[thirdparty/hostap.git] / src / ap / drv_callbacks.c

/*
 * hostapd / Callback functions for driver wrappers
 * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * Alternatively, this software may be distributed under the terms of BSD
 * license.
 *
 * See README and COPYING for more details.
 */

#include "utils/includes.h"

#include "utils/common.h"
#include "radius/radius.h"
#include "drivers/driver.h"
#include "common/ieee802_11_defs.h"
#include "common/ieee802_11_common.h"
#include "common/wpa_ctrl.h"
#include "wps/wps.h"
#include "hostapd.h"
#include "ieee802_11.h"
#include "sta_info.h"
#include "accounting.h"
#include "tkip_countermeasures.h"
#include "iapp.h"
#include "ieee802_1x.h"
#include "wpa_auth.h"
#include "wmm.h"
#include "wps_hostapd.h"
#include "ap_config.h"


int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
			const u8 *ie, size_t ielen)
{
	struct sta_info *sta;
	int new_assoc, res;
	struct ieee802_11_elems elems;
#ifdef CONFIG_P2P
	const u8 *all_ies = ie;
	size_t all_ies_len = ielen;
#endif /* CONFIG_P2P */

	if (addr == NULL) {
		/*
		 * This could potentially happen with unexpected event from the
		 * driver wrapper. This was seen at least in one case where the
		 * driver ended up being set to station mode while hostapd was
		 * running, so better make sure we stop processing such an
		 * event here.
		 */
		wpa_printf(MSG_DEBUG, "hostapd_notif_assoc: Skip event with "
			   "no address");
		return -1;
	}

	hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
		       HOSTAPD_LEVEL_INFO, "associated");

	ieee802_11_parse_elems(ie, ielen, &elems, 0);
	if (elems.wps_ie) {
		ie = elems.wps_ie - 2;
		ielen = elems.wps_ie_len + 2;
		wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq");
	} else if (elems.rsn_ie) {
		ie = elems.rsn_ie - 2;
		ielen = elems.rsn_ie_len + 2;
		wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq");
	} else if (elems.wpa_ie) {
		ie = elems.wpa_ie - 2;
		ielen = elems.wpa_ie_len + 2;
		wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq");
	} else {
		ie = NULL;
		ielen = 0;
		wpa_printf(MSG_DEBUG, "STA did not include WPS/RSN/WPA IE in "
			   "(Re)AssocReq");
	}

	sta = ap_get_sta(hapd, addr);
	if (sta) {
		accounting_sta_stop(hapd, sta);
	} else {
		sta = ap_sta_add(hapd, addr);
		if (sta == NULL)
			return -1;
	}
	sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS);

#ifdef CONFIG_P2P
	if (elems.p2p) {
		wpabuf_free(sta->p2p_ie);
		sta->p2p_ie = ieee802_11_vendor_ie_concat(all_ies, all_ies_len,
							  P2P_IE_VENDOR_TYPE);
	}
#endif /* CONFIG_P2P */

	if (hapd->conf->wpa) {
		if (ie == NULL || ielen == 0) {
			if (hapd->conf->wps_state) {
				wpa_printf(MSG_DEBUG, "STA did not include "
					   "WPA/RSN IE in (Re)Association "
					   "Request - possible WPS use");
				sta->flags |= WLAN_STA_MAYBE_WPS;
				goto skip_wpa_check;
			}

			wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA");
			return -1;
		}
		if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 &&
		    os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) {
			sta->flags |= WLAN_STA_WPS;
			goto skip_wpa_check;
		}

