drv_callbacks.c revision 051af73b8f8014eff33330aead0f36944b3403e6
1/* 2 * hostapd / Callback functions for driver wrappers 3 * Copyright (c) 2002-2013, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "utils/includes.h" 10 11#include "utils/common.h" 12#include "radius/radius.h" 13#include "drivers/driver.h" 14#include "common/ieee802_11_defs.h" 15#include "common/ieee802_11_common.h" 16#include "common/wpa_ctrl.h" 17#include "crypto/random.h" 18#include "p2p/p2p.h" 19#include "wps/wps.h" 20#include "wnm_ap.h" 21#include "hostapd.h" 22#include "ieee802_11.h" 23#include "sta_info.h" 24#include "accounting.h" 25#include "tkip_countermeasures.h" 26#include "ieee802_1x.h" 27#include "wpa_auth.h" 28#include "wps_hostapd.h" 29#include "ap_drv_ops.h" 30#include "ap_config.h" 31#include "hw_features.h" 32#include "dfs.h" 33 34 35int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, 36 const u8 *req_ies, size_t req_ies_len, int reassoc) 37{ 38 struct sta_info *sta; 39 int new_assoc, res; 40 struct ieee802_11_elems elems; 41 const u8 *ie; 42 size_t ielen; 43#ifdef CONFIG_IEEE80211R 44 u8 buf[sizeof(struct ieee80211_mgmt) + 1024]; 45 u8 *p = buf; 46#endif /* CONFIG_IEEE80211R */ 47 u16 reason = WLAN_REASON_UNSPECIFIED; 48 u16 status = WLAN_STATUS_SUCCESS; 49 const u8 *p2p_dev_addr = NULL; 50 51 if (addr == NULL) { 52 /* 53 * This could potentially happen with unexpected event from the 54 * driver wrapper. This was seen at least in one case where the 55 * driver ended up being set to station mode while hostapd was 56 * running, so better make sure we stop processing such an 57 * event here. 58 */ 59 wpa_printf(MSG_DEBUG, "hostapd_notif_assoc: Skip event with " 60 "no address"); 61 return -1; 62 } 63 random_add_randomness(addr, ETH_ALEN); 64 65 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 66 HOSTAPD_LEVEL_INFO, "associated"); 67 68 ieee802_11_parse_elems(req_ies, req_ies_len, &elems, 0); 69 if (elems.wps_ie) { 70 ie = elems.wps_ie - 2; 71 ielen = elems.wps_ie_len + 2; 72 wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq"); 73 } else if (elems.rsn_ie) { 74 ie = elems.rsn_ie - 2; 75 ielen = elems.rsn_ie_len + 2; 76 wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq"); 77 } else if (elems.wpa_ie) { 78 ie = elems.wpa_ie - 2; 79 ielen = elems.wpa_ie_len + 2; 80 wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq"); 81 } else { 82 ie = NULL; 83 ielen = 0; 84 wpa_printf(MSG_DEBUG, "STA did not include WPS/RSN/WPA IE in " 85 "(Re)AssocReq"); 86 } 87 88 sta = ap_get_sta(hapd, addr); 89 if (sta) { 90 ap_sta_no_session_timeout(hapd, sta); 91 accounting_sta_stop(hapd, sta); 92 93 /* 94 * Make sure that the previously registered inactivity timer 95 * will not remove the STA immediately. 96 */ 97 sta->timeout_next = STA_NULLFUNC; 98 } else { 99 sta = ap_sta_add(hapd, addr); 100 if (sta == NULL) { 101 hostapd_drv_sta_disassoc(hapd, addr, 102 WLAN_REASON_DISASSOC_AP_BUSY); 103 return -1; 104 } 105 } 106 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2); 107 108#ifdef CONFIG_P2P 109 if (elems.p2p) { 110 wpabuf_free(sta->p2p_ie); 111 sta->p2p_ie = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 112 P2P_IE_VENDOR_TYPE); 113 if (sta->p2p_ie) 114 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 115 } 116#endif /* CONFIG_P2P */ 117 118#ifdef CONFIG_INTERWORKING 119 if (elems.ext_capab && elems.ext_capab_len > 4) { 120 if (elems.ext_capab[4] & 0x01) 121 sta->qos_map_enabled = 1; 122 } 123#endif /* CONFIG_INTERWORKING */ 124 125#ifdef CONFIG_HS20 126 wpabuf_free(sta->hs20_ie); 127 if (elems.hs20 && elems.hs20_len > 4) { 128 sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4, 129 elems.hs20_len - 