1 /* 2 * hostapd / Initialization and configuration 3 * Copyright (c) 2002-2021, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 #ifdef CONFIG_SQLITE 11 #include <sqlite3.h> 12 #endif /* CONFIG_SQLITE */ 13 14 #include "utils/common.h" 15 #include "utils/eloop.h" 16 #include "utils/crc32.h" 17 #include "common/ieee802_11_defs.h" 18 #include "common/wpa_ctrl.h" 19 #include "common/hw_features_common.h" 20 #include "radius/radius_client.h" 21 #include "radius/radius_das.h" 22 #include "eap_server/tncs.h" 23 #include "eapol_auth/eapol_auth_sm.h" 24 #include "eapol_auth/eapol_auth_sm_i.h" 25 #include "fst/fst.h" 26 #include "hostapd.h" 27 #include "authsrv.h" 28 #include "sta_info.h" 29 #include "accounting.h" 30 #include "ap_list.h" 31 #include "beacon.h" 32 #include "ieee802_1x.h" 33 #include "ieee802_11_auth.h" 34 #include "vlan_init.h" 35 #include "wpa_auth.h" 36 #include "wps_hostapd.h" 37 #include "dpp_hostapd.h" 38 #include "gas_query_ap.h" 39 #include "hw_features.h" 40 #include "wpa_auth_glue.h" 41 #include "ap_drv_ops.h" 42 #include "ap_config.h" 43 #include "p2p_hostapd.h" 44 #include "gas_serv.h" 45 #include "dfs.h" 46 #include "ieee802_11.h" 47 #include "bss_load.h" 48 #include "x_snoop.h" 49 #include "dhcp_snoop.h" 50 #include "ndisc_snoop.h" 51 #include "neighbor_db.h" 52 #include "rrm.h" 53 #include "fils_hlp.h" 54 #include "acs.h" 55 #include "hs20.h" 56 #include "airtime_policy.h" 57 #include "wpa_auth_kay.h" 58 59 60 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason); 61 #ifdef CONFIG_WEP 62 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd); 63 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd); 64 #endif /* CONFIG_WEP */ 65 static int setup_interface2(struct hostapd_iface *iface); 66 static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx); 67 static void hostapd_interface_setup_failure_handler(void *eloop_ctx, 68 void *timeout_ctx); 69 70 71 int hostapd_for_each_interface(struct hapd_interfaces *interfaces, 72 int (*cb)(struct hostapd_iface *iface, 73 void *ctx), void *ctx) 74 { 75 size_t i; 76 int ret; 77 78 for (i = 0; i < interfaces->count; i++) { 79 if (!interfaces->iface[i]) 80 continue; 81 ret = cb(interfaces->iface[i], ctx); 82 if (ret) 83 return ret; 84 } 85 86 return 0; 87 } 88 89 90 void hostapd_reconfig_encryption(struct hostapd_data *hapd) 91 { 92 if (hapd->wpa_auth) 93 return; 94 95 hostapd_set_privacy(hapd, 0); 96 #ifdef CONFIG_WEP 97 hostapd_setup_encryption(hapd->conf->iface, hapd); 98 #endif /* CONFIG_WEP */ 99 } 100 101 102 static void hostapd_reload_bss(struct hostapd_data *hapd) 103 { 104 struct hostapd_ssid *ssid; 105 106 if (!hapd->started) 107 return; 108 109 if (hapd->conf->wmm_enabled < 0) 110 hapd->conf->wmm_enabled = hapd->iconf->ieee80211n | 111 hapd->iconf->ieee80211ax; 112 113 #ifndef CONFIG_NO_RADIUS 114 radius_client_reconfig(hapd->radius, hapd->conf->radius); 115 #endif /* CONFIG_NO_RADIUS */ 116 117 ssid = &hapd->conf->ssid; 118 if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next && 119 ssid->wpa_passphrase_set && ssid->wpa_passphrase) { 120 /* 121 * Force PSK to be derived again since SSID or passphrase may 122 * have changed. 123 */ 124 hostapd_config_clear_wpa_psk(&hapd->conf->ssid.wpa_psk); 125 } 126 if (hostapd_setup_wpa_psk(hapd->conf)) { 127 wpa_printf(MSG_ERROR, "Failed to re-configure WPA PSK " 128 "after reloading configuration"); 129 } 130 131 if (hapd->conf->ieee802_1x || hapd->conf->wpa) 132 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 1); 133 else 134 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 0); 135 136 if ((hapd->conf->wpa || hapd->conf->osen) && hapd->wpa_auth == NULL) { 137 hostapd_setup_wpa(hapd); 138 if (hapd->wpa_auth) 139 wpa_init_keys(hapd->wpa_auth); 140 } else if (hapd->conf->wpa) { 141 const u8 *wpa_ie; 142 size_t wpa_ie_len; 143 hostapd_reconfig_wpa(hapd); 144 wpa_ie = wpa_auth_get_wpa_ie(hapd->wpa_auth, &wpa_ie_len); 145 if (hostapd_set_generic_elem(hapd, wpa_ie, wpa_ie_len)) 146 wpa_printf(MSG_ERROR, "Failed to configure WPA IE for " 147 "the kernel driver."); 148 } else if (hapd->wpa_auth) { 149 wpa_deinit(hapd->wpa_auth); 150 hapd->wpa_auth = NULL; 151 hostapd_set_privacy(hapd, 0); 152 #ifdef CONFIG_WEP 153 hostapd_setup_encryption(hapd->conf->iface, hapd); 154 #endif /* CONFIG_WEP */ 155 hostapd_set_generic_elem(hapd, (u8 *) "", 0); 156 } 157 158 ieee802_11_set_beacon(hapd); 159 hostapd_update_wps(hapd); 160 161 if (hapd->conf->ssid.ssid_set && 162 hostapd_set_ssid(hapd, hapd->conf->ssid.ssid, 163 hapd->conf->ssid.ssid_len)) { 164 wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver"); 165 /* try to continue */ 166 } 167 wpa_printf(MSG_DEBUG, "Reconfigured interface %s", hapd->conf->iface); 168 } 169 170 171 static void hostapd_clear_old(struct hostapd_iface *iface) 172 { 173 size_t j; 174 175 /* 176 * Deauthenticate all stations since the new configuration may not 177 * allow them to use the BSS anymore. 178 */ 179 for (j = 0; j < iface->num_bss; j++) { 180 hostapd_flush_old_stations(iface->bss[j], 181 WLAN_REASON_PREV_AUTH_NOT_VALID); 182 #ifdef CONFIG_WEP 183 hostapd_broadcast_wep_clear(iface->bss[j]); 184 #endif /* CONFIG_WEP */ 185 186 #ifndef CONFIG_NO_RADIUS 187 /* TODO: update dynamic data based on changed configuration 188 * items (e.g., open/close sockets, etc.) */ 189 radius_client_flush(iface->bss[j]->radius, 0); 190 #endif /* CONFIG_NO_RADIUS */ 191 } 192 } 193 194 195 static int hostapd_iface_conf_changed(struct hostapd_config *newconf, 196 struct hostapd_config *oldconf) 197 { 198 size_t i; 199 200 if (newconf->num_bss != oldconf->num_bss) 201 return 1; 202 203 for (i = 0; i < newconf->num_bss; i++) { 204 if (os_strcmp(newconf->bss[i]->iface, 205 oldconf->bss[i]->iface) != 0) 206 return 1; 207 } 208 209 return 0; 210 } 211 212 213 int hostapd_reload_config(struct hostapd_iface *iface) 214 { 215 struct hapd_interfaces *interfaces = iface->interfaces; 216 struct hostapd_data *hapd = iface->bss[0]; 217 struct hostapd_config *newconf, *oldconf; 218 size_t j; 219 220 if (iface->config_fname == NULL) { 221 /* Only in-memory config in use - assume it has been updated */ 222 hostapd_clear_old(iface); 223 for (j = 0; j < iface->num_bss; j++) 224 hostapd_reload_bss(iface->bss[j]); 225 return 0; 226 } 227 228 if (iface->interfaces == NULL || 229 iface->interfaces->config_read_cb == NULL) 230 return -1; 231 newconf = iface->interfaces->config_read_cb(iface->config_fname); 232 if (newconf == NULL) 233 return -1; 234 235 hostapd_clear_old(iface); 236 237 oldconf = hapd->iconf; 238 if (hostapd_iface_conf_changed(newconf, oldconf)) { 239 char *fname; 240 int res; 241 242 wpa_printf(MSG_DEBUG, 243 "Configuration changes include interface/BSS modification - force full disable+enable sequence"); 244 fname = os_strdup(iface->config_fname); 245 if (!fname) { 246 hostapd_config_free(newconf); 247 return -1; 248 } 249 hostapd_remove_iface(interfaces, hapd->conf->iface); 250 iface = hostapd_init(interfaces, fname); 251 os_free(fname); 252 hostapd_config_free(newconf); 253 if (!iface) { 254 wpa_printf(MSG_ERROR, 255 "Failed to initialize interface on config reload"); 256 return -1; 257 } 258 iface->interfaces = interfaces; 259 interfaces->iface[interfaces->count] = iface; 260 interfaces->count++; 261 res = hostapd_enable_iface(iface); 262 if (res < 0) 263 wpa_printf(MSG_ERROR, 264 "Failed to enable interface on config reload"); 265 return res; 266 } 267 iface->conf = newconf; 268 269 for (j = 0; j < iface->num_bss; j++) { 270 hapd = iface->bss[j]; 271 hapd->iconf = newconf; 272 hapd->iconf->channel = oldconf->channel; 273 hapd->iconf->acs = oldconf->acs; 274 hapd->iconf->secondary_channel = oldconf->secondary_channel; 275 hapd->iconf->ieee80211n = oldconf->ieee80211n; 276 hapd->iconf->ieee80211ac = oldconf->ieee80211ac; 277 hapd->iconf->ht_capab = oldconf->ht_capab; 278 hapd->iconf->vht_capab = oldconf->vht_capab; 279 hostapd_set_oper_chwidth(hapd->iconf, 280 hostapd_get_oper_chwidth(oldconf)); 281 hostapd_set_oper_centr_freq_seg0_idx( 282 hapd->iconf, 283 hostapd_get_oper_centr_freq_seg0_idx(oldconf)); 284 hostapd_set_oper_centr_freq_seg1_idx( 285 hapd->iconf, 286 hostapd_get_oper_centr_freq_seg1_idx(oldconf)); 287 hapd->conf = newconf->bss[j]; 288 hostapd_reload_bss(hapd); 289 } 290 291 hostapd_config_free(oldconf); 292 293 294 return 0; 295 } 296 297 298 #ifdef CONFIG_WEP 299 300 static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, 301 const char *ifname) 302 { 303 int i; 304 305 if (!ifname || !hapd->drv_priv) 306 return; 307 for (i = 0; i < NUM_WEP_KEYS; i++) { 308 if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, 0, 309 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP)) { 310 wpa_printf(MSG_DEBUG, "Failed to clear default " 311 "encryption keys (ifname=%s keyidx=%d)", 312 ifname, i); 313 } 314 } 315 if (hapd->conf->ieee80211w) { 316 for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) { 317 if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, 318 NULL, i, 0, 0, NULL, 319 0, NULL, 0, KEY_FLAG_GROUP)) { 320 wpa_printf(MSG_DEBUG, "Failed to clear " 321 "default mgmt encryption keys " 322 "(ifname=%s keyidx=%d)", ifname, i); 323 } 324 } 325 } 326 } 327 328 329 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd) 330 { 331 hostapd_broadcast_key_clear_iface(hapd, hapd->conf->iface); 332 return 0; 333 } 334 335 336 static int hostapd_broadcast_wep_set(struct hostapd_data *hapd) 337 { 338 int errors = 0, idx; 339 struct hostapd_ssid *ssid = &hapd->conf->ssid; 340 341 idx = ssid->wep.idx; 342 if (ssid->wep.default_len && ssid->wep.key[idx] && 343 hostapd_drv_set_key(hapd->conf->iface, 344 hapd, WPA_ALG_WEP, broadcast_ether_addr, idx, 0, 345 1, NULL, 0, ssid->wep.key[idx], 346 ssid->wep.len[idx], 347 KEY_FLAG_GROUP_RX_TX_DEFAULT)) { 348 wpa_printf(MSG_WARNING, "Could not set WEP encryption."); 349 errors++; 350 } 351 352 return errors; 353 } 354 355 #endif /* CONFIG_WEP */ 356 357 358 void hostapd_free_hapd_data(struct hostapd_data *hapd) 359 { 360 os_free(hapd->probereq_cb); 361 hapd->probereq_cb = NULL; 362 hapd->num_probereq_cb = 0; 363 364 #ifdef CONFIG_P2P 365 wpabuf_free(hapd->p2p_beacon_ie); 366 hapd->p2p_beacon_ie = NULL; 367 wpabuf_free(hapd->p2p_probe_resp_ie); 368 hapd->p2p_probe_resp_ie = NULL; 369 #endif /* CONFIG_P2P */ 370 371 if (!hapd->started) { 372 wpa_printf(MSG_ERROR, "%s: Interface %s wasn't started", 373 __func__, hapd->conf ? hapd->conf->iface : "N/A"); 374 return; 375 } 376 hapd->started = 0; 377 hapd->beacon_set_done = 0; 378 379 wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); 380 accounting_deinit(hapd); 381 hostapd_deinit_wpa(hapd); 382 vlan_deinit(hapd); 383 hostapd_acl_deinit(hapd); 384 #ifndef CONFIG_NO_RADIUS 385 radius_client_deinit(hapd->radius); 386 hapd->radius = NULL; 387 radius_das_deinit(hapd->radius_das); 388 hapd->radius_das = NULL; 389 #endif /* CONFIG_NO_RADIUS */ 390 391 hostapd_deinit_wps(hapd); 392 ieee802_1x_dealloc_kay_sm_hapd(hapd); 393 #ifdef CONFIG_DPP 394 hostapd_dpp_deinit(hapd); 395 gas_query_ap_deinit(hapd->gas); 396 hapd->gas = NULL; 397 #endif /* CONFIG_DPP */ 398 399 authsrv_deinit(hapd); 400 401 if (hapd->interface_added) { 402 hapd->interface_added = 0; 403 if (hostapd_if_remove(hapd, WPA_IF_AP_BSS, hapd->conf->iface)) { 404 wpa_printf(MSG_WARNING, 405 "Failed to remove BSS interface %s", 406 hapd->conf->iface); 407 hapd->interface_added = 1; 408 } else { 409 /* 410 * Since this was a dynamically added interface, the 411 * driver wrapper may have removed its internal instance 412 * and hapd->drv_priv is not valid anymore. 413 */ 414 hapd->drv_priv = NULL; 415 } 416 } 417 418 wpabuf_free(hapd->time_adv); 419 hapd->time_adv = NULL; 420 421 #ifdef CONFIG_INTERWORKING 422 gas_serv_deinit(hapd); 423 #endif /* CONFIG_INTERWORKING */ 424 425 bss_load_update_deinit(hapd); 426 ndisc_snoop_deinit(hapd); 427 dhcp_snoop_deinit(hapd); 428 x_snoop_deinit(hapd); 429 430 #ifdef CONFIG_SQLITE 431 bin_clear_free(hapd->tmp_eap_user.identity, 432 hapd->tmp_eap_user.identity_len); 433 bin_clear_free(hapd->tmp_eap_user.password, 434 hapd->tmp_eap_user.password_len); 435 os_memset(&hapd->tmp_eap_user, 0, sizeof(hapd->tmp_eap_user)); 436 #endif /* CONFIG_SQLITE */ 437 438 #ifdef CONFIG_MESH 439 wpabuf_free(hapd->mesh_pending_auth); 440 hapd->mesh_pending_auth = NULL; 441 /* handling setup failure is already done */ 442 hapd->setup_complete_cb = NULL; 443 #endif /* CONFIG_MESH */ 444 445 hostapd_clean_rrm(hapd); 446 fils_hlp_deinit(hapd); 447 448 #ifdef CONFIG_OCV 449 eloop_cancel_timeout(hostapd_ocv_check_csa_sa_query, hapd, NULL); 450 #endif /* CONFIG_OCV */ 451 452 #ifdef CONFIG_SAE 453 { 454 struct hostapd_sae_commit_queue *q; 455 456 while ((q = dl_list_first(&hapd->sae_commit_queue, 457 struct hostapd_sae_commit_queue, 458 list))) { 459 dl_list_del(&q->list); 460 os_free(q); 461 } 462 } 463 eloop_cancel_timeout(auth_sae_process_commit, hapd, NULL); 464 #endif /* CONFIG_SAE */ 465 } 466 467 468 /** 469 * hostapd_cleanup - Per-BSS cleanup (deinitialization) 470 * @hapd: Pointer to BSS data 471 * 472 * This function is used to free all per-BSS data structures and resources. 