instant802 Networks, Inc. 4 | * Copyright 2005, Devicescape Software, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef VLAN_INIT_H 11 | #define VLAN_INIT_H 12 | 13 | #ifndef CONFIG_NO_VLAN 14 | int vlan_init(struct hostapd_data *hapd); 15 | void vlan_deinit(struct hostapd_data *hapd); 16 | struct hostapd_vlan * vlan_add_dynamic(struct hostapd_data *hapd, 17 | struct hostapd_vlan *vlan, 18 | int vlan_id); 19 | int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id); 20 | int vlan_setup_encryption_dyn(struct hostapd_data *hapd, 21 | struct hostapd_ssid *mssid, 22 | const char *dyn_vlan); 23 | #else /* CONFIG_NO_VLAN */ 24 | static inline int vlan_init(struct hostapd_data *hapd) 25 | { 26 | return 0; 27 | } 28 | 29 | static inline void vlan_deinit(struct hostapd_data *hapd) 30 | { 31 | } 32 | 33 | static inline struct hostapd_vlan * vlan_add_dynamic(struct hostapd_data *hapd, 34 | struct hostapd_vlan *vlan, 35 | int vlan_id) 36 | { 37 | return NULL; 38 | } 39 | 40 | static inline int vlan_remove_dynamic(struct hostapd_data *hapd, int vlan_id) 41 | { 42 | return -1; 43 | } 44 | 45 | static inline int vlan_setup_encryption_dyn(struct hostapd_data *hapd, 46 | struct hostapd_ssid *mssid, 47 | const char *dyn_vlan) 48 | { 49 | return -1; 50 | } 51 | #endif /* CONFIG_NO_VLAN */ 52 | 53 | #endif /* VLAN_INIT_H */ 54 | -------------------------------------------------------------------------------- /src/ap/x_snoop.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Generic Snooping for Proxy ARP 3 | * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef X_SNOOP_H 10 | #define X_SNOOP_H 11 | 12 | #include "l2_packet/l2_packet.h" 13 | 14 | #ifdef CONFIG_PROXYARP 15 | 16 | int x_snoop_init(struct hostapd_data *hapd); 17 | struct l2_packet_data * 18 | x_snoop_get_l2_packet(struct hostapd_data *hapd, 19 | void (*handler)(void *ctx, const u8 *src_addr, 20 | const u8 *buf, size_t len), 21 | enum l2_packet_filter_type type); 22 | void x_snoop_mcast_to_ucast_convert_send(struct hostapd_data *hapd, 23 | struct sta_info *sta, u8 *buf, 24 | size_t len); 25 | void x_snoop_deinit(struct hostapd_data *hapd); 26 | 27 | #else /* CONFIG_PROXYARP */ 28 | 29 | static inline int x_snoop_init(struct hostapd_data *hapd) 30 | { 31 | return 0; 32 | } 33 | 34 | static inline struct l2_packet_data * 35 | x_snoop_get_l2_packet(struct hostapd_data *hapd, 36 | void (*handler)(void *ctx, const u8 *src_addr, 37 | const u8 *buf, size_t len), 38 | enum l2_packet_filter_type type) 39 | { 40 | return NULL; 41 | } 42 | 43 | static inline void 44 | x_snoop_mcast_to_ucast_convert_send(struct hostapd_data *hapd, 45 | struct sta_info *sta, void *buf, 46 | size_t len) 47 | { 48 | } 49 | 50 | static inline void x_snoop_deinit(struct hostapd_data *hapd) 51 | { 52 | } 53 | 54 | #endif /* CONFIG_PROXYARP */ 55 | 56 | #endif /* X_SNOOP_H */ 57 | -------------------------------------------------------------------------------- /src/utils/uuid.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Universally Unique IDentifier (UUID) 3 | * Copyright (c) 2008, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "uuid.h" 13 | 14 | int uuid_str2bin(const char *str, u8 *bin) 15 | { 16 | const char *pos; 17 | u8 *opos; 18 | 19 | pos = str; 20 | opos = bin; 21 | 22 | if (hexstr2bin(pos, opos, 4)) 23 | return -1; 24 | pos += 8; 25 | opos += 4; 26 | 27 | if (*pos++ != '-' || hexstr2bin(pos, opos, 2)) 28 | return -1; 29 | pos += 4; 30 | opos += 2; 31 | 32 | if (*pos++ != '-' || hexstr2bin(pos, opos, 2)) 33 | return -1; 34 | pos += 4; 35 | opos += 2; 36 | 37 | if (*pos++ != '-' || hexstr2bin(pos, opos, 2)) 38 | return -1; 39 | pos += 4; 40 | opos += 2; 41 | 42 | if (*pos++ != '-' || hexstr2bin(pos, opos, 6)) 43 | return -1; 44 | 45 | return 0; 46 | } 47 | 48 | 49 | int uuid_bin2str(const u8 *bin, char *str, size_t max_len) 50 | { 51 | int len; 52 | len = os_snprintf(str, max_len, "%02x%02x%02x%02x-%02x%02x-%02x%02x-" 53 | "%02x%02x-%02x%02x%02x%02x%02x%02x", 54 | bin[0], bin[1], bin[2], bin[3], 55 | bin[4], bin[5], bin[6], bin[7], 56 | bin[8], bin[9], bin[10], bin[11], 57 | bin[12], bin[13], bin[14], bin[15]); 58 | if (os_snprintf_error(max_len, len)) 59 | return -1; 60 | return 0; 61 | } 62 | 63 | 64 | int is_nil_uuid(const u8 *uuid) 65 | { 66 | int i; 67 | for (i = 0; i < UUID_LEN; i++) 68 | if (uuid[i]) 69 | return 0; 70 | return 1; 71 | } 72 | -------------------------------------------------------------------------------- /src/utils/pcsc_funcs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * WPA Supplicant / PC/SC smartcard interface for USIM, GSM SIM 3 | * Copyright (c) 2004-2006, 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PCSC_FUNCS_H 10 | #define PCSC_FUNCS_H 11 | 12 | #ifdef PCSC_FUNCS 13 | struct scard_data * scard_init(const char *reader); 14 | void scard_deinit(struct scard_data *scard); 15 | 16 | int scard_set_pin(struct scard_data *scard, const char *pin); 17 | int scard_get_imsi(struct scard_data *scard, char *imsi, size_t *len); 18 | int scard_get_mnc_len(struct scard_data *scard); 19 | int scard_gsm_auth(struct scard_data *scard, const unsigned char *_rand, 20 | unsigned char *sres, unsigned char *kc); 21 | int scard_umts_auth(struct scard_data *scard, const unsigned char *_rand, 22 | const unsigned char *autn, 23 | unsigned char *res, size_t *res_len, 24 | unsigned char *ik, unsigned char *ck, unsigned char *auts); 25 | int scard_get_pin_retry_counter(struct scard_data *scard); 26 | int scard_supports_umts(struct scard_data *scard); 27 | 28 | #else /* PCSC_FUNCS */ 29 | 30 | #define scard_init(r) NULL 31 | #define scard_deinit(s) do { } while (0) 32 | #define scard_set_pin(s, p) -1 33 | #define scard_get_imsi(s, i, l) -1 34 | #define scard_get_mnc_len(s) -1 35 | #define scard_gsm_auth(s, r, s2, k) -1 36 | #define scard_umts_auth(s, r, a, r2, rl, i, c, a2) -1 37 | #define scard_get_pin_retry_counter(s) -1 38 | #define scard_supports_umts(s) 0 39 | 40 | #endif /* PCSC_FUNCS */ 41 | 42 | #endif /* PCSC_FUNCS_H */ 43 | -------------------------------------------------------------------------------- /src/utils/build_config.h: -------------------------------------------------------------------------------- 1 | /* 2 | * wpa_supplicant/hostapd - Build time configuration defines 3 | * Copyright (c) 2005-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | * 8 | * This header file can be used to define configuration defines that were 9 | * originally defined in Makefile. This is mainly meant for IDE use or for 10 | * systems that do not have suitable 'make' tool. In these cases, it may be 11 | * easier to have a single place for defining all the needed C pre-processor 12 | * defines. 13 | */ 14 | 15 | #ifndef BUILD_CONFIG_H 16 | #define BUILD_CONFIG_H 17 | 18 | /* Insert configuration defines, e.g., #define EAP_MD5, here, if needed. */ 19 | 20 | #ifdef CONFIG_WIN32_DEFAULTS 21 | #define CONFIG_NATIVE_WINDOWS 22 | #define CONFIG_ANSI_C_EXTRA 23 | #define CONFIG_WINPCAP 24 | #define IEEE8021X_EAPOL 25 | #define PKCS12_FUNCS 26 | #define PCSC_FUNCS 27 | #define CONFIG_CTRL_IFACE 28 | #define CONFIG_CTRL_IFACE_NAMED_PIPE 29 | #define CONFIG_DRIVER_NDIS 30 | #define CONFIG_NDIS_EVENTS_INTEGRATED 31 | #define CONFIG_DEBUG_FILE 32 | #define EAP_MD5 33 | #define EAP_TLS 34 | #define EAP_MSCHAPv2 35 | #define EAP_PEAP 36 | #define EAP_TTLS 37 | #define EAP_GTC 38 | #define EAP_OTP 39 | #define EAP_LEAP 40 | #define EAP_TNC 41 | #define _CRT_SECURE_NO_DEPRECATE 42 | 43 | #ifdef USE_INTERNAL_CRYPTO 44 | #define CONFIG_TLS_INTERNAL_CLIENT 45 | #define CONFIG_INTERNAL_LIBTOMMATH 46 | #define CONFIG_CRYPTO_INTERNAL 47 | #endif /* USE_INTERNAL_CRYPTO */ 48 | #endif /* CONFIG_WIN32_DEFAULTS */ 49 | 50 | #endif /* BUILD_CONFIG_H */ 51 | -------------------------------------------------------------------------------- /src/ap/ap_list.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / AP table 3 | * Copyright (c) 2002-2003, Jouni Malinen 4 | * Copyright (c) 2003-2004, Instant802 Networks, Inc. 5 | * Copyright (c) 2006, Devicescape Software, Inc. 6 | * 7 | * This software may be distributed under the terms of the BSD license. 8 | * See README for more details. 9 | */ 10 | 11 | #ifndef AP_LIST_H 12 | #define AP_LIST_H 13 | 14 | struct ap_info { 15 | /* Note: next/prev pointers are updated whenever a new beacon is 16 | * received because these are used to find the least recently used 17 | * entries. */ 18 | struct ap_info *next; /* next entry in AP list */ 19 | struct ap_info *prev; /* previous entry in AP list */ 20 | struct ap_info *hnext; /* next entry in hash table list */ 21 | u8 addr[6]; 22 | u8 supported_rates[WLAN_SUPP_RATES_MAX]; 23 | int erp; /* ERP Info or -1 if ERP info element not present */ 24 | 25 | int channel; 26 | 27 | int ht_support; 28 | 29 | struct os_reltime last_beacon; 30 | }; 31 | 32 | struct ieee802_11_elems; 33 | struct hostapd_frame_info; 34 | 35 | void ap_list_process_beacon(struct hostapd_iface *iface, 36 | const struct ieee80211_mgmt *mgmt, 37 | struct ieee802_11_elems *elems, 38 | struct hostapd_frame_info *fi); 39 | #ifdef NEED_AP_MLME 40 | int ap_list_init(struct hostapd_iface *iface); 41 | void ap_list_deinit(struct hostapd_iface *iface); 42 | #else /* NEED_AP_MLME */ 43 | static inline int ap_list_init(struct hostapd_iface *iface) 44 | { 45 | return 0; 46 | } 47 | 48 | static inline void ap_list_deinit(struct hostapd_iface *iface) 49 | { 50 | } 51 | #endif /* NEED_AP_MLME */ 52 | 53 | #endif /* AP_LIST_H */ 54 | -------------------------------------------------------------------------------- /src/eap_peer/ikev2.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IKEv2 responder (RFC 4306) for EAP-IKEV2 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IKEV2_H 10 | #define IKEV2_H 11 | 12 | #include "eap_common/ikev2_common.h" 13 | 14 | struct ikev2_proposal_data { 15 | u8 proposal_num; 16 | int integ; 17 | int prf; 18 | int encr; 19 | int dh; 20 | }; 21 | 22 | 23 | struct ikev2_responder_data { 24 | enum { SA_INIT, SA_AUTH, CHILD_SA, NOTIFY, IKEV2_DONE, IKEV2_FAILED } 25 | state; 26 | u8 i_spi[IKEV2_SPI_LEN]; 27 | u8 r_spi[IKEV2_SPI_LEN]; 28 | u8 i_nonce[IKEV2_NONCE_MAX_LEN]; 29 | size_t i_nonce_len; 30 | u8 r_nonce[IKEV2_NONCE_MAX_LEN]; 31 | size_t r_nonce_len; 32 | struct wpabuf *i_dh_public; 33 | struct wpabuf *r_dh_private; 34 | struct ikev2_proposal_data proposal; 35 | const struct dh_group *dh; 36 | struct ikev2_keys keys; 37 | u8 *IDi; 38 | size_t IDi_len; 39 | u8 IDi_type; 40 | u8 *IDr; 41 | size_t IDr_len; 42 | struct wpabuf *r_sign_msg; 43 | struct wpabuf *i_sign_msg; 44 | u8 *shared_secret; 45 | size_t shared_secret_len; 46 | enum { PEER_AUTH_CERT, PEER_AUTH_SECRET } peer_auth; 47 | u8 *key_pad; 48 | size_t key_pad_len; 49 | u16 error_type; 50 | enum { LAST_MSG_SA_INIT, LAST_MSG_SA_AUTH } last_msg; 51 | }; 52 | 53 | 54 | void ikev2_responder_deinit(struct ikev2_responder_data *data); 55 | int ikev2_responder_process(struct ikev2_responder_data *data, 56 | const struct wpabuf *buf); 57 | struct wpabuf * ikev2_responder_build(struct ikev2_responder_data *data); 58 | 59 | #endif /* IKEV2_H */ 60 | -------------------------------------------------------------------------------- /src/eap_peer/eap_fast_pac.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP peer method: EAP-FAST PAC file processing 3 | * Copyright (c) 2004-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_FAST_PAC_H 10 | #define EAP_FAST_PAC_H 11 | 12 | #include "eap_common/eap_fast_common.h" 13 | 14 | struct eap_fast_pac { 15 | struct eap_fast_pac *next; 16 | 17 | u8 pac_key[EAP_FAST_PAC_KEY_LEN]; 18 | u8 *pac_opaque; 19 | size_t pac_opaque_len; 20 | u8 *pac_info; 21 | size_t pac_info_len; 22 | u8 *a_id; 23 | size_t a_id_len; 24 | u8 *i_id; 25 | size_t i_id_len; 26 | u8 *a_id_info; 27 | size_t a_id_info_len; 28 | u16 pac_type; 29 | }; 30 | 31 | 32 | void eap_fast_free_pac(struct eap_fast_pac *pac); 33 | struct eap_fast_pac * eap_fast_get_pac(struct eap_fast_pac *pac_root, 34 | const u8 *a_id, size_t a_id_len, 35 | u16 pac_type); 36 | int eap_fast_add_pac(struct eap_fast_pac **pac_root, 37 | struct eap_fast_pac **pac_current, 38 | struct eap_fast_pac *entry); 39 | int eap_fast_load_pac(struct eap_sm *sm, struct eap_fast_pac **pac_root, 40 | const char *pac_file); 41 | int eap_fast_save_pac(struct eap_sm *sm, struct eap_fast_pac *pac_root, 42 | const char *pac_file); 43 | size_t eap_fast_pac_list_truncate(struct eap_fast_pac *pac_root, 44 | size_t max_len); 45 | int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root, 46 | const char *pac_file); 47 | int eap_fast_save_pac_bin(struct eap_sm *sm, struct eap_fast_pac *pac_root, 48 | const char *pac_file); 49 | 50 | #endif /* EAP_FAST_PAC_H */ 51 | -------------------------------------------------------------------------------- /src/eap_peer/eap_proxy_dummy.c: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP proxy - dummy implementation for build testing 3 | * Copyright (c) 2013 Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "eap_proxy.h" 13 | 14 | struct eap_proxy_sm * 15 | eap_proxy_init(void *eapol_ctx, struct eapol_callbacks *eapol_cb, 16 | void *msg_ctx) 17 | { 18 | return NULL; 19 | } 20 | 21 | 22 | void eap_proxy_deinit(struct eap_proxy_sm *eap_proxy) 23 | { 24 | } 25 | 26 | 27 | int eap_proxy_key_available(struct eap_proxy_sm *sm) 28 | { 29 | return 0; 30 | } 31 | 32 | 33 | const u8 * eap_proxy_get_eapKeyData(struct eap_proxy_sm *sm, size_t *len) 34 | { 35 | return NULL; 36 | } 37 | 38 | 39 | struct wpabuf * eap_proxy_get_eapRespData(struct eap_proxy_sm *sm) 40 | { 41 | return NULL; 42 | } 43 | 44 | 45 | int eap_proxy_sm_step(struct eap_proxy_sm *sm, struct eap_sm *eap_sm) 46 | { 47 | return 0; 48 | } 49 | 50 | 51 | enum eap_proxy_status 52 | eap_proxy_packet_update(struct eap_proxy_sm *eap_proxy, u8 *eapReqData, 53 | int eapReqDataLen) 54 | { 55 | return EAP_PROXY_FAILURE; 56 | } 57 | 58 | 59 | int eap_proxy_sm_get_status(struct eap_proxy_sm *sm, char *buf, size_t buflen, 60 | int verbose) 61 | { 62 | return 0; 63 | } 64 | 65 | 66 | int eap_proxy_get_imsi(struct eap_proxy_sm *eap_proxy, char *imsi_buf, 67 | size_t *imsi_len) 68 | { 69 | return -1; 70 | } 71 | 72 | 73 | int eap_proxy_notify_config(struct eap_proxy_sm *sm, 74 | struct eap_peer_config *config) 75 | { 76 | return -1; 77 | } 78 | -------------------------------------------------------------------------------- /src/common/hw_features_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Common hostapd/wpa_supplicant HW features 3 | * Copyright (c) 2002-2013, Jouni Malinen 4 | * Copyright (c) 2015, Qualcomm Atheros, Inc. 