]>
Commit | Line | Data |
---|---|---|
6fc6879b JM |
1 | /* |
2 | * hostapd / Station table | |
09368515 | 3 | * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> |
6fc6879b | 4 | * |
0f3d578e JM |
5 | * This software may be distributed under the terms of the BSD license. |
6 | * See README for more details. | |
6fc6879b JM |
7 | */ |
8 | ||
6226e38d | 9 | #include "utils/includes.h" |
6fc6879b | 10 | |
6226e38d JM |
11 | #include "utils/common.h" |
12 | #include "utils/eloop.h" | |
81f4f619 | 13 | #include "common/ieee802_11_defs.h" |
6caaae1e | 14 | #include "common/wpa_ctrl.h" |
a46d72d7 | 15 | #include "common/sae.h" |
10ec6a5f | 16 | #include "common/dpp.h" |
bdee6fce JM |
17 | #include "radius/radius.h" |
18 | #include "radius/radius_client.h" | |
8ccbe415 | 19 | #include "p2p/p2p.h" |
6959145b | 20 | #include "fst/fst.h" |
09368515 | 21 | #include "crypto/crypto.h" |
6fc6879b | 22 | #include "hostapd.h" |
6fc6879b JM |
23 | #include "accounting.h" |
24 | #include "ieee802_1x.h" | |
25 | #include "ieee802_11.h" | |
f2a14be7 | 26 | #include "ieee802_11_auth.h" |
6226e38d JM |
27 | #include "wpa_auth.h" |
28 | #include "preauth_auth.h" | |
29 | #include "ap_config.h" | |
6fc6879b | 30 | #include "beacon.h" |
6226e38d | 31 | #include "ap_mlme.h" |
6fc6879b | 32 | #include "vlan_init.h" |
aefb53bd | 33 | #include "p2p_hostapd.h" |
cee7d66b | 34 | #include "ap_drv_ops.h" |
dca30c3f | 35 | #include "gas_serv.h" |
97596f8e | 36 | #include "wnm_ap.h" |
ca911d61 | 37 | #include "mbo_ap.h" |
bd00c431 | 38 | #include "ndisc_snoop.h" |
6226e38d | 39 | #include "sta_info.h" |
1889af2e | 40 | #include "vlan.h" |
0f5eb69f | 41 | #include "wps_hostapd.h" |
6fc6879b | 42 | |
53f3d6f3 FF |
43 | static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, |
44 | struct sta_info *sta); | |
6fc6879b | 45 | static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx); |
97596f8e | 46 | static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx); |
4dc03726 JM |
47 | static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx); |
48 | static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx); | |
93b76319 | 49 | static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx); |
4dc03726 | 50 | static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta); |
0f5eb69f | 51 | static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx); |
6fc6879b JM |
52 | |
53 | int ap_for_each_sta(struct hostapd_data *hapd, | |
54 | int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, | |
55 | void *ctx), | |
56 | void *ctx) | |
57 | { | |
58 | struct sta_info *sta; | |
59 | ||
60 | for (sta = hapd->sta_list; sta; sta = sta->next) { | |
61 | if (cb(hapd, sta, ctx)) | |
62 | return 1; | |
63 | } | |
64 | ||
65 | return 0; | |
66 | } | |
67 | ||
68 | ||
69 | struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta) | |
70 | { | |
71 | struct sta_info *s; | |
72 | ||
73 | s = hapd->sta_hash[STA_HASH(sta)]; | |
74 | while (s != NULL && os_memcmp(s->addr, sta, 6) != 0) | |
75 | s = s->hnext; | |
76 | return s; | |
77 | } | |
78 | ||
79 | ||
f2c56602 JM |
80 | #ifdef CONFIG_P2P |
81 | struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr) | |
82 | { | |
83 | struct sta_info *sta; | |
84 | ||
85 | for (sta = hapd->sta_list; sta; sta = sta->next) { | |
86 | const u8 *p2p_dev_addr; | |
87 | ||
88 | if (sta->p2p_ie == NULL) | |
89 | continue; | |
90 | ||
91 | p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie); | |
92 | if (p2p_dev_addr == NULL) | |
93 | continue; | |
94 | ||
95 | if (os_memcmp(p2p_dev_addr, addr, ETH_ALEN) == 0) | |
96 | return sta; | |
97 | } | |
98 | ||
99 | return NULL; | |
100 | } | |
101 | #endif /* CONFIG_P2P */ | |
102 | ||
103 | ||
6fc6879b JM |
104 | static void ap_sta_list_del(struct hostapd_data *hapd, struct sta_info *sta) |
105 | { | |
106 | struct sta_info *tmp; | |
107 | ||
108 | if (hapd->sta_list == sta) { | |
109 | hapd->sta_list = sta->next; | |
110 | return; | |
111 | } | |
112 | ||
113 | tmp = hapd->sta_list; | |
114 | while (tmp != NULL && tmp->next != sta) | |
115 | tmp = tmp->next; | |
116 | if (tmp == NULL) { | |
117 | wpa_printf(MSG_DEBUG, "Could not remove STA " MACSTR " from " | |
118 | "list.", MAC2STR(sta->addr)); | |
119 | } else | |
120 | tmp->next = sta->next; | |
121 | } | |
122 | ||
123 | ||
124 | void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta) | |
125 | { | |
126 | sta->hnext = hapd->sta_hash[STA_HASH(sta->addr)]; | |
127 | hapd->sta_hash[STA_HASH(sta->addr)] = sta; | |
128 | } | |
129 | ||
130 | ||
131 | static void ap_sta_hash_del(struct hostapd_data *hapd, struct sta_info *sta) | |
132 | { | |
133 | struct sta_info *s; | |
134 | ||
135 | s = hapd->sta_hash[STA_HASH(sta->addr)]; | |
136 | if (s == NULL) return; | |
137 | if (os_memcmp(s->addr, sta->addr, 6) == 0) { | |
138 | hapd->sta_hash[STA_HASH(sta->addr)] = s->hnext; | |
139 | return; | |
140 | } | |
141 | ||
142 | while (s->hnext != NULL && | |
143 | os_memcmp(s->hnext->addr, sta->addr, ETH_ALEN) != 0) | |
144 | s = s->hnext; | |
145 | if (s->hnext != NULL) | |
146 | s->hnext = s->hnext->hnext; | |
147 | else | |
148 | wpa_printf(MSG_DEBUG, "AP: could not remove STA " MACSTR | |
149 | " from hash table", MAC2STR(sta->addr)); | |
150 | } | |
151 | ||
152 | ||
bd00c431 KP |
153 | void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta) |
154 | { | |
155 | sta_ip6addr_del(hapd, sta); | |
156 | } | |
157 | ||
158 | ||
6fc6879b JM |
159 | void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta) |
160 | { | |
161 | int set_beacon = 0; | |
162 | ||
163 | accounting_sta_stop(hapd, sta); | |
164 | ||
6905dcb1 JB |
165 | /* just in case */ |
166 | ap_sta_set_authorized(hapd, sta, 0); | |
b7275a81 | 167 | hostapd_set_sta_flags(hapd, sta); |
6905dcb1 | 168 | |
9c06f0f6 | 169 | if (sta->flags & (WLAN_STA_WDS | WLAN_STA_MULTI_AP)) |
69dd2967 | 170 | hostapd_set_wds_sta(hapd, NULL, sta->addr, sta->aid, 0); |
53f3d6f3 | 171 | |
7d597d46 | 172 | if (sta->ipaddr) |
ed4ddb6d | 173 | hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); |
bd00c431 | 174 | ap_sta_ip6addr_del(hapd, sta); |
7d597d46 | 175 | |
354c903f | 176 | if (!hapd->iface->driver_ap_teardown && |
bb598c3b | 177 | !(sta->flags & WLAN_STA_PREAUTH)) { |
51e2a27a | 178 | hostapd_drv_sta_remove(hapd, sta->addr); |
bb598c3b AB |
179 | sta->added_unassoc = 0; |
180 | } | |
6fc6879b JM |
181 | |
182 | ap_sta_hash_del(hapd, sta); | |
183 | ap_sta_list_del(hapd, sta); | |
184 | ||
185 | if (sta->aid > 0) | |
2991469c JM |
186 | hapd->sta_aid[(sta->aid - 1) / 32] &= |
187 | ~BIT((sta->aid - 1) % 32); | |
6fc6879b JM |
188 | |
189 | hapd->num_sta--; | |
190 | if (sta->nonerp_set) { | |
191 | sta->nonerp_set = 0; | |
192 | hapd->iface->num_sta_non_erp--; | |
193 | if (hapd->iface->num_sta_non_erp == 0) | |
194 | set_beacon++; | |
195 | } | |
196 | ||
197 | if (sta->no_short_slot_time_set) { | |
198 | sta->no_short_slot_time_set = 0; | |
199 | hapd->iface->num_sta_no_short_slot_time--; | |
28d12641 AKP |
200 | if (hapd->iface->current_mode && |
201 | hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G | |
6fc6879b JM |
202 | && hapd->iface->num_sta_no_short_slot_time == 0) |
203 | set_beacon++; | |
204 | } | |
205 | ||
206 | if (sta->no_short_preamble_set) { | |
207 | sta->no_short_preamble_set = 0; | |
208 | hapd->iface->num_sta_no_short_preamble--; | |
28d12641 AKP |
209 | if (hapd->iface->current_mode && |
210 | hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211G | |
6fc6879b JM |
211 | && hapd->iface->num_sta_no_short_preamble == 0) |
212 | set_beacon++; | |
213 | } | |
214 | ||
