sta_info.c revision 01904cfafd75a70b9f29c0220b90bdef45595491
1/* 2 * hostapd / Station table 3 * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "utils/includes.h" 10 11#include "utils/common.h" 12#include "utils/eloop.h" 13#include "common/ieee802_11_defs.h" 14#include "common/wpa_ctrl.h" 15#include "common/sae.h" 16#include "radius/radius.h" 17#include "radius/radius_client.h" 18#include "drivers/driver.h" 19#include "p2p/p2p.h" 20#include "hostapd.h" 21#include "accounting.h" 22#include "ieee802_1x.h" 23#include "ieee802_11.h" 24#include "ieee802_11_auth.h" 25#include "wpa_auth.h" 26#include "preauth_auth.h" 27#include "ap_config.h" 28#include "beacon.h" 29#include "ap_mlme.h" 30#include "vlan_init.h" 31#include "p2p_hostapd.h" 32#include "ap_drv_ops.h" 33#include "gas_serv.h" 34#include "sta_info.h" 35 36static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 37 struct sta_info *sta); 38static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 39static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 40static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 41#ifdef CONFIG_IEEE80211W 42static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 43#endif /* CONFIG_IEEE80211W */ 44static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 45 46int ap_for_each_sta(struct hostapd_data *hapd, 47 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 48 void *ctx), 49 void *ctx) 50{ 51 struct sta_info *sta; 52 53 for (sta = hapd->sta_list; sta; sta = sta->next) { 54 if (cb(hapd, sta, ctx)) 55 return 1; 56 } 57 58 return 0; 59} 60 61 62struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 63{ 64 struct sta_info *s; 65 66 s = hapd->sta_hash[STA_HASH(sta)]; 67 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 68 s = s->hnext; 69 return s; 70} 71 72 73#ifdef CONFIG_P2P 74struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) 75{ 76 struct sta_info *sta; 77 78 for (sta = hapd->sta_list; sta; sta = sta->next) { 79 const u8 *p2p_dev_addr; 80 81 if (sta->p2p_ie == NULL) 82 continue; 83 84 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 85 if (p2p_dev_addr == NULL) 86 continue; 87 88 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) 89 return sta; 90 } 91 92 return NULL; 93} 94#endif /* CONFIG_P2P */ 95 96 97static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 98{ 99 struct sta_info *tmp; 100 101 if (hapd->sta_list == sta) { 102 hapd->sta_list = sta->next; 103 return; 104 } 105 106 tmp = hapd->sta_list; 107 while (tmp != NULL && tmp->next != sta) 108 tmp = tmp->next; 109 if (tmp == NULL) { 110 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 111 "list.", MAC2STR(sta->addr)); 112 } else 113 tmp->next = sta->next; 114} 115 116 117void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 118{ 119 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 120 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 121} 122 123 124static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 125{ 126 struct sta_info *s; 127 128 s = hapd->sta_hash[STA_HASH(sta->addr)]; 129 if (s == NULL) return; 130 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 131 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 132 return; 133 } 134 135 while (s->hnext != NULL && 136 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 137 s = s->hnext; 138 if (s->hnext != NULL) 139 s->hnext = s->hnext->hnext; 140 else 141 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 142 " from hash table", MAC2STR(sta->addr)); 143} 144 145 146void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 147{ 148 int set_beacon = 0; 149 150 accounting_sta_stop(hapd, sta); 151 152 /* just in case */ 153 ap_sta_set_authorized(hapd, sta, 0); 154 155 if (sta->flags & WLAN_STA_WDS) 156 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 157 158 if (!