Lines Matching defs:sta
61 struct sta_info *sta, u16 *resp,
242 static u16 auth_shared_key(struct hostapd_data *hapd, struct sta_info *sta,
246 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
252 if (!sta->challenge) {
256 sta->challenge = os_zalloc(WLAN_AUTH_CHALLENGE_LEN);
257 if (sta->challenge == NULL)
261 os_free(sta->challenge);
262 sta->challenge = NULL;
267 sta->challenge, WLAN_AUTH_CHALLENGE_LEN);
276 if (!iswep || !sta->challenge || !challenge ||
277 os_memcmp_const(sta->challenge, challenge,
279 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
286 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
289 sta->flags |= WLAN_STA_AUTH;
290 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
291 os_free(sta->challenge);
292 sta->challenge = NULL;
349 struct sta_info *sta;
356 sta = ap_get_sta(hapd, dst);
357 if (sta == NULL)
360 if (sta->added_unassoc && (reply_res != WLAN_STATUS_SUCCESS ||
362 hostapd_drv_sta_remove(hapd, sta->addr);
363 sta->added_unassoc = 0;
372 sta->flags |= WLAN_STA_AUTH;
373 mlme_authenticate_indication(hapd, sta);
380 static void sae_set_state(struct sta_info *sta, enum sae_state state,
384 sae_state_txt(sta->sae->state), sae_state_txt(state),
385 MAC2STR(sta->addr), reason);
386 sta->sae->state = state;
391 struct sta_info *sta, int update)
398 if (sta->sae->tmp)
399 rx_id = sta->sae->tmp->pw_id;
403 os_memcmp(pw->peer_addr, sta->addr, ETH_ALEN) != 0)
421 sae_prepare_commit(hapd->own_addr, sta->addr,
423 sta->sae) < 0) {
429 if (!sta->sae->tmp) {
434 sta->sae->tmp->vlan_id = pw->vlan_id;
441 sae_write_commit(sta->sae, buf, sta->sae->tmp ?
442 sta->sae->tmp->anti_clogging_token : NULL, rx_id);
449 struct sta_info *sta)
457 sae_write_confirm(sta->sae, buf);
464 struct sta_info *sta,
470 data = auth_build_sae_commit(hapd, sta, update);
471 if (!data && sta->sae->tmp && sta->sae->tmp->pw_id)
476 reply_res = send_auth_reply(hapd, sta->addr, bssid, WLAN_AUTH_SAE, 1,
487 struct sta_info *sta,
493 data = auth_build_sae_confirm(hapd, sta);
497 reply_res = send_auth_reply(hapd, sta->addr, bssid, WLAN_AUTH_SAE, 2,
509 struct sta_info *sta;
515 for (sta = hapd->sta_list; sta; sta = sta->next) {
516 if (!sta->sae)
518 if (sta->sae->state != SAE_COMMITTED &&
519 sta->sae->state != SAE_CONFIRMED)
639 static int sae_check_big_sync(struct hostapd_data *hapd, struct sta_info *sta)
641 if (sta->sae->sync > hapd->conf->sae_sync) {
642 sae_set_state(sta, SAE_NOTHING, "Sync > dot11RSNASAESync");
643 sta->sae->sync = 0;
653 struct sta_info *sta = eloop_data;
656 if (sae_check_big_sync(hapd, sta))
658 sta->sae->sync++;
661 MAC2STR(sta->addr), sta->sae->sync,
662 sae_state_txt(sta->sae->state));
664 switch (sta->sae->state) {
666 ret = auth_sae_send_commit(hapd, sta, hapd->own_addr, 0);
669 auth_sae_retransmit_timer, hapd, sta);
672 ret = auth_sae_send_confirm(hapd, sta, hapd->own_addr);
675 auth_sae_retransmit_timer, hapd, sta);
687 void sae_clear_retransmit_timer(struct hostapd_data *hapd, struct sta_info *sta)
689 eloop_cancel_timeout(auth_sae_retransmit_timer, hapd, sta);
694 struct sta_info *sta)
699 eloop_cancel_timeout(auth_sae_retransmit_timer, hapd, sta);
701 auth_sae_retransmit_timer, hapd, sta);
706 struct sta_info *sta, u16 status)
712 params.bssid = sta->addr;
713 if (status == WLAN_STATUS_SUCCESS && sta->sae &&
715 params.pmkid = sta->sae->pmkid;
721 void sae_accept_sta(struct hostapd_data *hapd, struct sta_info *sta)
726 if (sta->sae->tmp && sta->sae->tmp->vlan_id > 0) {
729 MAC2STR(sta->addr), sta->sae->tmp->vlan_id);
733 vlan_desc.untagged = sta->sae->tmp->vlan_id;
737 sta->sae->tmp->vlan_id);
741 if (ap_sta_set_vlan(hapd, sta, &vlan_desc) < 0 ||
742 ap_sta_bind_vlan(hapd, sta) < 0) {
745 MACSTR, sta->sae->tmp->vlan_id,
746 MAC2STR(sta->addr));
752 sta->flags |= WLAN_STA_AUTH;
753 sta->auth_alg = WLAN_AUTH_SAE;
754 mlme_authenticate_indication(hapd, sta);
755 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
756 sae_set_state(sta, SAE_ACCEPTED, "Accept Confirm");
757 wpa_auth_pmksa_add_sae(hapd->wpa_auth, sta->addr,
758 sta->sae->pmk, sta->sae->pmkid);
759 sae_sme_send_external_auth_status(hapd, sta, WLAN_STATUS_SUCCESS);
763 static int sae_sm_step(struct hostapd_data *hapd, struct sta_info *sta,
775 MAC2STR(sta->addr), sae_state_txt(sta->sae->state),
777 switch (sta->sae->state) {
780 ret = auth_sae_send_commit(hapd, sta, bssid,
784 sae_set_state(sta, SAE_COMMITTED, "Sent Commit");
786 if (sae_process_commit(sta->sae) < 0)
803 ret = auth_sae_send_confirm(hapd, sta, bssid);
806 sae_set_state(sta, SAE_CONFIRMED,
818 sta->sae->sync = 0;
819 sae_set_retransmit_timer(hapd, sta);
821 hostapd_logger(hapd, sta->addr,
828 sae_clear_retransmit_timer(hapd, sta);
830 if (sae_process_commit(sta->sae) < 0)
833 ret = auth_sae_send_confirm(hapd, sta, bssid);
836 sae_set_state(sta, SAE_CONFIRMED, "Sent Confirm");
837 sta->sae->sync = 0;
838 sae_set_retransmit_timer(hapd, sta);
844 if (sae_check_big_sync(hapd, sta))
846 sta->sae->sync++;
848 ret = auth_sae_send_commit(hapd, sta, bssid, 0);
852 sae_set_retransmit_timer(hapd, sta);
859 ret = auth_sae_send_confirm(hapd, sta, bssid);
863 sae_set_state(sta, SAE_CONFIRMED, "Sent Confirm");
870 return sae_sm_step(hapd, sta, bssid, auth_transaction,
875 sae_clear_retransmit_timer(hapd, sta);
877 if (sae_check_big_sync(hapd, sta))
879 sta->sae->sync++;
881 ret = auth_sae_send_commit(hapd, sta, bssid, 1);
885 if (sae_process_commit(sta->sae) < 0)
888 ret = auth_sae_send_confirm(hapd, sta, bssid);
892 sae_set_retransmit_timer(hapd, sta);
894 sta->sae->send_confirm = 0xffff;
