1 /*
2 * hostapd / Station table
3 * Copyright (c) 2002-2011, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "utils/includes.h"
10
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "common/ieee802_11_defs.h"
14 #include "common/wpa_ctrl.h"
15 #include "common/sae.h"
16 #include "radius/radius.h"
17 #include "radius/radius_client.h"
18 #include "drivers/driver.h"
19 #include "p2p/p2p.h"
20 #include "hostapd.h"
21 #include "accounting.h"
22 #include "ieee802_1x.h"
23 #include "ieee802_11.h"
24 #include "ieee802_11_auth.h"
25 #include "wpa_auth.h"
26 #include "preauth_auth.h"
27 #include "ap_config.h"
28 #include "beacon.h"
29 #include "ap_mlme.h"
30 #include "vlan_init.h"
31 #include "p2p_hostapd.h"
32 #include "ap_drv_ops.h"
33 #include "gas_serv.h"
34 #include "sta_info.h"
35
36 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd,
37 struct sta_info *sta);
38 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx);
39 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx);
40 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx);
41 #ifdef CONFIG_IEEE80211W
42 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx);
43 #endif /* CONFIG_IEEE80211W */
44 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta);
45
ap_for_each_sta(struct hostapd_data * hapd,int (* cb)(struct hostapd_data * hapd,struct sta_info * sta,void * ctx),void * ctx)46 int ap_for_each_sta(struct hostapd_data *hapd,
47 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta,
48 void *ctx),
49 void *ctx)
50 {
51 struct sta_info *sta;
52
53 for (sta = hapd->sta_list; sta; sta = sta->next) {
54 if (cb(hapd, sta, ctx))
55 return 1;
56 }
57
58 return 0;
59 }
60
61
ap_get_sta(struct hostapd_data * hapd,const u8 * sta)62 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta)
63 {
64 struct sta_info *s;
65
66 s = hapd->sta_hash[STA_HASH(sta)];
67 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0)
68 s = s->hnext;
69 return s;
70 }
71
72
ap_sta_list_del(struct hostapd_data * hapd,struct sta_info * sta)73 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta)
74 {
75 struct sta_info *tmp;
76
77 if (hapd->sta_list == sta) {
78 hapd->sta_list = sta->next;
79 return;
80 }
81
82 tmp = hapd->sta_list;
83 while (tmp != NULL && tmp->next != sta)
84 tmp = tmp->next;
85 if (tmp == NULL) {
86 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from "
87 "list.", MAC2STR(sta->addr));
88 } else
89 tmp->next = sta->next;
90 }
91
92
ap_sta_hash_add(struct hostapd_data * hapd,struct sta_info * sta)93 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta)
94 {
95 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)];
96 hapd->sta_hash[STA_HASH(sta->addr)] = sta;
97 }
98
99
ap_sta_hash_del(struct hostapd_data * hapd,struct sta_info * sta)100 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta)
101 {
102 struct sta_info *s;
103
104 s = hapd->sta_hash[STA_HASH(sta->addr)];
105 if (s == NULL) return;
106 if (os_memcmp(s->addr, sta->addr, 6) == 0) {
107 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext;
108 return;
109 }
110
111 while (s->hnext != NULL &&
112 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0)
113 s = s->hnext;
114 if (s->hnext != NULL)
115 s->hnext = s->hnext->hnext;
116 else
117 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR
118 " from hash table", MAC2STR(sta->addr));
119 }
120
121
ap_free_sta(struct hostapd_data * hapd,struct sta_info * sta)122 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
123 {
124 int set_beacon = 0;
125
126 accounting_sta_stop(hapd, sta);
127
128 /* just in case */
129 ap_sta_set_authorized(hapd, sta, 0);
130
131 if (sta->flags & WLAN_STA_WDS)
132 hostapd_set_wds_sta(hapd, sta->addr, sta->aid, 0);
133
134 if (!(sta->flags & WLAN_STA_PREAUTH))
135 hostapd_drv_sta_remove(hapd, sta->addr);
136
137 ap_sta_hash_del(hapd, sta);
