1/* 2 * hostapd / Station table 3 * Copyright (c) 2002-2016, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "utils/includes.h" 10 11#include "utils/common.h" 12#include "utils/eloop.h" 13#include "common/ieee802_11_defs.h" 14#include "common/wpa_ctrl.h" 15#include "common/sae.h" 16#include "radius/radius.h" 17#include "radius/radius_client.h" 18#include "p2p/p2p.h" 19#include "fst/fst.h" 20#include "hostapd.h" 21#include "accounting.h" 22#include "ieee802_1x.h" 23#include "ieee802_11.h" 24#include "ieee802_11_auth.h" 25#include "wpa_auth.h" 26#include "preauth_auth.h" 27#include "ap_config.h" 28#include "beacon.h" 29#include "ap_mlme.h" 30#include "vlan_init.h" 31#include "p2p_hostapd.h" 32#include "ap_drv_ops.h" 33#include "gas_serv.h" 34#include "wnm_ap.h" 35#include "mbo_ap.h" 36#include "ndisc_snoop.h" 37#include "sta_info.h" 38#include "vlan.h" 39#include "wps_hostapd.h" 40 41static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 42 struct sta_info *sta); 43static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); 44static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx); 45static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); 46static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); 47#ifdef CONFIG_IEEE80211W 48static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); 49#endif /* CONFIG_IEEE80211W */ 50static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); 51static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); 52 53int ap_for_each_sta(struct hostapd_data *hapd, 54 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 55 void *ctx), 56 void *ctx) 57{ 58 struct sta_info *sta; 59 60 for (sta = hapd->sta_list; sta; sta = sta->next) { 61 if (cb(hapd, sta, ctx)) 62 return 1; 63 } 64 65 return 0; 66} 67 68 69struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) 70{ 71 struct sta_info *s; 72 73 s = hapd->sta_hash[STA_HASH(sta)]; 74 while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) 75 s = s->hnext; 76 return s; 77} 78 79 80#ifdef CONFIG_P2P 81struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) 82{ 83 struct sta_info *sta; 84 85 for (sta = hapd->sta_list; sta; sta = sta->next) { 86 const u8 *p2p_dev_addr; 87 88 if (sta->p2p_ie == NULL) 89 continue; 90 91 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); 92 if (p2p_dev_addr == NULL) 93 continue; 94 95 if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) 96 return sta; 97 } 98 99 return NULL; 100} 101#endif /* CONFIG_P2P */ 102 103 104static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) 105{ 106 struct sta_info *tmp; 107 108 if (hapd->sta_list == sta) { 109 hapd->sta_list = sta->next; 110 return; 111 } 112 113 tmp = hapd->sta_list; 114 while (tmp != NULL && tmp->next != sta) 115 tmp = tmp->next; 116 if (tmp == NULL) { 117 wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " 118 "list.", MAC2STR(sta->addr)); 119 } else 120 tmp->next = sta->next; 121} 122 123 124void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) 125{ 126 sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; 127 hapd->sta_hash[STA_HASH(sta->addr)] = sta; 128} 129 130 131static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) 132{ 133 struct sta_info *s; 134 135 s = hapd->sta_hash[STA_HASH(sta->addr)]; 136 if (s == NULL) return; 137 if (os_memcmp(s->addr, sta->addr, 6) == 0) { 138 hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; 139 return; 140 } 141 142 while (s->hnext != NULL && 143 os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) 144 s = s->hnext; 145 if (s->hnext != NULL) 146 s->hnext = s->hnext->hnext; 147 else 148 wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR 149 " from hash table", MAC2STR(sta->addr)); 150} 151 152 153void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta) 154{ 155 sta_ip6addr_del(hapd, sta); 156} 157 158 159void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) 160{ 161 int set_beacon = 0; 162 163 accounting_sta_stop(hapd, sta); 164 165 /* just in case */ 166 ap_sta_set_authorized(hapd, sta, 0); 167 168 if (sta->flags & WLAN_STA_WDS) 169 hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); 170 171 if (sta->ipaddr) 172 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); 173 ap_sta_ip6addr_del(hapd, sta); 174 175 if (!hapd->iface->driver_ap_teardown && 176 !(sta->flags & WLAN_STA_PREAUTH)) { 177 hostapd_drv_sta_remove(hapd, sta->addr); 178 sta->added_unassoc = 0; 179 } 180 181 ap_sta_hash_del(hapd, sta); 182 ap_sta_list_del(hapd, sta); 183 184 if (sta->aid > 0) 185 hapd->sta_aid[(sta->aid - 1) / 32] &= 186 ~BIT((sta->aid - 1) % 32); 187 188 hapd->num_sta--; 189 if (sta->nonerp_set) { 190 sta->nonerp_set = 0; 191 hapd->iface->num_sta_non_erp--; 192 if (hapd->iface->num_sta_non_erp == 0) 193 set_beacon++; 194 } 195 196 if (sta->no_short_slot_time_set) { 197 sta->no_short_slot_time_set = 0; 198 hapd->iface->num_sta_no_short_slot_time--; 199 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 200 && hapd->iface->num_sta_no_short_slot_time == 0) 201 set_beacon++; 202 } 203 204 if (sta->no_short_preamble_set) { 205 sta->no_short_preamble_set = 0; 206 hapd->iface->num_sta_no_short_preamble--; 207 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G 208 && hapd->iface->num_sta_no_short_preamble == 0) 209 set_beacon++; 210 } 211 212 if (sta->no_ht_gf_set) { 213 sta->no_ht_gf_set = 0; 214 hapd->iface->num_sta_ht_no_gf--; 215 } 216 217 if (sta->no_ht_set) { 218 sta->no_ht_set = 0; 219 hapd->iface->num_sta_no_ht--; 220 } 221 222 if (sta->ht_20mhz_set) { 223 sta->ht_20mhz_set = 0; 224 hapd->iface->num_sta_ht_20mhz--; 225 } 226 227#ifdef CONFIG_TAXONOMY 228 wpabuf_free(sta->probe_ie_taxonomy); 229 sta->probe_ie_taxonomy = NULL; 230 wpabuf_free(sta->assoc_ie_taxonomy); 231 sta->assoc_ie_taxonomy = NULL; 232#endif /* CONFIG_TAXONOMY */ 233 234#ifdef CONFIG_IEEE80211N 235 ht40_intolerant_remove(hapd->iface, sta); 236#endif /* CONFIG_IEEE80211N */ 237 238#ifdef CONFIG_P2P 239 if (sta->no_p2p_set) { 240 sta->no_p2p_set = 0; 241 hapd->num_sta_no_p2p--; 242 if (hapd->num_sta_no_p2p == 0) 243 hostapd_p2p_non_p2p_sta_disconnected(hapd); 244 } 245#endif /* CONFIG_P2P */ 246 247#if defined(NEED_AP_MLME) && defined(CONFIG_IEEE80211N) 248 if (hostapd_ht_operation_update(hapd->iface) > 0) 249 set_beacon++; 250#endif /* NEED_AP_MLME && CONFIG_IEEE80211N */ 251 252#ifdef CONFIG_MESH 253 if (hapd->mesh_sta_free_cb) 254 hapd->mesh_sta_free_cb(hapd, sta); 255#endif /* CONFIG_MESH */ 256 257 if (set_beacon) 258 ieee802_11_set_beacons(hapd->iface); 259 260 wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, 261 __func__, MAC2STR(sta->addr)); 262 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 263 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 264 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); 265 ap_sta_clear_disconnect_timeouts(hapd, sta); 266 sae_clear_retransmit_timer(hapd, sta); 267 268 ieee802_1x_free_station(hapd, sta); 269 wpa_auth_sta_deinit(sta->wpa_sm); 270 rsn_preauth_free_station(hapd, sta); 271#ifndef CONFIG_NO_RADIUS 272 if (hapd->radius) 273 radius_client_flush_auth(hapd->radius, sta->addr); 274#endif /* CONFIG_NO_RADIUS */ 275 276#ifndef CONFIG_NO_VLAN 277 /* 278 * sta->wpa_sm->group needs to be released before so that 279 * vlan_remove_dynamic() can check that no stations are left on the 280 * AP_VLAN netdev. 281 */ 282 if (sta->vlan_id) 283 vlan_remove_dynamic(hapd, sta->vlan_id); 284 if (sta->vlan_id_bound) { 285 /* 286 * Need to remove the STA entry before potentially removing the 287 * VLAN. 288 */ 289 if (hapd->iface->driver_ap_teardown && 290 !(sta->flags & WLAN_STA_PREAUTH)) { 291 hostapd_drv_sta_remove(hapd, sta->addr); 292 sta->added_unassoc = 0; 293 } 294 vlan_remove_dynamic(hapd, sta->vlan_id_bound); 295 } 296#endif /* CONFIG_NO_VLAN */ 297 298 os_free(sta->challenge); 299 300#ifdef CONFIG_IEEE80211W 301 os_free(sta->sa_query_trans_id); 302 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 303#endif /* CONFIG_IEEE80211W */ 304 305#ifdef CONFIG_P2P 306 p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); 307#endif /* CONFIG_P2P */ 308 309#ifdef CONFIG_INTERWORKING 310 if (sta->gas_dialog) { 311 int i; 312 for (i = 0; i < GAS_DIALOG_MAX; i++) 313 gas_serv_dialog_clear(&sta->gas_dialog[i]); 314 os_free(sta->gas_dialog); 315 } 316#endif /* CONFIG_INTERWORKING */ 317 318 wpabuf_free(sta->wps_ie); 319 wpabuf_free(sta->p2p_ie); 320 wpabuf_free(sta->hs20_ie); 321#ifdef CONFIG_FST 322 wpabuf_free(sta->mb_ies); 323#endif /* CONFIG_FST */ 324 325 os_free(sta->ht_capabilities); 326 os_free(sta->vht_capabilities); 327 hostapd_free_psk_list(sta->psk); 328 os_free(sta->identity); 329 os_free(sta->radius_cui); 330 os_free(sta->remediation_url); 331 wpabuf_free(sta->hs20_deauth_req); 332 os_free(sta->hs20_session_info_url); 333 334#ifdef CONFIG_SAE 335 sae_clear_data(sta->sae); 336 os_free(sta->sae); 337#endif /* CONFIG_SAE */ 338 339 mbo_ap_sta_free(sta); 340 os_free(sta->supp_op_classes); 341 342#ifdef CONFIG_FILS 343 os_free(sta->fils_pending_assoc_req); 344 wpabuf_free(sta->fils_hlp_resp); 345 wpabuf_free(sta->hlp_dhcp_discover); 346 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); 347#endif /* CONFIG_FILS */ 348 349 os_free(sta); 350} 351 352 353void hostapd_free_stas(struct hostapd_data *hapd) 354{ 355 struct sta_info *sta, *prev; 356 357 sta = hapd->sta_list; 358 359 while (sta) { 360 prev = sta; 361 if (sta->flags & WLAN_STA_AUTH) { 362 mlme_deauthenticate_indication( 363 hapd, sta, WLAN_REASON_UNSPECIFIED); 364 } 365 sta = sta->next; 366 wpa_printf(MSG_DEBUG, "Removing station " MACSTR, 367 MAC2STR(prev->addr)); 368 ap_free_sta(hapd, prev); 369 } 370} 371 372 373/** 374 * ap_handle_timer - Per STA timer handler 375 * @eloop_ctx: struct hostapd_data * 376 * @timeout_ctx: struct sta_info * 377 * 378 * This function is called to check station activity and to remove inactive 379 * stations. 380 */ 381void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) 382{ 383 struct hostapd_data *hapd = eloop_ctx; 384 struct sta_info *sta = timeout_ctx; 385 unsigned long next_time = 0; 386 int reason; 387 388 wpa_printf(MSG_DEBUG, "%s: %s: " MACSTR " flags=0x%x timeout_next=%d", 389 hapd->conf->iface, __func__, MAC2STR(sta->addr), sta->flags, 390 sta->timeout_next); 391 if (sta->timeout_next == STA_REMOVE) { 392 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 393 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 394 "local deauth request"); 395 ap_free_sta(hapd, sta); 396 return; 397 } 398 399 if ((sta->flags & WLAN_STA_ASSOC) && 400 (sta->timeout_next == STA_NULLFUNC || 401 sta->timeout_next == STA_DISASSOC)) { 402 int inactive_sec; 403 /* 404 * Add random value to timeout so that we don't end up bouncing 405 * all stations at the same time if we have lots of associated 406 * stations that are idle (but keep re-associating). 