1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "utils/includes.h" 10 11 #include "utils/common.h" 12 #include "utils/eloop.h" 13 #include "common/ieee802_11_defs.h" 14 #include "common/wpa_ctrl.h" 15 #include "common/sae.h" 16 #include "radius/radius.h" 17 #include "radius/radius_client.h" 18 #include "p2p/p2p.h" 19 #include "hostapd.h" 20 #include "accounting.h" 21 #include "ieee802_1x.h" 22 #include "ieee802_11.h" 23 #include "ieee802_11_auth.h" 24 #include "wpa_auth.h" 25 #include "preauth_auth.h" 26 #include "ap_config.h" 27 #include "beacon.h" 28 #include "ap_mlme.h" 29 #include "vlan_init.h" 30 #include "p2p_hostapd.h" 31 #include "ap_drv_ops.h" 32 #include "gas_serv.h" 33 #include "sta_info.h" 34 35 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 36 struct sta_info *sta); 37 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 38 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 39 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 40 #ifdef CONFIG_IEEE80211W 41 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 42 #endif /* CONFIG_IEEE80211W */ 43 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 44 45 int ap_for_each_sta(struct hostapd_data *hapd, 46 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 47 void *ctx), 48 void *ctx) 49 { 50 struct sta_info *sta; 51 52 for (sta = hapd->sta_list; sta; sta = sta->next) { 53 if (cb(hapd, sta, ctx)) 54 return 1; 55 } 56 57 return 0; 58 } 59 60 61 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 62 { 63 struct sta_info *s; 64 65 s = hapd->sta_hash[STA_HASH(sta)]; 66 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 67 s = s->hnext; 68 return s; 69 } 70 71 72 #ifdef CONFIG_P2P 73 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) 74 { 75 struct sta_info *sta; 76 77 for (sta = hapd->sta_list; sta; sta = sta->next) { 78 const u8 *p2p_dev_addr; 79 80 if (sta->p2p_ie == NULL) 81 continue; 82 83 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 84 if (p2p_dev_addr == NULL) 85 continue; 86 87 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) 88 return sta; 89 } 90 91 return NULL; 92 } 93 #endif /* CONFIG_P2P */ 94 95 96 static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 97 { 98 struct sta_info *tmp; 99 100 if (hapd->sta_list == sta) { 101 hapd->sta_list = sta->next; 102 return; 103 } 104 105 tmp = hapd->sta_list; 106 while (tmp != NULL && tmp->next != sta) 107 tmp = tmp->next; 108 if (tmp == NULL) { 109 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 110 "list.", MAC2STR(sta->addr)); 111 } else 112 tmp->next = sta->next; 113 } 114 115 116 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 117 { 118 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 119 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 120 } 121 122 123 static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 124 { 125 struct sta_info *s; 126 127 s = hapd->sta_hash[STA_HASH(sta->addr)]; 128 if (s == NULL) return; 129 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 130 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 131 return; 132 } 133 134 while (s->hnext != NULL && 135 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 136 s = s->hnext; 137 if (s->hnext != NULL) 138 s->hnext = s->hnext->hnext; 139 else 140 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 141 " from hash table", MAC2STR(sta->addr)); 142 } 143 144 145 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 146 { 147 int set_beacon = 0; 148 149 accounting_sta_stop(hapd, sta); 150 151 /* just in case */ 152 ap_sta_set_authorized(hapd, sta, 0); 153 154 if (sta->flags & WLAN_STA_WDS) 155 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 156 157 if (!