4); 130 } else 131 sta->hs20_ie = NULL; 132#endif /* CONFIG_HS20 */ 133 134 if (hapd->conf->wpa) { 135 if (ie == NULL || ielen == 0) { 136#ifdef CONFIG_WPS 137 if (hapd->conf->wps_state) { 138 wpa_printf(MSG_DEBUG, "STA did not include " 139 "WPA/RSN IE in (Re)Association " 140 "Request - possible WPS use"); 141 sta->flags |= WLAN_STA_MAYBE_WPS; 142 goto skip_wpa_check; 143 } 144#endif /* CONFIG_WPS */ 145 146 wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA"); 147 return -1; 148 } 149#ifdef CONFIG_WPS 150 if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 && 151 os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) { 152 struct wpabuf *wps; 153 sta->flags |= WLAN_STA_WPS; 154 wps = ieee802_11_vendor_ie_concat(ie, ielen, 155 WPS_IE_VENDOR_TYPE); 156 if (wps) { 157 if (wps_is_20(wps)) { 158 wpa_printf(MSG_DEBUG, "WPS: STA " 159 "supports WPS 2.0"); 160 sta->flags |= WLAN_STA_WPS2; 161 } 162 wpabuf_free(wps); 163 } 164 goto skip_wpa_check; 165 } 166#endif /* CONFIG_WPS */ 167 168 if (sta->wpa_sm == NULL) 169 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 170 sta->addr, 171 p2p_dev_addr); 172 if (sta->wpa_sm == NULL) { 173 wpa_printf(MSG_ERROR, "Failed to initialize WPA state " 174 "machine"); 175 return -1; 176 } 177 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm, 178 ie, ielen, 179 elems.mdie, elems.mdie_len); 180 if (res != WPA_IE_OK) { 181 wpa_printf(MSG_DEBUG, "WPA/RSN information element " 182 "rejected? (res %u)", res); 183 wpa_hexdump(MSG_DEBUG, "IE", ie, ielen); 184 if (res == WPA_INVALID_GROUP) { 185 reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; 186 status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; 187 } else if (res == WPA_INVALID_PAIRWISE) { 188 reason = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID; 189 status = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID; 190 } else if (res == WPA_INVALID_AKMP) { 191 reason = WLAN_REASON_AKMP_NOT_VALID; 192 status = WLAN_STATUS_AKMP_NOT_VALID; 193 } 194#ifdef CONFIG_IEEE80211W 195 else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION) { 196 reason = WLAN_REASON_INVALID_IE; 197 status = WLAN_STATUS_INVALID_IE; 198 } else if (res == WPA_INVALID_MGMT_GROUP_CIPHER) { 199 reason = WLAN_REASON_GROUP_CIPHER_NOT_VALID; 200 status = WLAN_STATUS_GROUP_CIPHER_NOT_VALID; 201 } 202#endif /* CONFIG_IEEE80211W */ 203 else { 204 reason = WLAN_REASON_INVALID_IE; 205 status = WLAN_STATUS_INVALID_IE; 206 } 207 goto fail; 208 } 209#ifdef CONFIG_IEEE80211W 210 if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && 211 sta->sa_query_count > 0) 212 ap_check_sa_query_timeout(hapd, sta); 213 if ((sta->flags & WLAN_STA_MFP) && !sta->sa_query_timed_out && 214 (sta->auth_alg != WLAN_AUTH_FT)) { 215 /* 216 * STA has already been associated with MFP and SA 217 * Query timeout has not been reached. Reject the 218 * association attempt temporarily and start SA Query, 219 * if one is not pending. 220 */ 221 222 if (sta->sa_query_count == 0) 223 ap_sta_start_sa_query(hapd, sta); 224 225#ifdef CONFIG_IEEE80211R 226 status = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY; 227 228 p = hostapd_eid_assoc_comeback_time(hapd, sta, p); 229 230 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, 231 p - buf); 232#endif /* CONFIG_IEEE80211R */ 233 return 0; 234 } 235 236 if (wpa_auth_uses_mfp(sta->wpa_sm)) 237 sta->flags |= WLAN_STA_MFP; 238 else 239 sta->flags &= ~WLAN_STA_MFP; 240#endif /* CONFIG_IEEE80211W */ 241 242#ifdef CONFIG_IEEE80211R 243 if (sta->auth_alg == WLAN_AUTH_FT) { 244 status = wpa_ft_validate_reassoc(sta->wpa_sm, req_ies, 245 req_ies_len); 246 if (status != WLAN_STATUS_SUCCESS) { 247 if (status == WLAN_STATUS_INVALID_PMKID) 248 reason = WLAN_REASON_INVALID_IE; 249 if (status == WLAN_STATUS_INVALID_MDIE) 250 reason = WLAN_REASON_INVALID_IE; 251 if (status == WLAN_STATUS_INVALID_FTIE) 252 reason = WLAN_REASON_INVALID_IE; 253 goto fail; 254 } 255 } 256#endif /* CONFIG_IEEE80211R */ 257 } else if (hapd->conf->wps_state) { 258#ifdef CONFIG_WPS 259 struct wpabuf *wps; 260 if (req_ies) 261 wps = ieee802_11_vendor_ie_concat(req_ies, req_ies_len, 262 WPS_IE_VENDOR_TYPE); 263 else 264 wps = NULL; 265#ifdef CONFIG_WPS_STRICT 266 if (wps && wps_validate_assoc_req(wps) < 0) { 267 reason = WLAN_REASON_INVALID_IE; 268 status = WLAN_STATUS_INVALID_IE; 269 wpabuf_free(wps); 270 goto fail; 271 } 272#endif /* CONFIG_WPS_STRICT */ 273 if (wps) { 274 sta->flags |= WLAN_STA_WPS; 275 if (wps_is_20(wps)) { 276 wpa_printf(MSG_DEBUG, "WPS: STA supports " 277 "WPS 2.0"); 278 sta->flags |= WLAN_STA_WPS2; 279 } 280 } else 281 sta->flags |= WLAN_STA_MAYBE_WPS; 282 wpabuf_free(wps); 283#endif /* CONFIG_WPS */ 284 } 285#ifdef CONFIG_WPS 286skip_wpa_check: 287#endif /* CONFIG_WPS */ 288 289#ifdef CONFIG_IEEE80211R 290 p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, buf, sizeof(buf), 291 sta->auth_alg, req_ies, req_ies_len); 292 293 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 294#else /* CONFIG_IEEE80211R */ 295 /* Keep compiler silent about unused variables */ 296 if (status) { 297 } 298#endif /* CONFIG_IEEE80211R */ 299 300 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0; 301 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC; 302 303 if (reassoc && (sta->auth_alg == WLAN_AUTH_FT)) 304 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT); 305 else 306 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC); 307 308 hostapd_new_assoc_sta(hapd, sta, !new_assoc); 309 310 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1); 311 312#ifdef CONFIG_P2P 313 if (req_ies) { 314 p2p_group_notif_assoc(hapd->p2p_group, sta->addr, 315 req_ies, req_ies_len); 316 } 317#endif /* CONFIG_P2P */ 318 319 return 0; 320 321fail: 322#ifdef CONFIG_IEEE80211R 323 hostapd_sta_assoc(hapd, addr, reassoc, status, buf, p - buf); 324#endif /* CONFIG_IEEE80211R */ 325 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 326 ap_free_sta(hapd, sta); 327 return -1; 328} 329 330 331void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr) 332{ 333 struct sta_info *sta; 334 335 if (addr == NULL) { 336 /* 337 * This could potentially happen with unexpected event from the 338 * driver wrapper. This was seen at least in one case where the 339 * driver ended up reporting a station mode event while hostapd 340 * was running, so better make sure we stop processing such an 341 * event here. 342 */ 343 wpa_printf(MSG_DEBUG, "hostapd_notif_disassoc: Skip event " 344 "with no address"); 345 return; 346 } 347 348 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 349 HOSTAPD_LEVEL_INFO, "disassociated"); 350 351 sta = ap_get_sta(hapd, addr); 352 if (sta == NULL) { 353 wpa_printf(MSG_DEBUG, "Disassociation notification for " 354 "unknown STA " MACSTR, MAC2STR(addr)); 355 return; 356 } 357 358 ap_sta_set_authorized(hapd, sta, 0); 359 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 360 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC); 361 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST; 362 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 363 ap_free_sta(hapd, sta); 364} 365 366 367void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr) 368{ 369 struct sta_info *sta = ap_get_sta(hapd, addr); 370 371 if (!sta || !hapd->conf->disassoc_low_ack) 372 return; 373 374 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, 375 