1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "common/ieee802_11_defs.h" 14 #include "common/wpa_ctrl.h" 15 #include "common/sae.h" 16 #include "radius/radius.h" 17 #include "radius/radius_client.h" 18 #include "p2p/p2p.h" 19 #include "fst/fst.h" 20 #include "crypto/crypto.h" 21 #include "hostapd.h" 22 #include "accounting.h" 23 #include "ieee802_1x.h" 24 #include "ieee802_11.h" 25 #include "ieee802_11_auth.h" 26 #include "wpa_auth.h" 27 #include "preauth_auth.h" 28 #include "ap_config.h" 29 #include "beacon.h" 30 #include "ap_mlme.h" 31 #include "vlan_init.h" 32 #include "p2p_hostapd.h" 33 #include "ap_drv_ops.h" 34 #include "gas_serv.h" 35 #include "wnm_ap.h" 36 #include "mbo_ap.h" 37 #include "ndisc_snoop.h" 38 #include "sta_info.h" 39 #include "vlan.h" 40 #include "wps_hostapd.h" 41 42 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 43 struct sta_info *sta); 44 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 45 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx); 46 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 47 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 48 #ifdef CONFIG_IEEE80211W 49 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 50 #endif /* CONFIG_IEEE80211W */ 51 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 52 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); 53 54 int ap_for_each_sta(struct hostapd_data *hapd, 55 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 56 void *ctx), 57 void *ctx) 58 { 59 struct sta_info *sta; 60 61 for (sta = hapd->sta_list; sta; sta = sta->next) { 62 if (cb(hapd, sta, ctx)) 63 return 1; 64 } 65 66 return 0; 67 } 68 69 70 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 71 { 72 struct sta_info *s; 73 74 s = hapd->sta_hash[STA_HASH(sta)]; 75 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 76 s = s->hnext; 77 return s; 78 } 79 80 81 #ifdef CONFIG_P2P 82 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) 83 { 84 struct sta_info *sta; 85 86 for (sta = hapd->sta_list; sta; sta = sta->next) { 87 const u8 *p2p_dev_addr; 88 89 if (sta->p2p_ie == NULL) 90 continue; 91 92 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 93 if (p2p_dev_addr == NULL) 94 continue; 95 96 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) 97 return sta; 98 } 99 100 return NULL; 101 } 102 #endif /* CONFIG_P2P */ 103 104 105 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 106 { 107 struct sta_info *tmp; 108 109 if (hapd->sta_list == sta) { 110 hapd->sta_list = sta->next; 111 return; 112 } 113 114 tmp = hapd->sta_list; 115 while (tmp != NULL && tmp->next != sta) 116 tmp = tmp->next; 117 if (tmp == NULL) { 118 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 119 "list.", MAC2STR(sta->addr)); 120 } else 121 tmp->next = sta->next; 122 } 123 124 125 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 126 { 127 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 128 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 129 } 130 131 132 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 133 { 134 struct sta_info *s; 135 136 s = hapd->sta_hash[STA_HASH(sta->addr)]; 137 if (s == NULL) return; 138 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 139 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 140 return; 141 } 142 143 while (s->hnext != NULL && 144 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 145 s = s->hnext; 146 if (s->hnext != NULL) 147 s->hnext = s->hnext->hnext; 148 else 149 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 150 " from hash table", MAC2STR(sta->addr)); 151 } 152 153 154 void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta) 155 { 156 sta_ip6addr_del(hapd, sta); 157 } 158 159 160 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 161 { 162 int set_beacon = 0; 163 164 accounting_sta_stop(hapd, sta); 165 166 /* just in case */ 167 ap_sta_set_authorized(hapd, sta, 0); 168 169 if (sta->flags & WLAN_STA_WDS) 170 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 171 172 if (sta->ipaddr) 173 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); 174 ap_sta_ip6addr_del(hapd, sta); 175 176 if (!hapd->iface->driver_ap_teardown && 177 !(sta->flags & WLAN_STA_PREAUTH)) { 178 hostapd_drv_sta_remove(hapd, sta->addr); 179 sta->added_unassoc = 0; 180 } 181 182 ap_sta_hash_del(hapd, sta); 183 ap_sta_list_del(hapd, sta); 184 185 if (sta->aid > 0) 186 hapd->sta_aid[(sta->aid - 1) / 32] &= 187 ~BIT((sta->aid - 1) % 32); 188 189 hapd->num_sta--; 190 if (sta->nonerp_set) { 191 sta->nonerp_set = 0; 192 hapd->iface->num_sta_non_erp--; 193 if (hapd->iface->num_sta_non_erp == 0) 194 set_beacon++; 195 } 196 197 if (sta->no_short_slot_time_set) { 198 sta->no_short_slot_time_set = 0; 199 hapd->iface->num_sta_no_short_slot_time--; 200 if (hapd->iface->current_mode && 201 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 202 && hapd->iface->num_sta_no_short_slot_time == 0) 203 set_beacon++; 204 } 205 206 if (sta->no_short_preamble_set) { 207 sta->no_short_preamble_set = 0; 208 hapd->iface->num_sta_no_short_preamble--; 209 if (hapd->iface->current_mode && 210 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 211 && hapd->iface->num_sta_no_short_preamble == 0) 212 set_beacon++; 213 } 214 215 if (sta->no_ht_gf_set) { 216 sta->no_ht_gf_set = 0; 217 hapd->iface->num_sta_ht_no_gf--; 218 } 219 220 if (sta->no_ht_set) { 221 sta->no_ht_set = 0; 222 