sta_info.c revision d5c075b0c218277d0f926daf1f9eff974b9656dc
1/* 2 * hostapd / Station table 3 * Copyright (c) 2002-2011, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "utils/includes.h" 10 11#include "utils/common.h" 12#include "utils/eloop.h" 13#include "common/ieee802_11_defs.h" 14#include "common/wpa_ctrl.h" 15#include "common/sae.h" 16#include "radius/radius.h" 17#include "radius/radius_client.h" 18#include "drivers/driver.h" 19#include "p2p/p2p.h" 20#include "hostapd.h" 21#include "accounting.h" 22#include "ieee802_1x.h" 23#include "ieee802_11.h" 24#include "ieee802_11_auth.h" 25#include "wpa_auth.h" 26#include "preauth_auth.h" 27#include "ap_config.h" 28#include "beacon.h" 29#include "ap_mlme.h" 30#include "vlan_init.h" 31#include "p2p_hostapd.h" 32#include "ap_drv_ops.h" 33#include "gas_serv.h" 34#include "sta_info.h" 35 36static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 37 struct sta_info *sta); 38static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 39static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 40static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 41#ifdef CONFIG_IEEE80211W 42static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 43#endif /* CONFIG_IEEE80211W */ 44static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 45 46int ap_for_each_sta(struct hostapd_data *hapd, 47 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 48 void *ctx), 49 void *ctx) 50{ 51 struct sta_info *sta; 52 53 for (sta = hapd->sta_list; sta; sta = sta->next) { 54 if (cb(hapd, sta, ctx)) 55 return 1; 56 } 57 58 return 0; 59} 60 61 62struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 63{ 64 struct sta_info *s; 65 66 s = hapd->sta_hash[STA_HASH(sta)]; 67 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 68 s = s->hnext; 69 return s; 70} 71 72 73static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 74{ 75 struct sta_info *tmp; 76 77 if (hapd->sta_list == sta) { 78 hapd->sta_list = sta->next; 79 return; 80 } 81 82 tmp = hapd->sta_list; 83 while (tmp != NULL && tmp->next != sta) 84 tmp = tmp->next; 85 if (tmp == NULL) { 86 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 87 "list.", MAC2STR(sta->addr)); 88 } else 89 tmp->next = sta->next; 90} 91 92 93void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 94{ 95 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 96 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 97} 98 99 100static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 101{ 102 struct sta_info *s; 103 104 s = hapd->sta_hash[STA_HASH(sta->addr)]; 105 if (s == NULL) return; 106 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 107 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 108 return; 109 } 110 111 while (s->hnext != NULL && 112 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 113 s = s->hnext; 114 if (s->hnext != NULL) 115 s->hnext = s->hnext->hnext; 116 else 117 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 118 " from hash table", MAC2STR(sta->addr)); 119} 120 121 122void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 123{ 124 int set_beacon = 0; 125 126 accounting_sta_stop(hapd, sta); 127 128 /* just in case */ 129 ap_sta_set_authorized(hapd, sta, 0); 130 131 if (sta->flags & WLAN_STA_WDS) 132 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 133 134 if (!(sta->flags & WLAN_STA_PREAUTH)) 135 hostapd_drv_sta_remove(hapd, sta->addr); 136 137 ap_sta_hash_del(hapd, sta); 138 ap_sta_list_del(hapd, sta); 139 140 if (sta->aid > 0) 141 hapd->sta_aid[(sta->aid - 1) / 32] &= 142 ~BIT((sta->aid - 1) % 32); 143 144 hapd->num_sta--; 145 if (sta->nonerp_set) { 146 sta->nonerp_set = 0; 147 hapd->iface->num_sta_non_erp--; 148 if (hapd->iface->num_sta_non_erp == 0) 149 set_beacon++; 150 } 151 152 if (sta->no_short_slot_time_set) { 153 sta->no_short_slot_time_set = 0; 154 hapd->iface->num_sta_no_short_slot_time--; 155 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 156 && hapd->iface->num_sta_no_short_slot_time == 0) 157 set_beacon++; 158 } 159 160 if (sta->no_short_preamble_set) { 161 sta->no_short_preamble_set = 0; 162 hapd->iface->num_sta_no_short_preamble--; 