407 */ 408 int fuzz = os_random() % 20; 409 inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); 410 if (inactive_sec == -1) { 411 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 412 "Check inactivity: Could not " 413 "get station info from kernel driver for " 414 MACSTR, MAC2STR(sta->addr)); 415 /* 416 * The driver may not support this functionality. 417 * Anyway, try again after the next inactivity timeout, 418 * but do not disconnect the station now. 419 */ 420 next_time = hapd->conf->ap_max_inactivity + fuzz; 421 } else if (inactive_sec == -ENOENT) { 422 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 423 "Station " MACSTR " has lost its driver entry", 424 MAC2STR(sta->addr)); 425 426 /* Avoid sending client probe on removed client */ 427 sta->timeout_next = STA_DISASSOC; 428 goto skip_poll; 429 } else if (inactive_sec < hapd->conf->ap_max_inactivity) { 430 /* station activity detected; reset timeout state */ 431 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 432 "Station " MACSTR " has been active %is ago", 433 MAC2STR(sta->addr), inactive_sec); 434 sta->timeout_next = STA_NULLFUNC; 435 next_time = hapd->conf->ap_max_inactivity + fuzz - 436 inactive_sec; 437 } else { 438 wpa_msg(hapd->msg_ctx, MSG_DEBUG, 439 "Station " MACSTR " has been " 440 "inactive too long: %d sec, max allowed: %d", 441 MAC2STR(sta->addr), inactive_sec, 442 hapd->conf->ap_max_inactivity); 443 444 if (hapd->conf->skip_inactivity_poll) 445 sta->timeout_next = STA_DISASSOC; 446 } 447 } 448 449 if ((sta->flags & WLAN_STA_ASSOC) && 450 sta->timeout_next == STA_DISASSOC && 451 !(sta->flags & WLAN_STA_PENDING_POLL) && 452 !hapd->conf->skip_inactivity_poll) { 453 wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR 454 " has ACKed data poll", MAC2STR(sta->addr)); 455 /* data nullfunc frame poll did not produce TX errors; assume 456 * station ACKed it */ 457 sta->timeout_next = STA_NULLFUNC; 458 next_time = hapd->conf->ap_max_inactivity; 459 } 460 461skip_poll: 462 if (next_time) { 463 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 464 "for " MACSTR " (%lu seconds)", 465 __func__, MAC2STR(sta->addr), next_time); 466 eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, 467 sta); 468 return; 469 } 470 471 if (sta->timeout_next == STA_NULLFUNC && 472 (sta->flags & WLAN_STA_ASSOC)) { 473 wpa_printf(MSG_DEBUG, " Polling STA"); 474 sta->flags |= WLAN_STA_PENDING_POLL; 475 hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, 476 sta->flags & WLAN_STA_WMM); 477 } else if (sta->timeout_next != STA_REMOVE) { 478 int deauth = sta->timeout_next == STA_DEAUTH; 479 480 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 481 "Timeout, sending %s info to STA " MACSTR, 482 deauth ? "deauthentication" : "disassociation", 483 MAC2STR(sta->addr)); 484 485 if (deauth) { 486 hostapd_drv_sta_deauth( 487 hapd, sta->addr, 488 WLAN_REASON_PREV_AUTH_NOT_VALID); 489 } else { 490 reason = (sta->timeout_next == STA_DISASSOC) ? 491 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 492 WLAN_REASON_PREV_AUTH_NOT_VALID; 493 494 hostapd_drv_sta_disassoc(hapd, sta->addr, reason); 495 } 496 } 497 498 switch (sta->timeout_next) { 499 case STA_NULLFUNC: 500 sta->timeout_next = STA_DISASSOC; 501 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 502 "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", 503 __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); 504 eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, 505 hapd, sta); 506 break; 507 case STA_DISASSOC: 508 case STA_DISASSOC_FROM_CLI: 509 ap_sta_set_authorized(hapd, sta, 0); 510 sta->flags &= ~WLAN_STA_ASSOC; 511 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 512 if (!sta->acct_terminate_cause) 513 sta->acct_terminate_cause = 514 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 515 accounting_sta_stop(hapd, sta); 516 ieee802_1x_free_station(hapd, sta); 517 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 518 HOSTAPD_LEVEL_INFO, "disassociated due to " 519 "inactivity"); 520 reason = (sta->timeout_next == STA_DISASSOC) ? 521 WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : 522 WLAN_REASON_PREV_AUTH_NOT_VALID; 523 sta->timeout_next = STA_DEAUTH; 524 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 525 "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", 526 __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); 527 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, 528 hapd, sta); 529 mlme_disassociate_indication(hapd, sta, reason); 530 break; 531 case STA_DEAUTH: 532 case STA_REMOVE: 533 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 534 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 535 "inactivity (timer DEAUTH/REMOVE)"); 536 if (!sta->acct_terminate_cause) 537 sta->acct_terminate_cause = 538 RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; 539 mlme_deauthenticate_indication( 540 hapd, sta, 541 WLAN_REASON_PREV_AUTH_NOT_VALID); 542 ap_free_sta(hapd, sta); 543 break; 544 } 545} 546 547 548static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) 549{ 550 struct hostapd_data *hapd = eloop_ctx; 551 struct sta_info *sta = timeout_ctx; 552 553 wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR, 554 hapd->conf->iface, MAC2STR(sta->addr)); 555 if (!