1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2009, Jouni Malinen <j (at) w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15 #include "utils/includes.h" 16 17 #include "utils/common.h" 18 #include "utils/eloop.h" 19 #include "common/ieee802_11_defs.h" 20 #include "radius/radius.h" 21 #include "radius/radius_client.h" 22 #include "drivers/driver.h" 23 #include "p2p/p2p.h" 24 #include "hostapd.h" 25 #include "accounting.h" 26 #include "ieee802_1x.h" 27 #include "ieee802_11.h" 28 #include "wpa_auth.h" 29 #include "preauth_auth.h" 30 #include "ap_config.h" 31 #include "beacon.h" 32 #include "ap_mlme.h" 33 #include "vlan_init.h" 34 #include "p2p_hostapd.h" 35 #include "ap_drv_ops.h" 36 #include "sta_info.h" 37 38 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 39 struct sta_info *sta); 40 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 41 #ifdef CONFIG_IEEE80211W 42 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 43 #endif /* CONFIG_IEEE80211W */ 44 45 int ap_for_each_sta(struct hostapd_data *hapd, 46 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 47 void *ctx), 48 void *ctx) 49 { 50 struct sta_info *sta; 51 52 for (sta = hapd->sta_list; sta; sta = sta->next) { 53 if (cb(hapd, sta, ctx)) 54 return 1; 55 } 56 57 return 0; 58 } 59 60 61 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 62 { 63 struct sta_info *s; 64 65 s = hapd->sta_hash[STA_HASH(sta)]; 66 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 67 s = s->hnext; 68 return s; 69 } 70 71 72 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 73 { 74 struct sta_info *tmp; 75 76 if (hapd->sta_list == sta) { 77 hapd->sta_list = sta->next; 78 return; 79 } 80 81 tmp = hapd->sta_list; 82 while (tmp != NULL && tmp->next != sta) 83 tmp = tmp->next; 84 if (tmp == NULL) { 85 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 86 "list.", MAC2STR(sta->addr)); 87 } else 88 tmp->next = sta->next; 89 } 90 91 92 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 93 { 94 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 95 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 96 } 97 98 99 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 100 { 101 struct sta_info *s; 102 103 s = hapd->sta_hash[STA_HASH(sta->addr)]; 104 if (s == NULL) return; 105 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 106 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 107 return; 108 } 109 110 while (s->hnext != NULL && 111 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 112 s = s->hnext; 113 if (s->hnext != NULL) 114 s->hnext = s->hnext->hnext; 115 else 116 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 117 " from hash table", MAC2STR(sta->addr)); 118 } 119 120 121 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 122 { 123 int set_beacon = 0; 124 125 accounting_sta_stop(hapd, sta); 126 127 /* just in case */ 128 ap_sta_set_authorized(hapd, sta, 0); 129 130 if (sta->flags & WLAN_STA_WDS) 131 hostapd_set_wds_sta(hapd, sta->addr, sta->aid, 0); 132 133 if (!(sta->flags & WLAN_STA_PREAUTH)) 134 hostapd_drv_sta_remove(hapd, sta->addr); 135 136 ap_sta_hash_del(hapd, sta); 137 ap_sta_list_del(hapd, sta); 138 139 if (sta->aid > 0) 140 hapd->sta_aid[(sta->aid - 1) / 32] &= 141 ~BIT((sta->aid - 1) % 32); 142 143 hapd->num_sta--; 144 if (sta->nonerp_set) { 145 sta->nonerp_set = 0; 146 hapd->iface->num_sta_non_erp--; 147 if (hapd->iface->num_sta_non_erp == 0) 148 set_beacon++; 149 } 150 151 if (sta->no_short_slot_time_set) { 152 sta->no_short_slot_time_set = 0; 153 hapd->iface->num_sta_no_short_slot_time--; 154 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 155 && hapd->iface->num_sta_no_short_slot_time == 0) 156 set_beacon++; 157 } 158 159 if (sta->no_short_preamble_set) { 