HOSTAPD_LEVEL_INFO, "disconnected due to excessive " 376 "missing ACKs"); 377 hostapd_drv_sta_disassoc(hapd, addr, WLAN_REASON_DISASSOC_LOW_ACK); 378 if (sta) 379 ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK); 380} 381 382 383void hostapd_event_ch_switch(struct hostapd_data *hapd, int freq, int ht, 384 int offset) 385{ 386#ifdef NEED_AP_MLME 387 int channel; 388 389 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 390 HOSTAPD_LEVEL_INFO, "driver had channel switch: " 391 "freq=%d, ht=%d, offset=%d", freq, ht, offset); 392 393 hapd->iface->freq = freq; 394 395 channel = hostapd_hw_get_channel(hapd, freq); 396 if (!channel) { 397 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211, 398 HOSTAPD_LEVEL_WARNING, "driver switched to " 399 "bad channel!"); 400 return; 401 } 402 403 hapd->iconf->channel = channel; 404 hapd->iconf->ieee80211n = ht; 405 hapd->iconf->secondary_channel = offset; 406#endif /* NEED_AP_MLME */ 407} 408 409 410void hostapd_event_connect_failed_reason(struct hostapd_data *hapd, 411 const u8 *addr, int reason_code) 412{ 413 switch (reason_code) { 414 case MAX_CLIENT_REACHED: 415 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_MAX_STA MACSTR, 416 MAC2STR(addr)); 417 break; 418 case BLOCKED_CLIENT: 419 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_REJECTED_BLOCKED_STA MACSTR, 420 MAC2STR(addr)); 421 break; 422 } 423} 424 425 426int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa, const u8 *da, 427 const u8 *bssid, const u8 *ie, size_t ie_len, 428 int ssi_signal) 429{ 430 size_t i; 431 int ret = 0; 432 433 if (sa == NULL || ie == NULL) 434 return -1; 435 436 random_add_randomness(sa, ETH_ALEN); 437 for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) { 438 if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx, 439 sa, da, bssid, ie, ie_len, 440 ssi_signal) > 0) { 441 ret = 1; 442 break; 443 } 444 } 445 return ret; 446} 447 448 449#ifdef HOSTAPD 450 451#ifdef CONFIG_IEEE80211R 452static void hostapd_notify_auth_ft_finish(void *ctx, const u8 *dst, 453 const u8 *bssid, 454 u16 auth_transaction, u16 status, 455 const u8 *ies, size_t ies_len) 456{ 457 struct hostapd_data *hapd = ctx; 458 struct sta_info *sta; 459 460 sta = ap_get_sta(hapd, dst); 461 if (sta == NULL) 462 return; 463 464 hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211, 465 HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)"); 466 sta->flags |= WLAN_STA_AUTH; 467 468 hostapd_sta_auth(hapd, dst, auth_transaction, status, ies, ies_len); 469} 470#endif /* CONFIG_IEEE80211R */ 471 472 473static void hostapd_notif_auth(struct hostapd_data *hapd, 474 struct auth_info *rx_auth) 475{ 476 struct sta_info *sta; 477 u16 status = WLAN_STATUS_SUCCESS; 478 u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN]; 479 size_t resp_ies_len = 0; 480 481 sta = ap_get_sta(hapd, rx_auth->peer); 482 if (!sta) { 483 sta = ap_sta_add(hapd, rx_auth->peer); 484 if (sta == NULL) { 485 status = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA; 486 goto fail; 487 } 488 } 489 sta->flags &= ~WLAN_STA_PREAUTH; 490 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0); 491#ifdef CONFIG_IEEE80211R 492 if (rx_auth->auth_type == WLAN_AUTH_FT && hapd->wpa_auth) { 493 sta->auth_alg = WLAN_AUTH_FT; 494 if (sta->wpa_sm == NULL) 495 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, 496 sta->addr, NULL); 497 if (sta->wpa_sm == NULL) { 498 wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA " 499 "state machine"); 500 status = WLAN_STATUS_UNSPECIFIED_FAILURE; 501 goto fail; 502 } 503 wpa_ft_process_auth(sta->wpa_sm, rx_auth->bssid, 504 rx_auth->auth_transaction, rx_auth->ies, 505 rx_auth->ies_len, 506 