From patchwork Thu Feb  1 11:09:38 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Danilo Ravotto <danilo.ravotto@zirak.it>
X-Patchwork-Id: 868197
Return-Path: 
 <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (mailfrom)
	smtp.mailfrom=lists.infradead.org (client-ip=65.50.211.133;
	helo=bombadil.infradead.org;
	envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=lists.infradead.org
	header.i=@lists.infradead.org header.b="ZjqXHKVU";
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=infradead.org header.i=@infradead.org
	header.b="UPzjsx91"; dkim-atps=neutral
Received: from bombadil.infradead.org (bombadil.infradead.org
	[65.50.211.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3zXHnz3p9pz9t3p
	for <incoming@patchwork.ozlabs.org>;
	Thu,  1 Feb 2018 22:24:39 +1100 (AEDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20170209; h=Sender:
	Content-Transfer-Encoding:Content-Type:MIME-Version:List-Subscribe:List-Help:
	List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date:Subject:To:
	From:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:
	List-Owner; bh=BSTWvi9sG9sI6G7xzIFstHInZSpugmy1iggzIaDszN8=;
	b=ZjqXHKVUQMG0fq
	LAtiTzPwtAZg1mqLAu7UvsCSKEEmjFQjViBDMtUvwomSWzxw1M8B+M9AxoF8A+zt9Z3cOooJIJ17r
	2cQTpaDYYWuliC5Vrb1W0EY9KKiRTYhV9LaRtu0A01TJhM11tKd14DHZqnnO4hkF7nGDReEFkn1XN
	xGraqEXMG3s2OCc1CcWQ6jtvQpVyjRCjwDgubn+4gJcdjcKM10yn/8XYA+6aouB6HcyEIcjkvC1Zp
	uwr+JkjppXICy4c6OwoVTwG63E+rcv3L6nXzSBYGCjixya0vxIZJI9F/eeRoA6fPm3L8fy4uHxWqi
	G+CadU+Wf6vmEWHQHrsg==;
Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux))
	id 1ehCyU-0004Cw-IU; Thu, 01 Feb 2018 11:24:14 +0000
Received: from casper.infradead.org ([2001:8b0:10b:1236::1])
	by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux))
	id 1ehCyT-00047r-1P
	for hostap@bombadil.infradead.org; Thu, 01 Feb 2018 11:24:13 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=casper.20170209;
	h=Message-Id:Date:Subject:To:From:Sender:
	Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
	Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
	:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
	List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=aUf5+PrBpVOmNjr1AsFjRP9s6eIO5UQycp91mE5hCkA=;
	b=UPzjsx91CTpPhCSEZwVRvE1brW
	/GcUYqSJ58RMmf9INfixg55p09ee+M2hJcORgIwEw8t0fstJ+j2Ky8p2dycBgsMW2RhxOygYCsizB
	eP0uL++Z6ZtRYRG33OhbL1Q/qP3ATc8eJLRUtlXUhMrf8OrRC7oHM6OM8DyFT+9KG28gjhwFzOP+K
	wIZnijZT/2ILT3iwd0kxGmPxuvfQe+dWio+q2CI+eRR3Ras7cSCGm/vl1D5KJ1UTRgB2cB4FQFsXz
	kDpShT5N3nFBZyg8dInEZlg4suc1uFoEmWZCWwNQ3BRPklEhvraBz99eOKk59HUAVL95JsGg8tgDC
	w9vl569g==;
Received: from zkmail.zirak.it ([89.96.204.113])
	by casper.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux))
	id 1ehCl5-00037W-7T
	for hostap@lists.infradead.org; Thu, 01 Feb 2018 11:10:25 +0000
Received: from zk-rav.zirak.it (unknown [192.168.100.1])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: danilo.ravotto@zirak.it)
	by zkmail.zirak.it (Postfix) with ESMTPSA id A88191A055
	for <hostap@lists.infradead.org>;
	Thu,  1 Feb 2018 12:09:49 +0100 (CET)
From: Danilo Ravotto <danilo.ravotto@zirak.it>
To: hostap@lists.infradead.org
Subject: [PATCH] Allow client isolation to be configured with ap_isolate
	inside wpa_supplicant configuration file
Date: Thu,  1 Feb 2018 12:09:38 +0100
Message-Id: <1517483378-6904-1-git-send-email-danilo.ravotto@zirak.it>
X-Mailer: git-send-email 2.7.4
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20180201_111023_404882_75DDF922 
X-CRM114-Status: GOOD (  12.37  )
X-Spam-Score: -1.9 (-)
X-Spam-Report: SpamAssassin version 3.4.1 on casper.infradead.org summary:
	Content analysis details:   (-1.9 points, 5.0 required)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
	domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
	[score: 0.0000]
X-BeenThere: hostap@lists.infradead.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <hostap.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/hostap>,
	<mailto:hostap-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/hostap/>
List-Post: <mailto:hostap@lists.infradead.org>
List-Help: <mailto:hostap-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/hostap>,
	<mailto:hostap-request@lists.infradead.org?subject=subscribe>
MIME-Version: 1.0
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Signed-off-by: Danilo Ravotto <danilo.ravotto@zirak.it>
---
 wpa_supplicant/ap.c          |  2 ++
 wpa_supplicant/config.c      |  2 ++
 wpa_supplicant/config.h      | 13 +++++++++++++
 wpa_supplicant/config_file.c |  2 ++
 wpa_supplicant/wpa_cli.c     |  4 ++--
 5 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/wpa_supplicant/ap.c b/wpa_supplicant/ap.c
index 939af62..9e70a6a 100644
--- a/wpa_supplicant/ap.c
+++ b/wpa_supplicant/ap.c
@@ -506,6 +506,8 @@ no_wps:
 	else
 		bss->max_num_sta = wpa_s->conf->max_num_sta;
 