138 ap_sta_list_del(hapd, sta);
139
140 if (sta->aid > 0)
141 hapd->sta_aid[(sta->aid - 1) / 32] &=
142 ~BIT((sta->aid - 1) % 32);
143
144 hapd->num_sta--;
145 if (sta->nonerp_set) {
146 sta->nonerp_set = 0;
147 hapd->iface->num_sta_non_erp--;
148 if (hapd->iface->num_sta_non_erp == 0)
149 set_beacon++;
150 }
151
152 if (sta->no_short_slot_time_set) {
153 sta->no_short_slot_time_set = 0;
154 hapd->iface->num_sta_no_short_slot_time--;
155 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
156 && hapd->iface->num_sta_no_short_slot_time == 0)
157 set_beacon++;
158 }
159
160 if (sta->no_short_preamble_set) {
161 sta->no_short_preamble_set = 0;
162 hapd->iface->num_sta_no_short_preamble--;
163 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
164 && hapd->iface->num_sta_no_short_preamble == 0)
165 set_beacon++;
166 }
167
168 if (sta->no_ht_gf_set) {
169 sta->no_ht_gf_set = 0;
170 hapd->iface->num_sta_ht_no_gf--;
171 }
172
173 if (sta->no_ht_set) {
174 sta->no_ht_set = 0;
175 hapd->iface->num_sta_no_ht--;
176 }
177
178 if (sta->ht_20mhz_set) {
179 sta->ht_20mhz_set = 0;
180 hapd->iface->num_sta_ht_20mhz--;
181 }
182
183 #ifdef CONFIG_P2P
184 if (sta->no_p2p_set) {
185 sta->no_p2p_set = 0;
186 hapd->num_sta_no_p2p--;
187 if (hapd->num_sta_no_p2p == 0)
188 hostapd_p2p_non_p2p_sta_disconnected(hapd);
189 }
190 #endif /* CONFIG_P2P */
191
192 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N)
193 if (hostapd_ht_operation_update(hapd->iface) > 0)
194 set_beacon++;
195 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */
196
197 if (set_beacon)
198 ieee802_11_set_beacons(hapd->iface);
199
200 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR,
201 __func__, MAC2STR(sta->addr));
202 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
203 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
204 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
205 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
206
207 ieee802_1x_free_station(sta);
208 wpa_auth_sta_deinit(sta->wpa_sm);
209 rsn_preauth_free_station(hapd, sta);
210 #ifndef CONFIG_NO_RADIUS
211 radius_client_flush_auth(hapd->radius, sta->addr);
212 #endif /* CONFIG_NO_RADIUS */
213
214 os_free(sta->last_assoc_req);
215 os_free(sta->challenge);
216
217 #ifdef CONFIG_IEEE80211W
218 os_free(sta->sa_query_trans_id);
219 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
220 #endif /* CONFIG_IEEE80211W */
221
222 #ifdef CONFIG_P2P
223 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr);
224 #endif /* CONFIG_P2P */
225
226 #ifdef CONFIG_INTERWORKING
227 if (sta->gas_dialog) {
228 int i;
229 for (i = 0; i < GAS_DIALOG_MAX; i++)
230 gas_serv_dialog_clear(&sta->gas_dialog[i]);
231 os_free(sta->gas_dialog);
232 }
233 #endif /* CONFIG_INTERWORKING */
234
235 wpabuf_free(sta->wps_ie);
236 wpabuf_free(sta->p2p_ie);
237 wpabuf_free(sta->hs20_ie);
238
239 os_free(sta->ht_capabilities);
240 hostapd_free_psk_list(sta->psk);
241 os_free(sta->identity);
242 os_free(sta->radius_cui);
243
244 #ifdef CONFIG_SAE
245 sae_clear_data(sta->sae);
246 os_free(sta->sae);
247 #endif /* CONFIG_SAE */
248
249 os_free(sta);
250 }
251
252
hostapd_free_stas(struct hostapd_data * hapd)253 void hostapd_free_stas(struct hostapd_data *hapd)
254 {
255 struct sta_info *sta, *prev;
256
257 sta = hapd->sta_list;
258
259 while (sta) {
260 prev = sta;
261 if (sta->flags & WLAN_STA_AUTH) {
262 mlme_deauthenticate_indication(
263 hapd, sta, WLAN_REASON_UNSPECIFIED);
264 }
265 sta = sta->next;
266 wpa_printf(MSG_DEBUG, "Removing station " MACSTR,
267 MAC2STR(prev->addr));
268 ap_free_sta(hapd, prev);
269 }
270 }
271
272
273 /**
274 * ap_handle_timer - Per STA timer handler
275 * @eloop_ctx: struct hostapd_data *
276 * @timeout_ctx: struct sta_info *
277 *
278 * This function is called to check station activity and to remove inactive
279 * stations.
