diff --git a/CMakeLists.txt b/CMakeLists.txt index a555332..3b3f6c7 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -61,7 +61,7 @@ include_directories(/usr/local/include /usr/local/opt/openssl/include src inclu configure_file(src/ow_version.h.in ${PROJECT_SOURCE_DIR}/src/ow_version.h @ONLY) add_compile_options(-Wall -Wextra) -add_definitions(-DPOCO_LOG_DEBUG="1") +add_definitions(-DPOCO_LOG_DEBUG="1" -DBOOST_NO_CXX98_FUNCTION_BASE=1) if(ASAN) add_compile_options(-fsanitize=address) diff --git a/build b/build index 7813681..f11c82a 100644 --- a/build +++ b/build @@ -1 +1 @@ -5 \ No newline at end of file +9 \ No newline at end of file diff --git a/src/framework/ConfigurationValidator.cpp b/src/framework/ConfigurationValidator.cpp index f1bb9ef..28b6e0c 100644 --- a/src/framework/ConfigurationValidator.cpp +++ b/src/framework/ConfigurationValidator.cpp @@ -34,6 +34,10 @@ static std::string DefaultUCentralSchema = R"foo( "$schema": "http://json-schema.org/draft-07/schema#", "type": "object", "properties": { + "strict": { + "type": "boolean", + "default": false + }, "uuid": { "type": "integer" }, @@ -114,6 +118,20 @@ static std::string DefaultUCentralSchema = R"foo( "random-password": { "type": "boolean", "default": false + }, + "beacon-advertisement": { + "type": "object", + "properties": { + "device-name": { + "type": "boolean" + }, + "device-serial": { + "type": "boolean" + }, + "network-id": { + "type": "integer" + } + } } } }, @@ -222,6 +240,52 @@ static std::string DefaultUCentralSchema = R"foo( } } }, + "interface.ssid.encryption": { + "type": "object", + "properties": { + "proto": { + "type": "string", + "enum": [ + "none", + "owe", + "owe-transition", + "psk", + "psk2", + "psk-mixed", + "psk2-radius", + "wpa", + "wpa2", + "wpa-mixed", + "sae", + "sae-mixed", + "wpa3", + "wpa3-192", + "wpa3-mixed" + ], + "examples": [ + "psk2" + ] + }, + "key": { + "type": "string", + "maxLength": 63, + "minLength": 8 + }, + "ieee80211w": { + "type": "string", + "enum": [ + "disabled", + "optional", + "required" + ], + "default": "disabled" + }, + "key-caching": { + "type": "boolean", + "default": true + } + } + }, "definitions": { "type": "object", "properties": { @@ -716,7 +780,8 @@ static std::string DefaultUCentralSchema = R"foo( "type": "string", "enum": [ "dynamic", - "static" + "static", + "none" ], "examples": [ "static" @@ -1006,52 +1071,6 @@ static std::string DefaultUCentralSchema = R"foo( } ] }, - "interface.ssid.encryption": { - "type": "object", - "properties": { - "proto": { - "type": "string", - "enum": [ - "none", - "owe", - "owe-transition", - "psk", - "psk2", - "psk-mixed", - "psk2-radius", - "wpa", - "wpa2", - "wpa-mixed", - "sae", - "sae-mixed", - "wpa3", - "wpa3-192", - "wpa3-mixed" - ], - "examples": [ - "psk2" - ] - }, - "key": { - "type": "string", - "maxLength": 63, - "minLength": 8 - }, - "ieee80211w": { - "type": "string", - "enum": [ - "disabled", - "optional", - "required" - ], - "default": "disabled" - }, - "key-caching": { - "type": "boolean", - "default": true - } - } - }, "interface.ssid.multi-psk": { "type": "object", "properties": { @@ -2020,6 +2039,11 @@ static std::string DefaultUCentralSchema = R"foo( "decription": "This option allows embedding custom vendor specific IEs inside the beacons of a BSS in AP mode.", "type": "string" }, + "tip-information-element": { + "decription": "The device will broadcast the TIP vendor IE inside its