		if (sta->wpa_sm == NULL)
			sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
							sta->addr);
		if (sta->wpa_sm == NULL) {
			wpa_printf(MSG_ERROR, "Failed to initialize WPA state "
				   "machine");
			return -1;
		}
		res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
					  ie, ielen, NULL, 0);
		if (res != WPA_IE_OK) {
			int resp;
			wpa_printf(MSG_DEBUG, "WPA/RSN information element "
				   "rejected? (res %u)", res);
			wpa_hexdump(MSG_DEBUG, "IE", ie, ielen);
			if (res == WPA_INVALID_GROUP)
				resp = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
			else if (res == WPA_INVALID_PAIRWISE)
				resp = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID;
			else if (res == WPA_INVALID_AKMP)
				resp = WLAN_REASON_AKMP_NOT_VALID;
#ifdef CONFIG_IEEE80211W
			else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
				resp = WLAN_REASON_INVALID_IE;
			else if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
				resp = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
#endif /* CONFIG_IEEE80211W */
			else
				resp = WLAN_REASON_INVALID_IE;
			hapd->drv.sta_disassoc(hapd, sta->addr, resp);
			ap_free_sta(hapd, sta);
			return -1;
		}
	} else if (hapd->conf->wps_state) {
#ifdef CONFIG_WPS_STRICT
		struct wpabuf *wps;
		wps = ieee802_11_vendor_ie_concat(ie, ielen,
						  WPS_IE_VENDOR_TYPE);
		if (wps && wps_validate_assoc_req(wps) < 0) {
			hapd->drv.sta_disassoc(hapd, sta->addr,
					       WLAN_REASON_INVALID_IE);
			ap_free_sta(hapd, sta);
			wpabuf_free(wps);
			return -1;
		}
		wpabuf_free(wps);
#endif /* CONFIG_WPS_STRICT */
		if (ie && ielen > 4 && ie[0] == 0xdd && ie[1] >= 4 &&
		    os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) {
			sta->flags |= WLAN_STA_WPS;
		} else
			sta->flags |= WLAN_STA_MAYBE_WPS;
	}
skip_wpa_check:

	new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0;
	sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
	wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);

	hostapd_new_assoc_sta(hapd, sta, !new_assoc);

	ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);

	return 0;
}


void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr)
{
	struct sta_info *sta;

	hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
		       HOSTAPD_LEVEL_INFO, "disassociated");

	sta = ap_get_sta(hapd, addr);
	if (sta == NULL) {
		wpa_printf(MSG_DEBUG, "Disassociation notification for "
			   "unknown STA " MACSTR, MAC2STR(addr));
		return;
	}

	sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED MACSTR,
		MAC2STR(sta->addr));
	wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
	sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
	ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
	ap_free_sta(hapd, sta);
}


#ifdef HOSTAPD

#ifdef NEED_AP_MLME

static const u8 * get_hdr_bssid(const struct ieee80211_hdr *hdr, size_t len)
{
	u16 fc, type, stype;

	/*
	 * PS-Poll frames are 16 bytes. All other frames are
	 * 24 bytes or longer.
	 */
	if (len < 16)
		return NULL;

	fc = le_to_host16(hdr->frame_control);
	type = WLAN_FC_GET_TYPE(fc);
	stype = WLAN_FC_GET_STYPE(fc);

	switch (type) {
	case WLAN_FC_TYPE_DATA:
		if (len < 24)
			return NULL;
		switch (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) {
		case WLAN_FC_FROMDS | WLAN_FC_TODS:
		case WLAN_FC_TODS:
			return hdr->addr1;
		case WLAN_FC_FROMDS:
			return hdr->addr2;
		default:
			return NULL;
		}
	case WLAN_FC_TYPE_CTRL:
		if (stype != WLAN_FC_STYPE_PSPOLL)
			return NULL;
		return hdr->addr1;
	case WLAN_FC_TYPE_MGMT:
		return hdr->addr3;
	default:
		return NULL;
	}
}


#define HAPD_BROADCAST ((struct hostapd_data *) -1)

static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface,
					    const u8 *bssid)
{
	size_t i;

	if (bssid == NULL)
		return NULL;
	if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff &&
	    bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff)
		return HAPD_BROADCAST;

	for (i = 0; i < iface->num_bss; i++) {
		if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0)
			return iface->bss[i];
	}

	return NULL;
}


static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd,
					const u8 *frame, size_t len)
{
	const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) frame;
	u16 fc = le_to_host16(hdr->frame_control);
	hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len));
	if (hapd == NULL || hapd == HAPD_BROADCAST)
		return;

	ieee802_11_rx_from_unknown(hapd, hdr->addr2,
				   (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
				   (WLAN_FC_TODS | WLAN_FC_FROMDS));
}


static void hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt)
{
	struct hostapd_iface *iface = hapd->iface;
	const struct ieee80211_hdr *hdr;
	const u8 *bssid;
	struct hostapd_frame_info fi;

	hdr = (const struct ieee80211_hdr *) rx_mgmt->frame;
	bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len);
	if (bssid == NULL)
		return;

	hapd = get_hapd_bssid(iface, bssid);
	if (hapd == NULL) {
		u16 fc;
		fc = le_to_host16(hdr->frame_control);