473 * Most of the modules that are initialized in hostapd_setup_bss() are 474 * deinitialized here. 475 */ 476 static void hostapd_cleanup(struct hostapd_data *hapd) 477 { 478 wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd, 479 hapd->conf ? hapd->conf->iface : "N/A"); 480 if (hapd->iface->interfaces && 481 hapd->iface->interfaces->ctrl_iface_deinit) { 482 wpa_msg(hapd->msg_ctx, MSG_INFO, WPA_EVENT_TERMINATING); 483 hapd->iface->interfaces->ctrl_iface_deinit(hapd); 484 } 485 hostapd_free_hapd_data(hapd); 486 } 487 488 489 static void sta_track_deinit(struct hostapd_iface *iface) 490 { 491 struct hostapd_sta_info *info; 492 493 if (!iface->num_sta_seen) 494 return; 495 496 while ((info = dl_list_first(&iface->sta_seen, struct hostapd_sta_info, 497 list))) { 498 dl_list_del(&info->list); 499 iface->num_sta_seen--; 500 sta_track_del(info); 501 } 502 } 503 504 505 void hostapd_cleanup_iface_partial(struct hostapd_iface *iface) 506 { 507 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 508 #ifdef NEED_AP_MLME 509 hostapd_stop_setup_timers(iface); 510 #endif /* NEED_AP_MLME */ 511 if (iface->current_mode) 512 acs_cleanup(iface); 513 hostapd_free_hw_features(iface->hw_features, iface->num_hw_features); 514 iface->hw_features = NULL; 515 iface->current_mode = NULL; 516 os_free(iface->current_rates); 517 iface->current_rates = NULL; 518 os_free(iface->basic_rates); 519 iface->basic_rates = NULL; 520 ap_list_deinit(iface); 521 sta_track_deinit(iface); 522 airtime_policy_update_deinit(iface); 523 } 524 525 526 /** 527 * hostapd_cleanup_iface - Complete per-interface cleanup 528 * @iface: Pointer to interface data 529 * 530 * This function is called after per-BSS data structures are deinitialized 531 * with hostapd_cleanup(). 532 */ 533 static void hostapd_cleanup_iface(struct hostapd_iface *iface) 534 { 535 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 536 eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); 537 eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface, 538 NULL); 539 540 hostapd_cleanup_iface_partial(iface); 541 hostapd_config_free(iface->conf); 542 iface->conf = NULL; 543 544 os_free(iface->config_fname); 545 os_free(iface->bss); 546 wpa_printf(MSG_DEBUG, "%s: free iface=%p", __func__, iface); 547 os_free(iface); 548 } 549 550 551 #ifdef CONFIG_WEP 552 553 static void hostapd_clear_wep(struct hostapd_data *hapd) 554 { 555 if (hapd->drv_priv && !hapd->iface->driver_ap_teardown && hapd->conf) { 556 hostapd_set_privacy(hapd, 0); 557 hostapd_broadcast_wep_clear(hapd); 558 } 559 } 560 561 562 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd) 563 { 564 int i; 565 566 hostapd_broadcast_wep_set(hapd); 567 568 if (hapd->conf->ssid.wep.default_len) { 569 hostapd_set_privacy(hapd, 1); 570 return 0; 571 } 572 573 /* 574 * When IEEE 802.1X is not enabled, the driver may need to know how to 575 * set authentication algorithms for static WEP. 576 */ 577 hostapd_drv_set_authmode(hapd, hapd->conf->auth_algs); 578 579 for (i = 0; i < 4; i++) { 580 if (hapd->conf->ssid.wep.key[i] && 581 hostapd_drv_set_key(iface, hapd, WPA_ALG_WEP, NULL, i, 0, 582 i == hapd->conf->ssid.wep.idx, NULL, 0, 583 hapd->conf->ssid.wep.key[i], 584 hapd->conf->ssid.wep.len[i], 585 i == hapd->conf->ssid.wep.idx ? 586 KEY_FLAG_GROUP_RX_TX_DEFAULT : 587 KEY_FLAG_GROUP_RX_TX)) { 588 wpa_printf(MSG_WARNING, "Could not set WEP " 589 "encryption."); 590 return -1; 591 } 592 if (hapd->conf->ssid.wep.key[i] && 593 i == hapd->conf->ssid.wep.idx) 594 hostapd_set_privacy(hapd, 1); 595 } 596 597 return 0; 598 } 599 600 #endif /* CONFIG_WEP */ 601 602 603 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason) 604 { 605 int ret = 0; 606 u8 addr[ETH_ALEN]; 607 608 if (hostapd_drv_none(hapd) || hapd->drv_priv == NULL) 609 return 0; 610 611 if (!hapd->iface->driver_ap_teardown) { 612 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 613 "Flushing old station entries"); 614 615 if (hostapd_flush(hapd)) { 616 wpa_msg(hapd->msg_ctx, MSG_WARNING, 617 "Could not connect to kernel driver"); 618 ret = -1; 619 } 620 } 621 if (hapd->conf && hapd->conf->broadcast_deauth) { 622 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 623 "Deauthenticate all stations"); 624 os_memset(addr, 0xff, ETH_ALEN); 625 hostapd_drv_sta_deauth(hapd, addr, reason); 626 } 627 hostapd_free_stas(hapd); 628 629 return ret; 630 } 631 632 633 void hostapd_bss_deinit_no_free(struct hostapd_data *hapd) 634 { 635 hostapd_free_stas(hapd); 636 hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING); 637 #ifdef CONFIG_WEP 638 hostapd_clear_wep(hapd); 639 #endif /* CONFIG_WEP */ 640 } 641 642 643 /** 644 * hostapd_validate_bssid_configuration - Validate BSSID configuration 645 * @iface: Pointer to interface data 646 * Returns: 0 on success, -1 on failure 647 * 648 * This function is used to validate that the configured BSSIDs are valid. 649 */ 650 static int hostapd_validate_bssid_configuration(struct hostapd_iface *iface) 651 { 652 u8 mask[ETH_ALEN] = { 0 }; 653 struct hostapd_data *hapd = iface->bss[0]; 654 unsigned int i = iface->conf->num_bss, bits = 0, j; 655 int auto_addr = 0; 656 657 if (hostapd_drv_none(hapd)) 658 return 0; 659 660 if (iface->conf->use_driver_iface_addr) 661 return 0; 662 663 /* Generate BSSID mask that is large enough to cover the BSSIDs. */ 664 665 /* Determine the bits necessary to cover the number of BSSIDs. */ 666 for (i--; i; i >>= 1) 667 bits++; 668 669 /* Determine the bits necessary to any configured BSSIDs, 670 if they are higher than the number of BSSIDs. */ 671 for (j = 0; j < iface->conf->num_bss; j++) { 672 if (is_zero_ether_addr(iface->conf->bss[j]->bssid)) { 673 if (j) 674 auto_addr++; 675 continue; 676 } 677 678 for (i = 0; i < ETH_ALEN; i++) { 679 mask[i] |= 680 iface->conf->bss[j]->bssid[i] ^ 681 hapd->own_addr[i]; 682 } 683 } 684 685 if (!auto_addr) 686 goto skip_mask_ext; 687 688 for (i = 0; i < ETH_ALEN && mask[i] == 0; i++) 689 ; 690 j = 0; 691 if (i < ETH_ALEN) { 692 j = (5 - i) * 8; 693 694 while (mask[i] != 0) { 695 mask[i] >>= 1; 696 j++; 697 } 698 } 699 700 if (bits < j) 701 bits = j; 702 703 if (bits > 40) { 704 wpa_printf(MSG_ERROR, "Too many bits in the BSSID mask (%u)", 705 bits); 706 return -1; 707 } 708 709 os_memset(mask, 0xff, ETH_ALEN); 710 j = bits / 8; 711 for (i = 5; i > 5 - j; i--) 712 mask[i] = 0; 713 j = bits % 8; 714 while (j) { 715 j--; 716 mask[i] <<= 1; 717 } 718 719 skip_mask_ext: 720 wpa_printf(MSG_DEBUG, "BSS count %lu, BSSID mask " MACSTR " (%d bits)", 721 (unsigned long) iface->conf->num_bss, MAC2STR(mask), bits); 722 723 if (!auto_addr) 724 return 0; 725 726 for (i = 0; i < ETH_ALEN; i++) { 727 if ((hapd->own_addr[i] & mask[i]) != hapd->own_addr[i]) { 728 wpa_printf(MSG_ERROR, "Invalid BSSID mask " MACSTR 729 " for start address " MACSTR ".", 730 MAC2STR(mask), MAC2STR(hapd->own_addr)); 731 wpa_printf(MSG_ERROR, "Start address must be the " 732 "first address in the block (i.e., addr " 733 "AND mask == addr)."); 734 return -1; 735 } 736 } 737 738 return 0; 739 } 740 741 742 static int mac_in_conf(struct hostapd_config *conf, const void *a) 743 { 744 size_t i; 745 746 for (i = 0; i < conf->num_bss; i++) { 747 if (hostapd_mac_comp(conf->bss[i]->bssid, a) == 0) { 748 return 1; 749 } 750 } 751 752 return 0; 753 } 754 755 756 #ifndef CONFIG_NO_RADIUS 757 758 static int hostapd_das_nas_mismatch(struct hostapd_data *hapd, 759 struct radius_das_attrs *attr) 760 { 761 if (attr->nas_identifier && 762 (!hapd->conf->nas_identifier || 763 os_strlen(hapd->conf->nas_identifier) != 764 attr->nas_identifier_len || 765 os_memcmp(hapd->conf->nas_identifier, attr->nas_identifier, 766 attr->nas_identifier_len) != 0)) { 767 wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-Identifier mismatch"); 768 return 1; 769 } 770 771 if (attr->nas_ip_addr && 772 (hapd->conf->own_ip_addr.af != AF_INET || 773 os_memcmp(&hapd->conf->own_ip_addr.u.v4, attr->nas_ip_addr, 4) != 774 0)) { 775 wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-IP-Address mismatch"); 776 return 1; 777 } 778 779 #ifdef CONFIG_IPV6 780 if (attr->nas_ipv6_addr && 781 (hapd->conf->own_ip_addr.af != AF_INET6 || 782 os_memcmp(&hapd->conf->own_ip_addr.u.v6, attr->nas_ipv6_addr, 16) 783 != 0)) { 784 wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-IPv6-Address mismatch"); 785 return 1; 786 } 787 #endif /* CONFIG_IPV6 */ 788 789 return 0; 790 } 791 792 793 static struct sta_info * hostapd_das_find_sta(struct hostapd_data *hapd, 794 struct radius_das_attrs *attr, 795 int *multi) 796 { 797 struct sta_info *selected, *sta; 798 char buf[128]; 799 int num_attr = 0; 800 int count; 801 802 *multi = 0; 803 804 for (sta = hapd->sta_list; sta; sta = sta->next) 805 sta->radius_das_match = 1; 806 807 if (attr->sta_addr) { 808 num_attr++; 809 sta = ap_get_sta(hapd, attr->sta_addr); 810 if (!sta) { 811 wpa_printf(MSG_DEBUG, 812 "RADIUS DAS: No Calling-Station-Id match"); 813 return NULL; 814 } 815 816 selected = sta; 817 for (sta = hapd->sta_list; sta; sta = sta->next) { 818 if (sta != selected) 819 sta->radius_das_match = 0; 820 } 821 wpa_printf(MSG_DEBUG, "RADIUS DAS: Calling-Station-Id match"); 822 } 823 824 if (attr->acct_session_id) { 825 num_attr++; 826 if (attr->acct_session_id_len != 16) { 827 wpa_printf(MSG_DEBUG, 828 "RADIUS DAS: Acct-Session-Id cannot match"); 829 return NULL; 830 } 831 count = 0; 832 833 for (sta = hapd->sta_list; sta; sta = sta->next) { 834 if (!sta->radius_das_match) 835 continue; 836 os_snprintf(buf, sizeof(buf), "%016llX", 837 (unsigned long long) sta->acct_session_id); 838 if (os_memcmp(attr->acct_session_id, buf, 16) != 0) 839 sta->radius_das_match = 0; 840 else 841 count++; 842 } 843 844 if (count == 0) { 845 wpa_printf(MSG_DEBUG, 846 "RADIUS DAS: No matches remaining after Acct-Session-Id check"); 847 return NULL; 848 } 849 wpa_printf(MSG_DEBUG, "RADIUS DAS: Acct-Session-Id match"); 850 } 851 852 if (attr->acct_multi_session_id) { 853 num_attr++; 854 if (attr->acct_multi_session_id_len != 16) { 855 wpa_printf(MSG_DEBUG, 856 "RADIUS DAS: Acct-Multi-Session-Id cannot match"); 857 return NULL; 858 } 859 count = 0; 860 861 for (sta = hapd->sta_list; sta; sta = sta->next) { 862 if (!sta->radius_das_match) 863 continue; 864 if (!sta->eapol_sm || 865 !sta->eapol_sm->acct_multi_session_id) { 866 sta->radius_das_match = 0; 867 continue; 868 } 869 os_snprintf(buf, sizeof(buf), "%016llX", 870 (unsigned long long) 871 sta->eapol_sm->acct_multi_session_id); 872 if (os_memcmp(attr->acct_multi_session_id, buf, 16) != 873 0) 874 sta->radius_das_match = 0; 875 else 876 count++; 877 } 878 879 if (count == 0) { 880 wpa_printf(MSG_DEBUG, 881 "RADIUS DAS: No matches remaining after Acct-Multi-Session-Id check"); 882 return NULL; 883 } 884 wpa_printf(MSG_DEBUG, 885 "RADIUS DAS: Acct-Multi-Session-Id match"); 886 } 887 888 if (attr->cui) { 889 num_attr++; 890 count = 0; 891 892 for (sta = hapd->sta_list; sta; sta = sta->next) { 893 struct wpabuf *cui; 894 895 if (!sta->radius_das_match) 896 continue; 897 cui = ieee802_1x_get_radius_cui(sta->eapol_sm); 898 if (!cui || wpabuf_len(cui) != attr->cui_len || 899 os_memcmp(wpabuf_head(cui), attr->cui, 900 attr->cui_len) != 0) 901 sta->radius_das_match = 0; 902 else 903 count++; 904 } 905 906 if (count == 0) { 907 wpa_printf(MSG_DEBUG, 908 "RADIUS DAS: No matches remaining after Chargeable-User-Identity check"); 909 return NULL; 910 } 911 wpa_printf(MSG_DEBUG, 912 "RADIUS DAS: Chargeable-User-Identity match"); 913 } 914 915 if (attr->user_name) { 916 num_attr++; 917 count = 0; 918 919 for (sta = hapd->sta_list; sta; sta = sta->next) { 920 u8 *identity; 921 size_t identity_len; 922 923 if (!sta->radius_das_match) 924 continue; 925 identity = ieee802_1x_get_identity(sta->eapol_sm, 926 &identity_len); 927 if (!identity || 928 identity_len != attr->user_name_len || 929 os_memcmp(identity, attr->user_name, identity_len) 930 != 0) 931 sta->radius_das_match = 0; 932 else 933 count++; 934 } 935 936 if (count == 0) { 937 wpa_printf(MSG_DEBUG, 938 "RADIUS DAS: No matches remaining after User-Name check"); 939 return NULL; 940 } 941 wpa_printf(MSG_DEBUG, 942 "RADIUS DAS: User-Name match"); 943 } 944 945 if (num_attr == 0) { 946 /* 947 * In theory, we could match all current associations, but it 948 * seems safer to just reject requests that do not include any 949 * session identification attributes. 