1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2011, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "common/ieee802_11_defs.h" 14 #include "common/wpa_ctrl.h" 15 #include "common/sae.h" 16 #include "radius/radius.h" 17 #include "radius/radius_client.h" 18 #include "drivers/driver.h" 19 #include "p2p/p2p.h" 20 #include "hostapd.h" 21 #include "accounting.h" 22 #include "ieee802_1x.h" 23 #include "ieee802_11.h" 24 #include "ieee802_11_auth.h" 25 #include "wpa_auth.h" 26 #include "preauth_auth.h" 27 #include "ap_config.h" 28 #include "beacon.h" 29 #include "ap_mlme.h" 30 #include "vlan_init.h" 31 #include "p2p_hostapd.h" 32 #include "ap_drv_ops.h" 33 #include "gas_serv.h" 34 #include "sta_info.h" 35 36 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 37 struct sta_info *sta); 38 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 39 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 40 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 41 #ifdef CONFIG_IEEE80211W 42 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 43 #endif /* CONFIG_IEEE80211W */ 44 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 45 46 int ap_for_each_sta(struct hostapd_data *hapd, 47 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 48 void *ctx), 49 void *ctx) 50 { 51 struct sta_info *sta; 52 53 for (sta = hapd->sta_list; sta; sta = sta->next) { 54 if (cb(hapd, sta, ctx)) 55 return 1; 56 } 57 58 return 0; 59 } 60 61 62 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 63 { 64 struct sta_info *s; 65 66 s = hapd->sta_hash[STA_HASH(sta)]; 67 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 68 s = s->hnext; 69 return s; 70 } 71 72 73 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 74 { 75 struct sta_info *tmp; 76 77 if (hapd->sta_list == sta) { 78 hapd->sta_list = sta->next; 79 return; 80 } 81 82 tmp = hapd->sta_list; 83 while (tmp != NULL && tmp->next != sta) 84 tmp = tmp->next; 85 if (tmp == NULL) { 86 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 87 "list.", MAC2STR(sta->addr)); 88 } else 89 tmp->next = sta->next; 90 } 91 92 93 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 94 { 95 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 96 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 97 } 98 99 100 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 101 { 102 struct sta_info *s; 103 104 s = hapd->sta_hash[STA_HASH(sta->addr)]; 105 if (s == NULL) return; 106 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 107 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 108 return; 109 } 110 111 while (s->hnext != NULL && 112 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 113 s = s->hnext; 114 if (s->hnext != NULL) 115 s->hnext = s->hnext->hnext; 116 else 117 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 118 " from hash table", MAC2STR(sta->addr)); 119 } 120 121 122 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 123 { 124 int set_beacon = 0; 125 126 accounting_sta_stop(hapd, sta); 127 128 /* just in case */ 129 ap_sta_set_authorized(hapd, sta, 0); 130 131 if (sta->flags & WLAN_STA_WDS) 132 hostapd_set_wds_sta(hapd, sta->addr, sta->aid, 0); 133 134 if (!(sta->flags & WLAN_STA_PREAUTH)) 135 hostapd_drv_sta_remove(hapd, sta->addr); 136 137 ap_sta_hash_del(hapd, sta); 138 ap_sta_list_del(hapd, sta); 139 140 if (sta->aid > 0) 141 hapd->sta_aid[(sta->aid - 1) / 32] &= 142 ~BIT((sta->aid - 1) % 32); 143 144 hapd->num_sta--; 145 if (sta->nonerp_set) { 146 sta->nonerp_set = 0; 147 hapd->iface->num_sta_non_erp--; 148 if (hapd->iface->num_sta_non_erp == 0) 149 set_beacon++; 150 } 151 152 if (sta->no_short_slot_time_set) { 153 sta->no_short_slot_time_set = 0; 154 hapd->iface->num_sta_no_short_slot_time--; 155 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 156 && hapd->iface->num_sta_no_short_slot_time == 0) 157 set_beacon++; 158 } 159 160 if (sta->no_short_preamble_set) { 161 sta->no_short_preamble_set = 0; 162 hapd->iface->num_sta_no_short_preamble--; 163 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 164 && hapd->iface->num_sta_no_short_preamble == 0) 165 set_beacon++; 166 } 167 168 if (sta->no_ht_gf_set) { 169 