1 /*
2 * hostapd / Station table
3 * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "common/ieee802_11_defs.h"
14 #include "common/wpa_ctrl.h"
15 #include "common/sae.h"
16 #include "common/dpp.h"
17 #include "radius/radius.h"
18 #include "radius/radius_client.h"
19 #include "p2p/p2p.h"
20 #include "fst/fst.h"
21 #include "crypto/crypto.h"
22 #include "hostapd.h"
23 #include "accounting.h"
24 #include "ieee802_1x.h"
25 #include "ieee802_11.h"
26 #include "ieee802_11_auth.h"
27 #include "wpa_auth.h"
28 #include "preauth_auth.h"
29 #include "ap_config.h"
30 #include "beacon.h"
31 #include "ap_mlme.h"
32 #include "vlan_init.h"
33 #include "p2p_hostapd.h"
34 #include "ap_drv_ops.h"
35 #include "gas_serv.h"
36 #include "wnm_ap.h"
37 #include "mbo_ap.h"
38 #include "ndisc_snoop.h"
39 #include "sta_info.h"
40 #include "vlan.h"
41 #include "wps_hostapd.h"
42
43 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd,
44 struct sta_info *sta);
45 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx);
46 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx);
47 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx);
48 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx);
49 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx);
50 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta);
51 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx);
52
ap_for_each_sta(struct hostapd_data * hapd,int (* cb)(struct hostapd_data * hapd,struct sta_info * sta,void * ctx),void * ctx)53 int ap_for_each_sta(struct hostapd_data *hapd,
54 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta,
55 void *ctx),
56 void *ctx)
57 {
58 struct sta_info *sta;
59
60 for (sta = hapd->sta_list; sta; sta = sta->next) {
61 if (cb(hapd, sta, ctx))
62 return 1;
63 }
64
65 return 0;
66 }
67
68
ap_get_sta(struct hostapd_data * hapd,const u8 * sta)69 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta)
70 {
71 struct sta_info *s;
72
73 s = hapd->sta_hash[STA_HASH(sta)];
74 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0)
75 s = s->hnext;
76 return s;
77 }
78
79
80 #ifdef CONFIG_P2P
ap_get_sta_p2p(struct hostapd_data * hapd,const u8 * addr)81 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr)
82 {
83 struct sta_info *sta;
84
85 for (sta = hapd->sta_list; sta; sta = sta->next) {
86 const u8 *p2p_dev_addr;
87
88 if (sta->p2p_ie == NULL)
89 continue;
90
91 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie);
92 if (p2p_dev_addr == NULL)
93 continue;
94
95 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0)
96 return sta;
97 }
98
99 return NULL;
100 }
101 #endif /* CONFIG_P2P */
102
103
ap_sta_list_del(struct hostapd_data * hapd,struct sta_info * sta)104 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta)
105 {
106 struct sta_info *tmp;
107
108 if (hapd->sta_list == sta) {
109 hapd->sta_list = sta->next;
110 return;
111 }
112
113 tmp = hapd->sta_list;
114 while (tmp != NULL && tmp->next != sta)
115 tmp = tmp->next;
116 if (tmp == NULL) {
117 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from "
118 "list.", MAC2STR(sta->addr));
119 } else
120 tmp->next = sta->next;
121 }
122
123
ap_sta_hash_add(struct hostapd_data * hapd,struct sta_info * sta)124 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta)
125 {
126 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)];
127 hapd->sta_hash[STA_HASH(sta->addr)] = sta;
128 }
129
130
ap_sta_hash_del(struct hostapd_data * hapd,struct sta_info * sta)131 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta)
132 {
133 struct sta_info *s;
134
135 s = hapd->sta_hash[STA_HASH(sta->addr)];
136 if (s == NULL) return;
137 if (os_memcmp(s->addr, sta->addr, 6) == 0) {
138 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext;
139 return;
140 }
141
142 while (s->hnext != NULL &&
143 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0)
144 s = s->hnext;
145 if (s->hnext != NULL)
146 s->hnext = s->hnext->hnext;
147 else
148 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR
149 " from hash table", MAC2STR(sta->addr));
150 }
151
152
ap_sta_ip6addr_del(struct hostapd_data * hapd,struct sta_info * sta)153 void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta)
154 {
155 sta_ip6addr_del(hapd, sta);
156 }
157
158
159 #ifdef CONFIG_PASN
160
ap_free_sta_pasn(struct hostapd_data * hapd,struct sta_info * sta)161 void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta)
162 {
163 if (sta->pasn) {
164 wpa_printf(MSG_DEBUG, "PASN: Free PASN context: " MACSTR,
165 MAC2STR(sta->addr));
166
167 if (sta->pasn->ecdh)
168 crypto_ecdh_deinit(sta->pasn->ecdh);
169
170 wpabuf_free(sta->pasn->secret);
171 sta->pasn->secret = NULL;
172
173 #ifdef CONFIG_SAE
174 sae_clear_data(&sta->pasn->sae);
175 #endif /* CONFIG_SAE */
176
177 #ifdef CONFIG_FILS
178 /* In practice this pointer should be NULL */
179 wpabuf_free(sta->pasn->fils.erp_resp);
180 sta->pasn->fils.erp_resp = NULL;
181 #endif /* CONFIG_FILS */
182
183 bin_clear_free(sta->pasn, sizeof(*sta->pasn));
184 sta->pasn = NULL;
185 }
186 }
187
188 #endif /* CONFIG_PASN */
189
ap_free_sta(struct hostapd_data * hapd,struct sta_info * sta)190 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
191 {
192 int set_beacon = 0;
193
194 accounting_sta_stop(hapd, sta);
195
196 /* just in case */
197 ap_sta_set_authorized(hapd, sta, 0);
198 hostapd_set_sta_flags(hapd, sta);
199
200 if ((sta->flags & WLAN_STA_WDS) ||
201 (sta->flags & WLAN_STA_MULTI_AP &&
202 (hapd->conf->multi_ap & BACKHAUL_BSS) &&
203 !(sta->flags & WLAN_STA_WPS)))
204 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0);
205
206 if (sta->ipaddr)
207 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr);
208 ap_sta_ip6addr_del(hapd, sta);
209
210 if (!hapd->iface->driver_ap_teardown &&
211 !(sta->flags & WLAN_STA_PREAUTH)) {
212 hostapd_drv_sta_remove(hapd, sta->addr);
213 sta->added_unassoc = 0;
214 }
215
216 ap_sta_hash_del(hapd, sta);
217 ap_sta_list_del(hapd, sta);
218
219 if (sta->aid > 0)
220 hapd->sta_aid[(sta->aid - 1) / 32] &=
221 ~BIT((sta->aid - 1) % 32);
222
223 hapd->num_sta--;
224 if (sta->nonerp_set) {
225 sta->nonerp_set = 0;
226 hapd->iface->num_sta_non_erp--;
227 if (hapd->iface->num_sta_non_erp == 0)
228 set_beacon++;
229 }
230
231 if (sta->no_short_slot_time_set) {
232 sta->no_short_slot_time_set = 0;
