2 * hostapd / Initialization and configuration
3 * Copyright (c) 2002-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
9 #include "utils/includes.h"
11 #include "utils/common.h"
12 #include "utils/eloop.h"
13 #include "common/ieee802_11_defs.h"
14 #include "radius/radius_client.h"
15 #include "radius/radius_das.h"
16 #include "drivers/driver.h"
20 #include "accounting.h"
24 #include "ieee802_1x.h"
25 #include "ieee802_11_auth.h"
26 #include "vlan_init.h"
28 #include "wps_hostapd.h"
29 #include "hw_features.h"
30 #include "wpa_auth_glue.h"
31 #include "ap_drv_ops.h"
32 #include "ap_config.h"
33 #include "p2p_hostapd.h"
38 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason);
39 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd);
40 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd);
42 extern int wpa_debug_level;
43 extern struct wpa_driver_ops *wpa_drivers[];
46 int hostapd_for_each_interface(struct hapd_interfaces *interfaces,
47 int (*cb)(struct hostapd_iface *iface,
48 void *ctx), void *ctx)
53 for (i = 0; i < interfaces->count; i++) {
54 ret = cb(interfaces->iface[i], ctx);
63 static void hostapd_reload_bss(struct hostapd_data *hapd)
65 struct hostapd_ssid *ssid;
67 #ifndef CONFIG_NO_RADIUS
68 radius_client_reconfig(hapd->radius, hapd->conf->radius);
69 #endif /* CONFIG_NO_RADIUS */
71 ssid = &hapd->conf->ssid;
72 if (!ssid->wpa_psk_set && ssid->wpa_psk && !ssid->wpa_psk->next &&
73 ssid->wpa_passphrase_set && ssid->wpa_passphrase) {
75 * Force PSK to be derived again since SSID or passphrase may
78 os_free(ssid->wpa_psk);
81 if (hostapd_setup_wpa_psk(hapd->conf)) {
82 wpa_printf(MSG_ERROR, "Failed to re-configure WPA PSK "
83 "after reloading configuration");
86 if (hapd->conf->ieee802_1x || hapd->conf->wpa)
87 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 1);
89 hostapd_set_drv_ieee8021x(hapd, hapd->conf->iface, 0);
91 if (hapd->conf->wpa && hapd->wpa_auth == NULL) {
92 hostapd_setup_wpa(hapd);
94 wpa_init_keys(hapd->wpa_auth);
95 } else if (hapd->conf->wpa) {
98 hostapd_reconfig_wpa(hapd);
99 wpa_ie = wpa_auth_get_wpa_ie(hapd->wpa_auth, &wpa_ie_len);
100 if (hostapd_set_generic_elem(hapd, wpa_ie, wpa_ie_len))
101 wpa_printf(MSG_ERROR, "Failed to configure WPA IE for "
102 "the kernel driver.");
103 } else if (hapd->wpa_auth) {
104 wpa_deinit(hapd->wpa_auth);
105 hapd->wpa_auth = NULL;
106 hostapd_set_privacy(hapd, 0);
107 hostapd_setup_encryption(hapd->conf->iface, hapd);
108 hostapd_set_generic_elem(hapd, (u8 *) "", 0);
111 ieee802_11_set_beacon(hapd);
112 hostapd_update_wps(hapd);
114 if (hapd->conf->ssid.ssid_set &&
115 hostapd_set_ssid(hapd, hapd->conf->ssid.ssid,
116 hapd->conf->ssid.ssid_len)) {
117 wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver");
118 /* try to continue */
120 wpa_printf(MSG_DEBUG, "Reconfigured interface %s", hapd->conf->iface);
124 static void hostapd_clear_old(struct hostapd_iface *iface)
129 * Deauthenticate all stations since the new configuration may not
130 * allow them to use the BSS anymore.
132 for (j = 0; j < iface->num_bss; j++) {
133 hostapd_flush_old_stations(iface->bss[j],
134 WLAN_REASON_PREV_AUTH_NOT_VALID);
135 hostapd_broadcast_wep_clear(iface->bss[j]);
137 #ifndef CONFIG_NO_RADIUS
138 /* TODO: update dynamic data based on changed configuration
139 * items (e.g., open/close sockets, etc.) */
140 radius_client_flush(iface->bss[j]->radius, 0);
141 #endif /* CONFIG_NO_RADIUS */
146 int hostapd_reload_config(struct hostapd_iface *iface)
148 struct hostapd_data *hapd = iface->bss[0];
149 struct hostapd_config *newconf, *oldconf;
152 if (iface->config_fname == NULL) {
153 /* Only in-memory config in use - assume it has been updated */
154 hostapd_clear_old(iface);
155 for (j = 0; j < iface->num_bss; j++)
156 hostapd_reload_bss(iface->bss[j]);
160 if (iface->interfaces == NULL ||
161 iface->interfaces->config_read_cb == NULL)
163 newconf = iface->interfaces->config_read_cb(iface->config_fname);
167 hostapd_clear_old(iface);
169 oldconf = hapd->iconf;
170 iface->conf = newconf;
172 for (j = 0; j < iface->num_bss; j++) {
173 hapd = iface->bss[j];
174 hapd->iconf = newconf;
175 hapd->conf = newconf->bss[j];
176 hostapd_reload_bss(hapd);
179 hostapd_config_free(oldconf);
186 static void hostapd_broadcast_key_clear_iface(struct hostapd_data *hapd,