895 sae_accept_sta(hapd, sta);
903 MAC2STR(sta->addr));
904 wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr);
905 ap_free_sta(hapd, sta);
909 ret = auth_sae_send_commit(hapd, sta, bssid, 1);
912 sae_set_state(sta, SAE_COMMITTED, "Sent Commit");
914 if (sae_process_commit(sta->sae) < 0)
916 sta->sae->sync = 0;
917 sae_set_retransmit_timer(hapd, sta);
919 if (sae_check_big_sync(hapd, sta))
921 sta->sae->sync++;
923 ret = auth_sae_send_confirm(hapd, sta, bssid);
924 sae_clear_temp_data(sta->sae);
931 sta->sae->state);
938 static void sae_pick_next_group(struct hostapd_data *hapd, struct sta_info *sta)
940 struct sae_data *sae = sta->sae;
979 static void handle_auth_sae(struct hostapd_data *hapd, struct sta_info *sta,
1014 if (!sta->sae) {
1020 sta->sae = os_zalloc(sizeof(*sta->sae));
1021 if (!sta->sae) {
1025 sae_set_state(sta, SAE_NOTHING, "Init");
1026 sta->sae->sync = 0;
1029 if (sta->mesh_sae_pmksa_caching) {
1032 wpa_auth_pmksa_remove(hapd->wpa_auth, sta->addr);
1033 sta->mesh_sae_pmksa_caching = 0;
1041 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1048 sta->sae->tmp) {
1057 resp = sae_group_allowed(sta->sae, groups,
1066 wpabuf_free(sta->sae->tmp->anti_clogging_token);
1067 sta->sae->tmp->anti_clogging_token =
1069 if (sta->sae->tmp->anti_clogging_token == NULL) {
1083 resp = auth_sae_send_commit(hapd, sta, mgmt->bssid, 0);
1089 sae_set_state(sta, SAE_COMMITTED,
1091 sta->sae->sync = 0;
1092 sae_set_retransmit_timer(hapd, sta);
1099 sta->sae->tmp) {
1102 sae_pick_next_group(hapd, sta);
1110 sta->sae->state == SAE_COMMITTED) {
1121 sae_group_allowed(sta->sae, groups,
1126 sae_set_state(sta, SAE_NOTHING,
1130 sae_set_state(sta, SAE_NOTHING,
1132 sae_clear_data(sta->sae);
1136 resp = sae_parse_commit(sta->sae, mgmt->u.auth.variable,
1143 MAC2STR(sta->addr));
1150 MACSTR, MAC2STR(sta->addr));
1151 sae_clear_retransmit_timer(hapd, sta);
1152 sae_set_state(sta, SAE_NOTHING,
1157 if (token && check_sae_token(hapd, sta->addr, token, token_len)
1161 MAC2STR(sta->addr));
1172 MACSTR, MAC2STR(sta->addr));
1173 data = auth_build_token_req(hapd, sta->sae->group,
1174 sta->addr);
1177 sae_set_state(sta, SAE_NOTHING,
1182 resp = sae_sm_step(hapd, sta, mgmt->bssid, auth_transaction,
1185 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1191 if (sta->sae->state >= SAE_CONFIRMED ||
1206 if (sta->sae->state == SAE_ACCEPTED &&
1207 (peer_send_confirm <= sta->sae->rc ||
1213 MAC2STR(sta->addr),
1214 peer_send_confirm, sta->sae->rc);
1218 if (sae_check_confirm(sta->sae, var, var_len) < 0) {
1222 sta->sae->rc = peer_send_confirm;
1224 resp = sae_sm_step(hapd, sta, mgmt->bssid, auth_transaction, 0,
1227 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1248 sae_sme_send_external_auth_status(hapd, sta, resp);
1256 if (!sta_removed && sta->added_unassoc &&
1259 hostapd_drv_sta_remove(hapd, sta->addr);
1260 sta->added_unassoc = 0;
1269 * @sta: the peer to which commit authentication frame is sent
1273 * sta->sae structure should be initialized appropriately via a call to
1276 int auth_sae_init_committed(struct hostapd_data *hapd, struct sta_info *sta)
1280 if (!sta->sae || !sta->sae->tmp)
1283 if (sta->sae->state != SAE_NOTHING)
1286 ret = auth_sae_send_commit(hapd, sta, hapd->own_addr, 0);
1290 sae_set_state(sta, SAE_COMMITTED, "Init and sent commit");
1291 sta->sae->sync = 0;
1292 sae_set_retransmit_timer(hapd, sta);
1428 struct sta_info *sta, u16 resp,
1431 void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta,
1435 struct sta_info *sta, u16 resp,
1479 crypto_ecdh_deinit(sta->fils_ecdh);
1480 sta->fils_ecdh = crypto_ecdh_init(group);
1481 if (!sta->fils_ecdh) {
1489 pub = crypto_ecdh_get_pubkey(sta->fils_ecdh, 1);
1506 wpabuf_free(sta->fils_g_sta);
1507 sta->fils_g_sta = wpabuf_alloc_copy(pos, elem_len);
1508 wpabuf_clear_free(sta->fils_dh_ss);
1509 sta->fils_dh_ss = crypto_ecdh_set_peerkey(sta->fils_ecdh, 1,
1511 if (!sta->fils_dh_ss) {
1516 wpa_hexdump_buf_key(MSG_DEBUG, "FILS: DH_SS", sta->fils_dh_ss);
1519 crypto_ecdh_deinit(sta->fils_ecdh);
1520 sta->fils_ecdh = NULL;
1521 wpabuf_clear_free(sta->fils_dh_ss);
1522 sta->fils_dh_ss = NULL;
1544 if (!sta->wpa_sm)
1545 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr,
1547 if (!sta->wpa_sm) {
1554 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
1569 os_memcpy(sta->fils_snonce, elems.fils_nonce, FILS_NONCE_LEN);
1583 pmksa = wpa_auth_pmksa_get(hapd->wpa_auth, sta->addr,
1588 sta->addr,
1596 if (pmksa && wpa_auth_sta_key_mgmt(sta->wpa_sm) != pmksa->akmp) {
1599 wpa_auth_sta_key_mgmt(sta->wpa_sm), pmksa->akmp);
1613 os_memcpy(sta->fils_session, elems.fils_session, FILS_SESSION_LEN);
1622 if (!sta->eapol_sm) {
1623 sta->eapol_sm =
1624 ieee802_1x_alloc_eapol_sm(hapd, sta);
1629 hapd, sta, elems.fils_wrapped_data,
1631 sta->fils_pending_cb = cb;
1634 sta->flags |= WLAN_STA_PENDING_FILS_ERP;
1638 if (fils_pmkid_erp(wpa_auth_sta_key_mgmt(sta->wpa_sm),
1641 sta->fils_erp_pmkid) == 0)
1642 sta->fils_erp_pmkid_set = 1;
1656 data = prepare_auth_resp_fils(hapd, sta, &resp, pmksa, NULL,
1664 cb(hapd, sta, resp, data, pub);
1671 struct sta_info *sta, u16 *resp,
1720 if (sta->fils_dh_ss && sta->fils_ecdh) {
1721 pub = crypto_ecdh_get_pubkey(sta->fils_ecdh, 1);
1752 if (wpa_key_mgmt_ft(wpa_auth_sta_key_mgmt(sta->wpa_sm))) {
1756 wpa_auth_sta_key_mgmt(sta->wpa_sm));
1781 wpabuf_put_data(data, sta->fils_session, FILS_SESSION_LEN);
1791 if (fils_rmsk_to_pmk(wpa_auth_sta_key_mgmt(sta->wpa_sm),
1792 msk, msk_len, sta->fils_snonce, fils_nonce,
1793 sta->fils_dh_ss ?