(sta->flags & WLAN_STA_PREAUTH)) 158 hostapd_drv_sta_remove(hapd, sta->addr); 159 160 ap_sta_hash_del(hapd, sta); 161 ap_sta_list_del(hapd, sta); 162 163 if (sta->aid > 0) 164 hapd->sta_aid[(sta->aid - 1) / 32] &= 165 ~BIT((sta->aid - 1) % 32); 166 167 hapd->num_sta--; 168 if (sta->nonerp_set) { 169 sta->nonerp_set = 0; 170 hapd->iface->num_sta_non_erp--; 171 if (hapd->iface->num_sta_non_erp == 0) 172 set_beacon++; 173 } 174 175 if (sta->no_short_slot_time_set) { 176 sta->no_short_slot_time_set = 0; 177 hapd->iface->num_sta_no_short_slot_time--; 178 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 179 && hapd->iface->num_sta_no_short_slot_time == 0) 180 set_beacon++; 181 } 182 183 if (sta->no_short_preamble_set) { 184 sta->no_short_preamble_set = 0; 185 hapd->iface->num_sta_no_short_preamble--; 186 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 187 && hapd->iface->num_sta_no_short_preamble == 0) 188 set_beacon++; 189 } 190 191 if (sta->no_ht_gf_set) { 192 sta->no_ht_gf_set = 0; 193 hapd->iface->num_sta_ht_no_gf--; 194 } 195 196 if (sta->no_ht_set) { 197 sta->no_ht_set = 0; 198 hapd->iface->num_sta_no_ht--; 199 } 200 201 if (sta->ht_20mhz_set) { 202 sta->ht_20mhz_set = 0; 203 hapd->iface->num_sta_ht_20mhz--; 204 } 205 206 #ifdef CONFIG_P2P 207 if (sta->no_p2p_set) { 208 sta->no_p2p_set = 0; 209 hapd->num_sta_no_p2p--; 210 if (hapd->num_sta_no_p2p == 0) 211 hostapd_p2p_non_p2p_sta_disconnected(hapd); 212 } 213 #endif /* CONFIG_P2P */ 214 215 #if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 216 if (hostapd_ht_operation_update(hapd->iface) > 0) 217 set_beacon++; 218 #endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 219 220 if (set_beacon) 221 ieee802_11_set_beacons(hapd->iface); 222 223 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 224 __func__, MAC2STR(sta->addr)); 225 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 226 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 227 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 228 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 229 230 ieee802_1x_free_station(sta); 231 wpa_auth_sta_deinit(sta->wpa_sm); 232 rsn_preauth_free_station(hapd, sta); 233 #ifndef CONFIG_NO_RADIUS 234 if (hapd->radius) 235 radius_client_flush_auth(hapd->radius, sta->addr); 236 #endif /* CONFIG_NO_RADIUS */ 237 238 os_free(sta->last_assoc_req); 239 os_free(sta->challenge); 240 241 #ifdef CONFIG_IEEE80211W 242 os_free(sta->sa_query_trans_id); 243 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 244 #endif /* CONFIG_IEEE80211W */ 245 246 #ifdef CONFIG_P2P 247 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 248 #endif /* CONFIG_P2P */ 249 250 #ifdef CONFIG_INTERWORKING 251 if (sta->gas_dialog) { 252 int i; 253 for (i = 0; i < GAS_DIALOG_MAX; i++) 254 gas_serv_dialog_clear(&sta->gas_dialog[i]); 255 os_free(sta->gas_dialog); 256 } 257 #endif /* CONFIG_INTERWORKING */ 258 259 wpabuf_free(sta->wps_ie); 260 wpabuf_free(sta->p2p_ie); 261 wpabuf_free(sta->hs20_ie); 262 263 os_free(sta->ht_capabilities); 264 os_free(sta->vht_capabilities); 265 hostapd_free_psk_list(sta->psk); 266 os_free(sta->identity); 267 os_free(sta->radius_cui); 268 269 #ifdef CONFIG_SAE 270 sae_clear_data(sta->sae); 271 os_free(sta->sae); 272 #endif /* CONFIG_SAE */ 273 274 os_free(sta); 275 } 276 277 278 void hostapd_free_stas(struct hostapd_data *hapd) 279 { 280 struct sta_info *sta, *prev; 281 282 sta = hapd->sta_list; 283 284 while (sta) { 285 prev = sta; 286 if (sta->flags & WLAN_STA_AUTH) { 287 mlme_deauthenticate_indication( 288 hapd, sta, WLAN_REASON_UNSPECIFIED); 289 } 290 sta = sta->next; 291 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 292 MAC2STR(prev->addr)); 293 ap_free_sta(hapd, prev); 294 } 295 } 296 297 298 /** 299 * ap_handle_timer - Per STA timer handler 300 * @eloop_ctx: struct hostapd_data * 301 * @timeout_ctx: struct sta_info * 302 * 303 * This function is called to check station activity and to remove inactive 304 * stations. 