233 hapd->iface->num_sta_no_short_slot_time--;
234 if (hapd->iface->current_mode &&
235 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
236 && hapd->iface->num_sta_no_short_slot_time == 0)
237 set_beacon++;
238 }
239
240 if (sta->no_short_preamble_set) {
241 sta->no_short_preamble_set = 0;
242 hapd->iface->num_sta_no_short_preamble--;
243 if (hapd->iface->current_mode &&
244 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
245 && hapd->iface->num_sta_no_short_preamble == 0)
246 set_beacon++;
247 }
248
249 if (sta->no_ht_gf_set) {
250 sta->no_ht_gf_set = 0;
251 hapd->iface->num_sta_ht_no_gf--;
252 }
253
254 if (sta->no_ht_set) {
255 sta->no_ht_set = 0;
256 hapd->iface->num_sta_no_ht--;
257 }
258
259 if (sta->ht_20mhz_set) {
260 sta->ht_20mhz_set = 0;
261 hapd->iface->num_sta_ht_20mhz--;
262 }
263
264 #ifdef CONFIG_TAXONOMY
265 wpabuf_free(sta->probe_ie_taxonomy);
266 sta->probe_ie_taxonomy = NULL;
267 wpabuf_free(sta->assoc_ie_taxonomy);
268 sta->assoc_ie_taxonomy = NULL;
269 #endif /* CONFIG_TAXONOMY */
270
271 ht40_intolerant_remove(hapd->iface, sta);
272
273 #ifdef CONFIG_P2P
274 if (sta->no_p2p_set) {
275 sta->no_p2p_set = 0;
276 hapd->num_sta_no_p2p--;
277 if (hapd->num_sta_no_p2p == 0)
278 hostapd_p2p_non_p2p_sta_disconnected(hapd);
279 }
280 #endif /* CONFIG_P2P */
281
282 #ifdef NEED_AP_MLME
283 if (hostapd_ht_operation_update(hapd->iface) > 0)
284 set_beacon++;
285 #endif /* NEED_AP_MLME */
286
287 #ifdef CONFIG_MESH
288 if (hapd->mesh_sta_free_cb)
289 hapd->mesh_sta_free_cb(hapd, sta);
290 #endif /* CONFIG_MESH */
291
292 if (set_beacon)
293 ieee802_11_update_beacons(hapd->iface);
294
295 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR,
296 __func__, MAC2STR(sta->addr));
297 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
298 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
299 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta);
300 ap_sta_clear_disconnect_timeouts(hapd, sta);
301 sae_clear_retransmit_timer(hapd, sta);
302
303 ieee802_1x_free_station(hapd, sta);
304
305 #ifdef CONFIG_IEEE80211BE
306 if (!hapd->conf->mld_ap || !sta->mld_info.mld_sta ||
307 hapd->mld_link_id == sta->mld_assoc_link_id)
308 wpa_auth_sta_deinit(sta->wpa_sm);
309 #else
310 wpa_auth_sta_deinit(sta->wpa_sm);
311 #endif /* CONFIG_IEEE80211BE */
312
313 rsn_preauth_free_station(hapd, sta);
314 #ifndef CONFIG_NO_RADIUS
315 if (hapd->radius)
316 radius_client_flush_auth(hapd->radius, sta->addr);
317 #endif /* CONFIG_NO_RADIUS */
318
319 #ifndef CONFIG_NO_VLAN
320 /*
321 * sta->wpa_sm->group needs to be released before so that
322 * vlan_remove_dynamic() can check that no stations are left on the
323 * AP_VLAN netdev.
324 */
325 if (sta->vlan_id)
326 vlan_remove_dynamic(hapd, sta->vlan_id);
327 if (sta->vlan_id_bound) {
328 /*
329 * Need to remove the STA entry before potentially removing the
330 * VLAN.
331 */
332 if (hapd->iface->driver_ap_teardown &&
333 !(sta->flags & WLAN_STA_PREAUTH)) {
334 hostapd_drv_sta_remove(hapd, sta->addr);
335 sta->added_unassoc = 0;
336 }
337 vlan_remove_dynamic(hapd, sta->vlan_id_bound);
338 }
339 #endif /* CONFIG_NO_VLAN */
340
341 os_free(sta->challenge);
342
343 os_free(sta->sa_query_trans_id);
344 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
345
346 #ifdef CONFIG_P2P
347 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr);
348 #endif /* CONFIG_P2P */
349
350 #ifdef CONFIG_INTERWORKING
351 if (sta->gas_dialog) {
352 int i;
353 for (i = 0; i < GAS_DIALOG_MAX; i++)
354 gas_serv_dialog_clear(&sta->gas_dialog[i]);
355 os_free(sta->gas_dialog);
356 }
357 #endif /* CONFIG_INTERWORKING */
358
359 wpabuf_free(sta->wps_ie);
360 wpabuf_free(sta->p2p_ie);
361 wpabuf_free(sta->hs20_ie);
362 wpabuf_free(sta->roaming_consortium);
363 #ifdef CONFIG_FST
364 wpabuf_free(sta->mb_ies);
365 #endif /* CONFIG_FST */
366
367 os_free(sta->ht_capabilities);
368 os_free(sta->vht_capabilities);
369 os_free(sta->vht_operation);
370 os_free(sta->he_capab);
371 os_free(sta->he_6ghz_capab);
372 os_free(sta->eht_capab);
373 hostapd_free_psk_list(sta->psk);
374 os_free(sta->identity);
375 os_free(sta->radius_cui);
376 os_free(sta->remediation_url);
377 os_free(sta->t_c_url);
378 wpabuf_free(sta->hs20_deauth_req);
379 os_free(sta->hs20_session_info_url);
380
381 #ifdef CONFIG_SAE
382 sae_clear_data(sta->sae);
383 os_free(sta->sae);
384 #endif /* CONFIG_SAE */
385
386 mbo_ap_sta_free(sta);
387 os_free(sta->supp_op_classes);
388
389 #ifdef CONFIG_FILS
390 os_free(sta->fils_pending_assoc_req);
391 wpabuf_free(sta->fils_hlp_resp);
392 wpabuf_free(sta->hlp_dhcp_discover);
393 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta);
394 #ifdef CONFIG_FILS_SK_PFS
395 crypto_ecdh_deinit(sta->fils_ecdh);
396 wpabuf_clear_free(sta->fils_dh_ss);
397 wpabuf_free(sta->fils_g_sta);
398 #endif /* CONFIG_FILS_SK_PFS */
399 #endif /* CONFIG_FILS */
400
401 #ifdef CONFIG_OWE
402 bin_clear_free(sta->owe_pmk, sta->owe_pmk_len);
403 crypto_ecdh_deinit(sta->owe_ecdh);
404 #endif /* CONFIG_OWE */
405
406 #ifdef CONFIG_DPP2
407 dpp_pfs_free(sta->dpp_pfs);
408 sta->dpp_pfs = NULL;
409 #endif /* CONFIG_DPP2 */
410
411 os_free(sta->ext_capability);
412
413 #ifdef CONFIG_WNM_AP
414 eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta);
415 #endif /* CONFIG_WNM_AP */
416
417 #ifdef CONFIG_PASN
418 ap_free_sta_pasn(hapd, sta);
419 #endif /* CONFIG_PASN */
420
421 os_free(sta->ifname_wds);
422
423 #ifdef CONFIG_TESTING_OPTIONS
424 os_free(sta->sae_postponed_commit);
425 forced_memzero(sta->last_tk, WPA_TK_MAX_LEN);
426 #endif /* CONFIG_TESTING_OPTIONS */
427
428 os_free(sta);
429 }
430
431
hostapd_free_stas(struct hostapd_data * hapd)432 void hostapd_free_stas(struct hostapd_data *hapd)
433 {
434 struct sta_info *sta, *prev;
435
436 sta = hapd->sta_list;
437
438 while (sta) {
439 prev = sta;
440 if (sta->flags & WLAN_STA_AUTH) {
441 mlme_deauthenticate_indication(
442 hapd, sta, WLAN_REASON_UNSPECIFIED);
443 }
444 sta = sta->next;
445 wpa_printf(MSG_DEBUG, "Removing station " MACSTR,
446 MAC2STR(prev->addr));
447 ap_free_sta(hapd, prev);
448 }
449 }
450
451
452 /**
453 * ap_handle_timer - Per STA timer handler
454 * @eloop_ctx: struct hostapd_data *
455 * @timeout_ctx: struct sta_info *
456 *
457 * This function is called to check station activity and to remove inactive
458 * stations.
