1 /* 2 * hostapd / Initialization and configuration 3 * Copyright (c) 2002-2021, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 #ifdef CONFIG_SQLITE 11 #include <sqlite3.h> 12 #endif /* CONFIG_SQLITE */ 13 14 #include "utils/common.h" 15 #include "utils/eloop.h" 16 #include "utils/crc32.h" 17 #include "common/ieee802_11_defs.h" 18 #include "common/wpa_ctrl.h" 19 #include "common/hw_features_common.h" 20 #include "radius/radius_client.h" 21 #include "radius/radius_das.h" 22 #include "eap_server/tncs.h" 23 #include "eapol_auth/eapol_auth_sm.h" 24 #include "eapol_auth/eapol_auth_sm_i.h" 25 #include "fst/fst.h" 26 #include "hostapd.h" 27 #include "authsrv.h" 28 #include "sta_info.h" 29 #include "accounting.h" 30 #include "ap_list.h" 31 #include "beacon.h" 32 #include "ieee802_1x.h" 33 #include "ieee802_11_auth.h" 34 #include "vlan_init.h" 35 #include "wpa_auth.h" 36 #include "wps_hostapd.h" 37 #include "dpp_hostapd.h" 38 #include "gas_query_ap.h" 39 #include "hw_features.h" 40 #include "wpa_auth_glue.h" 41 #include "ap_drv_ops.h" 42 #include "ap_config.h" 43 #include "p2p_hostapd.h" 44 #include "gas_serv.h" 45 #include "dfs.h" 46 #include "ieee802_11.h" 47 #include "bss_load.h" 48 #include "x_snoop.h" 49 #include "dhcp_snoop.h" 50 #include "ndisc_snoop.h" 51 #include "neighbor_db.h" 52 #include "rrm.h" 53 #include "fils_hlp.h" 54 #include "acs.h" 55 #include "hs20.h" 56 #include "airtime_policy.h" 57 #include "wpa_auth_kay.h" 58 59 60 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason); 61 #ifdef CONFIG_WEP 62 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd); 63 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd); 64 #endif /* CONFIG_WEP */ 65 static int setup_interface2(struct hostapd_iface *iface); 66 static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx); 67 static void hostapd_interface_setup_failure_handler(void *eloop_ctx, 68 void *timeout_ctx); 69 70 71 int hostapd_for_each_interface(struct hapd_interfaces *interfaces, 72 int (*cb)(struct hostapd_iface *iface, 73 void *ctx), void *ctx) 74 { 75 size_t i; 76 int ret; 77 78 for (i = 0; i < interfaces->count; i++) { 79 if (!interfaces->iface[i]) 80 continue; 81 ret = cb(interfaces->iface[i], ctx); 82 if (ret) 83 return ret; 84 } 85 86 return 0; 87 } 88 89 90 void hostapd_reconfig_encryption(struct hostapd_data *hapd) 91 { 92 if (hapd->wpa_auth) 93 return; 94 95 hostapd_set_privacy(hapd, 0); 96 #ifdef CONFIG_WEP 97 hostapd_setup_encryption(hapd->conf->iface, hapd); 98 #endif /* CONFIG_WEP */ 99 } 100 101 102 static void hostapd_reload_bss(struct hostapd_data *hapd) 103 { 104 struct hostapd_ssid *ssid; 105 106 if (!hapd->started) 107 return; 108 109 if (hapd->conf->wmm_enabled < 0) 110 hapd->conf->wmm_enabled = hapd->iconf->ieee80211n | 111 hapd->iconf->ieee80211ax; 112 113 #ifndef CONFIG_NO_RADIUS 114 radius_client_reconfig(hapd->radius, hapd->conf->radius); 115 #endif /* CONFIG_NO_RADIUS */ 116 117 ssid = &hapd->conf->ssid; 118 if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next && 119 ssid->wpa_passphrase_set && ssid->wpa_passphrase) { 120 /* 121 * Force PSK to be derived again since SSID or passphrase may 122 * have changed. 123 */ 124 hostapd_config_clear_wpa_psk(&hapd->conf->ssid.wpa_psk); 125 } 126 if (hostapd_setup_wpa_psk(hapd->conf)) { 127 wpa_printf(MSG_ERROR, "Failed to re-configure WPA PSK " 128 "after reloading configuration"); 129 } 130 131 if (hapd->conf->ieee802_1x || hapd->conf->wpa) 132 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 1); 133 else 134 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 0); 135 136 if ((hapd->conf->wpa || hapd->conf->osen) && hapd->wpa_auth == NULL) { 137 hostapd_setup_wpa(hapd); 138 if (hapd->wpa_auth) 139 wpa_init_keys(hapd->wpa_auth); 140 } else if (hapd->conf->wpa) { 141 const u8 *wpa_ie; 142 size_t wpa_ie_len; 143 hostapd_reconfig_wpa(hapd); 144 wpa_ie = wpa_auth_get_wpa_ie(hapd->wpa_auth, &wpa_ie_len); 145 if (hostapd_set_generic_elem(hapd, wpa_ie, wpa_ie_len)) 146 wpa_printf(MSG_ERROR, "Failed to configure WPA IE for " 147 "the kernel driver."); 148 } else if (hapd->wpa_auth) { 149 wpa_deinit(hapd->wpa_auth); 150 hapd->wpa_auth = NULL; 151 hostapd_set_privacy(hapd, 0); 152 #ifdef CONFIG_WEP 153 hostapd_setup_encryption(hapd->conf->iface, hapd); 154 #endif /* CONFIG_WEP */ 155 hostapd_set_generic_elem(hapd, (u8 *) "", 0); 156 } 157 158 ieee802_11_set_beacon(hapd); 159 hostapd_update_wps(hapd); 160 161 if (hapd->conf->ssid.ssid_set && 162 hostapd_set_ssid(hapd, hapd->conf->ssid.ssid, 163 hapd->conf->ssid.ssid_len)) { 164 wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver"); 165 /* try to continue */ 166 } 167 wpa_printf(MSG_DEBUG, "Reconfigured interface %s", hapd->conf->iface); 168 } 169 170 171 static void hostapd_clear_old(struct hostapd_iface *iface) 172 { 173 size_t j; 174 175 /* 176 * Deauthenticate all stations since the new configuration may not 177 * allow them to use the BSS anymore. 178 */ 179 for (j = 0; j < iface->num_bss; j++) { 180 hostapd_flush_old_stations(iface->bss[j], 181 WLAN_REASON_PREV_AUTH_NOT_VALID); 182 #ifdef CONFIG_WEP 183 hostapd_broadcast_wep_clear(iface->bss[j]); 184 #endif /* CONFIG_WEP */ 185 186 #ifndef CONFIG_NO_RADIUS 187 /* TODO: update dynamic data based on changed configuration 188 * items (e.g., open/close sockets, etc.) */ 189 radius_client_flush(iface->bss[j]->radius, 0); 190 #endif /* CONFIG_NO_RADIUS */ 191 } 192 } 193 194 195 static int hostapd_iface_conf_changed(struct hostapd_config *newconf, 196 struct hostapd_config *oldconf) 197 { 198 size_t i; 199 200 if (newconf->num_bss != oldconf->num_bss) 201 return 1; 202 203 for (i = 0; i < newconf->num_bss; i++) { 204 if (os_strcmp(newconf->bss[i]->iface, 205 oldconf->bss[i]->iface) != 0) 206 return 1; 207 } 208 209 return 0; 210 } 211 212 213 int hostapd_reload_config(struct hostapd_iface *iface) 214 { 215 struct hapd_interfaces *interfaces = iface->interfaces; 216 struct hostapd_data *hapd = iface->bss[0]; 217 struct hostapd_config *newconf, *oldconf; 218 size_t j; 219 220 if (iface->config_fname == NULL) { 221 /* Only in-memory config in use - assume it has been updated */ 222 hostapd_clear_old(iface); 223 for (j = 0; j < iface->num_bss; j++) 224 hostapd_reload_bss(iface->bss[j]); 225 return 0; 226 } 227 228 if (iface->interfaces == NULL || 229 iface->interfaces->config_read_cb == NULL) 230 return -1; 231 newconf = iface->interfaces->config_read_cb(iface->config_fname); 232 if (newconf == NULL) 233 return -1; 234 235 hostapd_clear_old(iface); 236 237 oldconf = hapd->iconf; 238 if (hostapd_iface_conf_changed(newconf, oldconf)) { 239 char *fname; 240 int res; 241 242 wpa_printf(MSG_DEBUG, 243 "Configuration changes include interface/BSS modification - force full disable+enable sequence"); 244 fname = os_strdup(iface->config_fname); 245 if (!fname) { 246 hostapd_config_free(newconf); 247 return -1; 248 } 249 hostapd_remove_iface(interfaces, hapd->conf->iface); 250 iface = hostapd_init(interfaces, fname); 251 os_free(fname); 252 hostapd_config_free(newconf); 253 if (!iface) { 254 wpa_printf(MSG_ERROR, 255 "Failed to initialize interface on config reload"); 256 return -1; 257 } 258 iface->interfaces = interfaces; 259 interfaces->iface[interfaces->count] = iface; 260 interfaces->count++; 261 res = hostapd_enable_iface(iface); 262 if (res < 0) 263 wpa_printf(MSG_ERROR, 264 "Failed to enable interface on config reload"); 265 return res; 266 } 267 iface->conf = newconf; 268 269 for (j = 0; j < iface->num_bss; j++) { 270 hapd = iface->bss[j]; 271 hapd->iconf = newconf; 272 hapd->iconf->channel = oldconf->channel; 273 hapd->iconf->acs = oldconf->acs; 274 hapd->iconf->secondary_channel = oldconf->secondary_channel; 275 hapd->iconf->ieee80211n = oldconf->ieee80211n; 276 hapd->iconf->ieee80211ac = oldconf->ieee80211ac; 277 hapd->iconf->ht_capab = oldconf->ht_capab; 278 hapd->iconf->vht_capab = oldconf->vht_capab; 279 hostapd_set_oper_chwidth(hapd->iconf, 280 hostapd_get_oper_chwidth(oldconf)); 281 hostapd_set_oper_centr_freq_seg0_idx( 282 hapd->iconf, 283 hostapd_get_oper_centr_freq_seg0_idx(oldconf)); 284 hostapd_set_oper_centr_freq_seg1_idx( 285 hapd->iconf, 286 hostapd_get_oper_centr_freq_seg1_idx(oldconf)); 287 hapd->conf = newconf->bss[j]; 288 hostapd_reload_bss(hapd); 289 } 290 291 hostapd_config_free(oldconf); 292 293 294 return 0; 295 } 296 297 298 #ifdef CONFIG_WEP 299 300 static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd, 301 const char *ifname) 302 { 303 int i; 304 305 if (!ifname || !hapd->drv_priv) 306 return; 307 for (i = 0; i < NUM_WEP_KEYS; i++) { 308 if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i, 0, 309 0, NULL, 0, NULL, 0, KEY_FLAG_GROUP)) { 310 wpa_printf(MSG_DEBUG, "Failed to clear default " 311 "encryption keys (ifname=%s keyidx=%d)", 312 ifname, i); 313 } 314 } 315 if (hapd->conf->ieee80211w) { 316 for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) { 317 if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, 318 NULL, i, 0, 0, NULL, 319 0, NULL, 0, KEY_FLAG_GROUP)) { 320 wpa_printf(MSG_DEBUG, "Failed to clear " 321 "default mgmt encryption keys " 322 "(ifname=%s keyidx=%d)", ifname, i); 323 } 324 } 325 } 326 } 327 328 329 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd) 330 { 331 hostapd_broadcast_key_clear_iface(hapd, hapd->conf->iface); 332 return 0; 333 } 334 335 336 static int hostapd_broadcast_wep_set(struct hostapd_data *hapd) 337 { 338 int errors = 0, idx; 339 struct hostapd_ssid *ssid = &hapd->conf->ssid; 340 341 idx = ssid->wep.idx; 342 if (ssid->wep.default_len && ssid->wep.key[idx] && 343 hostapd_drv_set_key(hapd->conf->iface, 344 hapd, WPA_ALG_WEP, broadcast_ether_addr, idx, 0, 345 1, NULL, 0, ssid->wep.key[idx], 346 ssid->wep.len[idx], 347 KEY_FLAG_GROUP_RX_TX_DEFAULT)) { 348 wpa_printf(MSG_WARNING, "Could not set WEP encryption."); 349 errors++; 350 } 351 352 return errors; 353 } 354 355 #endif /* CONFIG_WEP */ 356 357 358 void hostapd_free_hapd_data(struct hostapd_data *hapd) 359 { 360 os_free(hapd->probereq_cb); 361 hapd->probereq_cb = NULL; 362 hapd->num_probereq_cb = 0; 363 364 #ifdef CONFIG_P2P 365 wpabuf_free(hapd->p2p_beacon_ie); 366 hapd->p2p_beacon_ie = NULL; 367 wpabuf_free(hapd->p2p_probe_resp_ie); 368 hapd->p2p_probe_resp_ie = NULL; 369 #endif /* CONFIG_P2P */ 370 371 if (!hapd->started) { 372 wpa_printf(MSG_ERROR, "%s: Interface %s wasn't started", 373 __func__, hapd->conf ? hapd->conf->iface : "N/A"); 374 return; 375 } 376 hapd->started = 0; 377 hapd->beacon_set_done = 0; 378 379 wpa_printf(MSG_DEBUG, "%s(%s)", __func__, hapd->conf->iface); 380 accounting_deinit(hapd); 381 hostapd_deinit_wpa(hapd); 382 vlan_deinit(hapd); 383 hostapd_acl_deinit(hapd); 384 #ifndef CONFIG_NO_RADIUS 385 radius_client_deinit(hapd->radius); 386 hapd->radius = NULL; 387 radius_das_deinit(hapd->radius_das); 388 hapd->radius_das = NULL; 389 #endif /* CONFIG_NO_RADIUS */ 390 391 hostapd_deinit_wps(hapd); 392 ieee802_1x_dealloc_kay_sm_hapd(hapd); 393 #ifdef CONFIG_DPP 394 hostapd_dpp_deinit(hapd); 395 gas_query_ap_deinit(hapd->gas); 396 hapd->gas = NULL; 397 #endif /* CONFIG_DPP */ 398 399 authsrv_deinit(hapd); 400 401 if (hapd->interface_added) { 402 hapd->interface_added = 0; 403 if (hostapd_if_remove(hapd, WPA_IF_AP_BSS, hapd->conf->iface)) { 404 wpa_printf(MSG_WARNING, 405 "Failed to remove BSS interface %s", 406 hapd->conf->iface); 407 hapd->interface_added = 1; 408 } else { 409 /* 410 * Since this was a dynamically added interface, the 411 * driver wrapper may have removed its internal instance 412 * and hapd->drv_priv is not valid anymore. 413 */ 414 hapd->drv_priv = NULL; 415 } 416 } 417 418 wpabuf_free(hapd->time_adv); 419 hapd->time_adv = NULL; 420 421 #ifdef CONFIG_INTERWORKING 422 gas_serv_deinit(hapd); 423 #endif /* CONFIG_INTERWORKING */ 424 425 bss_load_update_deinit(hapd); 426 ndisc_snoop_deinit(hapd); 427 dhcp_snoop_deinit(hapd); 428 x_snoop_deinit(hapd); 429 430 #ifdef CONFIG_SQLITE 431 bin_clear_free(hapd->tmp_eap_user.identity, 432 hapd->tmp_eap_user.identity_len); 433 bin_clear_free(hapd->tmp_eap_user.password, 434 hapd->tmp_eap_user.password_len); 435 os_memset(&hapd->tmp_eap_user, 0, sizeof(hapd->tmp_eap_user)); 436 #endif /* CONFIG_SQLITE */ 437 438 #ifdef CONFIG_MESH 439 wpabuf_free(hapd->mesh_pending_auth); 440 hapd->mesh_pending_auth = NULL; 441 /* handling setup failure is already done */ 442 hapd->setup_complete_cb = NULL; 443 #endif /* CONFIG_MESH */ 444 445 hostapd_clean_rrm(hapd); 446 fils_hlp_deinit(hapd); 447 448 #ifdef CONFIG_OCV 449 eloop_cancel_timeout(hostapd_ocv_check_csa_sa_query, hapd, NULL); 450 #endif /* CONFIG_OCV */ 451 452 #ifdef CONFIG_SAE 453 { 454 struct hostapd_sae_commit_queue *q; 455 456 while ((q = dl_list_first(&hapd->sae_commit_queue, 457 struct hostapd_sae_commit_queue, 458 list))) { 459 dl_list_del(&q->list); 460 os_free(q); 461 } 462 } 463 eloop_cancel_timeout(auth_sae_process_commit, hapd, NULL); 464 #endif /* CONFIG_SAE */ 465 } 466 467 468 /** 469 * hostapd_cleanup - Per-BSS cleanup (deinitialization) 470 * @hapd: Pointer to BSS data 471 * 472 * This function is used to free all per-BSS data structures and resources. 