1 /* 2 * hostapd / Callback functions for driver wrappers 3 * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "radius/radius.h" 14 #include "drivers/driver.h" 15 #include "common/ieee802_11_defs.h" 16 #include "common/ieee802_11_common.h" 17 #include "common/wpa_ctrl.h" 18 #include "common/dpp.h" 19 #include "common/sae.h" 20 #include "common/hw_features_common.h" 21 #include "crypto/random.h" 22 #include "p2p/p2p.h" 23 #include "wps/wps.h" 24 #include "fst/fst.h" 25 #include "wnm_ap.h" 26 #include "hostapd.h" 27 #include "ieee802_11.h" 28 #include "ieee802_11_auth.h" 29 #include "sta_info.h" 30 #include "accounting.h" 31 #include "tkip_countermeasures.h" 32 #include "ieee802_1x.h" 33 #include "wpa_auth.h" 34 #include "wps_hostapd.h" 35 #include "ap_drv_ops.h" 36 #include "ap_config.h" 37 #include "ap_mlme.h" 38 #include "hw_features.h" 39 #include "dfs.h" 40 #include "beacon.h" 41 #include "mbo_ap.h" 42 #include "dpp_hostapd.h" 43 #include "fils_hlp.h" 44 #include "neighbor_db.h" 45 46 47 #ifdef CONFIG_FILS 48 void hostapd_notify_assoc_fils_finish(struct hostapd_data *hapd, 49 struct sta_info *sta) 50 { 51 u16 reply_res = WLAN_STATUS_SUCCESS; 52 struct ieee802_11_elems elems; 53 u8 buf[IEEE80211_MAX_MMPDU_SIZE], *p = buf; 54 int new_assoc; 55 56 wpa_printf(MSG_DEBUG, "%s FILS: Finish association with " MACSTR, 57 __func__, MAC2STR(sta->addr)); 58 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 59 if (!sta->fils_pending_assoc_req) 60 return; 61 62 ieee802_11_parse_elems(sta->fils_pending_assoc_req, 63 sta->fils_pending_assoc_req_len, &elems, 0); 64 if (!elems.fils_session) { 65 wpa_printf(MSG_DEBUG, "%s failed to find FILS Session element", 66 __func__); 67 return; 68 } 69 70 p = hostapd_eid_assoc_fils_session(sta->wpa_sm, p, 71 elems.fils_session, 72 sta->fils_hlp_resp); 73 74 reply_res = hostapd_sta_assoc(hapd, sta->addr, 75 sta->fils_pending_assoc_is_reassoc, 76 WLAN_STATUS_SUCCESS, 77 buf, p - buf); 78 ap_sta_set_authorized(hapd, sta, 1); 79 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; 80 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 81 sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; 82 hostapd_set_sta_flags(hapd, sta); 83 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FILS); 84 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); 85 hostapd_new_assoc_sta(hapd, sta, !new_assoc); 86 os_free(sta->fils_pending_assoc_req); 87 sta->fils_pending_assoc_req = NULL; 88 sta->fils_pending_assoc_req_len = 0; 89 wpabuf_free(sta->fils_hlp_resp); 90 sta->fils_hlp_resp = NULL; 91 wpabuf_free(sta->hlp_dhcp_discover); 92 sta->hlp_dhcp_discover = NULL; 93 fils_hlp_deinit(hapd); 94 95 /* 96 * Remove the station in case transmission of a success response fails 97 * (the STA was added associated to the driver) or if the station was 98 * previously added unassociated. 99 */ 100 if (reply_res != WLAN_STATUS_SUCCESS || sta->added_unassoc) { 101 hostapd_drv_sta_remove(hapd, sta->addr); 102 sta->added_unassoc = 0; 103 } 104 } 105 #endif /* CONFIG_FILS */ 106 107 108 static bool check_sa_query_need(struct hostapd_data *hapd, struct sta_info *sta) 109 { 110 if ((sta->flags & 111 (WLAN_STA_ASSOC | WLAN_STA_MFP | WLAN_STA_AUTHORIZED)) != 112 (WLAN_STA_ASSOC | WLAN_STA_MFP | WLAN_STA_AUTHORIZED)) 113 return false; 114 115 if (!sta->sa_query_timed_out && sta->sa_query_count > 0) 116 ap_check_sa_query_timeout(hapd, sta); 117 118 if (!sta->sa_query_timed_out && (sta->auth_alg != WLAN_AUTH_FT)) { 119 /* 120 * STA has already been associated with MFP and SA Query timeout 121 * has not been reached. Reject the association attempt 122 * temporarily and start SA Query, if one is not pending. 123 */ 124 if (sta->sa_query_count == 0) 125 ap_sta_start_sa_query(hapd, sta); 126 127 return true; 128 } 129 130 return false; 131 } 132 133 134 int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, 135 const u8 *req_ies, size_t req_ies_len, int reassoc) 136 { 137 struct sta_info *sta; 138 int new_assoc; 139 enum wpa_validate_result res; 140 struct ieee802_11_elems elems; 141 const u8 *ie; 142 size_t ielen; 143 u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; 144 u8 *p = buf; 145 u16 reason = WLAN_REASON_UNSPECIFIED; 146 int status = WLAN_STATUS_SUCCESS; 147 const u8 *p2p_dev_addr = NULL; 148 149 if (addr == NULL) { 150 /* 151 * This could potentially happen with unexpected event from the 152 * driver wrapper. This was seen at least in one case where the 153 * driver ended up being set to station mode while hostapd was 154 * running, so better make sure we stop processing such an 155 * event here. 156 */ 157 wpa_printf(MSG_DEBUG, 158 "hostapd_notif_assoc: Skip event with no address"); 159 return -1; 160 } 161 162 if (is_multicast_ether_addr(addr) || 163 is_zero_ether_addr(addr) || 164 os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { 165 /* Do not process any frames with unexpected/invalid SA so that 166 * we do not add any state for unexpected STA addresses or end 167 * up sending out frames to unexpected destination. */ 168 wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR 169 " in received indication - ignore this indication silently", 170 __func__, MAC2STR(addr)); 171 return 0; 172 } 173 174 random_add_randomness(addr, ETH_ALEN); 175 176 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 177 HOSTAPD_LEVEL_INFO, "associated"); 178 179 ieee802_11_parse_elems(req_ies, req_ies_len, &elems, 0); 180 if (elems.wps_ie) { 181 ie = elems.wps_ie - 2; 182 ielen = elems.wps_ie_len + 2; 183 wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq"); 184 } else if (elems.rsn_ie) { 185 ie = elems.rsn_ie - 2; 186 ielen = elems.rsn_ie_len + 2; 187 wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq"); 188 } else if (elems.wpa_ie) { 189 ie = elems.wpa_ie - 2; 190 ielen = elems.wpa_ie_len + 2; 191 wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq"); 192 #ifdef CONFIG_HS20 193 } else if (elems.osen) { 194 ie = elems.osen - 2; 195 ielen = elems.osen_len + 2; 196 wpa_printf(MSG_DEBUG, "STA included OSEN IE in (Re)AssocReq"); 197 #endif /* CONFIG_HS20 */ 198 } else { 199 ie = NULL; 200 ielen = 0; 201 wpa_printf(MSG_DEBUG, 202 "STA did not include WPS/RSN/WPA IE in (Re)AssocReq"); 203 } 204 205 sta = ap_get_sta(hapd, addr); 206 if (sta) { 207 ap_sta_no_session_timeout(hapd, sta); 208 accounting_sta_stop(hapd, sta); 209 210 /* 211 * Make sure that the previously registered inactivity timer 212 * will not remove the STA immediately. 213 */ 214 sta->timeout_next = STA_NULLFUNC; 215 } else { 216 sta = ap_sta_add(hapd, addr); 217 if (sta == NULL) { 218 hostapd_drv_sta_disassoc(hapd, addr, 219 WLAN_REASON_DISASSOC_AP_BUSY); 220 return -1; 221 } 222 } 223 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); 224 225 /* 226 * ACL configurations to the drivers (implementing AP SME and ACL 227 * offload) without hostapd's knowledge, can result in a disconnection 228 * though the driver accepts the connection. Skip the hostapd check for 229 * ACL if the driver supports ACL offload to avoid potentially 230 * conflicting ACL rules. 