		/*
		 * Drop frames to unknown BSSIDs except for Beacon frames which
		 * could be used to update neighbor information.
		 */
		if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
		    WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON)
			hapd = iface->bss[0];
		else
			return;
	}

	os_memset(&fi, 0, sizeof(fi));
	fi.datarate = rx_mgmt->datarate;
	fi.ssi_signal = rx_mgmt->ssi_signal;

	if (hapd == HAPD_BROADCAST) {
		size_t i;
		for (i = 0; i < iface->num_bss; i++)
			ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame,
					rx_mgmt->frame_len, &fi);
	} else
		ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, &fi);
}


static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf,
			       size_t len, u16 stype, int ok)
{
	struct ieee80211_hdr *hdr;
	hdr = (struct ieee80211_hdr *) buf;
	hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len));
	if (hapd == NULL || hapd == HAPD_BROADCAST)
		return;
	ieee802_11_mgmt_cb(hapd, buf, len, stype, ok);
}

#endif /* NEED_AP_MLME */


static int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa,
				const u8 *ie, size_t ie_len)
{
	size_t i;
	int ret = 0;

	for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) {
		if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx,
					    sa, ie, ie_len) > 0) {
			ret = 1;
			break;
		}
	}
	return ret;
}


static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr)
{
	struct sta_info *sta = ap_get_sta(hapd, addr);
	if (sta)
		return 0;

	wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR
		   " - adding a new STA", MAC2STR(addr));
	sta = ap_sta_add(hapd, addr);
	if (sta) {
		hostapd_new_assoc_sta(hapd, sta, 0);
	} else {
		wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR,
			   MAC2STR(addr));
		return -1;
	}

	return 0;
}


static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src,
				   const u8 *data, size_t data_len)
{
	struct hostapd_iface *iface = hapd->iface;
	size_t j;

	for (j = 0; j < iface->num_bss; j++) {
		if (ap_get_sta(iface->bss[j], src)) {
			hapd = iface->bss[j];
			break;
		}
	}

	ieee802_1x_receive(hapd, src, data, data_len);
}


void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
			  union wpa_event_data *data)
{
	struct hostapd_data *hapd = ctx;

	switch (event) {
	case EVENT_MICHAEL_MIC_FAILURE:
		michael_mic_failure(hapd, data->michael_mic_failure.src, 1);
		break;
	case EVENT_SCAN_RESULTS:
		if (hapd->iface->scan_cb)
			hapd->iface->scan_cb(hapd->iface);
		break;
#ifdef CONFIG_IEEE80211R
	case EVENT_FT_RRB_RX:
		wpa_ft_rrb_rx(hapd->wpa_auth, data->ft_rrb_rx.src,
			      data->ft_rrb_rx.data, data->ft_rrb_rx.data_len);
		break;
#endif /* CONFIG_IEEE80211R */
	case EVENT_WPS_BUTTON_PUSHED:
		hostapd_wps_button_pushed(hapd);
		break;
#ifdef NEED_AP_MLME
	case EVENT_TX_STATUS:
		switch (data->tx_status.type) {
		case WLAN_FC_TYPE_MGMT:
			hostapd_mgmt_tx_cb(hapd, data->tx_status.data,
					   data->tx_status.data_len,
					   data->tx_status.stype,
					   data->tx_status.ack);
			break;
		case WLAN_FC_TYPE_DATA:
			hostapd_tx_status(hapd, data->tx_status.dst,
					  data->tx_status.data,
					  data->tx_status.data_len,
					  data->tx_status.ack);
			break;
		}
		break;
	case EVENT_RX_FROM_UNKNOWN:
		hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.frame,
					    data->rx_from_unknown.len);
		break;
	case EVENT_RX_MGMT:
		hostapd_mgmt_rx(hapd, &data->rx_mgmt);
		break;
#endif /* NEED_AP_MLME */
	case EVENT_RX_PROBE_REQ:
		hostapd_probe_req_rx(hapd, data->rx_probe_req.sa,
				     data->rx_probe_req.ie,
				     data->rx_probe_req.ie_len);
		break;
	case EVENT_NEW_STA:
		hostapd_event_new_sta(hapd, data->new_sta.addr);
		break;
	case EVENT_EAPOL_RX:
		hostapd_event_eapol_rx(hapd, data->eapol_rx.src,
				       data->eapol_rx.data,
				       data->eapol_rx.data_len);
		break;
	case EVENT_ASSOC:
		hostapd_notif_assoc(hapd, data->assoc_info.addr,
				    data->assoc_info.req_ies,
				    data->assoc_info.req_ies_len);
		break;
	case EVENT_DISASSOC:
		if (data)
			hostapd_notif_disassoc(hapd, data->disassoc_info.addr);
		break;
	case EVENT_DEAUTH:
		if (data)
			hostapd_notif_disassoc(hapd, data->deauth_info.addr);
		break;
	default:
		wpa_printf(MSG_DEBUG, "Unknown event %d", event);
		break;
	}
}

