1 /* 2 * hostapd / Callback functions for driver wrappers 3 * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "radius/radius.h" 14 #include "drivers/driver.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/ieee802_11_common.h" 17 #include "common/wpa_ctrl.h" 18 #include "common/dpp.h" 19 #include "common/sae.h" 20 #include "common/hw_features_common.h" 21 #include "crypto/random.h" 22 #include "p2p/p2p.h" 23 #include "wps/wps.h" 24 #include "fst/fst.h" 25 #include "wnm_ap.h" 26 #include "hostapd.h" 27 #include "ieee802_11.h" 28 #include "ieee802_11_auth.h" 29 #include "sta_info.h" 30 #include "accounting.h" 31 #include "tkip_countermeasures.h" 32 #include "ieee802_1x.h" 33 #include "wpa_auth.h" 34 #include "wps_hostapd.h" 35 #include "ap_drv_ops.h" 36 #include "ap_config.h" 37 #include "ap_mlme.h" 38 #include "hw_features.h" 39 #include "dfs.h" 40 #include "beacon.h" 41 #include "mbo_ap.h" 42 #include "dpp_hostapd.h" 43 #include "fils_hlp.h" 44 #include "neighbor_db.h" 45 46 47 #ifdef CONFIG_FILS 48 void hostapd_notify_assoc_fils_finish(struct hostapd_data *hapd, 49 struct sta_info *sta) 50 { 51 u16 reply_res = WLAN_STATUS_SUCCESS; 52 struct ieee802_11_elems elems; 53 u8 buf[IEEE80211_MAX_MMPDU_SIZE], *p = buf; 54 int new_assoc; 55 56 wpa_printf(MSG_DEBUG, "%s FILS: Finish association with " MACSTR, 57 __func__, MAC2STR(sta->addr)); 58 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 59 if (!sta->fils_pending_assoc_req) 60 return; 61 62 ieee802_11_parse_elems(sta->fils_pending_assoc_req, 63 sta->fils_pending_assoc_req_len, &elems, 0); 64 if (!elems.fils_session) { 65 wpa_printf(MSG_DEBUG, "%s failed to find FILS Session element", 66 __func__); 67 return; 68 } 69 70 p = hostapd_eid_assoc_fils_session(sta->wpa_sm, p, 71 elems.fils_session, 72 sta->fils_hlp_resp); 73 74 reply_res = hostapd_sta_assoc(hapd, sta->addr, 75 sta->fils_pending_assoc_is_reassoc, 76 WLAN_STATUS_SUCCESS, 77 buf, p - buf); 78 ap_sta_set_authorized(hapd, sta, 1); 79 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; 80 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 81 sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; 82 hostapd_set_sta_flags(hapd, sta); 83 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FILS); 84 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); 85 hostapd_new_assoc_sta(hapd, sta, !new_assoc); 86 os_free(sta->fils_pending_assoc_req); 87 sta->fils_pending_assoc_req = NULL; 88 sta->fils_pending_assoc_req_len = 0; 89 wpabuf_free(sta->fils_hlp_resp); 90 sta->fils_hlp_resp = NULL; 91 wpabuf_free(sta->hlp_dhcp_discover); 92 sta->hlp_dhcp_discover = NULL; 93 fils_hlp_deinit(hapd); 94 95 /* 96 * Remove the station in case transmission of a success response fails 97 * (the STA was added associated to the driver) or if the station was 98 * previously added unassociated. 99 */ 100 if (reply_res != WLAN_STATUS_SUCCESS || sta->added_unassoc) { 101 hostapd_drv_sta_remove(hapd, sta->addr); 102 sta->added_unassoc = 0; 103 } 104 } 105 #endif /* CONFIG_FILS */ 106 107 108 static bool check_sa_query_need(struct hostapd_data *hapd, struct sta_info *sta) 109 { 110 if ((sta->flags & 111 (WLAN_STA_ASSOC | WLAN_STA_MFP | WLAN_STA_AUTHORIZED)) != 112 (WLAN_STA_ASSOC | WLAN_STA_MFP | WLAN_STA_AUTHORIZED)) 113 return false; 114 115 if (!sta->sa_query_timed_out && sta->sa_query_count > 0) 116 ap_check_sa_query_timeout(hapd, sta); 117 118 if (!sta->sa_query_timed_out && (sta->auth_alg != WLAN_AUTH_FT)) { 119 /* 120 * STA has already been associated with MFP and SA Query timeout 121 * has not been reached. Reject the association attempt 122 * temporarily and start SA Query, if one is not pending. 123 */ 124 if (sta->sa_query_count == 0) 125 ap_sta_start_sa_query(hapd, sta); 126 127 return true; 128 } 129 130 return false; 131 } 132 133 134 int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, 135 const u8 *req_ies, size_t req_ies_len, int reassoc) 136 { 137 struct sta_info *sta; 138 int new_assoc; 139 enum wpa_validate_result res; 140 struct ieee802_11_elems elems; 141 const u8 *ie; 142 size_t ielen; 143 u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; 144 u8 *p = buf; 145 u16 reason = WLAN_REASON_UNSPECIFIED; 146 int status = WLAN_STATUS_SUCCESS; 147 const u8 *p2p_dev_addr = NULL; 148 149 if (addr == NULL) { 150 /* 151 * This could potentially happen with unexpected event from the 152 * driver wrapper. This was seen at least in one case where the 153 * driver ended up being set to station mode while hostapd was 154 * running, so better make sure we stop processing such an 155 * event here. 156 */ 157 wpa_printf(MSG_DEBUG, 158 "hostapd_notif_assoc: Skip event with no address"); 159 return -1; 160 } 161 162 if (is_multicast_ether_addr(addr) || 163 is_zero_ether_addr(addr) || 164 os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { 165 /* Do not process any frames with unexpected/invalid SA so that 166 * we do not add any state for unexpected STA addresses or end 167 * up sending out frames to unexpected destination. */ 168 wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR 169 " in received indication - ignore this indication silently", 170 __func__, MAC2STR(addr)); 171 return 0; 172 } 173 174 random_add_randomness(addr, ETH_ALEN); 175 176 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 177 HOSTAPD_LEVEL_INFO, "associated"); 178 179 ieee802_11_parse_elems(req_ies, req_ies_len, &elems, 0); 180 if (elems.wps_ie) { 181 ie = elems.wps_ie - 2; 182 ielen = elems.wps_ie_len + 2; 183 wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq"); 184 } else if (elems.rsn_ie) { 185 ie = elems.rsn_ie - 2; 186 ielen = elems.rsn_ie_len + 2; 187 wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq"); 188 } else if (elems.wpa_ie) { 189 ie = elems.wpa_ie - 2; 190 ielen = elems.wpa_ie_len + 2; 191 wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq"); 192 #ifdef CONFIG_HS20 193 } else if (elems.osen) { 194 ie = elems.osen - 2; 195 ielen = elems.osen_len + 2; 196 wpa_printf(MSG_DEBUG, "STA included OSEN IE in (Re)AssocReq"); 197 #endif /* CONFIG_HS20 */ 198 } else { 199 ie = NULL; 200 ielen = 0; 201 wpa_printf(MSG_DEBUG, 202 "STA did not include WPS/RSN/WPA IE in (Re)AssocReq"); 203 } 204 205 sta = ap_get_sta(hapd, addr); 206 if (sta) { 207 ap_sta_no_session_timeout(hapd, sta); 208 accounting_sta_stop(hapd, sta); 209 210 /* 211 * Make sure that the previously registered inactivity timer 212 * will not remove the STA immediately. 213 */ 214 sta->timeout_next = STA_NULLFUNC; 215 } else { 216 sta = ap_sta_add(hapd, addr); 217 if (sta == NULL) { 218 hostapd_drv_sta_disassoc(hapd, addr, 219 WLAN_REASON_DISASSOC_AP_BUSY); 220 return -1; 221 } 222 } 223 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); 224 225 /* 226 * ACL configurations to the drivers (implementing AP SME and ACL 227 * offload) without hostapd's knowledge, can result in a disconnection 228 * though the driver accepts the connection. Skip the hostapd check for 229 * ACL if the driver supports ACL offload to avoid potentially 230 * conflicting ACL rules. 