231 */ 232 if (hapd->iface->drv_max_acl_mac_addrs == 0 && 233 hostapd_check_acl(hapd, addr, NULL) != HOSTAPD_ACL_ACCEPT) { 234 wpa_printf(MSG_INFO, "STA " MACSTR " not allowed to connect", 235 MAC2STR(addr)); 236 reason = WLAN_REASON_UNSPECIFIED; 237 goto fail; 238 } 239 240 #ifdef CONFIG_P2P 241 if (elems.p2p) { 242 wpabuf_free(sta->p2p_ie); 243 sta->p2p_ie = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 244 P2P_IE_VENDOR_TYPE); 245 if (sta->p2p_ie) 246 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 247 } 248 #endif /* CONFIG_P2P */ 249 250 #ifdef NEED_AP_MLME 251 if (elems.ht_capabilities && 252 (hapd->iface->conf->ht_capab & 253 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) { 254 struct ieee80211_ht_capabilities *ht_cap = 255 (struct ieee80211_ht_capabilities *) 256 elems.ht_capabilities; 257 258 if (le_to_host16(ht_cap->ht_capabilities_info) & 259 HT_CAP_INFO_40MHZ_INTOLERANT) 260 ht40_intolerant_add(hapd->iface, sta); 261 } 262 #endif /* NEED_AP_MLME */ 263 264 #ifdef CONFIG_INTERWORKING 265 if (elems.ext_capab && elems.ext_capab_len > 4) { 266 if (elems.ext_capab[4] & 0x01) 267 sta->qos_map_enabled = 1; 268 } 269 #endif /* CONFIG_INTERWORKING */ 270 271 #ifdef CONFIG_HS20 272 wpabuf_free(sta->hs20_ie); 273 if (elems.hs20 && elems.hs20_len > 4) { 274 sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4, 275 elems.hs20_len - 4); 276 } else 277 sta->hs20_ie = NULL; 278 279 wpabuf_free(sta->roaming_consortium); 280 if (elems.roaming_cons_sel) 281 sta->roaming_consortium = wpabuf_alloc_copy( 282 elems.roaming_cons_sel + 4, 283 elems.roaming_cons_sel_len - 4); 284 else 285 sta->roaming_consortium = NULL; 286 #endif /* CONFIG_HS20 */ 287 288 #ifdef CONFIG_FST 289 wpabuf_free(sta->mb_ies); 290 if (hapd->iface->fst) 291 sta->mb_ies = mb_ies_by_info(&elems.mb_ies); 292 else 293 sta->mb_ies = NULL; 294 #endif /* CONFIG_FST */ 295 296 mbo_ap_check_sta_assoc(hapd, sta, &elems); 297 298 ap_copy_sta_supp_op_classes(sta, elems.supp_op_classes, 299 elems.supp_op_classes_len); 300 301 if (hapd->conf->wpa) { 302 if (ie == NULL || ielen == 0) { 303 #ifdef CONFIG_WPS 304 if (hapd->conf->wps_state) { 305 wpa_printf(MSG_DEBUG, 306 "STA did not include WPA/RSN IE in (Re)Association Request - possible WPS use"); 307 sta->flags |= WLAN_STA_MAYBE_WPS; 308 goto skip_wpa_check; 309 } 310 #endif /* CONFIG_WPS */ 311 312 wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA"); 313 reason = WLAN_REASON_INVALID_IE; 314 status = WLAN_STATUS_INVALID_IE; 315 goto fail; 316 } 317 #ifdef CONFIG_WPS 318 if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 && 319 os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) { 320 struct wpabuf *wps; 321 322 if (check_sa_query_need(hapd, sta)) { 323 status = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY; 324 325 p = hostapd_eid_assoc_comeback_time(hapd, sta, 326 p); 327 328 hostapd_sta_assoc(hapd, addr, reassoc, status, 329 buf, p - buf); 330 return 0; 331 } 332 333 sta->flags |= WLAN_STA_WPS; 334 wps = ieee802_11_vendor_ie_concat(ie, ielen, 335 WPS_IE_VENDOR_TYPE); 336 if (wps) { 337 if (wps_is_20(wps)) { 338 wpa_printf(MSG_DEBUG, 339 "WPS: STA supports WPS 2.0"); 340 sta->flags |= WLAN_STA_WPS2; 341 } 342 wpabuf_free(wps); 343 } 344 goto skip_wpa_check; 345 } 346 #endif /* CONFIG_WPS */ 347 348 if (sta->wpa_sm == NULL) 349 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 350 sta->addr, 351 p2p_dev_addr); 352 if (sta->wpa_sm == NULL) { 353 wpa_printf(MSG_ERROR, 354 "Failed to initialize WPA state machine"); 355 return -1; 356 } 357 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, 358 hapd->iface->freq, 359 ie, ielen, 360 elems.rsnxe ? elems.rsnxe - 2 : NULL, 361 elems.rsnxe ? elems.rsnxe_len + 2 : 0, 362 elems.mdie, elems.mdie_len, 363 elems.owe_dh, elems.owe_dh_len); 364 reason = WLAN_REASON_INVALID_IE; 365 status = WLAN_STATUS_INVALID_IE; 366 switch (res) { 367 case WPA_IE_OK: 368 reason = WLAN_REASON_UNSPECIFIED; 369 status = WLAN_STATUS_SUCCESS; 370 break; 371 case WPA_INVALID_IE: 372 reason = WLAN_REASON_INVALID_IE; 373 status = WLAN_STATUS_INVALID_IE; 374 break; 375 case WPA_INVALID_GROUP: 376 reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; 377 status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; 378 break; 379 case WPA_INVALID_PAIRWISE: 380 reason = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID; 381 status = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID; 382 break; 383 case WPA_INVALID_AKMP: 384 reason = WLAN_REASON_AKMP_NOT_VALID; 385 status = WLAN_STATUS_AKMP_NOT_VALID; 386 break; 387 case WPA_NOT_ENABLED: 388 reason = WLAN_REASON_INVALID_IE; 389 status = WLAN_STATUS_INVALID_IE; 390 break; 391 case WPA_ALLOC_FAIL: 392 reason = WLAN_REASON_UNSPECIFIED; 393 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 394 break; 395 case WPA_MGMT_FRAME_PROTECTION_VIOLATION: 396 reason = WLAN_REASON_INVALID_IE; 397 status = WLAN_STATUS_INVALID_IE; 398 break; 399 case WPA_INVALID_MGMT_GROUP_CIPHER: 400 reason = WLAN_REASON_CIPHER_SUITE_REJECTED; 401 status = WLAN_STATUS_CIPHER_REJECTED_PER_POLICY; 402 break; 403 case WPA_INVALID_MDIE: 404 reason = WLAN_REASON_INVALID_MDE; 405 status = WLAN_STATUS_INVALID_MDIE; 406 break; 407 case WPA_INVALID_PROTO: 408 reason = WLAN_REASON_INVALID_IE; 409 status = WLAN_STATUS_INVALID_IE; 410 break; 411 case WPA_INVALID_PMKID: 412 reason = WLAN_REASON_INVALID_PMKID; 413 status = WLAN_STATUS_INVALID_PMKID; 414 break; 415 case WPA_DENIED_OTHER_REASON: 416 reason = WLAN_REASON_UNSPECIFIED; 417 status = WLAN_STATUS_ASSOC_DENIED_UNSPEC; 418 break; 419 } 420 if (status != WLAN_STATUS_SUCCESS) { 421 wpa_printf(MSG_DEBUG, 422 "WPA/RSN information element rejected? (res %u)", 423 res); 424 wpa_hexdump(MSG_DEBUG, "IE", ie, ielen); 425 goto fail; 426 } 427 428 if (check_sa_query_need(hapd, sta)) { 429 status = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY; 430 431 p = hostapd_eid_assoc_comeback_time(hapd, sta, p); 432 433 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, 434 p - buf); 435 return 0; 436 } 437 438 if (wpa_auth_uses_mfp(sta->wpa_sm)) 439 sta->flags |= WLAN_STA_MFP; 440 else 441 sta->flags &= ~WLAN_STA_MFP; 442 443 #ifdef CONFIG_IEEE80211R_AP 444 if (sta->auth_alg == WLAN_AUTH_FT) { 445 status = wpa_ft_validate_reassoc(sta->wpa_sm, req_ies, 446 req_ies_len); 447 if (status != WLAN_STATUS_SUCCESS) { 448 if (status == WLAN_STATUS_INVALID_PMKID) 449 reason = WLAN_REASON_INVALID_IE; 450 if (status == WLAN_STATUS_INVALID_MDIE) 451 reason = WLAN_REASON_INVALID_IE; 452 if (status == WLAN_STATUS_INVALID_FTIE) 453 reason = WLAN_REASON_INVALID_IE; 454 goto fail; 455 } 456 } 457 #endif /* CONFIG_IEEE80211R_AP */ 458 #ifdef CONFIG_SAE 459 if (hapd->conf->sae_pwe == 2 && 460 sta->auth_alg == WLAN_AUTH_SAE && 461 sta->sae && !sta->sae->h2e && 462 ieee802_11_rsnx_capab_len(elems.rsnxe, elems.rsnxe_len, 463 WLAN_RSNX_CAPAB_SAE_H2E)) { 464 wpa_printf(MSG_INFO, "SAE: " MACSTR 465 " indicates support for SAE H2E, but did not use it", 466 MAC2STR(sta->addr)); 467 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 468 reason = WLAN_REASON_UNSPECIFIED; 469 goto fail; 470 } 471 #endif /* CONFIG_SAE */ 472 } else if (hapd->conf->wps_state) { 473 #ifdef CONFIG_WPS 474 struct wpabuf *wps; 475 476 if (req_ies) 477 wps = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 478 WPS_IE_VENDOR_TYPE); 479 else 480 wps = NULL; 481 #ifdef CONFIG_WPS_STRICT 482 if (wps && wps_validate_assoc_req(wps) < 0) { 483 reason = WLAN_REASON_INVALID_IE; 484 status = WLAN_STATUS_INVALID_IE; 485 wpabuf_free(wps); 486 goto fail; 487 } 488 #endif /* CONFIG_WPS_STRICT */ 489 if (wps) { 490 sta->flags |= WLAN_STA_WPS; 491 if (wps_is_20(wps)) { 492 wpa_printf(MSG_DEBUG, 493 "WPS: STA supports WPS 2.0"); 494 sta->flags |= WLAN_STA_WPS2; 495 } 496 } else 497 sta->flags |= WLAN_STA_MAYBE_WPS; 498 wpabuf_free(wps); 499 #endif /* CONFIG_WPS */ 500 #ifdef CONFIG_HS20 501 } else if (hapd->conf->osen) { 502 if (elems.osen == NULL) { 503 hostapd_logger( 504 hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 505 HOSTAPD_LEVEL_INFO, 506 "No HS 2.0 OSEN element in association request"); 507 return WLAN_STATUS_INVALID_IE; 508 } 509 510 wpa_printf(MSG_DEBUG, "HS 2.0: OSEN association"); 511 if (sta->wpa_sm == NULL) 512 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 513 sta->addr, NULL); 514 if (sta->wpa_sm == NULL) { 515 wpa_printf(MSG_WARNING, 516 "Failed to initialize WPA state machine"); 517 return WLAN_STATUS_UNSPECIFIED_FAILURE; 518 } 519 if (wpa_validate_osen(hapd->wpa_auth, sta->wpa_sm, 520 elems.osen - 2, elems.osen_len + 2) < 0) 521 return WLAN_STATUS_INVALID_IE; 522 #endif /* CONFIG_HS20 */ 523 } 524 #ifdef CONFIG_WPS 525 skip_wpa_check: 526 #endif /* CONFIG_WPS */ 527 528 #ifdef CONFIG_MBO 529 if (hapd->conf->mbo_enabled && (hapd->conf->wpa & 2) && 530 elems.mbo && sta->cell_capa && !