305 */ 306 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 307 { 308 struct hostapd_data *hapd = eloop_ctx; 309 struct sta_info *sta = timeout_ctx; 310 unsigned long next_time = 0; 311 int reason; 312 313 wpa_printf(MSG_DEBUG, "%s: " MACSTR " flags=0x%x timeout_next=%d", 314 __func__, MAC2STR(sta->addr), sta->flags, 315 sta->timeout_next); 316 if (sta->timeout_next == STA_REMOVE) { 317 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 318 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 319 "local deauth request"); 320 ap_free_sta(hapd, sta); 321 return; 322 } 323 324 if ((sta->flags & WLAN_STA_ASSOC) && 325 (sta->timeout_next == STA_NULLFUNC || 326 sta->timeout_next == STA_DISASSOC)) { 327 int inactive_sec; 328 /* 329 * Add random value to timeout so that we don't end up bouncing 330 * all stations at the same time if we have lots of associated 331 * stations that are idle (but keep re-associating). 332 */ 333 int fuzz = os_random() % 20; 334 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 335 if (inactive_sec == -1) { 336 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 337 "Check inactivity: Could not " 338 "get station info from kernel driver for " 339 MACSTR, MAC2STR(sta->addr)); 340 /* 341 * The driver may not support this functionality. 342 * Anyway, try again after the next inactivity timeout, 343 * but do not disconnect the station now. 344 */ 345 next_time = hapd->conf->ap_max_inactivity + fuzz; 346 } else if (inactive_sec < hapd->conf->ap_max_inactivity && 347 sta->flags & WLAN_STA_ASSOC) { 348 /* station activity detected; reset timeout state */ 349 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 350 "Station " MACSTR " has been active %is ago", 351 MAC2STR(sta->addr), inactive_sec); 352 sta->timeout_next = STA_NULLFUNC; 353 next_time = hapd->conf->ap_max_inactivity + fuzz - 354 inactive_sec; 355 } else { 356 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 357 "Station " MACSTR " has been " 358 "inactive too long: %d sec, max allowed: %d", 359 MAC2STR(sta->addr), inactive_sec, 360 hapd->conf->ap_max_inactivity); 361 362 if (hapd->conf->skip_inactivity_poll) 363 sta->timeout_next = STA_DISASSOC; 364 } 365 } 366 367 if ((sta->flags & WLAN_STA_ASSOC) && 368 sta->timeout_next == STA_DISASSOC && 369 !(sta->flags & WLAN_STA_PENDING_POLL) && 370 !hapd->conf->skip_inactivity_poll) { 371 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 372 " has ACKed data poll", MAC2STR(sta->addr)); 373 /* data nullfunc frame poll did not produce TX errors; assume 374 * station ACKed it */ 375 sta->timeout_next = STA_NULLFUNC; 376 next_time = hapd->conf->ap_max_inactivity; 377 } 378 379 if (next_time) { 380 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 381 "for " MACSTR " (%lu seconds)", 382 __func__, MAC2STR(sta->addr), next_time); 383 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 384 sta); 385 return; 386 } 387 388 if (sta->timeout_next == STA_NULLFUNC && 389 (sta->flags & WLAN_STA_ASSOC)) { 390 wpa_printf(MSG_DEBUG, " Polling STA"); 391 sta->flags |= WLAN_STA_PENDING_POLL; 392 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 393 sta->flags & WLAN_STA_WMM); 394 } else if (sta->timeout_next != STA_REMOVE) { 395 int deauth = sta->timeout_next == STA_DEAUTH; 396 397 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 398 "Timeout, sending %s info to STA " MACSTR, 399 deauth ? "deauthentication" : "disassociation", 400 MAC2STR(sta->addr)); 401 402 if (deauth) { 403 hostapd_drv_sta_deauth( 404 hapd, sta->addr, 405 WLAN_REASON_PREV_AUTH_NOT_VALID); 406 } else { 407 reason = (sta->timeout_next == STA_DISASSOC) ? 