950 */ 951 wpa_printf(MSG_DEBUG, 952 "RADIUS DAS: No session identification attributes included"); 953 return NULL; 954 } 955 956 selected = NULL; 957 for (sta = hapd->sta_list; sta; sta = sta->next) { 958 if (sta->radius_das_match) { 959 if (selected) { 960 *multi = 1; 961 return NULL; 962 } 963 selected = sta; 964 } 965 } 966 967 return selected; 968 } 969 970 971 static int hostapd_das_disconnect_pmksa(struct hostapd_data *hapd, 972 struct radius_das_attrs *attr) 973 { 974 if (!hapd->wpa_auth) 975 return -1; 976 return wpa_auth_radius_das_disconnect_pmksa(hapd->wpa_auth, attr); 977 } 978 979 980 static enum radius_das_res 981 hostapd_das_disconnect(void *ctx, struct radius_das_attrs *attr) 982 { 983 struct hostapd_data *hapd = ctx; 984 struct sta_info *sta; 985 int multi; 986 987 if (hostapd_das_nas_mismatch(hapd, attr)) 988 return RADIUS_DAS_NAS_MISMATCH; 989 990 sta = hostapd_das_find_sta(hapd, attr, &multi); 991 if (sta == NULL) { 992 if (multi) { 993 wpa_printf(MSG_DEBUG, 994 "RADIUS DAS: Multiple sessions match - not supported"); 995 return RADIUS_DAS_MULTI_SESSION_MATCH; 996 } 997 if (hostapd_das_disconnect_pmksa(hapd, attr) == 0) { 998 wpa_printf(MSG_DEBUG, 999 "RADIUS DAS: PMKSA cache entry matched"); 1000 return RADIUS_DAS_SUCCESS; 1001 } 1002 wpa_printf(MSG_DEBUG, "RADIUS DAS: No matching session found"); 1003 return RADIUS_DAS_SESSION_NOT_FOUND; 1004 } 1005 1006 wpa_printf(MSG_DEBUG, "RADIUS DAS: Found a matching session " MACSTR 1007 " - disconnecting", MAC2STR(sta->addr)); 1008 wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr); 1009 1010 hostapd_drv_sta_deauth(hapd, sta->addr, 1011 WLAN_REASON_PREV_AUTH_NOT_VALID); 1012 ap_sta_deauthenticate(hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); 1013 1014 return RADIUS_DAS_SUCCESS; 1015 } 1016 1017 1018 #ifdef CONFIG_HS20 1019 static enum radius_das_res 1020 hostapd_das_coa(void *ctx, struct radius_das_attrs *attr) 1021 { 1022 struct hostapd_data *hapd = ctx; 1023 struct sta_info *sta; 1024 int multi; 1025 1026 if (hostapd_das_nas_mismatch(hapd, attr)) 1027 return RADIUS_DAS_NAS_MISMATCH; 1028 1029 sta = hostapd_das_find_sta(hapd, attr, &multi); 1030 if (!sta) { 1031 if (multi) { 1032 wpa_printf(MSG_DEBUG, 1033 "RADIUS DAS: Multiple sessions match - not supported"); 1034 return RADIUS_DAS_MULTI_SESSION_MATCH; 1035 } 1036 wpa_printf(MSG_DEBUG, "RADIUS DAS: No matching session found"); 1037 return RADIUS_DAS_SESSION_NOT_FOUND; 1038 } 1039 1040 wpa_printf(MSG_DEBUG, "RADIUS DAS: Found a matching session " MACSTR 1041 " - CoA", MAC2STR(sta->addr)); 1042 1043 if (attr->hs20_t_c_filtering) { 1044 if (attr->hs20_t_c_filtering[0] & BIT(0)) { 1045 wpa_printf(MSG_DEBUG, 1046 "HS 2.0: Unexpected Terms and Conditions filtering required in CoA-Request"); 1047 return RADIUS_DAS_COA_FAILED; 1048 } 1049 1050 hs20_t_c_filtering(hapd, sta, 0); 1051 } 1052 1053 return RADIUS_DAS_SUCCESS; 1054 } 1055 #else /* CONFIG_HS20 */ 1056 #define hostapd_das_coa NULL 1057 #endif /* CONFIG_HS20 */ 1058 1059 1060 #ifdef CONFIG_SQLITE 1061 1062 static int db_table_exists(sqlite3 *db, const char *name) 1063 { 1064 char cmd[128]; 1065 1066 os_snprintf(cmd, sizeof(cmd), "SELECT 1 FROM %s;", name); 1067 return sqlite3_exec(db, cmd, NULL, NULL, NULL) == SQLITE_OK; 1068 } 1069 1070 1071 static int db_table_create_radius_attributes(sqlite3 *db) 1072 { 1073 char *err = NULL; 1074 const char *sql = 1075 "CREATE TABLE radius_attributes(" 1076 " id INTEGER PRIMARY KEY," 1077 " sta TEXT," 1078 " reqtype TEXT," 1079 " attr TEXT" 1080 ");" 1081 "CREATE INDEX idx_sta_reqtype ON radius_attributes(sta,reqtype);"; 1082 1083 wpa_printf(MSG_DEBUG, 1084 "Adding database table for RADIUS attribute information"); 1085 if (sqlite3_exec(db, sql, NULL, NULL, &err) != SQLITE_OK) { 1086 wpa_printf(MSG_ERROR, "SQLite error: %s", err); 1087 sqlite3_free(err); 1088 return -1; 1089 } 1090 1091 return 0; 1092 } 1093 1094 #endif /* CONFIG_SQLITE */ 1095 1096 #endif /* CONFIG_NO_RADIUS */ 1097 1098 1099 /** 1100 * hostapd_setup_bss - Per-BSS setup (initialization) 1101 * @hapd: Pointer to BSS data 1102 * @first: Whether this BSS is the first BSS of an interface; -1 = not first, 1103 * but interface may exist 1104 * 1105 * This function is used to initialize all per-BSS data structures and 1106 * resources. This gets called in a loop for each BSS when an interface is 1107 * initialized. Most of the modules that are initialized here will be 1108 * deinitialized in hostapd_cleanup(). 1109 */ 1110 static int hostapd_setup_bss(struct hostapd_data *hapd, int first) 1111 { 1112 struct hostapd_bss_config *conf = hapd->conf; 1113 u8 ssid[SSID_MAX_LEN + 1]; 1114 int ssid_len, set_ssid; 1115 char force_ifname[IFNAMSIZ]; 1116 u8 if_addr[ETH_ALEN]; 1117 int flush_old_stations = 1; 1118 1119 wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s), first=%d)", 1120 __func__, hapd, conf->iface, first); 1121 1122 #ifdef EAP_SERVER_TNC 1123 if (conf->tnc && tncs_global_init() < 0) { 1124 wpa_printf(MSG_ERROR, "Failed to initialize TNCS"); 1125 return -1; 1126 } 1127 #endif /* EAP_SERVER_TNC */ 1128 1129 if (hapd->started) { 1130 wpa_printf(MSG_ERROR, "%s: Interface %s was already started", 1131 __func__, conf->iface); 1132 return -1; 1133 } 1134 hapd->started = 1; 1135 1136 if (!first || first == -1) { 1137 u8 *addr = hapd->own_addr; 1138 1139 if (!is_zero_ether_addr(conf->bssid)) { 1140 /* Allocate the configured BSSID. */ 1141 os_memcpy(hapd->own_addr, conf->bssid, ETH_ALEN); 1142 1143 if (hostapd_mac_comp(hapd->own_addr, 1144 hapd->iface->bss[0]->own_addr) == 1145 0) { 1146 wpa_printf(MSG_ERROR, "BSS '%s' may not have " 1147 "BSSID set to the MAC address of " 1148 "the radio", conf->iface); 1149 return -1; 1150 } 1151 } else if (hapd->iconf->use_driver_iface_addr) { 1152 addr = NULL; 1153 } else { 1154 /* Allocate the next available BSSID. */ 1155 do { 1156 inc_byte_array(hapd->own_addr, ETH_ALEN); 1157 } while (mac_in_conf(hapd->iconf, hapd->own_addr)); 1158 } 1159 1160 hapd->interface_added = 1; 1161 if (hostapd_if_add(hapd->iface->bss[0], WPA_IF_AP_BSS, 1162 conf->iface, addr, hapd, 1163 &hapd->drv_priv, force_ifname, if_addr, 1164 conf->bridge[0] ? conf->bridge : NULL, 1165 first == -1)) { 1166 wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID=" 1167 MACSTR ")", MAC2STR(hapd->own_addr)); 1168 hapd->interface_added = 0; 1169 return -1; 1170 } 1171 1172 if (!addr) 1173 os_memcpy(hapd->own_addr, if_addr, ETH_ALEN); 1174 } 1175 1176 if (conf->wmm_enabled < 0) 1177 conf->wmm_enabled = hapd->iconf->ieee80211n | 1178 hapd->iconf->ieee80211ax; 1179 1180 #ifdef CONFIG_IEEE80211R_AP 1181 if (is_zero_ether_addr(conf->r1_key_holder)) 1182 os_memcpy(conf->r1_key_holder, hapd->own_addr, ETH_ALEN); 1183 #endif /* CONFIG_IEEE80211R_AP */ 1184 1185 #ifdef CONFIG_MESH 1186 if ((hapd->conf->mesh & MESH_ENABLED) && hapd->iface->mconf == NULL) 1187 flush_old_stations = 0; 1188 #endif /* CONFIG_MESH */ 1189 1190 if (flush_old_stations) 1191 hostapd_flush(hapd); 1192 hostapd_set_privacy(hapd, 0); 1193 1194 #ifdef CONFIG_WEP 1195 if (!hostapd_drv_nl80211(hapd)) 1196 hostapd_broadcast_wep_clear(hapd); 1197 if (hostapd_setup_encryption(conf->iface, hapd)) 1198 return -1; 1199 #endif /* CONFIG_WEP */ 1200 1201 /* 1202 * Fetch the SSID from the system and use it or, 1203 * if one was specified in the config file, verify they 1204 * match. 1205 */ 1206 ssid_len = hostapd_get_ssid(hapd, ssid, sizeof(ssid)); 1207 if (ssid_len < 0) { 1208 wpa_printf(MSG_ERROR, "Could not read SSID from system"); 1209 return -1; 1210 } 1211 if (conf->ssid.ssid_set) { 1212 /* 1213 * If SSID is specified in the config file and it differs 1214 * from what is being used then force installation of the 1215 * new SSID. 1216 */ 1217 set_ssid = (conf->ssid.ssid_len != (size_t) ssid_len || 1218 os_memcmp(conf->ssid.ssid, ssid, ssid_len) != 0); 1219 } else { 1220 /* 1221 * No SSID in the config file; just use the one we got 1222 * from the system. 1223 */ 1224 set_ssid = 0; 1225 conf->ssid.ssid_len = ssid_len; 1226 os_memcpy(conf->ssid.ssid, ssid, conf->ssid.ssid_len); 1227 } 1228 1229 /* 1230 * Short SSID calculation is identical to FCS and it is defined in 1231 * IEEE P802.11-REVmd/D3.0, 9.4.2.170.3 (Calculating the Short-SSID). 1232 */ 1233 conf->ssid.short_ssid = crc32(conf->ssid.ssid, conf->ssid.ssid_len); 1234 1235 if (!hostapd_drv_none(hapd)) { 1236 wpa_printf(MSG_DEBUG, "Using interface %s with hwaddr " MACSTR 1237 " and ssid \"%s\"", 1238 conf->iface, MAC2STR(hapd->own_addr), 1239 wpa_ssid_txt(conf->ssid.ssid, conf->ssid.ssid_len)); 1240 } 1241 1242 if (hostapd_setup_wpa_psk(conf)) { 1243 wpa_printf(MSG_ERROR, "WPA-PSK setup failed."); 1244 return -1; 1245 } 1246 1247 /* Set SSID for the kernel driver (to be used in beacon and probe 1248 * response frames) */ 1249 if (set_ssid && hostapd_set_ssid(hapd, conf->ssid.ssid, 1250 conf->ssid.ssid_len)) { 1251 wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver"); 1252 return -1; 1253 } 1254 1255 if (wpa_debug_level <= MSG_MSGDUMP) 1256 conf->radius->msg_dumps = 1; 1257 #ifndef CONFIG_NO_RADIUS 1258 1259 #ifdef CONFIG_SQLITE 1260 if (conf->radius_req_attr_sqlite) { 1261 if (sqlite3_open(conf->radius_req_attr_sqlite, 1262 &hapd->rad_attr_db)) { 1263 wpa_printf(MSG_ERROR, "Could not open SQLite file '%s'", 1264 conf->radius_req_attr_sqlite); 1265 return -1; 1266 } 1267 1268 wpa_printf(MSG_DEBUG, "Opening RADIUS attribute database: %s", 1269 conf->radius_req_attr_sqlite); 1270 if (!db_table_exists(hapd->rad_attr_db, "radius_attributes") && 1271 db_table_create_radius_attributes(hapd->rad_attr_db) < 0) 1272 return -1; 1273 } 1274 #endif /* CONFIG_SQLITE */ 1275 1276 hapd->radius = radius_client_init(hapd, conf->radius); 1277 if (hapd->radius == NULL) { 1278 wpa_printf(MSG_ERROR, "RADIUS client initialization failed."); 1279 return -1; 1280 } 1281 1282 if (conf->radius_das_port) { 1283 struct radius_das_conf das_conf; 1284 os_memset(&das_conf, 0, sizeof(das_conf)); 1285 das_conf.port = conf->radius_das_port; 1286 das_conf.shared_secret = conf->radius_das_shared_secret; 1287 das_conf.shared_secret_len = 1288 conf->radius_das_shared_secret_len; 1289 das_conf.client_addr = &conf->radius_das_client_addr; 1290 das_conf.time_window = conf->radius_das_time_window; 1291 das_conf.require_event_timestamp = 1292 conf->radius_das_require_event_timestamp; 1293 das_conf.require_message_authenticator = 1294 conf->radius_das_require_message_authenticator; 1295 das_conf.ctx = hapd; 1296 das_conf.disconnect = hostapd_das_disconnect; 1297 das_conf.coa = hostapd_das_coa; 1298 hapd->radius_das = radius_das_init(&das_conf); 1299 if (hapd->radius_das == NULL) { 1300 wpa_printf(MSG_ERROR, "RADIUS DAS initialization " 1301 "failed."); 1302 return -1; 1303 } 1304 } 1305 #endif /* CONFIG_NO_RADIUS */ 1306 1307 if (hostapd_acl_init(hapd)) { 1308 wpa_printf(MSG_ERROR, "ACL initialization failed."); 1309 return -1; 1310 } 1311 if (hostapd_init_wps(hapd, conf)) 1312 return -1; 1313 1314 #ifdef CONFIG_DPP 1315 hapd->gas = gas_query_ap_init(hapd, hapd->msg_ctx); 1316 if (!hapd->gas) 1317 return -1; 1318 if (hostapd_dpp_init(hapd)) 1319 return -1; 1320 #endif /* CONFIG_DPP */ 1321 1322 if (authsrv_init(hapd) < 0) 1323 return -1; 1324 1325 if (ieee802_1x_init(hapd)) { 1326 wpa_printf(MSG_ERROR, "IEEE 802.1X initialization failed."); 1327 return -1; 1328 } 1329 1330 if ((conf->wpa || conf->osen) && hostapd_setup_wpa(hapd)) 1331 return -1; 1332 1333 if (accounting_init(hapd)) { 1334 wpa_printf(MSG_ERROR, "Accounting initialization failed."); 1335 return -1; 1336 } 1337 1338 #ifdef CONFIG_INTERWORKING 1339 if (gas_serv_init(hapd)) { 1340 wpa_printf(MSG_ERROR, "GAS server initialization failed"); 1341 return -1; 1342 } 1343 1344 if (conf->qos_map_set_len && 1345 hostapd_drv_set_qos_map(hapd, conf->qos_map_set, 1346 conf->qos_map_set_len)) { 1347 wpa_printf(MSG_ERROR, "Failed to initialize QoS Map"); 1348 return -1; 1349 } 1350 #endif /* CONFIG_INTERWORKING */ 1351 1352 if (conf->bss_load_update_period && bss_load_update_init(hapd)) { 1353 wpa_printf(MSG_ERROR, "BSS Load initialization failed"); 1354 return -1; 1355 } 1356 1357 if (conf->proxy_arp) { 1358 if (x_snoop_init(hapd)) { 1359 wpa_printf(MSG_ERROR, 1360 "Generic snooping infrastructure initialization failed"); 1361 return -1; 1362 } 1363 1364 if (dhcp_snoop_init(hapd)) { 1365 wpa_printf(MSG_ERROR, 1366 "DHCP snooping initialization failed"); 1367 return -1; 1368 } 1369 1370 if (ndisc_snoop_init(hapd)) { 1371 wpa_printf(MSG_ERROR, 1372 "Neighbor Discovery snooping initialization failed"); 1373 return -1; 1374 } 1375 } 1376 1377 if (!hostapd_drv_none(hapd) && vlan_init(hapd)) { 1378 wpa_printf(MSG_ERROR, "VLAN initialization failed."); 1379 return -1; 1380 } 1381 1382 if (!conf->start_disabled && ieee802_11_set_beacon(hapd) < 0) 1383 return -1; 1384 1385 if (flush_old_stations && !conf->start_disabled && 1386 conf->broadcast_deauth) { 1387 u8 addr[ETH_ALEN]; 1388 1389 /* Should any previously associated STA not have noticed that 1390 * the AP had stopped and restarted, send one more 1391 * deauthentication notification now that the AP is ready to 1392 * operate. */ 1393 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1394 "Deauthenticate all stations at BSS start"); 1395 os_memset(addr, 0xff, ETH_ALEN); 1396 hostapd_drv_sta_deauth(hapd, addr, 1397 WLAN_REASON_PREV_AUTH_NOT_VALID); 1398 } 1399 1400 if (hapd->wpa_auth && wpa_init_keys(hapd->wpa_auth) < 0) 1401 return -1; 1402 1403 if (hapd->driver && hapd->driver->set_operstate) 1404 hapd->driver->set_operstate(hapd->drv_priv, 1); 1405 1406 return 0; 1407 } 1408 1409 1410 static void hostapd_tx_queue_params(struct hostapd_iface *iface) 1411 { 1412 struct hostapd_data *hapd = iface->bss[0]; 1413 int i; 1414 struct hostapd_tx_queue_params *p; 1415 1416 #ifdef CONFIG_MESH 1417 if ((hapd->conf->mesh & MESH_ENABLED) && iface->mconf == NULL) 1418 return; 1419 #endif /* CONFIG_MESH */ 1420 1421 for (i = 0; i < NUM_TX_QUEUES; i++) { 1422 p = &iface->conf->tx_queue[i]; 1423 1424 if (hostapd_set_tx_queue_params(hapd, i, p->aifs, p->cwmin, 1425 p->cwmax, p->burst)) { 1426 wpa_printf(MSG_DEBUG, "Failed to set TX queue " 1427 "parameters for queue %d.", i); 1428 /* Continue anyway */ 1429 } 1430 } 1431 } 1432 1433 1434 static int hostapd_set_acl_list(struct hostapd_data *hapd, 1435 struct mac_acl_entry *mac_acl, 1436 int n_entries, u8 accept_acl) 1437 { 1438 struct hostapd_acl_params *acl_params; 1439 int i, err; 1440 1441 acl_params = os_zalloc(sizeof(*acl_params) + 1442 (n_entries * sizeof(acl_params->mac_acl[0]))); 1443 if (!acl_params) 1444 return -ENOMEM; 1445 1446 for (i = 0; i < n_entries; i++) 1447 os_memcpy(acl_params->mac_acl[i].addr, mac_acl[i].addr, 1448 ETH_ALEN); 1449 1450 acl_params->acl_policy = accept_acl; 1451 acl_params->num_mac_acl = n_entries; 1452 1453 err = hostapd_drv_set_acl(hapd, acl_params); 1454 1455 os_free(acl_params); 1456 1457 return err; 1458 } 1459 1460 1461 static void hostapd_set_acl(struct hostapd_data *hapd) 1462 { 1463 struct hostapd_config *conf = hapd->iconf; 1464 int err; 1465 u8 accept_acl; 1466 1467 if (hapd->iface->drv_max_acl_mac_addrs == 0) 1468 return; 1469 1470 if (conf->bss[0]->macaddr_acl == DENY_UNLESS_ACCEPTED) { 1471 accept_acl = 1; 1472 err = hostapd_set_acl_list(hapd, conf->bss[0]->accept_mac, 1473 conf->bss[0]->num_accept_mac, 1474 accept_acl); 1475 if (err) { 1476 wpa_printf(MSG_DEBUG, "Failed to set accept acl"); 1477 return; 1478 } 1479 } else if (conf->bss[0]->macaddr_acl == ACCEPT_UNLESS_DENIED) { 1480 accept_acl = 0; 1481 err = hostapd_set_acl_list(hapd, conf->bss[0]->deny_mac, 1482 conf->bss[0]->num_deny_mac, 1483 accept_acl); 1484 if (err) { 1485 wpa_printf(MSG_DEBUG, "Failed to set deny acl"); 1486 return; 1487 } 1488 } 1489 } 1490 1491 1492 static int start_ctrl_iface_bss(struct hostapd_data *hapd) 1493 { 1494 if (!hapd->iface->interfaces || 1495 !hapd->iface->interfaces->ctrl_iface_init) 1496 return 0; 1497 1498 if (hapd->iface->interfaces->ctrl_iface_init(hapd)) { 1499 wpa_printf(MSG_ERROR, 1500 "Failed to setup control interface for %s", 1501 hapd->conf->iface); 1502 return -1; 1503 } 1504 1505 return 0; 1506 } 1507 1508 1509 static int start_ctrl_iface(struct hostapd_iface *iface) 1510 { 1511 size_t i; 1512 1513 if (!iface->interfaces || !iface->interfaces->ctrl_iface_init) 1514 return 0; 1515 1516 for (i = 0; i < iface->num_bss; i++) { 1517 struct hostapd_data *hapd = iface->bss[i]; 1518 if (iface->interfaces->ctrl_iface_init(hapd)) { 1519 wpa_printf(MSG_ERROR, 1520 "Failed to setup control interface for %s", 1521 hapd->conf->iface); 1522 return -1; 1523 } 1524 } 1525 1526 return 0; 1527 } 1528 1529 1530 static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx) 1531 { 1532 struct hostapd_iface *iface = eloop_ctx; 1533 1534 if (!iface->wait_channel_update) { 1535 wpa_printf(MSG_INFO, "Channel list update timeout, but interface was not waiting for it"); 1536 return; 1537 } 1538 1539 /* 1540 * It is possible that the existing channel list is acceptable, so try 1541 * to proceed. 