diff options
| author | Dmitry Shmidt <dimitrysh@google.com> | 2013-06-06 11:25:10 -0700 |
|---|---|---|
| committer | Dmitry Shmidt <dimitrysh@google.com> | 2013-06-06 11:25:10 -0700 |
| commit | 8bae4138a0356709720a96f3e50b4d734e532c12 (patch) | |
| tree | 469665c7a3dd83523f082389bb33b5c9095d6b30 /src/ap | |
| parent | d3e385e428c94340d89ba090e3500a085463e713 (diff) | |
| download | android_external_wpa_supplicant_8-8bae4138a0356709720a96f3e50b4d734e532c12.tar.gz android_external_wpa_supplicant_8-8bae4138a0356709720a96f3e50b4d734e532c12.tar.bz2 android_external_wpa_supplicant_8-8bae4138a0356709720a96f3e50b4d734e532c12.zip | |
Accumulative patch from commit 4abc0424ef4bde2ea4fb1ba1c18619c7bc36eb02
4abc042 P2P: Automatic channel selection at re-invocation of persistent GO
8f39528 P2P: Modify wait time in INVITE state based on Tx status of INV-REQ
e112764 nl80211: Use NL80211_ATTR_PEER_AID to set TDLS peer AID
f8a5fd4 Synchronize with wireless-testing.git include/uapi/linux/nl80211.h
9b1693a WPS: Allow Device Password Id changes between PIN methods
1ba51ec nl80211: Add debug print for set_supp_port operation
add9b7a nl80211: Ignore deauth/disassoc event from old AP
eb4737f Fix ESS_DISASSOC ctrl_iface command parser
b54c9ff FT: Fix TKIP group key configuration in FT protocol
e78aaca Stop TKIP countermeasures on FLUSH command
3cb953e Do not set driver MAC ACL unless driver supports this
3c4ca36 hostapd: Support MAC address based access control list
Change-Id: I0250e483c2992e6da8b2d1a323b7e3b8a73f9608
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Diffstat (limited to 'src/ap')
| -rw-r--r-- | src/ap/ap_drv_ops.h | 8 | ||||
| -rw-r--r-- | src/ap/hostapd.c | 70 | ||||
| -rw-r--r-- | src/ap/hostapd.h | 2 |
3 files changed, 80 insertions, 0 deletions
diff --git a/src/ap/ap_drv_ops.h b/src/ap/ap_drv_ops.h index ceb7e68e..70fab553 100644 --- a/src/ap/ap_drv_ops.h +++ b/src/ap/ap_drv_ops.h @@ -173,6 +173,14 @@ static inline int hostapd_drv_sta_clear_stats(struct hostapd_data *hapd, return hapd->driver->sta_clear_stats(hapd->drv_priv, addr); } +static inline int hostapd_drv_set_acl(struct hostapd_data *hapd, + struct hostapd_acl_params *params) +{ + if (hapd->driver == NULL || hapd->driver->set_acl == NULL) + return 0; + return hapd->driver->set_acl(hapd->drv_priv, params); +} + static inline int hostapd_drv_set_ap(struct hostapd_data *hapd, struct wpa_driver_ap_params *params) { diff --git a/src/ap/hostapd.c b/src/ap/hostapd.c index a0ac38c4..780b2e2e 100644 --- a/src/ap/hostapd.c +++ b/src/ap/hostapd.c @@ -837,6 +837,74 @@ static void hostapd_tx_queue_params(struct hostapd_iface *iface) } +static int hostapd_set_acl_list(struct hostapd_data *hapd, + struct mac_acl_entry *mac_acl, + int n_entries, u8 accept_acl) +{ + struct hostapd_acl_params *acl_params; + int i, err; + + acl_params = os_zalloc(sizeof(*acl_params) + + (n_entries * sizeof(acl_params->mac_acl[0]))); + if (!acl_params) + return -ENOMEM; + + for (i = 0; i < n_entries; i++) + os_memcpy(acl_params->mac_acl[i].addr, mac_acl[i].addr, + ETH_ALEN); + + acl_params->acl_policy = accept_acl; + acl_params->num_mac_acl = n_entries; + + err = hostapd_drv_set_acl(hapd, acl_params); + + os_free(acl_params); + + return err; +} + + +static void hostapd_set_acl(struct hostapd_data *hapd) +{ + struct hostapd_config *conf = hapd->iconf; + int err; + u8 accept_acl; + + if (hapd->iface->drv_max_acl_mac_addrs == 0) + return; + if (!(conf->bss->num_accept_mac || conf->bss->num_deny_mac)) + return; + + if (conf->bss->macaddr_acl == DENY_UNLESS_ACCEPTED) { + if (conf->bss->num_accept_mac) { + accept_acl = 1; + err = hostapd_set_acl_list(hapd, conf->bss->accept_mac, + conf->bss->num_accept_mac, + accept_acl); + if (err) { + wpa_printf(MSG_DEBUG, "Failed to set accept acl"); + return; + } + } else { + wpa_printf(MSG_DEBUG, "Mismatch between ACL Policy & Accept/deny lists file"); + } + } else if (conf->bss->macaddr_acl == ACCEPT_UNLESS_DENIED) { + if (conf->bss->num_deny_mac) { + accept_acl = 0; + err = hostapd_set_acl_list(hapd, conf->bss->deny_mac, + conf->bss->num_deny_mac, + accept_acl); + if (err) { + wpa_printf(MSG_DEBUG, "Failed to set deny acl"); + return; + } + } else { + wpa_printf(MSG_DEBUG, "Mismatch between ACL Policy & Accept/deny lists file"); + } + } +} + + static int setup_interface(struct hostapd_iface *iface) { struct hostapd_data *hapd = iface->bss[0]; @@ -962,6 +1030,8 @@ int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err) ap_list_init(iface); + hostapd_set_acl(hapd); + if (hostapd_driver_commit(hapd) < 0) { wpa_printf(MSG_ERROR, "%s: Failed to commit driver " "configuration", __func__); diff --git a/src/ap/hostapd.h b/src/ap/hostapd.h index 9a3bb686..55f6dd84 100644 --- a/src/ap/hostapd.h +++ b/src/ap/hostapd.h @@ -233,6 +233,8 @@ struct hostapd_iface { const u8 *extended_capa, *extended_capa_mask; unsigned int extended_capa_len; + unsigned int drv_max_acl_mac_addrs; + struct hostapd_hw_modes *hw_features; int num_hw_features; struct hostapd_hw_modes *current_mode; |