1794 wpabuf_head(sta->fils_dh_ss) : NULL,
1795 sta->fils_dh_ss ?
1796 wpabuf_len(sta->fils_dh_ss) : 0,
1808 wpabuf_clear_free(sta->fils_dh_ss);
1809 sta->fils_dh_ss = NULL;
1811 if (sta->fils_erp_pmkid_set) {
1817 if (sta->session_timeout_set) {
1821 os_reltime_sub(&sta->session_timeout, &now,
1826 sta->fils_erp_pmkid_set = 0;
1827 wpa_auth_add_fils_pmk_pmkid(sta->wpa_sm, pmk, pmk_len,
1828 sta->fils_erp_pmkid);
1831 hapd->wpa_auth, sta->addr,
1833 sta->fils_erp_pmkid,
1835 wpa_auth_sta_key_mgmt(sta->wpa_sm)) < 0) {
1853 if (fils_auth_pmk_to_ptk(sta->wpa_sm, pmk, pmk_len,
1854 sta->fils_snonce, fils_nonce,
1855 sta->fils_dh_ss ?
1856 wpabuf_head(sta->fils_dh_ss) : NULL,
1857 sta->fils_dh_ss ?
1858 wpabuf_len(sta->fils_dh_ss) : 0,
1859 sta->fils_g_sta, pub) < 0) {
1871 wpabuf_clear_free(sta->fils_dh_ss);
1872 sta->fils_dh_ss = NULL;
1874 crypto_ecdh_deinit(sta->fils_ecdh);
1875 sta->fils_ecdh = NULL;
1882 struct sta_info *sta, u16 resp,
1890 send_auth_reply(hapd, sta->addr, hapd->own_addr, auth_alg, 2, resp,
1896 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
1899 sta->flags |= WLAN_STA_AUTH;
1900 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
1901 sta->auth_alg = pub ? WLAN_AUTH_FILS_SK_PFS : WLAN_AUTH_FILS_SK;
1902 mlme_authenticate_indication(hapd, sta);
1908 struct sta_info *sta, int success,
1916 sta->flags &= ~WLAN_STA_PENDING_FILS_ERP;
1918 if (!sta->fils_pending_cb)
1921 data = prepare_auth_resp_fils(hapd, sta, &resp, NULL, erp_resp,
1928 sta->fils_pending_cb(hapd, sta, resp, data, pub);
1974 ieee802_11_set_radius_info(struct hostapd_data *hapd, struct sta_info *sta,
1983 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
1990 if (ap_sta_set_vlan(hapd, sta, vlan_id) < 0)
1992 if (sta->vlan_id)
1993 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_RADIUS,
1994 HOSTAPD_LEVEL_INFO, "VLAN ID %d", sta->vlan_id);
1996 hostapd_free_psk_list(sta->psk);
1998 sta->psk = *psk;
2001 sta->psk = NULL;
2004 os_free(sta->identity);
2005 sta->identity = *identity;
2008 os_free(sta->radius_cui);
2009 sta->radius_cui = *radius_cui;
2013 sta->acct_interim_interval = acct_interim_interval;
2015 sta->session_timeout_set = 1;
2016 os_get_reltime(&sta->session_timeout);
2017 sta->session_timeout.sec += session_timeout;
2018 ap_sta_session_timeout(hapd, sta, session_timeout);
2020 sta->session_timeout_set = 0;
2021 ap_sta_no_session_timeout(hapd, sta);
2034 struct sta_info *sta = NULL;
2226 sta = ap_get_sta(hapd, mgmt->sa);
2227 if (sta) {
2228 sta->flags &= ~WLAN_STA_PENDING_FILS_ERP;
2229 sta->ft_over_ds = 0;
2231 sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ &&
2232 sta->last_seq_ctrl == seq_ctrl &&
2233 sta->last_subtype == WLAN_FC_STYPE_AUTH) {
2234 hostapd_logger(hapd, sta->addr,
2243 sta->plink_state == PLINK_BLOCKED) {
2269 sta = ap_sta_add(hapd, mgmt->sa);
2270 if (!sta) {
2276 sta->last_seq_ctrl = seq_ctrl;
2277 sta->last_subtype = WLAN_FC_STYPE_AUTH;
2279 sta->auth_rssi = rssi;
2283 hapd, sta, res, session_timeout, acct_interim_interval,
2291 sta->flags &= ~WLAN_STA_PREAUTH;
2292 ieee802_1x_notify_pre_auth(sta->eapol_sm, 0);
2302 * (sta->added_unassoc = 1) so skip it.