sta->no_ht_gf_set = 0; 170 hapd->iface->num_sta_ht_no_gf--; 171 } 172 173 if (sta->no_ht_set) { 174 sta->no_ht_set = 0; 175 hapd->iface->num_sta_no_ht--; 176 } 177 178 if (sta->ht_20mhz_set) { 179 sta->ht_20mhz_set = 0; 180 hapd->iface->num_sta_ht_20mhz--; 181 } 182 183 #ifdef CONFIG_P2P 184 if (sta->no_p2p_set) { 185 sta->no_p2p_set = 0; 186 hapd->num_sta_no_p2p--; 187 if (hapd->num_sta_no_p2p == 0) 188 hostapd_p2p_non_p2p_sta_disconnected(hapd); 189 } 190 #endif /* CONFIG_P2P */ 191 192 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 193 if (hostapd_ht_operation_update(hapd->iface) > 0) 194 set_beacon++; 195 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 196 197 if (set_beacon) 198 ieee802_11_set_beacons(hapd->iface); 199 200 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 201 __func__, MAC2STR(sta->addr)); 202 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 203 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 204 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 205 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 206 207 ieee802_1x_free_station(sta); 208 wpa_auth_sta_deinit(sta->wpa_sm); 209 rsn_preauth_free_station(hapd, sta); 210 #ifndef CONFIG_NO_RADIUS 211 radius_client_flush_auth(hapd->radius, sta->addr); 212 #endif /* CONFIG_NO_RADIUS */ 213 214 os_free(sta->last_assoc_req); 215 os_free(sta->challenge); 216 217 #ifdef CONFIG_IEEE80211W 218 os_free(sta->sa_query_trans_id); 219 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 220 #endif /* CONFIG_IEEE80211W */ 221 222 #ifdef CONFIG_P2P 223 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 224 #endif /* CONFIG_P2P */ 225 226 #ifdef CONFIG_INTERWORKING 227 if (sta->gas_dialog) { 228 int i; 229 for (i = 0; i < GAS_DIALOG_MAX; i++) 230 gas_serv_dialog_clear(&sta->gas_dialog[i]); 231 os_free(sta->gas_dialog); 232 } 233 #endif /* CONFIG_INTERWORKING */ 234 235 wpabuf_free(sta->wps_ie); 236 wpabuf_free(sta->p2p_ie); 237 wpabuf_free(sta->hs20_ie); 238 239 os_free(sta->ht_capabilities); 240 hostapd_free_psk_list(sta->psk); 241 os_free(sta->identity); 242 os_free(sta->radius_cui); 243 244 #ifdef CONFIG_SAE 245 sae_clear_data(sta->sae); 246 os_free(sta->sae); 247 #endif /* CONFIG_SAE */ 248 249 os_free(sta); 250 } 251 252 253 void hostapd_free_stas(struct hostapd_data *hapd) 254 { 255 struct sta_info *sta, *prev; 256 257 sta = hapd->sta_list; 258 259 while (sta) { 260 prev = sta; 261 if (sta->flags & WLAN_STA_AUTH) { 262 mlme_deauthenticate_indication( 263 hapd, sta, WLAN_REASON_UNSPECIFIED); 264 } 265 sta = sta->next; 266 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 267 MAC2STR(prev->addr)); 268 ap_free_sta(hapd, prev); 269 } 270 } 271 272 273 /** 274 * ap_handle_timer - Per STA timer handler 275 * @eloop_ctx: struct hostapd_data * 276 * @timeout_ctx: struct sta_info * 277 * 278 * This function is called to check station activity and to remove inactive 279 * stations. 280 */ 281 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 282 { 283 struct hostapd_data *hapd = eloop_ctx; 284 struct sta_info *sta = timeout_ctx; 285 unsigned long next_time = 0; 286 287 wpa_printf(MSG_DEBUG, "%s: " MACSTR " flags=0x%x timeout_next=%d", 288 __func__, MAC2STR(sta->addr), sta->flags, 289 sta->timeout_next); 290 if (sta->timeout_next == STA_REMOVE) { 291 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 292 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 293 "local deauth request"); 294 ap_free_sta(hapd, sta); 295 return; 296 } 297 298 if ((sta->flags & WLAN_STA_ASSOC) && 299 (sta->timeout_next == STA_NULLFUNC || 300 sta->timeout_next == STA_DISASSOC)) { 301 int inactive_sec; 302 /* 303 * Add random value to timeout so that we don't end up bouncing 304 * all stations at the same time if we have lots of associated 305 * stations that are idle (but keep re-associating). 306 */ 307 int fuzz = os_random() % 20; 308 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 309 if (inactive_sec == -1) { 310 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 311 "Check inactivity: Could not " 312 "get station info from kernel driver for " 313 MACSTR, MAC2STR(sta->addr)); 314 /* 315 * The driver may not support this functionality. 