1 /* 2 * hostapd / Callback functions for driver wrappers 3 * Copyright (c) 2002-2013, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "radius/radius.h" 13 #include "drivers/driver.h" 14 #include "common/ieee802_11_defs.h" 15 #include "common/ieee802_11_common.h" 16 #include "common/wpa_ctrl.h" 17 #include "crypto/random.h" 18 #include "p2p/p2p.h" 19 #include "wps/wps.h" 20 #include "wnm_ap.h" 21 #include "hostapd.h" 22 #include "ieee802_11.h" 23 #include "sta_info.h" 24 #include "accounting.h" 25 #include "tkip_countermeasures.h" 26 #include "ieee802_1x.h" 27 #include "wpa_auth.h" 28 #include "wps_hostapd.h" 29 #include "ap_drv_ops.h" 30 #include "ap_config.h" 31 #include "hw_features.h" 32 33 34 int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, 35 const u8 *req_ies, size_t req_ies_len, int reassoc) 36 { 37 struct sta_info *sta; 38 int new_assoc, res; 39 struct ieee802_11_elems elems; 40 const u8 *ie; 41 size_t ielen; 42 #ifdef CONFIG_IEEE80211R 43 u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; 44 u8 *p = buf; 45 #endif /* CONFIG_IEEE80211R */ 46 u16 reason = WLAN_REASON_UNSPECIFIED; 47 u16 status = WLAN_STATUS_SUCCESS; 48 const u8 *p2p_dev_addr = NULL; 49 50 if (addr == NULL) { 51 /* 52 * This could potentially happen with unexpected event from the 53 * driver wrapper. This was seen at least in one case where the 54 * driver ended up being set to station mode while hostapd was 55 * running, so better make sure we stop processing such an 56 * event here. 57 */ 58 wpa_printf(MSG_DEBUG, "hostapd_notif_assoc: Skip event with " 59 "no address"); 60 return -1; 61 } 62 random_add_randomness(addr, ETH_ALEN); 63 64 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 65 HOSTAPD_LEVEL_INFO, "associated"); 66 67 ieee802_11_parse_elems(req_ies, req_ies_len, &elems, 0); 68 if (elems.wps_ie) { 69 ie = elems.wps_ie - 2; 70 ielen = elems.wps_ie_len + 2; 71 wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq"); 72 } else if (elems.rsn_ie) { 73 ie = elems.rsn_ie - 2; 74 ielen = elems.rsn_ie_len + 2; 75 wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq"); 76 } else if (elems.wpa_ie) { 77 ie = elems.wpa_ie - 2; 78 ielen = elems.wpa_ie_len + 2; 79 wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq"); 80 } else { 81 ie = NULL; 82 ielen = 0; 83 wpa_printf(MSG_DEBUG, "STA did not include WPS/RSN/WPA IE in " 84 "(Re)AssocReq"); 85 } 86 87 sta = ap_get_sta(hapd, addr); 88 if (sta) { 89 ap_sta_no_session_timeout(hapd, sta); 90 accounting_sta_stop(hapd, sta); 91 92 /* 93 * Make sure that the previously registered inactivity timer 94 * will not remove the STA immediately. 95 */ 96 sta->timeout_next = STA_NULLFUNC; 97 } else { 98 sta = ap_sta_add(hapd, addr); 99 if (sta == NULL) { 100 hostapd_drv_sta_disassoc(hapd, addr, 101 WLAN_REASON_DISASSOC_AP_BUSY); 102 return -1; 103 } 104 } 105 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); 106 107 #ifdef CONFIG_P2P 108 if (elems.p2p) { 109 wpabuf_free(sta->p2p_ie); 110 sta->p2p_ie = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 111 P2P_IE_VENDOR_TYPE); 112 if (sta->p2p_ie) 113 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 114 } 115 #endif /* CONFIG_P2P */ 116 117 #ifdef CONFIG_HS20 118 wpabuf_free(sta->hs20_ie); 119 if (elems.hs20 && elems.hs20_len > 4) { 120 sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4, 121 elems.hs20_len - 