beacons if this option is enabled.", + "type": "boolean", + "default": true + }, "fils-discovery-interval": { "type": "integer", "default": 20, @@ -2443,6 +2467,24 @@ static std::string DefaultUCentralSchema = R"foo( "type": "boolean", "default": false }, + "mode": { + "type": "string", + "enum": [ + "radius", + "user" + ] + }, + "port-filter": { + "type": "array", + "items": { + "type": "string", + "examples": [ + { + "LAN1": null + } + ] + } + }, "server-certificate": { "type": "string" }, @@ -2454,6 +2496,77 @@ static std::string DefaultUCentralSchema = R"foo( "items": { "$ref": "#/$defs/interface.ssid.radius.local-user" } + }, + "radius": { + "type": "object", + "properties": { + "nas-identifier": { + "type": "string" + }, + "auth-server-addr": { + "type": "string", + "format": "uc-host", + "examples": [ + "192.168.1.10" + ] + }, + "auth-server-port": { + "type": "integer", + "maximum": 65535, + "minimum": 1024, + "examples": [ + 1812 + ] + }, + "auth-server-secret": { + "type": "string", + "examples": [ + "secret" + ] + }, + "acct-server-addr": { + "type": "string", + "format": "uc-host", + "examples": [ + "192.168.1.10" + ] + }, + "acct-server-port": { + "type": "integer", + "maximum": 65535, + "minimum": 1024, + "examples": [ + 1813 + ] + }, + "acct-server-secret": { + "type": "string", + "examples": [ + "secret" + ] + }, + "coa-server-addr": { + "type": "string", + "format": "uc-host", + "examples": [ + "192.168.1.10" + ] + }, + "coa-server-port": { + "type": "integer", + "maximum": 65535, + "minimum": 1024, + "examples": [ + 1814 + ] + }, + "coa-server-secret": { + "type": "string", + "examples": [ + "secret" + ] + } + } } } }, @@ -2777,6 +2890,12 @@ static std::string DefaultUCentralSchema = R"foo( } } }, + "services": { + "type": "array", + "items": { + "type": "string" + } + }, "classifier": { "type": "array", "items": { @@ -3019,6 +3138,24 @@ static std::string DefaultUCentralSchema = R"foo( "relay-server": { "type": "string", "format": "uc-ip" + }, + "circuit-id-format": { + "type": "string", + "enum": [ + "vlan-id", + "ap-mac", + "ssid" + ], + "default": "vlan-id" + }, + "remote-id-format": { + "type": "string", + "enum": [ + "vlan-id", + "ap-mac", + "ssid" + ], + "default": "ap-mac" } } } diff --git a/src/framework/ow_constants.h b/src/framework/ow_constants.h index 65ed7a3..370ab40 100644 --- a/src/framework/ow_constants.h +++ b/src/framework/ow_constants.h @@ -417,6 +417,8 @@ namespace OpenWifi::RESTAPI::Errors { static const struct msg NotAValidECKey { 1176, "Not a valid Signing Key." }; + static const struct msg NotAValidRadiusPoolType { 1177, "Not a valid RADIUS pool type." }; + static const struct msg SimulationDoesNotExist { 7000, "Simulation Instance ID does not exist." }; diff --git a/src/framework/utils.cpp b/src/framework/utils.cpp index b4486ba..6c34cdb 100644 --- a/src/framework/utils.cpp +++ b/src/framework/utils.cpp @@ -8,6 +8,12 @@ #include "framework/AppServiceRegistry.h" #include "framework/utils.h" +#include +#include +#include +#include +#include + namespace OpenWifi::Utils { bool NormalizeMac(std::string &Mac) { @@ -759,4 +765,101 @@ namespace OpenWifi::Utils { return false; } + bool VerifyRSAKey([[ + maybe_unused]] const std::string &key) { + try { + Poco::TemporaryFile F; + + std::ofstream of(F.path().c_str(), std::ios_base::trunc | std::ios_base::out | std::ios_base::binary); + of << key; + of.close(); + + auto Key = Poco::SharedPtr( + new