hapd->iface->num_sta_no_ht--; 223 } 224 225 if (sta->ht_20mhz_set) { 226 sta->ht_20mhz_set = 0; 227 hapd->iface->num_sta_ht_20mhz--; 228 } 229 230 #ifdef CONFIG_TAXONOMY 231 wpabuf_free(sta->probe_ie_taxonomy); 232 sta->probe_ie_taxonomy = NULL; 233 wpabuf_free(sta->assoc_ie_taxonomy); 234 sta->assoc_ie_taxonomy = NULL; 235 #endif /* CONFIG_TAXONOMY */ 236 237 #ifdef CONFIG_IEEE80211N 238 ht40_intolerant_remove(hapd->iface, sta); 239 #endif /* CONFIG_IEEE80211N */ 240 241 #ifdef CONFIG_P2P 242 if (sta->no_p2p_set) { 243 sta->no_p2p_set = 0; 244 hapd->num_sta_no_p2p--; 245 if (hapd->num_sta_no_p2p == 0) 246 hostapd_p2p_non_p2p_sta_disconnected(hapd); 247 } 248 #endif /* CONFIG_P2P */ 249 250 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 251 if (hostapd_ht_operation_update(hapd->iface) > 0) 252 set_beacon++; 253 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 254 255 #ifdef CONFIG_MESH 256 if (hapd->mesh_sta_free_cb) 257 hapd->mesh_sta_free_cb(hapd, sta); 258 #endif /* CONFIG_MESH */ 259 260 if (set_beacon) 261 ieee802_11_set_beacons(hapd->iface); 262 263 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 264 __func__, MAC2STR(sta->addr)); 265 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 266 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 267 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); 268 ap_sta_clear_disconnect_timeouts(hapd, sta); 269 sae_clear_retransmit_timer(hapd, sta); 270 271 ieee802_1x_free_station(hapd, sta); 272 wpa_auth_sta_deinit(sta->wpa_sm); 273 rsn_preauth_free_station(hapd, sta); 274 #ifndef CONFIG_NO_RADIUS 275 if (hapd->radius) 276 radius_client_flush_auth(hapd->radius, sta->addr); 277 #endif /* CONFIG_NO_RADIUS */ 278 279 #ifndef CONFIG_NO_VLAN 280 /* 281 * sta->wpa_sm->group needs to be released before so that 282 * vlan_remove_dynamic() can check that no stations are left on the 283 * AP_VLAN netdev. 284 */ 285 if (sta->vlan_id) 286 vlan_remove_dynamic(hapd, sta->vlan_id); 287 if (sta->vlan_id_bound) { 288 /* 289 * Need to remove the STA entry before potentially removing the 290 * VLAN. 291 */ 292 if (hapd->iface->driver_ap_teardown && 293 !(sta->flags & WLAN_STA_PREAUTH)) { 294 hostapd_drv_sta_remove(hapd, sta->addr); 295 sta->added_unassoc = 0; 296 } 297 vlan_remove_dynamic(hapd, sta->vlan_id_bound); 298 } 299 #endif /* CONFIG_NO_VLAN */ 300 301 os_free(sta->challenge); 302 303 #ifdef CONFIG_IEEE80211W 304 os_free(sta->sa_query_trans_id); 305 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 306 #endif /* CONFIG_IEEE80211W */ 307 308 #ifdef CONFIG_P2P 309 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 310 #endif /* CONFIG_P2P */ 311 312 #ifdef CONFIG_INTERWORKING 313 if (sta->gas_dialog) { 314 int i; 315 for (i = 0; i < GAS_DIALOG_MAX; i++) 316 gas_serv_dialog_clear(&sta->gas_dialog[i]); 317 os_free(sta->gas_dialog); 318 } 319 #endif /* CONFIG_INTERWORKING */ 320 321 wpabuf_free(sta->wps_ie); 322 wpabuf_free(sta->p2p_ie); 323 wpabuf_free(sta->hs20_ie); 324 wpabuf_free(sta->roaming_consortium); 325 #ifdef CONFIG_FST 326 wpabuf_free(sta->mb_ies); 327 #endif /* CONFIG_FST */ 328 329 os_free(sta->ht_capabilities); 330 os_free(sta->vht_capabilities); 331 hostapd_free_psk_list(sta->psk); 332 os_free(sta->identity); 333 os_free(sta->radius_cui); 334 os_free(sta->remediation_url); 335 os_free(sta->t_c_url); 336 wpabuf_free(sta->hs20_deauth_req); 337 os_free(sta->hs20_session_info_url); 338 339 #ifdef CONFIG_SAE 340 sae_clear_data(sta->sae); 341 os_free(sta->sae); 342 #endif /* CONFIG_SAE */ 343 344 mbo_ap_sta_free(sta); 345 os_free(sta->supp_op_classes); 346 347 #ifdef CONFIG_FILS 348 os_free(sta->fils_pending_assoc_req); 349 wpabuf_free(sta->fils_hlp_resp); 350 wpabuf_free(sta->hlp_dhcp_discover); 351 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 352 #ifdef CONFIG_FILS_SK_PFS 353 crypto_ecdh_deinit(sta->fils_ecdh); 354 wpabuf_clear_free(sta->fils_dh_ss); 355 wpabuf_free(sta->fils_g_sta); 356 #endif /* CONFIG_FILS_SK_PFS */ 357 #endif /* CONFIG_FILS */ 358 359 #ifdef CONFIG_OWE 360 bin_clear_free(sta->owe_pmk, sta->owe_pmk_len); 361 crypto_ecdh_deinit(sta->owe_ecdh); 362 #endif /* CONFIG_OWE */ 363 364 os_free(sta->ext_capability); 365 366 #ifdef CONFIG_WNM_AP 367 eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta); 368 #endif /* CONFIG_WNM_AP */ 369 370 os_free(sta->ifname_wds); 371 372 os_free(sta); 373 } 374 375 376 void hostapd_free_stas(struct hostapd_data *hapd) 377 { 378 struct sta_info *sta, *prev; 379 380 sta = hapd->sta_list; 381 382 while (sta) { 383 prev = sta; 384 if (sta->flags & WLAN_STA_AUTH) { 385 mlme_deauthenticate_indication( 386 hapd, sta, WLAN_REASON_UNSPECIFIED); 387 } 388 sta = sta->next; 389 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 390 MAC2STR(prev->addr)); 391 ap_free_sta(hapd, prev); 392 } 393 } 394 395 396 /** 397 * ap_handle_timer - Per STA timer handler 398 * @eloop_ctx: struct hostapd_data * 399 * @timeout_ctx: struct sta_info * 400 * 401 * This function is called to check station activity and to remove inactive 402 * stations. 