1 /*
2 * hostapd / Station table
3 * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10 #include "utils/common.h"
11 #include "utils/eloop.h"
12 #include "common/ieee802_11_defs.h"
13 #include "common/wpa_ctrl.h"
14 #include "common/sae.h"
15 #include "common/dpp.h"
16 #include "radius/radius.h"
17 #include "radius/radius_client.h"
18 #include "p2p/p2p.h"
19 #include "fst/fst.h"
20 #include "crypto/crypto.h"
21 #include "hostapd.h"
22 #include "accounting.h"
23 #include "ieee802_1x.h"
24 #include "ieee802_11.h"
25 #include "ieee802_11_auth.h"
26 #include "wpa_auth.h"
27 #include "preauth_auth.h"
28 #include "ap_config.h"
29 #include "beacon.h"
30 #include "ap_mlme.h"
31 #include "vlan_init.h"
32 #include "p2p_hostapd.h"
33 #include "ap_drv_ops.h"
34 #include "gas_serv.h"
35 #include "wnm_ap.h"
36 #include "mbo_ap.h"
37 #include "ndisc_snoop.h"
38 #if defined(CONFIG_OPEN_HARMONY_PATCH) && defined(OPEN_HARMONY_MIRACAST_SINK_OPT)
39 #include "hm_miracast_sink.h"
40 #endif
41 #include "sta_info.h"
42 #include "vlan.h"
43 #include "wps_hostapd.h"
44 #ifdef CONFIG_LIBWPA_VENDOR
45 #include "hostapd_client.h"
46 #include "wpa_client.h"
47 #endif
48 #ifdef CONFIG_VENDOR_EXT
49 #include "vendor_ext.h"
50 #endif
51 #if defined(CONFIG_LIBWPA_VENDOR) || defined(CONFIG_VENDOR_EXT)
52 #include "wpa_supplicant_i.h"
53 #endif
54
55 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd,
56 struct sta_info *sta);
57 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx);
58 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx);
59 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx);
60 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx);
61 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx);
62 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta);
63 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx);
64
ap_for_each_sta(struct hostapd_data *hapd, int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, void *ctx), void *ctx)65 int ap_for_each_sta(struct hostapd_data *hapd,
66 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta,
67 void *ctx),
68 void *ctx)
69 {
70 struct sta_info *sta;
71
72 for (sta = hapd->sta_list; sta; sta = sta->next) {
73 if (cb(hapd, sta, ctx))
74 return 1;
75 }
76
77 return 0;
78 }
79
80
ap_get_sta(struct hostapd_data *hapd, const u8 *sta)81 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta)
82 {
83 struct sta_info *s;
84
85 s = hapd->sta_hash[STA_HASH(sta)];
86 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0)
87 s = s->hnext;
88 return s;
89 }
90
91
92 #ifdef CONFIG_P2P
ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr)93 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr)
94 {
95 struct sta_info *sta;
96
97 for (sta = hapd->sta_list; sta; sta = sta->next) {
98 const u8 *p2p_dev_addr;
99
100 if (sta->p2p_ie == NULL)
101 continue;
102
103 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie);
104 if (p2p_dev_addr == NULL)
105 continue;
106
107 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0)
108 return sta;
109 }
110
111 return NULL;
112 }
113 #endif /* CONFIG_P2P */
114
115
ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta)116 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta)
117 {
118 struct sta_info *tmp;
119
120 if (hapd->sta_list == sta) {
121 hapd->sta_list = sta->next;
122 return;
123 }
124
125 tmp = hapd->sta_list;
126 while (tmp != NULL && tmp->next != sta)
127 tmp = tmp->next;
128 if (tmp == NULL) {
129 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR_SEC " from "
130 "list.", MAC2STR_SEC(sta->addr));
131 } else
132 tmp->next = sta->next;
133 }
134
135
ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta)136 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta)
137 {
138 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)];
139 hapd->sta_hash[STA_HASH(sta->addr)] = sta;
140 }
141
142
ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta)143 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta)
144 {
145 struct sta_info *s;
146
147 s = hapd->sta_hash[STA_HASH(sta->addr)];
148 if (s == NULL) return;
149 if (os_memcmp(s->addr, sta->addr, 6) == 0) {
150 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext;
151 return;
152 }
153
154 while (s->hnext != NULL &&
155 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0)
156 s = s->hnext;
157 if (s->hnext != NULL)
158 s->hnext = s->hnext->hnext;
159 else
160 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR_SEC
161 " from hash table", MAC2STR_SEC(sta->addr));
162 }
163
164
ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta)165 void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta)
166 {
167 sta_ip6addr_del(hapd, sta);
168 }
169
170
171 #ifdef CONFIG_PASN
172
ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta)173 void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta)
174 {
175 if (sta->pasn) {
176 wpa_printf(MSG_DEBUG, "PASN: Free PASN context: " MACSTR_SEC,
177 MAC2STR_SEC(sta->addr));
178
179 if (sta->pasn->ecdh)
180 crypto_ecdh_deinit(sta->pasn->ecdh);
181
182 wpabuf_free(sta->pasn->secret);
183 sta->pasn->secret = NULL;
184
185 #ifdef CONFIG_SAE
186 sae_clear_data(&sta->pasn->sae);
187 #endif /* CONFIG_SAE */
188
189 #ifdef CONFIG_FILS
190 /* In practice this pointer should be NULL */
191 wpabuf_free(sta->pasn->fils.erp_resp);
192 sta->pasn->fils.erp_resp = NULL;
193 #endif /* CONFIG_FILS */
194
195 bin_clear_free(sta->pasn, sizeof(*sta->pasn));
196 sta->pasn = NULL;
197 }
198 }
199
200 #endif /* CONFIG_PASN */
201
ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)202 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
203 {
204 int set_beacon = 0;
205
206 accounting_sta_stop(hapd, sta);
207
208 /* just in case */
209 ap_sta_set_authorized(hapd, sta, 0);
210 hostapd_set_sta_flags(hapd, sta);
211
212 if (sta->flags & (WLAN_STA_WDS | WLAN_STA_MULTI_AP))
213 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0);
214
215 if (sta->ipaddr)
216 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr);
217 ap_sta_ip6addr_del(hapd, sta);
218
219 if (!hapd->iface->driver_ap_teardown &&
220 !(sta->flags & WLAN_STA_PREAUTH)) {
221 hostapd_drv_sta_remove(hapd, sta->addr);
222 sta->added_unassoc = 0;
223 }
224
225 ap_sta_hash_del(hapd, sta);
226 ap_sta_list_del(hapd, sta);
227
228 if (sta->aid > 0)
229 hapd->sta_aid[(sta->aid - 1) / 32] &=
230 ~BIT((sta->aid - 1) % 32);
231
232 hapd->num_sta--;
233 if (sta->nonerp_set) {
234 sta->nonerp_set = 0;
235 hapd->iface->num_sta_non_erp--;
236 if (hapd->iface->num_sta_non_erp == 0)
237 set_beacon++;
238 }
239
240 if (sta->no_short_slot_time_set) {
241 sta->no_short_slot_time_set = 0;
242 hapd->iface->num_sta_no_short_slot_time--;
243 if (hapd->iface->current_mode &&
244 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
245 && hapd->iface->num_sta_no_short_slot_time == 0)
246 set_beacon++;
247 }
248
249 if (sta->no_short_preamble_set) {
250 sta->no_short_preamble_set = 0;
251 hapd->iface->num_sta_no_short_preamble--;
252 if (hapd->iface->current_mode &&
253 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
254 && hapd->iface->num_sta_no_short_preamble == 0)
255 set_beacon++;
256 }
257
258 if (sta->no_ht_gf_set) {
259 sta->no_ht_gf_set = 0;
260 hapd->iface->num_sta_ht_no_gf--;
261 }
262
263 if (sta->no_ht_set) {
264 sta->no_ht_set = 0;
265 hapd->iface->num_sta_no_ht--;
266 }
267
268 if (sta->ht_20mhz_set) {
269 sta->ht_20mhz_set = 0;
270 hapd->iface->num_sta_ht_20mhz--;
271 }
272
273 #ifdef CONFIG_TAXONOMY
274 wpabuf_free(sta->probe_ie_taxonomy);
275 sta->probe_ie_taxonomy = NULL;
276 wpabuf_free(sta->assoc_ie_taxonomy);
277 sta->assoc_ie_taxonomy = NULL;
278 #endif /* CONFIG_TAXONOMY */
279
280 ht40_intolerant_remove(hapd->iface, sta);
281
282 #ifdef CONFIG_P2P
283 if (sta->no_p2p_set) {
284 sta->no_p2p_set = 0;
285 hapd->num_sta_no_p2p--;
286 if (hapd->num_sta_no_p2p == 0)
287 hostapd_p2p_non_p2p_sta_disconnected(hapd);
288 }
289 #endif /* CONFIG_P2P */
290
291 #ifdef NEED_AP_MLME
292 if (hostapd_ht_operation_update(hapd->iface) > 0)
293 set_beacon++;
294 #endif /* NEED_AP_MLME */
295
296 #ifdef CONFIG_MESH
297 if (hapd->mesh_sta_free_cb)
298 hapd->mesh_sta_free_cb(hapd, sta);
299 #endif /* CONFIG_MESH */
300
301 if (set_beacon)
302 ieee802_11_set_beacons(hapd->iface);
303
304 wpa_printf(MSG_EXCESSIVE, "%s: cancel ap_handle_timer for " MACSTR_SEC,
305 __func__, MAC2STR_SEC(sta->addr));
306 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
307 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
308 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta);
309 ap_sta_clear_disconnect_timeouts(hapd, sta);
310 sae_clear_retransmit_timer(hapd, sta);
311
312 ieee802_1x_free_station(hapd, sta);
313 wpa_auth_sta_deinit(sta->wpa_sm);
314 rsn_preauth_free_station(hapd, sta);
315 #ifndef CONFIG_NO_RADIUS
316 if (hapd->radius)
317 radius_client_flush_auth(hapd->radius, sta->addr);
318 #endif /* CONFIG_NO_RADIUS */
319
320 #ifndef CONFIG_NO_VLAN
321 /*
322 * sta->wpa_sm->group needs to be released before so that
323 * vlan_remove_dynamic() can check that no stations are left on the
324 * AP_VLAN netdev.