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #ifndef HW_FEATURES_COMMON_H 11 | #define HW_FEATURES_COMMON_H 12 | 13 | #include "drivers/driver.h" 14 | 15 | struct hostapd_channel_data * hw_get_channel_chan(struct hostapd_hw_modes *mode, 16 | int chan, int *freq); 17 | struct hostapd_channel_data * hw_get_channel_freq(struct hostapd_hw_modes *mode, 18 | int freq, int *chan); 19 | 20 | int hw_get_freq(struct hostapd_hw_modes *mode, int chan); 21 | int hw_get_chan(struct hostapd_hw_modes *mode, int freq); 22 | 23 | int allowed_ht40_channel_pair(struct hostapd_hw_modes *mode, int pri_chan, 24 | int sec_chan); 25 | void get_pri_sec_chan(struct wpa_scan_res *bss, int *pri_chan, int *sec_chan); 26 | int check_40mhz_5g(struct hostapd_hw_modes *mode, 27 | struct wpa_scan_results *scan_res, int pri_chan, 28 | int sec_chan); 29 | int check_20mhz_bss(struct wpa_scan_res *bss, int pri_freq, int start, int end); 30 | int check_40mhz_2g4(struct hostapd_hw_modes *mode, 31 | struct wpa_scan_results *scan_res, int pri_chan, 32 | int sec_chan); 33 | int hostapd_set_freq_params(struct hostapd_freq_params *data, 34 | enum hostapd_hw_mode mode, 35 | int freq, int channel, int ht_enabled, 36 | int vht_enabled, int sec_channel_offset, 37 | int vht_oper_chwidth, int center_segment0, 38 | int center_segment1, u32 vht_caps); 39 | 40 | #endif /* HW_FEATURES_COMMON_H */ 41 | -------------------------------------------------------------------------------- /src/eap_server/ikev2.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IKEv2 initiator (RFC 4306) for EAP-IKEV2 3 | * Copyright (c) 2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IKEV2_H 10 | #define IKEV2_H 11 | 12 | #include "eap_common/ikev2_common.h" 13 | 14 | struct ikev2_proposal_data { 15 | u8 proposal_num; 16 | int integ; 17 | int prf; 18 | int encr; 19 | int dh; 20 | }; 21 | 22 | 23 | struct ikev2_initiator_data { 24 | enum { SA_INIT, SA_AUTH, CHILD_SA, IKEV2_DONE } state; 25 | u8 i_spi[IKEV2_SPI_LEN]; 26 | u8 r_spi[IKEV2_SPI_LEN]; 27 | u8 i_nonce[IKEV2_NONCE_MAX_LEN]; 28 | size_t i_nonce_len; 29 | u8 r_nonce[IKEV2_NONCE_MAX_LEN]; 30 | size_t r_nonce_len; 31 | struct wpabuf *r_dh_public; 32 | struct wpabuf *i_dh_private; 33 | struct ikev2_proposal_data proposal; 34 | const struct dh_group *dh; 35 | struct ikev2_keys keys; 36 | u8 *IDi; 37 | size_t IDi_len; 38 | u8 *IDr; 39 | size_t IDr_len; 40 | u8 IDr_type; 41 | struct wpabuf *r_sign_msg; 42 | struct wpabuf *i_sign_msg; 43 | u8 *shared_secret; 44 | size_t shared_secret_len; 45 | enum { PEER_AUTH_CERT, PEER_AUTH_SECRET } peer_auth; 46 | u8 *key_pad; 47 | size_t key_pad_len; 48 | 49 | const u8 * (*get_shared_secret)(void *ctx, const u8 *IDr, 50 | size_t IDr_len, size_t *secret_len); 51 | void *cb_ctx; 52 | int unknown_user; 53 | }; 54 | 55 | 56 | void ikev2_initiator_deinit(struct ikev2_initiator_data *data); 57 | int ikev2_initiator_process(struct ikev2_initiator_data *data, 58 | const struct wpabuf *buf); 59 | struct wpabuf * ikev2_initiator_build(struct ikev2_initiator_data *data); 60 | 61 | #endif /* IKEV2_H */ 62 | -------------------------------------------------------------------------------- /src/crypto/fips_prf_internal.c: -------------------------------------------------------------------------------- 1 | /* 2 | * FIPS 186-2 PRF for internal crypto implementation 3 | * Copyright (c) 2006-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "sha1.h" 13 | #include "sha1_i.h" 14 | #include "crypto.h" 15 | 16 | 17 | int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen) 18 | { 19 | u8 xkey[64]; 20 | u32 t[5], _t[5]; 21 | int i, j, m, k; 22 | u8 *xpos = x; 23 | u32 carry; 24 | 25 | if (seed_len < sizeof(xkey)) 26 | os_memset(xkey + seed_len, 0, sizeof(xkey) - seed_len); 27 | else 28 | seed_len = sizeof(xkey); 29 | 30 | /* FIPS 186-2 + change notice 1 */ 31 | 32 | os_memcpy(xkey, seed, seed_len); 33 | t[0] = 0x67452301; 34 | t[1] = 0xEFCDAB89; 35 | t[2] = 0x98BADCFE; 36 | t[3] = 0x10325476; 37 | t[4] = 0xC3D2E1F0; 38 | 39 | m = xlen / 40; 40 | for (j = 0; j < m; j++) { 41 | /* XSEED_j = 0 */ 42 | for (i = 0; i < 2; i++) { 43 | /* XVAL = (XKEY + XSEED_j) mod 2^b */ 44 | 45 | /* w_i = G(t, XVAL) */ 46 | os_memcpy(_t, t, 20); 47 | SHA1Transform(_t, xkey); 48 | _t[0] = host_to_be32(_t[0]); 49 | _t[1] = host_to_be32(_t[1]); 50 | _t[2] = host_to_be32(_t[2]); 51 | _t[3] = host_to_be32(_t[3]); 52 | _t[4] = host_to_be32(_t[4]); 53 | os_memcpy(xpos, _t, 20); 54 | 55 | /* XKEY = (1 + XKEY + w_i) mod 2^b */ 56 | carry = 1; 57 | for (k = 19; k >= 0; k--) { 58 | carry += xkey[k] + xpos[k]; 59 | xkey[k] = carry & 0xff; 60 | carry >>= 8; 61 | } 62 | 63 | xpos += SHA1_MAC_LEN; 64 | } 65 | /* x_j = w_0|w_1 */ 66 | } 67 | 68 | return 0; 69 | } 70 | -------------------------------------------------------------------------------- /src/common/privsep_commands.h: -------------------------------------------------------------------------------- 1 | /* 2 | * WPA Supplicant - privilege separation commands 3 | * Copyright (c) 2007-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PRIVSEP_COMMANDS_H 10 | #define PRIVSEP_COMMANDS_H 11 | 12 | enum privsep_cmd { 13 | PRIVSEP_CMD_REGISTER, 14 | PRIVSEP_CMD_UNREGISTER, 15 | PRIVSEP_CMD_SCAN, 16 | PRIVSEP_CMD_GET_SCAN_RESULTS, 17 | PRIVSEP_CMD_ASSOCIATE, 18 | PRIVSEP_CMD_GET_BSSID, 19 | PRIVSEP_CMD_GET_SSID, 20 | PRIVSEP_CMD_SET_KEY, 21 | PRIVSEP_CMD_GET_CAPA, 22 | PRIVSEP_CMD_L2_REGISTER, 23 | PRIVSEP_CMD_L2_UNREGISTER, 24 | PRIVSEP_CMD_L2_NOTIFY_AUTH_START, 25 | PRIVSEP_CMD_L2_SEND, 26 | PRIVSEP_CMD_SET_COUNTRY, 27 | }; 28 | 29 | struct privsep_cmd_associate 30 | { 31 | u8 bssid[ETH_ALEN]; 32 | u8 ssid[32]; 33 | size_t ssid_len; 34 | int hwmode; 35 | int freq; 36 | int channel; 37 | int pairwise_suite; 38 | int group_suite; 39 | int key_mgmt_suite; 40 | int auth_alg; 41 | int mode; 42 | size_t wpa_ie_len; 43 | /* followed by wpa_ie_len bytes of wpa_ie */ 44 | }; 45 | 46 | struct privsep_cmd_set_key 47 | { 48 | int alg; 49 | u8 addr[ETH_ALEN]; 50 | int key_idx; 51 | int set_tx; 52 | u8 seq[8]; 53 | size_t seq_len; 54 | u8 key[32]; 55 | size_t key_len; 56 | }; 57 | 58 | enum privsep_event { 59 | PRIVSEP_EVENT_SCAN_RESULTS, 60 | PRIVSEP_EVENT_ASSOC, 61 | PRIVSEP_EVENT_DISASSOC, 62 | PRIVSEP_EVENT_ASSOCINFO, 63 | PRIVSEP_EVENT_MICHAEL_MIC_FAILURE, 64 | PRIVSEP_EVENT_INTERFACE_STATUS, 65 | PRIVSEP_EVENT_PMKID_CANDIDATE, 66 | PRIVSEP_EVENT_STKSTART, 67 | PRIVSEP_EVENT_FT_RESPONSE, 68 | PRIVSEP_EVENT_RX_EAPOL, 69 | }; 70 | 71 | #endif /* PRIVSEP_COMMANDS_H */ 72 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | hostapd with RTL8188 patches applied 2 | ------------------------------------ 3 | 4 | As RTL8192CU has poor support in current kernels, some distros use realtek-provided drivers which do not work with stock hostapd. This repo contains hostapd-2.4 patched to support realtek's 8192cu driver and build manifests to package it as a .deb file. This was tested to build and work on BPI-R1 (Allwinner A20) running Bananian (kernel 3.4.104+). 5 | 6 | The repo contains almost none of my code (just Debian manifests partially), all software used is described below. Follow the links to find out respective software licenses. Parts done by me are in Public Domain. 7 | 8 | Software used: 9 | -------------- 10 | 11 | * hostapd-2.4: 12 | * http://w1.fi/releases/hostapd-2.4.tar.gz 13 | * RTL8188 patch: 14 | * https://github.com/pritambaral/hostapd-rtl871xdrv 15 | * noscan patch from OpenWRT: 16 | * https://dev.openwrt.org/browser/trunk/package/network/services/hostapd/patches/300-noscan.patch 17 | * init script: 18 | * https://packages.qa.debian.org/w/wpa.html 19 | 20 | INSTALL: 21 | -------- 22 | 23 | Install the toolchain if missing: 24 | 25 | apt-get install git build-essential fakeroot devscripts debhelper libnl-dev libssl-dev 26 | 27 | then copy the repo, build and install the package: 28 | 29 | git clone https://github.com/jekader/hostapd-rtl.git 30 | cd hostapd-rtl 31 | bash build.sh 32 | dpkg -i ../hostapd-rtl_2.4-4_armhf.deb 33 | USE: 34 | ---- 35 | 36 | The sample config file is provided in /etc/hostapd/hostapd.conf - edit it for your needs (change BSSID and WPA key). 37 | Then uncomment the DAEMON_CONF line in /etc/default/hostapd to unlock the init script. 38 | Finally, start the init script: 39 | /etc/init.d/hostapd start 40 | 41 | -------------------------------------------------------------------------------- /hostapd/hostapd.8: -------------------------------------------------------------------------------- 1 | .TH HOSTAPD 8 "April 7, 2005" hostapd hostapd 2 | .SH NAME 3 | hostapd \- IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator 4 | .SH SYNOPSIS 5 | .B hostapd 6 | [\-hdBKtv] [\-P ] 7 | .SH DESCRIPTION 8 | This manual page documents briefly the 9 | .B hostapd 10 | daemon. 11 | .PP 12 | .B hostapd 13 | is a user space daemon for access point and authentication servers. 14 | It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. 15 | The current version supports Linux (Host AP, mac80211-based drivers) and FreeBSD (net80211). 16 | 17 | .B hostapd 18 | is designed to be a "daemon" program that runs in the background and acts as the backend component controlling authentication. 19 | .B hostapd 20 | supports separate frontend programs and an example text-based frontend, 21 | .BR hostapd_cli , 22 | is included with 23 | .BR hostapd . 24 | .SH OPTIONS 25 | A summary of options is included below. 26 | For a complete description, run 27 | .BR hostapd 28 | from the command line. 29 | .TP 30 | .B \-h 31 | Show usage. 32 | .TP 33 | .B \-d 34 | Show more debug messages. 35 | .TP 36 | .B \-dd 37 | Show even more debug messages. 38 | .TP 39 | .B \-B 40 | Run daemon in the background. 41 | .TP 42 | .B \-P 43 | Path to PID file. 44 | .TP 45 | .B \-K 46 | Include key data in debug messages. 47 | .TP 48 | .B \-t 49 | Include timestamps in some debug messages. 50 | .TP 51 | .B \-v 52 | Show hostapd version. 53 | .SH SEE ALSO 54 | .BR hostapd_cli (1). 55 | .SH AUTHOR 56 | hostapd was written by Jouni Malinen . 57 | .PP 58 | This manual page was written by Faidon Liambotis , 59 | for the Debian project (but may be used by others). 60 | -------------------------------------------------------------------------------- /src/drivers/driver_ndis.h: -------------------------------------------------------------------------------- 1 | /* 2 | * WPA Supplicant - Windows/NDIS driver interface 3 | * Copyright (c) 2004-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef DRIVER_NDIS_H 10 | #define DRIVER_NDIS_H 11 | 12 | #ifdef CONFIG_NDIS_EVENTS_INTEGRATED 13 | struct ndis_events_data; 14 | struct ndis_events_data * ndis_events_init(HANDLE *read_pipe, HANDLE *event, 15 | const char *ifname, 16 | const char *desc); 17 | void ndis_events_deinit(struct ndis_events_data *events); 18 | #endif /* CONFIG_NDIS_EVENTS_INTEGRATED */ 19 | 20 | struct ndis_pmkid_entry { 21 | struct ndis_pmkid_entry *next; 22 | u8 bssid[ETH_ALEN]; 23 | u8 pmkid[16]; 24 | }; 25 | 26 | struct wpa_driver_ndis_data { 27 | void *ctx; 28 | char ifname[100]; /* GUID: {7EE3EFE5-C165-472F-986D-F6FBEDFE8C8D} */ 29 | #ifdef _WIN32_WCE 30 | TCHAR *adapter_name; 31 | HANDLE event_queue; /* NDISUIO notifier MsgQueue */ 32 | HANDLE connected_event; /* WpaSupplicantConnected event */ 33 | #endif /* _WIN32_WCE */ 34 | u8 own_addr[ETH_ALEN]; 35 | #ifdef CONFIG_USE_NDISUIO 36 | HANDLE ndisuio; 37 | #else /* CONFIG_USE_NDISUIO */ 38 | LPADAPTER adapter; 39 | #endif /* CONFIG_USE_NDISUIO */ 40 | u8 bssid[ETH_ALEN]; 41 | 42 | int has_capability; 43 | int no_of_pmkid; 44 | int radio_enabled; 45 | struct wpa_driver_capa capa; 46 | struct ndis_pmkid_entry *pmkid; 47 | char *adapter_desc; 48 | int wired; 49 | int native80211; 50 | int mode; 51 | int wzc_disabled; 52 | int oid_bssid_set; 53 | #ifdef CONFIG_NDIS_EVENTS_INTEGRATED 54 | HANDLE events_pipe, event_avail; 55 | struct ndis_events_data *events; 56 | #endif /* CONFIG_NDIS_EVENTS_INTEGRATED */ 57 | }; 58 | 59 | #endif /* DRIVER_NDIS_H */ 60 | -------------------------------------------------------------------------------- /etc/init: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | ### BEGIN INIT INFO 4 | # Provides: hostapd 5 | # Required-Start: $remote_fs 6 | # Required-Stop: $remote_fs 7 | # Should-Start: $network 8 | # Should-Stop: 9 | # Default-Start: 2 3 4 5 10 | # Default-Stop: 0 1 6 11 | # Short-Description: Advanced IEEE 802.11 management daemon 12 | # Description: Userspace IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP 13 | # Authenticator 14 | ### END INIT INFO 15 | 16 | PATH=/sbin:/bin:/usr/sbin:/usr/bin 17 | DAEMON_SBIN=/usr/sbin/hostapd 18 | DAEMON_DEFS=/etc/default/hostapd 19 | DAEMON_CONF= 20 | NAME=hostapd 21 | DESC="advanced IEEE 802.11 management" 22 | PIDFILE=/var/run/hostapd.pid 23 | 24 | [ -x "$DAEMON_SBIN" ] || exit 0 25 | [ -s "$DAEMON_DEFS" ] && . /etc/default/hostapd 26 | [ -n "$DAEMON_CONF" ] || exit 0 27 | 28 | DAEMON_OPTS="-B -P $PIDFILE $DAEMON_OPTS $DAEMON_CONF" 29 | 30 | . /lib/lsb/init-functions 31 | 32 | case "$1" in 33 | start) 34 | log_daemon_msg "Starting $DESC" "$NAME" 35 | start-stop-daemon --start --oknodo --quiet --exec "$DAEMON_SBIN" \ 36 | --pidfile "$PIDFILE" -- $DAEMON_OPTS >/dev/null 37 | log_end_msg "$?" 