#endif /* HOSTAPD */
Commit	Line	Data
b5b969e9 JM	1	/*
	2	* hostapd / Callback functions for driver wrappers
	3	* Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License version 2 as
	7	* published by the Free Software Foundation.
	8	*
	9	* Alternatively, this software may be distributed under the terms of BSD
	10	* license.
	11	*
	12	* See README and COPYING for more details.
	13	*/
	14
6226e38d	15	#include "utils/includes.h"
b5b969e9	16
6226e38d	17	#include "utils/common.h"
b5b969e9	18	#include "radius/radius.h"
6e6e8c31	19	#include "drivers/driver.h"
81f4f619	20	#include "common/ieee802_11_defs.h"
c41a1095	21	#include "common/ieee802_11_common.h"
9a3cb18d	22	#include "common/wpa_ctrl.h"
54f489be	23	#include "wps/wps.h"
6226e38d JM	24	#include "hostapd.h"
	25	#include "ieee802_11.h"
	26	#include "sta_info.h"
	27	#include "accounting.h"
	28	#include "tkip_countermeasures.h"
	29	#include "iapp.h"
	30	#include "ieee802_1x.h"
	31	#include "wpa_auth.h"
	32	#include "wmm.h"
	33	#include "wps_hostapd.h"
8b06c1ed	34	#include "ap_config.h"
b5b969e9 JM	35
b5b969e9 JM	36
b5b969e9 JM	37	int hostapd_notif_assoc(struct hostapd_data hapd, const u8 addr,
	38	const u8 *ie, size_t ielen)
	39	{
	40	struct sta_info *sta;
	41	int new_assoc, res;
c41a1095	42	struct ieee802_11_elems elems;
b305c684 JM	43	#ifdef CONFIG_P2P
	44	const u8 *all_ies = ie;
	45	size_t all_ies_len = ielen;
	46	#endif /* CONFIG_P2P */
b5b969e9	47
68532a9c JM	48	if (addr == NULL) {
	49	/*
	50	* This could potentially happen with unexpected event from the
	51	* driver wrapper. This was seen at least in one case where the
	52	* driver ended up being set to station mode while hostapd was
	53	* running, so better make sure we stop processing such an
	54	* event here.
	55	*/
	56	wpa_printf(MSG_DEBUG, "hostapd_notif_assoc: Skip event with "
	57	"no address");
	58	return -1;
	59	}
	60
b5b969e9 JM	61	hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
	62	HOSTAPD_LEVEL_INFO, "associated");
	63
c41a1095 JM	64	ieee802_11_parse_elems(ie, ielen, &elems, 0);
	65	if (elems.wps_ie) {
	66	ie = elems.wps_ie - 2;
	67	ielen = elems.wps_ie_len + 2;
	68	wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq");
	69	} else if (elems.rsn_ie) {
	70	ie = elems.rsn_ie - 2;
	71	ielen = elems.rsn_ie_len + 2;
	72	wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq");
	73	} else if (elems.wpa_ie) {
	74	ie = elems.wpa_ie - 2;
	75	ielen = elems.wpa_ie_len + 2;
	76	wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq");
	77	} else {
	78	ie = NULL;
	79	ielen = 0;
	80	wpa_printf(MSG_DEBUG, "STA did not include WPS/RSN/WPA IE in "
	81	"(Re)AssocReq");
	82	}
	83
b5b969e9 JM	84	sta = ap_get_sta(hapd, addr);
	85	if (sta) {
	86	accounting_sta_stop(hapd, sta);
	87	} else {
	88	sta = ap_sta_add(hapd, addr);
	89	if (sta == NULL)
	90	return -1;
	91	}
	92	sta->flags &= ~(WLAN_STA_WPS \| WLAN_STA_MAYBE_WPS);
	93
b305c684 JM	94	#ifdef CONFIG_P2P
	95	if (elems.p2p) {
	96	wpabuf_free(sta->p2p_ie);
