1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2013, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "common/ieee802_11_defs.h" 14 #include "common/wpa_ctrl.h" 15 #include "common/sae.h" 16 #include "radius/radius.h" 17 #include "radius/radius_client.h" 18 #include "drivers/driver.h" 19 #include "p2p/p2p.h" 20 #include "hostapd.h" 21 #include "accounting.h" 22 #include "ieee802_1x.h" 23 #include "ieee802_11.h" 24 #include "ieee802_11_auth.h" 25 #include "wpa_auth.h" 26 #include "preauth_auth.h" 27 #include "ap_config.h" 28 #include "beacon.h" 29 #include "ap_mlme.h" 30 #include "vlan_init.h" 31 #include "p2p_hostapd.h" 32 #include "ap_drv_ops.h" 33 #include "gas_serv.h" 34 #include "sta_info.h" 35 36 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 37 struct sta_info *sta); 38 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 39 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 40 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 41 #ifdef CONFIG_IEEE80211W 42 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 43 #endif /* CONFIG_IEEE80211W */ 44 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 45 46 int ap_for_each_sta(struct hostapd_data *hapd, 47 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 48 void *ctx), 49 void *ctx) 50 { 51 struct sta_info *sta; 52 53 for (sta = hapd->sta_list; sta; sta = sta->next) { 54 if (cb(hapd, sta, ctx)) 55 return 1; 56 } 57 58 return 0; 59 } 60 61 62 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 63 { 64 struct sta_info *s; 65 66 s = hapd->sta_hash[STA_HASH(sta)]; 67 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 68 s = s->hnext; 69 return s; 70 } 71 72 73 #ifdef CONFIG_P2P 74 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) 75 { 76 struct sta_info *sta; 77 78 for (sta = hapd->sta_list; sta; sta = sta->next) { 79 const u8 *p2p_dev_addr; 80 81 if (sta->p2p_ie == NULL) 82 continue; 83 84 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 85 if (p2p_dev_addr == NULL) 86 continue; 87 88 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) 89 return sta; 90 } 91 92 return NULL; 93 } 94 #endif /* CONFIG_P2P */ 95 96 97 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 98 { 99 struct sta_info *tmp; 100 101 if (hapd->sta_list == sta) { 102 hapd->sta_list = sta->next; 103 return; 104 } 105 106 tmp = hapd->sta_list; 107 while (tmp != NULL && tmp->next != sta) 108 tmp = tmp->next; 109 if (tmp == NULL) { 110 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 111 "list.", MAC2STR(sta->addr)); 112 } else 113 tmp->next = sta->next; 114 } 115 116 117 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 118 { 119 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 120 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 121 } 122 123 124 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 125 { 126 struct sta_info *s; 127 128 s = hapd->sta_hash[STA_HASH(sta->addr)]; 129 if (s == NULL) return; 130 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 131 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 132 return; 133 } 134 135 while (s->hnext != NULL && 136 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 137 s = s->hnext; 138 if (s->hnext != NULL) 139 s->hnext = s->hnext->hnext; 140 else 141 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 142 " from hash table", MAC2STR(sta->addr)); 143 } 144 145 146 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 147 { 148 int set_beacon = 0; 149 150 accounting_sta_stop(hapd, sta); 151 152 /* just in case */ 153 ap_sta_set_authorized(hapd, sta, 0); 154 155 if (sta->flags & WLAN_STA_WDS) 156 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 157 158 if (!