408 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 409 WLAN_REASON_PREV_AUTH_NOT_VALID; 410 411 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 412 } 413 } 414 415 switch (sta->timeout_next) { 416 case STA_NULLFUNC: 417 sta->timeout_next = STA_DISASSOC; 418 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 419 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 420 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 421 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 422 hapd, sta); 423 break; 424 case STA_DISASSOC: 425 case STA_DISASSOC_FROM_CLI: 426 ap_sta_set_authorized(hapd, sta, 0); 427 sta->flags &= ~WLAN_STA_ASSOC; 428 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 429 if (!sta->acct_terminate_cause) 430 sta->acct_terminate_cause = 431 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 432 accounting_sta_stop(hapd, sta); 433 ieee802_1x_free_station(sta); 434 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 435 HOSTAPD_LEVEL_INFO, "disassociated due to " 436 "inactivity"); 437 reason = (sta->timeout_next == STA_DISASSOC) ? 438 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 439 WLAN_REASON_PREV_AUTH_NOT_VALID; 440 sta->timeout_next = STA_DEAUTH; 441 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 442 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 443 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 444 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 445 hapd, sta); 446 mlme_disassociate_indication(hapd, sta, reason); 447 break; 448 case STA_DEAUTH: 449 case STA_REMOVE: 450 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 451 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 452 "inactivity (timer DEAUTH/REMOVE)"); 453 if (!sta->acct_terminate_cause) 454 sta->acct_terminate_cause = 455 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 456 mlme_deauthenticate_indication( 457 hapd, sta, 458 WLAN_REASON_PREV_AUTH_NOT_VALID); 459 ap_free_sta(hapd, sta); 460 break; 461 } 462 } 463 464 465 static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 466 { 467 struct hostapd_data *hapd = eloop_ctx; 468 struct sta_info *sta = timeout_ctx; 469 u8 addr[ETH_ALEN]; 470 471 if (!(sta->flags & WLAN_STA_AUTH)) { 472 if (sta->flags & WLAN_STA_GAS) { 473 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 474 "entry " MACSTR, MAC2STR(sta->addr)); 475 ap_free_sta(hapd, sta); 476 } 477 return; 478 } 479 480 mlme_deauthenticate_indication(hapd, sta, 481 WLAN_REASON_PREV_AUTH_NOT_VALID); 482 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 483 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 484 "session timeout"); 485 sta->acct_terminate_cause = 486 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 487 os_memcpy(addr, sta->addr, ETH_ALEN); 488 ap_free_sta(hapd, sta); 489 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); 490 } 491 492 493 void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, 494 u32 session_timeout) 495 { 496 if (eloop_replenish_timeout(session_timeout, 0, 497 ap_handle_session_timer, hapd, sta) == 1) { 498 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 499 HOSTAPD_LEVEL_DEBUG, "setting session timeout " 500 "to %d seconds", session_timeout); 501 } 502 } 503 504 505 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 506 u32 session_timeout) 507 { 508 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 509 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 510 "seconds", session_timeout); 511 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 512 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 513 hapd, sta); 514 } 515 516 517 void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 518 { 519 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 520 } 521 522 523 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 524 { 525 struct sta_info *sta; 526 527 sta = ap_get_sta(hapd, addr); 528 if (sta) 529 return sta; 530 531 wpa_printf(MSG_DEBUG, " New STA"); 532 if (hapd->num_sta >= hapd->conf->max_num_sta) { 533 /* FIX: might try to remove some old STAs first? */ 534 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 535 hapd->num_sta, hapd->conf->max_num_sta); 536 return NULL; 537 } 538 539 sta = os_zalloc(sizeof(struct sta_info)); 540 if (sta == NULL) { 541 wpa_printf(MSG_ERROR, "malloc failed"); 542 return NULL; 543 } 544 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 545 