459 */
ap_handle_timer(void * eloop_ctx,void * timeout_ctx)460 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx)
461 {
462 struct hostapd_data *hapd = eloop_ctx;
463 struct sta_info *sta = timeout_ctx;
464 unsigned long next_time = 0;
465 int reason;
466
467 wpa_printf(MSG_DEBUG, "%s: %s: " MACSTR " flags=0x%x timeout_next=%d",
468 hapd->conf->iface, __func__, MAC2STR(sta->addr), sta->flags,
469 sta->timeout_next);
470 if (sta->timeout_next == STA_REMOVE) {
471 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
472 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
473 "local deauth request");
474 ap_free_sta(hapd, sta);
475 return;
476 }
477
478 if ((sta->flags & WLAN_STA_ASSOC) &&
479 (sta->timeout_next == STA_NULLFUNC ||
480 sta->timeout_next == STA_DISASSOC)) {
481 int inactive_sec;
482 /*
483 * Add random value to timeout so that we don't end up bouncing
484 * all stations at the same time if we have lots of associated
485 * stations that are idle (but keep re-associating).
486 */
487 int fuzz = os_random() % 20;
488 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr);
489 if (inactive_sec == -1) {
490 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
491 "Check inactivity: Could not "
492 "get station info from kernel driver for "
493 MACSTR, MAC2STR(sta->addr));
494 /*
495 * The driver may not support this functionality.
496 * Anyway, try again after the next inactivity timeout,
497 * but do not disconnect the station now.
498 */
499 next_time = hapd->conf->ap_max_inactivity + fuzz;
500 } else if (inactive_sec == -ENOENT) {
501 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
502 "Station " MACSTR " has lost its driver entry",
503 MAC2STR(sta->addr));
504
505 /* Avoid sending client probe on removed client */
506 sta->timeout_next = STA_DISASSOC;
507 goto skip_poll;
508 } else if (inactive_sec < hapd->conf->ap_max_inactivity) {
509 /* station activity detected; reset timeout state */
510 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
511 "Station " MACSTR " has been active %is ago",
512 MAC2STR(sta->addr), inactive_sec);
513 sta->timeout_next = STA_NULLFUNC;
514 next_time = hapd->conf->ap_max_inactivity + fuzz -
515 inactive_sec;
516 } else {
517 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
518 "Station " MACSTR " has been "
519 "inactive too long: %d sec, max allowed: %d",
520 MAC2STR(sta->addr), inactive_sec,
521 hapd->conf->ap_max_inactivity);
522
523 if (hapd->conf->skip_inactivity_poll)
524 sta->timeout_next = STA_DISASSOC;
525 }
526 }
527
528 if ((sta->flags & WLAN_STA_ASSOC) &&
529 sta->timeout_next == STA_DISASSOC &&
530 !(sta->flags & WLAN_STA_PENDING_POLL) &&
531 !hapd->conf->skip_inactivity_poll) {
532 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR
533 " has ACKed data poll", MAC2STR(sta->addr));
534 /* data nullfunc frame poll did not produce TX errors; assume
535 * station ACKed it */
536 sta->timeout_next = STA_NULLFUNC;
537 next_time = hapd->conf->ap_max_inactivity;
538 }
539
540 skip_poll:
541 if (next_time) {
542 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
543 "for " MACSTR " (%lu seconds)",
544 __func__, MAC2STR(sta->addr), next_time);
545 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd,
546 sta);
547 return;
548 }
549
550 if (sta->timeout_next == STA_NULLFUNC &&
551 (sta->flags & WLAN_STA_ASSOC)) {
552 wpa_printf(MSG_DEBUG, " Polling STA");
553 sta->flags |= WLAN_STA_PENDING_POLL;
554 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr,
555 sta->flags & WLAN_STA_WMM);
556 } else if (sta->timeout_next != STA_REMOVE) {
557 int deauth = sta->timeout_next == STA_DEAUTH;
558
559 if (!deauth && !(sta->flags & WLAN_STA_ASSOC)) {
560 /* Cannot disassociate not-associated STA, so move
561 * directly to deauthentication. */
562 sta->timeout_next = STA_DEAUTH;
563 deauth = 1;
564 }
565
566 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
567 "Timeout, sending %s info to STA " MACSTR,
568 deauth ? "deauthentication" : "disassociation",
569 MAC2STR(sta->addr));
570
571 if (deauth) {
572 hostapd_drv_sta_deauth(
573 hapd, sta->addr,
574 WLAN_REASON_PREV_AUTH_NOT_VALID);
575 } else {
576 reason = (sta->timeout_next == STA_DISASSOC) ?
577 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY :
578 WLAN_REASON_PREV_AUTH_NOT_VALID;
579
580 hostapd_drv_sta_disassoc(hapd, sta->addr, reason);
581 }
582 }
583
584 switch (sta->timeout_next) {
585 case STA_NULLFUNC:
586 sta->timeout_next = STA_DISASSOC;
587 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
588 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)",
589 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY);
590 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer,
591 hapd, sta);
592 break;
593 case STA_DISASSOC:
594 case STA_DISASSOC_FROM_CLI:
595 ap_sta_set_authorized(hapd, sta, 0);
596 sta->flags &= ~WLAN_STA_ASSOC;
597 hostapd_set_sta_flags(hapd, sta);
598 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
599 if (!sta->acct_terminate_cause)
600 sta->acct_terminate_cause =
601 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT;
602 accounting_sta_stop(hapd, sta);
603 ieee802_1x_free_station(hapd, sta);
604 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
605 HOSTAPD_LEVEL_INFO, "disassociated due to "
606 "inactivity");
607 reason = (sta->timeout_next == STA_DISASSOC) ?