(sta->flags & WLAN_STA_AUTH)) { 556 if (sta->flags & WLAN_STA_GAS) { 557 wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " 558 "entry " MACSTR, MAC2STR(sta->addr)); 559 ap_free_sta(hapd, sta); 560 } 561 return; 562 } 563 564 hostapd_drv_sta_deauth(hapd, sta->addr, 565 WLAN_REASON_PREV_AUTH_NOT_VALID); 566 mlme_deauthenticate_indication(hapd, sta, 567 WLAN_REASON_PREV_AUTH_NOT_VALID); 568 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 569 HOSTAPD_LEVEL_INFO, "deauthenticated due to " 570 "session timeout"); 571 sta->acct_terminate_cause = 572 RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; 573 ap_free_sta(hapd, sta); 574} 575 576 577void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, 578 u32 session_timeout) 579{ 580 if (eloop_replenish_timeout(session_timeout, 0, 581 ap_handle_session_timer, hapd, sta) == 1) { 582 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 583 HOSTAPD_LEVEL_DEBUG, "setting session timeout " 584 "to %d seconds", session_timeout); 585 } 586} 587 588 589void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 590 u32 session_timeout) 591{ 592 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 593 HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " 594 "seconds", session_timeout); 595 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 596 eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, 597 hapd, sta); 598} 599 600 601void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) 602{ 603 eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); 604} 605 606 607static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx) 608{ 609#ifdef CONFIG_WNM 610 struct hostapd_data *hapd = eloop_ctx; 611 struct sta_info *sta = timeout_ctx; 612 613 wpa_printf(MSG_DEBUG, "%s: WNM: Session warning time reached for " 614 MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); 615 if (sta->hs20_session_info_url == NULL) 616 return; 617 618 wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url, 619 sta->hs20_disassoc_timer); 620#endif /* CONFIG_WNM */ 621} 622 623 624void ap_sta_session_warning_timeout(struct hostapd_data *hapd, 625 struct sta_info *sta, int warning_time) 626{ 627 eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); 628 eloop_register_timeout(warning_time, 0, ap_handle_session_warning_timer, 629 hapd, sta); 630} 631 632 633struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) 634{ 635 struct sta_info *sta; 636 637 sta = ap_get_sta(hapd, addr); 638 if (sta) 639 return sta; 640 641 wpa_printf(MSG_DEBUG, " New STA"); 642 if (hapd->num_sta >= hapd->conf->max_num_sta) { 643 /* FIX: might try to remove some old STAs first? */ 644 wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", 645 hapd->num_sta, hapd->conf->max_num_sta); 646 return NULL; 647 } 648 649 sta = os_zalloc(sizeof(struct sta_info)); 650 if (sta == NULL) { 651 wpa_printf(MSG_ERROR, "malloc failed"); 652 return NULL; 653 } 654 sta->acct_interim_interval = hapd->conf->acct_interim_interval; 655 if (accounting_sta_get_id(hapd, sta) < 0) { 656 os_free(sta); 657 return NULL; 658 } 659 660 if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { 661 wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " 662 "for " MACSTR " (%d seconds - ap_max_inactivity)", 663 __func__, MAC2STR(addr), 664 hapd->conf->ap_max_inactivity); 665 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, 666 ap_handle_timer, hapd, sta); 667 } 668 669 /* initialize STA info data */ 670 os_memcpy(sta->addr, addr, ETH_ALEN); 671 sta->next = hapd->sta_list; 672 hapd->sta_list = sta; 673 hapd->num_sta++; 674 ap_sta_hash_add(hapd, sta); 675 ap_sta_remove_in_other_bss(hapd, sta); 676 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 677 dl_list_init(&sta->ip6addr); 678 679#ifdef CONFIG_TAXONOMY 680 sta_track_claim_taxonomy_info(hapd->iface, addr, 681 &sta->probe_ie_taxonomy); 682#endif /* CONFIG_TAXONOMY */ 683 684 return sta; 685} 686 687 688static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) 689{ 690 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 691 692 if (sta->ipaddr) 693 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); 694 ap_sta_ip6addr_del(hapd, sta); 695 696 wpa_printf(MSG_DEBUG, "%s: Removing STA " MACSTR " from kernel driver", 697 hapd->conf->iface, MAC2STR(sta->addr)); 698 if (hostapd_drv_sta_remove(hapd, sta->addr) && 699 sta->flags & WLAN_STA_ASSOC) { 700 wpa_printf(MSG_DEBUG, "%s: Could not remove station " MACSTR 701 " from kernel driver", 702 hapd->conf->iface, MAC2STR(sta->addr)); 703 return -1; 704 } 705 sta->added_unassoc = 0; 706 return 0; 707} 708 709 710static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, 711 struct sta_info *sta) 712{ 713 struct hostapd_iface *iface = hapd->iface; 714 size_t i; 715 716 for (i = 0; i < iface->num_bss; i++) { 717 struct hostapd_data *bss = iface->bss[i]; 718 struct sta_info *sta2; 719 /* bss should always be set during operation, but it may be 720 * NULL during reconfiguration. Assume the STA is not 721 * associated to another BSS in that case to avoid NULL pointer 722 * dereferences. */ 723 if (bss == hapd || bss == NULL) 724 continue; 725 sta2 = ap_get_sta(bss, sta->addr); 