38 | ;; 39 | stop) 40 | log_daemon_msg "Stopping $DESC" "$NAME" 41 | start-stop-daemon --stop --oknodo --quiet --exec "$DAEMON_SBIN" \ 42 | --pidfile "$PIDFILE" 43 | log_end_msg "$?" 44 | ;; 45 | reload) 46 | log_daemon_msg "Reloading $DESC" "$NAME" 47 | start-stop-daemon --stop --signal HUP --exec "$DAEMON_SBIN" \ 48 | --pidfile "$PIDFILE" 49 | log_end_msg "$?" 50 | ;; 51 | restart|force-reload) 52 | $0 stop 53 | sleep 8 54 | $0 start 55 | ;; 56 | status) 57 | status_of_proc "$DAEMON_SBIN" "$NAME" 58 | exit $? 59 | ;; 60 | *) 61 | N=/etc/init.d/$NAME 62 | echo "Usage: $N {start|stop|restart|force-reload|reload|status}" >&2 63 | exit 1 64 | ;; 65 | esac 66 | 67 | exit 0 68 | -------------------------------------------------------------------------------- /src/utils/bitfield.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Bitfield 3 | * Copyright (c) 2013, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "bitfield.h" 13 | 14 | 15 | struct bitfield { 16 | u8 *bits; 17 | size_t max_bits; 18 | }; 19 | 20 | 21 | struct bitfield * bitfield_alloc(size_t max_bits) 22 | { 23 | struct bitfield *bf; 24 | 25 | bf = os_zalloc(sizeof(*bf) + (max_bits + 7) / 8); 26 | if (bf == NULL) 27 | return NULL; 28 | bf->bits = (u8 *) (bf + 1); 29 | bf->max_bits = max_bits; 30 | return bf; 31 | } 32 | 33 | 34 | void bitfield_free(struct bitfield *bf) 35 | { 36 | os_free(bf); 37 | } 38 | 39 | 40 | void bitfield_set(struct bitfield *bf, size_t bit) 41 | { 42 | if (bit >= bf->max_bits) 43 | return; 44 | bf->bits[bit / 8] |= BIT(bit % 8); 45 | } 46 | 47 | 48 | void bitfield_clear(struct bitfield *bf, size_t bit) 49 | { 50 | if (bit >= bf->max_bits) 51 | return; 52 | bf->bits[bit / 8] &= ~BIT(bit % 8); 53 | } 54 | 55 | 56 | int bitfield_is_set(struct bitfield *bf, size_t bit) 57 | { 58 | if (bit >= bf->max_bits) 59 | return 0; 60 | return !!(bf->bits[bit / 8] & BIT(bit % 8)); 61 | } 62 | 63 | 64 | static int first_zero(u8 val) 65 | { 66 | int i; 67 | for (i = 0; i < 8; i++) { 68 | if (!(val & 0x01)) 69 | return i; 70 | val >>= 1; 71 | } 72 | return -1; 73 | } 74 | 75 | 76 | int bitfield_get_first_zero(struct bitfield *bf) 77 | { 78 | size_t i; 79 | for (i = 0; i < (bf->max_bits + 7) / 8; i++) { 80 | if (bf->bits[i] != 0xff) 81 | break; 82 | } 83 | if (i == (bf->max_bits + 7) / 8) 84 | return -1; 85 | i = i * 8 + first_zero(bf->bits[i]); 86 | if (i >= bf->max_bits) 87 | return -1; 88 | return i; 89 | } 90 | -------------------------------------------------------------------------------- /hostapd/logwatch/hostapd: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl -w 2 | # 3 | # Logwatch script for hostapd 4 | # 5 | # Copyright 2005 Henrik Brix Andersen 6 | # Distributed under the terms of the GNU General Public License v2 7 | # Alternatively, this file may be distributed under the terms of the BSD License 8 | 9 | use strict; 10 | 11 | my $debug = $ENV{'LOGWATCH_DEBUG'} || 0; 12 | my $detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; 13 | my $debugcounter = 1; 14 | 15 | my %hostapd; 16 | my @unmatched; 17 | 18 | if ($debug >= 5) { 19 | print STDERR "\n\nDEBUG: Inside HOSTAPD Filter\n\n"; 20 | } 21 | 22 | while (defined(my $line = )) { 23 | if ($debug >= 5) { 24 | print STDERR "DEBUG($debugcounter): $line"; 25 | $debugcounter++; 26 | } 27 | chomp($line); 28 | 29 | if (my ($iface,$mac,$layer,$details) = ($line =~ /(.*?): STA (.*?) (.*?): (.*?)$/i)) { 30 | unless ($detail == 10) { 31 | # collapse association events 32 | $details =~ s/^(associated) .*$/$1/i; 33 | } 34 | $hostapd{$iface}->{$mac}->{$layer}->{$details}++; 35 | } else { 36 | push @unmatched, "$line\n"; 37 | } 38 | } 39 | 40 | if (keys %hostapd) { 41 | foreach my $iface (sort keys %hostapd) { 42 | print "Interface $iface:\n"; 43 | foreach my $mac (sort keys %{$hostapd{$iface}}) { 44 | print " Client MAC Address $mac:\n"; 45 | foreach my $layer (sort keys %{$hostapd{$iface}->{$mac}}) { 46 | print " $layer:\n"; 47 | foreach my $details (sort keys %{$hostapd{$iface}->{$mac}->{$layer}}) { 48 | print " $details"; 49 | my $count = $hostapd{$iface}->{$mac}->{$layer}->{$details}; 50 | if ($count > 1) { 51 | print ": " . $count . " Times"; 52 | } 53 | print "\n"; 54 | } 55 | } 56 | } 57 | } 58 | } 59 | 60 | if ($#unmatched >= 0) { 61 | print "\n**Unmatched Entries**\n"; 62 | print @unmatched; 63 | } 64 | 65 | exit(0); 66 | -------------------------------------------------------------------------------- /src/eap_common/eap_psk_common.c: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP server/peer: EAP-PSK shared routines 3 | * Copyright (c) 2004-2006, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "crypto/aes_wrap.h" 13 | #include "eap_defs.h" 14 | #include "eap_psk_common.h" 15 | 16 | #define aes_block_size 16 17 | 18 | 19 | int eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk) 20 | { 21 | os_memset(ak, 0, aes_block_size); 22 | if (aes_128_encrypt_block(psk, ak, ak)) 23 | return -1; 24 | os_memcpy(kdk, ak, aes_block_size); 25 | ak[aes_block_size - 1] ^= 0x01; 26 | kdk[aes_block_size - 1] ^= 0x02; 27 | if (aes_128_encrypt_block(psk, ak, ak) || 28 | aes_128_encrypt_block(psk, kdk, kdk)) 29 | return -1; 30 | return 0; 31 | } 32 | 33 | 34 | int eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, u8 *msk, 35 | u8 *emsk) 36 | { 37 | u8 hash[aes_block_size]; 38 | u8 counter = 1; 39 | int i; 40 | 41 | if (aes_128_encrypt_block(kdk, rand_p, hash)) 42 | return -1; 43 | 44 | hash[aes_block_size - 1] ^= counter; 45 | if (aes_128_encrypt_block(kdk, hash, tek)) 46 | return -1; 47 | hash[aes_block_size - 1] ^= counter; 48 | counter++; 49 | 50 | for (i = 0; i < EAP_MSK_LEN / aes_block_size; i++) { 51 | hash[aes_block_size - 1] ^= counter; 52 | if (aes_128_encrypt_block(kdk, hash, &msk[i * aes_block_size])) 53 | return -1; 54 | hash[aes_block_size - 1] ^= counter; 55 | counter++; 56 | } 57 | 58 | for (i = 0; i < EAP_EMSK_LEN / aes_block_size; i++) { 59 | hash[aes_block_size - 1] ^= counter; 60 | if (aes_128_encrypt_block(kdk, hash, 61 | &emsk[i * aes_block_size])) 62 | return -1; 63 | hash[aes_block_size - 1] ^= counter; 64 | counter++; 65 | } 66 | 67 | return 0; 68 | } 69 | -------------------------------------------------------------------------------- /src/crypto/sha1-prf.c: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA1-based PRF 3 | * Copyright (c) 2003-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "sha1.h" 13 | #include "crypto.h" 14 | 15 | 16 | /** 17 | * sha1_prf - SHA1-based Pseudo-Random Function (PRF) (IEEE 802.11i, 8.5.1.1) 18 | * @key: Key for PRF 19 | * @key_len: Length of the key in bytes 20 | * @label: A unique label for each purpose of the PRF 21 | * @data: Extra data to bind into the key 22 | * @data_len: Length of the data 23 | * @buf: Buffer for the generated pseudo-random key 24 | * @buf_len: Number of bytes of key to generate 25 | * Returns: 0 on success, -1 of failure 26 | * 27 | * This function is used to derive new, cryptographically separate keys from a 28 | * given key (e.g., PMK in IEEE 802.11i). 29 | */ 30 | int sha1_prf(const u8 *key, size_t key_len, const char *label, 31 | const u8 *data, size_t data_len, u8 *buf, size_t buf_len) 32 | { 33 | u8 counter = 0; 34 | size_t pos, plen; 35 | u8 hash[SHA1_MAC_LEN]; 36 | size_t label_len = os_strlen(label) + 1; 37 | const unsigned char *addr[3]; 38 | size_t len[3]; 39 | 40 | addr[0] = (u8 *) label; 41 | len[0] = label_len; 42 | addr[1] = data; 43 | len[1] = data_len; 44 | addr[2] = &counter; 45 | len[2] = 1; 46 | 47 | pos = 0; 48 | while (pos < buf_len) { 49 | plen = buf_len - pos; 50 | if (plen >= SHA1_MAC_LEN) { 51 | if (hmac_sha1_vector(key, key_len, 3, addr, len, 52 | &buf[pos])) 53 | return -1; 54 | pos += SHA1_MAC_LEN; 55 | } else { 56 | if (hmac_sha1_vector(key, key_len, 3, addr, len, 57 | hash)) 58 | return -1; 59 | os_memcpy(&buf[pos], hash, plen); 60 | break; 61 | } 62 | counter++; 63 | } 64 | os_memset(hash, 0, sizeof(hash)); 65 | 66 | return 0; 67 | } 68 | -------------------------------------------------------------------------------- /src/eap_common/eap_ttls.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP server/peer: EAP-TTLS (RFC 5281) 3 | * Copyright (c) 2004-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_TTLS_H 10 | #define EAP_TTLS_H 11 | 12 | struct ttls_avp { 13 | be32 avp_code; 14 | be32 avp_length; /* 8-bit flags, 24-bit length; 15 | * length includes AVP header */ 16 | /* optional 32-bit Vendor-ID */ 17 | /* Data */ 18 | }; 19 | 20 | struct ttls_avp_vendor { 21 | be32 avp_code; 22 | be32 avp_length; /* 8-bit flags, 24-bit length; 23 | * length includes AVP header */ 24 | be32 vendor_id; 25 | /* Data */ 26 | }; 27 | 28 | #define AVP_FLAGS_VENDOR 0x80 29 | #define AVP_FLAGS_MANDATORY 0x40 30 | 31 | #define AVP_PAD(start, pos) \ 32 | do { \ 33 | int __pad; \ 34 | __pad = (4 - (((pos) - (start)) & 3)) & 3; \ 35 | os_memset((pos), 0, __pad); \ 36 | pos += __pad; \ 37 | } while (0) 38 | 39 | 40 | /* RFC 2865 */ 41 | #define RADIUS_ATTR_USER_NAME 1 42 | #define RADIUS_ATTR_USER_PASSWORD 2 43 | #define RADIUS_ATTR_CHAP_PASSWORD 3 44 | #define RADIUS_ATTR_REPLY_MESSAGE 18 45 | #define RADIUS_ATTR_CHAP_CHALLENGE 60 46 | #define RADIUS_ATTR_EAP_MESSAGE 79 47 | 48 | /* RFC 2548 */ 49 | #define RADIUS_VENDOR_ID_MICROSOFT 311 50 | #define RADIUS_ATTR_MS_CHAP_RESPONSE 1 51 | #define RADIUS_ATTR_MS_CHAP_ERROR 2 52 | #define RADIUS_ATTR_MS_CHAP_NT_ENC_PW 6 53 | #define RADIUS_ATTR_MS_CHAP_CHALLENGE 11 54 | #define RADIUS_ATTR_MS_CHAP2_RESPONSE 25 55 | #define RADIUS_ATTR_MS_CHAP2_SUCCESS 26 56 | #define RADIUS_ATTR_MS_CHAP2_CPW 27 57 | 58 | #define EAP_TTLS_MSCHAPV2_CHALLENGE_LEN 16 59 | #define EAP_TTLS_MSCHAPV2_RESPONSE_LEN 50 60 | #define EAP_TTLS_MSCHAP_CHALLENGE_LEN 8 61 | #define EAP_TTLS_MSCHAP_RESPONSE_LEN 50 62 | #define EAP_TTLS_CHAP_CHALLENGE_LEN 16 63 | #define EAP_TTLS_CHAP_PASSWORD_LEN 16 64 | 65 | #endif /* EAP_TTLS_H */ 66 | -------------------------------------------------------------------------------- /src/ap/bss_load.c: -------------------------------------------------------------------------------- 1 | /* 2 | * BSS Load Element / Channel Utilization 3 | * Copyright (c) 2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "utils/includes.h" 10 | 11 | #include "utils/common.h" 12 | #include "utils/eloop.h" 13 | #include "hostapd.h" 14 | #include "bss_load.h" 15 | #include "ap_drv_ops.h" 16 | #include "beacon.h" 17 | 18 | 19 | static void update_channel_utilization(void *eloop_data, void *user_data) 20 | { 21 | struct hostapd_data *hapd = eloop_data; 22 | unsigned int sec, usec; 23 | int err; 24 | 25 | if (!(hapd->beacon_set_done && hapd->started)) 26 | return; 27 | 28 | err = hostapd_drv_get_survey(hapd, hapd->iface->freq); 29 | if (err) { 30 | wpa_printf(MSG_ERROR, "BSS Load: Failed to get survey data"); 31 | return; 32 | } 33 | 34 | ieee802_11_set_beacon(hapd); 35 | 36 | sec = ((hapd->bss_load_update_timeout / 1000) * 1024) / 1000; 37 | usec = (hapd->bss_load_update_timeout % 1000) * 1024; 38 | eloop_register_timeout(sec, usec, update_channel_utilization, hapd, 39 | NULL); 40 | } 41 | 42 | 43 | int bss_load_update_init(struct hostapd_data *hapd) 44 | { 45 | struct hostapd_bss_config *conf = hapd->conf; 46 | struct hostapd_config *iconf = hapd->iconf; 47 | unsigned int sec, usec; 48 | 49 | if (!conf->bss_load_update_period || !iconf->beacon_int) 50 | return -1; 51 | 52 | hapd->bss_load_update_timeout = conf->bss_load_update_period * 53 | iconf->beacon_int; 54 | sec = ((hapd->bss_load_update_timeout / 1000) * 1024) / 1000; 55 | usec = (hapd->bss_load_update_timeout % 1000) * 1024; 56 | eloop_register_timeout(sec, usec, update_channel_utilization, hapd, 57 | NULL); 58 | return 0; 59 | } 60 | 61 | 62 | void bss_load_update_deinit(struct hostapd_data *hapd) 63 | { 64 | eloop_cancel_timeout(update_channel_utilization, hapd, NULL); 65 | } 66 | -------------------------------------------------------------------------------- /src/wps/wps_dev_attr.