accounting_sta_get_id(hapd, sta); 546 547 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 548 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 549 "for " MACSTR " (%d seconds - ap_max_inactivity)", 550 __func__, MAC2STR(addr), 551 hapd->conf->ap_max_inactivity); 552 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 553 ap_handle_timer, hapd, sta); 554 } 555 556 /* initialize STA info data */ 557 os_memcpy(sta->addr, addr, ETH_ALEN); 558 sta->next = hapd->sta_list; 559 hapd->sta_list = sta; 560 hapd->num_sta++; 561 ap_sta_hash_add(hapd, sta); 562 sta->ssid = &hapd->conf->ssid; 563 ap_sta_remove_in_other_bss(hapd, sta); 564 565 return sta; 566 } 567 568 569 static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 570 { 571 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 572 573 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver", 574 MAC2STR(sta->addr)); 575 if (hostapd_drv_sta_remove(hapd, sta->addr) && 576 sta->flags & WLAN_STA_ASSOC) { 577 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR 578 " from kernel driver.", MAC2STR(sta->addr)); 579 return -1; 580 } 581 return 0; 582 } 583 584 585 static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 586 struct sta_info *sta) 587 { 588 struct hostapd_iface *iface = hapd->iface; 589 size_t i; 590 591 for (i = 0; i < iface->num_bss; i++) { 592 struct hostapd_data *bss = iface->bss[i]; 593 struct sta_info *sta2; 594 /* bss should always be set during operation, but it may be 595 * NULL during reconfiguration. Assume the STA is not 596 * associated to another BSS in that case to avoid NULL pointer 597 * dereferences. */ 598 if (bss == hapd || bss == NULL) 599 continue; 600 sta2 = ap_get_sta(bss, sta->addr); 601 if (!sta2) 602 continue; 603 604 ap_sta_disconnect(bss, sta2, sta2->addr, 605 WLAN_REASON_PREV_AUTH_NOT_VALID); 606 } 607 } 608 609 610 static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 611 { 612 struct hostapd_data *hapd = eloop_ctx; 613 struct sta_info *sta = timeout_ctx; 614 615 ap_sta_remove(hapd, sta); 616 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 617 } 618 619 620 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 621 u16 reason) 622 { 623 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 624 hapd->conf->iface, MAC2STR(sta->addr)); 625 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 626 ap_sta_set_authorized(hapd, sta, 0); 627 sta->timeout_next = STA_DEAUTH; 628 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 629 "for " MACSTR " (%d seconds - " 630 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 631 __func__, MAC2STR(sta->addr), 632 AP_MAX_INACTIVITY_AFTER_DISASSOC); 633 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 634 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 635 ap_handle_timer, hapd, sta); 636 accounting_sta_stop(hapd, sta); 637 ieee802_1x_free_station(sta); 638 639 sta->disassoc_reason = reason; 640 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 641 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 642 eloop_register_timeout(hapd->iface->drv_flags & 643 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 644 ap_sta_disassoc_cb_timeout, hapd, sta); 645 } 646 647 648 static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 649 { 650 struct hostapd_data *hapd = eloop_ctx; 651 struct sta_info *sta = timeout_ctx; 652 653 ap_sta_remove(hapd, sta); 654 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 655 } 656 657 658 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 659 u16 reason) 660 { 661 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 662 hapd->conf->iface, MAC2STR(sta->addr)); 663 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 664 ap_sta_set_authorized(hapd, sta, 0); 665 sta->timeout_next = STA_REMOVE; 666 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 667 "for " MACSTR " (%d seconds - " 668 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 669 __func__, MAC2STR(sta->addr), 670 AP_MAX_INACTIVITY_AFTER_DEAUTH); 671 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 672 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 673 ap_handle_timer, hapd, sta); 674 accounting_sta_stop(hapd, sta); 675 ieee802_1x_free_station(sta); 676 677 sta->deauth_reason = reason; 678 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 679 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 680 eloop_register_timeout(hapd->iface->drv_flags & 681 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 682 ap_sta_deauth_cb_timeout, hapd, sta); 683 } 684 685 686 #ifdef CONFIG_WPS 687 int ap_sta_wps_cancel(struct hostapd_data *hapd, 688 struct sta_info *sta, void *ctx) 689 { 690 if (sta && (sta->flags & WLAN_STA_WPS)) { 691 ap_sta_deauthenticate(hapd, sta, 692 WLAN_REASON_PREV_AUTH_NOT_VALID); 693 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 694 __func__, MAC2STR(sta->addr)); 695 return 1; 696 } 697 698 return 0; 699 } 700 #endif /* CONFIG_WPS */ 701 702 703 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, 704 int old_vlanid) 705 { 706 #ifndef CONFIG_NO_VLAN 707 const char *iface; 708 struct hostapd_vlan *vlan = NULL; 709 int ret; 710 711 /* 712 * Do not proceed furthur if the vlan id remains same. We do not want 713 * duplicate dynamic vlan entries. 714 */ 715 if (sta->vlan_id == old_vlanid) 716 return 0; 717 718 /* 719 * During 1x reauth, if the vlan id changes, then remove the old id and 720 * proceed furthur to add the new one. 721 */ 722 if (old_vlanid > 0) 723 vlan_remove_dynamic(hapd, old_vlanid); 724 725 iface = hapd->conf->iface; 726 if (sta->ssid->vlan[0]) 727 iface = sta->ssid->vlan; 728 729 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) 730 sta->vlan_id = 0; 731 else if (sta->vlan_id > 0) { 732 struct hostapd_vlan *wildcard_vlan = NULL; 733 vlan = hapd->conf->vlan; 734 while (vlan) { 735 if (vlan->vlan_id == sta->vlan_id) 736 break; 737 if (vlan->vlan_id == VLAN_ID_WILDCARD) 738 wildcard_vlan = vlan; 739 vlan = vlan->next; 740 } 741 if (!vlan) 742 vlan = wildcard_vlan; 743 if (vlan) 744 iface = vlan->ifname; 745 } 746 747 if (sta->vlan_id > 0 && vlan == NULL) { 748 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 749 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 750 "binding station to (vlan_id=%d)", 751 sta->vlan_id); 752 return -1; 753 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { 754 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); 755 if (vlan == NULL) { 756 hostapd_logger(hapd, sta->addr, 757 HOSTAPD_MODULE_IEEE80211, 758 HOSTAPD_LEVEL_DEBUG, "could not add " 759 "dynamic VLAN interface for vlan_id=%d", 760 sta->vlan_id); 761 return -1; 762 } 763 764 iface = vlan->ifname; 765 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 766 hostapd_logger(hapd, sta->addr, 767 HOSTAPD_MODULE_IEEE80211, 768 HOSTAPD_LEVEL_DEBUG, "could not " 769 "configure encryption for dynamic VLAN " 770 "interface for vlan_id=%d", 771 sta->vlan_id); 772 } 773 774 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 775 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " 776 "interface '%s'", iface); 777 } else if (vlan && vlan->vlan_id == sta->vlan_id) { 778 if (sta->vlan_id > 0) { 779 vlan->dynamic_vlan++; 780 hostapd_logger(hapd, sta->addr, 781 HOSTAPD_MODULE_IEEE80211, 782 HOSTAPD_LEVEL_DEBUG, "updated existing " 783 "dynamic VLAN interface '%s'", iface); 784 } 785 786 /* 787 * Update encryption configuration for statically generated 788 * VLAN interface. This is only used for static WEP 789 * configuration for the case where hostapd did not yet know 790 * which keys are to be used when the interface was added. 