(sta->flags & WLAN_STA_PREAUTH)) 159 hostapd_drv_sta_remove(hapd, sta->addr); 160 161 ap_sta_hash_del(hapd, sta); 162 ap_sta_list_del(hapd, sta); 163 164 if (sta->aid > 0) 165 hapd->sta_aid[(sta->aid - 1) / 32] &= 166 ~BIT((sta->aid - 1) % 32); 167 168 hapd->num_sta--; 169 if (sta->nonerp_set) { 170 sta->nonerp_set = 0; 171 hapd->iface->num_sta_non_erp--; 172 if (hapd->iface->num_sta_non_erp == 0) 173 set_beacon++; 174 } 175 176 if (sta->no_short_slot_time_set) { 177 sta->no_short_slot_time_set = 0; 178 hapd->iface->num_sta_no_short_slot_time--; 179 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 180 && hapd->iface->num_sta_no_short_slot_time == 0) 181 set_beacon++; 182 } 183 184 if (sta->no_short_preamble_set) { 185 sta->no_short_preamble_set = 0; 186 hapd->iface->num_sta_no_short_preamble--; 187 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 188 && hapd->iface->num_sta_no_short_preamble == 0) 189 set_beacon++; 190 } 191 192 if (sta->no_ht_gf_set) { 193 sta->no_ht_gf_set = 0; 194 hapd->iface->num_sta_ht_no_gf--; 195 } 196 197 if (sta->no_ht_set) { 198 sta->no_ht_set = 0; 199 hapd->iface->num_sta_no_ht--; 200 } 201 202 if (sta->ht_20mhz_set) { 203 sta->ht_20mhz_set = 0; 204 hapd->iface->num_sta_ht_20mhz--; 205 } 206 207#ifdef CONFIG_P2P 208 if (sta->no_p2p_set) { 209 sta->no_p2p_set = 0; 210 hapd->num_sta_no_p2p--; 211 if (hapd->num_sta_no_p2p == 0) 212 hostapd_p2p_non_p2p_sta_disconnected(hapd); 213 } 214#endif /* CONFIG_P2P */ 215 216#if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 217 if (hostapd_ht_operation_update(hapd->iface) > 0) 218 set_beacon++; 219#endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 220 221 if (set_beacon) 222 ieee802_11_set_beacons(hapd->iface); 223 224 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 225 __func__, MAC2STR(sta->addr)); 226 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 227 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 228 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 229 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 230 231 ieee802_1x_free_station(sta); 232 wpa_auth_sta_deinit(sta->wpa_sm); 233 rsn_preauth_free_station(hapd, sta); 234#ifndef CONFIG_NO_RADIUS 235 if (hapd->radius) 236 radius_client_flush_auth(hapd->radius, sta->addr); 237#endif /* CONFIG_NO_RADIUS */ 238 239 os_free(sta->last_assoc_req); 240 os_free(sta->challenge); 241 242#ifdef CONFIG_IEEE80211W 243 os_free(sta->sa_query_trans_id); 244 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 245#endif /* CONFIG_IEEE80211W */ 246 247#ifdef CONFIG_P2P 248 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 249#endif /* CONFIG_P2P */ 250 251#ifdef CONFIG_INTERWORKING 252 if (sta->gas_dialog) { 253 int i; 254 for (i = 0; i < GAS_DIALOG_MAX; i++) 255 gas_serv_dialog_clear(&sta->gas_dialog[i]); 256 os_free(sta->gas_dialog); 257 } 258#endif /* CONFIG_INTERWORKING */ 259 260 wpabuf_free(sta->wps_ie); 261 wpabuf_free(sta->p2p_ie); 262 wpabuf_free(sta->hs20_ie); 263 264 os_free(sta->ht_capabilities); 265 os_free(sta->vht_capabilities); 266 hostapd_free_psk_list(sta->psk); 267 os_free(sta->identity); 268 os_free(sta->radius_cui); 269 270#ifdef CONFIG_SAE 271 sae_clear_data(sta->sae); 272 os_free(sta->sae); 273#endif /* CONFIG_SAE */ 274 275 os_free(sta); 276} 277 278 279void hostapd_free_stas(struct hostapd_data *hapd) 280{ 281 struct sta_info *sta, *prev; 282 283 sta = hapd->sta_list; 284 285 while (sta) { 286 prev = sta; 287 if (sta->flags & WLAN_STA_AUTH) { 288 mlme_deauthenticate_indication( 289 hapd, sta, WLAN_REASON_UNSPECIFIED); 290 } 291 sta = sta->next; 292 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 293 MAC2STR(prev->addr)); 294 ap_free_sta(hapd, prev); 295 } 296} 297 298 299/** 300 * ap_handle_timer - Per STA timer handler 301 * @eloop_ctx: struct hostapd_data * 302 * @timeout_ctx: struct sta_info * 303 * 304 * This function is called to check station activity and to remove inactive 305 * stations. 306 */ 307void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 308{ 309 struct hostapd_data *hapd = eloop_ctx; 310 struct sta_info *sta = timeout_ctx; 311 unsigned long next_time = 0; 312 int reason; 313 314 wpa_printf(MSG_DEBUG, "%s: " MACSTR " flags=0x%x timeout_next=%d", 315 __func__, MAC2STR(sta->addr), sta->flags, 316 sta->timeout_next); 317 if (sta->timeout_next == STA_REMOVE) { 318 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 319 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 320 "local deauth request"); 321 ap_free_sta(hapd, sta); 322 return; 323 } 324 325 if ((sta->flags & WLAN_STA_ASSOC) && 326 (sta->timeout_next == STA_NULLFUNC || 327 sta->timeout_next == STA_DISASSOC)) { 328 int inactive_sec; 329 /* 330 * Add random value to timeout so that we don't end up bouncing 331 * all stations at the same time if we have lots of associated 332 * stations that are idle (but keep re-associating). 