(sta->flags & WLAN_STA_MFP) && 531 hapd->conf->ieee80211w != NO_MGMT_FRAME_PROTECTION) { 532 wpa_printf(MSG_INFO, 533 "MBO: Reject WPA2 association without PMF"); 534 return WLAN_STATUS_UNSPECIFIED_FAILURE; 535 } 536 #endif /* CONFIG_MBO */ 537 538 #ifdef CONFIG_IEEE80211R_AP 539 p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, buf, sizeof(buf), 540 sta->auth_alg, req_ies, req_ies_len, 541 !elems.rsnxe); 542 if (!p) { 543 wpa_printf(MSG_DEBUG, "FT: Failed to write AssocResp IEs"); 544 return WLAN_STATUS_UNSPECIFIED_FAILURE; 545 } 546 #endif /* CONFIG_IEEE80211R_AP */ 547 548 #ifdef CONFIG_FILS 549 if (sta->auth_alg == WLAN_AUTH_FILS_SK || 550 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || 551 sta->auth_alg == WLAN_AUTH_FILS_PK) { 552 int delay_assoc = 0; 553 554 if (!req_ies) 555 return WLAN_STATUS_UNSPECIFIED_FAILURE; 556 557 if (!wpa_fils_validate_fils_session(sta->wpa_sm, req_ies, 558 req_ies_len, 559 sta->fils_session)) { 560 wpa_printf(MSG_DEBUG, 561 "FILS: Session validation failed"); 562 return WLAN_STATUS_UNSPECIFIED_FAILURE; 563 } 564 565 res = wpa_fils_validate_key_confirm(sta->wpa_sm, req_ies, 566 req_ies_len); 567 if (res < 0) { 568 wpa_printf(MSG_DEBUG, 569 "FILS: Key Confirm validation failed"); 570 return WLAN_STATUS_UNSPECIFIED_FAILURE; 571 } 572 573 if (fils_process_hlp(hapd, sta, req_ies, req_ies_len) > 0) { 574 wpa_printf(MSG_DEBUG, 575 "FILS: Delaying Assoc Response (HLP)"); 576 delay_assoc = 1; 577 } else { 578 wpa_printf(MSG_DEBUG, 579 "FILS: Going ahead with Assoc Response (no HLP)"); 580 } 581 582 if (sta) { 583 wpa_printf(MSG_DEBUG, "FILS: HLP callback cleanup"); 584 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 585 os_free(sta->fils_pending_assoc_req); 586 sta->fils_pending_assoc_req = NULL; 587 sta->fils_pending_assoc_req_len = 0; 588 wpabuf_free(sta->fils_hlp_resp); 589 sta->fils_hlp_resp = NULL; 590 sta->fils_drv_assoc_finish = 0; 591 } 592 593 if (sta && delay_assoc && status == WLAN_STATUS_SUCCESS) { 594 u8 *req_tmp; 595 596 req_tmp = os_malloc(req_ies_len); 597 if (!req_tmp) { 598 wpa_printf(MSG_DEBUG, 599 "FILS: buffer allocation failed for assoc req"); 600 goto fail; 601 } 602 os_memcpy(req_tmp, req_ies, req_ies_len); 603 sta->fils_pending_assoc_req = req_tmp; 604 sta->fils_pending_assoc_req_len = req_ies_len; 605 sta->fils_pending_assoc_is_reassoc = reassoc; 606 sta->fils_drv_assoc_finish = 1; 607 wpa_printf(MSG_DEBUG, 608 "FILS: Waiting for HLP processing before sending (Re)Association Response frame to " 609 MACSTR, MAC2STR(sta->addr)); 610 eloop_register_timeout( 611 0, hapd->conf->fils_hlp_wait_time * 1024, 612 fils_hlp_timeout, hapd, sta); 613 return 0; 614 } 615 p = hostapd_eid_assoc_fils_session(sta->wpa_sm, p, 616 elems.fils_session, 617 sta->fils_hlp_resp); 618 wpa_hexdump(MSG_DEBUG, "FILS Assoc Resp BUF (IEs)", 619 buf, p - buf); 620 } 621 #endif /* CONFIG_FILS */ 622 623 #ifdef CONFIG_OWE 624 if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE) && 625 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE && 626 elems.owe_dh) { 627 u8 *npos; 628 u16 ret_status; 629 630 npos = owe_assoc_req_process(hapd, sta, 631 elems.owe_dh, elems.owe_dh_len, 632 p, sizeof(buf) - (p - buf), 633 &ret_status); 634 status = ret_status; 635 if (npos) 636 p = npos; 637 638 if (!npos && 639 status == WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { 640 hostapd_sta_assoc(hapd, addr, reassoc, ret_status, buf, 641 p - buf); 642 return 0; 643 } 644 645 if (!npos || status != WLAN_STATUS_SUCCESS) 646 goto fail; 647 } 648 #endif /* CONFIG_OWE */ 649 650 #ifdef CONFIG_DPP2 651 dpp_pfs_free(sta->dpp_pfs); 652 sta->dpp_pfs = NULL; 653 654 if ((hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_DPP) && 655 hapd->conf->dpp_netaccesskey && sta->wpa_sm && 656 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP && 657 elems.owe_dh) { 658 sta->dpp_pfs = dpp_pfs_init( 659 wpabuf_head(hapd->conf->dpp_netaccesskey), 660 wpabuf_len(hapd->conf->dpp_netaccesskey)); 661 if (!sta->dpp_pfs) { 662 wpa_printf(MSG_DEBUG, 663 "DPP: Could not initialize PFS"); 664 /* Try to continue without PFS */ 665 goto pfs_fail; 666 } 667 668 if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh, 669 elems.owe_dh_len) < 0) { 670 dpp_pfs_free(sta->dpp_pfs); 671 sta->dpp_pfs = NULL; 672 reason = WLAN_REASON_UNSPECIFIED; 673 goto fail; 674 } 675 } 676 677 wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ? 678 sta->dpp_pfs->secret : NULL); 679 pfs_fail: 680 #endif /* CONFIG_DPP2 */ 681 682 if (elems.rrm_enabled && 683 elems.rrm_enabled_len >= sizeof(sta->rrm_enabled_capa)) 684 os_memcpy(sta->rrm_enabled_capa, elems.rrm_enabled, 685 sizeof(sta->rrm_enabled_capa)); 686 687 #if defined(CONFIG_IEEE80211R_AP) || defined(CONFIG_FILS) || defined(CONFIG_OWE) 688 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 689 690 if (sta->auth_alg == WLAN_AUTH_FT || 691 sta->auth_alg == WLAN_AUTH_FILS_SK || 692 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || 693 sta->auth_alg == WLAN_AUTH_FILS_PK) 694 ap_sta_set_authorized(hapd, sta, 1); 695 #else /* CONFIG_IEEE80211R_AP || CONFIG_FILS */ 696 /* Keep compiler silent about unused variables */ 697 if (status) { 698 } 699 #endif /* CONFIG_IEEE80211R_AP || CONFIG_FILS */ 700 701 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; 702 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 703 sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE; 704 705 hostapd_set_sta_flags(hapd, sta); 706 707 if (reassoc && (sta->auth_alg == WLAN_AUTH_FT)) 708 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT); 709 #ifdef CONFIG_FILS 710 else if (sta->auth_alg == WLAN_AUTH_FILS_SK || 711 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS || 712 sta->auth_alg == WLAN_AUTH_FILS_PK) 713 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FILS); 714 #endif /* CONFIG_FILS */ 715 else 716 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC); 717 718 hostapd_new_assoc_sta(hapd, sta, !new_assoc); 719 720 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); 721 722 #ifdef CONFIG_P2P 723 if (req_ies) { 724 p2p_group_notif_assoc(hapd->p2p_group, sta->addr, 725 req_ies, req_ies_len); 726 } 727 #endif /* CONFIG_P2P */ 728 729 return 0; 730 731 fail: 732 #ifdef CONFIG_IEEE80211R_AP 733 if (status >= 0) 734 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 735 #endif /* CONFIG_IEEE80211R_AP */ 736 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 737 ap_free_sta(hapd, sta); 738 return -1; 739 } 740 741 742 void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr) 743 { 744 struct sta_info *sta; 745 746 if (addr == NULL) { 747 /* 748 * This could potentially happen with unexpected event from the 749 * driver wrapper. This was seen at least in one case where the 750 * driver ended up reporting a station mode event while hostapd 751 * was running, so better make sure we stop processing such an 752 * event here. 753 */ 754 wpa_printf(MSG_DEBUG, 755 "hostapd_notif_disassoc: Skip event with no address"); 756 return; 757 } 758 759 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 760 HOSTAPD_LEVEL_INFO, "disassociated"); 761 762 sta = ap_get_sta(hapd, addr); 763 if (sta == NULL) { 764 wpa_printf(MSG_DEBUG, 765 "Disassociation notification for unknown STA " 766 MACSTR, MAC2STR(addr)); 767 return; 768 } 769 770 ap_sta_set_authorized(hapd, sta, 0); 771 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 772 hostapd_set_sta_flags(hapd, sta); 773 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC); 774 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; 