403 */ 404 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 405 { 406 struct hostapd_data *hapd = eloop_ctx; 407 struct sta_info *sta = timeout_ctx; 408 unsigned long next_time = 0; 409 int reason; 410 411 wpa_printf(MSG_DEBUG, "%s: %s: " MACSTR " flags=0x%x timeout_next=%d", 412 hapd->conf->iface, __func__, MAC2STR(sta->addr), sta->flags, 413 sta->timeout_next); 414 if (sta->timeout_next == STA_REMOVE) { 415 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 416 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 417 "local deauth request"); 418 ap_free_sta(hapd, sta); 419 return; 420 } 421 422 if ((sta->flags & WLAN_STA_ASSOC) && 423 (sta->timeout_next == STA_NULLFUNC || 424 sta->timeout_next == STA_DISASSOC)) { 425 int inactive_sec; 426 /* 427 * Add random value to timeout so that we don't end up bouncing 428 * all stations at the same time if we have lots of associated 429 * stations that are idle (but keep re-associating). 430 */ 431 int fuzz = os_random() % 20; 432 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 433 if (inactive_sec == -1) { 434 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 435 "Check inactivity: Could not " 436 "get station info from kernel driver for " 437 MACSTR, MAC2STR(sta->addr)); 438 /* 439 * The driver may not support this functionality. 440 * Anyway, try again after the next inactivity timeout, 441 * but do not disconnect the station now. 442 */ 443 next_time = hapd->conf->ap_max_inactivity + fuzz; 444 } else if (inactive_sec == -ENOENT) { 445 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 446 "Station " MACSTR " has lost its driver entry", 447 MAC2STR(sta->addr)); 448 449 /* Avoid sending client probe on removed client */ 450 sta->timeout_next = STA_DISASSOC; 451 goto skip_poll; 452 } else if (inactive_sec < hapd->conf->ap_max_inactivity) { 453 /* station activity detected; reset timeout state */ 454 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 455 "Station " MACSTR " has been active %is ago", 456 MAC2STR(sta->addr), inactive_sec); 457 sta->timeout_next = STA_NULLFUNC; 458 next_time = hapd->conf->ap_max_inactivity + fuzz - 459 inactive_sec; 460 } else { 461 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 462 "Station " MACSTR " has been " 463 "inactive too long: %d sec, max allowed: %d", 464 MAC2STR(sta->addr), inactive_sec, 465 hapd->conf->ap_max_inactivity); 466 467 if (hapd->conf->skip_inactivity_poll) 468 sta->timeout_next = STA_DISASSOC; 469 } 470 } 471 472 if ((sta->flags & WLAN_STA_ASSOC) && 473 sta->timeout_next == STA_DISASSOC && 474 !(sta->flags & WLAN_STA_PENDING_POLL) && 475 !hapd->conf->skip_inactivity_poll) { 476 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 477 " has ACKed data poll", MAC2STR(sta->addr)); 478 /* data nullfunc frame poll did not produce TX errors; assume 479 * station ACKed it */ 480 sta->timeout_next = STA_NULLFUNC; 481 next_time = hapd->conf->ap_max_inactivity; 482 } 483 484 skip_poll: 485 if (next_time) { 486 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 487 "for " MACSTR " (%lu seconds)", 488 __func__, MAC2STR(sta->addr), next_time); 489 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 490 sta); 491 return; 492 } 493 494 if (sta->timeout_next == STA_NULLFUNC && 495 (sta->flags & WLAN_STA_ASSOC)) { 496 wpa_printf(MSG_DEBUG, " Polling STA"); 497 sta->flags |= WLAN_STA_PENDING_POLL; 498 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 499 sta->flags & WLAN_STA_WMM); 500 } else if (sta->timeout_next != STA_REMOVE) { 501 int deauth = sta->timeout_next == STA_DEAUTH; 502 503 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 504 "Timeout, sending %s info to STA " MACSTR, 505 deauth ? "deauthentication" : "disassociation", 506 MAC2STR(sta->addr)); 507 508 if (deauth) { 509 hostapd_drv_sta_deauth( 510 hapd, sta->addr, 511 WLAN_REASON_PREV_AUTH_NOT_VALID); 512 } else { 513 reason = (sta->timeout_next == STA_DISASSOC) ? 514 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 515 WLAN_REASON_PREV_AUTH_NOT_VALID; 516 517 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 518 } 519 } 520 521 switch (sta->timeout_next) { 522 case STA_NULLFUNC: 523 sta->timeout_next = STA_DISASSOC; 524 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 525 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 526 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 527 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 528 hapd, sta); 529 break; 530 case STA_DISASSOC: 531 case STA_DISASSOC_FROM_CLI: 532 ap_sta_set_authorized(hapd, sta, 0); 533 sta->flags &= ~WLAN_STA_ASSOC; 534 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 535 if (!sta->acct_terminate_cause) 536 sta->acct_terminate_cause = 537 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 538 accounting_sta_stop(hapd, sta); 539 ieee802_1x_free_station(hapd, sta); 540 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 541 HOSTAPD_LEVEL_INFO, "disassociated due to " 542 "inactivity"); 543 reason = (sta->timeout_next == STA_DISASSOC) ? 544 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 545 WLAN_REASON_PREV_AUTH_NOT_VALID; 546 sta->timeout_next = STA_DEAUTH; 547 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 548 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 549 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 550 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 551 hapd, sta); 552 mlme_disassociate_indication(hapd, sta, reason); 553 break; 554 case STA_DEAUTH: 555 case STA_REMOVE: 556 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 557 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 558 "inactivity (timer DEAUTH/REMOVE)"); 559 if (!sta->acct_terminate_cause) 560 sta->acct_terminate_cause = 561 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 562 mlme_deauthenticate_indication( 563 hapd, sta, 564 WLAN_REASON_PREV_AUTH_NOT_VALID); 565 ap_free_sta(hapd, sta); 566 break; 567 } 568 } 569 570 571 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 572 { 573 struct hostapd_data *hapd = eloop_ctx; 574 struct sta_info *sta = timeout_ctx; 575 576 wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR, 577 hapd->conf->iface, MAC2STR(sta->addr)); 578 if (!