333 */ 334 int fuzz = os_random() % 20; 335 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 336 if (inactive_sec == -1) { 337 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 338 "Check inactivity: Could not " 339 "get station info from kernel driver for " 340 MACSTR, MAC2STR(sta->addr)); 341 /* 342 * The driver may not support this functionality. 343 * Anyway, try again after the next inactivity timeout, 344 * but do not disconnect the station now. 345 */ 346 next_time = hapd->conf->ap_max_inactivity + fuzz; 347 } else if (inactive_sec < hapd->conf->ap_max_inactivity && 348 sta->flags & WLAN_STA_ASSOC) { 349 /* station activity detected; reset timeout state */ 350 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 351 "Station " MACSTR " has been active %is ago", 352 MAC2STR(sta->addr), inactive_sec); 353 sta->timeout_next = STA_NULLFUNC; 354 next_time = hapd->conf->ap_max_inactivity + fuzz - 355 inactive_sec; 356 } else { 357 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 358 "Station " MACSTR " has been " 359 "inactive too long: %d sec, max allowed: %d", 360 MAC2STR(sta->addr), inactive_sec, 361 hapd->conf->ap_max_inactivity); 362 363 if (hapd->conf->skip_inactivity_poll) 364 sta->timeout_next = STA_DISASSOC; 365 } 366 } 367 368 if ((sta->flags & WLAN_STA_ASSOC) && 369 sta->timeout_next == STA_DISASSOC && 370 !(sta->flags & WLAN_STA_PENDING_POLL) && 371 !hapd->conf->skip_inactivity_poll) { 372 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 373 " has ACKed data poll", MAC2STR(sta->addr)); 374 /* data nullfunc frame poll did not produce TX errors; assume 375 * station ACKed it */ 376 sta->timeout_next = STA_NULLFUNC; 377 next_time = hapd->conf->ap_max_inactivity; 378 } 379 380 if (next_time) { 381 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 382 "for " MACSTR " (%lu seconds)", 383 __func__, MAC2STR(sta->addr), next_time); 384 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 385 sta); 386 return; 387 } 388 389 if (sta->timeout_next == STA_NULLFUNC && 390 (sta->flags & WLAN_STA_ASSOC)) { 391 wpa_printf(MSG_DEBUG, " Polling STA"); 392 sta->flags |= WLAN_STA_PENDING_POLL; 393 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 394 sta->flags & WLAN_STA_WMM); 395 } else if (sta->timeout_next != STA_REMOVE) { 396 int deauth = sta->timeout_next == STA_DEAUTH; 397 398 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 399 "Timeout, sending %s info to STA " MACSTR, 400 deauth ? "deauthentication" : "disassociation", 401 MAC2STR(sta->addr)); 402 403 if (deauth) { 404 hostapd_drv_sta_deauth( 405 hapd, sta->addr, 406 WLAN_REASON_PREV_AUTH_NOT_VALID); 407 } else { 408 reason = (sta->timeout_next == STA_DISASSOC) ? 409 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 410 WLAN_REASON_PREV_AUTH_NOT_VALID; 411 412 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 413 } 414 } 415 416 switch (sta->timeout_next) { 417 case STA_NULLFUNC: 418 sta->timeout_next = STA_DISASSOC; 419 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 420 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 421 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 422 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 423 hapd, sta); 424 break; 425 case STA_DISASSOC: 426 case STA_DISASSOC_FROM_CLI: 427 ap_sta_set_authorized(hapd, sta, 0); 428 sta->flags &= ~WLAN_STA_ASSOC; 429 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 430 if (!sta->acct_terminate_cause) 431 sta->acct_terminate_cause = 432 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 433 accounting_sta_stop(hapd, sta); 434 ieee802_1x_free_station(sta); 435 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 436 HOSTAPD_LEVEL_INFO, "disassociated due to " 437 "inactivity"); 438 reason = (sta->timeout_next == STA_DISASSOC) ? 