608 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY :
609 WLAN_REASON_PREV_AUTH_NOT_VALID;
610 sta->timeout_next = STA_DEAUTH;
611 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
612 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)",
613 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY);
614 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer,
615 hapd, sta);
616 mlme_disassociate_indication(hapd, sta, reason);
617 break;
618 case STA_DEAUTH:
619 case STA_REMOVE:
620 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
621 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
622 "inactivity (timer DEAUTH/REMOVE)");
623 if (!sta->acct_terminate_cause)
624 sta->acct_terminate_cause =
625 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT;
626 mlme_deauthenticate_indication(
627 hapd, sta,
628 WLAN_REASON_PREV_AUTH_NOT_VALID);
629 ap_free_sta(hapd, sta);
630 break;
631 }
632 }
633
634
ap_handle_session_timer(void * eloop_ctx,void * timeout_ctx)635 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx)
636 {
637 struct hostapd_data *hapd = eloop_ctx;
638 struct sta_info *sta = timeout_ctx;
639
640 wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR,
641 hapd->conf->iface, MAC2STR(sta->addr));
642 if (!(sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC |
643 WLAN_STA_AUTHORIZED))) {
644 if (sta->flags & WLAN_STA_GAS) {
645 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA "
646 "entry " MACSTR, MAC2STR(sta->addr));
647 ap_free_sta(hapd, sta);
648 }
649 return;
650 }
651
652 hostapd_drv_sta_deauth(hapd, sta->addr,
653 WLAN_REASON_PREV_AUTH_NOT_VALID);
654 mlme_deauthenticate_indication(hapd, sta,
655 WLAN_REASON_PREV_AUTH_NOT_VALID);
656 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
657 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
658 "session timeout");
659 sta->acct_terminate_cause =
660 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT;
661 ap_free_sta(hapd, sta);
662 }
663
664
ap_sta_replenish_timeout(struct hostapd_data * hapd,struct sta_info * sta,u32 session_timeout)665 void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta,
666 u32 session_timeout)
667 {
668 if (eloop_replenish_timeout(session_timeout, 0,
669 ap_handle_session_timer, hapd, sta) == 1) {
670 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
671 HOSTAPD_LEVEL_DEBUG, "setting session timeout "
672 "to %d seconds", session_timeout);
673 }
674 }
675
676
ap_sta_session_timeout(struct hostapd_data * hapd,struct sta_info * sta,u32 session_timeout)677 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta,
678 u32 session_timeout)
679 {
680 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
681 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d "
682 "seconds", session_timeout);
683 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
684 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer,
685 hapd, sta);
686 }
687
688
ap_sta_no_session_timeout(struct hostapd_data * hapd,struct sta_info * sta)689 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta)
690 {
691 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
692 }
693
694
ap_handle_session_warning_timer(void * eloop_ctx,void * timeout_ctx)695 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx)
696 {
697 #ifdef CONFIG_WNM_AP
698 struct hostapd_data *hapd = eloop_ctx;
699 struct sta_info *sta = timeout_ctx;
700
701 wpa_printf(MSG_DEBUG, "%s: WNM: Session warning time reached for "
702 MACSTR, hapd->conf->iface, MAC2STR(sta->addr));
703 if (sta->hs20_session_info_url == NULL)
704 return;
705
706 wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url,
707 sta->hs20_disassoc_timer);
708 #endif /* CONFIG_WNM_AP */
709 }
710
711
ap_sta_session_warning_timeout(struct hostapd_data * hapd,struct sta_info * sta,int warning_time)712 void ap_sta_session_warning_timeout(struct hostapd_data *hapd,
713 struct sta_info *sta, int warning_time)
714 {
715 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta);
716 eloop_register_timeout(warning_time, 0, ap_handle_session_warning_timer,
717 hapd, sta);
718 }
719
720
ap_sta_add(struct hostapd_data * hapd,const u8 * addr)721 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr)
722 {
723 struct sta_info *sta;
724 int i;
725
726 sta = ap_get_sta(hapd, addr);
727 if (sta)
728 return sta;
729
730 wpa_printf(MSG_DEBUG, " New STA");
731 if (hapd->num_sta >= hapd->conf->max_num_sta) {
732 /* FIX: might try to remove some old STAs first? */
733 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)",
734 hapd->num_sta, hapd->conf->max_num_sta);
735 return NULL;
736 }
737
738 sta = os_zalloc(sizeof(struct sta_info));
739 if (sta == NULL) {
740 wpa_printf(MSG_ERROR, "malloc failed");
741 return NULL;
742 }
743 sta->acct_interim_interval = hapd->conf->acct_interim_interval;
744 if (accounting_sta_get_id(hapd, sta) < 0) {
745 os_free(sta);
746 return NULL;
747 }
748
749 for (i = 0; i < WLAN_SUPP_RATES_MAX; i++) {
750 if (!hapd->iface->basic_rates)
751 break;
752 if (hapd->iface->basic_rates[i] < 0)
753 break;
754 sta->supported_rates[i] = hapd->iface->basic_rates[i] / 5;
755 }
756 sta->supported_rates_len = i;
757
758 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) {
759 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
760 "for " MACSTR " (%d seconds - ap_max_inactivity)",
761 __func__, MAC2STR(addr),
762 hapd->conf->ap_max_inactivity);
763 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0,
764 ap_handle_timer, hapd, sta);
765 }
766
767 /* initialize STA info data */
768 os_memcpy(sta->addr, addr, ETH_ALEN);
769 sta->next = hapd->sta_list;
770 hapd->sta_list = sta;
771 hapd->num_sta++;
772 ap_sta_hash_add(hapd, sta);
773 ap_sta_remove_in_other_bss(hapd, sta);
774 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
775 dl_list_init(&sta->ip6addr);
776
777 #ifdef CONFIG_TAXONOMY
778 sta_track_claim_taxonomy_info(hapd->iface, addr,
779 &sta->probe_ie_taxonomy);
780 #endif /* CONFIG_TAXONOMY */
781
782 return sta;
783 }
784
785
ap_sta_remove(struct hostapd_data * hapd,struct sta_info * sta)786 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta)
787 {
788 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
789
790 if (sta->ipaddr)
791 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr);
792 ap_sta_ip6addr_del(hapd, sta);
793
794 wpa_printf(MSG_DEBUG, "%s: Removing STA " MACSTR " from kernel driver",
795 hapd->conf->iface, MAC2STR(sta->addr));
796 if (hostapd_drv_sta_remove(hapd, sta->addr) &&
797 sta->flags & WLAN_STA_ASSOC) {
798 wpa_printf(MSG_DEBUG, "%s: Could not remove station " MACSTR
799 " from kernel driver",
800 hapd->conf->iface, MAC2STR(sta->addr));
801 return -1;
802 }
803 sta->added_unassoc = 0;
804 return 0;
805 }
806
807
ap_sta_remove_in_other_bss(struct hostapd_data * hapd,struct sta_info * sta)808 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd,
809 struct sta_info *sta)
810 {
811 struct hostapd_iface *iface = hapd->iface;
812 size_t i;
813
814 for (i = 0; i < iface->num_bss; i++) {
815 struct hostapd_data *bss = iface->bss[i];
816 struct sta_info *sta2;
817 /* bss should always be set during operation, but it may be
818 * NULL during reconfiguration. Assume the STA is not
819 * associated to another BSS in that case to avoid NULL pointer
820 * dereferences. */
821 if (bss == hapd || bss == NULL)
822 continue;
823 sta2 = ap_get_sta(bss, sta->addr);
824 if (!sta2)
825 continue;
826
827 wpa_printf(MSG_DEBUG, "%s: disconnect old STA " MACSTR
828 " association from another BSS %s",
829 hapd->conf->iface, MAC2STR(sta2->addr),
830 bss->conf->iface);
831 ap_sta_disconnect(bss, sta2, sta2->addr,
832 WLAN_REASON_PREV_AUTH_NOT_VALID);