hostapd_notify_auth_ft_finish, hapd); 507 return; 508 } 509#endif /* CONFIG_IEEE80211R */ 510fail: 511 hostapd_sta_auth(hapd, rx_auth->peer, rx_auth->auth_transaction + 1, 512 status, resp_ies, resp_ies_len); 513} 514 515 516static void hostapd_action_rx(struct hostapd_data *hapd, 517 struct rx_action *action) 518{ 519 struct sta_info *sta; 520 521 wpa_printf(MSG_DEBUG, "RX_ACTION cat %d action plen %d", 522 action->category, (int) action->len); 523 524 sta = ap_get_sta(hapd, action->sa); 525 if (sta == NULL) { 526 wpa_printf(MSG_DEBUG, "%s: station not found", __func__); 527 return; 528 } 529#ifdef CONFIG_IEEE80211R 530 if (action->category == WLAN_ACTION_FT) { 531 wpa_printf(MSG_DEBUG, "%s: FT_ACTION length %d", 532 __func__, (int) action->len); 533 wpa_ft_action_rx(sta->wpa_sm, action->data, action->len); 534 } 535#endif /* CONFIG_IEEE80211R */ 536#ifdef CONFIG_IEEE80211W 537 if (action->category == WLAN_ACTION_SA_QUERY && action->len >= 4) { 538 wpa_printf(MSG_DEBUG, "%s: SA_QUERY_ACTION length %d", 539 __func__, (int) action->len); 540 ieee802_11_sa_query_action(hapd, action->sa, 541 *(action->data + 1), 542 action->data + 2); 543 } 544#endif /* CONFIG_IEEE80211W */ 545#ifdef CONFIG_WNM 546 if (action->category == WLAN_ACTION_WNM) { 547 wpa_printf(MSG_DEBUG, "%s: WNM_ACTION length %d", 548 __func__, (int) action->len); 549 ieee802_11_rx_wnm_action_ap(hapd, action); 550 } 551#endif /* CONFIG_WNM */ 552} 553 554 555#ifdef NEED_AP_MLME 556 557#define HAPD_BROADCAST ((struct hostapd_data *) -1) 558 559static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface, 560 const u8 *bssid) 561{ 562 size_t i; 563 564 if (bssid == NULL) 565 return NULL; 566 if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff && 567 bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff) 568 return HAPD_BROADCAST; 569 570 for (i = 0; i < iface->num_bss; i++) { 571 if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0) 572 return iface->bss[i]; 573 } 574 575 return NULL; 576} 577 578 579static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd, 580 const u8 *bssid, const u8 *addr, 581 int wds) 582{ 583 hapd = get_hapd_bssid(hapd->iface, bssid); 584 if (hapd == NULL || hapd == HAPD_BROADCAST) 585 return; 586 587 ieee802_11_rx_from_unknown(hapd, addr, wds); 588} 589 590 591static void hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt) 592{ 593 struct hostapd_iface *iface = hapd->iface; 594 const struct ieee80211_hdr *hdr; 595 const u8 *bssid; 596 struct hostapd_frame_info fi; 597 598 hdr = (const struct ieee80211_hdr *) rx_mgmt->frame; 599 bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len); 600 if (bssid == NULL) 601 return; 602 603 hapd = get_hapd_bssid(iface, bssid); 604 if (hapd == NULL) { 605 u16 fc; 606 fc = le_to_host16(hdr->frame_control); 607 608 /* 609 * Drop frames to unknown BSSIDs except for Beacon frames which 610 * could be used to update neighbor information. 611 */ 612 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 613 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 614 hapd = iface->bss[0]; 615 else 616 return; 617 } 618 619 os_memset(&fi, 0, sizeof(fi)); 620 fi.datarate = rx_mgmt->datarate; 621 fi.ssi_signal = rx_mgmt->ssi_signal; 622 623 if (hapd == HAPD_BROADCAST) { 624 size_t i; 625 for (i = 0; i < iface->num_bss; i++) 626 ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame, 627 rx_mgmt->frame_len, &fi); 628 } else 629 ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, &fi); 630 631 random_add_randomness(&fi, sizeof(fi)); 632} 633 634 635static void hostapd_rx_action(struct hostapd_data *hapd, 636 struct rx_action *rx_action) 637{ 638 struct rx_mgmt rx_mgmt; 639 u8 *buf; 640 struct ieee80211_hdr *hdr; 641 642 wpa_printf(MSG_DEBUG, "EVENT_RX_ACTION DA=" MACSTR " SA=" MACSTR 643 " BSSID=" MACSTR " category=%u", 644 MAC2STR(rx_action->da), MAC2STR(rx_action->sa), 645 MAC2STR(rx_action->bssid), rx_action->category); 646 wpa_hexdump(MSG_MSGDUMP, "Received action frame contents", 647 rx_action->data, rx_action->len); 648 649 buf = os_zalloc(24 + 1 + rx_action->len); 650 if (buf == NULL) 651 return; 652 hdr = (struct ieee80211_hdr *) buf; 653 hdr->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT, 654 WLAN_FC_STYPE_ACTION); 655 if (rx_action->category == WLAN_ACTION_SA_QUERY) { 656 /* 657 * Assume frame was protected; it would have been dropped if 658 * not. 659 */ 660 hdr->frame_control |= host_to_le16(WLAN_FC_ISWEP); 661 } 662 os_memcpy(hdr->addr1, rx_action->da, ETH_ALEN); 663 os_memcpy(hdr->addr2, rx_action->sa, ETH_ALEN); 664 os_memcpy(hdr->addr3, rx_action->bssid, ETH_ALEN); 665 buf[24] = rx_action->category; 666 os_memcpy(buf + 24 + 1, rx_action->data, rx_action->len); 667 os_memset(&rx_mgmt, 0, sizeof(rx_mgmt)); 668 rx_mgmt.frame = buf; 669 rx_mgmt.frame_len = 24 + 1 + rx_action->len; 670 hostapd_mgmt_rx(hapd, &rx_mgmt); 671 os_free(buf); 672} 673 674 675static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf, 676 size_t len, u16 stype, int ok) 677{ 678 struct ieee80211_hdr *hdr; 679 hdr = (struct ieee80211_hdr *) buf; 680 hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len)); 681 if (hapd == NULL || hapd == HAPD_BROADCAST) 682 return; 683 ieee802_11_mgmt_cb(hapd, buf, len, stype, ok); 684} 685 686#endif /* NEED_AP_MLME */ 687 688 689static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr) 690{ 691 struct sta_info *sta = ap_get_sta(hapd, addr); 692 if (sta) 693 return 0; 694 695 wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR 696 " - adding a new STA", MAC2STR(addr)); 697 sta = ap_sta_add(hapd, addr); 698 if (sta) { 699 hostapd_new_assoc_sta(hapd, sta, 0); 700 } else { 701 wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR, 702 MAC2STR(addr)); 703 return -1; 704 } 705 706 return 0; 707} 708 709 710static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src, 711 const u8 *data, size_t data_len) 712{ 713 struct hostapd_iface *iface = hapd->iface; 714 struct sta_info *sta; 715 size_t j; 716 717 for (j = 0; j < iface->num_bss; j++) { 718 if ((sta = ap_get_sta(iface->bss[j], src))) { 719 if (sta->flags & WLAN_STA_ASSOC) { 720 hapd = iface->bss[j]; 721 break; 722 } 723 } 724 } 725 726 ieee802_1x_receive(hapd, src, data, data_len); 727} 728 729 730static struct hostapd_channel_data * hostapd_get_mode_channel( 731 struct hostapd_iface *iface, unsigned int freq) 732{ 733 int i; 734 struct hostapd_channel_data *chan; 735 736 for (i = 0; i < iface->current_mode->num_channels; i++) { 737 chan = &iface->current_mode->channels[i]; 738 if (!chan) 739 return NULL; 740 if ((unsigned int) chan->freq == freq) 741 return chan; 742 } 743 744 return NULL; 745} 746 747 748static void hostapd_update_nf(struct hostapd_iface *iface, 749 struct hostapd_channel_data *chan, 750 struct freq_survey *survey) 751{ 752 if (!iface->chans_surveyed) { 753 chan->min_nf = survey->nf; 754 iface->lowest_nf = survey->nf; 755 } else { 756 if (dl_list_empty(&chan->survey_list)) 757 chan->min_nf = survey->nf; 758 else if (survey->nf < chan->min_nf) 759 chan->min_nf = survey->nf; 760 if (survey->nf < iface->lowest_nf) 761 iface->lowest_nf = survey->nf; 762 } 763} 764 765 766static void hostapd_event_get_survey(struct hostapd_data *hapd, 767 struct survey_results *survey_results) 768{ 769 struct hostapd_iface *iface = hapd->iface; 770 struct freq_survey *survey, *tmp; 771 struct