163 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 164 && hapd->iface->num_sta_no_short_preamble == 0) 165 set_beacon++; 166 } 167 168 if (sta->no_ht_gf_set) { 169 sta->no_ht_gf_set = 0; 170 hapd->iface->num_sta_ht_no_gf--; 171 } 172 173 if (sta->no_ht_set) { 174 sta->no_ht_set = 0; 175 hapd->iface->num_sta_no_ht--; 176 } 177 178 if (sta->ht_20mhz_set) { 179 sta->ht_20mhz_set = 0; 180 hapd->iface->num_sta_ht_20mhz--; 181 } 182 183#ifdef CONFIG_P2P 184 if (sta->no_p2p_set) { 185 sta->no_p2p_set = 0; 186 hapd->num_sta_no_p2p--; 187 if (hapd->num_sta_no_p2p == 0) 188 hostapd_p2p_non_p2p_sta_disconnected(hapd); 189 } 190#endif /* CONFIG_P2P */ 191 192#if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 193 if (hostapd_ht_operation_update(hapd->iface) > 0) 194 set_beacon++; 195#endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 196 197 if (set_beacon) 198 ieee802_11_set_beacons(hapd->iface); 199 200 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 201 __func__, MAC2STR(sta->addr)); 202 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 203 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 204 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 205 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 206 207 ieee802_1x_free_station(sta); 208 wpa_auth_sta_deinit(sta->wpa_sm); 209 rsn_preauth_free_station(hapd, sta); 210#ifndef CONFIG_NO_RADIUS 211 radius_client_flush_auth(hapd->radius, sta->addr); 212#endif /* CONFIG_NO_RADIUS */ 213 214 os_free(sta->last_assoc_req); 215 os_free(sta->challenge); 216 217#ifdef CONFIG_IEEE80211W 218 os_free(sta->sa_query_trans_id); 219 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 220#endif /* CONFIG_IEEE80211W */ 221 222#ifdef CONFIG_P2P 223 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 224#endif /* CONFIG_P2P */ 225 226#ifdef CONFIG_INTERWORKING 227 if (sta->gas_dialog) { 228 int i; 229 for (i = 0; i < GAS_DIALOG_MAX; i++) 230 gas_serv_dialog_clear(&sta->gas_dialog[i]); 231 os_free(sta->gas_dialog); 232 } 233#endif /* CONFIG_INTERWORKING */ 234 235 wpabuf_free(sta->wps_ie); 236 wpabuf_free(sta->p2p_ie); 237 wpabuf_free(sta->hs20_ie); 238 239 os_free(sta->ht_capabilities); 240 hostapd_free_psk_list(sta->psk); 241 os_free(sta->identity); 242 os_free(sta->radius_cui); 243 244#ifdef CONFIG_SAE 245 sae_clear_data(sta->sae); 246 os_free(sta->sae); 247#endif /* CONFIG_SAE */ 248 249 os_free(sta); 250} 251 252 253void hostapd_free_stas(struct hostapd_data *hapd) 254{ 255 struct sta_info *sta, *prev; 256 257 sta = hapd->sta_list; 258 259 while (sta) { 260 prev = sta; 261 if (sta->flags & WLAN_STA_AUTH) { 262 mlme_deauthenticate_indication( 263 hapd, sta, WLAN_REASON_UNSPECIFIED); 264 } 265 sta = sta->next; 266 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 267 MAC2STR(prev->addr)); 268 ap_free_sta(hapd, prev); 269 } 270} 271 272 273/** 274 * ap_handle_timer - Per STA timer handler 275 * @eloop_ctx: struct hostapd_data * 276 * @timeout_ctx: struct sta_info * 277 * 278 * This function is called to check station activity and to remove inactive 279 * stations. 280 */ 281void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 282{ 283 struct hostapd_data *hapd = eloop_ctx; 284 struct sta_info *sta = timeout_ctx; 285 unsigned long next_time = 0; 286 int reason; 287 288 wpa_printf(MSG_DEBUG, "%s: " MACSTR " flags=0x%x timeout_next=%d", 289 __func__, MAC2STR(sta->addr), sta->flags, 290 sta->timeout_next); 291 if (sta->timeout_next == STA_REMOVE) { 292 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 293 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 294 "local deauth request"); 295 ap_free_sta(hapd, sta); 296 return; 297 } 298 299 if ((sta->flags & WLAN_STA_ASSOC) && 300 (sta->timeout_next == STA_NULLFUNC || 301 sta->timeout_next == STA_DISASSOC)) { 302 int inactive_sec; 303 /* 304 * Add random value to timeout so that we don't end up bouncing 305 * all stations at the same time if we have lots of associated 306 * stations that are idle (but keep re-associating). 