(sta->flags & WLAN_STA_PREAUTH)) 159 hostapd_drv_sta_remove(hapd, sta->addr); 160 161 ap_sta_hash_del(hapd, sta); 162 ap_sta_list_del(hapd, sta); 163 164 if (sta->aid > 0) 165 hapd->sta_aid[(sta->aid - 1) / 32] &= 166 ~BIT((sta->aid - 1) % 32); 167 168 hapd->num_sta--; 169 if (sta->nonerp_set) { 170 sta->nonerp_set = 0; 171 hapd->iface->num_sta_non_erp--; 172 if (hapd->iface->num_sta_non_erp == 0) 173 set_beacon++; 174 } 175 176 if (sta->no_short_slot_time_set) { 177 sta->no_short_slot_time_set = 0; 178 hapd->iface->num_sta_no_short_slot_time--; 179 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 180 && hapd->iface->num_sta_no_short_slot_time == 0) 181 set_beacon++; 182 } 183 184 if (sta->no_short_preamble_set) { 185 sta->no_short_preamble_set = 0; 186 hapd->iface->num_sta_no_short_preamble--; 187 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 188 && hapd->iface->num_sta_no_short_preamble == 0) 189 set_beacon++; 190 } 191 192 if (sta->no_ht_gf_set) { 193 sta->no_ht_gf_set = 0; 194 hapd->iface->num_sta_ht_no_gf--; 195 } 196 197 if (sta->no_ht_set) { 198 sta->no_ht_set = 0; 199 hapd->iface->num_sta_no_ht--; 200 } 201 202 if (sta->ht_20mhz_set) { 203 sta->ht_20mhz_set = 0; 204 hapd->iface->num_sta_ht_20mhz--; 205 } 206 207 #ifdef CONFIG_P2P 208 if (sta->no_p2p_set) { 209 sta->no_p2p_set = 0; 210 hapd->num_sta_no_p2p--; 211 if (hapd->num_sta_no_p2p == 0) 212 hostapd_p2p_non_p2p_sta_disconnected(hapd); 213 } 214 #endif /* CONFIG_P2P */ 215 216 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 217 if (hostapd_ht_operation_update(hapd->iface) > 0) 218 set_beacon++; 219 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 220 221 if (set_beacon) 222 ieee802_11_set_beacons(hapd->iface); 223 224 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 225 __func__, MAC2STR(sta->addr)); 226 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 227 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 228 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 229 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 230 231 ieee802_1x_free_station(sta); 232 wpa_auth_sta_deinit(sta->wpa_sm); 233 rsn_preauth_free_station(hapd, sta); 234 #ifndef CONFIG_NO_RADIUS 235 radius_client_flush_auth(hapd->radius, sta->addr); 236 #endif /* CONFIG_NO_RADIUS */ 237 238 os_free(sta->last_assoc_req); 239 os_free(sta->challenge); 240 241 #ifdef CONFIG_IEEE80211W 242 os_free(sta->sa_query_trans_id); 243 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 244 #endif /* CONFIG_IEEE80211W */ 245 246 #ifdef CONFIG_P2P 247 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 248 #endif /* CONFIG_P2P */ 249 250 #ifdef CONFIG_INTERWORKING 251 if (sta->gas_dialog) { 252 int i; 253 for (i = 0; i < GAS_DIALOG_MAX; i++) 254 gas_serv_dialog_clear(&sta->gas_dialog[i]); 255 os_free(sta->gas_dialog); 256 } 257 #endif /* CONFIG_INTERWORKING */ 258 259 wpabuf_free(sta->wps_ie); 260 wpabuf_free(sta->p2p_ie); 261 wpabuf_free(sta->hs20_ie); 262 263 os_free(sta->ht_capabilities); 264 hostapd_free_psk_list(sta->psk); 265 os_free(sta->identity); 266 os_free(sta->radius_cui); 267 268 #ifdef CONFIG_SAE 269 sae_clear_data(sta->sae); 270 os_free(sta->sae); 271 #endif /* CONFIG_SAE */ 272 273 os_free(sta); 274 } 275 276 277 void hostapd_free_stas(struct hostapd_data *hapd) 278 { 279 struct sta_info *sta, *prev; 280 281 sta = hapd->sta_list; 282 283 while (sta) { 284 prev = sta; 285 if (sta->flags & WLAN_STA_AUTH) { 286 mlme_deauthenticate_indication( 287 hapd, sta, WLAN_REASON_UNSPECIFIED); 288 } 289 sta = sta->next; 290 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 291 MAC2STR(prev->addr)); 292 ap_free_sta(hapd, prev); 293 } 294 } 295 296 297 /** 298 * ap_handle_timer - Per STA timer handler 299 * @eloop_ctx: struct hostapd_data * 300 * @timeout_ctx: struct sta_info * 301 * 302 * This function is called to check station activity and to remove inactive 303 * stations. 304 */ 305 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 306 { 307 struct hostapd_data *hapd = eloop_ctx; 308 struct sta_info *sta = timeout_ctx; 309 unsigned long next_time = 0; 310 int reason; 311 312 wpa_printf(MSG_DEBUG, "%s: " MACSTR " flags=0x%x timeout_next=%d", 313 __func__, MAC2STR(sta->addr), sta->flags, 314 sta->timeout_next); 315 if (sta->timeout_next == STA_REMOVE) { 316 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 317 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 318 "local deauth request"); 319 ap_free_sta(hapd, sta); 320 return; 321 } 322 323 if ((sta->flags & WLAN_STA_ASSOC) && 324 (sta->timeout_next == STA_NULLFUNC || 325 sta->timeout_next == STA_DISASSOC)) { 326 int inactive_sec; 327 /* 328 * Add random value to timeout so that we don't end up bouncing 329 * all stations at the same time if we have lots of associated 330 * stations that are idle (but keep re-associating). 