1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2017, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "common/ieee802_11_defs.h" 14 #include "common/wpa_ctrl.h" 15 #include "common/sae.h" 16 #include "radius/radius.h" 17 #include "radius/radius_client.h" 18 #include "p2p/p2p.h" 19 #include "fst/fst.h" 20 #include "crypto/crypto.h" 21 #include "hostapd.h" 22 #include "accounting.h" 23 #include "ieee802_1x.h" 24 #include "ieee802_11.h" 25 #include "ieee802_11_auth.h" 26 #include "wpa_auth.h" 27 #include "preauth_auth.h" 28 #include "ap_config.h" 29 #include "beacon.h" 30 #include "ap_mlme.h" 31 #include "vlan_init.h" 32 #include "p2p_hostapd.h" 33 #include "ap_drv_ops.h" 34 #include "gas_serv.h" 35 #include "wnm_ap.h" 36 #include "mbo_ap.h" 37 #include "ndisc_snoop.h" 38 #include "sta_info.h" 39 #include "vlan.h" 40 #include "wps_hostapd.h" 41 42 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 43 struct sta_info *sta); 44 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 45 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx); 46 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 47 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 48 #ifdef CONFIG_IEEE80211W 49 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 50 #endif /* CONFIG_IEEE80211W */ 51 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 52 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); 53 54 int ap_for_each_sta(struct hostapd_data *hapd, 55 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 56 void *ctx), 57 void *ctx) 58 { 59 struct sta_info *sta; 60 61 for (sta = hapd->sta_list; sta; sta = sta->next) { 62 if (cb(hapd, sta, ctx)) 63 return 1; 64 } 65 66 return 0; 67 } 68 69 70 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 71 { 72 struct sta_info *s; 73 74 s = hapd->sta_hash[STA_HASH(sta)]; 75 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 76 s = s->hnext; 77 return s; 78 } 79 80 81 #ifdef CONFIG_P2P 82 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) 83 { 84 struct sta_info *sta; 85 86 for (sta = hapd->sta_list; sta; sta = sta->next) { 87 const u8 *p2p_dev_addr; 88 89 if (sta->p2p_ie == NULL) 90 continue; 91 92 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 93 if (p2p_dev_addr == NULL) 94 continue; 95 96 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) 97 return sta; 98 } 99 100 return NULL; 101 } 102 #endif /* CONFIG_P2P */ 103 104 105 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 106 { 107 struct sta_info *tmp; 108 109 if (hapd->sta_list == sta) { 110 hapd->sta_list = sta->next; 111 return; 112 } 113 114 tmp = hapd->sta_list; 115 while (tmp != NULL && tmp->next != sta) 116 tmp = tmp->next; 117 if (tmp == NULL) { 118 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 119 "list.", MAC2STR(sta->addr)); 120 } else 121 tmp->next = sta->next; 122 } 123 124 125 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 126 { 127 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 128 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 129 } 130 131 132 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 133 { 134 struct sta_info *s; 135 136 s = hapd->sta_hash[STA_HASH(sta->addr)]; 137 if (s == NULL) return; 138 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 139 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 140 return; 141 } 142 143 while (s->hnext != NULL && 144 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 145 s = s->hnext; 146 if (s->hnext != NULL) 147 s->hnext = s->hnext->hnext; 148 else 149 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 150 " from hash table", MAC2STR(sta->addr)); 151 } 152 153 154 void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta) 155 { 156 sta_ip6addr_del(hapd, sta); 157 } 158 159 160 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 161 { 162 int set_beacon = 0; 163 164 accounting_sta_stop(hapd, sta); 165 166 /* just in case */ 167 ap_sta_set_authorized(hapd, sta, 0); 168 169 if (sta->flags & WLAN_STA_WDS) 170 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 171 172 if (sta->ipaddr) 173 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); 174 ap_sta_ip6addr_del(hapd, sta); 175 176 if (!hapd->iface->driver_ap_teardown && 177 !(sta->flags & WLAN_STA_PREAUTH)) { 178 hostapd_drv_sta_remove(hapd, sta->addr); 179 sta->added_unassoc = 0; 180 } 181 182 ap_sta_hash_del(hapd, sta); 183 ap_sta_list_del(hapd, sta); 184 185 if (sta->aid > 0) 186 hapd->sta_aid[(sta->aid - 1) / 32] &= 187 ~BIT((sta->aid - 1) % 32); 188 189 hapd->num_sta--; 190 if (sta->nonerp_set) { 191 sta->nonerp_set = 0; 192 hapd->iface->num_sta_non_erp--; 193 if (hapd->iface->num_sta_non_erp == 0) 194 set_beacon++; 195 } 196 197 if (sta->no_short_slot_time_set) { 198 sta->no_short_slot_time_set = 0; 199 hapd->iface->num_sta_no_short_slot_time--; 200 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 201 && hapd->iface->num_sta_no_short_slot_time == 0) 202 set_beacon++; 203 } 204 205 if (sta->no_short_preamble_set) { 206 sta->no_short_preamble_set = 0; 207 hapd->iface->num_sta_no_short_preamble--; 208 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 209 && hapd->iface->num_sta_no_short_preamble == 0) 210 set_beacon++; 211 } 212 213 if (sta->no_ht_gf_set) { 214 sta->no_ht_gf_set = 0; 215 hapd->iface->num_sta_ht_no_gf--; 216 } 217 218 if (sta->no_ht_set) { 