325 */
326 if (sta->vlan_id)
327 vlan_remove_dynamic(hapd, sta->vlan_id);
328 if (sta->vlan_id_bound) {
329 /*
330 * Need to remove the STA entry before potentially removing the
331 * VLAN.
332 */
333 if (hapd->iface->driver_ap_teardown &&
334 !(sta->flags & WLAN_STA_PREAUTH)) {
335 hostapd_drv_sta_remove(hapd, sta->addr);
336 sta->added_unassoc = 0;
337 }
338 vlan_remove_dynamic(hapd, sta->vlan_id_bound);
339 }
340 #endif /* CONFIG_NO_VLAN */
341
342 os_free(sta->challenge);
343
344 os_free(sta->sa_query_trans_id);
345 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
346
347 #ifdef CONFIG_P2P
348 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr);
349 #endif /* CONFIG_P2P */
350
351 #ifdef CONFIG_INTERWORKING
352 if (sta->gas_dialog) {
353 int i;
354 for (i = 0; i < GAS_DIALOG_MAX; i++)
355 gas_serv_dialog_clear(&sta->gas_dialog[i]);
356 os_free(sta->gas_dialog);
357 }
358 #endif /* CONFIG_INTERWORKING */
359
360 wpabuf_free(sta->wps_ie);
361 wpabuf_free(sta->p2p_ie);
362 wpabuf_free(sta->hs20_ie);
363 wpabuf_free(sta->roaming_consortium);
364 #ifdef CONFIG_FST
365 wpabuf_free(sta->mb_ies);
366 #endif /* CONFIG_FST */
367
368 os_free(sta->ht_capabilities);
369 os_free(sta->vht_capabilities);
370 os_free(sta->vht_operation);
371 os_free(sta->he_capab);
372 os_free(sta->he_6ghz_capab);
373 hostapd_free_psk_list(sta->psk);
374 os_free(sta->identity);
375 os_free(sta->radius_cui);
376 os_free(sta->remediation_url);
377 os_free(sta->t_c_url);
378 wpabuf_free(sta->hs20_deauth_req);
379 os_free(sta->hs20_session_info_url);
380
381 #ifdef CONFIG_SAE
382 sae_clear_data(sta->sae);
383 os_free(sta->sae);
384 #endif /* CONFIG_SAE */
385
386 mbo_ap_sta_free(sta);
387 os_free(sta->supp_op_classes);
388
389 #ifdef CONFIG_FILS
390 os_free(sta->fils_pending_assoc_req);
391 wpabuf_free(sta->fils_hlp_resp);
392 wpabuf_free(sta->hlp_dhcp_discover);
393 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta);
394 #ifdef CONFIG_FILS_SK_PFS
395 crypto_ecdh_deinit(sta->fils_ecdh);
396 wpabuf_clear_free(sta->fils_dh_ss);
397 wpabuf_free(sta->fils_g_sta);
398 #endif /* CONFIG_FILS_SK_PFS */
399 #endif /* CONFIG_FILS */
400
401 #ifdef CONFIG_OWE
402 bin_clear_free(sta->owe_pmk, sta->owe_pmk_len);
403 crypto_ecdh_deinit(sta->owe_ecdh);
404 #endif /* CONFIG_OWE */
405
406 #ifdef CONFIG_DPP2
407 dpp_pfs_free(sta->dpp_pfs);
408 sta->dpp_pfs = NULL;
409 #endif /* CONFIG_DPP2 */
410
411 os_free(sta->ext_capability);
412
413 #ifdef CONFIG_WNM_AP
414 eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta);
415 #endif /* CONFIG_WNM_AP */
416
417 #ifdef CONFIG_PASN
418 ap_free_sta_pasn(hapd, sta);
419 #endif /* CONFIG_PASN */
420
421 os_free(sta->ifname_wds);
422
423 #ifdef CONFIG_TESTING_OPTIONS
424 os_free(sta->sae_postponed_commit);
425 #endif /* CONFIG_TESTING_OPTIONS */
426
427 os_free(sta);
428 }
429
430
hostapd_free_stas(struct hostapd_data *hapd)431 void hostapd_free_stas(struct hostapd_data *hapd)
432 {
433 struct sta_info *sta, *prev;
434
435 sta = hapd->sta_list;
436
437 while (sta) {
438 prev = sta;
439 if (sta->flags & WLAN_STA_AUTH) {
440 mlme_deauthenticate_indication(
441 hapd, sta, WLAN_REASON_UNSPECIFIED);
442 }
443 sta = sta->next;
444 wpa_printf(MSG_DEBUG, "Removing station " MACSTR_SEC,
445 MAC2STR_SEC(prev->addr));
446 ap_free_sta(hapd, prev);
447 }
448 }
449
450
451 /**
452 * ap_handle_timer - Per STA timer handler
453 * @eloop_ctx: struct hostapd_data *
454 * @timeout_ctx: struct sta_info *
455 *
456 * This function is called to check station activity and to remove inactive
457 * stations.
458 */
ap_handle_timer(void *eloop_ctx, void *timeout_ctx)459 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx)
460 {
461 struct hostapd_data *hapd = eloop_ctx;
462 struct sta_info *sta = timeout_ctx;
463 unsigned long next_time = 0;
464 int reason;
465
466 wpa_printf(MSG_DEBUG, "%s: %s: " MACSTR_SEC " flags=0x%x timeout_next=%d",
467 hapd->conf->iface, __func__, MAC2STR_SEC(sta->addr), sta->flags,
468 sta->timeout_next);
469 if (sta->timeout_next == STA_REMOVE) {
470 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
471 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
472 "local deauth request");
473 ap_free_sta(hapd, sta);
474 return;
475 }
476
477 if ((sta->flags & WLAN_STA_ASSOC) &&
478 (sta->timeout_next == STA_NULLFUNC ||
479 sta->timeout_next == STA_DISASSOC)) {
480 int inactive_sec;
481 /*
482 * Add random value to timeout so that we don't end up bouncing
483 * all stations at the same time if we have lots of associated
484 * stations that are idle (but keep re-associating).
485 */
486 int fuzz = os_random() % 20;
487 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr);
488 if (inactive_sec == -1) {
489 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_DEBUG,
490 "Check inactivity: Could not "
491 "get station info from kernel driver for "
492 MACSTR, MAC2STR(sta->addr));
493 wpa_printf(MSG_DEBUG, "Check inactivity: Could not "
494 "get station info from kernel driver for "
495 MACSTR_SEC, MAC2STR_SEC(sta->addr));
496 /*
497 * The driver may not support this functionality.