191 for (i = 0; i < NUM_WEP_KEYS; i++) {
192 if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE, NULL, i,
193 0, NULL, 0, NULL, 0)) {
194 wpa_printf(MSG_DEBUG, "Failed to clear default "
195 "encryption keys (ifname=%s keyidx=%d)",
199 #ifdef CONFIG_IEEE80211W
200 if (hapd->conf->ieee80211w) {
201 for (i = NUM_WEP_KEYS; i < NUM_WEP_KEYS + 2; i++) {
202 if (hostapd_drv_set_key(ifname, hapd, WPA_ALG_NONE,
205 wpa_printf(MSG_DEBUG, "Failed to clear "
206 "default mgmt encryption keys "
207 "(ifname=%s keyidx=%d)", ifname, i);
211 #endif /* CONFIG_IEEE80211W */
215 static int hostapd_broadcast_wep_clear(struct hostapd_data *hapd)
217 hostapd_broadcast_key_clear_iface(hapd, hapd->conf->iface);
222 static int hostapd_broadcast_wep_set(struct hostapd_data *hapd)
225 struct hostapd_ssid *ssid = &hapd->conf->ssid;
228 if (ssid->wep.default_len &&
229 hostapd_drv_set_key(hapd->conf->iface,
230 hapd, WPA_ALG_WEP, broadcast_ether_addr, idx,
231 1, NULL, 0, ssid->wep.key[idx],
232 ssid->wep.len[idx])) {
233 wpa_printf(MSG_WARNING, "Could not set WEP encryption.");
241 static void hostapd_free_hapd_data(struct hostapd_data *hapd)
243 iapp_deinit(hapd->iapp);
245 accounting_deinit(hapd);
246 hostapd_deinit_wpa(hapd);
248 hostapd_acl_deinit(hapd);
249 #ifndef CONFIG_NO_RADIUS
250 radius_client_deinit(hapd->radius);
252 radius_das_deinit(hapd->radius_das);
253 hapd->radius_das = NULL;
254 #endif /* CONFIG_NO_RADIUS */
256 hostapd_deinit_wps(hapd);
258 authsrv_deinit(hapd);
260 if (hostapd_if_remove(hapd, WPA_IF_AP_BSS, hapd->conf->iface)) {
261 wpa_printf(MSG_WARNING, "Failed to remove BSS interface %s",
265 os_free(hapd->probereq_cb);
266 hapd->probereq_cb = NULL;
269 wpabuf_free(hapd->p2p_beacon_ie);
270 hapd->p2p_beacon_ie = NULL;
271 wpabuf_free(hapd->p2p_probe_resp_ie);
272 hapd->p2p_probe_resp_ie = NULL;
273 #endif /* CONFIG_P2P */
275 wpabuf_free(hapd->time_adv);
277 #ifdef CONFIG_INTERWORKING
278 gas_serv_deinit(hapd);
279 #endif /* CONFIG_INTERWORKING */
282 os_free(hapd->tmp_eap_user.identity);
283 os_free(hapd->tmp_eap_user.password);
284 #endif /* CONFIG_SQLITE */
289 * hostapd_cleanup - Per-BSS cleanup (deinitialization)
290 * @hapd: Pointer to BSS data
292 * This function is used to free all per-BSS data structures and resources.
293 * This gets called in a loop for each BSS between calls to
294 * hostapd_cleanup_iface_pre() and hostapd_cleanup_iface() when an interface
295 * is deinitialized. Most of the modules that are initialized in
296 * hostapd_setup_bss() are deinitialized here.
298 static void hostapd_cleanup(struct hostapd_data *hapd)
300 if (hapd->iface->interfaces &&
301 hapd->iface->interfaces->ctrl_iface_deinit)
302 hapd->iface->interfaces->ctrl_iface_deinit(hapd);
303 hostapd_free_hapd_data(hapd);
308 * hostapd_cleanup_iface_pre - Preliminary per-interface cleanup
309 * @iface: Pointer to interface data
311 * This function is called before per-BSS data structures are deinitialized
312 * with hostapd_cleanup().
314 static void hostapd_cleanup_iface_pre(struct hostapd_iface *iface)
319 static void hostapd_cleanup_iface_partial(struct hostapd_iface *iface)
321 hostapd_free_hw_features(iface->hw_features, iface->num_hw_features);
322 iface->hw_features = NULL;
323 os_free(iface->current_rates);
324 iface->current_rates = NULL;
325 os_free(iface->basic_rates);
326 iface->basic_rates = NULL;
327 ap_list_deinit(iface);
332 * hostapd_cleanup_iface - Complete per-interface cleanup
333 * @iface: Pointer to interface data
335 * This function is called after per-BSS data structures are deinitialized
336 * with hostapd_cleanup().
338 static void hostapd_cleanup_iface(struct hostapd_iface *iface)
340 hostapd_cleanup_iface_partial(iface);
341 hostapd_config_free(iface->conf);
344 os_free(iface->config_fname);
350 static void hostapd_clear_wep(struct hostapd_data *hapd)
352 if (hapd->drv_priv) {
353 hostapd_set_privacy(hapd, 0);
354 hostapd_broadcast_wep_clear(hapd);
359 static int hostapd_setup_encryption(char *iface, struct hostapd_data *hapd)
363 hostapd_broadcast_wep_set(hapd);
365 if (hapd->conf->ssid.wep.default_len) {
366 hostapd_set_privacy(hapd, 1);
371 * When IEEE 802.1X is not enabled, the driver may need to know how to
372 * set authentication algorithms for static WEP.