219 sta->no_ht_set = 0; 220 hapd->iface->num_sta_no_ht--; 221 } 222 223 if (sta->ht_20mhz_set) { 224 sta->ht_20mhz_set = 0; 225 hapd->iface->num_sta_ht_20mhz--; 226 } 227 228 #ifdef CONFIG_TAXONOMY 229 wpabuf_free(sta->probe_ie_taxonomy); 230 sta->probe_ie_taxonomy = NULL; 231 wpabuf_free(sta->assoc_ie_taxonomy); 232 sta->assoc_ie_taxonomy = NULL; 233 #endif /* CONFIG_TAXONOMY */ 234 235 #ifdef CONFIG_IEEE80211N 236 ht40_intolerant_remove(hapd->iface, sta); 237 #endif /* CONFIG_IEEE80211N */ 238 239 #ifdef CONFIG_P2P 240 if (sta->no_p2p_set) { 241 sta->no_p2p_set = 0; 242 hapd->num_sta_no_p2p--; 243 if (hapd->num_sta_no_p2p == 0) 244 hostapd_p2p_non_p2p_sta_disconnected(hapd); 245 } 246 #endif /* CONFIG_P2P */ 247 248 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 249 if (hostapd_ht_operation_update(hapd->iface) > 0) 250 set_beacon++; 251 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 252 253 #ifdef CONFIG_MESH 254 if (hapd->mesh_sta_free_cb) 255 hapd->mesh_sta_free_cb(hapd, sta); 256 #endif /* CONFIG_MESH */ 257 258 if (set_beacon) 259 ieee802_11_set_beacons(hapd->iface); 260 261 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 262 __func__, MAC2STR(sta->addr)); 263 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 264 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 265 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); 266 ap_sta_clear_disconnect_timeouts(hapd, sta); 267 sae_clear_retransmit_timer(hapd, sta); 268 269 ieee802_1x_free_station(hapd, sta); 270 wpa_auth_sta_deinit(sta->wpa_sm); 271 rsn_preauth_free_station(hapd, sta); 272 #ifndef CONFIG_NO_RADIUS 273 if (hapd->radius) 274 radius_client_flush_auth(hapd->radius, sta->addr); 275 #endif /* CONFIG_NO_RADIUS */ 276 277 #ifndef CONFIG_NO_VLAN 278 /* 279 * sta->wpa_sm->group needs to be released before so that 280 * vlan_remove_dynamic() can check that no stations are left on the 281 * AP_VLAN netdev. 282 */ 283 if (sta->vlan_id) 284 vlan_remove_dynamic(hapd, sta->vlan_id); 285 if (sta->vlan_id_bound) { 286 /* 287 * Need to remove the STA entry before potentially removing the 288 * VLAN. 289 */ 290 if (hapd->iface->driver_ap_teardown && 291 !(sta->flags & WLAN_STA_PREAUTH)) { 292 hostapd_drv_sta_remove(hapd, sta->addr); 293 sta->added_unassoc = 0; 294 } 295 vlan_remove_dynamic(hapd, sta->vlan_id_bound); 296 } 297 #endif /* CONFIG_NO_VLAN */ 298 299 os_free(sta->challenge); 300 301 #ifdef CONFIG_IEEE80211W 302 os_free(sta->sa_query_trans_id); 303 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 304 #endif /* CONFIG_IEEE80211W */ 305 306 #ifdef CONFIG_P2P 307 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 308 #endif /* CONFIG_P2P */ 309 310 #ifdef CONFIG_INTERWORKING 311 if (sta->gas_dialog) { 312 int i; 313 for (i = 0; i < GAS_DIALOG_MAX; i++) 314 gas_serv_dialog_clear(&sta->gas_dialog[i]); 315 os_free(sta->gas_dialog); 316 } 317 #endif /* CONFIG_INTERWORKING */ 318 319 wpabuf_free(sta->wps_ie); 320 wpabuf_free(sta->p2p_ie); 321 wpabuf_free(sta->hs20_ie); 322 #ifdef CONFIG_FST 323 wpabuf_free(sta->mb_ies); 324 #endif /* CONFIG_FST */ 325 326 os_free(sta->ht_capabilities); 327 os_free(sta->vht_capabilities); 328 hostapd_free_psk_list(sta->psk); 329 os_free(sta->identity); 330 os_free(sta->radius_cui); 331 os_free(sta->remediation_url); 332 wpabuf_free(sta->hs20_deauth_req); 333 os_free(sta->hs20_session_info_url); 334 335 #ifdef CONFIG_SAE 336 sae_clear_data(sta->sae); 337 os_free(sta->sae); 338 #endif /* CONFIG_SAE */ 339 340 mbo_ap_sta_free(sta); 341 os_free(sta->supp_op_classes); 342 343 #ifdef CONFIG_FILS 344 os_free(sta->fils_pending_assoc_req); 345 wpabuf_free(sta->fils_hlp_resp); 346 wpabuf_free(sta->hlp_dhcp_discover); 347 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 348 #ifdef CONFIG_FILS_SK_PFS 349 crypto_ecdh_deinit(sta->fils_ecdh); 350 wpabuf_clear_free(sta->fils_dh_ss); 351 wpabuf_free(sta->fils_g_sta); 352 #endif /* CONFIG_FILS_SK_PFS */ 353 #endif /* CONFIG_FILS */ 354 355 #ifdef CONFIG_OWE 356 bin_clear_free(sta->owe_pmk, sta->owe_pmk_len); 357 crypto_ecdh_deinit(sta->owe_ecdh); 358 #endif /* CONFIG_OWE */ 359 360 os_free(sta); 361 } 362 363 364 void hostapd_free_stas(struct hostapd_data *hapd) 365 { 366 struct sta_info *sta, *prev; 367 368 sta = hapd->sta_list; 369 370 while (sta) { 371 prev = sta; 372 if (sta->flags & WLAN_STA_AUTH) { 373 mlme_deauthenticate_indication( 374 hapd, sta, WLAN_REASON_UNSPECIFIED); 375 } 376 sta = sta->next; 377 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 378 MAC2STR(prev->addr)); 379 ap_free_sta(hapd, prev); 380 } 381 } 382 383 384 /** 385 * ap_handle_timer - Per STA timer handler 386 * @eloop_ctx: struct hostapd_data * 387 * @timeout_ctx: struct sta_info * 388 * 389 * This function is called to check station activity and to remove inactive 390 * stations. 391 */ 392 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 393 { 394 struct hostapd_data *hapd = eloop_ctx; 395 struct sta_info *sta = timeout_ctx; 396 unsigned long next_time = 0; 397 int reason; 398 399 wpa_printf(MSG_DEBUG, "%s: %s: " MACSTR " flags=0x%x timeout_next=%d", 400 hapd->conf->iface, __func__, MAC2STR(sta->addr), sta->flags, 401 sta->timeout_next); 402 if (sta->timeout_next == STA_REMOVE) { 403 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 404 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 405 "local deauth request"); 406 ap_free_sta(hapd, sta); 407 return; 408 } 409 410 if ((sta->flags & WLAN_STA_ASSOC) && 411 (sta->timeout_next == STA_NULLFUNC || 412 sta->timeout_next == STA_DISASSOC)) { 413 int inactive_sec; 414 /* 415 * Add random value to timeout so that we don't end up bouncing 416 * all stations at the same time if we have lots of associated 417 * stations that are idle (but keep re-associating). 