e8ff1e59 JM |
215 | if (sta->no_ht_gf_set) { |
216 | sta->no_ht_gf_set = 0; | |
217 | hapd->iface->num_sta_ht_no_gf--; | |
218 | } | |
219 | ||
220 | if (sta->no_ht_set) { | |
221 | sta->no_ht_set = 0; | |
de9289c8 | 222 | hapd->iface->num_sta_no_ht--; |
e8ff1e59 JM |
223 | } |
224 | ||
225 | if (sta->ht_20mhz_set) { | |
226 | sta->ht_20mhz_set = 0; | |
227 | hapd->iface->num_sta_ht_20mhz--; | |
228 | } | |
de9289c8 | 229 | |
04059ab8 DG |
230 | #ifdef CONFIG_TAXONOMY |
231 | wpabuf_free(sta->probe_ie_taxonomy); | |
232 | sta->probe_ie_taxonomy = NULL; | |
233 | wpabuf_free(sta->assoc_ie_taxonomy); | |
234 | sta->assoc_ie_taxonomy = NULL; | |
235 | #endif /* CONFIG_TAXONOMY */ | |
236 | ||
9c47f6a2 | 237 | ht40_intolerant_remove(hapd->iface, sta); |
9c47f6a2 | 238 | |
aefb53bd JM |
239 | #ifdef CONFIG_P2P |
240 | if (sta->no_p2p_set) { | |
241 | sta->no_p2p_set = 0; | |
242 | hapd->num_sta_no_p2p--; | |
243 | if (hapd->num_sta_no_p2p == 0) | |
244 | hostapd_p2p_non_p2p_sta_disconnected(hapd); | |
245 | } | |
246 | #endif /* CONFIG_P2P */ | |
247 | ||
f3bcd696 | 248 | #ifdef NEED_AP_MLME |
de9289c8 JM |
249 | if (hostapd_ht_operation_update(hapd->iface) > 0) |
250 | set_beacon++; | |
f3bcd696 | 251 | #endif /* NEED_AP_MLME */ |
de9289c8 | 252 | |
c596f3f0 CYY |
253 | #ifdef CONFIG_MESH |
254 | if (hapd->mesh_sta_free_cb) | |
9684c756 | 255 | hapd->mesh_sta_free_cb(hapd, sta); |
c596f3f0 CYY |
256 | #endif /* CONFIG_MESH */ |
257 | ||
6fc6879b JM |
258 | if (set_beacon) |
259 | ieee802_11_set_beacons(hapd->iface); | |
260 | ||
42ca9845 JM |
261 | wpa_printf(MSG_DEBUG, "%s: cancel ap_handle_timer for " MACSTR, |
262 | __func__, MAC2STR(sta->addr)); | |
6fc6879b JM |
263 | eloop_cancel_timeout(ap_handle_timer, hapd, sta); |
264 | eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); | |
97596f8e | 265 | eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); |
9e8fde21 | 266 | ap_sta_clear_disconnect_timeouts(hapd, sta); |
f3b8ad4d | 267 | sae_clear_retransmit_timer(hapd, sta); |
6fc6879b | 268 | |
d7c3347f | 269 | ieee802_1x_free_station(hapd, sta); |
6fc6879b JM |
270 | wpa_auth_sta_deinit(sta->wpa_sm); |
271 | rsn_preauth_free_station(hapd, sta); | |
74784010 | 272 | #ifndef CONFIG_NO_RADIUS |
ded22b53 HS |
273 | if (hapd->radius) |
274 | radius_client_flush_auth(hapd->radius, sta->addr); | |
74784010 | 275 | #endif /* CONFIG_NO_RADIUS */ |
6fc6879b | 276 | |
7cebc8e2 MB |
277 | #ifndef CONFIG_NO_VLAN |
278 | /* | |
279 | * sta->wpa_sm->group needs to be released before so that | |
280 | * vlan_remove_dynamic() can check that no stations are left on the | |
281 | * AP_VLAN netdev. | |
282 | */ | |
1889af2e MB |
283 | if (sta->vlan_id) |
284 | vlan_remove_dynamic(hapd, sta->vlan_id); | |
7cebc8e2 MB |
285 | if (sta->vlan_id_bound) { |
286 | /* | |
287 | * Need to remove the STA entry before potentially removing the | |
288 | * VLAN. | |
289 | */ | |
290 | if (hapd->iface->driver_ap_teardown && | |
bb598c3b | 291 | !(sta->flags & WLAN_STA_PREAUTH)) { |
7cebc8e2 | 292 | hostapd_drv_sta_remove(hapd, sta->addr); |
bb598c3b AB |
293 | sta->added_unassoc = 0; |
294 | } | |
7cebc8e2 MB |
295 | vlan_remove_dynamic(hapd, sta->vlan_id_bound); |
296 | } | |
297 | #endif /* CONFIG_NO_VLAN */ | |
298 | ||
6fc6879b | 299 | os_free(sta->challenge); |
5d22a1d5 | 300 | |
93b76319 JM |
301 | os_free(sta->sa_query_trans_id); |
302 | eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); | |
5d22a1d5 | 303 | |
8ccbe415 JM |
304 | #ifdef CONFIG_P2P |
305 | p2p_group_notif_disassoc(hapd->p2p_group, sta->addr); | |
306 | #endif /* CONFIG_P2P */ | |
307 | ||
dca30c3f JK |
308 | #ifdef CONFIG_INTERWORKING |
309 | if (sta->gas_dialog) { | |
310 | int i; | |
311 | for (i = 0; i < GAS_DIALOG_MAX; i++) | |
312 | gas_serv_dialog_clear(&sta->gas_dialog[i]); | |
313 | os_free(sta->gas_dialog); | |
314 | } | |
315 | #endif /* CONFIG_INTERWORKING */ | |
316 | ||
eb76b7e3 | 317 | wpabuf_free(sta->wps_ie); |
b305c684 | 318 | wpabuf_free(sta->p2p_ie); |
f403dcd6 | 319 | wpabuf_free(sta->hs20_ie); |
67cca346 | 320 | wpabuf_free(sta->roaming_consortium); |
ae667c08 AN |
321 | #ifdef CONFIG_FST |
322 | wpabuf_free(sta->mb_ies); | |
323 | #endif /* CONFIG_FST */ | |
eb76b7e3 | 324 | |
df84268a | 325 | os_free(sta->ht_capabilities); |
cc14091e | 326 | os_free(sta->vht_capabilities); |
ad20a136 | 327 | os_free(sta->vht_operation); |
78d35b16 | 328 | os_free(sta->he_capab); |
f2a14be7 | 329 | hostapd_free_psk_list(sta->psk); |
2092597f MB |
330 | os_free(sta->identity); |
331 | os_free(sta->radius_cui); | |
6ca0853d | 332 | os_free(sta->remediation_url); |
d4e39c51 | 333 | os_free(sta->t_c_url); |
8e1146d9 | 334 | wpabuf_free(sta->hs20_deauth_req); |
97596f8e | 335 | os_free(sta->hs20_session_info_url); |
df84268a | 336 | |
98efcc41 | 337 | #ifdef CONFIG_SAE |
a46d72d7 | 338 | sae_clear_data(sta->sae); |
98efcc41 JM |
339 | os_free(sta->sae); |
340 | #endif /* CONFIG_SAE */ | |
341 | ||
ca911d61 | 342 | mbo_ap_sta_free(sta); |
adf0478e | 343 | os_free(sta->supp_op_classes); |
ca911d61 | 344 | |
91d91abf JM |
345 | #ifdef CONFIG_FILS |
346 | os_free(sta->fils_pending_assoc_req); | |
347 | wpabuf_free(sta->fils_hlp_resp); | |
348 | wpabuf_free(sta->hlp_dhcp_discover); | |
349 | eloop_cancel_timeout(fils_hlp_timeout, hapd, sta); | |
1764559e JM |
350 | #ifdef CONFIG_FILS_SK_PFS |
351 | crypto_ecdh_deinit(sta->fils_ecdh); | |
352 | wpabuf_clear_free(sta->fils_dh_ss); | |
80ddf5d9 | 353 | wpabuf_free(sta->fils_g_sta); |
1764559e | 354 | #endif /* CONFIG_FILS_SK_PFS */ |
91d91abf JM |
355 | #endif /* CONFIG_FILS */ |
356 | ||
09368515 | 357 | #ifdef CONFIG_OWE |
7a12edd1 | 358 | bin_clear_free(sta->owe_pmk, sta->owe_pmk_len); |
09368515 JM |
359 | crypto_ecdh_deinit(sta->owe_ecdh); |
360 | #endif /* CONFIG_OWE */ | |
361 | ||
10ec6a5f JM |
362 | #ifdef CONFIG_DPP2 |
363 | dpp_pfs_free(sta->dpp_pfs); | |
364 | sta->dpp_pfs = NULL; | |
365 | #endif /* CONFIG_DPP2 */ | |
366 | ||
65f9db6b | 367 | os_free(sta->ext_capability); |
368 | ||
d58c3bd8 RM |
369 | #ifdef CONFIG_WNM_AP |
370 | eloop_cancel_timeout(ap_sta_reset_steer_flag_timer, hapd, sta); | |
371 | #endif /* CONFIG_WNM_AP */ | |
372 | ||
1952b626 BP |
373 | os_free(sta->ifname_wds); |
374 | ||
3912cbd8 JM |
375 | #ifdef CONFIG_TESTING_OPTIONS |
376 | os_free(sta->sae_postponed_commit); | |
377 | #endif /* CONFIG_TESTING_OPTIONS */ | |
378 | ||
6fc6879b JM |
379 | os_free(sta); |
380 | } | |
381 | ||
382 | ||
383 | void hostapd_free_stas(struct hostapd_data *hapd) | |
384 | { | |
385 | struct sta_info *sta, *prev; | |
386 | ||
387 | sta = hapd->sta_list; | |
388 | ||
389 | while (sta) { | |
390 | prev = sta; | |
391 | if (sta->flags & WLAN_STA_AUTH) { | |
392 | mlme_deauthenticate_indication( | |
393 | hapd, sta, WLAN_REASON_UNSPECIFIED); | |
394 | } | |
395 | sta = sta->next; | |
396 | wpa_printf(MSG_DEBUG, "Removing station " MACSTR, | |
397 | MAC2STR(prev->addr)); | |
398 | ap_free_sta(hapd, prev); | |
399 | } | |
400 | } | |
401 | ||
402 | ||
1c6e69cc JM |
403 | /** |
404 | * ap_handle_timer - Per STA timer handler | |
405 | * @eloop_ctx: struct hostapd_data * | |
406 | * @timeout_ctx: struct sta_info * | |
407 | * | |
408 | * This function is called to check station activity and to remove inactive | |
409 | * stations. | |
410 | */ | |
6fc6879b JM |
411 | void ap_handle_timer(void *eloop_ctx, void *timeout_ctx) |
412 | { | |
413 | struct hostapd_data *hapd = eloop_ctx; | |
414 | struct sta_info *sta = timeout_ctx; | |
415 | unsigned long next_time = 0; | |
d5b559b6 | 416 | int reason; |
6fc6879b | 417 | |
03269d55 JM |