2314 (!(sta->flags & WLAN_STA_MFP) || !ap_sta_is_authorized(sta)) &&
2316 !(sta->added_unassoc)) {
2324 ap_sta_set_authorized(hapd, sta, 0);
2325 hostapd_drv_sta_remove(hapd, sta->addr);
2326 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_AUTH |
2329 if (hostapd_sta_add(hapd, sta->addr, 0, 0,
2330 sta->supported_rates,
2331 sta->supported_rates_len,
2333 sta->flags, 0, 0, 0, 0)) {
2334 hostapd_logger(hapd, sta->addr,
2342 sta->added_unassoc = 1;
2347 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2350 sta->flags |= WLAN_STA_AUTH;
2351 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
2352 sta->auth_alg = WLAN_AUTH_OPEN;
2353 mlme_authenticate_indication(hapd, sta);
2357 resp = auth_shared_key(hapd, sta, auth_transaction, challenge,
2362 sta->auth_alg = WLAN_AUTH_SHARED_KEY;
2363 mlme_authenticate_indication(hapd, sta);
2364 if (sta->challenge && auth_transaction == 1) {
2367 os_memcpy(resp_ies + 2, sta->challenge,
2375 sta->auth_alg = WLAN_AUTH_FT;
2376 if (sta->wpa_sm == NULL)
2377 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
2378 sta->addr, NULL);
2379 if (sta->wpa_sm == NULL) {
2385 wpa_ft_process_auth(sta->wpa_sm, mgmt->bssid,
2398 if (sta->wpa_sm == NULL)
2399 sta->wpa_sm =
2401 sta->addr, NULL);
2402 if (sta->wpa_sm == NULL) {
2410 handle_auth_sae(hapd, sta, mgmt, len, auth_transaction,
2417 handle_auth_fils(hapd, sta, mgmt->u.auth.variable,
2434 if (sta && sta->added_unassoc && (resp != WLAN_STATUS_SUCCESS ||
2436 hostapd_drv_sta_remove(hapd, sta->addr);
2437 sta->added_unassoc = 0;
2442 int hostapd_get_aid(struct hostapd_data *hapd, struct sta_info *sta)
2447 if (sta->aid > 0) {
2448 wpa_printf(MSG_DEBUG, " old AID %d", sta->aid);
2471 sta->aid = aid;
2473 wpa_printf(MSG_DEBUG, " new AID %d", sta->aid);
2478 static u16 check_ssid(struct hostapd_data *hapd, struct sta_info *sta,
2486 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2497 static u16 check_wmm(struct hostapd_data *hapd, struct sta_info *sta,
2500 sta->flags &= ~WLAN_STA_WMM;
2501 sta->qosinfo = 0;
2506 hostapd_logger(hapd, sta->addr,
2514 sta->flags |= WLAN_STA_WMM;
2516 sta->qosinfo = wmm->qos_info;
2521 static u16 check_multi_ap(struct hostapd_data *hapd, struct sta_info *sta,
2526 sta->flags &= ~WLAN_STA_MULTI_AP;
2540 hostapd_logger(hapd, sta->addr,
2549 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2558 hostapd_logger(hapd, sta->addr,
2566 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2570 sta->flags |= WLAN_STA_MULTI_AP;
2575 static u16 copy_supp_rates(struct hostapd_data *hapd, struct sta_info *sta,
2584 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2591 sizeof(sta->supported_rates)) {
2592 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2600 sta->supported_rates_len = merge_byte_arrays(
2601 sta->supported_rates, sizeof(sta->supported_rates),
2609 static u16 check_ext_capab(struct hostapd_data *hapd, struct sta_info *sta,
2616 sta->qos_map_enabled = 1;
2621 sta->ecsa_supported = !!(ext_capab_ie[0] & BIT(2));
2622 os_free(sta->ext_capability);
2623 sta->ext_capability = os_malloc(1 + ext_capab_ie_len);
2624 if (sta->ext_capability) {
2625 sta->ext_capability[0] = ext_capab_ie_len;
2626 os_memcpy(sta->ext_capability + 1, ext_capab_ie,
2658 struct sta_info *sta, const u8 *owe_dh,
2670 if (wpa_auth_sta_get_pmksa(sta->wpa_sm)) {
2689 crypto_ecdh_deinit(sta->owe_ecdh);
2690 sta->owe_ecdh = crypto_ecdh_init(group);
2691 if (!sta->owe_ecdh)
2693 sta->owe_group = group;
2695 secret = crypto_ecdh_set_peerkey(sta->owe_ecdh, 0, owe_dh + 2,
2706 pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);
2767 os_free(sta->owe_pmk);
2768 sta->owe_pmk = os_malloc(hash_len);
2769 if (!sta->owe_pmk) {
2776 os_strlen(info), sta->owe_pmk, hash_len);
2779 os_strlen(info), sta->owe_pmk, hash_len);
2782 os_strlen(info), sta->owe_pmk, hash_len);
2785 os_free(sta->owe_pmk);
2786 sta->owe_pmk = NULL;
2789 sta->owe_pmk_len = hash_len;
2791 wpa_hexdump_key(MSG_DEBUG, "OWE: PMK", sta->owe_pmk, sta->owe_pmk_len);
2793 wpa_auth_pmksa_add2(hapd->wpa_auth, sta->addr, sta->owe_pmk,
2794 sta->owe_pmk_len, pmkid, 0, WPA_KEY_MGMT_OWE);
2840 struct sta_info *sta,
2855 if (!sta->wpa_sm)
2856 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth, sta->addr,
2858 if (!sta->wpa_sm) {
2866 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
2872 status = owe_process_assoc_req(hapd, sta, owe_dh, owe_dh_len);
2875 owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, ie, sizeof(ie),
2882 if (sta->owe_ecdh) {
2885 pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);
2896 WPA_PUT_LE16(owe_buf, sta->owe_group);
2901 sta->external_dh_updated = 1;
2908 MAC2STR(sta->addr));
2909 hostapd_drv_update_dh_ie(hapd, sta->addr, status,
2919 static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
2929 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2935 resp = check_ssid(hapd, sta, elems.ssid, elems.ssid_len);
2938 resp = check_wmm(hapd, sta, elems.wmm, elems.wmm_len);
2941 resp = check_ext_capab(hapd, sta, elems.ext_capab, elems.ext_capab_len);
2944 resp = copy_supp_rates(hapd, sta, &elems);
2948 resp = check_multi_ap(hapd, sta, elems.multi_ap, elems.multi_ap_len);
2953 resp = copy_sta_ht_capab(hapd, sta, elems.ht_capabilities);
2957 !(sta->flags & WLAN_STA_HT)) {