726 if (!sta2) 727 continue; 728 729 wpa_printf(MSG_DEBUG, "%s: disconnect old STA " MACSTR 730 " association from another BSS %s", 731 hapd->conf->iface, MAC2STR(sta2->addr), 732 bss->conf->iface); 733 ap_sta_disconnect(bss, sta2, sta2->addr, 734 WLAN_REASON_PREV_AUTH_NOT_VALID); 735 } 736} 737 738 739static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) 740{ 741 struct hostapd_data *hapd = eloop_ctx; 742 struct sta_info *sta = timeout_ctx; 743 744 wpa_printf(MSG_DEBUG, "%s: Disassociation callback for STA " MACSTR, 745 hapd->conf->iface, MAC2STR(sta->addr)); 746 ap_sta_remove(hapd, sta); 747 mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); 748} 749 750 751void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 752 u16 reason) 753{ 754 wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, 755 hapd->conf->iface, MAC2STR(sta->addr)); 756 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 757 if (hapd->iface->current_mode && 758 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 759 /* Skip deauthentication in DMG/IEEE 802.11ad */ 760 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | 761 WLAN_STA_ASSOC_REQ_OK); 762 sta->timeout_next = STA_REMOVE; 763 } else { 764 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 765 sta->timeout_next = STA_DEAUTH; 766 } 767 ap_sta_set_authorized(hapd, sta, 0); 768 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 769 "for " MACSTR " (%d seconds - " 770 "AP_MAX_INACTIVITY_AFTER_DISASSOC)", 771 __func__, MAC2STR(sta->addr), 772 AP_MAX_INACTIVITY_AFTER_DISASSOC); 773 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 774 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, 775 ap_handle_timer, hapd, sta); 776 accounting_sta_stop(hapd, sta); 777 ieee802_1x_free_station(hapd, sta); 778 779 sta->disassoc_reason = reason; 780 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 781 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 782 eloop_register_timeout(hapd->iface->drv_flags & 783 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 784 ap_sta_disassoc_cb_timeout, hapd, sta); 785} 786 787 788static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) 789{ 790 struct hostapd_data *hapd = eloop_ctx; 791 struct sta_info *sta = timeout_ctx; 792 793 wpa_printf(MSG_DEBUG, "%s: Deauthentication callback for STA " MACSTR, 794 hapd->conf->iface, MAC2STR(sta->addr)); 795 ap_sta_remove(hapd, sta); 796 mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); 797} 798 799 800void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 801 u16 reason) 802{ 803 if (hapd->iface->current_mode && 804 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 805 /* Deauthentication is not used in DMG/IEEE 802.11ad; 806 * disassociate the STA instead. */ 807 ap_sta_disassociate(hapd, sta, reason); 808 return; 809 } 810 811 wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, 812 hapd->conf->iface, MAC2STR(sta->addr)); 813 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; 814 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); 815 ap_sta_set_authorized(hapd, sta, 0); 816 sta->timeout_next = STA_REMOVE; 817 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " 818 "for " MACSTR " (%d seconds - " 819 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 820 __func__, MAC2STR(sta->addr), 821 AP_MAX_INACTIVITY_AFTER_DEAUTH); 822 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 823 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 824 ap_handle_timer, hapd, sta); 825 accounting_sta_stop(hapd, sta); 826 ieee802_1x_free_station(hapd, sta); 827 828 sta->deauth_reason = reason; 829 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 830 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 831 eloop_register_timeout(hapd->iface->drv_flags & 832 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 833 ap_sta_deauth_cb_timeout, hapd, sta); 834} 835 836 837#ifdef CONFIG_WPS 838int ap_sta_wps_cancel(struct hostapd_data *hapd, 839 struct sta_info *sta, void *ctx) 840{ 841 if (sta && (sta->flags & WLAN_STA_WPS)) { 842 ap_sta_deauthenticate(hapd, sta, 843 WLAN_REASON_PREV_AUTH_NOT_VALID); 844 wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, 845 __func__, MAC2STR(sta->addr)); 846 return 1; 847 } 848 849 return 0; 850} 851#endif /* CONFIG_WPS */ 852 853 854static int ap_sta_get_free_vlan_id(struct hostapd_data *hapd) 855{ 856 struct hostapd_vlan *vlan; 857 int vlan_id = MAX_VLAN_ID + 2; 858 859retry: 860 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 861 if (vlan->vlan_id == vlan_id) { 862 vlan_id++; 863 goto retry; 864 } 865 } 866 return vlan_id; 867} 868 869 870int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, 871 struct vlan_description *vlan_desc) 872{ 873 struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL; 874 int old_vlan_id, vlan_id = 0, ret = 0; 875 876 if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED) 877 vlan_desc = NULL; 878 879 /* Check if there is something to do */ 880 if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) { 881 /* This sta is lacking its own vif */ 882 } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED && 883 !hapd->conf->ssid.per_sta_vif && sta->vlan_id) { 884 /* sta->vlan_id needs to be reset */ 885 } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) { 886 return 0; /* nothing