280 */
ap_handle_timer(void * eloop_ctx,void * timeout_ctx)281 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx)
282 {
283 struct hostapd_data *hapd = eloop_ctx;
284 struct sta_info *sta = timeout_ctx;
285 unsigned long next_time = 0;
286
287 wpa_printf(MSG_DEBUG, "%s: " MACSTR " flags=0x%x timeout_next=%d",
288 __func__, MAC2STR(sta->addr), sta->flags,
289 sta->timeout_next);
290 if (sta->timeout_next == STA_REMOVE) {
291 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
292 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
293 "local deauth request");
294 ap_free_sta(hapd, sta);
295 return;
296 }
297
298 if ((sta->flags & WLAN_STA_ASSOC) &&
299 (sta->timeout_next == STA_NULLFUNC ||
300 sta->timeout_next == STA_DISASSOC)) {
301 int inactive_sec;
302 /*
303 * Add random value to timeout so that we don't end up bouncing
304 * all stations at the same time if we have lots of associated
305 * stations that are idle (but keep re-associating).
306 */
307 int fuzz = os_random() % 20;
308 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr);
309 if (inactive_sec == -1) {
310 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
311 "Check inactivity: Could not "
312 "get station info from kernel driver for "
313 MACSTR, MAC2STR(sta->addr));
314 /*
315 * The driver may not support this functionality.
316 * Anyway, try again after the next inactivity timeout,
317 * but do not disconnect the station now.
318 */
319 next_time = hapd->conf->ap_max_inactivity + fuzz;
320 } else if (inactive_sec < hapd->conf->ap_max_inactivity &&
321 sta->flags & WLAN_STA_ASSOC) {
322 /* station activity detected; reset timeout state */
323 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
324 "Station " MACSTR " has been active %is ago",
325 MAC2STR(sta->addr), inactive_sec);
326 sta->timeout_next = STA_NULLFUNC;
327 next_time = hapd->conf->ap_max_inactivity + fuzz -
328 inactive_sec;
329 } else {
330 wpa_msg(hapd->msg_ctx, MSG_DEBUG,
331 "Station " MACSTR " has been "
332 "inactive too long: %d sec, max allowed: %d",
333 MAC2STR(sta->addr), inactive_sec,
334 hapd->conf->ap_max_inactivity);
335
336 if (hapd->conf->skip_inactivity_poll)
337 sta->timeout_next = STA_DISASSOC;
338 }
339 }
340
341 if ((sta->flags & WLAN_STA_ASSOC) &&
342 sta->timeout_next == STA_DISASSOC &&
343 !(sta->flags & WLAN_STA_PENDING_POLL) &&
344 !hapd->conf->skip_inactivity_poll) {
345 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR
346 " has ACKed data poll", MAC2STR(sta->addr));
347 /* data nullfunc frame poll did not produce TX errors; assume
348 * station ACKed it */
349 sta->timeout_next = STA_NULLFUNC;
350 next_time = hapd->conf->ap_max_inactivity;
351 }
352
353 if (next_time) {
354 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
355 "for " MACSTR " (%lu seconds)",
356 __func__, MAC2STR(sta->addr), next_time);
357 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd,
358 sta);
359 return;
360 }
361
362 if (sta->timeout_next == STA_NULLFUNC &&
363 (sta->flags & WLAN_STA_ASSOC)) {
364 wpa_printf(MSG_DEBUG, " Polling STA");
365 sta->flags |= WLAN_STA_PENDING_POLL;
366 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr,
367 sta->flags & WLAN_STA_WMM);
368 } else if (sta->timeout_next != STA_REMOVE) {
369 int deauth = sta->timeout_next == STA_DEAUTH;
370
371 wpa_dbg(hapd->msg_ctx, MSG_DEBUG,
372 "Timeout, sending %s info to STA " MACSTR,
373 deauth ? "deauthentication" : "disassociation",
374 MAC2STR(sta->addr));
375
376 if (deauth) {
377 hostapd_drv_sta_deauth(
378 hapd, sta->addr,
379 WLAN_REASON_PREV_AUTH_NOT_VALID);
380 } else {
381 hostapd_drv_sta_disassoc(
382 hapd, sta->addr,
383 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY);
384 }
385 }
386
387 switch (sta->timeout_next) {
388 case STA_NULLFUNC:
389 sta->timeout_next = STA_DISASSOC;
390 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
391 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)",