473 * Most of the modules that are initialized in hostapd_setup_bss() are 474 * deinitialized here. 475 */ 476 static void hostapd_cleanup(struct hostapd_data *hapd) 477 { 478 wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s))", __func__, hapd, 479 hapd->conf ? hapd->conf->iface : "N/A"); 480 if (hapd->iface->interfaces && 481 hapd->iface->interfaces->ctrl_iface_deinit) { 482 wpa_msg(hapd->msg_ctx, MSG_INFO, WPA_EVENT_TERMINATING); 483 hapd->iface->interfaces->ctrl_iface_deinit(hapd); 484 } 485 hostapd_free_hapd_data(hapd); 486 } 487 488 489 static void sta_track_deinit(struct hostapd_iface *iface) 490 { 491 struct hostapd_sta_info *info; 492 493 if (!iface->num_sta_seen) 494 return; 495 496 while ((info = dl_list_first(&iface->sta_seen, struct hostapd_sta_info, 497 list))) { 498 dl_list_del(&info->list); 499 iface->num_sta_seen--; 500 sta_track_del(info); 501 } 502 } 503 504 505 void hostapd_cleanup_iface_partial(struct hostapd_iface *iface) 506 { 507 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 508 #ifdef NEED_AP_MLME 509 hostapd_stop_setup_timers(iface); 510 #endif /* NEED_AP_MLME */ 511 if (iface->current_mode) 512 acs_cleanup(iface); 513 hostapd_free_hw_features(iface->hw_features, iface->num_hw_features); 514 iface->hw_features = NULL; 515 iface->current_mode = NULL; 516 os_free(iface->current_rates); 517 iface->current_rates = NULL; 518 os_free(iface->basic_rates); 519 iface->basic_rates = NULL; 520 ap_list_deinit(iface); 521 sta_track_deinit(iface); 522 airtime_policy_update_deinit(iface); 523 } 524 525 526 /** 527 * hostapd_cleanup_iface - Complete per-interface cleanup 528 * @iface: Pointer to interface data 529 * 530 * This function is called after per-BSS data structures are deinitialized 531 * with hostapd_cleanup(). 532 */ 533 static void hostapd_cleanup_iface(struct hostapd_iface *iface) 534 { 535 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 536 eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); 537 eloop_cancel_timeout(hostapd_interface_setup_failure_handler, iface, 538 NULL); 539 540 hostapd_cleanup_iface_partial(iface); 541 hostapd_config_free(iface->conf); 542 iface->conf = NULL; 543 544 os_free(iface->config_fname); 545 os_free(iface->bss); 546 wpa_printf(MSG_DEBUG, "%s: free iface=%p", __func__, iface); 547 os_free(iface); 548 } 549 550 551 #ifdef CONFIG_WEP 552 553 static void hostapd_clear_wep(struct hostapd_data *hapd) 554 { 555 if (hapd->drv_priv && !hapd->iface->driver_ap_teardown && hapd->conf) { 556 hostapd_set_privacy(hapd, 0); 557 hostapd_broadcast_wep_clear(hapd); 558 } 559 } 560 561 562 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd) 563 { 564 int i; 565 566 hostapd_broadcast_wep_set(hapd); 567 568 if (hapd->conf->ssid.wep.default_len) { 569 hostapd_set_privacy(hapd, 1); 570 return 0; 571 } 572 573 /* 574 * When IEEE 802.1X is not enabled, the driver may need to know how to 575 * set authentication algorithms for static WEP. 576 */ 577 hostapd_drv_set_authmode(hapd, hapd->conf->auth_algs); 578 579 for (i = 0; i < 4; i++) { 580 if (hapd->conf->ssid.wep.key[i] && 581 hostapd_drv_set_key(iface, hapd, WPA_ALG_WEP, NULL, i, 0, 582 i == hapd->conf->ssid.wep.idx, NULL, 0, 583 hapd->conf->ssid.wep.key[i], 584 hapd->conf->ssid.wep.len[i], 585 i == hapd->conf->ssid.wep.idx ? 586 KEY_FLAG_GROUP_RX_TX_DEFAULT : 587 KEY_FLAG_GROUP_RX_TX)) { 588 wpa_printf(MSG_WARNING, "Could not set WEP " 589 "encryption."); 590 return -1; 591 } 592 if (hapd->conf->ssid.wep.key[i] && 593 i == hapd->conf->ssid.wep.idx) 594 hostapd_set_privacy(hapd, 1); 595 } 596 597 return 0; 598 } 599 600 #endif /* CONFIG_WEP */ 601 602 603 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason) 604 { 605 int ret = 0; 606 u8 addr[ETH_ALEN]; 607 608 if (hostapd_drv_none(hapd) || hapd->drv_priv == NULL) 609 return 0; 610 611 if (!hapd->iface->driver_ap_teardown) { 612 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 613 "Flushing old station entries"); 614 615 if (hostapd_flush(hapd)) { 616 wpa_msg(hapd->msg_ctx, MSG_WARNING, 617 "Could not connect to kernel driver"); 618 ret = -1; 619 } 620 } 621 if (hapd->conf && hapd->conf->broadcast_deauth) { 622 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 623 "Deauthenticate all stations"); 624 os_memset(addr, 0xff, ETH_ALEN); 625 hostapd_drv_sta_deauth(hapd, addr, reason); 626 } 627 hostapd_free_stas(hapd); 628 629 return ret; 630 } 631 632 633 void hostapd_bss_deinit_no_free(struct hostapd_data *hapd) 634 { 635 hostapd_free_stas(hapd); 636 hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING); 637 #ifdef CONFIG_WEP 638 hostapd_clear_wep(hapd); 639 #endif /* CONFIG_WEP */ 640 } 641 642 643 /** 644 * hostapd_validate_bssid_configuration - Validate BSSID configuration 645 * @iface: Pointer to interface data 646 * Returns: 0 on success, -1 on failure 647 * 648 * This function is used to validate that the configured BSSIDs are valid. 649 */ 650 static int hostapd_validate_bssid_configuration(struct hostapd_iface *iface) 651 { 652 u8 mask[ETH_ALEN] = { 0 }; 653 struct hostapd_data *hapd = iface->bss[0]; 654 unsigned int i = iface->conf->num_bss, bits = 0, j; 655 int auto_addr = 0; 656 657 if (hostapd_drv_none(hapd)) 658 return 0; 659 660 if (iface->conf->use_driver_iface_addr) 661 return 0; 662 663 /* Generate BSSID mask that is large enough to cover the BSSIDs. */ 664 665 /* Determine the bits necessary to cover the number of BSSIDs. */ 666 for (i--; i; i >>= 1) 667 bits++; 668 669 /* Determine the bits necessary to any configured BSSIDs, 670 if they are higher than the number of BSSIDs. */ 671 for (j = 0; j < iface->conf->num_bss; j++) { 672 if (is_zero_ether_addr(iface->conf->bss[j]->bssid)) { 673 if (j) 674 auto_addr++; 675 continue; 676 } 677 678 for (i = 0; i < ETH_ALEN; i++) { 679 mask[i] |= 680 iface->conf->bss[j]->bssid[i] ^ 681 hapd->own_addr[i]; 682 } 683 } 684 685 if (!auto_addr) 686 goto skip_mask_ext; 687 688 for (i = 0; i < ETH_ALEN && mask[i] == 0; i++) 689 ; 690 j = 0; 691 if (i < ETH_ALEN) { 692 j = (5 - i) * 8; 693 694 while (mask[i] != 0) { 695 mask[i] >>= 1; 696 j++; 697 } 698 } 699 700 if (bits < j) 701 bits = j; 702 703 if (bits > 40) { 704 wpa_printf(MSG_ERROR, "Too many bits in the BSSID mask (%u)", 705 bits); 706 return -1; 707 } 708 709 os_memset(mask, 0xff, ETH_ALEN); 710 j = bits / 8; 711 for (i = 5; i > 5 - j; i--) 712 mask[i] = 0; 713 j = bits % 8; 714 while (j) { 715 j--; 716 mask[i] <<= 1; 717 } 718 719 skip_mask_ext: 720 wpa_printf(MSG_DEBUG, "BSS count %lu, BSSID mask " MACSTR " (%d bits)", 721 (unsigned long) iface->conf->num_bss, MAC2STR(mask), bits); 722 723 if (!auto_addr) 724 return 0; 725 726 for (i = 0; i < ETH_ALEN; i++) { 727 if ((hapd->own_addr[i] & mask[i]) != hapd->own_addr[i]) { 728 wpa_printf(MSG_ERROR, "Invalid BSSID mask " MACSTR 729 " for start address " MACSTR ".", 730 MAC2STR(mask), MAC2STR(hapd->own_addr)); 731 wpa_printf(MSG_ERROR, "Start address must be the " 732 "first address in the block (i.e., addr " 733 "AND mask == addr)."); 734 return -1; 735 } 736 } 737 738 return 0; 739 } 740 741 742 static int mac_in_conf(struct hostapd_config *conf, const void *a) 743 { 744 size_t i; 745 746 for (i = 0; i < conf->num_bss; i++) { 747 if (hostapd_mac_comp(conf->bss[i]->bssid, a) == 0) { 748 return 1; 749 } 750 } 751 752 return 0; 753 } 754 755 756 #ifndef CONFIG_NO_RADIUS 757 758 static int hostapd_das_nas_mismatch(struct hostapd_data *hapd, 759 struct radius_das_attrs *attr) 760 { 761 if (attr->nas_identifier && 762 (!hapd->conf->nas_identifier || 763 os_strlen(hapd->conf->nas_identifier) != 764 attr->nas_identifier_len || 765 os_memcmp(hapd->conf->nas_identifier, attr->nas_identifier, 766 attr->nas_identifier_len) != 0)) { 767 wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-Identifier mismatch"); 768 return 1; 769 } 770 771 if (attr->nas_ip_addr && 772 (hapd->conf->own_ip_addr.af != AF_INET || 773 os_memcmp(&hapd->conf->own_ip_addr.u.v4, attr->nas_ip_addr, 4) != 774 0)) { 775 wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-IP-Address mismatch"); 776 return 1; 777 } 778 779 #ifdef CONFIG_IPV6 780 if (attr->nas_ipv6_addr && 781 (hapd->conf->own_ip_addr.af != AF_INET6 || 782 os_memcmp(&hapd->conf->own_ip_addr.u.v6, attr->nas_ipv6_addr, 16) 783 != 0)) { 784 wpa_printf(MSG_DEBUG, "RADIUS DAS: NAS-IPv6-Address mismatch"); 785 return 1; 786 } 787 #endif /* CONFIG_IPV6 */ 788 789 return 0; 790 } 791 792 793 static struct sta_info * hostapd_das_find_sta(struct hostapd_data *hapd, 794 struct radius_das_attrs *attr, 795 int *multi) 796 { 797 struct sta_info *selected, *sta; 798 char buf[128]; 799 int num_attr = 0; 800 int count; 801 802 *multi = 0; 803 804 for (sta = hapd->sta_list; sta; sta = sta->next) 805 sta->radius_das_match = 1; 806 807 if (attr->sta_addr) { 808 num_attr++; 809 sta = ap_get_sta(hapd, attr->sta_addr); 810 if (!sta) { 811 wpa_printf(MSG_DEBUG, 812 "RADIUS DAS: No Calling-Station-Id match"); 813 return NULL; 814 } 815 816 selected = sta; 817 for (sta = hapd->sta_list; sta; sta = sta->next) { 818 if (sta != selected) 819 sta->radius_das_match = 0; 820 } 821 wpa_printf(MSG_DEBUG, "RADIUS DAS: Calling-Station-Id match"); 822 } 823 824 if (attr->acct_session_id) { 825 num_attr++; 826 if (attr->acct_session_id_len != 16) { 827 wpa_printf(MSG_DEBUG, 828 "RADIUS DAS: Acct-Session-Id cannot match"); 829 return NULL; 830 } 831 count = 0; 832 833 for (sta = hapd->sta_list; sta; sta = sta->next) { 834 if (!sta->radius_das_match) 835 continue; 836 os_snprintf(buf, sizeof(buf), "%016llX", 837 (unsigned long long) sta->acct_session_id); 838 if (os_memcmp(attr->acct_session_id, buf, 16) != 0) 839 sta->radius_das_match = 0; 840 else 841 count++; 842 } 843 844 if (count == 0) { 845 wpa_printf(MSG_DEBUG, 846 "RADIUS DAS: No matches remaining after Acct-Session-Id check"); 847 return NULL; 848 } 849 wpa_printf(MSG_DEBUG, "RADIUS DAS: Acct-Session-Id match"); 850 } 851 852 if (attr->acct_multi_session_id) { 853 num_attr++; 854 if (attr->acct_multi_session_id_len != 16) { 855 wpa_printf(MSG_DEBUG, 856 "RADIUS DAS: Acct-Multi-Session-Id cannot match"); 857 return NULL; 858 } 859 count = 0; 860 861 for (sta = hapd->sta_list; sta; sta = sta->next) { 862 if (!sta->radius_das_match) 863 continue; 864 if (!sta->eapol_sm || 865 !sta->eapol_sm->acct_multi_session_id) { 866 sta->radius_das_match = 0; 867 continue; 868 } 869 os_snprintf(buf, sizeof(buf), "%016llX", 870 (unsigned long long) 871 sta->eapol_sm->acct_multi_session_id); 872 if (os_memcmp(attr->acct_multi_session_id, buf, 16) != 873 0) 874 sta->radius_das_match = 0; 875 else 876 count++; 877 } 878 879 if (count == 0) { 880 wpa_printf(MSG_DEBUG, 881 "RADIUS DAS: No matches remaining after Acct-Multi-Session-Id check"); 882 return NULL; 883 } 884 wpa_printf(MSG_DEBUG, 885 "RADIUS DAS: Acct-Multi-Session-Id match"); 886 } 887 888 if (attr->cui) { 889 num_attr++; 890 count = 0; 891 892 for (sta = hapd->sta_list; sta; sta = sta->next) { 893 struct wpabuf *cui; 894 895 if (!sta->radius_das_match) 896 continue; 897 cui = ieee802_1x_get_radius_cui(sta->eapol_sm); 898 if (!cui || wpabuf_len(cui) != attr->cui_len || 899 os_memcmp(wpabuf_head(cui), attr->cui, 900 attr->cui_len) != 0) 901 sta->radius_das_match = 0; 902 else 903 count++; 904 } 905 906 if (count == 0) { 907 wpa_printf(MSG_DEBUG, 908 "RADIUS DAS: No matches remaining after Chargeable-User-Identity check"); 909 return NULL; 910 } 911 wpa_printf(MSG_DEBUG, 912 "RADIUS DAS: Chargeable-User-Identity match"); 913 } 914 915 if (attr->user_name) { 916 num_attr++; 917 count = 0; 918 919 for (sta = hapd->sta_list; sta; sta = sta->next) { 920 u8 *identity; 921 size_t identity_len; 922 923 if (!sta->radius_das_match) 924 continue; 925 identity = ieee802_1x_get_identity(sta->eapol_sm, 926 &identity_len); 927 if (!identity || 928 identity_len != attr->user_name_len || 929 os_memcmp(identity, attr->user_name, identity_len) 930 != 0) 931 sta->radius_das_match = 0; 932 else 933 count++; 934 } 935 936 if (count == 0) { 937 wpa_printf(MSG_DEBUG, 938 "RADIUS DAS: No matches remaining after User-Name check"); 939 return NULL; 940 } 941 wpa_printf(MSG_DEBUG, 942 "RADIUS DAS: User-Name match"); 943 } 944 945 if (num_attr == 0) { 946 /* 947 * In theory, we could match all current associations, but it 948 * seems safer to just reject requests that do not include any 949 * session identification attributes. 