418 */ 419 int fuzz = os_random() % 20; 420 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 421 if (inactive_sec == -1) { 422 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 423 "Check inactivity: Could not " 424 "get station info from kernel driver for " 425 MACSTR, MAC2STR(sta->addr)); 426 /* 427 * The driver may not support this functionality. 428 * Anyway, try again after the next inactivity timeout, 429 * but do not disconnect the station now. 430 */ 431 next_time = hapd->conf->ap_max_inactivity + fuzz; 432 } else if (inactive_sec == -ENOENT) { 433 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 434 "Station " MACSTR " has lost its driver entry", 435 MAC2STR(sta->addr)); 436 437 /* Avoid sending client probe on removed client */ 438 sta->timeout_next = STA_DISASSOC; 439 goto skip_poll; 440 } else if (inactive_sec < hapd->conf->ap_max_inactivity) { 441 /* station activity detected; reset timeout state */ 442 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 443 "Station " MACSTR " has been active %is ago", 444 MAC2STR(sta->addr), inactive_sec); 445 sta->timeout_next = STA_NULLFUNC; 446 next_time = hapd->conf->ap_max_inactivity + fuzz - 447 inactive_sec; 448 } else { 449 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 450 "Station " MACSTR " has been " 451 "inactive too long: %d sec, max allowed: %d", 452 MAC2STR(sta->addr), inactive_sec, 453 hapd->conf->ap_max_inactivity); 454 455 if (hapd->conf->skip_inactivity_poll) 456 sta->timeout_next = STA_DISASSOC; 457 } 458 } 459 460 if ((sta->flags & WLAN_STA_ASSOC) && 461 sta->timeout_next == STA_DISASSOC && 462 !(sta->flags & WLAN_STA_PENDING_POLL) && 463 !hapd->conf->skip_inactivity_poll) { 464 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 465 " has ACKed data poll", MAC2STR(sta->addr)); 466 /* data nullfunc frame poll did not produce TX errors; assume 467 * station ACKed it */ 468 sta->timeout_next = STA_NULLFUNC; 469 next_time = hapd->conf->ap_max_inactivity; 470 } 471 472 skip_poll: 473 if (next_time) { 474 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 475 "for " MACSTR " (%lu seconds)", 476 __func__, MAC2STR(sta->addr), next_time); 477 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 478 sta); 479 return; 480 } 481 482 if (sta->timeout_next == STA_NULLFUNC && 483 (sta->flags & WLAN_STA_ASSOC)) { 484 wpa_printf(MSG_DEBUG, " Polling STA"); 485 sta->flags |= WLAN_STA_PENDING_POLL; 486 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 487 sta->flags & WLAN_STA_WMM); 488 } else if (sta->timeout_next != STA_REMOVE) { 489 int deauth = sta->timeout_next == STA_DEAUTH; 490 491 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 492 "Timeout, sending %s info to STA " MACSTR, 493 deauth ? "deauthentication" : "disassociation", 494 MAC2STR(sta->addr)); 495 496 if (deauth) { 497 hostapd_drv_sta_deauth( 498 hapd, sta->addr, 499 WLAN_REASON_PREV_AUTH_NOT_VALID); 500 } else { 501 reason = (sta->timeout_next == STA_DISASSOC) ? 502 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 503 WLAN_REASON_PREV_AUTH_NOT_VALID; 504 505 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 506 } 507 } 508 509 switch (sta->timeout_next) { 510 case STA_NULLFUNC: 511 sta->timeout_next = STA_DISASSOC; 512 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 513 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 514 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 515 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 516 hapd, sta); 517 break; 518 case STA_DISASSOC: 519 case STA_DISASSOC_FROM_CLI: 520 ap_sta_set_authorized(hapd, sta, 0); 521 sta->flags &= ~WLAN_STA_ASSOC; 522 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 523 if (!sta->acct_terminate_cause) 524 sta->acct_terminate_cause = 525 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 526 accounting_sta_stop(hapd, sta); 527 ieee802_1x_free_station(hapd, sta); 528 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 529 HOSTAPD_LEVEL_INFO, "disassociated due to " 530 "inactivity"); 531 reason = (sta->timeout_next == STA_DISASSOC) ? 532 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 533 WLAN_REASON_PREV_AUTH_NOT_VALID; 534 sta->timeout_next = STA_DEAUTH; 535 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 536 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 537 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 538 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 539 hapd, sta); 540 mlme_disassociate_indication(hapd, sta, reason); 541 break; 542 case STA_DEAUTH: 543 case STA_REMOVE: 544 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 545 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 546 "inactivity (timer DEAUTH/REMOVE)"); 547 if (!sta->acct_terminate_cause) 548 sta->acct_terminate_cause = 549 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 550 mlme_deauthenticate_indication( 551 hapd, sta, 552 WLAN_REASON_PREV_AUTH_NOT_VALID); 553 ap_free_sta(hapd, sta); 554 break; 555 } 556 } 557 558 559 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 560 { 561 struct hostapd_data *hapd = eloop_ctx; 562 struct sta_info *sta = timeout_ctx; 563 564 wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR, 565 hapd->conf->iface, MAC2STR(sta->addr)); 566 if (!