316 * Anyway, try again after the next inactivity timeout, 317 * but do not disconnect the station now. 318 */ 319 next_time = hapd->conf->ap_max_inactivity + fuzz; 320 } else if (inactive_sec < hapd->conf->ap_max_inactivity && 321 sta->flags & WLAN_STA_ASSOC) { 322 /* station activity detected; reset timeout state */ 323 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 324 "Station " MACSTR " has been active %is ago", 325 MAC2STR(sta->addr), inactive_sec); 326 sta->timeout_next = STA_NULLFUNC; 327 next_time = hapd->conf->ap_max_inactivity + fuzz - 328 inactive_sec; 329 } else { 330 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 331 "Station " MACSTR " has been " 332 "inactive too long: %d sec, max allowed: %d", 333 MAC2STR(sta->addr), inactive_sec, 334 hapd->conf->ap_max_inactivity); 335 336 if (hapd->conf->skip_inactivity_poll) 337 sta->timeout_next = STA_DISASSOC; 338 } 339 } 340 341 if ((sta->flags & WLAN_STA_ASSOC) && 342 sta->timeout_next == STA_DISASSOC && 343 !(sta->flags & WLAN_STA_PENDING_POLL) && 344 !hapd->conf->skip_inactivity_poll) { 345 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 346 " has ACKed data poll", MAC2STR(sta->addr)); 347 /* data nullfunc frame poll did not produce TX errors; assume 348 * station ACKed it */ 349 sta->timeout_next = STA_NULLFUNC; 350 next_time = hapd->conf->ap_max_inactivity; 351 } 352 353 if (next_time) { 354 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 355 "for " MACSTR " (%lu seconds)", 356 __func__, MAC2STR(sta->addr), next_time); 357 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 358 sta); 359 return; 360 } 361 362 if (sta->timeout_next == STA_NULLFUNC && 363 (sta->flags & WLAN_STA_ASSOC)) { 364 wpa_printf(MSG_DEBUG, " Polling STA"); 365 sta->flags |= WLAN_STA_PENDING_POLL; 366 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 367 sta->flags & WLAN_STA_WMM); 368 } else if (sta->timeout_next != STA_REMOVE) { 369 int deauth = sta->timeout_next == STA_DEAUTH; 370 371 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 372 "Timeout, sending %s info to STA " MACSTR, 373 deauth ? "deauthentication" : "disassociation", 374 MAC2STR(sta->addr)); 375 376 if (deauth) { 377 hostapd_drv_sta_deauth( 378 hapd, sta->addr, 379 WLAN_REASON_PREV_AUTH_NOT_VALID); 380 } else { 381 hostapd_drv_sta_disassoc( 382 hapd, sta->addr, 383 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 384 } 385 } 386 387 switch (sta->timeout_next) { 388 case STA_NULLFUNC: 389 sta->timeout_next = STA_DISASSOC; 390 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 391 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 392 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 393 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 394 hapd, sta); 395 break; 396 case STA_DISASSOC: 397 ap_sta_set_authorized(hapd, sta, 0); 398 sta->flags &= ~WLAN_STA_ASSOC; 399 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 400 if (!sta->acct_terminate_cause) 401 sta->acct_terminate_cause = 402 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 403 accounting_sta_stop(hapd, sta); 404 ieee802_1x_free_station(sta); 405 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 406 HOSTAPD_LEVEL_INFO, "disassociated due to " 407 "inactivity"); 408 sta->timeout_next = STA_DEAUTH; 409 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 410 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 411 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 412 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 413 hapd, sta); 414 mlme_disassociate_indication( 415 hapd, sta, WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY); 416 break; 417 case STA_DEAUTH: 418 case STA_REMOVE: 419 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 420 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 421 "inactivity (timer DEAUTH/REMOVE)"); 422 if (!sta->acct_terminate_cause) 423 sta->acct_terminate_cause = 424 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 425 mlme_deauthenticate_indication( 426 hapd, sta, 427 WLAN_REASON_PREV_AUTH_NOT_VALID); 428 ap_free_sta(hapd, sta); 429 break; 430 } 431 } 432 433 434 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 435 { 436 struct hostapd_data *hapd = eloop_ctx; 437 struct sta_info *sta = timeout_ctx; 438 u8 addr[ETH_ALEN]; 439 440 if (!