1542 */ 1543 wpa_printf(MSG_DEBUG, "Channel list update timeout - try to continue anyway"); 1544 setup_interface2(iface); 1545 } 1546 1547 1548 void hostapd_channel_list_updated(struct hostapd_iface *iface, int initiator) 1549 { 1550 if (!iface->wait_channel_update || initiator != REGDOM_SET_BY_USER) 1551 return; 1552 1553 wpa_printf(MSG_DEBUG, "Channel list updated - continue setup"); 1554 eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); 1555 setup_interface2(iface); 1556 } 1557 1558 1559 static int setup_interface(struct hostapd_iface *iface) 1560 { 1561 struct hostapd_data *hapd = iface->bss[0]; 1562 size_t i; 1563 1564 /* 1565 * It is possible that setup_interface() is called after the interface 1566 * was disabled etc., in which case driver_ap_teardown is possibly set 1567 * to 1. Clear it here so any other key/station deletion, which is not 1568 * part of a teardown flow, would also call the relevant driver 1569 * callbacks. 1570 */ 1571 iface->driver_ap_teardown = 0; 1572 1573 if (!iface->phy[0]) { 1574 const char *phy = hostapd_drv_get_radio_name(hapd); 1575 if (phy) { 1576 wpa_printf(MSG_DEBUG, "phy: %s", phy); 1577 os_strlcpy(iface->phy, phy, sizeof(iface->phy)); 1578 } 1579 } 1580 1581 /* 1582 * Make sure that all BSSes get configured with a pointer to the same 1583 * driver interface. 1584 */ 1585 for (i = 1; i < iface->num_bss; i++) { 1586 iface->bss[i]->driver = hapd->driver; 1587 iface->bss[i]->drv_priv = hapd->drv_priv; 1588 } 1589 1590 if (hostapd_validate_bssid_configuration(iface)) 1591 return -1; 1592 1593 /* 1594 * Initialize control interfaces early to allow external monitoring of 1595 * channel setup operations that may take considerable amount of time 1596 * especially for DFS cases. 1597 */ 1598 if (start_ctrl_iface(iface)) 1599 return -1; 1600 1601 if (hapd->iconf->country[0] && hapd->iconf->country[1]) { 1602 char country[4], previous_country[4]; 1603 1604 hostapd_set_state(iface, HAPD_IFACE_COUNTRY_UPDATE); 1605 if (hostapd_get_country(hapd, previous_country) < 0) 1606 previous_country[0] = '\0'; 1607 1608 os_memcpy(country, hapd->iconf->country, 3); 1609 country[3] = '\0'; 1610 if (hostapd_set_country(hapd, country) < 0) { 1611 wpa_printf(MSG_ERROR, "Failed to set country code"); 1612 return -1; 1613 } 1614 1615 wpa_printf(MSG_DEBUG, "Previous country code %s, new country code %s", 1616 previous_country, country); 1617 1618 if (os_strncmp(previous_country, country, 2) != 0) { 1619 wpa_printf(MSG_DEBUG, "Continue interface setup after channel list update"); 1620 iface->wait_channel_update = 1; 1621 eloop_register_timeout(5, 0, 1622 channel_list_update_timeout, 1623 iface, NULL); 1624 return 0; 1625 } 1626 } 1627 1628 return setup_interface2(iface); 1629 } 1630 1631 1632 static int configured_fixed_chan_to_freq(struct hostapd_iface *iface) 1633 { 1634 int freq, i, j; 1635 1636 if (!iface->conf->channel) 1637 return 0; 1638 if (iface->conf->op_class) { 1639 freq = ieee80211_chan_to_freq(NULL, iface->conf->op_class, 1640 iface->conf->channel); 1641 if (freq < 0) { 1642 wpa_printf(MSG_INFO, 1643 "Could not convert op_class %u channel %u to operating frequency", 1644 iface->conf->op_class, iface->conf->channel); 1645 return -1; 1646 } 1647 iface->freq = freq; 1648 return 0; 1649 } 1650 1651 /* Old configurations using only 2.4/5/60 GHz bands may not specify the 1652 * op_class parameter. Select a matching channel from the configured 1653 * mode using the channel parameter for these cases. 1654 */ 1655 for (j = 0; j < iface->num_hw_features; j++) { 1656 struct hostapd_hw_modes *mode = &iface->hw_features[j]; 1657 1658 if (iface->conf->hw_mode != HOSTAPD_MODE_IEEE80211ANY && 1659 iface->conf->hw_mode != mode->mode) 1660 continue; 1661 for (i = 0; i < mode->num_channels; i++) { 1662 struct hostapd_channel_data *chan = &mode->channels[i]; 1663 1664 if (chan->chan == iface->conf->channel && 1665 !is_6ghz_freq(chan->freq)) { 1666 iface->freq = chan->freq; 1667 return 0; 1668 } 1669 } 1670 } 1671 1672 wpa_printf(MSG_INFO, "Could not determine operating frequency"); 1673 return -1; 1674 } 1675 1676 1677 static void hostapd_set_6ghz_sec_chan(struct hostapd_iface *iface) 1678 { 1679 int bw, seg0; 1680 1681 if (!is_6ghz_op_class(iface->conf->op_class)) 1682 return; 1683 1684 seg0 = hostapd_get_oper_centr_freq_seg0_idx(iface->conf); 1685 bw = center_idx_to_bw_6ghz(seg0); 1686 /* Assign the secondary channel if absent in config for 1687 * bandwidths > 20 MHz */ 1688 if (bw > 20 && !iface->conf->secondary_channel) { 1689 if (((iface->conf->channel - 1) / 4) % 2) 1690 iface->conf->secondary_channel = -1; 1691 else 1692 iface->conf->secondary_channel = 1; 1693 } 1694 } 1695 1696 1697 static int setup_interface2(struct hostapd_iface *iface) 1698 { 1699 iface->wait_channel_update = 0; 1700 1701 #ifdef __FreeBSD 1702 /* XXX hostapd_get_hw_features() is an inline that always returns -1 1703 * because MLME will not build under FreeBSD due to its use of 1704 * Linux definitions. Normally FreeBSD would uncondionally execute the 1705 * "Not all drivers support..." block. Instead we #ifdef out the entire 1706 * block of code instead of maintaining the fallacy that 1707 * hostapd_get_hw_features() returns anything meaninful. 1708 * 1709 * Ideally WANT_AP_MLME should be taught about FreeBSD data structures 1710 * and defintions. Instead we do this to enable channel selection in 1711 * hostapd.conf. 1712 */ 1713 iface->freq = iface->conf->channel; 1714 #else 1715 if (hostapd_get_hw_features(iface)) { 1716 /* Not all drivers support this yet, so continue without hw 1717 * feature data. */ 1718 } else { 1719 int ret; 1720 1721 ret = configured_fixed_chan_to_freq(iface); 1722 if (ret < 0) 1723 goto fail; 1724 1725 if (iface->conf->op_class) { 1726 int ch_width; 1727 1728 ch_width = op_class_to_ch_width(iface->conf->op_class); 1729 hostapd_set_oper_chwidth(iface->conf, ch_width); 1730 hostapd_set_6ghz_sec_chan(iface); 1731 } 1732 1733 ret = hostapd_select_hw_mode(iface); 1734 if (ret < 0) { 1735 wpa_printf(MSG_ERROR, "Could not select hw_mode and " 1736 "channel. (%d)", ret); 1737 goto fail; 1738 } 1739 if (ret == 1) { 1740 wpa_printf(MSG_DEBUG, "Interface initialization will be completed in a callback (ACS)"); 1741 return 0; 1742 } 1743 ret = hostapd_check_edmg_capab(iface); 1744 if (ret < 0) 1745 goto fail; 1746 ret = hostapd_check_he_6ghz_capab(iface); 1747 if (ret < 0) 1748 goto fail; 1749 ret = hostapd_check_ht_capab(iface); 1750 if (ret < 0) 1751 goto fail; 1752 if (ret == 1) { 1753 wpa_printf(MSG_DEBUG, "Interface initialization will " 1754 "be completed in a callback"); 1755 return 0; 1756 } 1757 1758 if (iface->conf->ieee80211h) 1759 wpa_printf(MSG_DEBUG, "DFS support is enabled"); 1760 } 1761 #endif 1762 return hostapd_setup_interface_complete(iface, 0); 1763 1764 fail: 1765 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 1766 wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 1767 if (iface->interfaces && iface->interfaces->terminate_on_error) 1768 eloop_terminate(); 1769 return -1; 1770 } 1771 1772 1773 #ifdef CONFIG_FST 1774 1775 static const u8 * fst_hostapd_get_bssid_cb(void *ctx) 1776 { 1777 struct hostapd_data *hapd = ctx; 1778 1779 return hapd->own_addr; 1780 } 1781 1782 1783 static void fst_hostapd_get_channel_info_cb(void *ctx, 1784 enum hostapd_hw_mode *hw_mode, 1785 u8 *channel) 1786 { 1787 struct hostapd_data *hapd = ctx; 1788 1789 *hw_mode = ieee80211_freq_to_chan(hapd->iface->freq, channel); 1790 } 1791 1792 1793 static void fst_hostapd_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) 1794 { 1795 struct hostapd_data *hapd = ctx; 1796 1797 if (hapd->iface->fst_ies != fst_ies) { 1798 hapd->iface->fst_ies = fst_ies; 1799 if (ieee802_11_set_beacon(hapd)) 1800 wpa_printf(MSG_WARNING, "FST: Cannot set beacon"); 1801 } 1802 } 1803 1804 1805 static int fst_hostapd_send_action_cb(void *ctx, const u8 *da, 1806 struct wpabuf *buf) 1807 { 1808 struct hostapd_data *hapd = ctx; 1809 1810 return hostapd_drv_send_action(hapd, hapd->iface->freq, 0, da, 1811 wpabuf_head(buf), wpabuf_len(buf)); 1812 } 1813 1814 1815 static const struct wpabuf * fst_hostapd_get_mb_ie_cb(void *ctx, const u8 *addr) 1816 { 1817 struct hostapd_data *hapd = ctx; 1818 struct sta_info *sta = ap_get_sta(hapd, addr); 1819 1820 return sta ? sta->mb_ies : NULL; 1821 } 1822 1823 1824 static void fst_hostapd_update_mb_ie_cb(void *ctx, const u8 *addr, 1825 const u8 *buf, size_t size) 1826 { 1827 struct hostapd_data *hapd = ctx; 1828 struct sta_info *sta = ap_get_sta(hapd, addr); 1829 1830 if (sta) { 1831 struct mb_ies_info info; 1832 1833 if (!mb_ies_info_by_ies(&info, buf, size)) { 1834 wpabuf_free(sta->mb_ies); 1835 sta->mb_ies = mb_ies_by_info(&info); 1836 } 1837 } 1838 } 1839 1840 1841 static const u8 * fst_hostapd_get_sta(struct fst_get_peer_ctx **get_ctx, 1842 bool mb_only) 1843 { 1844 struct sta_info *s = (struct sta_info *) *get_ctx; 1845 1846 if (mb_only) { 1847 for (; s && !s->mb_ies; s = s->next) 1848 ; 1849 } 1850 1851 if (s) { 1852 *get_ctx = (struct fst_get_peer_ctx *) s->next; 1853 1854 return s->addr; 1855 } 1856 1857 *get_ctx = NULL; 1858 return NULL; 1859 } 1860 1861 1862 static const u8 * fst_hostapd_get_peer_first(void *ctx, 1863 struct fst_get_peer_ctx **get_ctx, 1864 bool mb_only) 1865 { 1866 struct hostapd_data *hapd = ctx; 1867 1868 *get_ctx = (struct fst_get_peer_ctx *) hapd->sta_list; 1869 1870 return fst_hostapd_get_sta(get_ctx, mb_only); 1871 } 1872 1873 1874 static const u8 * fst_hostapd_get_peer_next(void *ctx, 1875 struct fst_get_peer_ctx **get_ctx, 1876 bool mb_only) 1877 { 1878 return fst_hostapd_get_sta(get_ctx, mb_only); 1879 } 1880 1881 1882 void fst_hostapd_fill_iface_obj(struct hostapd_data *hapd, 1883 struct fst_wpa_obj *iface_obj) 1884 { 1885 iface_obj->ctx = hapd; 1886 iface_obj->get_bssid = fst_hostapd_get_bssid_cb; 1887 iface_obj->get_channel_info = fst_hostapd_get_channel_info_cb; 1888 iface_obj->set_ies = fst_hostapd_set_ies_cb; 1889 iface_obj->send_action = fst_hostapd_send_action_cb; 1890 iface_obj->get_mb_ie = fst_hostapd_get_mb_ie_cb; 1891 iface_obj->update_mb_ie = fst_hostapd_update_mb_ie_cb; 1892 iface_obj->get_peer_first = fst_hostapd_get_peer_first; 1893 iface_obj->get_peer_next = fst_hostapd_get_peer_next; 1894 } 1895 1896 #endif /* CONFIG_FST */ 1897 1898 #ifdef CONFIG_OWE 1899 1900 static int hostapd_owe_iface_iter(struct hostapd_iface *iface, void *ctx) 1901 { 1902 struct hostapd_data *hapd = ctx; 1903 size_t i; 1904 1905 for (i = 0; i < iface->num_bss; i++) { 1906 struct hostapd_data *bss = iface->bss[i]; 1907 1908 if (os_strcmp(hapd->conf->owe_transition_ifname, 1909 bss->conf->iface) != 0) 1910 continue; 1911 1912 wpa_printf(MSG_DEBUG, 1913 "OWE: ifname=%s found transition mode ifname=%s BSSID " 1914 MACSTR " SSID %s", 1915 hapd->conf->iface, bss->conf->iface, 1916 MAC2STR(bss->own_addr), 1917 wpa_ssid_txt(bss->conf->ssid.ssid, 1918 bss->conf->ssid.ssid_len)); 1919 if (!bss->conf->ssid.ssid_set || !bss->conf->ssid.ssid_len || 1920 is_zero_ether_addr(bss->own_addr)) 1921 continue; 1922 1923 os_memcpy(hapd->conf->owe_transition_bssid, bss->own_addr, 1924 ETH_ALEN); 1925 os_memcpy(hapd->conf->owe_transition_ssid, 1926 bss->conf->ssid.ssid, bss->conf->ssid.ssid_len); 1927 hapd->conf->owe_transition_ssid_len = bss->conf->ssid.ssid_len; 1928 wpa_printf(MSG_DEBUG, 1929 "OWE: Copied transition mode information"); 1930 return 1; 1931 } 1932 1933 return 0; 1934 } 1935 1936 1937 int hostapd_owe_trans_get_info(struct hostapd_data *hapd) 1938 { 1939 if (hapd->conf->owe_transition_ssid_len > 0 && 1940 !is_zero_ether_addr(hapd->conf->owe_transition_bssid)) 1941 return 0; 1942 1943 /* Find transition mode SSID/BSSID information from a BSS operated by 1944 * this hostapd instance. */ 1945 if (!hapd->iface->interfaces || 1946 !hapd->iface->interfaces->for_each_interface) 1947 return hostapd_owe_iface_iter(hapd->iface, hapd); 1948 else 1949 return hapd->iface->interfaces->for_each_interface( 1950 hapd->iface->interfaces, hostapd_owe_iface_iter, hapd); 1951 } 1952 1953 1954 static int hostapd_owe_iface_iter2(struct hostapd_iface *iface, void *ctx) 1955 { 1956 size_t i; 1957 1958 for (i = 0; i < iface->num_bss; i++) { 1959 struct hostapd_data *bss = iface->bss[i]; 1960 int res; 1961 1962 if (!bss->conf->owe_transition_ifname[0]) 1963 continue; 1964 if (bss->iface->state != HAPD_IFACE_ENABLED) { 1965 wpa_printf(MSG_DEBUG, 1966 "OWE: Interface %s state %s - defer beacon update", 1967 bss->conf->iface, 1968 hostapd_state_text(bss->iface->state)); 1969 continue; 1970 } 1971 res = hostapd_owe_trans_get_info(bss); 1972 if (res == 0) 1973 continue; 1974 wpa_printf(MSG_DEBUG, 1975 "OWE: Matching transition mode interface enabled - update beacon data for %s", 1976 bss->conf->iface); 1977 ieee802_11_set_beacon(bss); 1978 } 1979 1980 return 0; 1981 } 1982 1983 #endif /* CONFIG_OWE */ 1984 1985 1986 static void hostapd_owe_update_trans(struct hostapd_iface *iface) 1987 { 1988 #ifdef CONFIG_OWE 1989 /* Check whether the enabled BSS can complete OWE transition mode 1990 * configuration for any pending interface. */ 1991 if (!iface->interfaces || 1992 !iface->interfaces->for_each_interface) 1993 hostapd_owe_iface_iter2(iface, NULL); 1994 else 1995 iface->interfaces->for_each_interface( 1996 iface->interfaces, hostapd_owe_iface_iter2, NULL); 1997 #endif /* CONFIG_OWE */ 1998 } 1999 2000 2001 static void hostapd_interface_setup_failure_handler(void *eloop_ctx, 2002 void *timeout_ctx) 2003 { 2004 struct hostapd_iface *iface = eloop_ctx; 2005 struct hostapd_data *hapd; 2006 2007 if (iface->num_bss < 1 || !iface->bss || !iface->bss[0]) 2008 return; 2009 hapd = iface->bss[0]; 2010 if (hapd->setup_complete_cb) 2011 hapd->setup_complete_cb(hapd->setup_complete_cb_ctx); 2012 } 2013 2014 2015 static int hostapd_setup_interface_complete_sync(struct hostapd_iface *iface, 2016 int err) 2017 { 2018 struct hostapd_data *hapd = iface->bss[0]; 2019 size_t j; 2020 u8 *prev_addr; 2021 int delay_apply_cfg = 0; 2022 int res_dfs_offload = 0; 2023 2024 if (err) 2025 goto fail; 2026 2027 wpa_printf(MSG_DEBUG, "Completing interface initialization"); 2028 if (iface->freq) { 2029 #ifdef NEED_AP_MLME 2030 int res; 2031 #endif /* NEED_AP_MLME */ 2032 2033 wpa_printf(MSG_DEBUG, "Mode: %s Channel: %d " 2034 "Frequency: %d MHz", 2035 hostapd_hw_mode_txt(iface->conf->hw_mode), 2036 iface->conf->channel, iface->freq); 2037 2038 #ifdef NEED_AP_MLME 2039 /* Handle DFS only if it is not offloaded to the driver */ 2040 if (!(iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)) { 2041 /* Check DFS */ 2042 res = hostapd_handle_dfs(iface); 2043 if (res <= 0) { 2044 if (res < 0) 2045 goto fail; 2046 return res; 2047 } 2048 } else { 2049 /* If DFS is offloaded to the driver */ 2050 res_dfs_offload = hostapd_handle_dfs_offload(iface); 2051 if (res_dfs_offload <= 0) { 2052 if (res_dfs_offload < 0) 2053 goto fail; 2054 } else { 2055 wpa_printf(MSG_DEBUG, 2056 "Proceed with AP/channel setup"); 2057 /* 2058 * If this is a DFS channel, move to completing 2059 * AP setup. 2060 */ 2061 if (res_dfs_offload == 1) 2062 goto dfs_offload; 2063 /* Otherwise fall through. */ 2064 } 2065 } 2066 #endif /* NEED_AP_MLME */ 2067 2068 #ifdef CONFIG_MESH 2069 if (iface->mconf != NULL) { 2070 wpa_printf(MSG_DEBUG, 2071 "%s: Mesh configuration will be applied while joining the mesh network", 2072 iface->bss[0]->conf->iface); 2073 delay_apply_cfg = 1; 2074 } 2075 #endif /* CONFIG_MESH */ 2076 2077 if (!delay_apply_cfg && 2078 hostapd_set_freq(hapd, hapd->iconf->hw_mode, iface->freq, 2079 hapd->iconf->channel, 2080 hapd->iconf->enable_edmg, 2081 hapd->iconf->edmg_channel, 2082 hapd->iconf->ieee80211n, 2083 hapd->iconf->ieee80211ac, 2084 hapd->iconf->ieee80211ax, 2085 hapd->iconf->secondary_channel, 2086 hostapd_get_oper_chwidth(hapd->iconf), 2087 hostapd_get_oper_centr_freq_seg0_idx( 2088 hapd->iconf), 2089 hostapd_get_oper_centr_freq_seg1_idx( 2090 hapd->iconf))) { 2091 wpa_printf(MSG_ERROR, "Could not set channel for " 2092 "kernel driver"); 2093 goto fail; 2094 } 2095 } 2096 2097 if (iface->current_mode) { 2098 if (hostapd_prepare_rates(iface, iface->current_mode)) { 2099 wpa_printf(MSG_ERROR, "Failed to prepare rates " 2100 "table."); 2101 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 2102 HOSTAPD_LEVEL_WARNING, 2103 "Failed to prepare rates table."); 2104 goto fail; 2105 } 2106 } 2107 2108 if (hapd->iconf->rts_threshold >= -1 && 2109 hostapd_set_rts(hapd, hapd->iconf->rts_threshold) && 2110 hapd->iconf->rts_threshold >= -1) { 2111 wpa_printf(MSG_ERROR, "Could not set RTS threshold for " 2112 "kernel driver"); 2113 goto fail; 2114 } 2115 2116 if (hapd->iconf->fragm_threshold >= -1 && 2117 hostapd_set_frag(hapd, hapd->iconf->fragm_threshold) && 2118 hapd->iconf->fragm_threshold != -1) { 2119 wpa_printf(MSG_ERROR, "Could not set fragmentation threshold " 2120 "for kernel driver"); 2121 goto fail; 2122 } 2123 2124 prev_addr = hapd->own_addr; 2125 2126 for (j = 0; j < iface->num_bss; j++) { 2127 hapd = iface->bss[j]; 2128 if (j) 2129 os_memcpy(hapd->own_addr, prev_addr, ETH_ALEN); 2130 if (hostapd_setup_bss(hapd, j == 0)) { 2131 for (;;) { 2132 hapd = iface->bss[j]; 2133 hostapd_bss_deinit_no_free(hapd); 2134 hostapd_free_hapd_data(hapd); 2135 if (j == 0) 2136 break; 2137 j--; 2138 } 2139 goto fail; 2140 } 2141 if (is_zero_ether_addr(hapd->conf->bssid)) 2142 prev_addr = hapd->own_addr; 2143 } 2144 hapd = iface->bss[0]; 2145 2146 hostapd_tx_queue_params(iface); 2147 2148 ap_list_init(iface); 2149 2150 hostapd_set_acl(hapd); 2151 2152 if (hostapd_driver_commit(hapd) < 0) { 2153 wpa_printf(MSG_ERROR, "%s: Failed to commit driver " 2154 "configuration", __func__); 2155 goto fail; 2156 } 2157 2158 /* 2159 * WPS UPnP module can be initialized only when the "upnp_iface" is up. 2160 * If "interface" and "upnp_iface" are the same (e.g., non-bridge 2161 * mode), the interface is up only after driver_commit, so initialize 2162 * WPS after driver_commit. 2163 */ 2164 for (j = 0; j < iface->num_bss; j++) { 2165 if (hostapd_init_wps_complete(iface->bss[j])) 2166 goto fail; 2167 } 2168 2169 if ((iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && 2170 !res_dfs_offload) { 2171 /* 2172 * If freq is DFS, and DFS is offloaded to the driver, then wait 2173 * for CAC to complete. 2174 */ 2175 wpa_printf(MSG_DEBUG, "%s: Wait for CAC to complete", __func__); 2176 return res_dfs_offload; 2177 } 2178 2179 #ifdef NEED_AP_MLME 2180 dfs_offload: 2181 #endif /* NEED_AP_MLME */ 2182 2183 #ifdef CONFIG_FST 2184 if (hapd->iconf->fst_cfg.group_id[0]) { 2185 struct fst_wpa_obj iface_obj; 2186 2187 fst_hostapd_fill_iface_obj(hapd, &iface_obj); 2188 iface->fst = fst_attach(hapd->conf->iface, hapd->own_addr, 2189 &iface_obj, &hapd->iconf->fst_cfg); 2190 if (!iface->fst) { 2191 wpa_printf(MSG_ERROR, "Could not attach to FST %s", 2192 hapd->iconf->fst_cfg.group_id); 2193 goto fail; 2194 } 2195 } 2196 #endif /* CONFIG_FST */ 2197 2198 hostapd_set_state(iface, HAPD_IFACE_ENABLED); 2199 hostapd_owe_update_trans(iface); 2200 airtime_policy_update_init(iface); 2201 wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_ENABLED); 2202 if (hapd->setup_complete_cb) 2203 hapd->setup_complete_cb(hapd->setup_complete_cb_ctx); 2204 2205 #ifdef CONFIG_MESH 2206 if (delay_apply_cfg && !iface->mconf) { 2207 wpa_printf(MSG_ERROR, "Error while completing mesh init"); 2208 goto fail; 2209 } 2210 #endif /* CONFIG_MESH */ 2211 2212 wpa_printf(MSG_DEBUG, "%s: Setup of interface done.", 2213 iface->bss[0]->conf->iface); 2214 if (iface->interfaces && iface->interfaces->terminate_on_error > 0) 2215 iface->interfaces->terminate_on_error--; 2216 2217 for (j = 0; j < iface->num_bss; j++) 2218 hostapd_neighbor_set_own_report(iface->bss[j]); 2219 2220 return 0; 2221 2222 fail: 2223 wpa_printf(MSG_ERROR, "Interface initialization failed"); 2224 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 2225 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2226 #ifdef CONFIG_FST 2227 if (iface->fst) { 2228 fst_detach(iface->fst); 2229 iface->fst = NULL; 2230 } 2231 #endif /* CONFIG_FST */ 2232 2233 if (iface->interfaces && iface->interfaces->terminate_on_error) { 2234 eloop_terminate(); 2235 } else if (hapd->setup_complete_cb) { 2236 /* 2237 * Calling hapd->setup_complete_cb directly may cause iface 2238 * deinitialization which may be accessed later by the caller. 2239 */ 2240 eloop_register_timeout(0, 0, 2241 hostapd_interface_setup_failure_handler, 2242 iface, NULL); 2243 } 2244 2245 return -1; 2246 } 2247 2248 2249 /** 2250 * hostapd_setup_interface_complete - Complete interface setup 2251 * 2252 * This function is called when previous steps in the interface setup has been 2253 * completed. This can also start operations, e.g., DFS, that will require 2254 * additional processing before interface is ready to be enabled. Such 2255 * operations will call this function from eloop callbacks when finished. 2256 */ 2257 int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err) 2258 { 2259 struct hapd_interfaces *interfaces = iface->interfaces; 2260 struct hostapd_data *hapd = iface->bss[0]; 2261 unsigned int i; 2262 int not_ready_in_sync_ifaces = 0; 2263 2264 if (!iface->need_to_start_in_sync) 2265 return hostapd_setup_interface_complete_sync(iface, err); 2266 2267 if (err) { 2268 wpa_printf(MSG_ERROR, "Interface initialization failed"); 2269 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 2270 iface->need_to_start_in_sync = 0; 2271 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2272 if (interfaces && interfaces->terminate_on_error) 2273 eloop_terminate(); 2274 return -1; 2275 } 2276 2277 if (iface->ready_to_start_in_sync) { 2278 /* Already in ready and waiting. should never happpen */ 2279 return 0; 2280 } 2281 2282 for (i = 0; i < interfaces->count; i++) { 2283 if (interfaces->iface[i]->need_to_start_in_sync && 2284 !interfaces->iface[i]->ready_to_start_in_sync) 2285 not_ready_in_sync_ifaces++; 2286 } 2287 2288 /* 2289 * Check if this is the last interface, if yes then start all the other 2290 * waiting interfaces. If not, add this interface to the waiting list. 2291 */ 2292 if (not_ready_in_sync_ifaces > 1 && iface->state == HAPD_IFACE_DFS) { 2293 /* 2294 * If this interface went through CAC, do not synchronize, just 2295 * start immediately. 2296 */ 2297 iface->need_to_start_in_sync = 0; 2298 wpa_printf(MSG_INFO, 2299 "%s: Finished CAC - bypass sync and start interface", 2300 iface->bss[0]->conf->iface); 2301 return hostapd_setup_interface_complete_sync(iface, err); 2302 } 2303 2304 if (not_ready_in_sync_ifaces > 1) { 2305 /* need to wait as there are other interfaces still coming up */ 2306 iface->ready_to_start_in_sync = 1; 2307 wpa_printf(MSG_INFO, 2308 "%s: Interface waiting to sync with other interfaces", 2309 iface->bss[0]->conf->iface); 2310 return 0; 2311 } 2312 2313 wpa_printf(MSG_INFO, 2314 "%s: Last interface to sync - starting all interfaces", 2315 iface->bss[0]->conf->iface); 2316 iface->need_to_start_in_sync = 0; 2317 hostapd_setup_interface_complete_sync(iface, err); 2318 for (i = 0; i < interfaces->count; i++) { 2319 if (interfaces->iface[i]->need_to_start_in_sync && 2320 interfaces->iface[i]->ready_to_start_in_sync) { 2321 hostapd_setup_interface_complete_sync( 2322 interfaces->iface[i], 0); 2323 /* Only once the interfaces are sync started */ 2324 interfaces->iface[i]->need_to_start_in_sync = 0; 2325 } 2326 } 2327 2328 return 0; 2329 } 2330 2331 2332 /** 2333 * hostapd_setup_interface - Setup of an interface 2334 * @iface: Pointer to interface data. 2335 * Returns: 0 on success, -1 on failure 2336 * 2337 * Initializes the driver interface, validates the configuration, 2338 * and sets driver parameters based on the configuration. 2339 * Flushes old stations, sets the channel, encryption, 2340 * beacons, and WDS links based on the configuration. 2341 * 2342 * If interface setup requires more time, e.g., to perform HT co-ex scans, ACS, 2343 * or DFS operations, this function returns 0 before such operations have been 2344 * completed. The pending operations are registered into eloop and will be 2345 * completed from eloop callbacks. Those callbacks end up calling 2346 * hostapd_setup_interface_complete() once setup has been completed. 2347 */ 2348 int hostapd_setup_interface(struct hostapd_iface *iface) 2349 { 2350 int ret; 2351 2352 if (!iface->conf) 2353 return -1; 2354 ret = setup_interface(iface); 2355 if (ret) { 2356 wpa_printf(MSG_ERROR, "%s: Unable to setup interface.", 2357 iface->conf->bss[0]->iface); 2358 return -1; 2359 } 2360 2361 return 0; 2362 } 2363 2364 2365 /** 2366 * hostapd_alloc_bss_data - Allocate and initialize per-BSS data 2367 * @hapd_iface: Pointer to interface data 2368 * @conf: Pointer to per-interface configuration 2369 * @bss: Pointer to per-BSS configuration for this BSS 2370 * Returns: Pointer to allocated BSS data 2371 * 2372 * This function is used to allocate per-BSS data structure. This data will be 2373 * freed after hostapd_cleanup() is called for it during interface 2374 * deinitialization. 