392 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY);
393 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer,
394 hapd, sta);
395 break;
396 case STA_DISASSOC:
397 ap_sta_set_authorized(hapd, sta, 0);
398 sta->flags &= ~WLAN_STA_ASSOC;
399 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
400 if (!sta->acct_terminate_cause)
401 sta->acct_terminate_cause =
402 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT;
403 accounting_sta_stop(hapd, sta);
404 ieee802_1x_free_station(sta);
405 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
406 HOSTAPD_LEVEL_INFO, "disassociated due to "
407 "inactivity");
408 sta->timeout_next = STA_DEAUTH;
409 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
410 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)",
411 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY);
412 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer,
413 hapd, sta);
414 mlme_disassociate_indication(
415 hapd, sta, WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY);
416 break;
417 case STA_DEAUTH:
418 case STA_REMOVE:
419 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
420 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
421 "inactivity (timer DEAUTH/REMOVE)");
422 if (!sta->acct_terminate_cause)
423 sta->acct_terminate_cause =
424 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT;
425 mlme_deauthenticate_indication(
426 hapd, sta,
427 WLAN_REASON_PREV_AUTH_NOT_VALID);
428 ap_free_sta(hapd, sta);
429 break;
430 }
431 }
432
433
ap_handle_session_timer(void * eloop_ctx,void * timeout_ctx)434 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx)
435 {
436 struct hostapd_data *hapd = eloop_ctx;
437 struct sta_info *sta = timeout_ctx;
438 u8 addr[ETH_ALEN];
439
440 if (!(sta->flags & WLAN_STA_AUTH)) {
441 if (sta->flags & WLAN_STA_GAS) {
442 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA "
443 "entry " MACSTR, MAC2STR(sta->addr));
444 ap_free_sta(hapd, sta);
445 }
446 return;
447 }
448
449 mlme_deauthenticate_indication(hapd, sta,
450 WLAN_REASON_PREV_AUTH_NOT_VALID);
451 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
452 HOSTAPD_LEVEL_INFO, "deauthenticated due to "
453 "session timeout");
454 sta->acct_terminate_cause =
455 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT;
456 os_memcpy(addr, sta->addr, ETH_ALEN);
457 ap_free_sta(hapd, sta);
458 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID);
459 }
460
461
ap_sta_session_timeout(struct hostapd_data * hapd,struct sta_info * sta,u32 session_timeout)462 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta,
463 u32 session_timeout)
464 {
465 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
466 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d "
467 "seconds", session_timeout);
468 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
469 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer,
470 hapd, sta);
471 }
472
473
ap_sta_no_session_timeout(struct hostapd_data * hapd,struct sta_info * sta)474 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta)
475 {
476 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta);
477 }
478
479
ap_sta_add(struct hostapd_data * hapd,const u8 * addr)480 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr)
481 {
482 struct sta_info *sta;
483
484 sta = ap_get_sta(hapd, addr);
485 if (sta)
486 return sta;
487
488 wpa_printf(MSG_DEBUG, " New STA");
489 if (hapd->num_sta >= hapd->conf->max_num_sta) {
490 /* FIX: might try to remove some old STAs first? */
491 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)",
492 hapd->num_sta, hapd->conf->max_num_sta);
493 return NULL;
494 }
495
496 sta = os_zalloc(sizeof(struct sta_info));
497 if (sta == NULL) {
498 wpa_printf(MSG_ERROR, "malloc failed");
499 return NULL;
500 }
501 sta->acct_interim_interval = hapd->conf->acct_interim_interval;
502 accounting_sta_get_id(hapd, sta);
503
504 /* initialize STA info data */
505 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout "
506 "for " MACSTR " (%d seconds - ap_max_inactivity)",
507 __func__, MAC2STR(addr),
508 hapd->conf->ap_max_inactivity);
509 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0,
510 ap_handle_timer, hapd, sta);
511 os_memcpy(sta->addr, addr, ETH_ALEN);
512 sta->next = hapd->sta_list;
513 hapd->sta_list = sta;
514 hapd->num_sta++;
515 ap_sta_hash_add(hapd, sta);
516 sta->ssid = &hapd->conf->ssid;
517 ap_sta_remove_in_other_bss(hapd, sta);
518
519 return sta;
520 }
521
522
ap_sta_remove(struct hostapd_data * hapd,struct sta_info * sta)523 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta)
524 {
525 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
526
527 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver",
528 MAC2STR(sta->addr));
529 if (hostapd_drv_sta_remove(hapd, sta->addr) &&
530 sta->flags & WLAN_STA_ASSOC) {
531 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR
532 " from kernel driver.", MAC2STR(sta->addr));
533 return -1;
534 }
535 return 0;
536 }
537
538
ap_sta_remove_in_other_bss(struct hostapd_data * hapd,struct sta_info * sta)539 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd,
540 struct sta_info *sta)
541 {
542 struct hostapd_iface *iface = hapd->iface;
543 size_t i;
544
545 for (i = 0; i < iface->num_bss; i++) {
546 struct hostapd_data *bss = iface->bss[i];
547 struct sta_info *sta2;
548 /* bss should always be set during operation, but it may be
549 * NULL during reconfiguration. Assume the STA is not
550 * associated to another BSS in that case to avoid NULL pointer
551 * dereferences. */
552 if (bss == hapd || bss == NULL)
553 continue;
554 sta2 = ap_get_sta(bss, sta->addr);
555 if (!sta2)
556 continue;
557
558 ap_sta_disconnect(bss, sta2, sta2->addr,
559 WLAN_REASON_PREV_AUTH_NOT_VALID);
560 }
561 }
562
563
ap_sta_disassoc_cb_timeout(void * eloop_ctx,void * timeout_ctx)564 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx)
565 {
566 struct hostapd_data *hapd = eloop_ctx;
567 struct sta_info *sta = timeout_ctx;
568
569 ap_sta_remove(hapd, sta);
570 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason);
571 }
572
573
ap_sta_disassociate(struct hostapd_data * hapd,struct sta_info * sta,u16 reason)574 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta,
575 u16 reason)
576 {
577 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR,
578 hapd->conf->iface, MAC2STR(sta->addr));
579 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK);
580 ap_sta_set_authorized(hapd, sta, 0);
581 sta->timeout_next = STA_DEAUTH;
582 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
583 "for " MACSTR " (%d seconds - "
584 "AP_MAX_INACTIVITY_AFTER_DISASSOC)",
585 __func__, MAC2STR(sta->addr),
586 AP_MAX_INACTIVITY_AFTER_DISASSOC);
587 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
588 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0,
589 ap_handle_timer, hapd, sta);
590 accounting_sta_stop(hapd, sta);
591 ieee802_1x_free_station(sta);
592
593 sta->disassoc_reason = reason;
594 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB;
595 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
596 eloop_register_timeout(hapd->iface->drv_flags &
597 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
598 ap_sta_disassoc_cb_timeout, hapd, sta);
599 }
600
601
ap_sta_deauth_cb_timeout(void * eloop_ctx,void * timeout_ctx)602 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx)
603 {
604 struct hostapd_data *hapd = eloop_ctx;
605 struct sta_info *sta = timeout_ctx;
606
607 ap_sta_remove(hapd, sta);
608 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason);
609 }
610
611
ap_sta_deauthenticate(struct hostapd_data * hapd,struct sta_info * sta,u16 reason)612 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta,
613 u16 reason)
614 {
615 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR,
616 hapd->conf->iface, MAC2STR(sta->addr));
617 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