to change */ 887 } 888 889 /* Now the real VLAN changed or the STA just needs its own vif */ 890 if (hapd->conf->ssid.per_sta_vif) { 891 /* Assign a new vif, always */ 892 /* find a free vlan_id sufficiently big */ 893 vlan_id = ap_sta_get_free_vlan_id(hapd); 894 /* Get wildcard VLAN */ 895 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 896 if (vlan->vlan_id == VLAN_ID_WILDCARD) 897 break; 898 } 899 if (!vlan) { 900 hostapd_logger(hapd, sta->addr, 901 HOSTAPD_MODULE_IEEE80211, 902 HOSTAPD_LEVEL_DEBUG, 903 "per_sta_vif missing wildcard"); 904 vlan_id = 0; 905 ret = -1; 906 goto done; 907 } 908 } else if (vlan_desc && vlan_desc->notempty) { 909 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 910 if (!vlan_compare(&vlan->vlan_desc, vlan_desc)) 911 break; 912 if (vlan->vlan_id == VLAN_ID_WILDCARD) 913 wildcard_vlan = vlan; 914 } 915 if (vlan) { 916 vlan_id = vlan->vlan_id; 917 } else if (wildcard_vlan) { 918 vlan = wildcard_vlan; 919 vlan_id = vlan_desc->untagged; 920 if (vlan_desc->tagged[0]) { 921 /* Tagged VLAN configuration */ 922 vlan_id = ap_sta_get_free_vlan_id(hapd); 923 } 924 } else { 925 hostapd_logger(hapd, sta->addr, 926 HOSTAPD_MODULE_IEEE80211, 927 HOSTAPD_LEVEL_DEBUG, 928 "missing vlan and wildcard for vlan=%d%s", 929 vlan_desc->untagged, 930 vlan_desc->tagged[0] ? "+" : ""); 931 vlan_id = 0; 932 ret = -1; 933 goto done; 934 } 935 } 936 937 if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) { 938 vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc); 939 if (vlan == NULL) { 940 hostapd_logger(hapd, sta->addr, 941 HOSTAPD_MODULE_IEEE80211, 942 HOSTAPD_LEVEL_DEBUG, 943 "could not add dynamic VLAN interface for vlan=%d%s", 944 vlan_desc ? vlan_desc->untagged : -1, 945 (vlan_desc && vlan_desc->tagged[0]) ? 946 "+" : ""); 947 vlan_id = 0; 948 ret = -1; 949 goto done; 950 } 951 952 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 953 HOSTAPD_LEVEL_DEBUG, 954 "added new dynamic VLAN interface '%s'", 955 vlan->ifname); 956 } else if (vlan && vlan->dynamic_vlan > 0) { 957 vlan->dynamic_vlan++; 958 hostapd_logger(hapd, sta->addr, 959 HOSTAPD_MODULE_IEEE80211, 960 HOSTAPD_LEVEL_DEBUG, 961 "updated existing dynamic VLAN interface '%s'", 962 vlan->ifname); 963 } 964done: 965 old_vlan_id = sta->vlan_id; 966 sta->vlan_id = vlan_id; 967 sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL; 968 969 if (vlan_id != old_vlan_id && old_vlan_id) 970 vlan_remove_dynamic(hapd, old_vlan_id); 971 972 return ret; 973} 974 975 976int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) 977{ 978#ifndef CONFIG_NO_VLAN 979 const char *iface; 980 struct hostapd_vlan *vlan = NULL; 981 int ret; 982 int old_vlanid = sta->vlan_id_bound; 983 984 iface = hapd->conf->iface; 985 if (hapd->conf->ssid.vlan[0]) 986 iface = hapd->conf->ssid.vlan; 987 988 if (sta->vlan_id > 0) { 989 for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { 990 if (vlan->vlan_id == sta->vlan_id) 991 break; 992 } 993 if (vlan) 994 iface = vlan->ifname; 995 } 996 997 /* 998 * Do not increment ref counters if the VLAN ID remains same, but do 999 * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might 1000 * have been called before. 1001 */ 1002 if (sta->vlan_id == old_vlanid) 1003 goto skip_counting; 1004 1005 if (sta->vlan_id > 0 && vlan == NULL) { 1006 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1007 HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " 1008 "binding station to (vlan_id=%d)", 1009 sta->vlan_id); 1010 ret = -1; 1011 goto done; 1012 } else if (vlan && vlan->dynamic_vlan > 0) { 1013 vlan->dynamic_vlan++; 1014 hostapd_logger(hapd, sta->addr, 1015 HOSTAPD_MODULE_IEEE80211, 1016 HOSTAPD_LEVEL_DEBUG, 1017 "updated existing dynamic VLAN interface '%s'", 1018 iface); 1019 } 1020 1021 /* ref counters have been increased, so mark the station */ 1022 sta->vlan_id_bound = sta->vlan_id; 1023 1024skip_counting: 1025 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1026 HOSTAPD_LEVEL_DEBUG, "binding station to interface " 1027 "'%s'", iface); 1028 1029 if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) 1030 wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); 1031 1032 ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); 1033 if (ret < 0) { 1034 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1035 HOSTAPD_LEVEL_DEBUG, "could not bind the STA " 1036 "entry to vlan_id=%d", sta->vlan_id); 1037 } 1038 1039 /* During 1x reauth, if the vlan id changes, then remove the old id. */ 1040 if (old_vlanid > 0 && old_vlanid != sta->vlan_id) 1041 vlan_remove_dynamic(hapd, old_vlanid); 1042done: 1043 1044 return ret; 1045#else /* CONFIG_NO_VLAN */ 1046 return 0; 1047#endif /* CONFIG_NO_VLAN */ 1048} 1049 1050 1051#ifdef CONFIG_IEEE80211W 1052 1053int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) 1054{ 1055 u32 tu; 1056 struct os_reltime now, passed; 1057 os_get_reltime(&now); 1058 os_reltime_sub(&now, &sta->sa_query_start, &passed); 1059 tu = (passed.sec * 1000000 + passed.usec) / 1024; 1060 if (hapd->conf->assoc_sa_query_max_timeout < tu) { 1061 hostapd_logger(hapd, sta->addr, 1062 HOSTAPD_MODULE_IEEE80211, 1063 HOSTAPD_LEVEL_DEBUG, 1064 "association SA Query timed out"); 1065 sta->sa_query_timed_out = 1; 1066 os_free(sta->sa_query_trans_id); 1067 sta->sa_query_trans_id = NULL; 1068 sta->sa_query_count = 