(sta->flags & WLAN_STA_AUTH)) { 441 if (sta->flags & WLAN_STA_GAS) { 442 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 443 "entry " MACSTR, MAC2STR(sta->addr)); 444 ap_free_sta(hapd, sta); 445 } 446 return; 447 } 448 449 mlme_deauthenticate_indication(hapd, sta, 450 WLAN_REASON_PREV_AUTH_NOT_VALID); 451 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 452 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 453 "session timeout"); 454 sta->acct_terminate_cause = 455 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 456 os_memcpy(addr, sta->addr, ETH_ALEN); 457 ap_free_sta(hapd, sta); 458 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); 459 } 460 461 462 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 463 u32 session_timeout) 464 { 465 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 466 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 467 "seconds", session_timeout); 468 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 469 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 470 hapd, sta); 471 } 472 473 474 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 475 { 476 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 477 } 478 479 480 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 481 { 482 struct sta_info *sta; 483 484 sta = ap_get_sta(hapd, addr); 485 if (sta) 486 return sta; 487 488 wpa_printf(MSG_DEBUG, " New STA"); 489 if (hapd->num_sta >= hapd->conf->max_num_sta) { 490 /* FIX: might try to remove some old STAs first? */ 491 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 492 hapd->num_sta, hapd->conf->max_num_sta); 493 return NULL; 494 } 495 496 sta = os_zalloc(sizeof(struct sta_info)); 497 if (sta == NULL) { 498 wpa_printf(MSG_ERROR, "malloc failed"); 499 return NULL; 500 } 501 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 502 accounting_sta_get_id(hapd, sta); 503 504 /* initialize STA info data */ 505 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 506 "for " MACSTR " (%d seconds - ap_max_inactivity)", 507 __func__, MAC2STR(addr), 508 hapd->conf->ap_max_inactivity); 509 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 510 ap_handle_timer, hapd, sta); 511 os_memcpy(sta->addr, addr, ETH_ALEN); 512 sta->next = hapd->sta_list; 513 hapd->sta_list = sta; 514 hapd->num_sta++; 515 ap_sta_hash_add(hapd, sta); 516 sta->ssid = &hapd->conf->ssid; 517 ap_sta_remove_in_other_bss(hapd, sta); 518 519 return sta; 520 } 521 522 523 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 524 { 525 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 526 527 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver", 528 MAC2STR(sta->addr)); 529 if (hostapd_drv_sta_remove(hapd, sta->addr) && 530 sta->flags & WLAN_STA_ASSOC) { 531 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR 532 " from kernel driver.", MAC2STR(sta->addr)); 533 return -1; 534 } 535 return 0; 536 } 537 538 539 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 540 struct sta_info *sta) 541 { 542 struct hostapd_iface *iface = hapd->iface; 543 size_t i; 544 545 for (i = 0; i < iface->num_bss; i++) { 546 struct hostapd_data *bss = iface->bss[i]; 547 struct sta_info *sta2; 548 /* bss should always be set during operation, but it may be 549 * NULL during reconfiguration. Assume the STA is not 550 * associated to another BSS in that case to avoid NULL pointer 551 * dereferences. */ 552 if (bss == hapd || bss == NULL) 553 continue; 554 sta2 = ap_get_sta(bss, sta->addr); 555 if (!sta2) 556 continue; 557 558 ap_sta_disconnect(bss, sta2, sta2->addr, 559 WLAN_REASON_PREV_AUTH_NOT_VALID); 560 } 561 } 562 563 564 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 565 { 566 struct hostapd_data *hapd = eloop_ctx; 567 struct sta_info *sta = timeout_ctx; 568 569 ap_sta_remove(hapd, sta); 570 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 571 } 572 573 574 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 575 u16 reason) 576 { 577 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 