160 sta->no_short_preamble_set = 0; 161 hapd->iface->num_sta_no_short_preamble--; 162 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 163 && hapd->iface->num_sta_no_short_preamble == 0) 164 set_beacon++; 165 } 166 167 if (sta->no_ht_gf_set) { 168 sta->no_ht_gf_set = 0; 169 hapd->iface->num_sta_ht_no_gf--; 170 } 171 172 if (sta->no_ht_set) { 173 sta->no_ht_set = 0; 174 hapd->iface->num_sta_no_ht--; 175 } 176 177 if (sta->ht_20mhz_set) { 178 sta->ht_20mhz_set = 0; 179 hapd->iface->num_sta_ht_20mhz--; 180 } 181 182 #ifdef CONFIG_P2P 183 if (sta->no_p2p_set) { 184 sta->no_p2p_set = 0; 185 hapd->num_sta_no_p2p--; 186 if (hapd->num_sta_no_p2p == 0) 187 hostapd_p2p_non_p2p_sta_disconnected(hapd); 188 } 189 #endif /* CONFIG_P2P */ 190 191 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 192 if (hostapd_ht_operation_update(hapd->iface) > 0) 193 set_beacon++; 194 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 195 196 if (set_beacon) 197 ieee802_11_set_beacons(hapd->iface); 198 199 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 200 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 201 202 ieee802_1x_free_station(sta); 203 wpa_auth_sta_deinit(sta->wpa_sm); 204 rsn_preauth_free_station(hapd, sta); 205 #ifndef CONFIG_NO_RADIUS 206 radius_client_flush_auth(hapd->radius, sta->addr); 207 #endif /* CONFIG_NO_RADIUS */ 208 209 os_free(sta->last_assoc_req); 210 os_free(sta->challenge); 211 212 #ifdef CONFIG_IEEE80211W 213 os_free(sta->sa_query_trans_id); 214 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 215 #endif /* CONFIG_IEEE80211W */ 216 217 #ifdef CONFIG_P2P 218 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 219 #endif /* CONFIG_P2P */ 220 221 wpabuf_free(sta->wps_ie); 222 wpabuf_free(sta->p2p_ie); 223 224 os_free(sta->ht_capabilities); 225 226 os_free(sta); 227 } 228 229 230 void hostapd_free_stas(struct hostapd_data *hapd) 231 { 232 struct sta_info *sta, *prev; 233 234 sta = hapd->sta_list; 235 236 while (sta) { 237 prev = sta; 238 if (sta->flags & WLAN_STA_AUTH) { 239 mlme_deauthenticate_indication( 240 hapd, sta, WLAN_REASON_UNSPECIFIED); 241 } 242 sta = sta->next; 243 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 244 MAC2STR(prev->addr)); 245 ap_free_sta(hapd, prev); 246 } 247 } 248 249 250 /** 251 * ap_handle_timer - Per STA timer handler 252 * @eloop_ctx: struct hostapd_data * 253 * @timeout_ctx: struct sta_info * 254 * 255 * This function is called to check station activity and to remove inactive 256 * stations. 257 */ 258 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 259 { 260 struct hostapd_data *hapd = eloop_ctx; 261 struct sta_info *sta = timeout_ctx; 262 unsigned long next_time = 0; 263 264 if (sta->timeout_next == STA_REMOVE) { 265 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 266 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 267 "local deauth request"); 268 ap_free_sta(hapd, sta); 269 return; 270 } 271 272 if ((sta->flags & WLAN_STA_ASSOC) && 273 (sta->timeout_next == STA_NULLFUNC || 274 sta->timeout_next == STA_DISASSOC)) { 275 int inactive_sec; 276 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 277 if (inactive_sec == -1) { 278 wpa_msg(hapd, MSG_DEBUG, "Check inactivity: Could not " 279 "get station info rom kernel driver for " 280 MACSTR, MAC2STR(sta->addr)); 281 } else if (inactive_sec < hapd->conf->ap_max_inactivity && 282 sta->flags & WLAN_STA_ASSOC) { 283 /* station activity detected; reset timeout state */ 284 wpa_msg(hapd, MSG_DEBUG, "Station " MACSTR " has been " 285 "active %is ago", 286 MAC2STR(sta->addr), inactive_sec); 287 sta->timeout_next = STA_NULLFUNC; 288 next_time = hapd->conf->ap_max_inactivity - 289 inactive_sec; 290 } else { 291 wpa_msg(hapd, MSG_DEBUG, "Station " MACSTR " has been " 292 "inactive too long: %d sec, max allowed: %d", 293 MAC2STR(sta->addr), inactive_sec, 294 hapd->conf->ap_max_inactivity); 295 } 296 } 297 298 if ((sta->flags & WLAN_STA_ASSOC) && 299 sta->timeout_next == STA_DISASSOC && 300 !