2958 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2967 resp = copy_sta_vht_capab(hapd, sta, elems.vht_capabilities);
2971 resp = set_sta_vht_opmode(hapd, sta, elems.vht_opmode_notif);
2977 !(sta->flags & WLAN_STA_VHT)) {
2978 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
2985 resp = copy_sta_vendor_vht(hapd, sta, elems.vendor_vht,
2993 resp = copy_sta_he_capab(hapd, sta, IEEE80211_MODE_AP,
3003 wpabuf_free(sta->p2p_ie);
3004 sta->p2p_ie = ieee802_11_vendor_ie_concat(ies, ies_len,
3006 if (sta->p2p_ie)
3007 p2p_dev_addr = p2p_get_go_dev_addr(sta->p2p_ie);
3009 wpabuf_free(sta->p2p_ie);
3010 sta->p2p_ie = NULL;
3027 sta->flags &= ~(WLAN_STA_WPS | WLAN_STA_MAYBE_WPS | WLAN_STA_WPS2);
3031 sta->flags |= WLAN_STA_WPS;
3032 wpabuf_free(sta->wps_ie);
3033 sta->wps_ie = ieee802_11_vendor_ie_concat(ies, ies_len,
3035 if (sta->wps_ie && wps_is_20(sta->wps_ie)) {
3037 sta->flags |= WLAN_STA_WPS2;
3041 if (sta->wps_ie && wps_validate_assoc_req(sta->wps_ie) < 0) {
3049 sta->flags |= WLAN_STA_MAYBE_WPS;
3053 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
3063 if (sta->wpa_sm == NULL)
3064 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
3065 sta->addr,
3067 if (sta->wpa_sm == NULL) {
3072 wpa_auth_set_auth_alg(sta->wpa_sm, sta->auth_alg);
3073 res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
3082 if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) ==
3084 !sta->sa_query_timed_out &&
3085 sta->sa_query_count > 0)
3086 ap_check_sa_query_timeout(hapd, sta);
3087 if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_MFP)) ==
3089 !sta->sa_query_timed_out &&
3090 (!reassoc || sta->auth_alg != WLAN_AUTH_FT)) {
3098 if (sta->sa_query_count == 0)
3099 ap_sta_start_sa_query(hapd, sta);
3104 if (wpa_auth_uses_mfp(sta->wpa_sm))
3105 sta->flags |= WLAN_STA_MFP;
3107 sta->flags &= ~WLAN_STA_MFP;
3111 if (sta->auth_alg == WLAN_AUTH_FT) {
3116 MAC2STR(sta->addr));
3120 resp = wpa_ft_validate_reassoc(sta->wpa_sm, ies,
3128 if (wpa_auth_uses_sae(sta->wpa_sm) && sta->sae &&
3129 sta->sae->state == SAE_ACCEPTED)
3130 wpa_auth_add_sae_pmkid(sta->wpa_sm, sta->sae->pmkid);
3132 if (wpa_auth_uses_sae(sta->wpa_sm) &&
3133 sta->auth_alg == WLAN_AUTH_OPEN) {
3135 sa = wpa_auth_sta_get_pmksa(sta->wpa_sm);
3139 MACSTR, MAC2STR(sta->addr));
3143 " using PMKSA caching", MAC2STR(sta->addr));
3144 } else if (wpa_auth_uses_sae(sta->wpa_sm) &&
3145 sta->auth_alg != WLAN_AUTH_SAE &&
3146 !(sta->auth_alg == WLAN_AUTH_FT &&
3147 wpa_auth_uses_ft_sae(sta->wpa_sm))) {
3150 MAC2STR(sta->addr), sta->auth_alg);
3157 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE &&
3159 resp = owe_process_assoc_req(hapd, sta, elems.owe_dh,
3167 dpp_pfs_free(sta->dpp_pfs);
3168 sta->dpp_pfs = NULL;
3171 hapd->conf->dpp_netaccesskey && sta->wpa_sm &&
3172 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP &&
3174 sta->dpp_pfs = dpp_pfs_init(
3177 if (!sta->dpp_pfs) {
3184 if (dpp_pfs_process(sta->dpp_pfs, elems.owe_dh,
3186 dpp_pfs_free(sta->dpp_pfs);
3187 sta->dpp_pfs = NULL;
3192 wpa_auth_set_dpp_z(sta->wpa_sm, sta->dpp_pfs ?
3193 sta->dpp_pfs->secret : NULL);
3198 if ((sta->flags & (WLAN_STA_HT | WLAN_STA_VHT)) &&
3199 wpa_auth_get_pairwise(sta->wpa_sm) == WPA_CIPHER_TKIP) {
3200 hostapd_logger(hapd, sta->addr,
3212 hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
3219 if (sta->wpa_sm == NULL)
3220 sta->wpa_sm = wpa_auth_sta_init(hapd->wpa_auth,
3221 sta->addr, NULL);
3222 if (sta->wpa_sm == NULL) {
3227 if (wpa_validate_osen(hapd->wpa_auth, sta->wpa_sm,
3232 wpa_auth_sta_no_wpa(sta->wpa_sm);
3235 p2p_group_notif_assoc(hapd->p2p_group, sta->addr, ies, ies_len);
3239 wpabuf_free(sta->hs20_ie);
3243 sta->hs20_ie = wpabuf_alloc_copy(elems.hs20 + 4,
3246 if (release >= 2 && !wpa_auth_uses_mfp(sta->wpa_sm)) {
3249 MACSTR, release, MAC2STR(sta->addr));
3253 sta->hs20_ie = NULL;
3256 wpabuf_free(sta->roaming_consortium);
3258 sta->roaming_consortium = wpabuf_alloc_copy(
3262 sta->roaming_consortium = NULL;
3266 wpabuf_free(sta->mb_ies);
3268 sta->mb_ies = mb_ies_by_info(&elems.mb_ies);
3270 sta->mb_ies = NULL;
3274 mbo_ap_check_sta_assoc(hapd, sta, &elems);
3277 elems.mbo && sta->cell_capa && !(sta->flags & WLAN_STA_MFP) &&
3286 if (wpa_auth_uses_ocv(sta->wpa_sm) &&
3287 (sta->auth_alg == WLAN_AUTH_FILS_SK ||
3288 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
3289 sta->auth_alg == WLAN_AUTH_FILS_PK)) {
3300 if (get_sta_tx_parameters(sta->wpa_sm,
3314 ap_copy_sta_supp_op_classes(sta, elems.supp_op_classes,
3317 if ((sta->capability & WLAN_CAPABILITY_RADIO_MEASUREMENT) &&
3319 elems.rrm_enabled_len >= sizeof(sta->rrm_enabled_capa))
3320 os_memcpy(sta->rrm_enabled_capa, elems.rrm_enabled,
3321 sizeof(sta->rrm_enabled_capa));
3324 sta->min_tx_power = elems.power_capab[0];
3325 sta->max_tx_power = elems.power_capab[1];
3326 sta->power_capab = 1;
3328 sta->power_capab = 0;
3358 struct sta_info *sta, int reassoc)
3386 MAC2STR(sta->addr), sta->added_unassoc, sta->auth_alg,
3387 sta->ft_over_ds, reassoc,
3388 !!(sta->flags & WLAN_STA_AUTHORIZED),
3389 wpa_auth_sta_ft_tk_already_set(sta->wpa_sm),
3390 wpa_auth_sta_fils_tk_already_set(sta->wpa_sm));
3392 if (!sta->added_unassoc &&
3393 (!(sta->flags & WLAN_STA_AUTHORIZED) ||
3394 (reassoc && sta->ft_over_ds && sta->auth_alg == WLAN_AUTH_FT) ||
3395 (!wpa_auth_sta_ft_tk_already_set(sta->wpa_sm) &&
3396 !wpa_auth_sta_fils_tk_already_set(sta->wpa_sm)))) {