4); 122 } else 123 sta->hs20_ie = NULL; 124 #endif /* CONFIG_HS20 */ 125 126 if (hapd->conf->wpa) { 127 if (ie == NULL || ielen == 0) { 128 #ifdef CONFIG_WPS 129 if (hapd->conf->wps_state) { 130 wpa_printf(MSG_DEBUG, "STA did not include " 131 "WPA/RSN IE in (Re)Association " 132 "Request - possible WPS use"); 133 sta->flags |= WLAN_STA_MAYBE_WPS; 134 goto skip_wpa_check; 135 } 136 #endif /* CONFIG_WPS */ 137 138 wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA"); 139 return -1; 140 } 141 #ifdef CONFIG_WPS 142 if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 && 143 os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) { 144 struct wpabuf *wps; 145 sta->flags |= WLAN_STA_WPS; 146 wps = ieee802_11_vendor_ie_concat(ie, ielen, 147 WPS_IE_VENDOR_TYPE); 148 if (wps) { 149 if (wps_is_20(wps)) { 150 wpa_printf(MSG_DEBUG, "WPS: STA " 151 "supports WPS 2.0"); 152 sta->flags |= WLAN_STA_WPS2; 153 } 154 wpabuf_free(wps); 155 } 156 goto skip_wpa_check; 157 } 158 #endif /* CONFIG_WPS */ 159 160 if (sta->wpa_sm == NULL) 161 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 162 sta->addr, 163 p2p_dev_addr); 164 if (sta->wpa_sm == NULL) { 165 wpa_printf(MSG_ERROR, "Failed to initialize WPA state " 166 "machine"); 167 return -1; 168 } 169 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, 170 ie, ielen, 171 elems.mdie, elems.mdie_len); 172 if (res != WPA_IE_OK) { 173 wpa_printf(MSG_DEBUG, "WPA/RSN information element " 174 "rejected? (res %u)", res); 175 wpa_hexdump(MSG_DEBUG, "IE", ie, ielen); 176 if (res == WPA_INVALID_GROUP) { 177 reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; 178 status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; 179 } else if (res == WPA_INVALID_PAIRWISE) { 180 reason = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID; 181 status = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID; 182 } else if (res == WPA_INVALID_AKMP) { 183 reason = WLAN_REASON_AKMP_NOT_VALID; 184 status = WLAN_STATUS_AKMP_NOT_VALID; 185 } 186 #ifdef CONFIG_IEEE80211W 187 else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) { 188 reason = WLAN_REASON_INVALID_IE; 189 status = WLAN_STATUS_INVALID_IE; 190 } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) { 191 reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; 192 status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; 193 } 194 #endif /* CONFIG_IEEE80211W */ 195 else { 196 reason = WLAN_REASON_INVALID_IE; 197 status = WLAN_STATUS_INVALID_IE; 198 } 199 goto fail; 200 } 201 #ifdef CONFIG_IEEE80211W 202 if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && 203 sta->sa_query_count > 0) 204 ap_check_sa_query_timeout(hapd, sta); 205 if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && 206 (sta->auth_alg != WLAN_AUTH_FT)) { 207 /* 208 * STA has already been associated with MFP and SA 209 * Query timeout has not been reached. Reject the 210 * association attempt temporarily and start SA Query, 211 * if one is not pending. 