950 */ 951 wpa_printf(MSG_DEBUG, 952 "RADIUS DAS: No session identification attributes included"); 953 return NULL; 954 } 955 956 selected = NULL; 957 for (sta = hapd->sta_list; sta; sta = sta->next) { 958 if (sta->radius_das_match) { 959 if (selected) { 960 *multi = 1; 961 return NULL; 962 } 963 selected = sta; 964 } 965 } 966 967 return selected; 968 } 969 970 971 static int hostapd_das_disconnect_pmksa(struct hostapd_data *hapd, 972 struct radius_das_attrs *attr) 973 { 974 if (!hapd->wpa_auth) 975 return -1; 976 return wpa_auth_radius_das_disconnect_pmksa(hapd->wpa_auth, attr); 977 } 978 979 980 static enum radius_das_res 981 hostapd_das_disconnect(void *ctx, struct radius_das_attrs *attr) 982 { 983 struct hostapd_data *hapd = ctx; 984 struct sta_info *sta; 985 int multi; 986 987 if (hostapd_das_nas_mismatch(hapd, attr)) 988 return RADIUS_DAS_NAS_MISMATCH; 989 990 sta = hostapd_das_find_sta(hapd, attr, &multi); 991 if (sta == NULL) { 992 if (multi) { 993 wpa_printf(MSG_DEBUG, 994 "RADIUS DAS: Multiple sessions match - not supported"); 995 return RADIUS_DAS_MULTI_SESSION_MATCH; 996 } 997 if (hostapd_das_disconnect_pmksa(hapd, attr) == 0) { 998 wpa_printf(MSG_DEBUG, 999 "RADIUS DAS: PMKSA cache entry matched"); 1000 return RADIUS_DAS_SUCCESS; 1001 } 1002 wpa_printf(MSG_DEBUG, "RADIUS DAS: No matching session found"); 1003 return RADIUS_DAS_SESSION_NOT_FOUND; 1004 } 1005 1006 wpa_printf(MSG_DEBUG, "RADIUS DAS: Found a matching session " MACSTR 1007 " - disconnecting", MAC2STR(sta->addr)); 1008 wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr); 1009 1010 hostapd_drv_sta_deauth(hapd, sta->addr, 1011 WLAN_REASON_PREV_AUTH_NOT_VALID); 1012 ap_sta_deauthenticate(hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID); 1013 1014 return RADIUS_DAS_SUCCESS; 1015 } 1016 1017 1018 #ifdef CONFIG_HS20 1019 static enum radius_das_res 1020 hostapd_das_coa(void *ctx, struct radius_das_attrs *attr) 1021 { 1022 struct hostapd_data *hapd = ctx; 1023 struct sta_info *sta; 1024 int multi; 1025 1026 if (hostapd_das_nas_mismatch(hapd, attr)) 1027 return RADIUS_DAS_NAS_MISMATCH; 1028 1029 sta = hostapd_das_find_sta(hapd, attr, &multi); 1030 if (!sta) { 1031 if (multi) { 1032 wpa_printf(MSG_DEBUG, 1033 "RADIUS DAS: Multiple sessions match - not supported"); 1034 return RADIUS_DAS_MULTI_SESSION_MATCH; 1035 } 1036 wpa_printf(MSG_DEBUG, "RADIUS DAS: No matching session found"); 1037 return RADIUS_DAS_SESSION_NOT_FOUND; 1038 } 1039 1040 wpa_printf(MSG_DEBUG, "RADIUS DAS: Found a matching session " MACSTR 1041 " - CoA", MAC2STR(sta->addr)); 1042 1043 if (attr->hs20_t_c_filtering) { 1044 if (attr->hs20_t_c_filtering[0] & BIT(0)) { 1045 wpa_printf(MSG_DEBUG, 1046 "HS 2.0: Unexpected Terms and Conditions filtering required in CoA-Request"); 1047 return RADIUS_DAS_COA_FAILED; 1048 } 1049 1050 hs20_t_c_filtering(hapd, sta, 0); 1051 } 1052 1053 return RADIUS_DAS_SUCCESS; 1054 } 1055 #else /* CONFIG_HS20 */ 1056 #define hostapd_das_coa NULL 1057 #endif /* CONFIG_HS20 */ 1058 1059 1060 #ifdef CONFIG_SQLITE 1061 1062 static int db_table_exists(sqlite3 *db, const char *name) 1063 { 1064 char cmd[128]; 1065 1066 os_snprintf(cmd, sizeof(cmd), "SELECT 1 FROM %s;", name); 1067 return sqlite3_exec(db, cmd, NULL, NULL, NULL) == SQLITE_OK; 1068 } 1069 1070 1071 static int db_table_create_radius_attributes(sqlite3 *db) 1072 { 1073 char *err = NULL; 1074 const char *sql = 1075 "CREATE TABLE radius_attributes(" 1076 " id INTEGER PRIMARY KEY," 1077 " sta TEXT," 1078 " reqtype TEXT," 1079 " attr TEXT" 1080 ");" 1081 "CREATE INDEX idx_sta_reqtype ON radius_attributes(sta,reqtype);"; 1082 1083 wpa_printf(MSG_DEBUG, 1084 "Adding database table for RADIUS attribute information"); 1085 if (sqlite3_exec(db, sql, NULL, NULL, &err) != SQLITE_OK) { 1086 wpa_printf(MSG_ERROR, "SQLite error: %s", err); 1087 sqlite3_free(err); 1088 return -1; 1089 } 1090 1091 return 0; 1092 } 1093 1094 #endif /* CONFIG_SQLITE */ 1095 1096 #endif /* CONFIG_NO_RADIUS */ 1097 1098 1099 /** 1100 * hostapd_setup_bss - Per-BSS setup (initialization) 1101 * @hapd: Pointer to BSS data 1102 * @first: Whether this BSS is the first BSS of an interface; -1 = not first, 1103 * but interface may exist 1104 * 1105 * This function is used to initialize all per-BSS data structures and 1106 * resources. This gets called in a loop for each BSS when an interface is 1107 * initialized. Most of the modules that are initialized here will be 1108 * deinitialized in hostapd_cleanup(). 1109 */ 1110 static int hostapd_setup_bss(struct hostapd_data *hapd, int first) 1111 { 1112 struct hostapd_bss_config *conf = hapd->conf; 1113 u8 ssid[SSID_MAX_LEN + 1]; 1114 int ssid_len, set_ssid; 1115 char force_ifname[IFNAMSIZ]; 1116 u8 if_addr[ETH_ALEN]; 1117 int flush_old_stations = 1; 1118 1119 wpa_printf(MSG_DEBUG, "%s(hapd=%p (%s), first=%d)", 1120 __func__, hapd, conf->iface, first); 1121 1122 #ifdef EAP_SERVER_TNC 1123 if (conf->tnc && tncs_global_init() < 0) { 1124 wpa_printf(MSG_ERROR, "Failed to initialize TNCS"); 1125 return -1; 1126 } 1127 #endif /* EAP_SERVER_TNC */ 1128 1129 if (hapd->started) { 1130 wpa_printf(MSG_ERROR, "%s: Interface %s was already started", 1131 __func__, conf->iface); 1132 return -1; 1133 } 1134 hapd->started = 1; 1135 1136 if (!first || first == -1) { 1137 u8 *addr = hapd->own_addr; 1138 1139 if (!is_zero_ether_addr(conf->bssid)) { 1140 /* Allocate the configured BSSID. */ 1141 os_memcpy(hapd->own_addr, conf->bssid, ETH_ALEN); 1142 1143 if (hostapd_mac_comp(hapd->own_addr, 1144 hapd->iface->bss[0]->own_addr) == 1145 0) { 1146 wpa_printf(MSG_ERROR, "BSS '%s' may not have " 1147 "BSSID set to the MAC address of " 1148 "the radio", conf->iface); 1149 return -1; 1150 } 1151 } else if (hapd->iconf->use_driver_iface_addr) { 1152 addr = NULL; 1153 } else { 1154 /* Allocate the next available BSSID. */ 1155 do { 1156 inc_byte_array(hapd->own_addr, ETH_ALEN); 1157 } while (mac_in_conf(hapd->iconf, hapd->own_addr)); 1158 } 1159 1160 hapd->interface_added = 1; 1161 if (hostapd_if_add(hapd->iface->bss[0], WPA_IF_AP_BSS, 1162 conf->iface, addr, hapd, 1163 &hapd->drv_priv, force_ifname, if_addr, 1164 conf->bridge[0] ? conf->bridge : NULL, 1165 first == -1)) { 1166 wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID=" 1167 MACSTR ")", MAC2STR(hapd->own_addr)); 1168 hapd->interface_added = 0; 1169 return -1; 1170 } 1171 1172 if (!addr) 1173 os_memcpy(hapd->own_addr, if_addr, ETH_ALEN); 1174 } 1175 1176 if (conf->wmm_enabled < 0) 1177 conf->wmm_enabled = hapd->iconf->ieee80211n | 1178 hapd->iconf->ieee80211ax; 1179 1180 #ifdef CONFIG_IEEE80211R_AP 1181 if (is_zero_ether_addr(conf->r1_key_holder)) 1182 os_memcpy(conf->r1_key_holder, hapd->own_addr, ETH_ALEN); 1183 #endif /* CONFIG_IEEE80211R_AP */ 1184 1185 #ifdef CONFIG_MESH 1186 if ((hapd->conf->mesh & MESH_ENABLED) && hapd->iface->mconf == NULL) 1187 flush_old_stations = 0; 1188 #endif /* CONFIG_MESH */ 1189 1190 if (flush_old_stations) 1191 hostapd_flush(hapd); 1192 hostapd_set_privacy(hapd, 0); 1193 1194 #ifdef CONFIG_WEP 1195 if (!hostapd_drv_nl80211(hapd)) 1196 hostapd_broadcast_wep_clear(hapd); 1197 if (hostapd_setup_encryption(conf->iface, hapd)) 1198 return -1; 1199 #endif /* CONFIG_WEP */ 1200 1201 /* 1202 * Fetch the SSID from the system and use it or, 1203 * if one was specified in the config file, verify they 1204 * match. 1205 */ 1206 ssid_len = hostapd_get_ssid(hapd, ssid, sizeof(ssid)); 1207 if (ssid_len < 0) { 1208 wpa_printf(MSG_ERROR, "Could not read SSID from system"); 1209 return -1; 1210 } 1211 if (conf->ssid.ssid_set) { 1212 /* 1213 * If SSID is specified in the config file and it differs 1214 * from what is being used then force installation of the 1215 * new SSID. 1216 */ 1217 set_ssid = (conf->ssid.ssid_len != (size_t) ssid_len || 1218 os_memcmp(conf->ssid.ssid, ssid, ssid_len) != 0); 1219 } else { 1220 /* 1221 * No SSID in the config file; just use the one we got 1222 * from the system. 1223 */ 1224 set_ssid = 0; 1225 conf->ssid.ssid_len = ssid_len; 1226 os_memcpy(conf->ssid.ssid, ssid, conf->ssid.ssid_len); 1227 } 1228 1229 /* 1230 * Short SSID calculation is identical to FCS and it is defined in 1231 * IEEE P802.11-REVmd/D3.0, 9.4.2.170.3 (Calculating the Short-SSID). 1232 */ 1233 conf->ssid.short_ssid = crc32(conf->ssid.ssid, conf->ssid.ssid_len); 1234 1235 if (!hostapd_drv_none(hapd)) { 1236 wpa_printf(MSG_DEBUG, "Using interface %s with hwaddr " MACSTR 1237 " and ssid \"%s\"", 1238 conf->iface, MAC2STR(hapd->own_addr), 1239 wpa_ssid_txt(conf->ssid.ssid, conf->ssid.ssid_len)); 1240 } 1241 1242 if (hostapd_setup_wpa_psk(conf)) { 1243 wpa_printf(MSG_ERROR, "WPA-PSK setup failed."); 1244 return -1; 1245 } 1246 1247 /* Set SSID for the kernel driver (to be used in beacon and probe 1248 * response frames) */ 1249 if (set_ssid && hostapd_set_ssid(hapd, conf->ssid.ssid, 1250 conf->ssid.ssid_len)) { 1251 wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver"); 1252 return -1; 1253 } 1254 1255 if (wpa_debug_level <= MSG_MSGDUMP) 1256 conf->radius->msg_dumps = 1; 1257 #ifndef CONFIG_NO_RADIUS 1258 1259 #ifdef CONFIG_SQLITE 1260 if (conf->radius_req_attr_sqlite) { 1261 if (sqlite3_open(conf->radius_req_attr_sqlite, 1262 &hapd->rad_attr_db)) { 1263 wpa_printf(MSG_ERROR, "Could not open SQLite file '%s'", 1264 conf->radius_req_attr_sqlite); 1265 return -1; 1266 } 1267 1268 wpa_printf(MSG_DEBUG, "Opening RADIUS attribute database: %s", 1269 conf->radius_req_attr_sqlite); 1270 if (!db_table_exists(hapd->rad_attr_db, "radius_attributes") && 1271 db_table_create_radius_attributes(hapd->rad_attr_db) < 0) 1272 return -1; 1273 } 1274 #endif /* CONFIG_SQLITE */ 1275 1276 hapd->radius = radius_client_init(hapd, conf->radius); 1277 if (hapd->radius == NULL) { 1278 wpa_printf(MSG_ERROR, "RADIUS client initialization failed."); 1279 return -1; 1280 } 1281 1282 if (conf->radius_das_port) { 1283 struct radius_das_conf das_conf; 1284 os_memset(&das_conf, 0, sizeof(das_conf)); 1285 das_conf.port = conf->radius_das_port; 1286 das_conf.shared_secret = conf->radius_das_shared_secret; 1287 das_conf.shared_secret_len = 1288 conf->radius_das_shared_secret_len; 1289 das_conf.client_addr = &conf->radius_das_client_addr; 1290 das_conf.time_window = conf->radius_das_time_window; 1291 das_conf.require_event_timestamp = 1292 conf->radius_das_require_event_timestamp; 1293 das_conf.require_message_authenticator = 1294 conf->radius_das_require_message_authenticator; 1295 das_conf.ctx = hapd; 1296 das_conf.disconnect = hostapd_das_disconnect; 1297 das_conf.coa = hostapd_das_coa; 1298 hapd->radius_das = radius_das_init(&das_conf); 1299 if (hapd->radius_das == NULL) { 1300 wpa_printf(MSG_ERROR, "RADIUS DAS initialization " 1301 "failed."); 1302 return -1; 1303 } 1304 } 1305 #endif /* CONFIG_NO_RADIUS */ 1306 1307 if (hostapd_acl_init(hapd)) { 1308 wpa_printf(MSG_ERROR, "ACL initialization failed."); 1309 return -1; 1310 } 1311 if (hostapd_init_wps(hapd, conf)) 1312 return -1; 1313 1314 #ifdef CONFIG_DPP 1315 hapd->gas = gas_query_ap_init(hapd, hapd->msg_ctx); 1316 if (!hapd->gas) 1317 return -1; 1318 if (hostapd_dpp_init(hapd)) 1319 return -1; 1320 #endif /* CONFIG_DPP */ 1321 1322 if (authsrv_init(hapd) < 0) 1323 return -1; 1324 1325 if (ieee802_1x_init(hapd)) { 1326 wpa_printf(MSG_ERROR, "IEEE 802.1X initialization failed."); 1327 return -1; 1328 } 1329 1330 if ((conf->wpa || conf->osen) && hostapd_setup_wpa(hapd)) 1331 return -1; 1332 1333 if (accounting_init(hapd)) { 1334 wpa_printf(MSG_ERROR, "Accounting initialization failed."); 1335 return -1; 1336 } 1337 1338 #ifdef CONFIG_INTERWORKING 1339 if (gas_serv_init(hapd)) { 1340 wpa_printf(MSG_ERROR, "GAS server initialization failed"); 1341 return -1; 1342 } 1343 1344 if (conf->qos_map_set_len && 1345 hostapd_drv_set_qos_map(hapd, conf->qos_map_set, 1346 conf->qos_map_set_len)) { 1347 wpa_printf(MSG_ERROR, "Failed to initialize QoS Map"); 1348 return -1; 1349 } 1350 #endif /* CONFIG_INTERWORKING */ 1351 1352 if (conf->bss_load_update_period && bss_load_update_init(hapd)) { 1353 wpa_printf(MSG_ERROR, "BSS Load initialization failed"); 1354 return -1; 1355 } 1356 1357 if (conf->proxy_arp) { 1358 if (x_snoop_init(hapd)) { 1359 wpa_printf(MSG_ERROR, 1360 "Generic snooping infrastructure initialization failed"); 1361 return -1; 1362 } 1363 1364 if (dhcp_snoop_init(hapd)) { 1365 wpa_printf(MSG_ERROR, 1366 "DHCP snooping initialization failed"); 1367 return -1; 1368 } 1369 1370 if (ndisc_snoop_init(hapd)) { 1371 wpa_printf(MSG_ERROR, 1372 "Neighbor Discovery snooping initialization failed"); 1373 return -1; 1374 } 1375 } 1376 1377 if (!hostapd_drv_none(hapd) && vlan_init(hapd)) { 1378 wpa_printf(MSG_ERROR, "VLAN initialization failed."); 1379 return -1; 1380 } 1381 1382 if (!conf->start_disabled && ieee802_11_set_beacon(hapd) < 0) 1383 return -1; 1384 1385 if (flush_old_stations && !conf->start_disabled && 1386 conf->broadcast_deauth) { 1387 u8 addr[ETH_ALEN]; 1388 1389 /* Should any previously associated STA not have noticed that 1390 * the AP had stopped and restarted, send one more 1391 * deauthentication notification now that the AP is ready to 1392 * operate. */ 1393 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1394 "Deauthenticate all stations at BSS start"); 1395 os_memset(addr, 0xff, ETH_ALEN); 1396 hostapd_drv_sta_deauth(hapd, addr, 1397 WLAN_REASON_PREV_AUTH_NOT_VALID); 1398 } 1399 1400 if (hapd->wpa_auth && wpa_init_keys(hapd->wpa_auth) < 0) 1401 return -1; 1402 1403 if (hapd->driver && hapd->driver->set_operstate) 1404 hapd->driver->set_operstate(hapd->drv_priv, 1); 1405 1406 return 0; 1407 } 1408 1409 1410 static void hostapd_tx_queue_params(struct hostapd_iface *iface) 1411 { 1412 struct hostapd_data *hapd = iface->bss[0]; 1413 int i; 1414 struct hostapd_tx_queue_params *p; 1415 1416 #ifdef CONFIG_MESH 1417 if ((hapd->conf->mesh & MESH_ENABLED) && iface->mconf == NULL) 1418 return; 1419 #endif /* CONFIG_MESH */ 1420 1421 for (i = 0; i < NUM_TX_QUEUES; i++) { 1422 p = &iface->conf->tx_queue[i]; 1423 1424 if (hostapd_set_tx_queue_params(hapd, i, p->aifs, p->cwmin, 1425 p->cwmax, p->burst)) { 1426 wpa_printf(MSG_DEBUG, "Failed to set TX queue " 1427 "parameters for queue %d.", i); 1428 /* Continue anyway */ 1429 } 1430 } 1431 } 1432 1433 1434 static int hostapd_set_acl_list(struct hostapd_data *hapd, 1435 struct mac_acl_entry *mac_acl, 1436 int n_entries, u8 accept_acl) 1437 { 1438 struct hostapd_acl_params *acl_params; 1439 int i, err; 1440 1441 acl_params = os_zalloc(sizeof(*acl_params) + 1442 (n_entries * sizeof(acl_params->mac_acl[0]))); 1443 if (!acl_params) 1444 return -ENOMEM; 1445 1446 for (i = 0; i < n_entries; i++) 1447 os_memcpy(acl_params->mac_acl[i].addr, mac_acl[i].addr, 1448 ETH_ALEN); 1449 1450 acl_params->acl_policy = accept_acl; 1451 acl_params->num_mac_acl = n_entries; 