791 */ 792 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 793 hostapd_logger(hapd, sta->addr, 794 HOSTAPD_MODULE_IEEE80211, 795 HOSTAPD_LEVEL_DEBUG, "could not " 796 "configure encryption for VLAN " 797 "interface for vlan_id=%d", 798 sta->vlan_id); 799 } 800 } 801 802 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 803 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 804 "'%s'", iface); 805 806 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 807 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 808 809 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 810 if (ret < 0) { 811 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 812 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 813 "entry to vlan_id=%d", sta->vlan_id); 814 } 815 return ret; 816 #else /* CONFIG_NO_VLAN */ 817 return 0; 818 #endif /* CONFIG_NO_VLAN */ 819 } 820 821 822 #ifdef CONFIG_IEEE80211W 823 824 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 825 { 826 u32 tu; 827 struct os_reltime now, passed; 828 os_get_reltime(&now); 829 os_reltime_sub(&now, &sta->sa_query_start, &passed); 830 tu = (passed.sec * 1000000 + passed.usec) / 1024; 831 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 832 hostapd_logger(hapd, sta->addr, 833 HOSTAPD_MODULE_IEEE80211, 834 HOSTAPD_LEVEL_DEBUG, 835 "association SA Query timed out"); 836 sta->sa_query_timed_out = 1; 837 os_free(sta->sa_query_trans_id); 838 sta->sa_query_trans_id = NULL; 839 sta->sa_query_count = 0; 840 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 841 return 1; 842 } 843 844 return 0; 845 } 846 847 848 static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 849 { 850 struct hostapd_data *hapd = eloop_ctx; 851 struct sta_info *sta = timeout_ctx; 852 unsigned int timeout, sec, usec; 853 u8 *trans_id, *nbuf; 854 855 if (sta->sa_query_count > 0 && 856 ap_check_sa_query_timeout(hapd, sta)) 857 return; 858 859 nbuf = os_realloc_array(sta->sa_query_trans_id, 860 sta->sa_query_count + 1, 861 WLAN_SA_QUERY_TR_ID_LEN); 862 if (nbuf == NULL) 863 return; 864 if (sta->sa_query_count == 0) { 865 /* Starting a new SA Query procedure */ 866 os_get_reltime(&sta->sa_query_start); 867 } 868 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 869 sta->sa_query_trans_id = nbuf; 870 sta->sa_query_count++; 871 872 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); 873 874 timeout = hapd->conf->assoc_sa_query_retry_timeout; 875 sec = ((timeout / 1000) * 1024) / 1000; 876 usec = (timeout % 1000) * 1024; 877 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 878 879 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 880 HOSTAPD_LEVEL_DEBUG, 881 "association SA Query attempt %d", sta->sa_query_count); 882 883 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 884 } 885 886 887 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 888 { 889 ap_sa_query_timer(hapd, sta); 890 } 891 892 893 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 894 { 895 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 896 os_free(sta->sa_query_trans_id); 897 sta->sa_query_trans_id = NULL; 898 sta->sa_query_count = 0; 899 } 900 901 #endif /* CONFIG_IEEE80211W */ 902 903 904 void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 905 int authorized) 906 { 907 const u8 *dev_addr = NULL; 908 char buf[100]; 909 #ifdef CONFIG_P2P 910 u8 addr[ETH_ALEN]; 911 u8 ip_addr_buf[4]; 912 #endif /* CONFIG_P2P */ 913 914 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 915 return; 916 917 #ifdef CONFIG_P2P 918 if (hapd->p2p_group == NULL) { 919 if (sta->p2p_ie != NULL && 920 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 921 dev_addr = addr; 922 } else 923 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 924 #endif /* CONFIG_P2P */ 925 926 if (dev_addr) 927 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 928 MAC2STR(sta->addr), MAC2STR(dev_addr)); 929 else 930 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 931 932 if (authorized) { 933 char ip_addr[100]; 934 ip_addr[0] = '\0'; 935 #ifdef CONFIG_P2P 936 if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { 937 os_snprintf(ip_addr, sizeof(ip_addr), 938 " ip_addr=%u.%u.%u.