212 */ 213 214 if (sta->sa_query_count == 0) 215 ap_sta_start_sa_query(hapd, sta); 216 217 #ifdef CONFIG_IEEE80211R 218 status = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY; 219 220 p = hostapd_eid_assoc_comeback_time(hapd, sta, p); 221 222 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, 223 p - buf); 224 #endif /* CONFIG_IEEE80211R */ 225 return 0; 226 } 227 228 if (wpa_auth_uses_mfp(sta->wpa_sm)) 229 sta->flags |= WLAN_STA_MFP; 230 else 231 sta->flags &= ~WLAN_STA_MFP; 232 #endif /* CONFIG_IEEE80211W */ 233 234 #ifdef CONFIG_IEEE80211R 235 if (sta->auth_alg == WLAN_AUTH_FT) { 236 status = wpa_ft_validate_reassoc(sta->wpa_sm, req_ies, 237 req_ies_len); 238 if (status != WLAN_STATUS_SUCCESS) { 239 if (status == WLAN_STATUS_INVALID_PMKID) 240 reason = WLAN_REASON_INVALID_IE; 241 if (status == WLAN_STATUS_INVALID_MDIE) 242 reason = WLAN_REASON_INVALID_IE; 243 if (status == WLAN_STATUS_INVALID_FTIE) 244 reason = WLAN_REASON_INVALID_IE; 245 goto fail; 246 } 247 } 248 #endif /* CONFIG_IEEE80211R */ 249 } else if (hapd->conf->wps_state) { 250 #ifdef CONFIG_WPS 251 struct wpabuf *wps; 252 if (req_ies) 253 wps = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 254 WPS_IE_VENDOR_TYPE); 255 else 256 wps = NULL; 257 #ifdef CONFIG_WPS_STRICT 258 if (wps && wps_validate_assoc_req(wps) < 0) { 259 reason = WLAN_REASON_INVALID_IE; 260 status = WLAN_STATUS_INVALID_IE; 261 wpabuf_free(wps); 262 goto fail; 263 } 264 #endif /* CONFIG_WPS_STRICT */ 265 if (wps) { 266 sta->flags |= WLAN_STA_WPS; 267 if (wps_is_20(wps)) { 268 wpa_printf(MSG_DEBUG, "WPS: STA supports " 269 "WPS 2.0"); 270 sta->flags |= WLAN_STA_WPS2; 271 } 272 } else 273 sta->flags |= WLAN_STA_MAYBE_WPS; 274 wpabuf_free(wps); 275 #endif /* CONFIG_WPS */ 276 } 277 #ifdef CONFIG_WPS 278 skip_wpa_check: 279 #endif /* CONFIG_WPS */ 280 281 #ifdef CONFIG_IEEE80211R 282 p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, buf, sizeof(buf), 283 sta->auth_alg, req_ies, req_ies_len); 284 285 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 286 #else /* CONFIG_IEEE80211R */ 287 /* Keep compiler silent about unused variables */ 288 if (status) { 289 } 290 #endif /* CONFIG_IEEE80211R */ 291 292 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; 293 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 294 295 if (reassoc && (sta->auth_alg == WLAN_AUTH_FT)) 296 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT); 297 else 298 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC); 299 300 hostapd_new_assoc_sta(hapd, sta, !new_assoc); 301 302 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); 303 304 #ifdef CONFIG_P2P 305 if (req_ies) { 306 p2p_group_notif_assoc(hapd->p2p_group, sta->addr, 307 req_ies, req_ies_len); 308 } 309 #endif /* CONFIG_P2P */ 310 311 return 0; 312 313 fail: 314 #ifdef CONFIG_IEEE80211R 315 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 316 #endif /* CONFIG_IEEE80211R */ 317 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 318 ap_free_sta(hapd, sta); 319 return -1; 320 } 321 322 323 void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr) 324 { 325 struct sta_info *sta; 326 327 if (addr == NULL) { 328 /* 329 * This could potentially happen with unexpected event from the 330 * driver wrapper. This was seen at least in one case where the 331 * driver ended up reporting a station mode event while hostapd 332 * was running, so better make sure we stop processing such an 333 * event here. 334 */ 335 wpa_printf(MSG_DEBUG, "hostapd_notif_disassoc: Skip event " 336 "with no address"); 337 return; 338 } 339 340 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 341 HOSTAPD_LEVEL_INFO, "disassociated"); 342 343 sta = ap_get_sta(hapd, addr); 344 if (sta == NULL) { 345 wpa_printf(MSG_DEBUG, "Disassociation