1452 1453 err = hostapd_drv_set_acl(hapd, acl_params); 1454 1455 os_free(acl_params); 1456 1457 return err; 1458 } 1459 1460 1461 static void hostapd_set_acl(struct hostapd_data *hapd) 1462 { 1463 struct hostapd_config *conf = hapd->iconf; 1464 int err; 1465 u8 accept_acl; 1466 1467 if (hapd->iface->drv_max_acl_mac_addrs == 0) 1468 return; 1469 1470 if (conf->bss[0]->macaddr_acl == DENY_UNLESS_ACCEPTED) { 1471 accept_acl = 1; 1472 err = hostapd_set_acl_list(hapd, conf->bss[0]->accept_mac, 1473 conf->bss[0]->num_accept_mac, 1474 accept_acl); 1475 if (err) { 1476 wpa_printf(MSG_DEBUG, "Failed to set accept acl"); 1477 return; 1478 } 1479 } else if (conf->bss[0]->macaddr_acl == ACCEPT_UNLESS_DENIED) { 1480 accept_acl = 0; 1481 err = hostapd_set_acl_list(hapd, conf->bss[0]->deny_mac, 1482 conf->bss[0]->num_deny_mac, 1483 accept_acl); 1484 if (err) { 1485 wpa_printf(MSG_DEBUG, "Failed to set deny acl"); 1486 return; 1487 } 1488 } 1489 } 1490 1491 1492 static int start_ctrl_iface_bss(struct hostapd_data *hapd) 1493 { 1494 if (!hapd->iface->interfaces || 1495 !hapd->iface->interfaces->ctrl_iface_init) 1496 return 0; 1497 1498 if (hapd->iface->interfaces->ctrl_iface_init(hapd)) { 1499 wpa_printf(MSG_ERROR, 1500 "Failed to setup control interface for %s", 1501 hapd->conf->iface); 1502 return -1; 1503 } 1504 1505 return 0; 1506 } 1507 1508 1509 static int start_ctrl_iface(struct hostapd_iface *iface) 1510 { 1511 size_t i; 1512 1513 if (!iface->interfaces || !iface->interfaces->ctrl_iface_init) 1514 return 0; 1515 1516 for (i = 0; i < iface->num_bss; i++) { 1517 struct hostapd_data *hapd = iface->bss[i]; 1518 if (iface->interfaces->ctrl_iface_init(hapd)) { 1519 wpa_printf(MSG_ERROR, 1520 "Failed to setup control interface for %s", 1521 hapd->conf->iface); 1522 return -1; 1523 } 1524 } 1525 1526 return 0; 1527 } 1528 1529 1530 static void channel_list_update_timeout(void *eloop_ctx, void *timeout_ctx) 1531 { 1532 struct hostapd_iface *iface = eloop_ctx; 1533 1534 if (!iface->wait_channel_update) { 1535 wpa_printf(MSG_INFO, "Channel list update timeout, but interface was not waiting for it"); 1536 return; 1537 } 1538 1539 /* 1540 * It is possible that the existing channel list is acceptable, so try 1541 * to proceed. 1542 */ 1543 wpa_printf(MSG_DEBUG, "Channel list update timeout - try to continue anyway"); 1544 setup_interface2(iface); 1545 } 1546 1547 1548 void hostapd_channel_list_updated(struct hostapd_iface *iface, int initiator) 1549 { 1550 if (!iface->wait_channel_update || initiator != REGDOM_SET_BY_USER) 1551 return; 1552 1553 wpa_printf(MSG_DEBUG, "Channel list updated - continue setup"); 1554 eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); 1555 setup_interface2(iface); 1556 } 1557 1558 1559 static int setup_interface(struct hostapd_iface *iface) 1560 { 1561 struct hostapd_data *hapd = iface->bss[0]; 1562 size_t i; 1563 1564 /* 1565 * It is possible that setup_interface() is called after the interface 1566 * was disabled etc., in which case driver_ap_teardown is possibly set 1567 * to 1. Clear it here so any other key/station deletion, which is not 1568 * part of a teardown flow, would also call the relevant driver 1569 * callbacks. 1570 */ 1571 iface->driver_ap_teardown = 0; 1572 1573 if (!iface->phy[0]) { 1574 const char *phy = hostapd_drv_get_radio_name(hapd); 1575 if (phy) { 1576 wpa_printf(MSG_DEBUG, "phy: %s", phy); 1577 os_strlcpy(iface->phy, phy, sizeof(iface->phy)); 1578 } 1579 } 1580 1581 /* 1582 * Make sure that all BSSes get configured with a pointer to the same 1583 * driver interface. 1584 */ 1585 for (i = 1; i < iface->num_bss; i++) { 1586 iface->bss[i]->driver = hapd->driver; 1587 iface->bss[i]->drv_priv = hapd->drv_priv; 1588 } 1589 1590 if (hostapd_validate_bssid_configuration(iface)) 1591 return -1; 1592 1593 /* 1594 * Initialize control interfaces early to allow external monitoring of 1595 * channel setup operations that may take considerable amount of time 1596 * especially for DFS cases. 1597 */ 1598 if (start_ctrl_iface(iface)) 1599 return -1; 1600 1601 if (hapd->iconf->country[0] && hapd->iconf->country[1]) { 1602 char country[4], previous_country[4]; 1603 1604 hostapd_set_state(iface, HAPD_IFACE_COUNTRY_UPDATE); 1605 if (hostapd_get_country(hapd, previous_country) < 0) 1606 previous_country[0] = '\0'; 1607 1608 os_memcpy(country, hapd->iconf->country, 3); 1609 country[3] = '\0'; 1610 if (hostapd_set_country(hapd, country) < 0) { 1611 wpa_printf(MSG_ERROR, "Failed to set country code"); 1612 return -1; 1613 } 1614 1615 wpa_printf(MSG_DEBUG, "Previous country code %s, new country code %s", 1616 previous_country, country); 1617 1618 if (os_strncmp(previous_country, country, 2) != 0) { 1619 wpa_printf(MSG_DEBUG, "Continue interface setup after channel list update"); 1620 iface->wait_channel_update = 1; 1621 eloop_register_timeout(5, 0, 1622 channel_list_update_timeout, 1623 iface, NULL); 1624 return 0; 1625 } 1626 } 1627 1628 return setup_interface2(iface); 1629 } 1630 1631 1632 static int configured_fixed_chan_to_freq(struct hostapd_iface *iface) 1633 { 1634 int freq, i, j; 1635 1636 if (!iface->conf->channel) 1637 return 0; 1638 if (iface->conf->op_class) { 1639 freq = ieee80211_chan_to_freq(NULL, iface->conf->op_class, 1640 iface->conf->channel); 1641 if (freq < 0) { 1642 wpa_printf(MSG_INFO, 1643 "Could not convert op_class %u channel %u to operating frequency", 1644 iface->conf->op_class, iface->conf->channel); 1645 return -1; 1646 } 1647 iface->freq = freq; 1648 return 0; 1649 } 1650 1651 /* Old configurations using only 2.4/5/60 GHz bands may not specify the 1652 * op_class parameter. Select a matching channel from the configured 1653 * mode using the channel parameter for these cases. 1654 */ 1655 for (j = 0; j < iface->num_hw_features; j++) { 1656 struct hostapd_hw_modes *mode = &iface->hw_features[j]; 1657 1658 if (iface->conf->hw_mode != HOSTAPD_MODE_IEEE80211ANY && 1659 iface->conf->hw_mode != mode->mode) 1660 continue; 1661 for (i = 0; i < mode->num_channels; i++) { 1662 struct hostapd_channel_data *chan = &mode->channels[i]; 1663 1664 if (chan->chan == iface->conf->channel && 1665 !is_6ghz_freq(chan->freq)) { 1666 iface->freq = chan->freq; 1667 return 0; 1668 } 1669 } 1670 } 1671 1672 wpa_printf(MSG_INFO, "Could not determine operating frequency"); 1673 return -1; 1674 } 1675 1676 1677 static void hostapd_set_6ghz_sec_chan(struct hostapd_iface *iface) 1678 { 1679 int bw, seg0; 1680 1681 if (!is_6ghz_op_class(iface->conf->op_class)) 1682 return; 1683 1684 seg0 = hostapd_get_oper_centr_freq_seg0_idx(iface->conf); 1685 bw = center_idx_to_bw_6ghz(seg0); 1686 /* Assign the secondary channel if absent in config for 1687 * bandwidths > 20 MHz */ 1688 if (bw > 20 && !iface->conf->secondary_channel) { 1689 if (((iface->conf->channel - 1) / 4) % 2) 1690 iface->conf->secondary_channel = -1; 1691 else 1692 iface->conf->secondary_channel = 1; 1693 } 1694 } 1695 1696 1697 static int setup_interface2(struct hostapd_iface *iface) 1698 { 1699 iface->wait_channel_update = 0; 1700 1701 if (hostapd_get_hw_features(iface)) { 1702 /* Not all drivers support this yet, so continue without hw 1703 * feature data. */ 1704 } else { 1705 int ret; 1706 1707 ret = configured_fixed_chan_to_freq(iface); 1708 if (ret < 0) 1709 goto fail; 1710 1711 if (iface->conf->op_class) { 1712 int ch_width; 1713 1714 ch_width = op_class_to_ch_width(iface->conf->op_class); 1715 hostapd_set_oper_chwidth(iface->conf, ch_width); 1716 hostapd_set_6ghz_sec_chan(iface); 1717 } 1718 1719 ret = hostapd_select_hw_mode(iface); 1720 if (ret < 0) { 1721 wpa_printf(MSG_ERROR, "Could not select hw_mode and " 1722 "channel. (%d)", ret); 1723 goto fail; 1724 } 1725 if (ret == 1) { 1726 wpa_printf(MSG_DEBUG, "Interface initialization will be completed in a callback (ACS)"); 1727 return 0; 1728 } 1729 ret = hostapd_check_edmg_capab(iface); 1730 if (ret < 0) 1731 goto fail; 1732 ret = hostapd_check_he_6ghz_capab(iface); 1733 if (ret < 0) 1734 goto fail; 1735 ret = hostapd_check_ht_capab(iface); 1736 if (ret < 0) 1737 goto fail; 1738 if (ret == 1) { 1739 wpa_printf(MSG_DEBUG, "Interface initialization will " 1740 "be completed in a callback"); 1741 return 0; 1742 } 1743 1744 if (iface->conf->ieee80211h) 1745 wpa_printf(MSG_DEBUG, "DFS support is enabled"); 1746 } 1747 return hostapd_setup_interface_complete(iface, 0); 1748 1749 fail: 1750 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 1751 wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 1752 if (iface->interfaces && iface->interfaces->terminate_on_error) 1753 eloop_terminate(); 1754 return -1; 1755 } 1756 1757 1758 #ifdef CONFIG_FST 1759 1760 static const u8 * fst_hostapd_get_bssid_cb(void *ctx) 1761 { 1762 struct hostapd_data *hapd = ctx; 1763 1764 return hapd->own_addr; 1765 } 1766 1767 1768 static void fst_hostapd_get_channel_info_cb(void *ctx, 1769 enum hostapd_hw_mode *hw_mode, 1770 u8 *channel) 1771 { 1772 struct hostapd_data *hapd = ctx; 1773 1774 *hw_mode = ieee80211_freq_to_chan(hapd->iface->freq, channel); 1775 } 1776 1777 1778 static void fst_hostapd_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) 1779 { 1780 struct hostapd_data *hapd = ctx; 1781 1782 if (hapd->iface->fst_ies != fst_ies) { 1783 hapd->iface->fst_ies = fst_ies; 1784 if (ieee802_11_set_beacon(hapd)) 1785 wpa_printf(MSG_WARNING, "FST: Cannot set beacon"); 1786 } 1787 } 1788 1789 1790 static int fst_hostapd_send_action_cb(void *ctx, const u8 *da, 1791 struct wpabuf *buf) 1792 { 1793 struct hostapd_data *hapd = ctx; 1794 1795 return hostapd_drv_send_action(hapd, hapd->iface->freq, 0, da, 1796 wpabuf_head(buf), wpabuf_len(buf)); 1797 } 1798 1799 1800 static const struct wpabuf * fst_hostapd_get_mb_ie_cb(void *ctx, const u8 *addr) 1801 { 1802 struct hostapd_data *hapd = ctx; 1803 struct sta_info *sta = ap_get_sta(hapd, addr); 1804 1805 return sta ? sta->mb_ies : NULL; 1806 } 1807 1808 1809 static void fst_hostapd_update_mb_ie_cb(void *ctx, const u8 *addr, 1810 const u8 *buf, size_t size) 1811 { 1812 struct hostapd_data *hapd = ctx; 1813 struct sta_info *sta = ap_get_sta(hapd, addr); 1814 1815 if (sta) { 1816 struct mb_ies_info info; 1817 1818 if (!mb_ies_info_by_ies(&info, buf, size)) { 1819 wpabuf_free(sta->mb_ies); 1820 sta->mb_ies = mb_ies_by_info(&info); 1821 } 1822 } 1823 } 1824 1825 1826 static const u8 * fst_hostapd_get_sta(struct fst_get_peer_ctx **get_ctx, 1827 bool mb_only) 1828 { 1829 struct sta_info *s = (struct sta_info *) *get_ctx; 1830 1831 if (mb_only) { 1832 for (; s && !s->mb_ies; s = s->next) 1833 ; 1834 } 1835 1836 if (s) { 1837 *get_ctx = (struct fst_get_peer_ctx *) s->next; 1838 1839 return s->addr; 1840 } 1841 1842 *get_ctx = NULL; 1843 return NULL; 1844 } 1845 1846 1847 static const u8 * fst_hostapd_get_peer_first(void *ctx, 1848 struct fst_get_peer_ctx **get_ctx, 1849 bool mb_only) 1850 { 1851 struct hostapd_data *hapd = ctx; 1852 1853 *get_ctx = (struct fst_get_peer_ctx *) hapd->sta_list; 1854 1855 return fst_hostapd_get_sta(get_ctx, mb_only); 1856 } 1857 1858 1859 static const u8 * fst_hostapd_get_peer_next(void *ctx, 1860 struct fst_get_peer_ctx **get_ctx, 1861 bool mb_only) 1862 { 1863 return fst_hostapd_get_sta(get_ctx, mb_only); 1864 } 1865 1866 1867 void fst_hostapd_fill_iface_obj(struct hostapd_data *hapd, 1868 struct fst_wpa_obj *iface_obj) 1869 { 1870 iface_obj->ctx = hapd; 1871 iface_obj->get_bssid = fst_hostapd_get_bssid_cb; 1872 iface_obj->get_channel_info = fst_hostapd_get_channel_info_cb; 1873 iface_obj->set_ies = fst_hostapd_set_ies_cb; 1874 iface_obj->send_action = fst_hostapd_send_action_cb; 1875 iface_obj->get_mb_ie = fst_hostapd_get_mb_ie_cb; 1876 iface_obj->update_mb_ie = fst_hostapd_update_mb_ie_cb; 1877 iface_obj->get_peer_first = fst_hostapd_get_peer_first; 1878 iface_obj->get_peer_next = fst_hostapd_get_peer_next; 1879 } 1880 1881 #endif /* CONFIG_FST */ 1882 1883 #ifdef CONFIG_OWE 1884 1885 static int hostapd_owe_iface_iter(struct hostapd_iface *iface, void *ctx) 1886 { 1887 struct hostapd_data *hapd = ctx; 1888 size_t i; 1889 1890 for (i = 0; i < iface->num_bss; i++) { 1891 struct hostapd_data *bss = iface->bss[i]; 1892 1893 if (os_strcmp(hapd->conf->owe_transition_ifname, 1894 bss->conf->iface) != 0) 1895 continue; 1896 1897 wpa_printf(MSG_DEBUG, 1898 "OWE: ifname=%s found transition mode ifname=%s BSSID " 1899 MACSTR " SSID %s", 1900 hapd->conf->iface, bss->conf->iface, 1901 MAC2STR(bss->own_addr), 1902 wpa_ssid_txt(bss->conf->ssid.ssid, 1903 bss->conf->ssid.ssid_len)); 1904 if (!bss->conf->ssid.ssid_set || !bss->conf->ssid.ssid_len || 1905 is_zero_ether_addr(bss->own_addr)) 1906 continue; 1907 1908 os_memcpy(hapd->conf->owe_transition_bssid, bss->own_addr, 1909 ETH_ALEN); 1910 os_memcpy(hapd->conf->owe_transition_ssid, 1911 bss->conf->ssid.ssid, bss->conf->ssid.ssid_len); 1912 hapd->conf->owe_transition_ssid_len = bss->conf->ssid.ssid_len; 1913 wpa_printf(MSG_DEBUG, 1914 "OWE: Copied transition mode information"); 1915 return 1; 1916 } 1917 1918 return 0; 1919 } 1920 1921 1922 int hostapd_owe_trans_get_info(struct hostapd_data *hapd) 1923 { 1924 if (hapd->conf->owe_transition_ssid_len > 0 && 1925 !is_zero_ether_addr(hapd->conf->owe_transition_bssid)) 1926 return 0; 1927 1928 /* Find transition mode SSID/BSSID information from a BSS operated by 1929 * this hostapd instance. */ 1930 if (!hapd->iface->interfaces || 1931 !hapd->iface->interfaces->for_each_interface) 1932 return