578 hapd->conf->iface, MAC2STR(sta->addr)); 579 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 580 ap_sta_set_authorized(hapd, sta, 0); 581 sta->timeout_next = STA_DEAUTH; 582 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 583 "for " MACSTR " (%d seconds - " 584 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 585 __func__, MAC2STR(sta->addr), 586 AP_MAX_INACTIVITY_AFTER_DISASSOC); 587 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 588 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 589 ap_handle_timer, hapd, sta); 590 accounting_sta_stop(hapd, sta); 591 ieee802_1x_free_station(sta); 592 593 sta->disassoc_reason = reason; 594 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 595 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 596 eloop_register_timeout(hapd->iface->drv_flags & 597 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 598 ap_sta_disassoc_cb_timeout, hapd, sta); 599 } 600 601 602 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 603 { 604 struct hostapd_data *hapd = eloop_ctx; 605 struct sta_info *sta = timeout_ctx; 606 607 ap_sta_remove(hapd, sta); 608 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 609 } 610 611 612 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 613 u16 reason) 614 { 615 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 616 hapd->conf->iface, MAC2STR(sta->addr)); 617 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 618 ap_sta_set_authorized(hapd, sta, 0); 619 sta->timeout_next = STA_REMOVE; 620 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 621 "for " MACSTR " (%d seconds - " 622 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 623 __func__, MAC2STR(sta->addr), 624 AP_MAX_INACTIVITY_AFTER_DEAUTH); 625 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 626 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 627 ap_handle_timer, hapd, sta); 628 accounting_sta_stop(hapd, sta); 629 ieee802_1x_free_station(sta); 630 631 sta->deauth_reason = reason; 632 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 633 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 634 eloop_register_timeout(hapd->iface->drv_flags & 635 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 636 ap_sta_deauth_cb_timeout, hapd, sta); 637 } 638 639 640 #ifdef CONFIG_WPS 641 int ap_sta_wps_cancel(struct hostapd_data *hapd, 642 struct sta_info *sta, void *ctx) 643 { 644 if (sta && (sta->flags & WLAN_STA_WPS)) { 645 ap_sta_deauthenticate(hapd, sta, 646 WLAN_REASON_PREV_AUTH_NOT_VALID); 647 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 648 __func__, MAC2STR(sta->addr)); 649 return 1; 650 } 651 652 return 0; 653 } 654 #endif /* CONFIG_WPS */ 655 656 657 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, 658 int old_vlanid) 659 { 660 #ifndef CONFIG_NO_VLAN 661 const char *iface; 662 struct hostapd_vlan *vlan = NULL; 663 int ret; 664 665 /* 666 * Do not proceed furthur if the vlan id remains same. We do not want 667 * duplicate dynamic vlan entries. 668 */ 669 if (sta->vlan_id == old_vlanid) 670 return 0; 671 672 /* 673 * During 1x reauth, if the vlan id changes, then remove the old id and 674 * proceed furthur to add the new one. 675 */ 676 if (old_vlanid > 0) 677 vlan_remove_dynamic(hapd, old_vlanid); 678 679 iface = hapd->conf->iface; 680 if (sta->ssid->vlan[0]) 681 iface = sta->ssid->vlan; 682 683 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) 684 sta->vlan_id = 0; 685 else if (sta->vlan_id > 0) { 686 vlan = hapd->conf->vlan; 687 while (vlan) { 688 if (vlan->vlan_id == sta->vlan_id || 689 vlan->vlan_id == VLAN_ID_WILDCARD) { 690 iface = vlan->ifname; 691 break; 692 } 693 vlan = vlan->next; 694 } 695 } 696 697 if (sta->vlan_id > 0 && vlan == NULL) { 698 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 699 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 700 "binding station to (vlan_id=%d)", 701 sta->vlan_id); 702 return -1; 703 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { 704 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); 705 if (vlan == NULL) { 706 hostapd_logger(hapd, sta->addr, 707 HOSTAPD_MODULE_IEEE80211, 708 HOSTAPD_LEVEL_DEBUG, "could