374 hostapd_drv_set_authmode(hapd, hapd->conf->auth_algs);
376 for (i = 0; i < 4; i++) {
377 if (hapd->conf->ssid.wep.key[i] &&
378 hostapd_drv_set_key(iface, hapd, WPA_ALG_WEP, NULL, i,
379 i == hapd->conf->ssid.wep.idx, NULL, 0,
380 hapd->conf->ssid.wep.key[i],
381 hapd->conf->ssid.wep.len[i])) {
382 wpa_printf(MSG_WARNING, "Could not set WEP "
386 if (hapd->conf->ssid.wep.key[i] &&
387 i == hapd->conf->ssid.wep.idx)
388 hostapd_set_privacy(hapd, 1);
395 static int hostapd_flush_old_stations(struct hostapd_data *hapd, u16 reason)
400 if (hostapd_drv_none(hapd) || hapd->drv_priv == NULL)
403 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "Flushing old station entries");
404 if (hostapd_flush(hapd)) {
405 wpa_msg(hapd->msg_ctx, MSG_WARNING, "Could not connect to "
409 wpa_dbg(hapd->msg_ctx, MSG_DEBUG, "Deauthenticate all stations");
410 os_memset(addr, 0xff, ETH_ALEN);
411 hostapd_drv_sta_deauth(hapd, addr, reason);
412 hostapd_free_stas(hapd);
419 * hostapd_validate_bssid_configuration - Validate BSSID configuration
420 * @iface: Pointer to interface data
421 * Returns: 0 on success, -1 on failure
423 * This function is used to validate that the configured BSSIDs are valid.
425 static int hostapd_validate_bssid_configuration(struct hostapd_iface *iface)
427 u8 mask[ETH_ALEN] = { 0 };
428 struct hostapd_data *hapd = iface->bss[0];
429 unsigned int i = iface->conf->num_bss, bits = 0, j;
432 if (hostapd_drv_none(hapd))
435 /* Generate BSSID mask that is large enough to cover the BSSIDs. */
437 /* Determine the bits necessary to cover the number of BSSIDs. */
438 for (i--; i; i >>= 1)
441 /* Determine the bits necessary to any configured BSSIDs,
442 if they are higher than the number of BSSIDs. */
443 for (j = 0; j < iface->conf->num_bss; j++) {
444 if (hostapd_mac_comp_empty(iface->conf->bss[j]->bssid) == 0) {
450 for (i = 0; i < ETH_ALEN; i++) {
452 iface->conf->bss[j]->bssid[i] ^
460 for (i = 0; i < ETH_ALEN && mask[i] == 0; i++)
466 while (mask[i] != 0) {
476 wpa_printf(MSG_ERROR, "Too many bits in the BSSID mask (%u)",
481 os_memset(mask, 0xff, ETH_ALEN);
483 for (i = 5; i > 5 - j; i--)
490 wpa_printf(MSG_DEBUG, "BSS count %lu, BSSID mask " MACSTR " (%d bits)",
491 (unsigned long) iface->conf->num_bss, MAC2STR(mask), bits);
496 for (i = 0; i < ETH_ALEN; i++) {
497 if ((hapd->own_addr[i] & mask[i]) != hapd->own_addr[i]) {
498 wpa_printf(MSG_ERROR, "Invalid BSSID mask " MACSTR
499 " for start address " MACSTR ".",
500 MAC2STR(mask), MAC2STR(hapd->own_addr));
501 wpa_printf(MSG_ERROR, "Start address must be the "
502 "first address in the block (i.e., addr "
503 "AND mask == addr).");
512 static int mac_in_conf(struct hostapd_config *conf, const void *a)
516 for (i = 0; i < conf->num_bss; i++) {
517 if (hostapd_mac_comp(conf->bss[i]->bssid, a) == 0) {
526 #ifndef CONFIG_NO_RADIUS
528 static int hostapd_das_nas_mismatch(struct hostapd_data *hapd,
529 struct radius_das_attrs *attr)
536 static struct sta_info * hostapd_das_find_sta(struct hostapd_data *hapd,
537 struct radius_das_attrs *attr)
539 struct sta_info *sta = NULL;
543 sta = ap_get_sta(hapd, attr->sta_addr);
545 if (sta == NULL && attr->acct_session_id &&
546 attr->acct_session_id_len == 17) {
547 for (sta = hapd->sta_list; sta; sta = sta->next) {
548 os_snprintf(buf, sizeof(buf), "%08X-%08X",
549 sta->acct_session_id_hi,
550 sta->acct_session_id_lo);
551 if (os_memcmp(attr->acct_session_id, buf, 17) == 0)
556 if (sta == NULL && attr->cui) {
557 for (sta = hapd->sta_list; sta; sta = sta->next) {
559 cui = ieee802_1x_get_radius_cui(sta->eapol_sm);
560 if (cui && wpabuf_len(cui) == attr->cui_len &&
561 os_memcmp(wpabuf_head(cui), attr->cui,
567 if (sta == NULL && attr->user_name) {
568 for (sta = hapd->sta_list; sta; sta = sta->next) {
571 identity = ieee802_1x_get_identity(sta->eapol_sm,
574 identity_len == attr->user_name_len &&
575 os_memcmp(identity, attr->user_name, identity_len)
585 static enum radius_das_res
586 hostapd_das_disconnect(void *ctx, struct radius_das_attrs *attr)
588 struct hostapd_data *hapd = ctx;
589 struct sta_info *sta;
591 if (hostapd_das_nas_mismatch(hapd, attr))
592 return RADIUS_DAS_NAS_MISMATCH;
594 sta = hostapd_das_find_sta(hapd, attr);
596 return RADIUS_DAS_SESSION_NOT_FOUND;
598 hostapd_drv_sta_deauth(hapd, sta->addr,
599 WLAN_REASON_PREV_AUTH_NOT_VALID);
600 ap_sta_deauthenticate(hapd, sta, WLAN_REASON_PREV_AUTH_NOT_VALID);
602 return RADIUS_DAS_SUCCESS;
605 #endif /* CONFIG_NO_RADIUS */
609 * hostapd_setup_bss - Per-BSS setup (initialization)
610 * @hapd: Pointer to BSS data
611 * @first: Whether this BSS is the first BSS of an interface
613 * This function is used to initialize all per-BSS data structures and
614 * resources. This gets called in a loop for each BSS when an interface is
615 * initialized. Most of the modules that are initialized here will be
616 * deinitialized in hostapd_cleanup().