hostapd_owe_iface_iter(hapd->iface, hapd); 1933 else 1934 return hapd->iface->interfaces->for_each_interface( 1935 hapd->iface->interfaces, hostapd_owe_iface_iter, hapd); 1936 } 1937 1938 1939 static int hostapd_owe_iface_iter2(struct hostapd_iface *iface, void *ctx) 1940 { 1941 size_t i; 1942 1943 for (i = 0; i < iface->num_bss; i++) { 1944 struct hostapd_data *bss = iface->bss[i]; 1945 int res; 1946 1947 if (!bss->conf->owe_transition_ifname[0]) 1948 continue; 1949 if (bss->iface->state != HAPD_IFACE_ENABLED) { 1950 wpa_printf(MSG_DEBUG, 1951 "OWE: Interface %s state %s - defer beacon update", 1952 bss->conf->iface, 1953 hostapd_state_text(bss->iface->state)); 1954 continue; 1955 } 1956 res = hostapd_owe_trans_get_info(bss); 1957 if (res == 0) 1958 continue; 1959 wpa_printf(MSG_DEBUG, 1960 "OWE: Matching transition mode interface enabled - update beacon data for %s", 1961 bss->conf->iface); 1962 ieee802_11_set_beacon(bss); 1963 } 1964 1965 return 0; 1966 } 1967 1968 #endif /* CONFIG_OWE */ 1969 1970 1971 static void hostapd_owe_update_trans(struct hostapd_iface *iface) 1972 { 1973 #ifdef CONFIG_OWE 1974 /* Check whether the enabled BSS can complete OWE transition mode 1975 * configuration for any pending interface. */ 1976 if (!iface->interfaces || 1977 !iface->interfaces->for_each_interface) 1978 hostapd_owe_iface_iter2(iface, NULL); 1979 else 1980 iface->interfaces->for_each_interface( 1981 iface->interfaces, hostapd_owe_iface_iter2, NULL); 1982 #endif /* CONFIG_OWE */ 1983 } 1984 1985 1986 static void hostapd_interface_setup_failure_handler(void *eloop_ctx, 1987 void *timeout_ctx) 1988 { 1989 struct hostapd_iface *iface = eloop_ctx; 1990 struct hostapd_data *hapd; 1991 1992 if (iface->num_bss < 1 || !iface->bss || !iface->bss[0]) 1993 return; 1994 hapd = iface->bss[0]; 1995 if (hapd->setup_complete_cb) 1996 hapd->setup_complete_cb(hapd->setup_complete_cb_ctx); 1997 } 1998 1999 2000 static int hostapd_setup_interface_complete_sync(struct hostapd_iface *iface, 2001 int err) 2002 { 2003 struct hostapd_data *hapd = iface->bss[0]; 2004 size_t j; 2005 u8 *prev_addr; 2006 int delay_apply_cfg = 0; 2007 int res_dfs_offload = 0; 2008 2009 if (err) 2010 goto fail; 2011 2012 wpa_printf(MSG_DEBUG, "Completing interface initialization"); 2013 if (iface->freq) { 2014 #ifdef NEED_AP_MLME 2015 int res; 2016 #endif /* NEED_AP_MLME */ 2017 2018 wpa_printf(MSG_DEBUG, "Mode: %s Channel: %d " 2019 "Frequency: %d MHz", 2020 hostapd_hw_mode_txt(iface->conf->hw_mode), 2021 iface->conf->channel, iface->freq); 2022 2023 #ifdef NEED_AP_MLME 2024 /* Handle DFS only if it is not offloaded to the driver */ 2025 if (!(iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD)) { 2026 /* Check DFS */ 2027 res = hostapd_handle_dfs(iface); 2028 if (res <= 0) { 2029 if (res < 0) 2030 goto fail; 2031 return res; 2032 } 2033 } else { 2034 /* If DFS is offloaded to the driver */ 2035 res_dfs_offload = hostapd_handle_dfs_offload(iface); 2036 if (res_dfs_offload <= 0) { 2037 if (res_dfs_offload < 0) 2038 goto fail; 2039 } else { 2040 wpa_printf(MSG_DEBUG, 2041 "Proceed with AP/channel setup"); 2042 /* 2043 * If this is a DFS channel, move to completing 2044 * AP setup. 2045 */ 2046 if (res_dfs_offload == 1) 2047 goto dfs_offload; 2048 /* Otherwise fall through. */ 2049 } 2050 } 2051 #endif /* NEED_AP_MLME */ 2052 2053 #ifdef CONFIG_MESH 2054 if (iface->mconf != NULL) { 2055 wpa_printf(MSG_DEBUG, 2056 "%s: Mesh configuration will be applied while joining the mesh network", 2057 iface->bss[0]->conf->iface); 2058 delay_apply_cfg = 1; 2059 } 2060 #endif /* CONFIG_MESH */ 2061 2062 if (!delay_apply_cfg && 2063 hostapd_set_freq(hapd, hapd->iconf->hw_mode, iface->freq, 2064 hapd->iconf->channel, 2065 hapd->iconf->enable_edmg, 2066 hapd->iconf->edmg_channel, 2067 hapd->iconf->ieee80211n, 2068 hapd->iconf->ieee80211ac, 2069 hapd->iconf->ieee80211ax, 2070 hapd->iconf->secondary_channel, 2071 hostapd_get_oper_chwidth(hapd->iconf), 2072 hostapd_get_oper_centr_freq_seg0_idx( 2073 hapd->iconf), 2074 hostapd_get_oper_centr_freq_seg1_idx( 2075 hapd->iconf))) { 2076 wpa_printf(MSG_ERROR, "Could not set channel for " 2077 "kernel driver"); 2078 goto fail; 2079 } 2080 } 2081 2082 if (iface->current_mode) { 2083 if (hostapd_prepare_rates(iface, iface->current_mode)) { 2084 wpa_printf(MSG_ERROR, "Failed to prepare rates " 2085 "table."); 2086 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 2087 HOSTAPD_LEVEL_WARNING, 2088 "Failed to prepare rates table."); 2089 goto fail; 2090 } 2091 } 2092 2093 if (hapd->iconf->rts_threshold >= -1 && 2094 hostapd_set_rts(hapd, hapd->iconf->rts_threshold) && 2095 hapd->iconf->rts_threshold >= -1) { 2096 wpa_printf(MSG_ERROR, "Could not set RTS threshold for " 2097 "kernel driver"); 2098 goto fail; 2099 } 2100 2101 if (hapd->iconf->fragm_threshold >= -1 && 2102 hostapd_set_frag(hapd, hapd->iconf->fragm_threshold) && 2103 hapd->iconf->fragm_threshold != -1) { 2104 wpa_printf(MSG_ERROR, "Could not set fragmentation threshold " 2105 "for kernel driver"); 2106 goto fail; 2107 } 2108 2109 prev_addr = hapd->own_addr; 2110 2111 for (j = 0; j < iface->num_bss; j++) { 2112 hapd = iface->bss[j]; 2113 if (j) 2114 os_memcpy(hapd->own_addr, prev_addr, ETH_ALEN); 2115 if (hostapd_setup_bss(hapd, j == 0)) { 2116 for (;;) { 2117 hapd = iface->bss[j]; 2118 hostapd_bss_deinit_no_free(hapd); 2119 hostapd_free_hapd_data(hapd); 2120 if (j == 0) 2121 break; 2122 j--; 2123 } 2124 goto fail; 2125 } 2126 if (is_zero_ether_addr(hapd->conf->bssid)) 2127 prev_addr = hapd->own_addr; 2128 } 2129 hapd = iface->bss[0]; 2130 2131 hostapd_tx_queue_params(iface); 2132 2133 ap_list_init(iface); 2134 2135 hostapd_set_acl(hapd); 2136 2137 if (hostapd_driver_commit(hapd) < 0) { 2138 wpa_printf(MSG_ERROR, "%s: Failed to commit driver " 2139 "configuration", __func__); 2140 goto fail; 2141 } 2142 2143 /* 2144 * WPS UPnP module can be initialized only when the "upnp_iface" is up. 2145 * If "interface" and "upnp_iface" are the same (e.g., non-bridge 2146 * mode), the interface is up only after driver_commit, so initialize 2147 * WPS after driver_commit. 2148 */ 2149 for (j = 0; j < iface->num_bss; j++) { 2150 if (hostapd_init_wps_complete(iface->bss[j])) 2151 goto fail; 2152 } 2153 2154 if ((iface->drv_flags & WPA_DRIVER_FLAGS_DFS_OFFLOAD) && 2155 !res_dfs_offload) { 2156 /* 2157 * If freq is DFS, and DFS is offloaded to the driver, then wait 2158 * for CAC to complete. 2159 */ 2160 wpa_printf(MSG_DEBUG, "%s: Wait for CAC to complete", __func__); 2161 return res_dfs_offload; 2162 } 2163 2164 #ifdef NEED_AP_MLME 2165 dfs_offload: 2166 #endif /* NEED_AP_MLME */ 2167 2168 #ifdef CONFIG_FST 2169 if (hapd->iconf->fst_cfg.group_id[0]) { 2170 struct fst_wpa_obj iface_obj; 2171 2172 fst_hostapd_fill_iface_obj(hapd, &iface_obj); 2173 iface->fst = fst_attach(hapd->conf->iface, hapd->own_addr, 2174 &iface_obj, &hapd->iconf->fst_cfg); 2175 if (!iface->fst) { 2176 wpa_printf(MSG_ERROR, "Could not attach to FST %s", 2177 hapd->iconf->fst_cfg.group_id); 2178 goto fail; 2179 } 2180 } 2181 #endif /* CONFIG_FST */ 2182 2183 hostapd_set_state(iface, HAPD_IFACE_ENABLED); 2184 hostapd_owe_update_trans(iface); 2185 airtime_policy_update_init(iface); 2186 wpa_msg(iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_ENABLED); 2187 if (hapd->setup_complete_cb) 2188 hapd->setup_complete_cb(hapd->setup_complete_cb_ctx); 2189 2190 #ifdef CONFIG_MESH 2191 if (delay_apply_cfg && !iface->mconf) { 2192 wpa_printf(MSG_ERROR, "Error while completing mesh init"); 2193 goto fail; 2194 } 2195 #endif /* CONFIG_MESH */ 2196 2197 wpa_printf(MSG_DEBUG, "%s: Setup of interface done.", 2198 iface->bss[0]->conf->iface); 2199 if (iface->interfaces && iface->interfaces->terminate_on_error > 0) 2200 iface->interfaces->terminate_on_error--; 2201 2202 for (j = 0; j < iface->num_bss; j++) 2203 hostapd_neighbor_set_own_report(iface->bss[j]); 2204 2205 return 0; 2206 2207 fail: 2208 wpa_printf(MSG_ERROR, "Interface initialization failed"); 2209 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 2210 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2211 #ifdef CONFIG_FST 2212 if (iface->fst) { 2213 fst_detach(iface->fst); 2214 iface->fst = NULL; 2215 } 2216 #endif /* CONFIG_FST */ 2217 2218 if (iface->interfaces && iface->interfaces->terminate_on_error) { 2219 eloop_terminate(); 2220 } else if (hapd->setup_complete_cb) { 2221 /* 2222 * Calling hapd->setup_complete_cb directly may cause iface 2223 * deinitialization which may be accessed later by the caller. 2224 */ 2225 eloop_register_timeout(0, 0, 2226 hostapd_interface_setup_failure_handler, 2227 iface, NULL); 2228 } 2229 2230 return -1; 2231 } 2232 2233 2234 /** 2235 * hostapd_setup_interface_complete - Complete interface setup 2236 * 2237 * This function is called when previous steps in the interface setup has been 2238 * completed. This can also start operations, e.g., DFS, that will require 2239 * additional processing before interface is ready to be enabled. Such 2240 * operations will call this function from eloop callbacks when finished. 2241 */ 2242 int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err) 2243 { 2244 struct hapd_interfaces *interfaces = iface->interfaces; 2245 struct hostapd_data *hapd = iface->bss[0]; 2246 unsigned int i; 2247 int not_ready_in_sync_ifaces = 0; 2248 2249 if (!iface->need_to_start_in_sync) 2250 return hostapd_setup_interface_complete_sync(iface, err); 2251 2252 if (err) { 2253 wpa_printf(MSG_ERROR, "Interface initialization failed"); 2254 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 2255 iface->need_to_start_in_sync = 0; 2256 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2257 if (interfaces && interfaces->terminate_on_error) 2258 eloop_terminate(); 2259 return -1; 2260 } 2261 2262 if (iface->ready_to_start_in_sync) { 2263 /* Already in ready and waiting. should never happpen */ 2264 return 0; 2265 } 2266 2267 for (i = 0; i < interfaces->count; i++) { 2268 if (interfaces->iface[i]->need_to_start_in_sync && 2269 !interfaces->iface[i]->ready_to_start_in_sync) 2270 not_ready_in_sync_ifaces++; 2271 } 2272 2273 /* 2274 * Check if this is the last interface, if yes then start all the other 2275 * waiting interfaces. If not, add this interface to the waiting list. 2276 */ 2277 if (not_ready_in_sync_ifaces > 1 && iface->state == HAPD_IFACE_DFS) { 2278 /* 2279 * If this interface went through CAC, do not synchronize, just 2280 * start immediately. 2281 */ 2282 iface->need_to_start_in_sync = 0; 2283 wpa_printf(MSG_INFO, 2284 "%s: Finished CAC - bypass sync and start interface", 2285 iface->bss[0]->conf->iface); 2286 return hostapd_setup_interface_complete_sync(iface, err); 2287 } 2288 2289 if (not_ready_in_sync_ifaces > 1) { 2290 /* need to wait as there are other interfaces still coming up */ 2291 iface->ready_to_start_in_sync = 1; 2292 wpa_printf(MSG_INFO, 2293 "%s: Interface waiting to sync with other interfaces", 2294 iface->bss[0]->conf->iface); 2295 return 0; 2296 } 2297 2298 wpa_printf(MSG_INFO, 2299 "%s: Last interface to sync - starting all interfaces", 2300 iface->bss[0]->conf->iface); 2301 iface->need_to_start_in_sync = 0; 2302 hostapd_setup_interface_complete_sync(iface, err); 2303 for (i = 0; i < interfaces->count; i++) { 2304 if (interfaces->iface[i]->need_to_start_in_sync && 2305 interfaces->iface[i]->ready_to_start_in_sync) { 2306 hostapd_setup_interface_complete_sync( 2307 interfaces->iface[i], 0); 2308 /* Only once the interfaces are sync started */ 2309 interfaces->iface[i]->need_to_start_in_sync = 0; 2310 } 2311 } 2312 2313 return 0; 2314 } 2315 2316 2317 /** 2318 * hostapd_setup_interface - Setup of an interface 2319 * @iface: Pointer to interface data. 2320 * Returns: 0 on success, -1 on failure 2321 * 2322 * Initializes the driver interface, validates the configuration, 2323 * and sets driver parameters based on the configuration. 2324 * Flushes old stations, sets the channel, encryption, 2325 * beacons, and WDS links based on the configuration. 2326 * 2327 * If interface setup requires more time, e.g., to perform HT co-ex scans, ACS, 2328 * or DFS operations, this function returns 0 before such operations have been 2329 * completed. The pending operations are registered into eloop and will be 2330 * completed from eloop callbacks. Those callbacks end up calling 2331 * hostapd_setup_interface_complete() once setup has been completed. 2332 */ 2333 int hostapd_setup_interface(struct hostapd_iface *iface) 2334 { 2335 int ret; 2336 2337 if (!iface->conf) 2338 return -1; 2339 ret = setup_interface(iface); 2340 if (ret) { 2341 wpa_printf(MSG_ERROR, "%s: Unable to setup interface.", 2342 iface->conf->bss[0]->iface); 2343 return -1; 2344 } 2345 2346 return 0; 2347 } 2348 2349 2350 /** 2351 * hostapd_alloc_bss_data - Allocate and initialize per-BSS data 2352 * @hapd_iface: Pointer to interface data 2353 * @conf: Pointer to per-interface configuration 2354 * @bss: Pointer to per-BSS configuration for this BSS 2355 * Returns: Pointer to allocated BSS data 2356 * 2357 * This function is used to allocate per-BSS data structure. This data will be 2358 * freed after hostapd_cleanup() is called for it during interface 2359 * deinitialization. 