%u", 939 ip_addr_buf[0], ip_addr_buf[1], 940 ip_addr_buf[2], ip_addr_buf[3]); 941 } 942 #endif /* CONFIG_P2P */ 943 944 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s", 945 buf, ip_addr); 946 947 if (hapd->msg_ctx_parent && 948 hapd->msg_ctx_parent != hapd->msg_ctx) 949 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 950 AP_STA_CONNECTED "%s%s", 951 buf, ip_addr); 952 953 sta->flags |= WLAN_STA_AUTHORIZED; 954 } else { 955 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 956 957 if (hapd->msg_ctx_parent && 958 hapd->msg_ctx_parent != hapd->msg_ctx) 959 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 960 AP_STA_DISCONNECTED "%s", buf); 961 962 sta->flags &= ~WLAN_STA_AUTHORIZED; 963 } 964 965 if (hapd->sta_authorized_cb) 966 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 967 sta->addr, authorized, dev_addr); 968 } 969 970 971 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 972 const u8 *addr, u16 reason) 973 { 974 975 if (sta == NULL && addr) 976 sta = ap_get_sta(hapd, addr); 977 978 if (addr) 979 hostapd_drv_sta_deauth(hapd, addr, reason); 980 981 if (sta == NULL) 982 return; 983 ap_sta_set_authorized(hapd, sta, 0); 984 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 985 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 986 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 987 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 988 "for " MACSTR " (%d seconds - " 989 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 990 __func__, MAC2STR(sta->addr), 991 AP_MAX_INACTIVITY_AFTER_DEAUTH); 992 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 993 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 994 ap_handle_timer, hapd, sta); 995 sta->timeout_next = STA_REMOVE; 996 997 sta->deauth_reason = reason; 998 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 999 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1000 eloop_register_timeout(hapd->iface->drv_flags & 1001 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 1002 ap_sta_deauth_cb_timeout, hapd, sta); 1003 } 1004 1005 1006 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 1007 { 1008 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 1009 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 1010 return; 1011 } 1012 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 1013 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1014 ap_sta_deauth_cb_timeout(hapd, sta); 1015 } 1016 1017 1018 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 1019 { 1020 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 1021 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 1022 return; 1023 } 1024 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 1025 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1026 ap_sta_disassoc_cb_timeout(hapd, sta); 1027 } 1028 1029 1030 int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) 1031 { 1032 int res; 1033 1034 buf[0] = '\0'; 1035 res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", 1036 (flags & WLAN_STA_AUTH ? "[AUTH]" : ""), 1037 (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""), 1038 (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""), 1039 (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" : 1040 ""), 1041 (flags & WLAN_STA_SHORT_PREAMBLE ? 1042 "[SHORT_PREAMBLE]" : ""), 1043 (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""), 1044 (flags & WLAN_STA_WMM ? "[WMM]" : ""), 1045 (flags & WLAN_STA_MFP ? "[MFP]" : ""), 1046 (flags & WLAN_STA_WPS ? "[WPS]" : ""), 1047 (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""), 1048 (flags & WLAN_STA_WDS ? "[WDS]" : ""), 1049 (flags & WLAN_STA_NONERP ? "[NonERP]" : ""), 1050 (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""), 1051 (flags & WLAN_STA_GAS ? "[GAS]" : ""), 1052 (flags & WLAN_STA_VHT ? "[VHT]" : ""), 1053 (flags & WLAN_STA_WNM_SLEEP_MODE ? 1054 "[WNM_SLEEP_MODE]" : "")); 1055 1056 return res; 1057 } 1058