AP: Introduce sta authorized wrappers

To enable making state change notifications on the WLAN_STA_AUTHORIZED
flag, introduce ap_sta_set_authorized(), and to reduce use of the flag
itself also add a wrapper for testing the flag: ap_sta_is_authorized().

Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/hostapd/dump_state.c b/hostapd/dump_state.c
index bba3068..73aa93d 100644 (file)
--- a/hostapd/dump_state.c
+++ b/hostapd/dump_state.c
@@ -115,8 +115,7 @@ static void hostapd_dump_state(struct hostapd_data *hapd)
                        (sta->flags & WLAN_STA_PS ? "[PS]" : ""),
                        (sta->flags & WLAN_STA_TIM ? "[TIM]" : ""),
                        (sta->flags & WLAN_STA_PERM ? "[PERM]" : ""),
-                       (sta->flags & WLAN_STA_AUTHORIZED ? "[AUTHORIZED]" :
-                        ""),
+                       (ap_sta_is_authorized(sta) ? "[AUTHORIZED]" : ""),
                        (sta->flags & WLAN_STA_PENDING_POLL ? "[PENDING_POLL" :
                         ""),
                        (sta->flags & WLAN_STA_SHORT_PREAMBLE ?

diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
index 908f191..f19c817 100644 (file)
--- a/src/ap/ieee802_11.c
+++ b/src/ap/ieee802_11.c
@@ -1655,7 +1655,7 @@ static void handle_assoc_cb(struct hostapd_data *hapd,
                 * Open, static WEP, or FT protocol; no separate authorization
                 * step.
                 */
-               sta->flags |= WLAN_STA_AUTHORIZED;
+               ap_sta_set_authorized(hapd, sta, 1);
                wpa_msg(hapd->msg_ctx, MSG_INFO,
                        AP_STA_CONNECTED MACSTR, MAC2STR(sta->addr));
        }

diff --git a/src/ap/ieee802_1x.c b/src/ap/ieee802_1x.c
index f3321bb..255a22b 100644 (file)
--- a/src/ap/ieee802_1x.c
+++ b/src/ap/ieee802_1x.c
@@ -89,20 +89,19 @@ void ieee802_1x_set_sta_authorized(struct hostapd_data *hapd,
                return;
 
        if (authorized) {
-               if (!(sta->flags & WLAN_STA_AUTHORIZED))
+               if (!ap_sta_is_authorized(sta))
                        wpa_msg(hapd->msg_ctx, MSG_INFO,
                                AP_STA_CONNECTED MACSTR, MAC2STR(sta->addr));
-               sta->flags |= WLAN_STA_AUTHORIZED;
+               ap_sta_set_authorized(hapd, sta, 1);
                res = hostapd_set_authorized(hapd, sta, 1);
                hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
                               HOSTAPD_LEVEL_DEBUG, "authorizing port");
        } else {
-               if ((sta->flags & (WLAN_STA_AUTHORIZED | WLAN_STA_ASSOC)) ==
-                   (WLAN_STA_AUTHORIZED | WLAN_STA_ASSOC))
+               if (ap_sta_is_authorized(sta) && (sta->flags & WLAN_STA_ASSOC))
                        wpa_msg(hapd->msg_ctx, MSG_INFO,
                                AP_STA_DISCONNECTED MACSTR,
                                MAC2STR(sta->addr));
-               sta->flags &= ~WLAN_STA_AUTHORIZED;
+               ap_sta_set_authorized(hapd, sta, 0);
                res = hostapd_set_authorized(hapd, sta, 0);
                hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE8021X,
                               HOSTAPD_LEVEL_DEBUG, "unauthorizing port");
@@ -802,7 +801,7 @@ void ieee802_1x_receive(struct hostapd_data *hapd, const u8 *sa, const u8 *buf,
 
        case IEEE802_1X_TYPE_EAPOL_KEY:
                wpa_printf(MSG_DEBUG, "   EAPOL-Key");
-               if (!(sta->flags & WLAN_STA_AUTHORIZED)) {
+               if (!ap_sta_is_authorized(sta)) {
                        wpa_printf(MSG_DEBUG, "   Dropped key data from "
                                   "unauthorized Supplicant");
                        break;

diff --git a/src/ap/sta_info.c b/src/ap/sta_info.c
index 07de034..7dee9ca 100644 (file)
--- a/src/ap/sta_info.c
+++ b/src/ap/sta_info.c
@@ -124,6 +124,9 @@ void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta)
 
        accounting_sta_stop(hapd, sta);
 
+       /* just in case */
+       ap_sta_set_authorized(hapd, sta, 0);
+
        if (sta->flags & WLAN_STA_WDS)
                hostapd_set_wds_sta(hapd, sta->addr, sta->aid, 0);
 
@@ -750,6 +753,19 @@ void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta)
 #endif /* CONFIG_IEEE80211W */
 
 
+void ap_sta_set_authorized(struct hostapd_data *hapd, struct sta_info *sta,
+                          int authorized)
+{
+       if (!!authorized == !!(sta->flags & WLAN_STA_AUTHORIZED))
+               return;
+
+       if (authorized)
+               sta->flags |= WLAN_STA_AUTHORIZED;
+       else
+               sta->flags &= ~WLAN_STA_AUTHORIZED;
+}
+
+
 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
                       const u8 *addr, u16 reason)
 {
@@ -762,7 +778,8 @@ void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
 
        if (sta == NULL)
                return;
-       sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC | WLAN_STA_AUTHORIZED);
+       ap_sta_set_authorized(hapd, sta, 0);
+       sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
        eloop_cancel_timeout(ap_handle_timer, hapd, sta);
        eloop_register_timeout(0, 0, ap_handle_timer, hapd, sta);
        sta->timeout_next = STA_REMOVE;

diff --git a/src/ap/sta_info.h b/src/ap/sta_info.h
index 51bd9d2..c22f253 100644 (file)
--- a/src/ap/sta_info.h
+++ b/src/ap/sta_info.h
@@ -154,4 +154,11 @@ int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta);
 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta,
                       const u8 *addr, u16 reason);
 
+void ap_sta_set_authorized(struct hostapd_data *hapd,
+                          struct sta_info *sta, int authorized);
+static inline int ap_sta_is_authorized(struct sta_info *sta)
+{
+       return sta->flags & WLAN_STA_AUTHORIZED;
+}
+
 #endif /* STA_INFO_H */

diff --git a/src/ap/tkip_countermeasures.c b/src/ap/tkip_countermeasures.c
index 7df86e8..1925217 100644 (file)
--- a/src/ap/tkip_countermeasures.c
+++ b/src/ap/tkip_countermeasures.c
@@ -53,8 +53,8 @@ static void ieee80211_tkip_countermeasures_start(struct hostapd_data *hapd)
        for (sta = hapd->sta_list; sta != NULL; sta = sta->next) {
                hostapd_drv_sta_deauth(hapd, sta->addr,
                                       WLAN_REASON_MICHAEL_MIC_FAILURE);
-               sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC |
-                               WLAN_STA_AUTHORIZED);
+               ap_sta_set_authorized(hapd, sta, 0);
+               sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC);
                hostapd_drv_sta_remove(hapd, sta->addr);
        }
 }