1 /* 2 * WPA Supplicant / Network configuration structures 3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #ifndef CONFIG_SSID_H 16 #define CONFIG_SSID_H 17 18 #include "defs.h" 19 #include "eap_peer/eap_config.h" 20 21 #define MAX_SSID_LEN 32 22 23 24 #define DEFAULT_EAP_WORKAROUND ((unsigned int) -1) 25 #define DEFAULT_EAPOL_FLAGS (EAPOL_FLAG_REQUIRE_KEY_UNICAST | \ 26 EAPOL_FLAG_REQUIRE_KEY_BROADCAST) 27 #define DEFAULT_PROTO (WPA_PROTO_WPA | WPA_PROTO_RSN) 28 #define DEFAULT_KEY_MGMT (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X) 29 #define DEFAULT_PAIRWISE (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP) 30 #define DEFAULT_GROUP (WPA_CIPHER_CCMP | WPA_CIPHER_TKIP | \ 31 WPA_CIPHER_WEP104 | WPA_CIPHER_WEP40) 32 #define DEFAULT_FRAGMENT_SIZE 1398 33 34 /** 35 * struct wpa_ssid - Network configuration data 36 * 37 * This structure includes all the configuration variables for a network. This 38 * data is included in the per-interface configuration data as an element of 39 * the network list, struct wpa_config::ssid. Each network block in the 40 * configuration is mapped to a struct wpa_ssid instance. 41 */ 42 struct wpa_ssid { 43 /** 44 * next - Next network in global list 45 * 46 * This pointer can be used to iterate over all networks. The head of 47 * this list is stored in the ssid field of struct wpa_config. 48 */ 49 struct wpa_ssid *next; 50 51 /** 52 * pnext - Next network in per-priority list 53 * 54 * This pointer can be used to iterate over all networks in the same 55 * priority class. The heads of these list are stored in the pssid 56 * fields of struct wpa_config. 57 */ 58 struct wpa_ssid *pnext; 59 60 /** 61 * id - Unique id for the network 62 * 63 * This identifier is used as a unique identifier for each network 64 * block when using the control interface. Each network is allocated an 65 * id when it is being created, either when reading the configuration 66 * file or when a new network is added through the control interface. 67 */ 68 int id; 69 70 /** 71 * priority - Priority group 72 * 73 * By default, all networks will get same priority group (0). If some 74 * of the networks are more desirable, this field can be used to change 75 * the order in which wpa_supplicant goes through the networks when 76 * selecting a BSS. The priority groups will be iterated in decreasing 77 * priority (i.e., the larger the priority value, the sooner the 78 * network is matched against the scan results). Within each priority 79 * group, networks will be selected based on security policy, signal 80 * strength, etc. 81 * 82 * Please note that AP scanning with scan_ssid=1 and ap_scan=2 mode are 83 * not using this priority to select the order for scanning. Instead, 84 * they try the networks in the order that used in the configuration 85 * file. 86 */ 87 int priority; 88 89 /** 90 * ssid - Service set identifier (network name) 91 * 92 * This is the SSID for the network. For wireless interfaces, this is 93 * used to select which network will be used. If set to %NULL (or 94 * ssid_len=0), any SSID can be used. For wired interfaces, this must 95 * be set to %NULL. Note: SSID may contain any characters, even nul 96 * (ASCII 0) and as such, this should not be assumed to be a nul 97 * terminated string. ssid_len defines how many characters are valid 98 * and the ssid field is not guaranteed to be nul terminated. 