331 */ 332 int fuzz = os_random() % 20; 333 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 334 if (inactive_sec == -1) { 335 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 336 "Check inactivity: Could not " 337 "get station info from kernel driver for " 338 MACSTR, MAC2STR(sta->addr)); 339 /* 340 * The driver may not support this functionality. 341 * Anyway, try again after the next inactivity timeout, 342 * but do not disconnect the station now. 343 */ 344 next_time = hapd->conf->ap_max_inactivity + fuzz; 345 } else if (inactive_sec < hapd->conf->ap_max_inactivity && 346 sta->flags & WLAN_STA_ASSOC) { 347 /* station activity detected; reset timeout state */ 348 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 349 "Station " MACSTR " has been active %is ago", 350 MAC2STR(sta->addr), inactive_sec); 351 sta->timeout_next = STA_NULLFUNC; 352 next_time = hapd->conf->ap_max_inactivity + fuzz - 353 inactive_sec; 354 } else { 355 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 356 "Station " MACSTR " has been " 357 "inactive too long: %d sec, max allowed: %d", 358 MAC2STR(sta->addr), inactive_sec, 359 hapd->conf->ap_max_inactivity); 360 361 if (hapd->conf->skip_inactivity_poll) 362 sta->timeout_next = STA_DISASSOC; 363 } 364 } 365 366 if ((sta->flags & WLAN_STA_ASSOC) && 367 sta->timeout_next == STA_DISASSOC && 368 !(sta->flags & WLAN_STA_PENDING_POLL) && 369 !hapd->conf->skip_inactivity_poll) { 370 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 371 " has ACKed data poll", MAC2STR(sta->addr)); 372 /* data nullfunc frame poll did not produce TX errors; assume 373 * station ACKed it */ 374 sta->timeout_next = STA_NULLFUNC; 375 next_time = hapd->conf->ap_max_inactivity; 376 } 377 378 if (next_time) { 379 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 380 "for " MACSTR " (%lu seconds)", 381 __func__, MAC2STR(sta->addr), next_time); 382 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 383 sta); 384 return; 385 } 386 387 if (sta->timeout_next == STA_NULLFUNC && 388 (sta->flags & WLAN_STA_ASSOC)) { 389 wpa_printf(MSG_DEBUG, " Polling STA"); 390 sta->flags |= WLAN_STA_PENDING_POLL; 391 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 392 sta->flags & WLAN_STA_WMM); 393 } else if (sta->timeout_next != STA_REMOVE) { 394 int deauth = sta->timeout_next == STA_DEAUTH; 395 396 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 397 "Timeout, sending %s info to STA " MACSTR, 398 deauth ? "deauthentication" : "disassociation", 399 MAC2STR(sta->addr)); 400 401 if (deauth) { 402 hostapd_drv_sta_deauth( 403 hapd, sta->addr, 404 WLAN_REASON_PREV_AUTH_NOT_VALID); 405 } else { 406 reason = (sta->timeout_next == STA_DISASSOC) ? 407 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 408 WLAN_REASON_PREV_AUTH_NOT_VALID; 409 410 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 411 } 412 } 413 414 switch (sta->timeout_next) { 415 case STA_NULLFUNC: 416 sta->timeout_next = STA_DISASSOC; 417 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 418 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 419 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 420 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 421 hapd, sta); 422 break; 423 case STA_DISASSOC: 424 case STA_DISASSOC_FROM_CLI: 425 ap_sta_set_authorized(hapd, sta, 0); 426 sta->flags &= ~WLAN_STA_ASSOC; 427 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 428 if (!sta->acct_terminate_cause) 429 sta->acct_terminate_cause = 430 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 431 accounting_sta_stop(hapd, sta); 432 ieee802_1x_free_station(sta); 433 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 434 HOSTAPD_LEVEL_INFO, "disassociated due to " 435 "inactivity"); 436 reason = (sta->timeout_next == STA_DISASSOC) ? 