833 }
834 }
835
836
ap_sta_disassoc_cb_timeout(void * eloop_ctx,void * timeout_ctx)837 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx)
838 {
839 struct hostapd_data *hapd = eloop_ctx;
840 struct sta_info *sta = timeout_ctx;
841
842 wpa_printf(MSG_DEBUG, "%s: Disassociation callback for STA " MACSTR,
843 hapd->conf->iface, MAC2STR(sta->addr));
844 ap_sta_remove(hapd, sta);
845 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason);
846 }
847
848
ap_sta_disassociate(struct hostapd_data * hapd,struct sta_info * sta,u16 reason)849 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta,
850 u16 reason)
851 {
852 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR,
853 hapd->conf->iface, MAC2STR(sta->addr));
854 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
855 if (hapd->iface->current_mode &&
856 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) {
857 /* Skip deauthentication in DMG/IEEE 802.11ad */
858 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC |
859 WLAN_STA_ASSOC_REQ_OK);
860 sta->timeout_next = STA_REMOVE;
861 } else {
862 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK);
863 sta->timeout_next = STA_DEAUTH;
864 }
865 ap_sta_set_authorized(hapd, sta, 0);
866 hostapd_set_sta_flags(hapd, sta);
867 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
868 "for " MACSTR " (%d seconds - "
869 "AP_MAX_INACTIVITY_AFTER_DISASSOC)",
870 __func__, MAC2STR(sta->addr),
871 AP_MAX_INACTIVITY_AFTER_DISASSOC);
872 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
873 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0,
874 ap_handle_timer, hapd, sta);
875 accounting_sta_stop(hapd, sta);
876 ieee802_1x_free_station(hapd, sta);
877 #ifdef CONFIG_IEEE80211BE
878 if (!hapd->conf->mld_ap ||
879 hapd->mld_link_id == sta->mld_assoc_link_id)
880 wpa_auth_sta_deinit(sta->wpa_sm);
881 #else
882 wpa_auth_sta_deinit(sta->wpa_sm);
883 #endif /* CONFIG_IEEE80211BE */
884
885 sta->wpa_sm = NULL;
886
887 sta->disassoc_reason = reason;
888 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB;
889 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
890 eloop_register_timeout(hapd->iface->drv_flags &
891 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
892 ap_sta_disassoc_cb_timeout, hapd, sta);
893 }
894
895
ap_sta_deauth_cb_timeout(void * eloop_ctx,void * timeout_ctx)896 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx)
897 {
898 struct hostapd_data *hapd = eloop_ctx;
899 struct sta_info *sta = timeout_ctx;
900
901 wpa_printf(MSG_DEBUG, "%s: Deauthentication callback for STA " MACSTR,
902 hapd->conf->iface, MAC2STR(sta->addr));
903 ap_sta_remove(hapd, sta);
904 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason);
905 }
906
907
ap_sta_deauthenticate(struct hostapd_data * hapd,struct sta_info * sta,u16 reason)908 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta,
909 u16 reason)
910 {
911 if (hapd->iface->current_mode &&
912 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) {
913 /* Deauthentication is not used in DMG/IEEE 802.11ad;
914 * disassociate the STA instead. */
915 ap_sta_disassociate(hapd, sta, reason);
916 return;
917 }
918
919 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR,
920 hapd->conf->iface, MAC2STR(sta->addr));
921 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
922 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK);
923 ap_sta_set_authorized(hapd, sta, 0);
924 hostapd_set_sta_flags(hapd, sta);
925 sta->timeout_next = STA_REMOVE;
926 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
927 "for " MACSTR " (%d seconds - "
928 "AP_MAX_INACTIVITY_AFTER_DEAUTH)",
929 __func__, MAC2STR(sta->addr),
930 AP_MAX_INACTIVITY_AFTER_DEAUTH);
931 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
932 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0,
933 ap_handle_timer, hapd, sta);
934 accounting_sta_stop(hapd, sta);
935 ieee802_1x_free_station(hapd, sta);
936
937 sta->deauth_reason = reason;
938 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB;
939 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
940 eloop_register_timeout(hapd->iface->drv_flags &
941 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
942 ap_sta_deauth_cb_timeout, hapd, sta);
943 }
944
945
946 #ifdef CONFIG_WPS
ap_sta_wps_cancel(struct hostapd_data * hapd,struct sta_info * sta,void * ctx)947 int ap_sta_wps_cancel(struct hostapd_data *hapd,
948 struct sta_info *sta, void *ctx)
949 {
950 if (sta && (sta->flags & WLAN_STA_WPS)) {
951 ap_sta_deauthenticate(hapd, sta,
952 WLAN_REASON_PREV_AUTH_NOT_VALID);
953 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR,
954 __func__, MAC2STR(sta->addr));
955 return 1;
956 }
957
958 return 0;
959 }
960 #endif /* CONFIG_WPS */
961
962
ap_sta_get_free_vlan_id(struct hostapd_data * hapd)963 static int ap_sta_get_free_vlan_id(struct hostapd_data *hapd)
964 {
965 struct hostapd_vlan *vlan;
966 int vlan_id = MAX_VLAN_ID + 2;
967
968 retry:
969 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
970 if (vlan->vlan_id == vlan_id) {
971 vlan_id++;
972 goto retry;
973 }
974 }
975 return vlan_id;
976 }
977
978
ap_sta_set_vlan(struct hostapd_data * hapd,struct sta_info * sta,struct vlan_description * vlan_desc)979 int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta,
980 struct vlan_description *vlan_desc)
981 {
982 struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL;
983 int old_vlan_id, vlan_id = 0, ret = 0;
984
985 /* Check if there is something to do */
986 if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) {
987 /* This sta is lacking its own vif */
988 } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED &&
989 !hapd->conf->ssid.per_sta_vif && sta->vlan_id) {
990 /* sta->vlan_id needs to be reset */
991 } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) {
992 return 0; /* nothing to change */
993 }
994
995 /* Now the real VLAN changed or the STA just needs its own vif */
996 if (hapd->conf->ssid.per_sta_vif) {
997 /* Assign a new vif, always */
998 /* find a free vlan_id sufficiently big */
999 vlan_id = ap_sta_get_free_vlan_id(hapd);
1000 /* Get wildcard VLAN */
1001 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
1002 if (vlan->vlan_id == VLAN_ID_WILDCARD)
1003 break;
1004 }
1005 if (!vlan) {
1006 hostapd_logger(hapd, sta->addr,
1007 HOSTAPD_MODULE_IEEE80211,
1008 HOSTAPD_LEVEL_DEBUG,
1009 "per_sta_vif missing wildcard");
1010 vlan_id = 0;
1011 ret = -1;
1012 goto done;
1013 }
1014 } else if (vlan_desc && vlan_desc->notempty) {
1015 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
1016 if (!vlan_compare(&vlan->vlan_desc, vlan_desc))
1017 break;
1018 if (vlan->vlan_id == VLAN_ID_WILDCARD)
1019 wildcard_vlan = vlan;
1020 }
1021 if (vlan) {
1022 vlan_id = vlan->vlan_id;
1023 } else if (wildcard_vlan) {
1024 vlan = wildcard_vlan;
1025 vlan_id = vlan_desc->untagged;
1026 if (vlan_desc->tagged[0]) {
1027 /* Tagged VLAN configuration */
1028 vlan_id = ap_sta_get_free_vlan_id(hapd);
1029 }
1030 } else {
1031 hostapd_logger(hapd, sta->addr,
1032 HOSTAPD_MODULE_IEEE80211,
1033 HOSTAPD_LEVEL_DEBUG,
1034 "missing vlan and wildcard for vlan=%d%s",
1035 vlan_desc->untagged,
1036 vlan_desc->tagged[0] ? "+" : "");
1037 vlan_id = 0;
1038 ret = -1;
1039 goto done;
1040 }
1041 }
1042
1043 if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) {
1044 vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc);
1045 if (vlan == NULL) {
1046 hostapd_logger(hapd, sta->addr,
1047 HOSTAPD_MODULE_IEEE80211,
1048 HOSTAPD_LEVEL_DEBUG,
1049 "could not add dynamic VLAN interface for vlan=%d%s",
1050 vlan_desc ? vlan_desc->untagged : -1,
1051 (vlan_desc && vlan_desc->tagged[0]) ?