307 */ 308 int fuzz = os_random() % 20; 309 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 310 if (inactive_sec == -1) { 311 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 312 "Check inactivity: Could not " 313 "get station info from kernel driver for " 314 MACSTR, MAC2STR(sta->addr)); 315 /* 316 * The driver may not support this functionality. 317 * Anyway, try again after the next inactivity timeout, 318 * but do not disconnect the station now. 319 */ 320 next_time = hapd->conf->ap_max_inactivity + fuzz; 321 } else if (inactive_sec < hapd->conf->ap_max_inactivity && 322 sta->flags & WLAN_STA_ASSOC) { 323 /* station activity detected; reset timeout state */ 324 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 325 "Station " MACSTR " has been active %is ago", 326 MAC2STR(sta->addr), inactive_sec); 327 sta->timeout_next = STA_NULLFUNC; 328 next_time = hapd->conf->ap_max_inactivity + fuzz - 329 inactive_sec; 330 } else { 331 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 332 "Station " MACSTR " has been " 333 "inactive too long: %d sec, max allowed: %d", 334 MAC2STR(sta->addr), inactive_sec, 335 hapd->conf->ap_max_inactivity); 336 337 if (hapd->conf->skip_inactivity_poll) 338 sta->timeout_next = STA_DISASSOC; 339 } 340 } 341 342 if ((sta->flags & WLAN_STA_ASSOC) && 343 sta->timeout_next == STA_DISASSOC && 344 !(sta->flags & WLAN_STA_PENDING_POLL) && 345 !hapd->conf->skip_inactivity_poll) { 346 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 347 " has ACKed data poll", MAC2STR(sta->addr)); 348 /* data nullfunc frame poll did not produce TX errors; assume 349 * station ACKed it */ 350 sta->timeout_next = STA_NULLFUNC; 351 next_time = hapd->conf->ap_max_inactivity; 352 } 353 354 if (next_time) { 355 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 356 "for " MACSTR " (%lu seconds)", 357 __func__, MAC2STR(sta->addr), next_time); 358 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 359 sta); 360 return; 361 } 362 363 if (sta->timeout_next == STA_NULLFUNC && 364 (sta->flags & WLAN_STA_ASSOC)) { 365 wpa_printf(MSG_DEBUG, " Polling STA"); 366 sta->flags |= WLAN_STA_PENDING_POLL; 367 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 368 sta->flags & WLAN_STA_WMM); 369 } else if (sta->timeout_next != STA_REMOVE) { 370 int deauth = sta->timeout_next == STA_DEAUTH; 371 372 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 373 "Timeout, sending %s info to STA " MACSTR, 374 deauth ? "deauthentication" : "disassociation", 375 MAC2STR(sta->addr)); 376 377 if (deauth) { 378 hostapd_drv_sta_deauth( 379 hapd, sta->addr, 380 WLAN_REASON_PREV_AUTH_NOT_VALID); 381 } else { 382 reason = (sta->timeout_next == STA_DISASSOC) ? 383 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 384 WLAN_REASON_PREV_AUTH_NOT_VALID; 385 386 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 387 } 388 } 389 390 switch (sta->timeout_next) { 391 case STA_NULLFUNC: 392 sta->timeout_next = STA_DISASSOC; 393 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 394 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 395 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 396 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 397 hapd, sta); 398 break; 399 case STA_DISASSOC: 400 case STA_DISASSOC_FROM_CLI: 401 ap_sta_set_authorized(hapd, sta, 0); 402 sta->flags &= ~WLAN_STA_ASSOC; 403 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 404 if (!sta->acct_terminate_cause) 405 sta->acct_terminate_cause = 406 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 407 accounting_sta_stop(hapd, sta); 408 ieee802_1x_free_station(sta); 409 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 410 HOSTAPD_LEVEL_INFO, "disassociated due to " 411 "inactivity"); 412 reason = (sta->timeout_next == STA_DISASSOC) ? 