618 static int hostapd_setup_bss(struct hostapd_data *hapd, int first)
620 struct hostapd_bss_config *conf = hapd->conf;
621 u8 ssid[HOSTAPD_MAX_SSID_LEN + 1];
622 int ssid_len, set_ssid;
623 char force_ifname[IFNAMSIZ];
624 u8 if_addr[ETH_ALEN];
627 if (hostapd_mac_comp_empty(hapd->conf->bssid) == 0) {
628 /* Allocate the next available BSSID. */
630 inc_byte_array(hapd->own_addr, ETH_ALEN);
631 } while (mac_in_conf(hapd->iconf, hapd->own_addr));
633 /* Allocate the configured BSSID. */
634 os_memcpy(hapd->own_addr, hapd->conf->bssid, ETH_ALEN);
636 if (hostapd_mac_comp(hapd->own_addr,
637 hapd->iface->bss[0]->own_addr) ==
639 wpa_printf(MSG_ERROR, "BSS '%s' may not have "
640 "BSSID set to the MAC address of "
641 "the radio", hapd->conf->iface);
646 if (hostapd_if_add(hapd->iface->bss[0], WPA_IF_AP_BSS,
647 hapd->conf->iface, hapd->own_addr, hapd,
648 &hapd->drv_priv, force_ifname, if_addr,
649 hapd->conf->bridge[0] ? hapd->conf->bridge :
651 wpa_printf(MSG_ERROR, "Failed to add BSS (BSSID="
652 MACSTR ")", MAC2STR(hapd->own_addr));
657 if (conf->wmm_enabled < 0)
658 conf->wmm_enabled = hapd->iconf->ieee80211n;
660 hostapd_flush_old_stations(hapd, WLAN_REASON_PREV_AUTH_NOT_VALID);
661 hostapd_set_privacy(hapd, 0);
663 hostapd_broadcast_wep_clear(hapd);
664 if (hostapd_setup_encryption(hapd->conf->iface, hapd))
668 * Fetch the SSID from the system and use it or,
669 * if one was specified in the config file, verify they
672 ssid_len = hostapd_get_ssid(hapd, ssid, sizeof(ssid));
674 wpa_printf(MSG_ERROR, "Could not read SSID from system");
677 if (conf->ssid.ssid_set) {
679 * If SSID is specified in the config file and it differs
680 * from what is being used then force installation of the
683 set_ssid = (conf->ssid.ssid_len != (size_t) ssid_len ||
684 os_memcmp(conf->ssid.ssid, ssid, ssid_len) != 0);
687 * No SSID in the config file; just use the one we got
691 conf->ssid.ssid_len = ssid_len;
692 os_memcpy(conf->ssid.ssid, ssid, conf->ssid.ssid_len);
695 if (!hostapd_drv_none(hapd)) {
696 wpa_printf(MSG_ERROR, "Using interface %s with hwaddr " MACSTR
698 hapd->conf->iface, MAC2STR(hapd->own_addr),
699 wpa_ssid_txt(hapd->conf->ssid.ssid,
700 hapd->conf->ssid.ssid_len));
703 if (hostapd_setup_wpa_psk(conf)) {
704 wpa_printf(MSG_ERROR, "WPA-PSK setup failed.");
708 /* Set SSID for the kernel driver (to be used in beacon and probe
709 * response frames) */
710 if (set_ssid && hostapd_set_ssid(hapd, conf->ssid.ssid,
711 conf->ssid.ssid_len)) {
712 wpa_printf(MSG_ERROR, "Could not set SSID for kernel driver");
716 if (wpa_debug_level == MSG_MSGDUMP)
717 conf->radius->msg_dumps = 1;
718 #ifndef CONFIG_NO_RADIUS
719 hapd->radius = radius_client_init(hapd, conf->radius);
720 if (hapd->radius == NULL) {
721 wpa_printf(MSG_ERROR, "RADIUS client initialization failed.");
725 if (hapd->conf->radius_das_port) {
726 struct radius_das_conf das_conf;
727 os_memset(&das_conf, 0, sizeof(das_conf));
728 das_conf.port = hapd->conf->radius_das_port;
729 das_conf.shared_secret = hapd->conf->radius_das_shared_secret;
730 das_conf.shared_secret_len =
731 hapd->conf->radius_das_shared_secret_len;
732 das_conf.client_addr = &hapd->conf->radius_das_client_addr;
733 das_conf.time_window = hapd->conf->radius_das_time_window;
734 das_conf.require_event_timestamp =
735 hapd->conf->radius_das_require_event_timestamp;
737 das_conf.disconnect = hostapd_das_disconnect;
738 hapd->radius_das = radius_das_init(&das_conf);
739 if (hapd->radius_das == NULL) {
740 wpa_printf(MSG_ERROR, "RADIUS DAS initialization "
745 #endif /* CONFIG_NO_RADIUS */
747 if (hostapd_acl_init(hapd)) {
748 wpa_printf(MSG_ERROR, "ACL initialization failed.");
751 if (hostapd_init_wps(hapd, conf))
754 if (authsrv_init(hapd) < 0)
757 if (ieee802_1x_init(hapd)) {
758 wpa_printf(MSG_ERROR, "IEEE 802.1X initialization failed.");
762 if (hapd->conf->wpa && hostapd_setup_wpa(hapd))
765 if (accounting_init(hapd)) {
766 wpa_printf(MSG_ERROR, "Accounting initialization failed.");
770 if (hapd->conf->ieee802_11f &&
771 (hapd->iapp = iapp_init(hapd, hapd->conf->iapp_iface)) == NULL) {
772 wpa_printf(MSG_ERROR, "IEEE 802.11F (IAPP) initialization "
777 #ifdef CONFIG_INTERWORKING
778 if (gas_serv_init(hapd)) {
779 wpa_printf(MSG_ERROR, "GAS server initialization failed");
782 #endif /* CONFIG_INTERWORKING */
784 if (hapd->iface->interfaces &&
785 hapd->iface->interfaces->ctrl_iface_init &&
786 hapd->iface->interfaces->ctrl_iface_init(hapd)) {
787 wpa_printf(MSG_ERROR, "Failed to setup control interface");
791 if (!hostapd_drv_none(hapd) && vlan_init(hapd)) {
792 wpa_printf(MSG_ERROR, "VLAN initialization failed.");
796 if (!hapd->conf->start_disabled)
797 ieee802_11_set_beacon(hapd);
799 if (hapd->wpa_auth && wpa_init_keys(hapd->wpa_auth) < 0)
802 if (hapd->driver && hapd->driver->set_operstate)
803 hapd->driver->set_operstate(hapd->drv_priv, 1);
809 static void hostapd_tx_queue_params(struct hostapd_iface *iface)
811 struct hostapd_data *hapd = iface->bss[0];
813 struct hostapd_tx_queue_params *p;
815 for (i = 0; i < NUM_TX_QUEUES; i++) {