hostapd_channel_data *chan; 772 773 if (dl_list_empty(&survey_results->survey_list)) { 774 wpa_printf(MSG_DEBUG, "No survey data received"); 775 return; 776 } 777 778 dl_list_for_each_safe(survey, tmp, &survey_results->survey_list, 779 struct freq_survey, list) { 780 chan = hostapd_get_mode_channel(iface, survey->freq); 781 if (!chan) 782 continue; 783 if (chan->flag & HOSTAPD_CHAN_DISABLED) 784 continue; 785 786 dl_list_del(&survey->list); 787 dl_list_add_tail(&chan->survey_list, &survey->list); 788 789 hostapd_update_nf(iface, chan, survey); 790 791 iface->chans_surveyed++; 792 } 793} 794 795 796#ifdef NEED_AP_MLME 797 798static void hostapd_event_dfs_radar_detected(struct hostapd_data *hapd, 799 struct dfs_event *radar) 800{ 801 wpa_printf(MSG_DEBUG, "DFS radar detected on %d MHz", radar->freq); 802 hostapd_dfs_radar_detected(hapd, radar->freq, radar->ht_enabled, 803 radar->chan_offset, radar->chan_width, 804 radar->cf1, radar->cf2); 805} 806 807 808static void hostapd_event_dfs_cac_finished(struct hostapd_data *hapd, 809 struct dfs_event *radar) 810{ 811 wpa_printf(MSG_DEBUG, "DFS CAC finished on %d MHz", radar->freq); 812 hostapd_dfs_complete_cac(hapd, 1, radar->freq, radar->ht_enabled, 813 radar->chan_offset, radar->chan_width, 814 radar->cf1, radar->cf2); 815} 816 817 818static void hostapd_event_dfs_cac_aborted(struct hostapd_data *hapd, 819 struct dfs_event *radar) 820{ 821 wpa_printf(MSG_DEBUG, "DFS CAC aborted on %d MHz", radar->freq); 822 hostapd_dfs_complete_cac(hapd, 0, radar->freq, radar->ht_enabled, 823 radar->chan_offset, radar->chan_width, 824 radar->cf1, radar->cf2); 825} 826 827 828static void hostapd_event_dfs_nop_finished(struct hostapd_data *hapd, 829 struct dfs_event *radar) 830{ 831 wpa_printf(MSG_DEBUG, "DFS NOP finished on %d MHz", radar->freq); 832 hostapd_dfs_nop_finished(hapd, radar->freq, radar->ht_enabled, 833 radar->chan_offset, radar->chan_width, 834 radar->cf1, radar->cf2); 835} 836 837#endif /* NEED_AP_MLME */ 838 839 840void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 841 union wpa_event_data *data) 842{ 843 struct hostapd_data *hapd = ctx; 844#ifndef CONFIG_NO_STDOUT_DEBUG 845 int level = MSG_DEBUG; 846 847 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame && 848 data->rx_mgmt.frame_len >= 24) { 849 const struct ieee80211_hdr *hdr; 850 u16 fc; 851 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame; 852 fc = le_to_host16(hdr->frame_control); 853 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 854 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 855 level = MSG_EXCESSIVE; 856 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 857 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_PROBE_REQ) 858 level = MSG_EXCESSIVE; 859 } 860 861 wpa_dbg(hapd->msg_ctx, level, "Event %s (%d) received", 862 event_to_string(event), event); 863#endif /* CONFIG_NO_STDOUT_DEBUG */ 864 865 switch (event) { 866 case EVENT_MICHAEL_MIC_FAILURE: 867 michael_mic_failure(hapd, data->michael_mic_failure.src, 1); 868 break; 869 case EVENT_SCAN_RESULTS: 870 if (hapd->iface->scan_cb) 871 hapd->iface->scan_cb(hapd->iface); 872 break; 873#ifdef CONFIG_IEEE80211R 874 case EVENT_FT_RRB_RX: 875 wpa_ft_rrb_rx(hapd->wpa_auth, data->ft_rrb_rx.src, 876 data->ft_rrb_rx.data, data->ft_rrb_rx.data_len); 877 break; 878#endif /* CONFIG_IEEE80211R */ 879 case EVENT_WPS_BUTTON_PUSHED: 880 hostapd_wps_button_pushed(hapd, NULL); 881 break; 882#ifdef NEED_AP_MLME 883 case EVENT_TX_STATUS: 884 switch (data->tx_status.type) { 885 case WLAN_FC_TYPE_MGMT: 886 hostapd_mgmt_tx_cb(hapd, data->tx_status.data, 887 data->tx_status.data_len, 888 data->tx_status.stype, 889 data->tx_status.ack); 890 break; 