(sta->flags & WLAN_STA_AUTH)) { 579 if (sta->flags & WLAN_STA_GAS) { 580 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 581 "entry " MACSTR, MAC2STR(sta->addr)); 582 ap_free_sta(hapd, sta); 583 } 584 return; 585 } 586 587 hostapd_drv_sta_deauth(hapd, sta->addr, 588 WLAN_REASON_PREV_AUTH_NOT_VALID); 589 mlme_deauthenticate_indication(hapd, sta, 590 WLAN_REASON_PREV_AUTH_NOT_VALID); 591 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 592 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 593 "session timeout"); 594 sta->acct_terminate_cause = 595 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 596 ap_free_sta(hapd, sta); 597 } 598 599 600 void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, 601 u32 session_timeout) 602 { 603 if (eloop_replenish_timeout(session_timeout, 0, 604 ap_handle_session_timer, hapd, sta) == 1) { 605 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 606 HOSTAPD_LEVEL_DEBUG, "setting session timeout " 607 "to %d seconds", session_timeout); 608 } 609 } 610 611 612 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 613 u32 session_timeout) 614 { 615 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 616 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 617 "seconds", session_timeout); 618 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 619 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 620 hapd, sta); 621 } 622 623 624 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 625 { 626 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 627 } 628 629 630 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx) 631 { 632 #ifdef CONFIG_WNM_AP 633 struct hostapd_data *hapd = eloop_ctx; 634 struct sta_info *sta = timeout_ctx; 635 636 wpa_printf(MSG_DEBUG, "%s: WNM: Session warning time reached for " 637 MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); 638 if (sta->hs20_session_info_url == NULL) 639 return; 640 641 wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url, 642 sta->hs20_disassoc_timer); 643 #endif /* CONFIG_WNM_AP */ 644 } 645 646 647 void ap_sta_session_warning_timeout(struct hostapd_data *hapd, 648 struct sta_info *sta, int warning_time) 649 { 650 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); 651 eloop_register_timeout(warning_time, 0, ap_handle_session_warning_timer, 652 hapd, sta); 653 } 654 655 656 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 657 { 658 struct sta_info *sta; 659 660 sta = ap_get_sta(hapd, addr); 661 if (sta) 662 return sta; 663 664 wpa_printf(MSG_DEBUG, " New STA"); 665 if (hapd->num_sta >= hapd->conf->max_num_sta) { 666 /* FIX: might try to remove some old STAs first? */ 667 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 668 hapd->num_sta, hapd->conf->max_num_sta); 669 return NULL; 670 } 671 672 sta = os_zalloc(sizeof(struct sta_info)); 673 if (sta == NULL) { 674 wpa_printf(MSG_ERROR, "malloc failed"); 675 return NULL; 676 } 677 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 678 if (accounting_sta_get_id(hapd, sta) < 0) { 679 os_free(sta); 680 return NULL; 681 } 682 683 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 684 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 685 "for " MACSTR " (%d seconds - ap_max_inactivity)", 686 __func__, MAC2STR(addr), 687 hapd->conf->ap_max_inactivity); 688 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 689 ap_handle_timer, hapd, sta); 690 } 691 692 /* initialize STA info data */ 693 os_memcpy(sta->addr, addr, ETH_ALEN); 694 sta->next = hapd->sta_list; 695 hapd->sta_list = sta; 696 hapd->num_sta++; 697 ap_sta_hash_add(hapd, sta); 698 ap_sta_remove_in_other_bss(hapd, sta); 699 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 700 dl_list_init(&sta->ip6addr); 701 702 #ifdef CONFIG_TAXONOMY 703 sta_track_claim_taxonomy_info(hapd->iface, addr, 704 &sta->probe_ie_taxonomy); 705 #endif /* CONFIG_TAXONOMY */ 706 707 return sta; 708 } 709 710 711 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 712 { 713 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 714 715 if (sta->ipaddr) 716 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); 717 ap_sta_ip6addr_del(hapd, sta); 718 719 wpa_printf(MSG_DEBUG, "%s: Removing STA " MACSTR " from kernel driver", 720 hapd->conf->iface, MAC2STR(sta->addr)); 721 if (hostapd_drv_sta_remove(hapd, sta->addr) && 722 sta->flags & WLAN_STA_ASSOC) { 723 wpa_printf(MSG_DEBUG, "%s: Could not remove station " MACSTR 724 " from kernel driver", 725 hapd->conf->iface, MAC2STR(sta->addr)); 726 return -1; 727 } 728 sta->added_unassoc = 0; 729 return 0; 730 } 731 732 733 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 734 struct sta_info *sta) 735 { 736 struct hostapd_iface *iface = hapd->iface; 737 size_t i; 738 739 for (i = 0; i < iface->num_bss; i++) { 740 struct hostapd_data *bss = iface->bss[i]; 741 struct sta_info *sta2; 742 /* bss should always be set during operation, but it may be 743 * NULL during reconfiguration. Assume