775 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 776 ap_free_sta(hapd, sta); 777 } 778 779 780 void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr) 781 { 782 struct sta_info *sta = ap_get_sta(hapd, addr); 783 784 if (!sta || !hapd->conf->disassoc_low_ack || sta->agreed_to_steer) 785 return; 786 787 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 788 HOSTAPD_LEVEL_INFO, 789 "disconnected due to excessive missing ACKs"); 790 hostapd_drv_sta_disassoc(hapd, addr, WLAN_REASON_DISASSOC_LOW_ACK); 791 ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK); 792 } 793 794 795 void hostapd_event_sta_opmode_changed(struct hostapd_data *hapd, const u8 *addr, 796 enum smps_mode smps_mode, 797 enum chan_width chan_width, u8 rx_nss) 798 { 799 struct sta_info *sta = ap_get_sta(hapd, addr); 800 const char *txt; 801 802 if (!sta) 803 return; 804 805 switch (smps_mode) { 806 case SMPS_AUTOMATIC: 807 txt = "automatic"; 808 break; 809 case SMPS_OFF: 810 txt = "off"; 811 break; 812 case SMPS_DYNAMIC: 813 txt = "dynamic"; 814 break; 815 case SMPS_STATIC: 816 txt = "static"; 817 break; 818 default: 819 txt = NULL; 820 break; 821 } 822 if (txt) { 823 wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_SMPS_MODE_CHANGED 824 MACSTR " %s", MAC2STR(addr), txt); 825 } 826 827 switch (chan_width) { 828 case CHAN_WIDTH_20_NOHT: 829 txt = "20(no-HT)"; 830 break; 831 case CHAN_WIDTH_20: 832 txt = "20"; 833 break; 834 case CHAN_WIDTH_40: 835 txt = "40"; 836 break; 837 case CHAN_WIDTH_80: 838 txt = "80"; 839 break; 840 case CHAN_WIDTH_80P80: 841 txt = "80+80"; 842 break; 843 case CHAN_WIDTH_160: 844 txt = "160"; 845 break; 846 default: 847 txt = NULL; 848 break; 849 } 850 if (txt) { 851 wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_MAX_BW_CHANGED 852 MACSTR " %s", MAC2STR(addr), txt); 853 } 854 855 if (rx_nss != 0xff) { 856 wpa_msg(hapd->msg_ctx, MSG_INFO, STA_OPMODE_N_SS_CHANGED 857 MACSTR " %d", MAC2STR(addr), rx_nss); 858 } 859 } 860 861 862 void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht, 863 int offset, int width, int cf1, int cf2, 864 int finished) 865 { 866 #ifdef NEED_AP_MLME 867 int channel, chwidth, is_dfs; 868 u8 seg0_idx = 0, seg1_idx = 0; 869 size_t i; 870 871 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 872 HOSTAPD_LEVEL_INFO, 873 "driver %s channel switch: freq=%d, ht=%d, vht_ch=0x%x, he_ch=0x%x, offset=%d, width=%d (%s), cf1=%d, cf2=%d", 874 finished ? "had" : "starting", 875 freq, ht, hapd->iconf->ch_switch_vht_config, 876 hapd->iconf->ch_switch_he_config, offset, 877 width, channel_width_to_string(width), cf1, cf2); 878 879 if (!hapd->iface->current_mode) { 880 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 881 HOSTAPD_LEVEL_WARNING, 882 "ignore channel switch since the interface is not yet ready"); 883 return; 884 } 885 886 hapd->iface->freq = freq; 887 888 channel = hostapd_hw_get_channel(hapd, freq); 889 if (!channel) { 890 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 891 HOSTAPD_LEVEL_WARNING, 892 "driver switched to bad channel!"); 893 return; 894 } 895 896 switch (width) { 897 case CHAN_WIDTH_80: 898 chwidth = CHANWIDTH_80MHZ; 899 break; 900 case CHAN_WIDTH_80P80: 901 chwidth = CHANWIDTH_80P80MHZ; 902 break; 903 case CHAN_WIDTH_160: 904 chwidth = CHANWIDTH_160MHZ; 905 break; 906 case CHAN_WIDTH_20_NOHT: 907 case CHAN_WIDTH_20: 908 case CHAN_WIDTH_40: 909 default: 910 chwidth = CHANWIDTH_USE_HT; 911 break; 912 } 913 914 switch (hapd->iface->current_mode->mode) { 915 case HOSTAPD_MODE_IEEE80211A: 916 if (cf1 == 5935) 917 seg0_idx = (cf1 - 5925) / 5; 918 else if (cf1 > 5950) 919 seg0_idx = (cf1 - 5950) / 5; 920 else if (cf1 > 5000) 921 seg0_idx = (cf1 - 5000) / 5; 922 923 if (cf2 == 5935) 924 seg1_idx = (cf2 - 5925) / 5; 925 else if (cf2 > 5950) 926 seg1_idx = (cf2 - 5950) / 5; 927 else if (cf2 > 5000) 928 seg1_idx = (cf2 - 5000) / 5; 929 break; 930 default: 931 ieee80211_freq_to_chan(cf1, &seg0_idx); 932 ieee80211_freq_to_chan(cf2, &seg1_idx); 933 break; 934 } 935 936 hapd->iconf->channel = channel; 937 hapd->iconf->ieee80211n = ht; 938 if (!ht) { 939 hapd->iconf->ieee80211ac = 0; 940 } else if (hapd->iconf->ch_switch_vht_config) { 941 /* CHAN_SWITCH VHT config */ 942 if (hapd->iconf->ch_switch_vht_config & 943 CH_SWITCH_VHT_ENABLED) 944 hapd->iconf->ieee80211ac = 1; 945 else if (hapd->iconf->ch_switch_vht_config & 946 CH_SWITCH_VHT_DISABLED) 947 hapd->iconf->ieee80211ac = 0; 948 } else if (hapd->iconf->ch_switch_he_config) { 949 /* CHAN_SWITCH HE config */ 950 if (hapd->iconf->ch_switch_he_config & 951 CH_SWITCH_HE_ENABLED) 952 hapd->iconf->ieee80211ax = 1; 953 else if (hapd->iconf->ch_switch_he_config & 954 CH_SWITCH_HE_DISABLED) 955 hapd->iconf->ieee80211ax = 0; 956 } 957 hapd->iconf->ch_switch_vht_config = 0; 958 hapd->iconf->ch_switch_he_config = 0; 959 960 hapd->iconf->secondary_channel = offset; 961 hostapd_set_oper_chwidth(hapd->iconf, chwidth); 962 hostapd_set_oper_centr_freq_seg0_idx(hapd->iconf, seg0_idx); 963 hostapd_set_oper_centr_freq_seg1_idx(hapd->iconf, seg1_idx); 964 if (hapd->iconf->ieee80211ac) { 965 hapd->iconf->vht_capab &= ~VHT_CAP_SUPP_CHAN_WIDTH_MASK; 966 if (chwidth == CHANWIDTH_160MHZ) 967 hapd->iconf->vht_capab |= 968 VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 969 else if (chwidth == CHANWIDTH_80P80MHZ) 970 hapd->iconf->vht_capab |= 971 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 972 } 973 974 is_dfs = ieee80211_is_dfs(freq, hapd->iface->hw_features, 975 hapd->iface->num_hw_features); 976 977 wpa_msg(hapd->msg_ctx, MSG_INFO, 978 "%sfreq=%d ht_enabled=%d ch_offset=%d ch_width=%s cf1=%d cf2=%d dfs=%d", 979 finished ? WPA_EVENT_CHANNEL_SWITCH : 980 WPA_EVENT_CHANNEL_SWITCH_STARTED, 981 freq, ht, offset, channel_width_to_string(width), 982 cf1, cf2, is_dfs); 983 if (!finished) 984 return; 985 986 if (hapd->csa_in_progress && 987 freq == hapd->cs_freq_params.freq) { 988 hostapd_cleanup_cs_params(hapd); 989 ieee802_11_set_beacon(hapd); 990 991 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED 992 "freq=%d dfs=%d", freq, is_dfs); 993 } else if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) { 994 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_CSA_FINISHED 995 "freq=%d dfs=%d", freq, is_dfs); 996 } else if (is_dfs && 997 hostapd_is_dfs_required(hapd->iface) && 998 !hostapd_is_dfs_chan_available(hapd->iface) && 999 !hapd->iface->cac_started) { 1000 hostapd_disable_iface(hapd->iface); 1001 hostapd_enable_iface(hapd->iface); 1002 } 1003 1004 for (i = 0; i < hapd->iface->num_bss; i++) 1005 hostapd_neighbor_set_own_report(hapd->iface->bss[i]); 1006 1007 #ifdef CONFIG_OCV 1008 if (hapd->conf->ocv) { 1009 struct sta_info *sta; 1010 bool check_sa_query = false; 1011 1012 for (sta = hapd->sta_list; sta; sta = sta->next) { 1013 if (wpa_auth_uses_ocv(sta->wpa_sm) && 1014 !