(sta->flags & WLAN_STA_AUTH)) { 567 if (sta->flags & WLAN_STA_GAS) { 568 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 569 "entry " MACSTR, MAC2STR(sta->addr)); 570 ap_free_sta(hapd, sta); 571 } 572 return; 573 } 574 575 hostapd_drv_sta_deauth(hapd, sta->addr, 576 WLAN_REASON_PREV_AUTH_NOT_VALID); 577 mlme_deauthenticate_indication(hapd, sta, 578 WLAN_REASON_PREV_AUTH_NOT_VALID); 579 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 580 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 581 "session timeout"); 582 sta->acct_terminate_cause = 583 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 584 ap_free_sta(hapd, sta); 585 } 586 587 588 void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, 589 u32 session_timeout) 590 { 591 if (eloop_replenish_timeout(session_timeout, 0, 592 ap_handle_session_timer, hapd, sta) == 1) { 593 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 594 HOSTAPD_LEVEL_DEBUG, "setting session timeout " 595 "to %d seconds", session_timeout); 596 } 597 } 598 599 600 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 601 u32 session_timeout) 602 { 603 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 604 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 605 "seconds", session_timeout); 606 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 607 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 608 hapd, sta); 609 } 610 611 612 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 613 { 614 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 615 } 616 617 618 static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx) 619 { 620 #ifdef CONFIG_WNM_AP 621 struct hostapd_data *hapd = eloop_ctx; 622 struct sta_info *sta = timeout_ctx; 623 624 wpa_printf(MSG_DEBUG, "%s: WNM: Session warning time reached for " 625 MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); 626 if (sta->hs20_session_info_url == NULL) 627 return; 628 629 wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url, 630 sta->hs20_disassoc_timer); 631 #endif /* CONFIG_WNM_AP */ 632 } 633 634 635 void ap_sta_session_warning_timeout(struct hostapd_data *hapd, 636 struct sta_info *sta, int warning_time) 637 { 638 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); 639 eloop_register_timeout(warning_time, 0, ap_handle_session_warning_timer, 640 hapd, sta); 641 } 642 643 644 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 645 { 646 struct sta_info *sta; 647 648 sta = ap_get_sta(hapd, addr); 649 if (sta) 650 return sta; 651 652 wpa_printf(MSG_DEBUG, " New STA"); 653 if (hapd->num_sta >= hapd->conf->max_num_sta) { 654 /* FIX: might try to remove some old STAs first? */ 655 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 656 hapd->num_sta, hapd->conf->max_num_sta); 657 return NULL; 658 } 659 660 sta = os_zalloc(sizeof(struct sta_info)); 661 if (sta == NULL) { 662 wpa_printf(MSG_ERROR, "malloc failed"); 663 return NULL; 664 } 665 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 666 if (accounting_sta_get_id(hapd, sta) < 0) { 667 os_free(sta); 668 return NULL; 669 } 670 671 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 672 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 673 "for " MACSTR " (%d seconds - ap_max_inactivity)", 674 __func__, MAC2STR(addr), 675 hapd->conf->ap_max_inactivity); 676 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 677 ap_handle_timer, hapd, sta); 678 } 679 680 /* initialize STA info data */ 681 os_memcpy(sta->addr, addr, ETH_ALEN); 682 sta->next = hapd->sta_list; 683 hapd->sta_list = sta; 684 hapd->num_sta++; 685 ap_sta_hash_add(hapd, sta); 686 ap_sta_remove_in_other_bss(hapd, sta); 687 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 688 dl_list_init(&sta->ip6addr); 689 690 #ifdef CONFIG_TAXONOMY 691 sta_track_claim_taxonomy_info(hapd->iface, addr, 692 &sta->probe_ie_taxonomy); 693 #endif /* CONFIG_TAXONOMY */ 694 695 return sta; 696 } 697 698 699 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 700 { 701 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 702 703 if (sta->ipaddr) 704 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); 705 ap_sta_ip6addr_del(hapd, sta); 706 707 wpa_printf(MSG_DEBUG, "%s: Removing STA " MACSTR " from kernel driver", 708 hapd->conf->iface, MAC2STR(sta->addr)); 709 if (hostapd_drv_sta_remove(hapd, sta->addr) && 710 sta->flags & WLAN_STA_ASSOC) { 711 wpa_printf(MSG_DEBUG, "%s: Could not remove station " MACSTR 712 " from kernel driver", 713 hapd->conf->iface, MAC2STR(sta->addr)); 714 return -1; 715 } 716 sta->added_unassoc = 0; 717 return 0; 718 } 719 720 721 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 722 struct sta_info *sta) 723 { 724 struct hostapd_iface *iface = hapd->iface; 725 size_t i; 726 727 for (i = 0; i < iface->num_bss; i++) { 728 struct hostapd_data *bss = iface->bss[i]; 729 struct sta_info *sta2; 730 /* bss should always be set during operation, but it may be 731 * NULL during reconfiguration. Assume the STA is not 732 * associated to another BSS in that case to