	97	sta->p2p_ie = ieee802_11_vendor_ie_concat(all_ies, all_ies_len,
	98	P2P_IE_VENDOR_TYPE);
	99	}
	100	#endif /* CONFIG_P2P */
	101
b5b969e9 JM	102	if (hapd->conf->wpa) {
	103	if (ie == NULL \|\| ielen == 0) {
	104	if (hapd->conf->wps_state) {
	105	wpa_printf(MSG_DEBUG, "STA did not include "
	106	"WPA/RSN IE in (Re)Association "
	107	"Request - possible WPS use");
	108	sta->flags \|= WLAN_STA_MAYBE_WPS;
	109	goto skip_wpa_check;
	110	}
	111
	112	wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA");
	113	return -1;
	114	}
	115	if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 &&
	116	os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) {
	117	sta->flags \|= WLAN_STA_WPS;
	118	goto skip_wpa_check;
	119	}
	120
	121	if (sta->wpa_sm == NULL)
	122	sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
	123	sta->addr);
	124	if (sta->wpa_sm == NULL) {
	125	wpa_printf(MSG_ERROR, "Failed to initialize WPA state "
	126	"machine");
	127	return -1;
	128	}
	129	res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
	130	ie, ielen, NULL, 0);
	131	if (res != WPA_IE_OK) {
355d36a7	132	int resp;
b5b969e9 JM	133	wpa_printf(MSG_DEBUG, "WPA/RSN information element "
	134	"rejected? (res %u)", res);
	135	wpa_hexdump(MSG_DEBUG, "IE", ie, ielen);
355d36a7 AT	136	if (res == WPA_INVALID_GROUP)
	137	resp = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
	138	else if (res == WPA_INVALID_PAIRWISE)
	139	resp = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID;
	140	else if (res == WPA_INVALID_AKMP)
	141	resp = WLAN_REASON_AKMP_NOT_VALID;
	142	#ifdef CONFIG_IEEE80211W
	143	else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
	144	resp = WLAN_REASON_INVALID_IE;
	145	else if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
	146	resp = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
	147	#endif /* CONFIG_IEEE80211W */
	148	else
	149	resp = WLAN_REASON_INVALID_IE;
bdee6fce	150	hapd->drv.sta_disassoc(hapd, sta->addr, resp);
355d36a7	151	ap_free_sta(hapd, sta);
b5b969e9 JM	152	return -1;
b5b969e9 JM	153	}
a9aca28b	154	} else if (hapd->conf->wps_state) {
54f489be JM	155	#ifdef CONFIG_WPS_STRICT
	156	struct wpabuf *wps;
	157	wps = ieee802_11_vendor_ie_concat(ie, ielen,
	158	WPS_IE_VENDOR_TYPE);
	159	if (wps && wps_validate_assoc_req(wps) < 0) {
	160	hapd->drv.sta_disassoc(hapd, sta->addr,
	161	WLAN_REASON_INVALID_IE);
	162	ap_free_sta(hapd, sta);
	163	wpabuf_free(wps);
	164	return -1;
	165	}
	166	wpabuf_free(wps);
	167	#endif /* CONFIG_WPS_STRICT */
a9aca28b JM	168	if (ie && ielen > 4 && ie[0] == 0xdd && ie[1] >= 4 &&
	169	os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) {
	170	sta->flags \|= WLAN_STA_WPS;
	171	} else
	172	sta->flags \|= WLAN_STA_MAYBE_WPS;
b5b969e9 JM	173	}
	174	skip_wpa_check:
	175
	176	new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0;
	177	sta->flags \|= WLAN_STA_AUTH \| WLAN_STA_ASSOC;
	178	wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
	179
	180	hostapd_new_assoc_sta(hapd, sta, !new_assoc);