notification for " 346 "unknown STA " MACSTR, MAC2STR(addr)); 347 return; 348 } 349 350 ap_sta_set_authorized(hapd, sta, 0); 351 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 352 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC); 353 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; 354 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 355 ap_free_sta(hapd, sta); 356 } 357 358 359 void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr) 360 { 361 struct sta_info *sta = ap_get_sta(hapd, addr); 362 363 if (!sta || !hapd->conf->disassoc_low_ack) 364 return; 365 366 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 367 HOSTAPD_LEVEL_INFO, "disconnected due to excessive " 368 "missing ACKs"); 369 hostapd_drv_sta_disassoc(hapd, addr, WLAN_REASON_DISASSOC_LOW_ACK); 370 if (sta) 371 ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK); 372 } 373 374 375 void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht, 376 int offset) 377 { 378 #ifdef NEED_AP_MLME 379 int channel; 380 381 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 382 HOSTAPD_LEVEL_INFO, "driver had channel switch: " 383 "freq=%d, ht=%d, offset=%d", freq, ht, offset); 384 385 hapd->iface->freq = freq; 386 387 channel = hostapd_hw_get_channel(hapd, freq); 388 if (!channel) { 389 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 390 HOSTAPD_LEVEL_WARNING, "driver switched to " 391 "bad channel!"); 392 return; 393 } 394 395 hapd->iconf->channel = channel; 396 hapd->iconf->ieee80211n = ht; 397 hapd->iconf->secondary_channel = offset; 398 #endif /* NEED_AP_MLME */ 399 } 400 401 402 void hostapd_event_connect_failed_reason(struct hostapd_data *hapd, 403 const u8 *addr, int reason_code) 404 { 405 switch (reason_code) { 406 case MAX_CLIENT_REACHED: 407 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_MAX_STA MACSTR, 408 MAC2STR(addr)); 409 break; 410 case BLOCKED_CLIENT: 411 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_BLOCKED_STA MACSTR, 412 MAC2STR(addr)); 413 break; 414 } 415 } 416 417 418 int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa, const u8 *da, 419 const u8 *bssid, const u8 *ie, size_t ie_len, 420 int ssi_signal) 421 { 422 size_t i; 423 int ret = 0; 424 425 if (sa == NULL || ie == NULL) 426 return -1; 427 428 random_add_randomness(sa, ETH_ALEN); 429 for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) { 430 if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx, 431 sa, da, bssid, ie, ie_len, 432 ssi_signal) > 0) { 433 ret = 1; 434 break; 435 } 436 } 437 return ret; 438 } 439 440 441 #ifdef HOSTAPD 442 443 #ifdef CONFIG_IEEE80211R 444 static void hostapd_notify_auth_ft_finish(void *ctx, const u8 *dst, 445 const u8 *bssid, 446 u16 auth_transaction, u16 status, 447 const u8 *ies, size_t ies_len) 448 { 449 struct hostapd_data *hapd = ctx; 450 struct sta_info *sta; 451 452 sta = ap_get_sta(hapd, dst); 453 if (sta == NULL) 454 return; 455 456 hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211, 457 HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)"); 458 sta->flags |= WLAN_STA_AUTH; 459 460 hostapd_sta_auth(hapd, dst, auth_transaction, status, ies, ies_len); 461 } 462 #endif /* CONFIG_IEEE80211R */ 463 464 465 static void hostapd_notif_auth(struct hostapd_data *hapd, 466 struct auth_info *rx_auth) 467 { 468 struct sta_info *sta; 469 u16 status = WLAN_STATUS_SUCCESS; 