the STA is not 744 * associated to another BSS in that case to avoid NULL pointer 745 * dereferences. */ 746 if (bss == hapd || bss == NULL) 747 continue; 748 sta2 = ap_get_sta(bss, sta->addr); 749 if (!sta2) 750 continue; 751 752 wpa_printf(MSG_DEBUG, "%s: disconnect old STA " MACSTR 753 " association from another BSS %s", 754 hapd->conf->iface, MAC2STR(sta2->addr), 755 bss->conf->iface); 756 ap_sta_disconnect(bss, sta2, sta2->addr, 757 WLAN_REASON_PREV_AUTH_NOT_VALID); 758 } 759 } 760 761 762 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 763 { 764 struct hostapd_data *hapd = eloop_ctx; 765 struct sta_info *sta = timeout_ctx; 766 767 wpa_printf(MSG_DEBUG, "%s: Disassociation callback for STA " MACSTR, 768 hapd->conf->iface, MAC2STR(sta->addr)); 769 ap_sta_remove(hapd, sta); 770 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 771 } 772 773 774 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 775 u16 reason) 776 { 777 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 778 hapd->conf->iface, MAC2STR(sta->addr)); 779 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 780 if (hapd->iface->current_mode && 781 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 782 /* Skip deauthentication in DMG/IEEE 802.11ad */ 783 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | 784 WLAN_STA_ASSOC_REQ_OK); 785 sta->timeout_next = STA_REMOVE; 786 } else { 787 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 788 sta->timeout_next = STA_DEAUTH; 789 } 790 ap_sta_set_authorized(hapd, sta, 0); 791 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 792 "for " MACSTR " (%d seconds - " 793 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 794 __func__, MAC2STR(sta->addr), 795 AP_MAX_INACTIVITY_AFTER_DISASSOC); 796 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 797 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 798 ap_handle_timer, hapd, sta); 799 accounting_sta_stop(hapd, sta); 800 ieee802_1x_free_station(hapd, sta); 801 802 sta->disassoc_reason = reason; 803 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 804 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 805 eloop_register_timeout(hapd->iface->drv_flags & 806 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 807 ap_sta_disassoc_cb_timeout, hapd, sta); 808 } 809 810 811 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 812 { 813 struct hostapd_data *hapd = eloop_ctx; 814 struct sta_info *sta = timeout_ctx; 815 816 wpa_printf(MSG_DEBUG, "%s: Deauthentication callback for STA " MACSTR, 817 hapd->conf->iface, MAC2STR(sta->addr)); 818 ap_sta_remove(hapd, sta); 819 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 820 } 821 822 823 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 824 u16 reason) 825 { 826 if (hapd->iface->current_mode && 827 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 828 /* Deauthentication is not used in DMG/IEEE 802.11ad; 829 * disassociate the STA instead. */ 830 ap_sta_disassociate(hapd, sta, reason); 831 return; 832 } 833 834 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 835 hapd->conf->iface, MAC2STR(sta->addr)); 836 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 837 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 838 ap_sta_set_authorized(hapd, sta, 0); 839 sta->timeout_next = STA_REMOVE; 840 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 841 "for " MACSTR " (%d seconds - " 842 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 843 __func__, MAC2STR(sta->addr), 844 AP_MAX_INACTIVITY_AFTER_DEAUTH); 845 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 846 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 847 ap_handle_timer, hapd, sta); 848 accounting_sta_stop(hapd, sta); 849 ieee802_1x_free_station(hapd, sta); 850 851 sta->deauth_reason = reason; 852 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 853 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 854 eloop_register_timeout(hapd->iface->drv_flags & 855 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 856 ap_sta_deauth_cb_timeout, hapd, sta); 857 } 858 859 860 #ifdef CONFIG_WPS 861 int ap_sta_wps_cancel(struct hostapd_data *hapd, 862 struct sta_info *sta, void *ctx) 863 { 864 if (sta && (sta->flags & WLAN_STA_WPS)) { 865 ap_sta_deauthenticate(hapd, sta, 866 WLAN_REASON_PREV_AUTH_NOT_VALID); 867 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 868 __func__, MAC2STR(sta->addr)); 869 return 1; 870 } 871 872 return 0; 873 } 874 #endif /* CONFIG_WPS */ 875 876 877 static int ap_sta_get_free_vlan_id(struct hostapd_data *hapd) 878 { 879 struct hostapd_vlan *vlan; 880 int vlan_id = MAX_VLAN_ID + 2; 881 882 retry: 883 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 884 if (vlan->vlan_id == vlan_id) { 885 vlan_id++; 886 goto retry; 887 } 888 } 889 return vlan_id; 890 } 891 892 893 int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, 894 struct vlan_description *vlan_desc) 895 { 896 struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL; 897 int old_vlan_id, vlan_id = 0, ret = 0; 898 899 if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) 900 vlan_desc = NULL; 901 902 /* Check if there is something to do */ 903 if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) { 904 /* This sta is lacking its own vif */ 905 } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED && 906 !hapd->conf->ssid.per_sta_vif && sta->vlan_id) { 907 /* sta->vlan_id needs to be reset */ 908 } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) { 909 return 0; /* nothing to change */ 910 } 911 912 /* Now the real VLAN changed or the STA just needs its own vif */ 913 if (hapd->conf->ssid.per_sta_vif) { 914 /* Assign a new vif, always */ 915 /* find a free vlan_id sufficiently big */ 916 vlan_id = ap_sta_get_free_vlan_id(hapd); 917 /* Get wildcard VLAN */ 918 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 919 if (vlan->vlan_id == VLAN_ID_WILDCARD) 920 break; 921 } 922 if (!vlan) { 923 hostapd_logger(hapd, sta->addr, 924 HOSTAPD_MODULE_IEEE80211, 925 HOSTAPD_LEVEL_DEBUG, 926 "per_sta_vif missing wildcard"); 927 vlan_id = 0; 928 ret = -1; 929 goto done; 930 } 931 } else if (vlan_desc && vlan_desc->notempty) { 932 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 933 if (!vlan_compare(&vlan->vlan_desc, vlan_desc)) 934 break; 935 if (vlan->vlan_id == VLAN_ID_WILDCARD) 936 wildcard_vlan = vlan; 937 } 938 if (vlan) { 939 vlan_id = vlan->vlan_id; 940 } else if (wildcard_vlan) { 941 vlan = wildcard_vlan; 942 vlan_id = vlan_desc->untagged; 943 if (vlan_desc->tagged[0]) { 944 /* Tagged VLAN configuration */ 945 vlan_id = ap_sta_get_free_vlan_id(hapd); 946 } 947 } else { 948 hostapd_logger(hapd, sta->addr, 949 HOSTAPD_MODULE_IEEE80211, 950 HOSTAPD_LEVEL_DEBUG, 951 "missing vlan and wildcard for vlan=%d%s", 952 vlan_desc->untagged, 953 vlan_desc->tagged[0] ? "+" : ""); 954 vlan_id = 0; 955 ret = -1; 956 goto done; 957 } 958 } 959 960 if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) { 961 vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc); 962 if (vlan == NULL) { 963 hostapd_logger(hapd, sta->addr, 964 HOSTAPD_MODULE_IEEE80211, 965 HOSTAPD_LEVEL_DEBUG, 966 "could not add dynamic VLAN interface for vlan=%d%s", 967 vlan_desc ? vlan_desc->untagged : -1, 968 (vlan_desc && vlan_desc->tagged[0]) ? 969 "+" : ""); 970 vlan_id = 0; 971 ret = -1; 972 goto done; 973 } 974 975 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 976 HOSTAPD_LEVEL_DEBUG, 977 "added new dynamic VLAN interface '%s'", 978 vlan->ifname); 979 } else if (vlan && vlan->dynamic_vlan > 0) { 980 vlan->dynamic_vlan++; 981 hostapd_logger(hapd, sta->addr, 982 HOSTAPD_MODULE_IEEE80211, 983 HOSTAPD_LEVEL_DEBUG, 984 "updated existing dynamic VLAN interface '%s'", 985 vlan->ifname); 986 } 987 done: 988 old_vlan_id = sta->vlan_id; 989 sta->vlan_id = vlan_id; 990 sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL; 991 992 if (vlan_id != old_vlan_id && old_vlan_id) 993 vlan_remove_dynamic(hapd, old_vlan_id); 994 995 return ret; 996 } 997 998 999 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) 1000 { 1001 #ifndef CONFIG_NO_VLAN 1002 const char *iface; 1003 struct hostapd_vlan *vlan = NULL; 1004 int ret; 1005 int old_vlanid = sta->vlan_id_bound; 1006 1007 iface = hapd->conf->iface; 1008 if (hapd->conf->ssid.vlan[0]) 1009 iface = hapd->conf->ssid.vlan; 1010 1011 if (sta->vlan_id > 0) { 1012 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 1013 if (vlan->vlan_id == sta->vlan_id) 1014 break; 1015 } 1016 if (vlan) 1017 iface = vlan->ifname; 1018 } 1019 1020 /* 1021 * Do not increment ref counters if the VLAN ID remains same, but do 1022 * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might 1023 * have been called before. 1024 */ 1025 if (sta->vlan_id == old_vlanid) 1026 goto skip_counting; 1027 1028 if (sta->vlan_id > 0 && vlan == NULL) { 1029 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1030 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 1031 "binding station to (vlan_id=%d)", 1032 sta->vlan_id); 1033 ret = -1; 1034 goto done; 1035 } else if (vlan && vlan->dynamic_vlan > 0) { 1036 vlan->dynamic_vlan++; 1037 hostapd_logger(hapd, sta->addr, 1038 HOSTAPD_MODULE_IEEE80211, 1039 HOSTAPD_LEVEL_DEBUG, 1040 "updated existing dynamic VLAN interface '%s'", 1041 iface); 1042 } 1043 1044 /* ref counters have been increased, so mark the station */ 1045 sta->vlan_id_bound = sta->vlan_id; 1046 1047 skip_counting: 1048 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1049 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 1050 "'%s'", iface); 1051 1052 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 1053 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 1054 1055 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 1056 if (ret < 0) { 1057 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1058 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 1059 "entry to vlan_id=%d", sta->vlan_id); 1060 } 1061 1062 /* During 1x reauth, if the vlan id changes, then remove the old id. */ 1063 if (old_vlanid > 0 && old_vlanid != sta->vlan_id) 1064 vlan_remove_dynamic(hapd, old_vlanid); 1065 done: 1066 1067 return ret; 1068 #else /* CONFIG_NO_VLAN */ 1069 return 0; 1070 #endif /* CONFIG_NO_VLAN */ 1071 } 1072 1073 1074 #ifdef CONFIG_IEEE80211W 1075 1076 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 1077 { 1078 u32 tu; 1079 struct os_reltime now, passed; 1080 os_get_reltime(&now); 1081 os_reltime_sub(&now, &sta->sa_query_start, &passed); 1082 tu = (passed.sec * 1000000 + passed.usec) / 1024; 1083 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 1084 hostapd_logger(hapd, sta->addr, 1085 HOSTAPD_MODULE_IEEE80211, 1086 HOSTAPD_LEVEL_DEBUG, 1087 "association SA Query timed out"); 1088 sta->sa_query_timed_out = 1; 1089 os_free(sta->sa_query_trans_id); 