816 p = &iface->conf->tx_queue[i];
818 if (hostapd_set_tx_queue_params(hapd, i, p->aifs, p->cwmin,
819 p->cwmax, p->burst)) {
820 wpa_printf(MSG_DEBUG, "Failed to set TX queue "
821 "parameters for queue %d.", i);
822 /* Continue anyway */
828 static int hostapd_set_acl_list(struct hostapd_data *hapd,
829 struct mac_acl_entry *mac_acl,
830 int n_entries, u8 accept_acl)
832 struct hostapd_acl_params *acl_params;
835 acl_params = os_zalloc(sizeof(*acl_params) +
836 (n_entries * sizeof(acl_params->mac_acl[0])));
840 for (i = 0; i < n_entries; i++)
841 os_memcpy(acl_params->mac_acl[i].addr, mac_acl[i].addr,
844 acl_params->acl_policy = accept_acl;
845 acl_params->num_mac_acl = n_entries;
847 err = hostapd_drv_set_acl(hapd, acl_params);
855 static void hostapd_set_acl(struct hostapd_data *hapd)
857 struct hostapd_config *conf = hapd->iconf;
861 if (hapd->iface->drv_max_acl_mac_addrs == 0)
863 if (!(conf->bss[0]->num_accept_mac || conf->bss[0]->num_deny_mac))
866 if (conf->bss[0]->macaddr_acl == DENY_UNLESS_ACCEPTED) {
867 if (conf->bss[0]->num_accept_mac) {
869 err = hostapd_set_acl_list(hapd,
870 conf->bss[0]->accept_mac,
871 conf->bss[0]->num_accept_mac,
874 wpa_printf(MSG_DEBUG, "Failed to set accept acl");
878 wpa_printf(MSG_DEBUG, "Mismatch between ACL Policy & Accept/deny lists file");
880 } else if (conf->bss[0]->macaddr_acl == ACCEPT_UNLESS_DENIED) {
881 if (conf->bss[0]->num_deny_mac) {
883 err = hostapd_set_acl_list(hapd, conf->bss[0]->deny_mac,
884 conf->bss[0]->num_deny_mac,
887 wpa_printf(MSG_DEBUG, "Failed to set deny acl");
891 wpa_printf(MSG_DEBUG, "Mismatch between ACL Policy & Accept/deny lists file");
897 static int setup_interface(struct hostapd_iface *iface)
899 struct hostapd_data *hapd = iface->bss[0];
904 * Make sure that all BSSes get configured with a pointer to the same
907 for (i = 1; i < iface->num_bss; i++) {
908 iface->bss[i]->driver = hapd->driver;
909 iface->bss[i]->drv_priv = hapd->drv_priv;
912 if (hostapd_validate_bssid_configuration(iface))
915 if (hapd->iconf->country[0] && hapd->iconf->country[1]) {
916 os_memcpy(country, hapd->iconf->country, 3);
918 if (hostapd_set_country(hapd, country) < 0) {
919 wpa_printf(MSG_ERROR, "Failed to set country code");
924 if (hostapd_get_hw_features(iface)) {
925 /* Not all drivers support this yet, so continue without hw
928 int ret = hostapd_select_hw_mode(iface);
930 wpa_printf(MSG_ERROR, "Could not select hw_mode and "
931 "channel. (%d)", ret);
935 wpa_printf(MSG_DEBUG, "Interface initialization will be completed in a callback (ACS)");
938 ret = hostapd_check_ht_capab(iface);
942 wpa_printf(MSG_DEBUG, "Interface initialization will "
943 "be completed in a callback");
947 if (iface->conf->ieee80211h)
948 wpa_printf(MSG_DEBUG, "DFS support is enabled");
950 return hostapd_setup_interface_complete(iface, 0);
954 int hostapd_setup_interface_complete(struct hostapd_iface *iface, int err)
956 struct hostapd_data *hapd = iface->bss[0];
961 wpa_printf(MSG_ERROR, "Interface initialization failed");
966 wpa_printf(MSG_DEBUG, "Completing interface initialization");
967 if (hapd->iconf->channel) {
970 #endif /* NEED_AP_MLME */
972 iface->freq = hostapd_hw_get_freq(hapd, hapd->iconf->channel);
973 wpa_printf(MSG_DEBUG, "Mode: %s Channel: %d "
975 hostapd_hw_mode_txt(hapd->iconf->hw_mode),
976 hapd->iconf->channel, iface->freq);
980 res = hostapd_handle_dfs(hapd);
983 #endif /* NEED_AP_MLME */
985 if (hostapd_set_freq(hapd, hapd->iconf->hw_mode, iface->freq,
986 hapd->iconf->channel,
987 hapd->iconf->ieee80211n,
988 hapd->iconf->ieee80211ac,
989 hapd->iconf->secondary_channel,
990 hapd->iconf->vht_oper_chwidth,
991 hapd->iconf->vht_oper_centr_freq_seg0_idx,
992 hapd->iconf->vht_oper_centr_freq_seg1_idx)) {
993 wpa_printf(MSG_ERROR, "Could not set channel for "
999 if (iface->current_mode) {
1000 if (hostapd_prepare_rates(iface, iface->current_mode)) {
1001 wpa_printf(MSG_ERROR, "Failed to prepare rates "
1003 hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE80211,
1004 HOSTAPD_LEVEL_WARNING,
1005 "Failed to prepare rates table.");
1010 if (hapd->iconf->rts_threshold > -1 &&
1011 hostapd_set_rts(hapd, hapd->iconf->rts_threshold)) {
1012 wpa_printf(MSG_ERROR, "Could not set RTS threshold for "
1017 if (hapd->iconf->fragm_threshold > -1 &&
1018 hostapd_set_frag(hapd, hapd->iconf->fragm_threshold)) {
1019 wpa_printf(MSG_ERROR, "Could not set fragmentation threshold "
1020 "for kernel driver");
1024 prev_addr = hapd->own_addr;
1026 for (j = 0; j < iface->num_bss; j++) {
1027 hapd = iface->bss[j];
1029 os_memcpy(hapd->own_addr, prev_addr, ETH_ALEN);
1030 if (hostapd_setup_bss(hapd, j == 0))
1032 if (hostapd_mac_comp_empty(hapd->conf->bssid) == 0)
1033 prev_addr = hapd->own_addr;
1036 hostapd_tx_queue_params(iface);
1038 ap_list_init(iface);
1040 hostapd_set_acl(hapd);
1042 if (hostapd_driver_commit(hapd) < 0) {
1043 wpa_printf(MSG_ERROR, "%s: Failed to commit driver "
1044 "configuration", __func__);
1049 * WPS UPnP module can be initialized only when the "upnp_iface" is up.