not add " 709 "dynamic VLAN interface for vlan_id=%d", 710 sta->vlan_id); 711 return -1; 712 } 713 714 iface = vlan->ifname; 715 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 716 hostapd_logger(hapd, sta->addr, 717 HOSTAPD_MODULE_IEEE80211, 718 HOSTAPD_LEVEL_DEBUG, "could not " 719 "configure encryption for dynamic VLAN " 720 "interface for vlan_id=%d", 721 sta->vlan_id); 722 } 723 724 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 725 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " 726 "interface '%s'", iface); 727 } else if (vlan && vlan->vlan_id == sta->vlan_id) { 728 if (sta->vlan_id > 0) { 729 vlan->dynamic_vlan++; 730 hostapd_logger(hapd, sta->addr, 731 HOSTAPD_MODULE_IEEE80211, 732 HOSTAPD_LEVEL_DEBUG, "updated existing " 733 "dynamic VLAN interface '%s'", iface); 734 } 735 736 /* 737 * Update encryption configuration for statically generated 738 * VLAN interface. This is only used for static WEP 739 * configuration for the case where hostapd did not yet know 740 * which keys are to be used when the interface was added. 741 */ 742 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 743 hostapd_logger(hapd, sta->addr, 744 HOSTAPD_MODULE_IEEE80211, 745 HOSTAPD_LEVEL_DEBUG, "could not " 746 "configure encryption for VLAN " 747 "interface for vlan_id=%d", 748 sta->vlan_id); 749 } 750 } 751 752 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 753 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 754 "'%s'", iface); 755 756 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 757 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 758 759 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 760 if (ret < 0) { 761 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 762 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 763 "entry to vlan_id=%d", sta->vlan_id); 764 } 765 return ret; 766 #else /* CONFIG_NO_VLAN */ 767 return 0; 768 #endif /* CONFIG_NO_VLAN */ 769 } 770 771 772 #ifdef CONFIG_IEEE80211W 773 774 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 775 { 776 u32 tu; 777 struct os_time now, passed; 778 os_get_time(&now); 779 os_time_sub(&now, &sta->sa_query_start, &passed); 780 tu = (passed.sec * 1000000 + passed.usec) / 1024; 781 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 782 hostapd_logger(hapd, sta->addr, 783 HOSTAPD_MODULE_IEEE80211, 784 HOSTAPD_LEVEL_DEBUG, 785 "association SA Query timed out"); 786 sta->sa_query_timed_out = 1; 787 os_free(sta->sa_query_trans_id); 788 sta->sa_query_trans_id = NULL; 789 sta->sa_query_count = 0; 790 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 791 return 1; 792 } 793 794 return 0; 795 } 796 797 798 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 799 { 800 struct hostapd_data *hapd = eloop_ctx; 801 struct sta_info *sta = timeout_ctx; 802 unsigned int timeout, sec, usec; 803 u8 *trans_id, *nbuf; 804 805 if (sta->sa_query_count > 0 && 806 ap_check_sa_query_timeout(hapd, sta)) 807 return; 808 809 nbuf = os_realloc_array(sta->sa_query_trans_id, 810 sta->sa_query_count + 1, 811 WLAN_SA_QUERY_TR_ID_LEN); 812 if (nbuf == NULL) 813 return; 814 if (sta->sa_query_count == 0) { 815 /* Starting a new SA Query procedure */ 816 os_get_time(&sta->sa_query_start); 817 } 818 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 819 sta->sa_query_trans_id = nbuf; 820 sta->sa_query_count++; 821 822 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); 823 824 timeout = hapd->conf->assoc_sa_query_retry_timeout; 825 sec = ((timeout / 1000) * 1024) / 1000; 826 usec = (timeout % 1000) * 1024; 827 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 828 829 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 830 HOSTAPD_LEVEL_DEBUG, 831 "association SA Query attempt %d", sta->sa_query_count); 832 833 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 834 } 835 836 837 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 838 { 839 ap_sa_query_timer(hapd, sta); 840 } 841 842 843 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 844 { 845 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 846 os_free(sta->sa_query_trans_id); 847 sta->sa_query_trans_id = NULL; 848 