437 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 438 WLAN_REASON_PREV_AUTH_NOT_VALID; 439 sta->timeout_next = STA_DEAUTH; 440 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 441 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 442 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 443 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 444 hapd, sta); 445 mlme_disassociate_indication(hapd, sta, reason); 446 break; 447 case STA_DEAUTH: 448 case STA_REMOVE: 449 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 450 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 451 "inactivity (timer DEAUTH/REMOVE)"); 452 if (!sta->acct_terminate_cause) 453 sta->acct_terminate_cause = 454 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 455 mlme_deauthenticate_indication( 456 hapd, sta, 457 WLAN_REASON_PREV_AUTH_NOT_VALID); 458 ap_free_sta(hapd, sta); 459 break; 460 } 461 } 462 463 464 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 465 { 466 struct hostapd_data *hapd = eloop_ctx; 467 struct sta_info *sta = timeout_ctx; 468 u8 addr[ETH_ALEN]; 469 470 if (!(sta->flags & WLAN_STA_AUTH)) { 471 if (sta->flags & WLAN_STA_GAS) { 472 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 473 "entry " MACSTR, MAC2STR(sta->addr)); 474 ap_free_sta(hapd, sta); 475 } 476 return; 477 } 478 479 mlme_deauthenticate_indication(hapd, sta, 480 WLAN_REASON_PREV_AUTH_NOT_VALID); 481 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 482 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 483 "session timeout"); 484 sta->acct_terminate_cause = 485 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 486 os_memcpy(addr, sta->addr, ETH_ALEN); 487 ap_free_sta(hapd, sta); 488 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); 489 } 490 491 492 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 493 u32 session_timeout) 494 { 495 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 496 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 497 "seconds", session_timeout); 498 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 499 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 500 hapd, sta); 501 } 502 503 504 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 505 { 506 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 507 } 508 509 510 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 511 { 512 struct sta_info *sta; 513 514 sta = ap_get_sta(hapd, addr); 515 if (sta) 516 return sta; 517 518 wpa_printf(MSG_DEBUG, " New STA"); 519 if (hapd->num_sta >= hapd->conf->max_num_sta) { 520 /* FIX: might try to remove some old STAs first? */ 521 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 522 hapd->num_sta, hapd->conf->max_num_sta); 523 return NULL; 524 } 525 526 sta = os_zalloc(sizeof(struct sta_info)); 527 if (sta == NULL) { 528 wpa_printf(MSG_ERROR, "malloc failed"); 529 return NULL; 530 } 531 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 532 accounting_sta_get_id(hapd, sta); 533 534 /* initialize STA info data */ 535 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 536 "for " MACSTR " (%d seconds - ap_max_inactivity)", 537 __func__, MAC2STR(addr), 538 hapd->conf->ap_max_inactivity); 539 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 540 ap_handle_timer, hapd, sta); 541 os_memcpy(sta->addr, addr, ETH_ALEN); 542 sta->next = hapd->sta_list; 543 hapd->sta_list = sta; 544 hapd->num_sta++; 545 ap_sta_hash_add(hapd, sta); 546 sta->ssid = &hapd->conf->ssid; 547 ap_sta_remove_in_other_bss(hapd, sta); 548 549 return sta; 550 } 551 552 553 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 554 { 555 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 556 557 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver", 558 MAC2STR(sta->addr)); 559 if (hostapd_drv_sta_remove(hapd, sta->addr) && 560 sta->flags & WLAN_STA_ASSOC) { 561 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR 562 " from kernel driver.", MAC2STR(sta->addr)); 563 return -1; 564 } 565 return 0; 566 } 567 568 569 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 570 struct sta_info *sta) 571 { 572 struct hostapd_iface *iface = hapd->iface; 573 size_t i; 574 575 for (i = 0; i < iface->num_bss; i++) { 576 struct hostapd_data *bss = iface->bss[i]; 577 struct sta_info *sta2; 578 /* bss should always be set during operation, but it may be 579 * NULL during reconfiguration. Assume the STA is not 580 * associated to another BSS in that case to avoid NULL pointer 