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Wi-Fi Protected Setup - device attributes 3 | * Copyright (c) 2008, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef WPS_DEV_ATTR_H 10 | #define WPS_DEV_ATTR_H 11 | 12 | struct wps_parse_attr; 13 | 14 | int wps_build_manufacturer(struct wps_device_data *dev, struct wpabuf *msg); 15 | int wps_build_model_name(struct wps_device_data *dev, struct wpabuf *msg); 16 | int wps_build_model_number(struct wps_device_data *dev, struct wpabuf *msg); 17 | int wps_build_serial_number(struct wps_device_data *dev, struct wpabuf *msg); 18 | int wps_build_dev_name(struct wps_device_data *dev, struct wpabuf *msg); 19 | int wps_build_device_attrs(struct wps_device_data *dev, struct wpabuf *msg); 20 | int wps_build_os_version(struct wps_device_data *dev, struct wpabuf *msg); 21 | int wps_build_vendor_ext_m1(struct wps_device_data *dev, struct wpabuf *msg); 22 | int wps_build_rf_bands(struct wps_device_data *dev, struct wpabuf *msg, 23 | u8 rf_band); 24 | int wps_build_primary_dev_type(struct wps_device_data *dev, 25 | struct wpabuf *msg); 26 | int wps_build_secondary_dev_type(struct wps_device_data *dev, 27 | struct wpabuf *msg); 28 | int wps_build_dev_name(struct wps_device_data *dev, struct wpabuf *msg); 29 | int wps_process_device_attrs(struct wps_device_data *dev, 30 | struct wps_parse_attr *attr); 31 | int wps_process_os_version(struct wps_device_data *dev, const u8 *ver); 32 | int wps_process_rf_bands(struct wps_device_data *dev, const u8 *bands); 33 | void wps_device_data_free(struct wps_device_data *dev); 34 | int wps_build_vendor_ext(struct wps_device_data *dev, struct wpabuf *msg); 35 | int wps_build_req_dev_type(struct wps_device_data *dev, struct wpabuf *msg, 36 | unsigned int num_req_dev_types, 37 | const u8 *req_dev_types); 38 | 39 | #endif /* WPS_DEV_ATTR_H */ 40 | -------------------------------------------------------------------------------- /patches/300-noscan.patch: -------------------------------------------------------------------------------- 1 | --- a/hostapd/config_file.c 2 | +++ b/hostapd/config_file.c 3 | @@ -2771,6 +2771,10 @@ static int hostapd_config_fill(struct ho 4 | } 5 | #endif /* CONFIG_IEEE80211W */ 6 | #ifdef CONFIG_IEEE80211N 7 | + } else if (os_strcmp(buf, "noscan") == 0) { 8 | + conf->noscan = atoi(pos); 9 | + } else if (os_strcmp(buf, "ht_coex") == 0) { 10 | + conf->no_ht_coex = !atoi(pos); 11 | } else if (os_strcmp(buf, "ieee80211n") == 0) { 12 | conf->ieee80211n = atoi(pos); 13 | } else if (os_strcmp(buf, "ht_capab") == 0) { 14 | --- a/src/ap/ap_config.h 15 | +++ b/src/ap/ap_config.h 16 | @@ -619,6 +619,8 @@ struct hostapd_config { 17 | 18 | int ht_op_mode_fixed; 19 | u16 ht_capab; 20 | + int noscan; 21 | + int no_ht_coex; 22 | int ieee80211n; 23 | int secondary_channel; 24 | int require_ht; 25 | --- a/src/ap/hw_features.c 26 | +++ b/src/ap/hw_features.c 27 | @@ -461,7 +461,7 @@ static int ieee80211n_check_40mhz(struct 28 | struct wpa_driver_scan_params params; 29 | int ret; 30 | 31 | - if (!iface->conf->secondary_channel) 32 | + if (!iface->conf->secondary_channel || iface->conf->noscan) 33 | return 0; /* HT40 not used */ 34 | 35 | hostapd_set_state(iface, HAPD_IFACE_HT_SCAN); 36 | --- a/src/ap/ieee802_11_ht.c 37 | +++ b/src/ap/ieee802_11_ht.c 38 | @@ -221,6 +221,9 @@ void hostapd_2040_coex_action(struct hos 39 | if (!(iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) 40 | return; 41 | 42 | + if (iface->conf->noscan || iface->conf->no_ht_coex) 43 | + return; 44 | + 45 | if (len < IEEE80211_HDRLEN + 2 + sizeof(*bc_ie)) 46 | return; 47 | 48 | @@ -346,6 +349,9 @@ void ht40_intolerant_add(struct hostapd_ 49 | if (iface->current_mode->mode != HOSTAPD_MODE_IEEE80211G) 50 | return; 51 | 52 | + if (iface->conf->noscan || iface->conf->no_ht_coex) 53 | + return; 54 | + 55 | wpa_printf(MSG_INFO, "HT: Forty MHz Intolerant is set by STA " MACSTR 56 | " in Association Request", MAC2STR(sta->addr)); 57 | 58 | -------------------------------------------------------------------------------- /src/crypto/fips_prf_openssl.c: -------------------------------------------------------------------------------- 1 | /* 2 | * FIPS 186-2 PRF for libcrypto 3 | * Copyright (c) 2004-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | #include 11 | 12 | #include "common.h" 13 | #include "crypto.h" 14 | 15 | 16 | static void sha1_transform(u8 *state, const u8 data[64]) 17 | { 18 | SHA_CTX context; 19 | os_memset(&context, 0, sizeof(context)); 20 | os_memcpy(&context.h0, state, 5 * 4); 21 | SHA1_Transform(&context, data); 22 | os_memcpy(state, &context.h0, 5 * 4); 23 | } 24 | 25 | 26 | int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen) 27 | { 28 | u8 xkey[64]; 29 | u32 t[5], _t[5]; 30 | int i, j, m, k; 31 | u8 *xpos = x; 32 | u32 carry; 33 | 34 | if (seed_len < sizeof(xkey)) 35 | os_memset(xkey + seed_len, 0, sizeof(xkey) - seed_len); 36 | else 37 | seed_len = sizeof(xkey); 38 | 39 | /* FIPS 186-2 + change notice 1 */ 40 | 41 | os_memcpy(xkey, seed, seed_len); 42 | t[0] = 0x67452301; 43 | t[1] = 0xEFCDAB89; 44 | t[2] = 0x98BADCFE; 45 | t[3] = 0x10325476; 46 | t[4] = 0xC3D2E1F0; 47 | 48 | m = xlen / 40; 49 | for (j = 0; j < m; j++) { 50 | /* XSEED_j = 0 */ 51 | for (i = 0; i < 2; i++) { 52 | /* XVAL = (XKEY + XSEED_j) mod 2^b */ 53 | 54 | /* w_i = G(t, XVAL) */ 55 | os_memcpy(_t, t, 20); 56 | sha1_transform((u8 *) _t, xkey); 57 | _t[0] = host_to_be32(_t[0]); 58 | _t[1] = host_to_be32(_t[1]); 59 | _t[2] = host_to_be32(_t[2]); 60 | _t[3] = host_to_be32(_t[3]); 61 | _t[4] = host_to_be32(_t[4]); 62 | os_memcpy(xpos, _t, 20); 63 | 64 | /* XKEY = (1 + XKEY + w_i) mod 2^b */ 65 | carry = 1; 66 | for (k = 19; k >= 0; k--) { 67 | carry += xkey[k] + xpos[k]; 68 | xkey[k] = carry & 0xff; 69 | carry >>= 8; 70 | } 71 | 72 | xpos += 20; 73 | } 74 | /* x_j = w_0|w_1 */ 75 | } 76 | 77 | return 0; 78 | } 79 | -------------------------------------------------------------------------------- /src/rsn_supp/wpa_ie.h: -------------------------------------------------------------------------------- 1 | /* 2 | * wpa_supplicant - WPA/RSN IE and KDE definitions 3 | * Copyright (c) 2004-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef WPA_IE_H 10 | #define WPA_IE_H 11 | 12 | struct wpa_sm; 13 | 14 | struct wpa_eapol_ie_parse { 15 | const u8 *wpa_ie; 16 | size_t wpa_ie_len; 17 | const u8 *rsn_ie; 18 | size_t rsn_ie_len; 19 | const u8 *pmkid; 20 | const u8 *gtk; 21 | size_t gtk_len; 22 | const u8 *mac_addr; 23 | size_t mac_addr_len; 24 | #ifdef CONFIG_PEERKEY 25 | const u8 *smk; 26 | size_t smk_len; 27 | const u8 *nonce; 28 | size_t nonce_len; 29 | const u8 *lifetime; 30 | size_t lifetime_len; 31 | const u8 *error; 32 | size_t error_len; 33 | #endif /* CONFIG_PEERKEY */ 34 | #ifdef CONFIG_IEEE80211W 35 | const u8 *igtk; 36 | size_t igtk_len; 37 | #endif /* CONFIG_IEEE80211W */ 38 | const u8 *mdie; 39 | size_t mdie_len; 40 | const u8 *ftie; 41 | size_t ftie_len; 42 | const u8 *reassoc_deadline; 43 | const u8 *key_lifetime; 44 | const u8 *lnkid; 45 | size_t lnkid_len; 46 | const u8 *ext_capab; 47 | size_t ext_capab_len; 48 | const u8 *supp_rates; 49 | size_t supp_rates_len; 50 | const u8 *ext_supp_rates; 51 | size_t ext_supp_rates_len; 52 | const u8 *ht_capabilities; 53 | size_t ht_capabilities_len; 54 | const u8 *vht_capabilities; 55 | size_t vht_capabilities_len; 56 | const u8 *supp_channels; 57 | size_t supp_channels_len; 58 | const u8 *supp_oper_classes; 59 | size_t supp_oper_classes_len; 60 | u8 qosinfo; 61 | u16 aid; 62 | const u8 *wmm; 63 | size_t wmm_len; 64 | #ifdef CONFIG_P2P 65 | const u8 *ip_addr_req; 66 | const u8 *ip_addr_alloc; 67 | #endif /* CONFIG_P2P */ 68 | }; 69 | 70 | int wpa_supplicant_parse_ies(const u8 *buf, size_t len, 71 | struct wpa_eapol_ie_parse *ie); 72 | int wpa_gen_wpa_ie(struct wpa_sm *sm, u8 *wpa_ie, size_t wpa_ie_len); 73 | 74 | #endif /* WPA_IE_H */ 75 | -------------------------------------------------------------------------------- /src/crypto/aes-wrap.c: -------------------------------------------------------------------------------- 1 | /* 2 | * AES Key Wrap Algorithm (RFC3394) 3 | * 4 | * Copyright (c) 2003-2007, Jouni Malinen 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #include "includes.h" 11 | 12 | #include "common.h" 13 | #include "aes.h" 14 | #include "aes_wrap.h" 15 | 16 | /** 17 | * aes_wrap - Wrap keys with AES Key Wrap Algorithm (RFC3394) 18 | * @kek: Key encryption key (KEK) 19 | * @kek_len: Length of KEK in octets 20 | * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 21 | * bytes 22 | * @plain: Plaintext key to be wrapped, n * 64 bits 23 | * @cipher: Wrapped key, (n + 1) * 64 bits 24 | * Returns: 0 on success, -1 on failure 25 | */ 26 | int aes_wrap(const u8 *kek, size_t kek_len, int n, const u8 *plain, u8 *cipher) 27 | { 28 | u8 *a, *r, b[AES_BLOCK_SIZE]; 29 | int i, j; 30 | void *ctx; 31 | unsigned int t; 32 | 33 | a = cipher; 34 | r = cipher + 8; 35 | 36 | /* 1) Initialize variables. */ 37 | os_memset(a, 0xa6, 8); 38 | os_memcpy(r, plain, 8 * n); 39 | 40 | ctx = aes_encrypt_init(kek, kek_len); 41 | if (ctx == NULL) 42 | return -1; 43 | 44 | /* 2) Calculate intermediate values. 45 | * For j = 0 to 5 46 | * For i=1 to n 47 | * B = AES(K, A | R[i]) 48 | * A = MSB(64, B) ^ t where t = (n*j)+i 49 | * R[i] = LSB(64, B) 50 | */ 51 | for (j = 0; j <= 5; j++) { 52 | r = cipher + 8; 53 | for (i = 1; i <= n; i++) { 54 | os_memcpy(b, a, 8); 55 | os_memcpy(b + 8, r, 8); 56 | aes_encrypt(ctx, b, b); 57 | os_memcpy(a, b, 8); 58 | t = n * j + i; 59 | a[7] ^= t; 60 | a[6] ^= t >> 8; 61 | a[5] ^= t >> 16; 62 | a[4] ^= t >> 24; 63 | os_memcpy(r, b + 8, 8); 64 | r += 8; 65 | } 66 | } 67 | aes_encrypt_deinit(ctx); 68 | 69 | /* 3) Output the results. 70 | * 71 | * These are already in @cipher due to the location of temporary 72 | * variables. 73 | */ 74 | 75 | return 0; 76 | } 77 | -------------------------------------------------------------------------------- /src/eap_server/eap_methods.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP server method registration 3 | * Copyright (c) 2004-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_SERVER_METHODS_H 10 | #define EAP_SERVER_METHODS_H 11 | 12 | #include "eap_common/eap_defs.h" 13 | 14 | const struct eap_method * eap_server_get_eap_method(int vendor, 15 | EapType method); 16 | struct eap_method * eap_server_method_alloc(int version, int vendor, 17 | EapType method, const char *name); 18 | void eap_server_method_free(struct eap_method *method); 19 | int eap_server_method_register(struct eap_method *method); 20 | 21 | EapType eap_server_get_type(const char *name, int *vendor); 22 | void eap_server_unregister_methods(void); 23 | const char * eap_server_get_name(int vendor, EapType type); 24 | 25 | /* EAP server method registration calls for statically linked in methods */ 26 | int eap_server_identity_register(void); 27 | int eap_server_md5_register(void); 28 | int eap_server_tls_register(void); 29 | int eap_server_unauth_tls_register(void); 30 | int eap_server_wfa_unauth_tls_register(void); 31 | int eap_server_mschapv2_register(void); 32 | int eap_server_peap_register(void); 33 | int eap_server_tlv_register(void); 34 | int eap_server_gtc_register(void); 35 | int eap_server_ttls_register(void); 36 | int eap_server_sim_register(void); 37 | int eap_server_aka_register(void); 38 | int eap_server_aka_prime_register(void); 39 | int eap_server_pax_register(void); 40 | int eap_server_psk_register(void); 41 | int eap_server_sake_register(void); 42 | int eap_server_gpsk_register(void); 43 | int eap_server_vendor_test_register(void); 44 | int eap_server_fast_register(void); 45 | int eap_server_wsc_register(void); 46 | int eap_server_ikev2_register(void); 47 | int eap_server_tnc_register(void); 48 | int eap_server_pwd_register(void); 49 | int eap_server_eke_register(void); 50 | 51 | #endif /* EAP_SERVER_METHODS_H */ 52 | -------------------------------------------------------------------------------- /src/utils/http-utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | * HTTP wrapper 3 | * Copyright (c) 2012-2013, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef HTTP_UTILS_H 10 | #define HTTP_UTILS_H 11 | 12 | struct http_ctx; 13 | 14 | struct http_othername { 15 | char *oid; 16 | u8 *data; 17 | size_t len; 18 | }; 19 | 20 | #define HTTP_MAX_CERT_LOGO_HASH 32 21 | 22 | struct http_logo { 23 | char *alg_oid; 24 | u8 *hash; 25 | size_t hash_len; 26 | char *uri; 27 | }; 28 | 29 | struct http_cert { 30 | char **dnsname; 31 | unsigned int num_dnsname; 32 | struct http_othername *othername; 33 | unsigned int num_othername; 34 | struct http_logo *logo; 35 | unsigned int num_logo; 36 | }; 37 | 38 | int soap_init_client(struct http_ctx *ctx, const char *address, 39 | const char *ca_fname, const char *username, 40 | const char *password, const char *client_cert, 41 | const char *client_key); 42 | int soap_reinit_client(struct http_ctx *ctx); 43 | xml_node_t * soap_send_receive(struct http_ctx *ctx, xml_node_t *node); 44 | 45 | struct http_ctx * http_init_ctx(void *upper_ctx, struct xml_node_ctx *xml_ctx); 46 | void http_ocsp_set(struct http_ctx *ctx, int val); 47 | void http_deinit_ctx(struct http_ctx *ctx); 48 | 49 | int http_download_file(struct http_ctx *ctx, const char *url, 50 | const char *fname, const char *ca_fname); 51 | char * http_post(struct http_ctx *ctx, const char *url, const char *data, 52 | const char *content_type, const char *ext_hdr, 53 | const char *ca_fname, 54 | const char *username, const char *password, 55 | const char *client_cert, const char *client_key, 56 | size_t *resp_len); 57 | void http_set_cert_cb(struct http_ctx *ctx, 58 | int (*cb)(void *ctx, struct http_cert *cert), 59 | void *cb_ctx); 60 | const char * http_get_err(struct http_ctx *ctx); 61 | void http_parse_x509_certificate(struct http_ctx *ctx, const char *fname); 62 | 63 | #endif /* HTTP_UTILS_H */ 64 | -------------------------------------------------------------------------------- /src/drivers/driver_none.