1 /* 2 * hostapd / Station table 3 * Copyright (c) 2002-2017, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #ifndef STA_INFO_H 10 #define STA_INFO_H 11 12 #include "common/defs.h" 13 #include "list.h" 14 #include "vlan.h" 15 #include "common/wpa_common.h" 16 #include "common/ieee802_11_defs.h" 17 #include "common/sae.h" 18 #include "crypto/sha384.h" 19 #include "pasn/pasn_common.h" 20 #include "hostapd.h" 21 22 /* STA flags */ 23 #define WLAN_STA_AUTH BIT(0) 24 #define WLAN_STA_ASSOC BIT(1) 25 #define WLAN_STA_SPP_AMSDU BIT(2) 26 #define WLAN_STA_AUTHORIZED BIT(5) 27 #define WLAN_STA_PENDING_POLL BIT(6) /* pending activity poll not ACKed */ 28 #define WLAN_STA_SHORT_PREAMBLE BIT(7) 29 #define WLAN_STA_PREAUTH BIT(8) 30 #define WLAN_STA_WMM BIT(9) 31 #define WLAN_STA_MFP BIT(10) 32 #define WLAN_STA_HT BIT(11) 33 #define WLAN_STA_WPS BIT(12) 34 #define WLAN_STA_MAYBE_WPS BIT(13) 35 #define WLAN_STA_WDS BIT(14) 36 #define WLAN_STA_ASSOC_REQ_OK BIT(15) 37 #define WLAN_STA_WPS2 BIT(16) 38 #define WLAN_STA_GAS BIT(17) 39 #define WLAN_STA_VHT BIT(18) 40 #define WLAN_STA_WNM_SLEEP_MODE BIT(19) 41 #define WLAN_STA_VHT_OPMODE_ENABLED BIT(20) 42 #define WLAN_STA_VENDOR_VHT BIT(21) 43 #define WLAN_STA_PENDING_FILS_ERP BIT(22) 44 #define WLAN_STA_MULTI_AP BIT(23) 45 #define WLAN_STA_HE BIT(24) 46 #define WLAN_STA_6GHZ BIT(25) 47 #define WLAN_STA_PENDING_PASN_FILS_ERP BIT(26) 48 #define WLAN_STA_EHT BIT(27) 49 #define WLAN_STA_PENDING_DISASSOC_CB BIT(29) 50 #define WLAN_STA_PENDING_DEAUTH_CB BIT(30) 51 #define WLAN_STA_NONERP BIT(31) 52 53 /* Maximum number of supported rates (from both Supported Rates and Extended 54 * Supported Rates IEs). */ 55 #define WLAN_SUPP_RATES_MAX 32 56 57 struct hostapd_data; 58 59 struct mbo_non_pref_chan_info { 60 struct mbo_non_pref_chan_info *next; 61 u8 op_class; 62 u8 pref; 63 u8 reason_code; 64 u8 num_channels; 65 u8 channels[]; 66 }; 67 68 struct pending_eapol_rx { 69 struct wpabuf *buf; 70 struct os_reltime rx_time; 71 enum frame_encryption encrypted; 72 }; 73 74 #define EHT_ML_MAX_STA_PROF_LEN 1024 75 struct mld_info { 76 bool mld_sta; 77 78 struct ml_common_info { 79 u8 mld_addr[ETH_ALEN]; 80 u16 medium_sync_delay; 81 u16 eml_capa; 82 u16 mld_capa; 83 } common_info; 84 85 struct mld_link_info links[MAX_NUM_MLD_LINKS]; 86 }; 87 88 struct sta_info { 89 struct sta_info *next; /* next entry in sta list */ 90 struct sta_info *hnext; /* next entry in hash table list */ 91 u8 addr[6]; 92 be32 ipaddr; 93 struct dl_list ip6addr; /* list head for struct ip6addr */ 94 u16 aid; /* STA's unique AID (1 .. 2007) or 0 if not yet assigned */ 95 u16 disconnect_reason_code; /* RADIUS server override */ 96 u32 flags; /* Bitfield of WLAN_STA_* */ 97 u16 capability; 98 u16 listen_interval; /* or beacon_int for APs */ 99 u8 supported_rates[WLAN_SUPP_RATES_MAX]; 100 int supported_rates_len; 101 u8 qosinfo; /* Valid when WLAN_STA_WMM is set */ 102 103 #ifdef CONFIG_MESH 104 enum mesh_plink_state plink_state; 105 u16 peer_lid; 106 u16 my_lid; 107 u16 peer_aid; 108 