498 * Anyway, try again after the next inactivity timeout,
499 * but do not disconnect the station now.
500 */
501 next_time = hapd->conf->ap_max_inactivity + fuzz;
502 } else if (inactive_sec == -ENOENT) {
503 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
504 "Station " MACSTR " has lost its driver entry",
505 MAC2STR(sta->addr));
506
507 /* Avoid sending client probe on removed client */
508 sta->timeout_next = STA_DISASSOC;
509 goto skip_poll;
510 } else if (inactive_sec < hapd->conf->ap_max_inactivity) {
511 /* station activity detected; reset timeout state */
512 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
513 "Station " MACSTR " has been active %is ago",
514 MAC2STR(sta->addr), inactive_sec);
515 sta->timeout_next = STA_NULLFUNC;
516 next_time = hapd->conf->ap_max_inactivity + fuzz -
517 inactive_sec;
518 } else {
519 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
520 "Station " MACSTR " has been "
521 "inactive too long: %d sec, max allowed: %d",
522 MAC2STR(sta->addr), inactive_sec,
523 hapd->conf->ap_max_inactivity);
524
525 if (hapd->conf->skip_inactivity_poll)
526 sta->timeout_next = STA_DISASSOC;
527 }
528 }
529
530 if ((sta->flags & WLAN_STA_ASSOC) &&
531 sta->timeout_next == STA_DISASSOC &&
532 !(sta->flags & WLAN_STA_PENDING_POLL) &&
533 !hapd->conf->skip_inactivity_poll) {
534 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR
535 " has ACKed data poll", MAC2STR(sta->addr));
536 /* data nullfunc frame poll did not produce TX errors; assume
537 * station ACKed it */
538 sta->timeout_next = STA_NULLFUNC;
539 next_time = hapd->conf->ap_max_inactivity;
540 }
541
542 skip_poll:
543 if (next_time) {
544 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
545 "for " MACSTR_SEC " (%lu seconds)",
546 __func__, MAC2STR_SEC(sta->addr), next_time);
547 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd,
548 sta);
549 return;
550 }
551
552 if (sta->timeout_next == STA_NULLFUNC &&
553 (sta->flags & WLAN_STA_ASSOC)) {
554 wpa_printf(MSG_DEBUG, " Polling STA");
555 sta->flags |= WLAN_STA_PENDING_POLL;
556 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr,
557 sta->flags & WLAN_STA_WMM);
558 } else if (sta->timeout_next != STA_REMOVE) {
559 int deauth = sta->timeout_next == STA_DEAUTH;
560
561 if (!deauth && !(sta->flags & WLAN_STA_ASSOC)) {
562 /* Cannot disassociate not-associated STA, so move
563 * directly to deauthentication. */
564 sta->timeout_next = STA_DEAUTH;
565 deauth = 1;
566 }
567
568 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
569 "Timeout, sending %s info to STA " MACSTR,
570 deauth ? "deauthentication" : "disassociation",
571 MAC2STR(sta->addr));
572
573 if (deauth) {
574 hostapd_drv_sta_deauth(
575 hapd, sta->addr,
576 WLAN_REASON_PREV_AUTH_NOT_VALID);
577 } else {
578 reason = (sta->timeout_next == STA_DISASSOC) ?
579 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY :
580 WLAN_REASON_PREV_AUTH_NOT_VALID;
581
582 hostapd_drv_sta_disassoc(hapd, sta->addr, reason);
583 }
584 }
585
586 switch (sta->timeout_next) {
587 case STA_NULLFUNC:
588 sta->timeout_next = STA_DISASSOC;
589 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
590 "for " MACSTR_SEC " (%d seconds - AP_DISASSOC_DELAY)",
591 __func__, MAC2STR_SEC(sta->addr), AP_DISASSOC_DELAY);
592 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer,
593 hapd, sta);
594 break;
595 case STA_DISASSOC:
596 case STA_DISASSOC_FROM_CLI:
597 ap_sta_set_authorized(hapd, sta, 0);
598 sta->flags &= ~WLAN_STA_ASSOC;
599 hostapd_set_sta_flags(hapd, sta);
600 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
601 if (!sta->acct_terminate_cause)
602 sta->acct_terminate_cause =
603 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT;
604 accounting_sta_stop(hapd, sta);
605 ieee802_1x_free_station(hapd, sta);
606 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
607 HOSTAPD_LEVEL_INFO, "disassociated due to "
608 "inactivity");
609 reason = (sta->timeout_next == STA_DISASSOC) ?
610 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY :
611 WLAN_REASON_PREV_AUTH_NOT_VALID;
612 sta->timeout_next = STA_DEAUTH;
613 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
614 "for " MACSTR_SEC " (%d seconds - AP_DEAUTH_DELAY)",
615 __func__, MAC2STR_SEC(sta->addr), AP_DEAUTH_DELAY);
616 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer,
617 hapd, sta);
618 mlme_disassociate_indication(hapd, sta, reason);
619 break;
620 case STA_DEAUTH:
621 case STA_REMOVE:
622 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
623 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
624 "inactivity (timer DEAUTH/REMOVE)");
625 if (!sta->acct_terminate_cause)
626 sta->acct_terminate_cause =
627 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT;
628 mlme_deauthenticate_indication(
629 hapd, sta,
630 WLAN_REASON_PREV_AUTH_NOT_VALID);
631 ap_free_sta(hapd, sta);
632 break;
633 }
634 }
635
636
ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx)637 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx)
638 {
639 struct hostapd_data *hapd = eloop_ctx;
640 struct sta_info *sta = timeout_ctx;
641
642 wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR_SEC,
643 hapd->conf->iface, MAC2STR_SEC(sta->addr));
644 if (!(sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC |
645 WLAN_STA_AUTHORIZED))) {
646 if (sta->flags & WLAN_STA_GAS) {
647 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA "
648 "entry " MACSTR_SEC, MAC2STR_SEC(sta->addr));
649 ap_free_sta(hapd, sta);
650 }
651 return;
652 }
653
654 hostapd_drv_sta_deauth(hapd, sta->addr,
655 WLAN_REASON_PREV_AUTH_NOT_VALID);
656 mlme_deauthenticate_indication(hapd, sta,
657 WLAN_REASON_PREV_AUTH_NOT_VALID);
658 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
659 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
660 "session timeout");
661 sta->acct_terminate_cause =
662 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT;
663 ap_free_sta(hapd, sta);
664 }
665
666
ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, u32 session_timeout)667 void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta,
668 u32 session_timeout)
669 {
670 if (eloop_replenish_timeout(session_timeout, 0,
671 ap_handle_session_timer, hapd, sta) == 1) {
672 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
673 HOSTAPD_LEVEL_DEBUG, "setting session timeout "
674 "to %d seconds", session_timeout);
675 }
676 }
677
678
ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, u32 session_timeout)679 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta,
680 u32 session_timeout)
681 {
682 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
683 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d "
684 "seconds", session_timeout);
685 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
686 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer,
687 hapd, sta);
688 }
689
690
ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta)691 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta)
692 {
693 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
694 }
695
696
ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx)697 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx)
698 {
699 #ifdef CONFIG_WNM_AP
700 struct hostapd_data *hapd = eloop_ctx;
701 struct sta_info *sta = timeout_ctx;
702
703 wpa_printf(MSG_DEBUG, "%s: WNM: Session warning time reached for "
704 MACSTR_SEC, hapd->conf->iface, MAC2STR_SEC(sta->addr));
705 if (sta->hs20_session_info_url == NULL)
706 return;
707
708 wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url,
709 sta->hs20_disassoc_timer);
710 #endif /* CONFIG_WNM_AP */
711 }
712
713
ap_sta_session_warning_timeout(struct hostapd_data *hapd, struct sta_info *sta, int warning_time)714 void ap_sta_session_warning_timeout(struct hostapd_data *hapd,
715 struct sta_info *sta, int warning_time)
716 {
717 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta);
718 eloop_register_timeout(warning_time, 0, ap_handle_session_warning_timer,
719 hapd, sta);
720 }
721
722
ap_sta_add(struct hostapd_data *hapd, const u8 *addr)723 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr)