1050 * If "interface" and "upnp_iface" are the same (e.g., non-bridge
1051 * mode), the interface is up only after driver_commit, so initialize
1052 * WPS after driver_commit.
1054 for (j = 0; j < iface->num_bss; j++) {
1055 if (hostapd_init_wps_complete(iface->bss[j]))
1059 if (hapd->setup_complete_cb)
1060 hapd->setup_complete_cb(hapd->setup_complete_cb_ctx);
1062 wpa_printf(MSG_DEBUG, "%s: Setup of interface done.",
1063 iface->bss[0]->conf->iface);
1070 * hostapd_setup_interface - Setup of an interface
1071 * @iface: Pointer to interface data.
1072 * Returns: 0 on success, -1 on failure
1074 * Initializes the driver interface, validates the configuration,
1075 * and sets driver parameters based on the configuration.
1076 * Flushes old stations, sets the channel, encryption,
1077 * beacons, and WDS links based on the configuration.
1079 int hostapd_setup_interface(struct hostapd_iface *iface)
1083 ret = setup_interface(iface);
1085 wpa_printf(MSG_ERROR, "%s: Unable to setup interface.",
1086 iface->bss[0]->conf->iface);
1095 * hostapd_alloc_bss_data - Allocate and initialize per-BSS data
1096 * @hapd_iface: Pointer to interface data
1097 * @conf: Pointer to per-interface configuration
1098 * @bss: Pointer to per-BSS configuration for this BSS
1099 * Returns: Pointer to allocated BSS data
1101 * This function is used to allocate per-BSS data structure. This data will be
1102 * freed after hostapd_cleanup() is called for it during interface
1105 struct hostapd_data *
1106 hostapd_alloc_bss_data(struct hostapd_iface *hapd_iface,
1107 struct hostapd_config *conf,
1108 struct hostapd_bss_config *bss)
1110 struct hostapd_data *hapd;
1112 hapd = os_zalloc(sizeof(*hapd));
1116 hapd->new_assoc_sta_cb = hostapd_new_assoc_sta;
1119 hapd->iface = hapd_iface;
1120 hapd->driver = hapd->iconf->driver;
1121 hapd->ctrl_sock = -1;
1127 void hostapd_interface_deinit(struct hostapd_iface *iface)
1134 hostapd_cleanup_iface_pre(iface);
1135 for (j = iface->num_bss - 1; j >= 0; j--) {
1136 struct hostapd_data *hapd = iface->bss[j];
1137 hostapd_free_stas(hapd);
1138 hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING);
1139 hostapd_clear_wep(hapd);
1140 hostapd_cleanup(hapd);
1145 void hostapd_interface_free(struct hostapd_iface *iface)
1148 for (j = 0; j < iface->num_bss; j++)
1149 os_free(iface->bss[j]);
1150 hostapd_cleanup_iface(iface);
1155 * hostapd_init - Allocate and initialize per-interface data
1156 * @config_file: Path to the configuration file
1157 * Returns: Pointer to the allocated interface data or %NULL on failure
1159 * This function is used to allocate main data structures for per-interface
1160 * data. The allocated data buffer will be freed by calling
1161 * hostapd_cleanup_iface().