2360 */ 2361 struct hostapd_data * 2362 hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface, 2363 struct hostapd_config *conf, 2364 struct hostapd_bss_config *bss) 2365 { 2366 struct hostapd_data *hapd; 2367 2368 hapd = os_zalloc(sizeof(*hapd)); 2369 if (hapd == NULL) 2370 return NULL; 2371 2372 hapd->new_assoc_sta_cb = hostapd_new_assoc_sta; 2373 hapd->iconf = conf; 2374 hapd->conf = bss; 2375 hapd->iface = hapd_iface; 2376 if (conf) 2377 hapd->driver = conf->driver; 2378 hapd->ctrl_sock = -1; 2379 dl_list_init(&hapd->ctrl_dst); 2380 dl_list_init(&hapd->nr_db); 2381 hapd->dhcp_sock = -1; 2382 #ifdef CONFIG_IEEE80211R_AP 2383 dl_list_init(&hapd->l2_queue); 2384 dl_list_init(&hapd->l2_oui_queue); 2385 #endif /* CONFIG_IEEE80211R_AP */ 2386 #ifdef CONFIG_SAE 2387 dl_list_init(&hapd->sae_commit_queue); 2388 #endif /* CONFIG_SAE */ 2389 2390 return hapd; 2391 } 2392 2393 2394 static void hostapd_bss_deinit(struct hostapd_data *hapd) 2395 { 2396 if (!hapd) 2397 return; 2398 wpa_printf(MSG_DEBUG, "%s: deinit bss %s", __func__, 2399 hapd->conf ? hapd->conf->iface : "N/A"); 2400 hostapd_bss_deinit_no_free(hapd); 2401 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2402 #ifdef CONFIG_SQLITE 2403 if (hapd->rad_attr_db) { 2404 sqlite3_close(hapd->rad_attr_db); 2405 hapd->rad_attr_db = NULL; 2406 } 2407 #endif /* CONFIG_SQLITE */ 2408 hostapd_cleanup(hapd); 2409 } 2410 2411 2412 void hostapd_interface_deinit(struct hostapd_iface *iface) 2413 { 2414 int j; 2415 2416 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 2417 if (iface == NULL) 2418 return; 2419 2420 hostapd_set_state(iface, HAPD_IFACE_DISABLED); 2421 2422 eloop_cancel_timeout(channel_list_update_timeout, iface, NULL); 2423 iface->wait_channel_update = 0; 2424 2425 #ifdef CONFIG_FST 2426 if (iface->fst) { 2427 fst_detach(iface->fst); 2428 iface->fst = NULL; 2429 } 2430 #endif /* CONFIG_FST */ 2431 2432 for (j = (int) iface->num_bss - 1; j >= 0; j--) { 2433 if (!iface->bss) 2434 break; 2435 hostapd_bss_deinit(iface->bss[j]); 2436 } 2437 2438 #ifdef NEED_AP_MLME 2439 hostapd_stop_setup_timers(iface); 2440 eloop_cancel_timeout(ap_ht2040_timeout, iface, NULL); 2441 #endif /* NEED_AP_MLME */ 2442 } 2443 2444 2445 void hostapd_interface_free(struct hostapd_iface *iface) 2446 { 2447 size_t j; 2448 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 2449 for (j = 0; j < iface->num_bss; j++) { 2450 if (!iface->bss) 2451 break; 2452 wpa_printf(MSG_DEBUG, "%s: free hapd %p", 2453 __func__, iface->bss[j]); 2454 os_free(iface->bss[j]); 2455 } 2456 hostapd_cleanup_iface(iface); 2457 } 2458 2459 2460 struct hostapd_iface * hostapd_alloc_iface(void) 2461 { 2462 struct hostapd_iface *hapd_iface; 2463 2464 hapd_iface = os_zalloc(sizeof(*hapd_iface)); 2465 if (!hapd_iface) 2466 return NULL; 2467 2468 dl_list_init(&hapd_iface->sta_seen); 2469 2470 return hapd_iface; 2471 } 2472 2473 2474 /** 2475 * hostapd_init - Allocate and initialize per-interface data 2476 * @config_file: Path to the configuration file 2477 * Returns: Pointer to the allocated interface data or %NULL on failure 2478 * 2479 * This function is used to allocate main data structures for per-interface 2480 * data. The allocated data buffer will be freed by calling 2481 * hostapd_cleanup_iface(). 2482 */ 2483 struct hostapd_iface * hostapd_init(struct hapd_interfaces *interfaces, 2484 const char *config_file) 2485 { 2486 struct hostapd_iface *hapd_iface = NULL; 2487 struct hostapd_config *conf = NULL; 2488 struct hostapd_data *hapd; 2489 size_t i; 2490 2491 hapd_iface = hostapd_alloc_iface(); 2492 if (hapd_iface == NULL) 2493 goto fail; 2494 2495 hapd_iface->config_fname = os_strdup(config_file); 2496 if (hapd_iface->config_fname == NULL) 2497 goto fail; 2498 2499 conf = interfaces->config_read_cb(hapd_iface->config_fname); 2500 if (conf == NULL) 2501 goto fail; 2502 hapd_iface->conf = conf; 2503 2504 hapd_iface->num_bss = conf->num_bss; 2505 hapd_iface->bss = os_calloc(conf->num_bss, 2506 sizeof(struct hostapd_data *)); 2507 if (hapd_iface->bss == NULL) 2508 goto fail; 2509 2510 for (i = 0; i < conf->num_bss; i++) { 2511 hapd = hapd_iface->bss[i] = 2512 hostapd_alloc_bss_data(hapd_iface, conf, 2513 conf->bss[i]); 2514 if (hapd == NULL) 2515 goto fail; 2516 hapd->msg_ctx = hapd; 2517 } 2518 2519 return hapd_iface; 2520 2521 fail: 2522 wpa_printf(MSG_ERROR, "Failed to set up interface with %s", 2523 config_file); 2524 if (conf) 2525 hostapd_config_free(conf); 2526 if (hapd_iface) { 2527 os_free(hapd_iface->config_fname); 2528 os_free(hapd_iface->bss); 2529 wpa_printf(MSG_DEBUG, "%s: free iface %p", 2530 __func__, hapd_iface); 2531 os_free(hapd_iface); 2532 } 2533 return NULL; 2534 } 2535 2536 2537 static int ifname_in_use(struct hapd_interfaces *interfaces, const char *ifname) 2538 { 2539 size_t i, j; 2540 2541 for (i = 0; i < interfaces->count; i++) { 2542 struct hostapd_iface *iface = interfaces->iface[i]; 2543 for (j = 0; j < iface->num_bss; j++) { 2544 struct hostapd_data *hapd = iface->bss[j]; 2545 if (os_strcmp(ifname, hapd->conf->iface) == 0) 2546 return 1; 2547 } 2548 } 2549 2550 return 0; 2551 } 2552 2553 2554 /** 2555 * hostapd_interface_init_bss - Read configuration file and init BSS data 2556 * 2557 * This function is used to parse configuration file for a BSS. This BSS is 2558 * added to an existing interface sharing the same radio (if any) or a new 2559 * interface is created if this is the first interface on a radio. This 2560 * allocate memory for the BSS. No actual driver operations are started. 2561 * 2562 * This is similar to hostapd_interface_init(), but for a case where the 2563 * configuration is used to add a single BSS instead of all BSSes for a radio. 2564 */ 2565 struct hostapd_iface * 2566 hostapd_interface_init_bss(struct hapd_interfaces *interfaces, const char *phy, 2567 const char *config_fname, int debug) 2568 { 2569 struct hostapd_iface *new_iface = NULL, *iface = NULL; 2570 struct hostapd_data *hapd; 2571 int k; 2572 size_t i, bss_idx; 2573 2574 if (!phy || !*phy) 2575 return NULL; 2576 2577 for (i = 0; i < interfaces->count; i++) { 2578 if (os_strcmp(interfaces->iface[i]->phy, phy) == 0) { 2579 iface = interfaces->iface[i]; 2580 break; 2581 } 2582 } 2583 2584 wpa_printf(MSG_INFO, "Configuration file: %s (phy %s)%s", 2585 config_fname, phy, iface ? "" : " --> new PHY"); 2586 if (iface) { 2587 struct hostapd_config *conf; 2588 struct hostapd_bss_config **tmp_conf; 2589 struct hostapd_data **tmp_bss; 2590 struct hostapd_bss_config *bss; 2591 const char *ifname; 2592 2593 /* Add new BSS to existing iface */ 2594 conf = interfaces->config_read_cb(config_fname); 2595 if (conf == NULL) 2596 return NULL; 2597 if (conf->num_bss > 1) { 2598 wpa_printf(MSG_ERROR, "Multiple BSSes specified in BSS-config"); 2599 hostapd_config_free(conf); 2600 return NULL; 2601 } 2602 2603 ifname = conf->bss[0]->iface; 2604 if (ifname[0] != '\0' && ifname_in_use(interfaces, ifname)) { 2605 wpa_printf(MSG_ERROR, 2606 "Interface name %s already in use", ifname); 2607 hostapd_config_free(conf); 2608 return NULL; 2609 } 2610 2611 tmp_conf = os_realloc_array( 2612 iface->conf->bss, iface->conf->num_bss + 1, 2613 sizeof(struct hostapd_bss_config *)); 2614 tmp_bss = os_realloc_array(iface->bss, iface->num_bss + 1, 2615 sizeof(struct hostapd_data *)); 2616 if (tmp_bss) 2617 iface->bss = tmp_bss; 2618 if (tmp_conf) { 2619 iface->conf->bss = tmp_conf; 2620 iface->conf->last_bss = tmp_conf[0]; 2621 } 2622 if (tmp_bss == NULL || tmp_conf == NULL) { 2623 hostapd_config_free(conf); 2624 return NULL; 2625 } 2626 bss = iface->conf->bss[iface->conf->num_bss] = conf->bss[0]; 2627 iface->conf->num_bss++; 2628 2629 hapd = hostapd_alloc_bss_data(iface, iface->conf, bss); 2630 if (hapd == NULL) { 2631 iface->conf->num_bss--; 2632 hostapd_config_free(conf); 2633 return NULL; 2634 } 2635 iface->conf->last_bss = bss; 2636 iface->bss[iface->num_bss] = hapd; 2637 hapd->msg_ctx = hapd; 2638 2639 bss_idx = iface->num_bss++; 2640 conf->num_bss--; 2641 conf->bss[0] = NULL; 2642 hostapd_config_free(conf); 2643 } else { 2644 /* Add a new iface with the first BSS */ 2645 new_iface = iface = hostapd_init(interfaces, config_fname); 2646 if (!iface) 2647 return NULL; 2648 os_strlcpy(iface->phy, phy, sizeof(iface->phy)); 2649 iface->interfaces = interfaces; 2650 bss_idx = 0; 2651 } 2652 2653 for (k = 0; k < debug; k++) { 2654 if (iface->bss[bss_idx]->conf->logger_stdout_level > 0) 2655 iface->bss[bss_idx]->conf->logger_stdout_level--; 2656 } 2657 2658 if (iface->conf->bss[bss_idx]->iface[0] == '\0' && 2659 !hostapd_drv_none(iface->bss[bss_idx])) { 2660 wpa_printf(MSG_ERROR, "Interface name not specified in %s", 2661 config_fname); 2662 if (new_iface) 2663 hostapd_interface_deinit_free(new_iface); 2664 return NULL; 2665 } 2666 2667 return iface; 2668 } 2669 2670 2671 void hostapd_interface_deinit_free(struct hostapd_iface *iface) 2672 { 2673 const struct wpa_driver_ops *driver; 2674 void *drv_priv; 2675 2676 wpa_printf(MSG_DEBUG, "%s(%p)", __func__, iface); 2677 if (iface == NULL) 2678 return; 2679 wpa_printf(MSG_DEBUG, "%s: num_bss=%u conf->num_bss=%u", 2680 __func__, (unsigned int) iface->num_bss, 2681 (unsigned int) iface->conf->num_bss); 2682 driver = iface->bss[0]->driver; 2683 drv_priv = iface->bss[0]->drv_priv; 2684 hostapd_interface_deinit(iface); 2685 wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", 2686 __func__, driver, drv_priv); 2687 if (driver && driver->hapd_deinit && drv_priv) { 2688 driver->hapd_deinit(drv_priv); 2689 iface->bss[0]->drv_priv = NULL; 2690 } 2691 hostapd_interface_free(iface); 2692 } 2693 2694 2695 static void hostapd_deinit_driver(const struct wpa_driver_ops *driver, 2696 void *drv_priv, 2697 struct hostapd_iface *hapd_iface) 2698 { 2699 size_t j; 2700 2701 wpa_printf(MSG_DEBUG, "%s: driver=%p drv_priv=%p -> hapd_deinit", 2702 __func__, driver, drv_priv); 2703 if (driver && driver->hapd_deinit && drv_priv) { 2704 driver->hapd_deinit(drv_priv); 2705 for (j = 0; j < hapd_iface->num_bss; j++) { 2706 wpa_printf(MSG_DEBUG, "%s:bss[%d]->drv_priv=%p", 2707 __func__, (int) j, 2708 hapd_iface->bss[j]->drv_priv); 2709 if (hapd_iface->bss[j]->drv_priv == drv_priv) { 2710 hapd_iface->bss[j]->drv_priv = NULL; 2711 hapd_iface->extended_capa = NULL; 2712 hapd_iface->extended_capa_mask = NULL; 2713 hapd_iface->extended_capa_len = 0; 2714 } 2715 } 2716 } 2717 } 2718 2719 2720 int hostapd_enable_iface(struct hostapd_iface *hapd_iface) 2721 { 2722 size_t j; 2723 2724 if (!hapd_iface) 2725 return -1; 2726 2727 if (hapd_iface->enable_iface_cb) 2728 return hapd_iface->enable_iface_cb(hapd_iface); 2729 2730 if (hapd_iface->bss[0]->drv_priv != NULL) { 2731 wpa_printf(MSG_ERROR, "Interface %s already enabled", 2732 hapd_iface->conf->bss[0]->iface); 2733 return -1; 2734 } 2735 2736 wpa_printf(MSG_DEBUG, "Enable interface %s", 2737 hapd_iface->conf->bss[0]->iface); 2738 2739 for (j = 0; j < hapd_iface->num_bss; j++) 2740 hostapd_set_security_params(hapd_iface->conf->bss[j], 1); 2741 if (hostapd_config_check(hapd_iface->conf, 1) < 0) { 2742 wpa_printf(MSG_INFO, "Invalid configuration - cannot enable"); 2743 return -1; 2744 } 2745 2746 if (hapd_iface->interfaces == NULL || 2747 hapd_iface->interfaces->driver_init == NULL || 2748 hapd_iface->interfaces->driver_init(hapd_iface)) 2749 return -1; 2750 2751 if (hostapd_setup_interface(hapd_iface)) { 2752 hostapd_deinit_driver(hapd_iface->bss[0]->driver, 2753 hapd_iface->bss[0]->drv_priv, 2754 hapd_iface); 2755 return -1; 2756 } 2757 2758 return 0; 2759 } 2760 2761 2762 int hostapd_reload_iface(struct hostapd_iface *hapd_iface) 2763 { 2764 size_t j; 2765 2766 wpa_printf(MSG_DEBUG, "Reload interface %s", 2767 hapd_iface->conf->bss[0]->iface); 2768 for (j = 0; j < hapd_iface->num_bss; j++) 2769 hostapd_set_security_params(hapd_iface->conf->bss[j], 1); 2770 if (hostapd_config_check(hapd_iface->conf, 1) < 0) { 2771 wpa_printf(MSG_ERROR, "Updated configuration is invalid"); 2772 return -1; 2773 } 2774 hostapd_clear_old(hapd_iface); 2775 for (j = 0; j < hapd_iface->num_bss; j++) 2776 hostapd_reload_bss(hapd_iface->bss[j]); 2777 2778 return 0; 2779 } 2780 2781 2782 int hostapd_disable_iface(struct hostapd_iface *hapd_iface) 2783 { 2784 size_t j; 2785 const struct wpa_driver_ops *driver; 2786 void *drv_priv; 2787 2788 if (hapd_iface == NULL) 2789 return -1; 2790 2791 if (hapd_iface->disable_iface_cb) 2792 return hapd_iface->disable_iface_cb(hapd_iface); 2793 2794 if (hapd_iface->bss[0]->drv_priv == NULL) { 2795 wpa_printf(MSG_INFO, "Interface %s already disabled", 2796 hapd_iface->conf->bss[0]->iface); 2797 return -1; 2798 } 2799 2800 wpa_msg(hapd_iface->bss[0]->msg_ctx, MSG_INFO, AP_EVENT_DISABLED); 2801 driver = hapd_iface->bss[0]->driver; 2802 drv_priv = hapd_iface->bss[0]->drv_priv; 2803 2804 hapd_iface->driver_ap_teardown = 2805 !!