413 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 414 WLAN_REASON_PREV_AUTH_NOT_VALID; 415 sta->timeout_next = STA_DEAUTH; 416 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 417 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 418 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 419 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 420 hapd, sta); 421 mlme_disassociate_indication(hapd, sta, reason); 422 break; 423 case STA_DEAUTH: 424 case STA_REMOVE: 425 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 426 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 427 "inactivity (timer DEAUTH/REMOVE)"); 428 if (!sta->acct_terminate_cause) 429 sta->acct_terminate_cause = 430 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 431 mlme_deauthenticate_indication( 432 hapd, sta, 433 WLAN_REASON_PREV_AUTH_NOT_VALID); 434 ap_free_sta(hapd, sta); 435 break; 436 } 437} 438 439 440static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 441{ 442 struct hostapd_data *hapd = eloop_ctx; 443 struct sta_info *sta = timeout_ctx; 444 u8 addr[ETH_ALEN]; 445 446 if (!(sta->flags & WLAN_STA_AUTH)) { 447 if (sta->flags & WLAN_STA_GAS) { 448 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 449 "entry " MACSTR, MAC2STR(sta->addr)); 450 ap_free_sta(hapd, sta); 451 } 452 return; 453 } 454 455 mlme_deauthenticate_indication(hapd, sta, 456 WLAN_REASON_PREV_AUTH_NOT_VALID); 457 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 458 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 459 "session timeout"); 460 sta->acct_terminate_cause = 461 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 462 os_memcpy(addr, sta->addr, ETH_ALEN); 463 ap_free_sta(hapd, sta); 464 hostapd_drv_sta_deauth(hapd, addr, WLAN_REASON_PREV_AUTH_NOT_VALID); 465} 466 467 468void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 469 u32 session_timeout) 470{ 471 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 472 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 473 "seconds", session_timeout); 474 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 475 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 476 hapd, sta); 477} 478 479 480void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 481{ 482 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 483} 484 485 486struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 487{ 488 struct sta_info *sta; 489 490 sta = ap_get_sta(hapd, addr); 491 if (sta) 492 return sta; 493 494 wpa_printf(MSG_DEBUG, " New STA"); 495 if (hapd->num_sta >= hapd->conf->max_num_sta) { 496 /* FIX: might try to remove some old STAs first? */ 497 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 498 hapd->num_sta, hapd->conf->max_num_sta); 499 return NULL; 500 } 501 502 sta = os_zalloc(sizeof(struct sta_info)); 503 if (sta == NULL) { 504 wpa_printf(MSG_ERROR, "malloc failed"); 505 return NULL; 506 } 507 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 508 accounting_sta_get_id(hapd, sta); 509 510 /* initialize STA info data */ 511 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 512 "for " MACSTR " (%d seconds - ap_max_inactivity)", 513 __func__, MAC2STR(addr), 514 hapd->conf->ap_max_inactivity); 515 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 516 ap_handle_timer, hapd, sta); 517 os_memcpy(sta->addr, addr, ETH_ALEN); 518 sta->next = hapd->sta_list; 519 hapd->sta_list = sta; 520 hapd->num_sta++; 521 ap_sta_hash_add(hapd, sta); 522 sta->ssid = &hapd->conf->ssid; 523 ap_sta_remove_in_other_bss(hapd, sta); 524 525 return sta; 526} 527 528 529static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 530{ 531 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 532 533 wpa_printf(MSG_DEBUG, "Removing STA " MACSTR " from kernel driver", 534 MAC2STR(sta->addr)); 535 if (hostapd_drv_sta_remove(hapd, sta->addr) && 536 sta->flags & WLAN_STA_ASSOC) { 537 wpa_printf(MSG_DEBUG, "Could not remove station " MACSTR 538 " from kernel driver.", MAC2STR(sta->addr)); 539 return -1; 540 } 541 return 0; 542} 543 544 545static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 546 struct sta_info *sta) 547{ 548 struct hostapd_iface *iface = hapd->iface; 549 size_t i; 550 551 for (i = 0; i < iface->num_bss; i++) { 552 struct hostapd_data *bss = iface->bss[i]; 553 struct sta_info *sta2; 554 /* bss should always be set during operation, but it may be 555 * NULL during reconfiguration. Assume the STA is not 556 * associated to another BSS in that case to avoid NULL pointer 557 * dereferences. */ 558 if (bss == hapd || bss == NULL) 559 continue; 560 sta2 = ap_get_sta(bss, sta->addr); 561 if (!sta2) 562 continue; 