(sta->flags & WLAN_STA_WNM_SLEEP_MODE)) { 1015 sta->post_csa_sa_query = 1; 1016 check_sa_query = true; 1017 } 1018 } 1019 1020 if (check_sa_query) { 1021 wpa_printf(MSG_DEBUG, 1022 "OCV: Check post-CSA SA Query initiation in 15 seconds"); 1023 eloop_register_timeout(15, 0, 1024 hostapd_ocv_check_csa_sa_query, 1025 hapd, NULL); 1026 } 1027 } 1028 #endif /* CONFIG_OCV */ 1029 #endif /* NEED_AP_MLME */ 1030 } 1031 1032 1033 void hostapd_event_connect_failed_reason(struct hostapd_data *hapd, 1034 const u8 *addr, int reason_code) 1035 { 1036 switch (reason_code) { 1037 case MAX_CLIENT_REACHED: 1038 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_MAX_STA MACSTR, 1039 MAC2STR(addr)); 1040 break; 1041 case BLOCKED_CLIENT: 1042 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_BLOCKED_STA MACSTR, 1043 MAC2STR(addr)); 1044 break; 1045 } 1046 } 1047 1048 1049 #ifdef CONFIG_ACS 1050 void hostapd_acs_channel_selected(struct hostapd_data *hapd, 1051 struct acs_selected_channels *acs_res) 1052 { 1053 int ret, i; 1054 int err = 0; 1055 struct hostapd_channel_data *pri_chan; 1056 1057 if (hapd->iconf->channel) { 1058 wpa_printf(MSG_INFO, "ACS: Channel was already set to %d", 1059 hapd->iconf->channel); 1060 return; 1061 } 1062 1063 hapd->iface->freq = acs_res->pri_freq; 1064 1065 if (!hapd->iface->current_mode) { 1066 for (i = 0; i < hapd->iface->num_hw_features; i++) { 1067 struct hostapd_hw_modes *mode = 1068 &hapd->iface->hw_features[i]; 1069 1070 if (mode->mode == acs_res->hw_mode) { 1071 if (hapd->iface->freq > 0 && 1072 !hw_get_chan(mode->mode, 1073 hapd->iface->freq, 1074 hapd->iface->hw_features, 1075 hapd->iface->num_hw_features)) 1076 continue; 1077 hapd->iface->current_mode = mode; 1078 break; 1079 } 1080 } 1081 if (!hapd->iface->current_mode) { 1082 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 1083 HOSTAPD_LEVEL_WARNING, 1084 "driver selected to bad hw_mode"); 1085 err = 1; 1086 goto out; 1087 } 1088 } 1089 1090 if (!acs_res->pri_freq) { 1091 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 1092 HOSTAPD_LEVEL_WARNING, 1093 "driver switched to bad channel"); 1094 err = 1; 1095 goto out; 1096 } 1097 pri_chan = hw_get_channel_freq(hapd->iface->current_mode->mode, 1098 acs_res->pri_freq, NULL, 1099 hapd->iface->hw_features, 1100 hapd->iface->num_hw_features); 1101 if (!pri_chan) { 1102 wpa_printf(MSG_ERROR, 1103 "ACS: Could not determine primary channel number from pri_freq %u", 1104 acs_res->pri_freq); 1105 err = 1; 1106 goto out; 1107 } 1108 1109 hapd->iconf->channel = pri_chan->chan; 1110 hapd->iconf->acs = 1; 1111 1112 if (acs_res->sec_freq == 0) 1113 hapd->iconf->secondary_channel = 0; 1114 else if (acs_res->sec_freq < acs_res->pri_freq) 1115 hapd->iconf->secondary_channel = -1; 1116 else if (acs_res->sec_freq > acs_res->pri_freq) 1117 hapd->iconf->secondary_channel = 1; 1118 else { 1119 wpa_printf(MSG_ERROR, "Invalid secondary channel!"); 1120 err = 1; 1121 goto out; 1122 } 1123 1124 hapd->iconf->edmg_channel = acs_res->edmg_channel; 1125 1126 if (hapd->iface->conf->ieee80211ac || hapd->iface->conf->ieee80211ax) { 1127 /* set defaults for backwards compatibility */ 1128 hostapd_set_oper_centr_freq_seg1_idx(hapd->iconf, 0); 1129 hostapd_set_oper_centr_freq_seg0_idx(hapd->iconf, 0); 1130 hostapd_set_oper_chwidth(hapd->iconf, CHANWIDTH_USE_HT); 1131 if (acs_res->ch_width == 40) { 1132 if (is_6ghz_freq(acs_res->pri_freq)) 1133 hostapd_set_oper_centr_freq_seg0_idx( 1134 hapd->iconf, 1135 acs_res->vht_seg0_center_ch); 1136 } else if (acs_res->ch_width == 80) { 1137 hostapd_set_oper_centr_freq_seg0_idx( 1138 hapd->iconf, acs_res->vht_seg0_center_ch); 1139 if (acs_res->vht_seg1_center_ch == 0) { 1140 hostapd_set_oper_chwidth(hapd->iconf, 1141 CHANWIDTH_80MHZ); 1142 } else { 1143 hostapd_set_oper_chwidth(hapd->iconf, 1144 CHANWIDTH_80P80MHZ); 1145 hostapd_set_oper_centr_freq_seg1_idx( 1146 hapd->iconf, 1147 acs_res->vht_seg1_center_ch); 1148 } 1149 } else if (acs_res->ch_width == 160) { 1150 hostapd_set_oper_chwidth(hapd->iconf, CHANWIDTH_160MHZ); 1151 hostapd_set_oper_centr_freq_seg0_idx( 1152 hapd->iconf, acs_res->vht_seg1_center_ch); 1153 } 1154 } 1155 1156 out: 1157 ret = hostapd_acs_completed(hapd->iface, err); 1158 if (ret) { 1159 wpa_printf(MSG_ERROR, 1160 "ACS: Possibly channel configuration is invalid"); 1161 } 1162 } 1163 #endif /* CONFIG_ACS */ 1164 1165 1166 int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa, const u8 *da, 1167 const u8 *bssid, const u8 *ie, size_t ie_len, 1168 int ssi_signal) 1169 { 1170 size_t i; 1171 int ret = 0; 1172 1173 if (sa == NULL || ie == NULL) 1174 return -1; 1175 1176 random_add_randomness(sa, ETH_ALEN); 1177 for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) { 1178 if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx, 1179 sa, da, bssid, ie, ie_len, 1180 ssi_signal) > 0) { 1181 ret = 1; 1182 break; 1183 } 1184 } 1185 return ret; 1186 } 1187 1188 1189 #ifdef HOSTAPD 1190 1191 #ifdef CONFIG_IEEE80211R_AP 1192 static void hostapd_notify_auth_ft_finish(void *ctx, const u8 *dst, 1193 const u8 *bssid, 1194 u16 auth_transaction, u16 status, 1195 const u8 *ies, size_t ies_len) 1196 { 1197 struct hostapd_data *hapd = ctx; 1198 struct sta_info *sta; 1199 1200 sta = ap_get_sta(hapd, dst); 1201 if (sta == NULL) 1202 return; 1203 1204 hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211, 1205 HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)"); 1206 sta->flags |= WLAN_STA_AUTH; 1207 1208 hostapd_sta_auth(hapd, dst, auth_transaction, status, ies, ies_len); 1209 } 1210 #endif /* CONFIG_IEEE80211R_AP */ 1211 1212 1213 #ifdef CONFIG_FILS 1214 static void hostapd_notify_auth_fils_finish(struct hostapd_data *hapd, 1215 struct sta_info *sta, u16 resp, 1216 struct wpabuf *data, int pub) 1217 { 1218 if (resp == WLAN_STATUS_SUCCESS) { 1219 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1220 HOSTAPD_LEVEL_DEBUG, "authentication OK (FILS)"); 1221 sta->flags |= WLAN_STA_AUTH; 1222 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH); 1223 sta->auth_alg = WLAN_AUTH_FILS_SK; 1224 mlme_authenticate_indication(hapd, sta); 1225 } else { 1226 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1227 HOSTAPD_LEVEL_DEBUG, 1228 "authentication failed (FILS)"); 1229 } 1230 1231 hostapd_sta_auth(hapd, sta->addr, 2, resp, 1232 data ? wpabuf_head(data) : NULL, 1233 data ? wpabuf_len(data) : 0); 1234 wpabuf_free(data); 1235 } 1236 #endif /* CONFIG_FILS */ 1237 1238 1239 static void hostapd_notif_auth(struct hostapd_data *hapd, 1240 struct auth_info *rx_auth) 1241 { 1242 struct sta_info *sta; 1243 u16 status = WLAN_STATUS_SUCCESS; 1244 u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; 1245 size_t resp_ies_len = 0; 1246 1247 sta = ap_get_sta(hapd, rx_auth->peer); 1248 if (!sta) { 1249 sta = ap_sta_add(hapd, rx_auth->peer); 1250 if (sta == NULL) { 1251 status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; 1252 goto fail; 1253 } 1254 } 1255 sta->flags &= ~WLAN_STA_PREAUTH; 1256 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0); 1257 #ifdef CONFIG_IEEE80211R_AP 1258 if (rx_auth->auth_type == WLAN_AUTH_FT && hapd->wpa_auth) { 1259 sta->auth_alg = WLAN_AUTH_FT; 1260 if (sta->wpa_sm == NULL) 1261 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 1262 sta->addr, NULL); 1263 if (sta->wpa_sm == NULL) { 1264 wpa_printf(MSG_DEBUG, 1265 "FT: Failed to initialize WPA state machine"); 1266 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 1267 goto fail; 1268 } 1269 wpa_ft_process_auth(sta->wpa_sm, rx_auth->bssid, 1270 rx_auth->auth_transaction, rx_auth->ies, 1271 rx_auth->ies_len, 1272 hostapd_notify_auth_ft_finish, hapd); 1273 return; 1274 } 1275 #endif /* CONFIG_IEEE80211R_AP */ 1276 1277 #ifdef CONFIG_FILS 1278 if (rx_auth->auth_type == WLAN_AUTH_FILS_SK) { 1279 sta->auth_alg = WLAN_AUTH_FILS_SK; 1280 handle_auth_fils(hapd, sta, rx_auth->ies, rx_auth->ies_len, 1281 rx_auth->auth_type, rx_auth->auth_transaction, 1282 rx_auth->status_code, 1283 hostapd_notify_auth_fils_finish); 1284 return; 1285 } 1286 #endif /* CONFIG_FILS */ 1287 1288 fail: 1289 hostapd_sta_auth(hapd, rx_auth->peer, rx_auth->auth_transaction + 1, 1290 status, resp_ies, resp_ies_len); 1291 } 1292 1293 1294 #ifndef NEED_AP_MLME 1295 static void hostapd_action_rx(struct hostapd_data *hapd, 1296 struct rx_mgmt *drv_mgmt) 1297 { 1298 struct ieee80211_mgmt *mgmt; 1299 struct sta_info *sta; 1300 size_t plen __maybe_unused; 1301 u16 fc; 1302 u8 *action __maybe_unused; 1303 1304 if (drv_mgmt->frame_len < IEEE80211_HDRLEN + 2 + 1) 1305 return; 1306 1307 plen = drv_mgmt->frame_len - IEEE80211_HDRLEN; 1308 1309 mgmt = (struct ieee80211_mgmt *) drv_mgmt->frame; 1310 fc = le_to_host16(mgmt->frame_control); 1311 if (WLAN_FC_GET_STYPE(fc) != WLAN_FC_STYPE_ACTION) 1312 return; /* handled by the driver */ 1313 1314 action = (u8 *) &mgmt->u.action.u; 1315 wpa_printf(MSG_DEBUG, "RX_ACTION category %u action %u sa " MACSTR 1316 " da " MACSTR " plen %d", 1317 mgmt->u.action.category, *action, 1318 MAC2STR(mgmt->sa), MAC2STR(mgmt->da), (int) plen); 1319 1320 sta = ap_get_sta(hapd, mgmt->sa); 1321 if (sta == NULL) { 1322 wpa_printf(MSG_DEBUG, "%s: station not found", __func__); 1323 return; 1324 } 1325 #ifdef CONFIG_IEEE80211R_AP 1326 if (mgmt->u.action.category == WLAN_ACTION_FT) { 1327 wpa_ft_action_rx(sta->wpa_sm, (u8 *) &mgmt->u.action, plen); 1328 return; 1329 } 1330 #endif /* CONFIG_IEEE80211R_AP */ 1331 if (mgmt->u.action.category == WLAN_ACTION_SA_QUERY) { 1332 ieee802_11_sa_query_action(hapd, mgmt, drv_mgmt->frame_len); 1333 return; 1334 } 1335 #ifdef CONFIG_WNM_AP 1336 if (mgmt->u.action.category == WLAN_ACTION_WNM) { 1337 ieee802_11_rx_wnm_action_ap(hapd, mgmt, drv_mgmt->frame_len); 1338 return; 1339 } 1340 #endif /* CONFIG_WNM_AP */ 1341 #ifdef CONFIG_FST 1342 if (mgmt->u.action.category == WLAN_ACTION_FST && hapd->iface->fst) { 1343 fst_rx_action(hapd->iface->fst, mgmt, drv_mgmt->frame_len); 1344 return; 1345 } 1346 #endif /* CONFIG_FST */ 1347 #ifdef CONFIG_DPP 1348 if (plen >= 2 + 4 && 1349 mgmt->u.action.u.vs_public_action.action == 1350 WLAN_PA_VENDOR_SPECIFIC && 1351 WPA_GET_BE24(mgmt->u.action.u.vs_public_action.oui) == 1352 OUI_WFA && 1353 mgmt->u.action.u.vs_public_action.variable[0] == 1354 DPP_OUI_TYPE) { 1355 const u8 *pos, *end; 1356 1357 pos = mgmt->u.action.u.vs_public_action.oui; 1358 end = drv_mgmt->frame + drv_mgmt->frame_len; 1359 hostapd_dpp_rx_action(hapd, mgmt->sa, pos, end - pos, 1360 drv_mgmt->freq); 1361 return; 1362 } 1363 #endif /* CONFIG_DPP */ 1364 } 1365 #endif /* NEED_AP_MLME */ 1366 1367 1368 #ifdef NEED_AP_MLME 1369 1370 #define HAPD_BROADCAST ((struct hostapd_data *) -1) 1371 1372 static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface, 1373 const u8 *bssid) 1374 { 1375 size_t i; 1376 1377 if (bssid == NULL) 1378 return NULL; 1379 if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff && 1380 bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff) 1381 return HAPD_BROADCAST; 1382 1383 for (i = 0; i < iface->num_bss; i++) { 1384 if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0) 1385 return iface->bss[i]; 1386 } 1387 1388 return NULL; 1389 } 1390 1391 1392 static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd, 1393 const u8 *bssid, const u8 *addr, 1394 int wds) 1395 { 1396 hapd = get_hapd_bssid(hapd->iface, bssid); 1397 if (hapd == NULL || hapd == HAPD_BROADCAST) 1398 return; 1399 1400 ieee802_11_rx_from_unknown(hapd, addr, wds); 1401 } 1402 1403 1404 static int hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) 1405 { 1406 struct hostapd_iface *iface = hapd->iface; 1407 const struct ieee80211_hdr *hdr; 1408 const u8 *bssid; 1409 struct hostapd_frame_info fi; 1410 int ret; 1411 1412 #ifdef CONFIG_TESTING_OPTIONS 1413 if (hapd->ext_mgmt_frame_handling) { 1414 size_t hex_len = 2 * rx_mgmt->frame_len + 1; 1415 char *hex = os_malloc(hex_len); 1416 1417 if (hex) { 1418 wpa_snprintf_hex(hex, hex_len, rx_mgmt->frame, 1419 rx_mgmt->frame_len); 1420 wpa_msg(hapd->msg_ctx, MSG_INFO, "MGMT-RX %s", hex); 1421 os_free(hex); 1422 } 1423 return 1; 1424 } 1425 #endif /* CONFIG_TESTING_OPTIONS */ 1426 1427 hdr = (const struct ieee80211_hdr *) rx_mgmt->frame; 1428 bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len); 1429 if (bssid == NULL) 1430 return 0; 1431 1432 hapd = get_hapd_bssid(iface, bssid); 1433 if (hapd == NULL) { 1434 u16 fc = le_to_host16(hdr->frame_control); 1435 1436 /* 1437 * Drop frames to unknown BSSIDs except for Beacon frames which 1438 * could be used to update neighbor information. 1439 */ 1440 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 1441 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 1442 hapd = iface->bss[0]; 1443 else 1444 return 0; 1445 } 1446 1447 os_memset(&fi, 0, sizeof(fi)); 1448 fi.freq = rx_mgmt->freq; 1449 fi.datarate = rx_mgmt->datarate; 1450 fi.ssi_signal = rx_mgmt->ssi_signal; 1451 1452 if (hapd == HAPD_BROADCAST) { 1453 size_t i; 1454 1455 ret = 0; 1456 for (i = 0; i < iface->num_bss; i++) { 1457 /* if bss is set, driver will call this function for 1458 * each bss individually. */ 1459 if (rx_mgmt->drv_priv && 1460 (iface->bss[i]->drv_priv != rx_mgmt->drv_priv)) 1461 continue; 1462 1463 if (ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame, 1464 rx_mgmt->frame_len, &fi) > 0) 1465 ret = 1; 1466 } 1467 } else 1468 ret = ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, 1469 &fi); 1470 1471 random_add_randomness(&fi, sizeof(fi)); 1472 1473 return ret; 1474 } 1475 1476 1477 static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, 1478 size_t len, u16 stype, int ok) 1479 { 1480 struct ieee80211_hdr *hdr; 1481 struct hostapd_data *orig_hapd = hapd; 1482 1483 hdr = (struct ieee80211_hdr *) buf; 1484 hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); 1485 if (!hapd) 1486 return; 1487 if (hapd == HAPD_BROADCAST) { 1488 if (stype != WLAN_FC_STYPE_ACTION || len <= 25 || 1489 buf[24] != WLAN_ACTION_PUBLIC) 1490 return; 1491 hapd = get_hapd_bssid(orig_hapd->iface, hdr->addr2); 1492 if (!hapd || hapd == HAPD_BROADCAST) 1493 return; 1494 /* 1495 * Allow processing of TX status for a Public Action frame that 1496 * used wildcard BBSID. 1497 */ 1498 } 1499 ieee802_11_mgmt_cb(hapd, buf, len, stype, ok); 1500 } 1501 1502 #endif /* NEED_AP_MLME */ 1503 1504 1505 static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) 1506 { 1507 struct sta_info *sta = ap_get_sta(hapd, addr); 1508 1509 if (sta) 1510 return 0; 1511 1512 wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR 1513 " - adding a new STA", MAC2STR(addr)); 1514 sta = ap_sta_add(hapd, addr); 1515 if (sta) { 1516 hostapd_new_assoc_sta(hapd, sta, 0); 1517 } else { 1518 wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR, 1519 MAC2STR(addr)); 1520 return -1; 1521 } 1522 1523 return 0; 1524 } 1525 1526 1527 static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, 1528 const u8 *data, size_t data_len) 1529 { 1530 struct hostapd_iface *iface = hapd->iface; 1531 struct sta_info *sta; 1532 size_t j; 1533 1534 for (j = 0; j < iface->num_bss; j++) { 1535 sta = ap_get_sta(iface->bss[j], src); 1536 if (sta && sta->flags & WLAN_STA_ASSOC) { 1537 hapd = iface->bss[j]; 1538 break; 1539 } 1540 } 1541 1542 ieee802_1x_receive(hapd, src, data, data_len); 1543 } 1544 1545 #endif /* HOSTAPD */ 1546 1547 1548 static struct hostapd_channel_data * 1549 hostapd_get_mode_chan(struct hostapd_hw_modes *mode, unsigned int freq) 1550 { 1551 int i; 1552 struct hostapd_channel_data *chan; 1553 1554 for (i = 0; i < mode->num_channels; i++) { 1555 chan = &mode->channels[i]; 1556 if ((unsigned int) chan->freq == freq) 1557 return chan; 1558 } 1559 1560 return NULL; 1561 } 1562 1563 1564 static struct hostapd_channel_data * hostapd_get_mode_channel( 1565 struct hostapd_iface *iface, unsigned int freq) 1566 { 1567 int i; 1568 struct hostapd_channel_data *chan; 1569 1570 for (i = 0; i < iface->num_hw_features; i++) { 1571 if (hostapd_hw_skip_mode(iface, &iface->hw_features[i])) 1572 continue; 1573 chan = hostapd_get_mode_chan(&iface->hw_features[i], freq); 1574 if (chan) 1575 return chan; 1576 } 1577 1578 return NULL; 1579 } 1580 1581 1582 static void hostapd_update_nf(struct hostapd_iface *iface, 1583 struct hostapd_channel_data *chan, 1584 struct freq_survey *survey) 1585 { 1586 if (!iface->chans_surveyed) { 1587 chan->min_nf = survey->nf; 1588 iface->lowest_nf = survey->nf; 1589 } else { 1590 if (dl_list_empty(&chan->survey_list)) 1591 chan->min_nf = survey->nf; 1592 else if (survey->nf < chan->min_nf) 1593 chan->min_nf = survey->nf; 1594 if (survey->nf < iface->lowest_nf) 1595 iface->lowest_nf = survey->nf; 1596 } 1597 } 1598 1599 1600 static void