581 * dereferences. */ 582 if (bss == hapd || bss == NULL) 583 continue; 584 sta2 = ap_get_sta(bss, sta->addr); 585 if (!sta2) 586 continue; 587 588 ap_sta_disconnect(bss, sta2, sta2->addr, 589 WLAN_REASON_PREV_AUTH_NOT_VALID); 590 } 591 } 592 593 594 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 595 { 596 struct hostapd_data *hapd = eloop_ctx; 597 struct sta_info *sta = timeout_ctx; 598 599 ap_sta_remove(hapd, sta); 600 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 601 } 602 603 604 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 605 u16 reason) 606 { 607 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 608 hapd->conf->iface, MAC2STR(sta->addr)); 609 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 610 ap_sta_set_authorized(hapd, sta, 0); 611 sta->timeout_next = STA_DEAUTH; 612 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 613 "for " MACSTR " (%d seconds - " 614 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 615 __func__, MAC2STR(sta->addr), 616 AP_MAX_INACTIVITY_AFTER_DISASSOC); 617 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 618 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 619 ap_handle_timer, hapd, sta); 620 accounting_sta_stop(hapd, sta); 621 ieee802_1x_free_station(sta); 622 623 sta->disassoc_reason = reason; 624 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 625 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 626 eloop_register_timeout(hapd->iface->drv_flags & 627 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 628 ap_sta_disassoc_cb_timeout, hapd, sta); 629 } 630 631 632 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 633 { 634 struct hostapd_data *hapd = eloop_ctx; 635 struct sta_info *sta = timeout_ctx; 636 637 ap_sta_remove(hapd, sta); 638 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 639 } 640 641 642 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 643 u16 reason) 644 { 645 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 646 hapd->conf->iface, MAC2STR(sta->addr)); 647 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 648 ap_sta_set_authorized(hapd, sta, 0); 649 sta->timeout_next = STA_REMOVE; 650 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 651 "for " MACSTR " (%d seconds - " 652 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 653 __func__, MAC2STR(sta->addr), 654 AP_MAX_INACTIVITY_AFTER_DEAUTH); 655 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 656 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 657 ap_handle_timer, hapd, sta); 658 accounting_sta_stop(hapd, sta); 659 ieee802_1x_free_station(sta); 660 661 sta->deauth_reason = reason; 662 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 663 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 664 eloop_register_timeout(hapd->iface->drv_flags & 665 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 666 ap_sta_deauth_cb_timeout, hapd, sta); 667 } 668 669 670 #ifdef CONFIG_WPS 671 int ap_sta_wps_cancel(struct hostapd_data *hapd, 672 struct sta_info *sta, void *ctx) 673 { 674 if (sta && (sta->flags & WLAN_STA_WPS)) { 675 ap_sta_deauthenticate(hapd, sta, 676 WLAN_REASON_PREV_AUTH_NOT_VALID); 677 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 678 __func__, MAC2STR(sta->addr)); 679 return 1; 680 } 681 682 return 0; 683 } 684 #endif /* CONFIG_WPS */ 685 686 687 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, 688 int old_vlanid) 689 { 690 #ifndef CONFIG_NO_VLAN 691 const char *iface; 692 struct hostapd_vlan *vlan = NULL; 693 int ret; 694 695 /* 696 * Do not proceed furthur if the vlan id remains same. We do not want 697 * duplicate dynamic vlan entries. 