2375 */ 2376 struct hostapd_data * 2377 hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface, 2378 struct hostapd_config *conf, 2379 struct hostapd_bss_config *bss) 2380 { 2381 struct hostapd_data *hapd; 2382 2383 hapd = os_zalloc(sizeof(*hapd)); 2384 if (hapd == NULL) 2385 return NULL; 2386 2387 hapd->new_assoc_sta_cb = hostapd_new_assoc_sta; 2388 hapd->iconf = conf; 2389 hapd->conf = bss; 2390 hapd->iface = hapd_iface; 2391 if (conf) 2392 hapd->driver = conf->driver; 2393 hapd->ctrl_sock = -1; 2394 dl_list_init(&hapd->ctrl_dst); 2395 dl_list_init(&hapd->nr_db); 2396 hapd->dhcp_sock = -1; 2397 #ifdef CONFIG_IEEE80211R_AP 2398 dl_list_init(&hapd->l2_queue); 2399 dl_list_init(&hapd->l2_oui_queue); 2400 #endif /* CONFIG_IEEE80211R_AP */ 2401 #ifdef CONFIG_SAE 2402 dl_list_init(&hapd->sae_commit_queue); 2403 #endif /* CONFIG_SAE */ 2404 2405 return hapd; 2406 } 2407 2408 2409 static void hostapd_bss_deinit(struct hostapd_data *hapd) 2410 { 2411 if (!hapd) 2412 return; 2413 wpa_printf(MSG_DEBUG, "%s: deinit bss %s", __func__, 2414 hapd->conf ? hapd->conf->iface : "N/A"); 2415 hostapd_bss_deinit_no_free(hapd); 2416 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2417 #ifdef CONFIG_SQLITE 2418 if (hapd->rad_attr_db) { 2419 sqlite3_close(hapd->rad_attr_db); 2420 hapd->rad_attr_db = NULL; 2421 } 2422 #endif /* CONFIG_SQLITE */ 2423 hostapd_cleanup(hapd); 2424 } 2425 2426 2427 void hostapd_interface_deinit(struct hostapd_iface *iface) 2428 { 2429 int j; 2430 2431 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 2432 if (iface == NULL) 2433 return; 2434 2435 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 2436 2437 eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); 2438 iface->wait_channel_update = 0; 2439 2440 #ifdef CONFIG_FST 2441 if (iface->fst) { 2442 fst_detach(iface->fst); 2443 iface->fst = NULL; 2444 } 2445 #endif /* CONFIG_FST */ 2446 2447 for (j = (int) iface->num_bss - 1; j >= 0; j--) { 2448 if (!iface->bss) 2449 break; 2450 hostapd_bss_deinit(iface->bss[j]); 2451 } 2452 2453 #ifdef NEED_AP_MLME 2454 hostapd_stop_setup_timers(iface); 2455 eloop_cancel_timeout(ap_ht2040_timeout, iface, NULL); 2456 #endif /* NEED_AP_MLME */ 2457 } 2458 2459 2460 void hostapd_interface_free(struct hostapd_iface *iface) 2461 { 2462 size_t j; 2463 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 2464 for (j = 0; j < iface->num_bss; j++) { 2465 if (!iface->bss) 2466 break; 2467 wpa_printf(MSG_DEBUG, "%s: free hapd %p", 2468 __func__, iface->bss[j]); 2469 os_free(iface->bss[j]); 2470 } 2471 hostapd_cleanup_iface(iface); 2472 } 2473 2474 2475 struct hostapd_iface * hostapd_alloc_iface(void) 2476 { 2477 struct hostapd_iface *hapd_iface; 2478 2479 hapd_iface = os_zalloc(sizeof(*hapd_iface)); 2480 if (!hapd_iface) 2481 return NULL; 2482 2483 dl_list_init(&hapd_iface->sta_seen); 2484 2485 return hapd_iface; 2486 } 2487 2488 2489 /** 2490 * hostapd_init - Allocate and initialize per-interface data 2491 * @config_file: Path to the configuration file 2492 * Returns: Pointer to the allocated interface data or %NULL on failure 2493 * 2494 * This function is used to allocate main data structures for per-interface 2495 * data. The allocated data buffer will be freed by calling 2496 * hostapd_cleanup_iface(). 2497 */ 2498 struct hostapd_iface * hostapd_init(struct hapd_interfaces *interfaces, 2499 const char *config_file) 2500 { 2501 struct hostapd_iface *hapd_iface = NULL; 2502 struct hostapd_config *conf = NULL; 2503 struct hostapd_data *hapd; 2504 size_t i; 2505 2506 hapd_iface = hostapd_alloc_iface(); 2507 if (hapd_iface == NULL) 2508 goto fail; 2509 2510 hapd_iface->config_fname = os_strdup(config_file); 2511 if (hapd_iface->config_fname == NULL) 2512 goto fail; 2513 2514 conf = interfaces->config_read_cb(hapd_iface->config_fname); 2515 if (conf == NULL) 2516 goto fail; 2517 hapd_iface->conf = conf; 2518 2519 hapd_iface->num_bss = conf->num_bss; 2520 hapd_iface->bss = os_calloc(conf->num_bss, 2521 sizeof(struct hostapd_data *)); 2522 if (hapd_iface->bss == NULL) 2523 goto fail; 2524 2525 for (i = 0; i < conf->num_bss; i++) { 2526 hapd = hapd_iface->bss[i] = 2527 hostapd_alloc_bss_data(hapd_iface, conf, 2528 conf->bss[i]); 2529 if (hapd == NULL) 2530 goto fail; 2531 hapd->msg_ctx = hapd; 2532 } 2533 2534 return hapd_iface; 2535 2536 fail: 2537 wpa_printf(MSG_ERROR, "Failed to set up interface with %s", 2538 config_file); 2539 if (conf) 2540 hostapd_config_free(conf); 2541 if (hapd_iface) { 2542 os_free(hapd_iface->config_fname); 2543 os_free(hapd_iface->bss); 2544 wpa_printf(MSG_DEBUG, "%s: free iface %p", 2545 __func__, hapd_iface); 2546 os_free(hapd_iface); 2547 } 2548 return NULL; 2549 } 2550 2551 2552 static int ifname_in_use(struct hapd_interfaces *interfaces, const char *ifname) 2553 { 2554 size_t i, j; 2555 2556 for (i = 0; i < interfaces->count; i++) { 2557 struct hostapd_iface *iface = interfaces->iface[i]; 2558 for (j = 0; j < iface->num_bss; j++) { 2559 struct hostapd_data *hapd = iface->bss[j]; 2560 if (os_strcmp(ifname, hapd->conf->iface) == 0) 2561 return 1; 2562 } 2563 } 2564 2565 return 0; 2566 } 2567 2568 2569 /** 2570 * hostapd_interface_init_bss - Read configuration file and init BSS data 2571 * 2572 * This function is used to parse configuration file for a BSS. This BSS is 2573 * added to an existing interface sharing the same radio (if any) or a new 2574 * interface is created if this is the first interface on a radio. This 2575 * allocate memory for the BSS. No actual driver operations are started. 2576 * 2577 * This is similar to hostapd_interface_init(), but for a case where the 2578 * configuration is used to add a single BSS instead of all BSSes for a radio. 2579 */ 2580 struct hostapd_iface * 2581 hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy, 2582 const char *config_fname, int debug) 2583 { 2584 struct hostapd_iface *new_iface = NULL, *iface = NULL; 2585 struct hostapd_data *hapd; 2586 int k; 2587 size_t i, bss_idx; 2588 2589 if (!phy || !*phy) 2590 return NULL; 2591 2592 for (i = 0; i < interfaces->count; i++) { 2593 if (os_strcmp(interfaces->iface[i]->phy, phy) == 0) { 2594 iface = interfaces->iface[i]; 2595 break; 2596 } 2597 } 2598 2599 wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s", 2600 config_fname, phy, iface ? "" : " --> new PHY"); 2601 if (iface) { 2602 struct hostapd_config *conf; 2603 struct hostapd_bss_config **tmp_conf; 2604 struct hostapd_data **tmp_bss; 2605 struct hostapd_bss_config *bss; 2606 const char *ifname; 2607 2608 /* Add new BSS to existing iface */ 2609 conf = interfaces->config_read_cb(config_fname); 2610 if (conf == NULL) 2611 return NULL; 2612 if (conf->num_bss > 1) { 2613 wpa_printf(MSG_ERROR, "Multiple BSSes specified in BSS-config"); 2614 hostapd_config_free(conf); 2615 return NULL; 2616 } 2617 2618 ifname = conf->bss[0]->iface; 2619 if (ifname[0] != '\0' && ifname_in_use(interfaces, ifname)) { 2620 wpa_printf(MSG_ERROR, 2621 "Interface name %s already in use", ifname); 2622 hostapd_config_free(conf); 2623 return NULL; 2624 } 2625 2626 tmp_conf = os_realloc_array( 2627 iface->conf->bss, iface->conf->num_bss + 1, 2628 sizeof(struct hostapd_bss_config *)); 2629 tmp_bss = os_realloc_array(iface->bss, iface->num_bss + 1, 2630 sizeof(struct hostapd_data *)); 2631 if (tmp_bss) 2632 iface->bss = tmp_bss; 2633 if (tmp_conf) { 2634 iface->conf->bss = tmp_conf; 2635 iface->conf->last_bss = tmp_conf[0]; 2636 } 2637 if (tmp_bss == NULL || tmp_conf == NULL) { 2638 hostapd_config_free(conf); 2639 return NULL; 2640 } 2641 bss = iface->conf->bss[iface->conf->num_bss] = conf->bss[0]; 2642 iface->conf->num_bss++; 2643 2644 hapd = hostapd_alloc_bss_data(iface, iface->conf, bss); 2645 if (hapd == NULL) { 2646 iface->conf->num_bss--; 2647 hostapd_config_free(conf); 2648 return NULL; 2649 } 2650 iface->conf->last_bss = bss; 2651 iface->bss[iface->num_bss] = hapd; 2652 hapd->msg_ctx = hapd; 2653 2654 bss_idx = iface->num_bss++; 2655 conf->num_bss--; 2656 conf->bss[0] = NULL; 2657 hostapd_config_free(conf); 2658 } else { 2659 /* Add a new iface with the first BSS */ 2660 new_iface = iface = hostapd_init(interfaces, config_fname); 2661 if (!iface) 2662 return NULL; 2663 os_strlcpy(iface->phy, phy, sizeof(iface->phy)); 2664 iface->interfaces = interfaces; 2665 bss_idx = 0; 2666 } 2667 2668 for (k = 0; k < debug; k++) { 2669 if (iface->bss[bss_idx]->conf->logger_stdout_level > 0) 2670 iface->bss[bss_idx]->conf->logger_stdout_level--; 2671 } 2672 2673 if (iface->conf->bss[bss_idx]->iface[0] == '\0' && 2674 !hostapd_drv_none(iface->bss[bss_idx])) { 2675 wpa_printf(MSG_ERROR, "Interface name not specified in %s", 2676 config_fname); 2677 if (new_iface) 2678 hostapd_interface_deinit_free(new_iface); 2679 return NULL; 2680 } 2681 2682 return iface; 2683 } 2684 2685 2686 void hostapd_interface_deinit_free(struct hostapd_iface *iface) 2687 { 2688 const struct wpa_driver_ops *driver; 2689 void *drv_priv; 2690 2691 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 2692 if (iface == NULL) 2693 return; 2694 wpa_printf(MSG_DEBUG, "%s: num_bss=%u conf->num_bss=%u", 2695 __func__, (unsigned int) iface->num_bss, 2696 (unsigned int) iface->conf->num_bss); 2697 driver = iface->bss[0]->driver; 2698 drv_priv = iface->bss[0]->drv_priv; 2699 hostapd_interface_deinit(iface); 2700 wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", 2701 __func__, driver, drv_priv); 2702 if (driver && driver->hapd_deinit && drv_priv) { 2703 driver->hapd_deinit(drv_priv); 2704 iface->bss[0]->drv_priv = NULL; 2705 } 2706 hostapd_interface_free(iface); 2707 } 2708 2709 2710 static void hostapd_deinit_driver(const struct wpa_driver_ops *driver, 2711 void *drv_priv, 2712 struct hostapd_iface *hapd_iface) 2713 { 2714 size_t j; 2715 2716 wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", 2717 __func__, driver, drv_priv); 2718 if (driver && driver->hapd_deinit && drv_priv) { 2719 driver->hapd_deinit(drv_priv); 2720 for (j = 0; j < hapd_iface->num_bss; j++) { 2721 wpa_printf(MSG_DEBUG, "%s:bss[%d]->drv_priv=%p", 2722 __func__, (int) j, 2723 hapd_iface->bss[j]->drv_priv); 2724 if (hapd_iface->bss[j]->drv_priv == drv_priv) { 2725 hapd_iface->bss[j]->drv_priv = NULL; 2726 hapd_iface->extended_capa = NULL; 2727 hapd_iface->extended_capa_mask = NULL; 2728 hapd_iface->extended_capa_len = 0; 2729 } 2730 } 2731 } 2732 } 2733 2734 2735 int hostapd_enable_iface(struct hostapd_iface *hapd_iface) 2736 { 2737 size_t j; 2738 2739 if (!hapd_iface) 2740 return -1; 2741 2742 if (hapd_iface->enable_iface_cb) 2743 return hapd_iface->enable_iface_cb(hapd_iface); 2744 2745 if (hapd_iface->bss[0]->drv_priv != NULL) { 2746 wpa_printf(MSG_ERROR, "Interface %s already enabled", 2747 hapd_iface->conf->bss[0]->iface); 2748 return -1; 2749 } 2750 2751 wpa_printf(MSG_DEBUG, "Enable interface %s", 2752 hapd_iface->conf->bss[0]->iface); 2753 2754 for (j = 0; j < hapd_iface->num_bss; j++) 2755 hostapd_set_security_params(hapd_iface->conf->bss[j], 1); 2756 if (hostapd_config_check(hapd_iface->conf, 1) < 0) { 2757 wpa_printf(MSG_INFO, "Invalid configuration - cannot enable"); 2758 return -1; 2759 } 2760 2761 if (hapd_iface->interfaces == NULL || 2762 hapd_iface->interfaces->driver_init == NULL || 2763 hapd_iface->interfaces->driver_init(hapd_iface)) 2764 return -1; 2765 2766 if (hostapd_setup_interface(hapd_iface)) { 2767 hostapd_deinit_driver(hapd_iface->bss[0]->driver, 2768 hapd_iface->bss[0]->drv_priv, 2769 hapd_iface); 2770 return -1; 2771 } 2772 2773 return 0; 2774 } 2775 2776 2777 int hostapd_reload_iface(struct hostapd_iface *hapd_iface) 2778 { 2779 size_t j; 2780 2781 wpa_printf(MSG_DEBUG, "Reload interface %s", 2782 hapd_iface->conf->bss[0]->iface); 2783 for (j = 0; j < hapd_iface->num_bss; j++) 2784 hostapd_set_security_params(hapd_iface->conf->bss[j], 1); 2785 if (hostapd_config_check(hapd_iface->conf, 1) < 0) { 2786 wpa_printf(MSG_ERROR, "Updated configuration is invalid"); 2787 return -1; 2788 } 2789 hostapd_clear_old(hapd_iface); 2790 for (j = 0; j < hapd_iface->num_bss; j++) 2791 hostapd_reload_bss(hapd_iface->bss[j]); 2792 2793 return 0; 2794 } 2795 2796 2797 int hostapd_disable_iface(struct hostapd_iface *hapd_iface) 2798 { 2799 size_t j; 2800 const struct wpa_driver_ops *driver; 2801 void *drv_priv; 2802 2803 if (hapd_iface == NULL) 2804 return -1; 2805 2806 if (hapd_iface->disable_iface_cb) 2807 return hapd_iface->disable_iface_cb(hapd_iface); 2808 2809 if (hapd_iface->bss[0]->drv_priv == NULL) { 2810 wpa_printf(MSG_INFO, "Interface %s already disabled", 2811 hapd_iface->conf->bss[0]->iface); 2812 return -1; 2813 } 2814 2815 wpa_msg(hapd_iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2816 driver = hapd_iface->bss[0]->driver; 2817 drv_priv = hapd_iface->bss[0]->drv_priv; 2818 2819 hapd_iface->driver_ap_teardown = 2820 !!