418 | wpa_printf(MSG_DEBUG, "%s: %s: " MACSTR " flags=0x%x timeout_next=%d", |
419 | hapd->conf->iface, __func__, MAC2STR(sta->addr), sta->flags, | |
42ca9845 | 420 | sta->timeout_next); |
6fc6879b JM |
421 | if (sta->timeout_next == STA_REMOVE) { |
422 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, | |
423 | HOSTAPD_LEVEL_INFO, "deauthenticated due to " | |
424 | "local deauth request"); | |
425 | ap_free_sta(hapd, sta); | |
426 | return; | |
427 | } | |
428 | ||
429 | if ((sta->flags & WLAN_STA_ASSOC) && | |
430 | (sta->timeout_next == STA_NULLFUNC || | |
431 | sta->timeout_next == STA_DISASSOC)) { | |
432 | int inactive_sec; | |
ce28e279 BG |
433 | /* |
434 | * Add random value to timeout so that we don't end up bouncing | |
435 | * all stations at the same time if we have lots of associated | |
436 | * stations that are idle (but keep re-associating). | |
437 | */ | |
438 | int fuzz = os_random() % 20; | |
51e2a27a | 439 | inactive_sec = hostapd_drv_get_inact_sec(hapd, sta->addr); |
6fc6879b | 440 | if (inactive_sec == -1) { |
3ec1e902 JM |
441 | wpa_msg(hapd->msg_ctx, MSG_DEBUG, |
442 | "Check inactivity: Could not " | |
d5674791 | 443 | "get station info from kernel driver for " |
24d75245 | 444 | MACSTR, MAC2STR(sta->addr)); |
d5674791 JM |
445 | /* |
446 | * The driver may not support this functionality. | |
447 | * Anyway, try again after the next inactivity timeout, | |
448 | * but do not disconnect the station now. | |
449 | */ | |
ce28e279 | 450 | next_time = hapd->conf->ap_max_inactivity + fuzz; |
b9749bac MH |
451 | } else if (inactive_sec == -ENOENT) { |
452 | wpa_msg(hapd->msg_ctx, MSG_DEBUG, | |
453 | "Station " MACSTR " has lost its driver entry", | |
454 | MAC2STR(sta->addr)); | |
455 | ||
47e5fbde PO |
456 | /* Avoid sending client probe on removed client */ |
457 | sta->timeout_next = STA_DISASSOC; | |
458 | goto skip_poll; | |
a114c723 | 459 | } else if (inactive_sec < hapd->conf->ap_max_inactivity) { |
6fc6879b | 460 | /* station activity detected; reset timeout state */ |
3ec1e902 JM |
461 | wpa_msg(hapd->msg_ctx, MSG_DEBUG, |
462 | "Station " MACSTR " has been active %is ago", | |
24d75245 | 463 | MAC2STR(sta->addr), inactive_sec); |
6fc6879b | 464 | sta->timeout_next = STA_NULLFUNC; |
ce28e279 | 465 | next_time = hapd->conf->ap_max_inactivity + fuzz - |
6fc6879b | 466 | inactive_sec; |
24d75245 | 467 | } else { |
3ec1e902 JM |
468 | wpa_msg(hapd->msg_ctx, MSG_DEBUG, |
469 | "Station " MACSTR " has been " | |
24d75245 BG |
470 | "inactive too long: %d sec, max allowed: %d", |
471 | MAC2STR(sta->addr), inactive_sec, | |
472 | hapd->conf->ap_max_inactivity); | |
ef01fa7b YAP |
473 | |
474 | if (hapd->conf->skip_inactivity_poll) | |
475 | sta->timeout_next = STA_DISASSOC; | |
6fc6879b JM |
476 | } |
477 | } | |
478 | ||
479 | if ((sta->flags & WLAN_STA_ASSOC) && | |
480 | sta->timeout_next == STA_DISASSOC && | |
ef01fa7b YAP |
481 | !(sta->flags & WLAN_STA_PENDING_POLL) && |
482 | !hapd->conf->skip_inactivity_poll) { | |
3ec1e902 JM |
483 | wpa_msg(hapd->msg_ctx, MSG_DEBUG, "Station " MACSTR |
484 | " has ACKed data poll", MAC2STR(sta->addr)); | |
6fc6879b JM |
485 | /* data nullfunc frame poll did not produce TX errors; assume |
486 | * station ACKed it */ | |
487 | sta->timeout_next = STA_NULLFUNC; | |
488 | next_time = hapd->conf->ap_max_inactivity; | |
489 | } | |
490 | ||
47e5fbde | 491 | skip_poll: |
6fc6879b | 492 | if (next_time) { |
42ca9845 JM |
493 | wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " |
494 | "for " MACSTR " (%lu seconds)", | |
495 | __func__, MAC2STR(sta->addr), next_time); | |
6fc6879b JM |
496 | eloop_register_timeout(next_time, 0, ap_handle_timer, hapd, |
497 | sta); | |
498 | return; | |
499 | } | |
500 | ||
501 | if (sta->timeout_next == STA_NULLFUNC && | |
502 | (sta->flags & WLAN_STA_ASSOC)) { | |
bcf24348 | 503 | wpa_printf(MSG_DEBUG, " Polling STA"); |
6fc6879b | 504 | sta->flags |= WLAN_STA_PENDING_POLL; |
bcf24348 JB |
505 | hostapd_drv_poll_client(hapd, hapd->own_addr, sta->addr, |
506 | sta->flags & WLAN_STA_WMM); | |
6fc6879b JM |
507 | } else if (sta->timeout_next != STA_REMOVE) { |
508 | int deauth = sta->timeout_next == STA_DEAUTH; | |
509 | ||
f3a841bb JM |
510 | if (!deauth && !(sta->flags & WLAN_STA_ASSOC)) { |
511 | /* Cannot disassociate not-associated STA, so move | |
512 | * directly to deauthentication. */ | |
513 | sta->timeout_next = STA_DEAUTH; | |
514 | deauth = 1; | |
515 | } | |
516 | ||
afcc9ea1 BG |
517 | wpa_dbg(hapd->msg_ctx, MSG_DEBUG, |
518 | "Timeout, sending %s info to STA " MACSTR, | |
519 | deauth ? "deauthentication" : "disassociation", | |
520 | MAC2STR(sta->addr)); | |
6fc6879b JM |
521 | |
522 | if (deauth) { | |
51e2a27a JM |
523 | hostapd_drv_sta_deauth( |
524 | hapd, sta->addr, | |
525 | WLAN_REASON_PREV_AUTH_NOT_VALID); | |
6fc6879b | 526 | } else { |
d5b559b6 KP |
527 | reason = (sta->timeout_next == STA_DISASSOC) ? |
528 | WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : | |
529 | WLAN_REASON_PREV_AUTH_NOT_VALID; | |
530 | ||
531 | hostapd_drv_sta_disassoc(hapd, sta->addr, reason); | |
6fc6879b JM |
532 | } |
533 | } | |
534 | ||
535 | switch (sta->timeout_next) { | |
536 | case STA_NULLFUNC: | |
537 | sta->timeout_next = STA_DISASSOC; | |
42ca9845 JM |
538 | wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " |
539 | "for " MACSTR " (%d seconds - AP_DISASSOC_DELAY)", | |
540 | __func__, MAC2STR(sta->addr), AP_DISASSOC_DELAY); | |
6fc6879b JM |
541 | eloop_register_timeout(AP_DISASSOC_DELAY, 0, ap_handle_timer, |
542 | hapd, sta); | |
543 | break; | |
544 | case STA_DISASSOC: | |
d5b559b6 | 545 | case STA_DISASSOC_FROM_CLI: |
ae055af4 | 546 | ap_sta_set_authorized(hapd, sta, 0); |
6fc6879b | 547 | sta->flags &= ~WLAN_STA_ASSOC; |
b7275a81 | 548 | hostapd_set_sta_flags(hapd, sta); |
6fc6879b JM |
549 | ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); |
550 | if (!sta->acct_terminate_cause) | |
551 | sta->acct_terminate_cause = | |
552 | RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; | |
553 | accounting_sta_stop(hapd, sta); | |
d7c3347f | 554 | ieee802_1x_free_station(hapd, sta); |
6fc6879b JM |
555 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, |
556 | HOSTAPD_LEVEL_INFO, "disassociated due to " | |
557 | "inactivity"); | |
d5b559b6 KP |
558 | reason = (sta->timeout_next == STA_DISASSOC) ? |
559 | WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY : | |
560 | WLAN_REASON_PREV_AUTH_NOT_VALID; | |
6fc6879b | 561 | sta->timeout_next = STA_DEAUTH; |
42ca9845 JM |
562 | wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " |
563 | "for " MACSTR " (%d seconds - AP_DEAUTH_DELAY)", | |
564 | __func__, MAC2STR(sta->addr), AP_DEAUTH_DELAY); | |
6fc6879b JM |
565 | eloop_register_timeout(AP_DEAUTH_DELAY, 0, ap_handle_timer, |
566 | hapd, sta); | |
d5b559b6 | 567 | mlme_disassociate_indication(hapd, sta, reason); |
6fc6879b JM |
568 | break; |
569 | case STA_DEAUTH: | |
570 | case STA_REMOVE: | |
571 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, | |
572 | HOSTAPD_LEVEL_INFO, "deauthenticated due to " | |
afcc9ea1 | 573 | "inactivity (timer DEAUTH/REMOVE)"); |
6fc6879b JM |
574 | if (!sta->acct_terminate_cause) |
575 | sta->acct_terminate_cause = | |
576 | RADIUS_ACCT_TERMINATE_CAUSE_IDLE_TIMEOUT; | |
577 | mlme_deauthenticate_indication( | |
578 | hapd, sta, | |
579 | WLAN_REASON_PREV_AUTH_NOT_VALID); | |
580 | ap_free_sta(hapd, sta); | |
581 | break; | |
582 | } | |
583 | } | |
584 | ||
585 | ||
586 | static void ap_handle_session_timer(void *eloop_ctx, void *timeout_ctx) | |
587 | { | |