1163 struct hostapd_iface * hostapd_init(struct hapd_interfaces *interfaces,
1164 const char *config_file)
1166 struct hostapd_iface *hapd_iface = NULL;
1167 struct hostapd_config *conf = NULL;
1168 struct hostapd_data *hapd;
1171 hapd_iface = os_zalloc(sizeof(*hapd_iface));
1172 if (hapd_iface == NULL)
1175 hapd_iface->config_fname = os_strdup(config_file);
1176 if (hapd_iface->config_fname == NULL)
1179 conf = interfaces->config_read_cb(hapd_iface->config_fname);
1182 hapd_iface->conf = conf;
1184 hapd_iface->num_bss = conf->num_bss;
1185 hapd_iface->bss = os_calloc(conf->num_bss,
1186 sizeof(struct hostapd_data *));
1187 if (hapd_iface->bss == NULL)
1190 for (i = 0; i < conf->num_bss; i++) {
1191 hapd = hapd_iface->bss[i] =
1192 hostapd_alloc_bss_data(hapd_iface, conf,
1196 hapd->msg_ctx = hapd;
1202 wpa_printf(MSG_ERROR, "Failed to set up interface with %s",
1205 hostapd_config_free(conf);
1207 os_free(hapd_iface->config_fname);
1208 os_free(hapd_iface->bss);
1209 os_free(hapd_iface);
1215 void hostapd_interface_deinit_free(struct hostapd_iface *iface)
1217 const struct wpa_driver_ops *driver;
1221 driver = iface->bss[0]->driver;
1222 drv_priv = iface->bss[0]->drv_priv;
1223 hostapd_interface_deinit(iface);
1224 if (driver && driver->hapd_deinit && drv_priv)
1225 driver->hapd_deinit(drv_priv);
1226 hostapd_interface_free(iface);
1230 int hostapd_enable_iface(struct hostapd_iface *hapd_iface)
1232 if (hapd_iface->bss[0]->drv_priv != NULL) {
1233 wpa_printf(MSG_ERROR, "Interface %s already enabled",
1234 hapd_iface->conf->bss[0]->iface);
1238 wpa_printf(MSG_DEBUG, "Enable interface %s",
1239 hapd_iface->conf->bss[0]->iface);
1241 if (hapd_iface->interfaces == NULL ||
1242 hapd_iface->interfaces->driver_init == NULL ||
1243 hapd_iface->interfaces->driver_init(hapd_iface) ||
1244 hostapd_setup_interface(hapd_iface)) {
1245 hostapd_interface_deinit_free(hapd_iface);
1252 int hostapd_reload_iface(struct hostapd_iface *hapd_iface)
1256 wpa_printf(MSG_DEBUG, "Reload interface %s",
1257 hapd_iface->conf->bss[0]->iface);
1258 for (j = 0; j < hapd_iface->num_bss; j++)
1259 hostapd_set_security_params(hapd_iface->conf->bss[j]);
1260 if (hostapd_config_check(hapd_iface->conf) < 0) {
1261 wpa_printf(MSG_ERROR, "Updated configuration is invalid");
1264 hostapd_clear_old(hapd_iface);
1265 for (j = 0; j < hapd_iface->num_bss; j++)
1266 hostapd_reload_bss(hapd_iface->bss[j]);
1272 int hostapd_disable_iface(struct hostapd_iface *hapd_iface)
1275 const struct wpa_driver_ops *driver;
1278 if (hapd_iface == NULL)
1280 driver = hapd_iface->bss[0]->driver;
1281 drv_priv = hapd_iface->bss[0]->drv_priv;
1283 /* whatever hostapd_interface_deinit does */
1284 for (j = 0; j < hapd_iface->num_bss; j++) {
1285 struct hostapd_data *hapd = hapd_iface->bss[j];
1286 hostapd_free_stas(hapd);
1287 hostapd_flush_old_stations(hapd, WLAN_REASON_DEAUTH_LEAVING);
1288 hostapd_clear_wep(hapd);
1289 hostapd_free_hapd_data(hapd);
1292 if (driver && driver->hapd_deinit && drv_priv) {
1293 driver->hapd_deinit(drv_priv);
1294 hapd_iface->bss[0]->drv_priv = NULL;
1297 /* From hostapd_cleanup_iface: These were initialized in
1298 * hostapd_setup_interface and hostapd_setup_interface_complete
1300 hostapd_cleanup_iface_partial(hapd_iface);
1302 wpa_printf(MSG_DEBUG, "Interface %s disabled",
1303 hapd_iface->bss[0]->conf->iface);
1308 static struct hostapd_iface *
1309 hostapd_iface_alloc(struct hapd_interfaces *interfaces)
1311 struct hostapd_iface **iface, *hapd_iface;
1313 iface = os_realloc_array(interfaces->iface, interfaces->count + 1,
1314 sizeof(struct hostapd_iface *));
1317 interfaces->iface = iface;
1318 hapd_iface = interfaces->iface[interfaces->count] =
1319 os_zalloc(sizeof(*hapd_iface));
1320 if (hapd_iface == NULL) {
1321 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for "
1322 "the interface", __func__);
1325 interfaces->count++;
1326 hapd_iface->interfaces = interfaces;
1332 static struct hostapd_config *
1333 hostapd_config_alloc(struct hapd_interfaces *interfaces, const char *ifname,
1334 const char *ctrl_iface)
1336 struct hostapd_bss_config *bss;
1337 struct hostapd_config *conf;
1339 /* Allocates memory for bss and conf */
1340 conf = hostapd_config_defaults();
1342 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory for "
1343 "configuration", __func__);
1347 conf->driver = wpa_drivers[0];
1348 if (conf->driver == NULL) {
1349 wpa_printf(MSG_ERROR, "No driver wrappers registered!");
1350 hostapd_config_free(conf);
1354 bss = conf->last_bss = conf->bss[0];
1356 os_strlcpy(bss->iface, ifname, sizeof(bss->iface));
1357 bss->ctrl_interface = os_strdup(ctrl_iface);
1358 if (bss->ctrl_interface == NULL) {
1359 hostapd_config_free(conf);
1363 /* Reading configuration file skipped, will be done in SET!