470 u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; 471 size_t resp_ies_len = 0; 472 473 sta = ap_get_sta(hapd, rx_auth->peer); 474 if (!sta) { 475 sta = ap_sta_add(hapd, rx_auth->peer); 476 if (sta == NULL) { 477 status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; 478 goto fail; 479 } 480 } 481 sta->flags &= ~WLAN_STA_PREAUTH; 482 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0); 483 #ifdef CONFIG_IEEE80211R 484 if (rx_auth->auth_type == WLAN_AUTH_FT && hapd->wpa_auth) { 485 sta->auth_alg = WLAN_AUTH_FT; 486 if (sta->wpa_sm == NULL) 487 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 488 sta->addr, NULL); 489 if (sta->wpa_sm == NULL) { 490 wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA " 491 "state machine"); 492 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 493 goto fail; 494 } 495 wpa_ft_process_auth(sta->wpa_sm, rx_auth->bssid, 496 rx_auth->auth_transaction, rx_auth->ies, 497 rx_auth->ies_len, 498 hostapd_notify_auth_ft_finish, hapd); 499 return; 500 } 501 #endif /* CONFIG_IEEE80211R */ 502 fail: 503 hostapd_sta_auth(hapd, rx_auth->peer, rx_auth->auth_transaction + 1, 504 status, resp_ies, resp_ies_len); 505 } 506 507 508 static void hostapd_action_rx(struct hostapd_data *hapd, 509 struct rx_action *action) 510 { 511 struct sta_info *sta; 512 513 wpa_printf(MSG_DEBUG, "RX_ACTION cat %d action plen %d", 514 action->category, (int) action->len); 515 516 sta = ap_get_sta(hapd, action->sa); 517 if (sta == NULL) { 518 wpa_printf(MSG_DEBUG, "%s: station not found", __func__); 519 return; 520 } 521 #ifdef CONFIG_IEEE80211R 522 if (action->category == WLAN_ACTION_FT) { 523 wpa_printf(MSG_DEBUG, "%s: FT_ACTION length %d", 524 __func__, (int) action->len); 525 wpa_ft_action_rx(sta->wpa_sm, action->data, action->len); 526 } 527 #endif /* CONFIG_IEEE80211R */ 528 #ifdef CONFIG_IEEE80211W 529 if (action->category == WLAN_ACTION_SA_QUERY && action->len >= 4) { 530 wpa_printf(MSG_DEBUG, "%s: SA_QUERY_ACTION length %d", 531 __func__, (int) action->len); 532 ieee802_11_sa_query_action(hapd, action->sa, 533 *(action->data + 1), 534 action->data + 2); 535 } 536 #endif /* CONFIG_IEEE80211W */ 537 #ifdef CONFIG_WNM 538 if (action->category == WLAN_ACTION_WNM) { 539 wpa_printf(MSG_DEBUG, "%s: WNM_ACTION length %d", 540 __func__, (int) action->len); 541 ieee802_11_rx_wnm_action_ap(hapd, action); 542 } 543 #endif /* CONFIG_WNM */ 544 } 545 546 547 #ifdef NEED_AP_MLME 548 549 #define HAPD_BROADCAST ((struct hostapd_data *) -1) 550 551 static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface, 552 const u8 *bssid) 553 { 554 size_t i; 555 556 if (bssid == NULL) 557 return NULL; 558 if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff && 559 bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff) 560 return HAPD_BROADCAST; 561 562 for (i = 0; i < iface->num_bss; i++) { 563 if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0) 564 return iface->bss[i]; 565 } 566 567 return NULL; 568 } 569 570 571 static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd, 572 const u8 *bssid, const u8 *addr, 573 int wds) 574 { 575 hapd = get_hapd_bssid(hapd->iface, bssid); 576 if (hapd == NULL || hapd == HAPD_BROADCAST) 577 return; 578 579 ieee802_11_rx_from_unknown(hapd, addr, wds); 580 } 581 582 583 static void hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) 584 { 585 