3397 hostapd_drv_sta_remove(hapd, sta->addr);
3398 wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
3404 sta->ft_over_ds = 0;
3408 if (sta->flags & WLAN_STA_HT)
3409 hostapd_get_ht_capab(hapd, sta->ht_capabilities, &ht_cap);
3412 if (sta->flags & WLAN_STA_VHT)
3413 hostapd_get_vht_capab(hapd, sta->vht_capabilities, &vht_cap);
3416 if (sta->flags & WLAN_STA_HE) {
3417 hostapd_get_he_capab(hapd, sta->he_capab, &he_cap,
3418 sta->he_capab_len);
3423 * Add the station with forced WLAN_STA_ASSOC flag. The sta->flags
3427 if (hostapd_sta_add(hapd, sta->addr, sta->aid, sta->capability,
3428 sta->supported_rates, sta->supported_rates_len,
3429 sta->listen_interval,
3430 sta->flags & WLAN_STA_HT ? &ht_cap : NULL,
3431 sta->flags & WLAN_STA_VHT ? &vht_cap : NULL,
3432 sta->flags & WLAN_STA_HE ? &he_cap : NULL,
3433 sta->flags & WLAN_STA_HE ? sta->he_capab_len : 0,
3434 sta->flags | WLAN_STA_ASSOC, sta->qosinfo,
3435 sta->vht_opmode, sta->p2p_ie ? 1 : 0,
3437 hostapd_logger(hapd, sta->addr,
3442 if (sta->added_unassoc) {
3443 hostapd_drv_sta_remove(hapd, sta->addr);
3444 sta->added_unassoc = 0;
3450 sta->added_unassoc = 0;
3456 static u16 send_assoc_resp(struct hostapd_data *hapd, struct sta_info *sta,
3469 if (sta && sta->fils_hlp_resp)
3470 buflen += wpabuf_len(sta->fils_hlp_resp);
3471 if (sta)
3475 if (sta && (hapd->conf->wpa_key_mgmt & WPA_KEY_MGMT_OWE))
3479 if (sta && sta->dpp_pfs)
3480 buflen += 5 + sta->dpp_pfs->curve->prime_len;
3502 reply->u.assoc_resp.aid = host_to_le16((sta ? sta->aid : 0) |
3520 if (sta && status_code == WLAN_STATUS_SUCCESS) {
3523 p = wpa_sm_write_assoc_resp_ies(sta->wpa_sm, p,
3525 sta->auth_alg, ies, ies_len);
3535 if (sta && status_code == WLAN_STATUS_SUCCESS &&
3536 (sta->auth_alg == WLAN_AUTH_FILS_SK ||
3537 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
3538 sta->auth_alg == WLAN_AUTH_FILS_PK))
3539 p = wpa_auth_write_assoc_resp_fils(sta->wpa_sm, p,
3545 if (sta && status_code == WLAN_STATUS_SUCCESS &&
3547 p = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, p,
3553 if (sta && status_code == WLAN_STATUS_ASSOC_REJECTED_TEMPORARILY)
3554 p = hostapd_eid_assoc_comeback_time(hapd, sta, p);
3566 if (sta && hapd->conf->use_sta_nsts && sta->vht_capabilities) {
3571 capa = sta->vht_capabilities;
3596 if (sta && sta->qos_map_enabled)
3609 sta && sta->owe_ecdh && status_code == WLAN_STATUS_SUCCESS &&
3610 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_OWE) {
3613 pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);
3622 WPA_PUT_LE16(p, sta->owe_group);
3632 sta && sta->dpp_pfs && status_code == WLAN_STATUS_SUCCESS &&
3633 wpa_auth_sta_key_mgmt(sta->wpa_sm) == WPA_KEY_MGMT_DPP) {
3634 os_memcpy(p, wpabuf_head(sta->dpp_pfs->ie),
3635 wpabuf_len(sta->dpp_pfs->ie));
3636 p += wpabuf_len(sta->dpp_pfs->ie);
3641 if (sta && hapd->conf->vendor_vht && (sta->flags & WLAN_STA_VENDOR_VHT))
3645 if (sta && (sta->flags & WLAN_STA_WMM))
3649 if (sta &&
3650 ((sta->flags & WLAN_STA_WPS) ||
3651 ((sta->flags & WLAN_STA_MAYBE_WPS) && hapd->conf->wpa))) {
3661 if (sta && (sta->flags & WLAN_STA_MULTI_AP))
3665 if (sta && sta->p2p_ie && hapd->p2p_group) {
3707 if (sta &&
3708 (sta->auth_alg == WLAN_AUTH_FILS_SK ||
3709 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
3710 sta->auth_alg == WLAN_AUTH_FILS_PK) &&
3727 send_len = fils_encrypt_assoc(sta->wpa_sm, buf, send_len,
3728 buflen, sta->fils_hlp_resp);
3749 u8 * owe_assoc_req_process(struct hostapd_data *hapd, struct sta_info *sta,
3757 return wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf,
3762 if (wpa_auth_sta_get_pmksa(sta->wpa_sm)) {
3764 owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf,
3770 if (sta->owe_pmk && sta->external_dh_updated) {
3776 *reason = owe_process_assoc_req(hapd, sta, owe_dh, owe_dh_len);
3780 owe_buf = wpa_auth_write_assoc_resp_owe(sta->wpa_sm, owe_buf,
3783 if (sta->owe_ecdh && owe_buf) {
3786 pub = crypto_ecdh_get_pubkey(sta->owe_ecdh, 0);
3797 WPA_PUT_LE16(owe_buf, sta->owe_group);
3811 void fils_hlp_finish_assoc(struct hostapd_data *hapd, struct sta_info *sta)
3816 MAC2STR(sta->addr));
3817 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta);
3818 if (!sta->fils_pending_assoc_req)
3820 reply_res = send_assoc_resp(hapd, sta, sta->addr, WLAN_STATUS_SUCCESS,
3821 sta->fils_pending_assoc_is_reassoc,
3822 sta->fils_pending_assoc_req,
3823 sta->fils_pending_assoc_req_len, 0);
3824 os_free(sta->fils_pending_assoc_req);
3825 sta->fils_pending_assoc_req = NULL;
3826 sta->fils_pending_assoc_req_len = 0;
3827 wpabuf_free(sta->fils_hlp_resp);
3828 sta->fils_hlp_resp = NULL;
3829 wpabuf_free(sta->hlp_dhcp_discover);
3830 sta->hlp_dhcp_discover = NULL;
3837 hostapd_drv_sta_remove(hapd, sta->addr);
3844 struct sta_info *sta = eloop_data;
3848 MACSTR, MAC2STR(sta->addr));
3849 if (sta->fils_drv_assoc_finish)
3850 hostapd_notify_assoc_fils_finish(hapd, sta);
3852 fils_hlp_finish_assoc(hapd, sta);
3866 struct sta_info *sta;
3930 sta = ap_get_sta(hapd, mgmt->sa);
3932 if (sta && sta->auth_alg == WLAN_AUTH_FT &&
3933 (sta->flags & WLAN_STA_AUTH) == 0) {
3942 sta->flags |= WLAN_STA_AUTH;
3945 if (sta == NULL || (sta->flags & WLAN_STA_AUTH) == 0) {
3969 * Allocate sta entry upon association. */
3970 sta = ap_sta_add(hapd, mgmt->sa);
3971 if (!sta) {
3981 hapd, sta, acl_res, session_timeout,