u16 mpm_close_reason; 109 int mpm_retries; 110 u8 my_nonce[WPA_NONCE_LEN]; 111 u8 peer_nonce[WPA_NONCE_LEN]; 112 u8 aek[32]; /* SHA256 digest length */ 113 u8 mtk[WPA_TK_MAX_LEN]; 114 size_t mtk_len; 115 u8 mgtk_rsc[6]; 116 u8 mgtk_key_id; 117 u8 mgtk[WPA_TK_MAX_LEN]; 118 size_t mgtk_len; 119 u8 igtk_rsc[6]; 120 u8 igtk[WPA_TK_MAX_LEN]; 121 size_t igtk_len; 122 u16 igtk_key_id; 123 u8 sae_auth_retry; 124 #endif /* CONFIG_MESH */ 125 126 unsigned int nonerp_set:1; 127 unsigned int no_short_slot_time_set:1; 128 unsigned int no_short_preamble_set:1; 129 unsigned int no_ht_gf_set:1; 130 unsigned int no_ht_set:1; 131 unsigned int ht40_intolerant_set:1; 132 unsigned int ht_20mhz_set:1; 133 unsigned int no_p2p_set:1; 134 unsigned int qos_map_enabled:1; 135 unsigned int hs20_deauth_requested:1; 136 unsigned int hs20_deauth_on_ack:1; 137 unsigned int session_timeout_set:1; 138 unsigned int radius_das_match:1; 139 unsigned int ecsa_supported:1; 140 unsigned int added_unassoc:1; 141 unsigned int pending_wds_enable:1; 142 unsigned int power_capab:1; 143 unsigned int agreed_to_steer:1; 144 unsigned int hs20_t_c_filtering:1; 145 unsigned int ft_over_ds:1; 146 unsigned int external_dh_updated:1; 147 unsigned int post_csa_sa_query:1; 148 149 u16 auth_alg; 150 151 enum { 152 STA_NULLFUNC = 0, STA_DISASSOC, STA_DEAUTH, STA_REMOVE, 153 STA_DISASSOC_FROM_CLI 154 } timeout_next; 155 156 u16 deauth_reason; 157 u16 disassoc_reason; 158 159 /* IEEE 802.1X related data */ 160 struct eapol_state_machine *eapol_sm; 161 162 struct pending_eapol_rx *pending_eapol_rx; 163 164 u64 acct_session_id; 165 struct os_reltime acct_session_start; 166 int acct_session_started; 167 int acct_terminate_cause; /* Acct-Terminate-Cause */ 168 int acct_interim_interval; /* Acct-Interim-Interval */ 169 unsigned int acct_interim_errors; 170 171 /* For extending 32-bit driver counters to 64-bit counters */ 172 u32 last_rx_bytes_hi; 173 u32 last_rx_bytes_lo; 174 u32 last_tx_bytes_hi; 175 u32 last_tx_bytes_lo; 176 177 u8 *challenge; /* IEEE 802.11 Shared Key Authentication Challenge */ 178 179 struct wpa_state_machine *wpa_sm; 180 struct rsn_preauth_interface *preauth_iface; 181 182 int vlan_id; /* 0: none, >0: VID */ 183 struct vlan_description *vlan_desc; 184 int vlan_id_bound; /* updated by ap_sta_bind_vlan() */ 185 /* PSKs from RADIUS authentication server */ 186 struct hostapd_sta_wpa_psk_short *psk; 187 188 char *identity; /* User-Name from RADIUS */ 189 char *radius_cui; /* Chargeable-User-Identity from RADIUS */ 190 191 struct ieee80211_ht_capabilities *ht_capabilities; 192 struct ieee80211_vht_capabilities *vht_capabilities; 193 struct ieee80211_vht_operation *vht_operation; 194 u8 vht_opmode; 195 struct ieee80211_he_capabilities *he_capab; 196 size_t he_capab_len; 197 struct ieee80211_he_6ghz_band_cap *he_6ghz_capab; 198 struct ieee80211_eht_capabilities *eht_capab; 199 size_t eht_capab_len; 200 201 int sa_query_count; /* number of pending SA Query requests; 202 * 0 = no SA Query in progress */ 203 int