724 {
725 struct sta_info *sta;
726 int i;
727
728 sta = ap_get_sta(hapd, addr);
729 if (sta)
730 return sta;
731
732 wpa_printf(MSG_DEBUG, " New STA");
733 if (hapd->num_sta >= hapd->conf->max_num_sta) {
734 /* FIX: might try to remove some old STAs first? */
735 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)",
736 hapd->num_sta, hapd->conf->max_num_sta);
737 return NULL;
738 }
739
740 sta = os_zalloc(sizeof(struct sta_info));
741 if (sta == NULL) {
742 wpa_printf(MSG_ERROR, "malloc failed");
743 return NULL;
744 }
745 sta->acct_interim_interval = hapd->conf->acct_interim_interval;
746 if (accounting_sta_get_id(hapd, sta) < 0) {
747 os_free(sta);
748 return NULL;
749 }
750
751 for (i = 0; i < WLAN_SUPP_RATES_MAX; i++) {
752 if (!hapd->iface->basic_rates)
753 break;
754 if (hapd->iface->basic_rates[i] < 0)
755 break;
756 sta->supported_rates[i] = hapd->iface->basic_rates[i] / 5;
757 }
758 sta->supported_rates_len = i;
759
760 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) {
761 wpa_printf(MSG_EXCESSIVE, "%s: register ap_handle_timer timeout "
762 "for " MACSTR_SEC " (%d seconds - ap_max_inactivity)",
763 __func__, MAC2STR_SEC(addr),
764 hapd->conf->ap_max_inactivity);
765 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0,
766 ap_handle_timer, hapd, sta);
767 }
768
769 /* initialize STA info data */
770 os_memcpy(sta->addr, addr, ETH_ALEN);
771 sta->next = hapd->sta_list;
772 hapd->sta_list = sta;
773 hapd->num_sta++;
774 ap_sta_hash_add(hapd, sta);
775 ap_sta_remove_in_other_bss(hapd, sta);
776 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
777 dl_list_init(&sta->ip6addr);
778
779 #ifdef CONFIG_TAXONOMY
780 sta_track_claim_taxonomy_info(hapd->iface, addr,
781 &sta->probe_ie_taxonomy);
782 #endif /* CONFIG_TAXONOMY */
783
784 return sta;
785 }
786
787
ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta)788 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta)
789 {
790 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
791
792 if (sta->ipaddr)
793 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr);
794 ap_sta_ip6addr_del(hapd, sta);
795
796 wpa_printf(MSG_DEBUG, "%s: Removing STA " MACSTR_SEC " from kernel driver",
797 hapd->conf->iface, MAC2STR_SEC(sta->addr));
798 if (hostapd_drv_sta_remove(hapd, sta->addr) &&
799 sta->flags & WLAN_STA_ASSOC) {
800 wpa_printf(MSG_DEBUG, "%s: Could not remove station " MACSTR_SEC
801 " from kernel driver",
802 hapd->conf->iface, MAC2STR_SEC(sta->addr));
803 return -1;
804 }
805 sta->added_unassoc = 0;
806 return 0;
807 }
808
809
ap_sta_remove_in_other_bss(struct hostapd_data *hapd, struct sta_info *sta)810 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd,
811 struct sta_info *sta)
812 {
813 struct hostapd_iface *iface = hapd->iface;
814 size_t i;
815
816 for (i = 0; i < iface->num_bss; i++) {
817 struct hostapd_data *bss = iface->bss[i];
818 struct sta_info *sta2;
819 /* bss should always be set during operation, but it may be
820 * NULL during reconfiguration. Assume the STA is not
821 * associated to another BSS in that case to avoid NULL pointer
822 * dereferences. */
823 if (bss == hapd || bss == NULL)
824 continue;
825 sta2 = ap_get_sta(bss, sta->addr);
826 if (!sta2)
827 continue;
828
829 wpa_printf(MSG_DEBUG, "%s: disconnect old STA " MACSTR_SEC
830 " association from another BSS %s",
831 hapd->conf->iface, MAC2STR_SEC(sta2->addr),
832 bss->conf->iface);
833 ap_sta_disconnect(bss, sta2, sta2->addr,
834 WLAN_REASON_PREV_AUTH_NOT_VALID);
835 }
836 }
837
838
ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx)839 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx)
840 {
841 struct hostapd_data *hapd = eloop_ctx;
842 struct sta_info *sta = timeout_ctx;
843
844 wpa_printf(MSG_DEBUG, "%s: Disassociation callback for STA " MACSTR_SEC,
845 hapd->conf->iface, MAC2STR_SEC(sta->addr));
846 ap_sta_remove(hapd, sta);
847 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason);
848 }
849
850
ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, u16 reason)851 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta,
852 u16 reason)
853 {
854 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR_SEC,
855 hapd->conf->iface, MAC2STR_SEC(sta->addr));
856 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
857 if (hapd->iface->current_mode &&
858 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) {
859 /* Skip deauthentication in DMG/IEEE 802.11ad */
860 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC |
861 WLAN_STA_ASSOC_REQ_OK);
862 sta->timeout_next = STA_REMOVE;
863 } else {
864 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK);
865 sta->timeout_next = STA_DEAUTH;
866 }
867 ap_sta_set_authorized(hapd, sta, 0);
868 hostapd_set_sta_flags(hapd, sta);
869 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
870 "for " MACSTR_SEC " (%d seconds - "
871 "AP_MAX_INACTIVITY_AFTER_DISASSOC)",
872 __func__, MAC2STR_SEC(sta->addr),
873 AP_MAX_INACTIVITY_AFTER_DISASSOC);
874 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
875 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0,
876 ap_handle_timer, hapd, sta);
877 accounting_sta_stop(hapd, sta);
878 ieee802_1x_free_station(hapd, sta);
879 wpa_auth_sta_deinit(sta->wpa_sm);
880 sta->wpa_sm = NULL;
881
882 sta->disassoc_reason = reason;
883 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB;
884 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
885 eloop_register_timeout(hapd->iface->drv_flags &
886 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
887 ap_sta_disassoc_cb_timeout, hapd, sta);
888 }
889
890
ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx)891 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx)
892 {
893 struct hostapd_data *hapd = eloop_ctx;
894 struct sta_info *sta = timeout_ctx;
895
896 wpa_printf(MSG_DEBUG, "%s: Deauthentication callback for STA " MACSTR_SEC,
897 hapd->conf->iface, MAC2STR_SEC(sta->addr));
898 ap_sta_remove(hapd, sta);
899 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason);
900 }
901
902
ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, u16 reason)903 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta,
904 u16 reason)
905 {
906 if (hapd->iface->current_mode &&
907 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) {
908 /* Deauthentication is not used in DMG/IEEE 802.11ad;
909 * disassociate the STA instead. */
910 ap_sta_disassociate(hapd, sta, reason);
911 return;
912 }
913
914 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR_SEC,
915 hapd->conf->iface, MAC2STR_SEC(sta->addr));
916 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
917 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK);
918 ap_sta_set_authorized(hapd, sta, 0);
919 hostapd_set_sta_flags(hapd, sta);
920 sta->timeout_next = STA_REMOVE;
921 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
922 "for " MACSTR_SEC " (%d seconds - "
923 "AP_MAX_INACTIVITY_AFTER_DEAUTH)",
924 __func__, MAC2STR_SEC(sta->addr),
925 AP_MAX_INACTIVITY_AFTER_DEAUTH);
926 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
927 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0,
928 ap_handle_timer, hapd, sta);
929 accounting_sta_stop(hapd, sta);
930 ieee802_1x_free_station(hapd, sta);
931
932 sta->deauth_reason = reason;
933 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB;
934 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
935 eloop_register_timeout(hapd->iface->drv_flags &
936 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
937 ap_sta_deauth_cb_timeout, hapd, sta);
938 }
939
940
941 #ifdef CONFIG_WPS
ap_sta_wps_cancel(struct hostapd_data *hapd, struct sta_info *sta, void *ctx)942 int ap_sta_wps_cancel(struct hostapd_data *hapd,
943 struct sta_info *sta, void *ctx)
944 {
945 if (sta && (sta->flags & WLAN_STA_WPS)) {
946 ap_sta_deauthenticate(hapd, sta,
947 WLAN_REASON_PREV_AUTH_NOT_VALID);
948 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR_SEC,
949 __func__, MAC2STR_SEC(sta->addr));
950 return 1;
951 }
952
953 return 0;
954 }
955 #endif /* CONFIG_WPS */
956
957
ap_sta_get_free_vlan_id(struct hostapd_data *hapd)958 static int ap_sta_get_free_vlan_id(struct hostapd_data *hapd)