avoid NULL pointer 733 * dereferences. */ 734 if (bss == hapd || bss == NULL) 735 continue; 736 sta2 = ap_get_sta(bss, sta->addr); 737 if (!sta2) 738 continue; 739 740 wpa_printf(MSG_DEBUG, "%s: disconnect old STA " MACSTR 741 " association from another BSS %s", 742 hapd->conf->iface, MAC2STR(sta2->addr), 743 bss->conf->iface); 744 ap_sta_disconnect(bss, sta2, sta2->addr, 745 WLAN_REASON_PREV_AUTH_NOT_VALID); 746 } 747 } 748 749 750 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 751 { 752 struct hostapd_data *hapd = eloop_ctx; 753 struct sta_info *sta = timeout_ctx; 754 755 wpa_printf(MSG_DEBUG, "%s: Disassociation callback for STA " MACSTR, 756 hapd->conf->iface, MAC2STR(sta->addr)); 757 ap_sta_remove(hapd, sta); 758 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 759 } 760 761 762 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 763 u16 reason) 764 { 765 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 766 hapd->conf->iface, MAC2STR(sta->addr)); 767 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 768 if (hapd->iface->current_mode && 769 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 770 /* Skip deauthentication in DMG/IEEE 802.11ad */ 771 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | 772 WLAN_STA_ASSOC_REQ_OK); 773 sta->timeout_next = STA_REMOVE; 774 } else { 775 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 776 sta->timeout_next = STA_DEAUTH; 777 } 778 ap_sta_set_authorized(hapd, sta, 0); 779 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 780 "for " MACSTR " (%d seconds - " 781 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 782 __func__, MAC2STR(sta->addr), 783 AP_MAX_INACTIVITY_AFTER_DISASSOC); 784 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 785 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 786 ap_handle_timer, hapd, sta); 787 accounting_sta_stop(hapd, sta); 788 ieee802_1x_free_station(hapd, sta); 789 790 sta->disassoc_reason = reason; 791 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 792 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 793 eloop_register_timeout(hapd->iface->drv_flags & 794 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 795 ap_sta_disassoc_cb_timeout, hapd, sta); 796 } 797 798 799 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 800 { 801 struct hostapd_data *hapd = eloop_ctx; 802 struct sta_info *sta = timeout_ctx; 803 804 wpa_printf(MSG_DEBUG, "%s: Deauthentication callback for STA " MACSTR, 805 hapd->conf->iface, MAC2STR(sta->addr)); 806 ap_sta_remove(hapd, sta); 807 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 808 } 809 810 811 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 812 u16 reason) 813 { 814 if (hapd->iface->current_mode && 815 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 816 /* Deauthentication is not used in DMG/IEEE 802.11ad; 817 * disassociate the STA instead. */ 818 ap_sta_disassociate(hapd, sta, reason); 819 return; 820 } 821 822 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 823 hapd->conf->iface, MAC2STR(sta->addr)); 824 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 825 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 826 ap_sta_set_authorized(hapd, sta, 0); 827 sta->timeout_next = STA_REMOVE; 828 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 829 "for " MACSTR " (%d seconds - " 830 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 831 __func__, MAC2STR(sta->addr), 832 AP_MAX_INACTIVITY_AFTER_DEAUTH); 833 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 834 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 835 ap_handle_timer, hapd, sta); 836 accounting_sta_stop(hapd, sta); 837 ieee802_1x_free_station(hapd, sta); 838 839 sta->deauth_reason = reason; 840 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 841 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 842 eloop_register_timeout(hapd->iface->drv_flags & 843 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 844 ap_sta_deauth_cb_timeout, hapd, sta); 845 } 846 847 848 #ifdef CONFIG_WPS 849 int ap_sta_wps_cancel(struct hostapd_data *hapd, 850 struct sta_info *sta, void *ctx) 851 { 852 if (sta && (sta->flags & WLAN_STA_WPS)) { 853 ap_sta_deauthenticate(hapd, sta, 854 WLAN_REASON_PREV_AUTH_NOT_VALID); 855 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 856 __func__, MAC2STR(sta->addr)); 857 return 1; 858 } 859 860 return 0; 861 } 862 #endif /* CONFIG_WPS */ 863 864 865 static int ap_sta_get_free_vlan_id(struct hostapd_data *hapd) 866 { 867 struct hostapd_vlan *vlan; 868 int vlan_id = MAX_VLAN_ID + 2; 869 870 retry: 871 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 872 if (vlan->vlan_id == vlan_id) { 873 vlan_id++; 874 goto retry; 875 } 876 } 877 return vlan_id; 878 } 879 880 881 int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, 882 struct vlan_description *vlan_desc) 883 { 884 struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL; 885 int old_vlan_id, vlan_id = 0, ret = 0; 886 887 if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) 888 vlan_desc = NULL; 889 890 /* Check if there is something to do */ 891 if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) { 892 /* This sta is lacking its own vif */ 893 } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED && 894 !hapd->conf->ssid.per_sta_vif && sta->vlan_id) { 895 /* sta->vlan_id