struct hostapd_iface *iface = hapd->iface; 586 const struct ieee80211_hdr *hdr; 587 const u8 *bssid; 588 struct hostapd_frame_info fi; 589 590 hdr = (const struct ieee80211_hdr *) rx_mgmt->frame; 591 bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len); 592 if (bssid == NULL) 593 return; 594 595 hapd = get_hapd_bssid(iface, bssid); 596 if (hapd == NULL) { 597 u16 fc; 598 fc = le_to_host16(hdr->frame_control); 599 600 /* 601 * Drop frames to unknown BSSIDs except for Beacon frames which 602 * could be used to update neighbor information. 603 */ 604 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 605 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 606 hapd = iface->bss[0]; 607 else 608 return; 609 } 610 611 os_memset(&fi, 0, sizeof(fi)); 612 fi.datarate = rx_mgmt->datarate; 613 fi.ssi_signal = rx_mgmt->ssi_signal; 614 615 if (hapd == HAPD_BROADCAST) { 616 size_t i; 617 for (i = 0; i < iface->num_bss; i++) 618 ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame, 619 rx_mgmt->frame_len, &fi); 620 } else 621 ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, &fi); 622 623 random_add_randomness(&fi, sizeof(fi)); 624 } 625 626 627 static void hostapd_rx_action(struct hostapd_data *hapd, 628 struct rx_action *rx_action) 629 { 630 struct rx_mgmt rx_mgmt; 631 u8 *buf; 632 struct ieee80211_hdr *hdr; 633 634 wpa_printf(MSG_DEBUG, "EVENT_RX_ACTION DA=" MACSTR " SA=" MACSTR 635 " BSSID=" MACSTR " category=%u", 636 MAC2STR(rx_action->da), MAC2STR(rx_action->sa), 637 MAC2STR(rx_action->bssid), rx_action->category); 638 wpa_hexdump(MSG_MSGDUMP, "Received action frame contents", 639 rx_action->data, rx_action->len); 640 641 buf = os_zalloc(24 + 1 + rx_action->len); 642 if (buf == NULL) 643 return; 644 hdr = (struct ieee80211_hdr *) buf; 645 hdr->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 646 WLAN_FC_STYPE_ACTION); 647 if (rx_action->category == WLAN_ACTION_SA_QUERY) { 648 /* 649 * Assume frame was protected; it would have been dropped if 650 * not. 651 */ 652 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP); 653 } 654 os_memcpy(hdr->addr1, rx_action->da, ETH_ALEN); 655 os_memcpy(hdr->addr2, rx_action->sa, ETH_ALEN); 656 os_memcpy(hdr->addr3, rx_action->bssid, ETH_ALEN); 657 buf[24] = rx_action->category; 658 os_memcpy(buf + 24 + 1, rx_action->data, rx_action->len); 659 os_memset(&rx_mgmt, 0, sizeof(rx_mgmt)); 660 rx_mgmt.frame = buf; 661 rx_mgmt.frame_len = 24 + 1 + rx_action->len; 662 hostapd_mgmt_rx(hapd, &rx_mgmt); 663 os_free(buf); 664 } 665 666 667 static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, 668 size_t len, u16 stype, int ok) 669 { 670 struct ieee80211_hdr *hdr; 671 hdr = (struct ieee80211_hdr *) buf; 672 hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); 673 if (hapd == NULL || hapd == HAPD_BROADCAST) 674 return; 675 ieee802_11_mgmt_cb(hapd, buf, len, stype, ok); 676 } 677 678 #endif /* NEED_AP_MLME */ 679 680 681 static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) 682 { 683 struct sta_info *sta = ap_get_sta(hapd, addr); 684 if (sta) 685 return 0; 686 687 wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR 688 " - adding a new STA", MAC2STR(addr)); 689 sta = ap_sta_add(hapd, addr); 690 if (sta) { 691 hostapd_new_assoc_sta(hapd, sta, 0); 692 } else { 693 wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR, 694 MAC2STR(addr)); 695 return -1; 