231 */ 232 if (hapd->iface->drv_max_acl_mac_addrs == 0 && 233 hostapd_check_acl(hapd, addr, NULL) != HOSTAPD_ACL_ACCEPT) { 234 wpa_printf(MSG_INFO, "STA " MACSTR " not allowed to connect", 235 MAC2STR(addr)); 236 reason = WLAN_REASON_UNSPECIFIED; 237 goto fail; 238 } 239 240 #ifdef CONFIG_P2P 241 if (elems.p2p) { 242 wpabuf_free(sta->p2p_ie); 243 sta->p2p_ie = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 244 P2P_IE_VENDOR_TYPE); 245 if (sta->p2p_ie) 246 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 247 } 248 #endif /* CONFIG_P2P */ 249 250 #ifdef NEED_AP_MLME 251 if (elems.ht_capabilities && 252 (hapd->iface->conf->ht_capab & 253 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { 254 struct ieee80211_ht_capabilities *ht_cap = 255 (struct ieee80211_ht_capabilities *) 256 elems.ht_capabilities; 257 258 if (le_to_host16(ht_cap->ht_capabilities_info) & 259 HT_CAP_INFO_40MHZ_INTOLERANT) 260 ht40_intolerant_add(hapd->iface, sta); 261 } 262 #endif /* NEED_AP_MLME */ 263 264 #ifdef CONFIG_INTERWORKING 265 if (elems.ext_capab && elems.ext_capab_len > 4) { 266 if (elems.ext_capab[4] & 0x01) 267 sta->qos_map_enabled = 1; 268 } 269 #endif /* CONFIG_INTERWORKING */ 270 271 #ifdef CONFIG_HS20 272 wpabuf_free(sta->hs20_ie); 273 if (elems.hs20 && elems.hs20_len > 4) { 274 sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4, 275 elems.hs20_len - 4); 276 } else 277 sta->hs20_ie = NULL; 278 279 wpabuf_free(sta->roaming_consortium); 280 if (elems.roaming_cons_sel) 281 sta->roaming_consortium = wpabuf_alloc_copy( 282 elems.roaming_cons_sel + 4, 283 elems.roaming_cons_sel_len - 4); 284 else 285 sta->roaming_consortium = NULL; 286 #endif /* CONFIG_HS20 */ 287 288 #ifdef CONFIG_FST 289 wpabuf_free(sta->mb_ies); 290 if (hapd->iface->fst) 291 sta->mb_ies = mb_ies_by_info(&elems.mb_ies); 292 else 293 sta->mb_ies = NULL; 294 #endif /* CONFIG_FST */ 295 296 mbo_ap_check_sta_assoc(hapd, sta, &elems); 297 298 ap_copy_sta_supp_op_classes(sta, elems.supp_op_classes, 299 elems.supp_op_classes_len); 300 301 if (hapd->conf->wpa) { 302 if (ie == NULL || ielen == 0) { 303 #ifdef CONFIG_WPS 304 if (hapd->conf->wps_state) { 305 wpa_printf(MSG_DEBUG, 306 "STA did not include WPA/RSN IE in (Re)Association Request - possible WPS use"); 307 sta->flags |= WLAN_STA_MAYBE_WPS; 308 goto skip_wpa_check; 309 } 310 #endif /* CONFIG_WPS */ 311 312 wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA"); 313 reason = WLAN_REASON_INVALID_IE; 314 status = WLAN_STATUS_INVALID_IE; 315 goto fail; 316 } 317 #ifdef CONFIG_WPS 318 if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 && 319 os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) { 320 struct wpabuf *wps; 321 322 if (check_sa_query_need(hapd, sta)) { 323 status = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY; 324 325 p = hostapd_eid_assoc_comeback_time(hapd, sta, 326 p); 327 328 hostapd_sta_assoc(hapd, addr, reassoc, status, 329 buf, p - buf); 330 return 0; 331 } 332 333 sta->flags |= WLAN_STA_WPS; 334 wps = ieee802_11_vendor_ie_concat(ie, ielen, 335 WPS_IE_VENDOR_TYPE); 336 if (wps) { 337 if (wps_is_20(wps)) { 338 wpa_printf(MSG_DEBUG, 339 "WPS: STA supports WPS 2.0"); 340 sta->flags |= WLAN_STA_WPS2; 341 } 342 wpabuf_free(wps); 343 } 344 goto skip_wpa_check; 345 } 346 #endif /* CONFIG_WPS */ 347 348 if (sta->wpa_sm == NULL) 349 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 350 sta->addr, 351 p2p_dev_addr); 352 if (sta->wpa_sm == NULL) { 353 wpa_printf(MSG_ERROR, 354 "Failed to initialize WPA state machine"); 355 return -1; 356 } 357 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, 358 hapd->iface->freq, 359 ie, ielen, 360 elems.rsnxe ? elems.rsnxe - 2 : NULL, 361 elems.rsnxe ? elems.rsnxe_len + 2 : 0, 362 elems.mdie, elems.mdie_len, 363 elems.owe_dh, elems.owe_dh_len); 364 reason = WLAN_REASON_INVALID_IE; 365 status = WLAN_STATUS_INVALID_IE; 366 switch (res) { 367 case WPA_IE_OK: 368 reason = WLAN_REASON_UNSPECIFIED; 369 status = WLAN_STATUS_SUCCESS; 370 break; 371 case WPA_INVALID_IE: 372 reason = WLAN_REASON_INVALID_IE; 373 status = WLAN_STATUS_INVALID_IE; 374 break; 375 case WPA_INVALID_GROUP: 376 reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; 377 status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; 378 break; 379 case WPA_INVALID_PAIRWISE: 380 reason = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID; 381 status = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID; 382 break; 383 case WPA_INVALID_AKMP: 384 reason = WLAN_REASON_AKMP_NOT_VALID; 385 status = WLAN_STATUS_AKMP_NOT_VALID; 386 break; 387 case WPA_NOT_ENABLED: 388 reason = WLAN_REASON_INVALID_IE; 389 status = WLAN_STATUS_INVALID_IE; 390 break; 391 case WPA_ALLOC_FAIL: 392 reason = WLAN_REASON_UNSPECIFIED; 393 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 394 break; 395 case WPA_MGMT_FRAME_PROTECTION_VIOLATION: 396 reason = WLAN_REASON_INVALID_IE; 397 status = WLAN_STATUS_INVALID_IE; 398 break; 399 case WPA_INVALID_MGMT_GROUP_CIPHER: 400 reason = WLAN_REASON_CIPHER_SUITE_REJECTED; 401 status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; 402 break; 403 case WPA_INVALID_MDIE: 404 reason = WLAN_REASON_INVALID_MDE; 405 status = WLAN_STATUS_INVALID_MDIE; 406 break; 407 case WPA_INVALID_PROTO: 408 reason = WLAN_REASON_INVALID_IE; 409 status = WLAN_STATUS_INVALID_IE; 410 break; 411 case WPA_INVALID_PMKID: 412 reason = WLAN_REASON_INVALID_PMKID; 413 status = WLAN_STATUS_INVALID_PMKID; 414 break; 415 case WPA_DENIED_OTHER_REASON: 416 reason = WLAN_REASON_UNSPECIFIED; 417 status = WLAN_STATUS_ASSOC_DENIED_UNSPEC; 418 break; 419 } 420 if (status != WLAN_STATUS_SUCCESS) { 421 wpa_printf(MSG_DEBUG, 422 "WPA/RSN information element rejected? (res %u)", 423 res); 424 wpa_hexdump(MSG_DEBUG, "IE", ie, ielen); 425 goto fail; 426 } 427 428 if (check_sa_query_need(hapd, sta)) { 429 status = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY; 430 431 p = hostapd_eid_assoc_comeback_time(hapd, sta, p); 432 433 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, 434 p - buf); 435 return 0; 436 } 437 438 if (wpa_auth_uses_mfp(sta->wpa_sm)) 439 sta->flags |= WLAN_STA_MFP; 440 else 441 sta->flags &= ~WLAN_STA_MFP; 442 443 #ifdef CONFIG_IEEE80211R_AP 444 if (sta->auth_alg == WLAN_AUTH_FT) { 445 status = wpa_ft_validate_reassoc(sta->wpa_sm, req_ies, 446 req_ies_len); 447 if (status != WLAN_STATUS_SUCCESS) { 448 if (status == WLAN_STATUS_INVALID_PMKID) 449 reason = WLAN_REASON_INVALID_IE; 450 if (status == WLAN_STATUS_INVALID_MDIE) 451 reason = WLAN_REASON_INVALID_IE; 452 if (status == WLAN_STATUS_INVALID_FTIE) 453 reason = WLAN_REASON_INVALID_IE; 454 goto fail; 455 } 456 } 457 #endif /* CONFIG_IEEE80211R_AP */ 458 #ifdef CONFIG_SAE 459 if (hapd->conf->sae_pwe == 2 && 460 sta->auth_alg == WLAN_AUTH_SAE && 461 sta->sae && !sta->sae->h2e && 462 ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len, 463 WLAN_RSNX_CAPAB_SAE_H2E)) { 464 wpa_printf(MSG_INFO, "SAE: " MACSTR 465 " indicates support for SAE H2E, but did not use it", 466 MAC2STR(sta->addr)); 467 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 468 reason = WLAN_REASON_UNSPECIFIED; 469 goto fail; 470 } 471 #endif /* CONFIG_SAE */ 472 } else if (hapd->conf->wps_state) { 473 #ifdef CONFIG_WPS 474 struct wpabuf *wps; 475 476 if (req_ies) 477 wps = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 478 WPS_IE_VENDOR_TYPE); 479 else 480 wps = NULL; 481 #ifdef CONFIG_WPS_STRICT 482 if (wps && wps_validate_assoc_req(wps) < 0) { 483 reason = WLAN_REASON_INVALID_IE; 484 status = WLAN_STATUS_INVALID_IE; 485 wpabuf_free(wps); 486 goto fail; 487 } 488 #endif /* CONFIG_WPS_STRICT */ 489 if (wps) { 490 sta->flags |= WLAN_STA_WPS; 491 if (wps_is_20(wps)) { 492 wpa_printf(MSG_DEBUG, 493 "WPS: STA supports WPS 2.0"); 494 sta->flags |= WLAN_STA_WPS2; 495 } 496 } else 497 sta->flags |= WLAN_STA_MAYBE_WPS; 498 wpabuf_free(wps); 499 #endif /* CONFIG_WPS */ 500 #ifdef CONFIG_HS20 501 } else if (hapd->conf->osen) { 502 if (elems.osen == NULL) { 503 hostapd_logger( 504 hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 505 HOSTAPD_LEVEL_INFO, 506 "No HS 2.0 OSEN element in association request"); 507 return WLAN_STATUS_INVALID_IE; 508 } 509 510 wpa_printf(MSG_DEBUG, "HS 2.0: OSEN association"); 511 if (sta->wpa_sm == NULL) 512 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 513 sta->addr, NULL); 514 if (sta->wpa_sm == NULL) { 515 wpa_printf(MSG_WARNING, 516 "Failed to initialize WPA state machine"); 517 return WLAN_STATUS_UNSPECIFIED_FAILURE; 518 } 519 if (wpa_validate_osen(hapd->wpa_auth, sta->wpa_sm, 520 elems.osen - 2, elems.osen_len + 2) < 0) 521 return WLAN_STATUS_INVALID_IE; 522 #endif /* CONFIG_HS20 */ 523 } 524 #ifdef CONFIG_WPS 525 skip_wpa_check: 526 #endif /* CONFIG_WPS */ 527 528 #ifdef CONFIG_MBO 529 if (hapd->conf->mbo_enabled && (hapd->conf->wpa & 2) && 530 elems.mbo && sta->cell_capa && !