needs to be reset */ 896 } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) { 897 return 0; /* nothing to change */ 898 } 899 900 /* Now the real VLAN changed or the STA just needs its own vif */ 901 if (hapd->conf->ssid.per_sta_vif) { 902 /* Assign a new vif, always */ 903 /* find a free vlan_id sufficiently big */ 904 vlan_id = ap_sta_get_free_vlan_id(hapd); 905 /* Get wildcard VLAN */ 906 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 907 if (vlan->vlan_id == VLAN_ID_WILDCARD) 908 break; 909 } 910 if (!vlan) { 911 hostapd_logger(hapd, sta->addr, 912 HOSTAPD_MODULE_IEEE80211, 913 HOSTAPD_LEVEL_DEBUG, 914 "per_sta_vif missing wildcard"); 915 vlan_id = 0; 916 ret = -1; 917 goto done; 918 } 919 } else if (vlan_desc && vlan_desc->notempty) { 920 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 921 if (!vlan_compare(&vlan->vlan_desc, vlan_desc)) 922 break; 923 if (vlan->vlan_id == VLAN_ID_WILDCARD) 924 wildcard_vlan = vlan; 925 } 926 if (vlan) { 927 vlan_id = vlan->vlan_id; 928 } else if (wildcard_vlan) { 929 vlan = wildcard_vlan; 930 vlan_id = vlan_desc->untagged; 931 if (vlan_desc->tagged[0]) { 932 /* Tagged VLAN configuration */ 933 vlan_id = ap_sta_get_free_vlan_id(hapd); 934 } 935 } else { 936 hostapd_logger(hapd, sta->addr, 937 HOSTAPD_MODULE_IEEE80211, 938 HOSTAPD_LEVEL_DEBUG, 939 "missing vlan and wildcard for vlan=%d%s", 940 vlan_desc->untagged, 941 vlan_desc->tagged[0] ? "+" : ""); 942 vlan_id = 0; 943 ret = -1; 944 goto done; 945 } 946 } 947 948 if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) { 949 vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc); 950 if (vlan == NULL) { 951 hostapd_logger(hapd, sta->addr, 952 HOSTAPD_MODULE_IEEE80211, 953 HOSTAPD_LEVEL_DEBUG, 954 "could not add dynamic VLAN interface for vlan=%d%s", 955 vlan_desc ? vlan_desc->untagged : -1, 956 (vlan_desc && vlan_desc->tagged[0]) ? 957 "+" : ""); 958 vlan_id = 0; 959 ret = -1; 960 goto done; 961 } 962 963 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 964 HOSTAPD_LEVEL_DEBUG, 965 "added new dynamic VLAN interface '%s'", 966 vlan->ifname); 967 } else if (vlan && vlan->dynamic_vlan > 0) { 968 vlan->dynamic_vlan++; 969 hostapd_logger(hapd, sta->addr, 970 HOSTAPD_MODULE_IEEE80211, 971 HOSTAPD_LEVEL_DEBUG, 972 "updated existing dynamic VLAN interface '%s'", 973 vlan->ifname); 974 } 975 done: 976 old_vlan_id = sta->vlan_id; 977 sta->vlan_id = vlan_id; 978 sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL; 979 980 if (vlan_id != old_vlan_id && old_vlan_id) 981 vlan_remove_dynamic(hapd, old_vlan_id); 982 983 return ret; 984 } 985 986 987 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) 988 { 989 #ifndef CONFIG_NO_VLAN 990 const char *iface; 991 struct hostapd_vlan *vlan = NULL; 992 int ret; 993 int old_vlanid = sta->vlan_id_bound; 994 995 iface = hapd->conf->iface; 996 if (hapd->conf->ssid.vlan[0]) 997 iface = hapd->conf->ssid.vlan; 998 999 if (sta->vlan_id > 0) { 1000 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 1001 if (vlan->vlan_id == sta->vlan_id) 1002 break; 1003 } 1004 if (vlan) 1005 iface = vlan->ifname; 1006 } 1007 1008 /* 1009 * Do not increment ref counters if the VLAN ID remains same, but do 1010 * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might 1011 * have been called before. 1012 */ 1013 if (sta->vlan_id == old_vlanid) 1014 goto skip_counting; 1015 1016 if (sta->vlan_id > 0 && vlan == NULL) { 1017 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1018 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 1019 "binding station to (vlan_id=%d)", 1020 sta->vlan_id); 1021 ret = -1; 1022 goto done; 1023 } else if (vlan && vlan->dynamic_vlan > 0) { 1024 vlan->dynamic_vlan++; 1025 hostapd_logger(hapd, sta->addr, 1026 HOSTAPD_MODULE_IEEE80211, 1027 HOSTAPD_LEVEL_DEBUG, 1028 "updated existing dynamic VLAN interface '%s'", 1029 iface); 1030 } 1031 1032 /* ref counters have been increased, so mark the station */ 1033 sta->vlan_id_bound = sta->vlan_id; 1034 1035 skip_counting: 1036 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1037 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 1038 "'%s'", iface); 1039 1040 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 1041 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 1042 1043 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 1044 if (ret < 0) { 1045 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1046 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 1047 "entry to vlan_id=%d", sta->vlan_id); 1048 } 1049 1050 /* During 1x reauth, if the vlan id changes, then remove the old id. */ 1051 if (old_vlanid > 0 && old_vlanid != sta->vlan_id) 1052 vlan_remove_dynamic(hapd, old_vlanid); 1053 done: 1054 1055 return ret; 1056 #else /* CONFIG_NO_VLAN */ 1057 return 0; 1058 #endif /* CONFIG_NO_VLAN */ 1059 } 1060 1061 1062 #ifdef CONFIG_IEEE80211W 1063 1064 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 1065 { 1066 u32 tu; 1067 struct os_reltime now, passed; 1068 os_get_reltime(&now); 1069 os_reltime_sub(&now, &sta->sa_query_start, &passed); 1070 tu = (passed.sec * 1000000 + passed.usec) / 1024; 1071 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 1072 hostapd_logger(hapd, sta->addr, 1073 HOSTAPD_MODULE_IEEE80211, 1074 HOSTAPD_LEVEL_DEBUG, 1075 "association SA Query timed out"); 1076 sta->sa_query_timed_out = 1; 1077 