1090 sta->sa_query_trans_id = NULL; 1091 sta->sa_query_count = 0; 1092 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 1093 return 1; 1094 } 1095 1096 return 0; 1097 } 1098 1099 1100 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 1101 { 1102 struct hostapd_data *hapd = eloop_ctx; 1103 struct sta_info *sta = timeout_ctx; 1104 unsigned int timeout, sec, usec; 1105 u8 *trans_id, *nbuf; 1106 1107 wpa_printf(MSG_DEBUG, "%s: SA Query timer for STA " MACSTR 1108 " (count=%d)", 1109 hapd->conf->iface, MAC2STR(sta->addr), sta->sa_query_count); 1110 1111 if (sta->sa_query_count > 0 && 1112 ap_check_sa_query_timeout(hapd, sta)) 1113 return; 1114 1115 nbuf = os_realloc_array(sta->sa_query_trans_id, 1116 sta->sa_query_count + 1, 1117 WLAN_SA_QUERY_TR_ID_LEN); 1118 if (nbuf == NULL) 1119 return; 1120 if (sta->sa_query_count == 0) { 1121 /* Starting a new SA Query procedure */ 1122 os_get_reltime(&sta->sa_query_start); 1123 } 1124 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 1125 sta->sa_query_trans_id = nbuf; 1126 sta->sa_query_count++; 1127 1128 if (os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0) { 1129 /* 1130 * We don't really care which ID is used here, so simply 1131 * hardcode this if the mostly theoretical os_get_random() 1132 * failure happens. 1133 */ 1134 trans_id[0] = 0x12; 1135 trans_id[1] = 0x34; 1136 } 1137 1138 timeout = hapd->conf->assoc_sa_query_retry_timeout; 1139 sec = ((timeout / 1000) * 1024) / 1000; 1140 usec = (timeout % 1000) * 1024; 1141 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 1142 1143 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1144 HOSTAPD_LEVEL_DEBUG, 1145 "association SA Query attempt %d", sta->sa_query_count); 1146 1147 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 1148 } 1149 1150 1151 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 1152 { 1153 ap_sa_query_timer(hapd, sta); 1154 } 1155 1156 1157 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 1158 { 1159 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 1160 os_free(sta->sa_query_trans_id); 1161 sta->sa_query_trans_id = NULL; 1162 sta->sa_query_count = 0; 1163 } 1164 1165 #endif /* CONFIG_IEEE80211W */ 1166 1167 1168 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 1169 int authorized) 1170 { 1171 const u8 *dev_addr = NULL; 1172 char buf[100]; 1173 #ifdef CONFIG_P2P 1174 u8 addr[ETH_ALEN]; 1175 u8 ip_addr_buf[4]; 1176 #endif /* CONFIG_P2P */ 1177 1178 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 1179 return; 1180 1181 if (authorized) 1182 sta->flags |= WLAN_STA_AUTHORIZED; 1183 else 1184 sta->flags &= ~WLAN_STA_AUTHORIZED; 1185 1186 #ifdef CONFIG_P2P 1187 if (hapd->p2p_group == NULL) { 1188 if (sta->p2p_ie != NULL && 1189 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 1190 dev_addr = addr; 1191 } else 1192 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 1193 1194 if (dev_addr) 1195 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 1196 MAC2STR(sta->addr), MAC2STR(dev_addr)); 1197 else 1198 #endif /* CONFIG_P2P */ 1199 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 1200 1201 if (hapd->sta_authorized_cb) 1202 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 1203 sta->addr, authorized, dev_addr); 1204 1205 if (authorized) { 1206 char ip_addr[100]; 1207 ip_addr[0] = '\0'; 1208 #ifdef CONFIG_P2P 1209 if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { 1210 os_snprintf(ip_addr, sizeof(ip_addr), 1211 " ip_addr=%u.%u.%u.%u", 1212 ip_addr_buf[0], ip_addr_buf[1], 1213 ip_addr_buf[2], ip_addr_buf[3]); 1214 } 1215 #endif /* CONFIG_P2P */ 1216 1217 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s", 1218 buf, ip_addr); 1219 1220 if (hapd->msg_ctx_parent && 1221 hapd->msg_ctx_parent != hapd->msg_ctx) 1222 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 1223 AP_STA_CONNECTED "%s%s", 1224 buf, ip_addr); 1225 } else { 1226 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 1227 1228 if (hapd->msg_ctx_parent && 1229 hapd->msg_ctx_parent != hapd->msg_ctx) 1230 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 1231 AP_STA_DISCONNECTED "%s", buf); 1232 } 1233 1234 #ifdef CONFIG_FST 1235 if (hapd->iface->fst) { 1236 if (authorized) 1237 fst_notify_peer_connected(hapd->iface->fst, sta->addr); 1238 else 1239 fst_notify_peer_disconnected(hapd->iface->fst, 1240 sta->addr); 1241 } 1242 #endif /* CONFIG_FST */ 1243 } 1244 1245 1246 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 1247 const u8 *addr, u16 reason) 1248 { 1249 if (sta) 1250 wpa_printf(MSG_DEBUG, "%s: %s STA " MACSTR " reason=%u", 1251 hapd->conf->iface, __func__, MAC2STR(sta->addr), 1252 reason); 1253 else if (addr) 1254 wpa_printf(MSG_DEBUG, "%s: %s addr " MACSTR " reason=%u", 1255 hapd->conf->iface, __func__, MAC2STR(addr), 1256 reason); 1257 1258 if (sta == NULL && addr) 1259 sta = ap_get_sta(hapd, addr); 1260 1261 if (addr) 1262 hostapd_drv_sta_deauth(hapd, addr, reason); 1263 1264 if (sta == NULL) 1265 return; 1266 ap_sta_set_authorized(hapd, sta, 0); 1267 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 1268 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 1269 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 1270 wpa_printf(MSG_DEBUG, "%s: %s: reschedule ap_handle_timer timeout " 1271 "for " MACSTR " (%d seconds - " 1272 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 1273 hapd->conf->iface, __func__, MAC2STR(sta->addr), 