hostapd_single_channel_get_survey(struct hostapd_iface *iface, 1601 struct survey_results *survey_res) 1602 { 1603 struct hostapd_channel_data *chan; 1604 struct freq_survey *survey; 1605 u64 divisor, dividend; 1606 1607 survey = dl_list_first(&survey_res->survey_list, struct freq_survey, 1608 list); 1609 if (!survey || !survey->freq) 1610 return; 1611 1612 chan = hostapd_get_mode_channel(iface, survey->freq); 1613 if (!chan || chan->flag & HOSTAPD_CHAN_DISABLED) 1614 return; 1615 1616 wpa_printf(MSG_DEBUG, 1617 "Single Channel Survey: (freq=%d channel_time=%ld channel_time_busy=%ld)", 1618 survey->freq, 1619 (unsigned long int) survey->channel_time, 1620 (unsigned long int) survey->channel_time_busy); 1621 1622 if (survey->channel_time > iface->last_channel_time && 1623 survey->channel_time > survey->channel_time_busy) { 1624 dividend = survey->channel_time_busy - 1625 iface->last_channel_time_busy; 1626 divisor = survey->channel_time - iface->last_channel_time; 1627 1628 iface->channel_utilization = dividend * 255 / divisor; 1629 wpa_printf(MSG_DEBUG, "Channel Utilization: %d", 1630 iface->channel_utilization); 1631 } 1632 iface->last_channel_time = survey->channel_time; 1633 iface->last_channel_time_busy = survey->channel_time_busy; 1634 } 1635 1636 1637 void hostapd_event_get_survey(struct hostapd_iface *iface, 1638 struct survey_results *survey_results) 1639 { 1640 struct freq_survey *survey, *tmp; 1641 struct hostapd_channel_data *chan; 1642 1643 if (dl_list_empty(&survey_results->survey_list)) { 1644 wpa_printf(MSG_DEBUG, "No survey data received"); 1645 return; 1646 } 1647 1648 if (survey_results->freq_filter) { 1649 hostapd_single_channel_get_survey(iface, survey_results); 1650 return; 1651 } 1652 1653 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 1654 struct freq_survey, list) { 1655 chan = hostapd_get_mode_channel(iface, survey->freq); 1656 if (!chan) 1657 continue; 1658 if (chan->flag & HOSTAPD_CHAN_DISABLED) 1659 continue; 1660 1661 dl_list_del(&survey->list); 1662 dl_list_add_tail(&chan->survey_list, &survey->list); 1663 1664 hostapd_update_nf(iface, chan, survey); 1665 1666 iface->chans_surveyed++; 1667 } 1668 } 1669 1670 1671 #ifdef HOSTAPD 1672 #ifdef NEED_AP_MLME 1673 1674 static void hostapd_event_iface_unavailable(struct hostapd_data *hapd) 1675 { 1676 wpa_printf(MSG_DEBUG, "Interface %s is unavailable -- stopped", 1677 hapd->conf->iface); 1678 1679 if (hapd->csa_in_progress) { 1680 wpa_printf(MSG_INFO, "CSA failed (%s was stopped)", 1681 hapd->conf->iface); 1682 hostapd_switch_channel_fallback(hapd->iface, 1683 &hapd->cs_freq_params); 1684 } 1685 } 1686 1687 1688 static void hostapd_event_dfs_radar_detected(struct hostapd_data *hapd, 1689 struct dfs_event *radar) 1690 { 1691 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 1692 hostapd_dfs_radar_detected(hapd->iface, radar->freq, radar->ht_enabled, 1693 radar->chan_offset, radar->chan_width, 1694 radar->cf1, radar->cf2); 1695 } 1696 1697 1698 static void hostapd_event_dfs_pre_cac_expired(struct hostapd_data *hapd, 1699 struct dfs_event *radar) 1700 { 1701 wpa_printf(MSG_DEBUG, "DFS Pre-CAC expired on %d MHz", radar->freq); 1702 hostapd_dfs_pre_cac_expired(hapd->iface, radar->freq, radar->ht_enabled, 1703 radar->chan_offset, radar->chan_width, 1704 radar->cf1, radar->cf2); 1705 } 1706 1707 1708 static void hostapd_event_dfs_cac_finished(struct hostapd_data *hapd, 1709 struct dfs_event *radar) 1710 { 1711 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 1712 hostapd_dfs_complete_cac(hapd->iface, 1, radar->freq, radar->ht_enabled, 1713 radar->chan_offset, radar->chan_width, 1714 radar->cf1, radar->cf2); 1715 } 1716 1717 1718 static void hostapd_event_dfs_cac_aborted(struct hostapd_data *hapd, 1719 struct dfs_event *radar) 1720 { 1721 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 1722 hostapd_dfs_complete_cac(hapd->iface, 0, radar->freq, radar->ht_enabled, 1723 radar->chan_offset, radar->chan_width, 1724 radar->cf1, radar->cf2); 1725 } 1726 1727 1728 static void hostapd_event_dfs_nop_finished(struct hostapd_data *hapd, 1729 struct dfs_event *radar) 1730 { 1731 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 1732 hostapd_dfs_nop_finished(hapd->iface, radar->freq, radar->ht_enabled, 1733 radar->chan_offset, radar->chan_width, 1734 radar->cf1, radar->cf2); 1735 } 1736 1737 1738 static void hostapd_event_dfs_cac_started(struct hostapd_data *hapd, 1739 struct dfs_event *radar) 1740 { 1741 wpa_printf(MSG_DEBUG, "DFS offload CAC started on %d MHz", radar->freq); 1742 hostapd_dfs_start_cac(hapd->iface, radar->freq, radar->ht_enabled, 1743 radar->chan_offset, radar->chan_width, 1744 radar->cf1, radar->cf2); 1745 } 1746 1747 #endif /* NEED_AP_MLME */ 1748 1749 1750 static void hostapd_event_wds_sta_interface_status(struct hostapd_data *hapd, 1751 int istatus, 1752 const char *ifname, 1753 const u8 *addr) 1754 { 1755 struct sta_info *sta = ap_get_sta(hapd, addr); 1756 1757 if (sta) { 1758 os_free(sta->ifname_wds); 1759 if (istatus == INTERFACE_ADDED) 1760 sta->ifname_wds = os_strdup(ifname); 1761 else 1762 sta->ifname_wds = NULL; 1763 } 1764 1765 wpa_msg(hapd->msg_ctx, MSG_INFO, "%sifname=%s sta_addr=" MACSTR, 1766 istatus == INTERFACE_ADDED ? 1767 WDS_STA_INTERFACE_ADDED : WDS_STA_INTERFACE_REMOVED, 1768 ifname, MAC2STR(addr)); 1769 } 1770 1771 1772 #ifdef CONFIG_OWE 1773 static int hostapd_notif_update_dh_ie(struct hostapd_data *hapd, 1774 const u8 *peer, const u8 *ie, 1775 size_t ie_len) 1776 { 1777 u16 status; 1778 struct sta_info *sta; 1779 struct ieee802_11_elems elems; 1780 1781 if (!hapd || !hapd->wpa_auth) { 1782 wpa_printf(MSG_DEBUG, "OWE: Invalid hapd context"); 1783 return -1; 1784 } 1785 if (!peer) { 1786 wpa_printf(MSG_DEBUG, "OWE: Peer unknown"); 1787 return -1; 1788 } 1789 if (!(hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE)) { 1790 wpa_printf(MSG_DEBUG, "OWE: No OWE AKM configured"); 1791 status = WLAN_STATUS_AKMP_NOT_VALID; 1792 goto err; 1793 } 1794 if (ieee802_11_parse_elems(ie, ie_len, &elems, 1) == ParseFailed) { 1795 wpa_printf(MSG_DEBUG, "OWE: Failed to parse OWE IE for " 1796 MACSTR, MAC2STR(peer)); 1797 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 1798 goto err; 1799 } 1800 status = owe_validate_request(hapd, peer, elems.rsn_ie, 1801 elems.rsn_ie_len, 1802 elems.owe_dh, elems.owe_dh_len); 1803 if (status != WLAN_STATUS_SUCCESS) 1804 goto err; 1805 1806 sta = ap_get_sta(hapd, peer); 1807 if (sta) { 1808 ap_sta_no_session_timeout(hapd, sta); 1809 accounting_sta_stop(hapd, sta); 1810 1811 /* 1812 * Make sure that the previously registered inactivity timer 1813 * will not remove the STA immediately. 