]> git.ipfire.org Git - thirdparty/hostap.git/blob - hostapd/ieee802_11.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Clear various flags on re-association to allow key_mgmt changes
[thirdparty/hostap.git] / hostapd / ieee802_11.c
1 /*
2 * hostapd / IEEE 802.11 Management
3 * Copyright (c) 2002-2008, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2007-2008, Intel Corporation
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 *
10 * Alternatively, this software may be distributed under the terms of BSD
11 * license.
12 *
13 * See README and COPYING for more details.
14 */
15
16 #include "includes.h"
17
18 #ifndef CONFIG_NATIVE_WINDOWS
19
20 #include <net/if.h>
21
22 #include "eloop.h"
23 #include "hostapd.h"
24 #include "ieee802_11.h"
25 #include "beacon.h"
26 #include "hw_features.h"
27 #include "radius/radius.h"
28 #include "radius/radius_client.h"
29 #include "ieee802_11_auth.h"
30 #include "sta_info.h"
31 #include "rc4.h"
32 #include "ieee802_1x.h"
33 #include "wpa.h"
34 #include "wme.h"
35 #include "ap_list.h"
36 #include "accounting.h"
37 #include "driver.h"
38 #include "mlme.h"
39
40
41 u8 * hostapd_eid_supp_rates(struct hostapd_data *hapd, u8 *eid)
42 {
43 u8 *pos = eid;
44 int i, num, count;
45
46 if (hapd->iface->current_rates == NULL)
47 return eid;
48
49 *pos++ = WLAN_EID_SUPP_RATES;
50 num = hapd->iface->num_rates;
51 if (num > 8) {
52 /* rest of the rates are encoded in Extended supported
53 * rates element */
54 num = 8;
55 }
56
57 *pos++ = num;
58 count = 0;
59 for (i = 0, count = 0; i < hapd->iface->num_rates && count < num;
60 i++) {
61 count++;
62 *pos = hapd->iface->current_rates[i].rate / 5;
63 if (hapd->iface->current_rates[i].flags & HOSTAPD_RATE_BASIC)
64 *pos |= 0x80;
65 pos++;
66 }
67
68 return pos;
69 }
70
71
72 u8 * hostapd_eid_ext_supp_rates(struct hostapd_data *hapd, u8 *eid)
73 {
74 u8 *pos = eid;
75 int i, num, count;
76
77 if (hapd->iface->current_rates == NULL)
78 return eid;
79
80 num = hapd->iface->num_rates;
81 if (num <= 8)
82 return eid;
83 num -= 8;
84
85 *pos++ = WLAN_EID_EXT_SUPP_RATES;
86 *pos++ = num;
87 count = 0;
88 for (i = 0, count = 0; i < hapd->iface->num_rates && count < num + 8;
89 i++) {
90 count++;
91 if (count <= 8)
92 continue; /* already in SuppRates IE */
93 *pos = hapd->iface->current_rates[i].rate / 5;
94 if (hapd->iface->current_rates[i].flags & HOSTAPD_RATE_BASIC)
95 *pos |= 0x80;
96 pos++;
97 }
98
99 return pos;
100 }
101
102
103 u8 * hostapd_eid_ht_capabilities_info(struct hostapd_data *hapd, u8 *eid)
104 {
105 #ifdef CONFIG_IEEE80211N
106 struct ieee80211_ht_capability *cap;
107 u8 *pos = eid;
108
109 if (!hapd->iconf->ieee80211n)
110 return eid;
111
112 *pos++ = WLAN_EID_HT_CAP;
113 *pos++ = sizeof(*cap);
114
115 cap = (struct ieee80211_ht_capability *) pos;
116 os_memset(cap, 0, sizeof(*cap));
117 SET_2BIT_U8(&cap->mac_ht_params_info,
118 MAC_HT_PARAM_INFO_MAX_RX_AMPDU_FACTOR_OFFSET,
119 MAX_RX_AMPDU_FACTOR_64KB);
120
121 cap->capabilities_info = host_to_le16(hapd->iconf->ht_capab);
122
123 cap->supported_mcs_set[0] = 0xff;
124 cap->supported_mcs_set[1] = 0xff;
125
126 pos += sizeof(*cap);
127
128 return pos;
129 #else /* CONFIG_IEEE80211N */
130 return eid;
131 #endif /* CONFIG_IEEE80211N */
132 }
133
134
135 u8 * hostapd_eid_ht_operation(struct hostapd_data *hapd, u8 *eid)
136 {
137 #ifdef CONFIG_IEEE80211N
138 struct ieee80211_ht_operation *oper;
139 u8 *pos = eid;
140
141 if (!hapd->iconf->ieee80211n)
142 return eid;
143
144 *pos++ = WLAN_EID_HT_OPERATION;
145 *pos++ = sizeof(*oper);
146
147 oper = (struct ieee80211_ht_operation *) pos;
148 os_memset(oper, 0, sizeof(*oper));
149
150 oper->control_chan = hapd->iconf->channel;
151 oper->operation_mode = host_to_le16(hapd->iface->ht_op_mode);
152 if (hapd->iconf->secondary_channel == 1)
153 oper->ht_param |= HT_INFO_HT_PARAM_SECONDARY_CHNL_ABOVE |
154 HT_INFO_HT_PARAM_REC_TRANS_CHNL_WIDTH;
155 if (hapd->iconf->secondary_channel == -1)
156 oper->ht_param |= HT_INFO_HT_PARAM_SECONDARY_CHNL_BELOW |
157 HT_INFO_HT_PARAM_REC_TRANS_CHNL_WIDTH;
158
159 pos += sizeof(*oper);
160
161 return pos;
162 #else /* CONFIG_IEEE80211N */
163 return eid;
164 #endif /* CONFIG_IEEE80211N */
165 }
166
167
168 #ifdef CONFIG_IEEE80211N
169
170 /*
171 op_mode
172 Set to 0 (HT pure) under the followign conditions
173 - all STAs in the BSS are 20/40 MHz HT in 20/40 MHz BSS or
174 - all STAs in the BSS are 20 MHz HT in 20 MHz BSS
175 Set to 1 (HT non-member protection) if there may be non-HT STAs
176 in both the primary and the secondary channel
177 Set to 2 if only HT STAs are associated in BSS,
178 however and at least one 20 MHz HT STA is associated
179 Set to 3 (HT mixed mode) when one or more non-HT STAs are associated
180 (currently non-GF HT station is considered as non-HT STA also)
181 */
182 int hostapd_ht_operation_update(struct hostapd_iface *iface)
183 {
184 u16 cur_op_mode, new_op_mode;
185 int op_mode_changes = 0;
186
187 if (!iface->conf->ieee80211n || iface->conf->ht_op_mode_fixed)
188 return 0;
189
190 wpa_printf(MSG_DEBUG, "%s current operation mode=0x%X",
191 __func__, iface->ht_op_mode);
192
193 if (!(iface->ht_op_mode & HT_INFO_OPERATION_MODE_NON_GF_DEVS_PRESENT)
194 && iface->num_sta_ht_no_gf) {
195 iface->ht_op_mode |=
196 HT_INFO_OPERATION_MODE_NON_GF_DEVS_PRESENT;
197 op_mode_changes++;
198 } else if ((iface->ht_op_mode &
199 HT_INFO_OPERATION_MODE_NON_GF_DEVS_PRESENT) &&
200 iface->num_sta_ht_no_gf == 0) {
201 iface->ht_op_mode &=
202 ~HT_INFO_OPERATION_MODE_NON_GF_DEVS_PRESENT;
203 op_mode_changes++;
204 }
205
206 if (!(iface->ht_op_mode & HT_INFO_OPERATION_MODE_NON_HT_STA_PRESENT) &&
207 (iface->num_sta_no_ht || iface->olbc_ht)) {
208 iface->ht_op_mode |= HT_INFO_OPERATION_MODE_NON_HT_STA_PRESENT;
209 op_mode_changes++;
210 } else if ((iface->ht_op_mode &
211 HT_INFO_OPERATION_MODE_NON_HT_STA_PRESENT) &&
212 (iface->num_sta_no_ht == 0 && !iface->olbc_ht)) {
213 iface->ht_op_mode &=
214 ~HT_INFO_OPERATION_MODE_NON_HT_STA_PRESENT;
215 op_mode_changes++;
216 }
217
218 /* Note: currently we switch to the MIXED op mode if HT non-greenfield
219 * station is associated. Probably it's a theoretical case, since
220 * it looks like all known HT STAs support greenfield.