588 | struct hostapd_data *hapd = eloop_ctx; | |
589 | struct sta_info *sta = timeout_ctx; | |
6fc6879b | 590 | |
03269d55 JM |
591 | wpa_printf(MSG_DEBUG, "%s: Session timer for STA " MACSTR, |
592 | hapd->conf->iface, MAC2STR(sta->addr)); | |
ef48f1bf ZK |
593 | if (!(sta->flags & (WLAN_STA_AUTH | WLAN_STA_ASSOC | |
594 | WLAN_STA_AUTHORIZED))) { | |
dca30c3f JK |
595 | if (sta->flags & WLAN_STA_GAS) { |
596 | wpa_printf(MSG_DEBUG, "GAS: Remove temporary STA " | |
597 | "entry " MACSTR, MAC2STR(sta->addr)); | |
598 | ap_free_sta(hapd, sta); | |
599 | } | |
6fc6879b | 600 | return; |
dca30c3f | 601 | } |
6fc6879b | 602 | |
0ac38766 JM |
603 | hostapd_drv_sta_deauth(hapd, sta->addr, |
604 | WLAN_REASON_PREV_AUTH_NOT_VALID); | |
6fc6879b JM |
605 | mlme_deauthenticate_indication(hapd, sta, |
606 | WLAN_REASON_PREV_AUTH_NOT_VALID); | |
607 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, | |
608 | HOSTAPD_LEVEL_INFO, "deauthenticated due to " | |
609 | "session timeout"); | |
610 | sta->acct_terminate_cause = | |
611 | RADIUS_ACCT_TERMINATE_CAUSE_SESSION_TIMEOUT; | |
6fc6879b | 612 | ap_free_sta(hapd, sta); |
6fc6879b JM |
613 | } |
614 | ||
615 | ||
91f9e607 KP |
616 | void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, |
617 | u32 session_timeout) | |
618 | { | |
619 | if (eloop_replenish_timeout(session_timeout, 0, | |
a09ffd5f | 620 | ap_handle_session_timer, hapd, sta) == 1) { |
91f9e607 KP |
621 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, |
622 | HOSTAPD_LEVEL_DEBUG, "setting session timeout " | |
623 | "to %d seconds", session_timeout); | |
624 | } | |
625 | } | |
626 | ||
627 | ||
6fc6879b JM |
628 | void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, |
629 | u32 session_timeout) | |
630 | { | |
631 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, | |
632 | HOSTAPD_LEVEL_DEBUG, "setting session timeout to %d " | |
633 | "seconds", session_timeout); | |
634 | eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); | |
635 | eloop_register_timeout(session_timeout, 0, ap_handle_session_timer, | |
636 | hapd, sta); | |
637 | } | |
638 | ||
639 | ||
640 | void ap_sta_no_session_timeout(struct hostapd_data *hapd, struct sta_info *sta) | |
641 | { | |
642 | eloop_cancel_timeout(ap_handle_session_timer, hapd, sta); | |
643 | } | |
644 | ||
645 | ||
97596f8e JM |
646 | static void ap_handle_session_warning_timer(void *eloop_ctx, void *timeout_ctx) |
647 | { | |
b5bf84ba | 648 | #ifdef CONFIG_WNM_AP |
97596f8e JM |
649 | struct hostapd_data *hapd = eloop_ctx; |
650 | struct sta_info *sta = timeout_ctx; | |
651 | ||
03269d55 JM |
652 | wpa_printf(MSG_DEBUG, "%s: WNM: Session warning time reached for " |
653 | MACSTR, hapd->conf->iface, MAC2STR(sta->addr)); | |
97596f8e JM |
654 | if (sta->hs20_session_info_url == NULL) |
655 | return; | |
656 | ||
657 | wnm_send_ess_disassoc_imminent(hapd, sta, sta->hs20_session_info_url, | |
658 | sta->hs20_disassoc_timer); | |
b5bf84ba | 659 | #endif /* CONFIG_WNM_AP */ |
97596f8e JM |
660 | } |
661 | ||
662 | ||
663 | void ap_sta_session_warning_timeout(struct hostapd_data *hapd, | |
664 | struct sta_info *sta, int warning_time) | |
665 | { | |
666 | eloop_cancel_timeout(ap_handle_session_warning_timer, hapd, sta); | |
667 | eloop_register_timeout(warning_time, 0, ap_handle_session_warning_timer, | |
668 | hapd, sta); | |
669 | } | |
670 | ||
671 | ||
6fc6879b JM |
672 | struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr) |
673 | { | |
674 | struct sta_info *sta; | |
d5d156bd | 675 | int i; |
6fc6879b JM |
676 | |
677 | sta = ap_get_sta(hapd, addr); | |
678 | if (sta) | |
679 | return sta; | |
680 | ||
681 | wpa_printf(MSG_DEBUG, " New STA"); | |
682 | if (hapd->num_sta >= hapd->conf->max_num_sta) { | |
683 | /* FIX: might try to remove some old STAs first? */ | |
684 | wpa_printf(MSG_DEBUG, "no more room for new STAs (%d/%d)", | |
685 | hapd->num_sta, hapd->conf->max_num_sta); | |
686 | return NULL; | |
687 | } | |
688 | ||
689 | sta = os_zalloc(sizeof(struct sta_info)); | |
690 | if (sta == NULL) { | |
691 | wpa_printf(MSG_ERROR, "malloc failed"); | |
692 | return NULL; | |
693 | } | |
5843e1c9 | 694 | sta->acct_interim_interval = hapd->conf->acct_interim_interval; |
d72a0053 NL |
695 | if (accounting_sta_get_id(hapd, sta) < 0) { |
696 | os_free(sta); | |
697 | return NULL; | |
698 | } | |
6fc6879b | 699 | |
d5d156bd JB |
700 | for (i = 0; i < WLAN_SUPP_RATES_MAX; i++) { |
701 | if (!hapd->iface->basic_rates) | |
702 | break; | |
703 | if (hapd->iface->basic_rates[i] < 0) | |
704 | break; | |
705 | sta->supported_rates[i] = hapd->iface->basic_rates[i] / 5; | |
706 | } | |
707 | sta->supported_rates_len = i; | |
708 | ||
336167c8 MSS |
709 | if (!(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_INACTIVITY_TIMER)) { |
710 | wpa_printf(MSG_DEBUG, "%s: register ap_handle_timer timeout " | |
711 | "for " MACSTR " (%d seconds - ap_max_inactivity)", | |
712 | __func__, MAC2STR(addr), | |
713 | hapd->conf->ap_max_inactivity); | |
714 | eloop_register_timeout(hapd->conf->ap_max_inactivity, 0, | |
715 | ap_handle_timer, hapd, sta); | |
716 | } | |
717 | ||
6fc6879b | 718 | /* initialize STA info data */ |
6fc6879b JM |
719 | os_memcpy(sta->addr, addr, ETH_ALEN); |
720 | sta->next = hapd->sta_list; | |
721 | hapd->sta_list = sta; | |
722 | hapd->num_sta++; | |
723 | ap_sta_hash_add(hapd, sta); | |
53f3d6f3 | 724 | ap_sta_remove_in_other_bss(hapd, sta); |
38cb0a2d | 725 | sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; |
bd00c431 | 726 | dl_list_init(&sta->ip6addr); |
6fc6879b | 727 | |
44281940 DG |
728 | #ifdef CONFIG_TAXONOMY |
729 | sta_track_claim_taxonomy_info(hapd->iface, addr, | |
730 | &sta->probe_ie_taxonomy); | |
731 | #endif /* CONFIG_TAXONOMY */ | |
732 | ||
6fc6879b JM |
733 | return sta; |
734 | } | |
735 | ||
736 | ||
737 | static int ap_sta_remove(struct hostapd_data *hapd, struct sta_info *sta) | |
738 | { | |
739 | ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); | |
740 | ||
7d597d46 | 741 | if (sta->ipaddr) |
ed4ddb6d | 742 | hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr); |
bd00c431 | 743 | ap_sta_ip6addr_del(hapd, sta); |
7d597d46 | 744 | |
03269d55 JM |
745 | wpa_printf(MSG_DEBUG, "%s: Removing STA " MACSTR " from kernel driver", |
746 | hapd->conf->iface, MAC2STR(sta->addr)); | |
51e2a27a | 747 | if (hostapd_drv_sta_remove(hapd, sta->addr) && |
6fc6879b | 748 | sta->flags & WLAN_STA_ASSOC) { |
03269d55 JM |
749 | wpa_printf(MSG_DEBUG, "%s: Could not remove station " MACSTR |
750 | " from kernel driver", | |
751 | hapd->conf->iface, MAC2STR(sta->addr)); | |
6fc6879b JM |
752 | return -1; |
753 | } | |
bb598c3b | 754 | sta->added_unassoc = 0; |
6fc6879b JM |
755 | return 0; |
756 | } | |
757 | ||
758 | ||
53f3d6f3 FF |
759 | static void ap_sta_remove_in_other_bss(struct hostapd_data *hapd, |
760 | struct sta_info *sta) | |
6fc6879b JM |
761 | { |
762 | struct hostapd_iface *iface = hapd->iface; | |
763 | size_t i; | |
764 | ||
765 | for (i = 0; i < iface->num_bss; i++) { | |
766 | struct hostapd_data *bss = iface->bss[i]; | |
767 | struct sta_info *sta2; | |
768 | /* bss should always be set during operation, but it may be | |
769 | * NULL during reconfiguration. Assume the STA is not | |
770 | * associated to another BSS in that case to avoid NULL pointer | |
771 | * dereferences. */ | |
772 | if (bss == hapd || bss == NULL) | |
773 | continue; | |
774 | sta2 = ap_get_sta(bss, sta->addr); | |
53f3d6f3 FF |
775 | if (!sta2) |
776 | continue; | |
6fc6879b | 777 | |
03269d55 JM |
778 | wpa_printf(MSG_DEBUG, "%s: disconnect old STA " MACSTR |