(sta->flags & WLAN_STA_PENDING_POLL)) { 301 wpa_msg(hapd, MSG_DEBUG, "Station " MACSTR " has ACKed data " 302 "poll", MAC2STR(sta->addr)); 303 /* data nullfunc frame poll did not produce TX errors; assume 304 * station ACKed it */ 305 sta->timeout_next = STA_NULLFUNC; 306 next_time = hapd->conf->ap_max_inactivity; 307 } 308 309 if (next_time) { 310 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 311 sta); 312 return; 313 } 314 315 if (sta->timeout_next == STA_NULLFUNC && 316 (sta->flags & WLAN_STA_ASSOC)) { 317 #ifndef CONFIG_NATIVE_WINDOWS 318 /* send data frame to poll STA and check whether this frame 319 * is ACKed */ 320 struct ieee80211_hdr hdr; 321 322 wpa_printf(MSG_DEBUG, " Polling STA with data frame"); 323 sta->flags |= WLAN_STA_PENDING_POLL; 324 325 os_memset(&hdr, 0, sizeof(hdr)); 326 if (hapd->driver && 327 os_strcmp(hapd->driver->name, "hostap") == 0) { 328 /* 329 * WLAN_FC_STYPE_NULLFUNC would be more appropriate, 330 * but it is apparently not retried so TX Exc events 331 * are not received for it. 332 */ 333 hdr.frame_control = 334 IEEE80211_FC(WLAN_FC_TYPE_DATA, 335 WLAN_FC_STYPE_DATA); 336 } else { 337 hdr.frame_control = 338 IEEE80211_FC(WLAN_FC_TYPE_DATA, 339 WLAN_FC_STYPE_NULLFUNC); 340 } 341 342 hdr.frame_control |= host_to_le16(WLAN_FC_FROMDS); 343 os_memcpy(hdr.IEEE80211_DA_FROMDS, sta->addr, ETH_ALEN); 344 os_memcpy(hdr.IEEE80211_BSSID_FROMDS, hapd->own_addr, 345 ETH_ALEN); 346 os_memcpy(hdr.IEEE80211_SA_FROMDS, hapd->own_addr, ETH_ALEN); 347 348 if (hostapd_drv_send_mlme(hapd, &hdr, sizeof(hdr)) < 0) 349 perror("ap_handle_timer: send"); 350 #endif /* CONFIG_NATIVE_WINDOWS */ 351 } else if (sta->timeout_next != STA_REMOVE) { 352 int deauth = sta->timeout_next == STA_DEAUTH; 353 354 wpa_printf(MSG_DEBUG, "Sending %s info to STA " MACSTR, 355 deauth ? "deauthentication" : "disassociation", 356 MAC2STR(sta->addr)); 357 358 if (deauth) { 359 hostapd_drv_sta_deauth( 360 hapd, sta->addr, 361 WLAN_REASON_PREV_AUTH_NOT_VALID); 362 } else { 363 hostapd_drv_sta_disassoc( 364 hapd, sta->addr, 365 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 366 } 367 } 368 369 switch (sta->timeout_next) { 370 case STA_NULLFUNC: 371 sta->timeout_next = STA_DISASSOC; 372 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 373 hapd, sta); 374 break; 375 case STA_DISASSOC: 376 sta->flags &= ~WLAN_STA_ASSOC; 377 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 378 if (!sta->acct_terminate_cause) 379 sta->acct_terminate_cause = 380 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 381 accounting_sta_stop(hapd, sta); 382 ieee802_1x_free_station(sta); 383 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 384 HOSTAPD_LEVEL_INFO, "disassociated due to " 385 "inactivity"); 386 sta->timeout_next = STA_DEAUTH; 387 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 388 hapd, sta); 389 mlme_disassociate_indication( 390 hapd, sta, WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 391 break; 392 case STA_DEAUTH: 393 case STA_REMOVE: 394 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 395 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 396 "inactivity"); 397 if (!sta->acct_terminate_cause) 398 sta->acct_terminate_cause = 399 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 400 mlme_deauthenticate_indication( 401 hapd, sta, 402 WLAN_REASON_PREV_AUTH_NOT_VALID); 403 ap_free_sta(hapd, sta); 404 break; 405 } 406 } 407 408 409 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 410 { 411 struct hostapd_data *hapd = eloop_ctx; 412 struct sta_info *sta = timeout_ctx; 413 u8 addr[ETH_ALEN]; 414 415 if (!