221 */
222 new_op_mode = 0;
223 if (iface->num_sta_no_ht ||
224 (iface->ht_op_mode & HT_INFO_OPERATION_MODE_NON_GF_DEVS_PRESENT))
225 new_op_mode = OP_MODE_MIXED;
226 else if ((iface->conf->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
227 && iface->num_sta_ht_20mhz)
228 new_op_mode = OP_MODE_20MHZ_HT_STA_ASSOCED;
229 else if (iface->olbc_ht)
230 new_op_mode = OP_MODE_MAY_BE_LEGACY_STAS;
231 else
232 new_op_mode = OP_MODE_PURE;
233
234 cur_op_mode = iface->ht_op_mode & HT_INFO_OPERATION_MODE_OP_MODE_MASK;
235 if (cur_op_mode != new_op_mode) {
236 iface->ht_op_mode &= ~HT_INFO_OPERATION_MODE_OP_MODE_MASK;
237 iface->ht_op_mode |= new_op_mode;
238 op_mode_changes++;
239 }
240
241 wpa_printf(MSG_DEBUG, "%s new operation mode=0x%X changes=%d",
242 __func__, iface->ht_op_mode, op_mode_changes);
243
244 return op_mode_changes;
245 }
246
247 #endif /* CONFIG_IEEE80211N */
248
249
250 u16 hostapd_own_capab_info(struct hostapd_data *hapd, struct sta_info *sta,
251 int probe)
252 {
253 int capab = WLAN_CAPABILITY_ESS;
254 int privacy;
255
256 if (hapd->iface->num_sta_no_short_preamble == 0 &&
257 hapd->iconf->preamble == SHORT_PREAMBLE)
258 capab |= WLAN_CAPABILITY_SHORT_PREAMBLE;
259
260 privacy = hapd->conf->ssid.wep.keys_set;
261
262 if (hapd->conf->ieee802_1x &&
263 (hapd->conf->default_wep_key_len ||
264 hapd->conf->individual_wep_key_len))
265 privacy = 1;
266
267 if (hapd->conf->wpa)
268 privacy = 1;
269
270 if (sta) {
271 int policy, def_klen;
272 if (probe && sta->ssid_probe) {
273 policy = sta->ssid_probe->security_policy;
274 def_klen = sta->ssid_probe->wep.default_len;
275 } else {
276 policy = sta->ssid->security_policy;
277 def_klen = sta->ssid->wep.default_len;
278 }
279 privacy = policy != SECURITY_PLAINTEXT;
280 if (policy == SECURITY_IEEE_802_1X && def_klen == 0)
281 privacy = 0;
282 }
283
284 if (privacy)
285 capab |= WLAN_CAPABILITY_PRIVACY;
286
287 if (hapd->iface->current_mode &&
288 hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G &&
289 hapd->iface->num_sta_no_short_slot_time == 0)
290 capab |= WLAN_CAPABILITY_SHORT_SLOT_TIME;
291
292 return capab;
293 }
294
295
296 #ifdef CONFIG_IEEE80211W
297 static u8 * hostapd_eid_assoc_comeback_time(struct hostapd_data *hapd,
298 struct sta_info *sta, u8 *eid)
299 {
300 u8 *pos = eid;
301 u32 timeout;
302
303 *pos++ = WLAN_EID_ASSOC_COMEBACK_TIME;
304 *pos++ = 4;
305 timeout = (hapd->conf->assoc_ping_attempts - sta->ping_count + 1) *
306 hapd->conf->assoc_ping_timeout;
307 WPA_PUT_LE32(pos, timeout);
308 pos += 4;
309
310 return pos;
311 }
312 #endif /* CONFIG_IEEE80211W */
313
314
315 void ieee802_11_print_ssid(char *buf, const u8 *ssid, u8 len)
316 {
317 int i;
318 if (len > HOSTAPD_MAX_SSID_LEN)
319 len = HOSTAPD_MAX_SSID_LEN;
320 for (i = 0; i < len; i++) {
321 if (ssid[i] >= 32 && ssid[i] < 127)
322 buf[i] = ssid[i];
323 else
324 buf[i] = '.';
325 }
326 buf[len] = '\0';
327 }
328
329
330 void ieee802_11_send_deauth(struct hostapd_data *hapd, u8 *addr, u16 reason)
331 {
332 struct ieee80211_mgmt mgmt;
333
334 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
335 HOSTAPD_LEVEL_DEBUG,
336 "deauthenticate - reason %d", reason);
337 os_memset(&mgmt, 0, sizeof(mgmt));
338 mgmt.frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
339 WLAN_FC_STYPE_DEAUTH);
340 os_memcpy(mgmt.da, addr, ETH_ALEN);
341 os_memcpy(mgmt.sa, hapd->own_addr, ETH_ALEN);
342 os_memcpy(mgmt.bssid, hapd->own_addr, ETH_ALEN);
343 mgmt.u.deauth.reason_code = host_to_le16(reason);
344 if (hostapd_send_mgmt_frame(hapd, &mgmt, IEEE80211_HDRLEN +
345 sizeof(mgmt.u.deauth), 0) < 0)
346 perror("ieee802_11_send_deauth: send");
347 }
348
349
350 static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
351 u16 auth_transaction, u8 *challenge, int iswep)
352 {
353 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
354 HOSTAPD_LEVEL_DEBUG,
355 "authentication (shared key, transaction %d)",
356 auth_transaction);
357
358 if (auth_transaction == 1) {
359 if (!sta->challenge) {
360 /* Generate a pseudo-random challenge */
361 u8 key[8];
362 time_t now;
363 int r;
364 sta->challenge = os_zalloc(WLAN_AUTH_CHALLENGE_LEN);
365 if (sta->challenge == NULL)
366 return WLAN_STATUS_UNSPECIFIED_FAILURE;
367
368 now = time(NULL);
369 r = random();
370 os_memcpy(key, &now, 4);
371 os_memcpy(key + 4, &r, 4);
372 rc4(sta->challenge, WLAN_AUTH_CHALLENGE_LEN,
373 key, sizeof(key));
374 }
375 return 0;
376 }
377
378 if (auth_transaction != 3)
379 return WLAN_STATUS_UNSPECIFIED_FAILURE;
380
381 /* Transaction 3 */
382 if (!iswep || !sta->challenge || !challenge ||
383 os_memcmp(sta->challenge, challenge, WLAN_AUTH_CHALLENGE_LEN)) {
384 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
385 HOSTAPD_LEVEL_INFO,
386 "shared key authentication - invalid "
387 "challenge-response");
388 return WLAN_STATUS_CHALLENGE_FAIL;
389 }
390
391 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
392 HOSTAPD_LEVEL_DEBUG,
393 "authentication OK (shared key)");
394 #ifdef IEEE80211_REQUIRE_AUTH_ACK
395 /* Station will be marked authenticated if it ACKs the
396 * authentication reply. */
397 #else
398 sta->flags |= WLAN_STA_AUTH;
399 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
400 #endif
401 os_free(sta->challenge);
402 sta->challenge = NULL;
403
404 return 0;
405 }
406
407
408 static void send_auth_reply(struct hostapd_data *hapd,
409 const u8 *dst, const u8 *bssid,
410 u16 auth_alg, u16 auth_transaction, u16 resp,
411 const u8 *ies, size_t ies_len)
412 {
413 struct ieee80211_mgmt *reply;
414 u8 *buf;
415 size_t rlen;
416
417 rlen = IEEE80211_HDRLEN + sizeof(reply->u.auth) + ies_len;
418 buf = os_zalloc(rlen);
419 if (buf == NULL)
420 return;
421
422 reply = (struct ieee80211_mgmt *) buf;
423 reply->frame_control = IEEE80211_FC(WLAN_FC_TYPE_MGMT,
424 WLAN_FC_STYPE_AUTH);
425 os_memcpy(reply->da, dst, ETH_ALEN);
426 os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN);
427 os_memcpy(reply->bssid, bssid, ETH_ALEN);
428
429 reply->u.auth.auth_alg = host_to_le16(auth_alg);
430 reply->u.auth.auth_transaction = host_to_le16(auth_transaction);
431 reply->u.auth.status_code = host_to_le16(resp);
432
433 if (ies && ies_len)
434 os_memcpy(reply->u.auth.variable, ies, ies_len);
435
436 wpa_printf(MSG_DEBUG, "authentication reply: STA=" MACSTR
437 " auth_alg=%d auth_transaction=%d resp=%d (IE len=%lu)",
438 MAC2STR(dst), auth_alg, auth_transaction,
439 resp, (unsigned long) ies_len);
440 if (hostapd_send_mgmt_frame(hapd, reply, rlen, 0) < 0)
441 perror("send_auth_reply: send");
442
443 os_free(buf);
444 }
445
446
447 #ifdef CONFIG_IEEE80211R
448 static void handle_auth_ft_finish(void *ctx, const u8 *dst, const u8 *bssid,
449 u16 auth_transaction, u16 status,
450 const u8 *ies, size_t ies_len)
451 {
452 struct hostapd_data *hapd = ctx;
453 struct sta_info *sta;
454
455 send_auth_reply(hapd, dst, bssid, WLAN_AUTH_FT, auth_transaction,
456 status, ies, ies_len);
457
458 if (status != WLAN_STATUS_SUCCESS)
459 return;
460
461 sta = ap_get_sta(hapd, dst);
462 if (sta == NULL)
463 return;
464
465 hostapd_logger(hapd, dst, HOSTAPD_MODULE_IEEE80211,
466 HOSTAPD_LEVEL_DEBUG, "authentication OK (FT)");
467 sta->flags |= WLAN_STA_AUTH;
468 mlme_authenticate_indication(hapd, sta);
469 }
470 #endif /* CONFIG_IEEE80211R */
471
472
473 static void handle_auth(struct hostapd_data *hapd, struct ieee80211_mgmt *mgmt,