618 ap_sta_set_authorized(hapd, sta, 0);
619 sta->timeout_next = STA_REMOVE;
620 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
621 "for " MACSTR " (%d seconds - "
622 "AP_MAX_INACTIVITY_AFTER_DEAUTH)",
623 __func__, MAC2STR(sta->addr),
624 AP_MAX_INACTIVITY_AFTER_DEAUTH);
625 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
626 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0,
627 ap_handle_timer, hapd, sta);
628 accounting_sta_stop(hapd, sta);
629 ieee802_1x_free_station(sta);
630
631 sta->deauth_reason = reason;
632 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB;
633 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
634 eloop_register_timeout(hapd->iface->drv_flags &
635 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
636 ap_sta_deauth_cb_timeout, hapd, sta);
637 }
638
639
640 #ifdef CONFIG_WPS
ap_sta_wps_cancel(struct hostapd_data * hapd,struct sta_info * sta,void * ctx)641 int ap_sta_wps_cancel(struct hostapd_data *hapd,
642 struct sta_info *sta, void *ctx)
643 {
644 if (sta && (sta->flags & WLAN_STA_WPS)) {
645 ap_sta_deauthenticate(hapd, sta,
646 WLAN_REASON_PREV_AUTH_NOT_VALID);
647 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR,
648 __func__, MAC2STR(sta->addr));
649 return 1;
650 }
651
652 return 0;
653 }
654 #endif /* CONFIG_WPS */
655
656
ap_sta_bind_vlan(struct hostapd_data * hapd,struct sta_info * sta,int old_vlanid)657 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta,
658 int old_vlanid)
659 {
660 #ifndef CONFIG_NO_VLAN
661 const char *iface;
662 struct hostapd_vlan *vlan = NULL;
663 int ret;
664
665 /*
666 * Do not proceed furthur if the vlan id remains same. We do not want
667 * duplicate dynamic vlan entries.
668 */
669 if (sta->vlan_id == old_vlanid)
670 return 0;
671
672 /*
673 * During 1x reauth, if the vlan id changes, then remove the old id and
674 * proceed furthur to add the new one.
675 */
676 if (old_vlanid > 0)
677 vlan_remove_dynamic(hapd, old_vlanid);
678
679 iface = hapd->conf->iface;
680 if (sta->ssid->vlan[0])
681 iface = sta->ssid->vlan;
682
683 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED)
684 sta->vlan_id = 0;
685 else if (sta->vlan_id > 0) {
686 vlan = hapd->conf->vlan;
687 while (vlan) {
688 if (vlan->vlan_id == sta->vlan_id ||
689 vlan->vlan_id == VLAN_ID_WILDCARD) {
690 iface = vlan->ifname;
691 break;
692 }
693 vlan = vlan->next;
694 }
695 }
696
697 if (sta->vlan_id > 0 && vlan == NULL) {
698 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
699 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for "
700 "binding station to (vlan_id=%d)",
701 sta->vlan_id);
702 return -1;
703 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) {
704 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id);
705 if (vlan == NULL) {
706 hostapd_logger(hapd, sta->addr,
707 HOSTAPD_MODULE_IEEE80211,
708 HOSTAPD_LEVEL_DEBUG, "could not add "
709 "dynamic VLAN interface for vlan_id=%d",
710 sta->vlan_id);
711 return -1;
712 }
713
714 iface = vlan->ifname;
715 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) {
716 hostapd_logger(hapd, sta->addr,
717 HOSTAPD_MODULE_IEEE80211,
718 HOSTAPD_LEVEL_DEBUG, "could not "
719 "configure encryption for dynamic VLAN "
720 "interface for vlan_id=%d",
721 sta->vlan_id);
722 }
723
724 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
725 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN "
726 "interface '%s'", iface);
727 } else if (vlan && vlan->vlan_id == sta->vlan_id) {
728 if (sta->vlan_id > 0) {
729 vlan->dynamic_vlan++;
730 hostapd_logger(hapd, sta->addr,
731 HOSTAPD_MODULE_IEEE80211,
732 HOSTAPD_LEVEL_DEBUG, "updated existing "
733 "dynamic VLAN interface '%s'", iface);
734 }
735
736 /*
737 * Update encryption configuration for statically generated
738 * VLAN interface. This is only used for static WEP
739 * configuration for the case where hostapd did not yet know
740 * which keys are to be used when the interface was added.