439 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 440 WLAN_REASON_PREV_AUTH_NOT_VALID; 441 sta->timeout_next = STA_DEAUTH; 442 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 443 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 444 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 445 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 446 hapd, sta); 447 mlme_disassociate_indication(hapd, sta, reason); 448 break; 449 case STA_DEAUTH: 450 case STA_REMOVE: 451 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 452 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 453 "inactivity (timer DEAUTH/REMOVE)"); 454 if (!sta->acct_terminate_cause) 455 sta->acct_terminate_cause = 456 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 457 mlme_deauthenticate_indication( 458 hapd, sta, 459 WLAN_REASON_PREV_AUTH_NOT_VALID); 460 ap_free_sta(hapd, sta); 461 break; 462 } 463} 464 465 466static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 467{ 468 struct hostapd_data *hapd = eloop_ctx; 469 struct sta_info *sta = timeout_ctx; 470 u8 addr[ETH_ALEN]; 471 472 if (!(sta->flags & WLAN_STA_AUTH)) { 473 if (sta->flags & WLAN_STA_GAS) { 474 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 475 "entry " MACSTR, MAC2STR(sta->addr)); 476 ap_free_sta(hapd, sta); 477 } 478 return; 479 } 480 481 mlme_deauthenticate_indication(hapd, sta, 482 WLAN_REASON_PREV_AUTH_NOT_VALID); 483 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 484 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 485 "session timeout"); 486 sta->acct_terminate_cause = 487 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 488 os_memcpy(addr, sta->addr, ETH_ALEN); 489 ap_free_sta(hapd, sta); 490 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); 491} 492 493 494void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, 495 u32 session_timeout) 496{ 497 if (eloop_replenish_timeout(session_timeout, 0, 498 ap_handle_session_timer, hapd, sta)) { 499 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 500 HOSTAPD_LEVEL_DEBUG, "setting session timeout " 501 "to %d seconds", session_timeout); 502 } 503} 504 505 506void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 507 u32 session_timeout) 508{ 509 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 510 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 511 "seconds", session_timeout); 512 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 513 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 514 hapd, sta); 515} 516 517 518void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 519{ 520 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 521} 522 523 524struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 525{ 526 struct sta_info *sta; 527 528 sta = ap_get_sta(hapd, addr); 529 if (sta) 530 return sta; 531 532 wpa_printf(MSG_DEBUG, " New STA"); 533 if (hapd->num_sta >= hapd->conf->max_num_sta) { 534 /* FIX: might try to remove some old STAs first? */ 535 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 536 hapd->num_sta, hapd->conf->max_num_sta); 537 return NULL; 538 } 539 540 sta = os_zalloc(sizeof(struct sta_info)); 541 if (sta == NULL) { 542 wpa_printf(MSG_ERROR, "malloc failed"); 543 return NULL; 544 } 545 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 546 accounting_sta_get_id(hapd, sta); 547 548 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 549 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 550 "for " MACSTR " (%d seconds - ap_max_inactivity)", 551 __func__, MAC2STR(addr), 552 hapd->conf->ap_max_inactivity); 553 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 554 ap_handle_timer, hapd, sta); 555 } 556 557 /* initialize STA info data */ 558 os_memcpy(sta->addr, addr, ETH_ALEN); 559 sta->next = hapd->sta_list; 560 hapd->sta_list = sta; 561 hapd->num_sta++; 562 ap_sta_hash_add(hapd, sta); 563 sta->ssid = &hapd->conf->ssid; 564 ap_sta_remove_in_other_bss(hapd, sta); 565 566 return sta; 567} 568 569 570static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 571{ 572 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 573 574 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver", 575 MAC2STR(sta->addr)); 576 if (hostapd_drv_sta_remove(hapd, sta->addr) && 577 sta->flags & WLAN_STA_ASSOC) { 578 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR 579 " from kernel driver.", MAC2STR(sta->addr)); 580 return -1; 581 } 582 return 0; 583} 584 585 586static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 587 struct sta_info *sta) 588{ 589 struct hostapd_iface *iface = hapd->iface; 590 size_t i; 591 592 for (i = 0; i < iface->num_bss; i++) { 