99 */ 100 u8 *ssid; 101 102 /** 103 * ssid_len - Length of the SSID 104 */ 105 size_t ssid_len; 106 107 /** 108 * bssid - BSSID 109 * 110 * If set, this network block is used only when associating with the AP 111 * using the configured BSSID 112 */ 113 u8 bssid[ETH_ALEN]; 114 115 /** 116 * bssid_set - Whether BSSID is configured for this network 117 */ 118 int bssid_set; 119 120 /** 121 * psk - WPA pre-shared key (256 bits) 122 */ 123 u8 psk[32]; 124 125 /** 126 * psk_set - Whether PSK field is configured 127 */ 128 int psk_set; 129 130 /** 131 * passphrase - WPA ASCII passphrase 132 * 133 * If this is set, psk will be generated using the SSID and passphrase 134 * configured for the network. ASCII passphrase must be between 8 and 135 * 63 characters (inclusive). 136 */ 137 char *passphrase; 138 139 /** 140 * pairwise_cipher - Bitfield of allowed pairwise ciphers, WPA_CIPHER_* 141 */ 142 int pairwise_cipher; 143 144 /** 145 * group_cipher - Bitfield of allowed group ciphers, WPA_CIPHER_* 146 */ 147 int group_cipher; 148 149 /** 150 * key_mgmt - Bitfield of allowed key management protocols 151 * 152 * WPA_KEY_MGMT_* 153 */ 154 int key_mgmt; 155 156 /** 157 * proto - Bitfield of allowed protocols, WPA_PROTO_* 158 */ 159 int proto; 160 161 /** 162 * auth_alg - Bitfield of allowed authentication algorithms 163 * 164 * WPA_AUTH_ALG_* 165 */ 166 int auth_alg; 167 168 /** 169 * scan_ssid - Scan this SSID with Probe Requests 170 * 171 * scan_ssid can be used to scan for APs using hidden SSIDs. 172 * Note: Many drivers do not support this. ap_mode=2 can be used with 173 * such drivers to use hidden SSIDs. 174 */ 175 int scan_ssid; 176 177 #ifdef IEEE8021X_EAPOL 178 #define EAPOL_FLAG_REQUIRE_KEY_UNICAST BIT(0) 179 #define EAPOL_FLAG_REQUIRE_KEY_BROADCAST BIT(1) 180 /** 181 * eapol_flags - Bit field of IEEE 802.1X/EAPOL options (EAPOL_FLAG_*) 182 */ 183 int eapol_flags; 184 185 /** 186 * eap - EAP peer configuration for this network 187 */ 188 struct eap_peer_config eap; 189 #endif /* IEEE8021X_EAPOL */ 190 191 #define NUM_WEP_KEYS 4 192 #define MAX_WEP_KEY_LEN 16 193 /** 194 * wep_key - WEP keys 195 */ 196 u8 wep_key[NUM_WEP_KEYS][MAX_WEP_KEY_LEN]; 197 198 /** 199 * wep_key_len - WEP key lengths 200 */ 201 size_t wep_key_len[NUM_WEP_KEYS]; 202 203 /** 204 * wep_tx_keyidx - Default key index for TX frames using WEP 205 */ 206 int wep_tx_keyidx; 207 208 /** 209 * proactive_key_caching - Enable proactive key caching 210 * 211 * This field can be used to enable proactive key caching which is also 212 * known as opportunistic PMKSA caching for WPA2. This is disabled (0) 213 * by default. Enable by setting this to 1. 214 * 215 * Proactive key caching is used to make supplicant assume that the APs 216 * are using the same PMK and generate PMKSA cache entries without 217 * doing RSN pre-authentication. This requires support from the AP side 218 * and is normally used with wireless switches that co-locate the 219 * authenticator. 220 */ 221 int proactive_key_caching; 222 223 /** 224 * mixed_cell - Whether mixed cells are allowed 225 * 226 * This option can be used to configure whether so called mixed cells, 227 * i.e., networks that use both plaintext and encryption in the same 228 * SSID, are allowed. This is disabled (0) by default. Enable by 229 * setting this to 1. 230 */ 231 int mixed_cell; 232 233 #ifdef IEEE8021X_EAPOL 234 235 /** 236 * leap - Number of EAP methods using LEAP 237 * 238 * This field should be set to 1 if LEAP is enabled. This is used to 239 * select IEEE 802.11 authentication algorithm. 