474 size_t len)
475 {
476 u16 auth_alg, auth_transaction, status_code;
477 u16 resp = WLAN_STATUS_SUCCESS;
478 struct sta_info *sta = NULL;
479 int res;
480 u16 fc;
481 u8 *challenge = NULL;
482 u32 session_timeout, acct_interim_interval;
483 int vlan_id = 0;
484 u8 resp_ies[2 + WLAN_AUTH_CHALLENGE_LEN];
485 size_t resp_ies_len = 0;
486
487 if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
488 printf("handle_auth - too short payload (len=%lu)\n",
489 (unsigned long) len);
490 return;
491 }
492
493 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
494 auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction);
495 status_code = le_to_host16(mgmt->u.auth.status_code);
496 fc = le_to_host16(mgmt->frame_control);
497
498 if (len >= IEEE80211_HDRLEN + sizeof(mgmt->u.auth) +
499 2 + WLAN_AUTH_CHALLENGE_LEN &&
500 mgmt->u.auth.variable[0] == WLAN_EID_CHALLENGE &&
501 mgmt->u.auth.variable[1] == WLAN_AUTH_CHALLENGE_LEN)
502 challenge = &mgmt->u.auth.variable[2];
503
504 wpa_printf(MSG_DEBUG, "authentication: STA=" MACSTR " auth_alg=%d "
505 "auth_transaction=%d status_code=%d wep=%d%s",
506 MAC2STR(mgmt->sa), auth_alg, auth_transaction,
507 status_code, !!(fc & WLAN_FC_ISWEP),
508 challenge ? " challenge" : "");
509
510 if (hapd->tkip_countermeasures) {
511 resp = WLAN_REASON_MICHAEL_MIC_FAILURE;
512 goto fail;
513 }
514
515 if (!(((hapd->conf->auth_algs & WPA_AUTH_ALG_OPEN) &&
516 auth_alg == WLAN_AUTH_OPEN) ||
517 #ifdef CONFIG_IEEE80211R
518 (hapd->conf->wpa &&
519 (hapd->conf->wpa_key_mgmt &
520 (WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK)) &&
521 auth_alg == WLAN_AUTH_FT) ||
522 #endif /* CONFIG_IEEE80211R */
523 ((hapd->conf->auth_algs & WPA_AUTH_ALG_SHARED) &&
524 auth_alg == WLAN_AUTH_SHARED_KEY))) {
525 printf("Unsupported authentication algorithm (%d)\n",
526 auth_alg);
527 resp = WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG;
528 goto fail;
529 }
530
531 if (!(auth_transaction == 1 ||
532 (auth_alg == WLAN_AUTH_SHARED_KEY && auth_transaction == 3))) {
533 printf("Unknown authentication transaction number (%d)\n",
534 auth_transaction);
535 resp = WLAN_STATUS_UNKNOWN_AUTH_TRANSACTION;
536 goto fail;
537 }
538
539 if (os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) {
540 printf("Station " MACSTR " not allowed to authenticate.\n",
541 MAC2STR(mgmt->sa));
542 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
543 goto fail;
544 }
545
546 res = hostapd_allowed_address(hapd, mgmt->sa, (u8 *) mgmt, len,
547 &session_timeout,
548 &acct_interim_interval, &vlan_id);
549 if (res == HOSTAPD_ACL_REJECT) {
550 printf("Station " MACSTR " not allowed to authenticate.\n",
551 MAC2STR(mgmt->sa));
552 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
553 goto fail;
554 }
555 if (res == HOSTAPD_ACL_PENDING) {
556 wpa_printf(MSG_DEBUG, "Authentication frame from " MACSTR
557 " waiting for an external authentication",
558 MAC2STR(mgmt->sa));
559 /* Authentication code will re-send the authentication frame
560 * after it has received (and cached) information from the
561 * external source. */
562 return;
563 }
564
565 sta = ap_sta_add(hapd, mgmt->sa);
566 if (!sta) {
567 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
568 goto fail;
569 }
570
571 if (vlan_id > 0) {
572 if (hostapd_get_vlan_id_ifname(hapd->conf->vlan,
573 sta->vlan_id) == NULL) {
574 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
575 HOSTAPD_LEVEL_INFO, "Invalid VLAN ID "
576 "%d received from RADIUS server",
577 vlan_id);
578 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
579 goto fail;
580 }
581 sta->vlan_id = vlan_id;
582 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
583 HOSTAPD_LEVEL_INFO, "VLAN ID %d", sta->vlan_id);
584 }
585
586 sta->flags &= ~WLAN_STA_PREAUTH;
587 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
588
589 if (hapd->conf->radius->acct_interim_interval == 0 &&
590 acct_interim_interval)
591 sta->acct_interim_interval = acct_interim_interval;
592 if (res == HOSTAPD_ACL_ACCEPT_TIMEOUT)
593 ap_sta_session_timeout(hapd, sta, session_timeout);
594 else
595 ap_sta_no_session_timeout(hapd, sta);
596
597 switch (auth_alg) {
598 case WLAN_AUTH_OPEN:
599 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
600 HOSTAPD_LEVEL_DEBUG,
601 "authentication OK (open system)");
602 #ifdef IEEE80211_REQUIRE_AUTH_ACK
603 /* Station will be marked authenticated if it ACKs the
604 * authentication reply. */
605 #else
606 sta->flags |= WLAN_STA_AUTH;
607 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
608 sta->auth_alg = WLAN_AUTH_OPEN;
609 mlme_authenticate_indication(hapd, sta);
610 #endif
611 break;
612 case WLAN_AUTH_SHARED_KEY:
613 resp = auth_shared_key(hapd, sta, auth_transaction, challenge,
614 fc & WLAN_FC_ISWEP);
615 sta->auth_alg = WLAN_AUTH_SHARED_KEY;
616 mlme_authenticate_indication(hapd, sta);
617 if (sta->challenge && auth_transaction == 1) {
618 resp_ies[0] = WLAN_EID_CHALLENGE;
619 resp_ies[1] = WLAN_AUTH_CHALLENGE_LEN;
620 os_memcpy(resp_ies + 2, sta->challenge,
621 WLAN_AUTH_CHALLENGE_LEN);
622 resp_ies_len = 2 + WLAN_AUTH_CHALLENGE_LEN;
623 }
624 break;
625 #ifdef CONFIG_IEEE80211R
626 case WLAN_AUTH_FT:
627 sta->auth_alg = WLAN_AUTH_FT;
628 if (sta->wpa_sm == NULL)
629 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
630 sta->addr);
631 if (sta->wpa_sm == NULL) {
632 wpa_printf(MSG_DEBUG, "FT: Failed to initialize WPA "
633 "state machine");
634 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
635 goto fail;
636 }
637 wpa_ft_process_auth(sta->wpa_sm, mgmt->bssid,
638 auth_transaction, mgmt->u.auth.variable,
639 len - IEEE80211_HDRLEN -
640 sizeof(mgmt->u.auth),
641 handle_auth_ft_finish, hapd);
642 /* handle_auth_ft_finish() callback will complete auth. */
643 return;
644 #endif /* CONFIG_IEEE80211R */
645 }
646
647 fail:
648 send_auth_reply(hapd, mgmt->sa, mgmt->bssid, auth_alg,
649 auth_transaction + 1, resp, resp_ies, resp_ies_len);
650 }
651
652
653 static void handle_assoc(struct hostapd_data *hapd,
654 struct ieee80211_mgmt *mgmt, size_t len, int reassoc)
655 {
656 u16 capab_info, listen_interval;
657 u16 resp = WLAN_STATUS_SUCCESS;
658 u8 *pos, *wpa_ie;
659 size_t wpa_ie_len;
660 int send_deauth = 0, send_len, left, i;
661 struct sta_info *sta;
662 struct ieee802_11_elems elems;
663 u8 buf[sizeof(struct ieee80211_mgmt) + 512];
664 struct ieee80211_mgmt *reply;
665
666 if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_req) :
667 sizeof(mgmt->u.assoc_req))) {
668 printf("handle_assoc(reassoc=%d) - too short payload (len=%lu)"
669 "\n", reassoc, (unsigned long) len);
670 return;
671 }
672
673 if (reassoc) {
674 capab_info = le_to_host16(mgmt->u.reassoc_req.capab_info);
675 listen_interval = le_to_host16(
676 mgmt->u.reassoc_req.listen_interval);
677 wpa_printf(MSG_DEBUG, "reassociation request: STA=" MACSTR
678 " capab_info=0x%02x listen_interval=%d current_ap="
679 MACSTR,
680 MAC2STR(mgmt->sa), capab_info, listen_interval,
681 MAC2STR(mgmt->u.reassoc_req.current_ap));
682 left = len - (IEEE80211_HDRLEN + sizeof(mgmt->u.reassoc_req));
683 pos = mgmt->u.reassoc_req.variable;
684 } else {
685 capab_info = le_to_host16(mgmt->u.assoc_req.capab_info);
686 listen_interval = le_to_host16(
687 mgmt->u.assoc_req.listen_interval);
688 wpa_printf(MSG_DEBUG, "association request: STA=" MACSTR