779 | " association from another BSS %s", | |
780 | hapd->conf->iface, MAC2STR(sta2->addr), | |
781 | bss->conf->iface); | |
53f3d6f3 FF |
782 | ap_sta_disconnect(bss, sta2, sta2->addr, |
783 | WLAN_REASON_PREV_AUTH_NOT_VALID); | |
784 | } | |
6fc6879b JM |
785 | } |
786 | ||
787 | ||
4dc03726 JM |
788 | static void ap_sta_disassoc_cb_timeout(void *eloop_ctx, void *timeout_ctx) |
789 | { | |
790 | struct hostapd_data *hapd = eloop_ctx; | |
791 | struct sta_info *sta = timeout_ctx; | |
792 | ||
03269d55 JM |
793 | wpa_printf(MSG_DEBUG, "%s: Disassociation callback for STA " MACSTR, |
794 | hapd->conf->iface, MAC2STR(sta->addr)); | |
4dc03726 JM |
795 | ap_sta_remove(hapd, sta); |
796 | mlme_disassociate_indication(hapd, sta, sta->disassoc_reason); | |
797 | } | |
798 | ||
799 | ||
6fc6879b JM |
800 | void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, |
801 | u16 reason) | |
802 | { | |
803 | wpa_printf(MSG_DEBUG, "%s: disassociate STA " MACSTR, | |
804 | hapd->conf->iface, MAC2STR(sta->addr)); | |
38cb0a2d | 805 | sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; |
05e5e615 DL |
806 | if (hapd->iface->current_mode && |
807 | hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { | |
808 | /* Skip deauthentication in DMG/IEEE 802.11ad */ | |
809 | sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | | |
810 | WLAN_STA_ASSOC_REQ_OK); | |
811 | sta->timeout_next = STA_REMOVE; | |
812 | } else { | |
813 | sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); | |
814 | sta->timeout_next = STA_DEAUTH; | |
815 | } | |
4dc03726 | 816 | ap_sta_set_authorized(hapd, sta, 0); |
b7275a81 | 817 | hostapd_set_sta_flags(hapd, sta); |
42ca9845 JM |
818 | wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " |
819 | "for " MACSTR " (%d seconds - " | |
820 | "AP_MAX_INACTIVITY_AFTER_DISASSOC)", | |
821 | __func__, MAC2STR(sta->addr), | |
822 | AP_MAX_INACTIVITY_AFTER_DISASSOC); | |
6fc6879b JM |
823 | eloop_cancel_timeout(ap_handle_timer, hapd, sta); |
824 | eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DISASSOC, 0, | |
825 | ap_handle_timer, hapd, sta); | |
826 | accounting_sta_stop(hapd, sta); | |
d7c3347f | 827 | ieee802_1x_free_station(hapd, sta); |
f006c13c JM |
828 | wpa_auth_sta_deinit(sta->wpa_sm); |
829 | sta->wpa_sm = NULL; | |
6fc6879b | 830 | |
4dc03726 | 831 | sta->disassoc_reason = reason; |
cc28ad8c | 832 | sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; |
4dc03726 JM |
833 | eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); |
834 | eloop_register_timeout(hapd->iface->drv_flags & | |
835 | WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, | |
836 | ap_sta_disassoc_cb_timeout, hapd, sta); | |
837 | } | |
838 | ||
839 | ||
840 | static void ap_sta_deauth_cb_timeout(void *eloop_ctx, void *timeout_ctx) | |
841 | { | |
842 | struct hostapd_data *hapd = eloop_ctx; | |
843 | struct sta_info *sta = timeout_ctx; | |
844 | ||
03269d55 JM |
845 | wpa_printf(MSG_DEBUG, "%s: Deauthentication callback for STA " MACSTR, |
846 | hapd->conf->iface, MAC2STR(sta->addr)); | |
4dc03726 JM |
847 | ap_sta_remove(hapd, sta); |
848 | mlme_deauthenticate_indication(hapd, sta, sta->deauth_reason); | |
6fc6879b JM |
849 | } |
850 | ||
851 | ||
852 | void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, | |
853 | u16 reason) | |
854 | { | |
05e5e615 DL |
855 | if (hapd->iface->current_mode && |
856 | hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { | |
857 | /* Deauthentication is not used in DMG/IEEE 802.11ad; | |
858 | * disassociate the STA instead. */ | |
859 | ap_sta_disassociate(hapd, sta, reason); | |
860 | return; | |
861 | } | |
862 | ||
6fc6879b JM |
863 | wpa_printf(MSG_DEBUG, "%s: deauthenticate STA " MACSTR, |
864 | hapd->conf->iface, MAC2STR(sta->addr)); | |
38cb0a2d | 865 | sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ; |
631739b3 | 866 | sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK); |
4dc03726 | 867 | ap_sta_set_authorized(hapd, sta, 0); |
b7275a81 | 868 | hostapd_set_sta_flags(hapd, sta); |
6fc6879b | 869 | sta->timeout_next = STA_REMOVE; |
42ca9845 JM |
870 | wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout " |
871 | "for " MACSTR " (%d seconds - " | |
872 | "AP_MAX_INACTIVITY_AFTER_DEAUTH)", | |
873 | __func__, MAC2STR(sta->addr), | |
874 | AP_MAX_INACTIVITY_AFTER_DEAUTH); | |
6fc6879b JM |
875 | eloop_cancel_timeout(ap_handle_timer, hapd, sta); |
876 | eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, | |
877 | ap_handle_timer, hapd, sta); | |
878 | accounting_sta_stop(hapd, sta); | |
d7c3347f | 879 | ieee802_1x_free_station(hapd, sta); |
6fc6879b | 880 | |
4dc03726 | 881 | sta->deauth_reason = reason; |
cc28ad8c | 882 | sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; |
4dc03726 JM |
883 | eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); |
884 | eloop_register_timeout(hapd->iface->drv_flags & | |
885 | WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, | |
886 | ap_sta_deauth_cb_timeout, hapd, sta); | |
6fc6879b JM |
887 | } |
888 | ||
889 | ||
4c374cde AS |
890 | #ifdef CONFIG_WPS |
891 | int ap_sta_wps_cancel(struct hostapd_data *hapd, | |
892 | struct sta_info *sta, void *ctx) | |
893 | { | |
894 | if (sta && (sta->flags & WLAN_STA_WPS)) { | |
895 | ap_sta_deauthenticate(hapd, sta, | |
896 | WLAN_REASON_PREV_AUTH_NOT_VALID); | |
897 | wpa_printf(MSG_DEBUG, "WPS: %s: Deauth sta=" MACSTR, | |
898 | __func__, MAC2STR(sta->addr)); | |
899 | return 1; | |
900 | } | |
901 | ||
902 | return 0; | |
903 | } | |
904 | #endif /* CONFIG_WPS */ | |
905 | ||
906 | ||
8e44c192 MB |
907 | static int ap_sta_get_free_vlan_id(struct hostapd_data *hapd) |
908 | { | |
909 | struct hostapd_vlan *vlan; | |
910 | int vlan_id = MAX_VLAN_ID + 2; | |
911 | ||
912 | retry: | |
913 | for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { | |
914 | if (vlan->vlan_id == vlan_id) { | |
915 | vlan_id++; | |
916 | goto retry; | |
917 | } | |
918 | } | |
919 | return vlan_id; | |
920 | } | |
921 | ||
922 | ||
1889af2e MB |
923 | int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, |
924 | struct vlan_description *vlan_desc) | |
925 | { | |
926 | struct hostapd_vlan *vlan = NULL, *wildcard_vlan = NULL; | |
927 | int old_vlan_id, vlan_id = 0, ret = 0; | |
928 | ||
8e44c192 | 929 | /* Check if there is something to do */ |
8be640b7 MB |
930 | if (hapd->conf->ssid.per_sta_vif && !sta->vlan_id) { |
931 | /* This sta is lacking its own vif */ | |
932 | } else if (hapd->conf->ssid.dynamic_vlan == DYNAMIC_VLAN_DISABLED && | |
933 | !hapd->conf->ssid.per_sta_vif && sta->vlan_id) { | |
934 | /* sta->vlan_id needs to be reset */ | |
935 | } else if (!vlan_compare(vlan_desc, sta->vlan_desc)) { | |
8e44c192 | 936 | return 0; /* nothing to change */ |
8be640b7 | 937 | } |
8e44c192 MB |
938 | |
939 | /* Now the real VLAN changed or the STA just needs its own vif */ | |
8be640b7 MB |
940 | if (hapd->conf->ssid.per_sta_vif) { |
941 | /* Assign a new vif, always */ | |
942 | /* find a free vlan_id sufficiently big */ | |
943 | vlan_id = ap_sta_get_free_vlan_id(hapd); | |
944 | /* Get wildcard VLAN */ | |
945 | for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { | |
946 | if (vlan->vlan_id == VLAN_ID_WILDCARD) | |
947 | break; | |
948 | } | |
949 | if (!vlan) { | |
950 | hostapd_logger(hapd, sta->addr, | |
951 | HOSTAPD_MODULE_IEEE80211, | |
952 | HOSTAPD_LEVEL_DEBUG, | |
953 | "per_sta_vif missing wildcard"); | |
954 | vlan_id = 0; | |
955 | ret = -1; | |
956 | goto done; | |
957 | } | |
958 | } else if (vlan_desc && vlan_desc->notempty) { | |
1889af2e MB |