(sta->flags & WLAN_STA_AUTH)) 416 return; 417 418 mlme_deauthenticate_indication(hapd, sta, 419 WLAN_REASON_PREV_AUTH_NOT_VALID); 420 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 421 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 422 "session timeout"); 423 sta->acct_terminate_cause = 424 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 425 os_memcpy(addr, sta->addr, ETH_ALEN); 426 ap_free_sta(hapd, sta); 427 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); 428 } 429 430 431 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 432 u32 session_timeout) 433 { 434 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 435 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 436 "seconds", session_timeout); 437 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 438 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 439 hapd, sta); 440 } 441 442 443 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 444 { 445 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 446 } 447 448 449 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 450 { 451 struct sta_info *sta; 452 453 sta = ap_get_sta(hapd, addr); 454 if (sta) 455 return sta; 456 457 wpa_printf(MSG_DEBUG, " New STA"); 458 if (hapd->num_sta >= hapd->conf->max_num_sta) { 459 /* FIX: might try to remove some old STAs first? */ 460 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 461 hapd->num_sta, hapd->conf->max_num_sta); 462 return NULL; 463 } 464 465 sta = os_zalloc(sizeof(struct sta_info)); 466 if (sta == NULL) { 467 wpa_printf(MSG_ERROR, "malloc failed"); 468 return NULL; 469 } 470 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 471 472 /* initialize STA info data */ 473 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 474 ap_handle_timer, hapd, sta); 475 os_memcpy(sta->addr, addr, ETH_ALEN); 476 sta->next = hapd->sta_list; 477 hapd->sta_list = sta; 478 hapd->num_sta++; 479 ap_sta_hash_add(hapd, sta); 480 sta->ssid = &hapd->conf->ssid; 481 ap_sta_remove_in_other_bss(hapd, sta); 482 483 return sta; 484 } 485 486 487 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 488 { 489 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 490 491 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver", 492 MAC2STR(sta->addr)); 493 if (hostapd_drv_sta_remove(hapd, sta->addr) && 494 sta->flags & WLAN_STA_ASSOC) { 495 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR 496 " from kernel driver.", MAC2STR(sta->addr)); 497 return -1; 498 } 499 return 0; 500 } 501 502 503 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 504 struct sta_info *sta) 505 { 506 struct hostapd_iface *iface = hapd->iface; 507 size_t i; 508 509 for (i = 0; i < iface->num_bss; i++) { 510 struct hostapd_data *bss = iface->bss[i]; 511 struct sta_info *sta2; 512 /* bss should always be set during operation, but it may be 513 * NULL during reconfiguration. Assume the STA is not 514 * associated to another BSS in that case to avoid NULL pointer 515 * dereferences. */ 516 if (bss == hapd || bss == NULL) 517 continue; 518 sta2 = ap_get_sta(bss, sta->addr); 519 if (!sta2) 520 continue; 521 522 ap_sta_disconnect(bss, sta2, sta2->addr, 523 WLAN_REASON_PREV_AUTH_NOT_VALID); 524 } 525 } 526 527 528 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 529 u16 reason) 530 { 531 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 532 hapd->conf->iface, MAC2STR(sta->addr)); 533 sta->flags &= ~WLAN_STA_ASSOC; 534 ap_sta_remove(hapd, sta); 535 sta->timeout_next = STA_DEAUTH; 536 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 537 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 