Skip to content
Permalink
Browse files
Ported CYBERDEViLNL's SSID filter to hostapd-2.6 and made some cleanups
  • Loading branch information
Dominic White committed Jun 1, 2017
1 parent 9eb296c commit 5420e7843cdfbccc083f598f9418291baff3dc6d
Showing 6 changed files with 105 additions and 0 deletions.
@@ -120,6 +120,67 @@ static int hostapd_acl_comp(const void *a, const void *b)
return os_memcmp(aa->addr, bb->addr, sizeof(macaddr));
}

// MANA Start - SSID Filter
static int hostapd_config_read_ssidlist(const char *fname,
struct ssid_filter_entry **ssid_filter, int *num)
{
FILE *f;
char buf[128], *pos;
int line = 0;

struct ssid_filter_entry *new_ssid_filter;

if (!fname)
return 0;

f = fopen(fname, "r");
if (!f) {
wpa_printf(MSG_ERROR, "SSID list file '%s' not found.", fname);
return -1;
}

while (fgets(buf, sizeof(buf), f)) {
line++;

if (buf[0] == '#')
continue;

while (*pos != '\0') {
if (*pos == '\n') {
*pos = '\0';
break;
}
pos++;
}

if (buf[0] == '\0')
continue;

pos = buf;
if(strlen(pos) > SSID_MAX_LEN){
wpa_printf(MSG_ERROR, "SSID %s is too long (more than %d characters.)",pos,SSID_MAX_LEN);
return -1;
}

new_ssid_filter = os_realloc_array(*ssid_filter, *num + 1, sizeof(**ssid_filter));
if (new_ssid_filter == NULL) {
wpa_printf(MSG_ERROR, "SSID list reallocation failed");
fclose(f);
return -1;
}

*ssid_filter = new_ssid_filter;
os_memcpy((*ssid_filter)[*num].ssid, pos, sizeof(pos));

(*num)++;
wpa_printf(MSG_INFO, "SSID: '%s' added.", pos);
}

fclose(f);
return 0;
}
//MANA End

static int hostapd_config_read_maclist(const char *fname,
struct mac_acl_entry **acl, int *num)
{
@@ -2092,6 +2153,15 @@ static int hostapd_config_fill(struct hostapd_config *conf,
if (conf->mana_macacl) {
wpa_printf(MSG_DEBUG, "MANA: MAC ACLs extended to management frames");
}
} else if (os_strcmp(buf, "mana_ssid_filter_file") == 0) {
if (hostapd_config_read_ssidlist(pos, &bss->ssid_filter,
&bss->num_ssid_filter)) {
wpa_printf(MSG_ERROR, "Line %d: Failed to read SSID filter list '%s'",
line, pos);
return 1;
}
conf->mana_ssid_filter_file = pos;
wpa_printf(MSG_INFO, "MANA: SSID Filter enabled. File %s set.",pos);
// MANA END
} else if (os_strcmp(buf, "dump_file") == 0) {
wpa_printf(MSG_INFO, "Line %d: DEPRECATED: 'dump_file' configuration variable is not used anymore",
@@ -3612,6 +3682,7 @@ struct hostapd_config * hostapd_config_read(const char *fname)
conf->enable_mana = 0; //default off;
conf->mana_loud = 0; //default off; 1 - advertise all networks across all devices, 0 - advertise specific networks to the device it was discovered from
conf->mana_macacl = 0; //default off; 0 - off, 1 - extend MAC ACL to management frames
conf->mana_ssid_filter_file = "NOT_SET"; //default none
// MANA END

while (fgets(buf, sizeof(buf), f)) {
@@ -15,6 +15,10 @@ enable_mana=1
# 1 = enabled - networks are advertised to all devices
mana_loud=0

# By default, MANA will behave the same for all SSIDs, enabling this filter will
# create a white-list of allowed SSIDs and any others will be ignored
#mana_ssid_filter_file=hostapd.ssid_filter

# Normal access points MAC ACLs will only work at association level. This option
# will expand MAC ACLs to probe responses.
# It requires macaddr_acl to be set later in the config file to work. This controls
@@ -663,6 +663,21 @@ int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries,
return 0;
}

// MANA Start - SSID filter
int hostapd_ssidlist_found(struct ssid_filter_entry *list, int num_entries, const char *ssid)
{
int start, end;
start = 0;
end = num_entries - 1;
while (start <= end) {
if (!strcmp(list[start].ssid, ssid)) {
return 1;
}
start++;
}
return 0;
}
// MANA End

int hostapd_rate_found(int *list, int rate)
{
@@ -62,6 +62,10 @@ struct mac_acl_entry {
struct vlan_description vlan_id;
};

struct ssid_filter_entry { //MANA
char ssid[SSID_MAX_LEN];
};

struct hostapd_radius_servers;
struct ft_remote_r0kh;
struct ft_remote_r1kh;
@@ -297,6 +301,8 @@ struct hostapd_bss_config {
int num_accept_mac;
struct mac_acl_entry *deny_mac;
int num_deny_mac;
struct ssid_filter_entry *ssid_filter;
int num_ssid_filter;
int wds_sta;
int isolate;
int start_disabled;
@@ -610,6 +616,7 @@ struct hostapd_config {
int enable_mana;
int mana_loud;
int mana_macacl;
const char * mana_ssid_filter_file;
// MANA END

u16 beacon_int;
@@ -726,6 +733,8 @@ void hostapd_config_free_bss(struct hostapd_bss_config *conf);
void hostapd_config_free(struct hostapd_config *conf);
int hostapd_maclist_found(struct mac_acl_entry *list, int num_entries,
const u8 *addr, struct vlan_description *vlan_id);
int hostapd_ssidlist_found(struct ssid_filter_entry *list, int num_entires, //MANA
const char *ssid);
int hostapd_rate_found(int *list, int rate);
const u8 * hostapd_get_psk(const struct hostapd_bss_config *conf,
const u8 *addr, const u8 *p2p_dev_addr,
@@ -834,6 +834,12 @@ void handle_probe_req(struct hostapd_data *hapd,
wpabuf_free(p2p);
}
#endif /* CONFIG_P2P */
if (strcmp(hapd->iconf->mana_ssid_filter_file,"NOT_SET")) { //MANA
if (!hostapd_ssidlist_found(hapd->conf->ssid_filter, hapd->conf->num_ssid_filter, wpa_ssid_txt(elems.ssid, elems.ssid_len))) {
wpa_printf(MSG_DEBUG, "MANA - SSID '%s' not found in list.", wpa_ssid_txt(elems.ssid, elems.ssid_len));
return;
}
}

if (hapd->conf->ignore_broadcast_ssid && elems.ssid_len == 0 &&
elems.ssid_list_len == 0 && !hapd->iconf->enable_mana) { //MANA
Binary file not shown.

1 comment on commit 5420e78

@RoganDawes
Copy link

@RoganDawes RoganDawes commented on 5420e78 Jun 1, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure you wanted to commit the .swp file?

Please sign in to comment.