593 struct hostapd_data *bss = iface->bss[i]; 594 struct sta_info *sta2; 595 /* bss should always be set during operation, but it may be 596 * NULL during reconfiguration. Assume the STA is not 597 * associated to another BSS in that case to avoid NULL pointer 598 * dereferences. */ 599 if (bss == hapd || bss == NULL) 600 continue; 601 sta2 = ap_get_sta(bss, sta->addr); 602 if (!sta2) 603 continue; 604 605 ap_sta_disconnect(bss, sta2, sta2->addr, 606 WLAN_REASON_PREV_AUTH_NOT_VALID); 607 } 608} 609 610 611static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 612{ 613 struct hostapd_data *hapd = eloop_ctx; 614 struct sta_info *sta = timeout_ctx; 615 616 ap_sta_remove(hapd, sta); 617 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 618} 619 620 621void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 622 u16 reason) 623{ 624 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 625 hapd->conf->iface, MAC2STR(sta->addr)); 626 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 627 ap_sta_set_authorized(hapd, sta, 0); 628 sta->timeout_next = STA_DEAUTH; 629 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 630 "for " MACSTR " (%d seconds - " 631 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 632 __func__, MAC2STR(sta->addr), 633 AP_MAX_INACTIVITY_AFTER_DISASSOC); 634 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 635 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 636 ap_handle_timer, hapd, sta); 637 accounting_sta_stop(hapd, sta); 638 ieee802_1x_free_station(sta); 639 640 sta->disassoc_reason = reason; 641 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 642 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 643 eloop_register_timeout(hapd->iface->drv_flags & 644 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 645 ap_sta_disassoc_cb_timeout, hapd, sta); 646} 647 648 649static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 650{ 651 struct hostapd_data *hapd = eloop_ctx; 652 struct sta_info *sta = timeout_ctx; 653 654 ap_sta_remove(hapd, sta); 655 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 656} 657 658 659void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 660 u16 reason) 661{ 662 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 663 hapd->conf->iface, MAC2STR(sta->addr)); 664 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 665 ap_sta_set_authorized(hapd, sta, 0); 666 sta->timeout_next = STA_REMOVE; 667 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 668 "for " MACSTR " (%d seconds - " 669 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 670 __func__, MAC2STR(sta->addr), 671 AP_MAX_INACTIVITY_AFTER_DEAUTH); 672 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 673 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 674 ap_handle_timer, hapd, sta); 675 accounting_sta_stop(hapd, sta); 676 ieee802_1x_free_station(sta); 677 678 sta->deauth_reason = reason; 679 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 680 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 681 eloop_register_timeout(hapd->iface->drv_flags & 682 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 683 ap_sta_deauth_cb_timeout, hapd, sta); 684} 685 686 687#ifdef CONFIG_WPS 688int ap_sta_wps_cancel(struct hostapd_data *hapd, 689 struct sta_info *sta, void *ctx) 690{ 691 if (sta && (sta->flags & WLAN_STA_WPS)) { 692 ap_sta_deauthenticate(hapd, sta, 693 WLAN_REASON_PREV_AUTH_NOT_VALID); 694 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 695 __func__, MAC2STR(sta->addr)); 696 return 1; 697 } 698 699 return 0; 700} 701#endif /* CONFIG_WPS */ 702 703 704int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, 705 int old_vlanid) 706{ 707#ifndef CONFIG_NO_VLAN 708 const char *iface; 709 struct hostapd_vlan *vlan = NULL; 710 int ret; 711 712 /* 713 * Do not proceed furthur if the vlan id remains same. We do not want 714 * duplicate dynamic vlan entries. 