(hapd_iface->drv_flags & 2821 WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 2822 2823 #ifdef NEED_AP_MLME 2824 for (j = 0; j < hapd_iface->num_bss; j++) 2825 hostapd_cleanup_cs_params(hapd_iface->bss[j]); 2826 #endif /* NEED_AP_MLME */ 2827 2828 /* same as hostapd_interface_deinit without deinitializing ctrl-iface */ 2829 for (j = 0; j < hapd_iface->num_bss; j++) { 2830 struct hostapd_data *hapd = hapd_iface->bss[j]; 2831 hostapd_bss_deinit_no_free(hapd); 2832 hostapd_free_hapd_data(hapd); 2833 } 2834 2835 hostapd_deinit_driver(driver, drv_priv, hapd_iface); 2836 2837 /* From hostapd_cleanup_iface: These were initialized in 2838 * hostapd_setup_interface and hostapd_setup_interface_complete 2839 */ 2840 hostapd_cleanup_iface_partial(hapd_iface); 2841 2842 wpa_printf(MSG_DEBUG, "Interface %s disabled", 2843 hapd_iface->bss[0]->conf->iface); 2844 hostapd_set_state(hapd_iface, HAPD_IFACE_DISABLED); 2845 return 0; 2846 } 2847 2848 2849 static struct hostapd_iface * 2850 hostapd_iface_alloc(struct hapd_interfaces *interfaces) 2851 { 2852 struct hostapd_iface **iface, *hapd_iface; 2853 2854 iface = os_realloc_array(interfaces->iface, interfaces->count + 1, 2855 sizeof(struct hostapd_iface *)); 2856 if (iface == NULL) 2857 return NULL; 2858 interfaces->iface = iface; 2859 hapd_iface = interfaces->iface[interfaces->count] = 2860 hostapd_alloc_iface(); 2861 if (hapd_iface == NULL) { 2862 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for " 2863 "the interface", __func__); 2864 return NULL; 2865 } 2866 interfaces->count++; 2867 hapd_iface->interfaces = interfaces; 2868 2869 return hapd_iface; 2870 } 2871 2872 2873 static struct hostapd_config * 2874 hostapd_config_alloc(struct hapd_interfaces *interfaces, const char *ifname, 2875 const char *ctrl_iface, const char *driver) 2876 { 2877 struct hostapd_bss_config *bss; 2878 struct hostapd_config *conf; 2879 2880 /* Allocates memory for bss and conf */ 2881 conf = hostapd_config_defaults(); 2882 if (conf == NULL) { 2883 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for " 2884 "configuration", __func__); 2885 return NULL; 2886 } 2887 2888 if (driver) { 2889 int j; 2890 2891 for (j = 0; wpa_drivers[j]; j++) { 2892 if (os_strcmp(driver, wpa_drivers[j]->name) == 0) { 2893 conf->driver = wpa_drivers[j]; 2894 goto skip; 2895 } 2896 } 2897 2898 wpa_printf(MSG_ERROR, 2899 "Invalid/unknown driver '%s' - registering the default driver", 2900 driver); 2901 } 2902 2903 conf->driver = wpa_drivers[0]; 2904 if (conf->driver == NULL) { 2905 wpa_printf(MSG_ERROR, "No driver wrappers registered!"); 2906 hostapd_config_free(conf); 2907 return NULL; 2908 } 2909 2910 skip: 2911 bss = conf->last_bss = conf->bss[0]; 2912 2913 os_strlcpy(bss->iface, ifname, sizeof(bss->iface)); 2914 bss->ctrl_interface = os_strdup(ctrl_iface); 2915 if (bss->ctrl_interface == NULL) { 2916 hostapd_config_free(conf); 2917 return NULL; 2918 } 2919 2920 /* Reading configuration file skipped, will be done in SET! 2921 * From reading the configuration till the end has to be done in 2922 * SET 2923 */ 2924 return conf; 2925 } 2926 2927 2928 static int hostapd_data_alloc(struct hostapd_iface *hapd_iface, 2929 struct hostapd_config *conf) 2930 { 2931 size_t i; 2932 struct hostapd_data *hapd; 2933 2934 hapd_iface->bss = os_calloc(conf->num_bss, 2935 sizeof(struct hostapd_data *)); 2936 if (hapd_iface->bss == NULL) 2937 return -1; 2938 2939 for (i = 0; i < conf->num_bss; i++) { 2940 hapd = hapd_iface->bss[i] = 2941 hostapd_alloc_bss_data(hapd_iface, conf, conf->bss[i]); 2942 if (hapd == NULL) { 2943 while (i > 0) { 2944 i--; 2945 os_free(hapd_iface->bss[i]); 2946 hapd_iface->bss[i] = NULL; 2947 } 2948 os_free(hapd_iface->bss); 2949 hapd_iface->bss = NULL; 2950 return -1; 2951 } 2952 hapd->msg_ctx = hapd; 2953 } 2954 2955 hapd_iface->conf = conf; 2956 hapd_iface->num_bss = conf->num_bss; 2957 2958 return 0; 2959 } 2960 2961 2962 int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf) 2963 { 2964 struct hostapd_config *conf = NULL; 2965 struct hostapd_iface *hapd_iface = NULL, *new_iface = NULL; 2966 struct hostapd_data *hapd; 2967 char *ptr; 2968 size_t i, j; 2969 const char *conf_file = NULL, *phy_name = NULL; 2970 2971 if (os_strncmp(buf, "bss_config=", 11) == 0) { 2972 char *pos; 2973 phy_name = buf + 11; 2974 pos = os_strchr(phy_name, ':'); 2975 if (!pos) 2976 return -1; 2977 *pos++ = '\0'; 2978 conf_file = pos; 2979 if (!os_strlen(conf_file)) 2980 return -1; 2981 2982 hapd_iface = hostapd_interface_init_bss(interfaces, phy_name, 2983 conf_file, 0); 2984 if (!hapd_iface) 2985 return -1; 2986 for (j = 0; j < interfaces->count; j++) { 2987 if (interfaces->iface[j] == hapd_iface) 2988 break; 2989 } 2990 if (j == interfaces->count) { 2991 struct hostapd_iface **tmp; 2992 tmp = os_realloc_array(interfaces->iface, 2993 interfaces->count + 1, 2994 sizeof(struct hostapd_iface *)); 2995 if (!tmp) { 2996 hostapd_interface_deinit_free(hapd_iface); 2997 return -1; 2998 } 2999 interfaces->iface = tmp; 3000 interfaces->iface[interfaces->count++] = hapd_iface; 3001 new_iface = hapd_iface; 3002 } 3003 3004 if (new_iface) { 3005 if (interfaces->driver_init(hapd_iface)) 3006 goto fail; 3007 3008 if (hostapd_setup_interface(hapd_iface)) { 3009 hostapd_deinit_driver( 3010 hapd_iface->bss[0]->driver, 3011 hapd_iface->bss[0]->drv_priv, 3012 hapd_iface); 3013 goto fail; 3014 } 3015 } else { 3016 /* Assign new BSS with bss[0]'s driver info */ 3017 hapd = hapd_iface->bss[hapd_iface->num_bss - 1]; 3018 hapd->driver = hapd_iface->bss[0]->driver; 3019 hapd->drv_priv = hapd_iface->bss[0]->drv_priv; 3020 os_memcpy(hapd->own_addr, hapd_iface->bss[0]->own_addr, 3021 ETH_ALEN); 3022 3023 if (start_ctrl_iface_bss(hapd) < 0 || 3024 (hapd_iface->state == HAPD_IFACE_ENABLED && 3025 hostapd_setup_bss(hapd, -1))) { 3026 hostapd_cleanup(hapd); 3027 hapd_iface->bss[hapd_iface->num_bss - 1] = NULL; 3028 hapd_iface->conf->num_bss--; 3029 hapd_iface->num_bss--; 3030 wpa_printf(MSG_DEBUG, "%s: free hapd %p %s", 3031 __func__, hapd, hapd->conf->iface); 3032 hostapd_config_free_bss(hapd->conf); 3033 hapd->conf = NULL; 3034 os_free(hapd); 3035 return -1; 3036 } 3037 } 3038 hostapd_owe_update_trans(hapd_iface); 3039 return 0; 3040 } 3041 3042 ptr = os_strchr(buf, ' '); 3043 if (ptr == NULL) 3044 return -1; 3045 *ptr++ = '\0'; 3046 3047 if (os_strncmp(ptr, "config=", 7) == 0) 3048 conf_file = ptr + 7; 3049 3050 for (i = 0; i < interfaces->count; i++) { 3051 if (!os_strcmp(interfaces->iface[i]->conf->bss[0]->iface, 3052 buf)) { 3053 wpa_printf(MSG_INFO, "Cannot add interface - it " 3054 "already exists"); 3055 return -1; 3056 } 3057 } 3058 3059 hapd_iface = hostapd_iface_alloc(interfaces); 3060 if (hapd_iface == NULL) { 3061 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory " 3062 "for interface", __func__); 3063 goto fail; 3064 } 3065 new_iface = hapd_iface; 3066 3067 if (conf_file && interfaces->config_read_cb) { 3068 conf = interfaces->config_read_cb(conf_file); 3069 if (conf && conf->bss) 3070 os_strlcpy(conf->bss[0]->iface, buf, 3071 sizeof(conf->bss[0]->iface)); 3072 } else { 3073 char *driver = os_strchr(ptr, ' '); 3074 3075 if (driver) 3076 *driver++ = '\0'; 3077 conf = hostapd_config_alloc(interfaces, buf, ptr, driver); 3078 } 3079 3080 if (conf == NULL || conf->bss == NULL) { 3081 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory " 3082 "for configuration", __func__); 3083 goto fail; 3084 } 3085 3086 if (hostapd_data_alloc(hapd_iface, conf) < 0) { 3087 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory " 3088 "for hostapd", __func__); 3089 goto fail; 3090 } 3091 conf = NULL; 3092 3093 if (start_ctrl_iface(hapd_iface) < 0) 3094 goto fail; 3095 3096 wpa_printf(MSG_INFO, "Add interface '%s'", 3097 hapd_iface->conf->bss[0]->iface); 3098 3099 return 0; 3100 3101 fail: 3102 if (conf) 3103 hostapd_config_free(conf); 3104 if (hapd_iface) { 3105 if (hapd_iface->bss) { 3106 for (i = 0; i < hapd_iface->num_bss; i++) { 3107 hapd = hapd_iface->bss[i]; 3108 if (!hapd) 3109 continue; 3110 if (hapd_iface->interfaces && 3111 hapd_iface->interfaces->ctrl_iface_deinit) 3112 hapd_iface->interfaces-> 3113 ctrl_iface_deinit(hapd); 3114 wpa_printf(MSG_DEBUG, "%s: free hapd %p (%s)", 3115 __func__, hapd_iface->bss[i], 3116 hapd->conf->iface); 3117 hostapd_cleanup(hapd); 3118 os_free(hapd); 3119 hapd_iface->bss[i] = NULL; 3120 } 3121 os_free(hapd_iface->bss); 3122 hapd_iface->bss = NULL; 3123 } 3124 if (new_iface) { 3125 interfaces->count--; 3126 interfaces->iface[interfaces->count] = NULL; 3127 } 3128 hostapd_cleanup_iface(hapd_iface); 3129 } 3130 return -1; 3131 } 3132 3133 3134 static int hostapd_remove_bss(struct hostapd_iface *iface, unsigned int idx) 3135 { 3136 size_t i; 3137 3138 wpa_printf(MSG_INFO, "Remove BSS '%s'", iface->conf->bss[idx]->iface); 3139 3140 /* Remove hostapd_data only if it has already been initialized */ 3141 if (idx < iface->num_bss) { 3142 struct hostapd_data *hapd = iface->bss[idx]; 3143 3144 hostapd_bss_deinit(hapd); 3145 wpa_printf(MSG_DEBUG, "%s: free hapd %p (%s)", 3146 __func__, hapd, hapd->conf->iface); 3147 hostapd_config_free_bss(hapd->conf); 3148 hapd->conf = NULL; 3149 os_free(hapd); 3150 3151 iface->num_bss--; 3152 3153 for (i = idx; i < iface->num_bss; i++) 3154 iface->bss[i] = iface->bss[i + 1]; 3155 } else { 3156 hostapd_config_free_bss(iface->conf->bss[idx]); 3157 iface->conf->bss[idx] = NULL; 3158 } 3159 3160 iface->conf->num_bss--; 3161 for (i = idx; i < iface->conf->num_bss; i++) 3162 iface->conf->bss[i] = iface->conf->bss[i + 1]; 3163 3164 return 0; 3165 } 3166 3167 3168 int hostapd_remove_iface(struct hapd_interfaces *interfaces, char *buf) 3169 { 3170 struct hostapd_iface *hapd_iface; 3171 size_t i, j, k = 0; 3172 3173 for (i = 0; i < interfaces->count; i++) { 3174 hapd_iface = interfaces->iface[i]; 3175 if (hapd_iface == NULL) 3176 return -1; 3177 if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) { 3178 wpa_printf(MSG_INFO, "Remove interface '%s'", buf); 3179 hapd_iface->driver_ap_teardown = 3180 !!(hapd_iface->drv_flags & 3181 WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 3182 3183 hostapd_interface_deinit_free(hapd_iface); 3184 k = i; 3185 while (k < (interfaces->count - 1)) { 3186 interfaces->iface[k] = 3187 interfaces->iface[k + 1]; 3188 k++; 3189 } 3190 interfaces->count--; 3191 return 0; 3192 } 3193 3194 for (j = 0; j < hapd_iface->conf->num_bss; j++) { 3195 if (!os_strcmp(hapd_iface->conf->bss[j]->iface, buf)) { 3196 hapd_iface->driver_ap_teardown = 3197 !(hapd_iface->drv_flags & 3198 WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 3199 return hostapd_remove_bss(hapd_iface, j); 3200 } 3201 } 3202 } 3203 return -1; 3204 } 3205 3206 3207 /** 3208 * hostapd_new_assoc_sta - Notify that a new station associated with the AP 3209 * @hapd: Pointer to BSS data 3210 * @sta: Pointer to the associated STA data 3211 * @reassoc: 1 to indicate this was a re-association; 0 = first association 3212 * 3213 * This function will be called whenever a station associates with the AP. It 3214 * can be called from ieee802_11.c for drivers that export MLME to hostapd and 3215 * from drv_callbacks.c based on driver events for drivers that take care of 3216 * management frames (IEEE 802.11 authentication and association) internally. 3217 */ 3218 void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, 3219 int reassoc) 3220 { 3221 if (hapd->tkip_countermeasures) { 3222 hostapd_drv_sta_deauth(hapd, sta->addr, 3223 WLAN_REASON_MICHAEL_MIC_FAILURE); 3224 return; 3225 } 3226 3227 hostapd_prune_associations(hapd, sta->addr); 3228 ap_sta_clear_disconnect_timeouts(hapd, sta); 3229 sta->post_csa_sa_query = 0; 3230 3231 #ifdef CONFIG_P2P 3232 if (sta->p2p_ie == NULL && !sta->no_p2p_set) { 3233 sta->no_p2p_set = 1; 3234 hapd->num_sta_no_p2p++; 3235 if (hapd->num_sta_no_p2p == 1) 3236 hostapd_p2p_non_p2p_sta_connected(hapd); 3237 } 3238 #endif /* CONFIG_P2P */ 3239 3240 airtime_policy_new_sta(hapd, sta); 3241 3242 /* Start accounting here, if IEEE 802.1X and WPA are not used. 3243 * IEEE 802.1X/WPA code will start accounting after the station has 3244 * been authorized. */ 3245 if (!hapd->conf->ieee802_1x && !hapd->conf->wpa && !hapd->conf->osen) { 3246 ap_sta_set_authorized(hapd, sta, 1); 3247 os_get_reltime(&sta->connected_time); 3248 accounting_sta_start(hapd, sta); 3249 } 3250 3251 /* Start IEEE 802.1X authentication process for new stations */ 3252 ieee802_1x_new_station(hapd, sta); 3253 if (reassoc) { 3254 if (sta->auth_alg != WLAN_AUTH_FT && 3255 sta->auth_alg != WLAN_AUTH_FILS_SK && 3256 sta->auth_alg != WLAN_AUTH_FILS_SK_PFS && 3257 sta->auth_alg != WLAN_AUTH_FILS_PK && 3258 !(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) 3259 wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH); 3260 } else 3261 wpa_auth_sta_associated(hapd->wpa_auth, sta->wpa_sm); 3262 3263 if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED) { 3264 if (eloop_cancel_timeout(ap_handle_timer, hapd, sta) > 0) { 3265 wpa_printf(MSG_DEBUG, 3266 "%s: %s: canceled wired ap_handle_timer timeout for " 3267 MACSTR, 3268 hapd->conf->iface, __func__, 3269 MAC2STR(sta->addr)); 3270 } 3271 } else if (!