563 564 ap_sta_disconnect(bss, sta2, sta2->addr, 565 WLAN_REASON_PREV_AUTH_NOT_VALID); 566 } 567} 568 569 570static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 571{ 572 struct hostapd_data *hapd = eloop_ctx; 573 struct sta_info *sta = timeout_ctx; 574 575 ap_sta_remove(hapd, sta); 576 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 577} 578 579 580void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 581 u16 reason) 582{ 583 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 584 hapd->conf->iface, MAC2STR(sta->addr)); 585 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 586 ap_sta_set_authorized(hapd, sta, 0); 587 sta->timeout_next = STA_DEAUTH; 588 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 589 "for " MACSTR " (%d seconds - " 590 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 591 __func__, MAC2STR(sta->addr), 592 AP_MAX_INACTIVITY_AFTER_DISASSOC); 593 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 594 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 595 ap_handle_timer, hapd, sta); 596 accounting_sta_stop(hapd, sta); 597 ieee802_1x_free_station(sta); 598 599 sta->disassoc_reason = reason; 600 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 601 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 602 eloop_register_timeout(hapd->iface->drv_flags & 603 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 604 ap_sta_disassoc_cb_timeout, hapd, sta); 605} 606 607 608static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 609{ 610 struct hostapd_data *hapd = eloop_ctx; 611 struct sta_info *sta = timeout_ctx; 612 613 ap_sta_remove(hapd, sta); 614 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 615} 616 617 618void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 619 u16 reason) 620{ 621 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 622 hapd->conf->iface, MAC2STR(sta->addr)); 623 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 624 ap_sta_set_authorized(hapd, sta, 0); 625 sta->timeout_next = STA_REMOVE; 626 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 627 "for " MACSTR " (%d seconds - " 628 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 629 __func__, MAC2STR(sta->addr), 630 AP_MAX_INACTIVITY_AFTER_DEAUTH); 631 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 632 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 633 ap_handle_timer, hapd, sta); 634 accounting_sta_stop(hapd, sta); 635 ieee802_1x_free_station(sta); 636 637 sta->deauth_reason = reason; 638 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 639 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 640 eloop_register_timeout(hapd->iface->drv_flags & 641 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 642 ap_sta_deauth_cb_timeout, hapd, sta); 643} 644 645 646#ifdef CONFIG_WPS 647int ap_sta_wps_cancel(struct hostapd_data *hapd, 648 struct sta_info *sta, void *ctx) 649{ 650 if (sta && (sta->flags & WLAN_STA_WPS)) { 651 ap_sta_deauthenticate(hapd, sta, 652 WLAN_REASON_PREV_AUTH_NOT_VALID); 653 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 654 __func__, MAC2STR(sta->addr)); 655 return 1; 656 } 657 658 return 0; 659} 660#endif /* CONFIG_WPS */ 661 662 663int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta, 664 int old_vlanid) 665{ 666#ifndef CONFIG_NO_VLAN 667 const char *iface; 668 struct hostapd_vlan *vlan = NULL; 669 int ret; 670 671 /* 672 * Do not proceed furthur if the vlan id remains same. We do not want 673 * duplicate dynamic vlan entries. 674 */ 675 if (sta->vlan_id == old_vlanid) 676 return 0; 677 678 /* 679 * During 1x reauth, if the vlan id changes, then remove the old id and 680 * proceed furthur to add the new one. 681 */ 682 if (old_vlanid > 0) 683 vlan_remove_dynamic(hapd, old_vlanid); 684 685 iface = hapd->conf->iface; 686 if (sta->ssid->vlan[0]) 687 iface = sta->ssid->vlan; 688 689 if (sta->ssid->dynamic_vlan == DYNAMIC_VLAN_DISABLED) 690 sta->vlan_id = 0; 691 else if (sta->vlan_id > 0) { 692 struct hostapd_vlan *wildcard_vlan = NULL; 693 vlan = hapd->conf->vlan; 694 while (vlan) { 695 if (vlan->vlan_id == sta->vlan_id) 696 break; 697 if (vlan->vlan_id == VLAN_ID_WILDCARD) 698 wildcard_vlan = vlan; 699 vlan = vlan->next; 700 } 701 if (!vlan) 702 vlan = wildcard_vlan; 703 if (vlan) 704 iface = vlan->ifname; 705 } 706 707 if (sta->vlan_id > 0 && vlan == NULL) { 708 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 709 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 710 "binding station to (vlan_id=%d)", 711 sta->vlan_id); 712 return -1; 713 } else if (sta->vlan_id > 0 && vlan->vlan_id == VLAN_ID_WILDCARD) { 714 vlan = vlan_add_dynamic(hapd, vlan, sta->vlan_id); 715 if (vlan == NULL) { 716 hostapd_logger(hapd, sta->addr, 717 HOSTAPD_MODULE_IEEE80211, 718 HOSTAPD_LEVEL_DEBUG, "could not add " 719 "dynamic VLAN interface for vlan_id=%d", 720 sta->vlan_id); 721 return -1; 722 } 723 724 iface = vlan->ifname; 725 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 726 hostapd_logger(hapd, sta->addr, 727 HOSTAPD_MODULE_IEEE80211, 728 HOSTAPD_LEVEL_DEBUG, "could not " 729 "configure encryption for dynamic VLAN " 730 "interface for vlan_id=%d", 731 sta->vlan_id); 732 } 733 734 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 735 HOSTAPD_LEVEL_DEBUG, "added new dynamic VLAN " 736 "interface '%s'", iface); 737 } else if (vlan && vlan->vlan_id == sta->vlan_id) { 738 if (sta->vlan_id > 0) { 739 vlan->dynamic_vlan++; 740 hostapd_logger(hapd, sta->addr, 741 HOSTAPD_MODULE_IEEE80211, 742 HOSTAPD_LEVEL_DEBUG, "updated existing " 743 "dynamic VLAN interface '%s'", iface); 744 } 745 746 /* 747 * Update encryption configuration for statically generated 748 * VLAN interface. This is only used for static WEP 749 * configuration for the case where hostapd did not yet know 750 * which keys are to be used when the interface was added. 751 */ 752 if (vlan_setup_encryption_dyn(hapd, sta->ssid, iface) != 0) { 753 hostapd_logger(hapd, sta->addr, 754 HOSTAPD_MODULE_IEEE80211, 755 HOSTAPD_LEVEL_DEBUG, "could not " 756 "configure encryption for VLAN " 757 "interface for vlan_id=%d", 758 sta->vlan_id); 759 } 760 } 761 762 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 763 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 764 "'%s'", iface); 765 766 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 767 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 768 769 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 770 if (ret < 0) { 771 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 772 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 773 "entry to vlan_id=%d", sta->vlan_id); 774 } 775 return ret; 776#else /* CONFIG_NO_VLAN */ 777 return 0; 778#endif /* CONFIG_NO_VLAN */ 779} 780 781 782#ifdef CONFIG_IEEE80211W 783 784int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 785{ 786 u32 tu; 787 struct os_time now, passed; 788 os_get_time(&now); 789 os_time_sub(&now, &sta->sa_query_start, &passed); 790 tu = (passed.sec * 1000000 + passed.usec) / 1024; 791 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 792 hostapd_logger(hapd, sta->addr, 793 HOSTAPD_MODULE_IEEE80211, 794 HOSTAPD_LEVEL_DEBUG, 795 "association SA Query timed out"); 796 sta->sa_query_timed_out = 1; 797 os_free(sta->sa_query_trans_id); 798 sta->sa_query_trans_id = NULL; 799 sta->sa_query_count = 0; 800 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 801 return 1; 802 } 803 804 return 0; 805} 806 807 808static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 809{ 810 struct hostapd_data *hapd = eloop_ctx; 811 struct sta_info *sta = timeout_ctx; 812 unsigned int timeout, sec, usec; 813 u8 *trans_id, *nbuf; 814 815 if (sta->sa_query_count > 0 && 816 ap_check_sa_query_timeout(hapd, sta)) 817 return; 818 819 nbuf = os_realloc_array(sta->sa_query_trans_id, 820 sta->sa_query_count + 1, 821 WLAN_SA_QUERY_TR_ID_LEN); 822 if (nbuf == NULL) 823 return; 824 if (sta->sa_query_count == 0) { 825 /* Starting a new SA Query procedure */ 826 os_get_time(&sta->sa_query_start); 827 } 828 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 829 sta->sa_query_trans_id = nbuf; 830 sta->sa_query_count++; 831 832 os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN); 833 834 timeout = hapd->conf->assoc_sa_query_retry_timeout; 835 sec = ((timeout / 1000) * 