689 " capab_info=0x%02x listen_interval=%d",
690 MAC2STR(mgmt->sa), capab_info, listen_interval);
691 left = len - (IEEE80211_HDRLEN + sizeof(mgmt->u.assoc_req));
692 pos = mgmt->u.assoc_req.variable;
693 }
694
695 sta = ap_get_sta(hapd, mgmt->sa);
696 #ifdef CONFIG_IEEE80211R
697 if (sta && sta->auth_alg == WLAN_AUTH_FT &&
698 (sta->flags & WLAN_STA_AUTH) == 0) {
699 wpa_printf(MSG_DEBUG, "FT: Allow STA " MACSTR " to associate "
700 "prior to authentication since it is using "
701 "over-the-DS FT", MAC2STR(mgmt->sa));
702 } else
703 #endif /* CONFIG_IEEE80211R */
704 if (sta == NULL || (sta->flags & WLAN_STA_AUTH) == 0) {
705 printf("STA " MACSTR " trying to associate before "
706 "authentication\n", MAC2STR(mgmt->sa));
707 if (sta) {
708 printf(" sta: addr=" MACSTR " aid=%d flags=0x%04x\n",
709 MAC2STR(sta->addr), sta->aid, sta->flags);
710 }
711 send_deauth = 1;
712 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
713 goto fail;
714 }
715
716 if (hapd->tkip_countermeasures) {
717 resp = WLAN_REASON_MICHAEL_MIC_FAILURE;
718 goto fail;
719 }
720
721 if (listen_interval > hapd->conf->max_listen_interval) {
722 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
723 HOSTAPD_LEVEL_DEBUG,
724 "Too large Listen Interval (%d)",
725 listen_interval);
726 resp = WLAN_STATUS_ASSOC_DENIED_LISTEN_INT_TOO_LARGE;
727 goto fail;
728 }
729
730 sta->capability = capab_info;
731 sta->listen_interval = listen_interval;
732
733 /* followed by SSID and Supported rates; and HT capabilities if 802.11n
734 * is used */
735 if (ieee802_11_parse_elems(pos, left, &elems, 1) == ParseFailed ||
736 !elems.ssid) {
737 printf("STA " MACSTR " sent invalid association request\n",
738 MAC2STR(sta->addr));
739 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
740 goto fail;
741 }
742
743 if (elems.ssid_len != hapd->conf->ssid.ssid_len ||
744 os_memcmp(elems.ssid, hapd->conf->ssid.ssid, elems.ssid_len) != 0)
745 {
746 char ssid_txt[33];
747 ieee802_11_print_ssid(ssid_txt, elems.ssid, elems.ssid_len);
748 printf("Station " MACSTR " tried to associate with "
749 "unknown SSID '%s'\n", MAC2STR(sta->addr), ssid_txt);
750 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
751 goto fail;
752 }
753
754 sta->flags &= ~WLAN_STA_WME;
755 if (elems.wme && hapd->conf->wme_enabled) {
756 if (hostapd_eid_wme_valid(hapd, elems.wme, elems.wme_len))
757 hostapd_logger(hapd, sta->addr,
758 HOSTAPD_MODULE_WPA,
759 HOSTAPD_LEVEL_DEBUG,
760 "invalid WME element in association "
761 "request");
762 else
763 sta->flags |= WLAN_STA_WME;
764 }
765
766 if (!elems.supp_rates) {
767 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
768 HOSTAPD_LEVEL_DEBUG,
769 "No supported rates element in AssocReq");
770 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
771 goto fail;
772 }
773
774 if (elems.supp_rates_len > sizeof(sta->supported_rates)) {
775 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
776 HOSTAPD_LEVEL_DEBUG,
777 "Invalid supported rates element length %d",
778 elems.supp_rates_len);
779 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
780 goto fail;
781 }
782
783 os_memset(sta->supported_rates, 0, sizeof(sta->supported_rates));
784 os_memcpy(sta->supported_rates, elems.supp_rates,
785 elems.supp_rates_len);
786 sta->supported_rates_len = elems.supp_rates_len;
787
788 if (elems.ext_supp_rates) {
789 if (elems.supp_rates_len + elems.ext_supp_rates_len >
790 sizeof(sta->supported_rates)) {
791 hostapd_logger(hapd, mgmt->sa,
792 HOSTAPD_MODULE_IEEE80211,
793 HOSTAPD_LEVEL_DEBUG,
794 "Invalid supported rates element length"
795 " %d+%d", elems.supp_rates_len,
796 elems.ext_supp_rates_len);
797 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
798 goto fail;
799 }
800
801 os_memcpy(sta->supported_rates + elems.supp_rates_len,
802 elems.ext_supp_rates, elems.ext_supp_rates_len);
803 sta->supported_rates_len += elems.ext_supp_rates_len;
804 }
805
806 #ifdef CONFIG_IEEE80211N
807 /* save HT capabilities in the sta object */
808 os_memset(&sta->ht_capabilities, 0, sizeof(sta->ht_capabilities));
809 if (elems.ht_capabilities &&
810 elems.ht_capabilities_len >= sizeof(struct ieee80211_ht_capability)
811 && (sta->flags & WLAN_STA_WME)) {
812 /* note: without WMM capability, treat the sta as non-HT */
813 sta->flags |= WLAN_STA_HT;
814 sta->ht_capabilities.id = WLAN_EID_HT_CAP;
815 sta->ht_capabilities.length =
816 sizeof(struct ieee80211_ht_capability);
817 os_memcpy(&sta->ht_capabilities.data,
818 elems.ht_capabilities,
819 sizeof(struct ieee80211_ht_capability));
820 } else
821 sta->flags &= ~WLAN_STA_HT;
822 #endif /* CONFIG_IEEE80211N */
823
824 if ((hapd->conf->wpa & WPA_PROTO_RSN) && elems.rsn_ie) {
825 wpa_ie = elems.rsn_ie;
826 wpa_ie_len = elems.rsn_ie_len;
827 } else if ((hapd->conf->wpa & WPA_PROTO_WPA) &&
828 elems.wpa_ie) {
829 wpa_ie = elems.wpa_ie;
830 wpa_ie_len = elems.wpa_ie_len;
831 } else {
832 wpa_ie = NULL;
833 wpa_ie_len = 0;
834 }
835 #ifdef CONFIG_WPS
836 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS);
837 if (hapd->conf->wps_state && wpa_ie == NULL) {
838 if (elems.wps_ie) {
839 wpa_printf(MSG_DEBUG, "STA included WPS IE in "
840 "(Re)Association Request - assume WPS is "
841 "used");
842 sta->flags |= WLAN_STA_WPS;
843 wpabuf_free(sta->wps_ie);
844 sta->wps_ie = wpabuf_alloc_copy(elems.wps_ie + 4,
845 elems.wps_ie_len - 4);
846 } else {
847 wpa_printf(MSG_DEBUG, "STA did not include WPA/RSN IE "
848 "in (Re)Association Request - possible WPS "
849 "use");
850 sta->flags |= WLAN_STA_MAYBE_WPS;
851 }
852 } else
853 #endif /* CONFIG_WPS */
854 if (hapd->conf->wpa && wpa_ie == NULL) {
855 printf("STA " MACSTR ": No WPA/RSN IE in association "
856 "request\n", MAC2STR(sta->addr));
857 resp = WLAN_STATUS_INVALID_IE;
858 goto fail;
859 }
860
861 if (hapd->conf->wpa && wpa_ie) {
862 int res;
863 wpa_ie -= 2;
864 wpa_ie_len += 2;
865 if (sta->wpa_sm == NULL)
866 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
867 sta->addr);
868 if (sta->wpa_sm == NULL) {
869 printf("Failed to initialize WPA state machine\n");
870 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
871 goto fail;
872 }
873 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
874 wpa_ie, wpa_ie_len,
875 elems.mdie, elems.mdie_len);
876 if (res == WPA_INVALID_GROUP)
877 resp = WLAN_STATUS_GROUP_CIPHER_NOT_VALID;
878 else if (res == WPA_INVALID_PAIRWISE)
879 resp = WLAN_STATUS_PAIRWISE_CIPHER_NOT_VALID;
880 else if (res == WPA_INVALID_AKMP)
881 resp = WLAN_STATUS_AKMP_NOT_VALID;
882 else if (res == WPA_ALLOC_FAIL)
883 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
884 #ifdef CONFIG_IEEE80211W
885 else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
886 resp = WLAN_STATUS_UNSPECIFIED_FAILURE; /* FIX */
887 else if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
888 resp = WLAN_STATUS_UNSPECIFIED_FAILURE; /* FIX */
889 #endif /* CONFIG_IEEE80211W */
890 else if (res == WPA_INVALID_MDIE)
891 resp = WLAN_STATUS_INVALID_MDIE;
892 else if (res != WPA_IE_OK)
893 resp = WLAN_STATUS_INVALID_IE;
894 if (resp != WLAN_STATUS_SUCCESS)
895 goto fail;
896 #ifdef CONFIG_IEEE80211W
897 if ((sta->flags & WLAN_STA_MFP) && !sta->ping_timed_out) {
898 /*
899 * STA has already been associated with MFP and ping
900 * timeout has not been reached. Reject the
901 * association attempt temporarily and start ping, if
902 * one is not pending.