240 */ 241 int leap; 242 243 /** 244 * non_leap - Number of EAP methods not using LEAP 245 * 246 * This field should be set to >0 if any EAP method other than LEAP is 247 * enabled. This is used to select IEEE 802.11 authentication 248 * algorithm. 249 */ 250 int non_leap; 251 252 /** 253 * eap_workaround - EAP workarounds enabled 254 * 255 * wpa_supplicant supports number of "EAP workarounds" to work around 256 * interoperability issues with incorrectly behaving authentication 257 * servers. This is recommended to be enabled by default because some 258 * of the issues are present in large number of authentication servers. 259 * 260 * Strict EAP conformance mode can be configured by disabling 261 * workarounds with eap_workaround = 0. 262 */ 263 unsigned int eap_workaround; 264 265 #endif /* IEEE8021X_EAPOL */ 266 267 /** 268 * mode - IEEE 802.11 operation mode (Infrastucture/IBSS) 269 * 270 * 0 = infrastructure (Managed) mode, i.e., associate with an AP. 271 * 272 * 1 = IBSS (ad-hoc, peer-to-peer) 273 * 274 * Note: IBSS can only be used with key_mgmt NONE (plaintext and 275 * static WEP) and key_mgmt=WPA-NONE (fixed group key TKIP/CCMP). In 276 * addition, ap_scan has to be set to 2 for IBSS. WPA-None requires 277 * following network block options: proto=WPA, key_mgmt=WPA-NONE, 278 * pairwise=NONE, group=TKIP (or CCMP, but not both), and psk must also 279 * be set (either directly or using ASCII passphrase). 280 */ 281 int mode; 282 283 /** 284 * disabled - Whether this network is currently disabled 285 * 286 * 0 = this network can be used (default). 287 * 1 = this network block is disabled (can be enabled through 288 * ctrl_iface, e.g., with wpa_cli or wpa_gui). 289 */ 290 int disabled; 291 292 /** 293 * peerkey - Whether PeerKey handshake for direct links is allowed 294 * 295 * This is only used when both RSN/WPA2 and IEEE 802.11e (QoS) are 296 * enabled. 297 * 298 * 0 = disabled (default) 299 * 1 = enabled 300 */ 301 int peerkey; 302 303 /** 304 * id_str - Network identifier string for external scripts 305 * 306 * This value is passed to external ctrl_iface monitors in 307 * WPA_EVENT_CONNECTED event and wpa_cli sets this as WPA_ID_STR 308 * environment variable for action scripts. 309 */ 310 char *id_str; 311 312 #ifdef CONFIG_IEEE80211W 313 /** 314 * ieee80211w - Whether management frame protection is enabled 315 * 316 * This value is used to configure policy for management frame 317 * protection (IEEE 802.11w). 0 = disabled, 1 = optional, 2 = required. 318 */ 319 enum { 320 NO_IEEE80211W = 0, 321 IEEE80211W_OPTIONAL = 1, 322 IEEE80211W_REQUIRED = 2 323 } ieee80211w; 324 #endif /* CONFIG_IEEE80211W */ 325 326 /** 327 * frequency - Channel frequency in megahertz (MHz) for IBSS 328 * 329 * This value is used to configure the initial channel for IBSS (adhoc) 330 * networks, e.g., 2412 = IEEE 802.11b/g channel 1. It is ignored in 331 * the infrastructure mode. In addition, this value is only used by the 332 * station that creates the IBSS. If an IBSS network with the 333 * configured SSID is already present, the frequency of the network 334 * will be used instead of this configured value. 335 */ 336 int frequency; 337 338 /** 339 * wpa_ptk_rekey - Maximum lifetime for PTK in seconds 340 * 341 * This value can be used to enforce rekeying of PTK to mitigate some 342 * attacks against TKIP deficiencies. 343 */ 344 int wpa_ptk_rekey; 345 }; 346 347 #endif /* CONFIG_SSID_H */ 348