959 | for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { |
960 | if (!vlan_compare(&vlan->vlan_desc, vlan_desc)) | |
961 | break; | |
962 | if (vlan->vlan_id == VLAN_ID_WILDCARD) | |
963 | wildcard_vlan = vlan; | |
964 | } | |
965 | if (vlan) { | |
966 | vlan_id = vlan->vlan_id; | |
967 | } else if (wildcard_vlan) { | |
968 | vlan = wildcard_vlan; | |
969 | vlan_id = vlan_desc->untagged; | |
8e44c192 MB |
970 | if (vlan_desc->tagged[0]) { |
971 | /* Tagged VLAN configuration */ | |
972 | vlan_id = ap_sta_get_free_vlan_id(hapd); | |
973 | } | |
1889af2e MB |
974 | } else { |
975 | hostapd_logger(hapd, sta->addr, | |
976 | HOSTAPD_MODULE_IEEE80211, | |
977 | HOSTAPD_LEVEL_DEBUG, | |
8e44c192 MB |
978 | "missing vlan and wildcard for vlan=%d%s", |
979 | vlan_desc->untagged, | |
980 | vlan_desc->tagged[0] ? "+" : ""); | |
1889af2e MB |
981 | vlan_id = 0; |
982 | ret = -1; | |
983 | goto done; | |
984 | } | |
985 | } | |
986 | ||
987 | if (vlan && vlan->vlan_id == VLAN_ID_WILDCARD) { | |
988 | vlan = vlan_add_dynamic(hapd, vlan, vlan_id, vlan_desc); | |
989 | if (vlan == NULL) { | |
990 | hostapd_logger(hapd, sta->addr, | |
991 | HOSTAPD_MODULE_IEEE80211, | |
992 | HOSTAPD_LEVEL_DEBUG, | |
8e44c192 | 993 | "could not add dynamic VLAN interface for vlan=%d%s", |
75cc211d JM |
994 | vlan_desc ? vlan_desc->untagged : -1, |
995 | (vlan_desc && vlan_desc->tagged[0]) ? | |
996 | "+" : ""); | |
1889af2e MB |
997 | vlan_id = 0; |
998 | ret = -1; | |
999 | goto done; | |
1000 | } | |
1001 | ||
1002 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, | |
1003 | HOSTAPD_LEVEL_DEBUG, | |
1004 | "added new dynamic VLAN interface '%s'", | |
1005 | vlan->ifname); | |
1006 | } else if (vlan && vlan->dynamic_vlan > 0) { | |
1007 | vlan->dynamic_vlan++; | |
1008 | hostapd_logger(hapd, sta->addr, | |
1009 | HOSTAPD_MODULE_IEEE80211, | |
1010 | HOSTAPD_LEVEL_DEBUG, | |
1011 | "updated existing dynamic VLAN interface '%s'", | |
1012 | vlan->ifname); | |
1013 | } | |
1014 | done: | |
1015 | old_vlan_id = sta->vlan_id; | |
1016 | sta->vlan_id = vlan_id; | |
1017 | sta->vlan_desc = vlan ? &vlan->vlan_desc : NULL; | |
1018 | ||
1019 | if (vlan_id != old_vlan_id && old_vlan_id) | |
1020 | vlan_remove_dynamic(hapd, old_vlan_id); | |
1021 | ||
1022 | return ret; | |
1023 | } | |
1024 | ||
1025 | ||
c8e6beab | 1026 | int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta) |
6fc6879b | 1027 | { |
30b32314 | 1028 | #ifndef CONFIG_NO_VLAN |
6fc6879b JM |
1029 | const char *iface; |
1030 | struct hostapd_vlan *vlan = NULL; | |
4254100d | 1031 | int ret; |
c8e6beab | 1032 | int old_vlanid = sta->vlan_id_bound; |
6fc6879b | 1033 | |
43ededa9 JM |
1034 | if ((sta->flags & WLAN_STA_WDS) && sta->vlan_id == 0) { |
1035 | wpa_printf(MSG_DEBUG, | |
1036 | "Do not override WDS VLAN assignment for STA " | |
1037 | MACSTR, MAC2STR(sta->addr)); | |
1038 | return 0; | |
1039 | } | |
1040 | ||
6fc6879b | 1041 | iface = hapd->conf->iface; |
f41ded6f JM |
1042 | if (hapd->conf->ssid.vlan[0]) |
1043 | iface = hapd->conf->ssid.vlan; | |
6fc6879b | 1044 | |
1889af2e MB |
1045 | if (sta->vlan_id > 0) { |
1046 | for (vlan = hapd->conf->vlan; vlan; vlan = vlan->next) { | |
c2db79f2 | 1047 | if (vlan->vlan_id == sta->vlan_id) |
6fc6879b | 1048 | break; |
6fc6879b | 1049 | } |
c2db79f2 MB |
1050 | if (vlan) |
1051 | iface = vlan->ifname; | |
6fc6879b JM |
1052 | } |
1053 | ||
c8e6beab MB |
1054 | /* |
1055 | * Do not increment ref counters if the VLAN ID remains same, but do | |
1056 | * not skip hostapd_drv_set_sta_vlan() as hostapd_drv_sta_remove() might | |
1057 | * have been called before. | |
1058 | */ | |
1059 | if (sta->vlan_id == old_vlanid) | |
1060 | goto skip_counting; | |
1061 | ||
99d8c4dc GG |
1062 | if (sta->vlan_id > 0 && !vlan && |
1063 | !(hapd->iface->drv_flags & WPA_DRIVER_FLAGS_VLAN_OFFLOAD)) { | |
6fc6879b JM |
1064 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, |
1065 | HOSTAPD_LEVEL_DEBUG, "could not find VLAN for " | |
1066 | "binding station to (vlan_id=%d)", | |
1067 | sta->vlan_id); | |
2dd4f3ae JM |
1068 | ret = -1; |
1069 | goto done; | |
1889af2e | 1070 | } else if (vlan && vlan->dynamic_vlan > 0) { |
41d62107 MB |
1071 | vlan->dynamic_vlan++; |
1072 | hostapd_logger(hapd, sta->addr, | |
1073 | HOSTAPD_MODULE_IEEE80211, | |
1074 | HOSTAPD_LEVEL_DEBUG, | |
1075 | "updated existing dynamic VLAN interface '%s'", | |
1076 | iface); | |
6fc6879b JM |
1077 | } |
1078 | ||
c8e6beab MB |
1079 | /* ref counters have been increased, so mark the station */ |
1080 | sta->vlan_id_bound = sta->vlan_id; | |
1081 | ||
1082 | skip_counting: | |
6fc6879b JM |
1083 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, |
1084 | HOSTAPD_LEVEL_DEBUG, "binding station to interface " | |
1085 | "'%s'", iface); | |
1086 | ||
1087 | if (wpa_auth_sta_set_vlan(sta->wpa_sm, sta->vlan_id) < 0) | |
1088 | wpa_printf(MSG_INFO, "Failed to update VLAN-ID for WPA"); | |
1089 | ||
51e2a27a | 1090 | ret = hostapd_drv_set_sta_vlan(iface, hapd, sta->addr, sta->vlan_id); |
4254100d JM |
1091 | if (ret < 0) { |
1092 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, | |
1093 | HOSTAPD_LEVEL_DEBUG, "could not bind the STA " | |
1094 | "entry to vlan_id=%d", sta->vlan_id); | |
1095 | } | |
2dd4f3ae | 1096 | |
2dd4f3ae | 1097 | /* During 1x reauth, if the vlan id changes, then remove the old id. */ |
c8e6beab | 1098 | if (old_vlanid > 0 && old_vlanid != sta->vlan_id) |
2dd4f3ae | 1099 | vlan_remove_dynamic(hapd, old_vlanid); |
c8e6beab | 1100 | done: |
2dd4f3ae | 1101 | |
4254100d | 1102 | return ret; |
30b32314 JM |
1103 | #else /* CONFIG_NO_VLAN */ |
1104 | return 0; | |
1105 | #endif /* CONFIG_NO_VLAN */ | |
6fc6879b | 1106 | } |
5d22a1d5 JM |
1107 | |
1108 | ||
45c94154 | 1109 | int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta) |
5d22a1d5 | 1110 | { |
45c94154 | 1111 | u32 tu; |
10e694a6 JB |
1112 | struct os_reltime now, passed; |
1113 | os_get_reltime(&now); | |
1114 | os_reltime_sub(&now, &sta->sa_query_start, &passed); | |
45c94154 JM |
1115 | tu = (passed.sec * 1000000 + passed.usec) / 1024; |
1116 | if (hapd->conf->assoc_sa_query_max_timeout < tu) { | |
1117 | hostapd_logger(hapd, sta->addr, | |
1118 | HOSTAPD_MODULE_IEEE80211, | |
5d22a1d5 | 1119 | HOSTAPD_LEVEL_DEBUG, |
93b76319 JM |
1120 | "association SA Query timed out"); |
1121 | sta->sa_query_timed_out = 1; | |
1122 | os_free(sta->sa_query_trans_id); | |
1123 | sta->sa_query_trans_id = NULL; | |
1124 | sta->sa_query_count = 0; | |
45c94154 JM |
1125 | eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); |
1126 | return 1; | |
5d22a1d5 JM |
1127 | } |
1128 | ||
45c94154 JM |
1129 | return 0; |
1130 | } | |
1131 | ||
1132 | ||
1133 | static void ap_sa_query_timer(void *eloop_ctx, void *timeout_ctx) | |
1134 | { | |
1135 | struct hostapd_data *hapd = eloop_ctx; | |
1136 | struct sta_info *sta = timeout_ctx; | |
1137 | unsigned int timeout, sec, usec; | |
1138 | u8 *trans_id, *nbuf; | |
1139 | ||
03269d55 JM |
1140 | wpa_printf(MSG_DEBUG, "%s: SA Query timer for STA " MACSTR |
1141 | " (count=%d)", | |
1142 | hapd->conf->iface, MAC2STR(sta->addr), sta->sa_query_count); | |
1143 | ||
45c94154 JM |
1144 | if (sta->sa_query_count > 0 && |
1145 | ap_check_sa_query_timeout(hapd, sta)) | |
1146 | return; | |
ae719361 JM |
1147 | if (sta->sa_query_count >= 1000) |
1148 | return; | |
45c94154 | 1149 | |
067ffa26 JM |
1150 | nbuf = os_realloc_array(sta->sa_query_trans_id, |
1151 | sta->sa_query_count + 1, | |
1152 | WLAN_SA_QUERY_TR_ID_LEN); | |
5d22a1d5 JM |
1153 | if (nbuf == NULL) |
1154 | return; | |
45c94154 JM |
1155 | if (sta->sa_query_count == 0) { |