(sta->flags & WLAN_STA_MFP) && 531 hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { 532 wpa_printf(MSG_INFO, 533 "MBO: Reject WPA2 association without PMF"); 534 return WLAN_STATUS_UNSPECIFIED_FAILURE; 535 } 536 #endif /* CONFIG_MBO */ 537 538 #ifdef CONFIG_IEEE80211R_AP 539 p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, buf, sizeof(buf), 540 sta->auth_alg, req_ies, req_ies_len, 541 !elems.rsnxe); 542 if (!p) { 543 wpa_printf(MSG_DEBUG, "FT: Failed to write AssocResp IEs"); 544 return WLAN_STATUS_UNSPECIFIED_FAILURE; 545 } 546 #endif /* CONFIG_IEEE80211R_AP */ 547 548 #ifdef CONFIG_FILS 549 if (sta->auth_alg == WLAN_AUTH_FILS_SK || 550 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || 551 sta->auth_alg == WLAN_AUTH_FILS_PK) { 552 int delay_assoc = 0; 553 554 if (!req_ies) 555 return WLAN_STATUS_UNSPECIFIED_FAILURE; 556 557 if (!wpa_fils_validate_fils_session(sta->wpa_sm, req_ies, 558 req_ies_len, 559 sta->fils_session)) { 560 wpa_printf(MSG_DEBUG, 561 "FILS: Session validation failed"); 562 return WLAN_STATUS_UNSPECIFIED_FAILURE; 563 } 564 565 res = wpa_fils_validate_key_confirm(sta->wpa_sm, req_ies, 566 req_ies_len); 567 if (res < 0) { 568 wpa_printf(MSG_DEBUG, 569 "FILS: Key Confirm validation failed"); 570 return WLAN_STATUS_UNSPECIFIED_FAILURE; 571 } 572 573 if (fils_process_hlp(hapd, sta, req_ies, req_ies_len) > 0) { 574 wpa_printf(MSG_DEBUG, 575 "FILS: Delaying Assoc Response (HLP)"); 576 delay_assoc = 1; 577 } else { 578 wpa_printf(MSG_DEBUG, 579 "FILS: Going ahead with Assoc Response (no HLP)"); 580 } 581 582 if (sta) { 583 wpa_printf(MSG_DEBUG, "FILS: HLP callback cleanup"); 584 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 585 os_free(sta->fils_pending_assoc_req); 586 sta->fils_pending_assoc_req = NULL; 587 sta->fils_pending_assoc_req_len = 0; 588 wpabuf_free(sta->fils_hlp_resp); 589 sta->fils_hlp_resp = NULL; 590 sta->fils_drv_assoc_finish = 0; 591 } 592 593 if (sta && delay_assoc && status == WLAN_STATUS_SUCCESS) { 594 u8 *req_tmp; 595 596 req_tmp = os_malloc(req_ies_len); 597 if (!req_tmp) { 598 wpa_printf(MSG_DEBUG, 599 "FILS: buffer allocation failed for assoc req"); 600 goto fail; 601 } 602 os_memcpy(req_tmp, req_ies, req_ies_len); 603 sta->fils_pending_assoc_req = req_tmp; 604 sta->fils_pending_assoc_req_len = req_ies_len; 605 sta->fils_pending_assoc_is_reassoc = reassoc; 606 sta->fils_drv_assoc_finish = 1; 607 wpa_printf(MSG_DEBUG, 608 "FILS: Waiting for HLP processing before sending (Re)Association Response frame to " 609 MACSTR, MAC2STR(sta->addr)); 610 eloop_register_timeout( 611 0, hapd->conf->fils_hlp_wait_time * 1024, 612 fils_hlp_timeout, hapd, sta); 613 return 0; 614 } 615 p = hostapd_eid_assoc_fils_session(sta->wpa_sm, p, 616 elems.fils_session, 617 sta->fils_hlp_resp); 618 wpa_hexdump(MSG_DEBUG, "FILS Assoc Resp BUF (IEs)", 619 buf, p - buf); 620 } 621 #endif /* CONFIG_FILS */ 622 623 #ifdef CONFIG_OWE 624 if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && 625 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && 626 elems.owe_dh) { 627 u8 *npos; 628 u16 ret_status; 629 630 npos = owe_assoc_req_process(hapd, sta, 631 elems.owe_dh, elems.owe_dh_len, 632 p, sizeof(buf) - (p - buf), 633 &ret_status); 634 status = ret_status; 635 if (npos) 636 p = npos; 637 638 if (!npos && 639 status == WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { 640 hostapd_sta_assoc(hapd, addr, reassoc, ret_status, buf, 641 p - buf); 642 return 0; 643 } 644 645 if (!npos || status != WLAN_STATUS_SUCCESS) 646 goto fail; 647 } 648 #endif /* CONFIG_OWE */ 649 650 #ifdef CONFIG_DPP2 651 dpp_pfs_free(sta->dpp_pfs); 652 sta->dpp_pfs = NULL; 653 654 if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && 655 hapd->conf->dpp_netaccesskey && sta->wpa_sm && 656 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && 657 elems.owe_dh) { 658 sta->dpp_pfs = dpp_pfs_init( 659 wpabuf_head(hapd->conf->dpp_netaccesskey), 660 wpabuf_len(hapd->conf->dpp_netaccesskey)); 661 if (!sta->dpp_pfs) { 662 wpa_printf(MSG_DEBUG, 663 "DPP: Could not initialize PFS"); 664 /* Try to continue without PFS */ 665 goto pfs_fail; 666 } 667 668 if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, 669 elems.owe_dh_len) < 0) { 670 dpp_pfs_free(sta->dpp_pfs); 671 sta->dpp_pfs = NULL; 672 reason = WLAN_REASON_UNSPECIFIED; 673 goto fail; 674 } 675 } 676 677 wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? 678 sta->dpp_pfs->secret : NULL); 679 pfs_fail: 680 #endif /* CONFIG_DPP2 */ 681 682 if (elems.rrm_enabled && 683 elems.rrm_enabled_len >= sizeof(sta->rrm_enabled_capa)) 684 os_memcpy(sta->rrm_enabled_capa, elems.rrm_enabled, 685 sizeof(sta->rrm_enabled_capa)); 686 687 #if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_FILS) || defined(CONFIG_OWE) 688 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 689 690 if (sta->auth_alg == WLAN_AUTH_FT || 691 sta->auth_alg == WLAN_AUTH_FILS_SK || 692 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || 693 sta->auth_alg == WLAN_AUTH_FILS_PK) 694 ap_sta_set_authorized(hapd, sta, 1); 695 #else /* CONFIG_IEEE80211R_AP || CONFIG_FILS */ 696 /* Keep compiler silent about unused variables */ 697 if (status) { 698 } 699 #endif /* CONFIG_IEEE80211R_AP || CONFIG_FILS */ 700 701 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; 702 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 703 sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; 704 705 hostapd_set_sta_flags(hapd, sta); 706 707 if (reassoc && (sta->auth_alg == WLAN_AUTH_FT)) 708 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT); 709 #ifdef CONFIG_FILS 710 else if (sta->auth_alg == WLAN_AUTH_FILS_SK || 711 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || 712 sta->auth_alg == WLAN_AUTH_FILS_PK) 713 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FILS); 714 #endif /* CONFIG_FILS */ 715 else 716 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC); 717 718 hostapd_new_assoc_sta(hapd, sta, !new_assoc); 719 720 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); 721 722 #ifdef CONFIG_P2P 723 if (req_ies) { 724 p2p_group_notif_assoc(hapd->p2p_group, sta->addr, 725 req_ies, req_ies_len); 726 } 727 #endif /* CONFIG_P2P */ 728 729 return 0; 730 731 fail: 732 #ifdef CONFIG_IEEE80211R_AP 733 if (status >= 0) 734 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 735 #endif /* CONFIG_IEEE80211R_AP */ 736 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 737 ap_free_sta(hapd, sta); 738 return -1; 739 } 740 741 742 void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr) 743 { 744 struct sta_info *sta; 745 746 if (addr == NULL) { 747 /* 748 * This could potentially happen with unexpected event from the 749 * driver wrapper. This was seen at least in one case where the 750 * driver ended up reporting a station mode event while hostapd 751 * was running, so better make sure we stop processing such an 752 * event here. 753 */ 754 wpa_printf(MSG_DEBUG, 755 "hostapd_notif_disassoc: Skip event with no address"); 756 return; 757 } 758 759 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 760 HOSTAPD_LEVEL_INFO, "disassociated"); 761 762 sta = ap_get_sta(hapd, addr); 763 if (sta == NULL) { 764 wpa_printf(MSG_DEBUG, 765 "Disassociation notification for unknown STA " 766 MACSTR, MAC2STR(addr)); 767 return; 768 } 769 770 ap_sta_set_authorized(hapd, sta, 0); 771 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 772 hostapd_set_sta_flags(hapd, sta); 773 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC); 774 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; 775 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 776 ap_free_sta(hapd, sta); 777 } 778 779 780 