os_free(sta->sa_query_trans_id); 1078 sta->sa_query_trans_id = NULL; 1079 sta->sa_query_count = 0; 1080 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 1081 return 1; 1082 } 1083 1084 return 0; 1085 } 1086 1087 1088 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 1089 { 1090 struct hostapd_data *hapd = eloop_ctx; 1091 struct sta_info *sta = timeout_ctx; 1092 unsigned int timeout, sec, usec; 1093 u8 *trans_id, *nbuf; 1094 1095 wpa_printf(MSG_DEBUG, "%s: SA Query timer for STA " MACSTR 1096 " (count=%d)", 1097 hapd->conf->iface, MAC2STR(sta->addr), sta->sa_query_count); 1098 1099 if (sta->sa_query_count > 0 && 1100 ap_check_sa_query_timeout(hapd, sta)) 1101 return; 1102 1103 nbuf = os_realloc_array(sta->sa_query_trans_id, 1104 sta->sa_query_count + 1, 1105 WLAN_SA_QUERY_TR_ID_LEN); 1106 if (nbuf == NULL) 1107 return; 1108 if (sta->sa_query_count == 0) { 1109 /* Starting a new SA Query procedure */ 1110 os_get_reltime(&sta->sa_query_start); 1111 } 1112 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 1113 sta->sa_query_trans_id = nbuf; 1114 sta->sa_query_count++; 1115 1116 if (os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0) { 1117 /* 1118 * We don't really care which ID is used here, so simply 1119 * hardcode this if the mostly theoretical os_get_random() 1120 * failure happens. 1121 */ 1122 trans_id[0] = 0x12; 1123 trans_id[1] = 0x34; 1124 } 1125 1126 timeout = hapd->conf->assoc_sa_query_retry_timeout; 1127 sec = ((timeout / 1000) * 1024) / 1000; 1128 usec = (timeout % 1000) * 1024; 1129 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 1130 1131 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1132 HOSTAPD_LEVEL_DEBUG, 1133 "association SA Query attempt %d", sta->sa_query_count); 1134 1135 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 1136 } 1137 1138 1139 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 1140 { 1141 ap_sa_query_timer(hapd, sta); 1142 } 1143 1144 1145 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 1146 { 1147 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 1148 os_free(sta->sa_query_trans_id); 1149 sta->sa_query_trans_id = NULL; 1150 sta->sa_query_count = 0; 1151 } 1152 1153 #endif /* CONFIG_IEEE80211W */ 1154 1155 1156 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 1157 int authorized) 1158 { 1159 const u8 *dev_addr = NULL; 1160 char buf[100]; 1161 #ifdef CONFIG_P2P 1162 u8 addr[ETH_ALEN]; 1163 u8 ip_addr_buf[4]; 1164 #endif /* CONFIG_P2P */ 1165 1166 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 1167 return; 1168 1169 if (authorized) 1170 sta->flags |= WLAN_STA_AUTHORIZED; 1171 else 1172 sta->flags &= ~WLAN_STA_AUTHORIZED; 1173 1174 #ifdef CONFIG_P2P 1175 if (hapd->p2p_group == NULL) { 1176 if (sta->p2p_ie != NULL && 1177 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 1178 dev_addr = addr; 1179 } else 1180 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 1181 1182 if (dev_addr) 1183 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 1184 MAC2STR(sta->addr), MAC2STR(dev_addr)); 1185 else 1186 #endif /* CONFIG_P2P */ 1187 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 1188 1189 if (hapd->sta_authorized_cb) 1190 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 1191 sta->addr, authorized, dev_addr); 1192 1193 if (authorized) { 1194 char ip_addr[100]; 1195 ip_addr[0] = '\0'; 1196 #ifdef CONFIG_P2P 1197 if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { 1198 os_snprintf(ip_addr, sizeof(ip_addr), 1199 " ip_addr=%u.%u.%u.%u", 1200 ip_addr_buf[0], ip_addr_buf[1], 1201 ip_addr_buf[2], ip_addr_buf[3]); 1202 } 1203 #endif /* CONFIG_P2P */ 1204 1205 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s", 1206 buf, ip_addr); 1207 1208 if (hapd->msg_ctx_parent && 1209 hapd->msg_ctx_parent != hapd->msg_ctx) 1210 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 1211 AP_STA_CONNECTED "%s%s", 1212 buf, ip_addr); 1213 } else { 1214 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 1215 1216 if (hapd->msg_ctx_parent && 1217 hapd->msg_ctx_parent != hapd->msg_ctx) 1218 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 1219 AP_STA_DISCONNECTED "%s", buf); 1220 } 1221 1222 #ifdef CONFIG_FST 1223 if (hapd->iface->fst) { 1224 if (authorized) 1225 fst_notify_peer_connected(hapd->iface->fst, sta->addr); 1226 else 1227 fst_notify_peer_disconnected(hapd->iface->fst, 1228 sta->addr); 1229 } 1230 #endif /* CONFIG_FST */ 1231 } 1232 1233 1234 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 1235 const u8 *addr, u16 reason) 1236 { 1237 if (sta) 1238 wpa_printf(MSG_DEBUG, "%s: %s STA " MACSTR " reason=%u", 1239 hapd->conf->iface, __func__, MAC2STR(sta->addr), 1240 reason); 1241 else if (addr) 1242 wpa_printf(MSG_DEBUG, "%s: %s addr " MACSTR " reason=%u", 1243 hapd->conf->iface, __func__, MAC2STR(addr), 1244 reason); 1245 1246 if (sta == NULL && addr) 1247 sta = ap_get_sta(hapd, addr); 1248 1249 if (addr) 1250 hostapd_drv_sta_deauth(hapd, addr, reason); 1251 1252 if (sta == NULL) 1253 return; 1254 ap_sta_set_authorized(hapd, sta, 0); 1255 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 1256 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 1257 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 1258 wpa_printf(MSG_DEBUG, "%s: %s: reschedule ap_handle_timer timeout " 1259 "for " MACSTR " (%d seconds - " 1260 