741 */
742 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) {
743 hostapd_logger(hapd, sta->addr,
744 HOSTAPD_MODULE_IEEE80211,
745 HOSTAPD_LEVEL_DEBUG, "could not "
746 "configure encryption for VLAN "
747 "interface for vlan_id=%d",
748 sta->vlan_id);
749 }
750 }
751
752 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
753 HOSTAPD_LEVEL_DEBUG, "binding station to interface "
754 "'%s'", iface);
755
756 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0)
757 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA");
758
759 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id);
760 if (ret < 0) {
761 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
762 HOSTAPD_LEVEL_DEBUG, "could not bind the STA "
763 "entry to vlan_id=%d", sta->vlan_id);
764 }
765 return ret;
766 #else /* CONFIG_NO_VLAN */
767 return 0;
768 #endif /* CONFIG_NO_VLAN */
769 }
770
771
772 #ifdef CONFIG_IEEE80211W
773
ap_check_sa_query_timeout(struct hostapd_data * hapd,struct sta_info * sta)774 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta)
775 {
776 u32 tu;
777 struct os_time now, passed;
778 os_get_time(&now);
779 os_time_sub(&now, &sta->sa_query_start, &passed);
780 tu = (passed.sec * 1000000 + passed.usec) / 1024;
781 if (hapd->conf->assoc_sa_query_max_timeout < tu) {
782 hostapd_logger(hapd, sta->addr,
783 HOSTAPD_MODULE_IEEE80211,
784 HOSTAPD_LEVEL_DEBUG,
785 "association SA Query timed out");
786 sta->sa_query_timed_out = 1;
787 os_free(sta->sa_query_trans_id);
788 sta->sa_query_trans_id = NULL;
789 sta->sa_query_count = 0;
790 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
791 return 1;
792 }
793
794 return 0;
795 }
796
797
ap_sa_query_timer(void * eloop_ctx,void * timeout_ctx)798 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx)
799 {
800 struct hostapd_data *hapd = eloop_ctx;
801 struct sta_info *sta = timeout_ctx;
802 unsigned int timeout, sec, usec;
803 u8 *trans_id, *nbuf;
804
805 if (sta->sa_query_count > 0 &&
806 ap_check_sa_query_timeout(hapd, sta))
807 return;
808
809 nbuf = os_realloc_array(sta->sa_query_trans_id,
810 sta->sa_query_count + 1,
811 WLAN_SA_QUERY_TR_ID_LEN);
812 if (nbuf == NULL)
813 return;
814 if (sta->sa_query_count == 0) {
815 /* Starting a new SA Query procedure */
816 os_get_time(&sta->sa_query_start);
817 }
818 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN;
819 sta->sa_query_trans_id = nbuf;
820 sta->sa_query_count++;
821
822 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN);
823
824 timeout = hapd->conf->assoc_sa_query_retry_timeout;
825 sec = ((timeout / 1000) * 1024) / 1000;
826 usec = (timeout % 1000) * 1024;
827 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta);
828
829 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
830 HOSTAPD_LEVEL_DEBUG,
831 "association SA Query attempt %d", sta->sa_query_count);
832
833 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id);
834 }
835
836
ap_sta_start_sa_query(struct hostapd_data * hapd,struct sta_info * sta)837 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
838 {
839 ap_sa_query_timer(hapd, sta);
840 }
841
842
ap_sta_stop_sa_query(struct hostapd_data * hapd,struct sta_info * sta)843 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
844 {
845 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta);
846 os_free(sta->sa_query_trans_id);
847 sta->sa_query_trans_id = NULL;
848 sta->sa_query_count = 0;
849 }
850
851 #endif /* CONFIG_IEEE80211W */
852
853
ap_sta_set_authorized(struct hostapd_data * hapd,struct sta_info * sta,int authorized)854 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
855 int authorized)
856 {
857 const u8 *dev_addr = NULL;
858 #ifdef CONFIG_P2P
859 u8 addr[ETH_ALEN];
860 #endif /* CONFIG_P2P */
861
862 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED))
863 return;
864
865 #ifdef CONFIG_P2P
866 if (hapd->p2p_group == NULL) {
867 if (sta->p2p_ie != NULL &&
868 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0)