715 */ 716 if (sta->vlan_id == old_vlanid) 717 return 0; 718 719 /* 720 * During 1x reauth, if the vlan id changes, then remove the old id and 721 * proceed furthur to add the new one. 722 */ 723 if (old_vlanid > 0) 724 vlan_remove_dynamic(hapd, old_vlanid); 725 726 iface = hapd->conf->iface; 727 if (sta->ssid->vlan[0]) 728 iface = sta->ssid->vlan; 729 730 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) 731 sta->vlan_id = 0; 732 else if (sta->vlan_id > 0) { 733 struct hostapd_vlan *wildcard_vlan = NULL; 734 vlan = hapd->conf->vlan; 735 while (vlan) { 736 if (vlan->vlan_id == sta->vlan_id) 737 break; 738 if (vlan->vlan_id == VLAN_ID_WILDCARD) 739 wildcard_vlan = vlan; 740 vlan = vlan->next; 741 } 742 if (!vlan) 743 vlan = wildcard_vlan; 744 if (vlan) 745 iface = vlan->ifname; 746 } 747 748 if (sta->vlan_id > 0 && vlan == NULL) { 749 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 750 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 751 "binding station to (vlan_id=%d)", 752 sta->vlan_id); 753 return -1; 754 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { 755 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); 756 if (vlan == NULL) { 757 hostapd_logger(hapd, sta->addr, 758 HOSTAPD_MODULE_IEEE80211, 759 HOSTAPD_LEVEL_DEBUG, "could not add " 760 "dynamic VLAN interface for vlan_id=%d", 761 sta->vlan_id); 762 return -1; 763 } 764 765 iface = vlan->ifname; 766 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 767 hostapd_logger(hapd, sta->addr, 768 HOSTAPD_MODULE_IEEE80211, 769 HOSTAPD_LEVEL_DEBUG, "could not " 770 "configure encryption for dynamic VLAN " 771 "interface for vlan_id=%d", 772 sta->vlan_id); 773 } 774 775 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 776 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " 777 "interface '%s'", iface); 778 } else if (vlan && vlan->vlan_id == sta->vlan_id) { 779 if (sta->vlan_id > 0) { 780 vlan->dynamic_vlan++; 781 hostapd_logger(hapd, sta->addr, 782 HOSTAPD_MODULE_IEEE80211, 783 HOSTAPD_LEVEL_DEBUG, "updated existing " 784 "dynamic VLAN interface '%s'", iface); 785 } 786 787 /* 788 * Update encryption configuration for statically generated 789 * VLAN interface. This is only used for static WEP 790 * configuration for the case where hostapd did not yet know 791 * which keys are to be used when the interface was added. 792 */ 793 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 794 hostapd_logger(hapd, sta->addr, 795 HOSTAPD_MODULE_IEEE80211, 796 HOSTAPD_LEVEL_DEBUG, "could not " 797 "configure encryption for VLAN " 798 "interface for vlan_id=%d", 799 sta->vlan_id); 800 } 801 } 802 803 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 804 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 805 "'%s'", iface); 806 807 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 808 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 809 810 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 811 if (ret < 0) { 812 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 813 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 814 "entry to vlan_id=%d", sta->vlan_id); 815 } 816 return ret; 817#else /* CONFIG_NO_VLAN */ 818 return 0; 819#endif /* CONFIG_NO_VLAN */ 820} 821 822 823#ifdef CONFIG_IEEE80211W 824 825int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 826{ 827 u32 tu; 828 struct os_time now, passed; 829 os_get_time(&now); 830 os_time_sub(&now, &sta->sa_query_start, &passed); 831 tu = (passed.sec * 1000000 + passed.usec) / 1024; 832 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 833 hostapd_logger(hapd, sta->addr, 834 HOSTAPD_MODULE_IEEE80211, 835 HOSTAPD_LEVEL_DEBUG, 836 "association SA Query timed out"); 837 sta->sa_query_timed_out = 1; 838 os_free(sta->sa_query_trans_id); 839 sta->sa_query_trans_id = NULL; 840 sta->sa_query_count = 0; 841 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 842 return 1; 843 } 844 845 return 0; 846} 847 848 849static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 850{ 851 struct hostapd_data *hapd = eloop_ctx; 852 struct sta_info *sta = timeout_ctx; 853 unsigned int timeout, sec, usec; 854 u8 *trans_id, *nbuf; 855 856 if (sta->sa_query_count > 0 && 857 ap_check_sa_query_timeout(hapd, sta)) 858 return; 859 860 nbuf = os_realloc_array(sta->sa_query_trans_id, 861 sta->sa_query_count + 1, 862 WLAN_SA_QUERY_TR_ID_LEN); 863 if (nbuf == NULL) 864 return; 865 if (sta->sa_query_count == 0) { 866 /* Starting a new SA Query procedure */ 867 os_get_time(&sta->sa_query_start); 868 } 869 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 870 sta->sa_query_trans_id = nbuf; 871 sta->sa_query_count++; 872 873 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); 