0; 1069 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 1070 return 1; 1071 } 1072 1073 return 0; 1074} 1075 1076 1077static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) 1078{ 1079 struct hostapd_data *hapd = eloop_ctx; 1080 struct sta_info *sta = timeout_ctx; 1081 unsigned int timeout, sec, usec; 1082 u8 *trans_id, *nbuf; 1083 1084 wpa_printf(MSG_DEBUG, "%s: SA Query timer for STA " MACSTR 1085 " (count=%d)", 1086 hapd->conf->iface, MAC2STR(sta->addr), sta->sa_query_count); 1087 1088 if (sta->sa_query_count > 0 && 1089 ap_check_sa_query_timeout(hapd, sta)) 1090 return; 1091 1092 nbuf = os_realloc_array(sta->sa_query_trans_id, 1093 sta->sa_query_count + 1, 1094 WLAN_SA_QUERY_TR_ID_LEN); 1095 if (nbuf == NULL) 1096 return; 1097 if (sta->sa_query_count == 0) { 1098 /* Starting a new SA Query procedure */ 1099 os_get_reltime(&sta->sa_query_start); 1100 } 1101 trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; 1102 sta->sa_query_trans_id = nbuf; 1103 sta->sa_query_count++; 1104 1105 if (os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0) { 1106 /* 1107 * We don't really care which ID is used here, so simply 1108 * hardcode this if the mostly theoretical os_get_random() 1109 * failure happens. 1110 */ 1111 trans_id[0] = 0x12; 1112 trans_id[1] = 0x34; 1113 } 1114 1115 timeout = hapd->conf->assoc_sa_query_retry_timeout; 1116 sec = ((timeout / 1000) * 1024) / 1000; 1117 usec = (timeout % 1000) * 1024; 1118 eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); 1119 1120 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, 1121 HOSTAPD_LEVEL_DEBUG, 1122 "association SA Query attempt %d", sta->sa_query_count); 1123 1124 ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); 1125} 1126 1127 1128void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 1129{ 1130 ap_sa_query_timer(hapd, sta); 1131} 1132 1133 1134void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) 1135{ 1136 eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); 1137 os_free(sta->sa_query_trans_id); 1138 sta->sa_query_trans_id = NULL; 1139 sta->sa_query_count = 0; 1140} 1141 1142#endif /* CONFIG_IEEE80211W */ 1143 1144 1145void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, 1146 int authorized) 1147{ 1148 const u8 *dev_addr = NULL; 1149 char buf[100]; 1150#ifdef CONFIG_P2P 1151 u8 addr[ETH_ALEN]; 1152 u8 ip_addr_buf[4]; 1153#endif /* CONFIG_P2P */ 1154 1155 if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) 1156 return; 1157 1158 if (authorized) 1159 sta->flags |= WLAN_STA_AUTHORIZED; 1160 else 1161 sta->flags &= ~WLAN_STA_AUTHORIZED; 1162 1163#ifdef CONFIG_P2P 1164 if (hapd->p2p_group == NULL) { 1165 if (sta->p2p_ie != NULL && 1166 p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) 1167 dev_addr = addr; 1168 } else 1169 dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); 1170 1171 if (dev_addr) 1172 os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, 1173 MAC2STR(sta->addr), MAC2STR(dev_addr)); 1174 else 1175#endif /* CONFIG_P2P */ 1176 os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); 1177 1178 if (hapd->sta_authorized_cb) 1179 hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, 1180 sta->addr, authorized, dev_addr); 1181 1182 if (authorized) { 1183 char ip_addr[100]; 1184 ip_addr[0] = '\0'; 1185#ifdef CONFIG_P2P 1186 if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { 1187 os_snprintf(ip_addr, sizeof(ip_addr), 1188 " ip_addr=%u.%u.%u.%u", 1189 ip_addr_buf[0], ip_addr_buf[1], 1190 ip_addr_buf[2], ip_addr_buf[3]); 1191 } 1192#endif /* CONFIG_P2P */ 1193 1194 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s", 1195 buf, ip_addr); 1196 1197 if (hapd->msg_ctx_parent && 1198 hapd->msg_ctx_parent != hapd->msg_ctx) 1199 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 1200 AP_STA_CONNECTED "%s%s", 1201 buf, ip_addr); 1202 } else { 1203 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); 1204 1205 if (hapd->msg_ctx_parent && 1206 hapd->msg_ctx_parent != hapd->msg_ctx) 1207 wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, 1208 AP_STA_DISCONNECTED "%s", buf); 1209 } 1210 1211#ifdef CONFIG_FST 1212 if (hapd->iface->fst) { 1213 if (authorized) 1214 fst_notify_peer_connected(hapd->iface->fst, sta->addr); 1215 else 1216 fst_notify_peer_disconnected(hapd->iface->fst, 1217 sta->addr); 1218 } 1219#endif /* CONFIG_FST */ 1220} 1221 1222 1223void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 1224 const u8 *addr, u16 reason) 1225{ 1226 if (sta) 1227 wpa_printf(MSG_DEBUG, "%s: %s STA " MACSTR " reason=%u", 1228 hapd->conf->iface, __func__, MAC2STR(sta->addr), 1229 reason); 1230 else if (addr) 1231 wpa_printf(MSG_DEBUG, "%s: %s addr " MACSTR " reason=%u", 1232 hapd->conf->iface, __func__, MAC2STR(addr), 1233 reason); 1234 1235 if (sta == NULL && addr) 1236 sta = ap_get_sta(hapd, addr); 1237 1238 if (addr) 1239 hostapd_drv_sta_deauth(hapd, addr, reason); 1240 1241 if (sta == NULL) 1242 return; 1243 ap_sta_set_authorized(hapd, sta, 0); 1244 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); 1245 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); 1246 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); 1247 wpa_printf(MSG_DEBUG, "%s: %s: reschedule ap_handle_timer timeout " 1248 "for " MACSTR " (%d seconds - " 1249 "AP_MAX_INACTIVITY_AFTER_DEAUTH)", 1250 