1024) / 1000; 836 usec = (timeout % 1000) * 1024; 837 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 838 839 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 840 HOSTAPD_LEVEL_DEBUG, 841 "association SA Query attempt %d", sta->sa_query_count); 842 843 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 844} 845 846 847void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 848{ 849 ap_sa_query_timer(hapd, sta); 850} 851 852 853void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 854{ 855 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 856 os_free(sta->sa_query_trans_id); 857 sta->sa_query_trans_id = NULL; 858 sta->sa_query_count = 0; 859} 860 861#endif /* CONFIG_IEEE80211W */ 862 863 864void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 865 int authorized) 866{ 867 const u8 *dev_addr = NULL; 868 char buf[100]; 869#ifdef CONFIG_P2P 870 u8 addr[ETH_ALEN]; 871#endif /* CONFIG_P2P */ 872 873 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 874 return; 875 876#ifdef CONFIG_P2P 877 if (hapd->p2p_group == NULL) { 878 if (sta->p2p_ie != NULL && 879 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 880 dev_addr = addr; 881 } else 882 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 883#endif /* CONFIG_P2P */ 884 885 if (dev_addr) 886 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 887 MAC2STR(sta->addr), MAC2STR(dev_addr)); 888 else 889 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 890 891 if (authorized) { 892 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s", buf); 893 894 if (hapd->msg_ctx_parent && 895 hapd->msg_ctx_parent != hapd->msg_ctx) 896 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 897 AP_STA_CONNECTED "%s", buf); 898 899 sta->flags |= WLAN_STA_AUTHORIZED; 900 } else { 901 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 902 903 if (hapd->msg_ctx_parent && 904 hapd->msg_ctx_parent != hapd->msg_ctx) 905 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 906 AP_STA_DISCONNECTED "%s", buf); 907 908 sta->flags &= ~WLAN_STA_AUTHORIZED; 909 } 910 911 if (hapd->sta_authorized_cb) 912 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 913 sta->addr, authorized, dev_addr); 914} 915 916 917void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 918 const u8 *addr, u16 reason) 919{ 920 921 if (sta == NULL && addr) 922 sta = ap_get_sta(hapd, addr); 923 924 if (addr) 925 hostapd_drv_sta_deauth(hapd, addr, reason); 926 927 if (sta == NULL) 928 return; 929 ap_sta_set_authorized(hapd, sta, 0); 930 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 931 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 932 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 933 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 934 "for " MACSTR " (%d seconds - " 935 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 936 __func__, MAC2STR(sta->addr), 937 AP_MAX_INACTIVITY_AFTER_DEAUTH); 938 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 939 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 940 ap_handle_timer, hapd, sta); 941 sta->timeout_next = STA_REMOVE; 942 943 sta->deauth_reason = reason; 944 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 945 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 946 eloop_register_timeout(hapd->iface->drv_flags & 947 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 948 ap_sta_deauth_cb_timeout, hapd, sta); 949} 950 951 952void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 953{ 954 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 955 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 956 return; 957 } 958 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 959 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 960 ap_sta_deauth_cb_timeout(hapd, sta); 961} 962 963 964void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 965{ 966 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 967 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 968 return; 969 } 970 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 971 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 972 ap_sta_disassoc_cb_timeout(hapd, sta); 973} 974