874 875 timeout = hapd->conf->assoc_sa_query_retry_timeout; 876 sec = ((timeout / 1000) * 1024) / 1000; 877 usec = (timeout % 1000) * 1024; 878 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 879 880 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 881 HOSTAPD_LEVEL_DEBUG, 882 "association SA Query attempt %d", sta->sa_query_count); 883 884 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 885} 886 887 888void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 889{ 890 ap_sa_query_timer(hapd, sta); 891} 892 893 894void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 895{ 896 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 897 os_free(sta->sa_query_trans_id); 898 sta->sa_query_trans_id = NULL; 899 sta->sa_query_count = 0; 900} 901 902#endif /* CONFIG_IEEE80211W */ 903 904 905void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 906 int authorized) 907{ 908 const u8 *dev_addr = NULL; 909 char buf[100]; 910#ifdef CONFIG_P2P 911 u8 addr[ETH_ALEN]; 912#endif /* CONFIG_P2P */ 913 914 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 915 return; 916 917#ifdef CONFIG_P2P 918 if (hapd->p2p_group == NULL) { 919 if (sta->p2p_ie != NULL && 920 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 921 dev_addr = addr; 922 } else 923 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 924#endif /* CONFIG_P2P */ 925 926 if (dev_addr) 927 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 928 MAC2STR(sta->addr), MAC2STR(dev_addr)); 929 else 930 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 931 932 if (authorized) { 933 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s", buf); 934 935 if (hapd->msg_ctx_parent && 936 hapd->msg_ctx_parent != hapd->msg_ctx) 937 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 938 AP_STA_CONNECTED "%s", buf); 939 940 sta->flags |= WLAN_STA_AUTHORIZED; 941 } else { 942 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 943 944 if (hapd->msg_ctx_parent && 945 hapd->msg_ctx_parent != hapd->msg_ctx) 946 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 947 AP_STA_DISCONNECTED "%s", buf); 948 949 sta->flags &= ~WLAN_STA_AUTHORIZED; 950 } 951 952 if (hapd->sta_authorized_cb) 953 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 954 sta->addr, authorized, dev_addr); 955} 956 957 958void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 959 const u8 *addr, u16 reason) 960{ 961 962 if (sta == NULL && addr) 963 sta = ap_get_sta(hapd, addr); 964 965 if (addr) 966 hostapd_drv_sta_deauth(hapd, addr, reason); 967 968 if (sta == NULL) 969 return; 970 ap_sta_set_authorized(hapd, sta, 0); 971 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 972 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 973 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 974 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 975 "for " MACSTR " (%d seconds - " 976 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 977 __func__, MAC2STR(sta->addr), 978 AP_MAX_INACTIVITY_AFTER_DEAUTH); 979 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 980 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 981 ap_handle_timer, hapd, sta); 982 sta->timeout_next = STA_REMOVE; 983 984 sta->deauth_reason = reason; 985 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 986 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 987 eloop_register_timeout(hapd->iface->drv_flags & 988 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 989 ap_sta_deauth_cb_timeout, hapd, sta); 990} 991 992 993void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 994{ 995 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 996 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 997 return; 998 } 999 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 1000 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1001 ap_sta_deauth_cb_timeout(hapd, sta); 1002} 1003 1004 1005void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 1006{ 1007 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 1008 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 1009 return; 1010 } 1011 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 1012 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1013 ap_sta_disassoc_cb_timeout(hapd, sta); 1014} 1015