869 dev_addr = addr;
870 } else
871 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr);
872 #endif /* CONFIG_P2P */
873
874 if (authorized) {
875 if (dev_addr)
876 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED
877 MACSTR " p2p_dev_addr=" MACSTR,
878 MAC2STR(sta->addr), MAC2STR(dev_addr));
879 else
880 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED
881 MACSTR, MAC2STR(sta->addr));
882 if (hapd->msg_ctx_parent &&
883 hapd->msg_ctx_parent != hapd->msg_ctx && dev_addr)
884 wpa_msg(hapd->msg_ctx_parent, MSG_INFO,
885 AP_STA_CONNECTED MACSTR " p2p_dev_addr="
886 MACSTR,
887 MAC2STR(sta->addr), MAC2STR(dev_addr));
888 else if (hapd->msg_ctx_parent &&
889 hapd->msg_ctx_parent != hapd->msg_ctx)
890 wpa_msg(hapd->msg_ctx_parent, MSG_INFO,
891 AP_STA_CONNECTED MACSTR, MAC2STR(sta->addr));
892
893 sta->flags |= WLAN_STA_AUTHORIZED;
894 } else {
895 if (dev_addr)
896 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED
897 MACSTR " p2p_dev_addr=" MACSTR,
898 MAC2STR(sta->addr), MAC2STR(dev_addr));
899 else
900 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED
901 MACSTR, MAC2STR(sta->addr));
902 if (hapd->msg_ctx_parent &&
903 hapd->msg_ctx_parent != hapd->msg_ctx && dev_addr)
904 wpa_msg(hapd->msg_ctx_parent, MSG_INFO,
905 AP_STA_DISCONNECTED MACSTR " p2p_dev_addr="
906 MACSTR, MAC2STR(sta->addr), MAC2STR(dev_addr));
907 else if (hapd->msg_ctx_parent &&
908 hapd->msg_ctx_parent != hapd->msg_ctx)
909 wpa_msg(hapd->msg_ctx_parent, MSG_INFO,
910 AP_STA_DISCONNECTED MACSTR,
911 MAC2STR(sta->addr));
912 sta->flags &= ~WLAN_STA_AUTHORIZED;
913 }
914
915 if (hapd->sta_authorized_cb)
916 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx,
917 sta->addr, authorized, dev_addr);
918 }
919
920
ap_sta_disconnect(struct hostapd_data * hapd,struct sta_info * sta,const u8 * addr,u16 reason)921 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
922 const u8 *addr, u16 reason)
923 {
924
925 if (sta == NULL && addr)
926 sta = ap_get_sta(hapd, addr);
927
928 if (addr)
929 hostapd_drv_sta_deauth(hapd, addr, reason);
930
931 if (sta == NULL)
932 return;
933 ap_sta_set_authorized(hapd, sta, 0);
934 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
935 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
936 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
937 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
938 "for " MACSTR " (%d seconds - "
939 "AP_MAX_INACTIVITY_AFTER_DEAUTH)",
940 __func__, MAC2STR(sta->addr),
941 AP_MAX_INACTIVITY_AFTER_DEAUTH);
942 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
943 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0,
944 ap_handle_timer, hapd, sta);
945 sta->timeout_next = STA_REMOVE;
946
947 sta->deauth_reason = reason;
948 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB;
949 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
950 eloop_register_timeout(hapd->iface->drv_flags &
951 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0,
952 ap_sta_deauth_cb_timeout, hapd, sta);
953 }
954
955
ap_sta_deauth_cb(struct hostapd_data * hapd,struct sta_info * sta)956 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta)
957 {
958 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) {
959 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame");
960 return;
961 }
962 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB;
963 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta);
964 ap_sta_deauth_cb_timeout(hapd, sta);
965 }
966
967
ap_sta_disassoc_cb(struct hostapd_data * hapd,struct sta_info * sta)968 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta)
969 {
970 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) {
971 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame");
972 return;
973 }
974 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB;
975 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta);
976 ap_sta_disassoc_cb_timeout(hapd, sta);
977 }
978