1156 | /* Starting a new SA Query procedure */ | |
10e694a6 | 1157 | os_get_reltime(&sta->sa_query_start); |
45c94154 | 1158 | } |
93b76319 JM |
1159 | trans_id = nbuf + sta->sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; |
1160 | sta->sa_query_trans_id = nbuf; | |
1161 | sta->sa_query_count++; | |
5d22a1d5 | 1162 | |
24661bba JM |
1163 | if (os_get_random(trans_id, WLAN_SA_QUERY_TR_ID_LEN) < 0) { |
1164 | /* | |
1165 | * We don't really care which ID is used here, so simply | |
1166 | * hardcode this if the mostly theoretical os_get_random() | |
1167 | * failure happens. | |
1168 | */ | |
1169 | trans_id[0] = 0x12; | |
1170 | trans_id[1] = 0x34; | |
1171 | } | |
5d22a1d5 | 1172 | |
45c94154 JM |
1173 | timeout = hapd->conf->assoc_sa_query_retry_timeout; |
1174 | sec = ((timeout / 1000) * 1024) / 1000; | |
1175 | usec = (timeout % 1000) * 1024; | |
1176 | eloop_register_timeout(sec, usec, ap_sa_query_timer, hapd, sta); | |
1177 | ||
5d22a1d5 JM |
1178 | hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211, |
1179 | HOSTAPD_LEVEL_DEBUG, | |
93b76319 | 1180 | "association SA Query attempt %d", sta->sa_query_count); |
5d22a1d5 | 1181 | |
93b76319 | 1182 | ieee802_11_send_sa_query_req(hapd, sta->addr, trans_id); |
5d22a1d5 JM |
1183 | } |
1184 | ||
1185 | ||
93b76319 | 1186 | void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta) |
5d22a1d5 | 1187 | { |
93b76319 | 1188 | ap_sa_query_timer(hapd, sta); |
5d22a1d5 JM |
1189 | } |
1190 | ||
1191 | ||
93b76319 | 1192 | void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta) |
5d22a1d5 | 1193 | { |
93b76319 JM |
1194 | eloop_cancel_timeout(ap_sa_query_timer, hapd, sta); |
1195 | os_free(sta->sa_query_trans_id); | |
1196 | sta->sa_query_trans_id = NULL; | |
1197 | sta->sa_query_count = 0; | |
5d22a1d5 JM |
1198 | } |
1199 | ||
45cefa0b | 1200 | |
ec5c39a5 MK |
1201 | const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd, |
1202 | struct sta_info *sta) | |
1203 | { | |
1204 | struct hostapd_wpa_psk *psk; | |
1205 | struct hostapd_ssid *ssid; | |
1206 | const u8 *pmk; | |
1207 | int pmk_len; | |
1208 | ||
1209 | ssid = &hapd->conf->ssid; | |
1210 | ||
1211 | pmk = wpa_auth_get_pmk(sta->wpa_sm, &pmk_len); | |
1212 | if (!pmk || pmk_len != PMK_LEN) | |
1213 | return NULL; | |
1214 | ||
1215 | for (psk = ssid->wpa_psk; psk; psk = psk->next) | |
1216 | if (os_memcmp(pmk, psk->psk, PMK_LEN) == 0) | |
1217 | break; | |
1218 | if (!psk) | |
1219 | return NULL; | |
1220 | if (!psk || !psk->keyid[0]) | |
1221 | return NULL; | |
1222 | ||
1223 | return psk->keyid; | |
1224 | } | |
1225 | ||
1226 | ||
6905dcb1 JB |
1227 | void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta, |
1228 | int authorized) | |
1229 | { | |
10cc6c88 | 1230 | const u8 *dev_addr = NULL; |
7793c959 | 1231 | char buf[100]; |
c2d76aa6 MH |
1232 | #ifdef CONFIG_P2P |
1233 | u8 addr[ETH_ALEN]; | |
25ef8529 | 1234 | u8 ip_addr_buf[4]; |
c2d76aa6 MH |
1235 | #endif /* CONFIG_P2P */ |
1236 | ||
6905dcb1 JB |
1237 | if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED)) |
1238 | return; | |
1239 | ||
61fc9048 SD |
1240 | if (authorized) |
1241 | sta->flags |= WLAN_STA_AUTHORIZED; | |
1242 | else | |
1243 | sta->flags &= ~WLAN_STA_AUTHORIZED; | |
1244 | ||
ae055af4 | 1245 | #ifdef CONFIG_P2P |
c2d76aa6 MH |
1246 | if (hapd->p2p_group == NULL) { |
1247 | if (sta->p2p_ie != NULL && | |
1248 | p2p_parse_dev_addr_in_p2p_ie(sta->p2p_ie, addr) == 0) | |
1249 | dev_addr = addr; | |
1250 | } else | |
1251 | dev_addr = p2p_group_get_dev_addr(hapd->p2p_group, sta->addr); | |
10cc6c88 | 1252 | |
7793c959 JM |
1253 | if (dev_addr) |
1254 | os_snprintf(buf, sizeof(buf), MACSTR " p2p_dev_addr=" MACSTR, | |
1255 | MAC2STR(sta->addr), MAC2STR(dev_addr)); | |
1256 | else | |
375f4a3b | 1257 | #endif /* CONFIG_P2P */ |
7793c959 JM |
1258 | os_snprintf(buf, sizeof(buf), MACSTR, MAC2STR(sta->addr)); |
1259 | ||
61fc9048 SD |
1260 | if (hapd->sta_authorized_cb) |
1261 | hapd->sta_authorized_cb(hapd->sta_authorized_cb_ctx, | |
1262 | sta->addr, authorized, dev_addr); | |
1263 | ||
10cc6c88 | 1264 | if (authorized) { |
ec5c39a5 MK |
1265 | const char *keyid; |
1266 | char keyid_buf[100]; | |
25ef8529 | 1267 | char ip_addr[100]; |
ec5c39a5 MK |
1268 | |
1269 | keyid_buf[0] = '\0'; | |
25ef8529 JM |
1270 | ip_addr[0] = '\0'; |
1271 | #ifdef CONFIG_P2P | |
1272 | if (wpa_auth_get_ip_addr(sta->wpa_sm, ip_addr_buf) == 0) { | |
1273 | os_snprintf(ip_addr, sizeof(ip_addr), | |
1274 | " ip_addr=%u.%u.%u.%u", | |
1275 | ip_addr_buf[0], ip_addr_buf[1], | |
1276 | ip_addr_buf[2], ip_addr_buf[3]); | |
1277 | } | |
1278 | #endif /* CONFIG_P2P */ | |
1279 | ||
ec5c39a5 MK |
1280 | keyid = ap_sta_wpa_get_keyid(hapd, sta); |
1281 | if (keyid) { | |
1282 | os_snprintf(keyid_buf, sizeof(keyid_buf), | |
1283 | " keyid=%s", keyid); | |
1284 | } | |
1285 | ||
1286 | wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_CONNECTED "%s%s%s", | |
1287 | buf, ip_addr, keyid_buf); | |
7793c959 | 1288 | |
8a5e75f6 | 1289 | if (hapd->msg_ctx_parent && |
7793c959 | 1290 | hapd->msg_ctx_parent != hapd->msg_ctx) |
c4bf83a7 | 1291 | wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, |
ec5c39a5 MK |
1292 | AP_STA_CONNECTED "%s%s%s", |
1293 | buf, ip_addr, keyid_buf); | |
ae055af4 | 1294 | } else { |
7793c959 JM |
1295 | wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED "%s", buf); |
1296 | ||
8a5e75f6 | 1297 | if (hapd->msg_ctx_parent && |
7793c959 | 1298 | hapd->msg_ctx_parent != hapd->msg_ctx) |
c4bf83a7 JM |
1299 | wpa_msg_no_global(hapd->msg_ctx_parent, MSG_INFO, |
1300 | AP_STA_DISCONNECTED "%s", buf); | |
ae055af4 | 1301 | } |
6959145b AN |
1302 | |
1303 | #ifdef CONFIG_FST | |
1304 | if (hapd->iface->fst) { | |
1305 | if (authorized) | |
1306 | fst_notify_peer_connected(hapd->iface->fst, sta->addr); | |
1307 | else | |
1308 | fst_notify_peer_disconnected(hapd->iface->fst, | |
1309 | sta->addr); | |
1310 | } | |
1311 | #endif /* CONFIG_FST */ | |
6905dcb1 JB |
1312 | } |
1313 | ||
1314 | ||
45cefa0b JM |
1315 | void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, |
1316 | const u8 *addr, u16 reason) | |
1317 | { | |
03269d55 JM |
1318 | if (sta) |
1319 | wpa_printf(MSG_DEBUG, "%s: %s STA " MACSTR " reason=%u", | |
1320 | hapd->conf->iface, __func__, MAC2STR(sta->addr), | |
1321 | reason); | |
1322 | else if (addr) | |
1323 | wpa_printf(MSG_DEBUG, "%s: %s addr " MACSTR " reason=%u", | |
1324 | hapd->conf->iface, __func__, MAC2STR(addr), | |
1325 | reason); | |
45cefa0b JM |
1326 | |
1327 | if (sta == NULL && addr) | |
1328 | sta = ap_get_sta(hapd, addr); | |
1329 | ||
1330 | if (addr) | |
51e2a27a | 1331 | hostapd_drv_sta_deauth(hapd, addr, reason); |
45cefa0b JM |
1332 | |
1333 | if (sta == NULL) | |
1334 | return; | |
6905dcb1 | 1335 | ap_sta_set_authorized(hapd, sta, 0); |
b7275a81 JM |
1336 | sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC); |
1337 | hostapd_set_sta_flags(hapd, sta); | |
ceb997f3 JM |
1338 | wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH); |
1339 | ieee802_1x_notify_port_enabled(sta->eapol_sm, 0); | |
03269d55 | 1340 | wpa_printf(MSG_DEBUG, "%s: %s: reschedule ap_handle_timer timeout " |
42ca9845 JM |
1341 | "for " MACSTR " (%d seconds - " |
1342 | "AP_MAX_INACTIVITY_AFTER_DEAUTH)", | |
03269d55 | 1343 | hapd->conf->iface, __func__, MAC2STR(sta->addr), |
42ca9845 | 1344 | AP_MAX_INACTIVITY_AFTER_DEAUTH); |
45cefa0b | 1345 | eloop_cancel_timeout(ap_handle_timer, hapd, sta); |
4dc03726 JM |
1346 | eloop_register_timeout(AP_MAX_INACTIVITY_AFTER_DEAUTH, 0, |
1347 | ap_handle_timer, hapd, sta); | |
