2 * hostapd / Callback functions for driver wrappers
3 * Copyright (c) 2002-2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
15 #include "utils/includes.h"
17 #include "utils/common.h"
18 #include "radius/radius.h"
19 #include "drivers/driver.h"
20 #include "common/ieee802_11_defs.h"
21 #include "common/ieee802_11_common.h"
22 #include "common/wpa_ctrl.h"
23 #include "crypto/random.h"
27 #include "ieee802_11.h"
29 #include "accounting.h"
30 #include "tkip_countermeasures.h"
32 #include "ieee802_1x.h"
35 #include "wps_hostapd.h"
36 #include "ap_drv_ops.h"
37 #include "ap_config.h"
40 int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
41 const u8 *ie, size_t ielen)
45 struct ieee802_11_elems elems;
47 const u8 *all_ies = ie;
48 size_t all_ies_len = ielen;
49 #endif /* CONFIG_P2P */
53 * This could potentially happen with unexpected event from the
54 * driver wrapper. This was seen at least in one case where the
55 * driver ended up being set to station mode while hostapd was
56 * running, so better make sure we stop processing such an
59 wpa_printf(MSG_DEBUG, "hostapd_notif_assoc: Skip event with "
63 random_add_randomness(addr, ETH_ALEN);
65 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
66 HOSTAPD_LEVEL_INFO, "associated");
68 ieee802_11_parse_elems(ie, ielen, &elems, 0);
70 ie = elems.wps_ie - 2;
71 ielen = elems.wps_ie_len + 2;
72 wpa_printf(MSG_DEBUG, "STA included WPS IE in (Re)AssocReq");
73 } else if (elems.rsn_ie) {
74 ie = elems.rsn_ie - 2;
75 ielen = elems.rsn_ie_len + 2;
76 wpa_printf(MSG_DEBUG, "STA included RSN IE in (Re)AssocReq");
77 } else if (elems.wpa_ie) {
78 ie = elems.wpa_ie - 2;
79 ielen = elems.wpa_ie_len + 2;
80 wpa_printf(MSG_DEBUG, "STA included WPA IE in (Re)AssocReq");
84 wpa_printf(MSG_DEBUG, "STA did not include WPS/RSN/WPA IE in "
88 sta = ap_get_sta(hapd, addr);
90 accounting_sta_stop(hapd, sta);
92 sta = ap_sta_add(hapd, addr);
96 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS);
100 wpabuf_free(sta->p2p_ie);
101 sta->p2p_ie = ieee802_11_vendor_ie_concat(all_ies, all_ies_len,
104 #endif /* CONFIG_P2P */
106 if (hapd->conf->wpa) {
107 if (ie == NULL || ielen == 0) {
108 if (hapd->conf->wps_state) {
109 wpa_printf(MSG_DEBUG, "STA did not include "
110 "WPA/RSN IE in (Re)Association "
111 "Request - possible WPS use");
112 sta->flags |= WLAN_STA_MAYBE_WPS;
116 wpa_printf(MSG_DEBUG, "No WPA/RSN IE from STA");
119 if (hapd->conf->wps_state && ie[0] == 0xdd && ie[1] >= 4 &&
120 os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) {
121 sta->flags |= WLAN_STA_WPS;
125 if (sta->wpa_sm == NULL)
126 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
128 if (sta->wpa_sm == NULL) {
129 wpa_printf(MSG_ERROR, "Failed to initialize WPA state "
133 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
135 if (res != WPA_IE_OK) {
137 wpa_printf(MSG_DEBUG, "WPA/RSN information element "
138 "rejected? (res %u)", res);
139 wpa_hexdump(MSG_DEBUG, "IE", ie, ielen);
140 if (res == WPA_INVALID_GROUP)
141 resp = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
142 else if (res == WPA_INVALID_PAIRWISE)
143 resp = WLAN_REASON_PAIRWISE_CIPHER_NOT_VALID;
144 else if (res == WPA_INVALID_AKMP)
145 resp = WLAN_REASON_AKMP_NOT_VALID;
146 #ifdef CONFIG_IEEE80211W
147 else if (res == WPA_MGMT_FRAME_PROTECTION_VIOLATION)
148 resp = WLAN_REASON_INVALID_IE;
149 else if (res == WPA_INVALID_MGMT_GROUP_CIPHER)
150 resp = WLAN_REASON_GROUP_CIPHER_NOT_VALID;
151 #endif /* CONFIG_IEEE80211W */
153 resp = WLAN_REASON_INVALID_IE;
154 hostapd_drv_sta_disassoc(hapd, sta->addr, resp);
155 ap_free_sta(hapd, sta);
158 } else if (hapd->conf->wps_state) {
159 #ifdef CONFIG_WPS_STRICT
161 wps = ieee802_11_vendor_ie_concat(ie, ielen,
163 if (wps && wps_validate_assoc_req(wps) < 0) {
164 hostapd_drv_sta_disassoc(hapd, sta->addr,
165 WLAN_REASON_INVALID_IE);
166 ap_free_sta(hapd, sta);
171 #endif /* CONFIG_WPS_STRICT */