959 {
960 struct hostapd_vlan *vlan;
961 int vlan_id = MAX_VLAN_ID + 2;
962
963 retry:
964 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
965 if (vlan->vlan_id == vlan_id) {
966 vlan_id++;
967 goto retry;
968 }
969 }
970 return vlan_id;
971 }
972
973
ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, struct vlan_description *vlan_desc)974 int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta,
975 struct vlan_description *vlan_desc)
976 {
977 struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL;
978 int old_vlan_id, vlan_id = 0, ret = 0;
979
980 /* Check if there is something to do */
981 if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) {
982 /* This sta is lacking its own vif */
983 } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED &&
984 !hapd->conf->ssid.per_sta_vif && sta->vlan_id) {
985 /* sta->vlan_id needs to be reset */
986 } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) {
987 return 0; /* nothing to change */
988 }
989
990 /* Now the real VLAN changed or the STA just needs its own vif */
991 if (hapd->conf->ssid.per_sta_vif) {
992 /* Assign a new vif, always */
993 /* find a free vlan_id sufficiently big */
994 vlan_id = ap_sta_get_free_vlan_id(hapd);
995 /* Get wildcard VLAN */
996 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
997 if (vlan->vlan_id == VLAN_ID_WILDCARD)
998 break;
999 }
1000 if (!vlan) {
1001 hostapd_logger(hapd, sta->addr,
1002 HOSTAPD_MODULE_IEEE80211,
1003 HOSTAPD_LEVEL_DEBUG,
1004 "per_sta_vif missing wildcard");
1005 vlan_id = 0;
1006 ret = -1;
1007 goto done;
1008 }
1009 } else if (vlan_desc && vlan_desc->notempty) {
1010 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
1011 if (!vlan_compare(&vlan->vlan_desc, vlan_desc))
1012 break;
1013 if (vlan->vlan_id == VLAN_ID_WILDCARD)
1014 wildcard_vlan = vlan;
1015 }
1016 if (vlan) {
1017 vlan_id = vlan->vlan_id;
1018 } else if (wildcard_vlan) {
1019 vlan = wildcard_vlan;
1020 vlan_id = vlan_desc->untagged;
1021 if (vlan_desc->tagged[0]) {
1022 /* Tagged VLAN configuration */
1023 vlan_id = ap_sta_get_free_vlan_id(hapd);
1024 }
1025 } else {
1026 hostapd_logger(hapd, sta->addr,
1027 HOSTAPD_MODULE_IEEE80211,
1028 HOSTAPD_LEVEL_DEBUG,
1029 "missing vlan and wildcard for vlan=%d%s",
1030 vlan_desc->untagged,
1031 vlan_desc->tagged[0] ? "+" : "");
1032 vlan_id = 0;
1033 ret = -1;
1034 goto done;
1035 }
1036 }
1037
1038 if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) {
1039 vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc);
1040 if (vlan == NULL) {
1041 hostapd_logger(hapd, sta->addr,
1042 HOSTAPD_MODULE_IEEE80211,
1043 HOSTAPD_LEVEL_DEBUG,
1044 "could not add dynamic VLAN interface for vlan=%d%s",
1045 vlan_desc ? vlan_desc->untagged : -1,
1046 (vlan_desc && vlan_desc->tagged[0]) ?
1047 "+" : "");
1048 vlan_id = 0;
1049 ret = -1;
1050 goto done;
1051 }
1052
1053 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1054 HOSTAPD_LEVEL_DEBUG,
1055 "added new dynamic VLAN interface '%s'",
1056 vlan->ifname);
1057 } else if (vlan && vlan->dynamic_vlan > 0) {
1058 vlan->dynamic_vlan++;
1059 hostapd_logger(hapd, sta->addr,
1060 HOSTAPD_MODULE_IEEE80211,
1061 HOSTAPD_LEVEL_DEBUG,
1062 "updated existing dynamic VLAN interface '%s'",
1063 vlan->ifname);
1064 }
1065 done:
1066 old_vlan_id = sta->vlan_id;
1067 sta->vlan_id = vlan_id;
1068 sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL;
1069
1070 if (vlan_id != old_vlan_id && old_vlan_id)
1071 vlan_remove_dynamic(hapd, old_vlan_id);
1072
1073 return ret;
1074 }
1075
1076
ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta)1077 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta)
1078 {
1079 #ifndef CONFIG_NO_VLAN
1080 const char *iface;
1081 struct hostapd_vlan *vlan = NULL;
1082 int ret;
1083 int old_vlanid = sta->vlan_id_bound;
1084
1085 if ((sta->flags & WLAN_STA_WDS) && sta->vlan_id == 0) {
1086 wpa_printf(MSG_DEBUG,
1087 "Do not override WDS VLAN assignment for STA "
1088 MACSTR_SEC, MAC2STR_SEC(sta->addr));
1089 return 0;
1090 }
1091
1092 iface = hapd->conf->iface;
1093 if (hapd->conf->ssid.vlan[0])
1094 iface = hapd->conf->ssid.vlan;
1095
1096 if (sta->vlan_id > 0) {
1097 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
1098 if (vlan->vlan_id == sta->vlan_id)
1099 break;
1100 }
1101 if (vlan)
1102 iface = vlan->ifname;
1103 }
1104
1105 /*
1106 * Do not increment ref counters if the VLAN ID remains same, but do
1107 * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might
1108 * have been called before.
1109 */
1110 if (sta->vlan_id == old_vlanid)
1111 goto skip_counting;
1112
1113 if (sta->vlan_id > 0 && !vlan &&
1114 !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) {
1115 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1116 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for "
1117 "binding station to (vlan_id=%d)",
1118 sta->vlan_id);
1119 ret = -1;
1120 goto done;
1121 } else if (vlan && vlan->dynamic_vlan > 0) {
1122 vlan->dynamic_vlan++;
1123 hostapd_logger(hapd, sta->addr,
1124 HOSTAPD_MODULE_IEEE80211,
1125 HOSTAPD_LEVEL_DEBUG,
1126 "updated existing dynamic VLAN interface '%s'",
1127 iface);
1128 }
1129
1130 /* ref counters have been increased, so mark the station */
1131 sta->vlan_id_bound = sta->vlan_id;
1132
1133 skip_counting:
1134 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1135 HOSTAPD_LEVEL_DEBUG, "binding station to interface "
1136 "'%s'", iface);
1137
1138 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0)
1139 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA");
1140
1141 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id);
1142 if (ret < 0) {
1143 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1144 HOSTAPD_LEVEL_DEBUG, "could not bind the STA "
1145 "entry to vlan_id=%d", sta->vlan_id);
1146 }
1147
1148 /* During 1x reauth, if the vlan id changes, then remove the old id. */
1149 if (old_vlanid > 0 && old_vlanid != sta->vlan_id)
1150 vlan_remove_dynamic(hapd, old_vlanid);
1151 done:
1152
1153 return ret;
1154 #else /* CONFIG_NO_VLAN */
1155 return 0;
1156 #endif /* CONFIG_NO_VLAN */
1157 }
1158
1159
ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta)1160 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta)
1161 {
1162 u32 tu;
1163 struct os_reltime now, passed;
1164 os_get_reltime(&now);
1165 os_reltime_sub(&now, &sta->sa_query_start, &passed);
1166 tu = (passed.sec * 1000000 + passed.usec) / 1024;
1167 if (hapd->conf->assoc_sa_query_max_timeout < tu) {
1168 hostapd_logger(hapd, sta->addr,
1169 HOSTAPD_MODULE_IEEE80211,
1170 HOSTAPD_LEVEL_DEBUG,
1171 "association SA Query timed out");
1172 sta->sa_query_timed_out = 1;
1173 os_free(sta->sa_query_trans_id);
1174 sta->sa_query_trans_id = NULL;
1175 sta->sa_query_count = 0;
1176 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
1177 return 1;
1178 }
1179
1180 return 0;
1181 }
1182
1183
ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx)1184 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx)
1185 {
1186 struct hostapd_data *hapd = eloop_ctx;
1187 struct sta_info *sta = timeout_ctx;
1188 unsigned int timeout, sec, usec;
1189 u8 *trans_id, *nbuf;
1190
1191 wpa_printf(MSG_DEBUG, "%s: SA Query timer for STA " MACSTR_SEC
1192 " (count=%d)",
1193 hapd->conf->iface, MAC2STR_SEC(sta->addr), sta->sa_query_count);
1194
1195 if (sta->sa_query_count > 0 &&
1196 ap_check_sa_query_timeout(hapd, sta))
1197 return;
1198 if (sta->sa_query_count >= 1000)
1199 return;
1200
1201 nbuf = os_realloc_array(sta->sa_query_trans_id,
1202 sta->sa_query_count + 1,
1203 WLAN_SA_QUERY_TR_ID_LEN);
1204 if (nbuf == NULL)
1205 return;
1206 if (sta->sa_query_count == 0) {
1207 /* Starting a new SA Query procedure */
1208 os_get_reltime(&sta->sa_query_start);
1209 }
1210 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN;
1211 sta->sa_query_trans_id = nbuf;
1212 sta->sa_query_count++;
1213
1214 if (os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0) {
1215 /*
1216 * We don't really care which ID is used here, so simply
1217 * hardcode this if the mostly theoretical os_get_random()
1218 * failure happens.