891 case WLAN_FC_TYPE_DATA: 892 hostapd_tx_status(hapd, data->tx_status.dst, 893 data->tx_status.data, 894 data->tx_status.data_len, 895 data->tx_status.ack); 896 break; 897 } 898 break; 899 case EVENT_EAPOL_TX_STATUS: 900 hostapd_eapol_tx_status(hapd, data->eapol_tx_status.dst, 901 data->eapol_tx_status.data, 902 data->eapol_tx_status.data_len, 903 data->eapol_tx_status.ack); 904 break; 905 case EVENT_DRIVER_CLIENT_POLL_OK: 906 hostapd_client_poll_ok(hapd, data->client_poll.addr); 907 break; 908 case EVENT_RX_FROM_UNKNOWN: 909 hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.bssid, 910 data->rx_from_unknown.addr, 911 data->rx_from_unknown.wds); 912 break; 913 case EVENT_RX_MGMT: 914 hostapd_mgmt_rx(hapd, &data->rx_mgmt); 915 break; 916#endif /* NEED_AP_MLME */ 917 case EVENT_RX_PROBE_REQ: 918 if (data->rx_probe_req.sa == NULL || 919 data->rx_probe_req.ie == NULL) 920 break; 921 hostapd_probe_req_rx(hapd, data->rx_probe_req.sa, 922 data->rx_probe_req.da, 923 data->rx_probe_req.bssid, 924 data->rx_probe_req.ie, 925 data->rx_probe_req.ie_len, 926 data->rx_probe_req.ssi_signal); 927 break; 928 case EVENT_NEW_STA: 929 hostapd_event_new_sta(hapd, data->new_sta.addr); 930 break; 931 case EVENT_EAPOL_RX: 932 hostapd_event_eapol_rx(hapd, data->eapol_rx.src, 933 data->eapol_rx.data, 934 data->eapol_rx.data_len); 935 break; 936 case EVENT_ASSOC: 937 hostapd_notif_assoc(hapd, data->assoc_info.addr, 938 data->assoc_info.req_ies, 939 data->assoc_info.req_ies_len, 940 data->assoc_info.reassoc); 941 break; 942 case EVENT_DISASSOC: 943 if (data) 944 hostapd_notif_disassoc(hapd, data->disassoc_info.addr); 945 break; 946 case EVENT_DEAUTH: 947 if (data) 948 hostapd_notif_disassoc(hapd, data->deauth_info.addr); 949 break; 950 case EVENT_STATION_LOW_ACK: 951 if (!data) 952 break; 953 hostapd_event_sta_low_ack(hapd, data->low_ack.addr); 954 break; 955 case EVENT_RX_ACTION: 956 if (data->rx_action.da == NULL || data->rx_action.sa == NULL || 957 data->rx_action.bssid == NULL) 958 break; 959#ifdef NEED_AP_MLME 960 hostapd_rx_action(hapd, &data->rx_action); 961#endif /* NEED_AP_MLME */ 962 hostapd_action_rx(hapd, &data->rx_action); 963 break; 964 case EVENT_AUTH: 965 hostapd_notif_auth(hapd, &data->auth); 966 break; 967 case EVENT_CH_SWITCH: 968 if (!data) 969 break; 970 hostapd_event_ch_switch(hapd, data->ch_switch.freq, 971 data->ch_switch.ht_enabled, 972 data->ch_switch.ch_offset); 973 break; 974 case EVENT_CONNECT_FAILED_REASON: 975 if (!data) 976 break; 977 hostapd_event_connect_failed_reason( 978 hapd, data->connect_failed_reason.addr, 979 data->connect_failed_reason.code); 980 break; 981 case EVENT_SURVEY: 982 hostapd_event_get_survey(hapd, &data->survey_results); 983 break; 984#ifdef NEED_AP_MLME 985 case EVENT_DFS_RADAR_DETECTED: 986 if (!data) 987 break; 988 hostapd_event_dfs_radar_detected(hapd, &data->dfs_event); 989 break; 990 case EVENT_DFS_CAC_FINISHED: 991 if (!data) 992 break; 993 hostapd_event_dfs_cac_finished(hapd, &data->dfs_event); 994 break; 995 case EVENT_DFS_CAC_ABORTED: 996 if (!data) 997 break; 998 hostapd_event_dfs_cac_aborted(hapd, &data->dfs_event); 999 break; 1000 case EVENT_DFS_NOP_FINISHED: 1001 if (!data) 1002 break; 1003 hostapd_event_dfs_nop_finished(hapd, &data->dfs_event); 1004 break; 1005 case EVENT_CHANNEL_LIST_CHANGED: 1006 /* channel list changed (regulatory?), update channel list */ 1007 /* TODO: check this. hostapd_get_hw_features() initializes 1008 * too much stuff. */ 1009 /* hostapd_get_hw_features(hapd->iface); */ 1010 break; 1011#endif /* NEED_AP_MLME */ 1012 default: 1013 wpa_printf(MSG_DEBUG, "Unknown event %d", event); 1014 break; 1015 } 1016} 1017 1018#endif /* HOSTAPD */ 1019