903 */
904
905 if (sta->ping_count == 0)
906 ap_sta_start_ping(hapd, sta);
907
908 resp = WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY;
909 goto fail;
910 }
911
912 if (wpa_auth_uses_mfp(sta->wpa_sm))
913 sta->flags |= WLAN_STA_MFP;
914 else
915 sta->flags &= ~WLAN_STA_MFP;
916 #endif /* CONFIG_IEEE80211W */
917
918 #ifdef CONFIG_IEEE80211R
919 if (sta->auth_alg == WLAN_AUTH_FT) {
920 if (!reassoc) {
921 wpa_printf(MSG_DEBUG, "FT: " MACSTR " tried "
922 "to use association (not "
923 "re-association) with FT auth_alg",
924 MAC2STR(sta->addr));
925 resp = WLAN_STATUS_UNSPECIFIED_FAILURE;
926 goto fail;
927 }
928
929 resp = wpa_ft_validate_reassoc(sta->wpa_sm, pos, left);
930 if (resp != WLAN_STATUS_SUCCESS)
931 goto fail;
932 }
933 #endif /* CONFIG_IEEE80211R */
934 } else
935 wpa_auth_sta_no_wpa(sta->wpa_sm);
936
937 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G)
938 sta->flags |= WLAN_STA_NONERP;
939 for (i = 0; i < sta->supported_rates_len; i++) {
940 if ((sta->supported_rates[i] & 0x7f) > 22) {
941 sta->flags &= ~WLAN_STA_NONERP;
942 break;
943 }
944 }
945 if (sta->flags & WLAN_STA_NONERP && !sta->nonerp_set) {
946 sta->nonerp_set = 1;
947 hapd->iface->num_sta_non_erp++;
948 if (hapd->iface->num_sta_non_erp == 1)
949 ieee802_11_set_beacons(hapd->iface);
950 }
951
952 if (!(sta->capability & WLAN_CAPABILITY_SHORT_SLOT_TIME) &&
953 !sta->no_short_slot_time_set) {
954 sta->no_short_slot_time_set = 1;
955 hapd->iface->num_sta_no_short_slot_time++;
956 if (hapd->iface->current_mode->mode ==
957 HOSTAPD_MODE_IEEE80211G &&
958 hapd->iface->num_sta_no_short_slot_time == 1)
959 ieee802_11_set_beacons(hapd->iface);
960 }
961
962 if (sta->capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
963 sta->flags |= WLAN_STA_SHORT_PREAMBLE;
964 else
965 sta->flags &= ~WLAN_STA_SHORT_PREAMBLE;
966
967 if (!(sta->capability & WLAN_CAPABILITY_SHORT_PREAMBLE) &&
968 !sta->no_short_preamble_set) {
969 sta->no_short_preamble_set = 1;
970 hapd->iface->num_sta_no_short_preamble++;
971 if (hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G
972 && hapd->iface->num_sta_no_short_preamble == 1)
973 ieee802_11_set_beacons(hapd->iface);
974 }
975
976 #ifdef CONFIG_IEEE80211N
977 if (sta->flags & WLAN_STA_HT) {
978 u16 ht_capab = le_to_host16(
979 sta->ht_capabilities.data.capabilities_info);
980 wpa_printf(MSG_DEBUG, "HT: STA " MACSTR " HT Capabilities "
981 "Info: 0x%04x", MAC2STR(sta->addr), ht_capab);
982 if ((ht_capab & HT_CAP_INFO_GREEN_FIELD) == 0) {
983 hapd->iface->num_sta_ht_no_gf++;
984 wpa_printf(MSG_DEBUG, "%s STA " MACSTR " - no "
985 "greenfield, num of non-gf stations %d",
986 __func__, MAC2STR(sta->addr),
987 hapd->iface->num_sta_ht_no_gf);
988 }
989 if ((ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) == 0) {
990 hapd->iface->num_sta_ht_20mhz++;
991 wpa_printf(MSG_DEBUG, "%s STA " MACSTR " - 20 MHz HT, "
992 "num of 20MHz HT STAs %d",
993 __func__, MAC2STR(sta->addr),
994 hapd->iface->num_sta_ht_20mhz);
995 }
996 } else {
997 hapd->iface->num_sta_no_ht++;
998 if (hapd->iconf->ieee80211n) {
999 wpa_printf(MSG_DEBUG, "%s STA " MACSTR
1000 " - no HT, num of non-HT stations %d",
1001 __func__, MAC2STR(sta->addr),
1002 hapd->iface->num_sta_no_ht);
1003 }
1004 }
1005
1006 if (hostapd_ht_operation_update(hapd->iface) > 0)
1007 ieee802_11_set_beacons(hapd->iface);
1008 #endif /* CONFIG_IEEE80211N */
1009
1010 /* get a unique AID */
1011 if (sta->aid > 0) {
1012 wpa_printf(MSG_DEBUG, " old AID %d", sta->aid);
1013 } else {
1014 for (sta->aid = 1; sta->aid <= MAX_AID_TABLE_SIZE; sta->aid++)
1015 if (hapd->sta_aid[sta->aid - 1] == NULL)
1016 break;
1017 if (sta->aid > MAX_AID_TABLE_SIZE) {
1018 sta->aid = 0;
1019 resp = WLAN_STATUS_AP_UNABLE_TO_HANDLE_NEW_STA;
1020 wpa_printf(MSG_ERROR, " no room for more AIDs");
1021 goto fail;
1022 } else {
1023 hapd->sta_aid[sta->aid - 1] = sta;
1024 wpa_printf(MSG_DEBUG, " new AID %d", sta->aid);
1025 }
1026 }
1027
1028 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1029 HOSTAPD_LEVEL_DEBUG,
1030 "association OK (aid %d)", sta->aid);
1031 /* Station will be marked associated, after it acknowledges AssocResp
1032 */
1033
1034 if (reassoc) {
1035 os_memcpy(sta->previous_ap, mgmt->u.reassoc_req.current_ap,
1036 ETH_ALEN);
1037 }
1038
1039 if (sta->last_assoc_req)
1040 os_free(sta->last_assoc_req);
1041 sta->last_assoc_req = os_malloc(len);
1042 if (sta->last_assoc_req)
1043 os_memcpy(sta->last_assoc_req, mgmt, len);
1044
1045 /* Make sure that the previously registered inactivity timer will not
1046 * remove the STA immediately. */
1047 sta->timeout_next = STA_NULLFUNC;
1048
1049 fail:
1050 os_memset(buf, 0, sizeof(buf));
1051 reply = (struct ieee80211_mgmt *) buf;
1052 reply->frame_control =
1053 IEEE80211_FC(WLAN_FC_TYPE_MGMT,
1054 (send_deauth ? WLAN_FC_STYPE_DEAUTH :
1055 (reassoc ? WLAN_FC_STYPE_REASSOC_RESP :
1056 WLAN_FC_STYPE_ASSOC_RESP)));
1057 os_memcpy(reply->da, mgmt->sa, ETH_ALEN);
1058 os_memcpy(reply->sa, hapd->own_addr, ETH_ALEN);
1059 os_memcpy(reply->bssid, mgmt->bssid, ETH_ALEN);
1060
1061 send_len = IEEE80211_HDRLEN;
1062 if (send_deauth) {
1063 send_len += sizeof(reply->u.deauth);
1064 reply->u.deauth.reason_code = host_to_le16(resp);
1065 } else {
1066 u8 *p;
1067 send_len += sizeof(reply->u.assoc_resp);
1068 reply->u.assoc_resp.capab_info =
1069 host_to_le16(hostapd_own_capab_info(hapd, sta, 0));
1070 reply->u.assoc_resp.status_code = host_to_le16(resp);
1071 reply->u.assoc_resp.aid = host_to_le16((sta ? sta->aid : 0)
1072 | BIT(14) | BIT(15));
1073 /* Supported rates */
1074 p = hostapd_eid_supp_rates(hapd, reply->u.assoc_resp.variable);
1075 /* Extended supported rates */
1076 p = hostapd_eid_ext_supp_rates(hapd, p);
1077 if (sta->flags & WLAN_STA_WME)
1078 p = hostapd_eid_wme(hapd, p);
1079
1080 p = hostapd_eid_ht_capabilities_info(hapd, p);
1081 p = hostapd_eid_ht_operation(hapd, p);
1082
1083 #ifdef CONFIG_IEEE80211R
1084 if (resp == WLAN_STATUS_SUCCESS) {
1085 /* IEEE 802.11r: Mobility Domain Information, Fast BSS
1086 * Transition Information, RSN */
1087 p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, p,
1088 buf + sizeof(buf) - p,
1089 sta->auth_alg);
1090 }
1091 #endif /* CONFIG_IEEE80211R */
1092
1093 #ifdef CONFIG_IEEE80211W
1094 if (resp == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY)
1095 p = hostapd_eid_assoc_comeback_time(hapd, sta, p);
1096 #endif /* CONFIG_IEEE80211W */
1097
1098 send_len += p - reply->u.assoc_resp.variable;
1099 }
1100
1101 if (hostapd_send_mgmt_frame(hapd, reply, send_len, 0) < 0)