1052 "+" : "");
1053 vlan_id = 0;
1054 ret = -1;
1055 goto done;
1056 }
1057
1058 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1059 HOSTAPD_LEVEL_DEBUG,
1060 "added new dynamic VLAN interface '%s'",
1061 vlan->ifname);
1062 } else if (vlan && vlan->dynamic_vlan > 0) {
1063 vlan->dynamic_vlan++;
1064 hostapd_logger(hapd, sta->addr,
1065 HOSTAPD_MODULE_IEEE80211,
1066 HOSTAPD_LEVEL_DEBUG,
1067 "updated existing dynamic VLAN interface '%s'",
1068 vlan->ifname);
1069 }
1070 done:
1071 old_vlan_id = sta->vlan_id;
1072 sta->vlan_id = vlan_id;
1073 sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL;
1074
1075 if (vlan_id != old_vlan_id && old_vlan_id)
1076 vlan_remove_dynamic(hapd, old_vlan_id);
1077
1078 return ret;
1079 }
1080
1081
ap_sta_bind_vlan(struct hostapd_data * hapd,struct sta_info * sta)1082 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta)
1083 {
1084 #ifndef CONFIG_NO_VLAN
1085 const char *iface;
1086 struct hostapd_vlan *vlan = NULL;
1087 int ret;
1088 int old_vlanid = sta->vlan_id_bound;
1089 int mld_link_id = -1;
1090
1091 #ifdef CONFIG_IEEE80211BE
1092 if (hapd->conf->mld_ap)
1093 mld_link_id = hapd->mld_link_id;
1094 #endif /* CONFIG_IEEE80211BE */
1095
1096 if ((sta->flags & WLAN_STA_WDS) && sta->vlan_id == 0) {
1097 wpa_printf(MSG_DEBUG,
1098 "Do not override WDS VLAN assignment for STA "
1099 MACSTR, MAC2STR(sta->addr));
1100 return 0;
1101 }
1102
1103 iface = hapd->conf->iface;
1104 if (hapd->conf->ssid.vlan[0])
1105 iface = hapd->conf->ssid.vlan;
1106
1107 if (sta->vlan_id > 0) {
1108 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) {
1109 if (vlan->vlan_id == sta->vlan_id)
1110 break;
1111 }
1112 if (vlan)
1113 iface = vlan->ifname;
1114 }
1115
1116 /*
1117 * Do not increment ref counters if the VLAN ID remains same, but do
1118 * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might
1119 * have been called before.
1120 */
1121 if (sta->vlan_id == old_vlanid)
1122 goto skip_counting;
1123
1124 if (sta->vlan_id > 0 && !vlan &&
1125 !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) {
1126 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1127 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for "
1128 "binding station to (vlan_id=%d)",
1129 sta->vlan_id);
1130 ret = -1;
1131 goto done;
1132 } else if (vlan && vlan->dynamic_vlan > 0) {
1133 vlan->dynamic_vlan++;
1134 hostapd_logger(hapd, sta->addr,
1135 HOSTAPD_MODULE_IEEE80211,
1136 HOSTAPD_LEVEL_DEBUG,
1137 "updated existing dynamic VLAN interface '%s'",
1138 iface);
1139 }
1140
1141 /* ref counters have been increased, so mark the station */
1142 sta->vlan_id_bound = sta->vlan_id;
1143
1144 skip_counting:
1145 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1146 HOSTAPD_LEVEL_DEBUG, "binding station to interface "
1147 "'%s'", iface);
1148
1149 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0)
1150 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA");
1151
1152 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id,
1153 mld_link_id);
1154 if (ret < 0) {
1155 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1156 HOSTAPD_LEVEL_DEBUG, "could not bind the STA "
1157 "entry to vlan_id=%d", sta->vlan_id);
1158 }
1159
1160 /* During 1x reauth, if the vlan id changes, then remove the old id. */
1161 if (old_vlanid > 0 && old_vlanid != sta->vlan_id)
1162 vlan_remove_dynamic(hapd, old_vlanid);
1163 done:
1164
1165 return ret;
1166 #else /* CONFIG_NO_VLAN */
1167 return 0;
1168 #endif /* CONFIG_NO_VLAN */
1169 }
1170
1171
ap_check_sa_query_timeout(struct hostapd_data * hapd,struct sta_info * sta)1172 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta)
1173 {
1174 u32 tu;
1175 struct os_reltime now, passed;
1176 os_get_reltime(&now);
1177 os_reltime_sub(&now, &sta->sa_query_start, &passed);
1178 tu = (passed.sec * 1000000 + passed.usec) / 1024;
1179 if (hapd->conf->assoc_sa_query_max_timeout < tu) {
1180 hostapd_logger(hapd, sta->addr,
1181 HOSTAPD_MODULE_IEEE80211,
1182 HOSTAPD_LEVEL_DEBUG,
1183 "association SA Query timed out");
1184 sta->sa_query_timed_out = 1;
1185 os_free(sta->sa_query_trans_id);
1186 sta->sa_query_trans_id = NULL;
1187 sta->sa_query_count = 0;
1188 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
1189 return 1;
1190 }
1191
1192 return 0;
1193 }
1194
1195
ap_sa_query_timer(void * eloop_ctx,void * timeout_ctx)1196 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx)
1197 {
1198 struct hostapd_data *hapd = eloop_ctx;
1199 struct sta_info *sta = timeout_ctx;
1200 unsigned int timeout, sec, usec;
1201 u8 *trans_id, *nbuf;
1202
1203 wpa_printf(MSG_DEBUG, "%s: SA Query timer for STA " MACSTR
1204 " (count=%d)",
1205 hapd->conf->iface, MAC2STR(sta->addr), sta->sa_query_count);
1206
1207 if (sta->sa_query_count > 0 &&
1208 ap_check_sa_query_timeout(hapd, sta))
1209 return;
1210 if (sta->sa_query_count >= 1000)
1211 return;
1212
1213 nbuf = os_realloc_array(sta->sa_query_trans_id,
1214 sta->sa_query_count + 1,
1215 WLAN_SA_QUERY_TR_ID_LEN);
1216 if (nbuf == NULL)
1217 return;
1218 if (sta->sa_query_count == 0) {
1219 /* Starting a new SA Query procedure */
1220 os_get_reltime(&sta->sa_query_start);
1221 }
1222 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN;
1223 sta->sa_query_trans_id = nbuf;
1224 sta->sa_query_count++;
1225
1226 if (os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0) {
1227 /*
1228 * We don't really care which ID is used here, so simply
1229 * hardcode this if the mostly theoretical os_get_random()
1230 * failure happens.