void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr) 781 { 782 struct sta_info *sta = ap_get_sta(hapd, addr); 783 784 if (!sta || !hapd->conf->disassoc_low_ack || sta->agreed_to_steer) 785 return; 786 787 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 788 HOSTAPD_LEVEL_INFO, 789 "disconnected due to excessive missing ACKs"); 790 hostapd_drv_sta_disassoc(hapd, addr, WLAN_REASON_DISASSOC_LOW_ACK); 791 ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK); 792 } 793 794 795 void hostapd_event_sta_opmode_changed(struct hostapd_data *hapd, const u8 *addr, 796 enum smps_mode smps_mode, 797 enum chan_width chan_width, u8 rx_nss) 798 { 799 struct sta_info *sta = ap_get_sta(hapd, addr); 800 const char *txt; 801 802 if (!sta) 803 return; 804 805 switch (smps_mode) { 806 case SMPS_AUTOMATIC: 807 txt = "automatic"; 808 break; 809 case SMPS_OFF: 810 txt = "off"; 811 break; 812 case SMPS_DYNAMIC: 813 txt = "dynamic"; 814 break; 815 case SMPS_STATIC: 816 txt = "static"; 817 break; 818 default: 819 txt = NULL; 820 break; 821 } 822 if (txt) { 823 wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_SMPS_MODE_CHANGED 824 MACSTR " %s", MAC2STR(addr), txt); 825 } 826 827 switch (chan_width) { 828 case CHAN_WIDTH_20_NOHT: 829 txt = "20(no-HT)"; 830 break; 831 case CHAN_WIDTH_20: 832 txt = "20"; 833 break; 834 case CHAN_WIDTH_40: 835 txt = "40"; 836 break; 837 case CHAN_WIDTH_80: 838 txt = "80"; 839 break; 840 case CHAN_WIDTH_80P80: 841 txt = "80+80"; 842 break; 843 case CHAN_WIDTH_160: 844 txt = "160"; 845 break; 846 default: 847 txt = NULL; 848 break; 849 } 850 if (txt) { 851 wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_MAX_BW_CHANGED 852 MACSTR " %s", MAC2STR(addr), txt); 853 } 854 855 if (rx_nss != 0xff) { 856 wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_N_SS_CHANGED 857 MACSTR " %d", MAC2STR(addr), rx_nss); 858 } 859 } 860 861 862 void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht, 863 int offset, int width, int cf1, int cf2, 864 int finished) 865 { 866 #ifdef NEED_AP_MLME 867 int channel, chwidth, is_dfs; 868 u8 seg0_idx = 0, seg1_idx = 0; 869 size_t i; 870 871 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 872 HOSTAPD_LEVEL_INFO, 873 "driver %s channel switch: freq=%d, ht=%d, vht_ch=0x%x, he_ch=0x%x, offset=%d, width=%d (%s), cf1=%d, cf2=%d", 874 finished ? "had" : "starting", 875 freq, ht, hapd->iconf->ch_switch_vht_config, 876 hapd->iconf->ch_switch_he_config, offset, 877 width, channel_width_to_string(width), cf1, cf2); 878 879 if (!hapd->iface->current_mode) { 880 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 881 HOSTAPD_LEVEL_WARNING, 882 "ignore channel switch since the interface is not yet ready"); 883 return; 884 } 885 886 hapd->iface->freq = freq; 887 888 channel = hostapd_hw_get_channel(hapd, freq); 889 if (!channel) { 890 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 891 HOSTAPD_LEVEL_WARNING, 892 "driver switched to bad channel!"); 893 return; 894 } 895 896 switch (width) { 897 case CHAN_WIDTH_80: 898 chwidth = CHANWIDTH_80MHZ; 899 break; 900 case CHAN_WIDTH_80P80: 901 chwidth = CHANWIDTH_80P80MHZ; 902 break; 903 case CHAN_WIDTH_160: 904 chwidth = CHANWIDTH_160MHZ; 905 break; 906 case CHAN_WIDTH_20_NOHT: 907 case CHAN_WIDTH_20: 908 case CHAN_WIDTH_40: 909 default: 910 chwidth = CHANWIDTH_USE_HT; 911 break; 912 } 913 914 switch (hapd->iface->current_mode->mode) { 915 case HOSTAPD_MODE_IEEE80211A: 916 if (cf1 == 5935) 917 seg0_idx = (cf1 - 5925) / 5; 918 else if (cf1 > 5950) 919 seg0_idx = (cf1 - 5950) / 5; 920 else if (cf1 > 5000) 921 seg0_idx = (cf1 - 5000) / 5; 922 923 if (cf2 == 5935) 924 seg1_idx = (cf2 - 5925) / 5; 925 else if (cf2 > 5950) 926 seg1_idx = (cf2 - 5950) / 5; 927 else if (cf2 > 5000) 928 seg1_idx = (cf2 - 5000) / 5; 929 break; 930 default: 931 ieee80211_freq_to_chan(cf1, &seg0_idx); 932 ieee80211_freq_to_chan(cf2, &seg1_idx); 933 break; 934 } 935 936 hapd->iconf->channel = channel; 937 hapd->iconf->ieee80211n = ht; 938 if (!ht) { 939 hapd->iconf->ieee80211ac = 0; 940 } else if (hapd->iconf->ch_switch_vht_config) { 941 /* CHAN_SWITCH VHT config */ 942 if (hapd->iconf->ch_switch_vht_config & 943 CH_SWITCH_VHT_ENABLED) 944 hapd->iconf->ieee80211ac = 1; 945 else if (hapd->iconf->ch_switch_vht_config & 946 CH_SWITCH_VHT_DISABLED) 947 hapd->iconf->ieee80211ac = 0; 948 } else if (hapd->iconf->ch_switch_he_config) { 949 /* CHAN_SWITCH HE config */ 950 if (hapd->iconf->ch_switch_he_config & 951 CH_SWITCH_HE_ENABLED) 952 hapd->iconf->ieee80211ax = 1; 953 else if (hapd->iconf->ch_switch_he_config & 954 CH_SWITCH_HE_DISABLED) 955 hapd->iconf->ieee80211ax = 0; 956 } 957 hapd->iconf->ch_switch_vht_config = 0; 958 hapd->iconf->ch_switch_he_config = 0; 959 960 if (width == CHAN_WIDTH_40 || width == CHAN_WIDTH_80 || 961 width == CHAN_WIDTH_80P80 || width == CHAN_WIDTH_160) 962 hapd->iconf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 963 else if (width == CHAN_WIDTH_20 || width == CHAN_WIDTH_20_NOHT) 964 hapd->iconf->ht_capab &= ~HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 965 966 hapd->iconf->secondary_channel = offset; 967 hostapd_set_oper_chwidth(hapd->iconf, chwidth); 968 hostapd_set_oper_centr_freq_seg0_idx(hapd->iconf, seg0_idx); 969 hostapd_set_oper_centr_freq_seg1_idx(hapd->iconf, seg1_idx); 970 if (hapd->iconf->ieee80211ac) { 971 hapd->iconf->vht_capab &= ~VHT_CAP_SUPP_CHAN_WIDTH_MASK; 972 if (chwidth == CHANWIDTH_160MHZ) 973 hapd->iconf->vht_capab |= 974 VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 975 else if (chwidth == CHANWIDTH_80P80MHZ) 976 hapd->iconf->vht_capab |= 977 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 978 } 979 980 is_dfs = ieee80211_is_dfs(freq, hapd->iface->hw_features, 981 hapd->iface->num_hw_features); 982 983 wpa_msg(hapd->msg_ctx, MSG_INFO, 984 "%sfreq=%d ht_enabled=%d ch_offset=%d ch_width=%s cf1=%d cf2=%d dfs=%d", 985 finished ? WPA_EVENT_CHANNEL_SWITCH : 986 WPA_EVENT_CHANNEL_SWITCH_STARTED, 987 freq, ht, offset, channel_width_to_string(width), 988 cf1, cf2, is_dfs); 989 if (!finished) 990 return; 991 992 if (hapd->csa_in_progress && 993 freq == hapd->cs_freq_params.freq) { 994 hostapd_cleanup_cs_params(hapd); 995 ieee802_11_set_beacon(hapd); 996 997 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED 998 "freq=%d dfs=%d", freq, is_dfs); 999 } else if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) { 1000 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED 1001 "freq=%d dfs=%d", freq, is_dfs); 1002 } else if (is_dfs && 1003 hostapd_is_dfs_required(hapd->iface) && 1004 !hostapd_is_dfs_chan_available(hapd->iface) && 1005 !hapd->iface->cac_started) { 1006 hostapd_disable_iface(hapd->iface); 1007 hostapd_enable_iface(hapd->iface); 1008 } 1009 1010 for (i = 0; i < hapd->iface->num_bss; i++) 1011 hostapd_neighbor_set_own_report(hapd->iface->bss[i]); 1012 1013 #ifdef CONFIG_OCV 1014 if (hapd->conf->ocv) { 1015 struct sta_info *sta; 1016 bool check_sa_query = false; 1017 1018 for (sta = hapd->sta_list; sta; sta = sta->next) { 1019 if (wpa_auth_uses_ocv(sta->wpa_sm) && 1020 !