1102 perror("handle_assoc: send");
1103 }
1104
1105
1106 static void handle_disassoc(struct hostapd_data *hapd,
1107 struct ieee80211_mgmt *mgmt, size_t len)
1108 {
1109 struct sta_info *sta;
1110
1111 if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.disassoc)) {
1112 printf("handle_disassoc - too short payload (len=%lu)\n",
1113 (unsigned long) len);
1114 return;
1115 }
1116
1117 wpa_printf(MSG_DEBUG, "disassocation: STA=" MACSTR " reason_code=%d",
1118 MAC2STR(mgmt->sa),
1119 le_to_host16(mgmt->u.disassoc.reason_code));
1120
1121 sta = ap_get_sta(hapd, mgmt->sa);
1122 if (sta == NULL) {
1123 printf("Station " MACSTR " trying to disassociate, but it "
1124 "is not associated.\n", MAC2STR(mgmt->sa));
1125 return;
1126 }
1127
1128 sta->flags &= ~WLAN_STA_ASSOC;
1129 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
1130 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1131 HOSTAPD_LEVEL_INFO, "disassociated");
1132 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
1133 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
1134 /* Stop Accounting and IEEE 802.1X sessions, but leave the STA
1135 * authenticated. */
1136 accounting_sta_stop(hapd, sta);
1137 ieee802_1x_free_station(sta);
1138 hostapd_sta_remove(hapd, sta->addr);
1139
1140 if (sta->timeout_next == STA_NULLFUNC ||
1141 sta->timeout_next == STA_DISASSOC) {
1142 sta->timeout_next = STA_DEAUTH;
1143 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
1144 eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer,
1145 hapd, sta);
1146 }
1147
1148 mlme_disassociate_indication(
1149 hapd, sta, le_to_host16(mgmt->u.disassoc.reason_code));
1150 }
1151
1152
1153 static void handle_deauth(struct hostapd_data *hapd,
1154 struct ieee80211_mgmt *mgmt, size_t len)
1155 {
1156 struct sta_info *sta;
1157
1158 if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.deauth)) {
1159 printf("handle_deauth - too short payload (len=%lu)\n",
1160 (unsigned long) len);
1161 return;
1162 }
1163
1164 wpa_printf(MSG_DEBUG, "deauthentication: STA=" MACSTR
1165 " reason_code=%d",
1166 MAC2STR(mgmt->sa),
1167 le_to_host16(mgmt->u.deauth.reason_code));
1168
1169 sta = ap_get_sta(hapd, mgmt->sa);
1170 if (sta == NULL) {
1171 printf("Station " MACSTR " trying to deauthenticate, but it "
1172 "is not authenticated.\n", MAC2STR(mgmt->sa));
1173 return;
1174 }
1175
1176 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
1177 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
1178 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1179 HOSTAPD_LEVEL_DEBUG, "deauthenticated");
1180 mlme_deauthenticate_indication(
1181 hapd, sta, le_to_host16(mgmt->u.deauth.reason_code));
1182 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
1183 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
1184 ap_free_sta(hapd, sta);
1185 }
1186
1187
1188 static void handle_beacon(struct hostapd_data *hapd,
1189 struct ieee80211_mgmt *mgmt, size_t len,
1190 struct hostapd_frame_info *fi)
1191 {
1192 struct ieee802_11_elems elems;
1193
1194 if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.beacon)) {
1195 printf("handle_beacon - too short payload (len=%lu)\n",
1196 (unsigned long) len);
1197 return;
1198 }
1199
1200 (void) ieee802_11_parse_elems(mgmt->u.beacon.variable,
1201 len - (IEEE80211_HDRLEN +
1202 sizeof(mgmt->u.beacon)), &elems,
1203 0);
1204
1205 ap_list_process_beacon(hapd->iface, mgmt, &elems, fi);
1206 }
1207
1208
1209 #ifdef CONFIG_IEEE80211W
1210 static void hostapd_ping_action(struct hostapd_data *hapd,
1211 struct ieee80211_mgmt *mgmt, size_t len)
1212 {
1213 struct sta_info *sta;
1214 u8 *end;
1215 int i;
1216
1217 end = mgmt->u.action.u.ping_resp.trans_id + WLAN_PING_TRANS_ID_LEN;
1218 if (((u8 *) mgmt) + len < end) {
1219 wpa_printf(MSG_DEBUG, "IEEE 802.11: Too short Ping Action "
1220 "frame (len=%lu)", (unsigned long) len);
1221 return;
1222 }
1223
1224 if (mgmt->u.action.u.ping_resp.action != WLAN_PING_RESPONSE) {
1225 wpa_printf(MSG_DEBUG, "IEEE 802.11: Unexpected Ping Action %d",
1226 mgmt->u.action.u.ping_resp.action);
1227 return;
1228 }
1229
1230 /* MLME-PING.confirm */
1231
1232 sta = ap_get_sta(hapd, mgmt->sa);
1233 if (sta == NULL || sta->ping_trans_id == NULL) {
1234 wpa_printf(MSG_DEBUG, "IEEE 802.11: No matching STA with "
1235 "pending ping request found");
1236 return;
1237 }
1238
1239 for (i = 0; i < sta->ping_count; i++) {
1240 if (os_memcmp(sta->ping_trans_id + i * WLAN_PING_TRANS_ID_LEN,
1241 mgmt->u.action.u.ping_resp.trans_id,
1242 WLAN_PING_TRANS_ID_LEN) == 0)
1243 break;
1244 }
1245
1246 if (i >= sta->ping_count) {
1247 wpa_printf(MSG_DEBUG, "IEEE 802.11: No matching ping "
1248 "transaction identifier found");
1249 return;
1250 }
1251
1252 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1253 HOSTAPD_LEVEL_DEBUG, "Reply to pending ping received");
1254 ap_sta_stop_ping(hapd, sta);
1255 }
1256 #endif /* CONFIG_IEEE80211W */
1257
1258
1259 static void handle_action(struct hostapd_data *hapd,
1260 struct ieee80211_mgmt *mgmt, size_t len)
1261 {
1262 if (len < IEEE80211_HDRLEN + 1) {
1263 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
1264 HOSTAPD_LEVEL_DEBUG,
1265 "handle_action - too short payload (len=%lu)",
1266 (unsigned long) len);
1267 return;
1268 }
1269
1270 switch (mgmt->u.action.category) {
1271 #ifdef CONFIG_IEEE80211R
1272 case WLAN_ACTION_FT:
1273 {
1274 struct sta_info *sta;
1275
1276 sta = ap_get_sta(hapd, mgmt->sa);
1277 if (sta == NULL || !(sta->flags & WLAN_STA_ASSOC)) {
1278 wpa_printf(MSG_DEBUG, "IEEE 802.11: Ignored FT Action "
1279 "frame from unassociated STA " MACSTR,
1280 MAC2STR(mgmt->sa));
1281 return;
1282 }
1283
1284 if (wpa_ft_action_rx(sta->wpa_sm, (u8 *) &mgmt->u.action,
1285 len - IEEE80211_HDRLEN))
1286 break;
1287
1288 return;
1289 }
1290 #endif /* CONFIG_IEEE80211R */
1291 case WLAN_ACTION_WMM:
1292 hostapd_wme_action(hapd, mgmt, len);
1293 return;
1294 #ifdef CONFIG_IEEE80211W
1295 case WLAN_ACTION_PING:
1296 hostapd_ping_action(hapd, mgmt, len);
1297 return;
1298 #endif /* CONFIG_IEEE80211W */
1299 }
1300
1301 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
1302 HOSTAPD_LEVEL_DEBUG,
1303 "handle_action - unknown action category %d or invalid "
1304 "frame",
1305 mgmt->u.action.category);
1306 if (!(mgmt->da[0] & 0x01) && !(mgmt->u.action.category & 0x80) &&
1307 !(mgmt->sa[0] & 0x01)) {
1308 /*
1309 * IEEE 802.11-REVma/D9.0 - 7.3.1.11
1310 * Return the Action frame to the source without change
1311 * except that MSB of the Category set to 1.