45cefa0b | 1348 | sta->timeout_next = STA_REMOVE; |
4dc03726 | 1349 | |
05e5e615 DL |
1350 | if (hapd->iface->current_mode && |
1351 | hapd->iface->current_mode->mode == HOSTAPD_MODE_IEEE80211AD) { | |
1352 | /* Deauthentication is not used in DMG/IEEE 802.11ad; | |
1353 | * disassociate the STA instead. */ | |
1354 | sta->disassoc_reason = reason; | |
1355 | sta->flags |= WLAN_STA_PENDING_DISASSOC_CB; | |
1356 | eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); | |
1357 | eloop_register_timeout(hapd->iface->drv_flags & | |
1358 | WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? | |
1359 | 2 : 0, 0, ap_sta_disassoc_cb_timeout, | |
1360 | hapd, sta); | |
1361 | return; | |
1362 | } | |
1363 | ||
4dc03726 | 1364 | sta->deauth_reason = reason; |
cc28ad8c | 1365 | sta->flags |= WLAN_STA_PENDING_DEAUTH_CB; |
4dc03726 JM |
1366 | eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); |
1367 | eloop_register_timeout(hapd->iface->drv_flags & | |
1368 | WPA_DRIVER_FLAGS_DEAUTH_TX_STATUS ? 2 : 0, 0, | |
1369 | ap_sta_deauth_cb_timeout, hapd, sta); | |
1370 | } | |
1371 | ||
1372 | ||
1373 | void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta) | |
1374 | { | |
cc28ad8c JM |
1375 | if (!(sta->flags & WLAN_STA_PENDING_DEAUTH_CB)) { |
1376 | wpa_printf(MSG_DEBUG, "Ignore deauth cb for test frame"); | |
1377 | return; | |
1378 | } | |
1379 | sta->flags &= ~WLAN_STA_PENDING_DEAUTH_CB; | |
4dc03726 JM |
1380 | eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta); |
1381 | ap_sta_deauth_cb_timeout(hapd, sta); | |
1382 | } | |
1383 | ||
1384 | ||
1385 | void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta) | |
1386 | { | |
cc28ad8c JM |
1387 | if (!(sta->flags & WLAN_STA_PENDING_DISASSOC_CB)) { |
1388 | wpa_printf(MSG_DEBUG, "Ignore disassoc cb for test frame"); | |
1389 | return; | |
1390 | } | |
1391 | sta->flags &= ~WLAN_STA_PENDING_DISASSOC_CB; | |
1392 | eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta); | |
1393 | ap_sta_disassoc_cb_timeout(hapd, sta); | |
45cefa0b | 1394 | } |
b76f4c27 JM |
1395 | |
1396 | ||
9e8fde21 JM |
1397 | void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, |
1398 | struct sta_info *sta) | |
1399 | { | |
1400 | if (eloop_cancel_timeout(ap_sta_deauth_cb_timeout, hapd, sta) > 0) | |
1401 | wpa_printf(MSG_DEBUG, | |
1402 | "%s: Removed ap_sta_deauth_cb_timeout timeout for " | |
1403 | MACSTR, | |
1404 | hapd->conf->iface, MAC2STR(sta->addr)); | |
1405 | if (eloop_cancel_timeout(ap_sta_disassoc_cb_timeout, hapd, sta) > 0) | |
1406 | wpa_printf(MSG_DEBUG, | |
1407 | "%s: Removed ap_sta_disassoc_cb_timeout timeout for " | |
1408 | MACSTR, | |
1409 | hapd->conf->iface, MAC2STR(sta->addr)); | |
0f5eb69f JM |
1410 | if (eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta) > 0) |
1411 | { | |
1412 | wpa_printf(MSG_DEBUG, | |
1413 | "%s: Removed ap_sta_delayed_1x_auth_fail_cb timeout for " | |
1414 | MACSTR, | |
1415 | hapd->conf->iface, MAC2STR(sta->addr)); | |
1416 | if (sta->flags & WLAN_STA_WPS) | |
1417 | hostapd_wps_eap_completed(hapd); | |
1418 | } | |
9e8fde21 JM |
1419 | } |
1420 | ||
1421 | ||
b76f4c27 JM |
1422 | int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen) |
1423 | { | |
1424 | int res; | |
1425 | ||
1426 | buf[0] = '\0'; | |
327d09aa | 1427 | res = os_snprintf(buf, buflen, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", |
b76f4c27 JM |
1428 | (flags & WLAN_STA_AUTH ? "[AUTH]" : ""), |
1429 | (flags & WLAN_STA_ASSOC ? "[ASSOC]" : ""), | |
1430 | (flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" : ""), | |
1431 | (flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" : | |
1432 | ""), | |
1433 | (flags & WLAN_STA_SHORT_PREAMBLE ? | |
1434 | "[SHORT_PREAMBLE]" : ""), | |
1435 | (flags & WLAN_STA_PREAUTH ? "[PREAUTH]" : ""), | |
1436 | (flags & WLAN_STA_WMM ? "[WMM]" : ""), | |
1437 | (flags & WLAN_STA_MFP ? "[MFP]" : ""), | |
1438 | (flags & WLAN_STA_WPS ? "[WPS]" : ""), | |
1439 | (flags & WLAN_STA_MAYBE_WPS ? "[MAYBE_WPS]" : ""), | |
1440 | (flags & WLAN_STA_WDS ? "[WDS]" : ""), | |
1441 | (flags & WLAN_STA_NONERP ? "[NonERP]" : ""), | |
1442 | (flags & WLAN_STA_WPS2 ? "[WPS2]" : ""), | |
1443 | (flags & WLAN_STA_GAS ? "[GAS]" : ""), | |
d1f3a814 | 1444 | (flags & WLAN_STA_HT ? "[HT]" : ""), |
b76f4c27 | 1445 | (flags & WLAN_STA_VHT ? "[VHT]" : ""), |
327d09aa | 1446 | (flags & WLAN_STA_HE ? "[HE]" : ""), |
e7d0e97b | 1447 | (flags & WLAN_STA_VENDOR_VHT ? "[VENDOR_VHT]" : ""), |
b76f4c27 JM |
1448 | (flags & WLAN_STA_WNM_SLEEP_MODE ? |
1449 | "[WNM_SLEEP_MODE]" : "")); | |
aaadd727 JM |
1450 | if (os_snprintf_error(buflen, res)) |
1451 | res = -1; | |
b76f4c27 JM |
1452 | |
1453 | return res; | |
1454 | } | |
0f5eb69f JM |
1455 | |
1456 | ||
1457 | static void ap_sta_delayed_1x_auth_fail_cb(void *eloop_ctx, void *timeout_ctx) | |
1458 | { | |
1459 | struct hostapd_data *hapd = eloop_ctx; | |
1460 | struct sta_info *sta = timeout_ctx; | |
5d5ee699 | 1461 | u16 reason; |
0f5eb69f JM |
1462 | |
1463 | wpa_dbg(hapd->msg_ctx, MSG_DEBUG, | |
1464 | "IEEE 802.1X: Scheduled disconnection of " MACSTR | |
1465 | " after EAP-Failure", MAC2STR(sta->addr)); | |
1466 | ||
5d5ee699 JM |
1467 | reason = sta->disconnect_reason_code; |
1468 | if (!reason) | |
1469 | reason = WLAN_REASON_IEEE_802_1X_AUTH_FAILED; | |
1470 | ap_sta_disconnect(hapd, sta, sta->addr, reason); | |
0f5eb69f JM |
1471 | if (sta->flags & WLAN_STA_WPS) |
1472 | hostapd_wps_eap_completed(hapd); | |
1473 | } | |
1474 | ||
1475 | ||
1476 | void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, | |
1477 | struct sta_info *sta) | |
1478 | { | |
1479 | wpa_dbg(hapd->msg_ctx, MSG_DEBUG, | |
1480 | "IEEE 802.1X: Force disconnection of " MACSTR | |
1481 | " after EAP-Failure in 10 ms", MAC2STR(sta->addr)); | |
1482 | ||
1483 | /* | |
1484 | * Add a small sleep to increase likelihood of previously requested | |
1485 | * EAP-Failure TX getting out before this should the driver reorder | |
1486 | * operations. | |
1487 | */ | |
1488 | eloop_cancel_timeout(ap_sta_delayed_1x_auth_fail_cb, hapd, sta); | |
1489 | eloop_register_timeout(0, 10000, ap_sta_delayed_1x_auth_fail_cb, | |
1490 | hapd, sta); | |
1491 | } | |
1492 | ||
1493 | ||
1494 | int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, | |
1495 | struct sta_info *sta) | |
1496 | { | |
1497 | return eloop_is_timeout_registered(ap_sta_delayed_1x_auth_fail_cb, | |
1498 | hapd, sta); | |
1499 | } | |
d867e118 JM |
1500 | |
1501 | ||
1502 | int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta) | |
1503 | { | |
1504 | /* | |
1505 | * If a station that is already associated to the AP, is trying to | |
1506 | * authenticate again, remove the STA entry, in order to make sure the | |
1507 | * STA PS state gets cleared and configuration gets updated. To handle | |
1508 | * this, station's added_unassoc flag is cleared once the station has | |
1509 | * completed association. | |
1510 | */ | |
1511 | ap_sta_set_authorized(hapd, sta, 0); | |
1512 | hostapd_drv_sta_remove(hapd, sta->addr); | |
1513 | sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH | WLAN_STA_AUTHORIZED); | |
1514 | ||
1515 | if (hostapd_sta_add(hapd, sta->addr, 0, 0, | |
1516 | sta->supported_rates, | |
1517 | sta->supported_rates_len, | |
1518 | 0, NULL, NULL, NULL, 0, | |
1519 | sta->flags, 0, 0, 0, 0)) { | |
1520 | hostapd_logger(hapd, sta->addr, | |
1521 | HOSTAPD_MODULE_IEEE80211, | |
1522 | HOSTAPD_LEVEL_NOTICE, | |
1523 | "Could not add STA to kernel driver"); | |
1524 | return -1; | |
1525 | } | |
1526 | ||
1527 | sta->added_unassoc = 1; | |
1528 | return 0; | |
1529 | } |