1364 * From reading the configuration till the end has to be done in
1371 static struct hostapd_iface * hostapd_data_alloc(
1372 struct hapd_interfaces *interfaces, struct hostapd_config *conf)
1375 struct hostapd_iface *hapd_iface =
1376 interfaces->iface[interfaces->count - 1];
1377 struct hostapd_data *hapd;
1379 hapd_iface->conf = conf;
1380 hapd_iface->num_bss = conf->num_bss;
1382 hapd_iface->bss = os_zalloc(conf->num_bss *
1383 sizeof(struct hostapd_data *));
1384 if (hapd_iface->bss == NULL)
1387 for (i = 0; i < conf->num_bss; i++) {
1388 hapd = hapd_iface->bss[i] =
1389 hostapd_alloc_bss_data(hapd_iface, conf, conf->bss[i]);
1392 hapd->msg_ctx = hapd;
1395 hapd_iface->interfaces = interfaces;
1401 int hostapd_add_iface(struct hapd_interfaces *interfaces, char *buf)
1403 struct hostapd_config *conf = NULL;
1404 struct hostapd_iface *hapd_iface = NULL;
1407 const char *conf_file = NULL;
1409 ptr = os_strchr(buf, ' ');
1414 if (os_strncmp(ptr, "config=", 7) == 0)
1415 conf_file = ptr + 7;
1417 for (i = 0; i < interfaces->count; i++) {
1418 if (!os_strcmp(interfaces->iface[i]->conf->bss[0]->iface,
1420 wpa_printf(MSG_INFO, "Cannot add interface - it "
1426 hapd_iface = hostapd_iface_alloc(interfaces);
1427 if (hapd_iface == NULL) {
1428 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory "
1429 "for interface", __func__);
1433 if (conf_file && interfaces->config_read_cb) {
1434 conf = interfaces->config_read_cb(conf_file);
1435 if (conf && conf->bss)
1436 os_strlcpy(conf->bss[0]->iface, buf,
1437 sizeof(conf->bss[0]->iface));
1439 conf = hostapd_config_alloc(interfaces, buf, ptr);
1440 if (conf == NULL || conf->bss == NULL) {
1441 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory "
1442 "for configuration", __func__);
1446 hapd_iface = hostapd_data_alloc(interfaces, conf);
1447 if (hapd_iface == NULL) {
1448 wpa_printf(MSG_ERROR, "%s: Failed to allocate memory "
1449 "for hostapd", __func__);
1453 if (hapd_iface->interfaces &&
1454 hapd_iface->interfaces->ctrl_iface_init &&
1455 hapd_iface->interfaces->ctrl_iface_init(hapd_iface->bss[0])) {
1456 wpa_printf(MSG_ERROR, "%s: Failed to setup control "
1457 "interface", __func__);
1460 wpa_printf(MSG_INFO, "Add interface '%s'", conf->bss[0]->iface);
1466 hostapd_config_free(conf);
1468 if (hapd_iface->bss) {
1469 for (i = 0; i < hapd_iface->num_bss; i++)
1470 os_free(hapd_iface->bss[i]);
1471 os_free(hapd_iface->bss);
1473 os_free(hapd_iface);
1479 int hostapd_remove_iface(struct hapd_interfaces *interfaces, char *buf)
1481 struct hostapd_iface *hapd_iface;
1484 for (i = 0; i < interfaces->count; i++) {
1485 hapd_iface = interfaces->iface[i];
1486 if (hapd_iface == NULL)
1488 if (!os_strcmp(hapd_iface->conf->bss[0]->iface, buf)) {
1489 wpa_printf(MSG_INFO, "Remove interface '%s'", buf);
1490 hostapd_interface_deinit_free(hapd_iface);
1492 while (k < (interfaces->count - 1)) {
1493 interfaces->iface[k] =
1494 interfaces->iface[k + 1];
1497 interfaces->count--;
1506 * hostapd_new_assoc_sta - Notify that a new station associated with the AP
1507 * @hapd: Pointer to BSS data
1508 * @sta: Pointer to the associated STA data
1509 * @reassoc: 1 to indicate this was a re-association; 0 = first association
1511 * This function will be called whenever a station associates with the AP. It
1512 * can be called from ieee802_11.c for drivers that export MLME to hostapd and
1513 * from drv_callbacks.c based on driver events for drivers that take care of
1514 * management frames (IEEE 802.11 authentication and association) internally.
1516 void hostapd_new_assoc_sta(struct hostapd_data *hapd, struct sta_info *sta,
1519 if (hapd->tkip_countermeasures) {
1520 hostapd_drv_sta_deauth(hapd, sta->addr,
1521 WLAN_REASON_MICHAEL_MIC_FAILURE);
1525 hostapd_prune_associations(hapd, sta->addr);
1527 /* IEEE 802.11F (IAPP) */
1528 if (hapd->conf->ieee802_11f)
1529 iapp_new_station(hapd->iapp, sta);
1532 if (sta->p2p_ie == NULL && !sta->no_p2p_set) {
1533 sta->no_p2p_set = 1;
1534 hapd->num_sta_no_p2p++;
1535 if (hapd->num_sta_no_p2p == 1)
1536 hostapd_p2p_non_p2p_sta_connected(hapd);
1538 #endif /* CONFIG_P2P */
1540 /* Start accounting here, if IEEE 802.1X and WPA are not used.
1541 * IEEE 802.1X/WPA code will start accounting after the station has
1542 * been authorized. */
1543 if (!hapd->conf->ieee802_1x && !hapd->conf->wpa) {
1544 os_get_time(&sta->connected_time);
1545 accounting_sta_start(hapd, sta);
1548 /* Start IEEE 802.1X authentication process for new stations */
1549 ieee802_1x_new_station(hapd, sta);
1551 if (sta->auth_alg != WLAN_AUTH_FT &&
1552 !(sta->flags & (WLAN_STA_WPS | WLAN_STA_MAYBE_WPS)))
1553 wpa_auth_sm_event(sta->wpa_sm, WPA_REAUTH);
1555 wpa_auth_sta_associated(hapd->wpa_auth, sta->wpa_sm);
1557 wpa_printf(MSG_DEBUG, "%s: reschedule ap_handle_timer timeout "
1558 "for " MACSTR " (%d seconds - ap_max_inactivity)",
1559 __func__, MAC2STR(sta->addr),
1560 hapd->conf->ap_max_inactivity);
1561 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
1562 eloop_register_timeout(hapd->conf->ap_max_inactivity, 0,
1563 ap_handle_timer, hapd, sta);