1312 */
1313 wpa_printf(MSG_DEBUG, "IEEE 802.11: Return unknown Action "
1314 "frame back to sender");
1315 os_memcpy(mgmt->da, mgmt->sa, ETH_ALEN);
1316 os_memcpy(mgmt->sa, hapd->own_addr, ETH_ALEN);
1317 os_memcpy(mgmt->bssid, hapd->own_addr, ETH_ALEN);
1318 mgmt->u.action.category |= 0x80;
1319
1320 hostapd_send_mgmt_frame(hapd, mgmt, len, 0);
1321 }
1322 }
1323
1324
1325 /**
1326 * ieee802_11_mgmt - process incoming IEEE 802.11 management frames
1327 * @hapd: hostapd BSS data structure (the BSS to which the management frame was
1328 * sent to)
1329 * @buf: management frame data (starting from IEEE 802.11 header)
1330 * @len: length of frame data in octets
1331 * @stype: management frame subtype from frame control field
1332 *
1333 * Process all incoming IEEE 802.11 management frames. This will be called for
1334 * each frame received from the kernel driver through wlan#ap interface. In
1335 * addition, it can be called to re-inserted pending frames (e.g., when using
1336 * external RADIUS server as an MAC ACL).
1337 */
1338 void ieee802_11_mgmt(struct hostapd_data *hapd, u8 *buf, size_t len, u16 stype,
1339 struct hostapd_frame_info *fi)
1340 {
1341 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) buf;
1342 int broadcast;
1343
1344 if (stype == WLAN_FC_STYPE_BEACON) {
1345 handle_beacon(hapd, mgmt, len, fi);
1346 return;
1347 }
1348
1349 if (fi && fi->passive_scan)
1350 return;
1351
1352 broadcast = mgmt->bssid[0] == 0xff && mgmt->bssid[1] == 0xff &&
1353 mgmt->bssid[2] == 0xff && mgmt->bssid[3] == 0xff &&
1354 mgmt->bssid[4] == 0xff && mgmt->bssid[5] == 0xff;
1355
1356 if (!broadcast &&
1357 os_memcmp(mgmt->bssid, hapd->own_addr, ETH_ALEN) != 0) {
1358 printf("MGMT: BSSID=" MACSTR " not our address\n",
1359 MAC2STR(mgmt->bssid));
1360 return;
1361 }
1362
1363
1364 if (stype == WLAN_FC_STYPE_PROBE_REQ) {
1365 handle_probe_req(hapd, mgmt, len);
1366 return;
1367 }
1368
1369 if (os_memcmp(mgmt->da, hapd->own_addr, ETH_ALEN) != 0) {
1370 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
1371 HOSTAPD_LEVEL_DEBUG,
1372 "MGMT: DA=" MACSTR " not our address",
1373 MAC2STR(mgmt->da));
1374 return;
1375 }
1376
1377 switch (stype) {
1378 case WLAN_FC_STYPE_AUTH:
1379 wpa_printf(MSG_DEBUG, "mgmt::auth");
1380 handle_auth(hapd, mgmt, len);
1381 break;
1382 case WLAN_FC_STYPE_ASSOC_REQ:
1383 wpa_printf(MSG_DEBUG, "mgmt::assoc_req");
1384 handle_assoc(hapd, mgmt, len, 0);
1385 break;
1386 case WLAN_FC_STYPE_REASSOC_REQ:
1387 wpa_printf(MSG_DEBUG, "mgmt::reassoc_req");
1388 handle_assoc(hapd, mgmt, len, 1);
1389 break;
1390 case WLAN_FC_STYPE_DISASSOC:
1391 wpa_printf(MSG_DEBUG, "mgmt::disassoc");
1392 handle_disassoc(hapd, mgmt, len);
1393 break;
1394 case WLAN_FC_STYPE_DEAUTH:
1395 wpa_printf(MSG_DEBUG, "mgmt::deauth");
1396 handle_deauth(hapd, mgmt, len);
1397 break;
1398 case WLAN_FC_STYPE_ACTION:
1399 wpa_printf(MSG_DEBUG, "mgmt::action");
1400 handle_action(hapd, mgmt, len);
1401 break;
1402 default:
1403 hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
1404 HOSTAPD_LEVEL_DEBUG,
1405 "unknown mgmt frame subtype %d", stype);
1406 break;
1407 }
1408 }
1409
1410
1411 static void handle_auth_cb(struct hostapd_data *hapd,
1412 struct ieee80211_mgmt *mgmt,
1413 size_t len, int ok)
1414 {
1415 u16 auth_alg, auth_transaction, status_code;
1416 struct sta_info *sta;
1417
1418 if (!ok) {
1419 hostapd_logger(hapd, mgmt->da, HOSTAPD_MODULE_IEEE80211,
1420 HOSTAPD_LEVEL_NOTICE,
1421 "did not acknowledge authentication response");
1422 return;
1423 }
1424
1425 if (len < IEEE80211_HDRLEN + sizeof(mgmt->u.auth)) {
1426 printf("handle_auth_cb - too short payload (len=%lu)\n",
1427 (unsigned long) len);
1428 return;
1429 }
1430
1431 auth_alg = le_to_host16(mgmt->u.auth.auth_alg);
1432 auth_transaction = le_to_host16(mgmt->u.auth.auth_transaction);
1433 status_code = le_to_host16(mgmt->u.auth.status_code);
1434
1435 sta = ap_get_sta(hapd, mgmt->da);
1436 if (!sta) {
1437 printf("handle_auth_cb: STA " MACSTR " not found\n",
1438 MAC2STR(mgmt->da));
1439 return;
1440 }
1441
1442 if (status_code == WLAN_STATUS_SUCCESS &&
1443 ((auth_alg == WLAN_AUTH_OPEN && auth_transaction == 2) ||
1444 (auth_alg == WLAN_AUTH_SHARED_KEY && auth_transaction == 4))) {
1445 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1446 HOSTAPD_LEVEL_INFO, "authenticated");
1447 sta->flags |= WLAN_STA_AUTH;
1448 }
1449 }
1450
1451
1452 static void handle_assoc_cb(struct hostapd_data *hapd,
1453 struct ieee80211_mgmt *mgmt,
1454 size_t len, int reassoc, int ok)
1455 {
1456 u16 status;
1457 struct sta_info *sta;
1458 int new_assoc = 1;
1459 struct ht_cap_ie *ht_cap = NULL;
1460
1461 if (!ok) {
1462 hostapd_logger(hapd, mgmt->da, HOSTAPD_MODULE_IEEE80211,
1463 HOSTAPD_LEVEL_DEBUG,
1464 "did not acknowledge association response");
1465 return;
1466 }
1467
1468 if (len < IEEE80211_HDRLEN + (reassoc ? sizeof(mgmt->u.reassoc_resp) :
1469 sizeof(mgmt->u.assoc_resp))) {
1470 printf("handle_assoc_cb(reassoc=%d) - too short payload "
1471 "(len=%lu)\n", reassoc, (unsigned long) len);
1472 return;
1473 }
1474
1475 if (reassoc)
1476 status = le_to_host16(mgmt->u.reassoc_resp.status_code);
1477 else
1478 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1479
1480 sta = ap_get_sta(hapd, mgmt->da);
1481 if (!sta) {
1482 printf("handle_assoc_cb: STA " MACSTR " not found\n",
1483 MAC2STR(mgmt->da));
1484 return;
1485 }
1486
1487 if (status != WLAN_STATUS_SUCCESS)
1488 goto fail;
1489
1490 /* Stop previous accounting session, if one is started, and allocate
1491 * new session id for the new session. */
1492 accounting_sta_stop(hapd, sta);
1493
1494 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1495 HOSTAPD_LEVEL_INFO,