(sta->flags & WLAN_STA_WNM_SLEEP_MODE)) { 1021 sta->post_csa_sa_query = 1; 1022 check_sa_query = true; 1023 } 1024 } 1025 1026 if (check_sa_query) { 1027 wpa_printf(MSG_DEBUG, 1028 "OCV: Check post-CSA SA Query initiation in 15 seconds"); 1029 eloop_register_timeout(15, 0, 1030 hostapd_ocv_check_csa_sa_query, 1031 hapd, NULL); 1032 } 1033 } 1034 #endif /* CONFIG_OCV */ 1035 #endif /* NEED_AP_MLME */ 1036 } 1037 1038 1039 void hostapd_event_connect_failed_reason(struct hostapd_data *hapd, 1040 const u8 *addr, int reason_code) 1041 { 1042 switch (reason_code) { 1043 case MAX_CLIENT_REACHED: 1044 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_MAX_STA MACSTR, 1045 MAC2STR(addr)); 1046 break; 1047 case BLOCKED_CLIENT: 1048 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_BLOCKED_STA MACSTR, 1049 MAC2STR(addr)); 1050 break; 1051 } 1052 } 1053 1054 1055 #ifdef CONFIG_ACS 1056 void hostapd_acs_channel_selected(struct hostapd_data *hapd, 1057 struct acs_selected_channels *acs_res) 1058 { 1059 int ret, i; 1060 int err = 0; 1061 struct hostapd_channel_data *pri_chan; 1062 1063 if (hapd->iconf->channel) { 1064 wpa_printf(MSG_INFO, "ACS: Channel was already set to %d", 1065 hapd->iconf->channel); 1066 return; 1067 } 1068 1069 hapd->iface->freq = acs_res->pri_freq; 1070 1071 if (!hapd->iface->current_mode) { 1072 for (i = 0; i < hapd->iface->num_hw_features; i++) { 1073 struct hostapd_hw_modes *mode = 1074 &hapd->iface->hw_features[i]; 1075 1076 if (mode->mode == acs_res->hw_mode) { 1077 if (hapd->iface->freq > 0 && 1078 !hw_get_chan(mode->mode, 1079 hapd->iface->freq, 1080 hapd->iface->hw_features, 1081 hapd->iface->num_hw_features)) 1082 continue; 1083 hapd->iface->current_mode = mode; 1084 break; 1085 } 1086 } 1087 if (!hapd->iface->current_mode) { 1088 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 1089 HOSTAPD_LEVEL_WARNING, 1090 "driver selected to bad hw_mode"); 1091 err = 1; 1092 goto out; 1093 } 1094 } 1095 1096 if (!acs_res->pri_freq) { 1097 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 1098 HOSTAPD_LEVEL_WARNING, 1099 "driver switched to bad channel"); 1100 err = 1; 1101 goto out; 1102 } 1103 pri_chan = hw_get_channel_freq(hapd->iface->current_mode->mode, 1104 acs_res->pri_freq, NULL, 1105 hapd->iface->hw_features, 1106 hapd->iface->num_hw_features); 1107 if (!pri_chan) { 1108 wpa_printf(MSG_ERROR, 1109 "ACS: Could not determine primary channel number from pri_freq %u", 1110 acs_res->pri_freq); 1111 err = 1; 1112 goto out; 1113 } 1114 1115 hapd->iconf->channel = pri_chan->chan; 1116 hapd->iconf->acs = 1; 1117 1118 if (acs_res->sec_freq == 0) 1119 hapd->iconf->secondary_channel = 0; 1120 else if (acs_res->sec_freq < acs_res->pri_freq) 1121 hapd->iconf->secondary_channel = -1; 1122 else if (acs_res->sec_freq > acs_res->pri_freq) 1123 hapd->iconf->secondary_channel = 1; 1124 else { 1125 wpa_printf(MSG_ERROR, "Invalid secondary channel!"); 1126 err = 1; 1127 goto out; 1128 } 1129 1130 hapd->iconf->edmg_channel = acs_res->edmg_channel; 1131 1132 if (hapd->iface->conf->ieee80211ac || hapd->iface->conf->ieee80211ax) { 1133 /* set defaults for backwards compatibility */ 1134 hostapd_set_oper_centr_freq_seg1_idx(hapd->iconf, 0); 1135 hostapd_set_oper_centr_freq_seg0_idx(hapd->iconf, 0); 1136 hostapd_set_oper_chwidth(hapd->iconf, CHANWIDTH_USE_HT); 1137 if (acs_res->ch_width == 40) { 1138 if (is_6ghz_freq(acs_res->pri_freq)) 1139 hostapd_set_oper_centr_freq_seg0_idx( 1140 hapd->iconf, 1141 acs_res->vht_seg0_center_ch); 1142 } else if (acs_res->ch_width == 80) { 1143 hostapd_set_oper_centr_freq_seg0_idx( 1144 hapd->iconf, acs_res->vht_seg0_center_ch); 1145 if (acs_res->vht_seg1_center_ch == 0) { 1146 hostapd_set_oper_chwidth(hapd->iconf, 1147 CHANWIDTH_80MHZ); 1148 } else { 1149 hostapd_set_oper_chwidth(hapd->iconf, 1150 CHANWIDTH_80P80MHZ); 1151 hostapd_set_oper_centr_freq_seg1_idx( 1152 hapd->iconf, 1153 acs_res->vht_seg1_center_ch); 1154 } 1155 } else if (acs_res->ch_width == 160) { 1156 hostapd_set_oper_chwidth(hapd->iconf, CHANWIDTH_160MHZ); 1157 hostapd_set_oper_centr_freq_seg0_idx( 1158 hapd->iconf, acs_res->vht_seg1_center_ch); 1159 } 1160 } 1161 1162 out: 1163 ret = hostapd_acs_completed(hapd->iface, err); 1164 if (ret) { 1165 wpa_printf(MSG_ERROR, 1166 "ACS: Possibly channel configuration is invalid"); 1167 } 1168 } 1169 #endif /* CONFIG_ACS */ 1170 1171 1172 int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa, const u8 *da, 1173 const u8 *bssid, const u8 *ie, size_t ie_len, 1174 int ssi_signal) 1175 { 1176 size_t i; 1177 int ret = 0; 1178 1179 if (sa == NULL || ie == NULL) 1180 return -1; 1181 1182 random_add_randomness(sa, ETH_ALEN); 1183 for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) { 1184 if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx, 1185 sa, da, bssid, ie, ie_len, 1186 ssi_signal) > 0) { 1187 ret = 1; 1188 break; 1189 } 1190 } 1191 return ret; 1192 } 1193 1194 1195 #ifdef HOSTAPD 1196 1197 #ifdef CONFIG_IEEE80211R_AP 1198 static void hostapd_notify_auth_ft_finish(void *ctx, const u8 *dst, 1199 const u8 *bssid, 1200 u16 auth_transaction, u16 status, 1201 const u8 *ies, size_t ies_len) 1202 { 1203 struct hostapd_data *hapd = ctx; 1204 struct sta_info *sta; 1205 1206 sta = ap_get_sta(hapd, dst); 1207 if (sta == NULL) 1208 return; 1209 1210 hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211, 1211 HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)"); 1212 sta->flags |= WLAN_STA_AUTH; 1213 1214 hostapd_sta_auth(hapd, dst, auth_transaction, status, ies, ies_len); 1215 } 1216 #endif /* CONFIG_IEEE80211R_AP */ 1217 1218 1219 #ifdef CONFIG_FILS 1220 static void hostapd_notify_auth_fils_finish(struct hostapd_data *hapd, 1221 struct sta_info *sta, u16 resp, 1222 struct wpabuf *data, int pub) 1223 { 1224 if (resp == WLAN_STATUS_SUCCESS) { 1225 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1226 HOSTAPD_LEVEL_DEBUG, "authentication OK (FILS)"); 1227 sta->flags |= WLAN_STA_AUTH; 1228 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH); 1229 sta->auth_alg = WLAN_AUTH_FILS_SK; 1230 mlme_authenticate_indication(hapd, sta); 1231 } else { 1232 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1233 HOSTAPD_LEVEL_DEBUG, 1234 "authentication failed (FILS)"); 1235 } 1236 1237 hostapd_sta_auth(hapd, sta->addr, 2, resp, 1238 data ? wpabuf_head(data) : NULL, 1239 data ? wpabuf_len(data) : 0); 1240 wpabuf_free(data); 1241 } 1242 #endif /* CONFIG_FILS */ 1243 1244 1245 static void hostapd_notif_auth(struct hostapd_data *hapd, 1246 struct auth_info *rx_auth) 1247 { 1248 struct sta_info *sta; 1249 u16 status = WLAN_STATUS_SUCCESS; 1250 u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; 1251 size_t resp_ies_len = 0; 1252 1253 sta = ap_get_sta(hapd, rx_auth->peer); 1254 if (!sta) { 1255 sta = ap_sta_add(hapd, rx_auth->peer); 1256 if (sta == NULL) { 1257 status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; 1258 goto fail; 1259 } 1260 } 1261 sta->flags &= ~WLAN_STA_PREAUTH; 1262 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0); 1263 #ifdef CONFIG_IEEE80211R_AP 1264 if (rx_auth->auth_type == WLAN_AUTH_FT && hapd->wpa_auth) { 1265 sta->auth_alg = WLAN_AUTH_FT; 1266 if (sta->wpa_sm == NULL) 1267 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 1268 sta->addr, NULL); 1269 if (sta->wpa_sm == NULL) { 1270 wpa_printf(MSG_DEBUG, 1271 "FT: Failed to initialize WPA state machine"); 1272 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 1273 goto fail; 1274 } 1275 wpa_ft_process_auth(sta->wpa_sm, rx_auth->bssid, 1276 rx_auth->auth_transaction, rx_auth->ies, 1277 rx_auth->ies_len, 1278 hostapd_notify_auth_ft_finish, hapd); 1279 return; 1280 } 1281 #endif /* CONFIG_IEEE80211R_AP */ 1282 1283 #ifdef CONFIG_FILS 1284 if (rx_auth->auth_type == WLAN_AUTH_FILS_SK) { 1285 sta->auth_alg = WLAN_AUTH_FILS_SK; 1286 handle_auth_fils(hapd, sta, rx_auth->ies, rx_auth->ies_len, 1287 rx_auth->auth_type, rx_auth->auth_transaction, 1288 rx_auth->status_code, 1289 hostapd_notify_auth_fils_finish); 1290 return; 1291 } 1292 #endif /* CONFIG_FILS */ 1293 1294 fail: 1295 hostapd_sta_auth(hapd, rx_auth->peer, rx_auth->auth_transaction + 1, 1296 status, resp_ies, resp_ies_len); 1297 } 1298 1299 1300 #ifndef NEED_AP_MLME 1301 static void hostapd_action_rx(struct hostapd_data *hapd, 1302 struct rx_mgmt *drv_mgmt) 1303 { 1304 struct ieee80211_mgmt *mgmt; 1305 struct sta_info *sta; 1306 size_t plen __maybe_unused; 1307 u16 fc; 1308 u8 *action __maybe_unused; 1309 1310 if (drv_mgmt->frame_len < IEEE80211_HDRLEN + 2 + 1) 1311 return; 1312 1313 plen = drv_mgmt->frame_len - IEEE80211_HDRLEN; 1314 1315 mgmt = (struct ieee80211_mgmt *) drv_mgmt->frame; 1316 fc = le_to_host16(mgmt->frame_control); 1317 if (WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) 1318 return; /* handled by the driver */ 1319 1320 action = (u8 *) &mgmt->u.action.u; 1321 wpa_printf(MSG_DEBUG, "RX_ACTION category %u action %u sa " MACSTR 1322 " da " MACSTR " plen %d", 1323 mgmt->u.action.category, *action, 1324 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), (int) plen); 1325 1326 sta = ap_get_sta(hapd, mgmt->sa); 1327 if (sta == NULL) { 1328 wpa_printf(MSG_DEBUG, "%s: station not found", __func__); 1329 return; 1330 } 1331 #ifdef CONFIG_IEEE80211R_AP 1332 if (mgmt->u.action.category == WLAN_ACTION_FT) { 1333 wpa_ft_action_rx(sta->wpa_sm, (u8 *) &mgmt->u.action, plen); 1334 return; 1335 } 1336 #endif /* CONFIG_IEEE80211R_AP */ 1337 if (mgmt->u.action.category == WLAN_ACTION_SA_QUERY) { 1338 ieee802_11_sa_query_action(hapd, mgmt, drv_mgmt->frame_len); 1339 return; 1340 } 1341 #ifdef CONFIG_WNM_AP 1342 if (mgmt->u.action.category == WLAN_ACTION_WNM) { 1343 ieee802_11_rx_wnm_action_ap(hapd, mgmt, drv_mgmt->frame_len); 1344 return; 1345 } 1346 #endif /* CONFIG_WNM_AP */ 1347 #ifdef CONFIG_FST 1348 if (mgmt->u.action.category == WLAN_ACTION_FST && hapd->iface->fst) { 1349 fst_rx_action(hapd->iface->fst, mgmt, drv_mgmt->frame_len); 1350 return; 1351 } 1352 #endif /* CONFIG_FST */ 1353 #ifdef CONFIG_DPP 1354 if (plen >= 2 + 4 && 1355 mgmt->u.action.u.vs_public_action.action == 1356 WLAN_PA_VENDOR_SPECIFIC && 1357 WPA_GET_BE24(mgmt->u.action.u.vs_public_action.oui) == 1358 OUI_WFA && 1359 mgmt->u.action.u.vs_public_action.variable[0] == 1360 DPP_OUI_TYPE) { 1361 const u8 *pos, *end; 1362 1363 pos = mgmt->u.action.u.vs_public_action.oui; 1364 end = drv_mgmt->frame + drv_mgmt->frame_len; 1365 hostapd_dpp_rx_action(hapd, mgmt->sa, pos, end - pos, 1366 drv_mgmt->freq); 1367 return; 1368 } 1369 #endif /* CONFIG_DPP */ 1370 } 1371 #endif /* NEED_AP_MLME */ 1372 1373 1374 #ifdef NEED_AP_MLME 1375 1376 #define HAPD_BROADCAST ((struct hostapd_data *) -1) 1377 1378 static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface, 1379 const u8 *bssid) 1380 { 1381 size_t i; 1382 1383 if (bssid == NULL) 1384 return NULL; 1385 if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff && 1386 bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff) 1387 return HAPD_BROADCAST; 1388 1389 for (i = 0; i < iface->num_bss; i++) { 1390 if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0) 1391 return iface->bss[i]; 1392 } 1393 1394 return NULL; 1395 } 1396 1397 1398 static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd, 1399 const u8 *bssid, const u8 *addr, 1400 int wds) 1401 { 1402 hapd = get_hapd_bssid(hapd->iface, bssid); 1403 if (hapd == NULL || hapd == HAPD_BROADCAST) 1404 return; 1405 1406 ieee802_11_rx_from_unknown(hapd, addr, wds); 1407 } 1408 1409 1410 static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) 1411 { 1412 struct hostapd_iface *iface = hapd->iface; 1413 const struct ieee80211_hdr *hdr; 1414 const u8 *bssid; 1415 struct hostapd_frame_info fi; 1416 int ret; 1417 1418 #ifdef CONFIG_TESTING_OPTIONS 1419 if (hapd->ext_mgmt_frame_handling) { 1420 size_t hex_len = 2 * rx_mgmt->frame_len + 1; 1421 char *hex = os_malloc(hex_len); 1422 1423 if (hex) { 1424 wpa_snprintf_hex(hex, hex_len, rx_mgmt->frame, 1425 rx_mgmt->frame_len); 1426 wpa_msg(hapd->msg_ctx, MSG_INFO, "MGMT-RX %s", hex); 1427 os_free(hex); 1428 } 1429 return 1; 1430 } 1431 #endif /* CONFIG_TESTING_OPTIONS */ 1432 1433 hdr = (const struct ieee80211_hdr *) rx_mgmt->frame; 1434 bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len); 1435 if (bssid == NULL) 1436 return 0; 1437 1438 hapd = get_hapd_bssid(iface, bssid); 1439 if (hapd == NULL) { 1440 u16 fc = le_to_host16(hdr->frame_control); 1441 1442 /* 1443 * Drop frames to unknown BSSIDs except for Beacon frames which 1444 * could be used to update neighbor information. 1445 */ 1446 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 1447 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 1448 hapd = iface->bss[0]; 1449 else 1450 return 0; 1451 } 1452 1453 os_memset(&fi, 0, sizeof(fi)); 1454 fi.freq = rx_mgmt->freq; 1455 fi.datarate = rx_mgmt->datarate; 1456 fi.ssi_signal = rx_mgmt->ssi_signal; 1457 1458 if (hapd == HAPD_BROADCAST) { 1459 size_t i; 1460 1461 ret = 0; 1462 for (i = 0; i < iface->num_bss; i++) { 1463 /* if bss is set, driver will call this function for 1464 * each bss individually. */ 1465 if (rx_mgmt->drv_priv && 1466 (iface->bss[i]->drv_priv != rx_mgmt->drv_priv)) 1467 continue; 1468 1469 if (ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame, 1470 rx_mgmt->frame_len, &fi) > 0) 1471 ret = 1; 1472 } 1473 } else 1474 ret = ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, 1475 &fi); 1476 1477 random_add_randomness(&fi, sizeof(fi)); 1478 1479 return ret; 1480 } 1481 1482 1483 static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, 1484 size_t len, u16 stype, int ok) 1485 { 1486 struct ieee80211_hdr *hdr; 1487 struct hostapd_data *orig_hapd = hapd; 1488 1489 hdr = (struct ieee80211_hdr *) buf; 1490 hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); 1491 if (!hapd) 1492 return; 1493 if (hapd == HAPD_BROADCAST) { 1494 if (stype != WLAN_FC_STYPE_ACTION || len <= 25 || 1495 buf[24] != WLAN_ACTION_PUBLIC) 1496 return; 1497 hapd = get_hapd_bssid(orig_hapd->iface, hdr->addr2); 1498 if (!hapd || hapd == HAPD_BROADCAST) 1499 return; 1500 /* 1501 * Allow processing of TX status for a Public Action frame that 1502 * used wildcard BBSID. 1503 */ 1504 } 1505 ieee802_11_mgmt_cb(hapd, buf, len, stype, ok); 1506 } 1507 1508 #endif /* NEED_AP_MLME */ 1509 1510 1511 static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) 1512 { 1513 struct sta_info *sta = ap_get_sta(hapd, addr); 1514 1515 if (sta) 1516 return 0; 1517 1518 wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR 1519 " - adding a new STA", MAC2STR(addr)); 1520 sta = ap_sta_add(hapd, addr); 1521 if (sta) { 1522 hostapd_new_assoc_sta(hapd, sta, 0); 1523 } else { 1524 wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR, 1525 MAC2STR(addr)); 1526 return -1; 1527 } 1528 1529 return 0; 1530 } 1531 1532 1533 static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, 1534 const u8 *data, size_t data_len) 1535 { 1536 struct hostapd_iface *iface = hapd->iface; 1537 struct sta_info *sta; 1538 size_t j; 1539 1540 for (j = 0; j < iface->num_bss; j++) { 1541 sta = ap_get_sta(iface->bss[j], src); 1542 if (sta && sta->flags & WLAN_STA_ASSOC) { 1543 hapd = iface->bss[j]; 1544 break; 1545 } 1546 } 1547 1548 ieee802_1x_receive(hapd, src, data, data_len); 1549 } 1550 1551 #endif /* HOSTAPD */ 1552 1553 1554 static struct hostapd_channel_data * 1555 hostapd_get_mode_chan(struct hostapd_hw_modes *mode, unsigned int freq) 1556 { 1557 int i; 1558 struct hostapd_channel_data *chan; 1559 1560 for (i = 0; i < mode->num_channels; i++) { 1561 chan = &mode->channels[i]; 1562 if ((unsigned int) chan->freq == freq) 1563 return chan; 1564 } 1565 1566 return NULL; 1567 } 1568 1569 1570 static struct hostapd_channel_data * hostapd_get_mode_channel( 1571 struct hostapd_iface *iface, unsigned int freq) 1572 { 1573 int i; 1574 struct hostapd_channel_data *chan; 1575 1576 for (i = 0; i < iface->num_hw_features; i++) { 1577 if (hostapd_hw_skip_mode(iface, &iface->hw_features[i])) 1578 continue; 1579 chan = hostapd_get_mode_chan(&iface->hw_features[i], freq); 1580 if (chan) 1581 return chan; 1582 } 1583 1584 return NULL; 1585 } 1586 1587 1588 static void hostapd_update_nf(struct hostapd_iface *iface, 1589 struct hostapd_channel_data *chan, 1590 struct freq_survey *survey) 1591 { 1592 if (!iface->chans_surveyed) { 1593 chan->min_nf = survey->nf; 1594 iface->lowest_nf = survey->nf; 1595 } else { 1596 if (dl_list_empty(&chan->survey_list)) 1597 chan->min_nf = survey->nf; 1598 else if (survey->nf < chan->min_nf) 1599 chan->min_nf = survey->nf; 1600 if (survey->nf < iface->lowest_nf) 1601 iface->lowest_nf = survey->nf; 1602 } 1603 } 1604 1605 1606 static void hostapd_single_channel_get_survey(struct hostapd_iface *iface, 1607 struct survey_results *survey_res) 1608 { 1609 struct hostapd_channel_data *chan; 1610 struct freq_survey *survey; 1611 u64 divisor, dividend; 1612 1613 survey = dl_list_first(&survey_res->survey_list, struct freq_survey, 1614 list); 1615 if (!survey || !survey->freq) 1616 return; 1617 1618 chan = hostapd_get_mode_channel(iface, survey->freq); 1619 if (!chan || chan->flag & HOSTAPD_CHAN_DISABLED) 1620 return; 1621 1622 wpa_printf(MSG_DEBUG, 1623 "Single Channel Survey: (freq=%d channel_time=%ld channel_time_busy=%ld)", 1624 survey->freq, 1625 (unsigned long int) survey->channel_time, 1626 (unsigned long int) survey->channel_time_busy); 1627 1628 if (survey->channel_time > iface->last_channel_time && 1629 survey->channel_time > survey->channel_time_busy) { 1630 dividend = survey->channel_time_busy - 1631 iface->last_channel_time_busy; 1632 divisor = survey->channel_time - iface->last_channel_time; 1633 1634 iface->channel_utilization = dividend * 255 / divisor; 1635 wpa_printf(MSG_DEBUG, "Channel Utilization: %d", 1636 iface->channel_utilization); 1637 } 1638 iface->last_channel_time = survey->channel_time; 1639 iface->last_channel_time_busy = survey->channel_time_busy; 1640 } 1641 1642 1643 void hostapd_event_get_survey(struct hostapd_iface *iface, 1644 struct survey_results *survey_results) 1645 { 1646 struct freq_survey *survey, *tmp; 1647 struct hostapd_channel_data *chan; 1648 1649 if (dl_list_empty(&survey_results->survey_list)) { 1650 wpa_printf(MSG_DEBUG, "No survey data received"); 1651 return; 1652 } 1653 1654 if (survey_results->freq_filter) { 1655 hostapd_single_channel_get_survey(iface, survey_results); 1656 return; 1657 } 1658 1659 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 1660 struct freq_survey, list) { 1661 chan = hostapd_get_mode_channel(iface, survey->freq); 1662 if (!chan) 1663 continue; 1664 if (chan->flag & HOSTAPD_CHAN_DISABLED) 1665 continue; 1666 1667 dl_list_del(&survey->list); 1668 dl_list_add_tail(&chan->survey_list, &survey->list); 1669 1670 hostapd_update_nf(iface, chan, survey); 1671 1672 iface->chans_surveyed++; 1673 } 1674 } 1675 1676 1677 #ifdef HOSTAPD 1678 #ifdef NEED_AP_MLME 1679 1680 static void hostapd_event_iface_unavailable(struct hostapd_data *hapd) 1681 { 1682 wpa_printf(MSG_DEBUG, "Interface %s is unavailable -- stopped", 1683 hapd->conf->iface); 1684 1685 if (hapd->csa_in_progress) { 1686 wpa_printf(MSG_INFO, "CSA failed (%s was stopped)", 1687 hapd->conf->iface); 1688 hostapd_switch_channel_fallback(hapd->iface, 1689 &hapd->cs_freq_params); 1690 } 1691 } 1692 1693 1694 static void hostapd_event_dfs_radar_detected(struct hostapd_data *hapd, 1695 struct dfs_event *radar) 1696 { 1697 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 1698 hostapd_dfs_radar_detected(hapd->iface, radar->freq, radar->ht_enabled, 1699 radar->chan_offset, radar->chan_width, 1700 radar->cf1, radar->cf2); 1701 } 1702 1703 1704 static void hostapd_event_dfs_pre_cac_expired(struct hostapd_data *hapd, 1705 struct dfs_event *radar) 1706 { 1707 wpa_printf(MSG_DEBUG, "DFS Pre-CAC expired on %d MHz", radar->freq); 1708 hostapd_dfs_pre_cac_expired(hapd->iface, radar->freq, radar->ht_enabled, 1709 radar->chan_offset, radar->chan_width, 1710 radar->cf1, radar->cf2); 1711 } 1712 1713 1714 static void hostapd_event_dfs_cac_finished(struct hostapd_data *hapd, 1715 struct dfs_event *radar) 1716 { 1717 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 1718 hostapd_dfs_complete_cac(hapd->iface, 1, radar->freq, radar->ht_enabled, 1719 radar->chan_offset, radar->chan_width, 1720 radar->cf1, radar->cf2); 1721 } 1722 1723 1724 static void hostapd_event_dfs_cac_aborted(struct hostapd_data *hapd, 1725 struct dfs_event *radar) 1726 { 1727 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 1728 hostapd_dfs_complete_cac(hapd->iface, 0, radar->freq, radar->ht_enabled, 1729 radar->chan_offset, radar->chan_width, 1730 radar->cf1, radar->cf2); 1731 } 1732 1733 1734 static void hostapd_event_dfs_nop_finished(struct hostapd_data *hapd, 1735 struct dfs_event *radar) 1736 { 1737 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 1738 hostapd_dfs_nop_finished(hapd->iface, radar->freq, radar->ht_enabled, 1739 radar->chan_offset, radar->chan_width, 1740 radar->cf1, radar->cf2); 1741 } 1742 1743 1744 static void hostapd_event_dfs_cac_started(struct hostapd_data *hapd, 1745 struct dfs_event *radar) 1746 { 1747 wpa_printf(MSG_DEBUG, "DFS offload CAC started on %d MHz", radar->freq); 1748 hostapd_dfs_start_cac(hapd->iface, radar->freq, radar->ht_enabled, 1749 radar->chan_offset, radar->chan_width, 1750 radar->cf1, radar->cf2); 1751 } 1752 1753 #endif /* NEED_AP_MLME */ 1754 1755 1756 static void hostapd_event_wds_sta_interface_status(struct hostapd_data *hapd, 1757 int istatus, 1758 const char *ifname, 1759 const u8 *addr) 1760 { 1761 struct sta_info *sta = ap_get_sta(hapd, addr); 1762 1763 if (sta) { 1764 os_free(sta->ifname_wds); 1765 if (istatus == INTERFACE_ADDED) 1766 sta->ifname_wds = os_strdup(ifname); 1767 else 1768 sta->ifname_wds = NULL; 1769 } 1770 1771 wpa_msg(hapd->msg_ctx, MSG_INFO, "%sifname=%s sta_addr=" MACSTR, 1772 istatus == INTERFACE_ADDED ? 1773 WDS_STA_INTERFACE_ADDED : WDS_STA_INTERFACE_REMOVED, 1774 ifname, MAC2STR(addr)); 1775 } 1776 1777 1778 #ifdef CONFIG_OWE 1779 static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd, 1780 const u8 *peer, const u8 *ie, 1781 size_t ie_len) 1782 { 1783 u16 status; 1784 struct sta_info *sta; 1785 struct ieee802_11_elems elems; 1786 1787 if (!hapd || !hapd->wpa_auth) { 1788 wpa_printf(MSG_DEBUG, "OWE: Invalid hapd context"); 1789 return -1; 1790 } 1791 if (!peer) { 1792 wpa_printf(MSG_DEBUG, "OWE: Peer unknown"); 1793 return -1; 1794 } 1795 if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) { 1796 wpa_printf(MSG_DEBUG, "OWE: No OWE AKM configured"); 1797 status = WLAN_STATUS_AKMP_NOT_VALID; 1798 goto err; 1799 } 1800 if (ieee802_11_parse_elems(ie, ie_len, &elems, 1) == ParseFailed) { 1801 wpa_printf(MSG_DEBUG, "OWE: Failed to parse OWE IE for " 1802 MACSTR, MAC2STR(peer)); 1803 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 1804 goto err; 1805 } 1806 status = owe_validate_request(hapd, peer, elems.rsn_ie, 1807 elems.rsn_ie_len, 1808 elems.owe_dh, elems.owe_dh_len); 1809 if (status != WLAN_STATUS_SUCCESS) 1810 goto err; 1811 1812 sta = ap_get_sta(hapd, peer); 1813 if (sta) { 1814 ap_sta_no_session_timeout(hapd, sta); 1815 accounting_sta_stop(hapd, sta); 1816 1817 /* 1818 * Make sure that the previously registered inactivity timer 1819 * will not remove the STA immediately. 