	181
	182	ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
	183
	184	return 0;
	185	}
	186
	187
	188	void hostapd_notif_disassoc(struct hostapd_data hapd, const u8 addr)
	189	{
	190	struct sta_info *sta;
	191
	192	hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
	193	HOSTAPD_LEVEL_INFO, "disassociated");
	194
	195	sta = ap_get_sta(hapd, addr);
	196	if (sta == NULL) {
	197	wpa_printf(MSG_DEBUG, "Disassociation notification for "
	198	"unknown STA " MACSTR, MAC2STR(addr));
	199	return;
	200	}
	201
	202	sta->flags &= ~(WLAN_STA_AUTH \| WLAN_STA_ASSOC);
9a3cb18d JM	203	wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED MACSTR,
9a3cb18d JM	204	MAC2STR(sta->addr));
b5b969e9 JM	205	wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
	206	sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
	207	ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
	208	ap_free_sta(hapd, sta);
	209	}
	210
	211
f8b1f695 JM	212	#ifdef HOSTAPD
f8b1f695 JM	213
fe6bdb77	214	#ifdef NEED_AP_MLME
f8b1f695 JM	215
	216	static const u8 * get_hdr_bssid(const struct ieee80211_hdr *hdr, size_t len)
	217	{
	218	u16 fc, type, stype;
	219
	220	/*
	221	* PS-Poll frames are 16 bytes. All other frames are
	222	* 24 bytes or longer.
	223	*/
	224	if (len < 16)
	225	return NULL;
	226
	227	fc = le_to_host16(hdr->frame_control);
	228	type = WLAN_FC_GET_TYPE(fc);
	229	stype = WLAN_FC_GET_STYPE(fc);
	230
	231	switch (type) {
	232	case WLAN_FC_TYPE_DATA:
	233	if (len < 24)
	234	return NULL;
	235	switch (fc & (WLAN_FC_FROMDS \| WLAN_FC_TODS)) {
fbbfcbac	236	case WLAN_FC_FROMDS \| WLAN_FC_TODS:
f8b1f695 JM	237	case WLAN_FC_TODS:
	238	return hdr->addr1;
	239	case WLAN_FC_FROMDS:
	240	return hdr->addr2;
	241	default:
	242	return NULL;
	243	}
	244	case WLAN_FC_TYPE_CTRL:
	245	if (stype != WLAN_FC_STYPE_PSPOLL)
	246	return NULL;
	247	return hdr->addr1;
	248	case WLAN_FC_TYPE_MGMT:
	249	return hdr->addr3;
	250	default:
	251	return NULL;
	252	}
	253	}
	254
	255
	256	#define HAPD_BROADCAST ((struct hostapd_data *) -1)
	257
	258	static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface,
	259	const u8 *bssid)
	260	{
	261	size_t i;
	262
	263	if (bssid == NULL)
	264	return NULL;
	265	if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff &&
	266	bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff)
	267	return HAPD_BROADCAST;
	268
	269	for (i = 0; i < iface->num_bss; i++) {
	270	if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0)
	271	return iface->bss[i];
	272	}
	273
	274	return NULL;
	275	}
	276
	277
	278	static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd,
0d9fc3d8	279	const u8 *frame, size_t len)
f8b1f695	280	{
0d9fc3d8	281	const struct ieee80211_hdr hdr = (const struct ieee80211_hdr ) frame;
fbbfcbac	282	u16 fc = le_to_host16(hdr->frame_control);
f8b1f695 JM	283	hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len));
	284	if (hapd == NULL \|\| hapd == HAPD_BROADCAST)
	285	return;
	286