sta->sa_query_count = 0; 849 } 850 851 #endif /* CONFIG_IEEE80211W */ 852 853 854 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 855 int authorized) 856 { 857 const u8 *dev_addr = NULL; 858 #ifdef CONFIG_P2P 859 u8 addr[ETH_ALEN]; 860 #endif /* CONFIG_P2P */ 861 862 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 863 return; 864 865 #ifdef CONFIG_P2P 866 if (hapd->p2p_group == NULL) { 867 if (sta->p2p_ie != NULL && 868 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 869 dev_addr = addr; 870 } else 871 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 872 #endif /* CONFIG_P2P */ 873 874 if (authorized) { 875 if (dev_addr) 876 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED 877 MACSTR " p2p_dev_addr=" MACSTR, 878 MAC2STR(sta->addr), MAC2STR(dev_addr)); 879 else 880 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED 881 MACSTR, MAC2STR(sta->addr)); 882 if (hapd->msg_ctx_parent && 883 hapd->msg_ctx_parent != hapd->msg_ctx && dev_addr) 884 wpa_msg(hapd->msg_ctx_parent, MSG_INFO, 885 AP_STA_CONNECTED MACSTR " p2p_dev_addr=" 886 MACSTR, 887 MAC2STR(sta->addr), MAC2STR(dev_addr)); 888 else if (hapd->msg_ctx_parent && 889 hapd->msg_ctx_parent != hapd->msg_ctx) 890 wpa_msg(hapd->msg_ctx_parent, MSG_INFO, 891 AP_STA_CONNECTED MACSTR, MAC2STR(sta->addr)); 892 893 sta->flags |= WLAN_STA_AUTHORIZED; 894 } else { 895 if (dev_addr) 896 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED 897 MACSTR " p2p_dev_addr=" MACSTR, 898 MAC2STR(sta->addr), MAC2STR(dev_addr)); 899 else 900 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED 901 MACSTR, MAC2STR(sta->addr)); 902 if (hapd->msg_ctx_parent && 903 hapd->msg_ctx_parent != hapd->msg_ctx && dev_addr) 904 wpa_msg(hapd->msg_ctx_parent, MSG_INFO, 905 AP_STA_DISCONNECTED MACSTR " p2p_dev_addr=" 906 MACSTR, MAC2STR(sta->addr), MAC2STR(dev_addr)); 907 else if (hapd->msg_ctx_parent && 908 hapd->msg_ctx_parent != hapd->msg_ctx) 909 wpa_msg(hapd->msg_ctx_parent, MSG_INFO, 910 AP_STA_DISCONNECTED MACSTR, 911 MAC2STR(sta->addr)); 912 sta->flags &= ~WLAN_STA_AUTHORIZED; 913 } 914 915 if (hapd->sta_authorized_cb) 916 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 917 sta->addr, authorized, dev_addr); 918 } 919 920 921 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 922 const u8 *addr, u16 reason) 923 { 924 925 if (sta == NULL && addr) 926 sta = ap_get_sta(hapd, addr); 927 928 if (addr) 929 hostapd_drv_sta_deauth(hapd, addr, reason); 930 931 if (sta == NULL) 932 return; 933 ap_sta_set_authorized(hapd, sta, 0); 934 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 935 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 936 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 937 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 938 "for " MACSTR " (%d seconds - " 939 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 940 __func__, MAC2STR(sta->addr), 941 AP_MAX_INACTIVITY_AFTER_DEAUTH); 942 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 943 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 944 ap_handle_timer, hapd, sta); 945 sta->timeout_next = STA_REMOVE; 946 947 sta->deauth_reason = reason; 948 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 949 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 950 eloop_register_timeout(hapd->iface->drv_flags & 951 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 952 ap_sta_deauth_cb_timeout, hapd, sta); 953 } 954 955 956 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 957 { 958 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 959 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 960 return; 961 } 962 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 963 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 964 ap_sta_deauth_cb_timeout(hapd, sta); 965 } 966 967 968 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 969 { 970 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 971 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 972 return; 973 } 974 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 975 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 976 ap_sta_disassoc_cb_timeout(hapd, sta); 977 } 978