1231 */
1232 trans_id[0] = 0x12;
1233 trans_id[1] = 0x34;
1234 }
1235
1236 timeout = hapd->conf->assoc_sa_query_retry_timeout;
1237 sec = ((timeout / 1000) * 1024) / 1000;
1238 usec = (timeout % 1000) * 1024;
1239 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta);
1240
1241 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1242 HOSTAPD_LEVEL_DEBUG,
1243 "association SA Query attempt %d", sta->sa_query_count);
1244
1245 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id);
1246 }
1247
1248
ap_sta_start_sa_query(struct hostapd_data * hapd,struct sta_info * sta)1249 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
1250 {
1251 ap_sa_query_timer(hapd, sta);
1252 }
1253
1254
ap_sta_stop_sa_query(struct hostapd_data * hapd,struct sta_info * sta)1255 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
1256 {
1257 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
1258 os_free(sta->sa_query_trans_id);
1259 sta->sa_query_trans_id = NULL;
1260 sta->sa_query_count = 0;
1261 }
1262
1263
ap_sta_wpa_get_keyid(struct hostapd_data * hapd,struct sta_info * sta)1264 const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd,
1265 struct sta_info *sta)
1266 {
1267 struct hostapd_wpa_psk *psk;
1268 struct hostapd_ssid *ssid;
1269 const u8 *pmk;
1270 int pmk_len;
1271
1272 ssid = &hapd->conf->ssid;
1273
1274 pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len);
1275 if (!pmk || pmk_len != PMK_LEN)
1276 return NULL;
1277
1278 for (psk = ssid->wpa_psk; psk; psk = psk->next)
1279 if (os_memcmp(pmk, psk->psk, PMK_LEN) == 0)
1280 break;
1281 if (!psk || !psk->keyid[0])
1282 return NULL;
1283
1284 return psk->keyid;
1285 }
1286
1287
ap_sta_wpa_get_dpp_pkhash(struct hostapd_data * hapd,struct sta_info * sta)1288 const u8 * ap_sta_wpa_get_dpp_pkhash(struct hostapd_data *hapd,
1289 struct sta_info *sta)
1290 {
1291 return wpa_auth_get_dpp_pkhash(sta->wpa_sm);
1292 }
1293
1294
ap_sta_set_authorized(struct hostapd_data * hapd,struct sta_info * sta,int authorized)1295 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
1296 int authorized)
1297 {
1298 const u8 *dev_addr = NULL;
1299 char buf[100];
1300 #ifdef CONFIG_P2P
1301 u8 addr[ETH_ALEN];
1302 u8 ip_addr_buf[4];
1303 #endif /* CONFIG_P2P */
1304 u8 *ip_ptr = NULL;
1305
1306 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED))
1307 return;
1308
1309 if (authorized) {
1310 int mld_assoc_link_id = -1;
1311
1312 #ifdef CONFIG_IEEE80211BE
1313 if (hapd->conf->mld_ap && sta->mld_info.mld_sta) {
1314 if (sta->mld_assoc_link_id == hapd->mld_link_id)
1315 mld_assoc_link_id = sta->mld_assoc_link_id;
1316 else
1317 mld_assoc_link_id = -2;
1318 }
1319 #endif /* CONFIG_IEEE80211BE */
1320 if (mld_assoc_link_id != -2)
1321 hostapd_prune_associations(hapd, sta->addr,
1322 mld_assoc_link_id);
1323 sta->flags |= WLAN_STA_AUTHORIZED;
1324 } else {
1325 sta->flags &= ~WLAN_STA_AUTHORIZED;
1326 }
1327
1328 #ifdef CONFIG_P2P
1329 if (hapd->p2p_group == NULL) {
1330 if (sta->p2p_ie != NULL &&
1331 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0)
1332 dev_addr = addr;
1333 } else
1334 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr);
1335
1336 if (dev_addr)
1337 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR,
1338 MAC2STR(sta->addr), MAC2STR(dev_addr));
1339 else
1340 #endif /* CONFIG_P2P */
1341 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr));
1342
1343 if (authorized) {
1344 const u8 *dpp_pkhash;
1345 const char *keyid;
1346 char dpp_pkhash_buf[100];
1347 char keyid_buf[100];
1348 char ip_addr[100];
1349
1350 dpp_pkhash_buf[0] = '\0';
1351 keyid_buf[0] = '\0';
1352 ip_addr[0] = '\0';
1353 #ifdef CONFIG_P2P
1354 if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) {
1355 os_snprintf(ip_addr, sizeof(ip_addr),
1356 " ip_addr=%u.%u.%u.%u",
1357 ip_addr_buf[0], ip_addr_buf[1],
1358 ip_addr_buf[2], ip_addr_buf[3]);
1359 ip_ptr = ip_addr_buf;
1360 }
1361 #endif /* CONFIG_P2P */
1362
1363 keyid = ap_sta_wpa_get_keyid(hapd, sta);
1364 if (keyid) {
1365 os_snprintf(keyid_buf, sizeof(keyid_buf),
1366 " keyid=%s", keyid);
1367 }
1368
1369 dpp_pkhash = ap_sta_wpa_get_dpp_pkhash(hapd, sta);
1370 if (dpp_pkhash) {
1371 const char *prefix = " dpp_pkhash=";
1372 size_t plen = os_strlen(prefix);
1373
1374 os_strlcpy(dpp_pkhash_buf, prefix,
1375 sizeof(dpp_pkhash_buf));
1376 wpa_snprintf_hex(&dpp_pkhash_buf[plen],
1377 sizeof(dpp_pkhash_buf) - plen,
1378 dpp_pkhash, SHA256_MAC_LEN);
1379 }
1380
1381 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s%s",
1382 buf, ip_addr, keyid_buf, dpp_pkhash_buf);
1383
1384 if (hapd->msg_ctx_parent &&
1385 hapd->msg_ctx_parent != hapd->msg_ctx)
1386 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
1387 AP_STA_CONNECTED "%s%s%s%s",
1388 buf, ip_addr, keyid_buf,
1389 dpp_pkhash_buf);
1390 } else {
1391 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf);
1392
1393 if (hapd->msg_ctx_parent &&
1394 hapd->msg_ctx_parent != hapd->msg_ctx)
1395 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO,
1396 AP_STA_DISCONNECTED "%s", buf);
1397 }
1398
1399 if (hapd->sta_authorized_cb)
1400 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx,
1401 sta->addr, authorized, dev_addr,
1402 ip_ptr);
1403
1404 #ifdef CONFIG_FST
1405 if (hapd->iface->fst) {
1406 if (authorized)
1407 fst_notify_peer_connected(hapd->iface->fst, sta->addr);
1408 else
1409 fst_notify_peer_disconnected(hapd->iface->fst,
1410 sta->addr);
1411 }
1412 #endif /* CONFIG_FST */
1413 }
1414
1415
ap_sta_disconnect(struct hostapd_data * hapd,struct sta_info * sta,const u8 * addr,u16 reason)1416 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
1417 const u8 *addr, u16 reason)
1418 {
1419 if (sta)
1420 wpa_printf(MSG_DEBUG, "%s: %s STA " MACSTR " reason=%u",
1421 hapd->conf->iface, __func__, MAC2STR(sta->addr),
1422 reason);
1423 else if (addr)
1424 wpa_printf(MSG_DEBUG, "%s: %s addr " MACSTR " reason=%u",
1425 hapd->conf->iface, __func__, MAC2STR(addr),
1426 reason);
1427
1428 if (sta == NULL && addr)
1429 sta = ap_get_sta(hapd, addr);
1430
1431 if (addr)
1432 hostapd_drv_sta_deauth(hapd, addr, reason);
1433
1434 if (sta == NULL)
1435 return;
1436 ap_sta_set_authorized(hapd, sta, 0);
1437 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
1438 hostapd_set_sta_flags(hapd, sta);
1439 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
1440 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
1441 wpa_printf(MSG_DEBUG, "%s: %s: reschedule ap_handle_timer timeout "
1442 "for " MACSTR " (%d seconds - "
1443 "AP_MAX_INACTIVITY_AFTER_DEAUTH)",
1444 hapd->conf->iface, __func__, MAC2STR(sta->addr),
1445 AP_MAX_INACTIVITY_AFTER_DEAUTH);
1446 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
1447 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0,
1448 ap_handle_timer, hapd, sta);
1449 sta->timeout_next = STA_REMOVE;
1450
1451 if (hapd->iface->current_mode &&
1452 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) {
1453 /* Deauthentication is not used in DMG/IEEE 802.11ad;
1454 * disassociate the STA instead. */
1455 sta->disassoc_reason = reason;
1456 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB;
1457 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
1458 eloop_register_timeout(hapd->iface->drv_flags &
1459 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ?