172 if (ie && ielen > 4 && ie[0] == 0xdd && ie[1] >= 4 &&
173 os_memcmp(ie + 2, "\x00\x50\xf2\x04", 4) == 0) {
174 sta->flags |= WLAN_STA_WPS;
176 sta->flags |= WLAN_STA_MAYBE_WPS;
180 new_assoc = (sta->flags & WLAN_STA_ASSOC) == 0;
181 sta->flags |= WLAN_STA_AUTH | WLAN_STA_ASSOC;
182 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
184 hostapd_new_assoc_sta(hapd, sta, !new_assoc);
186 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
189 p2p_group_notif_assoc(hapd->p2p_group, sta->addr,
190 all_ies, all_ies_len);
191 #endif /* CONFIG_P2P */
197 void hostapd_notif_disassoc(struct hostapd_data *hapd, const u8 *addr)
199 struct sta_info *sta;
203 * This could potentially happen with unexpected event from the
204 * driver wrapper. This was seen at least in one case where the
205 * driver ended up reporting a station mode event while hostapd
206 * was running, so better make sure we stop processing such an
209 wpa_printf(MSG_DEBUG, "hostapd_notif_disassoc: Skip event "
214 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
215 HOSTAPD_LEVEL_INFO, "disassociated");
217 sta = ap_get_sta(hapd, addr);
219 wpa_printf(MSG_DEBUG, "Disassociation notification for "
220 "unknown STA " MACSTR, MAC2STR(addr));
224 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
225 wpa_msg(hapd->msg_ctx, MSG_INFO, AP_STA_DISCONNECTED MACSTR,
227 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
228 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
229 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
230 ap_free_sta(hapd, sta);
234 void hostapd_event_sta_low_ack(struct hostapd_data *hapd, const u8 *addr)
236 struct sta_info *sta = ap_get_sta(hapd, addr);
238 if (!sta || !hapd->conf->disassoc_low_ack)
241 hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211,
242 HOSTAPD_LEVEL_INFO, "disconnected due to excessive "
244 hostapd_drv_sta_disassoc(hapd, addr, WLAN_REASON_DISASSOC_LOW_ACK);
246 ap_sta_disassociate(hapd, sta, WLAN_REASON_DISASSOC_LOW_ACK);
254 static const u8 * get_hdr_bssid(const struct ieee80211_hdr *hdr, size_t len)
259 * PS-Poll frames are 16 bytes. All other frames are
260 * 24 bytes or longer.
265 fc = le_to_host16(hdr->frame_control);
266 type = WLAN_FC_GET_TYPE(fc);
267 stype = WLAN_FC_GET_STYPE(fc);
270 case WLAN_FC_TYPE_DATA:
273 switch (fc & (WLAN_FC_FROMDS | WLAN_FC_TODS)) {
274 case WLAN_FC_FROMDS | WLAN_FC_TODS:
282 case WLAN_FC_TYPE_CTRL:
283 if (stype != WLAN_FC_STYPE_PSPOLL)
286 case WLAN_FC_TYPE_MGMT:
294 #define HAPD_BROADCAST ((struct hostapd_data *) -1)
296 static struct hostapd_data * get_hapd_bssid(struct hostapd_iface *iface,
303 if (bssid[0] == 0xff && bssid[1] == 0xff && bssid[2] == 0xff &&
304 bssid[3] == 0xff && bssid[4] == 0xff && bssid[5] == 0xff)
305 return HAPD_BROADCAST;
307 for (i = 0; i < iface->num_bss; i++) {
308 if (os_memcmp(bssid, iface->bss[i]->own_addr, ETH_ALEN) == 0)
309 return iface->bss[i];
316 static void hostapd_rx_from_unknown_sta(struct hostapd_data *hapd,
317 const u8 *frame, size_t len)
319 const struct ieee80211_hdr *hdr = (const struct ieee80211_hdr *) frame;
320 u16 fc = le_to_host16(hdr->frame_control);
321 hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len));
322 if (hapd == NULL || hapd == HAPD_BROADCAST)
325 ieee802_11_rx_from_unknown(hapd, hdr->addr2,
326 (fc & (WLAN_FC_TODS | WLAN_FC_FROMDS)) ==
327 (WLAN_FC_TODS | WLAN_FC_FROMDS));
331 static void hostapd_mgmt_rx(struct hostapd_data *hapd, struct rx_mgmt *rx_mgmt)
333 struct hostapd_iface *iface = hapd->iface;
334 const struct ieee80211_hdr *hdr;
336 struct hostapd_frame_info fi;
338 hdr = (const struct ieee80211_hdr *) rx_mgmt->frame;
339 bssid = get_hdr_bssid(hdr, rx_mgmt->frame_len);
343 hapd = get_hapd_bssid(iface, bssid);
346 fc = le_to_host16(hdr->frame_control);
349 * Drop frames to unknown BSSIDs except for Beacon frames which
350 * could be used to update neighbor information.