1820 */ 1821 sta->timeout_next = STA_NULLFUNC; 1822 } else { 1823 sta = ap_sta_add(hapd, peer); 1824 if (!sta) { 1825 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 1826 goto err; 1827 } 1828 } 1829 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); 1830 1831 status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie, 1832 elems.rsn_ie_len, elems.owe_dh, 1833 elems.owe_dh_len); 1834 if (status != WLAN_STATUS_SUCCESS) 1835 ap_free_sta(hapd, sta); 1836 1837 return 0; 1838 err: 1839 hostapd_drv_update_dh_ie(hapd, peer, status, NULL, 0); 1840 return 0; 1841 } 1842 #endif /* CONFIG_OWE */ 1843 1844 1845 void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 1846 union wpa_event_data *data) 1847 { 1848 struct hostapd_data *hapd = ctx; 1849 #ifndef CONFIG_NO_STDOUT_DEBUG 1850 int level = MSG_DEBUG; 1851 1852 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame && 1853 data->rx_mgmt.frame_len >= 24) { 1854 const struct ieee80211_hdr *hdr; 1855 u16 fc; 1856 1857 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame; 1858 fc = le_to_host16(hdr->frame_control); 1859 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 1860 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 1861 level = MSG_EXCESSIVE; 1862 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 1863 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_REQ) 1864 level = MSG_EXCESSIVE; 1865 } 1866 1867 wpa_dbg(hapd->msg_ctx, level, "Event %s (%d) received", 1868 event_to_string(event), event); 1869 #endif /* CONFIG_NO_STDOUT_DEBUG */ 1870 1871 switch (event) { 1872 case EVENT_MICHAEL_MIC_FAILURE: 1873 michael_mic_failure(hapd, data->michael_mic_failure.src, 1); 1874 break; 1875 case EVENT_SCAN_RESULTS: 1876 if (hapd->iface->scan_cb) 1877 hapd->iface->scan_cb(hapd->iface); 1878 break; 1879 case EVENT_WPS_BUTTON_PUSHED: 1880 hostapd_wps_button_pushed(hapd, NULL); 1881 break; 1882 #ifdef NEED_AP_MLME 1883 case EVENT_TX_STATUS: 1884 switch (data->tx_status.type) { 1885 case WLAN_FC_TYPE_MGMT: 1886 hostapd_mgmt_tx_cb(hapd, data->tx_status.data, 1887 data->tx_status.data_len, 1888 data->tx_status.stype, 1889 data->tx_status.ack); 1890 break; 1891 case WLAN_FC_TYPE_DATA: 1892 hostapd_tx_status(hapd, data->tx_status.dst, 1893 data->tx_status.data, 1894 data->tx_status.data_len, 1895 data->tx_status.ack); 1896 break; 1897 } 1898 break; 1899 case EVENT_EAPOL_TX_STATUS: 1900 hostapd_eapol_tx_status(hapd, data->eapol_tx_status.dst, 1901 data->eapol_tx_status.data, 1902 data->eapol_tx_status.data_len, 1903 data->eapol_tx_status.ack); 1904 break; 1905 case EVENT_DRIVER_CLIENT_POLL_OK: 1906 hostapd_client_poll_ok(hapd, data->client_poll.addr); 1907 break; 1908 case EVENT_RX_FROM_UNKNOWN: 1909 hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.bssid, 1910 data->rx_from_unknown.addr, 1911 data->rx_from_unknown.wds); 1912 break; 1913 #endif /* NEED_AP_MLME */ 1914 case EVENT_RX_MGMT: 1915 if (!data->rx_mgmt.frame) 1916 break; 1917 #ifdef NEED_AP_MLME 1918 hostapd_mgmt_rx(hapd, &data->rx_mgmt); 1919 #else /* NEED_AP_MLME */ 1920 hostapd_action_rx(hapd, &data->rx_mgmt); 1921 #endif /* NEED_AP_MLME */ 1922 break; 1923 case EVENT_RX_PROBE_REQ: 1924 if (data->rx_probe_req.sa == NULL || 1925 data->rx_probe_req.ie == NULL) 1926 break; 1927 hostapd_probe_req_rx(hapd, data->rx_probe_req.sa, 1928 data->rx_probe_req.da, 1929 data->rx_probe_req.bssid, 1930 data->rx_probe_req.ie, 1931 data->rx_probe_req.ie_len, 1932 data->rx_probe_req.ssi_signal); 1933 break; 1934 case EVENT_NEW_STA: 1935 hostapd_event_new_sta(hapd, data->new_sta.addr); 1936 break; 1937 case EVENT_EAPOL_RX: 1938 hostapd_event_eapol_rx(hapd, data->eapol_rx.src, 1939 data->eapol_rx.data, 1940 data->eapol_rx.data_len); 1941 break; 1942 case EVENT_ASSOC: 1943 if (!data) 1944 return; 1945 hostapd_notif_assoc(hapd, data->assoc_info.addr, 1946 data->assoc_info.req_ies, 1947 data->assoc_info.req_ies_len, 1948 data->assoc_info.reassoc); 1949 break; 1950 #ifdef CONFIG_OWE 1951 case EVENT_UPDATE_DH: 1952 if (!data) 1953 return; 1954 hostapd_notif_update_dh_ie(hapd, data->update_dh.peer, 1955 data->update_dh.ie, 1956 data->update_dh.ie_len); 1957 break; 1958 #endif /* CONFIG_OWE */ 1959 case EVENT_DISASSOC: 1960 if (data) 1961 hostapd_notif_disassoc(hapd, data->disassoc_info.addr); 1962 break; 1963 case EVENT_DEAUTH: 1964 if (data) 1965 hostapd_notif_disassoc(hapd, data->deauth_info.addr); 1966 break; 1967 case EVENT_STATION_LOW_ACK: 1968 if (!data) 1969 break; 1970 hostapd_event_sta_low_ack(hapd, data->low_ack.addr); 1971 break; 1972 case EVENT_AUTH: 1973 hostapd_notif_auth(hapd, &data->auth); 1974 break; 1975 case EVENT_CH_SWITCH_STARTED: 1976 case EVENT_CH_SWITCH: 1977 if (!data) 1978 break; 1979 hostapd_event_ch_switch(hapd, data->ch_switch.freq, 1980 data->ch_switch.ht_enabled, 1981 data->ch_switch.ch_offset, 1982 data->ch_switch.ch_width, 1983 data->ch_switch.cf1, 1984 data->ch_switch.cf2, 1985 event == EVENT_CH_SWITCH); 1986 break; 1987 case EVENT_CONNECT_FAILED_REASON: 1988 if (!data) 1989 break; 1990 hostapd_event_connect_failed_reason( 1991 hapd, data->connect_failed_reason.addr, 1992 data->connect_failed_reason.code); 1993 break; 1994 case EVENT_SURVEY: 1995 hostapd_event_get_survey(hapd->iface, &data->survey_results); 1996 break; 1997 #ifdef NEED_AP_MLME 1998 case EVENT_INTERFACE_UNAVAILABLE: 1999 hostapd_event_iface_unavailable(hapd); 2000 break; 2001 case EVENT_DFS_RADAR_DETECTED: 2002 if (!data) 2003 break; 2004 hostapd_event_dfs_radar_detected(hapd, &data->dfs_event); 2005 break; 2006 case EVENT_DFS_PRE_CAC_EXPIRED: 2007 if (!data) 2008 break; 2009 hostapd_event_dfs_pre_cac_expired(hapd, &data->dfs_event); 2010 break; 2011 case EVENT_DFS_CAC_FINISHED: 2012 if (!data) 2013 break; 2014 hostapd_event_dfs_cac_finished(hapd, &data->dfs_event); 2015 break; 2016 case EVENT_DFS_CAC_ABORTED: 2017 if (!data) 2018 break; 2019 hostapd_event_dfs_cac_aborted(hapd, &data->dfs_event); 2020 break; 2021 case EVENT_DFS_NOP_FINISHED: 2022 if (!data) 2023 break; 2024 hostapd_event_dfs_nop_finished(hapd, &data->dfs_event); 2025 break; 2026 case EVENT_CHANNEL_LIST_CHANGED: 2027 /* channel list changed (regulatory?), update channel list */ 2028 /* TODO: check this. hostapd_get_hw_features() initializes 2029 * too much stuff. */ 2030 /* hostapd_get_hw_features(hapd->iface); */ 2031 hostapd_channel_list_updated( 2032 hapd->iface, data->channel_list_changed.initiator); 2033 break; 2034 case EVENT_DFS_CAC_STARTED: 2035 if (!data) 2036 break; 2037 hostapd_event_dfs_cac_started(hapd, &data->dfs_event); 2038 break; 2039 #endif /* NEED_AP_MLME */ 2040 case EVENT_INTERFACE_ENABLED: 2041 wpa_msg(hapd->msg_ctx, MSG_INFO, INTERFACE_ENABLED); 2042 if (hapd->disabled && hapd->started) { 2043 hapd->disabled = 0; 2044 /* 2045 * Try to re-enable interface if the driver stopped it 2046 * when the interface got disabled. 2047 */ 2048 if (hapd->wpa_auth) 2049 wpa_auth_reconfig_group_keys(hapd->wpa_auth); 2050 else 2051 hostapd_reconfig_encryption(hapd); 2052 hapd->reenable_beacon = 1; 2053 ieee802_11_set_beacon(hapd); 2054 #ifdef NEED_AP_MLME 2055 } else if (hapd->disabled && hapd->iface->cac_started) { 2056 wpa_printf(MSG_DEBUG, "DFS: restarting pending CAC"); 2057 hostapd_handle_dfs(hapd->iface); 2058 #endif /* NEED_AP_MLME */ 2059 } 2060 break; 2061 case EVENT_INTERFACE_DISABLED: 2062 hostapd_free_stas(hapd); 2063 wpa_msg(hapd->msg_ctx, MSG_INFO, INTERFACE_DISABLED); 2064 hapd->disabled = 1; 2065 break; 2066 #ifdef CONFIG_ACS 2067 case EVENT_ACS_CHANNEL_SELECTED: 2068 hostapd_acs_channel_selected(hapd, 2069 &data->acs_selected_channels); 2070 break; 2071 #endif /* CONFIG_ACS */ 2072 case EVENT_STATION_OPMODE_CHANGED: 2073 hostapd_event_sta_opmode_changed(hapd, data->sta_opmode.addr, 2074 data->sta_opmode.smps_mode, 2075 data->sta_opmode.chan_width, 2076 data->sta_opmode.rx_nss); 2077 break; 2078 case EVENT_WDS_STA_INTERFACE_STATUS: 2079 hostapd_event_wds_sta_interface_status( 2080 hapd, data->wds_sta_interface.istatus, 2081 data->wds_sta_interface.ifname, 2082 data->wds_sta_interface.sta_addr); 2083 break; 2084 default: 2085 wpa_printf(MSG_DEBUG, "Unknown event %d", event); 2086 break; 2087 } 2088 } 2089 2090 2091 void wpa_supplicant_event_global(void *ctx, enum wpa_event_type event, 2092 union wpa_event_data *data) 2093 { 2094 struct hapd_interfaces *interfaces = ctx; 2095 struct hostapd_data *hapd; 2096 2097 if (event != EVENT_INTERFACE_STATUS) 2098 return; 2099 2100 hapd = hostapd_get_iface(interfaces, data->interface_status.ifname); 2101 if (hapd && hapd->driver && hapd->driver->get_ifindex && 2102 hapd->drv_priv) { 2103 unsigned int ifindex; 2104 2105 ifindex = hapd->driver->get_ifindex(hapd->drv_priv); 2106 if (ifindex != data->interface_status.ifindex) { 2107 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 2108 "interface status ifindex %d mismatch (%d)", 2109 ifindex, data->interface_status.ifindex); 2110 return; 2111 } 2112 } 2113 if (hapd) 2114 wpa_supplicant_event(hapd, event, data); 2115 } 2116 2117 #endif /* HOSTAPD */ 2118