fbbfcbac FF	287	ieee802_11_rx_from_unknown(hapd, hdr->addr2,
	288	(fc & (WLAN_FC_TODS \| WLAN_FC_FROMDS)) ==
	289	(WLAN_FC_TODS \| WLAN_FC_FROMDS));
f8b1f695 JM	290	}
	291
	292
2a8b7416	293	static void hostapd_mgmt_rx(struct hostapd_data hapd, struct rx_mgmt rx_mgmt)
b5b969e9	294	{
4b9841d3	295	struct hostapd_iface *iface = hapd->iface;
b57e086c	296	const struct ieee80211_hdr *hdr;
4b9841d3	297	const u8 *bssid;
2a8b7416	298	struct hostapd_frame_info fi;
4b9841d3	299
2a8b7416 JM	300	hdr = (const struct ieee80211_hdr *) rx_mgmt->frame;
2a8b7416 JM	301	bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len);
4b9841d3 JM	302	if (bssid == NULL)
	303	return;
	304
	305	hapd = get_hapd_bssid(iface, bssid);
	306	if (hapd == NULL) {
	307	u16 fc;
	308	fc = le_to_host16(hdr->frame_control);
	309
	310	/*
	311	* Drop frames to unknown BSSIDs except for Beacon frames which
	312	* could be used to update neighbor information.
	313	*/
	314	if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
	315	WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON)
	316	hapd = iface->bss[0];
	317	else
	318	return;
	319	}
	320
2a8b7416 JM	321	os_memset(&fi, 0, sizeof(fi));
	322	fi.datarate = rx_mgmt->datarate;
	323	fi.ssi_signal = rx_mgmt->ssi_signal;
	324
4b9841d3 JM	325	if (hapd == HAPD_BROADCAST) {
	326	size_t i;
	327	for (i = 0; i < iface->num_bss; i++)
2a8b7416 JM	328	ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame,
2a8b7416 JM	329	rx_mgmt->frame_len, &fi);
4b9841d3	330	} else
2a8b7416	331	ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, &fi);
b5b969e9 JM	332	}
	333
	334
f8b1f695 JM	335	static void hostapd_mgmt_tx_cb(struct hostapd_data hapd, const u8 buf,
f8b1f695 JM	336	size_t len, u16 stype, int ok)
b5b969e9	337	{
4b9841d3 JM	338	struct ieee80211_hdr *hdr;
	339	hdr = (struct ieee80211_hdr *) buf;
	340	hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len));
	341	if (hapd == NULL \|\| hapd == HAPD_BROADCAST)
	342	return;
b5b969e9 JM	343	ieee802_11_mgmt_cb(hapd, buf, len, stype, ok);
b5b969e9 JM	344	}
f82ef4d8	345
f8b1f695	346	#endif /* NEED_AP_MLME */
ad1e68e6 JM	347
ad1e68e6 JM	348
a0e0d3bb JM	349	static int hostapd_probe_req_rx(struct hostapd_data hapd, const u8 sa,
	350	const u8 *ie, size_t ie_len)
	351	{
	352	size_t i;
	353	int ret = 0;
	354
	355	for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) {
	356	if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx,
	357	sa, ie, ie_len) > 0) {
	358	ret = 1;
	359	break;
	360	}
	361	}
	362	return ret;
	363	}
	364
	365
a8e0505b JM	366	static int hostapd_event_new_sta(struct hostapd_data hapd, const u8 addr)
	367	{
	368	struct sta_info *sta = ap_get_sta(hapd, addr);
	369	if (sta)
	370	return 0;
	371
	372	wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR
	373	" - adding a new STA", MAC2STR(addr));
	374	sta = ap_sta_add(hapd, addr);
	375	if (sta) {
	376	hostapd_new_assoc_sta(hapd, sta, 0);
	377	} else {
	378	wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR,
	379	MAC2STR(addr));