(hapd_iface->drv_flags & 2806 WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 2807 2808 #ifdef NEED_AP_MLME 2809 for (j = 0; j < hapd_iface->num_bss; j++) 2810 hostapd_cleanup_cs_params(hapd_iface->bss[j]); 2811 #endif /* NEED_AP_MLME */ 2812 2813 /* same as hostapd_interface_deinit without deinitializing ctrl-iface */ 2814 for (j = 0; j < hapd_iface->num_bss; j++) { 2815 struct hostapd_data *hapd = hapd_iface->bss[j]; 2816 hostapd_bss_deinit_no_free(hapd); 2817 hostapd_free_hapd_data(hapd); 2818 } 2819 2820 hostapd_deinit_driver(driver, drv_priv, hapd_iface); 2821 2822 /* From hostapd_cleanup_iface: These were initialized in 2823 * hostapd_setup_interface and hostapd_setup_interface_complete 2824 */ 2825 hostapd_cleanup_iface_partial(hapd_iface); 2826 2827 wpa_printf(MSG_DEBUG, "Interface %s disabled", 2828 hapd_iface->bss[0]->conf->iface); 2829 hostapd_set_state(hapd_iface, HAPD_IFACE_DISABLED); 2830 return 0; 2831 } 2832 2833 2834 static struct hostapd_iface * 2835 hostapd_iface_alloc(struct hapd_interfaces *interfaces) 2836 { 2837 struct hostapd_iface **iface, *hapd_iface; 2838 2839 iface = os_realloc_array(interfaces->iface, interfaces->count + 1, 2840 sizeof(struct hostapd_iface *)); 2841 if (iface == NULL) 2842 return NULL; 2843 interfaces->iface = iface; 2844 hapd_iface = interfaces->iface[interfaces->count] = 2845 hostapd_alloc_iface(); 2846 if (hapd_iface == NULL) { 2847 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for " 2848 "the interface", __func__); 2849 return NULL; 2850 } 2851 interfaces->count++; 2852 hapd_iface->interfaces = interfaces; 2853 2854 return hapd_iface; 2855 } 2856 2857 2858 static struct hostapd_config * 2859 hostapd_config_alloc(struct hapd_interfaces *interfaces, const char *ifname, 2860 const char *ctrl_iface, const char *driver) 2861 { 2862 struct hostapd_bss_config *bss; 2863 struct hostapd_config *conf; 2864 2865 /* Allocates memory for bss and conf */ 2866 conf = hostapd_config_defaults(); 2867 if (conf == NULL) { 2868 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for " 2869 "configuration", __func__); 2870 return NULL; 2871 } 2872 2873 if (driver) { 2874 int j; 2875 2876 for (j = 0; wpa_drivers[j]; j++) { 2877 if (os_strcmp(driver, wpa_drivers[j]->name) == 0) { 2878 conf->driver = wpa_drivers[j]; 2879 goto skip; 2880 } 2881 } 2882 2883 wpa_printf(MSG_ERROR, 2884 "Invalid/unknown driver '%s' - registering the default driver", 2885 driver); 2886 } 2887 2888 conf->driver = wpa_drivers[0]; 2889 if (conf->driver == NULL) { 2890 wpa_printf(MSG_ERROR, "No driver wrappers registered!"); 2891 hostapd_config_free(conf); 2892 return NULL; 2893 } 2894 2895 skip: 2896 bss = conf->last_bss = conf->bss[0]; 2897 2898 os_strlcpy(bss->iface, ifname, sizeof(bss->iface)); 2899 bss->ctrl_interface = os_strdup(ctrl_iface); 2900 if (bss->ctrl_interface == NULL) { 2901 hostapd_config_free(conf); 2902 return NULL; 2903 } 2904 2905 /* Reading configuration file skipped, will be done in SET! 2906 * From reading the configuration till the end has to be done in 2907 * SET 2908 */ 2909 return conf; 2910 } 2911 2912 2913 static int hostapd_data_alloc(struct hostapd_iface *hapd_iface, 2914 struct hostapd_config *conf) 2915 { 2916 size_t i; 2917 struct hostapd_data *hapd; 2918 2919 hapd_iface->bss = os_calloc(conf->num_bss, 2920 sizeof(struct hostapd_data *)); 2921 if (hapd_iface->bss == NULL) 2922 return -1; 2923 2924 for (i = 0; i < conf->num_bss; i++) { 2925 hapd = hapd_iface->bss[i] = 2926 hostapd_alloc_bss_data(hapd_iface, conf, conf->bss[i]); 2927 if (hapd == NULL) { 2928 while (i > 0) { 2929 i--; 2930 os_free(hapd_iface->bss[i]); 2931 hapd_iface->bss[i] = NULL; 2932 } 2933 os_free(hapd_iface->bss); 2934 hapd_iface->bss = NULL; 2935 return -1; 2936 } 2937 hapd->msg_ctx = hapd; 2938 } 2939 2940 hapd_iface->conf = conf; 2941 hapd_iface->num_bss = conf->num_bss; 2942 2943 return 0; 2944 } 2945 2946 2947 int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf) 2948 { 2949 struct hostapd_config *conf = NULL; 2950 struct hostapd_iface *hapd_iface = NULL, *new_iface = NULL; 2951 struct hostapd_data *hapd; 2952 char *ptr; 2953 size_t i, j; 2954 const char *conf_file = NULL, *phy_name = NULL; 2955 2956 if (os_strncmp(buf, "bss_config=", 11) == 0) { 2957 char *pos; 2958 phy_name = buf + 11; 2959 pos = os_strchr(phy_name, ':'); 2960 if (!pos) 2961 return -1; 2962 *pos++ = '\0'; 2963 conf_file = pos; 2964 if (!os_strlen(conf_file)) 2965 return -1; 2966 2967 hapd_iface = hostapd_interface_init_bss(interfaces, phy_name, 2968 conf_file, 0); 2969 if (!hapd_iface) 2970 return -1; 2971 for (j = 0; j < interfaces->count; j++) { 2972 if (interfaces->iface[j] == hapd_iface) 2973 break; 2974 } 2975 if (j == interfaces->count) { 2976 struct hostapd_iface **tmp; 2977 tmp = os_realloc_array(interfaces->iface, 2978 interfaces->count + 1, 2979 sizeof(struct hostapd_iface *)); 2980 if (!tmp) { 2981 hostapd_interface_deinit_free(hapd_iface); 2982 return -1; 2983 } 2984 interfaces->iface = tmp; 2985 interfaces->iface[interfaces->count++] = hapd_iface; 2986 new_iface = hapd_iface; 2987 } 2988 2989 if (new_iface) { 2990 if (interfaces->driver_init(hapd_iface)) 2991 goto fail; 2992 2993 if (hostapd_setup_interface(hapd_iface)) { 2994 hostapd_deinit_driver( 2995 hapd_iface->bss[0]->driver, 2996 hapd_iface->bss[0]->drv_priv, 2997 hapd_iface); 2998 goto fail; 2999 } 3000 } else { 3001 /* Assign new BSS with bss[0]'s driver info */ 3002 hapd = hapd_iface->bss[hapd_iface->num_bss - 1]; 3003 hapd->driver = hapd_iface->bss[0]->driver; 3004 hapd->drv_priv = hapd_iface->bss[0]->drv_priv; 3005 os_memcpy(hapd->own_addr, hapd_iface->bss[0]->own_addr, 3006 ETH_ALEN); 3007 3008 if (start_ctrl_iface_bss(hapd) < 0 || 3009 (hapd_iface->state == HAPD_IFACE_ENABLED && 3010 hostapd_setup_bss(hapd, -1))) { 3011 hostapd_cleanup(hapd); 3012 hapd_iface->bss[hapd_iface->num_bss - 1] = NULL; 3013 hapd_iface->conf->num_bss--; 3014 hapd_iface->num_bss--; 3015 wpa_printf(MSG_DEBUG, "%s: free hapd %p %s", 3016 __func__, hapd, hapd->conf->iface); 3017 hostapd_config_free_bss(hapd->conf); 3018 hapd->conf = NULL; 3019 os_free(hapd); 3020 return -1; 3021 } 3022 } 3023 hostapd_owe_update_trans(hapd_iface); 3024 return 0; 3025 } 3026 3027 ptr = os_strchr(buf, ' '); 3028 if (ptr == NULL) 3029 return -1; 3030 *ptr++ = '\0'; 3031 3032 if (os_strncmp(ptr, "config=", 7) == 0) 3033 conf_file = ptr + 7; 3034 3035 for (i = 0; i < interfaces->count; i++) { 3036 if (!os_strcmp(interfaces->iface[i]->conf->bss[0]->iface, 3037 buf)) { 3038 wpa_printf(MSG_INFO, "Cannot add interface - it " 3039 "already exists"); 3040 return -1; 3041 } 3042 } 3043 3044 hapd_iface = hostapd_iface_alloc(interfaces); 3045 if (hapd_iface == NULL) { 3046 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory " 3047 "for interface", __func__); 3048 goto fail; 3049 } 3050 new_iface = hapd_iface; 3051 3052 if (conf_file && interfaces->config_read_cb) { 3053 conf = interfaces->config_read_cb(conf_file); 3054 if (conf && conf->bss) 3055 os_strlcpy(conf->bss[0]->iface, buf, 3056 sizeof(conf->bss[0]->iface)); 3057 } else { 3058 char *driver = os_strchr(ptr, ' '); 3059 3060 if (driver) 3061 *driver++ = '\0'; 3062 conf = hostapd_config_alloc(interfaces, buf, ptr, driver); 3063 } 3064 3065 if (conf == NULL || conf->bss == NULL) { 3066 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory " 3067 "for configuration", __func__); 3068 goto fail; 3069 } 3070 3071 if (hostapd_data_alloc(hapd_iface, conf) < 0) { 3072 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory " 3073 "for hostapd", __func__); 3074 goto fail; 3075 } 3076 conf = NULL; 3077 3078 if (start_ctrl_iface(hapd_iface) < 0) 3079 goto fail; 3080 3081 wpa_printf(MSG_INFO, "Add interface '%s'", 3082 hapd_iface->conf->bss[0]->iface); 3083 3084 return 0; 3085 3086 fail: 3087 if (conf) 3088 hostapd_config_free(conf); 3089 if (hapd_iface) { 3090 if (hapd_iface->bss) { 3091 for (i = 0; i < hapd_iface->num_bss; i++) { 3092 hapd = hapd_iface->bss[i]; 3093 if (!hapd) 3094 continue; 3095 if (hapd_iface->interfaces && 3096 hapd_iface->interfaces->ctrl_iface_deinit) 3097 hapd_iface->interfaces-> 3098 ctrl_iface_deinit(hapd); 3099 wpa_printf(MSG_DEBUG, "%s: free hapd %p (%s)", 3100 __func__, hapd_iface->bss[i], 3101 hapd->conf->iface); 3102 hostapd_cleanup(hapd); 3103 os_free(hapd); 3104 hapd_iface->bss[i] = NULL; 3105 } 3106 os_free(hapd_iface->bss); 3107 hapd_iface->bss = NULL; 3108 } 3109 if (new_iface) { 3110 interfaces->count--; 3111 interfaces->iface[interfaces->count] = NULL; 3112 } 3113 hostapd_cleanup_iface(hapd_iface); 3114 } 3115 return -1; 3116 } 3117 3118 3119 static int hostapd_remove_bss(struct hostapd_iface *iface, unsigned int idx) 3120 { 3121 size_t i; 3122 3123 wpa_printf(MSG_INFO, "Remove BSS '%s'", iface->conf->bss[idx]->iface); 3124 3125 /* Remove hostapd_data only if it has already been initialized */ 3126 if (idx < iface->num_bss) { 3127 struct hostapd_data *hapd = iface->bss[idx]; 3128 3129 hostapd_bss_deinit(hapd); 3130 wpa_printf(MSG_DEBUG, "%s: free hapd %p (%s)", 3131 __func__, hapd, hapd->conf->iface); 3132 hostapd_config_free_bss(hapd->conf); 3133 hapd->conf = NULL; 3134 os_free(hapd); 3135 3136 iface->num_bss--; 3137 3138 for (i = idx; i < iface->num_bss; i++) 3139 iface->bss[i] = iface->bss[i + 1]; 3140 } else { 3141 hostapd_config_free_bss(iface->conf->bss[idx]); 3142 iface->conf->bss[idx] = NULL; 3143 } 3144 3145 iface->conf->num_bss--; 3146 for (i = idx; i < iface->conf->num_bss; i++) 3147 iface->conf->bss[i] = iface->conf->bss[i + 1]; 3148 3149 return 0; 3150 } 3151 3152 3153 int hostapd_remove_iface(struct hapd_interfaces *interfaces, char *buf) 3154 { 3155 struct hostapd_iface *hapd_iface; 3156 size_t i, j, k = 0; 3157 3158 for (i = 0; i < interfaces->count; i++) { 3159 hapd_iface = interfaces->iface[i]; 3160 if (hapd_iface == NULL) 3161 return -1; 3162 if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) { 3163 wpa_printf(MSG_INFO, "Remove interface '%s'", buf); 3164 hapd_iface->driver_ap_teardown = 3165 !!(hapd_iface->drv_flags & 3166 WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 3167 3168 hostapd_interface_deinit_free(hapd_iface); 3169 k = i; 3170 while (k < (interfaces->count - 1)) { 3171 interfaces->iface[k] = 3172 interfaces->iface[k + 1]; 3173 k++; 3174 } 3175 interfaces->count--; 3176 return 0; 3177 } 3178 3179 for (j = 0; j < hapd_iface->conf->num_bss; j++) { 3180 if (!os_strcmp(hapd_iface->conf->bss[j]->iface, buf)) { 3181 hapd_iface->driver_ap_teardown = 3182 !(hapd_iface->drv_flags & 3183 WPA_DRIVER_FLAGS_AP_TEARDOWN_SUPPORT); 3184 return hostapd_remove_bss(hapd_iface, j); 3185 } 3186 } 3187 } 3188 return -1; 3189 } 3190 3191 3192 /** 3193 * hostapd_new_assoc_sta - Notify that a new station associated with the AP 3194 * @hapd: Pointer to BSS data 3195 * @sta: Pointer to the associated STA data 3196 * @reassoc: 1 to indicate this was a re-association; 0 = first association 3197 * 3198 * This function will be called whenever a station associates with the AP. It 3199 * can be called from ieee802_11.c for drivers that export MLME to hostapd and 3200 * from drv_callbacks.c based on driver events for drivers that take care of 3201 * management frames (IEEE 802.11 authentication and association) internally. 3202 */ 3203 void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta, 3204 int reassoc) 3205 { 3206 if (hapd->tkip_countermeasures) { 3207 hostapd_drv_sta_deauth(hapd, sta->addr, 3208 WLAN_REASON_MICHAEL_MIC_FAILURE); 3209 return; 3210 } 3211 3212 hostapd_prune_associations(hapd, sta->addr); 3213 ap_sta_clear_disconnect_timeouts(hapd, sta); 3214 sta->post_csa_sa_query = 0; 3215 3216 #ifdef CONFIG_P2P 3217 if (sta->p2p_ie == NULL && !sta->no_p2p_set) { 3218 sta->no_p2p_set = 1; 3219 hapd->num_sta_no_p2p++; 3220 if (hapd->num_sta_no_p2p == 1) 3221 hostapd_p2p_non_p2p_sta_connected(hapd); 3222 } 3223 #endif /* CONFIG_P2P */ 3224 3225 airtime_policy_new_sta(hapd, sta); 3226 3227 /* Start accounting here, if IEEE 802.1X and WPA are not used. 3228 * IEEE 802.1X/WPA code will start accounting after the station has 3229 * been authorized. */ 3230 if (!hapd->conf->ieee802_1x && !hapd->conf->wpa && !hapd->conf->osen) { 3231 ap_sta_set_authorized(hapd, sta, 1); 3232 os_get_reltime(&sta->connected_time); 3233 accounting_sta_start(hapd, sta); 3234 } 3235 3236 /* Start IEEE 802.1X authentication process for new stations */ 3237 ieee802_1x_new_station(hapd, sta); 3238 if (reassoc) { 3239 if (sta->auth_alg != WLAN_AUTH_FT && 3240 sta->auth_alg != WLAN_AUTH_FILS_SK && 3241 sta->auth_alg != WLAN_AUTH_FILS_SK_PFS && 3242 sta->auth_alg != WLAN_AUTH_FILS_PK && 3243 !(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS))) 3244 wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH); 3245 } else 3246 wpa_auth_sta_associated(hapd->wpa_auth, sta->wpa_sm); 3247 3248 if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_WIRED) { 3249 if (eloop_cancel_timeout(ap_handle_timer, hapd, sta) > 0) { 3250 wpa_printf(MSG_DEBUG, 3251 "%s: %s: canceled wired ap_handle_timer timeout for " 3252 MACSTR, 3253 hapd->conf->iface, __func__, 3254 MAC2STR(sta->addr)); 3255 } 3256 } else if (!