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Driver interface for RADIUS server or WPS ER only (no driver) 3 | * Copyright (c) 2008, Atheros Communications 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "driver.h" 13 | 14 | 15 | struct none_driver_data { 16 | struct hostapd_data *hapd; 17 | void *ctx; 18 | }; 19 | 20 | 21 | static void * none_driver_hapd_init(struct hostapd_data *hapd, 22 | struct wpa_init_params *params) 23 | { 24 | struct none_driver_data *drv; 25 | 26 | drv = os_zalloc(sizeof(struct none_driver_data)); 27 | if (drv == NULL) { 28 | wpa_printf(MSG_ERROR, "Could not allocate memory for none " 29 | "driver data"); 30 | return NULL; 31 | } 32 | drv->hapd = hapd; 33 | 34 | return drv; 35 | } 36 | 37 | 38 | static void none_driver_hapd_deinit(void *priv) 39 | { 40 | struct none_driver_data *drv = priv; 41 | 42 | os_free(drv); 43 | } 44 | 45 | 46 | static int none_driver_send_ether(void *priv, const u8 *dst, const u8 *src, 47 | u16 proto, const u8 *data, size_t data_len) 48 | { 49 | return 0; 50 | } 51 | 52 | 53 | static void * none_driver_init(void *ctx, const char *ifname) 54 | { 55 | struct none_driver_data *drv; 56 | 57 | drv = os_zalloc(sizeof(struct none_driver_data)); 58 | if (drv == NULL) { 59 | wpa_printf(MSG_ERROR, "Could not allocate memory for none " 60 | "driver data"); 61 | return NULL; 62 | } 63 | drv->ctx = ctx; 64 | 65 | return drv; 66 | } 67 | 68 | 69 | static void none_driver_deinit(void *priv) 70 | { 71 | struct none_driver_data *drv = priv; 72 | 73 | os_free(drv); 74 | } 75 | 76 | 77 | const struct wpa_driver_ops wpa_driver_none_ops = { 78 | .name = "none", 79 | .desc = "no driver (RADIUS server/WPS ER)", 80 | .hapd_init = none_driver_hapd_init, 81 | .hapd_deinit = none_driver_hapd_deinit, 82 | .send_ether = none_driver_send_ether, 83 | .init = none_driver_init, 84 | .deinit = none_driver_deinit, 85 | }; 86 | -------------------------------------------------------------------------------- /src/pae/ieee802_1x_cp.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IEEE Std 802.1X-2010 Controlled Port of PAE state machine - CP state machine 3 | * Copyright (c) 2013, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IEEE802_1X_CP_H 10 | #define IEEE802_1X_CP_H 11 | 12 | #include "common/defs.h" 13 | #include "common/ieee802_1x_defs.h" 14 | 15 | struct ieee802_1x_cp_sm; 16 | struct ieee802_1x_kay; 17 | struct ieee802_1x_mka_ki; 18 | 19 | struct ieee802_1x_cp_conf { 20 | Boolean protect; 21 | Boolean replay_protect; 22 | enum validate_frames validate; 23 | u32 replay_window; 24 | }; 25 | 26 | 27 | struct ieee802_1x_cp_sm * 28 | ieee802_1x_cp_sm_init(struct ieee802_1x_kay *kay, 29 | struct ieee802_1x_cp_conf *pcp_conf); 30 | void ieee802_1x_cp_sm_deinit(struct ieee802_1x_cp_sm *sm); 31 | void ieee802_1x_cp_sm_step(void *cp_ctx); 32 | void ieee802_1x_cp_connect_pending(void *cp_ctx); 33 | void ieee802_1x_cp_connect_unauthenticated(void *cp_ctx); 34 | void ieee802_1x_cp_connect_authenticated(void *cp_ctx); 35 | void ieee802_1x_cp_connect_secure(void *cp_ctx); 36 | void ieee802_1x_cp_signal_chgdserver(void *cp_ctx); 37 | void ieee802_1x_cp_set_electedself(void *cp_ctx, Boolean status); 38 | void ieee802_1x_cp_set_authorizationdata(void *cp_ctx, u8 *pdata, int len); 39 | void ieee802_1x_cp_set_ciphersuite(void *cp_ctx, void *pid); 40 | void ieee802_1x_cp_set_offset(void *cp_ctx, enum confidentiality_offset offset); 41 | void ieee802_1x_cp_signal_newsak(void *cp_ctx); 42 | void ieee802_1x_cp_set_distributedki(void *cp_ctx, 43 | const struct ieee802_1x_mka_ki *dki); 44 | void ieee802_1x_cp_set_distributedan(void *cp_ctx, u8 an); 45 | void ieee802_1x_cp_set_usingreceivesas(void *cp_ctx, Boolean status); 46 | void ieee802_1x_cp_set_allreceiving(void *cp_ctx, Boolean status); 47 | void ieee802_1x_cp_set_servertransmitting(void *cp_ctx, Boolean status); 48 | void ieee802_1x_cp_set_usingtransmitas(void *cp_ctx, Boolean status); 49 | 50 | #endif /* IEEE802_1X_CP_H */ 51 | -------------------------------------------------------------------------------- /src/crypto/sha1-tprf.c: -------------------------------------------------------------------------------- 1 | /* 2 | * SHA1 T-PRF for EAP-FAST 3 | * Copyright (c) 2003-2005, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "sha1.h" 13 | #include "crypto.h" 14 | 15 | /** 16 | * sha1_t_prf - EAP-FAST Pseudo-Random Function (T-PRF) 17 | * @key: Key for PRF 18 | * @key_len: Length of the key in bytes 19 | * @label: A unique label for each purpose of the PRF 20 | * @seed: Seed value to bind into the key 21 | * @seed_len: Length of the seed 22 | * @buf: Buffer for the generated pseudo-random key 23 | * @buf_len: Number of bytes of key to generate 24 | * Returns: 0 on success, -1 of failure 25 | * 26 | * This function is used to derive new, cryptographically separate keys from a 27 | * given key for EAP-FAST. T-PRF is defined in RFC 4851, Section 5.5. 28 | */ 29 | int sha1_t_prf(const u8 *key, size_t key_len, const char *label, 30 | const u8 *seed, size_t seed_len, u8 *buf, size_t buf_len) 31 | { 32 | unsigned char counter = 0; 33 | size_t pos, plen; 34 | u8 hash[SHA1_MAC_LEN]; 35 | size_t label_len = os_strlen(label); 36 | u8 output_len[2]; 37 | const unsigned char *addr[5]; 38 | size_t len[5]; 39 | 40 | addr[0] = hash; 41 | len[0] = 0; 42 | addr[1] = (unsigned char *) label; 43 | len[1] = label_len + 1; 44 | addr[2] = seed; 45 | len[2] = seed_len; 46 | addr[3] = output_len; 47 | len[3] = 2; 48 | addr[4] = &counter; 49 | len[4] = 1; 50 | 51 | output_len[0] = (buf_len >> 8) & 0xff; 52 | output_len[1] = buf_len & 0xff; 53 | pos = 0; 54 | while (pos < buf_len) { 55 | counter++; 56 | plen = buf_len - pos; 57 | if (hmac_sha1_vector(key, key_len, 5, addr, len, hash)) 58 | return -1; 59 | if (plen >= SHA1_MAC_LEN) { 60 | os_memcpy(&buf[pos], hash, SHA1_MAC_LEN); 61 | pos += SHA1_MAC_LEN; 62 | } else { 63 | os_memcpy(&buf[pos], hash, plen); 64 | break; 65 | } 66 | len[0] = SHA1_MAC_LEN; 67 | } 68 | 69 | return 0; 70 | } 71 | -------------------------------------------------------------------------------- /src/crypto/sha256-kdf.c: -------------------------------------------------------------------------------- 1 | /* 2 | * HMAC-SHA256 KDF (RFC 5295) 3 | * Copyright (c) 2014, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "sha256.h" 13 | 14 | 15 | /** 16 | * hmac_sha256_kdf - HMAC-SHA256 based KDF (RFC 5295) 17 | * @secret: Key for KDF 18 | * @secret_len: Length of the key in bytes 19 | * @label: A unique label for each purpose of the KDF 20 | * @seed: Seed value to bind into the key 21 | * @seed_len: Length of the seed 22 | * @out: Buffer for the generated pseudo-random key 23 | * @outlen: Number of bytes of key to generate 24 | * Returns: 0 on success, -1 on failure. 25 | * 26 | * This function is used to derive new, cryptographically separate keys from a 27 | * given key in ERP. This KDF is defined in RFC 5295, Chapter 3.1.2. 28 | */ 29 | int hmac_sha256_kdf(const u8 *secret, size_t secret_len, 30 | const char *label, const u8 *seed, size_t seed_len, 31 | u8 *out, size_t outlen) 32 | { 33 | u8 T[SHA256_MAC_LEN]; 34 | u8 iter = 1; 35 | const unsigned char *addr[4]; 36 | size_t len[4]; 37 | size_t pos, clen; 38 | 39 | addr[0] = T; 40 | len[0] = SHA256_MAC_LEN; 41 | addr[1] = (const unsigned char *) label; 42 | len[1] = os_strlen(label) + 1; 43 | addr[2] = seed; 44 | len[2] = seed_len; 45 | addr[3] = &iter; 46 | len[3] = 1; 47 | 48 | if (hmac_sha256_vector(secret, secret_len, 3, &addr[1], &len[1], T) < 0) 49 | return -1; 50 | 51 | pos = 0; 52 | for (;;) { 53 | clen = outlen - pos; 54 | if (clen > SHA256_MAC_LEN) 55 | clen = SHA256_MAC_LEN; 56 | os_memcpy(out + pos, T, clen); 57 | pos += clen; 58 | 59 | if (pos == outlen) 60 | break; 61 | 62 | if (iter == 255) { 63 | os_memset(out, 0, outlen); 64 | return -1; 65 | } 66 | iter++; 67 | 68 | if (hmac_sha256_vector(secret, secret_len, 4, addr, len, T) < 0) 69 | { 70 | os_memset(out, 0, outlen); 71 | return -1; 72 | } 73 | } 74 | 75 | return 0; 76 | } 77 | -------------------------------------------------------------------------------- /src/crypto/sha256-tlsprf.c: -------------------------------------------------------------------------------- 1 | /* 2 | * TLS PRF P_SHA256 3 | * Copyright (c) 2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "sha256.h" 13 | 14 | 15 | /** 16 | * tls_prf_sha256 - Pseudo-Random Function for TLS v1.2 (P_SHA256, RFC 5246) 17 | * @secret: Key for PRF 18 | * @secret_len: Length of the key in bytes 19 | * @label: A unique label for each purpose of the PRF 20 | * @seed: Seed value to bind into the key 21 | * @seed_len: Length of the seed 22 | * @out: Buffer for the generated pseudo-random key 23 | * @outlen: Number of bytes of key to generate 24 | * Returns: 0 on success, -1 on failure. 25 | * 26 | * This function is used to derive new, cryptographically separate keys from a 27 | * given key in TLS. This PRF is defined in RFC 2246, Chapter 5. 28 | */ 29 | void tls_prf_sha256(const u8 *secret, size_t secret_len, const char *label, 30 | const u8 *seed, size_t seed_len, u8 *out, size_t outlen) 31 | { 32 | size_t clen; 33 | u8 A[SHA256_MAC_LEN]; 34 | u8 P[SHA256_MAC_LEN]; 35 | size_t pos; 36 | const unsigned char *addr[3]; 37 | size_t len[3]; 38 | 39 | addr[0] = A; 40 | len[0] = SHA256_MAC_LEN; 41 | addr[1] = (unsigned char *) label; 42 | len[1] = os_strlen(label); 43 | addr[2] = seed; 44 | len[2] = seed_len; 45 | 46 | /* 47 | * RFC 5246, Chapter 5 48 | * A(0) = seed, A(i) = HMAC(secret, A(i-1)) 49 | * P_hash = HMAC(secret, A(1) + seed) + HMAC(secret, A(2) + seed) + .. 50 | * PRF(secret, label, seed) = P_SHA256(secret, label + seed) 51 | */ 52 | 53 | hmac_sha256_vector(secret, secret_len, 2, &addr[1], &len[1], A); 54 | 55 | pos = 0; 56 | while (pos < outlen) { 57 | hmac_sha256_vector(secret, secret_len, 3, addr, len, P); 58 | hmac_sha256(secret, secret_len, A, SHA256_MAC_LEN, A); 59 | 60 | clen = outlen - pos; 61 | if (clen > SHA256_MAC_LEN) 62 | clen = SHA256_MAC_LEN; 63 | os_memcpy(out + pos, P, clen); 64 | pos += clen; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /src/eap_common/eap_psk_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP server/peer: EAP-PSK shared routines 3 | * Copyright (c) 2004-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_PSK_COMMON_H 10 | #define EAP_PSK_COMMON_H 11 | 12 | 13 | #define EAP_PSK_RAND_LEN 16 14 | #define EAP_PSK_MAC_LEN 16 15 | #define EAP_PSK_TEK_LEN 16 16 | #define EAP_PSK_PSK_LEN 16 17 | #define EAP_PSK_AK_LEN 16 18 | #define EAP_PSK_KDK_LEN 16 19 | 20 | #define EAP_PSK_R_FLAG_CONT 1 21 | #define EAP_PSK_R_FLAG_DONE_SUCCESS 2 22 | #define EAP_PSK_R_FLAG_DONE_FAILURE 3 23 | #define EAP_PSK_E_FLAG 0x20 24 | 25 | #define EAP_PSK_FLAGS_GET_T(flags) (((flags) & 0xc0) >> 6) 26 | #define EAP_PSK_FLAGS_SET_T(t) ((u8) (t) << 6) 27 | 28 | #ifdef _MSC_VER 29 | #pragma pack(push, 1) 30 | #endif /* _MSC_VER */ 31 | 32 | /* EAP-PSK First Message (AS -> Supplicant) */ 33 | struct eap_psk_hdr_1 { 34 | u8 flags; 35 | u8 rand_s[EAP_PSK_RAND_LEN]; 36 | /* Followed by variable length ID_S */ 37 | } STRUCT_PACKED; 38 | 39 | /* EAP-PSK Second Message (Supplicant -> AS) */ 40 | struct eap_psk_hdr_2 { 41 | u8 flags; 42 | u8 rand_s[EAP_PSK_RAND_LEN]; 43 | u8 rand_p[EAP_PSK_RAND_LEN]; 44 | u8 mac_p[EAP_PSK_MAC_LEN]; 45 | /* Followed by variable length ID_P */ 46 | } STRUCT_PACKED; 47 | 48 | /* EAP-PSK Third Message (AS -> Supplicant) */ 49 | struct eap_psk_hdr_3 { 50 | u8 flags; 51 | u8 rand_s[EAP_PSK_RAND_LEN]; 52 | u8 mac_s[EAP_PSK_MAC_LEN]; 53 | /* Followed by variable length PCHANNEL */ 54 | } STRUCT_PACKED; 55 | 56 | /* EAP-PSK Fourth Message (Supplicant -> AS) */ 57 | struct eap_psk_hdr_4 { 58 | u8 flags; 59 | u8 rand_s[EAP_PSK_RAND_LEN]; 60 | /* Followed by variable length PCHANNEL */ 61 | } STRUCT_PACKED; 62 | 63 | #ifdef _MSC_VER 64 | #pragma pack(pop) 65 | #endif /* _MSC_VER */ 66 | 67 | 68 | int __must_check eap_psk_key_setup(const u8 *psk, u8 *ak, u8 *kdk); 69 | int __must_check eap_psk_derive_keys(const u8 *kdk, const u8 *rand_p, u8 *tek, 70 | u8 *msk, u8 *emsk); 71 | 72 | #endif /* EAP_PSK_COMMON_H */ 73 | -------------------------------------------------------------------------------- /src/common/ieee802_1x_defs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * IEEE Std 802.1X-2010 definitions 3 | * Copyright (c) 2013-2014, Qualcomm Atheros, Inc. 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef IEEE802_1X_DEFS_H 10 | #define IEEE802_1X_DEFS_H 11 | 12 | #define CS_ID_LEN 8 13 | #define CS_ID_GCM_AES_128 {0x00, 0x80, 0x02, 0x00, 0x01, 0x00, 0x00, 0x01} 14 | #define CS_NAME_GCM_AES_128 "GCM-AES-128" 15 | 16 | enum macsec_policy { 17 | /** 18 | * Should secure sessions. 19 | * This accepts key server's advice to determine whether to secure the 20 | * session or not. 21 | */ 22 | SHOULD_SECURE, 23 | 24 | /** 25 | * Disabled MACsec - do not secure sessions. 