1496 "associated (aid %d)",
1497 sta->aid);
1498
1499 if (sta->flags & WLAN_STA_ASSOC)
1500 new_assoc = 0;
1501 sta->flags |= WLAN_STA_ASSOC;
1502
1503 if (reassoc)
1504 mlme_reassociate_indication(hapd, sta);
1505 else
1506 mlme_associate_indication(hapd, sta);
1507
1508 #ifdef CONFIG_IEEE80211N
1509 if (sta->flags & WLAN_STA_HT)
1510 ht_cap = &sta->ht_capabilities;
1511 #endif /* CONFIG_IEEE80211N */
1512
1513 #ifdef CONFIG_IEEE80211W
1514 sta->ping_timed_out = 0;
1515 #endif /* CONFIG_IEEE80211W */
1516
1517 if (hostapd_sta_add(hapd->conf->iface, hapd, sta->addr, sta->aid,
1518 sta->capability, sta->supported_rates,
1519 sta->supported_rates_len, 0, sta->listen_interval,
1520 ht_cap))
1521 {
1522 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1523 HOSTAPD_LEVEL_NOTICE,
1524 "Could not add STA to kernel driver");
1525 }
1526
1527 if (sta->eapol_sm == NULL) {
1528 /*
1529 * This STA does not use RADIUS server for EAP authentication,
1530 * so bind it to the selected VLAN interface now, since the
1531 * interface selection is not going to change anymore.
1532 */
1533 ap_sta_bind_vlan(hapd, sta, 0);
1534 } else if (sta->vlan_id) {
1535 /* VLAN ID already set (e.g., by PMKSA caching), so bind STA */
1536 ap_sta_bind_vlan(hapd, sta, 0);
1537 }
1538 if (sta->flags & WLAN_STA_SHORT_PREAMBLE) {
1539 hostapd_sta_set_flags(hapd, sta->addr, sta->flags,
1540 WLAN_STA_SHORT_PREAMBLE, ~0);
1541 } else {
1542 hostapd_sta_set_flags(hapd, sta->addr, sta->flags,
1543 0, ~WLAN_STA_SHORT_PREAMBLE);
1544 }
1545
1546 if (sta->auth_alg == WLAN_AUTH_FT)
1547 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT);
1548 else
1549 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
1550 hostapd_new_assoc_sta(hapd, sta, !new_assoc);
1551
1552 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
1553
1554 fail:
1555 /* Copy of the association request is not needed anymore */
1556 if (sta->last_assoc_req) {
1557 os_free(sta->last_assoc_req);
1558 sta->last_assoc_req = NULL;
1559 }
1560 }
1561
1562
1563 void ieee802_11_mgmt_cb(struct hostapd_data *hapd, u8 *buf, size_t len,
1564 u16 stype, int ok)
1565 {
1566 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *) buf;
1567
1568 switch (stype) {
1569 case WLAN_FC_STYPE_AUTH:
1570 wpa_printf(MSG_DEBUG, "mgmt::auth cb");
1571 handle_auth_cb(hapd, mgmt, len, ok);
1572 break;
1573 case WLAN_FC_STYPE_ASSOC_RESP:
1574 wpa_printf(MSG_DEBUG, "mgmt::assoc_resp cb");
1575 handle_assoc_cb(hapd, mgmt, len, 0, ok);
1576 break;
1577 case WLAN_FC_STYPE_REASSOC_RESP:
1578 wpa_printf(MSG_DEBUG, "mgmt::reassoc_resp cb");
1579 handle_assoc_cb(hapd, mgmt, len, 1, ok);
1580 break;
1581 case WLAN_FC_STYPE_PROBE_RESP:
1582 wpa_printf(MSG_DEBUG, "mgmt::proberesp cb");
1583 break;
1584 case WLAN_FC_STYPE_DEAUTH:
1585 /* ignore */
1586 break;
1587 case WLAN_FC_STYPE_ACTION:
1588 wpa_printf(MSG_DEBUG, "mgmt::action cb");
1589 break;
1590 default:
1591 printf("unknown mgmt cb frame subtype %d\n", stype);
1592 break;
1593 }
1594 }
1595
1596
1597 static void ieee80211_tkip_countermeasures_stop(void *eloop_ctx,
1598 void *timeout_ctx)
1599 {
1600 struct hostapd_data *hapd = eloop_ctx;
1601 hapd->tkip_countermeasures = 0;
1602 hostapd_set_countermeasures(hapd, 0);
1603 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
1604 HOSTAPD_LEVEL_INFO, "TKIP countermeasures ended");
1605 }
1606
1607
1608 static void ieee80211_tkip_countermeasures_start(struct hostapd_data *hapd)
1609 {
1610 struct sta_info *sta;
1611
1612 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
1613 HOSTAPD_LEVEL_INFO, "TKIP countermeasures initiated");
1614
1615 wpa_auth_countermeasures_start(hapd->wpa_auth);
1616 hapd->tkip_countermeasures = 1;
1617 hostapd_set_countermeasures(hapd, 1);
1618 wpa_gtk_rekey(hapd->wpa_auth);
1619 eloop_cancel_timeout(ieee80211_tkip_countermeasures_stop, hapd, NULL);
1620 eloop_register_timeout(60, 0, ieee80211_tkip_countermeasures_stop,
1621 hapd, NULL);
1622 for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
1623 hostapd_sta_deauth(hapd, sta->addr,
1624 WLAN_REASON_MICHAEL_MIC_FAILURE);
1625 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC |
1626 WLAN_STA_AUTHORIZED);
1627 hostapd_sta_remove(hapd, sta->addr);
1628 }
1629 }
1630
1631
1632 void ieee80211_michael_mic_failure(struct hostapd_data *hapd, const u8 *addr,
1633 int local)
1634 {
1635 time_t now;
1636
1637 if (addr && local) {
1638 struct sta_info *sta = ap_get_sta(hapd, addr);
1639 if (sta != NULL) {
1640 wpa_auth_sta_local_mic_failure_report(sta->wpa_sm);
1641 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
1642 HOSTAPD_LEVEL_INFO,
1643 "Michael MIC failure detected in "
1644 "received frame");
1645 mlme_michaelmicfailure_indication(hapd, addr);
1646 } else {
1647 wpa_printf(MSG_DEBUG,
1648 "MLME-MICHAELMICFAILURE.indication "
1649 "for not associated STA (" MACSTR
1650 ") ignored", MAC2STR(addr));
1651 return;
1652 }
1653 }
1654
1655 time(&now);
1656 if (now > hapd->michael_mic_failure + 60) {
1657 hapd->michael_mic_failures = 1;
1658 } else {
1659 hapd->michael_mic_failures++;
1660 if (hapd->michael_mic_failures > 1)
1661 ieee80211_tkip_countermeasures_start(hapd);
1662 }
1663 hapd->michael_mic_failure = now;
1664 }
1665
1666
1667 int ieee802_11_get_mib(struct hostapd_data *hapd, char *buf, size_t buflen)
1668 {
1669 /* TODO */
1670 return 0;
1671 }
1672
1673
1674 int ieee802_11_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
1675 char *buf, size_t buflen)
1676 {
1677 /* TODO */
1678 return 0;
1679 }
1680
1681 #endif /* CONFIG_NATIVE_WINDOWS */
Unnamed repository; edit this file 'description' to name the repository.