1814 */ 1815 sta->timeout_next = STA_NULLFUNC; 1816 } else { 1817 sta = ap_sta_add(hapd, peer); 1818 if (!sta) { 1819 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 1820 goto err; 1821 } 1822 } 1823 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); 1824 1825 status = owe_process_rsn_ie(hapd, sta, elems.rsn_ie, 1826 elems.rsn_ie_len, elems.owe_dh, 1827 elems.owe_dh_len); 1828 if (status != WLAN_STATUS_SUCCESS) 1829 ap_free_sta(hapd, sta); 1830 1831 return 0; 1832 err: 1833 hostapd_drv_update_dh_ie(hapd, peer, status, NULL, 0); 1834 return 0; 1835 } 1836 #endif /* CONFIG_OWE */ 1837 1838 1839 void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 1840 union wpa_event_data *data) 1841 { 1842 struct hostapd_data *hapd = ctx; 1843 #ifndef CONFIG_NO_STDOUT_DEBUG 1844 int level = MSG_DEBUG; 1845 1846 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame && 1847 data->rx_mgmt.frame_len >= 24) { 1848 const struct ieee80211_hdr *hdr; 1849 u16 fc; 1850 1851 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame; 1852 fc = le_to_host16(hdr->frame_control); 1853 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 1854 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 1855 level = MSG_EXCESSIVE; 1856 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 1857 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_REQ) 1858 level = MSG_EXCESSIVE; 1859 } 1860 1861 wpa_dbg(hapd->msg_ctx, level, "Event %s (%d) received", 1862 event_to_string(event), event); 1863 #endif /* CONFIG_NO_STDOUT_DEBUG */ 1864 1865 switch (event) { 1866 case EVENT_MICHAEL_MIC_FAILURE: 1867 michael_mic_failure(hapd, data->michael_mic_failure.src, 1); 1868 break; 1869 case EVENT_SCAN_RESULTS: 1870 if (hapd->iface->scan_cb) 1871 hapd->iface->scan_cb(hapd->iface); 1872 break; 1873 case EVENT_WPS_BUTTON_PUSHED: 1874 hostapd_wps_button_pushed(hapd, NULL); 1875 break; 1876 #ifdef NEED_AP_MLME 1877 case EVENT_TX_STATUS: 1878 switch (data->tx_status.type) { 1879 case WLAN_FC_TYPE_MGMT: 1880 hostapd_mgmt_tx_cb(hapd, data->tx_status.data, 1881 data->tx_status.data_len, 1882 data->tx_status.stype, 1883 data->tx_status.ack); 1884 break; 1885 case WLAN_FC_TYPE_DATA: 1886 hostapd_tx_status(hapd, data->tx_status.dst, 1887 data->tx_status.data, 1888 data->tx_status.data_len, 1889 data->tx_status.ack); 1890 break; 1891 } 1892 break; 1893 case EVENT_EAPOL_TX_STATUS: 1894 hostapd_eapol_tx_status(hapd, data->eapol_tx_status.dst, 1895 data->eapol_tx_status.data, 1896 data->eapol_tx_status.data_len, 1897 data->eapol_tx_status.ack); 1898 break; 1899 case EVENT_DRIVER_CLIENT_POLL_OK: 1900 hostapd_client_poll_ok(hapd, data->client_poll.addr); 1901 break; 1902 case EVENT_RX_FROM_UNKNOWN: 1903 hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.bssid, 1904 data->rx_from_unknown.addr, 1905 data->rx_from_unknown.wds); 1906 break; 1907 #endif /* NEED_AP_MLME */ 1908 case EVENT_RX_MGMT: 1909 if (!data->rx_mgmt.frame) 1910 break; 1911 #ifdef NEED_AP_MLME 1912 hostapd_mgmt_rx(hapd, &data->rx_mgmt); 1913 #else /* NEED_AP_MLME */ 1914 hostapd_action_rx(hapd, &data->rx_mgmt); 1915 #endif /* NEED_AP_MLME */ 1916 break; 1917 case EVENT_RX_PROBE_REQ: 1918 if (data->rx_probe_req.sa == NULL || 1919 data->rx_probe_req.ie == NULL) 1920 break; 1921 hostapd_probe_req_rx(hapd, data->rx_probe_req.sa, 1922 data->rx_probe_req.da, 1923 data->rx_probe_req.bssid, 1924 data->rx_probe_req.ie, 1925 data->rx_probe_req.ie_len, 1926 data->rx_probe_req.ssi_signal); 1927 break; 1928 case EVENT_NEW_STA: 1929 hostapd_event_new_sta(hapd, data->new_sta.addr); 1930 break; 1931 case EVENT_EAPOL_RX: 1932 hostapd_event_eapol_rx(hapd, data->eapol_rx.src, 1933 data->eapol_rx.data, 1934 data->eapol_rx.data_len); 1935 break; 1936 case EVENT_ASSOC: 1937 if (!data) 1938 return; 1939 hostapd_notif_assoc(hapd, data->assoc_info.addr, 1940 data->assoc_info.req_ies, 1941 data->assoc_info.req_ies_len, 1942 data->assoc_info.reassoc); 1943 break; 1944 #ifdef CONFIG_OWE 1945 case EVENT_UPDATE_DH: 1946 if (!data) 1947 return; 1948 hostapd_notif_update_dh_ie(hapd, data->update_dh.peer, 1949 data->update_dh.ie, 1950 data->update_dh.ie_len); 1951 break; 1952 #endif /* CONFIG_OWE */ 1953 case EVENT_DISASSOC: 1954 if (data) 1955 hostapd_notif_disassoc(hapd, data->disassoc_info.addr); 1956 break; 1957 case EVENT_DEAUTH: 1958 if (data) 1959 hostapd_notif_disassoc(hapd, data->deauth_info.addr); 1960 break; 1961 case EVENT_STATION_LOW_ACK: 1962 if (!data) 1963 break; 1964 hostapd_event_sta_low_ack(hapd, data->low_ack.addr); 1965 break; 1966 case EVENT_AUTH: 1967 hostapd_notif_auth(hapd, &data->auth); 1968 break; 1969 case EVENT_CH_SWITCH_STARTED: 1970 case EVENT_CH_SWITCH: 1971 if (!data) 1972 break; 1973 hostapd_event_ch_switch(hapd, data->ch_switch.freq, 1974 data->ch_switch.ht_enabled, 1975 data->ch_switch.ch_offset, 1976 data->ch_switch.ch_width, 1977 data->ch_switch.cf1, 1978 data->ch_switch.cf2, 1979 event == EVENT_CH_SWITCH); 1980 break; 1981 case EVENT_CONNECT_FAILED_REASON: 1982 if (!data) 1983 break; 1984 hostapd_event_connect_failed_reason( 1985 hapd, data->connect_failed_reason.addr, 1986 data->connect_failed_reason.code); 1987 break; 1988 case EVENT_SURVEY: 1989 hostapd_event_get_survey(hapd->iface, &data->survey_results); 1990 break; 1991 #ifdef NEED_AP_MLME 1992 case EVENT_INTERFACE_UNAVAILABLE: 1993 hostapd_event_iface_unavailable(hapd); 1994 break; 1995 case EVENT_DFS_RADAR_DETECTED: 1996 if (!data) 1997 break; 1998 hostapd_event_dfs_radar_detected(hapd, &data->dfs_event); 1999 break; 2000 case EVENT_DFS_PRE_CAC_EXPIRED: 2001 if (!data) 2002 break; 2003 hostapd_event_dfs_pre_cac_expired(hapd, &data->dfs_event); 2004 break; 2005 case EVENT_DFS_CAC_FINISHED: 2006 if (!data) 2007 break; 2008 hostapd_event_dfs_cac_finished(hapd, &data->dfs_event); 2009 break; 2010 case EVENT_DFS_CAC_ABORTED: 2011 if (!data) 2012 break; 2013 hostapd_event_dfs_cac_aborted(hapd, &data->dfs_event); 2014 break; 2015 case EVENT_DFS_NOP_FINISHED: 2016 if (!data) 2017 break; 2018 hostapd_event_dfs_nop_finished(hapd, &data->dfs_event); 2019 break; 2020 case EVENT_CHANNEL_LIST_CHANGED: 2021 /* channel list changed (regulatory?), update channel list */ 2022 /* TODO: check this. hostapd_get_hw_features() initializes 2023 * too much stuff. */ 2024 /* hostapd_get_hw_features(hapd->iface); */ 2025 hostapd_channel_list_updated( 2026 hapd->iface, data->channel_list_changed.initiator); 2027 break; 2028 case EVENT_DFS_CAC_STARTED: 2029 if (!data) 2030 break; 2031 hostapd_event_dfs_cac_started(hapd, &data->dfs_event); 2032 break; 2033 #endif /* NEED_AP_MLME */ 2034 case EVENT_INTERFACE_ENABLED: 2035 wpa_msg(hapd->msg_ctx, MSG_INFO, INTERFACE_ENABLED); 2036 if (hapd->disabled && hapd->started) { 2037 hapd->disabled = 0; 2038 /* 2039 * Try to re-enable interface if the driver stopped it 2040 * when the interface got disabled. 2041 */ 2042 if (hapd->wpa_auth) 2043 wpa_auth_reconfig_group_keys(hapd->wpa_auth); 2044 else 2045 hostapd_reconfig_encryption(hapd); 2046 hapd->reenable_beacon = 1; 2047 ieee802_11_set_beacon(hapd); 2048 #ifdef NEED_AP_MLME 2049 } else if (hapd->disabled && hapd->iface->cac_started) { 2050 wpa_printf(MSG_DEBUG, "DFS: restarting pending CAC"); 2051 hostapd_handle_dfs(hapd->iface); 2052 #endif /* NEED_AP_MLME */ 2053 } 2054 break; 2055 case EVENT_INTERFACE_DISABLED: 2056 hostapd_free_stas(hapd); 2057 wpa_msg(hapd->msg_ctx, MSG_INFO, INTERFACE_DISABLED); 2058 hapd->disabled = 1; 2059 break; 2060 #ifdef CONFIG_ACS 2061 case EVENT_ACS_CHANNEL_SELECTED: 2062 hostapd_acs_channel_selected(hapd, 2063 &data->acs_selected_channels); 2064 break; 2065 #endif /* CONFIG_ACS */ 2066 case EVENT_STATION_OPMODE_CHANGED: 2067 hostapd_event_sta_opmode_changed(hapd, data->sta_opmode.addr, 2068 data->sta_opmode.smps_mode, 2069 data->sta_opmode.chan_width, 2070 data->sta_opmode.rx_nss); 2071 break; 2072 case EVENT_WDS_STA_INTERFACE_STATUS: 2073 hostapd_event_wds_sta_interface_status( 2074 hapd, data->wds_sta_interface.istatus, 2075 data->wds_sta_interface.ifname, 2076 data->wds_sta_interface.sta_addr); 2077 break; 2078 default: 2079 wpa_printf(MSG_DEBUG, "Unknown event %d", event); 2080 break; 2081 } 2082 } 2083 2084 2085 void wpa_supplicant_event_global(void *ctx, enum wpa_event_type event, 2086 union wpa_event_data *data) 2087 { 2088 struct hapd_interfaces *interfaces = ctx; 2089 struct hostapd_data *hapd; 2090 2091 if (event != EVENT_INTERFACE_STATUS) 2092 return; 2093 2094 hapd = hostapd_get_iface(interfaces, data->interface_status.ifname); 2095 if (hapd && hapd->driver && hapd->driver->get_ifindex && 2096 hapd->drv_priv) { 2097 unsigned int ifindex; 2098 2099 ifindex = hapd->driver->get_ifindex(hapd->drv_priv); 2100 if (ifindex != data->interface_status.ifindex) { 2101 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 2102 "interface status ifindex %d mismatch (%d)", 2103 ifindex, data->interface_status.ifindex); 2104 return; 2105 } 2106 } 2107 if (hapd) 2108 wpa_supplicant_event(hapd, event, data); 2109 } 2110 2111 #endif /* HOSTAPD */ 2112