(hapd->iface->drv_flags & 3257 WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 3258 wpa_printf(MSG_DEBUG, 3259 "%s: %s: reschedule ap_handle_timer timeout for " 3260 MACSTR " (%d seconds - ap_max_inactivity)", 3261 hapd->conf->iface, __func__, MAC2STR(sta->addr), 3262 hapd->conf->ap_max_inactivity); 3263 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 3264 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 3265 ap_handle_timer, hapd, sta); 3266 } 3267 3268 #ifdef CONFIG_MACSEC 3269 if (hapd->conf->wpa_key_mgmt == WPA_KEY_MGMT_NONE && 3270 hapd->conf->mka_psk_set) 3271 ieee802_1x_create_preshared_mka_hapd(hapd, sta); 3272 else 3273 ieee802_1x_alloc_kay_sm_hapd(hapd, sta); 3274 #endif /* CONFIG_MACSEC */ 3275 } 3276 3277 3278 const char * hostapd_state_text(enum hostapd_iface_state s) 3279 { 3280 switch (s) { 3281 case HAPD_IFACE_UNINITIALIZED: 3282 return "UNINITIALIZED"; 3283 case HAPD_IFACE_DISABLED: 3284 return "DISABLED"; 3285 case HAPD_IFACE_COUNTRY_UPDATE: 3286 return "COUNTRY_UPDATE"; 3287 case HAPD_IFACE_ACS: 3288 return "ACS"; 3289 case HAPD_IFACE_HT_SCAN: 3290 return "HT_SCAN"; 3291 case HAPD_IFACE_DFS: 3292 return "DFS"; 3293 case HAPD_IFACE_ENABLED: 3294 return "ENABLED"; 3295 } 3296 3297 return "UNKNOWN"; 3298 } 3299 3300 3301 void hostapd_set_state(struct hostapd_iface *iface, enum hostapd_iface_state s) 3302 { 3303 wpa_printf(MSG_INFO, "%s: interface state %s->%s", 3304 iface->conf ? iface->conf->bss[0]->iface : "N/A", 3305 hostapd_state_text(iface->state), hostapd_state_text(s)); 3306 iface->state = s; 3307 } 3308 3309 3310 int hostapd_csa_in_progress(struct hostapd_iface *iface) 3311 { 3312 unsigned int i; 3313 3314 for (i = 0; i < iface->num_bss; i++) 3315 if (iface->bss[i]->csa_in_progress) 3316 return 1; 3317 return 0; 3318 } 3319 3320 3321 #ifdef NEED_AP_MLME 3322 3323 static void free_beacon_data(struct beacon_data *beacon) 3324 { 3325 os_free(beacon->head); 3326 beacon->head = NULL; 3327 os_free(beacon->tail); 3328 beacon->tail = NULL; 3329 os_free(beacon->probe_resp); 3330 beacon->probe_resp = NULL; 3331 os_free(beacon->beacon_ies); 3332 beacon->beacon_ies = NULL; 3333 os_free(beacon->proberesp_ies); 3334 beacon->proberesp_ies = NULL; 3335 os_free(beacon->assocresp_ies); 3336 beacon->assocresp_ies = NULL; 3337 } 3338 3339 3340 static int hostapd_build_beacon_data(struct hostapd_data *hapd, 3341 struct beacon_data *beacon) 3342 { 3343 struct wpabuf *beacon_extra, *proberesp_extra, *assocresp_extra; 3344 struct wpa_driver_ap_params params; 3345 int ret; 3346 3347 os_memset(beacon, 0, sizeof(*beacon)); 3348 ret = ieee802_11_build_ap_params(hapd, ¶ms); 3349 if (ret < 0) 3350 return ret; 3351 3352 ret = hostapd_build_ap_extra_ies(hapd, &beacon_extra, 3353 &proberesp_extra, 3354 &assocresp_extra); 3355 if (ret) 3356 goto free_ap_params; 3357 3358 ret = -1; 3359 beacon->head = os_memdup(params.head, params.head_len); 3360 if (!beacon->head) 3361 goto free_ap_extra_ies; 3362 3363 beacon->head_len = params.head_len; 3364 3365 beacon->tail = os_memdup(params.tail, params.tail_len); 3366 if (!beacon->tail) 3367 goto free_beacon; 3368 3369 beacon->tail_len = params.tail_len; 3370 3371 if (params.proberesp != NULL) { 3372 beacon->probe_resp = os_memdup(params.proberesp, 3373 params.proberesp_len); 3374 if (!beacon->probe_resp) 3375 goto free_beacon; 3376 3377 beacon->probe_resp_len = params.proberesp_len; 3378 } 3379 3380 /* copy the extra ies */ 3381 if (beacon_extra) { 3382 beacon->beacon_ies = os_memdup(beacon_extra->buf, 3383 wpabuf_len(beacon_extra)); 3384 if (!beacon->beacon_ies) 3385 goto free_beacon; 3386 3387 beacon->beacon_ies_len = wpabuf_len(beacon_extra); 3388 } 3389 3390 if (proberesp_extra) { 3391 beacon->proberesp_ies = os_memdup(proberesp_extra->buf, 3392 wpabuf_len(proberesp_extra)); 3393 if (!beacon->proberesp_ies) 3394 goto free_beacon; 3395 3396 beacon->proberesp_ies_len = wpabuf_len(proberesp_extra); 3397 } 3398 3399 if (assocresp_extra) { 3400 beacon->assocresp_ies = os_memdup(assocresp_extra->buf, 3401 wpabuf_len(assocresp_extra)); 3402 if (!beacon->assocresp_ies) 3403 goto free_beacon; 3404 3405 beacon->assocresp_ies_len = wpabuf_len(assocresp_extra); 3406 } 3407 3408 ret = 0; 3409 free_beacon: 3410 /* if the function fails, the caller should not free beacon data */ 3411 if (ret) 3412 free_beacon_data(beacon); 3413 3414 free_ap_extra_ies: 3415 hostapd_free_ap_extra_ies(hapd, beacon_extra, proberesp_extra, 3416 assocresp_extra); 3417 free_ap_params: 3418 ieee802_11_free_ap_params(¶ms); 3419 return ret; 3420 } 3421 3422 3423 /* 3424 * TODO: This flow currently supports only changing channel and width within 3425 * the same hw_mode. Any other changes to MAC parameters or provided settings 3426 * are not supported. 3427 */ 3428 static int hostapd_change_config_freq(struct hostapd_data *hapd, 3429 struct hostapd_config *conf, 3430 struct hostapd_freq_params *params, 3431 struct hostapd_freq_params *old_params) 3432 { 3433 int channel; 3434 u8 seg0, seg1; 3435 struct hostapd_hw_modes *mode; 3436 3437 if (!params->channel) { 3438 /* check if the new channel is supported by hw */ 3439 params->channel = hostapd_hw_get_channel(hapd, params->freq); 3440 } 3441 3442 channel = params->channel; 3443 if (!channel) 3444 return -1; 3445 3446 mode = hapd->iface->current_mode; 3447 3448 /* if a pointer to old_params is provided we save previous state */ 3449 if (old_params && 3450 hostapd_set_freq_params(old_params, conf->hw_mode, 3451 hostapd_hw_get_freq(hapd, conf->channel), 3452 conf->channel, conf->enable_edmg, 3453 conf->edmg_channel, conf->ieee80211n, 3454 conf->ieee80211ac, conf->ieee80211ax, 3455 conf->secondary_channel, 3456 hostapd_get_oper_chwidth(conf), 3457 hostapd_get_oper_centr_freq_seg0_idx(conf), 3458 hostapd_get_oper_centr_freq_seg1_idx(conf), 3459 conf->vht_capab, 3460 mode ? &mode->he_capab[IEEE80211_MODE_AP] : 3461 NULL)) 3462 return -1; 3463 3464 switch (params->bandwidth) { 3465 case 0: 3466 case 20: 3467 conf->ht_capab &= ~HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 3468 break; 3469 case 40: 3470 case 80: 3471 case 160: 3472 conf->ht_capab |= HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET; 3473 break; 3474 default: 3475 return -1; 3476 } 3477 3478 switch (params->bandwidth) { 3479 case 0: 3480 case 20: 3481 case 40: 3482 hostapd_set_oper_chwidth(conf, CHANWIDTH_USE_HT); 3483 break; 3484 case 80: 3485 if (params->center_freq2) 3486 hostapd_set_oper_chwidth(conf, CHANWIDTH_80P80MHZ); 3487 else 3488 hostapd_set_oper_chwidth(conf, CHANWIDTH_80MHZ); 3489 break; 3490 case 160: 3491 hostapd_set_oper_chwidth(conf, CHANWIDTH_160MHZ); 3492 break; 3493 default: 3494 return -1; 3495 } 3496 3497 conf->channel = channel; 3498 conf->ieee80211n = params->ht_enabled; 3499 conf->ieee80211ac = params->vht_enabled; 3500 conf->secondary_channel = params->sec_channel_offset; 3501 ieee80211_freq_to_chan(params->center_freq1, 3502 &seg0); 3503 ieee80211_freq_to_chan(params->center_freq2, 3504 &seg1); 3505 hostapd_set_oper_centr_freq_seg0_idx(conf, seg0); 3506 hostapd_set_oper_centr_freq_seg1_idx(conf, seg1); 3507 3508 /* TODO: maybe call here hostapd_config_check here? */ 3509 3510 return 0; 3511 } 3512 3513 3514 static int hostapd_fill_csa_settings(struct hostapd_data *hapd, 3515 struct csa_settings *settings) 3516 { 3517 struct hostapd_iface *iface = hapd->iface; 3518 struct hostapd_freq_params old_freq; 3519 int ret; 3520 u8 chan, bandwidth; 3521 3522 os_memset(&old_freq, 0, sizeof(old_freq)); 3523 if (!iface || !iface->freq || hapd->csa_in_progress) 3524 return -1; 3525 3526 switch (settings->freq_params.bandwidth) { 3527 case 80: 3528 if (settings->freq_params.center_freq2) 3529 bandwidth = CHANWIDTH_80P80MHZ; 3530 else 3531 bandwidth = CHANWIDTH_80MHZ; 3532 break; 3533 case 160: 3534 bandwidth = CHANWIDTH_160MHZ; 3535 break; 3536 default: 3537 bandwidth = CHANWIDTH_USE_HT; 3538 break; 3539 } 3540 3541 if (ieee80211_freq_to_channel_ext( 3542 settings->freq_params.freq, 3543 settings->freq_params.sec_channel_offset, 3544 bandwidth, 3545 &hapd->iface->cs_oper_class, 3546 &chan) == NUM_HOSTAPD_MODES) { 3547 wpa_printf(MSG_DEBUG, 3548 "invalid frequency for channel switch (freq=%d, sec_channel_offset=%d, vht_enabled=%d, he_enabled=%d)", 3549 settings->freq_params.freq, 3550 settings->freq_params.sec_channel_offset, 3551 settings->freq_params.vht_enabled, 3552 settings->freq_params.he_enabled); 3553 return -1; 3554 } 3555 3556 settings->freq_params.channel = chan; 3557 3558 ret = hostapd_change_config_freq(iface->bss[0], iface->conf, 3559 &settings->freq_params, 3560 &old_freq); 3561 if (ret) 3562 return ret; 3563 3564 ret = hostapd_build_beacon_data(hapd, &settings->beacon_after); 3565 3566 /* change back the configuration */ 3567 hostapd_change_config_freq(iface->bss[0], iface->conf, 3568 &old_freq, NULL); 3569 3570 if (ret) 3571 return ret; 3572 3573 /* set channel switch parameters for csa ie */ 3574 hapd->cs_freq_params = settings->freq_params; 3575 hapd->cs_count = settings->cs_count; 3576 hapd->cs_block_tx = settings->block_tx; 3577 3578 ret = hostapd_build_beacon_data(hapd, &settings->beacon_csa); 3579 if (ret) { 3580 free_beacon_data(&settings->beacon_after); 3581 return ret; 3582 } 3583 3584 settings->counter_offset_beacon[0] = hapd->cs_c_off_beacon; 3585 settings->counter_offset_presp[0] = hapd->cs_c_off_proberesp; 3586 settings->counter_offset_beacon[1] = hapd->cs_c_off_ecsa_beacon; 3587 settings->counter_offset_presp[1] = hapd->cs_c_off_ecsa_proberesp; 3588 3589 return 0; 3590 } 3591 3592 3593 void hostapd_cleanup_cs_params(struct hostapd_data *hapd) 3594 { 3595 os_memset(&hapd->cs_freq_params, 0, sizeof(hapd->cs_freq_params)); 3596 hapd->cs_count = 0; 3597 hapd->cs_block_tx = 0; 3598 hapd->cs_c_off_beacon = 0; 3599 hapd->cs_c_off_proberesp = 0; 3600 hapd->csa_in_progress = 0; 3601 hapd->cs_c_off_ecsa_beacon = 0; 3602 hapd->cs_c_off_ecsa_proberesp = 0; 3603 } 3604 3605 3606 void hostapd_chan_switch_config(struct hostapd_data *hapd, 3607 struct hostapd_freq_params *freq_params) 3608 { 3609 if (freq_params->he_enabled) 3610 hapd->iconf->ch_switch_he_config |= CH_SWITCH_HE_ENABLED; 3611 else 3612 hapd->iconf->ch_switch_he_config |= CH_SWITCH_HE_DISABLED; 3613 3614 if (freq_params->vht_enabled) 3615 hapd->iconf->ch_switch_vht_config |= CH_SWITCH_VHT_ENABLED; 3616 else 3617 hapd->iconf->ch_switch_vht_config |= CH_SWITCH_VHT_DISABLED; 3618 3619 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 3620 HOSTAPD_LEVEL_INFO, 3621 "CHAN_SWITCH HE config 0x%x VHT config 0x%x", 3622 hapd->iconf->ch_switch_he_config, 3623 hapd->iconf->ch_switch_vht_config); 3624 } 3625 3626 3627 int hostapd_switch_channel(struct hostapd_data *hapd, 3628 struct csa_settings *settings) 3629 { 3630 int ret; 3631 3632 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_CSA)) { 3633 wpa_printf(MSG_INFO, "CSA is not supported"); 3634 return -1; 3635 } 3636 3637 ret = hostapd_fill_csa_settings(hapd, settings); 3638 if (ret) 3639 return ret; 3640 3641 ret = hostapd_drv_switch_channel(hapd, settings); 3642 free_beacon_data(&settings->beacon_csa); 3643 free_beacon_data(&settings->beacon_after); 3644 3645 if (ret) { 3646 /* if we failed, clean cs parameters */ 3647 hostapd_cleanup_cs_params(hapd); 3648 return ret; 3649 } 3650 3651 hapd->csa_in_progress = 1; 3652 return 0; 3653 } 3654 3655 3656 void 3657 hostapd_switch_channel_fallback(struct hostapd_iface *iface, 3658 const struct hostapd_freq_params *freq_params) 3659 { 3660 int seg0_idx = 0, seg1_idx = 0, bw = CHANWIDTH_USE_HT; 3661 3662 wpa_printf(MSG_DEBUG, "Restarting all CSA-related BSSes"); 3663 3664 if (freq_params->center_freq1) 3665 seg0_idx = 36 + (freq_params->center_freq1 - 5180) / 5; 3666 if (freq_params->center_freq2) 3667 seg1_idx = 36 + (freq_params->center_freq2 - 5180) / 5; 3668 3669 switch (freq_params->bandwidth) { 3670 case 0: 3671 case 20: 3672 case 40: 3673 bw = CHANWIDTH_USE_HT; 3674 break; 3675 case 80: 3676 if (freq_params->center_freq2) 3677 bw = CHANWIDTH_80P80MHZ; 3678 else 3679 bw = CHANWIDTH_80MHZ; 3680 break; 3681 case 160: 3682 bw = CHANWIDTH_160MHZ; 3683 break; 3684 default: 3685 wpa_printf(MSG_WARNING, "Unknown CSA bandwidth: %d", 3686 freq_params->bandwidth); 3687 break; 3688 } 3689 3690 iface->freq = freq_params->freq; 3691 iface->conf->channel = freq_params->channel; 3692 iface->conf->secondary_channel = freq_params->sec_channel_offset; 3693 hostapd_set_oper_centr_freq_seg0_idx(iface->conf, seg0_idx); 3694 hostapd_set_oper_centr_freq_seg1_idx(iface->conf, seg1_idx); 3695 hostapd_set_oper_chwidth(iface->conf, bw); 3696 iface->conf->ieee80211n = freq_params->ht_enabled; 3697 iface->conf->ieee80211ac = freq_params->vht_enabled; 3698 iface->conf->ieee80211ax = freq_params->he_enabled; 3699 3700 /* 3701 * cs_params must not be cleared earlier because the freq_params 3702 * argument may actually point to one of these. 3703 * These params will be cleared during interface disable below. 3704 */ 3705 hostapd_disable_iface(iface); 3706 hostapd_enable_iface(iface); 3707 } 3708 3709 #endif /* NEED_AP_MLME */ 3710 3711 3712 struct hostapd_data * hostapd_get_iface(struct hapd_interfaces *interfaces, 3713 const char *ifname) 3714 { 3715 size_t i, j; 3716 3717 for (i = 0; i < interfaces->count; i++) { 3718 struct hostapd_iface *iface = interfaces->iface[i]; 3719 3720 for (j = 0; j < iface->num_bss; j++) { 3721 struct hostapd_data *hapd = iface->bss[j]; 3722 3723 if (os_strcmp(ifname, hapd->conf->iface) == 0) 3724 return hapd; 3725 } 3726 } 3727 3728 return NULL; 3729 } 3730 3731 3732 void hostapd_periodic_iface(struct hostapd_iface *iface) 3733 { 3734 size_t i; 3735 3736 ap_list_timer(iface); 3737 3738 for (i = 0; i < iface->num_bss; i++) { 3739 struct hostapd_data *hapd = iface->bss[i]; 3740 3741 if (!hapd->started) 3742 continue; 3743 3744 #ifndef CONFIG_NO_RADIUS 3745 hostapd_acl_expire(hapd); 3746 #endif /* CONFIG_NO_RADIUS */ 3747 } 3748 } 3749 3750 3751 #ifdef CONFIG_OCV 3752 void hostapd_ocv_check_csa_sa_query(void *eloop_ctx, void *timeout_ctx) 3753 { 3754 struct hostapd_data *hapd = eloop_ctx; 3755 struct sta_info *sta; 3756 3757 wpa_printf(MSG_DEBUG, "OCV: Post-CSA SA Query initiation check"); 3758 3759 for (sta = hapd->sta_list; sta; sta = sta->next) { 3760 if (!sta->post_csa_sa_query) 3761 continue; 3762 3763 wpa_printf(MSG_DEBUG, "OCV: OCVC STA " MACSTR 3764 " did not start SA Query after CSA - disconnect", 3765 MAC2STR(sta->addr)); 3766 ap_sta_disconnect(hapd, sta, sta->addr, 3767 WLAN_REASON_PREV_AUTH_NOT_VALID); 3768 } 3769 } 3770 #endif /* CONFIG_OCV */ 3771