1219 */
1220 trans_id[0] = 0x12;
1221 trans_id[1] = 0x34;
1222 }
1223
1224 timeout = hapd->conf->assoc_sa_query_retry_timeout;
1225 sec = ((timeout / 1000) * 1024) / 1000;
1226 usec = (timeout % 1000) * 1024;
1227 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta);
1228
1229 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1230 HOSTAPD_LEVEL_DEBUG,
1231 "association SA Query attempt %d", sta->sa_query_count);
1232
1233 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id);
1234 }
1235
1236
ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta)1237 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
1238 {
1239 ap_sa_query_timer(hapd, sta);
1240 }
1241
1242
ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta)1243 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
1244 {
1245 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
1246 os_free(sta->sa_query_trans_id);
1247 sta->sa_query_trans_id = NULL;
1248 sta->sa_query_count = 0;
1249 }
1250
1251
ap_sta_wpa_get_keyid(struct hostapd_data *hapd, struct sta_info *sta)1252 const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd,
1253 struct sta_info *sta)
1254 {
1255 struct hostapd_wpa_psk *psk;
1256 struct hostapd_ssid *ssid;
1257 const u8 *pmk;
1258 int pmk_len;
1259
1260 ssid = &hapd->conf->ssid;
1261
1262 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
1263 if (!pmk || pmk_len != PMK_LEN)
1264 return NULL;
1265
1266 for (psk = ssid->wpa_psk; psk; psk = psk->next)
1267 if (os_memcmp(pmk, psk->psk, PMK_LEN) == 0)
1268 break;
1269 if (!psk)
1270 return NULL;
1271 if (!psk || !psk->keyid[0])
1272 return NULL;
1273
1274 return psk->keyid;
1275 }
1276
1277
ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, int authorized)1278 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
1279 int authorized)
1280 {
1281 const u8 *dev_addr = NULL;
1282 char buf[100];
1283 char log_buf[100];
1284 #ifdef CONFIG_P2P
1285 u8 addr[ETH_ALEN];
1286 u8 ip_addr_buf[4];
1287 #if defined(CONFIG_OPEN_HARMONY_PATCH) && defined(OPEN_HARMONY_MIRACAST_SINK_OPT)
1288 struct hm_p2p_pvt_peer *peer = NULL;
1289 #endif
1290 #endif /* CONFIG_P2P */
1291 #ifdef CONFIG_LIBWPA_VENDOR
1292 int result;
1293 #endif
1294
1295 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED))
1296 return;
1297
1298 if (authorized)
1299 sta->flags |= WLAN_STA_AUTHORIZED;
1300 else
1301 sta->flags &= ~WLAN_STA_AUTHORIZED;
1302
1303 #ifdef CONFIG_P2P
1304 if (hapd->p2p_group == NULL) {
1305 if (sta->p2p_ie != NULL &&
1306 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0)
1307 dev_addr = addr;
1308 } else
1309 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr);
1310
1311 if (dev_addr) {
1312 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR,
1313 MAC2STR(sta->addr), MAC2STR(dev_addr));
1314 os_snprintf(log_buf, sizeof(log_buf), MACSTR_SEC " p2p_dev_addr=" MACSTR_SEC,
1315 MAC2STR_SEC(sta->addr), MAC2STR_SEC(dev_addr));
1316 wpa_printf(MSG_INFO, MACSTR_SEC " p2p_dev_addr=" MACSTR_SEC,
1317 MAC2STR_SEC(sta->addr), MAC2STR_SEC(dev_addr));
1318 }
1319 else {
1320 #endif /* CONFIG_P2P */
1321 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
1322 os_snprintf(log_buf, sizeof(log_buf), MACSTR_SEC, MAC2STR_SEC(sta->addr));
1323 wpa_printf(MSG_INFO, MACSTR_SEC, MAC2STR_SEC(sta->addr));
1324 }
1325
1326 if (hapd->sta_authorized_cb)
1327 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, sta->addr, authorized,
1328 #ifdef CONFIG_WIFI_RPT
1329 (dev_addr ? dev_addr : sta->addr)
1330 #else
1331 dev_addr
1332 #endif /* CONFIG_WIFI_RPT */
1333 );
1334
1335 if (authorized) {
1336 const char *keyid;
1337 char keyid_buf[100];
1338 char ip_addr[100];
1339
1340 keyid_buf[0] = '\0';
1341 ip_addr[0] = '\0';
1342 #ifdef CONFIG_P2P
1343 if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
1344 os_snprintf(ip_addr, sizeof(ip_addr),
1345 " ip_addr=%u.%u.%u.%u",
1346 ip_addr_buf[0], ip_addr_buf[1],
1347 ip_addr_buf[2], ip_addr_buf[3]);
1348 }
1349 #if defined(CONFIG_OPEN_HARMONY_PATCH) && defined(OPEN_HARMONY_MIRACAST_SINK_OPT)
1350 peer = hm_p2p_find_peer(dev_addr);
1351 if (peer != NULL) {
1352 peer->go_req_cnt = 0;
1353 wpa_printf(MSG_DEBUG, "p2p connected reset go_req_cnt");
1354 }
1355 #endif
1356 #endif /* CONFIG_P2P */
1357
1358 keyid = ap_sta_wpa_get_keyid(hapd, sta);
1359 if (keyid) {
1360 os_snprintf(keyid_buf, sizeof(keyid_buf),
1361 " keyid=%s", keyid);
1362 }
1363 #ifdef CONFIG_VENDOR_EXT
1364 int res = wpa_vendor_ext_msg_for_cb(hapd, buf, ip_addr, keyid_buf, sta->addr);
1365 if (res != 0) {
1366 #ifdef CONFIG_LIBWPA_VENDOR
1367 struct HostapdApCbParm hostapdApCbParm = {};
1368 result = os_snprintf((char *)hostapdApCbParm.content, WIFI_HOSTAPD_CB_CONTENT_LENGTH, AP_STA_CONNECTED "%s%s%s",
1369 buf, ip_addr, keyid_buf);
1370 if (os_snprintf_error(WIFI_HOSTAPD_CB_CONTENT_LENGTH, result)) {
1371 wpa_printf(MSG_ERROR, "ap_sta_set_authorized AP_STA_CONNECTED os_snprintf_error");
1372 } else {
1373 hostapdApCbParm.id = 0;
1374 wpa_printf(MSG_INFO, "%s HOSTAPD_EVENT_STA_JOIN AP_STA_CONNECTED %s%s%s%d", __func__,
1375 log_buf, anonymize_ip(ip_addr), keyid_buf, hostapdApCbParm.id);
1376 HostapdEventReport(hapd->conf->iface, HOSTAPD_EVENT_STA_JOIN, (void *) &hostapdApCbParm);
1377 }
1378 #endif
1379 }
1380 #else
1381 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s",
1382 buf, ip_addr,
1383 keyid_buf);
1384 #ifdef CONFIG_LIBWPA_VENDOR
1385 struct HostapdApCbParm hostapdApCbParm = {};
1386 result = os_snprintf((char *)hostapdApCbParm.content, WIFI_HOSTAPD_CB_CONTENT_LENGTH,
1387 AP_STA_CONNECTED "%s%s%s", buf, ip_addr, keyid_buf);
1388 if (os_snprintf_error(WIFI_HOSTAPD_CB_CONTENT_LENGTH, result)) {
1389 wpa_printf(MSG_ERROR, "ap_sta_set_authorized AP_STA_CONNECTED os_snprintf_error");
1390 } else {
1391 hostapdApCbParm.id = 0;
1392 wpa_printf(MSG_INFO, "%s HOSTAPD_EVENT_STA_JOIN AP_STA_CONNECTED %s%s%s%d", __func__,
1393 log_buf, anonymize_ip(ip_addr), keyid_buf, hostapdApCbParm.id);
1394 HostapdEventReport(hapd->conf->iface, HOSTAPD_EVENT_STA_JOIN, (void *) &hostapdApCbParm);
1395 }
1396 #endif
1397 #endif
1398 #ifdef CONFIG_LIBWPA_VENDOR
1399 #ifdef CONFIG_VENDOR_EXT
1400 if (hapd->p2p_group != NULL && !wpa_vendor_ext_is_p2p_enhance_mode(hapd->msg_ctx)) {
1401 #endif
1402 struct P2pStaConnectStateParam p2pStaConnectStateParam;