698 */ 699 if (sta->vlan_id == old_vlanid) 700 return 0; 701 702 /* 703 * During 1x reauth, if the vlan id changes, then remove the old id and 704 * proceed furthur to add the new one. 705 */ 706 if (old_vlanid > 0) 707 vlan_remove_dynamic(hapd, old_vlanid); 708 709 iface = hapd->conf->iface; 710 if (sta->ssid->vlan[0]) 711 iface = sta->ssid->vlan; 712 713 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) 714 sta->vlan_id = 0; 715 else if (sta->vlan_id > 0) { 716 struct hostapd_vlan *wildcard_vlan = NULL; 717 vlan = hapd->conf->vlan; 718 while (vlan) { 719 if (vlan->vlan_id == sta->vlan_id) 720 break; 721 if (vlan->vlan_id == VLAN_ID_WILDCARD) 722 wildcard_vlan = vlan; 723 vlan = vlan->next; 724 } 725 if (!vlan) 726 vlan = wildcard_vlan; 727 if (vlan) 728 iface = vlan->ifname; 729 } 730 731 if (sta->vlan_id > 0 && vlan == NULL) { 732 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 733 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 734 "binding station to (vlan_id=%d)", 735 sta->vlan_id); 736 return -1; 737 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { 738 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); 739 if (vlan == NULL) { 740 hostapd_logger(hapd, sta->addr, 741 HOSTAPD_MODULE_IEEE80211, 742 HOSTAPD_LEVEL_DEBUG, "could not add " 743 "dynamic VLAN interface for vlan_id=%d", 744 sta->vlan_id); 745 return -1; 746 } 747 748 iface = vlan->ifname; 749 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 750 hostapd_logger(hapd, sta->addr, 751 HOSTAPD_MODULE_IEEE80211, 752 HOSTAPD_LEVEL_DEBUG, "could not " 753 "configure encryption for dynamic VLAN " 754 "interface for vlan_id=%d", 755 sta->vlan_id); 756 } 757 758 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 759 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " 760 "interface '%s'", iface); 761 } else if (vlan && vlan->vlan_id == sta->vlan_id) { 762 if (sta->vlan_id > 0) { 763 vlan->dynamic_vlan++; 764 hostapd_logger(hapd, sta->addr, 765 HOSTAPD_MODULE_IEEE80211, 766 HOSTAPD_LEVEL_DEBUG, "updated existing " 767 "dynamic VLAN interface '%s'", iface); 768 } 769 770 /* 771 * Update encryption configuration for statically generated 772 * VLAN interface. This is only used for static WEP 773 * configuration for the case where hostapd did not yet know 774 * which keys are to be used when the interface was added. 775 */ 776 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 777 hostapd_logger(hapd, sta->addr, 778 HOSTAPD_MODULE_IEEE80211, 779 HOSTAPD_LEVEL_DEBUG, "could not " 780 "configure encryption for VLAN " 781 "interface for vlan_id=%d", 782 sta->vlan_id); 783 } 784 } 785 786 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 787 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 788 "'%s'", iface); 789 790 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 791 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 792 793 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 794 if (ret < 0) { 795 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 796 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 797 "entry to vlan_id=%d", sta->vlan_id); 798 } 799 return ret; 800 #else /* CONFIG_NO_VLAN */ 801 return 0; 802 #endif /* CONFIG_NO_VLAN */ 803 } 804 805 806 #ifdef CONFIG_IEEE80211W 807 808 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 809 { 810 u32 tu; 811 struct os_time now, passed; 812 os_get_time(&now); 813 os_time_sub(&now, &sta->sa_query_start, &passed); 814 tu = (passed.sec * 1000000 + passed.usec) / 1024; 815 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 816 hostapd_logger(hapd, sta->addr, 817 HOSTAPD_MODULE_IEEE80211, 818 HOSTAPD_LEVEL_DEBUG, 819 "association SA Query timed out"); 820 sta->sa_query_timed_out = 1; 821 os_free(sta->sa_query_trans_id); 822 sta->sa_query_trans_id = NULL; 823 sta->sa_query_count = 0; 824 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 825 return 1; 826 } 827 828 return 0; 829 } 830 831 832 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 833 { 834 struct hostapd_data *hapd = eloop_ctx; 835 struct sta_info *sta = timeout_ctx; 836 unsigned int timeout, sec, usec; 837 u8 *trans_id, *nbuf; 838 839 if (sta->sa_query_count > 0 && 840 ap_check_sa_query_timeout(hapd, sta)) 841 return; 842 843 nbuf = os_realloc_array(sta->sa_query_trans_id, 844 sta->sa_query_count + 1, 845 WLAN_SA_QUERY_TR_ID_LEN); 846 if (nbuf == NULL) 847 return; 848 if (sta->sa_query_count == 0) { 849 /* Starting a new SA Query procedure */ 850 os_get_time(&sta->sa_query_start); 851 } 852 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 853 sta->sa_query_trans_id = nbuf; 854 sta->sa_query_count++; 855 856 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); 857 858 timeout = hapd->conf->assoc_sa_query_retry_timeout; 