26 | */ 27 | DO_NOT_SECURE, 28 | }; 29 | 30 | 31 | /* IEEE Std 802.1X-2010 - Table 11-6 - MACsec Capability */ 32 | enum macsec_cap { 33 | /** 34 | * MACsec is not implemented 35 | */ 36 | MACSEC_CAP_NOT_IMPLEMENTED, 37 | 38 | /** 39 | * 'Integrity without confidentiality' 40 | */ 41 | MACSEC_CAP_INTEGRITY, 42 | 43 | /** 44 | * 'Integrity without confidentiality' and 45 | * 'Integrity and confidentiality' with a confidentiality offset of 0 46 | */ 47 | MACSEC_CAP_INTEG_AND_CONF, 48 | 49 | /** 50 | * 'Integrity without confidentiality' and 51 | * 'Integrity and confidentiality' with a confidentiality offset of 0, 52 | * 30, 50 53 | */ 54 | MACSEC_CAP_INTEG_AND_CONF_0_30_50, 55 | }; 56 | 57 | enum validate_frames { 58 | Disabled, 59 | Checked, 60 | Strict, 61 | }; 62 | 63 | /* IEEE Std 802.1X-2010 - Table 11-6 - Confidentiality Offset */ 64 | enum confidentiality_offset { 65 | CONFIDENTIALITY_NONE = 0, 66 | CONFIDENTIALITY_OFFSET_0 = 1, 67 | CONFIDENTIALITY_OFFSET_30 = 2, 68 | CONFIDENTIALITY_OFFSET_50 = 3, 69 | }; 70 | 71 | /* IEEE Std 802.1X-2010 - Table 9-2 */ 72 | #define DEFAULT_PRIO_INFRA_PORT 0x10 73 | #define DEFAULT_PRIO_PRIMRAY_AP 0x30 74 | #define DEFAULT_PRIO_SECONDARY_AP 0x50 75 | #define DEFAULT_PRIO_GROUP_CA_MEMBER 0x70 76 | #define DEFAULT_PRIO_NOT_KEY_SERVER 0xFF 77 | 78 | #endif /* IEEE802_1X_DEFS_H */ 79 | -------------------------------------------------------------------------------- /src/utils/edit_simple.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Minimal command line editing 3 | * Copyright (c) 2010, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "eloop.h" 13 | #include "edit.h" 14 | 15 | 16 | #define CMD_BUF_LEN 4096 17 | static char cmdbuf[CMD_BUF_LEN]; 18 | static int cmdbuf_pos = 0; 19 | static const char *ps2 = NULL; 20 | 21 | static void *edit_cb_ctx; 22 | static void (*edit_cmd_cb)(void *ctx, char *cmd); 23 | static void (*edit_eof_cb)(void *ctx); 24 | 25 | 26 | static void edit_read_char(int sock, void *eloop_ctx, void *sock_ctx) 27 | { 28 | int c; 29 | unsigned char buf[1]; 30 | int res; 31 | 32 | res = read(sock, buf, 1); 33 | if (res < 0) 34 | perror("read"); 35 | if (res <= 0) { 36 | edit_eof_cb(edit_cb_ctx); 37 | return; 38 | } 39 | c = buf[0]; 40 | 41 | if (c == '\r' || c == '\n') { 42 | cmdbuf[cmdbuf_pos] = '\0'; 43 | cmdbuf_pos = 0; 44 | edit_cmd_cb(edit_cb_ctx, cmdbuf); 45 | printf("%s> ", ps2 ? ps2 : ""); 46 | fflush(stdout); 47 | return; 48 | } 49 | 50 | if (c >= 32 && c <= 255) { 51 | if (cmdbuf_pos < (int) sizeof(cmdbuf) - 1) { 52 | cmdbuf[cmdbuf_pos++] = c; 53 | } 54 | } 55 | } 56 | 57 | 58 | int edit_init(void (*cmd_cb)(void *ctx, char *cmd), 59 | void (*eof_cb)(void *ctx), 60 | char ** (*completion_cb)(void *ctx, const char *cmd, int pos), 61 | void *ctx, const char *history_file, const char *ps) 62 | { 63 | edit_cb_ctx = ctx; 64 | edit_cmd_cb = cmd_cb; 65 | edit_eof_cb = eof_cb; 66 | eloop_register_read_sock(STDIN_FILENO, edit_read_char, NULL, NULL); 67 | ps2 = ps; 68 | 69 | printf("%s> ", ps2 ? ps2 : ""); 70 | fflush(stdout); 71 | 72 | return 0; 73 | } 74 | 75 | 76 | void edit_deinit(const char *history_file, 77 | int (*filter_cb)(void *ctx, const char *cmd)) 78 | { 79 | eloop_unregister_read_sock(STDIN_FILENO); 80 | } 81 | 82 | 83 | void edit_clear_line(void) 84 | { 85 | } 86 | 87 | 88 | void edit_redraw(void) 89 | { 90 | cmdbuf[cmdbuf_pos] = '\0'; 91 | printf("\r> %s", cmdbuf); 92 | } 93 | -------------------------------------------------------------------------------- /src/utils/ext_password_test.c: -------------------------------------------------------------------------------- 1 | /* 2 | * External password backend 3 | * Copyright (c) 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "ext_password_i.h" 13 | 14 | 15 | struct ext_password_test_data { 16 | char *params; 17 | }; 18 | 19 | 20 | static void * ext_password_test_init(const char *params) 21 | { 22 | struct ext_password_test_data *data; 23 | 24 | data = os_zalloc(sizeof(*data)); 25 | if (data == NULL) 26 | return NULL; 27 | 28 | if (params) 29 | data->params = os_strdup(params); 30 | 31 | return data; 32 | } 33 | 34 | 35 | static void ext_password_test_deinit(void *ctx) 36 | { 37 | struct ext_password_test_data *data = ctx; 38 | 39 | str_clear_free(data->params); 40 | os_free(data); 41 | } 42 | 43 | 44 | static struct wpabuf * ext_password_test_get(void *ctx, const char *name) 45 | { 46 | struct ext_password_test_data *data = ctx; 47 | char *pos, *pos2; 48 | size_t nlen; 49 | 50 | wpa_printf(MSG_DEBUG, "EXT PW TEST: get(%s)", name); 51 | 52 | pos = data->params; 53 | if (pos == NULL) 54 | return NULL; 55 | nlen = os_strlen(name); 56 | 57 | while (pos && *pos) { 58 | if (os_strncmp(pos, name, nlen) == 0 && pos[nlen] == '=') { 59 | struct wpabuf *buf; 60 | pos += nlen + 1; 61 | pos2 = pos; 62 | while (*pos2 != '|' && *pos2 != '\0') 63 | pos2++; 64 | buf = ext_password_alloc(pos2 - pos); 65 | if (buf == NULL) 66 | return NULL; 67 | wpabuf_put_data(buf, pos, pos2 - pos); 68 | wpa_hexdump_ascii_key(MSG_DEBUG, "EXT PW TEST: value", 69 | wpabuf_head(buf), 70 | wpabuf_len(buf)); 71 | return buf; 72 | } 73 | 74 | pos = os_strchr(pos + 1, '|'); 75 | if (pos) 76 | pos++; 77 | } 78 | 79 | wpa_printf(MSG_DEBUG, "EXT PW TEST: get(%s) - not found", name); 80 | 81 | return NULL; 82 | } 83 | 84 | 85 | const struct ext_password_backend ext_password_test = { 86 | .name = "test", 87 | .init = ext_password_test_init, 88 | .deinit = ext_password_test_deinit, 89 | .get = ext_password_test_get, 90 | }; 91 | -------------------------------------------------------------------------------- /src/crypto/aes-unwrap.c: -------------------------------------------------------------------------------- 1 | /* 2 | * AES key unwrap (RFC3394) 3 | * 4 | * Copyright (c) 2003-2007, Jouni Malinen 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #include "includes.h" 11 | 12 | #include "common.h" 13 | #include "aes.h" 14 | #include "aes_wrap.h" 15 | 16 | /** 17 | * aes_unwrap - Unwrap key with AES Key Wrap Algorithm (RFC3394) 18 | * @kek: Key encryption key (KEK) 19 | * @kek_len: Length of KEK in octets 20 | * @n: Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 21 | * bytes 22 | * @cipher: Wrapped key to be unwrapped, (n + 1) * 64 bits 23 | * @plain: Plaintext key, n * 64 bits 24 | * Returns: 0 on success, -1 on failure (e.g., integrity verification failed) 25 | */ 26 | int aes_unwrap(const u8 *kek, size_t kek_len, int n, const u8 *cipher, 27 | u8 *plain) 28 | { 29 | u8 a[8], *r, b[AES_BLOCK_SIZE]; 30 | int i, j; 31 | void *ctx; 32 | unsigned int t; 33 | 34 | /* 1) Initialize variables. */ 35 | os_memcpy(a, cipher, 8); 36 | r = plain; 37 | os_memcpy(r, cipher + 8, 8 * n); 38 | 39 | ctx = aes_decrypt_init(kek, kek_len); 40 | if (ctx == NULL) 41 | return -1; 42 | 43 | /* 2) Compute intermediate values. 44 | * For j = 5 to 0 45 | * For i = n to 1 46 | * B = AES-1(K, (A ^ t) | R[i]) where t = n*j+i 47 | * A = MSB(64, B) 48 | * R[i] = LSB(64, B) 49 | */ 50 | for (j = 5; j >= 0; j--) { 51 | r = plain + (n - 1) * 8; 52 | for (i = n; i >= 1; i--) { 53 | os_memcpy(b, a, 8); 54 | t = n * j + i; 55 | b[7] ^= t; 56 | b[6] ^= t >> 8; 57 | b[5] ^= t >> 16; 58 | b[4] ^= t >> 24; 59 | 60 | os_memcpy(b + 8, r, 8); 61 | aes_decrypt(ctx, b, b); 62 | os_memcpy(a, b, 8); 63 | os_memcpy(r, b + 8, 8); 64 | r -= 8; 65 | } 66 | } 67 | aes_decrypt_deinit(ctx); 68 | 69 | /* 3) Output results. 70 | * 71 | * These are already in @plain due to the location of temporary 72 | * variables. Just verify that the IV matches with the expected value. 73 | */ 74 | for (i = 0; i < 8; i++) { 75 | if (a[i] != 0xa6) 76 | return -1; 77 | } 78 | 79 | return 0; 80 | } 81 | -------------------------------------------------------------------------------- /src/eap_common/eap_peap_common.c: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP-PEAP common routines 3 | * Copyright (c) 2008-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "crypto/sha1.h" 13 | #include "eap_peap_common.h" 14 | 15 | int peap_prfplus(int version, const u8 *key, size_t key_len, 16 | const char *label, const u8 *seed, size_t seed_len, 17 | u8 *buf, size_t buf_len) 18 | { 19 | unsigned char counter = 0; 20 | size_t pos, plen; 21 | u8 hash[SHA1_MAC_LEN]; 22 | size_t label_len = os_strlen(label); 23 | u8 extra[2]; 24 | const unsigned char *addr[5]; 25 | size_t len[5]; 26 | 27 | addr[0] = hash; 28 | len[0] = 0; 29 | addr[1] = (unsigned char *) label; 30 | len[1] = label_len; 31 | addr[2] = seed; 32 | len[2] = seed_len; 33 | 34 | if (version == 0) { 35 | /* 36 | * PRF+(K, S, LEN) = T1 | T2 | ... | Tn 37 | * T1 = HMAC-SHA1(K, S | 0x01 | 0x00 | 0x00) 38 | * T2 = HMAC-SHA1(K, T1 | S | 0x02 | 0x00 | 0x00) 39 | * ... 40 | * Tn = HMAC-SHA1(K, Tn-1 | S | n | 0x00 | 0x00) 41 | */ 42 | 43 | extra[0] = 0; 44 | extra[1] = 0; 45 | 46 | addr[3] = &counter; 47 | len[3] = 1; 48 | addr[4] = extra; 49 | len[4] = 2; 50 | } else { 51 | /* 52 | * PRF (K,S,LEN) = T1 | T2 | T3 | T4 | ... where: 53 | * T1 = HMAC-SHA1(K, S | LEN | 0x01) 54 | * T2 = HMAC-SHA1 (K, T1 | S | LEN | 0x02) 55 | * T3 = HMAC-SHA1 (K, T2 | S | LEN | 0x03) 56 | * T4 = HMAC-SHA1 (K, T3 | S | LEN | 0x04) 57 | * ... 58 | */ 59 | 60 | extra[0] = buf_len & 0xff; 61 | 62 | addr[3] = extra; 63 | len[3] = 1; 64 | addr[4] = &counter; 65 | len[4] = 1; 66 | } 67 | 68 | pos = 0; 69 | while (pos < buf_len) { 70 | counter++; 71 | plen = buf_len - pos; 72 | if (hmac_sha1_vector(key, key_len, 5, addr, len, hash) < 0) 73 | return -1; 74 | if (plen >= SHA1_MAC_LEN) { 75 | os_memcpy(&buf[pos], hash, SHA1_MAC_LEN); 76 | pos += SHA1_MAC_LEN; 77 | } else { 78 | os_memcpy(&buf[pos], hash, plen); 79 | break; 80 | } 81 | len[0] = SHA1_MAC_LEN; 82 | } 83 | 84 | return 0; 85 | } 86 | -------------------------------------------------------------------------------- /src/ap/hw_features.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd / Hardware feature query and different modes 3 | * Copyright 2002-2003, Instant802 Networks, Inc. 4 | * Copyright 2005-2006, Devicescape Software, Inc. 5 | * Copyright (c) 2008-2011, Jouni Malinen 6 | * 7 | * This software may be distributed under the terms of the BSD license. 8 | * See README for more details. 9 | */ 10 | 11 | #ifndef HW_FEATURES_H 12 | #define HW_FEATURES_H 13 | 14 | #ifdef NEED_AP_MLME 15 | void hostapd_free_hw_features(struct hostapd_hw_modes *hw_features, 16 | size_t num_hw_features); 17 | int hostapd_get_hw_features(struct hostapd_iface *iface); 18 | int hostapd_acs_completed(struct hostapd_iface *iface, int err); 19 | int hostapd_select_hw_mode(struct hostapd_iface *iface); 20 | const char * hostapd_hw_mode_txt(int mode); 21 | int hostapd_hw_get_freq(struct hostapd_data *hapd, int chan); 22 | int hostapd_hw_get_channel(struct hostapd_data *hapd, int freq); 23 | int hostapd_check_ht_capab(struct hostapd_iface *iface); 24 | int hostapd_prepare_rates(struct hostapd_iface *iface, 25 | struct hostapd_hw_modes *mode); 26 | void hostapd_stop_setup_timers(struct hostapd_iface *iface); 27 | #else /* NEED_AP_MLME */ 28 | static inline void 29 | hostapd_free_hw_features(struct hostapd_hw_modes *hw_features, 30 | size_t num_hw_features) 31 | { 32 | } 33 | 34 | static inline int hostapd_get_hw_features(struct hostapd_iface *iface) 35 | { 36 | return -1; 37 | } 38 | 39 | static inline int hostapd_select_hw_mode(struct hostapd_iface *iface) 40 | { 41 | return -100; 42 | } 43 | 44 | static inline const char * hostapd_hw_mode_txt(int mode) 45 | { 46 | return NULL; 47 | } 48 | 49 | static inline int hostapd_hw_get_freq(struct hostapd_data *hapd, int chan) 50 | { 51 | return -1; 52 | } 53 | 54 | static inline int hostapd_check_ht_capab(struct hostapd_iface *iface) 55 | { 56 | return 0; 57 | } 58 | 59 | static inline int hostapd_prepare_rates(struct hostapd_iface *iface, 60 | struct hostapd_hw_modes *mode) 61 | { 62 | return 0; 63 | } 64 | 65 | static inline void hostapd_stop_setup_timers(struct hostapd_iface *iface) 66 | { 67 | } 68 | 69 | #endif /* NEED_AP_MLME */ 70 | 71 | #endif /* HW_FEATURES_H */ 72 | -------------------------------------------------------------------------------- /src/utils/trace.