1403 p2pStaConnectStateParam.state = 1;
1404 os_memcpy(p2pStaConnectStateParam.srcAddress, sta->addr, ETH_ALEN);
1405 #ifdef CONFIG_WIFI_RPT
1406 if (hapd->p2p != NULL && hapd->p2p->p2p_rpt == TRUE) {
1407 os_memcpy(p2pStaConnectStateParam.p2pDeviceAddress, sta->addr, ETH_ALEN);
1408 } else
1409 #endif /* CONFIG_WIFI_RPT */
1410 if (dev_addr) {
1411 os_memcpy(p2pStaConnectStateParam.p2pDeviceAddress, dev_addr, ETH_ALEN);
1412 } else {
1413 wpa_printf(MSG_INFO, "dev_addr is null");
1414 }
1415 wpa_printf(MSG_INFO, "WPA_EVENT_STA_CONNECT_STATE 1 " MACSTR_SEC " p2p_dev_addr=" MACSTR_SEC,
1416 MAC2STR_SEC(p2pStaConnectStateParam.srcAddress), MAC2STR_SEC(p2pStaConnectStateParam.p2pDeviceAddress));
1417 WpaEventReport(((struct wpa_supplicant *) hapd->msg_ctx)->ifname, WPA_EVENT_STA_CONNECT_STATE,
1418 (void *) &p2pStaConnectStateParam);
1419 #ifdef CONFIG_VENDOR_EXT
1420 }
1421 #endif
1422 #endif
1423 wpa_printf(MSG_INFO, AP_STA_CONNECTED);
1424
1425 if (hapd->msg_ctx_parent &&
1426 hapd->msg_ctx_parent != hapd->msg_ctx) {
1427 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
1428 AP_STA_CONNECTED "%s%s%s",
1429 buf, ip_addr,
1430 keyid_buf);
1431 wpa_printf(MSG_INFO, AP_STA_CONNECTED);
1432 }
1433 } else {
1434 #ifdef CONFIG_VENDOR_EXT
1435 int ret = wpa_vendor_ext_ap_disconnect(hapd, buf);
1436 if (ret != 0) {
1437 #ifdef CONFIG_LIBWPA_VENDOR
1438 struct HostapdApCbParm hostapdApCbParm = {};
1439 result = os_snprintf((char *)hostapdApCbParm.content, WIFI_HOSTAPD_CB_CONTENT_LENGTH,
1440 AP_STA_DISCONNECTED "%s", buf);
1441 if (os_snprintf_error(WIFI_HOSTAPD_CB_CONTENT_LENGTH, result)) {
1442 wpa_printf(MSG_ERROR, "ap_sta_set_authorized AP_STA_DISCONNECTED os_snprintf_error");
1443 } else {
1444 hostapdApCbParm.id = 0;
1445 wpa_printf(MSG_INFO, "%s HOSTAPD_EVENT_STA_JOIN AP_STA_DISCONNECTED %s%d", __func__,
1446 log_buf, hostapdApCbParm.id);
1447 HostapdEventReport(hapd->conf->iface, HOSTAPD_EVENT_STA_JOIN, (void *) &hostapdApCbParm);
1448 }
1449 #endif
1450 }
1451 #else
1452 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
1453 #ifdef CONFIG_LIBWPA_VENDOR
1454 struct HostapdApCbParm hostapdApCbParm = {};
1455 result = os_snprintf((char *)hostapdApCbParm.content, WIFI_HOSTAPD_CB_CONTENT_LENGTH,
1456 AP_STA_DISCONNECTED "%s", buf);
1457 if (os_snprintf_error(WIFI_HOSTAPD_CB_CONTENT_LENGTH, result)) {
1458 wpa_printf(MSG_ERROR, "ap_sta_set_authorized AP_STA_DISCONNECTED os_snprintf_error");
1459 } else {
1460 hostapdApCbParm.id = 0;
1461 wpa_printf(MSG_INFO, "%s HOSTAPD_EVENT_STA_JOIN AP_STA_DISCONNECTED %s%d", __func__,
1462 log_buf, hostapdApCbParm.id);
1463 HostapdEventReport(hapd->conf->iface, HOSTAPD_EVENT_STA_JOIN, (void *) &hostapdApCbParm);
1464 }
1465 #endif
1466 #endif
1467 #ifdef CONFIG_LIBWPA_VENDOR
1468 #ifdef CONFIG_VENDOR_EXT
1469 if (hapd->p2p_group != NULL && !wpa_vendor_ext_is_p2p_enhance_mode(hapd->msg_ctx)) {
1470 #endif
1471 struct P2pStaConnectStateParam p2pStaConnectStateParam;
1472 p2pStaConnectStateParam.state = 0;
1473 os_memcpy(p2pStaConnectStateParam.srcAddress, sta->addr, ETH_ALEN);
1474 #ifdef CONFIG_WIFI_RPT
1475 if (hapd->p2p != NULL && hapd->p2p->p2p_rpt == TRUE) {
1476 os_memcpy(p2pStaConnectStateParam.p2pDeviceAddress, sta->addr, ETH_ALEN);
1477 } else
1478 #endif /* CONFIG_WIFI_RPT */
1479 if (dev_addr) {
1480 os_memcpy(p2pStaConnectStateParam.p2pDeviceAddress, dev_addr, ETH_ALEN);
1481 } else {
1482 wpa_printf(MSG_INFO, "dev_addr is null for sta_connect_state 0");
1483 }
1484 wpa_printf(MSG_INFO, "WPA_EVENT_STA_CONNECT_STATE 0 " MACSTR_SEC " p2p_dev_addr=" MACSTR_SEC,
1485 MAC2STR_SEC(p2pStaConnectStateParam.srcAddress), MAC2STR_SEC(p2pStaConnectStateParam.p2pDeviceAddress));
1486 WpaEventReport(((struct wpa_supplicant *) hapd->msg_ctx)->ifname, WPA_EVENT_STA_CONNECT_STATE,
1487 (void *) &p2pStaConnectStateParam);
1488 #ifdef CONFIG_VENDOR_EXT
1489 }
1490 #endif
1491 #endif
1492 wpa_printf(MSG_INFO, AP_STA_DISCONNECTED);
1493
1494 if (hapd->msg_ctx_parent &&
1495 hapd->msg_ctx_parent != hapd->msg_ctx) {
1496 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
1497 AP_STA_DISCONNECTED "%s", buf);
1498 wpa_printf(MSG_INFO, AP_STA_DISCONNECTED);
1499 }
1500 }
1501
1502 #ifdef CONFIG_FST
1503 if (hapd->iface->fst) {
1504 if (authorized)
1505 fst_notify_peer_connected(hapd->iface->fst, sta->addr);
1506 else
1507 fst_notify_peer_disconnected(hapd->iface->fst,
1508 sta->addr);
1509 }
1510 #endif /* CONFIG_FST */
1511 }
1512
1513
ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, const u8 *addr, u16 reason)1514 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
1515 const u8 *addr, u16 reason)
1516 {
1517 if (sta)
1518 wpa_printf(MSG_DEBUG, "%s: %s STA " MACSTR_SEC " reason=%u",
1519 hapd->conf->iface, __func__, MAC2STR_SEC(sta->addr),
1520 reason);
1521 else if (addr)
1522 wpa_printf(MSG_DEBUG, "%s: %s addr " MACSTR_SEC " reason=%u",
1523 hapd->conf->iface, __func__, MAC2STR_SEC(addr),
1524 reason);
1525
1526 if (sta == NULL && addr)
1527 sta = ap_get_sta(hapd, addr);
1528
1529 if (addr)
1530 hostapd_drv_sta_deauth(hapd, addr, reason);
1531
1532 if (sta == NULL)
1533 return;
1534 ap_sta_set_authorized(hapd, sta, 0);
1535 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
1536 hostapd_set_sta_flags(hapd, sta);
1537 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
1538 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
1539 wpa_printf(MSG_EXCESSIVE, "%s: %s: reschedule ap_handle_timer timeout "
1540 "for " MACSTR_SEC " (%d seconds - "
1541 "AP_MAX_INACTIVITY_AFTER_DEAUTH)",
1542 hapd->conf->iface, __func__, MAC2STR_SEC(sta->addr),
1543 AP_MAX_INACTIVITY_AFTER_DEAUTH);
1544 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
1545 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0,
1546 ap_handle_timer, hapd, sta);
1547 sta->timeout_next = STA_REMOVE;
1548
1549 if (hapd->iface->current_mode &&
1550 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) {
1551 /* Deauthentication is not used in DMG/IEEE 802.11ad;
1552 * disassociate the STA instead. */
1553 sta->disassoc_reason = reason;
1554 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB;
1555 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
1556 eloop_register_timeout(hapd->iface->drv_flags &
1557 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ?