696 } 697 698 return 0; 699 } 700 701 702 static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, 703 const u8 *data, size_t data_len) 704 { 705 struct hostapd_iface *iface = hapd->iface; 706 struct sta_info *sta; 707 size_t j; 708 709 for (j = 0; j < iface->num_bss; j++) { 710 if ((sta = ap_get_sta(iface->bss[j], src))) { 711 if (sta->flags & WLAN_STA_ASSOC) { 712 hapd = iface->bss[j]; 713 break; 714 } 715 } 716 } 717 718 ieee802_1x_receive(hapd, src, data, data_len); 719 } 720 721 722 static struct hostapd_channel_data * hostapd_get_mode_channel( 723 struct hostapd_iface *iface, unsigned int freq) 724 { 725 int i; 726 struct hostapd_channel_data *chan; 727 728 for (i = 0; i < iface->current_mode->num_channels; i++) { 729 chan = &iface->current_mode->channels[i]; 730 if (!chan) 731 return NULL; 732 if ((unsigned int) chan->freq == freq) 733 return chan; 734 } 735 736 return NULL; 737 } 738 739 740 static void hostapd_update_nf(struct hostapd_iface *iface, 741 struct hostapd_channel_data *chan, 742 struct freq_survey *survey) 743 { 744 if (!iface->chans_surveyed) { 745 chan->min_nf = survey->nf; 746 iface->lowest_nf = survey->nf; 747 } else { 748 if (dl_list_empty(&chan->survey_list)) 749 chan->min_nf = survey->nf; 750 else if (survey->nf < chan->min_nf) 751 chan->min_nf = survey->nf; 752 if (survey->nf < iface->lowest_nf) 753 iface->lowest_nf = survey->nf; 754 } 755 } 756 757 758 static void hostapd_event_get_survey(struct hostapd_data *hapd, 759 struct survey_results *survey_results) 760 { 761 struct hostapd_iface *iface = hapd->iface; 762 struct freq_survey *survey, *tmp; 763 struct hostapd_channel_data *chan; 764 765 if (dl_list_empty(&survey_results->survey_list)) { 766 wpa_printf(MSG_DEBUG, "No survey data received"); 767 return; 768 } 769 770 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 771 struct freq_survey, list) { 772 chan = hostapd_get_mode_channel(iface, survey->freq); 773 if (!chan) 774 continue; 775 if (chan->flag & HOSTAPD_CHAN_DISABLED) 776 continue; 777 778 dl_list_del(&survey->list); 779 dl_list_add_tail(&chan->survey_list, &survey->list); 780 781 hostapd_update_nf(iface, chan, survey); 782 783 iface->chans_surveyed++; 784 } 785 } 786 787 788 void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 789 union wpa_event_data *data) 790 { 791 struct hostapd_data *hapd = ctx; 792 #ifndef CONFIG_NO_STDOUT_DEBUG 793 int level = MSG_DEBUG; 794 795 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame && 796 data->rx_mgmt.frame_len >= 24) { 797 const struct ieee80211_hdr *hdr; 798 u16 fc; 799 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame; 800 fc = le_to_host16(hdr->frame_control); 801 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 802 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 803 level = MSG_EXCESSIVE; 804 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 805 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_REQ) 806 level = MSG_EXCESSIVE; 807 } 808 809 wpa_dbg(hapd->msg_ctx, level, "Event %s (%d) received", 810 event_to_string(event), event); 811 #endif /* CONFIG_NO_STDOUT_DEBUG */ 812 813 switch (event) { 814 case EVENT_MICHAEL_MIC_FAILURE: 815 michael_mic_failure(hapd, data->michael_mic_failure.src, 1); 816 break; 817 case EVENT_SCAN_RESULTS: 818 if (hapd->iface->scan_cb) 819 hapd->iface->scan_cb(hapd->iface); 820 break; 821 #ifdef CONFIG_IEEE80211R 