3989 hostapd_logger(hapd, sta->addr,
3993 sta->flags |= WLAN_STA_AUTH;
3994 wpa_auth_sm_event(sta->wpa_sm, WPA_AUTH);
3995 sta->auth_alg = WLAN_AUTH_OPEN;
4001 sta ? sta->aid : -1,
4002 sta ? sta->flags : 0);
4010 sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ &&
4011 sta->last_seq_ctrl == seq_ctrl &&
4012 sta->last_subtype == (reassoc ? WLAN_FC_STYPE_REASSOC_REQ :
4014 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4020 sta->last_seq_ctrl = seq_ctrl;
4021 sta->last_subtype = reassoc ? WLAN_FC_STYPE_REASSOC_REQ :
4046 (sta->auth_rssi == 0 ||
4047 sta->auth_rssi < hapd->iconf->rssi_reject_assoc_rssi)) {
4054 * sta->capability is used in check_assoc_ies() for RRM enabled
4057 sta->capability = capab_info;
4060 if (sta->auth_alg == WLAN_AUTH_FILS_SK ||
4061 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
4062 sta->auth_alg == WLAN_AUTH_FILS_PK) {
4074 res = fils_decrypt_assoc(sta->wpa_sm, sta->fils_session, mgmt,
4087 resp = check_assoc_ies(hapd, sta, pos, left, reassoc);
4091 if (hostapd_get_aid(hapd, sta) < 0) {
4098 sta->listen_interval = listen_interval;
4102 sta->flags |= WLAN_STA_NONERP;
4103 for (i = 0; i < sta->supported_rates_len; i++) {
4104 if ((sta->supported_rates[i] & 0x7f) > 22) {
4105 sta->flags &= ~WLAN_STA_NONERP;
4109 if (sta->flags & WLAN_STA_NONERP && !sta->nonerp_set) {
4110 sta->nonerp_set = 1;
4116 if (!(sta->capability & WLAN_CAPABILITY_SHORT_SLOT_TIME) &&
4117 !sta->no_short_slot_time_set) {
4118 sta->no_short_slot_time_set = 1;
4127 if (sta->capability & WLAN_CAPABILITY_SHORT_PREAMBLE)
4128 sta->flags |= WLAN_STA_SHORT_PREAMBLE;
4130 sta->flags &= ~WLAN_STA_SHORT_PREAMBLE;
4132 if (!(sta->capability & WLAN_CAPABILITY_SHORT_PREAMBLE) &&
4133 !sta->no_short_preamble_set) {
4134 sta->no_short_preamble_set = 1;
4143 update_ht_state(hapd, sta);
4146 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4148 "association OK (aid %d)", sta->aid);
4151 sta->flags |= WLAN_STA_ASSOC_REQ_OK;
4154 if ((sta->flags & WLAN_STA_MFP) && sta->sa_query_timed_out) {
4168 sta->timeout_next = STA_NULLFUNC;
4171 taxonomy_sta_info_assoc_req(hapd, sta, pos, left);
4174 sta->pending_wds_enable = 0;
4177 if (sta->auth_alg == WLAN_AUTH_FILS_SK ||
4178 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
4179 sta->auth_alg == WLAN_AUTH_FILS_PK) {
4180 if (fils_process_hlp(hapd, sta, pos, left) > 0)
4208 if (resp == WLAN_STATUS_SUCCESS && sta &&
4209 add_associated_sta(hapd, sta, reassoc))
4213 if (sta && delay_assoc && resp == WLAN_STATUS_SUCCESS &&
4214 eloop_is_timeout_registered(fils_hlp_timeout, hapd, sta) &&
4215 sta->fils_pending_assoc_req) {
4222 MACSTR, MAC2STR(sta->addr));
4226 if (sta) {
4227 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta);
4228 os_free(sta->fils_pending_assoc_req);
4229 sta->fils_pending_assoc_req = NULL;
4230 sta->fils_pending_assoc_req_len = 0;
4231 wpabuf_free(sta->fils_hlp_resp);
4232 sta->fils_hlp_resp = NULL;
4234 if (sta && delay_assoc && resp == WLAN_STATUS_SUCCESS) {
4235 sta->fils_pending_assoc_req = tmp;
4236 sta->fils_pending_assoc_req_len = left;
4237 sta->fils_pending_assoc_is_reassoc = reassoc;
4238 sta->fils_drv_assoc_finish = 0;
4241 MACSTR, MAC2STR(sta->addr));
4242 eloop_cancel_timeout(fils_hlp_timeout, hapd, sta);
4244 fils_hlp_timeout, hapd, sta);
4249 reply_res = send_assoc_resp(hapd, sta, mgmt->sa, resp, reassoc, pos,
4258 if (sta && ((reply_res != WLAN_STATUS_SUCCESS &&
4259 resp == WLAN_STATUS_SUCCESS) || sta->added_unassoc)) {
4260 hostapd_drv_sta_remove(hapd, sta->addr);
4261 sta->added_unassoc = 0;
4269 struct sta_info *sta;
4281 sta = ap_get_sta(hapd, mgmt->sa);
4282 if (sta == NULL) {
4288 ap_sta_set_authorized(hapd, sta, 0);
4289 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
4290 sta->flags &= ~(WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK);
4291 wpa_auth_sm_event(sta->wpa_sm, WPA_DISASSOC);
4292 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4294 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
4295 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
4298 accounting_sta_stop(hapd, sta);
4299 ieee802_1x_free_station(hapd, sta);
4300 if (sta->ipaddr)
4301 hostapd_drv_br_delete_ip_neigh(hapd, 4, (u8 *) &sta->ipaddr);
4302 ap_sta_ip6addr_del(hapd, sta);
4303 hostapd_drv_sta_remove(hapd, sta->addr);
4304 sta->added_unassoc = 0;
4306 if (sta->timeout_next == STA_NULLFUNC ||
4307 sta->timeout_next == STA_DISASSOC) {
4308 sta->timeout_next = STA_DEAUTH;
4309 eloop_cancel_timeout(ap_handle_timer, hapd, sta);
4311 hapd, sta);
4315 hapd, sta, le_to_host16(mgmt->u.disassoc.reason_code));
4317 /* DMG/IEEE 802.11ad does not use deauthication. Deallocate sta upon
4321 sta->flags &= ~WLAN_STA_AUTH;
4322 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
4323 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4325 ap_free_sta(hapd, sta);
4333 struct sta_info *sta;
4345 sta = ap_get_sta(hapd, mgmt->sa);
4346 if (sta == NULL) {
4353 ap_sta_set_authorized(hapd, sta, 0);
4354 sta->last_seq_ctrl = WLAN_INVALID_MGMT_SEQ;
4355 sta->flags &= ~(WLAN_STA_AUTH | WLAN_STA_ASSOC |
4357 wpa_auth_sm_event(sta->wpa_sm, WPA_DEAUTH);
4358 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4361 hapd, sta, le_to_host16(mgmt->u.deauth.reason_code));
4362 sta->acct_terminate_cause = RADIUS_ACCT_TERMINATE_CAUSE_USER_REQUEST;