1460 2 : 0, 0, ap_sta_disassoc_cb_timeout,
1461 hapd, sta);
1462 return;
1463 }
1464
1465 sta->deauth_reason = reason;
1466 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB;
1467 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
1468 eloop_register_timeout(hapd->iface->drv_flags &
1469 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
1470 ap_sta_deauth_cb_timeout, hapd, sta);
1471 }
1472
1473
ap_sta_deauth_cb(struct hostapd_data * hapd,struct sta_info * sta)1474 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta)
1475 {
1476 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) {
1477 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame");
1478 return;
1479 }
1480 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB;
1481 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
1482 ap_sta_deauth_cb_timeout(hapd, sta);
1483 }
1484
1485
ap_sta_disassoc_cb(struct hostapd_data * hapd,struct sta_info * sta)1486 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta)
1487 {
1488 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) {
1489 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame");
1490 return;
1491 }
1492 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB;
1493 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
1494 ap_sta_disassoc_cb_timeout(hapd, sta);
1495 }
1496
1497
ap_sta_clear_disconnect_timeouts(struct hostapd_data * hapd,struct sta_info * sta)1498 void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd,
1499 struct sta_info *sta)
1500 {
1501 if (eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta) > 0)
1502 wpa_printf(MSG_DEBUG,
1503 "%s: Removed ap_sta_deauth_cb_timeout timeout for "
1504 MACSTR,
1505 hapd->conf->iface, MAC2STR(sta->addr));
1506 if (eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta) > 0)
1507 wpa_printf(MSG_DEBUG,
1508 "%s: Removed ap_sta_disassoc_cb_timeout timeout for "
1509 MACSTR,
1510 hapd->conf->iface, MAC2STR(sta->addr));
1511 if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0)
1512 {
1513 wpa_printf(MSG_DEBUG,
1514 "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for "
1515 MACSTR,
1516 hapd->conf->iface, MAC2STR(sta->addr));
1517 if (sta->flags & WLAN_STA_WPS)
1518 hostapd_wps_eap_completed(hapd);
1519 }
1520 }
1521
1522
ap_sta_flags_txt(u32 flags,char * buf,size_t buflen)1523 int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen)
1524 {
1525 int res;
1526
1527 buf[0] = '\0';
1528 res = os_snprintf(buf, buflen,
1529 "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s",
1530 (flags & WLAN_STA_AUTH ? "[AUTH]" : ""),
1531 (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""),
1532 (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""),
1533 (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" :
1534 ""),
1535 (flags & WLAN_STA_SHORT_PREAMBLE ?
1536 "[SHORT_PREAMBLE]" : ""),
1537 (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""),
1538 (flags & WLAN_STA_WMM ? "[WMM]" : ""),
1539 (flags & WLAN_STA_MFP ? "[MFP]" : ""),
1540 (flags & WLAN_STA_WPS ? "[WPS]" : ""),
1541 (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""),
1542 (flags & WLAN_STA_WDS ? "[WDS]" : ""),
1543 (flags & WLAN_STA_NONERP ? "[NonERP]" : ""),
1544 (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""),
1545 (flags & WLAN_STA_GAS ? "[GAS]" : ""),
1546 (flags & WLAN_STA_HT ? "[HT]" : ""),
1547 (flags & WLAN_STA_VHT ? "[VHT]" : ""),
1548 (flags & WLAN_STA_HE ? "[HE]" : ""),
1549 (flags & WLAN_STA_EHT ? "[EHT]" : ""),
1550 (flags & WLAN_STA_6GHZ ? "[6GHZ]" : ""),
1551 (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""),
1552 (flags & WLAN_STA_WNM_SLEEP_MODE ?
1553 "[WNM_SLEEP_MODE]" : ""));
1554 if (os_snprintf_error(buflen, res))
1555 res = -1;
1556
1557 return res;
1558 }
1559
1560
ap_sta_delayed_1x_auth_fail_cb(void * eloop_ctx,void * timeout_ctx)1561 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx)
1562 {
1563 struct hostapd_data *hapd = eloop_ctx;
1564 struct sta_info *sta = timeout_ctx;
1565 u16 reason;
1566
1567 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
1568 "IEEE 802.1X: Scheduled disconnection of " MACSTR
1569 " after EAP-Failure", MAC2STR(sta->addr));
1570
1571 reason = sta->disconnect_reason_code;
1572 if (!reason)
1573 reason = WLAN_REASON_IEEE_802_1X_AUTH_FAILED;
1574 ap_sta_disconnect(hapd, sta, sta->addr, reason);
1575 if (sta->flags & WLAN_STA_WPS)
1576 hostapd_wps_eap_completed(hapd);
1577 }
1578
1579
ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data * hapd,struct sta_info * sta,unsigned timeout)1580 void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd,
1581 struct sta_info *sta,
1582 unsigned timeout)
1583 {
1584 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
1585 "IEEE 802.1X: Force disconnection of " MACSTR
1586 " after EAP-Failure in %u ms", MAC2STR(sta->addr), timeout);
1587
1588 /*
1589 * Add a small sleep to increase likelihood of previously requested
1590 * EAP-Failure TX getting out before this should the driver reorder
1591 * operations.
1592 */
1593 eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta);
1594 eloop_register_timeout(0, timeout * 1000,
1595 ap_sta_delayed_1x_auth_fail_cb, hapd, sta);
1596 }
1597
1598
ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data * hapd,struct sta_info * sta)1599 int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd,
1600 struct sta_info *sta)
1601 {
1602 return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb,
1603 hapd, sta);
1604 }
1605
1606
ap_sta_re_add(struct hostapd_data * hapd,struct sta_info * sta)1607 int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta)
1608 {
1609 const u8 *mld_link_addr = NULL;
1610 bool mld_link_sta = false;
1611
1612 /*
1613 * If a station that is already associated to the AP, is trying to
1614 * authenticate again, remove the STA entry, in order to make sure the
1615 * STA PS state gets cleared and configuration gets updated. To handle
1616 * this, station's added_unassoc flag is cleared once the station has
1617 * completed association.
1618 */
1619
1620 #ifdef CONFIG_IEEE80211BE
1621 if (hapd->conf->mld_ap && sta->mld_info.mld_sta) {
1622 u8 mld_link_id = hapd->mld_link_id;
1623
1624 mld_link_sta = sta->mld_assoc_link_id != mld_link_id;
1625 mld_link_addr = sta->mld_info.links[mld_link_id].peer_addr;
1626 }
1627 #endif /* CONFIG_IEEE80211BE */
1628
1629 ap_sta_set_authorized(hapd, sta, 0);
1630 hostapd_drv_sta_remove(hapd, sta->addr);
1631 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH | WLAN_STA_AUTHORIZED);
1632
1633 if (hostapd_sta_add(hapd, sta->addr, 0, 0,
1634 sta->supported_rates,
1635 sta->supported_rates_len,
1636 0, NULL, NULL, NULL, 0, NULL, 0, NULL,
1637 sta->flags, 0, 0, 0, 0,
1638 mld_link_addr, mld_link_sta)) {
1639 hostapd_logger(hapd, sta->addr,
1640 HOSTAPD_MODULE_IEEE80211,
1641 HOSTAPD_LEVEL_NOTICE,
1642 "Could not add STA to kernel driver");
1643 return -1;
1644 }
1645
1646 sta->added_unassoc = 1;
1647 return 0;
1648 }
1649