Poco::Crypto::RSAKey("", F.path(),"")); + return true; + } catch (const Poco::Exception &E) { + + } + return false; + } + + bool ValidX509Certificate([[ + maybe_unused]] const std::string &Cert) { + try { + Poco::TemporaryFile F; + std::ofstream of(F.path().c_str(), std::ios_base::trunc | std::ios_base::out | std::ios_base::binary); + of << Cert; + of.close(); + + auto Key = Poco::SharedPtr( + new Poco::Crypto::X509Certificate(F.path())); + return true; + } catch (const Poco::Exception &E) { + + } + return false; + } + + bool ValidX509Certificate([[ + maybe_unused]] const std::vector &Certs) { + auto F = [](const std::string &C) -> bool { return ValidX509Certificate(C); }; + return std::all_of(Certs.begin(),Certs.end(), F); + } + + std::string generateStrongPassword(int minLength, int maxLength, int numDigits, int minLowercase, int minSpecial, int minUppercase) { + // Define character sets for each category + const std::string lowercaseChars = "abcdefghijklmnopqrstuvwxyz"; + const std::string uppercaseChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + const std::string digitChars = "0123456789"; + const std::string specialChars = "!@#$%^&*()_+[]{}|;:,.<>?"; + + // Check if parameters are valid + if (minLength < 1 || minLength > maxLength || minLowercase + minUppercase + numDigits + minSpecial > maxLength) { + return "Invalid parameters"; + } + + // Initialize random seed + std::random_device rd; + std::mt19937 g(rd()); + + // Initialize the password string + std::string password; + + // Generate the required number of each character type + for (int i = 0; i < minLowercase; ++i) { + password += lowercaseChars[g() % lowercaseChars.length()]; + } + for (int i = 0; i < minUppercase; ++i) { + password += uppercaseChars[g() % uppercaseChars.length()]; + } + for (int i = 0; i < numDigits; ++i) { + password += digitChars[g() % digitChars.length()]; + } + for (int i = 0; i < minSpecial; ++i) { + password += specialChars[g() % specialChars.length()]; + } + + // Calculate how many more characters are needed + int remainingLength = maxLength - (int)password.length(); + + // Generate random characters to fill the remaining length + for (int i = 0; i < remainingLength; ++i) { + int category = g() % 4; // Randomly select a category + if (category == 0) { + password += lowercaseChars[g() % lowercaseChars.length()]; + } else if (category == 1) { + password += uppercaseChars[g() % uppercaseChars.length()]; + } else if (category == 2) { + password += digitChars[g() % digitChars.length()]; + } else { + password += specialChars[g() % specialChars.length()]; + } + } + + // Shuffle the password to randomize the character order + std::shuffle(password.begin(), password.end(),g); + + return password; + } + } // namespace OpenWifi::Utils diff --git a/src/framework/utils.h b/src/framework/utils.h index 9a9c939..cf708bd 100644 --- a/src/framework/utils.h +++ b/src/framework/utils.h @@ -258,6 +258,10 @@ namespace OpenWifi::Utils { }; bool CreateX509CSR(const CSRCreationParameters & Parameters, CSRCreationResults & Results); - + std::string generateStrongPassword(int minLength, int maxLength, int numDigits, int minLowercase, int minSpecial, int minUppercase); bool VerifyECKey(const std::string &key); + bool VerifyRSAKey(const std::string &key); + bool ValidX509Certificate(const std::string &Cert); + bool ValidX509Certificate(const std::vector &Certs); + } // namespace OpenWifi::Utils