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Backtrace debugging 3 | * Copyright (c) 2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TRACE_H 10 | #define TRACE_H 11 | 12 | #define WPA_TRACE_LEN 16 13 | 14 | #ifdef WPA_TRACE 15 | #include 16 | 17 | #include "list.h" 18 | 19 | #define WPA_TRACE_INFO void *btrace[WPA_TRACE_LEN]; int btrace_num; 20 | 21 | struct wpa_trace_ref { 22 | struct dl_list list; 23 | const void *addr; 24 | WPA_TRACE_INFO 25 | }; 26 | #define WPA_TRACE_REF(name) struct wpa_trace_ref wpa_trace_ref_##name 27 | 28 | #define wpa_trace_dump(title, ptr) \ 29 | wpa_trace_dump_func((title), (ptr)->btrace, (ptr)->btrace_num) 30 | void wpa_trace_dump_func(const char *title, void **btrace, int btrace_num); 31 | #define wpa_trace_record(ptr) \ 32 | (ptr)->btrace_num = backtrace((ptr)->btrace, WPA_TRACE_LEN) 33 | void wpa_trace_show(const char *title); 34 | #define wpa_trace_add_ref(ptr, name, addr) \ 35 | wpa_trace_add_ref_func(&(ptr)->wpa_trace_ref_##name, (addr)) 36 | void wpa_trace_add_ref_func(struct wpa_trace_ref *ref, const void *addr); 37 | #define wpa_trace_remove_ref(ptr, name, addr) \ 38 | do { \ 39 | if ((addr)) \ 40 | dl_list_del(&(ptr)->wpa_trace_ref_##name.list); \ 41 | } while (0) 42 | void wpa_trace_check_ref(const void *addr); 43 | size_t wpa_trace_calling_func(const char *buf[], size_t len); 44 | 45 | #else /* WPA_TRACE */ 46 | 47 | #define WPA_TRACE_INFO 48 | #define WPA_TRACE_REF(n) 49 | #define wpa_trace_dump(title, ptr) do { } while (0) 50 | #define wpa_trace_record(ptr) do { } while (0) 51 | #define wpa_trace_show(title) do { } while (0) 52 | #define wpa_trace_add_ref(ptr, name, addr) do { } while (0) 53 | #define wpa_trace_remove_ref(ptr, name, addr) do { } while (0) 54 | #define wpa_trace_check_ref(addr) do { } while (0) 55 | 56 | #endif /* WPA_TRACE */ 57 | 58 | 59 | #ifdef WPA_TRACE_BFD 60 | 61 | void wpa_trace_dump_funcname(const char *title, void *pc); 62 | 63 | #else /* WPA_TRACE_BFD */ 64 | 65 | #define wpa_trace_dump_funcname(title, pc) do { } while (0) 66 | 67 | #endif /* WPA_TRACE_BFD */ 68 | 69 | #endif /* TRACE_H */ 70 | -------------------------------------------------------------------------------- /src/rsn_supp/preauth.h: -------------------------------------------------------------------------------- 1 | /* 2 | * wpa_supplicant - WPA2/RSN pre-authentication functions 3 | * Copyright (c) 2003-2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PREAUTH_H 10 | #define PREAUTH_H 11 | 12 | struct wpa_scan_results; 13 | 14 | #ifdef IEEE8021X_EAPOL 15 | 16 | void pmksa_candidate_free(struct wpa_sm *sm); 17 | int rsn_preauth_init(struct wpa_sm *sm, const u8 *dst, 18 | struct eap_peer_config *eap_conf); 19 | void rsn_preauth_deinit(struct wpa_sm *sm); 20 | int rsn_preauth_scan_results(struct wpa_sm *sm); 21 | void rsn_preauth_scan_result(struct wpa_sm *sm, const u8 *bssid, 22 | const u8 *ssid, const u8 *rsn); 23 | void pmksa_candidate_add(struct wpa_sm *sm, const u8 *bssid, 24 | int prio, int preauth); 25 | void rsn_preauth_candidate_process(struct wpa_sm *sm); 26 | int rsn_preauth_get_status(struct wpa_sm *sm, char *buf, size_t buflen, 27 | int verbose); 28 | int rsn_preauth_in_progress(struct wpa_sm *sm); 29 | 30 | #else /* IEEE8021X_EAPOL */ 31 | 32 | static inline void pmksa_candidate_free(struct wpa_sm *sm) 33 | { 34 | } 35 | 36 | static inline void rsn_preauth_candidate_process(struct wpa_sm *sm) 37 | { 38 | } 39 | 40 | static inline int rsn_preauth_init(struct wpa_sm *sm, const u8 *dst, 41 | struct eap_peer_config *eap_conf) 42 | { 43 | return -1; 44 | } 45 | 46 | static inline void rsn_preauth_deinit(struct wpa_sm *sm) 47 | { 48 | } 49 | 50 | static inline int rsn_preauth_scan_results(struct wpa_sm *sm) 51 | { 52 | return -1; 53 | } 54 | 55 | static inline void rsn_preauth_scan_result(struct wpa_sm *sm, const u8 *bssid, 56 | const u8 *ssid, const u8 *rsn) 57 | { 58 | } 59 | 60 | static inline void pmksa_candidate_add(struct wpa_sm *sm, 61 | const u8 *bssid, 62 | int prio, int preauth) 63 | { 64 | } 65 | 66 | static inline int rsn_preauth_get_status(struct wpa_sm *sm, char *buf, 67 | size_t buflen, int verbose) 68 | { 69 | return 0; 70 | } 71 | 72 | static inline int rsn_preauth_in_progress(struct wpa_sm *sm) 73 | { 74 | return 0; 75 | } 76 | 77 | #endif /* IEEE8021X_EAPOL */ 78 | 79 | #endif /* PREAUTH_H */ 80 | -------------------------------------------------------------------------------- /src/tls/tlsv1_record.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TLSv1 Record Protocol 3 | * Copyright (c) 2006-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TLSV1_RECORD_H 10 | #define TLSV1_RECORD_H 11 | 12 | #include "crypto/crypto.h" 13 | 14 | #define TLS_MAX_WRITE_MAC_SECRET_LEN 32 15 | #define TLS_MAX_WRITE_KEY_LEN 32 16 | #define TLS_MAX_IV_LEN 16 17 | #define TLS_MAX_KEY_BLOCK_LEN (2 * (TLS_MAX_WRITE_MAC_SECRET_LEN + \ 18 | TLS_MAX_WRITE_KEY_LEN + TLS_MAX_IV_LEN)) 19 | 20 | #define TLS_SEQ_NUM_LEN 8 21 | #define TLS_RECORD_HEADER_LEN 5 22 | 23 | /* ContentType */ 24 | enum { 25 | TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC = 20, 26 | TLS_CONTENT_TYPE_ALERT = 21, 27 | TLS_CONTENT_TYPE_HANDSHAKE = 22, 28 | TLS_CONTENT_TYPE_APPLICATION_DATA = 23 29 | }; 30 | 31 | struct tlsv1_record_layer { 32 | u16 tls_version; 33 | 34 | u8 write_mac_secret[TLS_MAX_WRITE_MAC_SECRET_LEN]; 35 | u8 read_mac_secret[TLS_MAX_WRITE_MAC_SECRET_LEN]; 36 | u8 write_key[TLS_MAX_WRITE_KEY_LEN]; 37 | u8 read_key[TLS_MAX_WRITE_KEY_LEN]; 38 | u8 write_iv[TLS_MAX_IV_LEN]; 39 | u8 read_iv[TLS_MAX_IV_LEN]; 40 | 41 | size_t hash_size; 42 | size_t key_material_len; 43 | size_t iv_size; /* also block_size */ 44 | 45 | enum crypto_hash_alg hash_alg; 46 | enum crypto_cipher_alg cipher_alg; 47 | 48 | u8 write_seq_num[TLS_SEQ_NUM_LEN]; 49 | u8 read_seq_num[TLS_SEQ_NUM_LEN]; 50 | 51 | u16 cipher_suite; 52 | u16 write_cipher_suite; 53 | u16 read_cipher_suite; 54 | 55 | struct crypto_cipher *write_cbc; 56 | struct crypto_cipher *read_cbc; 57 | }; 58 | 59 | 60 | int tlsv1_record_set_cipher_suite(struct tlsv1_record_layer *rl, 61 | u16 cipher_suite); 62 | int tlsv1_record_change_write_cipher(struct tlsv1_record_layer *rl); 63 | int tlsv1_record_change_read_cipher(struct tlsv1_record_layer *rl); 64 | int tlsv1_record_send(struct tlsv1_record_layer *rl, u8 content_type, u8 *buf, 65 | size_t buf_size, const u8 *payload, size_t payload_len, 66 | size_t *out_len); 67 | int tlsv1_record_receive(struct tlsv1_record_layer *rl, 68 | const u8 *in_data, size_t in_len, 69 | u8 *out_data, size_t *out_len, u8 *alert); 70 | 71 | #endif /* TLSV1_RECORD_H */ 72 | -------------------------------------------------------------------------------- /hostapd/hostapd_cli.1: -------------------------------------------------------------------------------- 1 | .TH HOSTAPD_CLI 1 "April 7, 2005" hostapd_cli "hostapd command-line interface" 2 | .SH NAME 3 | hostapd_cli \- hostapd command-line interface 4 | .SH SYNOPSIS 5 | .B hostapd_cli 6 | [\-p] [\-i] [\-a] [\-hvB] [command..] 7 | .SH DESCRIPTION 8 | This manual page documents briefly the 9 | .B hostapd_cli 10 | utility. 11 | .PP 12 | .B hostapd_cli 13 | is a command-line interface for the 14 | .B hostapd 15 | daemon. 16 | 17 | .B hostapd 18 | is a user space daemon for access point and authentication servers. 19 | It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. 20 | For more information about 21 | .B hostapd 22 | refer to the 23 | .BR hostapd (8) 24 | man page. 25 | .SH OPTIONS 26 | A summary of options is included below. 27 | For a complete description, run 28 | .BR hostapd_cli 29 | from the command line. 30 | .TP 31 | .B \-p 32 | Path to find control sockets. 33 | 34 | Default: /var/run/hostapd 35 | .TP 36 | .B \-i 37 | Interface to listen on. 38 | 39 | Default: first interface found in socket path. 40 | .TP 41 | .B \-a 42 | Run in daemon mode executing the action file based on events from hostapd. 43 | .TP 44 | .B \-B 45 | Run a daemon in the background. 46 | .TP 47 | .B \-h 48 | Show usage. 49 | .TP 50 | .B \-v 51 | Show hostapd_cli version. 52 | .SH COMMANDS 53 | A summary of commands is included below. 54 | For a complete description, run 55 | .BR hostapd_cli 56 | from the command line. 57 | .TP 58 | .B mib 59 | Get MIB variables (dot1x, dot11, radius). 60 | .TP 61 | .B sta 62 | Get MIB variables for one station. 63 | .TP 64 | .B all_sta 65 | Get MIB variables for all stations. 66 | .TP 67 | .B help 68 | Get usage help. 69 | .TP 70 | .B interface [ifname] 71 | Show interfaces/select interface. 72 | .TP 73 | .B level 74 | Change debug level. 75 | .TP 76 | .B license 77 | Show full 78 | .B hostapd_cli 79 | license. 80 | .TP 81 | .B quit 82 | Exit hostapd_cli. 83 | .SH SEE ALSO 84 | .BR hostapd (8). 85 | .SH AUTHOR 86 | hostapd_cli was written by Jouni Malinen . 87 | .PP 88 | This manual page was written by Faidon Liambotis , 89 | for the Debian project (but may be used by others). 90 | -------------------------------------------------------------------------------- /src/crypto/aes-cbc.c: -------------------------------------------------------------------------------- 1 | /* 2 | * AES-128 CBC 3 | * 4 | * Copyright (c) 2003-2007, Jouni Malinen 5 | * 6 | * This software may be distributed under the terms of the BSD license. 7 | * See README for more details. 8 | */ 9 | 10 | #include "includes.h" 11 | 12 | #include "common.h" 13 | #include "aes.h" 14 | #include "aes_wrap.h" 15 | 16 | /** 17 | * aes_128_cbc_encrypt - AES-128 CBC encryption 18 | * @key: Encryption key 19 | * @iv: Encryption IV for CBC mode (16 bytes) 20 | * @data: Data to encrypt in-place 21 | * @data_len: Length of data in bytes (must be divisible by 16) 22 | * Returns: 0 on success, -1 on failure 23 | */ 24 | int aes_128_cbc_encrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) 25 | { 26 | void *ctx; 27 | u8 cbc[AES_BLOCK_SIZE]; 28 | u8 *pos = data; 29 | int i, j, blocks; 30 | 31 | ctx = aes_encrypt_init(key, 16); 32 | if (ctx == NULL) 33 | return -1; 34 | os_memcpy(cbc, iv, AES_BLOCK_SIZE); 35 | 36 | blocks = data_len / AES_BLOCK_SIZE; 37 | for (i = 0; i < blocks; i++) { 38 | for (j = 0; j < AES_BLOCK_SIZE; j++) 39 | cbc[j] ^= pos[j]; 40 | aes_encrypt(ctx, cbc, cbc); 41 | os_memcpy(pos, cbc, AES_BLOCK_SIZE); 42 | pos += AES_BLOCK_SIZE; 43 | } 44 | aes_encrypt_deinit(ctx); 45 | return 0; 46 | } 47 | 48 | 49 | /** 50 | * aes_128_cbc_decrypt - AES-128 CBC decryption 51 | * @key: Decryption key 52 | * @iv: Decryption IV for CBC mode (16 bytes) 53 | * @data: Data to decrypt in-place 54 | * @data_len: Length of data in bytes (must be divisible by 16) 55 | * Returns: 0 on success, -1 on failure 56 | */ 57 | int aes_128_cbc_decrypt(const u8 *key, const u8 *iv, u8 *data, size_t data_len) 58 | { 59 | void *ctx; 60 | u8 cbc[AES_BLOCK_SIZE], tmp[AES_BLOCK_SIZE]; 61 | u8 *pos = data; 62 | int i, j, blocks; 63 | 64 | ctx = aes_decrypt_init(key, 16); 65 | if (ctx == NULL) 66 | return -1; 67 | os_memcpy(cbc, iv, AES_BLOCK_SIZE); 68 | 69 | blocks = data_len / AES_BLOCK_SIZE; 70 | for (i = 0; i < blocks; i++) { 71 | os_memcpy(tmp, pos, AES_BLOCK_SIZE); 72 | aes_decrypt(ctx, pos, pos); 73 | for (j = 0; j < AES_BLOCK_SIZE; j++) 74 | pos[j] ^= cbc[j]; 75 | os_memcpy(cbc, tmp, AES_BLOCK_SIZE); 76 | pos += AES_BLOCK_SIZE; 77 | } 78 | aes_decrypt_deinit(ctx); 79 | return 0; 80 | } 81 | -------------------------------------------------------------------------------- /src/tls/tlsv1_server.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TLS v1.0/v1.1/v1.2 server (RFC 2246, RFC 4346, RFC 5246) 3 | * Copyright (c) 2006-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TLSV1_SERVER_H 10 | #define TLSV1_SERVER_H 11 | 12 | #include "tlsv1_cred.h" 13 | 14 | struct tlsv1_server; 15 | 16 | int tlsv1_server_global_init(void); 17 | void tlsv1_server_global_deinit(void); 18 | struct tlsv1_server * tlsv1_server_init(struct tlsv1_credentials *cred); 19 | void tlsv1_server_deinit(struct tlsv1_server *conn); 20 | int tlsv1_server_established(struct tlsv1_server *conn); 21 | int tlsv1_server_prf(struct tlsv1_server *conn, const char *label, 22 | int server_random_first, u8 *out, size_t out_len); 23 | u8 * tlsv1_server_handshake(struct tlsv1_server *conn, 24 | const u8 *in_data, size_t in_len, size_t *out_len); 25 | int tlsv1_server_encrypt(struct tlsv1_server *conn, 26 | const u8 *in_data, size_t in_len, 27 | u8 *out_data, size_t out_len); 28 | int tlsv1_server_decrypt(struct tlsv1_server *conn, 29 | const u8 *in_data, size_t in_len, 30 | u8 *out_data, size_t out_len); 31 | int tlsv1_server_get_cipher(struct tlsv1_server *conn, char *buf, 32 | size_t buflen); 33 | int tlsv1_server_shutdown(struct tlsv1_server *conn); 34 | int tlsv1_server_resumed(struct tlsv1_server *conn); 35 | int tlsv1_server_get_keys(struct tlsv1_server *conn, struct tls_keys *keys); 36 | int tlsv1_server_get_keyblock_size(struct tlsv1_server *conn); 37 | int tlsv1_server_set_cipher_list(struct tlsv1_server *conn, u8 *ciphers); 38 | int tlsv1_server_set_verify(struct tlsv1_server *conn, int verify_peer); 39 | 40 | typedef int (*tlsv1_server_session_ticket_cb) 41 | (void *ctx, const u8 *ticket, size_t len, const u8 *client_random, 42 | const u8 *server_random, u8 *master_secret); 43 | 44 | void tlsv1_server_set_session_ticket_cb(struct tlsv1_server *conn, 45 | tlsv1_server_session_ticket_cb cb, 46 | void *ctx); 47 | 48 | void tlsv1_server_set_log_cb(struct tlsv1_server *conn, 49 | void (*cb)(void *ctx, const char *msg), void *ctx); 50 | 51 | void tlsv1_server_set_test_flags(struct tlsv1_server *conn, u32 flags); 52 | 53 | #endif /* TLSV1_SERVER_H */ 54 | -------------------------------------------------------------------------------- /src/drivers/android_drv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Android driver interface 3 | * 4 | * This software may be distributed under the terms of the BSD license. 5 | * See README for more details. 