	380	return -1;
	381	}
	382
	383	return 0;
	384	}
	385
	386
	387	static void hostapd_event_eapol_rx(struct hostapd_data hapd, const u8 src,
	388	const u8 *data, size_t data_len)
	389	{
	390	struct hostapd_iface *iface = hapd->iface;
	391	size_t j;
	392
	393	for (j = 0; j < iface->num_bss; j++) {
	394	if (ap_get_sta(iface->bss[j], src)) {
	395	hapd = iface->bss[j];
	396	break;
	397	}
	398	}
	399
	400	ieee802_1x_receive(hapd, src, data, data_len);
	401	}
	402
	403
9646a8ab	404	void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
ad1e68e6 JM	405	union wpa_event_data *data)
	406	{
	407	struct hostapd_data *hapd = ctx;
	408
	409	switch (event) {
	410	case EVENT_MICHAEL_MIC_FAILURE:
	411	michael_mic_failure(hapd, data->michael_mic_failure.src, 1);
	412	break;
	413	case EVENT_SCAN_RESULTS:
	414	if (hapd->iface->scan_cb)
	415	hapd->iface->scan_cb(hapd->iface);
	416	break;
08fd8c15	417	#ifdef CONFIG_IEEE80211R
f2dab64e	418	case EVENT_FT_RRB_RX:
08fd8c15 JM	419	wpa_ft_rrb_rx(hapd->wpa_auth, data->ft_rrb_rx.src,
	420	data->ft_rrb_rx.data, data->ft_rrb_rx.data_len);
	421	break;
	422	#endif /* CONFIG_IEEE80211R */
fcf0f87d JM	423	case EVENT_WPS_BUTTON_PUSHED:
	424	hostapd_wps_button_pushed(hapd);
	425	break;
f8b1f695 JM	426	#ifdef NEED_AP_MLME
	427	case EVENT_TX_STATUS:
	428	switch (data->tx_status.type) {
	429	case WLAN_FC_TYPE_MGMT:
	430	hostapd_mgmt_tx_cb(hapd, data->tx_status.data,
	431	data->tx_status.data_len,
	432	data->tx_status.stype,
	433	data->tx_status.ack);
	434	break;
	435	case WLAN_FC_TYPE_DATA:
	436	hostapd_tx_status(hapd, data->tx_status.dst,
	437	data->tx_status.data,
	438	data->tx_status.data_len,
	439	data->tx_status.ack);
	440	break;
	441	}
	442	break;
	443	case EVENT_RX_FROM_UNKNOWN:
0d9fc3d8	444	hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.frame,
f8b1f695 JM	445	data->rx_from_unknown.len);
	446	break;
	447	case EVENT_RX_MGMT:
2a8b7416	448	hostapd_mgmt_rx(hapd, &data->rx_mgmt);
f8b1f695 JM	449	break;
f8b1f695 JM	450	#endif /* NEED_AP_MLME */
a0e0d3bb JM	451	case EVENT_RX_PROBE_REQ:
	452	hostapd_probe_req_rx(hapd, data->rx_probe_req.sa,
	453	data->rx_probe_req.ie,
	454	data->rx_probe_req.ie_len);
	455	break;
a70a5d6d	456	case EVENT_NEW_STA:
a8e0505b JM	457	hostapd_event_new_sta(hapd, data->new_sta.addr);
	458	break;
	459	case EVENT_EAPOL_RX:
	460	hostapd_event_eapol_rx(hapd, data->eapol_rx.src,
	461	data->eapol_rx.data,
	462	data->eapol_rx.data_len);
	463	break;
1d041bec JM	464	case EVENT_ASSOC:
	465	hostapd_notif_assoc(hapd, data->assoc_info.addr,
	466	data->assoc_info.req_ies,
	467	data->assoc_info.req_ies_len);
	468	break;
	469	case EVENT_DISASSOC:
	470	if (data)
	471	hostapd_notif_disassoc(hapd, data->disassoc_info.addr);
	472	break;
	473	case EVENT_DEAUTH:
	474	if (data)
	475	hostapd_notif_disassoc(hapd, data->deauth_info.addr);
	476	break;
ad1e68e6 JM	477	default:
	478	wpa_printf(MSG_DEBUG, "Unknown event %d", event);
	479	break;
	480	}
	481	}
f8b1f695 JM	482
f8b1f695 JM	483	#endif /* HOSTAPD */