538 ap_handle_timer, hapd, sta); 539 accounting_sta_stop(hapd, sta); 540 ieee802_1x_free_station(sta); 541 542 mlme_disassociate_indication(hapd, sta, reason); 543 } 544 545 546 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 547 u16 reason) 548 { 549 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 550 hapd->conf->iface, MAC2STR(sta->addr)); 551 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 552 ap_sta_remove(hapd, sta); 553 sta->timeout_next = STA_REMOVE; 554 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 555 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 556 ap_handle_timer, hapd, sta); 557 accounting_sta_stop(hapd, sta); 558 ieee802_1x_free_station(sta); 559 560 mlme_deauthenticate_indication(hapd, sta, reason); 561 } 562 563 564 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, 565 int old_vlanid) 566 { 567 #ifndef CONFIG_NO_VLAN 568 const char *iface; 569 struct hostapd_vlan *vlan = NULL; 570 int ret; 571 572 /* 573 * Do not proceed furthur if the vlan id remains same. We do not want 574 * duplicate dynamic vlan entries. 575 */ 576 if (sta->vlan_id == old_vlanid) 577 return 0; 578 579 /* 580 * During 1x reauth, if the vlan id changes, then remove the old id and 581 * proceed furthur to add the new one. 582 */ 583 if (old_vlanid > 0) 584 vlan_remove_dynamic(hapd, old_vlanid); 585 586 iface = hapd->conf->iface; 587 if (sta->ssid->vlan[0]) 588 iface = sta->ssid->vlan; 589 590 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) 591 sta->vlan_id = 0; 592 else if (sta->vlan_id > 0) { 593 vlan = hapd->conf->vlan; 594 while (vlan) { 595 if (vlan->vlan_id == sta->vlan_id || 596 vlan->vlan_id == VLAN_ID_WILDCARD) { 597 iface = vlan->ifname; 598 break; 599 } 600 vlan = vlan->next; 601 } 602 } 603 604 if (sta->vlan_id > 0 && vlan == NULL) { 605 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 606 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 607 "binding station to (vlan_id=%d)", 608 sta->vlan_id); 609 return -1; 610 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { 611 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); 612 if (vlan == NULL) { 613 hostapd_logger(hapd, sta->addr, 614 HOSTAPD_MODULE_IEEE80211, 615 HOSTAPD_LEVEL_DEBUG, "could not add " 616 "dynamic VLAN interface for vlan_id=%d", 617 sta->vlan_id); 618 return -1; 619 } 620 621 iface = vlan->ifname; 622 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 623 hostapd_logger(hapd, sta->addr, 624 HOSTAPD_MODULE_IEEE80211, 625 HOSTAPD_LEVEL_DEBUG, "could not " 626 "configure encryption for dynamic VLAN " 627 "interface for vlan_id=%d", 628 sta->vlan_id); 629 } 630 631 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 632 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " 633 "interface '%s'", iface); 634 } else if (vlan && vlan->vlan_id == sta->vlan_id) { 635 if (sta->vlan_id > 0) { 636 vlan->dynamic_vlan++; 637 hostapd_logger(hapd, sta->addr, 638 HOSTAPD_MODULE_IEEE80211, 639 HOSTAPD_LEVEL_DEBUG, "updated existing " 640 "dynamic VLAN interface '%s'", iface); 641 } 642 643 /* 644 * Update encryption configuration for statically generated 645 * VLAN interface. This is only used for static WEP 646 * configuration for the case where hostapd did not yet know 647 * which keys are to be used when the interface was added. 