hapd->conf->iface, __func__, MAC2STR(sta->addr), 1251 AP_MAX_INACTIVITY_AFTER_DEAUTH); 1252 eloop_cancel_timeout(ap_handle_timer, hapd, sta); 1253 eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, 1254 ap_handle_timer, hapd, sta); 1255 sta->timeout_next = STA_REMOVE; 1256 1257 if (hapd->iface->current_mode && 1258 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { 1259 /* Deauthentication is not used in DMG/IEEE 802.11ad; 1260 * disassociate the STA instead. */ 1261 sta->disassoc_reason = reason; 1262 sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; 1263 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1264 eloop_register_timeout(hapd->iface->drv_flags & 1265 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 1266 2 : 0, 0, ap_sta_disassoc_cb_timeout, 1267 hapd, sta); 1268 return; 1269 } 1270 1271 sta->deauth_reason = reason; 1272 sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; 1273 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1274 eloop_register_timeout(hapd->iface->drv_flags & 1275 WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, 1276 ap_sta_deauth_cb_timeout, hapd, sta); 1277} 1278 1279 1280void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) 1281{ 1282 if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { 1283 wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); 1284 return; 1285 } 1286 sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; 1287 eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); 1288 ap_sta_deauth_cb_timeout(hapd, sta); 1289} 1290 1291 1292void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) 1293{ 1294 if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { 1295 wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); 1296 return; 1297 } 1298 sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; 1299 eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); 1300 ap_sta_disassoc_cb_timeout(hapd, sta); 1301} 1302 1303 1304void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, 1305 struct sta_info *sta) 1306{ 1307 if (eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta) > 0) 1308 wpa_printf(MSG_DEBUG, 1309 "%s: Removed ap_sta_deauth_cb_timeout timeout for " 1310 MACSTR, 1311 hapd->conf->iface, MAC2STR(sta->addr)); 1312 if (eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta) > 0) 1313 wpa_printf(MSG_DEBUG, 1314 "%s: Removed ap_sta_disassoc_cb_timeout timeout for " 1315 MACSTR, 1316 hapd->conf->iface, MAC2STR(sta->addr)); 1317 if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0) 1318 { 1319 wpa_printf(MSG_DEBUG, 1320 "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for " 1321 MACSTR, 1322 hapd->conf->iface, MAC2STR(sta->addr)); 1323 if (sta->flags & WLAN_STA_WPS) 1324 hostapd_wps_eap_completed(hapd); 1325 } 1326} 1327 1328 1329int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) 1330{ 1331 int res; 1332 1333 buf[0] = '\0'; 1334 res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", 1335 (flags & WLAN_STA_AUTH ? "[AUTH]" : ""), 1336 (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""), 1337 (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""), 1338 (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" : 1339 ""), 1340 (flags & WLAN_STA_SHORT_PREAMBLE ? 1341 "[SHORT_PREAMBLE]" : ""), 1342 (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""), 1343 (flags & WLAN_STA_WMM ? "[WMM]" : ""), 1344 (flags & WLAN_STA_MFP ? "[MFP]" : ""), 1345 (flags & WLAN_STA_WPS ? "[WPS]" : ""), 1346 (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""), 1347 (flags & WLAN_STA_WDS ? "[WDS]" : ""), 1348 (flags & WLAN_STA_NONERP ? "[NonERP]" : ""), 1349 (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""), 1350 (flags & WLAN_STA_GAS ? "[GAS]" : ""), 1351 (flags & WLAN_STA_VHT ? "[VHT]" : ""), 1352 (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""), 1353 (flags & WLAN_STA_WNM_SLEEP_MODE ? 1354 "[WNM_SLEEP_MODE]" : "")); 1355 if (os_snprintf_error(buflen, res)) 1356 res = -1; 1357 1358 return res; 1359} 1360 1361 1362static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx) 1363{ 1364 struct hostapd_data *hapd = eloop_ctx; 1365 struct sta_info *sta = timeout_ctx; 1366 1367 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1368 "IEEE 802.1X: Scheduled disconnection of " MACSTR 1369 " after EAP-Failure", MAC2STR(sta->addr)); 1370 1371 ap_sta_disconnect(hapd, sta, sta->addr, 1372 WLAN_REASON_IEEE_802_1X_AUTH_FAILED); 1373 if (sta->flags & WLAN_STA_WPS) 1374 hostapd_wps_eap_completed(hapd); 1375} 1376 1377 1378void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 1379 struct sta_info *sta) 1380{ 1381 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, 1382 "IEEE 802.1X: Force disconnection of " MACSTR 1383 " after EAP-Failure in 10 ms", MAC2STR(sta->addr)); 1384 1385 /* 1386 * Add a small sleep to increase likelihood of previously requested 1387 * EAP-Failure TX getting out before this should the driver reorder 1388 * operations. 1389 */ 1390 eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta); 1391 eloop_register_timeout(0, 10000, ap_sta_delayed_1x_auth_fail_cb, 1392 hapd, sta); 1393} 1394 1395 1396int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 1397 struct sta_info *sta) 1398{ 1399 return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb, 1400 hapd, sta); 1401} 1402