6 | */ 7 | 8 | #ifndef ANDROID_DRV_H 9 | #define ANDROID_DRV_H 10 | 11 | #define WPA_EVENT_DRIVER_STATE "CTRL-EVENT-DRIVER-STATE " 12 | 13 | #define MAX_SSID_LEN 32 14 | 15 | #define MAX_DRV_CMD_SIZE 248 16 | #define DRV_NUMBER_SEQUENTIAL_ERRORS 4 17 | 18 | #define WEXT_PNOSETUP_HEADER "PNOSETUP " 19 | #define WEXT_PNOSETUP_HEADER_SIZE 9 20 | #define WEXT_PNO_TLV_PREFIX 'S' 21 | #define WEXT_PNO_TLV_VERSION '1' 22 | #define WEXT_PNO_TLV_SUBVERSION '2' 23 | #define WEXT_PNO_TLV_RESERVED '0' 24 | #define WEXT_PNO_VERSION_SIZE 4 25 | #define WEXT_PNO_AMOUNT 16 26 | #define WEXT_PNO_SSID_SECTION 'S' 27 | /* SSID header size is SSID section type above + SSID length */ 28 | #define WEXT_PNO_SSID_HEADER_SIZE 2 29 | #define WEXT_PNO_SCAN_INTERVAL_SECTION 'T' 30 | #define WEXT_PNO_SCAN_INTERVAL_LENGTH 2 31 | #define WEXT_PNO_SCAN_INTERVAL 30 32 | /* Scan interval size is scan interval section type + scan interval length 33 | * above */ 34 | #define WEXT_PNO_SCAN_INTERVAL_SIZE (1 + WEXT_PNO_SCAN_INTERVAL_LENGTH) 35 | #define WEXT_PNO_REPEAT_SECTION 'R' 36 | #define WEXT_PNO_REPEAT_LENGTH 1 37 | #define WEXT_PNO_REPEAT 4 38 | /* Repeat section size is Repeat section type + Repeat value length above */ 39 | #define WEXT_PNO_REPEAT_SIZE (1 + WEXT_PNO_REPEAT_LENGTH) 40 | #define WEXT_PNO_MAX_REPEAT_SECTION 'M' 41 | #define WEXT_PNO_MAX_REPEAT_LENGTH 1 42 | #define WEXT_PNO_MAX_REPEAT 3 43 | /* Max Repeat section size is Max Repeat section type + Max Repeat value length 44 | * above */ 45 | #define WEXT_PNO_MAX_REPEAT_SIZE (1 + WEXT_PNO_MAX_REPEAT_LENGTH) 46 | /* This corresponds to the size of all sections expect SSIDs */ 47 | #define WEXT_PNO_NONSSID_SECTIONS_SIZE \ 48 | (WEXT_PNO_SCAN_INTERVAL_SIZE + WEXT_PNO_REPEAT_SIZE + WEXT_PNO_MAX_REPEAT_SIZE) 49 | /* PNO Max command size is total of header, version, ssid and other sections + 50 | * Null termination */ 51 | #define WEXT_PNO_MAX_COMMAND_SIZE \ 52 | (WEXT_PNOSETUP_HEADER_SIZE + WEXT_PNO_VERSION_SIZE \ 53 | + WEXT_PNO_AMOUNT * (WEXT_PNO_SSID_HEADER_SIZE + MAX_SSID_LEN) \ 54 | + WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) 55 | 56 | #endif /* ANDROID_DRV_H */ 57 | -------------------------------------------------------------------------------- /src/eap_common/eap_pwd_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP server/peer: EAP-pwd shared definitions 3 | * Copyright (c) 2009, Dan Harkins 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_PWD_COMMON_H 10 | #define EAP_PWD_COMMON_H 11 | 12 | #include 13 | #include 14 | #include 15 | 16 | /* 17 | * definition of a finite cyclic group 18 | * TODO: support one based on a prime field 19 | */ 20 | typedef struct group_definition_ { 21 | u16 group_num; 22 | EC_GROUP *group; 23 | EC_POINT *pwe; 24 | BIGNUM *order; 25 | BIGNUM *prime; 26 | } EAP_PWD_group; 27 | 28 | /* 29 | * EAP-pwd header, included on all payloads 30 | * L(1 bit) | M(1 bit) | exch(6 bits) | total_length(if L is set) 31 | */ 32 | #define EAP_PWD_HDR_SIZE 1 33 | 34 | #define EAP_PWD_OPCODE_ID_EXCH 1 35 | #define EAP_PWD_OPCODE_COMMIT_EXCH 2 36 | #define EAP_PWD_OPCODE_CONFIRM_EXCH 3 37 | #define EAP_PWD_GET_LENGTH_BIT(x) ((x) & 0x80) 38 | #define EAP_PWD_SET_LENGTH_BIT(x) ((x) |= 0x80) 39 | #define EAP_PWD_GET_MORE_BIT(x) ((x) & 0x40) 40 | #define EAP_PWD_SET_MORE_BIT(x) ((x) |= 0x40) 41 | #define EAP_PWD_GET_EXCHANGE(x) ((x) & 0x3f) 42 | #define EAP_PWD_SET_EXCHANGE(x,y) ((x) |= (y)) 43 | 44 | /* EAP-pwd-ID payload */ 45 | struct eap_pwd_id { 46 | be16 group_num; 47 | u8 random_function; 48 | #define EAP_PWD_DEFAULT_RAND_FUNC 1 49 | u8 prf; 50 | #define EAP_PWD_DEFAULT_PRF 1 51 | u8 token[4]; 52 | u8 prep; 53 | #define EAP_PWD_PREP_NONE 0 54 | #define EAP_PWD_PREP_MS 1 55 | u8 identity[0]; /* length inferred from payload */ 56 | } STRUCT_PACKED; 57 | 58 | /* common routines */ 59 | int compute_password_element(EAP_PWD_group *, u16, u8 *, int, u8 *, int, u8 *, 60 | int, u8 *); 61 | int compute_keys(EAP_PWD_group *, BN_CTX *, BIGNUM *, BIGNUM *, BIGNUM *, 62 | u8 *, u8 *, u32 *, u8 *, u8 *, u8 *); 63 | struct crypto_hash * eap_pwd_h_init(void); 64 | void eap_pwd_h_update(struct crypto_hash *hash, const u8 *data, size_t len); 65 | void eap_pwd_h_final(struct crypto_hash *hash, u8 *digest); 66 | 67 | #endif /* EAP_PWD_COMMON_H */ 68 | -------------------------------------------------------------------------------- /src/ap/utils.c: -------------------------------------------------------------------------------- 1 | /* 2 | * AP mode helper functions 3 | * Copyright (c) 2009, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #include "includes.h" 10 | 11 | #include "common.h" 12 | #include "common/ieee802_11_defs.h" 13 | #include "sta_info.h" 14 | #include "hostapd.h" 15 | 16 | 17 | int hostapd_register_probereq_cb(struct hostapd_data *hapd, 18 | int (*cb)(void *ctx, const u8 *sa, 19 | const u8 *da, const u8 *bssid, 20 | const u8 *ie, size_t ie_len, 21 | int ssi_signal), 22 | void *ctx) 23 | { 24 | struct hostapd_probereq_cb *n; 25 | 26 | n = os_realloc_array(hapd->probereq_cb, hapd->num_probereq_cb + 1, 27 | sizeof(struct hostapd_probereq_cb)); 28 | if (n == NULL) 29 | return -1; 30 | 31 | hapd->probereq_cb = n; 32 | n = &hapd->probereq_cb[hapd->num_probereq_cb]; 33 | hapd->num_probereq_cb++; 34 | 35 | n->cb = cb; 36 | n->ctx = ctx; 37 | 38 | return 0; 39 | } 40 | 41 | 42 | struct prune_data { 43 | struct hostapd_data *hapd; 44 | const u8 *addr; 45 | }; 46 | 47 | static int prune_associations(struct hostapd_iface *iface, void *ctx) 48 | { 49 | struct prune_data *data = ctx; 50 | struct sta_info *osta; 51 | struct hostapd_data *ohapd; 52 | size_t j; 53 | 54 | for (j = 0; j < iface->num_bss; j++) { 55 | ohapd = iface->bss[j]; 56 | if (ohapd == data->hapd) 57 | continue; 58 | osta = ap_get_sta(ohapd, data->addr); 59 | if (!osta) 60 | continue; 61 | 62 | ap_sta_disassociate(ohapd, osta, WLAN_REASON_UNSPECIFIED); 63 | } 64 | 65 | return 0; 66 | } 67 | 68 | /** 69 | * hostapd_prune_associations - Remove extraneous associations 70 | * @hapd: Pointer to BSS data for the most recent association 71 | * @addr: Associated STA address 72 | * 73 | * This function looks through all radios and BSS's for previous 74 | * (stale) associations of STA. If any are found they are removed. 75 | */ 76 | void hostapd_prune_associations(struct hostapd_data *hapd, const u8 *addr) 77 | { 78 | struct prune_data data; 79 | data.hapd = hapd; 80 | data.addr = addr; 81 | if (hapd->iface->interfaces && 82 | hapd->iface->interfaces->for_each_interface) 83 | hapd->iface->interfaces->for_each_interface( 84 | hapd->iface->interfaces, prune_associations, &data); 85 | } 86 | -------------------------------------------------------------------------------- /src/eap_common/eap_gpsk_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * EAP server/peer: EAP-GPSK shared routines 3 | * Copyright (c) 2006-2007, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef EAP_GPSK_COMMON_H 10 | #define EAP_GPSK_COMMON_H 11 | 12 | #define EAP_GPSK_OPCODE_GPSK_1 1 13 | #define EAP_GPSK_OPCODE_GPSK_2 2 14 | #define EAP_GPSK_OPCODE_GPSK_3 3 15 | #define EAP_GPSK_OPCODE_GPSK_4 4 16 | #define EAP_GPSK_OPCODE_FAIL 5 17 | #define EAP_GPSK_OPCODE_PROTECTED_FAIL 6 18 | 19 | /* Failure-Code in GPSK-Fail and GPSK-Protected-Fail */ 20 | #define EAP_GPSK_FAIL_PSK_NOT_FOUND 0x00000001 21 | #define EAP_GPSK_FAIL_AUTHENTICATION_FAILURE 0x00000002 22 | #define EAP_GPSK_FAIL_AUTHORIZATION_FAILURE 0x00000003 23 | 24 | #define EAP_GPSK_RAND_LEN 32 25 | #define EAP_GPSK_MAX_SK_LEN 32 26 | #define EAP_GPSK_MAX_PK_LEN 32 27 | #define EAP_GPSK_MAX_MIC_LEN 32 28 | 29 | #define EAP_GPSK_VENDOR_IETF 0x00000000 30 | #define EAP_GPSK_CIPHER_RESERVED 0x000000 31 | #define EAP_GPSK_CIPHER_AES 0x000001 32 | #define EAP_GPSK_CIPHER_SHA256 0x000002 33 | 34 | 35 | #ifdef _MSC_VER 36 | #pragma pack(push, 1) 37 | #endif /* _MSC_VER */ 38 | 39 | struct eap_gpsk_csuite { 40 | u8 vendor[4]; 41 | u8 specifier[2]; 42 | } STRUCT_PACKED; 43 | 44 | #ifdef _MSC_VER 45 | #pragma pack(pop) 46 | #endif /* _MSC_VER */ 47 | 48 | int eap_gpsk_supported_ciphersuite(int vendor, int specifier); 49 | int eap_gpsk_derive_keys(const u8 *psk, size_t psk_len, int vendor, 50 | int specifier, 51 | const u8 *rand_client, const u8 *rand_server, 52 | const u8 *id_client, size_t id_client_len, 53 | const u8 *id_server, size_t id_server_len, 54 | u8 *msk, u8 *emsk, u8 *sk, size_t *sk_len, 55 | u8 *pk, size_t *pk_len); 56 | int eap_gpsk_derive_session_id(const u8 *psk, size_t psk_len, int vendor, 57 | int specifier, 58 | const u8 *rand_peer, const u8 *rand_server, 59 | const u8 *id_peer, size_t id_peer_len, 60 | const u8 *id_server, size_t id_server_len, 61 | u8 method_type, u8 *sid, size_t *sid_len); 62 | size_t eap_gpsk_mic_len(int vendor, int specifier); 63 | int eap_gpsk_compute_mic(const u8 *sk, size_t sk_len, int vendor, 64 | int specifier, const u8 *data, size_t len, u8 *mic); 65 | 66 | #endif /* EAP_GPSK_COMMON_H */ 67 | -------------------------------------------------------------------------------- /src/ap/pmksa_cache_auth.h: -------------------------------------------------------------------------------- 1 | /* 2 | * hostapd - PMKSA cache for IEEE 802.11i RSN 3 | * Copyright (c) 2004-2008, 2012, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef PMKSA_CACHE_H 10 | #define PMKSA_CACHE_H 11 | 12 | #include "radius/radius.h" 13 | 14 | /** 15 | * struct rsn_pmksa_cache_entry - PMKSA cache entry 16 | */ 17 | struct rsn_pmksa_cache_entry { 18 | struct rsn_pmksa_cache_entry *next, *hnext; 19 | u8 pmkid[PMKID_LEN]; 20 | u8 pmk[PMK_LEN]; 21 | size_t pmk_len; 22 | os_time_t expiration; 23 | int akmp; /* WPA_KEY_MGMT_* */ 24 | u8 spa[ETH_ALEN]; 25 | 26 | u8 *identity; 27 | size_t identity_len; 28 | struct wpabuf *cui; 29 | struct radius_class_data radius_class; 30 | u8 eap_type_authsrv; 31 | int vlan_id; 32 | int opportunistic; 33 | 34 | u32 acct_multi_session_id_hi; 35 | u32 acct_multi_session_id_lo; 36 | }; 37 | 38 | struct rsn_pmksa_cache; 39 | 40 | struct rsn_pmksa_cache * 41 | pmksa_cache_auth_init(void (*free_cb)(struct rsn_pmksa_cache_entry *entry, 42 | void *ctx), void *ctx); 43 | void pmksa_cache_auth_deinit(struct rsn_pmksa_cache *pmksa); 44 | struct rsn_pmksa_cache_entry * 45 | pmksa_cache_auth_get(struct rsn_pmksa_cache *pmksa, 46 | const u8 *spa, const u8 *pmkid); 47 | struct rsn_pmksa_cache_entry * pmksa_cache_get_okc( 48 | struct rsn_pmksa_cache *pmksa, const u8 *spa, const u8 *aa, 49 | const u8 *pmkid); 50 | struct rsn_pmksa_cache_entry * 51 | pmksa_cache_auth_add(struct rsn_pmksa_cache *pmksa, 52 | const u8 *pmk, size_t pmk_len, 53 | const u8 *kck, size_t kck_len, 54 | const u8 *aa, const u8 *spa, int session_timeout, 55 | struct eapol_state_machine *eapol, int akmp); 56 | struct rsn_pmksa_cache_entry * 57 | pmksa_cache_add_okc(struct rsn_pmksa_cache *pmksa, 58 | const struct rsn_pmksa_cache_entry *old_entry, 59 | const u8 *aa, const u8 *pmkid); 60 | void pmksa_cache_to_eapol_data(struct rsn_pmksa_cache_entry *entry, 61 | struct eapol_state_machine *eapol); 62 | void pmksa_cache_free_entry(struct rsn_pmksa_cache *pmksa, 63 | struct rsn_pmksa_cache_entry *entry); 64 | int pmksa_cache_auth_radius_das_disconnect(struct rsn_pmksa_cache *pmksa, 65 | struct radius_das_attrs *attr); 66 | 67 | #endif /* PMKSA_CACHE_H */ 68 | -------------------------------------------------------------------------------- /src/tls/tlsv1_client.h: -------------------------------------------------------------------------------- 1 | /* 2 | * TLS v1.0/v1.1/v1.2 client (RFC 2246, RFC 4346, RFC 5246) 3 | * Copyright (c) 2006-2011, Jouni Malinen 4 | * 5 | * This software may be distributed under the terms of the BSD license. 6 | * See README for more details. 7 | */ 8 | 9 | #ifndef TLSV1_CLIENT_H 10 | #define TLSV1_CLIENT_H 11 | 12 | #include "tlsv1_cred.h" 13 | 14 | struct tlsv1_client; 15 | 16 | int tlsv1_client_global_init(void); 17 | void tlsv1_client_global_deinit(void); 18 | struct tlsv1_client * tlsv1_client_init(void); 19 | void tlsv1_client_deinit(struct tlsv1_client *conn); 20 | int tlsv1_client_established(struct tlsv1_client *conn); 21 | int tlsv1_client_prf(struct tlsv1_client *conn, const char *label, 22 | int server_random_first, u8 *out, size_t out_len); 23 | u8 * tlsv1_client_handshake(struct tlsv1_client *conn, 24 | const u8 *in_data, size_t in_len, 25 | size_t *out_len, u8 **appl_data, 26 | size_t *appl_data_len, int *need_more_data); 27 | int tlsv1_client_encrypt(struct tlsv1_client *conn, 28 | const u8 *in_data, size_t in_len, 29 | u8 *out_data, size_t out_len); 30 | struct wpabuf * tlsv1_client_decrypt(struct tlsv1_client *conn, 31 | const u8 *in_data, size_t in_len, 32 | int *need_more_data); 33 | int tlsv1_client_get_cipher(struct tlsv1_client *conn, char *buf, 34 | size_t buflen); 35 | int tlsv1_client_shutdown(struct tlsv1_client *conn); 36 | int tlsv1_client_resumed(struct tlsv1_client *conn); 37 | int tlsv1_client_hello_ext(struct tlsv1_client *conn, int ext_type, 38 | const u8 *data, size_t data_len); 39 | int tlsv1_client_get_keys(struct tlsv1_client *conn, struct tls_keys *keys); 40 | int tlsv1_client_get_keyblock_size(struct tlsv1_client *conn); 41 | int tlsv1_client_set_cipher_list(struct tlsv1_client *conn, u8 *ciphers); 42 | int tlsv1_client_set_cred(struct tlsv1_client *conn, 43 | struct tlsv1_credentials *cred); 44 | void tlsv1_client_set_time_checks(struct tlsv1_client *conn, int enabled); 45 | 46 | typedef int (*tlsv1_client_session_ticket_cb) 47 | (void *ctx, const u8 *ticket, size_t len, const u8 *client_random, 48 | const u8 *server_random, u8 *master_secret); 49 | 50 | void tlsv1_client_set_session_ticket_cb(struct tlsv1_client *conn, 51 | tlsv1_client_session_ticket_cb cb, 52 | void *ctx); 53 | 54 | #endif /* TLSV1_CLIENT_H */ 55 | --------------------------------------------------------------------------------