1274 AP_MAX_INACTIVITY_AFTER_DEAUTH); 1275 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 1276 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 1277 ap_handle_timer, hapd, sta); 1278 sta->timeout_next = STA_REMOVE; 1279 1280 if (hapd->iface->current_mode && 1281 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 1282 /* Deauthentication is not used in DMG/IEEE 802.11ad; 1283 * disassociate the STA instead. */ 1284 sta->disassoc_reason = reason; 1285 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 1286 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1287 eloop_register_timeout(hapd->iface->drv_flags & 1288 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 1289 2 : 0, 0, ap_sta_disassoc_cb_timeout, 1290 hapd, sta); 1291 return; 1292 } 1293 1294 sta->deauth_reason = reason; 1295 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 1296 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1297 eloop_register_timeout(hapd->iface->drv_flags & 1298 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 1299 ap_sta_deauth_cb_timeout, hapd, sta); 1300 } 1301 1302 1303 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 1304 { 1305 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 1306 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 1307 return; 1308 } 1309 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 1310 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1311 ap_sta_deauth_cb_timeout(hapd, sta); 1312 } 1313 1314 1315 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 1316 { 1317 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 1318 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 1319 return; 1320 } 1321 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 1322 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1323 ap_sta_disassoc_cb_timeout(hapd, sta); 1324 } 1325 1326 1327 void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, 1328 struct sta_info *sta) 1329 { 1330 if (eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta) > 0) 1331 wpa_printf(MSG_DEBUG, 1332 "%s: Removed ap_sta_deauth_cb_timeout timeout for " 1333 MACSTR, 1334 hapd->conf->iface, MAC2STR(sta->addr)); 1335 if (eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta) > 0) 1336 wpa_printf(MSG_DEBUG, 1337 "%s: Removed ap_sta_disassoc_cb_timeout timeout for " 1338 MACSTR, 1339 hapd->conf->iface, MAC2STR(sta->addr)); 1340 if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0) 1341 { 1342 wpa_printf(MSG_DEBUG, 1343 "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for " 1344 MACSTR, 1345 hapd->conf->iface, MAC2STR(sta->addr)); 1346 if (sta->flags & WLAN_STA_WPS) 1347 hostapd_wps_eap_completed(hapd); 1348 } 1349 } 1350 1351 1352 int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) 1353 { 1354 int res; 1355 1356 buf[0] = '\0'; 1357 res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", 1358 (flags & WLAN_STA_AUTH ? "[AUTH]" : ""), 1359 (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""), 1360 (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""), 1361 (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" : 1362 ""), 1363 (flags & WLAN_STA_SHORT_PREAMBLE ? 1364 "[SHORT_PREAMBLE]" : ""), 1365 (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""), 1366 (flags & WLAN_STA_WMM ? "[WMM]" : ""), 1367 (flags & WLAN_STA_MFP ? "[MFP]" : ""), 1368 (flags & WLAN_STA_WPS ? "[WPS]" : ""), 1369 (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""), 1370 (flags & WLAN_STA_WDS ? "[WDS]" : ""), 1371 (flags & WLAN_STA_NONERP ? "[NonERP]" : ""), 1372 (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""), 1373 (flags & WLAN_STA_GAS ? "[GAS]" : ""), 1374 (flags & WLAN_STA_HT ? "[HT]" : ""), 1375 (flags & WLAN_STA_VHT ? "[VHT]" : ""), 1376 (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""), 1377 (flags & WLAN_STA_WNM_SLEEP_MODE ? 1378 "[WNM_SLEEP_MODE]" : "")); 1379 if (os_snprintf_error(buflen, res)) 1380 res = -1; 1381 1382 return res; 1383 } 1384 1385 1386 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx) 1387 { 1388 struct hostapd_data *hapd = eloop_ctx; 1389 struct sta_info *sta = timeout_ctx; 1390 u16 reason; 1391 1392 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1393 "IEEE 802.1X: Scheduled disconnection of " MACSTR 1394 " after EAP-Failure", MAC2STR(sta->addr)); 1395 1396 reason = sta->disconnect_reason_code; 1397 if (!reason) 1398 reason = WLAN_REASON_IEEE_802_1X_AUTH_FAILED; 1399 ap_sta_disconnect(hapd, sta, sta->addr, reason); 1400 if (sta->flags & WLAN_STA_WPS) 1401 hostapd_wps_eap_completed(hapd); 1402 } 1403 1404 1405 void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 1406 struct sta_info *sta) 1407 { 1408 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1409 "IEEE 802.1X: Force disconnection of " MACSTR 1410 " after EAP-Failure in 10 ms", MAC2STR(sta->addr)); 1411 1412 /* 1413 * Add a small sleep to increase likelihood of previously requested 1414 * EAP-Failure TX getting out before this should the driver reorder 1415 * operations. 1416 */ 1417 eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta); 1418 eloop_register_timeout(0, 10000, ap_sta_delayed_1x_auth_fail_cb, 1419 hapd, sta); 1420 } 1421 1422 1423 int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 1424 struct sta_info *sta) 1425 { 1426 return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb, 1427 hapd, sta); 1428 } 1429