648 */ 649 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 650 hostapd_logger(hapd, sta->addr, 651 HOSTAPD_MODULE_IEEE80211, 652 HOSTAPD_LEVEL_DEBUG, "could not " 653 "configure encryption for VLAN " 654 "interface for vlan_id=%d", 655 sta->vlan_id); 656 } 657 } 658 659 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 660 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 661 "'%s'", iface); 662 663 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 664 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 665 666 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 667 if (ret < 0) { 668 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 669 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 670 "entry to vlan_id=%d", sta->vlan_id); 671 } 672 return ret; 673 #else /* CONFIG_NO_VLAN */ 674 return 0; 675 #endif /* CONFIG_NO_VLAN */ 676 } 677 678 679 #ifdef CONFIG_IEEE80211W 680 681 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 682 { 683 u32 tu; 684 struct os_time now, passed; 685 os_get_time(&now); 686 os_time_sub(&now, &sta->sa_query_start, &passed); 687 tu = (passed.sec * 1000000 + passed.usec) / 1024; 688 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 689 hostapd_logger(hapd, sta->addr, 690 HOSTAPD_MODULE_IEEE80211, 691 HOSTAPD_LEVEL_DEBUG, 692 "association SA Query timed out"); 693 sta->sa_query_timed_out = 1; 694 os_free(sta->sa_query_trans_id); 695 sta->sa_query_trans_id = NULL; 696 sta->sa_query_count = 0; 697 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 698 return 1; 699 } 700 701 return 0; 702 } 703 704 705 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 706 { 707 struct hostapd_data *hapd = eloop_ctx; 708 struct sta_info *sta = timeout_ctx; 709 unsigned int timeout, sec, usec; 710 u8 *trans_id, *nbuf; 711 712 if (sta->sa_query_count > 0 && 713 ap_check_sa_query_timeout(hapd, sta)) 714 return; 715 716 nbuf = os_realloc(sta->sa_query_trans_id, 717 (sta->sa_query_count + 1) * WLAN_SA_QUERY_TR_ID_LEN); 718 if (nbuf == NULL) 719 return; 720 if (sta->sa_query_count == 0) { 721 /* Starting a new SA Query procedure */ 722 os_get_time(&sta->sa_query_start); 723 } 724 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 725 sta->sa_query_trans_id = nbuf; 726 sta->sa_query_count++; 727 728 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); 729 730 timeout = hapd->conf->assoc_sa_query_retry_timeout; 731 sec = ((timeout / 1000) * 1024) / 1000; 732 usec = (timeout % 1000) * 1024; 733 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 734 735 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 736 HOSTAPD_LEVEL_DEBUG, 737 "association SA Query attempt %d", sta->sa_query_count); 738 739 #ifdef NEED_AP_MLME 740 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 741 #endif /* NEED_AP_MLME */ 742 } 743 744 745 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 746 { 747 ap_sa_query_timer(hapd, sta); 748 } 749 750 751 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 752 { 753 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 754 os_free(sta->sa_query_trans_id); 755 sta->sa_query_trans_id = NULL; 756 sta->sa_query_count = 0; 757 } 758 759 #endif /* CONFIG_IEEE80211W */ 760 761 762 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 763 int authorized) 764 { 765 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 766 return; 767 768 if (authorized) 769 sta->flags |= WLAN_STA_AUTHORIZED; 770 else 771 sta->flags &= ~WLAN_STA_AUTHORIZED; 772 773 if (hapd->sta_authorized_cb) 774 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 775 sta->addr, authorized); 776 } 777 778 779 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 780 const u8 *addr, u16 reason) 781 { 782 783 if (sta == NULL && addr) 784 sta = ap_get_sta(hapd, addr); 785 786 if (addr) 787 hostapd_drv_sta_deauth(hapd, addr, reason); 788 789 if (sta == NULL) 790 return; 791 ap_sta_set_authorized(hapd, sta, 0); 792 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 793 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 794 eloop_register_timeout(0, 0, ap_handle_timer, hapd, sta); 795 sta->timeout_next = STA_REMOVE; 796 } 797