4363 ieee802_1x_notify_port_enabled(sta->eapol_sm, 0);
4364 ap_free_sta(hapd, sta);
4402 struct sta_info *sta;
4419 sta = ap_get_sta(hapd, mgmt->sa);
4422 (sta == NULL || !(sta->flags & WLAN_STA_ASSOC))) {
4430 if (sta && (sta->flags & WLAN_STA_MFP) &&
4441 if (sta) {
4446 sta->last_seq_ctrl != WLAN_INVALID_MGMT_SEQ &&
4447 sta->last_seq_ctrl == seq_ctrl &&
4448 sta->last_subtype == WLAN_FC_STYPE_ACTION) {
4449 hostapd_logger(hapd, sta->addr,
4457 sta->last_seq_ctrl = seq_ctrl;
4458 sta->last_subtype = WLAN_FC_STYPE_ACTION;
4464 if (!sta ||
4465 wpa_ft_action_rx(sta->wpa_sm, (u8 *) &mgmt->u.action,
4714 struct sta_info *sta;
4716 sta = ap_get_sta(hapd, mgmt->da);
4717 if (!sta) {
4744 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4746 sta->flags |= WLAN_STA_AUTH;
4747 if (sta->added_unassoc)
4748 hostapd_set_sta_flags(hapd, sta);
4753 if (status_code != WLAN_STATUS_SUCCESS && sta->added_unassoc) {
4754 hostapd_drv_sta_remove(hapd, sta->addr);
4755 sta->added_unassoc = 0;
4761 struct sta_info *sta,
4789 struct sta_info *sta;
4792 sta = ap_get_sta(hapd, mgmt->da);
4793 if (!sta) {
4804 hostapd_drv_sta_remove(hapd, sta->addr);
4817 sta->flags &= ~WLAN_STA_ASSOC_REQ_OK;
4820 hostapd_drv_sta_remove(hapd, sta->addr);
4830 accounting_sta_stop(hapd, sta);
4832 hostapd_logger(hapd, sta->addr, HOSTAPD_MODULE_IEEE80211,
4835 sta->aid);
4837 if (sta->flags & WLAN_STA_ASSOC)
4839 sta->flags |= WLAN_STA_ASSOC;
4840 sta->flags &= ~WLAN_STA_WNM_SLEEP_MODE;
4843 sta->auth_alg == WLAN_AUTH_FILS_SK ||
4844 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
4845 sta->auth_alg == WLAN_AUTH_FILS_PK ||
4846 sta->auth_alg == WLAN_AUTH_FT) {
4851 ap_sta_set_authorized(hapd, sta, 1);
4855 mlme_reassociate_indication(hapd, sta);
4857 mlme_associate_indication(hapd, sta);
4860 sta->sa_query_timed_out = 0;
4863 if (sta->eapol_sm == NULL) {
4869 if (ap_sta_bind_vlan(hapd, sta) < 0)
4871 } else if (sta->vlan_id) {
4873 if (ap_sta_bind_vlan(hapd, sta) < 0)
4877 hostapd_set_sta_flags(hapd, sta);
4879 if (!(sta->flags & WLAN_STA_WDS) && sta->pending_wds_enable) {
4882 MAC2STR(sta->addr));
4883 sta->pending_wds_enable = 0;
4884 sta->flags |= WLAN_STA_WDS;
4887 if (sta->flags & (WLAN_STA_WDS | WLAN_STA_MULTI_AP)) {
4893 MAC2STR(sta->addr), sta->aid);
4894 ret = hostapd_set_wds_sta(hapd, ifname_wds, sta->addr,
4895 sta->aid, 1);
4897 hostapd_set_wds_encryption(hapd, sta, ifname_wds);
4900 if (sta->auth_alg == WLAN_AUTH_FT)
4901 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC_FT);
4903 wpa_auth_sm_event(sta->wpa_sm, WPA_ASSOC);
4904 hapd->new_assoc_sta_cb(hapd, sta, !new_assoc);
4905 ieee802_1x_notify_port_enabled(sta->eapol_sm, 1);
4908 if ((sta->auth_alg == WLAN_AUTH_FILS_SK ||
4909 sta->auth_alg == WLAN_AUTH_FILS_SK_PFS ||
4910 sta->auth_alg == WLAN_AUTH_FILS_PK) &&
4911 fils_set_tk(sta->wpa_sm) < 0) {
4913 ap_sta_disconnect(hapd, sta, sta->addr,
4919 if (sta->pending_eapol_rx) {
4923 os_reltime_sub(&now, &sta->pending_eapol_rx->rx_time, &age);
4927 MAC2STR(sta->addr));
4930 wpabuf_head(sta->pending_eapol_rx->buf),
4931 wpabuf_len(sta->pending_eapol_rx->buf));
4933 wpabuf_free(sta->pending_eapol_rx->buf);
4934 os_free(sta->pending_eapol_rx);
4935 sta->pending_eapol_rx = NULL;
4944 struct sta_info *sta;
4947 sta = ap_get_sta(hapd, mgmt->da);
4948 if (!sta) {
4955 MAC2STR(sta->addr));
4958 "deauth", MAC2STR(sta->addr));
4960 ap_sta_deauth_cb(hapd, sta);
4968 struct sta_info *sta;
4971 sta = ap_get_sta(hapd, mgmt->da);
4972 if (!sta) {
4979 MAC2STR(sta->addr));
4982 "disassoc", MAC2STR(sta->addr));
4984 ap_sta_disassoc_cb(hapd, sta);
4992 struct sta_info *sta;
5027 sta = ap_get_sta(hapd, mgmt->da);
5028 if (!sta) {
5120 int ieee802_11_get_mib_sta(struct hostapd_data *hapd, struct sta_info *sta,
5131 struct sta_info *sta;
5134 sta = ap_get_sta(hapd, addr);
5135 if (sta == NULL && iface->num_bss > 1) {
5139 sta = ap_get_sta(hapd, addr);
5140 if (sta)
5144 if (sta == NULL || !(sta->flags & WLAN_STA_ASSOC))
5146 if (sta->flags & WLAN_STA_PENDING_POLL) {
5148 "activity poll", MAC2STR(sta->addr),
5151 sta->flags &= ~WLAN_STA_PENDING_POLL;
5154 ieee802_1x_tx_status(hapd, sta, buf, len, ack);
5161 struct sta_info *sta;
5164 sta = ap_get_sta(hapd, dst);
5165 if (sta == NULL && iface->num_bss > 1) {
5169 sta = ap_get_sta(hapd, dst);
5170 if (sta)
5174 if (sta == NULL || !(sta->flags & WLAN_STA_ASSOC)) {
5181 ieee802_1x_eapol_tx_status(hapd, sta, data, len, ack);
5187 struct sta_info *sta;
5190 sta = ap_get_sta(hapd, addr);
5191 if (sta == NULL && iface->num_bss > 1) {
5195 sta = ap_get_sta(hapd, addr);
5196 if (sta)
5200 if (sta == NULL)
5203 MAC2STR(sta->addr));
5204 if (!(sta->flags & WLAN_STA_PENDING_POLL))
5208 "activity poll", MAC2STR(sta->addr));
5209 sta->flags &= ~WLAN_STA_PENDING_POLL;
5216 struct sta_info *sta;
5218 sta = ap_get_sta(hapd, src);
5219 if (sta &&
5220 ((sta->flags & WLAN_STA_ASSOC) ||
5221 ((sta->flags & WLAN_STA_ASSOC_REQ_OK) && wds))) {
5225 if ((sta->flags & (WLAN_STA_ASSOC | WLAN_STA_ASSOC_REQ_OK)) ==
5230 MAC2STR(sta->addr));
5231 sta->pending_wds_enable = 1;
5235 if (wds && !(sta->flags & WLAN_STA_WDS)) {
5241 MAC2STR(sta->addr), sta->aid);
5242 sta->flags |= WLAN_STA_WDS;
5244 sta->addr, sta->aid, 1);
5246 hostapd_set_wds_encryption(hapd, sta,
5259 if (sta && (sta->flags & WLAN_STA_ASSOC_REQ_OK)) {
5267 if (sta && (sta->flags & WLAN_STA_AUTH))