(hapd->iface->drv_flags & 3272 WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 3273 wpa_printf(MSG_DEBUG, 3274 "%s: %s: reschedule ap_handle_timer timeout for " 3275 MACSTR " (%d seconds - ap_max_inactivity)", 3276 hapd->conf->iface, __func__, MAC2STR(sta->addr), 3277 hapd->conf->ap_max_inactivity); 3278 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 3279 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 3280 ap_handle_timer, hapd, sta); 3281 } 3282 3283 #ifdef CONFIG_MACSEC 3284 if (hapd->conf->wpa_key_mgmt == WPA_KEY_MGMT_NONE && 3285 hapd->conf->mka_psk_set) 3286 ieee802_1x_create_preshared_mka_hapd(hapd, sta); 3287 else 3288 ieee802_1x_alloc_kay_sm_hapd(hapd, sta); 3289 #endif /* CONFIG_MACSEC */ 3290 } 3291 3292 3293 const char * hostapd_state_text(enum hostapd_iface_state s) 3294 { 3295 switch (s) { 3296 case HAPD_IFACE_UNINITIALIZED: 3297 return "UNINITIALIZED"; 3298 case HAPD_IFACE_DISABLED: 3299 return "DISABLED"; 3300 case HAPD_IFACE_COUNTRY_UPDATE: 3301 return "COUNTRY_UPDATE"; 3302 case HAPD_IFACE_ACS: 3303 return "ACS"; 3304 case HAPD_IFACE_HT_SCAN: 3305 return "HT_SCAN"; 3306 case HAPD_IFACE_DFS: 3307 return "DFS"; 3308 case HAPD_IFACE_ENABLED: 3309 return "ENABLED"; 3310 } 3311 3312 return "UNKNOWN"; 3313 } 3314 3315 3316 void hostapd_set_state(struct hostapd_iface *iface, enum hostapd_iface_state s) 3317 { 3318 wpa_printf(MSG_INFO, "%s: interface state %s->%s", 3319 iface->conf ? iface->conf->bss[0]->iface : "N/A", 3320 hostapd_state_text(iface->state), hostapd_state_text(s)); 3321 iface->state = s; 3322 } 3323 3324 3325 int hostapd_csa_in_progress(struct hostapd_iface *iface) 3326 { 3327 unsigned int i; 3328 3329 for (i = 0; i < iface->num_bss; i++) 3330 if (iface->bss[i]->csa_in_progress) 3331 return 1; 3332 return 0; 3333 } 3334 3335 3336 #ifdef NEED_AP_MLME 3337 3338 static void free_beacon_data(struct beacon_data *beacon) 3339 { 3340 os_free(beacon->head); 3341 beacon->head = NULL; 3342 os_free(beacon->tail); 3343 beacon->tail = NULL; 3344 os_free(beacon->probe_resp); 3345 beacon->probe_resp = NULL; 3346 os_free(beacon->beacon_ies); 3347 beacon->beacon_ies = NULL; 3348 os_free(beacon->proberesp_ies); 3349 beacon->proberesp_ies = NULL; 3350 os_free(beacon->assocresp_ies); 3351 beacon->assocresp_ies = NULL; 3352 } 3353 3354 3355 static int hostapd_build_beacon_data(struct hostapd_data *hapd, 3356 struct beacon_data *beacon) 3357 { 3358 struct wpabuf *beacon_extra, *proberesp_extra, *assocresp_extra; 3359 struct wpa_driver_ap_params params; 3360 int ret; 3361 3362 os_memset(beacon, 0, sizeof(*beacon)); 3363 ret = ieee802_11_build_ap_params(hapd, ¶ms); 3364 if (ret < 0) 3365 return ret; 3366 3367 ret = hostapd_build_ap_extra_ies(hapd, &beacon_extra, 3368 &proberesp_extra, 3369 &assocresp_extra); 3370 if (ret) 3371 goto free_ap_params; 3372 3373 ret = -1; 3374 beacon->head = os_memdup(params.head, params.head_len); 3375 if (!beacon->head) 3376 goto free_ap_extra_ies; 3377 3378 beacon->head_len = params.head_len; 3379 3380 beacon->tail = os_memdup(params.tail, params.tail_len); 3381 if (!beacon->tail) 3382 goto free_beacon; 3383 3384 beacon->tail_len = params.tail_len; 3385 3386 if (params.proberesp != NULL) { 3387 beacon->probe_resp = os_memdup(params.proberesp, 3388 params.proberesp_len); 3389 if (!beacon->probe_resp) 3390 goto free_beacon; 3391 3392 beacon->probe_resp_len = params.proberesp_len; 3393 } 3394 3395 /* copy the extra ies */ 3396 if (beacon_extra) { 3397 beacon->beacon_ies = os_memdup(beacon_extra->buf, 3398 wpabuf_len(beacon_extra)); 3399 if (!beacon->beacon_ies) 3400 goto free_beacon; 3401 3402 beacon->beacon_ies_len = wpabuf_len(beacon_extra); 3403 } 3404 3405 if (proberesp_extra) { 3406 beacon->proberesp_ies = os_memdup(proberesp_extra->buf, 3407 wpabuf_len(proberesp_extra)); 3408 if (!beacon->proberesp_ies) 3409 goto free_beacon; 3410 3411 beacon->proberesp_ies_len = wpabuf_len(proberesp_extra); 3412 } 3413 3414 if (assocresp_extra) { 3415 beacon->assocresp_ies = os_memdup(assocresp_extra->buf, 3416 wpabuf_len(assocresp_extra)); 3417 if (!beacon->assocresp_ies) 3418 goto free_beacon; 3419 3420 beacon->assocresp_ies_len = wpabuf_len(assocresp_extra); 3421 } 3422 3423 ret = 0; 3424 free_beacon: 3425 /* if the function fails, the caller should not free beacon data */ 3426 if (ret) 3427 free_beacon_data(beacon); 3428 3429 free_ap_extra_ies: 3430 hostapd_free_ap_extra_ies(hapd, beacon_extra, proberesp_extra, 3431 assocresp_extra); 3432 free_ap_params: 3433 ieee802_11_free_ap_params(¶ms); 3434 return ret; 3435 } 3436 3437 3438 /* 3439 * TODO: This flow currently supports only changing channel and width within 3440 * the same hw_mode. Any other changes to MAC parameters or provided settings 3441 * are not supported. 3442 */ 3443 static int hostapd_change_config_freq(struct hostapd_data *hapd, 3444 struct hostapd_config *conf, 3445 struct hostapd_freq_params *params, 3446 struct hostapd_freq_params *old_params) 3447 { 3448 int channel; 3449 u8 seg0, seg1; 3450 struct hostapd_hw_modes *mode; 3451 3452 if (!params->channel) { 3453 /* check if the new channel is supported by hw */ 3454 params->channel = hostapd_hw_get_channel(hapd, params->freq); 3455 } 3456 3457 channel = params->channel; 3458 if (!channel) 3459 return -1; 3460 3461 mode = hapd->iface->current_mode; 3462 3463 /* if a pointer to old_params is provided we save previous state */ 3464 if (old_params && 3465 hostapd_set_freq_params(old_params, conf->hw_mode, 3466 hostapd_hw_get_freq(hapd, conf->channel), 3467 conf->channel, conf->enable_edmg, 3468 conf->edmg_channel, conf->ieee80211n, 3469 conf->ieee80211ac, conf->ieee80211ax, 3470 conf->secondary_channel, 3471 hostapd_get_oper_chwidth(conf), 3472 hostapd_get_oper_centr_freq_seg0_idx(conf), 3473 hostapd_get_oper_centr_freq_seg1_idx(conf), 3474 conf->vht_capab, 3475 mode ? &mode->he_capab[IEEE80211_MODE_AP] : 3476 NULL)) 3477 return -1; 3478 3479 switch (params->bandwidth) { 3480 case 0: 3481 case 20: 3482 conf->ht_capab &= ~HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 3483 break; 3484 case 40: 3485 case 80: 3486 case 160: 3487 conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 3488 break; 3489 default: 3490 return -1; 3491 } 3492 3493 switch (params->bandwidth) { 3494 case 0: 3495 case 20: 3496 case 40: 3497 hostapd_set_oper_chwidth(conf, CHANWIDTH_USE_HT); 3498 break; 3499 case 80: 3500 if (params->center_freq2) 3501 hostapd_set_oper_chwidth(conf, CHANWIDTH_80P80MHZ); 3502 else 3503 hostapd_set_oper_chwidth(conf, CHANWIDTH_80MHZ); 3504 break; 3505 case 160: 3506 hostapd_set_oper_chwidth(conf, CHANWIDTH_160MHZ); 3507 break; 3508 default: 3509 return -1; 3510 } 3511 3512 conf->channel = channel; 3513 conf->ieee80211n = params->ht_enabled; 3514 conf->ieee80211ac = params->vht_enabled; 3515 conf->secondary_channel = params->sec_channel_offset; 3516 ieee80211_freq_to_chan(params->center_freq1, 3517 &seg0); 3518 ieee80211_freq_to_chan(params->center_freq2, 3519 &seg1); 3520 hostapd_set_oper_centr_freq_seg0_idx(conf, seg0); 3521 hostapd_set_oper_centr_freq_seg1_idx(conf, seg1); 3522 3523 /* TODO: maybe call here hostapd_config_check here? */ 3524 3525 return 0; 3526 } 3527 3528 3529 static int hostapd_fill_csa_settings(struct hostapd_data *hapd, 3530 struct csa_settings *settings) 3531 { 3532 struct hostapd_iface *iface = hapd->iface; 3533 struct hostapd_freq_params old_freq; 3534 int ret; 3535 u8 chan, bandwidth; 3536 3537 os_memset(&old_freq, 0, sizeof(old_freq)); 3538 if (!iface || !iface->freq || hapd->csa_in_progress) 3539 return -1; 3540 3541 switch (settings->freq_params.bandwidth) { 3542 case 80: 3543 if (settings->freq_params.center_freq2) 3544 bandwidth = CHANWIDTH_80P80MHZ; 3545 else 3546 bandwidth = CHANWIDTH_80MHZ; 3547 break; 3548 case 160: 3549 bandwidth = CHANWIDTH_160MHZ; 3550 break; 3551 default: 3552 bandwidth = CHANWIDTH_USE_HT; 3553 break; 3554 } 3555 3556 if (ieee80211_freq_to_channel_ext( 3557 settings->freq_params.freq, 3558 settings->freq_params.sec_channel_offset, 3559 bandwidth, 3560 &hapd->iface->cs_oper_class, 3561 &chan) == NUM_HOSTAPD_MODES) { 3562 wpa_printf(MSG_DEBUG, 3563 "invalid frequency for channel switch (freq=%d, sec_channel_offset=%d, vht_enabled=%d, he_enabled=%d)", 3564 settings->freq_params.freq, 3565 settings->freq_params.sec_channel_offset, 3566 settings->freq_params.vht_enabled, 3567 settings->freq_params.he_enabled); 3568 return -1; 3569 } 3570 3571 settings->freq_params.channel = chan; 3572 3573 ret = hostapd_change_config_freq(iface->bss[0], iface->conf, 3574 &settings->freq_params, 3575 &old_freq); 3576 if (ret) 3577 return ret; 3578 3579 ret = hostapd_build_beacon_data(hapd, &settings->beacon_after); 3580 3581 /* change back the configuration */ 3582 hostapd_change_config_freq(iface->bss[0], iface->conf, 3583 &old_freq, NULL); 3584 3585 if (ret) 3586 return ret; 3587 3588 /* set channel switch parameters for csa ie */ 3589 hapd->cs_freq_params = settings->freq_params; 3590 hapd->cs_count = settings->cs_count; 3591 hapd->cs_block_tx = settings->block_tx; 3592 3593 ret = hostapd_build_beacon_data(hapd, &settings->beacon_csa); 3594 if (ret) { 3595 free_beacon_data(&settings->beacon_after); 3596 return ret; 3597 } 3598 3599 settings->counter_offset_beacon[0] = hapd->cs_c_off_beacon; 3600 settings->counter_offset_presp[0] = hapd->cs_c_off_proberesp; 3601 settings->counter_offset_beacon[1] = hapd->cs_c_off_ecsa_beacon; 3602 settings->counter_offset_presp[1] = hapd->cs_c_off_ecsa_proberesp; 3603 3604 return 0; 3605 } 3606 3607 3608 void hostapd_cleanup_cs_params(struct hostapd_data *hapd) 3609 { 3610 os_memset(&hapd->cs_freq_params, 0, sizeof(hapd->cs_freq_params)); 3611 hapd->cs_count = 0; 3612 hapd->cs_block_tx = 0; 3613 hapd->cs_c_off_beacon = 0; 3614 hapd->cs_c_off_proberesp = 0; 3615 hapd->csa_in_progress = 0; 3616 hapd->cs_c_off_ecsa_beacon = 0; 3617 hapd->cs_c_off_ecsa_proberesp = 0; 3618 } 3619 3620 3621 void hostapd_chan_switch_config(struct hostapd_data *hapd, 3622 struct hostapd_freq_params *freq_params) 3623 { 3624 if (freq_params->he_enabled) 3625 hapd->iconf->ch_switch_he_config |= CH_SWITCH_HE_ENABLED; 3626 else 3627 hapd->iconf->ch_switch_he_config |= CH_SWITCH_HE_DISABLED; 3628 3629 if (freq_params->vht_enabled) 3630 hapd->iconf->ch_switch_vht_config |= CH_SWITCH_VHT_ENABLED; 3631 else 3632 hapd->iconf->ch_switch_vht_config |= CH_SWITCH_VHT_DISABLED; 3633 3634 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 3635 HOSTAPD_LEVEL_INFO, 3636 "CHAN_SWITCH HE config 0x%x VHT config 0x%x", 3637 hapd->iconf->ch_switch_he_config, 3638 hapd->iconf->ch_switch_vht_config); 3639 } 3640 3641 3642 int hostapd_switch_channel(struct hostapd_data *hapd, 3643 struct csa_settings *settings) 3644 { 3645 int ret; 3646 3647 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_CSA)) { 3648 wpa_printf(MSG_INFO, "CSA is not supported"); 3649 return -1; 3650 } 3651 3652 ret = hostapd_fill_csa_settings(hapd, settings); 3653 if (ret) 3654 return ret; 3655 3656 ret = hostapd_drv_switch_channel(hapd, settings); 3657 free_beacon_data(&settings->beacon_csa); 3658 free_beacon_data(&settings->beacon_after); 3659 3660 if (ret) { 3661 /* if we failed, clean cs parameters */ 3662 hostapd_cleanup_cs_params(hapd); 3663 return ret; 3664 } 3665 3666 hapd->csa_in_progress = 1; 3667 return 0; 3668 } 3669 3670 3671 void 3672 hostapd_switch_channel_fallback(struct hostapd_iface *iface, 3673 const struct hostapd_freq_params *freq_params) 3674 { 3675 int seg0_idx = 0, seg1_idx = 0, bw = CHANWIDTH_USE_HT; 3676 3677 wpa_printf(MSG_DEBUG, "Restarting all CSA-related BSSes"); 3678 3679 if (freq_params->center_freq1) 3680 seg0_idx = 36 + (freq_params->center_freq1 - 5180) / 5; 3681 if (freq_params->center_freq2) 3682 seg1_idx = 36 + (freq_params->center_freq2 - 5180) / 5; 3683 3684 switch (freq_params->bandwidth) { 3685 case 0: 3686 case 20: 3687 case 40: 3688 bw = CHANWIDTH_USE_HT; 3689 break; 3690 case 80: 3691 if (freq_params->center_freq2) 3692 bw = CHANWIDTH_80P80MHZ; 3693 else 3694 bw = CHANWIDTH_80MHZ; 3695 break; 3696 case 160: 3697 bw = CHANWIDTH_160MHZ; 3698 break; 3699 default: 3700 wpa_printf(MSG_WARNING, "Unknown CSA bandwidth: %d", 3701 freq_params->bandwidth); 3702 break; 3703 } 3704 3705 iface->freq = freq_params->freq; 3706 iface->conf->channel = freq_params->channel; 3707 iface->conf->secondary_channel = freq_params->sec_channel_offset; 3708 hostapd_set_oper_centr_freq_seg0_idx(iface->conf, seg0_idx); 3709 hostapd_set_oper_centr_freq_seg1_idx(iface->conf, seg1_idx); 3710 hostapd_set_oper_chwidth(iface->conf, bw); 3711 iface->conf->ieee80211n = freq_params->ht_enabled; 3712 iface->conf->ieee80211ac = freq_params->vht_enabled; 3713 iface->conf->ieee80211ax = freq_params->he_enabled; 3714 3715 /* 3716 * cs_params must not be cleared earlier because the freq_params 3717 * argument may actually point to one of these. 3718 * These params will be cleared during interface disable below. 3719 */ 3720 hostapd_disable_iface(iface); 3721 hostapd_enable_iface(iface); 3722 } 3723 3724 #endif /* NEED_AP_MLME */ 3725 3726 3727 struct hostapd_data * hostapd_get_iface(struct hapd_interfaces *interfaces, 3728 const char *ifname) 3729 { 3730 size_t i, j; 3731 3732 for (i = 0; i < interfaces->count; i++) { 3733 struct hostapd_iface *iface = interfaces->iface[i]; 3734 3735 for (j = 0; j < iface->num_bss; j++) { 3736 struct hostapd_data *hapd = iface->bss[j]; 3737 3738 if (os_strcmp(ifname, hapd->conf->iface) == 0) 3739 return hapd; 3740 } 3741 } 3742 3743 return NULL; 3744 } 3745 3746 3747 void hostapd_periodic_iface(struct hostapd_iface *iface) 3748 { 3749 size_t i; 3750 3751 ap_list_timer(iface); 3752 3753 for (i = 0; i < iface->num_bss; i++) { 3754 struct hostapd_data *hapd = iface->bss[i]; 3755 3756 if (!hapd->started) 3757 continue; 3758 3759 #ifndef CONFIG_NO_RADIUS 3760 hostapd_acl_expire(hapd); 3761 #endif /* CONFIG_NO_RADIUS */ 3762 } 3763 } 3764 3765 3766 #ifdef CONFIG_OCV 3767 void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx) 3768 { 3769 struct hostapd_data *hapd = eloop_ctx; 3770 struct sta_info *sta; 3771 3772 wpa_printf(MSG_DEBUG, "OCV: Post-CSA SA Query initiation check"); 3773 3774 for (sta = hapd->sta_list; sta; sta = sta->next) { 3775 if (!sta->post_csa_sa_query) 3776 continue; 3777 3778 wpa_printf(MSG_DEBUG, "OCV: OCVC STA " MACSTR 3779 " did not start SA Query after CSA - disconnect", 3780 MAC2STR(sta->addr)); 3781 ap_sta_disconnect(hapd, sta, sta->addr, 3782 WLAN_REASON_PREV_AUTH_NOT_VALID); 3783 } 3784 } 3785 #endif /* CONFIG_OCV */ 3786