+	bss->isolate = wpa_s->conf->ap_isolate;
+
 	bss->disassoc_low_ack = wpa_s->conf->disassoc_low_ack;
 
 	if (wpa_s->conf->ap_vendor_elements) {
diff --git a/wpa_supplicant/config.c b/wpa_supplicant/config.c
index c13383d..ee2065b 100644
--- a/wpa_supplicant/config.c
+++ b/wpa_supplicant/config.c
@@ -3899,6 +3899,7 @@ struct wpa_config * wpa_config_alloc_empty(const char *ctrl_interface,
 	config->bss_expiration_age = DEFAULT_BSS_EXPIRATION_AGE;
 	config->bss_expiration_scan_count = DEFAULT_BSS_EXPIRATION_SCAN_COUNT;
 	config->max_num_sta = DEFAULT_MAX_NUM_STA;
+	config->ap_isolate = DEFAULT_AP_ISOLATE;
 	config->access_network_type = DEFAULT_ACCESS_NETWORK_TYPE;
 	config->scan_cur_freq = DEFAULT_SCAN_CUR_FREQ;
 	config->wmm_ac_params[0] = ac_be;
@@ -4578,6 +4579,7 @@ static const struct global_parse_data global_fields[] = {
 	{ INT_RANGE(filter_ssids, 0, 1), 0 },
 	{ INT_RANGE(filter_rssi, -100, 0), 0 },
 	{ INT(max_num_sta), 0 },
+	{ INT(ap_isolate), 0 },
 	{ INT_RANGE(disassoc_low_ack, 0, 1), 0 },
 #ifdef CONFIG_HS20
 	{ INT_RANGE(hs20, 0, 1), 0 },
diff --git a/wpa_supplicant/config.h b/wpa_supplicant/config.h
index 07b67e6..55cc247 100644
--- a/wpa_supplicant/config.h
+++ b/wpa_supplicant/config.h
@@ -32,6 +32,7 @@
 #define DEFAULT_BSS_EXPIRATION_AGE 180
 #define DEFAULT_BSS_EXPIRATION_SCAN_COUNT 2
 #define DEFAULT_MAX_NUM_STA 128
+#define DEFAULT_AP_ISOLATE 0
 #define DEFAULT_ACCESS_NETWORK_TYPE 15
 #define DEFAULT_SCAN_CUR_FREQ 0
 #define DEFAULT_P2P_SEARCH_DELAY 500
@@ -843,6 +844,18 @@ struct wpa_config {
 	unsigned int max_num_sta;
 
 	/**
+	 * ap_isolate - Whether to use Client isolation feature
+	 *
+	 * Client isolation can be used to prevent low-level bridging of 
+	 * frames between associated stations in the BSS. By default,
+	 * this bridging is allowed (ap_isolate=0).
+	 *
+	 * 0 = do not enable AP isolation
+	 * 1 = enable AP isolation
+	 */
+	int ap_isolate;
+
+	/**
 	 * freq_list - Array of allowed scan frequencies or %NULL for all
 	 *
 	 * This is an optional zero-terminated array of frequencies in
diff --git a/wpa_supplicant/config_file.c b/wpa_supplicant/config_file.c
index 6f2161e..03110b5 100644
--- a/wpa_supplicant/config_file.c
+++ b/wpa_supplicant/config_file.c
@@ -1280,6 +1280,8 @@ static void wpa_config_write_global(FILE *f, struct wpa_config *config)
 		fprintf(f, "filter_rssi=%d\n", config->filter_rssi);
 	if (config->max_num_sta != DEFAULT_MAX_NUM_STA)
 		fprintf(f, "max_num_sta=%u\n", config->max_num_sta);
+	if (config->ap_isolate != DEFAULT_AP_ISOLATE)
+		fprintf(f, "ap_isolate=%u\n", config->ap_isolate);
 	if (config->disassoc_low_ack)
 		fprintf(f, "disassoc_low_ack=%d\n", config->disassoc_low_ack);
 #ifdef CONFIG_HS20
diff --git a/wpa_supplicant/wpa_cli.c b/wpa_supplicant/wpa_cli.c
index 7d2d6ac..618a93d 100644
--- a/wpa_supplicant/wpa_cli.c
+++ b/wpa_supplicant/wpa_cli.c
@@ -476,7 +476,7 @@ static char ** wpa_cli_complete_set(const char *str, int pos)
 #endif /* CONFIG_P2P */
 		"country", "bss_max_count", "bss_expiration_age",
 		"bss_expiration_scan_count", "filter_ssids", "filter_rssi",
-		"max_num_sta", "disassoc_low_ack",
+		"max_num_sta", "disassoc_low_ack", "ap_isolate",
 #ifdef CONFIG_HS20
 		"hs20",
 #endif /* CONFIG_HS20 */
@@ -573,7 +573,7 @@ static char ** wpa_cli_complete_get(const char *str, int pos)
 #endif /* CONFIG_P2P */
 		"bss_max_count", "bss_expiration_age",
 		"bss_expiration_scan_count", "filter_ssids", "filter_rssi",
-		"max_num_sta", "disassoc_low_ack",
+		"max_num_sta", "disassoc_low_ack", "ap_isolate",
 #ifdef CONFIG_HS20
 		"hs20",
 #endif /* CONFIG_HS20 */