1558 2 : 0, 0, ap_sta_disassoc_cb_timeout,
1559 hapd, sta);
1560 return;
1561 }
1562
1563 sta->deauth_reason = reason;
1564 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB;
1565 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
1566 eloop_register_timeout(hapd->iface->drv_flags &
1567 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
1568 ap_sta_deauth_cb_timeout, hapd, sta);
1569 }
1570
1571
ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta)1572 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta)
1573 {
1574 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) {
1575 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame");
1576 return;
1577 }
1578 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB;
1579 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
1580 ap_sta_deauth_cb_timeout(hapd, sta);
1581 }
1582
1583
ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta)1584 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta)
1585 {
1586 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) {
1587 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame");
1588 return;
1589 }
1590 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB;
1591 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
1592 ap_sta_disassoc_cb_timeout(hapd, sta);
1593 }
1594
1595
ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, struct sta_info *sta)1596 void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd,
1597 struct sta_info *sta)
1598 {
1599 if (eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta) > 0)
1600 wpa_printf(MSG_DEBUG,
1601 "%s: Removed ap_sta_deauth_cb_timeout timeout for "
1602 MACSTR_SEC,
1603 hapd->conf->iface, MAC2STR_SEC(sta->addr));
1604 if (eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta) > 0)
1605 wpa_printf(MSG_DEBUG,
1606 "%s: Removed ap_sta_disassoc_cb_timeout timeout for "
1607 MACSTR_SEC,
1608 hapd->conf->iface, MAC2STR_SEC(sta->addr));
1609 if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0)
1610 {
1611 wpa_printf(MSG_EXCESSIVE,
1612 "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for "
1613 MACSTR_SEC,
1614 hapd->conf->iface, MAC2STR_SEC(sta->addr));
1615 if (sta->flags & WLAN_STA_WPS)
1616 hostapd_wps_eap_completed(hapd);
1617 }
1618 }
1619
1620
ap_sta_flags_txt(u32 flags, char *buf, size_t buflen)1621 int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen)
1622 {
1623 int res;
1624
1625 buf[0] = '\0';
1626 res = os_snprintf(buf, buflen,
1627 "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
1628 (flags & WLAN_STA_AUTH ? "[AUTH]" : ""),
1629 (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""),
1630 (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""),
1631 (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" :
1632 ""),
1633 (flags & WLAN_STA_SHORT_PREAMBLE ?
1634 "[SHORT_PREAMBLE]" : ""),
1635 (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""),
1636 (flags & WLAN_STA_WMM ? "[WMM]" : ""),
1637 (flags & WLAN_STA_MFP ? "[MFP]" : ""),
1638 (flags & WLAN_STA_WPS ? "[WPS]" : ""),
1639 (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""),
1640 (flags & WLAN_STA_WDS ? "[WDS]" : ""),
1641 (flags & WLAN_STA_NONERP ? "[NonERP]" : ""),
1642 (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""),
1643 (flags & WLAN_STA_GAS ? "[GAS]" : ""),
1644 (flags & WLAN_STA_HT ? "[HT]" : ""),
1645 (flags & WLAN_STA_VHT ? "[VHT]" : ""),
1646 (flags & WLAN_STA_HE ? "[HE]" : ""),
1647 (flags & WLAN_STA_6GHZ ? "[6GHZ]" : ""),
1648 (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""),
1649 (flags & WLAN_STA_WNM_SLEEP_MODE ?
1650 "[WNM_SLEEP_MODE]" : ""));
1651 if (os_snprintf_error(buflen, res))
1652 res = -1;
1653
1654 return res;
1655 }
1656
1657
ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx)1658 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx)
1659 {
1660 struct hostapd_data *hapd = eloop_ctx;
1661 struct sta_info *sta = timeout_ctx;
1662 u16 reason;
1663
1664 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_DEBUG,
1665 "IEEE 802.1X: Scheduled disconnection of " MACSTR
1666 " after EAP-Failure", MAC2STR(sta->addr));
1667 wpa_printf(MSG_DEBUG, "IEEE 802.1X: Scheduled disconnection of " MACSTR_SEC
1668 " after EAP-Failure", MAC2STR_SEC(sta->addr));
1669
1670 reason = sta->disconnect_reason_code;
1671 if (!reason)
1672 reason = WLAN_REASON_IEEE_802_1X_AUTH_FAILED;
1673 ap_sta_disconnect(hapd, sta, sta->addr, reason);
1674 if (sta->flags & WLAN_STA_WPS)
1675 hostapd_wps_eap_completed(hapd);
1676 }
1677
1678
ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, struct sta_info *sta)1679 void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd,
1680 struct sta_info *sta)
1681 {
1682 wpa_msg_only_for_cb(hapd->msg_ctx, MSG_DEBUG,
1683 "IEEE 802.1X: Force disconnection of " MACSTR
1684 " after EAP-Failure in 10 ms", MAC2STR(sta->addr));
1685 wpa_printf(MSG_DEBUG, "IEEE 802.1X: Force disconnection of " MACSTR_SEC
1686 " after EAP-Failure in 10 ms", MAC2STR_SEC(sta->addr));
1687
1688 /*
1689 * Add a small sleep to increase likelihood of previously requested
1690 * EAP-Failure TX getting out before this should the driver reorder
1691 * operations.
1692 */
1693 eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta);
1694 eloop_register_timeout(0, 10000, ap_sta_delayed_1x_auth_fail_cb,
1695 hapd, sta);
1696 }
1697
1698
ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, struct sta_info *sta)1699 int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd,
1700 struct sta_info *sta)
1701 {
1702 return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb,
1703 hapd, sta);
1704 }
1705
1706
ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta)1707 int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta)
1708 {
1709 /*
1710 * If a station that is already associated to the AP, is trying to
1711 * authenticate again, remove the STA entry, in order to make sure the
1712 * STA PS state gets cleared and configuration gets updated. To handle
1713 * this, station's added_unassoc flag is cleared once the station has
1714 * completed association.
1715 */
1716 ap_sta_set_authorized(hapd, sta, 0);
1717 hostapd_drv_sta_remove(hapd, sta->addr);
1718 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH | WLAN_STA_AUTHORIZED);
1719
1720 if (hostapd_sta_add(hapd, sta->addr, 0, 0,
1721 sta->supported_rates,
1722 sta->supported_rates_len,
1723 0, NULL, NULL, NULL, 0, NULL,
1724 sta->flags, 0, 0, 0, 0)) {
1725 hostapd_logger(hapd, sta->addr,
1726 HOSTAPD_MODULE_IEEE80211,
1727 HOSTAPD_LEVEL_NOTICE,
1728 "Could not add STA to kernel driver");
1729 return -1;
1730 }
1731
1732 sta->added_unassoc = 1;
1733 return 0;
1734 }
1735