352 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
353 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON)
354 hapd = iface->bss[0];
359 os_memset(&fi, 0, sizeof(fi));
360 fi.datarate = rx_mgmt->datarate;
361 fi.ssi_signal = rx_mgmt->ssi_signal;
363 if (hapd == HAPD_BROADCAST) {
365 for (i = 0; i < iface->num_bss; i++)
366 ieee802_11_mgmt(iface->bss[i], rx_mgmt->frame,
367 rx_mgmt->frame_len, &fi);
369 ieee802_11_mgmt(hapd, rx_mgmt->frame, rx_mgmt->frame_len, &fi);
371 random_add_randomness(&fi, sizeof(fi));
375 static void hostapd_mgmt_tx_cb(struct hostapd_data *hapd, const u8 *buf,
376 size_t len, u16 stype, int ok)
378 struct ieee80211_hdr *hdr;
379 hdr = (struct ieee80211_hdr *) buf;
380 hapd = get_hapd_bssid(hapd->iface, get_hdr_bssid(hdr, len));
381 if (hapd == NULL || hapd == HAPD_BROADCAST)
383 ieee802_11_mgmt_cb(hapd, buf, len, stype, ok);
386 #endif /* NEED_AP_MLME */
389 static int hostapd_probe_req_rx(struct hostapd_data *hapd, const u8 *sa,
390 const u8 *ie, size_t ie_len)
396 random_add_randomness(sa, ETH_ALEN);
397 for (i = 0; hapd->probereq_cb && i < hapd->num_probereq_cb; i++) {
398 if (hapd->probereq_cb[i].cb(hapd->probereq_cb[i].ctx,
399 sa, ie, ie_len) > 0) {
408 static int hostapd_event_new_sta(struct hostapd_data *hapd, const u8 *addr)
410 struct sta_info *sta = ap_get_sta(hapd, addr);
414 wpa_printf(MSG_DEBUG, "Data frame from unknown STA " MACSTR
415 " - adding a new STA", MAC2STR(addr));
416 sta = ap_sta_add(hapd, addr);
418 hostapd_new_assoc_sta(hapd, sta, 0);
420 wpa_printf(MSG_DEBUG, "Failed to add STA entry for " MACSTR,
429 static void hostapd_event_eapol_rx(struct hostapd_data *hapd, const u8 *src,
430 const u8 *data, size_t data_len)
432 struct hostapd_iface *iface = hapd->iface;
435 for (j = 0; j < iface->num_bss; j++) {
436 if (ap_get_sta(iface->bss[j], src)) {
437 hapd = iface->bss[j];
442 ieee802_1x_receive(hapd, src, data, data_len);
446 void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
447 union wpa_event_data *data)
449 struct hostapd_data *hapd = ctx;
452 case EVENT_MICHAEL_MIC_FAILURE:
453 michael_mic_failure(hapd, data->michael_mic_failure.src, 1);
455 case EVENT_SCAN_RESULTS:
456 if (hapd->iface->scan_cb)
457 hapd->iface->scan_cb(hapd->iface);
459 #ifdef CONFIG_IEEE80211R
460 case EVENT_FT_RRB_RX:
461 wpa_ft_rrb_rx(hapd->wpa_auth, data->ft_rrb_rx.src,
462 data->ft_rrb_rx.data, data->ft_rrb_rx.data_len);
464 #endif /* CONFIG_IEEE80211R */
465 case EVENT_WPS_BUTTON_PUSHED:
466 hostapd_wps_button_pushed(hapd);
469 case EVENT_TX_STATUS:
470 switch (data->tx_status.type) {
471 case WLAN_FC_TYPE_MGMT:
472 hostapd_mgmt_tx_cb(hapd, data->tx_status.data,
473 data->tx_status.data_len,
474 data->tx_status.stype,
475 data->tx_status.ack);
477 case WLAN_FC_TYPE_DATA:
478 hostapd_tx_status(hapd, data->tx_status.dst,
479 data->tx_status.data,
480 data->tx_status.data_len,
481 data->tx_status.ack);
485 case EVENT_RX_FROM_UNKNOWN:
486 hostapd_rx_from_unknown_sta(hapd, data->rx_from_unknown.frame,
487 data->rx_from_unknown.len);
490 hostapd_mgmt_rx(hapd, &data->rx_mgmt);
492 #endif /* NEED_AP_MLME */
493 case EVENT_RX_PROBE_REQ:
494 hostapd_probe_req_rx(hapd, data->rx_probe_req.sa,
495 data->rx_probe_req.ie,
496 data->rx_probe_req.ie_len);
499 hostapd_event_new_sta(hapd, data->new_sta.addr);
502 hostapd_event_eapol_rx(hapd, data->eapol_rx.src,
504 data->eapol_rx.data_len);
507 hostapd_notif_assoc(hapd, data->assoc_info.addr,
508 data->assoc_info.req_ies,
509 data->assoc_info.req_ies_len);
513 hostapd_notif_disassoc(hapd, data->disassoc_info.addr);
517 hostapd_notif_disassoc(hapd, data->deauth_info.addr);
519 case EVENT_STATION_LOW_ACK:
522 hostapd_event_sta_low_ack(hapd, data->low_ack.addr);
525 wpa_printf(MSG_DEBUG, "Unknown event %d", event);