sa_query_timed_out; 204 u8 *sa_query_trans_id; /* buffer of WLAN_SA_QUERY_TR_ID_LEN * 205 * sa_query_count octets of pending SA Query 206 * transaction identifiers */ 207 struct os_reltime sa_query_start; 208 209 #if defined(CONFIG_INTERWORKING) || defined(CONFIG_DPP) 210 #define GAS_DIALOG_MAX 8 /* Max concurrent dialog number */ 211 struct gas_dialog_info *gas_dialog; 212 u8 gas_dialog_next; 213 #endif /* CONFIG_INTERWORKING || CONFIG_DPP */ 214 215 struct wpabuf *wps_ie; /* WPS IE from (Re)Association Request */ 216 struct wpabuf *p2p_ie; /* P2P IE from (Re)Association Request */ 217 struct wpabuf *hs20_ie; /* HS 2.0 IE from (Re)Association Request */ 218 /* Hotspot 2.0 Roaming Consortium from (Re)Association Request */ 219 struct wpabuf *roaming_consortium; 220 char *t_c_url; /* HS 2.0 Terms and Conditions Server URL */ 221 struct wpabuf *hs20_deauth_req; 222 char *hs20_session_info_url; 223 int hs20_disassoc_timer; 224 #ifdef CONFIG_FST 225 struct wpabuf *mb_ies; /* MB IEs from (Re)Association Request */ 226 #endif /* CONFIG_FST */ 227 228 struct os_reltime connected_time; 229 230 #ifdef CONFIG_SAE 231 struct sae_data *sae; 232 unsigned int mesh_sae_pmksa_caching:1; 233 #endif /* CONFIG_SAE */ 234 235 /* valid only if session_timeout_set == 1 */ 236 struct os_reltime session_timeout; 237 238 /* Last Authentication/(Re)Association Request/Action frame sequence 239 * control */ 240 u16 last_seq_ctrl; 241 /* Last Authentication/(Re)Association Request/Action frame subtype */ 242 u8 last_subtype; 243 244 #ifdef CONFIG_MBO 245 u8 cell_capa; /* 0 = unknown (not an MBO STA); otherwise, 246 * enum mbo_cellular_capa values */ 247 struct mbo_non_pref_chan_info *non_pref_chan; 248 int auth_rssi; /* Last Authentication frame RSSI */ 249 #endif /* CONFIG_MBO */ 250 251 u8 *supp_op_classes; /* Supported Operating Classes element, if 252 * received, starting from the Length field */ 253 254 u8 rrm_enabled_capa[5]; 255 256 s8 min_tx_power; 257 s8 max_tx_power; 258 259 #ifdef CONFIG_TAXONOMY 260 struct wpabuf *probe_ie_taxonomy; 261 struct wpabuf *assoc_ie_taxonomy; 262 #endif /* CONFIG_TAXONOMY */ 263 264 #ifdef CONFIG_FILS 265 u8 fils_snonce[FILS_NONCE_LEN]; 266 u8 fils_session[FILS_SESSION_LEN]; 267 u8 fils_erp_pmkid[PMKID_LEN]; 268 u8 *fils_pending_assoc_req; 269 size_t fils_pending_assoc_req_len; 270 unsigned int fils_pending_assoc_is_reassoc:1; 271 unsigned int fils_dhcp_rapid_commit_proxy:1; 272 unsigned int fils_erp_pmkid_set:1; 273 unsigned int fils_drv_assoc_finish:1; 274 struct wpabuf *fils_hlp_resp; 275 struct wpabuf *hlp_dhcp_discover; 276 void (*fils_pending_cb)(struct hostapd_data *hapd, struct sta_info *sta, 277 u16 resp, struct wpabuf *data, int pub); 278 #ifdef CONFIG_FILS_SK_PFS 279 struct crypto_ecdh *fils_ecdh; 280 #endif /* CONFIG_FILS_SK_PFS */ 281 struct wpabuf *fils_dh_ss; 282 struct wpabuf *fils_g_sta; 283 #endif /* CONFIG_FILS */ 284 285 #ifdef CONFIG_OWE 286 u8 *owe_pmk; 287 size_t owe_pmk_len; 288 struct crypto_ecdh *owe_ecdh; 289 u16 owe_group; 290 #endif /* CONFIG_OWE */ 291 292 u8 *ext_capability; 293 char *ifname_wds; /* WDS ifname, if in use */ 294 295 #ifdef CONFIG_DPP2 296 struct dpp_pfs *dpp_pfs; 297 #endif /* CONFIG_DPP2 */ 298 299 #ifdef CONFIG_TESTING_OPTIONS 300 enum wpa_alg last_tk_alg; 301 int last_tk_key_idx; 302 u8 last_tk[WPA_TK_MAX_LEN]; 303 size_t last_tk_len; 304 u8 *sae_postponed_commit; 305 size_t sae_postponed_commit_len; 306 #endif /* CONFIG_TESTING_OPTIONS */ 307 #ifdef CONFIG_AIRTIME_POLICY 308 unsigned int airtime_weight; 309 struct os_reltime backlogged_until; 310 #endif /* CONFIG_AIRTIME_POLICY */ 311 312 #ifdef CONFIG_PASN 313 struct pasn_data *pasn; 314 #endif /* CONFIG_PASN */ 315 316 #ifdef CONFIG_IEEE80211BE 317 struct mld_info mld_info; 318 u8 mld_assoc_link_id; 319 #endif /* CONFIG_IEEE80211BE */ 320 321 u16 max_idle_period; /* if nonzero, the granted BSS max idle period in 322 * units of 1000 TUs */ 323 324 u64 last_known_sta_id_timestamp; 325 }; 326 327 328 /* Default value for maximum station inactivity. After AP_MAX_INACTIVITY has 329 * passed since last received frame from the station, a nullfunc data frame is 330 * sent to the station. If this frame is not acknowledged and no other frames 331 * have been received, the station will be disassociated after 332 * AP_DISASSOC_DELAY seconds. Similarly, the station will be deauthenticated 333 * after AP_DEAUTH_DELAY seconds has passed after disassociation. */ 334 #define AP_MAX_INACTIVITY (5 * 60) 335 #define AP_DISASSOC_DELAY (3) 336 #define AP_DEAUTH_DELAY (1) 337 /* Number of seconds to keep STA entry with Authenticated flag after it has 338 * been disassociated. */ 339 #define AP_MAX_INACTIVITY_AFTER_DISASSOC (1 * 30) 340 /* Number of seconds to keep STA entry after it has been deauthenticated. */ 341 #define AP_MAX_INACTIVITY_AFTER_DEAUTH (1 * 5) 342 343 344 int ap_for_each_sta(struct hostapd_data *hapd, 345 int (*cb)(struct hostapd_data *hapd, struct sta_info *sta, 346 void *ctx), 347 void *ctx); 348 struct sta_info * ap_get_sta(struct hostapd_data *hapd, const u8 *sta); 349 struct sta_info * ap_get_sta_p2p(struct hostapd_data *hapd, const u8 *addr); 350 void ap_sta_hash_add(struct hostapd_data *hapd, struct sta_info *sta); 351 void ap_free_sta(struct hostapd_data *hapd, struct sta_info *sta); 352 void ap_sta_ip6addr_del(struct hostapd_data *hapd, struct sta_info *sta); 353 void hostapd_free_stas(struct hostapd_data *hapd); 354 void ap_handle_timer(void *eloop_ctx, void *timeout_ctx); 355 void ap_sta_replenish_timeout(struct hostapd_data *hapd, struct sta_info *sta, 356 u32 session_timeout); 357 void ap_sta_session_timeout(struct hostapd_data *hapd, struct sta_info *sta, 358 u32 session_timeout); 359 void ap_sta_no_session_timeout(struct hostapd_data *hapd, 360 struct sta_info *sta); 361 void ap_sta_session_warning_timeout(struct hostapd_data *hapd, 362 struct sta_info *sta, int warning_time); 363 struct sta_info * ap_sta_add(struct hostapd_data *hapd, const u8 *addr); 364 void ap_sta_disassociate(struct hostapd_data *hapd, struct sta_info *sta, 365 u16 reason); 366 void ap_sta_deauthenticate(struct hostapd_data *hapd, struct sta_info *sta, 367 u16 reason); 368 #ifdef CONFIG_WPS 369 int ap_sta_wps_cancel(struct hostapd_data *hapd, 370 struct sta_info *sta, void *ctx); 371 #endif /* CONFIG_WPS */ 372 int ap_sta_bind_vlan(struct hostapd_data *hapd, struct sta_info *sta); 373 int ap_sta_set_vlan(struct hostapd_data *hapd, struct sta_info *sta, 374 struct vlan_description *vlan_desc); 375 void ap_sta_start_sa_query(struct hostapd_data *hapd, struct sta_info *sta); 376 void ap_sta_stop_sa_query(struct hostapd_data *hapd, struct sta_info *sta); 377 int ap_check_sa_query_timeout(struct hostapd_data *hapd, struct sta_info *sta); 378 const char * ap_sta_wpa_get_keyid(struct hostapd_data *hapd, 379 struct sta_info *sta); 380 const u8 * ap_sta_wpa_get_dpp_pkhash(struct hostapd_data *hapd, 381 struct sta_info *sta); 382 void ap_sta_disconnect(struct hostapd_data *hapd, struct sta_info *sta, 383 const u8 *addr, u16 reason); 384 385 bool ap_sta_set_authorized_flag(struct hostapd_data *hapd, struct sta_info *sta, 386 int authorized); 387 void ap_sta_set_authorized_event(struct hostapd_data *hapd, 388 struct sta_info *sta, int authorized); 389 bool ap_sta_set_authorized(struct hostapd_data *hapd, 390 struct sta_info *sta, int authorized); ap_sta_is_authorized(struct sta_info * sta)391 static inline int ap_sta_is_authorized(struct sta_info *sta) 392 { 393 return sta->flags & WLAN_STA_AUTHORIZED; 394 } 395 396 void ap_sta_deauth_cb(struct hostapd_data *hapd, struct sta_info *sta); 397 void ap_sta_disassoc_cb(struct hostapd_data *hapd, struct sta_info *sta); 398 void ap_sta_clear_disconnect_timeouts(struct hostapd_data *hapd, 399 struct sta_info *sta); 400 void ap_sta_clear_assoc_timeout(struct hostapd_data *hapd, 401 struct sta_info *sta); 402 403 int ap_sta_flags_txt(u32 flags, char *buf, size_t buflen); 404 void ap_sta_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 405 struct sta_info *sta, 406 unsigned timeout); 407 int ap_sta_pending_delayed_1x_auth_fail_disconnect(struct hostapd_data *hapd, 408 struct sta_info *sta); 409 int ap_sta_re_add(struct hostapd_data *hapd, struct sta_info *sta); 410 411 void ap_free_sta_pasn(struct hostapd_data *hapd, struct sta_info *sta); 412 ap_sta_is_mld(struct hostapd_data * hapd,struct sta_info * sta)413 static inline bool ap_sta_is_mld(struct hostapd_data *hapd, 414 struct sta_info *sta) 415 { 416 #ifdef CONFIG_IEEE80211BE 417 return hapd->conf->mld_ap && sta && sta->mld_info.mld_sta; 418 #else /* CONFIG_IEEE80211BE */ 419 return false; 420 #endif /* CONFIG_IEEE80211BE */ 421 } 422 ap_sta_set_mld(struct sta_info * sta,bool mld)423 static inline void ap_sta_set_mld(struct sta_info *sta, bool mld) 424 { 425 #ifdef CONFIG_IEEE80211BE 426 if (sta) 427 sta->mld_info.mld_sta = mld; 428 #endif /* CONFIG_IEEE80211BE */ 429 } 430 431 void ap_sta_free_sta_profile(struct mld_info *info); 432 433 void hostapd_free_link_stas(struct hostapd_data *hapd); 434 435 #endif /* STA_INFO_H */ 436