822 case EVENT_FT_RRB_RX: 823 wpa_ft_rrb_rx(hapd->wpa_auth, data->ft_rrb_rx.src, 824 data->ft_rrb_rx.data, data->ft_rrb_rx.data_len); 825 break; 826 #endif /* CONFIG_IEEE80211R */ 827 case EVENT_WPS_BUTTON_PUSHED: 828 hostapd_wps_button_pushed(hapd, NULL); 829 break; 830 #ifdef NEED_AP_MLME 831 case EVENT_TX_STATUS: 832 switch (data->tx_status.type) { 833 case WLAN_FC_TYPE_MGMT: 834 hostapd_mgmt_tx_cb(hapd, data->tx_status.data, 835 data->tx_status.data_len, 836 data->tx_status.stype, 837 data->tx_status.ack); 838 break; 839 case WLAN_FC_TYPE_DATA: 840 hostapd_tx_status(hapd, data->tx_status.dst, 841 data->tx_status.data, 842 data->tx_status.data_len, 843 data->tx_status.ack); 844 break; 845 } 846 break; 847 case EVENT_EAPOL_TX_STATUS: 848 hostapd_eapol_tx_status(hapd, data->eapol_tx_status.dst, 849 data->eapol_tx_status.data, 850 data->eapol_tx_status.data_len, 851 data->eapol_tx_status.ack); 852 break; 853 case EVENT_DRIVER_CLIENT_POLL_OK: 854 hostapd_client_poll_ok(hapd, data->client_poll.addr); 855 break; 856 case EVENT_RX_FROM_UNKNOWN: 857 hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.bssid, 858 data->rx_from_unknown.addr, 859 data->rx_from_unknown.wds); 860 break; 861 case EVENT_RX_MGMT: 862 hostapd_mgmt_rx(hapd, &data->rx_mgmt); 863 break; 864 #endif /* NEED_AP_MLME */ 865 case EVENT_RX_PROBE_REQ: 866 if (data->rx_probe_req.sa == NULL || 867 data->rx_probe_req.ie == NULL) 868 break; 869 hostapd_probe_req_rx(hapd, data->rx_probe_req.sa, 870 data->rx_probe_req.da, 871 data->rx_probe_req.bssid, 872 data->rx_probe_req.ie, 873 data->rx_probe_req.ie_len, 874 data->rx_probe_req.ssi_signal); 875 break; 876 case EVENT_NEW_STA: 877 hostapd_event_new_sta(hapd, data->new_sta.addr); 878 break; 879 case EVENT_EAPOL_RX: 880 hostapd_event_eapol_rx(hapd, data->eapol_rx.src, 881 data->eapol_rx.data, 882 data->eapol_rx.data_len); 883 break; 884 case EVENT_ASSOC: 885 hostapd_notif_assoc(hapd, data->assoc_info.addr, 886 data->assoc_info.req_ies, 887 data->assoc_info.req_ies_len, 888 data->assoc_info.reassoc); 889 break; 890 case EVENT_DISASSOC: 891 if (data) 892 hostapd_notif_disassoc(hapd, data->disassoc_info.addr); 893 break; 894 case EVENT_DEAUTH: 895 if (data) 896 hostapd_notif_disassoc(hapd, data->deauth_info.addr); 897 break; 898 case EVENT_STATION_LOW_ACK: 899 if (!data) 900 break; 901 hostapd_event_sta_low_ack(hapd, data->low_ack.addr); 902 break; 903 case EVENT_RX_ACTION: 904 if (data->rx_action.da == NULL || data->rx_action.sa == NULL || 905 data->rx_action.bssid == NULL) 906 break; 907 #ifdef NEED_AP_MLME 908 hostapd_rx_action(hapd, &data->rx_action); 909 #endif /* NEED_AP_MLME */ 910 hostapd_action_rx(hapd, &data->rx_action); 911 break; 912 case EVENT_AUTH: 913 hostapd_notif_auth(hapd, &data->auth); 914 break; 915 case EVENT_CH_SWITCH: 916 if (!data) 917 break; 918 hostapd_event_ch_switch(hapd, data->ch_switch.freq, 919 data->ch_switch.ht_enabled, 920 data->ch_switch.ch_offset); 921 break; 922 case EVENT_CONNECT_FAILED_REASON: 923 if (!data) 924 break; 925 hostapd_event_connect_failed_reason( 926 hapd, data->connect_failed_reason.addr, 927 data->connect_failed_reason.code); 928 break; 929 case EVENT_SURVEY: 930 hostapd_event_get_survey(hapd, &data->survey_results); 931 break; 932 default: 933 wpa_printf(MSG_DEBUG, "Unknown event %d", event); 934 break; 935 } 936 } 937 938 #endif /* HOSTAPD */ 939