859 sec = ((timeout / 1000) * 1024) / 1000; 860 usec = (timeout % 1000) * 1024; 861 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 862 863 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 864 HOSTAPD_LEVEL_DEBUG, 865 "association SA Query attempt %d", sta->sa_query_count); 866 867 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 868 } 869 870 871 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 872 { 873 ap_sa_query_timer(hapd, sta); 874 } 875 876 877 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 878 { 879 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 880 os_free(sta->sa_query_trans_id); 881 sta->sa_query_trans_id = NULL; 882 sta->sa_query_count = 0; 883 } 884 885 #endif /* CONFIG_IEEE80211W */ 886 887 888 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 889 int authorized) 890 { 891 const u8 *dev_addr = NULL; 892 char buf[100]; 893 #ifdef CONFIG_P2P 894 u8 addr[ETH_ALEN]; 895 #endif /* CONFIG_P2P */ 896 897 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 898 return; 899 900 #ifdef CONFIG_P2P 901 if (hapd->p2p_group == NULL) { 902 if (sta->p2p_ie != NULL && 903 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 904 dev_addr = addr; 905 } else 906 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 907 #endif /* CONFIG_P2P */ 908 909 if (dev_addr) 910 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 911 MAC2STR(sta->addr), MAC2STR(dev_addr)); 912 else 913 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 914 915 if (authorized) { 916 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s", buf); 917 918 if (hapd->msg_ctx_parent && 919 hapd->msg_ctx_parent != hapd->msg_ctx) 920 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 921 AP_STA_CONNECTED "%s", buf); 922 923 sta->flags |= WLAN_STA_AUTHORIZED; 924 } else { 925 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 926 927 if (hapd->msg_ctx_parent && 928 hapd->msg_ctx_parent != hapd->msg_ctx) 929 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 930 AP_STA_DISCONNECTED "%s", buf); 931 932 sta->flags &= ~WLAN_STA_AUTHORIZED; 933 } 934 935 if (hapd->sta_authorized_cb) 936 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 937 sta->addr, authorized, dev_addr); 938 } 939 940 941 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 942 const u8 *addr, u16 reason) 943 { 944 945 if (sta == NULL && addr) 946 sta = ap_get_sta(hapd, addr); 947 948 if (addr) 949 hostapd_drv_sta_deauth(hapd, addr, reason); 950 951 if (sta == NULL) 952 return; 953 ap_sta_set_authorized(hapd, sta, 0); 954 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 955 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 956 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 957 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 958 "for " MACSTR " (%d seconds - " 959 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 960 __func__, MAC2STR(sta->addr), 961 AP_MAX_INACTIVITY_AFTER_DEAUTH); 962 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 963 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 964 ap_handle_timer, hapd, sta); 965 sta->timeout_next = STA_REMOVE; 966 967 sta->deauth_reason = reason; 968 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 969 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 970 eloop_register_timeout(hapd->iface->drv_flags & 971 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 972 ap_sta_deauth_cb_timeout, hapd, sta); 973 } 974 975 976 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 977 { 978 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 979 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 980 return; 981 } 982 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 983 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 984 ap_sta_deauth_cb_timeout(hapd, sta); 985 } 986 987 988 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 989 { 990 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 991 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 992 return; 993 } 994 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 995 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 996 ap_sta_disassoc_cb_timeout(hapd, sta); 997 } 998