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 1261 hapd->conf->iface, __func__, MAC2STR(sta->addr), 1262 AP_MAX_INACTIVITY_AFTER_DEAUTH); 1263 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 1264 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 1265 ap_handle_timer, hapd, sta); 1266 sta->timeout_next = STA_REMOVE; 1267 1268 if (hapd->iface->current_mode && 1269 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 1270 /* Deauthentication is not used in DMG/IEEE 802.11ad; 1271 * disassociate the STA instead. */ 1272 sta->disassoc_reason = reason; 1273 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 1274 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1275 eloop_register_timeout(hapd->iface->drv_flags & 1276 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 1277 2 : 0, 0, ap_sta_disassoc_cb_timeout, 1278 hapd, sta); 1279 return; 1280 } 1281 1282 sta->deauth_reason = reason; 1283 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 1284 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1285 eloop_register_timeout(hapd->iface->drv_flags & 1286 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 1287 ap_sta_deauth_cb_timeout, hapd, sta); 1288 } 1289 1290 1291 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 1292 { 1293 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 1294 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 1295 return; 1296 } 1297 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 1298 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1299 ap_sta_deauth_cb_timeout(hapd, sta); 1300 } 1301 1302 1303 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 1304 { 1305 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 1306 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 1307 return; 1308 } 1309 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 1310 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1311 ap_sta_disassoc_cb_timeout(hapd, sta); 1312 } 1313 1314 1315 void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, 1316 struct sta_info *sta) 1317 { 1318 if (eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta) > 0) 1319 wpa_printf(MSG_DEBUG, 1320 "%s: Removed ap_sta_deauth_cb_timeout timeout for " 1321 MACSTR, 1322 hapd->conf->iface, MAC2STR(sta->addr)); 1323 if (eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta) > 0) 1324 wpa_printf(MSG_DEBUG, 1325 "%s: Removed ap_sta_disassoc_cb_timeout timeout for " 1326 MACSTR, 1327 hapd->conf->iface, MAC2STR(sta->addr)); 1328 if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0) 1329 { 1330 wpa_printf(MSG_DEBUG, 1331 "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for " 1332 MACSTR, 1333 hapd->conf->iface, MAC2STR(sta->addr)); 1334 if (sta->flags & WLAN_STA_WPS) 1335 hostapd_wps_eap_completed(hapd); 1336 } 1337 } 1338 1339 1340 int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) 1341 { 1342 int res; 1343 1344 buf[0] = '\0'; 1345 res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", 1346 (flags & WLAN_STA_AUTH ? "[AUTH]" : ""), 1347 (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""), 1348 (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""), 1349 (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" : 1350 ""), 1351 (flags & WLAN_STA_SHORT_PREAMBLE ? 1352 "[SHORT_PREAMBLE]" : ""), 1353 (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""), 1354 (flags & WLAN_STA_WMM ? "[WMM]" : ""), 1355 (flags & WLAN_STA_MFP ? "[MFP]" : ""), 1356 (flags & WLAN_STA_WPS ? "[WPS]" : ""), 1357 (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""), 1358 (flags & WLAN_STA_WDS ? "[WDS]" : ""), 1359 (flags & WLAN_STA_NONERP ? "[NonERP]" : ""), 1360 (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""), 1361 (flags & WLAN_STA_GAS ? "[GAS]" : ""), 1362 (flags & WLAN_STA_VHT ? "[VHT]" : ""), 1363 (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""), 1364 (flags & WLAN_STA_WNM_SLEEP_MODE ? 1365 "[WNM_SLEEP_MODE]" : "")); 1366 if (os_snprintf_error(buflen, res)) 1367 res = -1; 1368 1369 return res; 1370 } 1371 1372 1373 static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx) 1374 { 1375 struct hostapd_data *hapd = eloop_ctx; 1376 struct sta_info *sta = timeout_ctx; 1377 1378 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1379 "IEEE 802.1X: Scheduled disconnection of " MACSTR 1380 " after EAP-Failure", MAC2STR(sta->addr)); 1381 1382 ap_sta_disconnect(hapd, sta, sta->addr, 1383 WLAN_REASON_IEEE_802_1X_AUTH_FAILED); 1384 if (sta->flags & WLAN_STA_WPS) 1385 hostapd_wps_eap_completed(hapd); 1386 } 1387 1388 1389 void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 1390 struct sta_info *sta) 1391 { 1392 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1393 "IEEE 802.1X: Force disconnection of " MACSTR 1394 " after EAP-Failure in 10 ms", MAC2STR(sta->addr)); 1395 1396 /* 1397 * Add a small sleep to increase likelihood of previously requested 1398 * EAP-Failure TX getting out before this should the driver reorder 1399 * operations. 1400 */ 1401 eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta); 1402 eloop_register_timeout(0, 10000, ap_sta_delayed_1x_auth_fail_cb, 1403 hapd, sta); 1404 } 1405 1406 1407 int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 1408 struct sta_info *sta) 1409 { 1410 return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb, 1411 hapd, sta); 1412 } 1413